xref: /titanic_41/usr/src/common/crypto/aes/aes_impl.h (revision ea394cb00fd96864e34d2841b4a22357b621c78f) 
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  */
21 /*
22  * Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
23  * Use is subject to license terms.
24  */
25 
26 #ifndef	_AES_IMPL_H
27 #define	_AES_IMPL_H
28 
29 /*
30  * Common definitions used by AES.
31  */
32 
33 #ifdef	__cplusplus
34 extern "C" {
35 #endif
36 
37 #include <sys/types.h>
38 #include <sys/crypto/common.h>
39 
40 /* Similar to sysmacros.h IS_P2ALIGNED, but checks two pointers: */
41 #define	IS_P2ALIGNED2(v, w, a) \
42 	((((uintptr_t)(v) | (uintptr_t)(w)) & ((uintptr_t)(a) - 1)) == 0)
43 
44 #define	AES_BLOCK_LEN	16	/* bytes */
45 /* Round constant length, in number of 32-bit elements: */
46 #define	RC_LENGTH	(5 * ((AES_BLOCK_LEN) / 4 - 2))
47 
48 #define	AES_COPY_BLOCK(src, dst) \
49 	(dst)[0] = (src)[0]; \
50 	(dst)[1] = (src)[1]; \
51 	(dst)[2] = (src)[2]; \
52 	(dst)[3] = (src)[3]; \
53 	(dst)[4] = (src)[4]; \
54 	(dst)[5] = (src)[5]; \
55 	(dst)[6] = (src)[6]; \
56 	(dst)[7] = (src)[7]; \
57 	(dst)[8] = (src)[8]; \
58 	(dst)[9] = (src)[9]; \
59 	(dst)[10] = (src)[10]; \
60 	(dst)[11] = (src)[11]; \
61 	(dst)[12] = (src)[12]; \
62 	(dst)[13] = (src)[13]; \
63 	(dst)[14] = (src)[14]; \
64 	(dst)[15] = (src)[15]
65 
66 #define	AES_XOR_BLOCK(src, dst) \
67 	(dst)[0] ^= (src)[0]; \
68 	(dst)[1] ^= (src)[1]; \
69 	(dst)[2] ^= (src)[2]; \
70 	(dst)[3] ^= (src)[3]; \
71 	(dst)[4] ^= (src)[4]; \
72 	(dst)[5] ^= (src)[5]; \
73 	(dst)[6] ^= (src)[6]; \
74 	(dst)[7] ^= (src)[7]; \
75 	(dst)[8] ^= (src)[8]; \
76 	(dst)[9] ^= (src)[9]; \
77 	(dst)[10] ^= (src)[10]; \
78 	(dst)[11] ^= (src)[11]; \
79 	(dst)[12] ^= (src)[12]; \
80 	(dst)[13] ^= (src)[13]; \
81 	(dst)[14] ^= (src)[14]; \
82 	(dst)[15] ^= (src)[15]
83 
84 /* AES key size definitions */
85 #define	AES_MINBITS		128
86 #define	AES_MINBYTES		((AES_MINBITS) >> 3)
87 #define	AES_MAXBITS		256
88 #define	AES_MAXBYTES		((AES_MAXBITS) >> 3)
89 
90 #define	AES_MIN_KEY_BYTES	((AES_MINBITS) >> 3)
91 #define	AES_MAX_KEY_BYTES	((AES_MAXBITS) >> 3)
92 #define	AES_192_KEY_BYTES	24
93 #define	AES_IV_LEN		16
94 
95 /* AES key schedule may be implemented with 32- or 64-bit elements: */
96 #define	AES_32BIT_KS		32
97 #define	AES_64BIT_KS		64
98 
99 #define	MAX_AES_NR		14 /* Maximum number of rounds */
100 #define	MAX_AES_NB		4  /* Number of columns comprising a state */
101 
102 typedef union {
103 #ifdef	sun4u
104 	uint64_t	ks64[((MAX_AES_NR) + 1) * (MAX_AES_NB)];
105 #endif
106 	uint32_t	ks32[((MAX_AES_NR) + 1) * (MAX_AES_NB)];
107 } aes_ks_t;
108 
109 /* aes_key.flags value: */
110 #define	INTEL_AES_NI_CAPABLE	0x1	/* AES-NI instructions present */
111 
112 typedef struct aes_key aes_key_t;
113 struct aes_key {
114 	aes_ks_t	encr_ks;  /* encryption key schedule */
115 	aes_ks_t	decr_ks;  /* decryption key schedule */
116 #ifdef __amd64
117 	long double	align128; /* Align fields above for Intel AES-NI */
118 	int		flags;	  /* implementation-dependent flags */
119 #endif	/* __amd64 */
120 	int		nr;	  /* number of rounds (10, 12, or 14) */
121 	int		type;	  /* key schedule size (32 or 64 bits) */
122 };
123 
124 /*
125  * Core AES functions.
126  * ks and keysched are pointers to aes_key_t.
127  * They are declared void* as they are intended to be opaque types.
128  * Use function aes_alloc_keysched() to allocate memory for ks and keysched.
129  */
130 extern void *aes_alloc_keysched(size_t *size, int kmflag);
131 extern void aes_init_keysched(const uint8_t *cipherKey, uint_t keyBits,
132 	void *keysched);
133 extern int aes_encrypt_block(const void *ks, const uint8_t *pt, uint8_t *ct);
134 extern int aes_decrypt_block(const void *ks, const uint8_t *ct, uint8_t *pt);
135 
136 /*
137  * AES mode functions.
138  * The first 2 functions operate on 16-byte AES blocks.
139  */
140 extern void aes_copy_block(uint8_t *in, uint8_t *out);
141 extern void aes_xor_block(uint8_t *data, uint8_t *dst);
142 
143 /* Note: ctx is a pointer to aes_ctx_t defined in modes.h */
144 extern int aes_encrypt_contiguous_blocks(void *ctx, char *data, size_t length,
145     crypto_data_t *out);
146 extern int aes_decrypt_contiguous_blocks(void *ctx, char *data, size_t length,
147     crypto_data_t *out);
148 
149 /*
150  * The following definitions and declarations are only used by AES FIPS POST
151  */
152 #ifdef _AES_FIPS_POST
153 
154 #include <fips/fips_post.h>
155 
156 /*
157  * FIPS preprocessor directives for AES-ECB and AES-CBC.
158  */
159 #define	FIPS_AES_BLOCK_SIZE		16  /* 128-bits */
160 #define	FIPS_AES_ENCRYPT_LENGTH		16  /* 128-bits */
161 #define	FIPS_AES_DECRYPT_LENGTH		16  /* 128-bits */
162 #define	FIPS_AES_128_KEY_SIZE		16  /* 128-bits */
163 #define	FIPS_AES_192_KEY_SIZE		24  /* 192-bits */
164 #define	FIPS_AES_256_KEY_SIZE		32  /* 256-bits */
165 
166 
167 #ifdef _KERNEL
168 typedef enum aes_mech_type {
169 	AES_ECB_MECH_INFO_TYPE,		/* SUN_CKM_AES_ECB */
170 	AES_CBC_MECH_INFO_TYPE,		/* SUN_CKM_AES_CBC */
171 	AES_CBC_PAD_MECH_INFO_TYPE,	/* SUN_CKM_AES_CBC_PAD */
172 	AES_CTR_MECH_INFO_TYPE,		/* SUN_CKM_AES_CTR */
173 	AES_CCM_MECH_INFO_TYPE,		/* SUN_CKM_AES_CCM */
174 	AES_GCM_MECH_INFO_TYPE,		/* SUN_CKM_AES_GCM */
175 	AES_GMAC_MECH_INFO_TYPE		/* SUN_CKM_AES_GMAC */
176 } aes_mech_type_t;
177 
178 #undef	CKM_AES_ECB
179 #undef	CKM_AES_CBC
180 #undef	CKM_AES_CTR
181 
182 #define	CKM_AES_ECB			AES_ECB_MECH_INFO_TYPE
183 #define	CKM_AES_CBC			AES_CBC_MECH_INFO_TYPE
184 #define	CKM_AES_CTR			AES_CTR_MECH_INFO_TYPE
185 
186 typedef struct soft_aes_ctx {
187 	void *key_sched;		/* pointer to key schedule */
188 	size_t keysched_len;		/* Length of the key schedule */
189 	uint8_t ivec[AES_BLOCK_LEN];	/* initialization vector */
190 	uint8_t data[AES_BLOCK_LEN];	/* for use by update */
191 	size_t remain_len;		/* for use by update */
192 	void *aes_cbc;			/* to be used by CBC mode */
193 } soft_aes_ctx_t;
194 #endif
195 
196 /* AES FIPS functions */
197 extern int fips_aes_post(int);
198 
199 #ifdef _AES_IMPL
200 #ifndef _KERNEL
201 struct soft_aes_ctx;
202 extern void fips_aes_free_context(struct soft_aes_ctx *);
203 extern struct soft_aes_ctx *fips_aes_build_context(uint8_t *, int,
204 	uint8_t *, CK_MECHANISM_TYPE);
205 extern CK_RV fips_aes_encrypt(struct soft_aes_ctx *, CK_BYTE_PTR,
206 	CK_ULONG, CK_BYTE_PTR, CK_ULONG_PTR, CK_MECHANISM_TYPE);
207 extern CK_RV fips_aes_decrypt(struct soft_aes_ctx *, CK_BYTE_PTR,
208 	CK_ULONG, CK_BYTE_PTR, CK_ULONG_PTR, CK_MECHANISM_TYPE);
209 
210 #else
211 extern void fips_aes_free_context(soft_aes_ctx_t *);
212 extern void *aes_cbc_ctx_init(void *, size_t, uint8_t *);
213 extern soft_aes_ctx_t *fips_aes_build_context(uint8_t *, int,
214 	uint8_t *, aes_mech_type_t, boolean_t);
215 extern int fips_aes_encrypt(soft_aes_ctx_t *, uchar_t *,
216 	ulong_t, uchar_t *, ulong_t *, aes_mech_type_t);
217 extern int fips_aes_decrypt(soft_aes_ctx_t *, uchar_t *,
218 	ulong_t, uchar_t *, ulong_t *, aes_mech_type_t);
219 
220 #endif /* _KERNEL */
221 #endif /* _AES_IMPL */
222 #endif /* _AES_FIPS_POST */
223 
224 #ifdef	__cplusplus
225 }
226 #endif
227 
228 #endif	/* _AES_IMPL_H */
229