openssl/providers/implementations/ciphers/ciphercommon_ccm_hw.c

/*
 * Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
 *
 * Licensed under the Apache License 2.0 (the "License").  You may not use
 * this file except in compliance with the License.  You can obtain a copy
 * in the file LICENSE in the source distribution or at
 * https://www.openssl.org/source/license.html
 */

#include "prov/ciphercommon.h"
#include "prov/ciphercommon_ccm.h"

int ossl_ccm_generic_setiv(PROV_CCM_CTX *ctx, const unsigned char *nonce,
                           size_t nlen, size_t mlen)
{
    return CRYPTO_ccm128_setiv(&ctx->ccm_ctx, nonce, nlen, mlen) == 0;
}

int ossl_ccm_generic_setaad(PROV_CCM_CTX *ctx, const unsigned char *aad,
                            size_t alen)
{
    CRYPTO_ccm128_aad(&ctx->ccm_ctx, aad, alen);
    return 1;
}

int ossl_ccm_generic_gettag(PROV_CCM_CTX *ctx, unsigned char *tag, size_t tlen)
{
    return CRYPTO_ccm128_tag(&ctx->ccm_ctx, tag, tlen) > 0;
}

int ossl_ccm_generic_auth_encrypt(PROV_CCM_CTX *ctx, const unsigned char *in,
                                  unsigned char *out, size_t len,
                                  unsigned char *tag, size_t taglen)
{
    int rv;

    if (ctx->str != NULL)
        rv = CRYPTO_ccm128_encrypt_ccm64(&ctx->ccm_ctx, in,
                                         out, len, ctx->str) == 0;
    else
        rv = CRYPTO_ccm128_encrypt(&ctx->ccm_ctx, in, out, len) == 0;

    if (rv == 1 && tag != NULL)
        rv = (CRYPTO_ccm128_tag(&ctx->ccm_ctx, tag, taglen) > 0);
    return rv;
}

int ossl_ccm_generic_auth_decrypt(PROV_CCM_CTX *ctx, const unsigned char *in,
                                  unsigned char *out, size_t len,
                                  unsigned char *expected_tag, size_t taglen)
{
    int rv = 0;

    if (ctx->str != NULL)
        rv = CRYPTO_ccm128_decrypt_ccm64(&ctx->ccm_ctx, in, out, len,
                                         ctx->str) == 0;
    else
        rv = CRYPTO_ccm128_decrypt(&ctx->ccm_ctx, in, out, len) == 0;
    if (rv) {
        unsigned char tag[16];

        if (!CRYPTO_ccm128_tag(&ctx->ccm_ctx, tag, taglen)
            || CRYPTO_memcmp(tag, expected_tag, taglen) != 0)
            rv = 0;
    }
    if (rv == 0)
        OPENSSL_cleanse(out, len);
    return rv;
}
Add aes_ccm to provider Add Cleanups for gcm - based on the changes to ccm. Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Patrick Steuer <patrick.steuer@de.ibm.com> (Merged from https://github.com/openssl/openssl/pull/9280) 2019-08-20 06:54:41 +08:00			`/*`
Update copyright year Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14512) 2021-03-11 21:27:36 +08:00			`* Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.`
Add aes_ccm to provider Add Cleanups for gcm - based on the changes to ccm. Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Patrick Steuer <patrick.steuer@de.ibm.com> (Merged from https://github.com/openssl/openssl/pull/9280) 2019-08-20 06:54:41 +08:00			`*`
			`* Licensed under the Apache License 2.0 (the "License"). You may not use`
			`* this file except in compliance with the License. You can obtain a copy`
			`* in the file LICENSE in the source distribution or at`
			`* https://www.openssl.org/source/license.html`
			`*/`

Providers: move all ciphers From providers/{common,default}/ to providers/implementations/ Except for common code, which remains in providers/common/ciphers/. However, we do move providers/common/include/internal/ciphers/*.h to providers/common/include/prov/, and adjust all source including any of those header files. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10088) 2019-10-04 20:44:42 +08:00			`#include "prov/ciphercommon.h"`
Move providers/common/{ciphers,digests}/* to providers/implementations The idea to have all these things in providers/common was viable as long as the implementations was spread around their main providers. This is, however, no longer the case, so we move the common blocks closer to the source that use them. Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/10564) 2019-12-04 02:41:05 +08:00			`#include "prov/ciphercommon_ccm.h"`
Add aes_ccm to provider Add Cleanups for gcm - based on the changes to ccm. Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Patrick Steuer <patrick.steuer@de.ibm.com> (Merged from https://github.com/openssl/openssl/pull/9280) 2019-08-20 06:54:41 +08:00
Fix external symbols in the provider cipher implementations. Partial fix for #12964 This add ossl_ names for the following symbols. chacha20_dinit, chacha20_einit, chacha20_initctx, ccm_cipher, ccm_dinit, ccm_einit, ccm_generic_auth_decrypt, ccm_generic_auth_encrypt, ccm_generic_gettag, ccm_generic_setaad, ccm_generic_setiv, ccm_get_ctx_params, ccm_initctx, ccm_set_ctx_params, ccm_stream_final, ccm_stream_update gcm_aad_update, gcm_cipher, gcm_cipher_final, gcm_cipher_update gcm_dinit, gcm_einit, gcm_get_ctx_params, gcm_initctx, gcm_one_shot gcm_set_ctx_params, gcm_setiv, gcm_stream_final, gcm_stream_update tdes_dinit, tdes_dupctx, tdes_einit, tdes_freectx tdes_get_ctx_params, tdes_gettable_ctx_params, tdes_newctx PROV_CIPHER_HW_des_*, padblock, unpadblock, tlsunpadblock, fillblock, trailingdata Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14209) 2021-02-17 15:54:29 +08:00			`int ossl_ccm_generic_setiv(PROV_CCM_CTX ctx, const unsigned char nonce,`
			`size_t nlen, size_t mlen)`
Add aes_ccm to provider Add Cleanups for gcm - based on the changes to ccm. Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Patrick Steuer <patrick.steuer@de.ibm.com> (Merged from https://github.com/openssl/openssl/pull/9280) 2019-08-20 06:54:41 +08:00			`{`
			`return CRYPTO_ccm128_setiv(&ctx->ccm_ctx, nonce, nlen, mlen) == 0;`
			`}`

Fix external symbols in the provider cipher implementations. Partial fix for #12964 This add ossl_ names for the following symbols. chacha20_dinit, chacha20_einit, chacha20_initctx, ccm_cipher, ccm_dinit, ccm_einit, ccm_generic_auth_decrypt, ccm_generic_auth_encrypt, ccm_generic_gettag, ccm_generic_setaad, ccm_generic_setiv, ccm_get_ctx_params, ccm_initctx, ccm_set_ctx_params, ccm_stream_final, ccm_stream_update gcm_aad_update, gcm_cipher, gcm_cipher_final, gcm_cipher_update gcm_dinit, gcm_einit, gcm_get_ctx_params, gcm_initctx, gcm_one_shot gcm_set_ctx_params, gcm_setiv, gcm_stream_final, gcm_stream_update tdes_dinit, tdes_dupctx, tdes_einit, tdes_freectx tdes_get_ctx_params, tdes_gettable_ctx_params, tdes_newctx PROV_CIPHER_HW_des_*, padblock, unpadblock, tlsunpadblock, fillblock, trailingdata Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14209) 2021-02-17 15:54:29 +08:00			`int ossl_ccm_generic_setaad(PROV_CCM_CTX ctx, const unsigned char aad,`
			`size_t alen)`
Add aes_ccm to provider Add Cleanups for gcm - based on the changes to ccm. Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Patrick Steuer <patrick.steuer@de.ibm.com> (Merged from https://github.com/openssl/openssl/pull/9280) 2019-08-20 06:54:41 +08:00			`{`
			`CRYPTO_ccm128_aad(&ctx->ccm_ctx, aad, alen);`
			`return 1;`
			`}`

Fix external symbols in the provider cipher implementations. Partial fix for #12964 This add ossl_ names for the following symbols. chacha20_dinit, chacha20_einit, chacha20_initctx, ccm_cipher, ccm_dinit, ccm_einit, ccm_generic_auth_decrypt, ccm_generic_auth_encrypt, ccm_generic_gettag, ccm_generic_setaad, ccm_generic_setiv, ccm_get_ctx_params, ccm_initctx, ccm_set_ctx_params, ccm_stream_final, ccm_stream_update gcm_aad_update, gcm_cipher, gcm_cipher_final, gcm_cipher_update gcm_dinit, gcm_einit, gcm_get_ctx_params, gcm_initctx, gcm_one_shot gcm_set_ctx_params, gcm_setiv, gcm_stream_final, gcm_stream_update tdes_dinit, tdes_dupctx, tdes_einit, tdes_freectx tdes_get_ctx_params, tdes_gettable_ctx_params, tdes_newctx PROV_CIPHER_HW_des_*, padblock, unpadblock, tlsunpadblock, fillblock, trailingdata Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14209) 2021-02-17 15:54:29 +08:00			`int ossl_ccm_generic_gettag(PROV_CCM_CTX ctx, unsigned char tag, size_t tlen)`
Add aes_ccm to provider Add Cleanups for gcm - based on the changes to ccm. Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Patrick Steuer <patrick.steuer@de.ibm.com> (Merged from https://github.com/openssl/openssl/pull/9280) 2019-08-20 06:54:41 +08:00			`{`
			`return CRYPTO_ccm128_tag(&ctx->ccm_ctx, tag, tlen) > 0;`
			`}`

Fix external symbols in the provider cipher implementations. Partial fix for #12964 This add ossl_ names for the following symbols. chacha20_dinit, chacha20_einit, chacha20_initctx, ccm_cipher, ccm_dinit, ccm_einit, ccm_generic_auth_decrypt, ccm_generic_auth_encrypt, ccm_generic_gettag, ccm_generic_setaad, ccm_generic_setiv, ccm_get_ctx_params, ccm_initctx, ccm_set_ctx_params, ccm_stream_final, ccm_stream_update gcm_aad_update, gcm_cipher, gcm_cipher_final, gcm_cipher_update gcm_dinit, gcm_einit, gcm_get_ctx_params, gcm_initctx, gcm_one_shot gcm_set_ctx_params, gcm_setiv, gcm_stream_final, gcm_stream_update tdes_dinit, tdes_dupctx, tdes_einit, tdes_freectx tdes_get_ctx_params, tdes_gettable_ctx_params, tdes_newctx PROV_CIPHER_HW_des_*, padblock, unpadblock, tlsunpadblock, fillblock, trailingdata Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14209) 2021-02-17 15:54:29 +08:00			`int ossl_ccm_generic_auth_encrypt(PROV_CCM_CTX ctx, const unsigned char in,`
			`unsigned char *out, size_t len,`
			`unsigned char *tag, size_t taglen)`
Add aes_ccm to provider Add Cleanups for gcm - based on the changes to ccm. Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Patrick Steuer <patrick.steuer@de.ibm.com> (Merged from https://github.com/openssl/openssl/pull/9280) 2019-08-20 06:54:41 +08:00			`{`
			`int rv;`

			`if (ctx->str != NULL)`
			`rv = CRYPTO_ccm128_encrypt_ccm64(&ctx->ccm_ctx, in,`
			`out, len, ctx->str) == 0;`
			`else`
			`rv = CRYPTO_ccm128_encrypt(&ctx->ccm_ctx, in, out, len) == 0;`

			`if (rv == 1 && tag != NULL)`
			`rv = (CRYPTO_ccm128_tag(&ctx->ccm_ctx, tag, taglen) > 0);`
			`return rv;`
			`}`

Fix external symbols in the provider cipher implementations. Partial fix for #12964 This add ossl_ names for the following symbols. chacha20_dinit, chacha20_einit, chacha20_initctx, ccm_cipher, ccm_dinit, ccm_einit, ccm_generic_auth_decrypt, ccm_generic_auth_encrypt, ccm_generic_gettag, ccm_generic_setaad, ccm_generic_setiv, ccm_get_ctx_params, ccm_initctx, ccm_set_ctx_params, ccm_stream_final, ccm_stream_update gcm_aad_update, gcm_cipher, gcm_cipher_final, gcm_cipher_update gcm_dinit, gcm_einit, gcm_get_ctx_params, gcm_initctx, gcm_one_shot gcm_set_ctx_params, gcm_setiv, gcm_stream_final, gcm_stream_update tdes_dinit, tdes_dupctx, tdes_einit, tdes_freectx tdes_get_ctx_params, tdes_gettable_ctx_params, tdes_newctx PROV_CIPHER_HW_des_*, padblock, unpadblock, tlsunpadblock, fillblock, trailingdata Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14209) 2021-02-17 15:54:29 +08:00			`int ossl_ccm_generic_auth_decrypt(PROV_CCM_CTX ctx, const unsigned char in,`
			`unsigned char *out, size_t len,`
			`unsigned char *expected_tag, size_t taglen)`
Add aes_ccm to provider Add Cleanups for gcm - based on the changes to ccm. Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Patrick Steuer <patrick.steuer@de.ibm.com> (Merged from https://github.com/openssl/openssl/pull/9280) 2019-08-20 06:54:41 +08:00			`{`
			`int rv = 0;`

			`if (ctx->str != NULL)`
			`rv = CRYPTO_ccm128_decrypt_ccm64(&ctx->ccm_ctx, in, out, len,`
			`ctx->str) == 0;`
			`else`
			`rv = CRYPTO_ccm128_decrypt(&ctx->ccm_ctx, in, out, len) == 0;`
			`if (rv) {`
			`unsigned char tag[16];`

			`if (!CRYPTO_ccm128_tag(&ctx->ccm_ctx, tag, taglen)`
			`\|\| CRYPTO_memcmp(tag, expected_tag, taglen) != 0)`
			`rv = 0;`
			`}`
			`if (rv == 0)`
			`OPENSSL_cleanse(out, len);`
			`return rv;`
			`}`