]> git.ipfire.org Git - thirdparty/openssl.git/blob - providers/common/ciphers/aes.c
projects / thirdparty / openssl.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Implement support for AES-256-ECB in the default provider
[thirdparty/openssl.git] / providers / common / ciphers / aes.c
1 /*
2 * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10 #include <string.h>
11 #include <openssl/crypto.h>
12 #include <openssl/core_numbers.h>
13 #include <openssl/core_names.h>
14 #include <openssl/evp.h>
15 #include <openssl/params.h>
16 #include "internal/cryptlib.h"
17 #include "ciphers_locl.h"
18
19 static void PROV_AES_KEY_generic_init(PROV_AES_KEY *ctx,
20 const unsigned char *iv,
21 int enc)
22 {
23 if (iv != NULL)
24 memcpy(ctx->iv, iv, AES_BLOCK_SIZE);
25 ctx->enc = enc;
26 }
27
28 static int aes_einit(void *vctx, const unsigned char *key,
29 const unsigned char *iv)
30 {
31 PROV_AES_KEY *ctx = (PROV_AES_KEY *)vctx;
32
33 PROV_AES_KEY_generic_init(ctx, iv, 1);
34 if (key != NULL)
35 return ctx->ciph->init(ctx, key, ctx->keylen);
36
37 return 1;
38 }
39
40 static int aes_dinit(void *vctx, const unsigned char *key,
41 const unsigned char *iv)
42 {
43 PROV_AES_KEY *ctx = (PROV_AES_KEY *)vctx;
44
45 PROV_AES_KEY_generic_init(ctx, iv, 0);
46 if (key != NULL)
47 return ctx->ciph->init(ctx, key, ctx->keylen);
48
49 return 1;
50 }
51
52 static int aes_update(void *vctx, unsigned char *out, size_t *outl,
53 const unsigned char *in, size_t inl)
54 {
55 PROV_AES_KEY *ctx = (PROV_AES_KEY *)vctx;
56 size_t nextblocks = fillblock(ctx->buf, &ctx->bufsz, AES_BLOCK_SIZE, &in,
57 &inl);
58 size_t outlint = 0;
59
60 /*
61 * If we're decrypting and we end an update on a block boundary we hold
62 * the last block back in case this is the last update call and the last
63 * block is padded.
64 */
65 if (ctx->bufsz == AES_BLOCK_SIZE
66 && (ctx->enc || inl > 0 || !ctx->pad)) {
67 if (!ctx->ciph->cipher(ctx, out, ctx->buf, AES_BLOCK_SIZE))
68 return 0;
69 ctx->bufsz = 0;
70 outlint = AES_BLOCK_SIZE;
71 out += AES_BLOCK_SIZE;
72 }
73 if (nextblocks > 0) {
74 if (!ctx->enc && ctx->pad && nextblocks == inl) {
75 if (!ossl_assert(inl >= AES_BLOCK_SIZE))
76 return 0;
77 nextblocks -= AES_BLOCK_SIZE;
78 }
79 if (!ctx->ciph->cipher(ctx, out, in, nextblocks))
80 return 0;
81 in += nextblocks;
82 inl -= nextblocks;
83 outlint += nextblocks;
84 }
85 if (!trailingdata(ctx->buf, &ctx->bufsz, AES_BLOCK_SIZE, &in, &inl))
86 return 0;
87
88 *outl = outlint;
89 return inl == 0;
90 }
91
92 static int aes_final(void *vctx, unsigned char *out, size_t *outl)
93 {
94 PROV_AES_KEY *ctx = (PROV_AES_KEY *)vctx;
95
96 if (ctx->enc) {
97 if (ctx->pad) {
98 padblock(ctx->buf, &ctx->bufsz, AES_BLOCK_SIZE);
99 } else if (ctx->bufsz == 0) {
100 *outl = 0;
101 return 1;
102 } else if (ctx->bufsz != AES_BLOCK_SIZE) {
103 /* TODO(3.0): What is the correct error code here? */
104 return 0;
105 }
106
107 if (!ctx->ciph->cipher(ctx, out, ctx->buf, AES_BLOCK_SIZE))
108 return 0;
109 ctx->bufsz = 0;
110 *outl = AES_BLOCK_SIZE;
111 return 1;
112 }
113
114 /* Decrypting */
115 /* TODO(3.0): What's the correct error here */
116 if (ctx->bufsz != AES_BLOCK_SIZE) {
117 if (ctx->bufsz == 0 && !ctx->pad) {
118 *outl = 0;
119 return 1;
120 }
121 return 0;
122 }
123
124 if (!ctx->ciph->cipher(ctx, ctx->buf, ctx->buf, AES_BLOCK_SIZE))
125 return 0;
126
127 /* TODO(3.0): What is the correct error here */
128 if (ctx->pad && !unpadblock(ctx->buf, &ctx->bufsz, AES_BLOCK_SIZE))
129 return 0;
130
131 memcpy(out, ctx->buf, ctx->bufsz);
132 *outl = ctx->bufsz;
133 ctx->bufsz = 0;
134 return 1;
135 }
136
137 static void *aes_256_ecb_newctx(void)
138 {
139 PROV_AES_KEY *ctx = OPENSSL_zalloc(sizeof(*ctx));
140
141 ctx->pad = 1;
142 ctx->keylen = 256 / 8;
143 ctx->ciph = PROV_AES_CIPHER_ecb();
144 ctx->mode = EVP_CIPH_ECB_MODE;
145 return ctx;
146 }
147
148 static void aes_freectx(void *vctx)
149 {
150 PROV_AES_KEY *ctx = (PROV_AES_KEY *)vctx;
151
152 OPENSSL_clear_free(ctx, sizeof(*ctx));
153 }
154
155 static void *aes_dupctx(void *ctx)
156 {
157 PROV_AES_KEY *in = (PROV_AES_KEY *)ctx;
158 PROV_AES_KEY *ret = OPENSSL_malloc(sizeof(*ret));
159
160 *ret = *in;
161
162 return ret;
163 }
164
165 static size_t key_length_256(void)
166 {
167 return 256 / 8;
168 }
169
170 static int aes_get_params(void *vctx, const OSSL_PARAM params[])
171 {
172 PROV_AES_KEY *ctx = (PROV_AES_KEY *)vctx;
173 const OSSL_PARAM *p;
174
175 p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_PADDING);
176 if (p != NULL && !OSSL_PARAM_set_uint(p, ctx->pad))
177 return 0;
178
179 return 1;
180 }
181
182 static int aes_set_params(void *vctx, const OSSL_PARAM params[])
183 {
184 PROV_AES_KEY *ctx = (PROV_AES_KEY *)vctx;
185 const OSSL_PARAM *p;
186
187 p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_PADDING);
188 if (p != NULL) {
189 int pad;
190
191 if (!OSSL_PARAM_get_int(p, &pad))
192 return 0;
193 ctx->pad = pad ? 1 : 0;
194 }
195 return 1;
196 }
197
198 extern const OSSL_DISPATCH aes256ecb_functions[];
199 const OSSL_DISPATCH aes256ecb_functions[] = {
200 { OSSL_FUNC_CIPHER_NEWCTX, (void (*)(void))aes_256_ecb_newctx },
201 { OSSL_FUNC_CIPHER_ENCRYPT_INIT, (void (*)(void))aes_einit },
202 { OSSL_FUNC_CIPHER_DECRYPT_INIT, (void (*)(void))aes_dinit },
203 { OSSL_FUNC_CIPHER_UPDATE, (void (*)(void))aes_update },
204 { OSSL_FUNC_CIPHER_FINAL, (void (*)(void))aes_final },
205 { OSSL_FUNC_CIPHER_FREECTX, (void (*)(void))aes_freectx },
206 { OSSL_FUNC_CIPHER_DUPCTX, (void (*)(void))aes_dupctx },
207 { OSSL_FUNC_CIPHER_KEY_LENGTH, (void (*)(void))key_length_256 },
208 { OSSL_FUNC_CIPHER_GET_PARAMS, (void (*)(void))aes_get_params },
209 { OSSL_FUNC_CIPHER_SET_PARAMS, (void (*)(void))aes_set_params },
210 { 0, NULL }
211 };
A mirror of the official openssl repository