SOURCE[$AES_GOAL]=\
cipher_aes.c cipher_aes_hw.c \
cipher_aes_xts.c cipher_aes_xts_hw.c \
+ cipher_aes_cfb_hw.c \
cipher_aes_gcm.c cipher_aes_gcm_hw.c \
cipher_aes_ccm.c cipher_aes_ccm_hw.c \
cipher_aes_wrp.c \
#include "cipher_aes.h"
#include "prov/implementations.h"
#include "prov/providercommon.h"
+#include "cipher_aes_cfb.h"
static OSSL_FUNC_cipher_freectx_fn aes_freectx;
static OSSL_FUNC_cipher_dupctx_fn aes_dupctx;
PROV_AES_CTX *ctx = (PROV_AES_CTX *)vctx;
ossl_cipher_generic_reset_ctx((PROV_CIPHER_CTX *)vctx);
- OPENSSL_clear_free(ctx, sizeof(*ctx));
+ OPENSSL_clear_free(ctx, sizeof(*ctx));
}
static void *aes_dupctx(void *ctx)
/* ossl_aes128ofb_functions */
IMPLEMENT_generic_cipher(aes, AES, ofb, OFB, 0, 128, 8, 128, stream)
/* ossl_aes256cfb_functions */
-IMPLEMENT_generic_cipher(aes, AES, cfb, CFB, 0, 256, 8, 128, stream)
+IMPLEMENT_generic_cipher(aes, AES, cfb, CFB, 0, 256, 8, 128, stream)
/* ossl_aes192cfb_functions */
-IMPLEMENT_generic_cipher(aes, AES, cfb, CFB, 0, 192, 8, 128, stream)
+IMPLEMENT_generic_cipher(aes, AES, cfb, CFB, 0, 192, 8, 128, stream)
/* ossl_aes128cfb_functions */
-IMPLEMENT_generic_cipher(aes, AES, cfb, CFB, 0, 128, 8, 128, stream)
+IMPLEMENT_generic_cipher(aes, AES, cfb, CFB, 0, 128, 8, 128, stream)
/* ossl_aes256cfb1_functions */
IMPLEMENT_generic_cipher(aes, AES, cfb1, CFB, 0, 256, 8, 128, stream)
/* ossl_aes192cfb1_functions */
} PROV_AES_CTX;
#define ossl_prov_cipher_hw_aes_ofb ossl_prov_cipher_hw_aes_ofb128
-#define ossl_prov_cipher_hw_aes_cfb ossl_prov_cipher_hw_aes_cfb128
const PROV_CIPHER_HW *ossl_prov_cipher_hw_aes_ecb(size_t keybits);
const PROV_CIPHER_HW *ossl_prov_cipher_hw_aes_cbc(size_t keybits);
const PROV_CIPHER_HW *ossl_prov_cipher_hw_aes_ofb128(size_t keybits);
-const PROV_CIPHER_HW *ossl_prov_cipher_hw_aes_cfb128(size_t keybits);
-const PROV_CIPHER_HW *ossl_prov_cipher_hw_aes_cfb1(size_t keybits);
-const PROV_CIPHER_HW *ossl_prov_cipher_hw_aes_cfb8(size_t keybits);
const PROV_CIPHER_HW *ossl_prov_cipher_hw_aes_ctr(size_t keybits);
--- /dev/null
+/*
+ * Copyright 2025 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#include "prov/ciphercommon.h"
+
+#define ossl_prov_cipher_hw_aes_cfb ossl_prov_cipher_hw_aes_cfb128
+
+const PROV_CIPHER_HW *ossl_prov_cipher_hw_aes_cfb128(size_t keybits);
+const PROV_CIPHER_HW *ossl_prov_cipher_hw_aes_cfb1(size_t keybits);
+const PROV_CIPHER_HW *ossl_prov_cipher_hw_aes_cfb8(size_t keybits);
--- /dev/null
+/*
+ * Copyright 2025 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+/*
+ * This file uses the low level AES functions (which are deprecated for
+ * non-internal use) in order to implement provider AES ciphers.
+ */
+#include "internal/deprecated.h"
+
+#include <openssl/proverr.h>
+#include "cipher_aes.h"
+#include "cipher_aes_cfb.h"
+
+static int cipher_hw_aes_initkey(PROV_CIPHER_CTX *dat,
+ const unsigned char *key, size_t keylen)
+{
+ int ret;
+ PROV_AES_CTX *adat = (PROV_AES_CTX *)dat;
+ AES_KEY *ks = &adat->ks.ks;
+
+ dat->ks = ks;
+
+#ifdef HWAES_CAPABLE
+ if (HWAES_CAPABLE) {
+ ret = HWAES_set_encrypt_key(key, (int)(keylen * 8), ks);
+ dat->block = (block128_f)HWAES_encrypt;
+ dat->stream.cbc = NULL;
+ } else {
+#endif
+#ifdef VPAES_CAPABLE
+ if (VPAES_CAPABLE) {
+ ret = vpaes_set_encrypt_key(key, (int)(keylen * 8), ks);
+ dat->block = (block128_f)vpaes_encrypt;
+ dat->stream.cbc = NULL;
+ } else {
+#endif
+ {
+ ret = AES_set_encrypt_key(key, (int)(keylen * 8), ks);
+ dat->block = (block128_f)AES_encrypt;
+ dat->stream.cbc = NULL;
+ }
+#ifdef VPAES_CAPABLE
+ }
+#endif
+#ifdef HWAES_CAPABLE
+ }
+#endif
+
+ if (ret < 0) {
+ ERR_raise(ERR_LIB_PROV, PROV_R_KEY_SETUP_FAILED);
+ return 0;
+ }
+
+ return 1;
+}
+
+IMPLEMENT_CIPHER_HW_COPYCTX(cipher_hw_aes_copyctx, PROV_AES_CTX)
+
+#define PROV_CIPHER_HW_aes_mode(mode) \
+ static const PROV_CIPHER_HW aes_##mode = { \
+ cipher_hw_aes_initkey, \
+ ossl_cipher_hw_generic_##mode, \
+ cipher_hw_aes_copyctx \
+ }; \
+ PROV_CIPHER_HW_declare(mode) \
+ const PROV_CIPHER_HW *ossl_prov_cipher_hw_aes_##mode(size_t keybits) \
+ { \
+ PROV_CIPHER_HW_select(mode) \
+ return &aes_##mode; \
+ }
+
+#if defined(AESNI_CAPABLE)
+# include "cipher_aes_cfb_hw_aesni.inc"
+#elif defined(SPARC_AES_CAPABLE)
+# include "cipher_aes_hw_t4.inc"
+#elif defined(S390X_aes_128_CAPABLE)
+# include "cipher_aes_cfb_hw_s390x.inc"
+#elif defined(OPENSSL_CPUID_OBJ) && defined(__riscv) && __riscv_xlen == 64
+# include "cipher_aes_hw_rv64i.inc"
+#elif defined(OPENSSL_CPUID_OBJ) && defined(__riscv) && __riscv_xlen == 32
+# include "cipher_aes_hw_rv32i.inc"
+#elif defined(ARMv8_HWAES_CAPABLE)
+# include "cipher_aes_hw_armv8.inc"
+#else
+/* The generic case */
+# define PROV_CIPHER_HW_declare(mode)
+# define PROV_CIPHER_HW_select(mode)
+#endif
+
+PROV_CIPHER_HW_aes_mode(cfb128)
+PROV_CIPHER_HW_aes_mode(cfb1)
+PROV_CIPHER_HW_aes_mode(cfb8)
--- /dev/null
+/*
+ * Copyright 2001-2021 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+/*-
+ * AES-NI support for AES mode cfb.
+ * This file is included by cipher_aes_cfb_hw.c
+ */
+
+#define cipher_hw_aesni_cfb128 ossl_cipher_hw_generic_cfb128
+#define cipher_hw_aesni_cfb8 ossl_cipher_hw_generic_cfb8
+#define cipher_hw_aesni_cfb1 ossl_cipher_hw_generic_cfb1
+
+static int cipher_hw_aesni_initkey(PROV_CIPHER_CTX *dat,
+ const unsigned char *key, size_t keylen)
+{
+ int ret;
+ PROV_AES_CTX *adat = (PROV_AES_CTX *)dat;
+ AES_KEY *ks = &adat->ks.ks;
+
+ dat->ks = ks;
+
+ ret = aesni_set_encrypt_key(key, (int)(keylen * 8), ks);
+
+ dat->block = (block128_f) aesni_encrypt;
+ dat->stream.cbc = NULL;
+
+ if (ret < 0) {
+ ERR_raise(ERR_LIB_PROV, PROV_R_KEY_SETUP_FAILED);
+ return 0;
+ }
+
+ return 1;
+}
+
+#define PROV_CIPHER_HW_declare(mode) \
+static const PROV_CIPHER_HW aesni_##mode = { \
+ cipher_hw_aesni_initkey, \
+ cipher_hw_aesni_##mode, \
+ cipher_hw_aes_copyctx \
+};
+#define PROV_CIPHER_HW_select(mode) \
+if (AESNI_CAPABLE) \
+ return &aesni_##mode;
--- /dev/null
+/*
+ * Copyright 2001-2024 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+/*
+ * IBM S390X support for AES mode cfb.
+ * This file is included by cipher_aes_cfb_hw.c
+ */
+
+#include "s390x_arch.h"
+
+#include <stdio.h>
+
+#define s390x_aes_cfb1_initkey cipher_hw_aes_initkey
+#define s390x_aes_cfb1_cipher_hw ossl_cipher_hw_generic_cfb1
+
+#define S390X_aes_128_cfb128_CAPABLE S390X_aes_128_cfb_CAPABLE
+#define S390X_aes_192_cfb128_CAPABLE S390X_aes_192_cfb_CAPABLE
+#define S390X_aes_256_cfb128_CAPABLE S390X_aes_256_cfb_CAPABLE
+
+static int s390x_aes_cfb128_initkey(PROV_CIPHER_CTX *dat,
+ const unsigned char *key, size_t keylen)
+{
+ PROV_AES_CTX *adat = (PROV_AES_CTX *)dat;
+
+ adat->plat.s390x.fc = S390X_AES_FC(keylen);
+ adat->plat.s390x.fc |= 16 << 24; /* 16 bytes cipher feedback */
+ memcpy(adat->plat.s390x.param.kmo_kmf.k, key, keylen);
+ return 1;
+}
+
+static int s390x_aes_cfb128_cipher_hw(PROV_CIPHER_CTX *dat, unsigned char *out,
+ const unsigned char *in, size_t len)
+{
+ PROV_AES_CTX *adat = (PROV_AES_CTX *)dat;
+ unsigned int modifier = adat->base.enc ? 0 : S390X_DECRYPT;
+ int n = dat->num;
+ int rem;
+ unsigned char tmp;
+
+ memcpy(adat->plat.s390x.param.kmo_kmf.cv, dat->iv, dat->ivlen);
+ while (n && len) {
+ tmp = *in;
+ *out = adat->plat.s390x.param.kmo_kmf.cv[n] ^ tmp;
+ adat->plat.s390x.param.kmo_kmf.cv[n] = dat->enc ? *out : tmp;
+ n = (n + 1) & 0xf;
+ --len;
+ ++in;
+ ++out;
+ }
+
+ rem = len & 0xf;
+
+ len &= ~(size_t)0xf;
+ if (len) {
+ s390x_kmf(in, len, out, adat->plat.s390x.fc | modifier,
+ &adat->plat.s390x.param.kmo_kmf);
+
+ out += len;
+ in += len;
+ }
+
+ if (rem) {
+ s390x_km(adat->plat.s390x.param.kmo_kmf.cv, 16,
+ adat->plat.s390x.param.kmo_kmf.cv,
+ S390X_AES_FC(dat->keylen),
+ adat->plat.s390x.param.kmo_kmf.k);
+
+ while (rem--) {
+ tmp = in[n];
+ out[n] = adat->plat.s390x.param.kmo_kmf.cv[n] ^ tmp;
+ adat->plat.s390x.param.kmo_kmf.cv[n] = dat->enc ? out[n] : tmp;
+ ++n;
+ }
+ }
+
+ memcpy(dat->iv, adat->plat.s390x.param.kmo_kmf.cv, dat->ivlen);
+ dat->num = n;
+ return 1;
+}
+
+static int s390x_aes_cfb8_initkey(PROV_CIPHER_CTX *dat,
+ const unsigned char *key, size_t keylen)
+{
+ PROV_AES_CTX *adat = (PROV_AES_CTX *)dat;
+
+ adat->plat.s390x.fc = S390X_AES_FC(keylen);
+ adat->plat.s390x.fc |= 1 << 24; /* 1 byte cipher feedback */
+ memcpy(adat->plat.s390x.param.kmo_kmf.k, key, keylen);
+ return 1;
+}
+
+static int s390x_aes_cfb8_cipher_hw(PROV_CIPHER_CTX *dat, unsigned char *out,
+ const unsigned char *in, size_t len)
+{
+ PROV_AES_CTX *adat = (PROV_AES_CTX *)dat;
+ unsigned int modifier = adat->base.enc ? 0 : S390X_DECRYPT;
+
+ memcpy(adat->plat.s390x.param.kmo_kmf.cv, dat->iv, dat->ivlen);
+ s390x_kmf(in, len, out, adat->plat.s390x.fc | modifier,
+ &adat->plat.s390x.param.kmo_kmf);
+ memcpy(dat->iv, adat->plat.s390x.param.kmo_kmf.cv, dat->ivlen);
+ return 1;
+}
+
+#define PROV_CIPHER_HW_declare(mode) \
+static const PROV_CIPHER_HW s390x_aes_##mode = { \
+ s390x_aes_##mode##_initkey, \
+ s390x_aes_##mode##_cipher_hw, \
+ cipher_hw_aes_copyctx \
+};
+#define PROV_CIPHER_HW_select(mode) \
+if ((keybits == 128 && S390X_aes_128_##mode##_CAPABLE) \
+ || (keybits == 192 && S390X_aes_192_##mode##_CAPABLE) \
+ || (keybits == 256 && S390X_aes_256_##mode##_CAPABLE)) \
+ return &s390x_aes_##mode;
+
# include "cipher_aes_hw_rv64i.inc"
#elif defined(OPENSSL_CPUID_OBJ) && defined(__riscv) && __riscv_xlen == 32
# include "cipher_aes_hw_rv32i.inc"
-#elif defined (ARMv8_HWAES_CAPABLE)
+#elif defined(ARMv8_HWAES_CAPABLE)
# include "cipher_aes_hw_armv8.inc"
#else
/* The generic case */
PROV_CIPHER_HW_aes_mode(cbc)
PROV_CIPHER_HW_aes_mode(ecb)
PROV_CIPHER_HW_aes_mode(ofb128)
-PROV_CIPHER_HW_aes_mode(cfb128)
-PROV_CIPHER_HW_aes_mode(cfb1)
-PROV_CIPHER_HW_aes_mode(cfb8)
PROV_CIPHER_HW_aes_mode(ctr)
*/
/*-
- * AES-NI support for AES modes ecb, cbc, ofb, cfb, ctr.
+ * AES-NI support for AES modes ecb, cbc, ofb, ctr.
* This file is included by cipher_aes_hw.c
*/
#define cipher_hw_aesni_ofb128 ossl_cipher_hw_generic_ofb128
-#define cipher_hw_aesni_cfb128 ossl_cipher_hw_generic_cfb128
-#define cipher_hw_aesni_cfb8 ossl_cipher_hw_generic_cfb8
-#define cipher_hw_aesni_cfb1 ossl_cipher_hw_generic_cfb1
#define cipher_hw_aesni_ctr ossl_cipher_hw_generic_ctr
static int cipher_hw_aesni_initkey(PROV_CIPHER_CTX *dat,
#include <stdio.h>
#define s390x_aes_cbc_initkey cipher_hw_aes_initkey
-#define s390x_aes_cfb1_initkey cipher_hw_aes_initkey
#define s390x_aes_ctr_initkey cipher_hw_aes_initkey
#define s390x_aes_cbc_cipher_hw ossl_cipher_hw_generic_cbc
-#define s390x_aes_cfb1_cipher_hw ossl_cipher_hw_generic_cfb1
#define s390x_aes_ctr_cipher_hw ossl_cipher_hw_generic_ctr
#define S390X_aes_128_ofb128_CAPABLE S390X_aes_128_ofb_CAPABLE
#define S390X_aes_192_ofb128_CAPABLE S390X_aes_192_ofb_CAPABLE
#define S390X_aes_256_ofb128_CAPABLE S390X_aes_256_ofb_CAPABLE
-#define S390X_aes_128_cfb128_CAPABLE S390X_aes_128_cfb_CAPABLE
-#define S390X_aes_192_cfb128_CAPABLE S390X_aes_192_cfb_CAPABLE
-#define S390X_aes_256_cfb128_CAPABLE S390X_aes_256_cfb_CAPABLE
static int s390x_aes_ecb_initkey(PROV_CIPHER_CTX *dat,
const unsigned char *key, size_t keylen)
return 1;
}
-static int s390x_aes_cfb128_initkey(PROV_CIPHER_CTX *dat,
- const unsigned char *key, size_t keylen)
-{
- PROV_AES_CTX *adat = (PROV_AES_CTX *)dat;
-
- adat->plat.s390x.fc = S390X_AES_FC(keylen);
- adat->plat.s390x.fc |= 16 << 24; /* 16 bytes cipher feedback */
- memcpy(adat->plat.s390x.param.kmo_kmf.k, key, keylen);
- return 1;
-}
-
-static int s390x_aes_cfb128_cipher_hw(PROV_CIPHER_CTX *dat, unsigned char *out,
- const unsigned char *in, size_t len)
-{
- PROV_AES_CTX *adat = (PROV_AES_CTX *)dat;
- unsigned int modifier = adat->base.enc ? 0 : S390X_DECRYPT;
- int n = dat->num;
- int rem;
- unsigned char tmp;
-
- memcpy(adat->plat.s390x.param.kmo_kmf.cv, dat->iv, dat->ivlen);
- while (n && len) {
- tmp = *in;
- *out = adat->plat.s390x.param.kmo_kmf.cv[n] ^ tmp;
- adat->plat.s390x.param.kmo_kmf.cv[n] = dat->enc ? *out : tmp;
- n = (n + 1) & 0xf;
- --len;
- ++in;
- ++out;
- }
-
- rem = len & 0xf;
-
- len &= ~(size_t)0xf;
- if (len) {
- s390x_kmf(in, len, out, adat->plat.s390x.fc | modifier,
- &adat->plat.s390x.param.kmo_kmf);
-
- out += len;
- in += len;
- }
-
- if (rem) {
- s390x_km(adat->plat.s390x.param.kmo_kmf.cv, 16,
- adat->plat.s390x.param.kmo_kmf.cv,
- S390X_AES_FC(dat->keylen),
- adat->plat.s390x.param.kmo_kmf.k);
-
- while (rem--) {
- tmp = in[n];
- out[n] = adat->plat.s390x.param.kmo_kmf.cv[n] ^ tmp;
- adat->plat.s390x.param.kmo_kmf.cv[n] = dat->enc ? out[n] : tmp;
- ++n;
- }
- }
-
- memcpy(dat->iv, adat->plat.s390x.param.kmo_kmf.cv, dat->ivlen);
- dat->num = n;
- return 1;
-}
-
-static int s390x_aes_cfb8_initkey(PROV_CIPHER_CTX *dat,
- const unsigned char *key, size_t keylen)
-{
- PROV_AES_CTX *adat = (PROV_AES_CTX *)dat;
-
- adat->plat.s390x.fc = S390X_AES_FC(keylen);
- adat->plat.s390x.fc |= 1 << 24; /* 1 byte cipher feedback */
- memcpy(adat->plat.s390x.param.kmo_kmf.k, key, keylen);
- return 1;
-}
-
-static int s390x_aes_cfb8_cipher_hw(PROV_CIPHER_CTX *dat, unsigned char *out,
- const unsigned char *in, size_t len)
-{
- PROV_AES_CTX *adat = (PROV_AES_CTX *)dat;
- unsigned int modifier = adat->base.enc ? 0 : S390X_DECRYPT;
-
- memcpy(adat->plat.s390x.param.kmo_kmf.cv, dat->iv, dat->ivlen);
- s390x_kmf(in, len, out, adat->plat.s390x.fc | modifier,
- &adat->plat.s390x.param.kmo_kmf);
- memcpy(dat->iv, adat->plat.s390x.param.kmo_kmf.cv, dat->ivlen);
- return 1;
-}
-
#define PROV_CIPHER_HW_declare(mode) \
static const PROV_CIPHER_HW s390x_aes_##mode = { \
s390x_aes_##mode##_initkey, \
|| (keybits == 192 && S390X_aes_192_##mode##_CAPABLE) \
|| (keybits == 256 && S390X_aes_256_##mode##_CAPABLE)) \
return &s390x_aes_##mode;
-
projects / thirdparty / openssl.git / commitdiff
