]>
git.proxmox.com Git - mirror_edk2.git/blob - CryptoPkg/Library/BaseCryptLib/Cipher/CryptAes.c
2 AES Wrapper Implementation over OpenSSL.
4 Copyright (c) 2010 - 2012, Intel Corporation. All rights reserved.<BR>
5 This program and the accompanying materials
6 are licensed and made available under the terms and conditions of the BSD License
7 which accompanies this distribution. The full text of the license may be found at
8 http://opensource.org/licenses/bsd-license.php
10 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
11 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
15 #include "InternalCryptLib.h"
16 #include <openssl/aes.h>
19 Retrieves the size, in bytes, of the context buffer required for AES operations.
21 @return The size, in bytes, of the context buffer required for AES operations.
31 // AES uses different key contexts for encryption and decryption, so here memory
32 // for 2 copies of AES_KEY is allocated.
34 return (UINTN
) (2 * sizeof (AES_KEY
));
38 Initializes user-supplied memory as AES context for subsequent use.
40 This function initializes user-supplied memory pointed by AesContext as AES context.
41 In addtion, it sets up all AES key materials for subsequent encryption and decryption
43 There are 3 options for key length, 128 bits, 192 bits, and 256 bits.
45 If AesContext is NULL, then return FALSE.
46 If Key is NULL, then return FALSE.
47 If KeyLength is not valid, then return FALSE.
49 @param[out] AesContext Pointer to AES context being initialized.
50 @param[in] Key Pointer to the user-supplied AES key.
51 @param[in] KeyLength Length of AES key in bits.
53 @retval TRUE AES context initialization succeeded.
54 @retval FALSE AES context initialization failed.
68 // Check input parameters.
70 if (AesContext
== NULL
|| Key
== NULL
|| (KeyLength
!= 128 && KeyLength
!= 192 && KeyLength
!= 256)) {
75 // Initialize AES encryption & decryption key schedule.
77 AesKey
= (AES_KEY
*) AesContext
;
78 if (AES_set_encrypt_key (Key
, (UINT32
) KeyLength
, AesKey
) != 0) {
81 if (AES_set_decrypt_key (Key
, (UINT32
) KeyLength
, AesKey
+ 1) != 0) {
88 Performs AES encryption on a data buffer of the specified size in ECB mode.
90 This function performs AES encryption on data buffer pointed by Input, of specified
91 size of InputSize, in ECB mode.
92 InputSize must be multiple of block size (16 bytes). This function does not perform
93 padding. Caller must perform padding, if necessary, to ensure valid input data size.
94 AesContext should be already correctly initialized by AesInit(). Behavior with
95 invalid AES context is undefined.
97 If AesContext is NULL, then return FALSE.
98 If Input is NULL, then return FALSE.
99 If InputSize is not multiple of block size (16 bytes), then return FALSE.
100 If Output is NULL, then return FALSE.
102 @param[in] AesContext Pointer to the AES context.
103 @param[in] Input Pointer to the buffer containing the data to be encrypted.
104 @param[in] InputSize Size of the Input buffer in bytes.
105 @param[out] Output Pointer to a buffer that receives the AES encryption output.
107 @retval TRUE AES encryption succeeded.
108 @retval FALSE AES encryption failed.
115 IN CONST UINT8
*Input
,
123 // Check input parameters.
125 if (AesContext
== NULL
|| Input
== NULL
|| (InputSize
% AES_BLOCK_SIZE
) != 0 || Output
== NULL
) {
129 AesKey
= (AES_KEY
*) AesContext
;
132 // Perform AES data encryption with ECB mode (block-by-block)
134 while (InputSize
> 0) {
135 AES_ecb_encrypt (Input
, Output
, AesKey
, AES_ENCRYPT
);
136 Input
+= AES_BLOCK_SIZE
;
137 Output
+= AES_BLOCK_SIZE
;
138 InputSize
-= AES_BLOCK_SIZE
;
145 Performs AES decryption on a data buffer of the specified size in ECB mode.
147 This function performs AES decryption on data buffer pointed by Input, of specified
148 size of InputSize, in ECB mode.
149 InputSize must be multiple of block size (16 bytes). This function does not perform
150 padding. Caller must perform padding, if necessary, to ensure valid input data size.
151 AesContext should be already correctly initialized by AesInit(). Behavior with
152 invalid AES context is undefined.
154 If AesContext is NULL, then return FALSE.
155 If Input is NULL, then return FALSE.
156 If InputSize is not multiple of block size (16 bytes), then return FALSE.
157 If Output is NULL, then return FALSE.
159 @param[in] AesContext Pointer to the AES context.
160 @param[in] Input Pointer to the buffer containing the data to be decrypted.
161 @param[in] InputSize Size of the Input buffer in bytes.
162 @param[out] Output Pointer to a buffer that receives the AES decryption output.
164 @retval TRUE AES decryption succeeded.
165 @retval FALSE AES decryption failed.
172 IN CONST UINT8
*Input
,
180 // Check input parameters.
182 if (AesContext
== NULL
|| Input
== NULL
|| (InputSize
% AES_BLOCK_SIZE
) != 0 || Output
== NULL
) {
186 AesKey
= (AES_KEY
*) AesContext
;
189 // Perform AES data decryption with ECB mode (block-by-block)
191 while (InputSize
> 0) {
192 AES_ecb_encrypt (Input
, Output
, AesKey
+ 1, AES_DECRYPT
);
193 Input
+= AES_BLOCK_SIZE
;
194 Output
+= AES_BLOCK_SIZE
;
195 InputSize
-= AES_BLOCK_SIZE
;
202 Performs AES encryption on a data buffer of the specified size in CBC mode.
204 This function performs AES encryption on data buffer pointed by Input, of specified
205 size of InputSize, in CBC mode.
206 InputSize must be multiple of block size (16 bytes). This function does not perform
207 padding. Caller must perform padding, if necessary, to ensure valid input data size.
208 Initialization vector should be one block size (16 bytes).
209 AesContext should be already correctly initialized by AesInit(). Behavior with
210 invalid AES context is undefined.
212 If AesContext is NULL, then return FALSE.
213 If Input is NULL, then return FALSE.
214 If InputSize is not multiple of block size (16 bytes), then return FALSE.
215 If Ivec is NULL, then return FALSE.
216 If Output is NULL, then return FALSE.
218 @param[in] AesContext Pointer to the AES context.
219 @param[in] Input Pointer to the buffer containing the data to be encrypted.
220 @param[in] InputSize Size of the Input buffer in bytes.
221 @param[in] Ivec Pointer to initialization vector.
222 @param[out] Output Pointer to a buffer that receives the AES encryption output.
224 @retval TRUE AES encryption succeeded.
225 @retval FALSE AES encryption failed.
232 IN CONST UINT8
*Input
,
234 IN CONST UINT8
*Ivec
,
239 UINT8 IvecBuffer
[AES_BLOCK_SIZE
];
242 // Check input parameters.
244 if (AesContext
== NULL
|| Input
== NULL
|| (InputSize
% AES_BLOCK_SIZE
) != 0 || Ivec
== NULL
|| Output
== NULL
) {
248 AesKey
= (AES_KEY
*) AesContext
;
249 CopyMem (IvecBuffer
, Ivec
, AES_BLOCK_SIZE
);
252 // Perform AES data encryption with CBC mode
254 AES_cbc_encrypt (Input
, Output
, (UINT32
) InputSize
, AesKey
, IvecBuffer
, AES_ENCRYPT
);
260 Performs AES decryption on a data buffer of the specified size in CBC mode.
262 This function performs AES decryption on data buffer pointed by Input, of specified
263 size of InputSize, in CBC mode.
264 InputSize must be multiple of block size (16 bytes). This function does not perform
265 padding. Caller must perform padding, if necessary, to ensure valid input data size.
266 Initialization vector should be one block size (16 bytes).
267 AesContext should be already correctly initialized by AesInit(). Behavior with
268 invalid AES context is undefined.
270 If AesContext is NULL, then return FALSE.
271 If Input is NULL, then return FALSE.
272 If InputSize is not multiple of block size (16 bytes), then return FALSE.
273 If Ivec is NULL, then return FALSE.
274 If Output is NULL, then return FALSE.
276 @param[in] AesContext Pointer to the AES context.
277 @param[in] Input Pointer to the buffer containing the data to be encrypted.
278 @param[in] InputSize Size of the Input buffer in bytes.
279 @param[in] Ivec Pointer to initialization vector.
280 @param[out] Output Pointer to a buffer that receives the AES encryption output.
282 @retval TRUE AES decryption succeeded.
283 @retval FALSE AES decryption failed.
290 IN CONST UINT8
*Input
,
292 IN CONST UINT8
*Ivec
,
297 UINT8 IvecBuffer
[AES_BLOCK_SIZE
];
300 // Check input parameters.
302 if (AesContext
== NULL
|| Input
== NULL
|| (InputSize
% AES_BLOCK_SIZE
) != 0 || Ivec
== NULL
|| Output
== NULL
) {
306 AesKey
= (AES_KEY
*) AesContext
;
307 CopyMem (IvecBuffer
, Ivec
, AES_BLOCK_SIZE
);
310 // Perform AES data decryption with CBC mode
312 AES_cbc_encrypt (Input
, Output
, (UINT32
) InputSize
, AesKey
+ 1, IvecBuffer
, AES_DECRYPT
);