2 * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
10 typedef struct prov_ccm_hw_st PROV_CCM_HW;
12 #if defined(OPENSSL_CPUID_OBJ) && defined(__s390__)
14 * KMAC-AES parameter block - begin
15 * (see z/Architecture Principles of Operation >= SA22-7832-08)
17 typedef struct S390X_kmac_params_st {
19 unsigned long long g[2];
24 /* KMAC-AES parameter block - end */
27 /* Base structure that is shared by AES & ARIA for CCM MODE */
28 typedef struct prov_ccm_st {
30 int key_set; /* Set if key initialised */
31 int iv_set; /* Set if an iv is set */
32 int tag_set; /* Set if tag is valid */
33 int len_set; /* Set if message length set */
34 size_t l, m; /* L and M parameters from RFC3610 */
36 int tls_aad_len; /* TLS AAD length */
38 unsigned char iv[AES_BLOCK_SIZE];
39 unsigned char buf[AES_BLOCK_SIZE];
40 CCM128_CONTEXT ccm_ctx;
42 const PROV_CCM_HW *hw; /* hardware specific methods */
45 typedef struct prov_aes_ccm_ctx_st {
46 PROV_CCM_CTX base; /* Must be first */
50 * Padding is chosen so that s390x.kmac.k overlaps with ks.ks and
51 * fc with ks.ks.rounds. Remember that on s390x, an AES_KEY's
52 * rounds field is used to store the function code and that the key
53 * schedule is not stored (if aes hardware support is detected).
56 unsigned char pad[16];
59 #if defined(OPENSSL_CPUID_OBJ) && defined(__s390__)
61 S390X_KMAC_PARAMS kmac;
62 unsigned long long blocks;
64 unsigned long long g[2];
65 unsigned char b[AES_BLOCK_SIZE];
68 unsigned long long g[2];
69 unsigned char b[AES_BLOCK_SIZE];
71 unsigned char dummy_pad[168];
72 unsigned int fc; /* fc has same offset as ks.ks.rounds */
74 #endif /* defined(OPENSSL_CPUID_OBJ) && defined(__s390__) */
78 PROV_CIPHER_FUNC(int, CCM_cipher, (PROV_CCM_CTX *ctx, unsigned char *out, \
79 size_t *padlen, const unsigned char *in, \
81 PROV_CIPHER_FUNC(int, CCM_setkey, (PROV_CCM_CTX *ctx, \
82 const unsigned char *key, size_t keylen));
83 PROV_CIPHER_FUNC(int, CCM_setiv, (PROV_CCM_CTX *dat, \
84 const unsigned char *iv, size_t ivlen, \
86 PROV_CIPHER_FUNC(int, CCM_setaad, (PROV_CCM_CTX *ctx, \
87 const unsigned char *aad, size_t aadlen));
88 PROV_CIPHER_FUNC(int, CCM_auth_encrypt, (PROV_CCM_CTX *ctx, \
89 const unsigned char *in, \
90 unsigned char *out, size_t len, \
91 unsigned char *tag, size_t taglen));
92 PROV_CIPHER_FUNC(int, CCM_auth_decrypt, (PROV_CCM_CTX *ctx, \
93 const unsigned char *in, \
94 unsigned char *out, size_t len, \
95 unsigned char *tag, size_t taglen));
96 PROV_CIPHER_FUNC(int, CCM_gettag, (PROV_CCM_CTX *ctx, \
97 unsigned char *tag, size_t taglen));
100 * CCM Mode internal method table used to handle hardware specific differences,
101 * (and different algorithms).
103 struct prov_ccm_hw_st {
104 OSSL_CCM_setkey_fn setkey;
105 OSSL_CCM_setiv_fn setiv;
106 OSSL_CCM_setaad_fn setaad;
107 OSSL_CCM_auth_encrypt_fn auth_encrypt;
108 OSSL_CCM_auth_decrypt_fn auth_decrypt;
109 OSSL_CCM_gettag_fn gettag;
112 const PROV_CCM_HW *PROV_AES_HW_ccm(size_t keylen);
114 #if !defined(OPENSSL_NO_ARIA) && !defined(FIPS_MODE)
115 # include "internal/aria.h"
116 typedef struct prov_aria_ccm_ctx_st {
117 PROV_CCM_CTX base; /* Must be first */
121 } ks; /* ARIA key schedule to use */
124 const PROV_CCM_HW *PROV_ARIA_HW_ccm(size_t keylen);
126 #endif /* !defined(OPENSSL_NO_ARIA) && !defined(FIPS_MODE) */
128 OSSL_OP_cipher_encrypt_init_fn ccm_einit;
129 OSSL_OP_cipher_decrypt_init_fn ccm_dinit;
130 OSSL_OP_cipher_get_ctx_params_fn ccm_get_ctx_params;
131 OSSL_OP_cipher_set_ctx_params_fn ccm_set_ctx_params;
132 OSSL_OP_cipher_update_fn ccm_stream_update;
133 OSSL_OP_cipher_final_fn ccm_stream_final;
134 OSSL_OP_cipher_cipher_fn ccm_cipher;
135 void ccm_initctx(PROV_CCM_CTX *ctx, size_t keybits, const PROV_CCM_HW *hw);
136 void ccm_finalctx(PROV_CCM_CTX *ctx);