3 * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
5 * Licensed under the Apache License 2.0 (the "License"). You may not use
6 * this file except in compliance with the License. You can obtain a copy
7 * in the file LICENSE in the source distribution or at
8 * https://www.openssl.org/source/license.html
11 #include <openssl/aes.h>
13 typedef struct prov_gcm_hw_st PROV_GCM_HW
;
15 #define GCM_IV_DEFAULT_SIZE 12/* IV's for AES_GCM should normally be 12 bytes */
16 #define GCM_IV_MAX_SIZE 64
17 #define GCM_TAG_MAX_SIZE 16
19 typedef struct prov_gcm_ctx_st
{
20 int enc
; /* Set to 1 if we are encrypting or 0 otherwise */
21 int mode
; /* The mode that we are using */
26 int key_set
; /* Set if key initialised */
27 int iv_state
; /* set to one of IV_STATE_XXX */
28 int iv_gen_rand
; /* No IV was specified, so generate a rand IV */
29 int iv_gen
; /* It is OK to generate IVs */
31 int tls_aad_len
; /* TLS AAD length */
32 uint64_t tls_enc_records
; /* Number of TLS records encrypted */
35 * num contains the number of bytes of |iv| which are valid for modes that
36 * manage partial blocks themselves.
39 size_t bufsz
; /* Number of bytes in buf */
42 unsigned int pad
: 1; /* Whether padding should be used or not */
44 unsigned char iv
[GCM_IV_MAX_SIZE
]; /* Buffer to use for IV's */
45 unsigned char buf
[AES_BLOCK_SIZE
]; /* Buffer of partial blocks processed via update calls */
47 OPENSSL_CTX
*libctx
; /* needed for rand calls */
48 const PROV_GCM_HW
*hw
; /* hardware specific methods */
54 typedef struct prov_aes_gcm_ctx_st
{
55 PROV_GCM_CTX base
; /* must be first entry in struct */
59 } ks
; /* AES key schedule to use */
61 /* Platform specific data */
64 #if defined(OPENSSL_CPUID_OBJ) && defined(__s390__)
71 unsigned char ares
[16];
72 unsigned char mres
[16];
73 unsigned char kres
[16];
79 #endif /* defined(OPENSSL_CPUID_OBJ) && defined(__s390__) */
83 OSSL_CIPHER_FUNC(int, GCM_setkey
, (PROV_GCM_CTX
*ctx
, const unsigned char *key
,
85 OSSL_CIPHER_FUNC(int, GCM_setiv
, (PROV_GCM_CTX
*dat
, const unsigned char *iv
,
87 OSSL_CIPHER_FUNC(int, GCM_aadupdate
, (PROV_GCM_CTX
*ctx
,
88 const unsigned char *aad
, size_t aadlen
));
89 OSSL_CIPHER_FUNC(int, GCM_cipherupdate
, (PROV_GCM_CTX
*ctx
,
90 const unsigned char *in
, size_t len
,
92 OSSL_CIPHER_FUNC(int, GCM_cipherfinal
, (PROV_GCM_CTX
*ctx
, unsigned char *tag
));
93 OSSL_CIPHER_FUNC(int, GCM_oneshot
, (PROV_GCM_CTX
*ctx
, unsigned char *aad
,
94 size_t aad_len
, const unsigned char *in
,
95 size_t in_len
, unsigned char *out
,
96 unsigned char *tag
, size_t taglen
));
97 struct prov_gcm_hw_st
{
98 OSSL_GCM_setkey_fn setkey
;
99 OSSL_GCM_setiv_fn setiv
;
100 OSSL_GCM_aadupdate_fn aadupdate
;
101 OSSL_GCM_cipherupdate_fn cipherupdate
;
102 OSSL_GCM_cipherfinal_fn cipherfinal
;
103 OSSL_GCM_oneshot_fn oneshot
;
105 const PROV_GCM_HW
*PROV_AES_HW_gcm(size_t keybits
);
107 #if !defined(OPENSSL_NO_ARIA) && !defined(FIPS_MODE)
109 #include "internal/aria.h"
111 typedef struct prov_aria_gcm_ctx_st
{
112 PROV_GCM_CTX base
; /* must be first entry in struct */
118 const PROV_GCM_HW
*PROV_ARIA_HW_gcm(size_t keybits
);
120 #endif /* !defined(OPENSSL_NO_ARIA) && !defined(FIPS_MODE) */