[thirdparty/openssl.git] / crypto / evp / e_aes.c

/* ====================================================================
 * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 *
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer. 
 *
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in
 *    the documentation and/or other materials provided with the
 *    distribution.
 *
 * 3. All advertising materials mentioning features or use of this
 *    software must display the following acknowledgment:
 *    "This product includes software developed by the OpenSSL Project
 *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
 *
 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
 *    endorse or promote products derived from this software without
 *    prior written permission. For written permission, please contact
 *    openssl-core@openssl.org.
 *
 * 5. Products derived from this software may not be called "OpenSSL"
 *    nor may "OpenSSL" appear in their names without prior written
 *    permission of the OpenSSL Project.
 *
 * 6. Redistributions of any form whatsoever must retain the following
 *    acknowledgment:
 *    "This product includes software developed by the OpenSSL Project
 *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
 *
 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
 * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 * OF THE POSSIBILITY OF SUCH DAMAGE.
 * ====================================================================
 *
 */

#define OPENSSL_FIPSAPI

#include <openssl/opensslconf.h>
#ifndef OPENSSL_NO_AES
#include <openssl/evp.h>
#include <openssl/err.h>
#include <string.h>
#include <assert.h>
#include <openssl/aes.h>
#include <openssl/modes.h>
#include "evp_locl.h"

static int aes_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
					const unsigned char *iv, int enc);

typedef struct
	{
	AES_KEY ks;
	} EVP_AES_KEY;

#define data(ctx)	EVP_C_DATA(EVP_AES_KEY,ctx)

IMPLEMENT_BLOCK_CIPHER(aes_128, ks, AES, EVP_AES_KEY,
		       NID_aes_128, 16, 16, 16, 128,
		       EVP_CIPH_FLAG_FIPS|EVP_CIPH_FLAG_DEFAULT_ASN1,
		       aes_init_key, NULL, NULL, NULL, NULL)
IMPLEMENT_BLOCK_CIPHER(aes_192, ks, AES, EVP_AES_KEY,
		       NID_aes_192, 16, 24, 16, 128,
		       EVP_CIPH_FLAG_FIPS|EVP_CIPH_FLAG_DEFAULT_ASN1,
		       aes_init_key, NULL, NULL, NULL, NULL)
IMPLEMENT_BLOCK_CIPHER(aes_256, ks, AES, EVP_AES_KEY,
		       NID_aes_256, 16, 32, 16, 128,
		       EVP_CIPH_FLAG_FIPS|EVP_CIPH_FLAG_DEFAULT_ASN1,
		       aes_init_key, NULL, NULL, NULL, NULL)

#define IMPLEMENT_AES_CFBR(ksize,cbits)	IMPLEMENT_CFBR(aes,AES,EVP_AES_KEY,ks,ksize,cbits,16,EVP_CIPH_FLAG_FIPS)

IMPLEMENT_AES_CFBR(128,1)
IMPLEMENT_AES_CFBR(192,1)
IMPLEMENT_AES_CFBR(256,1)

IMPLEMENT_AES_CFBR(128,8)
IMPLEMENT_AES_CFBR(192,8)
IMPLEMENT_AES_CFBR(256,8)

static int aes_counter (EVP_CIPHER_CTX *ctx, unsigned char *out,
		const unsigned char *in, size_t len)
{
	unsigned int num;
	num = ctx->num;
#ifdef AES_CTR_ASM
	void AES_ctr32_encrypt(const unsigned char *in, unsigned char *out,
			size_t blocks, const AES_KEY *key,
			const unsigned char ivec[AES_BLOCK_SIZE]);

	CRYPTO_ctr128_encrypt_ctr32(in,out,len,
		&((EVP_AES_KEY *)ctx->cipher_data)->ks,
		ctx->iv,ctx->buf,&num,(ctr128_f)AES_ctr32_encrypt);
#else
	CRYPTO_ctr128_encrypt(in,out,len,
		&((EVP_AES_KEY *)ctx->cipher_data)->ks,
		ctx->iv,ctx->buf,&num,(block128_f)AES_encrypt);
#endif
	ctx->num = (size_t)num;
	return 1;
}

static const EVP_CIPHER aes_128_ctr_cipher=
	{
	NID_aes_128_ctr,1,16,16,
	EVP_CIPH_CTR_MODE,
	aes_init_key,
	aes_counter,
	NULL,
	sizeof(EVP_AES_KEY),
	NULL,
	NULL,
	NULL,
	NULL
	};

const EVP_CIPHER *EVP_aes_128_ctr (void)
{	return &aes_128_ctr_cipher;	}

static const EVP_CIPHER aes_192_ctr_cipher=
	{
	NID_aes_192_ctr,1,24,16,
	EVP_CIPH_CTR_MODE,
	aes_init_key,
	aes_counter,
	NULL,
	sizeof(EVP_AES_KEY),
	NULL,
	NULL,
	NULL,
	NULL
	};

const EVP_CIPHER *EVP_aes_192_ctr (void)
{	return &aes_192_ctr_cipher;	}

static const EVP_CIPHER aes_256_ctr_cipher=
	{
	NID_aes_256_ctr,1,32,16,
	EVP_CIPH_CTR_MODE,
	aes_init_key,
	aes_counter,
	NULL,
	sizeof(EVP_AES_KEY),
	NULL,
	NULL,
	NULL,
	NULL
	};

const EVP_CIPHER *EVP_aes_256_ctr (void)
{	return &aes_256_ctr_cipher;	}

static int aes_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
		   const unsigned char *iv, int enc)
	{
	int ret;

	if (((ctx->cipher->flags & EVP_CIPH_MODE) == EVP_CIPH_ECB_MODE
	    || (ctx->cipher->flags & EVP_CIPH_MODE) == EVP_CIPH_CBC_MODE)
	    && !enc) 
		ret=AES_set_decrypt_key(key, ctx->key_len * 8, ctx->cipher_data);
	else
		ret=AES_set_encrypt_key(key, ctx->key_len * 8, ctx->cipher_data);

	if(ret < 0)
		{
		EVPerr(EVP_F_AES_INIT_KEY,EVP_R_AES_KEY_SETUP_FAILED);
		return 0;
		}

	return 1;
	}

#endif
Commit	Line	Data
deb2c1a1 DSH	1	/* ====================================================================
	2	* Copyright (c) 2001 The OpenSSL Project. All rights reserved.
	3	*
	4	* Redistribution and use in source and binary forms, with or without
	5	* modification, are permitted provided that the following conditions
	6	* are met:
	7	*
	8	* 1. Redistributions of source code must retain the above copyright
	9	* notice, this list of conditions and the following disclaimer.
	10	*
	11	* 2. Redistributions in binary form must reproduce the above copyright
	12	* notice, this list of conditions and the following disclaimer in
	13	* the documentation and/or other materials provided with the
	14	* distribution.
	15	*
	16	* 3. All advertising materials mentioning features or use of this
	17	* software must display the following acknowledgment:
	18	* "This product includes software developed by the OpenSSL Project
	19	* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
	20	*
	21	* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
	22	* endorse or promote products derived from this software without
	23	* prior written permission. For written permission, please contact
	24	* openssl-core@openssl.org.
	25	*
	26	* 5. Products derived from this software may not be called "OpenSSL"
	27	* nor may "OpenSSL" appear in their names without prior written
	28	* permission of the OpenSSL Project.
	29	*
	30	* 6. Redistributions of any form whatsoever must retain the following
	31	* acknowledgment:
	32	* "This product includes software developed by the OpenSSL Project
	33	* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
	34	*
	35	* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
	36	* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
	37	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
	38	* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
	39	* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
	40	* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
	41	* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
	42	* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
	43	* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
	44	* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
	45	* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
	46	* OF THE POSSIBILITY OF SUCH DAMAGE.
	47	* ====================================================================
	48	*
	49	*/
	50
14ae26f2 DSH	51	#define OPENSSL_FIPSAPI
14ae26f2 DSH	52
8c84b677	53	#include <openssl/opensslconf.h>
77dd9c18	54	#ifndef OPENSSL_NO_AES
deb2c1a1 DSH	55	#include <openssl/evp.h>
	56	#include <openssl/err.h>
	57	#include <string.h>
	58	#include <assert.h>
6f9079fd	59	#include <openssl/aes.h>
874a3757	60	#include <openssl/modes.h>
6f9079fd	61	#include "evp_locl.h"
deb2c1a1	62
6f9079fd	63	static int aes_init_key(EVP_CIPHER_CTX ctx, const unsigned char key,
deb2c1a1	64	const unsigned char *iv, int enc);
deb2c1a1	65
6f9079fd RL	66	typedef struct
	67	{
	68	AES_KEY ks;
	69	} EVP_AES_KEY;
deb2c1a1	70
6f9079fd	71	#define data(ctx) EVP_C_DATA(EVP_AES_KEY,ctx)
deb2c1a1	72
a6cd8707 RL	73	IMPLEMENT_BLOCK_CIPHER(aes_128, ks, AES, EVP_AES_KEY,
a6cd8707 RL	74	NID_aes_128, 16, 16, 16, 128,
7a4bd34a DSH	75	EVP_CIPH_FLAG_FIPS\|EVP_CIPH_FLAG_DEFAULT_ASN1,
7a4bd34a DSH	76	aes_init_key, NULL, NULL, NULL, NULL)
a6cd8707 RL	77	IMPLEMENT_BLOCK_CIPHER(aes_192, ks, AES, EVP_AES_KEY,
a6cd8707 RL	78	NID_aes_192, 16, 24, 16, 128,
7a4bd34a DSH	79	EVP_CIPH_FLAG_FIPS\|EVP_CIPH_FLAG_DEFAULT_ASN1,
7a4bd34a DSH	80	aes_init_key, NULL, NULL, NULL, NULL)
a6cd8707 RL	81	IMPLEMENT_BLOCK_CIPHER(aes_256, ks, AES, EVP_AES_KEY,
a6cd8707 RL	82	NID_aes_256, 16, 32, 16, 128,
7a4bd34a DSH	83	EVP_CIPH_FLAG_FIPS\|EVP_CIPH_FLAG_DEFAULT_ASN1,
7a4bd34a DSH	84	aes_init_key, NULL, NULL, NULL, NULL)
deb2c1a1	85
7a4bd34a	86	#define IMPLEMENT_AES_CFBR(ksize,cbits) IMPLEMENT_CFBR(aes,AES,EVP_AES_KEY,ks,ksize,cbits,16,EVP_CIPH_FLAG_FIPS)
8d1ebe0b RL	87
	88	IMPLEMENT_AES_CFBR(128,1)
	89	IMPLEMENT_AES_CFBR(192,1)
	90	IMPLEMENT_AES_CFBR(256,1)
	91
	92	IMPLEMENT_AES_CFBR(128,8)
	93	IMPLEMENT_AES_CFBR(192,8)
	94	IMPLEMENT_AES_CFBR(256,8)
	95
d976f992 AP	96	static int aes_counter (EVP_CIPHER_CTX ctx, unsigned char out,
	97	const unsigned char *in, size_t len)
	98	{
385a488c	99	unsigned int num;
49436b59	100	num = ctx->num;
874a3757 AP	101	#ifdef AES_CTR_ASM
	102	void AES_ctr32_encrypt(const unsigned char in, unsigned char out,
	103	size_t blocks, const AES_KEY *key,
	104	const unsigned char ivec[AES_BLOCK_SIZE]);
	105
	106	CRYPTO_ctr128_encrypt_ctr32(in,out,len,
	107	&((EVP_AES_KEY *)ctx->cipher_data)->ks,
	108	ctx->iv,ctx->buf,&num,(ctr128_f)AES_ctr32_encrypt);
	109	#else
	110	CRYPTO_ctr128_encrypt(in,out,len,
d976f992	111	&((EVP_AES_KEY *)ctx->cipher_data)->ks,
874a3757 AP	112	ctx->iv,ctx->buf,&num,(block128_f)AES_encrypt);
874a3757 AP	113	#endif
385a488c	114	ctx->num = (size_t)num;
d976f992 AP	115	return 1;
	116	}
	117
	118	static const EVP_CIPHER aes_128_ctr_cipher=
	119	{
	120	NID_aes_128_ctr,1,16,16,
081464fa	121	EVP_CIPH_CTR_MODE,
d976f992 AP	122	aes_init_key,
	123	aes_counter,
	124	NULL,
	125	sizeof(EVP_AES_KEY),
	126	NULL,
	127	NULL,
	128	NULL,
	129	NULL
	130	};
	131
	132	const EVP_CIPHER *EVP_aes_128_ctr (void)
	133	{ return &aes_128_ctr_cipher; }
	134
	135	static const EVP_CIPHER aes_192_ctr_cipher=
	136	{
	137	NID_aes_192_ctr,1,24,16,
081464fa	138	EVP_CIPH_CTR_MODE,
d976f992 AP	139	aes_init_key,
	140	aes_counter,
	141	NULL,
	142	sizeof(EVP_AES_KEY),
	143	NULL,
	144	NULL,
	145	NULL,
	146	NULL
	147	};
	148
	149	const EVP_CIPHER *EVP_aes_192_ctr (void)
	150	{ return &aes_192_ctr_cipher; }
	151
	152	static const EVP_CIPHER aes_256_ctr_cipher=
	153	{
	154	NID_aes_256_ctr,1,32,16,
081464fa	155	EVP_CIPH_CTR_MODE,
d976f992 AP	156	aes_init_key,
	157	aes_counter,
	158	NULL,
	159	sizeof(EVP_AES_KEY),
	160	NULL,
	161	NULL,
	162	NULL,
	163	NULL
	164	};
	165
	166	const EVP_CIPHER *EVP_aes_256_ctr (void)
	167	{ return &aes_256_ctr_cipher; }
	168
6f9079fd	169	static int aes_init_key(EVP_CIPHER_CTX ctx, const unsigned char key,
8d1ebe0b RL	170	const unsigned char *iv, int enc)
	171	{
	172	int ret;
deb2c1a1	173
d976f992 AP	174	if (((ctx->cipher->flags & EVP_CIPH_MODE) == EVP_CIPH_ECB_MODE
	175	\|\| (ctx->cipher->flags & EVP_CIPH_MODE) == EVP_CIPH_CBC_MODE)
	176	&& !enc)
8d1ebe0b	177	ret=AES_set_decrypt_key(key, ctx->key_len * 8, ctx->cipher_data);
d976f992 AP	178	else
d976f992 AP	179	ret=AES_set_encrypt_key(key, ctx->key_len * 8, ctx->cipher_data);
8d1ebe0b RL	180
	181	if(ret < 0)
	182	{
	183	EVPerr(EVP_F_AES_INIT_KEY,EVP_R_AES_KEY_SETUP_FAILED);
	184	return 0;
	185	}
deb2c1a1 DSH	186
deb2c1a1 DSH	187	return 1;
8d1ebe0b	188	}
deb2c1a1	189
77dd9c18	190	#endif