src/crypto/axtls_aes.c

   1 /*
   2  * Copyright (C) 2007 Michael Brown <mbrown@fensystems.co.uk>.
   3  *
   4  * This program is free software; you can redistribute it and/or
   5  * modify it under the terms of the GNU General Public License as
   6  * published by the Free Software Foundation; either version 2 of the
   7  * License, or any later version.
   8  *
   9  * This program is distributed in the hope that it will be useful, but
  10  * WITHOUT ANY WARRANTY; without even the implied warranty of
  11  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  12  * General Public License for more details.
  13  *
  14  * You should have received a copy of the GNU General Public License
  15  * along with this program; if not, write to the Free Software
  16  * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
  17  */
  18
  19 FILE_LICENCE ( GPL2_OR_LATER );
  20
  21 #include <string.h>
  22 #include <errno.h>
  23 #include <byteswap.h>
  24 #include <gpxe/crypto.h>
  25 #include <gpxe/cbc.h>
  26 #include <gpxe/aes.h>
  27 #include "crypto/axtls/crypto.h"
  28
  29 /** @file
  30  *
  31  * AES algorithm
  32  *
  33  */
  34
  35 /** Basic AES blocksize */
  36 #define AES_BLOCKSIZE 16
  37
  38 /** AES context */
  39 struct aes_context {
  40         /** AES context for AXTLS */
  41         AES_CTX axtls_ctx;
  42         /** Cipher is being used for decrypting */
  43         int decrypting;
  44 };
  45
  46 /**
  47  * Set key
  48  *
  49  * @v ctx               Context
  50  * @v key               Key
  51  * @v keylen            Key length
  52  * @ret rc              Return status code
  53  */
  54 static int aes_setkey ( void *ctx, const void *key, size_t keylen ) {
  55         struct aes_context *aes_ctx = ctx;
  56         AES_MODE mode;
  57         void *iv;
  58
  59         switch ( keylen ) {
  60         case ( 128 / 8 ):
  61                 mode = AES_MODE_128;
  62                 break;
  63         case ( 256 / 8 ):
  64                 mode = AES_MODE_256;
  65                 break;
  66         default:
  67                 return -EINVAL;
  68         }
  69
  70         /* IV is not a relevant concept at this stage; use a dummy
  71          * value that will have no side-effects.
  72          */
  73         iv = &aes_ctx->axtls_ctx.iv;
  74
  75         AES_set_key ( &aes_ctx->axtls_ctx, key, iv, mode );
  76
  77         aes_ctx->decrypting = 0;
  78
  79         return 0;
  80 }
  81
  82 /**
  83  * Set initialisation vector
  84  *
  85  * @v ctx               Context
  86  * @v iv                Initialisation vector
  87  */
  88 static void aes_setiv ( void *ctx __unused, const void *iv __unused ) {
  89         /* Nothing to do */
  90 }
  91
  92 /**
  93  * Call AXTLS' AES_encrypt() or AES_decrypt() functions
  94  *
  95  * @v axtls_ctx         AXTLS AES context
  96  * @v src               Data to process
  97  * @v dst               Buffer for output
  98  * @v func              AXTLS AES function to call
  99  */
 100 static void aes_call_axtls ( AES_CTX *axtls_ctx, const void *src, void *dst,
 101                              void ( * func ) ( const AES_CTX *axtls_ctx,
 102                                                uint32_t *data ) ){
 103         const uint32_t *srcl = src;
 104         uint32_t *dstl = dst;
 105         unsigned int i;
 106
 107         /* AXTLS' AES_encrypt() and AES_decrypt() functions both
 108          * expect to deal with an array of four dwords in host-endian
 109          * order.
 110          */
 111         for ( i = 0 ; i < 4 ; i++ )
 112                 dstl[i] = ntohl ( srcl[i] );
 113         func ( axtls_ctx, dstl );
 114         for ( i = 0 ; i < 4 ; i++ )
 115                 dstl[i] = htonl ( dstl[i] );
 116 }
 117
 118 /**
 119  * Encrypt data
 120  *
 121  * @v ctx               Context
 122  * @v src               Data to encrypt
 123  * @v dst               Buffer for encrypted data
 124  * @v len               Length of data
 125  */
 126 static void aes_encrypt ( void *ctx, const void *src, void *dst,
 127                           size_t len ) {
 128         struct aes_context *aes_ctx = ctx;
 129
 130         assert ( len == AES_BLOCKSIZE );
 131         if ( aes_ctx->decrypting )
 132                 assert ( 0 );
 133         aes_call_axtls ( &aes_ctx->axtls_ctx, src, dst, AES_encrypt );
 134 }
 135
 136 /**
 137  * Decrypt data
 138  *
 139  * @v ctx               Context
 140  * @v src               Data to decrypt
 141  * @v dst               Buffer for decrypted data
 142  * @v len               Length of data
 143  */
 144 static void aes_decrypt ( void *ctx, const void *src, void *dst,
 145                           size_t len ) {
 146         struct aes_context *aes_ctx = ctx;
 147
 148         assert ( len == AES_BLOCKSIZE );
 149         if ( ! aes_ctx->decrypting ) {
 150                 AES_convert_key ( &aes_ctx->axtls_ctx );
 151                 aes_ctx->decrypting = 1;
 152         }
 153         aes_call_axtls ( &aes_ctx->axtls_ctx, src, dst, AES_decrypt );
 154 }
 155
 156 /** Basic AES algorithm */
 157 static struct cipher_algorithm aes_algorithm = {
 158         .name = "aes",
 159         .ctxsize = sizeof ( struct aes_context ),
 160         .blocksize = AES_BLOCKSIZE,
 161         .setkey = aes_setkey,
 162         .setiv = aes_setiv,
 163         .encrypt = aes_encrypt,
 164         .decrypt = aes_decrypt,
 165 };
 166
 167 /* AES with cipher-block chaining */
 168 CBC_CIPHER ( aes_cbc, aes_cbc_algorithm,
 169              aes_algorithm, struct aes_context, AES_BLOCKSIZE );