]> git.proxmox.com Git - mirror_edk2.git/blob - CryptoPkg/Library/BaseCryptLib/Cipher/CryptAeadAesGcm.c
projects / mirror_edk2.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
CryptoPkg/Library/BaseCryptLib: Add missing UNI file and fix format
[mirror_edk2.git] / CryptoPkg / Library / BaseCryptLib / Cipher / CryptAeadAesGcm.c
1 /** @file
2 AEAD (AES-GCM) Wrapper Implementation over OpenSSL.
3
4 RFC 5116 - An Interface and Algorithms for Authenticated Encryption
5 NIST SP800-38d - Cipher Modes of Operation: Galois / Counter Mode(GCM) and GMAC
6
7 Copyright (c) 2022, Intel Corporation. All rights reserved.<BR>
8 SPDX-License-Identifier: BSD-2-Clause-Patent
9
10 **/
11
12 #include "InternalCryptLib.h"
13 #include <openssl/aes.h>
14 #include <openssl/evp.h>
15
16 /**
17 Performs AEAD AES-GCM authenticated encryption on a data buffer and additional authenticated data (AAD).
18
19 IvSize must be 12, otherwise FALSE is returned.
20 KeySize must be 16, 24 or 32, otherwise FALSE is returned.
21 TagSize must be 12, 13, 14, 15, 16, otherwise FALSE is returned.
22
23 @param[in] Key Pointer to the encryption key.
24 @param[in] KeySize Size of the encryption key in bytes.
25 @param[in] Iv Pointer to the IV value.
26 @param[in] IvSize Size of the IV value in bytes.
27 @param[in] AData Pointer to the additional authenticated data (AAD).
28 @param[in] ADataSize Size of the additional authenticated data (AAD) in bytes.
29 @param[in] DataIn Pointer to the input data buffer to be encrypted.
30 @param[in] DataInSize Size of the input data buffer in bytes.
31 @param[out] TagOut Pointer to a buffer that receives the authentication tag output.
32 @param[in] TagSize Size of the authentication tag in bytes.
33 @param[out] DataOut Pointer to a buffer that receives the encryption output.
34 @param[out] DataOutSize Size of the output data buffer in bytes.
35
36 @retval TRUE AEAD AES-GCM authenticated encryption succeeded.
37 @retval FALSE AEAD AES-GCM authenticated encryption failed.
38
39 **/
40 BOOLEAN
41 EFIAPI
42 AeadAesGcmEncrypt (
43 IN CONST UINT8 *Key,
44 IN UINTN KeySize,
45 IN CONST UINT8 *Iv,
46 IN UINTN IvSize,
47 IN CONST UINT8 *AData,
48 IN UINTN ADataSize,
49 IN CONST UINT8 *DataIn,
50 IN UINTN DataInSize,
51 OUT UINT8 *TagOut,
52 IN UINTN TagSize,
53 OUT UINT8 *DataOut,
54 OUT UINTN *DataOutSize
55 )
56 {
57 EVP_CIPHER_CTX *Ctx;
58 CONST EVP_CIPHER *Cipher;
59 UINTN TempOutSize;
60 BOOLEAN RetValue;
61
62 if (DataInSize > INT_MAX) {
63 return FALSE;
64 }
65
66 if (ADataSize > INT_MAX) {
67 return FALSE;
68 }
69
70 if (IvSize != 12) {
71 return FALSE;
72 }
73
74 switch (KeySize) {
75 case 16:
76 Cipher = EVP_aes_128_gcm ();
77 break;
78 case 24:
79 Cipher = EVP_aes_192_gcm ();
80 break;
81 case 32:
82 Cipher = EVP_aes_256_gcm ();
83 break;
84 default:
85 return FALSE;
86 }
87
88 if ((TagSize != 12) && (TagSize != 13) && (TagSize != 14) && (TagSize != 15) && (TagSize != 16)) {
89 return FALSE;
90 }
91
92 if (DataOutSize != NULL) {
93 if ((*DataOutSize > INT_MAX) || (*DataOutSize < DataInSize)) {
94 return FALSE;
95 }
96 }
97
98 Ctx = EVP_CIPHER_CTX_new ();
99 if (Ctx == NULL) {
100 return FALSE;
101 }
102
103 RetValue = (BOOLEAN)EVP_EncryptInit_ex (Ctx, Cipher, NULL, NULL, NULL);
104 if (!RetValue) {
105 goto Done;
106 }
107
108 RetValue = (BOOLEAN)EVP_CIPHER_CTX_ctrl (Ctx, EVP_CTRL_GCM_SET_IVLEN, (INT32)IvSize, NULL);
109 if (!RetValue) {
110 goto Done;
111 }
112
113 RetValue = (BOOLEAN)EVP_EncryptInit_ex (Ctx, NULL, NULL, Key, Iv);
114 if (!RetValue) {
115 goto Done;
116 }
117
118 RetValue = (BOOLEAN)EVP_EncryptUpdate (Ctx, NULL, (INT32 *)&TempOutSize, AData, (INT32)ADataSize);
119 if (!RetValue) {
120 goto Done;
121 }
122
123 RetValue = (BOOLEAN)EVP_EncryptUpdate (Ctx, DataOut, (INT32 *)&TempOutSize, DataIn, (INT32)DataInSize);
124 if (!RetValue) {
125 goto Done;
126 }
127
128 RetValue = (BOOLEAN)EVP_EncryptFinal_ex (Ctx, DataOut, (INT32 *)&TempOutSize);
129 if (!RetValue) {
130 goto Done;
131 }
132
133 RetValue = (BOOLEAN)EVP_CIPHER_CTX_ctrl (Ctx, EVP_CTRL_GCM_GET_TAG, (INT32)TagSize, (VOID *)TagOut);
134
135 Done:
136 EVP_CIPHER_CTX_free (Ctx);
137 if (!RetValue) {
138 return RetValue;
139 }
140
141 if (DataOutSize != NULL) {
142 *DataOutSize = DataInSize;
143 }
144
145 return RetValue;
146 }
147
148 /**
149 Performs AEAD AES-GCM authenticated decryption on a data buffer and additional authenticated data (AAD).
150
151 IvSize must be 12, otherwise FALSE is returned.
152 KeySize must be 16, 24 or 32, otherwise FALSE is returned.
153 TagSize must be 12, 13, 14, 15, 16, otherwise FALSE is returned.
154 If additional authenticated data verification fails, FALSE is returned.
155
156 @param[in] Key Pointer to the encryption key.
157 @param[in] KeySize Size of the encryption key in bytes.
158 @param[in] Iv Pointer to the IV value.
159 @param[in] IvSize Size of the IV value in bytes.
160 @param[in] AData Pointer to the additional authenticated data (AAD).
161 @param[in] ADataSize Size of the additional authenticated data (AAD) in bytes.
162 @param[in] DataIn Pointer to the input data buffer to be decrypted.
163 @param[in] DataInSize Size of the input data buffer in bytes.
164 @param[in] Tag Pointer to a buffer that contains the authentication tag.
165 @param[in] TagSize Size of the authentication tag in bytes.
166 @param[out] DataOut Pointer to a buffer that receives the decryption output.
167 @param[out] DataOutSize Size of the output data buffer in bytes.
168
169 @retval TRUE AEAD AES-GCM authenticated decryption succeeded.
170 @retval FALSE AEAD AES-GCM authenticated decryption failed.
171
172 **/
173 BOOLEAN
174 EFIAPI
175 AeadAesGcmDecrypt (
176 IN CONST UINT8 *Key,
177 IN UINTN KeySize,
178 IN CONST UINT8 *Iv,
179 IN UINTN IvSize,
180 IN CONST UINT8 *AData,
181 IN UINTN ADataSize,
182 IN CONST UINT8 *DataIn,
183 IN UINTN DataInSize,
184 IN CONST UINT8 *Tag,
185 IN UINTN TagSize,
186 OUT UINT8 *DataOut,
187 OUT UINTN *DataOutSize
188 )
189 {
190 EVP_CIPHER_CTX *Ctx;
191 CONST EVP_CIPHER *Cipher;
192 UINTN TempOutSize;
193 BOOLEAN RetValue;
194
195 if (DataInSize > INT_MAX) {
196 return FALSE;
197 }
198
199 if (ADataSize > INT_MAX) {
200 return FALSE;
201 }
202
203 if (IvSize != 12) {
204 return FALSE;
205 }
206
207 switch (KeySize) {
208 case 16:
209 Cipher = EVP_aes_128_gcm ();
210 break;
211 case 24:
212 Cipher = EVP_aes_192_gcm ();
213 break;
214 case 32:
215 Cipher = EVP_aes_256_gcm ();
216 break;
217 default:
218 return FALSE;
219 }
220
221 if ((TagSize != 12) && (TagSize != 13) && (TagSize != 14) && (TagSize != 15) && (TagSize != 16)) {
222 return FALSE;
223 }
224
225 if (DataOutSize != NULL) {
226 if ((*DataOutSize > INT_MAX) || (*DataOutSize < DataInSize)) {
227 return FALSE;
228 }
229 }
230
231 Ctx = EVP_CIPHER_CTX_new ();
232 if (Ctx == NULL) {
233 return FALSE;
234 }
235
236 RetValue = (BOOLEAN)EVP_DecryptInit_ex (Ctx, Cipher, NULL, NULL, NULL);
237 if (!RetValue) {
238 goto Done;
239 }
240
241 RetValue = (BOOLEAN)EVP_CIPHER_CTX_ctrl (Ctx, EVP_CTRL_GCM_SET_IVLEN, (INT32)IvSize, NULL);
242 if (!RetValue) {
243 goto Done;
244 }
245
246 RetValue = (BOOLEAN)EVP_DecryptInit_ex (Ctx, NULL, NULL, Key, Iv);
247 if (!RetValue) {
248 goto Done;
249 }
250
251 RetValue = (BOOLEAN)EVP_DecryptUpdate (Ctx, NULL, (INT32 *)&TempOutSize, AData, (INT32)ADataSize);
252 if (!RetValue) {
253 goto Done;
254 }
255
256 RetValue = (BOOLEAN)EVP_DecryptUpdate (Ctx, DataOut, (INT32 *)&TempOutSize, DataIn, (INT32)DataInSize);
257 if (!RetValue) {
258 goto Done;
259 }
260
261 RetValue = (BOOLEAN)EVP_CIPHER_CTX_ctrl (Ctx, EVP_CTRL_GCM_SET_TAG, (INT32)TagSize, (VOID *)Tag);
262 if (!RetValue) {
263 goto Done;
264 }
265
266 RetValue = (BOOLEAN)EVP_DecryptFinal_ex (Ctx, DataOut, (INT32 *)&TempOutSize);
267
268 Done:
269 EVP_CIPHER_CTX_free (Ctx);
270 if (!RetValue) {
271 return RetValue;
272 }
273
274 if (DataOutSize != NULL) {
275 *DataOutSize = DataInSize;
276 }
277
278 return RetValue;
279 }
EFI Development Kit II mirror for PVE