Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
freebsd
GitHub Repository: freebsd/freebsd-src
Path: blob/main/crypto/openssl/providers/implementations/ciphers/cipher_aes_hw.c
108585 views
1
/*
2
* Copyright 2001-2024 The OpenSSL Project Authors. All Rights Reserved.
3
*
4
* Licensed under the Apache License 2.0 (the "License"). You may not use
5
* this file except in compliance with the License. You can obtain a copy
6
* in the file LICENSE in the source distribution or at
7
* https://www.openssl.org/source/license.html
8
*/
9
10
/*
11
* This file uses the low level AES functions (which are deprecated for
12
* non-internal use) in order to implement provider AES ciphers.
13
*/
14
#include "internal/deprecated.h"
15
16
#include <openssl/proverr.h>
17
#include "cipher_aes.h"
18
19
static int cipher_hw_aes_initkey(PROV_CIPHER_CTX *dat,
20
const unsigned char *key, size_t keylen)
21
{
22
int ret;
23
PROV_AES_CTX *adat = (PROV_AES_CTX *)dat;
24
AES_KEY *ks = &adat->ks.ks;
25
26
dat->ks = ks;
27
28
if ((dat->mode == EVP_CIPH_ECB_MODE || dat->mode == EVP_CIPH_CBC_MODE)
29
&& !dat->enc) {
30
#ifdef HWAES_CAPABLE
31
if (HWAES_CAPABLE) {
32
ret = HWAES_set_decrypt_key(key, keylen * 8, ks);
33
dat->block = (block128_f)HWAES_decrypt;
34
dat->stream.cbc = NULL;
35
#ifdef HWAES_cbc_encrypt
36
if (dat->mode == EVP_CIPH_CBC_MODE)
37
dat->stream.cbc = (cbc128_f)HWAES_cbc_encrypt;
38
#endif
39
#ifdef HWAES_ecb_encrypt
40
if (dat->mode == EVP_CIPH_ECB_MODE)
41
dat->stream.ecb = (ecb128_f)HWAES_ecb_encrypt;
42
#endif
43
} else
44
#endif
45
#ifdef BSAES_CAPABLE
46
if (BSAES_CAPABLE && dat->mode == EVP_CIPH_CBC_MODE) {
47
ret = AES_set_decrypt_key(key, keylen * 8, ks);
48
dat->block = (block128_f)AES_decrypt;
49
dat->stream.cbc = (cbc128_f)ossl_bsaes_cbc_encrypt;
50
} else
51
#endif
52
#ifdef VPAES_CAPABLE
53
if (VPAES_CAPABLE) {
54
ret = vpaes_set_decrypt_key(key, keylen * 8, ks);
55
dat->block = (block128_f)vpaes_decrypt;
56
dat->stream.cbc = (dat->mode == EVP_CIPH_CBC_MODE)
57
? (cbc128_f)vpaes_cbc_encrypt
58
: NULL;
59
} else
60
#endif
61
{
62
ret = AES_set_decrypt_key(key, keylen * 8, ks);
63
dat->block = (block128_f)AES_decrypt;
64
dat->stream.cbc = (dat->mode == EVP_CIPH_CBC_MODE)
65
? (cbc128_f)AES_cbc_encrypt
66
: NULL;
67
}
68
} else
69
#ifdef HWAES_CAPABLE
70
if (HWAES_CAPABLE) {
71
ret = HWAES_set_encrypt_key(key, keylen * 8, ks);
72
dat->block = (block128_f)HWAES_encrypt;
73
dat->stream.cbc = NULL;
74
#ifdef HWAES_cbc_encrypt
75
if (dat->mode == EVP_CIPH_CBC_MODE)
76
dat->stream.cbc = (cbc128_f)HWAES_cbc_encrypt;
77
else
78
#endif
79
#ifdef HWAES_ecb_encrypt
80
if (dat->mode == EVP_CIPH_ECB_MODE)
81
dat->stream.ecb = (ecb128_f)HWAES_ecb_encrypt;
82
else
83
#endif
84
#ifdef HWAES_ctr32_encrypt_blocks
85
if (dat->mode == EVP_CIPH_CTR_MODE)
86
dat->stream.ctr = (ctr128_f)HWAES_ctr32_encrypt_blocks;
87
else
88
#endif
89
(void)0; /* terminate potentially open 'else' */
90
} else
91
#endif
92
#ifdef BSAES_CAPABLE
93
if (BSAES_CAPABLE && dat->mode == EVP_CIPH_CTR_MODE) {
94
ret = AES_set_encrypt_key(key, keylen * 8, ks);
95
dat->block = (block128_f)AES_encrypt;
96
dat->stream.ctr = (ctr128_f)ossl_bsaes_ctr32_encrypt_blocks;
97
} else
98
#endif
99
#ifdef VPAES_CAPABLE
100
if (VPAES_CAPABLE) {
101
ret = vpaes_set_encrypt_key(key, keylen * 8, ks);
102
dat->block = (block128_f)vpaes_encrypt;
103
dat->stream.cbc = (dat->mode == EVP_CIPH_CBC_MODE)
104
? (cbc128_f)vpaes_cbc_encrypt
105
: NULL;
106
} else
107
#endif
108
{
109
ret = AES_set_encrypt_key(key, keylen * 8, ks);
110
dat->block = (block128_f)AES_encrypt;
111
dat->stream.cbc = (dat->mode == EVP_CIPH_CBC_MODE)
112
? (cbc128_f)AES_cbc_encrypt
113
: NULL;
114
#ifdef AES_CTR_ASM
115
if (dat->mode == EVP_CIPH_CTR_MODE)
116
dat->stream.ctr = (ctr128_f)AES_ctr32_encrypt;
117
#endif
118
}
119
120
if (ret < 0) {
121
ERR_raise(ERR_LIB_PROV, PROV_R_KEY_SETUP_FAILED);
122
return 0;
123
}
124
125
return 1;
126
}
127
128
IMPLEMENT_CIPHER_HW_COPYCTX(cipher_hw_aes_copyctx, PROV_AES_CTX)
129
130
#define PROV_CIPHER_HW_aes_mode(mode) \
131
static const PROV_CIPHER_HW aes_##mode = { \
132
cipher_hw_aes_initkey, \
133
ossl_cipher_hw_generic_##mode, \
134
cipher_hw_aes_copyctx \
135
}; \
136
PROV_CIPHER_HW_declare(mode) \
137
const PROV_CIPHER_HW * \
138
ossl_prov_cipher_hw_aes_##mode(size_t keybits) \
139
{ \
140
PROV_CIPHER_HW_select(mode) return &aes_##mode; \
141
}
142
143
#if defined(AESNI_CAPABLE)
144
#include "cipher_aes_hw_aesni.inc"
145
#elif defined(SPARC_AES_CAPABLE)
146
#include "cipher_aes_hw_t4.inc"
147
#elif defined(S390X_aes_128_CAPABLE)
148
#include "cipher_aes_hw_s390x.inc"
149
#elif defined(OPENSSL_CPUID_OBJ) && defined(__riscv) && __riscv_xlen == 64
150
#include "cipher_aes_hw_rv64i.inc"
151
#elif defined(OPENSSL_CPUID_OBJ) && defined(__riscv) && __riscv_xlen == 32
152
#include "cipher_aes_hw_rv32i.inc"
153
#elif defined(ARMv8_HWAES_CAPABLE)
154
#include "cipher_aes_hw_armv8.inc"
155
#else
156
/* The generic case */
157
#define PROV_CIPHER_HW_declare(mode)
158
#define PROV_CIPHER_HW_select(mode)
159
#endif
160
161
PROV_CIPHER_HW_aes_mode(cbc)
162
PROV_CIPHER_HW_aes_mode(ecb)
163
PROV_CIPHER_HW_aes_mode(ofb128)
164
PROV_CIPHER_HW_aes_mode(cfb128)
165
PROV_CIPHER_HW_aes_mode(cfb1)
166
PROV_CIPHER_HW_aes_mode(cfb8)
167
PROV_CIPHER_HW_aes_mode(ctr)
168
169