2 * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
10 #include <openssl/opensslconf.h>
11 #include "ciphers_locl.h"
12 #include "internal/aes_platform.h"
14 #define AES_CCM_SET_KEY_FN(fn_set_enc_key, fn_blk, fn_ccm_enc, fn_ccm_dec) \
15 fn_set_enc_key(key, keylen * 8, &actx->ccm.ks.ks); \
16 CRYPTO_ccm128_init(&ctx->ccm_ctx, ctx->m, ctx->l, &actx->ccm.ks.ks, \
17 (block128_f)fn_blk); \
18 ctx->str = ctx->enc ? (ccm128_f)fn_ccm_enc : (ccm128_f)fn_ccm_dec; \
21 static int ccm_generic_aes_init_key(PROV_CCM_CTX *ctx,
22 const unsigned char *key, size_t keylen)
24 PROV_AES_CCM_CTX *actx = (PROV_AES_CCM_CTX *)ctx;
28 AES_CCM_SET_KEY_FN(HWAES_set_encrypt_key, HWAES_encrypt, NULL, NULL);
30 #endif /* HWAES_CAPABLE */
33 AES_CCM_SET_KEY_FN(vpaes_set_encrypt_key, vpaes_encrypt, NULL, NULL);
37 AES_CCM_SET_KEY_FN(AES_set_encrypt_key, AES_encrypt, NULL, NULL)
42 static int ccm_generic_setiv(PROV_CCM_CTX *ctx, const unsigned char *nonce,
43 size_t nlen, size_t mlen)
45 return CRYPTO_ccm128_setiv(&ctx->ccm_ctx, nonce, nlen, mlen) == 0;
48 static int ccm_generic_setaad(PROV_CCM_CTX *ctx, const unsigned char *aad,
51 CRYPTO_ccm128_aad(&ctx->ccm_ctx, aad, alen);
55 static int ccm_generic_gettag(PROV_CCM_CTX *ctx, unsigned char *tag,
58 return CRYPTO_ccm128_tag(&ctx->ccm_ctx, tag, tlen) > 0;
61 static int ccm_generic_auth_encrypt(PROV_CCM_CTX *ctx, const unsigned char *in,
62 unsigned char *out, size_t len,
63 unsigned char *tag, size_t taglen)
68 rv = CRYPTO_ccm128_encrypt_ccm64(&ctx->ccm_ctx, in,
69 out, len, ctx->str) == 0;
71 rv = CRYPTO_ccm128_encrypt(&ctx->ccm_ctx, in, out, len) == 0;
73 if (rv == 1 && tag != NULL)
74 rv = (CRYPTO_ccm128_tag(&ctx->ccm_ctx, tag, taglen) > 0);
78 static int ccm_generic_auth_decrypt(PROV_CCM_CTX *ctx, const unsigned char *in,
79 unsigned char *out, size_t len,
80 unsigned char *expected_tag,
86 rv = CRYPTO_ccm128_decrypt_ccm64(&ctx->ccm_ctx, in, out, len,
89 rv = CRYPTO_ccm128_decrypt(&ctx->ccm_ctx, in, out, len) == 0;
91 unsigned char tag[16];
93 if (!CRYPTO_ccm128_tag(&ctx->ccm_ctx, tag, taglen)
94 || CRYPTO_memcmp(tag, expected_tag, taglen) != 0)
98 OPENSSL_cleanse(out, len);
102 static const PROV_CCM_HW aes_ccm = {
103 ccm_generic_aes_init_key,
106 ccm_generic_auth_encrypt,
107 ccm_generic_auth_decrypt,
111 #if defined(S390X_aes_128_CAPABLE)
112 # include "aes_ccm_s390x.c"
113 #elif defined(AESNI_CAPABLE)
116 static int ccm_aesni_init_key(PROV_CCM_CTX *ctx,
117 const unsigned char *key, size_t keylen)
119 PROV_AES_CCM_CTX *actx = (PROV_AES_CCM_CTX *)ctx;
121 AES_CCM_SET_KEY_FN(aesni_set_encrypt_key, aesni_encrypt,
122 aesni_ccm64_encrypt_blocks, aesni_ccm64_decrypt_blocks);
126 static const PROV_CCM_HW aesni_ccm = {
130 ccm_generic_auth_encrypt,
131 ccm_generic_auth_decrypt,
135 const PROV_CCM_HW *PROV_AES_HW_ccm(size_t keybits)
137 return AESNI_CAPABLE ? &aesni_ccm : &aes_ccm;
140 #elif defined(SPARC_AES_CAPABLE)
141 /* Fujitsu SPARC64 X support */
142 static int ccm_t4_aes_init_key(PROV_CCM_CTX *ctx,
143 const unsigned char *key, size_t keylen)
145 PROV_AES_CCM_CTX *actx = (PROV_AES_CCM_CTX *)ctx;
147 AES_CCM_SET_KEY_FN(aes_t4_set_encrypt_key, aes_t4_encrypt, NULL, NULL);
151 static const PROV_CCM_HW t4_aes_ccm = {
155 ccm_generic_auth_encrypt,
156 ccm_generic_auth_decrypt,
160 const PROV_CCM_HW *PROV_AES_HW_ccm(size_t keybits)
162 return SPARC_AES_CAPABLE ? &t4_aes_ccm : &aes_ccm;
166 const PROV_CCM_HW *PROV_AES_HW_ccm(size_t keybits)
172 #if !defined(OPENSSL_NO_ARIA) && !defined(FIPS_MODE)
173 /* ARIA CCM Algorithm specific methods */
174 static int ccm_aria_init_key(PROV_CCM_CTX *ctx,
175 const unsigned char *key, size_t keylen)
177 PROV_ARIA_CCM_CTX *actx = (PROV_ARIA_CCM_CTX *)ctx;
179 aria_set_encrypt_key(key, keylen * 8, &actx->ks.ks);
180 CRYPTO_ccm128_init(&ctx->ccm_ctx, ctx->m, ctx->l, &actx->ks.ks,
181 (block128_f)aria_encrypt);
187 static const PROV_CCM_HW ccm_aria = {
191 ccm_generic_auth_encrypt,
192 ccm_generic_auth_decrypt,
195 const PROV_CCM_HW *PROV_ARIA_HW_ccm(size_t keybits)
199 #endif /* OPENSSL_NO_ARIA */