[thirdparty/openssl.git] / providers / implementations / ciphers / cipher_aes_siv.c

/*
 * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved.
 *
 * Licensed under the Apache License 2.0 (the "License").  You may not use
 * this file except in compliance with the License.  You can obtain a copy
 * in the file LICENSE in the source distribution or at
 * https://www.openssl.org/source/license.html
 */

/* Dispatch functions for AES SIV mode */

/*
 * This file uses the low level AES functions (which are deprecated for
 * non-internal use) in order to implement provider AES ciphers.
 */
#include "internal/deprecated.h"

#include "cipher_aes_siv.h"
#include "prov/implementations.h"
#include "prov/providercommonerr.h"
#include "prov/ciphercommon_aead.h"

#define siv_stream_update siv_cipher
#define SIV_FLAGS AEAD_FLAGS

static void *aes_siv_newctx(void *provctx, size_t keybits, unsigned int mode,
                            uint64_t flags)
{
    PROV_AES_SIV_CTX *ctx = OPENSSL_zalloc(sizeof(*ctx));

    if (ctx != NULL) {
        ctx->taglen = SIV_LEN;
        ctx->mode = mode;
        ctx->flags = flags;
        ctx->keylen = keybits / 8;
        ctx->hw = PROV_CIPHER_HW_aes_siv(keybits);
    }
    return ctx;
}

static void aes_siv_freectx(void *vctx)
{
    PROV_AES_SIV_CTX *ctx = (PROV_AES_SIV_CTX *)vctx;

    if (ctx != NULL) {
        ctx->hw->cleanup(ctx);
        OPENSSL_clear_free(ctx,  sizeof(*ctx));
    }
}

static int siv_init(void *vctx, const unsigned char *key, size_t keylen,
                    const unsigned char *iv, size_t ivlen, int enc)
{
    PROV_AES_SIV_CTX *ctx = (PROV_AES_SIV_CTX *)vctx;

    ctx->enc = enc;

    if (key != NULL) {
        if (keylen != ctx->keylen) {
            ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY_LENGTH);
            return 0;
        }
        return ctx->hw->initkey(ctx, key, ctx->keylen);
    }
    return 1;
}

static int siv_einit(void *vctx, const unsigned char *key, size_t keylen,
                     const unsigned char *iv, size_t ivlen)
{
    return siv_init(vctx, key, keylen, iv, ivlen, 1);
}

static int siv_dinit(void *vctx, const unsigned char *key, size_t keylen,
                     const unsigned char *iv, size_t ivlen)
{
    return siv_init(vctx, key, keylen, iv, ivlen, 0);
}

static int siv_cipher(void *vctx, unsigned char *out, size_t *outl,
                      size_t outsize, const unsigned char *in, size_t inl)
{
    PROV_AES_SIV_CTX *ctx = (PROV_AES_SIV_CTX *)vctx;

    if (inl == 0) {
        *outl = 0;
        return 1;
    }

    if (outsize < inl) {
        ERR_raise(ERR_LIB_PROV, PROV_R_OUTPUT_BUFFER_TOO_SMALL);
        return 0;
    }

    if (ctx->hw->cipher(ctx, out, in, inl) <= 0)
        return 0;

    if (outl != NULL)
        *outl = inl;
    return 1;
}

static int siv_stream_final(void *vctx, unsigned char *out, size_t *outl,
                            size_t outsize)
{
    PROV_AES_SIV_CTX *ctx = (PROV_AES_SIV_CTX *)vctx;

    if (!ctx->hw->cipher(vctx, out, NULL, 0))
        return 0;

    if (outl != NULL)
        *outl = 0;
    return 1;
}

static int aes_siv_get_ctx_params(void *vctx, OSSL_PARAM params[])
{
    PROV_AES_SIV_CTX *ctx = (PROV_AES_SIV_CTX *)vctx;
    SIV128_CONTEXT *sctx = &ctx->siv;
    OSSL_PARAM *p;

    p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_AEAD_TAG);
    if (p != NULL && p->data_type == OSSL_PARAM_OCTET_STRING) {
        if (!ctx->enc
            || p->data_size != ctx->taglen
            || !OSSL_PARAM_set_octet_string(p, &sctx->tag.byte, ctx->taglen)) {
            ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
            return 0;
        }
    }
    p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_AEAD_TAGLEN);
    if (p != NULL && !OSSL_PARAM_set_size_t(p, ctx->taglen)) {
        ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
        return 0;
    }
    p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_KEYLEN);
    if (p != NULL && !OSSL_PARAM_set_size_t(p, ctx->keylen)) {
        ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
        return 0;
    }
    return 1;
}

static const OSSL_PARAM aes_siv_known_gettable_ctx_params[] = {
    OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_KEYLEN, NULL),
    OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_AEAD_TAGLEN, NULL),
    OSSL_PARAM_uint(OSSL_CIPHER_PARAM_SPEED, NULL),
    OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_AEAD_TAG, NULL, 0),
    OSSL_PARAM_END
};
static const OSSL_PARAM *aes_siv_gettable_ctx_params(void)
{
    return aes_siv_known_gettable_ctx_params;
}

static int aes_siv_set_ctx_params(void *vctx, const OSSL_PARAM params[])
{
    PROV_AES_SIV_CTX *ctx = (PROV_AES_SIV_CTX *)vctx;
    const OSSL_PARAM *p;
    unsigned int speed = 0;

    p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_AEAD_TAG);
    if (p != NULL) {
        if (ctx->enc)
            return 1;
        if (p->data_type != OSSL_PARAM_OCTET_STRING
            || !ctx->hw->settag(ctx, p->data, p->data_size)) {
            ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER);
            return 0;
        }
    }
    p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_SPEED);
    if (p != NULL) {
        if (!OSSL_PARAM_get_uint(p, &speed)) {
            ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER);
            return 0;
        }
        ctx->hw->setspeed(ctx, (int)speed);
    }
    p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_KEYLEN);
    if (p != NULL) {
        size_t keylen;

        if (!OSSL_PARAM_get_size_t(p, &keylen)) {
            ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER);
            return 0;
        }
        /* The key length can not be modified */
        if (keylen != ctx->keylen)
            return 0;
    }
    return 1;
}

static const OSSL_PARAM aes_siv_known_settable_ctx_params[] = {
    OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_KEYLEN, NULL),
    OSSL_PARAM_uint(OSSL_CIPHER_PARAM_SPEED, NULL),
    OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_AEAD_TAG, NULL, 0),
    OSSL_PARAM_END
};
static const OSSL_PARAM *aes_siv_settable_ctx_params(void)
{
    return aes_siv_known_settable_ctx_params;
}

#define IMPLEMENT_cipher(alg, lc, UCMODE, flags, kbits, blkbits, ivbits)       \
static OSSL_FUNC_cipher_get_params_fn alg##_##kbits##_##lc##_get_params;       \
static int alg##_##kbits##_##lc##_get_params(OSSL_PARAM params[])              \
{                                                                              \
    return cipher_generic_get_params(params, EVP_CIPH_##UCMODE##_MODE,         \
                                     flags, 2*kbits, blkbits, ivbits);         \
}                                                                              \
static OSSL_FUNC_cipher_newctx_fn alg##kbits##lc##_newctx;                     \
static void * alg##kbits##lc##_newctx(void *provctx)                           \
{                                                                              \
    return alg##_##lc##_newctx(provctx, 2*kbits, EVP_CIPH_##UCMODE##_MODE,     \
                               flags);                                         \
}                                                                              \
const OSSL_DISPATCH alg##kbits##lc##_functions[] = {                           \
    { OSSL_FUNC_CIPHER_NEWCTX, (void (*)(void))alg##kbits##lc##_newctx },      \
    { OSSL_FUNC_CIPHER_FREECTX, (void (*)(void))alg##_##lc##_freectx },        \
    { OSSL_FUNC_CIPHER_ENCRYPT_INIT, (void (*)(void)) lc##_einit },            \
    { OSSL_FUNC_CIPHER_DECRYPT_INIT, (void (*)(void)) lc##_dinit },            \
    { OSSL_FUNC_CIPHER_UPDATE, (void (*)(void)) lc##_stream_update },          \
    { OSSL_FUNC_CIPHER_FINAL, (void (*)(void)) lc##_stream_final },            \
    { OSSL_FUNC_CIPHER_CIPHER, (void (*)(void)) lc##_cipher },                 \
    { OSSL_FUNC_CIPHER_GET_PARAMS,                                             \
      (void (*)(void)) alg##_##kbits##_##lc##_get_params },                    \
    { OSSL_FUNC_CIPHER_GETTABLE_PARAMS,                                        \
      (void (*)(void))cipher_generic_gettable_params },                        \
    { OSSL_FUNC_CIPHER_GET_CTX_PARAMS,                                         \
      (void (*)(void)) alg##_##lc##_get_ctx_params },                          \
    { OSSL_FUNC_CIPHER_GETTABLE_CTX_PARAMS,                                    \
      (void (*)(void)) alg##_##lc##_gettable_ctx_params },                     \
    { OSSL_FUNC_CIPHER_SET_CTX_PARAMS,                                         \
      (void (*)(void)) alg##_##lc##_set_ctx_params },                          \
    { OSSL_FUNC_CIPHER_SETTABLE_CTX_PARAMS,                                    \
      (void (*)(void)) alg##_##lc##_settable_ctx_params },                     \
    { 0, NULL }                                                                \
};

IMPLEMENT_cipher(aes, siv, SIV, SIV_FLAGS, 128, 8, 0)
IMPLEMENT_cipher(aes, siv, SIV, SIV_FLAGS, 192, 8, 0)
IMPLEMENT_cipher(aes, siv, SIV, SIV_FLAGS, 256, 8, 0)
Commit	Line	Data
eb173822	1	/*
33388b44	2	* Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved.
eb173822 SL	3	*
	4	* Licensed under the Apache License 2.0 (the "License"). You may not use
	5	* this file except in compliance with the License. You can obtain a copy
	6	* in the file LICENSE in the source distribution or at
	7	* https://www.openssl.org/source/license.html
	8	*/
	9
	10	/* Dispatch functions for AES SIV mode */
	11
c72fa255 MC	12	/*
	13	* This file uses the low level AES functions (which are deprecated for
	14	* non-internal use) in order to implement provider AES ciphers.
	15	*/
	16	#include "internal/deprecated.h"
	17
eb173822 SL	18	#include "cipher_aes_siv.h"
	19	#include "prov/implementations.h"
	20	#include "prov/providercommonerr.h"
68a51d59	21	#include "prov/ciphercommon_aead.h"
eb173822 SL	22
	23	#define siv_stream_update siv_cipher
	24	#define SIV_FLAGS AEAD_FLAGS
	25
	26	static void aes_siv_newctx(void provctx, size_t keybits, unsigned int mode,
	27	uint64_t flags)
	28	{
	29	PROV_AES_SIV_CTX ctx = OPENSSL_zalloc(sizeof(ctx));
	30
	31	if (ctx != NULL) {
	32	ctx->taglen = SIV_LEN;
	33	ctx->mode = mode;
	34	ctx->flags = flags;
	35	ctx->keylen = keybits / 8;
	36	ctx->hw = PROV_CIPHER_HW_aes_siv(keybits);
	37	}
	38	return ctx;
	39	}
	40
	41	static void aes_siv_freectx(void *vctx)
	42	{
	43	PROV_AES_SIV_CTX ctx = (PROV_AES_SIV_CTX )vctx;
	44
	45	if (ctx != NULL) {
	46	ctx->hw->cleanup(ctx);
	47	OPENSSL_clear_free(ctx, sizeof(*ctx));
	48	}
	49	}
	50
	51	static int siv_init(void vctx, const unsigned char key, size_t keylen,
	52	const unsigned char *iv, size_t ivlen, int enc)
	53	{
	54	PROV_AES_SIV_CTX ctx = (PROV_AES_SIV_CTX )vctx;
	55
	56	ctx->enc = enc;
	57
eb173822 SL	58	if (key != NULL) {
	59	if (keylen != ctx->keylen) {
	60	ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY_LENGTH);
	61	return 0;
	62	}
	63	return ctx->hw->initkey(ctx, key, ctx->keylen);
	64	}
	65	return 1;
	66	}
	67
	68	static int siv_einit(void vctx, const unsigned char key, size_t keylen,
	69	const unsigned char *iv, size_t ivlen)
	70	{
	71	return siv_init(vctx, key, keylen, iv, ivlen, 1);
	72	}
	73
	74	static int siv_dinit(void vctx, const unsigned char key, size_t keylen,
	75	const unsigned char *iv, size_t ivlen)
	76	{
	77	return siv_init(vctx, key, keylen, iv, ivlen, 0);
	78	}
	79
	80	static int siv_cipher(void vctx, unsigned char out, size_t *outl,
	81	size_t outsize, const unsigned char *in, size_t inl)
	82	{
	83	PROV_AES_SIV_CTX ctx = (PROV_AES_SIV_CTX )vctx;
	84
4b9c750b MC	85	if (inl == 0) {
	86	*outl = 0;
	87	return 1;
	88	}
	89
eb173822 SL	90	if (outsize < inl) {
	91	ERR_raise(ERR_LIB_PROV, PROV_R_OUTPUT_BUFFER_TOO_SMALL);
	92	return 0;
	93	}
	94
	95	if (ctx->hw->cipher(ctx, out, in, inl) <= 0)
	96	return 0;
	97
	98	if (outl != NULL)
	99	*outl = inl;
	100	return 1;
	101	}
	102
	103	static int siv_stream_final(void vctx, unsigned char out, size_t *outl,
	104	size_t outsize)
	105	{
	106	PROV_AES_SIV_CTX ctx = (PROV_AES_SIV_CTX )vctx;
	107
	108	if (!ctx->hw->cipher(vctx, out, NULL, 0))
	109	return 0;
	110
	111	if (outl != NULL)
	112	*outl = 0;
	113	return 1;
	114	}
	115
	116	static int aes_siv_get_ctx_params(void *vctx, OSSL_PARAM params[])
	117	{
	118	PROV_AES_SIV_CTX ctx = (PROV_AES_SIV_CTX )vctx;
	119	SIV128_CONTEXT *sctx = &ctx->siv;
	120	OSSL_PARAM *p;
	121
	122	p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_AEAD_TAG);
	123	if (p != NULL && p->data_type == OSSL_PARAM_OCTET_STRING) {
	124	if (!ctx->enc
	125	\|\| p->data_size != ctx->taglen
	126	\|\| !OSSL_PARAM_set_octet_string(p, &sctx->tag.byte, ctx->taglen)) {
	127	ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
	128	return 0;
	129	}
	130	}
	131	p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_AEAD_TAGLEN);
	132	if (p != NULL && !OSSL_PARAM_set_size_t(p, ctx->taglen)) {
	133	ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
	134	return 0;
	135	}
	136	p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_KEYLEN);
	137	if (p != NULL && !OSSL_PARAM_set_size_t(p, ctx->keylen)) {
	138	ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER);
	139	return 0;
	140	}
	141	return 1;
	142	}
	143
	144	static const OSSL_PARAM aes_siv_known_gettable_ctx_params[] = {
	145	OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_KEYLEN, NULL),
	146	OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_AEAD_TAGLEN, NULL),
	147	OSSL_PARAM_uint(OSSL_CIPHER_PARAM_SPEED, NULL),
	148	OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_AEAD_TAG, NULL, 0),
	149	OSSL_PARAM_END
	150	};
	151	static const OSSL_PARAM *aes_siv_gettable_ctx_params(void)
	152	{
	153	return aes_siv_known_gettable_ctx_params;
154	}
155
156	static int aes_siv_set_ctx_params(void *vctx, const OSSL_PARAM params[])
157	{
158	PROV_AES_SIV_CTX ctx = (PROV_AES_SIV_CTX )vctx;
159	const OSSL_PARAM *p;
160	unsigned int speed = 0;
161
162	p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_AEAD_TAG);
163	if (p != NULL) {
164	if (ctx->enc)
165	return 1;
166	if (p->data_type != OSSL_PARAM_OCTET_STRING
167	\|\| !ctx->hw->settag(ctx, p->data, p->data_size)) {
168	ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER);
169	return 0;
170	}
171	}
172	p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_SPEED);
173	if (p != NULL) {
174	if (!OSSL_PARAM_get_uint(p, &speed)) {
175	ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER);
176	return 0;
177	}
178	ctx->hw->setspeed(ctx, (int)speed);
179	}
180	p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_KEYLEN);
181	if (p != NULL) {
182	size_t keylen;
183
184	if (!OSSL_PARAM_get_size_t(p, &keylen)) {
185	ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER);
186	return 0;
187	}
188	/* The key length can not be modified */
189	if (keylen != ctx->keylen)
190	return 0;
191	}
192	return 1;
193	}
194
195	static const OSSL_PARAM aes_siv_known_settable_ctx_params[] = {
196	OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_KEYLEN, NULL),
197	OSSL_PARAM_uint(OSSL_CIPHER_PARAM_SPEED, NULL),
198	OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_AEAD_TAG, NULL, 0),
199	OSSL_PARAM_END
200	};
201	static const OSSL_PARAM *aes_siv_settable_ctx_params(void)
202	{
203	return aes_siv_known_settable_ctx_params;
204	}
205
206	#define IMPLEMENT_cipher(alg, lc, UCMODE, flags, kbits, blkbits, ivbits) \
363b1e5d	207	static OSSL_FUNC_cipher_get_params_fn alg##_##kbits##_##lc##_get_params; \
eb173822 SL	208	static int alg##_##kbits##_##lc##_get_params(OSSL_PARAM params[]) \
	209	{ \
	210	return cipher_generic_get_params(params, EVP_CIPH_##UCMODE##_MODE, \
	211	flags, 2*kbits, blkbits, ivbits); \
	212	} \
363b1e5d	213	static OSSL_FUNC_cipher_newctx_fn alg##kbits##lc##_newctx; \
eb173822 SL	214	static void * alg##kbits##lc##_newctx(void *provctx) \
	215	{ \
	216	return alg##_##lc##_newctx(provctx, 2*kbits, EVP_CIPH_##UCMODE##_MODE, \
	217	flags); \
	218	} \
	219	const OSSL_DISPATCH alg##kbits##lc##_functions[] = { \
	220	{ OSSL_FUNC_CIPHER_NEWCTX, (void (*)(void))alg##kbits##lc##_newctx }, \
	221	{ OSSL_FUNC_CIPHER_FREECTX, (void (*)(void))alg##_##lc##_freectx }, \
	222	{ OSSL_FUNC_CIPHER_ENCRYPT_INIT, (void (*)(void)) lc##_einit }, \
	223	{ OSSL_FUNC_CIPHER_DECRYPT_INIT, (void (*)(void)) lc##_dinit }, \
	224	{ OSSL_FUNC_CIPHER_UPDATE, (void (*)(void)) lc##_stream_update }, \
	225	{ OSSL_FUNC_CIPHER_FINAL, (void (*)(void)) lc##_stream_final }, \
	226	{ OSSL_FUNC_CIPHER_CIPHER, (void (*)(void)) lc##_cipher }, \
	227	{ OSSL_FUNC_CIPHER_GET_PARAMS, \
	228	(void (*)(void)) alg##_##kbits##_##lc##_get_params }, \
	229	{ OSSL_FUNC_CIPHER_GETTABLE_PARAMS, \
	230	(void (*)(void))cipher_generic_gettable_params }, \
	231	{ OSSL_FUNC_CIPHER_GET_CTX_PARAMS, \
	232	(void (*)(void)) alg##_##lc##_get_ctx_params }, \
	233	{ OSSL_FUNC_CIPHER_GETTABLE_CTX_PARAMS, \
	234	(void (*)(void)) alg##_##lc##_gettable_ctx_params }, \
	235	{ OSSL_FUNC_CIPHER_SET_CTX_PARAMS, \
	236	(void (*)(void)) alg##_##lc##_set_ctx_params }, \
	237	{ OSSL_FUNC_CIPHER_SETTABLE_CTX_PARAMS, \
	238	(void (*)(void)) alg##_##lc##_settable_ctx_params }, \
	239	{ 0, NULL } \
	240	};
	241
	242	IMPLEMENT_cipher(aes, siv, SIV, SIV_FLAGS, 128, 8, 0)
	243	IMPLEMENT_cipher(aes, siv, SIV, SIV_FLAGS, 192, 8, 0)
	244	IMPLEMENT_cipher(aes, siv, SIV, SIV_FLAGS, 256, 8, 0)