]>
git.proxmox.com Git - mirror_edk2.git/blob - CryptoPkg/Library/BaseCryptLib/Cipher/CryptAes.c
2 AES Wrapper Implementation over OpenSSL.
4 Copyright (c) 2010 - 2018, Intel Corporation. All rights reserved.<BR>
5 SPDX-License-Identifier: BSD-2-Clause-Patent
9 #include "InternalCryptLib.h"
10 #include <openssl/aes.h>
13 Retrieves the size, in bytes, of the context buffer required for AES operations.
15 @return The size, in bytes, of the context buffer required for AES operations.
25 // AES uses different key contexts for encryption and decryption, so here memory
26 // for 2 copies of AES_KEY is allocated.
28 return (UINTN
) (2 * sizeof (AES_KEY
));
32 Initializes user-supplied memory as AES context for subsequent use.
34 This function initializes user-supplied memory pointed by AesContext as AES context.
35 In addition, it sets up all AES key materials for subsequent encryption and decryption
37 There are 3 options for key length, 128 bits, 192 bits, and 256 bits.
39 If AesContext is NULL, then return FALSE.
40 If Key is NULL, then return FALSE.
41 If KeyLength is not valid, then return FALSE.
43 @param[out] AesContext Pointer to AES context being initialized.
44 @param[in] Key Pointer to the user-supplied AES key.
45 @param[in] KeyLength Length of AES key in bits.
47 @retval TRUE AES context initialization succeeded.
48 @retval FALSE AES context initialization failed.
62 // Check input parameters.
64 if (AesContext
== NULL
|| Key
== NULL
|| (KeyLength
!= 128 && KeyLength
!= 192 && KeyLength
!= 256)) {
69 // Initialize AES encryption & decryption key schedule.
71 AesKey
= (AES_KEY
*) AesContext
;
72 if (AES_set_encrypt_key (Key
, (UINT32
) KeyLength
, AesKey
) != 0) {
75 if (AES_set_decrypt_key (Key
, (UINT32
) KeyLength
, AesKey
+ 1) != 0) {
82 Performs AES encryption on a data buffer of the specified size in ECB mode.
84 This function performs AES encryption on data buffer pointed by Input, of specified
85 size of InputSize, in ECB mode.
86 InputSize must be multiple of block size (16 bytes). This function does not perform
87 padding. Caller must perform padding, if necessary, to ensure valid input data size.
88 AesContext should be already correctly initialized by AesInit(). Behavior with
89 invalid AES context is undefined.
91 If AesContext is NULL, then return FALSE.
92 If Input is NULL, then return FALSE.
93 If InputSize is not multiple of block size (16 bytes), then return FALSE.
94 If Output is NULL, then return FALSE.
96 @param[in] AesContext Pointer to the AES context.
97 @param[in] Input Pointer to the buffer containing the data to be encrypted.
98 @param[in] InputSize Size of the Input buffer in bytes.
99 @param[out] Output Pointer to a buffer that receives the AES encryption output.
101 @retval TRUE AES encryption succeeded.
102 @retval FALSE AES encryption failed.
109 IN CONST UINT8
*Input
,
117 // Check input parameters.
119 if (AesContext
== NULL
|| Input
== NULL
|| (InputSize
% AES_BLOCK_SIZE
) != 0 || Output
== NULL
) {
123 AesKey
= (AES_KEY
*) AesContext
;
126 // Perform AES data encryption with ECB mode (block-by-block)
128 while (InputSize
> 0) {
129 AES_ecb_encrypt (Input
, Output
, AesKey
, AES_ENCRYPT
);
130 Input
+= AES_BLOCK_SIZE
;
131 Output
+= AES_BLOCK_SIZE
;
132 InputSize
-= AES_BLOCK_SIZE
;
139 Performs AES decryption on a data buffer of the specified size in ECB mode.
141 This function performs AES decryption on data buffer pointed by Input, of specified
142 size of InputSize, in ECB mode.
143 InputSize must be multiple of block size (16 bytes). This function does not perform
144 padding. Caller must perform padding, if necessary, to ensure valid input data size.
145 AesContext should be already correctly initialized by AesInit(). Behavior with
146 invalid AES context is undefined.
148 If AesContext is NULL, then return FALSE.
149 If Input is NULL, then return FALSE.
150 If InputSize is not multiple of block size (16 bytes), then return FALSE.
151 If Output is NULL, then return FALSE.
153 @param[in] AesContext Pointer to the AES context.
154 @param[in] Input Pointer to the buffer containing the data to be decrypted.
155 @param[in] InputSize Size of the Input buffer in bytes.
156 @param[out] Output Pointer to a buffer that receives the AES decryption output.
158 @retval TRUE AES decryption succeeded.
159 @retval FALSE AES decryption failed.
166 IN CONST UINT8
*Input
,
174 // Check input parameters.
176 if (AesContext
== NULL
|| Input
== NULL
|| (InputSize
% AES_BLOCK_SIZE
) != 0 || Output
== NULL
) {
180 AesKey
= (AES_KEY
*) AesContext
;
183 // Perform AES data decryption with ECB mode (block-by-block)
185 while (InputSize
> 0) {
186 AES_ecb_encrypt (Input
, Output
, AesKey
+ 1, AES_DECRYPT
);
187 Input
+= AES_BLOCK_SIZE
;
188 Output
+= AES_BLOCK_SIZE
;
189 InputSize
-= AES_BLOCK_SIZE
;
196 Performs AES encryption on a data buffer of the specified size in CBC mode.
198 This function performs AES encryption on data buffer pointed by Input, of specified
199 size of InputSize, in CBC mode.
200 InputSize must be multiple of block size (16 bytes). This function does not perform
201 padding. Caller must perform padding, if necessary, to ensure valid input data size.
202 Initialization vector should be one block size (16 bytes).
203 AesContext should be already correctly initialized by AesInit(). Behavior with
204 invalid AES context is undefined.
206 If AesContext is NULL, then return FALSE.
207 If Input is NULL, then return FALSE.
208 If InputSize is not multiple of block size (16 bytes), then return FALSE.
209 If Ivec is NULL, then return FALSE.
210 If Output is NULL, then return FALSE.
212 @param[in] AesContext Pointer to the AES context.
213 @param[in] Input Pointer to the buffer containing the data to be encrypted.
214 @param[in] InputSize Size of the Input buffer in bytes.
215 @param[in] Ivec Pointer to initialization vector.
216 @param[out] Output Pointer to a buffer that receives the AES encryption output.
218 @retval TRUE AES encryption succeeded.
219 @retval FALSE AES encryption failed.
226 IN CONST UINT8
*Input
,
228 IN CONST UINT8
*Ivec
,
233 UINT8 IvecBuffer
[AES_BLOCK_SIZE
];
236 // Check input parameters.
238 if (AesContext
== NULL
|| Input
== NULL
|| (InputSize
% AES_BLOCK_SIZE
) != 0) {
242 if (Ivec
== NULL
|| Output
== NULL
|| InputSize
> INT_MAX
) {
246 AesKey
= (AES_KEY
*) AesContext
;
247 CopyMem (IvecBuffer
, Ivec
, AES_BLOCK_SIZE
);
250 // Perform AES data encryption with CBC mode
252 AES_cbc_encrypt (Input
, Output
, (UINT32
) InputSize
, AesKey
, IvecBuffer
, AES_ENCRYPT
);
258 Performs AES decryption on a data buffer of the specified size in CBC mode.
260 This function performs AES decryption on data buffer pointed by Input, of specified
261 size of InputSize, in CBC mode.
262 InputSize must be multiple of block size (16 bytes). This function does not perform
263 padding. Caller must perform padding, if necessary, to ensure valid input data size.
264 Initialization vector should be one block size (16 bytes).
265 AesContext should be already correctly initialized by AesInit(). Behavior with
266 invalid AES context is undefined.
268 If AesContext is NULL, then return FALSE.
269 If Input is NULL, then return FALSE.
270 If InputSize is not multiple of block size (16 bytes), then return FALSE.
271 If Ivec is NULL, then return FALSE.
272 If Output is NULL, then return FALSE.
274 @param[in] AesContext Pointer to the AES context.
275 @param[in] Input Pointer to the buffer containing the data to be encrypted.
276 @param[in] InputSize Size of the Input buffer in bytes.
277 @param[in] Ivec Pointer to initialization vector.
278 @param[out] Output Pointer to a buffer that receives the AES encryption output.
280 @retval TRUE AES decryption succeeded.
281 @retval FALSE AES decryption failed.
288 IN CONST UINT8
*Input
,
290 IN CONST UINT8
*Ivec
,
295 UINT8 IvecBuffer
[AES_BLOCK_SIZE
];
298 // Check input parameters.
300 if (AesContext
== NULL
|| Input
== NULL
|| (InputSize
% AES_BLOCK_SIZE
) != 0) {
304 if (Ivec
== NULL
|| Output
== NULL
|| InputSize
> INT_MAX
) {
308 AesKey
= (AES_KEY
*) AesContext
;
309 CopyMem (IvecBuffer
, Ivec
, AES_BLOCK_SIZE
);
312 // Perform AES data decryption with CBC mode
314 AES_cbc_encrypt (Input
, Output
, (UINT32
) InputSize
, AesKey
+ 1, IvecBuffer
, AES_DECRYPT
);