source: azure_iot_hub_f767zi/trunk/wolfssl-4.4.0/wolfssl/wolfcrypt/aes.h@ 457

Last change on this file since 457 was 457, checked in by coas-nagasima, 4 years ago

ファイルを追加
  • Property svn:eol-style set to native
  • Property svn:mime-type set to text/x-chdr;charset=UTF-8
File size: 14.8 KB
Line 
1/* aes.h
2 *
3 * Copyright (C) 2006-2020 wolfSSL Inc.
4 *
5 * This file is part of wolfSSL.
6 *
7 * wolfSSL is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License as published by
9 * the Free Software Foundation; either version 2 of the License, or
10 * (at your option) any later version.
11 *
12 * wolfSSL is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU General Public License for more details.
16 *
17 * You should have received a copy of the GNU General Public License
18 * along with this program; if not, write to the Free Software
19 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
20 */
21
22/*!
23 \file wolfssl/wolfcrypt/aes.h
24*/
25
26
27#ifndef WOLF_CRYPT_AES_H
28#define WOLF_CRYPT_AES_H
29
30#include <wolfssl/wolfcrypt/types.h>
31
32#ifndef NO_AES
33
34#if defined(HAVE_FIPS) && \
35 defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2)
36 #include <wolfssl/wolfcrypt/fips.h>
37#endif /* HAVE_FIPS_VERSION >= 2 */
38
39/* included for fips @wc_fips */
40#if defined(HAVE_FIPS) && \
41 (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
42#include <cyassl/ctaocrypt/aes.h>
43#if defined(CYASSL_AES_COUNTER) && !defined(WOLFSSL_AES_COUNTER)
44 #define WOLFSSL_AES_COUNTER
45#endif
46#if !defined(WOLFSSL_AES_DIRECT) && defined(CYASSL_AES_DIRECT)
47 #define WOLFSSL_AES_DIRECT
48#endif
49#endif
50
51#ifndef WC_NO_RNG
52 #include <wolfssl/wolfcrypt/random.h>
53#endif
54#ifdef STM32_CRYPTO
55 #include <wolfssl/wolfcrypt/port/st/stm32.h>
56#endif
57
58#ifdef WOLFSSL_AESNI
59
60#include <wmmintrin.h>
61#include <emmintrin.h>
62#include <smmintrin.h>
63
64#endif /* WOLFSSL_AESNI */
65
66
67#ifdef WOLFSSL_XILINX_CRYPT
68#include "xsecure_aes.h"
69#endif
70
71#if defined(WOLFSSL_AFALG) || defined(WOLFSSL_AFALG_XILINX_AES)
72/* included for struct msghdr */
73#include <wolfssl/wolfcrypt/port/af_alg/wc_afalg.h>
74#endif
75
76#if defined(WOLFSSL_DEVCRYPTO_AES) || defined(WOLFSSL_DEVCRYPTO_CBC)
77#include <wolfssl/wolfcrypt/port/devcrypto/wc_devcrypto.h>
78#endif
79
80#if defined(HAVE_AESGCM) && !defined(WC_NO_RNG)
81 #include <wolfssl/wolfcrypt/random.h>
82#endif
83
84#if defined(WOLFSSL_CRYPTOCELL)
85 #include <wolfssl/wolfcrypt/port/arm/cryptoCell.h>
86#endif
87
88#if defined(WOLFSSL_RENESAS_TSIP_TLS) && \
89 defined(WOLFSSL_RENESAS_TSIP_TLS_AES_CRYPT)
90 #include <wolfssl/wolfcrypt/port/Renesas/renesas-tsip-crypt.h>
91#endif
92
93#ifdef __cplusplus
94 extern "C" {
95#endif
96
97#ifndef WOLFSSL_AES_KEY_SIZE_ENUM
98#define WOLFSSL_AES_KEY_SIZE_ENUM
99/* these are required for FIPS and non-FIPS */
100enum {
101 AES_128_KEY_SIZE = 16, /* for 128 bit */
102 AES_192_KEY_SIZE = 24, /* for 192 bit */
103 AES_256_KEY_SIZE = 32, /* for 256 bit */
104
105 AES_IV_SIZE = 16, /* always block size */
106};
107#endif
108
109/* avoid redefinition of structs */
110#if !defined(HAVE_FIPS) || \
111 (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2))
112
113#ifdef WOLFSSL_ASYNC_CRYPT
114 #include <wolfssl/wolfcrypt/async.h>
115#endif
116
117enum {
118 AES_ENC_TYPE = WC_CIPHER_AES, /* cipher unique type */
119 AES_ENCRYPTION = 0,
120 AES_DECRYPTION = 1,
121
122 AES_BLOCK_SIZE = 16,
123
124 KEYWRAP_BLOCK_SIZE = 8,
125
126 GCM_NONCE_MAX_SZ = 16, /* wolfCrypt's maximum nonce size allowed. */
127 GCM_NONCE_MID_SZ = 12, /* The usual default nonce size for AES-GCM. */
128 GCM_NONCE_MIN_SZ = 8, /* wolfCrypt's minimum nonce size allowed. */
129 CCM_NONCE_MIN_SZ = 7,
130 CCM_NONCE_MAX_SZ = 13,
131 CTR_SZ = 4,
132 AES_IV_FIXED_SZ = 4,
133#ifdef WOLFSSL_AES_CFB
134 AES_CFB_MODE = 1,
135#endif
136#ifdef WOLFSSL_AES_OFB
137 AES_OFB_MODE = 2,
138#endif
139#ifdef WOLFSSL_AES_XTS
140 AES_XTS_MODE = 3,
141#endif
142
143#ifdef HAVE_PKCS11
144 AES_MAX_ID_LEN = 32,
145#endif
146};
147
148
149struct Aes {
150 /* AESNI needs key first, rounds 2nd, not sure why yet */
151 ALIGN16 word32 key[60];
152 word32 rounds;
153 int keylen;
154
155 ALIGN16 word32 reg[AES_BLOCK_SIZE / sizeof(word32)]; /* for CBC mode */
156 ALIGN16 word32 tmp[AES_BLOCK_SIZE / sizeof(word32)]; /* same */
157
158#if defined(HAVE_AESGCM) || defined(HAVE_AESCCM)
159 word32 invokeCtr[2];
160 word32 nonceSz;
161#endif
162#ifdef HAVE_AESGCM
163 ALIGN16 byte H[AES_BLOCK_SIZE];
164#ifdef OPENSSL_EXTRA
165 word32 aadH[4]; /* additional authenticated data GHASH */
166 word32 aadLen; /* additional authenticated data len */
167#endif
168
169#ifdef GCM_TABLE
170 /* key-based fast multiplication table. */
171 ALIGN16 byte M0[256][AES_BLOCK_SIZE];
172#endif /* GCM_TABLE */
173#ifdef HAVE_CAVIUM_OCTEON_SYNC
174 word32 y0;
175#endif
176#endif /* HAVE_AESGCM */
177#ifdef WOLFSSL_AESNI
178 byte use_aesni;
179#endif /* WOLFSSL_AESNI */
180#ifdef WOLF_CRYPTO_CB
181 int devId;
182 void* devCtx;
183#endif
184#ifdef HAVE_PKCS11
185 byte id[AES_MAX_ID_LEN];
186 int idLen;
187#endif
188#ifdef WOLFSSL_ASYNC_CRYPT
189 WC_ASYNC_DEV asyncDev;
190#endif /* WOLFSSL_ASYNC_CRYPT */
191#if defined(WOLFSSL_AES_COUNTER) || defined(WOLFSSL_AES_CFB) || \
192 defined(WOLFSSL_AES_OFB) || defined(WOLFSSL_AES_XTS)
193 word32 left; /* unused bytes left from last call */
194#endif
195#ifdef WOLFSSL_XILINX_CRYPT
196 XSecure_Aes xilAes;
197 XCsuDma dma;
198 word32 key_init[8];
199 word32 kup;
200#endif
201#if defined(WOLFSSL_AFALG) || defined(WOLFSSL_AFALG_XILINX_AES)
202 int alFd; /* server socket to bind to */
203 int rdFd; /* socket to read from */
204 struct msghdr msg;
205 int dir; /* flag for encrpyt or decrypt */
206#ifdef WOLFSSL_AFALG_XILINX_AES
207 word32 msgBuf[CMSG_SPACE(4) + CMSG_SPACE(sizeof(struct af_alg_iv) +
208 GCM_NONCE_MID_SZ)];
209#endif
210#endif
211#if defined(WOLF_CRYPTO_CB) || (defined(WOLFSSL_DEVCRYPTO) && \
212 (defined(WOLFSSL_DEVCRYPTO_AES) || defined(WOLFSSL_DEVCRYPTO_CBC))) || \
213 (defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_AES))
214 word32 devKey[AES_MAX_KEY_SIZE/WOLFSSL_BIT_SIZE/sizeof(word32)]; /* raw key */
215#ifdef HAVE_CAVIUM_OCTEON_SYNC
216 int keySet;
217#endif
218#endif
219#if defined(WOLFSSL_DEVCRYPTO) && \
220 (defined(WOLFSSL_DEVCRYPTO_AES) || defined(WOLFSSL_DEVCRYPTO_CBC))
221 WC_CRYPTODEV ctx;
222#endif
223#if defined(WOLFSSL_CRYPTOCELL)
224 aes_context_t ctx;
225#endif
226#if defined(WOLFSSL_RENESAS_TSIP_TLS) && \
227 defined(WOLFSSL_RENESAS_TSIP_TLS_AES_CRYPT)
228 TSIP_AES_CTX ctx;
229#endif
230 void* heap; /* memory hint to use */
231};
232
233#ifndef WC_AES_TYPE_DEFINED
234 typedef struct Aes Aes;
235 #define WC_AES_TYPE_DEFINED
236#endif
237
238#ifdef WOLFSSL_AES_XTS
239typedef struct XtsAes {
240 Aes aes;
241 Aes tweak;
242} XtsAes;
243#endif
244
245#ifdef HAVE_AESGCM
246typedef struct Gmac {
247 Aes aes;
248} Gmac;
249#endif /* HAVE_AESGCM */
250#endif /* HAVE_FIPS */
251
252
253/* Authenticate cipher function prototypes */
254typedef int (*wc_AesAuthEncryptFunc)(Aes* aes, byte* out,
255 const byte* in, word32 sz,
256 const byte* iv, word32 ivSz,
257 byte* authTag, word32 authTagSz,
258 const byte* authIn, word32 authInSz);
259typedef int (*wc_AesAuthDecryptFunc)(Aes* aes, byte* out,
260 const byte* in, word32 sz,
261 const byte* iv, word32 ivSz,
262 const byte* authTag, word32 authTagSz,
263 const byte* authIn, word32 authInSz);
264
265/* AES-CBC */
266WOLFSSL_API int wc_AesSetKey(Aes* aes, const byte* key, word32 len,
267 const byte* iv, int dir);
268WOLFSSL_API int wc_AesSetIV(Aes* aes, const byte* iv);
269
270#ifdef HAVE_AES_CBC
271WOLFSSL_API int wc_AesCbcEncrypt(Aes* aes, byte* out,
272 const byte* in, word32 sz);
273WOLFSSL_API int wc_AesCbcDecrypt(Aes* aes, byte* out,
274 const byte* in, word32 sz);
275#endif
276
277#ifdef WOLFSSL_AES_CFB
278WOLFSSL_API int wc_AesCfbEncrypt(Aes* aes, byte* out,
279 const byte* in, word32 sz);
280WOLFSSL_API int wc_AesCfb1Encrypt(Aes* aes, byte* out,
281 const byte* in, word32 sz);
282WOLFSSL_API int wc_AesCfb8Encrypt(Aes* aes, byte* out,
283 const byte* in, word32 sz);
284#ifdef HAVE_AES_DECRYPT
285WOLFSSL_API int wc_AesCfbDecrypt(Aes* aes, byte* out,
286 const byte* in, word32 sz);
287WOLFSSL_API int wc_AesCfb1Decrypt(Aes* aes, byte* out,
288 const byte* in, word32 sz);
289WOLFSSL_API int wc_AesCfb8Decrypt(Aes* aes, byte* out,
290 const byte* in, word32 sz);
291#endif /* HAVE_AES_DECRYPT */
292#endif /* WOLFSSL_AES_CFB */
293
294#ifdef WOLFSSL_AES_OFB
295WOLFSSL_API int wc_AesOfbEncrypt(Aes* aes, byte* out,
296 const byte* in, word32 sz);
297#ifdef HAVE_AES_DECRYPT
298WOLFSSL_API int wc_AesOfbDecrypt(Aes* aes, byte* out,
299 const byte* in, word32 sz);
300#endif /* HAVE_AES_DECRYPT */
301#endif /* WOLFSSL_AES_OFB */
302
303#ifdef HAVE_AES_ECB
304WOLFSSL_API int wc_AesEcbEncrypt(Aes* aes, byte* out,
305 const byte* in, word32 sz);
306WOLFSSL_API int wc_AesEcbDecrypt(Aes* aes, byte* out,
307 const byte* in, word32 sz);
308#endif
309
310/* AES-CTR */
311#ifdef WOLFSSL_AES_COUNTER
312 WOLFSSL_API int wc_AesCtrEncrypt(Aes* aes, byte* out,
313 const byte* in, word32 sz);
314#endif
315/* AES-DIRECT */
316#if defined(WOLFSSL_AES_DIRECT)
317 WOLFSSL_API void wc_AesEncryptDirect(Aes* aes, byte* out, const byte* in);
318 WOLFSSL_API void wc_AesDecryptDirect(Aes* aes, byte* out, const byte* in);
319 WOLFSSL_API int wc_AesSetKeyDirect(Aes* aes, const byte* key, word32 len,
320 const byte* iv, int dir);
321#endif
322
323#ifdef HAVE_AESGCM
324#ifdef WOLFSSL_XILINX_CRYPT
325 WOLFSSL_API int wc_AesGcmSetKey_ex(Aes* aes, const byte* key, word32 len,
326 word32 kup);
327#elif defined(WOLFSSL_AFALG_XILINX_AES)
328 WOLFSSL_LOCAL int wc_AesGcmSetKey_ex(Aes* aes, const byte* key, word32 len,
329 word32 kup);
330#endif
331 WOLFSSL_API int wc_AesGcmSetKey(Aes* aes, const byte* key, word32 len);
332 WOLFSSL_API int wc_AesGcmEncrypt(Aes* aes, byte* out,
333 const byte* in, word32 sz,
334 const byte* iv, word32 ivSz,
335 byte* authTag, word32 authTagSz,
336 const byte* authIn, word32 authInSz);
337 WOLFSSL_API int wc_AesGcmDecrypt(Aes* aes, byte* out,
338 const byte* in, word32 sz,
339 const byte* iv, word32 ivSz,
340 const byte* authTag, word32 authTagSz,
341 const byte* authIn, word32 authInSz);
342
343#ifndef WC_NO_RNG
344 WOLFSSL_API int wc_AesGcmSetExtIV(Aes* aes, const byte* iv, word32 ivSz);
345 WOLFSSL_API int wc_AesGcmSetIV(Aes* aes, word32 ivSz,
346 const byte* ivFixed, word32 ivFixedSz,
347 WC_RNG* rng);
348 WOLFSSL_API int wc_AesGcmEncrypt_ex(Aes* aes, byte* out,
349 const byte* in, word32 sz,
350 byte* ivOut, word32 ivOutSz,
351 byte* authTag, word32 authTagSz,
352 const byte* authIn, word32 authInSz);
353#endif /* WC_NO_RNG */
354
355 WOLFSSL_API int wc_GmacSetKey(Gmac* gmac, const byte* key, word32 len);
356 WOLFSSL_API int wc_GmacUpdate(Gmac* gmac, const byte* iv, word32 ivSz,
357 const byte* authIn, word32 authInSz,
358 byte* authTag, word32 authTagSz);
359#ifndef WC_NO_RNG
360 WOLFSSL_API int wc_Gmac(const byte* key, word32 keySz, byte* iv, word32 ivSz,
361 const byte* authIn, word32 authInSz,
362 byte* authTag, word32 authTagSz, WC_RNG* rng);
363 WOLFSSL_API int wc_GmacVerify(const byte* key, word32 keySz,
364 const byte* iv, word32 ivSz,
365 const byte* authIn, word32 authInSz,
366 const byte* authTag, word32 authTagSz);
367#endif /* WC_NO_RNG */
368 WOLFSSL_LOCAL void GHASH(Aes* aes, const byte* a, word32 aSz, const byte* c,
369 word32 cSz, byte* s, word32 sSz);
370#endif /* HAVE_AESGCM */
371#ifdef HAVE_AESCCM
372 WOLFSSL_API int wc_AesCcmSetKey(Aes* aes, const byte* key, word32 keySz);
373 WOLFSSL_API int wc_AesCcmEncrypt(Aes* aes, byte* out,
374 const byte* in, word32 inSz,
375 const byte* nonce, word32 nonceSz,
376 byte* authTag, word32 authTagSz,
377 const byte* authIn, word32 authInSz);
378 WOLFSSL_API int wc_AesCcmDecrypt(Aes* aes, byte* out,
379 const byte* in, word32 inSz,
380 const byte* nonce, word32 nonceSz,
381 const byte* authTag, word32 authTagSz,
382 const byte* authIn, word32 authInSz);
383 WOLFSSL_API int wc_AesCcmSetNonce(Aes* aes,
384 const byte* nonce, word32 nonceSz);
385 WOLFSSL_API int wc_AesCcmEncrypt_ex(Aes* aes, byte* out,
386 const byte* in, word32 sz,
387 byte* ivOut, word32 ivOutSz,
388 byte* authTag, word32 authTagSz,
389 const byte* authIn, word32 authInSz);
390#endif /* HAVE_AESCCM */
391#ifdef HAVE_AES_KEYWRAP
392 WOLFSSL_API int wc_AesKeyWrap(const byte* key, word32 keySz,
393 const byte* in, word32 inSz,
394 byte* out, word32 outSz,
395 const byte* iv);
396 WOLFSSL_API int wc_AesKeyUnWrap(const byte* key, word32 keySz,
397 const byte* in, word32 inSz,
398 byte* out, word32 outSz,
399 const byte* iv);
400#endif /* HAVE_AES_KEYWRAP */
401
402#ifdef WOLFSSL_AES_XTS
403
404WOLFSSL_API int wc_AesXtsSetKey(XtsAes* aes, const byte* key,
405 word32 len, int dir, void* heap, int devId);
406
407WOLFSSL_API int wc_AesXtsEncryptSector(XtsAes* aes, byte* out,
408 const byte* in, word32 sz, word64 sector);
409
410WOLFSSL_API int wc_AesXtsDecryptSector(XtsAes* aes, byte* out,
411 const byte* in, word32 sz, word64 sector);
412
413WOLFSSL_API int wc_AesXtsEncrypt(XtsAes* aes, byte* out,
414 const byte* in, word32 sz, const byte* i, word32 iSz);
415
416WOLFSSL_API int wc_AesXtsDecrypt(XtsAes* aes, byte* out,
417 const byte* in, word32 sz, const byte* i, word32 iSz);
418
419WOLFSSL_API int wc_AesXtsFree(XtsAes* aes);
420#endif
421
422WOLFSSL_API int wc_AesGetKeySize(Aes* aes, word32* keySize);
423
424WOLFSSL_API int wc_AesInit(Aes* aes, void* heap, int devId);
425#ifdef HAVE_PKCS11
426WOLFSSL_API int wc_AesInit_Id(Aes* aes, unsigned char* id, int len, void* heap,
427 int devId);
428#endif
429WOLFSSL_API void wc_AesFree(Aes* aes);
430
431#ifdef __cplusplus
432 } /* extern "C" */
433#endif
434
435
436#endif /* NO_AES */
437#endif /* WOLF_CRYPT_AES_H */
Note: See TracBrowser for help on using the repository browser.