/* * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy * in the file LICENSE in the source distribution or at * https://www.openssl.org/source/license.html */ /* Dispatch functions for AES SIV mode */ /* * This file uses the low level AES functions (which are deprecated for * non-internal use) in order to implement provider AES ciphers. */ #include "internal/deprecated.h" #include "cipher_aes_siv.h" #include "prov/implementations.h" #include "prov/providercommonerr.h" #include "prov/ciphercommon_aead.h" #include "prov/provider_ctx.h" #define siv_stream_update siv_cipher #define SIV_FLAGS AEAD_FLAGS static void *aes_siv_newctx(void *provctx, size_t keybits, unsigned int mode, uint64_t flags) { PROV_AES_SIV_CTX *ctx = OPENSSL_zalloc(sizeof(*ctx)); if (ctx != NULL) { ctx->taglen = SIV_LEN; ctx->mode = mode; ctx->flags = flags; ctx->keylen = keybits / 8; ctx->hw = PROV_CIPHER_HW_aes_siv(keybits); ctx->libctx = PROV_LIBRARY_CONTEXT_OF(provctx); } return ctx; } static void aes_siv_freectx(void *vctx) { PROV_AES_SIV_CTX *ctx = (PROV_AES_SIV_CTX *)vctx; if (ctx != NULL) { ctx->hw->cleanup(ctx); OPENSSL_clear_free(ctx, sizeof(*ctx)); } } static void *siv_dupctx(void *vctx) { PROV_AES_SIV_CTX *in = (PROV_AES_SIV_CTX *)vctx; PROV_AES_SIV_CTX *ret = OPENSSL_malloc(sizeof(*ret)); if (ret == NULL) { ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); return NULL; } if (!in->hw->dupctx(in, ret)) { OPENSSL_free(ret); ret = NULL; } return ret; } static int siv_init(void *vctx, const unsigned char *key, size_t keylen, const unsigned char *iv, size_t ivlen, int enc) { PROV_AES_SIV_CTX *ctx = (PROV_AES_SIV_CTX *)vctx; ctx->enc = enc; if (key != NULL) { if (keylen != ctx->keylen) { ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY_LENGTH); return 0; } return ctx->hw->initkey(ctx, key, ctx->keylen); } return 1; } static int siv_einit(void *vctx, const unsigned char *key, size_t keylen, const unsigned char *iv, size_t ivlen) { return siv_init(vctx, key, keylen, iv, ivlen, 1); } static int siv_dinit(void *vctx, const unsigned char *key, size_t keylen, const unsigned char *iv, size_t ivlen) { return siv_init(vctx, key, keylen, iv, ivlen, 0); } static int siv_cipher(void *vctx, unsigned char *out, size_t *outl, size_t outsize, const unsigned char *in, size_t inl) { PROV_AES_SIV_CTX *ctx = (PROV_AES_SIV_CTX *)vctx; if (inl == 0) { *outl = 0; return 1; } if (outsize < inl) { ERR_raise(ERR_LIB_PROV, PROV_R_OUTPUT_BUFFER_TOO_SMALL); return 0; } if (ctx->hw->cipher(ctx, out, in, inl) <= 0) return 0; if (outl != NULL) *outl = inl; return 1; } static int siv_stream_final(void *vctx, unsigned char *out, size_t *outl, size_t outsize) { PROV_AES_SIV_CTX *ctx = (PROV_AES_SIV_CTX *)vctx; if (!ctx->hw->cipher(vctx, out, NULL, 0)) return 0; if (outl != NULL) *outl = 0; return 1; } static int aes_siv_get_ctx_params(void *vctx, OSSL_PARAM params[]) { PROV_AES_SIV_CTX *ctx = (PROV_AES_SIV_CTX *)vctx; SIV128_CONTEXT *sctx = &ctx->siv; OSSL_PARAM *p; p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_AEAD_TAG); if (p != NULL && p->data_type == OSSL_PARAM_OCTET_STRING) { if (!ctx->enc || p->data_size != ctx->taglen || !OSSL_PARAM_set_octet_string(p, &sctx->tag.byte, ctx->taglen)) { ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); return 0; } } p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_AEAD_TAGLEN); if (p != NULL && !OSSL_PARAM_set_size_t(p, ctx->taglen)) { ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); return 0; } p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_KEYLEN); if (p != NULL && !OSSL_PARAM_set_size_t(p, ctx->keylen)) { ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); return 0; } return 1; } static const OSSL_PARAM aes_siv_known_gettable_ctx_params[] = { OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_KEYLEN, NULL), OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_AEAD_TAGLEN, NULL), OSSL_PARAM_uint(OSSL_CIPHER_PARAM_SPEED, NULL), OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_AEAD_TAG, NULL, 0), OSSL_PARAM_END }; static const OSSL_PARAM *aes_siv_gettable_ctx_params(void *provctx) { return aes_siv_known_gettable_ctx_params; } static int aes_siv_set_ctx_params(void *vctx, const OSSL_PARAM params[]) { PROV_AES_SIV_CTX *ctx = (PROV_AES_SIV_CTX *)vctx; const OSSL_PARAM *p; unsigned int speed = 0; p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_AEAD_TAG); if (p != NULL) { if (ctx->enc) return 1; if (p->data_type != OSSL_PARAM_OCTET_STRING || !ctx->hw->settag(ctx, p->data, p->data_size)) { ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER); return 0; } } p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_SPEED); if (p != NULL) { if (!OSSL_PARAM_get_uint(p, &speed)) { ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER); return 0; } ctx->hw->setspeed(ctx, (int)speed); } p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_KEYLEN); if (p != NULL) { size_t keylen; if (!OSSL_PARAM_get_size_t(p, &keylen)) { ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER); return 0; } /* The key length can not be modified */ if (keylen != ctx->keylen) return 0; } return 1; } static const OSSL_PARAM aes_siv_known_settable_ctx_params[] = { OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_KEYLEN, NULL), OSSL_PARAM_uint(OSSL_CIPHER_PARAM_SPEED, NULL), OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_AEAD_TAG, NULL, 0), OSSL_PARAM_END }; static const OSSL_PARAM *aes_siv_settable_ctx_params(void *provctx) { return aes_siv_known_settable_ctx_params; } #define IMPLEMENT_cipher(alg, lc, UCMODE, flags, kbits, blkbits, ivbits) \ static OSSL_FUNC_cipher_newctx_fn alg##kbits##lc##_newctx; \ static OSSL_FUNC_cipher_freectx_fn alg##_##lc##_freectx; \ static OSSL_FUNC_cipher_dupctx_fn lc##_dupctx; \ static OSSL_FUNC_cipher_encrypt_init_fn lc##_einit; \ static OSSL_FUNC_cipher_decrypt_init_fn lc##_dinit; \ static OSSL_FUNC_cipher_update_fn lc##_stream_update; \ static OSSL_FUNC_cipher_final_fn lc##_stream_final; \ static OSSL_FUNC_cipher_cipher_fn lc##_cipher; \ static OSSL_FUNC_cipher_get_params_fn alg##_##kbits##_##lc##_get_params; \ static OSSL_FUNC_cipher_gettable_params_fn alg##_##lc##_gettable_ctx_params; \ static OSSL_FUNC_cipher_get_ctx_params_fn alg##_##lc##_get_ctx_params; \ static OSSL_FUNC_cipher_gettable_ctx_params_fn \ alg##_##lc##_gettable_ctx_params; \ static OSSL_FUNC_cipher_set_ctx_params_fn alg##_##lc##_set_ctx_params; \ static OSSL_FUNC_cipher_settable_ctx_params_fn \ alg##_##lc##_settable_ctx_params; \ static int alg##_##kbits##_##lc##_get_params(OSSL_PARAM params[]) \ { \ return cipher_generic_get_params(params, EVP_CIPH_##UCMODE##_MODE, \ flags, 2*kbits, blkbits, ivbits); \ } \ static void * alg##kbits##lc##_newctx(void *provctx) \ { \ return alg##_##lc##_newctx(provctx, 2*kbits, EVP_CIPH_##UCMODE##_MODE, \ flags); \ } \ const OSSL_DISPATCH alg##kbits##lc##_functions[] = { \ { OSSL_FUNC_CIPHER_NEWCTX, (void (*)(void))alg##kbits##lc##_newctx }, \ { OSSL_FUNC_CIPHER_FREECTX, (void (*)(void))alg##_##lc##_freectx }, \ { OSSL_FUNC_CIPHER_DUPCTX, (void (*)(void)) lc##_dupctx }, \ { OSSL_FUNC_CIPHER_ENCRYPT_INIT, (void (*)(void)) lc##_einit }, \ { OSSL_FUNC_CIPHER_DECRYPT_INIT, (void (*)(void)) lc##_dinit }, \ { OSSL_FUNC_CIPHER_UPDATE, (void (*)(void)) lc##_stream_update }, \ { OSSL_FUNC_CIPHER_FINAL, (void (*)(void)) lc##_stream_final }, \ { OSSL_FUNC_CIPHER_CIPHER, (void (*)(void)) lc##_cipher }, \ { OSSL_FUNC_CIPHER_GET_PARAMS, \ (void (*)(void)) alg##_##kbits##_##lc##_get_params }, \ { OSSL_FUNC_CIPHER_GETTABLE_PARAMS, \ (void (*)(void))cipher_generic_gettable_params }, \ { OSSL_FUNC_CIPHER_GET_CTX_PARAMS, \ (void (*)(void)) alg##_##lc##_get_ctx_params }, \ { OSSL_FUNC_CIPHER_GETTABLE_CTX_PARAMS, \ (void (*)(void)) alg##_##lc##_gettable_ctx_params }, \ { OSSL_FUNC_CIPHER_SET_CTX_PARAMS, \ (void (*)(void)) alg##_##lc##_set_ctx_params }, \ { OSSL_FUNC_CIPHER_SETTABLE_CTX_PARAMS, \ (void (*)(void)) alg##_##lc##_settable_ctx_params }, \ { 0, NULL } \ }; IMPLEMENT_cipher(aes, siv, SIV, SIV_FLAGS, 128, 8, 0) IMPLEMENT_cipher(aes, siv, SIV, SIV_FLAGS, 192, 8, 0) IMPLEMENT_cipher(aes, siv, SIV, SIV_FLAGS, 256, 8, 0)