]>
git.proxmox.com Git - mirror_edk2.git/blob - CryptoPkg/Library/BaseCryptLib/Cipher/CryptAes.c
2 AES Wrapper Implementation over OpenSSL.
4 Copyright (c) 2010 - 2018, Intel Corporation. All rights reserved.<BR>
5 This program and the accompanying materials
6 are licensed and made available under the terms and conditions of the BSD License
7 which accompanies this distribution. The full text of the license may be found at
8 http://opensource.org/licenses/bsd-license.php
10 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
11 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
15 #include "InternalCryptLib.h"
16 #include <openssl/aes.h>
19 Retrieves the size, in bytes, of the context buffer required for AES operations.
21 @return The size, in bytes, of the context buffer required for AES operations.
31 // AES uses different key contexts for encryption and decryption, so here memory
32 // for 2 copies of AES_KEY is allocated.
34 return (UINTN
) (2 * sizeof (AES_KEY
));
38 Initializes user-supplied memory as AES context for subsequent use.
40 This function initializes user-supplied memory pointed by AesContext as AES context.
41 In addition, it sets up all AES key materials for subsequent encryption and decryption
43 There are 3 options for key length, 128 bits, 192 bits, and 256 bits.
45 If AesContext is NULL, then return FALSE.
46 If Key is NULL, then return FALSE.
47 If KeyLength is not valid, then return FALSE.
49 @param[out] AesContext Pointer to AES context being initialized.
50 @param[in] Key Pointer to the user-supplied AES key.
51 @param[in] KeyLength Length of AES key in bits.
53 @retval TRUE AES context initialization succeeded.
54 @retval FALSE AES context initialization failed.
68 // Check input parameters.
70 if (AesContext
== NULL
|| Key
== NULL
|| (KeyLength
!= 128 && KeyLength
!= 192 && KeyLength
!= 256)) {
75 // Initialize AES encryption & decryption key schedule.
77 AesKey
= (AES_KEY
*) AesContext
;
78 if (AES_set_encrypt_key (Key
, (UINT32
) KeyLength
, AesKey
) != 0) {
81 if (AES_set_decrypt_key (Key
, (UINT32
) KeyLength
, AesKey
+ 1) != 0) {
88 Performs AES encryption on a data buffer of the specified size in ECB mode.
90 This function performs AES encryption on data buffer pointed by Input, of specified
91 size of InputSize, in ECB mode.
92 InputSize must be multiple of block size (16 bytes). This function does not perform
93 padding. Caller must perform padding, if necessary, to ensure valid input data size.
94 AesContext should be already correctly initialized by AesInit(). Behavior with
95 invalid AES context is undefined.
97 If AesContext is NULL, then return FALSE.
98 If Input is NULL, then return FALSE.
99 If InputSize is not multiple of block size (16 bytes), then return FALSE.
100 If Output is NULL, then return FALSE.
102 @param[in] AesContext Pointer to the AES context.
103 @param[in] Input Pointer to the buffer containing the data to be encrypted.
104 @param[in] InputSize Size of the Input buffer in bytes.
105 @param[out] Output Pointer to a buffer that receives the AES encryption output.
107 @retval TRUE AES encryption succeeded.
108 @retval FALSE AES encryption failed.
115 IN CONST UINT8
*Input
,
123 // Check input parameters.
125 if (AesContext
== NULL
|| Input
== NULL
|| (InputSize
% AES_BLOCK_SIZE
) != 0 || Output
== NULL
) {
129 AesKey
= (AES_KEY
*) AesContext
;
132 // Perform AES data encryption with ECB mode (block-by-block)
134 while (InputSize
> 0) {
135 AES_ecb_encrypt (Input
, Output
, AesKey
, AES_ENCRYPT
);
136 Input
+= AES_BLOCK_SIZE
;
137 Output
+= AES_BLOCK_SIZE
;
138 InputSize
-= AES_BLOCK_SIZE
;
145 Performs AES decryption on a data buffer of the specified size in ECB mode.
147 This function performs AES decryption on data buffer pointed by Input, of specified
148 size of InputSize, in ECB mode.
149 InputSize must be multiple of block size (16 bytes). This function does not perform
150 padding. Caller must perform padding, if necessary, to ensure valid input data size.
151 AesContext should be already correctly initialized by AesInit(). Behavior with
152 invalid AES context is undefined.
154 If AesContext is NULL, then return FALSE.
155 If Input is NULL, then return FALSE.
156 If InputSize is not multiple of block size (16 bytes), then return FALSE.
157 If Output is NULL, then return FALSE.
159 @param[in] AesContext Pointer to the AES context.
160 @param[in] Input Pointer to the buffer containing the data to be decrypted.
161 @param[in] InputSize Size of the Input buffer in bytes.
162 @param[out] Output Pointer to a buffer that receives the AES decryption output.
164 @retval TRUE AES decryption succeeded.
165 @retval FALSE AES decryption failed.
172 IN CONST UINT8
*Input
,
180 // Check input parameters.
182 if (AesContext
== NULL
|| Input
== NULL
|| (InputSize
% AES_BLOCK_SIZE
) != 0 || Output
== NULL
) {
186 AesKey
= (AES_KEY
*) AesContext
;
189 // Perform AES data decryption with ECB mode (block-by-block)
191 while (InputSize
> 0) {
192 AES_ecb_encrypt (Input
, Output
, AesKey
+ 1, AES_DECRYPT
);
193 Input
+= AES_BLOCK_SIZE
;
194 Output
+= AES_BLOCK_SIZE
;
195 InputSize
-= AES_BLOCK_SIZE
;
202 Performs AES encryption on a data buffer of the specified size in CBC mode.
204 This function performs AES encryption on data buffer pointed by Input, of specified
205 size of InputSize, in CBC mode.
206 InputSize must be multiple of block size (16 bytes). This function does not perform
207 padding. Caller must perform padding, if necessary, to ensure valid input data size.
208 Initialization vector should be one block size (16 bytes).
209 AesContext should be already correctly initialized by AesInit(). Behavior with
210 invalid AES context is undefined.
212 If AesContext is NULL, then return FALSE.
213 If Input is NULL, then return FALSE.
214 If InputSize is not multiple of block size (16 bytes), then return FALSE.
215 If Ivec is NULL, then return FALSE.
216 If Output is NULL, then return FALSE.
218 @param[in] AesContext Pointer to the AES context.
219 @param[in] Input Pointer to the buffer containing the data to be encrypted.
220 @param[in] InputSize Size of the Input buffer in bytes.
221 @param[in] Ivec Pointer to initialization vector.
222 @param[out] Output Pointer to a buffer that receives the AES encryption output.
224 @retval TRUE AES encryption succeeded.
225 @retval FALSE AES encryption failed.
232 IN CONST UINT8
*Input
,
234 IN CONST UINT8
*Ivec
,
239 UINT8 IvecBuffer
[AES_BLOCK_SIZE
];
242 // Check input parameters.
244 if (AesContext
== NULL
|| Input
== NULL
|| (InputSize
% AES_BLOCK_SIZE
) != 0) {
248 if (Ivec
== NULL
|| Output
== NULL
|| InputSize
> INT_MAX
) {
252 AesKey
= (AES_KEY
*) AesContext
;
253 CopyMem (IvecBuffer
, Ivec
, AES_BLOCK_SIZE
);
256 // Perform AES data encryption with CBC mode
258 AES_cbc_encrypt (Input
, Output
, (UINT32
) InputSize
, AesKey
, IvecBuffer
, AES_ENCRYPT
);
264 Performs AES decryption on a data buffer of the specified size in CBC mode.
266 This function performs AES decryption on data buffer pointed by Input, of specified
267 size of InputSize, in CBC mode.
268 InputSize must be multiple of block size (16 bytes). This function does not perform
269 padding. Caller must perform padding, if necessary, to ensure valid input data size.
270 Initialization vector should be one block size (16 bytes).
271 AesContext should be already correctly initialized by AesInit(). Behavior with
272 invalid AES context is undefined.
274 If AesContext is NULL, then return FALSE.
275 If Input is NULL, then return FALSE.
276 If InputSize is not multiple of block size (16 bytes), then return FALSE.
277 If Ivec is NULL, then return FALSE.
278 If Output is NULL, then return FALSE.
280 @param[in] AesContext Pointer to the AES context.
281 @param[in] Input Pointer to the buffer containing the data to be encrypted.
282 @param[in] InputSize Size of the Input buffer in bytes.
283 @param[in] Ivec Pointer to initialization vector.
284 @param[out] Output Pointer to a buffer that receives the AES encryption output.
286 @retval TRUE AES decryption succeeded.
287 @retval FALSE AES decryption failed.
294 IN CONST UINT8
*Input
,
296 IN CONST UINT8
*Ivec
,
301 UINT8 IvecBuffer
[AES_BLOCK_SIZE
];
304 // Check input parameters.
306 if (AesContext
== NULL
|| Input
== NULL
|| (InputSize
% AES_BLOCK_SIZE
) != 0) {
310 if (Ivec
== NULL
|| Output
== NULL
|| InputSize
> INT_MAX
) {
314 AesKey
= (AES_KEY
*) AesContext
;
315 CopyMem (IvecBuffer
, Ivec
, AES_BLOCK_SIZE
);
318 // Perform AES data decryption with CBC mode
320 AES_cbc_encrypt (Input
, Output
, (UINT32
) InputSize
, AesKey
+ 1, IvecBuffer
, AES_DECRYPT
);