2
0

cipher_aes_hw.c 5.7 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163
  1. /*
  2. * Copyright 2001-2024 The OpenSSL Project Authors. All Rights Reserved.
  3. *
  4. * Licensed under the Apache License 2.0 (the "License"). You may not use
  5. * this file except in compliance with the License. You can obtain a copy
  6. * in the file LICENSE in the source distribution or at
  7. * https://www.openssl.org/source/license.html
  8. */
  9. /*
  10. * This file uses the low level AES functions (which are deprecated for
  11. * non-internal use) in order to implement provider AES ciphers.
  12. */
  13. #include "internal/deprecated.h"
  14. #include <openssl/proverr.h>
  15. #include "cipher_aes.h"
  16. static int cipher_hw_aes_initkey(PROV_CIPHER_CTX *dat,
  17. const unsigned char *key, size_t keylen)
  18. {
  19. int ret;
  20. PROV_AES_CTX *adat = (PROV_AES_CTX *)dat;
  21. AES_KEY *ks = &adat->ks.ks;
  22. dat->ks = ks;
  23. if ((dat->mode == EVP_CIPH_ECB_MODE || dat->mode == EVP_CIPH_CBC_MODE)
  24. && !dat->enc) {
  25. #ifdef HWAES_CAPABLE
  26. if (HWAES_CAPABLE) {
  27. ret = HWAES_set_decrypt_key(key, keylen * 8, ks);
  28. dat->block = (block128_f)HWAES_decrypt;
  29. dat->stream.cbc = NULL;
  30. # ifdef HWAES_cbc_encrypt
  31. if (dat->mode == EVP_CIPH_CBC_MODE)
  32. dat->stream.cbc = (cbc128_f)HWAES_cbc_encrypt;
  33. # endif
  34. # ifdef HWAES_ecb_encrypt
  35. if (dat->mode == EVP_CIPH_ECB_MODE)
  36. dat->stream.ecb = (ecb128_f)HWAES_ecb_encrypt;
  37. # endif
  38. } else
  39. #endif
  40. #ifdef BSAES_CAPABLE
  41. if (BSAES_CAPABLE && dat->mode == EVP_CIPH_CBC_MODE) {
  42. ret = AES_set_decrypt_key(key, keylen * 8, ks);
  43. dat->block = (block128_f)AES_decrypt;
  44. dat->stream.cbc = (cbc128_f)ossl_bsaes_cbc_encrypt;
  45. } else
  46. #endif
  47. #ifdef VPAES_CAPABLE
  48. if (VPAES_CAPABLE) {
  49. ret = vpaes_set_decrypt_key(key, keylen * 8, ks);
  50. dat->block = (block128_f)vpaes_decrypt;
  51. dat->stream.cbc = (dat->mode == EVP_CIPH_CBC_MODE)
  52. ?(cbc128_f)vpaes_cbc_encrypt : NULL;
  53. } else
  54. #endif
  55. {
  56. ret = AES_set_decrypt_key(key, keylen * 8, ks);
  57. dat->block = (block128_f)AES_decrypt;
  58. dat->stream.cbc = (dat->mode == EVP_CIPH_CBC_MODE)
  59. ? (cbc128_f)AES_cbc_encrypt : NULL;
  60. }
  61. } else
  62. #ifdef HWAES_CAPABLE
  63. if (HWAES_CAPABLE) {
  64. ret = HWAES_set_encrypt_key(key, keylen * 8, ks);
  65. dat->block = (block128_f)HWAES_encrypt;
  66. dat->stream.cbc = NULL;
  67. # ifdef HWAES_cbc_encrypt
  68. if (dat->mode == EVP_CIPH_CBC_MODE)
  69. dat->stream.cbc = (cbc128_f)HWAES_cbc_encrypt;
  70. else
  71. # endif
  72. # ifdef HWAES_ecb_encrypt
  73. if (dat->mode == EVP_CIPH_ECB_MODE)
  74. dat->stream.ecb = (ecb128_f)HWAES_ecb_encrypt;
  75. else
  76. # endif
  77. # ifdef HWAES_ctr32_encrypt_blocks
  78. if (dat->mode == EVP_CIPH_CTR_MODE)
  79. dat->stream.ctr = (ctr128_f)HWAES_ctr32_encrypt_blocks;
  80. else
  81. # endif
  82. (void)0; /* terminate potentially open 'else' */
  83. } else
  84. #endif
  85. #ifdef BSAES_CAPABLE
  86. if (BSAES_CAPABLE && dat->mode == EVP_CIPH_CTR_MODE) {
  87. ret = AES_set_encrypt_key(key, keylen * 8, ks);
  88. dat->block = (block128_f)AES_encrypt;
  89. dat->stream.ctr = (ctr128_f)ossl_bsaes_ctr32_encrypt_blocks;
  90. } else
  91. #endif
  92. #ifdef VPAES_CAPABLE
  93. if (VPAES_CAPABLE) {
  94. ret = vpaes_set_encrypt_key(key, keylen * 8, ks);
  95. dat->block = (block128_f)vpaes_encrypt;
  96. dat->stream.cbc = (dat->mode == EVP_CIPH_CBC_MODE)
  97. ? (cbc128_f)vpaes_cbc_encrypt : NULL;
  98. } else
  99. #endif
  100. {
  101. ret = AES_set_encrypt_key(key, keylen * 8, ks);
  102. dat->block = (block128_f)AES_encrypt;
  103. dat->stream.cbc = (dat->mode == EVP_CIPH_CBC_MODE)
  104. ? (cbc128_f)AES_cbc_encrypt : NULL;
  105. #ifdef AES_CTR_ASM
  106. if (dat->mode == EVP_CIPH_CTR_MODE)
  107. dat->stream.ctr = (ctr128_f)AES_ctr32_encrypt;
  108. #endif
  109. }
  110. if (ret < 0) {
  111. ERR_raise(ERR_LIB_PROV, PROV_R_KEY_SETUP_FAILED);
  112. return 0;
  113. }
  114. return 1;
  115. }
  116. IMPLEMENT_CIPHER_HW_COPYCTX(cipher_hw_aes_copyctx, PROV_AES_CTX)
  117. #define PROV_CIPHER_HW_aes_mode(mode) \
  118. static const PROV_CIPHER_HW aes_##mode = { \
  119. cipher_hw_aes_initkey, \
  120. ossl_cipher_hw_generic_##mode, \
  121. cipher_hw_aes_copyctx \
  122. }; \
  123. PROV_CIPHER_HW_declare(mode) \
  124. const PROV_CIPHER_HW *ossl_prov_cipher_hw_aes_##mode(size_t keybits) \
  125. { \
  126. PROV_CIPHER_HW_select(mode) \
  127. return &aes_##mode; \
  128. }
  129. #if defined(AESNI_CAPABLE)
  130. # include "cipher_aes_hw_aesni.inc"
  131. #elif defined(SPARC_AES_CAPABLE)
  132. # include "cipher_aes_hw_t4.inc"
  133. #elif defined(S390X_aes_128_CAPABLE)
  134. # include "cipher_aes_hw_s390x.inc"
  135. #elif defined(OPENSSL_CPUID_OBJ) && defined(__riscv) && __riscv_xlen == 64
  136. # include "cipher_aes_hw_rv64i.inc"
  137. #elif defined(OPENSSL_CPUID_OBJ) && defined(__riscv) && __riscv_xlen == 32
  138. # include "cipher_aes_hw_rv32i.inc"
  139. #elif defined (ARMv8_HWAES_CAPABLE)
  140. # include "cipher_aes_hw_armv8.inc"
  141. #else
  142. /* The generic case */
  143. # define PROV_CIPHER_HW_declare(mode)
  144. # define PROV_CIPHER_HW_select(mode)
  145. #endif
  146. PROV_CIPHER_HW_aes_mode(cbc)
  147. PROV_CIPHER_HW_aes_mode(ecb)
  148. PROV_CIPHER_HW_aes_mode(ofb128)
  149. PROV_CIPHER_HW_aes_mode(cfb128)
  150. PROV_CIPHER_HW_aes_mode(cfb1)
  151. PROV_CIPHER_HW_aes_mode(cfb8)
  152. PROV_CIPHER_HW_aes_mode(ctr)