summaryrefslogtreecommitdiffstats
path: root/lib/accelerated/x86/aes-padlock.c
diff options
context:
space:
mode:
Diffstat (limited to 'lib/accelerated/x86/aes-padlock.c')
-rw-r--r--lib/accelerated/x86/aes-padlock.c184
1 files changed, 184 insertions, 0 deletions
diff --git a/lib/accelerated/x86/aes-padlock.c b/lib/accelerated/x86/aes-padlock.c
new file mode 100644
index 0000000..4fa6389
--- /dev/null
+++ b/lib/accelerated/x86/aes-padlock.c
@@ -0,0 +1,184 @@
+/*
+ * Copyright (C) 2011-2018 Free Software Foundation, Inc.
+ * Copyright (C) 2018 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program. If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/*
+ * The following code is an implementation of the AES-128-CBC cipher
+ * using VIA Padlock instruction set.
+ */
+
+#include "errors.h"
+#include "gnutls_int.h"
+#include <gnutls/crypto.h>
+#include "errors.h"
+#include <aes-x86.h>
+#include <x86-common.h>
+#include <nettle/aes.h> /* for key generation in 192 and 256 bits */
+#include <sha-padlock.h>
+#include <aes-padlock.h>
+
+static int
+aes_cipher_init(gnutls_cipher_algorithm_t algorithm, void **_ctx, int enc)
+{
+ /* we use key size to distinguish */
+ if (algorithm != GNUTLS_CIPHER_AES_128_CBC
+ && algorithm != GNUTLS_CIPHER_AES_256_CBC
+ && algorithm != GNUTLS_CIPHER_AES_192_CBC)
+ return GNUTLS_E_INVALID_REQUEST;
+
+ *_ctx = gnutls_calloc(1, sizeof(struct padlock_ctx));
+ if (*_ctx == NULL) {
+ gnutls_assert();
+ return GNUTLS_E_MEMORY_ERROR;
+ }
+
+ ((struct padlock_ctx *) (*_ctx))->enc = enc;
+ return 0;
+}
+
+int
+padlock_aes_cipher_setkey(void *_ctx, const void *userkey, size_t keysize)
+{
+ struct padlock_ctx *ctx = _ctx;
+ struct padlock_cipher_data *pce;
+ struct aes192_ctx nc192;
+ struct aes256_ctx nc256;
+
+ memset(_ctx, 0, sizeof(struct padlock_cipher_data));
+
+ pce = ALIGN16(&ctx->expanded_key);
+
+ pce->cword.b.encdec = (ctx->enc == 0);
+
+ switch (keysize) {
+ case 16:
+ pce->cword.b.ksize = 0;
+ pce->cword.b.rounds = 10;
+ memcpy(pce->ks.rd_key, userkey, 16);
+ pce->cword.b.keygen = 0;
+ break;
+ case 24:
+ pce->cword.b.ksize = 1;
+ pce->cword.b.rounds = 12;
+ if (ctx->enc)
+ aes192_set_encrypt_key(&nc192, userkey);
+ else
+ aes192_set_decrypt_key(&nc192, userkey);
+ memcpy(pce->ks.rd_key, nc192.keys, sizeof(nc192.keys));
+ pce->ks.rounds = _AES192_ROUNDS;
+ pce->cword.b.keygen = 1;
+ break;
+ case 32:
+ pce->cword.b.ksize = 2;
+ pce->cword.b.rounds = 14;
+
+ /* expand key using nettle */
+ if (ctx->enc)
+ aes256_set_encrypt_key(&nc256, userkey);
+ else
+ aes256_set_decrypt_key(&nc256, userkey);
+
+ memcpy(pce->ks.rd_key, nc256.keys, sizeof(nc256.keys));
+ pce->ks.rounds = _AES256_ROUNDS;
+
+ pce->cword.b.keygen = 1;
+ break;
+ default:
+ return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+ }
+
+ padlock_reload_key();
+
+ return 0;
+}
+
+static int aes_setiv(void *_ctx, const void *iv, size_t iv_size)
+{
+ struct padlock_ctx *ctx = _ctx;
+ struct padlock_cipher_data *pce;
+
+ pce = ALIGN16(&ctx->expanded_key);
+
+ if (iv_size != 16)
+ return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+ memcpy(pce->iv, iv, 16);
+
+ return 0;
+}
+
+static int
+padlock_aes_cbc_encrypt(void *_ctx, const void *src, size_t src_size,
+ void *dst, size_t dst_size)
+{
+ struct padlock_ctx *ctx = _ctx;
+ struct padlock_cipher_data *pce;
+ int ret = 1;
+
+ if (unlikely(dst_size < src_size))
+ return gnutls_assert_val(GNUTLS_E_SHORT_MEMORY_BUFFER);
+
+ pce = ALIGN16(&ctx->expanded_key);
+
+ if (src_size > 0)
+ ret = padlock_cbc_encrypt(dst, src, pce, src_size);
+
+ return ret ? 0 : GNUTLS_E_ENCRYPTION_FAILED;
+}
+
+
+static int
+padlock_aes_cbc_decrypt(void *_ctx, const void *src, size_t src_size,
+ void *dst, size_t dst_size)
+{
+ struct padlock_ctx *ctx = _ctx;
+ struct padlock_cipher_data *pcd;
+ int ret = 1;
+
+ if (unlikely(dst_size < src_size))
+ return gnutls_assert_val(GNUTLS_E_SHORT_MEMORY_BUFFER);
+
+ pcd = ALIGN16(&ctx->expanded_key);
+
+ if (src_size > 0)
+ padlock_cbc_encrypt(dst, src, pcd, src_size);
+
+ return ret ? 0 : GNUTLS_E_ENCRYPTION_FAILED;
+}
+
+static void aes_deinit(void *_ctx)
+{
+ struct padlock_ctx *ctx = _ctx;
+
+ zeroize_temp_key(ctx, sizeof(*ctx));
+ gnutls_free(ctx);
+}
+
+const gnutls_crypto_cipher_st _gnutls_aes_padlock = {
+ .init = aes_cipher_init,
+ .setkey = padlock_aes_cipher_setkey,
+ .setiv = aes_setiv,
+ .encrypt = padlock_aes_cbc_encrypt,
+ .decrypt = padlock_aes_cbc_decrypt,
+ .deinit = aes_deinit,
+};
+
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-14 03:33:51 +0000