providers/common/ciphers/ciphers_gcm.h

   1
   2 /*
   3  * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
   4  *
   5  * Licensed under the Apache License 2.0 (the "License").  You may not use
   6  * this file except in compliance with the License.  You can obtain a copy
   7  * in the file LICENSE in the source distribution or at
   8  * https://www.openssl.org/source/license.html
   9  */
  10
  11 #include <openssl/aes.h>
  12
  13 typedef struct prov_gcm_hw_st PROV_GCM_HW;
  14
  15 #define GCM_IV_DEFAULT_SIZE 12/* IV's for AES_GCM should normally be 12 bytes */
  16 #define GCM_IV_MAX_SIZE     64
  17 #define GCM_TAG_MAX_SIZE    16
  18
  19 typedef struct prov_gcm_ctx_st {
  20     int enc;                /* Set to 1 if we are encrypting or 0 otherwise */
  21     int mode;               /* The mode that we are using */
  22     size_t keylen;
  23     int ivlen;
  24     size_t ivlen_min;
  25     int taglen;
  26     int key_set;            /* Set if key initialised */
  27     int iv_state;           /* set to one of IV_STATE_XXX */
  28     int iv_gen_rand;        /* No IV was specified, so generate a rand IV */
  29     int iv_gen;             /* It is OK to generate IVs */
  30     int tls_aad_pad_sz;
  31     int tls_aad_len;        /* TLS AAD length */
  32     uint64_t tls_enc_records;   /* Number of TLS records encrypted */
  33
  34     /*
  35      * num contains the number of bytes of |iv| which are valid for modes that
  36      * manage partial blocks themselves.
  37      */
  38     size_t num;
  39     size_t bufsz;           /* Number of bytes in buf */
  40     uint64_t flags;
  41
  42     unsigned int pad : 1;   /* Whether padding should be used or not */
  43
  44     unsigned char iv[GCM_IV_MAX_SIZE]; /* Buffer to use for IV's */
  45     unsigned char buf[AES_BLOCK_SIZE];     /* Buffer of partial blocks processed via update calls */
  46
  47     OPENSSL_CTX *libctx;    /* needed for rand calls */
  48     const PROV_GCM_HW *hw;  /* hardware specific methods */
  49     GCM128_CONTEXT gcm;
  50     ctr128_f ctr;
  51     const void *ks;
  52 } PROV_GCM_CTX;
  53
  54 typedef struct prov_aes_gcm_ctx_st {
  55     PROV_GCM_CTX base;          /* must be first entry in struct */
  56     union {
  57         OSSL_UNION_ALIGN;
  58         AES_KEY ks;
  59     } ks;                       /* AES key schedule to use */
  60
  61     /* Platform specific data */
  62     union {
  63         int dummy;
  64 #if defined(OPENSSL_CPUID_OBJ) && defined(__s390__)
  65         struct {
  66             union {
  67                 OSSL_UNION_ALIGN;
  68                 S390X_KMA_PARAMS kma;
  69             } param;
  70             unsigned int fc;
  71             unsigned char ares[16];
  72             unsigned char mres[16];
  73             unsigned char kres[16];
  74             int areslen;
  75             int mreslen;
  76             int kreslen;
  77             int res;
  78         } s390x;
  79 #endif /* defined(OPENSSL_CPUID_OBJ) && defined(__s390__) */
  80     } plat;
  81 } PROV_AES_GCM_CTX;
  82
  83 OSSL_CIPHER_FUNC(int, GCM_setkey, (PROV_GCM_CTX *ctx, const unsigned char *key,
  84                                    size_t keylen));
  85 OSSL_CIPHER_FUNC(int, GCM_setiv, (PROV_GCM_CTX *dat, const unsigned char *iv,
  86                                   size_t ivlen));
  87 OSSL_CIPHER_FUNC(int, GCM_aadupdate, (PROV_GCM_CTX *ctx,
  88                                       const unsigned char *aad, size_t aadlen));
  89 OSSL_CIPHER_FUNC(int, GCM_cipherupdate, (PROV_GCM_CTX *ctx,
  90                                          const unsigned char *in, size_t len,
  91                                          unsigned char *out));
  92 OSSL_CIPHER_FUNC(int, GCM_cipherfinal, (PROV_GCM_CTX *ctx, unsigned char *tag));
  93 OSSL_CIPHER_FUNC(int, GCM_oneshot, (PROV_GCM_CTX *ctx, unsigned char *aad,
  94                                     size_t aad_len, const unsigned char *in,
  95                                     size_t in_len, unsigned char *out,
  96                                     unsigned char *tag, size_t taglen));
  97 struct prov_gcm_hw_st {
  98   OSSL_GCM_setkey_fn setkey;
  99   OSSL_GCM_setiv_fn setiv;
 100   OSSL_GCM_aadupdate_fn aadupdate;
 101   OSSL_GCM_cipherupdate_fn cipherupdate;
 102   OSSL_GCM_cipherfinal_fn cipherfinal;
 103   OSSL_GCM_oneshot_fn oneshot;
 104 };
 105 const PROV_GCM_HW *PROV_AES_HW_gcm(size_t keybits);
 106
 107 #if !defined(OPENSSL_NO_ARIA) && !defined(FIPS_MODE)
 108
 109 #include "internal/aria.h"
 110
 111 typedef struct prov_aria_gcm_ctx_st {
 112     PROV_GCM_CTX base;              /* must be first entry in struct */
 113     union {
 114         OSSL_UNION_ALIGN;
 115         ARIA_KEY ks;
 116     } ks;
 117 } PROV_ARIA_GCM_CTX;
 118 const PROV_GCM_HW *PROV_ARIA_HW_gcm(size_t keybits);
 119
 120 #endif /* !defined(OPENSSL_NO_ARIA) && !defined(FIPS_MODE) */