[164] | 1 | /* aes.h
|
---|
| 2 | *
|
---|
| 3 | * Copyright (C) 2006-2015 wolfSSL Inc.
|
---|
| 4 | *
|
---|
| 5 | * This file is part of wolfSSL. (formerly known as CyaSSL)
|
---|
| 6 | *
|
---|
| 7 | * wolfSSL is free software; you can redistribute it and/or modify
|
---|
| 8 | * it under the terms of the GNU General Public License as published by
|
---|
| 9 | * the Free Software Foundation; either version 2 of the License, or
|
---|
| 10 | * (at your option) any later version.
|
---|
| 11 | *
|
---|
| 12 | * wolfSSL is distributed in the hope that it will be useful,
|
---|
| 13 | * but WITHOUT ANY WARRANTY; without even the implied warranty of
|
---|
| 14 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
---|
| 15 | * GNU General Public License for more details.
|
---|
| 16 | *
|
---|
| 17 | * You should have received a copy of the GNU General Public License
|
---|
| 18 | * along with this program; if not, write to the Free Software
|
---|
| 19 | * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
|
---|
| 20 | */
|
---|
| 21 |
|
---|
| 22 | #ifndef WOLF_CRYPT_AES_H
|
---|
| 23 | #define WOLF_CRYPT_AES_H
|
---|
| 24 |
|
---|
| 25 | #include <wolfssl/wolfcrypt/types.h>
|
---|
| 26 |
|
---|
| 27 | #ifndef NO_AES
|
---|
| 28 |
|
---|
| 29 | /* included for fips @wc_fips */
|
---|
| 30 | #ifdef HAVE_FIPS
|
---|
| 31 | #include <cyassl/ctaocrypt/aes.h>
|
---|
| 32 | #if defined(CYASSL_AES_COUNTER) && !defined(WOLFSSL_AES_COUNTER)
|
---|
| 33 | #define WOLFSSL_AES_COUNTER
|
---|
| 34 | #endif
|
---|
| 35 | #if !defined(WOLFSSL_AES_DIRECT) && defined(CYASSL_AES_DIRECT)
|
---|
| 36 | #define WOLFSSL_AES_DIRECT
|
---|
| 37 | #endif
|
---|
| 38 | #endif
|
---|
| 39 |
|
---|
| 40 | #ifndef HAVE_FIPS /* to avoid redefinition of macros */
|
---|
| 41 | #ifdef HAVE_CAVIUM
|
---|
| 42 | #include <wolfssl/ctaocrypt/logging.h>
|
---|
| 43 | #include "cavium_common.h"
|
---|
| 44 | #endif
|
---|
| 45 |
|
---|
| 46 | #ifdef WOLFSSL_AESNI
|
---|
| 47 |
|
---|
| 48 | #include <wmmintrin.h>
|
---|
| 49 |
|
---|
| 50 | #if !defined (ALIGN16)
|
---|
| 51 | #if defined (__GNUC__)
|
---|
| 52 | #define ALIGN16 __attribute__ ( (aligned (16)))
|
---|
| 53 | #elif defined(_MSC_VER)
|
---|
| 54 | /* disable align warning, we want alignment ! */
|
---|
| 55 | #pragma warning(disable: 4324)
|
---|
| 56 | #define ALIGN16 __declspec (align (16))
|
---|
| 57 | #else
|
---|
| 58 | #define ALIGN16
|
---|
| 59 | #endif
|
---|
| 60 | #endif
|
---|
| 61 |
|
---|
| 62 | #endif /* WOLFSSL_AESNI */
|
---|
| 63 |
|
---|
| 64 | #if !defined (ALIGN16)
|
---|
| 65 | #define ALIGN16
|
---|
| 66 | #endif
|
---|
| 67 | #endif /* HAVE_FIPS */
|
---|
| 68 |
|
---|
| 69 | #ifdef __cplusplus
|
---|
| 70 | extern "C" {
|
---|
| 71 | #endif
|
---|
| 72 |
|
---|
| 73 | #ifndef HAVE_FIPS /* to avoid redefinition of structures */
|
---|
| 74 | #define WOLFSSL_AES_CAVIUM_MAGIC 0xBEEF0002
|
---|
| 75 |
|
---|
| 76 | enum {
|
---|
| 77 | AES_ENC_TYPE = 1, /* cipher unique type */
|
---|
| 78 | AES_ENCRYPTION = 0,
|
---|
| 79 | AES_DECRYPTION = 1,
|
---|
| 80 | AES_BLOCK_SIZE = 16
|
---|
| 81 | };
|
---|
| 82 |
|
---|
| 83 |
|
---|
| 84 | typedef struct Aes {
|
---|
| 85 | /* AESNI needs key first, rounds 2nd, not sure why yet */
|
---|
| 86 | ALIGN16 word32 key[60];
|
---|
| 87 | word32 rounds;
|
---|
| 88 |
|
---|
| 89 | ALIGN16 word32 reg[AES_BLOCK_SIZE / sizeof(word32)]; /* for CBC mode */
|
---|
| 90 | ALIGN16 word32 tmp[AES_BLOCK_SIZE / sizeof(word32)]; /* same */
|
---|
| 91 |
|
---|
| 92 | #ifdef HAVE_AESGCM
|
---|
| 93 | ALIGN16 byte H[AES_BLOCK_SIZE];
|
---|
| 94 | #ifdef GCM_TABLE
|
---|
| 95 | /* key-based fast multiplication table. */
|
---|
| 96 | ALIGN16 byte M0[256][AES_BLOCK_SIZE];
|
---|
| 97 | #endif /* GCM_TABLE */
|
---|
| 98 | #endif /* HAVE_AESGCM */
|
---|
| 99 | #ifdef WOLFSSL_AESNI
|
---|
| 100 | byte use_aesni;
|
---|
| 101 | #endif /* WOLFSSL_AESNI */
|
---|
| 102 | #ifdef HAVE_CAVIUM
|
---|
| 103 | AesType type; /* aes key type */
|
---|
| 104 | int devId; /* nitrox device id */
|
---|
| 105 | word32 magic; /* using cavium magic */
|
---|
| 106 | word64 contextHandle; /* nitrox context memory handle */
|
---|
| 107 | #endif
|
---|
| 108 | #ifdef WOLFSSL_AES_COUNTER
|
---|
| 109 | word32 left; /* unsued bytes left from last call */
|
---|
| 110 | #endif
|
---|
| 111 | #ifdef WOLFSSL_PIC32MZ_CRYPT
|
---|
| 112 | word32 key_ce[AES_BLOCK_SIZE*2/sizeof(word32)] ;
|
---|
| 113 | word32 iv_ce [AES_BLOCK_SIZE /sizeof(word32)] ;
|
---|
| 114 | int keylen ;
|
---|
| 115 | #endif
|
---|
| 116 | #ifdef WOLFSSL_TI_CRYPT
|
---|
| 117 | int keylen ;
|
---|
| 118 | #endif
|
---|
| 119 | } Aes;
|
---|
| 120 |
|
---|
| 121 |
|
---|
| 122 | #ifdef HAVE_AESGCM
|
---|
| 123 | typedef struct Gmac {
|
---|
| 124 | Aes aes;
|
---|
| 125 | } Gmac;
|
---|
| 126 | #endif /* HAVE_AESGCM */
|
---|
| 127 | #endif /* HAVE_FIPS */
|
---|
| 128 |
|
---|
| 129 | WOLFSSL_API int wc_AesSetKey(Aes* aes, const byte* key, word32 len,
|
---|
| 130 | const byte* iv, int dir);
|
---|
| 131 | WOLFSSL_API int wc_AesSetIV(Aes* aes, const byte* iv);
|
---|
| 132 | WOLFSSL_API int wc_AesCbcEncrypt(Aes* aes, byte* out,
|
---|
| 133 | const byte* in, word32 sz);
|
---|
| 134 | WOLFSSL_API int wc_AesCbcDecrypt(Aes* aes, byte* out,
|
---|
| 135 | const byte* in, word32 sz);
|
---|
| 136 |
|
---|
| 137 | /* AES-CTR */
|
---|
| 138 | #ifdef WOLFSSL_AES_COUNTER
|
---|
| 139 | WOLFSSL_API void wc_AesCtrEncrypt(Aes* aes, byte* out,
|
---|
| 140 | const byte* in, word32 sz);
|
---|
| 141 | #endif
|
---|
| 142 | /* AES-DIRECT */
|
---|
| 143 | #if defined(WOLFSSL_AES_DIRECT)
|
---|
| 144 | WOLFSSL_API void wc_AesEncryptDirect(Aes* aes, byte* out, const byte* in);
|
---|
| 145 | WOLFSSL_API void wc_AesDecryptDirect(Aes* aes, byte* out, const byte* in);
|
---|
| 146 | WOLFSSL_API int wc_AesSetKeyDirect(Aes* aes, const byte* key, word32 len,
|
---|
| 147 | const byte* iv, int dir);
|
---|
| 148 | #endif
|
---|
| 149 | #ifdef HAVE_AESGCM
|
---|
| 150 | WOLFSSL_API int wc_AesGcmSetKey(Aes* aes, const byte* key, word32 len);
|
---|
| 151 | WOLFSSL_API int wc_AesGcmEncrypt(Aes* aes, byte* out,
|
---|
| 152 | const byte* in, word32 sz,
|
---|
| 153 | const byte* iv, word32 ivSz,
|
---|
| 154 | byte* authTag, word32 authTagSz,
|
---|
| 155 | const byte* authIn, word32 authInSz);
|
---|
| 156 | WOLFSSL_API int wc_AesGcmDecrypt(Aes* aes, byte* out,
|
---|
| 157 | const byte* in, word32 sz,
|
---|
| 158 | const byte* iv, word32 ivSz,
|
---|
| 159 | const byte* authTag, word32 authTagSz,
|
---|
| 160 | const byte* authIn, word32 authInSz);
|
---|
| 161 |
|
---|
| 162 | WOLFSSL_API int wc_GmacSetKey(Gmac* gmac, const byte* key, word32 len);
|
---|
| 163 | WOLFSSL_API int wc_GmacUpdate(Gmac* gmac, const byte* iv, word32 ivSz,
|
---|
| 164 | const byte* authIn, word32 authInSz,
|
---|
| 165 | byte* authTag, word32 authTagSz);
|
---|
| 166 | #endif /* HAVE_AESGCM */
|
---|
| 167 | #ifdef HAVE_AESCCM
|
---|
| 168 | WOLFSSL_API void wc_AesCcmSetKey(Aes* aes, const byte* key, word32 keySz);
|
---|
| 169 | WOLFSSL_API int wc_AesCcmEncrypt(Aes* aes, byte* out,
|
---|
| 170 | const byte* in, word32 inSz,
|
---|
| 171 | const byte* nonce, word32 nonceSz,
|
---|
| 172 | byte* authTag, word32 authTagSz,
|
---|
| 173 | const byte* authIn, word32 authInSz);
|
---|
| 174 | WOLFSSL_API int wc_AesCcmDecrypt(Aes* aes, byte* out,
|
---|
| 175 | const byte* in, word32 inSz,
|
---|
| 176 | const byte* nonce, word32 nonceSz,
|
---|
| 177 | const byte* authTag, word32 authTagSz,
|
---|
| 178 | const byte* authIn, word32 authInSz);
|
---|
| 179 | #endif /* HAVE_AESCCM */
|
---|
| 180 |
|
---|
| 181 | #ifdef HAVE_CAVIUM
|
---|
| 182 | WOLFSSL_API int wc_AesInitCavium(Aes*, int);
|
---|
| 183 | WOLFSSL_API void wc_AesFreeCavium(Aes*);
|
---|
| 184 | #endif
|
---|
| 185 |
|
---|
| 186 | #ifdef __cplusplus
|
---|
| 187 | } /* extern "C" */
|
---|
| 188 | #endif
|
---|
| 189 |
|
---|
| 190 |
|
---|
| 191 | #endif /* NO_AES */
|
---|
| 192 | #endif /* WOLF_CRYPT_AES_H */
|
---|
| 193 |
|
---|