diff options
| author | Shane Lontis <shane.lontis@oracle.com> | 2019-07-31 21:55:16 +1000 |
|---|---|---|
| committer | Shane Lontis <shane.lontis@oracle.com> | 2019-07-31 21:55:16 +1000 |
| commit | a672a02a6443a29aa368c0d8abeebc809c1a9f28 (patch) | |
| tree | 4148c9b4b3b8442961818740660607db38efc126 /providers/common/ciphers/aes.c | |
| parent | f5b7f99e690b1875e6d047acc435f0029642bfeb (diff) | |
Add gcm ciphers (aes and aria) to providers.
The code has been modularized so that it can be shared by algorithms.
A fixed size IV is now used instead of being allocated.
The IV is not set into the low level struct now until the update (it uses an
iv_state for this purpose).
Hardware specific methods have been added to a PROV_GCM_HW object.
The S390 code has been changed to just contain methods that can be accessed in
a modular way. There are equivalent generic methods also for the other
platforms.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Patrick Steuer <patrick.steuer@de.ibm.com>
(Merged from https://github.com/openssl/openssl/pull/9231)
Diffstat (limited to 'providers/common/ciphers/aes.c')
| -rw-r--r-- | providers/common/ciphers/aes.c | 107 |
1 files changed, 63 insertions, 44 deletions
diff --git a/providers/common/ciphers/aes.c b/providers/common/ciphers/aes.c index a151a8b393..a211694a88 100644 --- a/providers/common/ciphers/aes.c +++ b/providers/common/ciphers/aes.c @@ -13,6 +13,7 @@ #include <openssl/core_names.h> #include <openssl/evp.h> #include <openssl/params.h> +#include <openssl/rand.h> #include "internal/cryptlib.h" #include "internal/provider_algs.h" #include "ciphers_locl.h" @@ -248,50 +249,63 @@ static int aes_cipher(void *vctx, return 1; } -#define IMPLEMENT_cipher(lcmode, UCMODE, flags, kbits, blkbits, ivbits) \ - static OSSL_OP_cipher_get_params_fn aes_##kbits##_##lcmode##_get_params; \ - static int aes_##kbits##_##lcmode##_get_params(OSSL_PARAM params[]) \ - { \ - OSSL_PARAM *p; \ - \ - p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_MODE); \ - if (p != NULL) { \ - if (!OSSL_PARAM_set_int(p, EVP_CIPH_##UCMODE##_MODE)) \ - return 0; \ - } \ - p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_FLAGS); \ - if (p != NULL) { \ - if (!OSSL_PARAM_set_ulong(p, (flags))) \ - return 0; \ - } \ - p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_KEYLEN); \ - if (p != NULL) { \ - if (!OSSL_PARAM_set_int(p, (kbits) / 8)) \ - return 0; \ - } \ - p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_BLOCK_SIZE); \ - if (p != NULL) { \ - if (!OSSL_PARAM_set_int(p, (blkbits) / 8)) \ - return 0; \ - } \ - p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_IVLEN); \ - if (p != NULL) { \ - if (!OSSL_PARAM_set_int(p, (ivbits) / 8)) \ - return 0; \ - } \ - \ - return 1; \ - } \ - static OSSL_OP_cipher_newctx_fn aes_##kbits##_##lcmode##_newctx; \ - static void *aes_##kbits##_##lcmode##_newctx(void *provctx) \ - { \ - PROV_AES_KEY *ctx = OPENSSL_zalloc(sizeof(*ctx)); \ - \ - ctx->pad = 1; \ - ctx->keylen = ((kbits) / 8); \ - ctx->ciph = PROV_AES_CIPHER_##lcmode(ctx->keylen); \ - ctx->mode = EVP_CIPH_##UCMODE##_MODE; \ - return ctx; \ +static void *aes_new_ctx(void *provctx, size_t mode, size_t kbits, + const PROV_AES_CIPHER *ciph) +{ + PROV_AES_KEY *ctx = OPENSSL_zalloc(sizeof(*ctx)); + + ctx->pad = 1; + ctx->keylen = kbits / 8; + ctx->ciph = ciph; + ctx->mode = mode; + return ctx; +} + +int aes_get_params(OSSL_PARAM params[], int md, unsigned long flags, + int kbits, int blkbits, int ivbits) +{ + OSSL_PARAM *p; + + p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_MODE); + if (p != NULL) { + if (!OSSL_PARAM_set_int(p, md)) + return 0; + } + p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_FLAGS); + if (p != NULL) { + if (!OSSL_PARAM_set_ulong(p, flags)) + return 0; + } + p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_KEYLEN); + if (p != NULL) { + if (!OSSL_PARAM_set_int(p, kbits / 8)) + return 0; + } + p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_BLOCK_SIZE); + if (p != NULL) { + if (!OSSL_PARAM_set_int(p, blkbits / 8)) + return 0; + } + p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_IVLEN); + if (p != NULL) { + if (!OSSL_PARAM_set_int(p, ivbits / 8)) + return 0; + } + return 1; +} + +#define IMPLEMENT_cipher(lcmode, UCMODE, flags, kbits, blkbits, ivbits) \ + static OSSL_OP_cipher_get_params_fn aes_##kbits##_##lcmode##_get_params; \ + static int aes_##kbits##_##lcmode##_get_params(OSSL_PARAM params[]) \ + { \ + return aes_get_params(params, EVP_CIPH_##UCMODE##_MODE, flags, kbits, \ + blkbits, ivbits); \ + } \ + static OSSL_OP_cipher_newctx_fn aes_##kbits##_##lcmode##_newctx; \ + static void *aes_##kbits##_##lcmode##_newctx(void *provctx) \ + { \ + return aes_new_ctx(provctx, EVP_CIPH_##UCMODE##_MODE, kbits, \ + PROV_AES_CIPHER_##lcmode(kbits / 8)); \ } /* ECB */ @@ -351,6 +365,11 @@ static int aes_ctx_get_params(void *vctx, OSSL_PARAM params[]) PROV_AES_KEY *ctx = (PROV_AES_KEY *)vctx; OSSL_PARAM *p; + p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_IVLEN); + if (p != NULL) { + if (!OSSL_PARAM_set_int(p, AES_BLOCK_SIZE)) + return 0; + } p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_PADDING); if (p != NULL && !OSSL_PARAM_set_int(p, ctx->pad)) { PROVerr(PROV_F_AES_CTX_GET_PARAMS, PROV_R_FAILED_TO_SET_PARAMETER); |