/src/gnutls/lib/accelerated/x86/aes-cbc-x86-aesni.c
Line | Count | Source (jump to first uncovered line) |
1 | | /* |
2 | | * Copyright (C) 2011-2012 Free Software Foundation, Inc. |
3 | | * Copyright (C) 2018 Red Hat, Inc. |
4 | | * |
5 | | * Author: Nikos Mavrogiannopoulos |
6 | | * |
7 | | * This file is part of GnuTLS. |
8 | | * |
9 | | * The GnuTLS is free software; you can redistribute it and/or |
10 | | * modify it under the terms of the GNU Lesser General Public License |
11 | | * as published by the Free Software Foundation; either version 2.1 of |
12 | | * the License, or (at your option) any later version. |
13 | | * |
14 | | * This library is distributed in the hope that it will be useful, but |
15 | | * WITHOUT ANY WARRANTY; without even the implied warranty of |
16 | | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
17 | | * Lesser General Public License for more details. |
18 | | * |
19 | | * You should have received a copy of the GNU Lesser General Public License |
20 | | * along with this program. If not, see <https://www.gnu.org/licenses/> |
21 | | * |
22 | | */ |
23 | | |
24 | | /* |
25 | | * The following code is an implementation of the AES-128-CBC cipher |
26 | | * using intel's AES instruction set. |
27 | | */ |
28 | | |
29 | | #include "errors.h" |
30 | | #include "gnutls_int.h" |
31 | | #include <gnutls/crypto.h> |
32 | | #include "errors.h" |
33 | | #include "aes-x86.h" |
34 | | #include "sha-x86.h" |
35 | | #include "x86-common.h" |
36 | | |
37 | | struct aes_ctx { |
38 | | AES_KEY expanded_key; |
39 | | uint8_t iv[16]; |
40 | | int enc; |
41 | | }; |
42 | | |
43 | | static int aes_cipher_init(gnutls_cipher_algorithm_t algorithm, void **_ctx, |
44 | | int enc) |
45 | 0 | { |
46 | | /* we use key size to distinguish */ |
47 | 0 | if (algorithm != GNUTLS_CIPHER_AES_128_CBC && |
48 | 0 | algorithm != GNUTLS_CIPHER_AES_192_CBC && |
49 | 0 | algorithm != GNUTLS_CIPHER_AES_256_CBC) |
50 | 0 | return GNUTLS_E_INVALID_REQUEST; |
51 | | |
52 | 0 | *_ctx = gnutls_calloc(1, sizeof(struct aes_ctx)); |
53 | 0 | if (*_ctx == NULL) { |
54 | 0 | gnutls_assert(); |
55 | 0 | return GNUTLS_E_MEMORY_ERROR; |
56 | 0 | } |
57 | | |
58 | 0 | ((struct aes_ctx *)(*_ctx))->enc = enc; |
59 | |
|
60 | 0 | return 0; |
61 | 0 | } |
62 | | |
63 | | static int aes_cipher_setkey(void *_ctx, const void *userkey, size_t keysize) |
64 | 0 | { |
65 | 0 | struct aes_ctx *ctx = _ctx; |
66 | 0 | int ret; |
67 | |
|
68 | 0 | CHECK_AES_KEYSIZE(keysize); |
69 | | |
70 | 0 | if (ctx->enc) |
71 | 0 | ret = aesni_set_encrypt_key(userkey, keysize * 8, |
72 | 0 | ALIGN16(&ctx->expanded_key)); |
73 | 0 | else |
74 | 0 | ret = aesni_set_decrypt_key(userkey, keysize * 8, |
75 | 0 | ALIGN16(&ctx->expanded_key)); |
76 | |
|
77 | 0 | if (ret != 0) |
78 | 0 | return gnutls_assert_val(GNUTLS_E_ENCRYPTION_FAILED); |
79 | | |
80 | 0 | return 0; |
81 | 0 | } |
82 | | |
83 | | static int aes_setiv(void *_ctx, const void *iv, size_t iv_size) |
84 | 0 | { |
85 | 0 | struct aes_ctx *ctx = _ctx; |
86 | |
|
87 | 0 | if (iv_size != 16) |
88 | 0 | return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST); |
89 | | |
90 | 0 | memcpy(ctx->iv, iv, 16); |
91 | 0 | return 0; |
92 | 0 | } |
93 | | |
94 | | static int aes_encrypt(void *_ctx, const void *src, size_t src_size, void *dst, |
95 | | size_t dst_size) |
96 | 0 | { |
97 | 0 | struct aes_ctx *ctx = _ctx; |
98 | |
|
99 | 0 | if (unlikely(dst_size < src_size)) |
100 | 0 | return gnutls_assert_val(GNUTLS_E_SHORT_MEMORY_BUFFER); |
101 | | |
102 | 0 | if (unlikely(src_size % 16 != 0)) |
103 | 0 | return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST); |
104 | | |
105 | 0 | aesni_cbc_encrypt(src, dst, src_size, ALIGN16(&ctx->expanded_key), |
106 | 0 | ctx->iv, 1); |
107 | 0 | return 0; |
108 | 0 | } |
109 | | |
110 | | static int aes_decrypt(void *_ctx, const void *src, size_t src_size, void *dst, |
111 | | size_t dst_size) |
112 | 0 | { |
113 | 0 | struct aes_ctx *ctx = _ctx; |
114 | |
|
115 | 0 | if (unlikely(dst_size < src_size)) |
116 | 0 | return gnutls_assert_val(GNUTLS_E_SHORT_MEMORY_BUFFER); |
117 | | |
118 | 0 | if (unlikely(src_size % 16 != 0)) |
119 | 0 | return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST); |
120 | | |
121 | 0 | aesni_cbc_encrypt(src, dst, src_size, ALIGN16(&ctx->expanded_key), |
122 | 0 | ctx->iv, 0); |
123 | |
|
124 | 0 | return 0; |
125 | 0 | } |
126 | | |
127 | | static void aes_deinit(void *_ctx) |
128 | 0 | { |
129 | 0 | struct aes_ctx *ctx = _ctx; |
130 | |
|
131 | 0 | zeroize_temp_key(ctx, sizeof(*ctx)); |
132 | 0 | gnutls_free(ctx); |
133 | 0 | } |
134 | | |
135 | | const gnutls_crypto_cipher_st _gnutls_aesni_x86 = { |
136 | | .init = aes_cipher_init, |
137 | | .setkey = aes_cipher_setkey, |
138 | | .setiv = aes_setiv, |
139 | | .encrypt = aes_encrypt, |
140 | | .decrypt = aes_decrypt, |
141 | | .deinit = aes_deinit, |
142 | | }; |