1 /*
2  * Copyright 2019-2024 The OpenSSL Project Authors. All Rights Reserved.
3  *
4  * Licensed under the Apache License 2.0 (the "License").  You may not use
5  * this file except in compliance with the License.  You can obtain a copy
6  * in the file LICENSE in the source distribution or at
7  * https://www.openssl.org/source/license.html
8  */
9 
10 /*
11  * This file uses the low level AES functions (which are deprecated for
12  * non-internal use) in order to implement provider AES ciphers.
13  */
14 #include "internal/deprecated.h"
15 
16 #include "cipher_aes_ocb.h"
17 
18 #define OCB_SET_KEY_FN(fn_set_enc_key, fn_set_dec_key,                         \
19                        fn_block_enc, fn_block_dec,                             \
20                        fn_stream_enc, fn_stream_dec)                           \
21 CRYPTO_ocb128_cleanup(&ctx->ocb);                                              \
22 fn_set_enc_key(key, keylen * 8, &ctx->ksenc.ks);                               \
23 fn_set_dec_key(key, keylen * 8, &ctx->ksdec.ks);                               \
24 if (!CRYPTO_ocb128_init(&ctx->ocb, &ctx->ksenc.ks, &ctx->ksdec.ks,             \
25                         (block128_f)fn_block_enc, (block128_f)fn_block_dec,    \
26                         ctx->base.enc ? (ocb128_f)fn_stream_enc :              \
27                                         (ocb128_f)fn_stream_dec))              \
28     return 0;                                                                  \
29 ctx->key_set = 1
30 
31 
cipher_hw_aes_ocb_generic_initkey(PROV_CIPHER_CTX * vctx,const unsigned char * key,size_t keylen)32 static int cipher_hw_aes_ocb_generic_initkey(PROV_CIPHER_CTX *vctx,
33                                              const unsigned char *key,
34                                              size_t keylen)
35 {
36     PROV_AES_OCB_CTX *ctx = (PROV_AES_OCB_CTX *)vctx;
37 
38 /*
39  * We set both the encrypt and decrypt key here because decrypt
40  * needs both. (i.e- AAD uses encrypt).
41  */
42 # ifdef HWAES_CAPABLE
43     if (HWAES_CAPABLE) {
44         OCB_SET_KEY_FN(HWAES_set_encrypt_key, HWAES_set_decrypt_key,
45                        HWAES_encrypt, HWAES_decrypt,
46                        HWAES_ocb_encrypt, HWAES_ocb_decrypt);
47     } else
48 # endif
49 # ifdef VPAES_CAPABLE
50     if (VPAES_CAPABLE) {
51         OCB_SET_KEY_FN(vpaes_set_encrypt_key, vpaes_set_decrypt_key,
52                        vpaes_encrypt, vpaes_decrypt, NULL, NULL);
53     } else
54 # endif
55     {
56         OCB_SET_KEY_FN(AES_set_encrypt_key, AES_set_decrypt_key,
57                        AES_encrypt, AES_decrypt, NULL, NULL);
58     }
59     return 1;
60 }
61 
62 # if defined(AESNI_CAPABLE)
63 
cipher_hw_aes_ocb_aesni_initkey(PROV_CIPHER_CTX * vctx,const unsigned char * key,size_t keylen)64 static int cipher_hw_aes_ocb_aesni_initkey(PROV_CIPHER_CTX *vctx,
65                                            const unsigned char *key,
66                                            size_t keylen)
67 {
68     PROV_AES_OCB_CTX *ctx = (PROV_AES_OCB_CTX *)vctx;
69 
70     OCB_SET_KEY_FN(aesni_set_encrypt_key, aesni_set_decrypt_key,
71                    aesni_encrypt, aesni_decrypt,
72                    aesni_ocb_encrypt, aesni_ocb_decrypt);
73     return 1;
74 }
75 
76 # define PROV_CIPHER_HW_declare()                                              \
77 static const PROV_CIPHER_HW aesni_ocb = {                                      \
78     cipher_hw_aes_ocb_aesni_initkey,                                           \
79     NULL                                                                       \
80 };
81 # define PROV_CIPHER_HW_select()                                               \
82     if (AESNI_CAPABLE)                                                         \
83         return &aesni_ocb;
84 
85 #elif defined(SPARC_AES_CAPABLE)
86 
cipher_hw_aes_ocb_t4_initkey(PROV_CIPHER_CTX * vctx,const unsigned char * key,size_t keylen)87 static int cipher_hw_aes_ocb_t4_initkey(PROV_CIPHER_CTX *vctx,
88                                         const unsigned char *key,
89                                         size_t keylen)
90 {
91     PROV_AES_OCB_CTX *ctx = (PROV_AES_OCB_CTX *)vctx;
92 
93     OCB_SET_KEY_FN(aes_t4_set_encrypt_key, aes_t4_set_decrypt_key,
94                    aes_t4_encrypt, aes_t4_decrypt, NULL, NULL);
95     return 1;
96 }
97 
98 # define PROV_CIPHER_HW_declare()                                              \
99 static const PROV_CIPHER_HW aes_t4_ocb = {                                     \
100     cipher_hw_aes_ocb_t4_initkey,                                              \
101     NULL                                                                       \
102 };
103 # define PROV_CIPHER_HW_select()                                               \
104     if (SPARC_AES_CAPABLE)                                                     \
105         return &aes_t4_ocb;
106 
107 #elif defined(OPENSSL_CPUID_OBJ) && defined(__riscv) && __riscv_xlen == 64
108 
cipher_hw_aes_ocb_rv64i_zknd_zkne_initkey(PROV_CIPHER_CTX * vctx,const unsigned char * key,size_t keylen)109 static int cipher_hw_aes_ocb_rv64i_zknd_zkne_initkey(PROV_CIPHER_CTX *vctx,
110                                                      const unsigned char *key,
111                                                      size_t keylen)
112 {
113     PROV_AES_OCB_CTX *ctx = (PROV_AES_OCB_CTX *)vctx;
114 
115     OCB_SET_KEY_FN(rv64i_zkne_set_encrypt_key, rv64i_zknd_set_decrypt_key,
116                    rv64i_zkne_encrypt, rv64i_zknd_decrypt, NULL, NULL);
117     return 1;
118 }
119 
cipher_hw_aes_ocb_rv64i_zvkned_initkey(PROV_CIPHER_CTX * vctx,const unsigned char * key,size_t keylen)120 static int cipher_hw_aes_ocb_rv64i_zvkned_initkey(PROV_CIPHER_CTX *vctx,
121                                                      const unsigned char *key,
122                                                      size_t keylen)
123 {
124     PROV_AES_OCB_CTX *ctx = (PROV_AES_OCB_CTX *)vctx;
125 
126     /* Zvkned only supports 128 and 256 bit keys. */
127     if (keylen * 8 == 128 || keylen * 8 == 256) {
128         OCB_SET_KEY_FN(rv64i_zvkned_set_encrypt_key,
129                        rv64i_zvkned_set_decrypt_key,
130                        rv64i_zvkned_encrypt, rv64i_zvkned_decrypt,
131                        NULL, NULL);
132     } else {
133         OCB_SET_KEY_FN(AES_set_encrypt_key, AES_set_encrypt_key,
134                        rv64i_zvkned_encrypt, rv64i_zvkned_decrypt,
135                        NULL, NULL);
136     }
137     return 1;
138 }
139 
140 # define PROV_CIPHER_HW_declare()                                              \
141 static const PROV_CIPHER_HW aes_rv64i_zknd_zkne_ocb = {                        \
142     cipher_hw_aes_ocb_rv64i_zknd_zkne_initkey,                                 \
143     NULL                                                                       \
144 };                                                                             \
145 static const PROV_CIPHER_HW aes_rv64i_zvkned_ocb = {                           \
146     cipher_hw_aes_ocb_rv64i_zvkned_initkey,                                    \
147     NULL                                                                       \
148 };
149 # define PROV_CIPHER_HW_select()                                               \
150     if (RISCV_HAS_ZVKNED() && riscv_vlen() >= 128)                             \
151         return &aes_rv64i_zvkned_ocb;                                          \
152     else if (RISCV_HAS_ZKND_AND_ZKNE())                                        \
153         return &aes_rv64i_zknd_zkne_ocb;
154 
155 #elif defined(OPENSSL_CPUID_OBJ) && defined(__riscv) && __riscv_xlen == 32
156 
cipher_hw_aes_ocb_rv32i_zknd_zkne_initkey(PROV_CIPHER_CTX * vctx,const unsigned char * key,size_t keylen)157 static int cipher_hw_aes_ocb_rv32i_zknd_zkne_initkey(PROV_CIPHER_CTX *vctx,
158                                                      const unsigned char *key,
159                                                      size_t keylen)
160 {
161     PROV_AES_OCB_CTX *ctx = (PROV_AES_OCB_CTX *)vctx;
162 
163     OCB_SET_KEY_FN(rv32i_zkne_set_encrypt_key, rv32i_zknd_zkne_set_decrypt_key,
164                    rv32i_zkne_encrypt, rv32i_zknd_decrypt, NULL, NULL);
165     return 1;
166 }
167 
cipher_hw_aes_ocb_rv32i_zbkb_zknd_zkne_initkey(PROV_CIPHER_CTX * vctx,const unsigned char * key,size_t keylen)168 static int cipher_hw_aes_ocb_rv32i_zbkb_zknd_zkne_initkey(PROV_CIPHER_CTX *vctx,
169                                                           const unsigned char *key,
170                                                           size_t keylen)
171 {
172     PROV_AES_OCB_CTX *ctx = (PROV_AES_OCB_CTX *)vctx;
173 
174     OCB_SET_KEY_FN(rv32i_zbkb_zkne_set_encrypt_key, rv32i_zbkb_zknd_zkne_set_decrypt_key,
175                    rv32i_zkne_encrypt, rv32i_zknd_decrypt, NULL, NULL);
176     return 1;
177 }
178 
179 # define PROV_CIPHER_HW_declare()                                              \
180 static const PROV_CIPHER_HW aes_rv32i_zknd_zkne_ocb = {                        \
181     cipher_hw_aes_ocb_rv32i_zknd_zkne_initkey,                                 \
182     NULL                                                                       \
183 };                                                                             \
184 static const PROV_CIPHER_HW aes_rv32i_zbkb_zknd_zkne_ocb = {                   \
185     cipher_hw_aes_ocb_rv32i_zbkb_zknd_zkne_initkey,                            \
186     NULL                                                                       \
187 };
188 # define PROV_CIPHER_HW_select()                                               \
189     if (RISCV_HAS_ZBKB_AND_ZKND_AND_ZKNE())                                    \
190         return &aes_rv32i_zbkb_zknd_zkne_ocb;                                  \
191     if (RISCV_HAS_ZKND_AND_ZKNE())                                             \
192         return &aes_rv32i_zknd_zkne_ocb;
193 #else
194 # define PROV_CIPHER_HW_declare()
195 # define PROV_CIPHER_HW_select()
196 # endif
197 
198 static const PROV_CIPHER_HW aes_generic_ocb = {
199     cipher_hw_aes_ocb_generic_initkey,
200     NULL
201 };
PROV_CIPHER_HW_declare()202 PROV_CIPHER_HW_declare()
203 const PROV_CIPHER_HW *ossl_prov_cipher_hw_aes_ocb(size_t keybits)
204 {
205     PROV_CIPHER_HW_select()
206     return &aes_generic_ocb;
207 }
208 
209 
210