]>
Commit | Line | Data |
---|---|---|
7c673cae FG |
1 | /********************************************************************** |
2 | Copyright(c) 2011-2016 Intel Corporation All rights reserved. | |
3 | ||
4 | Redistribution and use in source and binary forms, with or without | |
1e59de90 | 5 | modification, are permitted provided that the following conditions |
7c673cae FG |
6 | are met: |
7 | * Redistributions of source code must retain the above copyright | |
8 | notice, this list of conditions and the following disclaimer. | |
9 | * Redistributions in binary form must reproduce the above copyright | |
10 | notice, this list of conditions and the following disclaimer in | |
11 | the documentation and/or other materials provided with the | |
12 | distribution. | |
13 | * Neither the name of Intel Corporation nor the names of its | |
14 | contributors may be used to endorse or promote products derived | |
15 | from this software without specific prior written permission. | |
16 | ||
17 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS | |
18 | "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT | |
19 | LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR | |
20 | A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT | |
21 | OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | |
22 | SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT | |
23 | LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, | |
24 | DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY | |
25 | THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT | |
26 | (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE | |
27 | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | |
28 | **********************************************************************/ | |
29 | ||
30 | #ifndef AES_OSSL_HELPER_H_ | |
31 | #define AES_OSSL_HELPER_H_ | |
32 | ||
33 | #ifdef _MSC_VER | |
34 | # define inline __inline | |
35 | #endif | |
36 | ||
37 | #include <openssl/evp.h> | |
38 | ||
39 | static inline | |
40 | int openssl_aes_128_cbc_dec(uint8_t * key, uint8_t * iv, | |
41 | int len, uint8_t * cyphertext, uint8_t * plaintext) | |
42 | { | |
43 | int outlen = 0, tmplen = 0; | |
1e59de90 TL |
44 | EVP_CIPHER_CTX *ctx; |
45 | ctx = EVP_CIPHER_CTX_new(); | |
7c673cae | 46 | |
1e59de90 | 47 | if (!EVP_DecryptInit_ex(ctx, EVP_aes_128_cbc(), NULL, key, iv)) |
7c673cae | 48 | printf("\n ERROR!! EVP_DecryptInit_ex - EVP_aes_128_cbc\n"); |
1e59de90 | 49 | if (!EVP_CIPHER_CTX_set_padding(ctx, 0)) |
7c673cae | 50 | printf("\n ERROR!! EVP_CIPHER_CTX_set_padding - no padding\n"); |
1e59de90 | 51 | if (!EVP_DecryptUpdate(ctx, plaintext, &outlen, (uint8_t const *)cyphertext, len)) |
7c673cae | 52 | printf("\n ERROR!! EVP_DecryptUpdate - EVP_aes_128_cbc\n"); |
1e59de90 | 53 | if (!EVP_DecryptFinal_ex(ctx, &plaintext[outlen], &tmplen)) |
7c673cae FG |
54 | printf("\n ERROR!! EVP_DecryptFinal_ex - EVP_aes_128_cbc %x, %x, %x\n", len, |
55 | outlen, tmplen); | |
56 | ||
1e59de90 | 57 | EVP_CIPHER_CTX_free(ctx); |
7c673cae FG |
58 | return tmplen; |
59 | } | |
60 | ||
61 | static inline | |
62 | int openssl_aes_128_cbc_enc(uint8_t * key, uint8_t * iv, | |
63 | int len, uint8_t * plaintext, uint8_t * cyphertext) | |
64 | { | |
65 | int outlen, tmplen; | |
1e59de90 TL |
66 | EVP_CIPHER_CTX *ctx; |
67 | ctx = EVP_CIPHER_CTX_new(); | |
7c673cae | 68 | |
1e59de90 | 69 | if (!EVP_EncryptInit_ex(ctx, EVP_aes_128_cbc(), NULL, key, iv)) |
7c673cae | 70 | printf("\n ERROR!! EVP_EncryptInit_ex - EVP_aes_128_cbc\n"); |
1e59de90 | 71 | if (!EVP_CIPHER_CTX_set_padding(ctx, 0)) |
7c673cae FG |
72 | printf("\n ERROR!! EVP_CIPHER_CTX_set_padding - no padding\n"); |
73 | if (!EVP_EncryptUpdate | |
1e59de90 | 74 | (ctx, cyphertext, &outlen, (const unsigned char *)plaintext, len)) |
7c673cae | 75 | printf("\n ERROR!! EVP_EncryptUpdate - EVP_aes_128_cbc\n"); |
1e59de90 | 76 | if (!EVP_EncryptFinal_ex(ctx, cyphertext + outlen, &tmplen)) |
7c673cae FG |
77 | printf("\n ERROR!! EVP_EncryptFinal_ex - EVP_aes_128_cbc\n"); |
78 | ||
1e59de90 | 79 | EVP_CIPHER_CTX_free(ctx); |
7c673cae FG |
80 | return tmplen; |
81 | } | |
82 | ||
83 | static inline | |
84 | int openssl_aes_192_cbc_dec(uint8_t * key, uint8_t * iv, | |
85 | int len, uint8_t * cyphertext, uint8_t * plaintext) | |
86 | { | |
87 | int outlen = 0, tmplen = 0; | |
1e59de90 TL |
88 | EVP_CIPHER_CTX *ctx; |
89 | ctx = EVP_CIPHER_CTX_new(); | |
7c673cae | 90 | |
7c673cae FG |
91 | if (!EVP_DecryptInit_ex(ctx, EVP_aes_192_cbc(), NULL, key, iv)) |
92 | printf("\n ERROR!! EVP_DecryptInit_ex - EVP_aes_192_cbc\n"); | |
93 | if (!EVP_CIPHER_CTX_set_padding(ctx, 0)) | |
94 | printf("\n ERROR!! EVP_CIPHER_CTX_set_padding - no padding\n"); | |
95 | if (!EVP_DecryptUpdate | |
96 | (ctx, plaintext, &outlen, (const unsigned char *)cyphertext, len)) | |
97 | printf("\n ERROR!! EVP_DecryptUpdate - EVP_aes_192_cbc\n"); | |
98 | if (!EVP_DecryptFinal_ex(ctx, plaintext + outlen, &tmplen)) | |
99 | printf("\n ERROR!! EVP_DecryptFinal_ex - EVP_aes_192_cbc \n"); | |
100 | ||
1e59de90 | 101 | EVP_CIPHER_CTX_free(ctx); |
7c673cae FG |
102 | return 0; |
103 | } | |
104 | ||
105 | static inline | |
106 | int openssl_aes_192_cbc_enc(uint8_t * key, uint8_t * iv, | |
107 | int len, uint8_t * plaintext, uint8_t * cyphertext) | |
108 | { | |
109 | int outlen, tmplen; | |
1e59de90 TL |
110 | EVP_CIPHER_CTX *ctx; |
111 | ctx = EVP_CIPHER_CTX_new(); | |
7c673cae | 112 | |
7c673cae FG |
113 | if (!EVP_EncryptInit_ex(ctx, EVP_aes_192_cbc(), NULL, key, iv)) |
114 | printf("\n ERROR!! EVP_EncryptInit_ex - EVP_aes_192_cbc\n"); | |
115 | if (!EVP_CIPHER_CTX_set_padding(ctx, 0)) | |
116 | printf("\n ERROR!! EVP_CIPHER_CTX_set_padding - no padding\n"); | |
117 | if (!EVP_EncryptUpdate | |
118 | (ctx, cyphertext, &outlen, (const unsigned char *)plaintext, len)) | |
119 | printf("\n ERROR!! EVP_EncryptUpdate - EVP_aes_192_cbc\n"); | |
120 | if (!EVP_EncryptFinal_ex(ctx, cyphertext + outlen, &tmplen)) | |
121 | printf("\n ERROR!! EVP_EncryptFinal_ex - EVP_aes_192_cbc\n"); | |
122 | ||
1e59de90 | 123 | EVP_CIPHER_CTX_free(ctx); |
7c673cae FG |
124 | return 0; |
125 | } | |
126 | ||
127 | static inline | |
128 | int openssl_aes_256_cbc_dec(uint8_t * key, uint8_t * iv, | |
129 | int len, uint8_t * cyphertext, uint8_t * plaintext) | |
130 | { | |
131 | int outlen = 0, tmplen = 0; | |
1e59de90 TL |
132 | EVP_CIPHER_CTX *ctx; |
133 | ctx = EVP_CIPHER_CTX_new(); | |
7c673cae | 134 | |
7c673cae FG |
135 | if (!EVP_DecryptInit_ex(ctx, EVP_aes_256_cbc(), NULL, key, iv)) |
136 | printf("\n ERROR!! EVP_DecryptInit_ex - EVP_aes_256_cbc\n"); | |
137 | if (!EVP_CIPHER_CTX_set_padding(ctx, 0)) | |
138 | printf("\n ERROR!! EVP_CIPHER_CTX_set_padding - no padding\n"); | |
139 | if (!EVP_DecryptUpdate | |
140 | (ctx, plaintext, &outlen, (const unsigned char *)cyphertext, len)) | |
141 | printf("\n ERROR!! EVP_DecryptUpdate - EVP_aes_256_cbc\n"); | |
142 | if (!EVP_DecryptFinal_ex(ctx, plaintext + outlen, &tmplen)) | |
143 | printf("\n ERROR!! EVP_DecryptFinal_ex - EVP_aes_256_cbc %x,%x\n", outlen, | |
144 | tmplen); | |
145 | ||
1e59de90 | 146 | EVP_CIPHER_CTX_free(ctx); |
7c673cae FG |
147 | return 0; |
148 | } | |
149 | ||
150 | static inline | |
151 | int openssl_aes_256_cbc_enc(uint8_t * key, uint8_t * iv, | |
152 | int len, uint8_t * plaintext, uint8_t * cyphertext) | |
153 | { | |
154 | int outlen, tmplen; | |
1e59de90 TL |
155 | EVP_CIPHER_CTX *ctx; |
156 | ctx = EVP_CIPHER_CTX_new(); | |
7c673cae | 157 | |
7c673cae FG |
158 | if (!EVP_EncryptInit_ex(ctx, EVP_aes_256_cbc(), NULL, key, iv)) |
159 | printf("\n ERROR!! EVP_EncryptInit_ex - EVP_aes_256_cbc\n"); | |
160 | if (!EVP_CIPHER_CTX_set_padding(ctx, 0)) | |
161 | printf("\n ERROR!! EVP_CIPHER_CTX_set_padding - no padding\n"); | |
162 | if (!EVP_EncryptUpdate | |
163 | (ctx, cyphertext, &outlen, (const unsigned char *)plaintext, len)) | |
164 | printf("\n ERROR!! EVP_EncryptUpdate - EVP_aes_256_cbc\n"); | |
165 | if (!EVP_EncryptFinal_ex(ctx, cyphertext + outlen, &tmplen)) | |
166 | printf("\n ERROR!! EVP_EncryptFinal_ex - EVP_aes_256_cbc\n"); | |
167 | ||
1e59de90 | 168 | EVP_CIPHER_CTX_free(ctx); |
7c673cae FG |
169 | return 0; |
170 | } | |
171 | ||
172 | static inline | |
173 | int openssl_aes_gcm_dec(uint8_t * key, uint8_t * iv, int iv_len, uint8_t * aad, | |
174 | int aad_len, uint8_t * tag, int tag_len, uint8_t * cyphertext, | |
175 | int len, uint8_t * plaintext) | |
176 | { | |
177 | int outlen = 0, tmplen = len, ret; | |
1e59de90 TL |
178 | EVP_CIPHER_CTX *ctx; |
179 | ctx = EVP_CIPHER_CTX_new(); | |
7c673cae | 180 | |
7c673cae FG |
181 | if (!EVP_DecryptInit_ex(ctx, EVP_aes_128_gcm(), NULL, NULL, NULL)) |
182 | printf("\n ERROR!! EVP_DecryptInit_ex - EVP_aes_128_gcm\n"); | |
183 | if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_TAG, tag_len, tag)) | |
184 | printf("\n ERROR!! EVP_CIPHER_CTX_ctrl - set tag\n"); | |
185 | if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_IVLEN, iv_len, NULL)) | |
186 | printf("\n ERROR!! EVP_CIPHER_CTX_ctrl - IV length init\n"); | |
187 | if (!EVP_DecryptInit_ex(ctx, NULL, NULL, key, iv)) | |
188 | printf("\n ERROR!! EVP_DecryptInit_ex - key init\n"); | |
189 | if (!EVP_DecryptUpdate(ctx, NULL, &outlen, aad, aad_len)) | |
190 | printf("\n ERROR!! EVP_DecryptUpdate - aad data setup\n"); | |
191 | if (!EVP_DecryptUpdate | |
192 | (ctx, plaintext, &outlen, (const unsigned char *)cyphertext, len)) | |
193 | printf("\n ERROR!! EVP_DecryptUpdate - PT->CT\n"); | |
194 | if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_TAG, tag_len, tag)) | |
195 | printf("\n ERROR!! EVP_CIPHER_CTX_ctrl - set tag\n"); | |
196 | ||
197 | ret = EVP_DecryptFinal_ex(ctx, plaintext + outlen, &tmplen); | |
198 | if (0 < ret) { | |
199 | tmplen += outlen; | |
200 | } else { | |
201 | //Authentication failed mismatched key, ADD or tag | |
202 | tmplen = -1; | |
203 | } | |
204 | ||
1e59de90 | 205 | EVP_CIPHER_CTX_free(ctx); |
7c673cae FG |
206 | return tmplen; |
207 | } | |
208 | ||
209 | static inline | |
210 | int openssl_aes_gcm_enc(uint8_t * key, uint8_t * iv, int iv_len, uint8_t * aad, | |
211 | int aad_len, uint8_t * tag, int tag_len, uint8_t * plaintext, | |
212 | int len, uint8_t * cyphertext) | |
213 | { | |
214 | int outlen, tmplen; | |
1e59de90 TL |
215 | EVP_CIPHER_CTX *ctx; |
216 | ctx = EVP_CIPHER_CTX_new(); | |
7c673cae FG |
217 | |
218 | //printf("ivl:%x addl:%x tagl:%x ptl:%x\n", iv_len, aad_len, tag_len, len); | |
7c673cae FG |
219 | if (!EVP_EncryptInit_ex(ctx, EVP_aes_128_gcm(), NULL, NULL, NULL)) |
220 | printf("\n ERROR!! EVP_EncryptInit_ex - EVP_aes_128_cbc\n"); | |
221 | if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_IVLEN, iv_len, NULL)) | |
222 | printf("\n ERROR!! EVP_CIPHER_CTX_ctrl - IV length init\n"); | |
223 | if (!EVP_EncryptInit_ex(ctx, NULL, NULL, key, iv)) | |
224 | printf("\n ERROR!! EVP_EncryptInit_ex - init\n"); | |
225 | if (!EVP_EncryptUpdate(ctx, NULL, &outlen, aad, aad_len)) | |
226 | printf("\n ERROR!! EVP_EncryptUpdate - aad insert\n"); | |
227 | if (!EVP_EncryptUpdate(ctx, cyphertext, &outlen, (const uint8_t *)plaintext, len)) | |
228 | printf("\n ERROR!! EVP_EncryptUpdate - EVP_aes_128_cbc\n"); | |
229 | if (!EVP_EncryptFinal_ex(ctx, cyphertext + outlen, &tmplen)) | |
230 | printf("\n ERROR!! EVP_EncryptFinal_ex - EVP_aes_128_cbc\n"); | |
231 | if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_GET_TAG, tag_len, tag)) | |
232 | printf("\n ERROR!! EVP_CIPHER_CTX_ctrl - tag \n"); | |
233 | ||
1e59de90 | 234 | EVP_CIPHER_CTX_free(ctx); |
7c673cae FG |
235 | return tmplen; |
236 | } | |
237 | ||
238 | static inline | |
239 | int openssl_aes_256_gcm_dec(uint8_t * key, uint8_t * iv, int iv_len, uint8_t * aad, | |
240 | int aad_len, uint8_t * tag, int tag_len, uint8_t * cyphertext, | |
241 | int len, uint8_t * plaintext) | |
242 | { | |
243 | int outlen = 0, tmplen = len, ret; | |
1e59de90 TL |
244 | EVP_CIPHER_CTX *ctx; |
245 | ctx = EVP_CIPHER_CTX_new(); | |
7c673cae | 246 | |
7c673cae FG |
247 | if (!EVP_DecryptInit_ex(ctx, EVP_aes_256_gcm(), NULL, NULL, NULL)) |
248 | printf("\n ERROR!! EVP_DecryptInit_ex - EVP_aes_128_gcm\n"); | |
249 | if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_TAG, tag_len, tag)) | |
250 | printf("\n ERROR!! EVP_CIPHER_CTX_ctrl - set tag\n"); | |
251 | if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_IVLEN, iv_len, NULL)) | |
252 | printf("\n ERROR!! EVP_CIPHER_CTX_ctrl - IV length init\n"); | |
253 | if (!EVP_DecryptInit_ex(ctx, NULL, NULL, key, iv)) | |
254 | printf("\n ERROR!! EVP_DecryptInit_ex - key init\n"); | |
255 | if (!EVP_DecryptUpdate(ctx, NULL, &outlen, aad, aad_len)) | |
256 | printf("\n ERROR!! EVP_DecryptUpdate - aad data setup\n"); | |
257 | if (!EVP_DecryptUpdate | |
258 | (ctx, plaintext, &outlen, (const unsigned char *)cyphertext, len)) | |
259 | printf("\n ERROR!! EVP_DecryptUpdate - PT->CT\n"); | |
260 | if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_TAG, tag_len, tag)) | |
261 | printf("\n ERROR!! EVP_CIPHER_CTX_ctrl - set tag\n"); | |
262 | ret = EVP_DecryptFinal_ex(ctx, plaintext + outlen, &tmplen); | |
263 | if (0 < ret) { | |
264 | tmplen += outlen; | |
265 | } else { | |
266 | //Authentication failed mismatched key, ADD or tag | |
267 | tmplen = -1; | |
268 | } | |
269 | ||
1e59de90 | 270 | EVP_CIPHER_CTX_free(ctx); |
7c673cae FG |
271 | return tmplen; |
272 | } | |
273 | ||
274 | static inline | |
275 | int openssl_aes_256_gcm_enc(uint8_t * key, uint8_t * iv, int iv_len, uint8_t * aad, | |
276 | int aad_len, uint8_t * tag, int tag_len, uint8_t * plaintext, | |
277 | int len, uint8_t * cyphertext) | |
278 | { | |
279 | int outlen, tmplen; | |
1e59de90 TL |
280 | EVP_CIPHER_CTX *ctx; |
281 | ctx = EVP_CIPHER_CTX_new(); | |
7c673cae | 282 | |
7c673cae FG |
283 | if (!EVP_EncryptInit_ex(ctx, EVP_aes_256_gcm(), NULL, NULL, NULL)) |
284 | printf("\n ERROR!! EVP_EncryptInit_ex - EVP_aes_128_cbc\n"); | |
285 | if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_IVLEN, iv_len, NULL)) | |
286 | printf("\n ERROR!! EVP_CIPHER_CTX_ctrl - IV length init\n"); | |
287 | if (!EVP_EncryptInit_ex(ctx, NULL, NULL, key, iv)) | |
288 | printf("\n ERROR!! EVP_EncryptInit_ex - init\n"); | |
289 | if (!EVP_EncryptUpdate(ctx, NULL, &outlen, aad, aad_len)) | |
290 | printf("\n ERROR!! EVP_EncryptUpdate - aad insert\n"); | |
291 | if (!EVP_EncryptUpdate(ctx, cyphertext, &outlen, (const uint8_t *)plaintext, len)) | |
292 | printf("\n ERROR!! EVP_EncryptUpdate - EVP_aes_128_cbc\n"); | |
293 | if (!EVP_EncryptFinal_ex(ctx, cyphertext + outlen, &tmplen)) | |
294 | printf("\n ERROR!! EVP_EncryptFinal_ex - EVP_aes_128_cbc\n"); | |
295 | if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_GET_TAG, tag_len, tag)) | |
296 | printf("\n ERROR!! EVP_CIPHER_CTX_ctrl - tag \n"); | |
297 | ||
1e59de90 | 298 | EVP_CIPHER_CTX_free(ctx); |
7c673cae FG |
299 | return tmplen; |
300 | } | |
301 | ||
302 | #endif /* AES_OSSL_HELPER_H_ */ |