]>
git.proxmox.com Git - mirror_edk2.git/blob - CryptoPkg/Library/BaseCryptLib/Cipher/CryptAes.c
2 AES Wrapper Implementation over OpenSSL.
4 Copyright (c) 2010 - 2018, Intel Corporation. All rights reserved.<BR>
5 SPDX-License-Identifier: BSD-2-Clause-Patent
9 #include "InternalCryptLib.h"
10 #include <openssl/aes.h>
13 Retrieves the size, in bytes, of the context buffer required for AES operations.
15 @return The size, in bytes, of the context buffer required for AES operations.
25 // AES uses different key contexts for encryption and decryption, so here memory
26 // for 2 copies of AES_KEY is allocated.
28 return (UINTN
)(2 * sizeof (AES_KEY
));
32 Initializes user-supplied memory as AES context for subsequent use.
34 This function initializes user-supplied memory pointed by AesContext as AES context.
35 In addition, it sets up all AES key materials for subsequent encryption and decryption
37 There are 3 options for key length, 128 bits, 192 bits, and 256 bits.
39 If AesContext is NULL, then return FALSE.
40 If Key is NULL, then return FALSE.
41 If KeyLength is not valid, then return FALSE.
43 @param[out] AesContext Pointer to AES context being initialized.
44 @param[in] Key Pointer to the user-supplied AES key.
45 @param[in] KeyLength Length of AES key in bits.
47 @retval TRUE AES context initialization succeeded.
48 @retval FALSE AES context initialization failed.
62 // Check input parameters.
64 if ((AesContext
== NULL
) || (Key
== NULL
) || ((KeyLength
!= 128) && (KeyLength
!= 192) && (KeyLength
!= 256))) {
69 // Initialize AES encryption & decryption key schedule.
71 AesKey
= (AES_KEY
*)AesContext
;
72 if (AES_set_encrypt_key (Key
, (UINT32
)KeyLength
, AesKey
) != 0) {
76 if (AES_set_decrypt_key (Key
, (UINT32
)KeyLength
, AesKey
+ 1) != 0) {
84 Performs AES encryption on a data buffer of the specified size in CBC mode.
86 This function performs AES encryption on data buffer pointed by Input, of specified
87 size of InputSize, in CBC mode.
88 InputSize must be multiple of block size (16 bytes). This function does not perform
89 padding. Caller must perform padding, if necessary, to ensure valid input data size.
90 Initialization vector should be one block size (16 bytes).
91 AesContext should be already correctly initialized by AesInit(). Behavior with
92 invalid AES context is undefined.
94 If AesContext is NULL, then return FALSE.
95 If Input is NULL, then return FALSE.
96 If InputSize is not multiple of block size (16 bytes), then return FALSE.
97 If Ivec is NULL, then return FALSE.
98 If Output is NULL, then return FALSE.
100 @param[in] AesContext Pointer to the AES context.
101 @param[in] Input Pointer to the buffer containing the data to be encrypted.
102 @param[in] InputSize Size of the Input buffer in bytes.
103 @param[in] Ivec Pointer to initialization vector.
104 @param[out] Output Pointer to a buffer that receives the AES encryption output.
106 @retval TRUE AES encryption succeeded.
107 @retval FALSE AES encryption failed.
114 IN CONST UINT8
*Input
,
116 IN CONST UINT8
*Ivec
,
121 UINT8 IvecBuffer
[AES_BLOCK_SIZE
];
124 // Check input parameters.
126 if ((AesContext
== NULL
) || (Input
== NULL
) || ((InputSize
% AES_BLOCK_SIZE
) != 0)) {
130 if ((Ivec
== NULL
) || (Output
== NULL
) || (InputSize
> INT_MAX
)) {
134 AesKey
= (AES_KEY
*)AesContext
;
135 CopyMem (IvecBuffer
, Ivec
, AES_BLOCK_SIZE
);
138 // Perform AES data encryption with CBC mode
140 AES_cbc_encrypt (Input
, Output
, (UINT32
)InputSize
, AesKey
, IvecBuffer
, AES_ENCRYPT
);
146 Performs AES decryption on a data buffer of the specified size in CBC mode.
148 This function performs AES decryption on data buffer pointed by Input, of specified
149 size of InputSize, in CBC mode.
150 InputSize must be multiple of block size (16 bytes). This function does not perform
151 padding. Caller must perform padding, if necessary, to ensure valid input data size.
152 Initialization vector should be one block size (16 bytes).
153 AesContext should be already correctly initialized by AesInit(). Behavior with
154 invalid AES context is undefined.
156 If AesContext is NULL, then return FALSE.
157 If Input is NULL, then return FALSE.
158 If InputSize is not multiple of block size (16 bytes), then return FALSE.
159 If Ivec is NULL, then return FALSE.
160 If Output is NULL, then return FALSE.
162 @param[in] AesContext Pointer to the AES context.
163 @param[in] Input Pointer to the buffer containing the data to be encrypted.
164 @param[in] InputSize Size of the Input buffer in bytes.
165 @param[in] Ivec Pointer to initialization vector.
166 @param[out] Output Pointer to a buffer that receives the AES encryption output.
168 @retval TRUE AES decryption succeeded.
169 @retval FALSE AES decryption failed.
176 IN CONST UINT8
*Input
,
178 IN CONST UINT8
*Ivec
,
183 UINT8 IvecBuffer
[AES_BLOCK_SIZE
];
186 // Check input parameters.
188 if ((AesContext
== NULL
) || (Input
== NULL
) || ((InputSize
% AES_BLOCK_SIZE
) != 0)) {
192 if ((Ivec
== NULL
) || (Output
== NULL
) || (InputSize
> INT_MAX
)) {
196 AesKey
= (AES_KEY
*)AesContext
;
197 CopyMem (IvecBuffer
, Ivec
, AES_BLOCK_SIZE
);
200 // Perform AES data decryption with CBC mode
202 AES_cbc_encrypt (Input
, Output
, (UINT32
)InputSize
, AesKey
+ 1, IvecBuffer
, AES_DECRYPT
);