search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Remove building with NOCRYPTO option
[minix.git] / external / bsd / bind / dist / lib / isc / aes.c
blob026d52ddf156a6d24ec97b2696efa4620f2fe847
1 /* $NetBSD: aes.c,v 1.1.1.4 2014/12/10 03:34:43 christos Exp $ */
2
3 /*
4 * Copyright (C) 2014 Internet Systems Consortium, Inc. ("ISC")
5 *
6 * Permission to use, copy, modify, and/or distribute this software for any
7 * purpose with or without fee is hereby granted, provided that the above
8 * copyright notice and this permission notice appear in all copies.
9 *
10 * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
11 * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
12 * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
13 * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
14 * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
15 * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
16 * PERFORMANCE OF THIS SOFTWARE.
17 */
18
19 /* Id */
20
21 /*! \file isc/aes.c */
22
23 #include "config.h"
24
25 #include <isc/assertions.h>
26 #include <isc/aes.h>
27 #include <isc/platform.h>
28 #include <isc/string.h>
29 #include <isc/types.h>
30 #include <isc/util.h>
31
32 #ifdef ISC_PLATFORM_WANTAES
33 #if HAVE_OPENSSL_EVP_AES
34
35 #include <openssl/evp.h>
36
37 void
38 isc_aes128_crypt(const unsigned char *key, const unsigned char *in,
39 unsigned char *out)
40 {
41 EVP_CIPHER_CTX c;
42 int len;
43
44 EVP_CIPHER_CTX_init(&c);
45 RUNTIME_CHECK(EVP_EncryptInit(&c, EVP_aes_128_ecb(), key, NULL) == 1);
46 EVP_CIPHER_CTX_set_padding(&c, 0);
47 RUNTIME_CHECK(EVP_EncryptUpdate(&c, out, &len, in,
48 ISC_AES_BLOCK_LENGTH) == 1);
49 RUNTIME_CHECK(len == ISC_AES_BLOCK_LENGTH);
50 RUNTIME_CHECK(EVP_CIPHER_CTX_cleanup(&c) == 1);
51 }
52
53 void
54 isc_aes192_crypt(const unsigned char *key, const unsigned char *in,
55 unsigned char *out)
56 {
57 EVP_CIPHER_CTX c;
58 int len;
59
60 EVP_CIPHER_CTX_init(&c);
61 RUNTIME_CHECK(EVP_EncryptInit(&c, EVP_aes_192_ecb(), key, NULL) == 1);
62 EVP_CIPHER_CTX_set_padding(&c, 0);
63 RUNTIME_CHECK(EVP_EncryptUpdate(&c, out, &len, in,
64 ISC_AES_BLOCK_LENGTH) == 1);
65 RUNTIME_CHECK(len == ISC_AES_BLOCK_LENGTH);
66 RUNTIME_CHECK(EVP_CIPHER_CTX_cleanup(&c) == 1);
67 }
68
69 void
70 isc_aes256_crypt(const unsigned char *key, const unsigned char *in,
71 unsigned char *out)
72 {
73 EVP_CIPHER_CTX c;
74 int len;
75
76 EVP_CIPHER_CTX_init(&c);
77 RUNTIME_CHECK(EVP_EncryptInit(&c, EVP_aes_256_ecb(), key, NULL) == 1);
78 EVP_CIPHER_CTX_set_padding(&c, 0);
79 RUNTIME_CHECK(EVP_EncryptUpdate(&c, out, &len, in,
80 ISC_AES_BLOCK_LENGTH) == 1);
81 RUNTIME_CHECK(len == ISC_AES_BLOCK_LENGTH);
82 RUNTIME_CHECK(EVP_CIPHER_CTX_cleanup(&c) == 1);
83 }
84
85 #elif HAVE_OPENSSL_AES
86
87 #include <openssl/aes.h>
88
89 void
90 isc_aes128_crypt(const unsigned char *key, const unsigned char *in,
91 unsigned char *out)
92 {
93 AES_KEY k;
94
95 RUNTIME_CHECK(AES_set_encrypt_key(key, 128, &k) == 0);
96 AES_encrypt(in, out, &k);
97 }
98
99 void
100 isc_aes192_crypt(const unsigned char *key, const unsigned char *in,
101 unsigned char *out)
102 {
103 AES_KEY k;
104
105 RUNTIME_CHECK(AES_set_encrypt_key(key, 192, &k) == 0);
106 AES_encrypt(in, out, &k);
107 }
108
109 void
110 isc_aes256_crypt(const unsigned char *key, const unsigned char *in,
111 unsigned char *out)
112 {
113 AES_KEY k;
114
115 RUNTIME_CHECK(AES_set_encrypt_key(key, 256, &k) == 0);
116 AES_encrypt(in, out, &k);
117 }
118
119 #elif PKCS11CRYPTO
120
121 #include <pk11/pk11.h>
122 #include <pk11/internal.h>
123
124 static CK_BBOOL truevalue = TRUE;
125 static CK_BBOOL falsevalue = FALSE;
126
127 static void isc_aes_crypt(const unsigned char *key, CK_ULONG keylen,
128 const unsigned char *in, unsigned char *out);
129
130 void
131 isc_aes128_crypt(const unsigned char *key, const unsigned char *in,
132 unsigned char *out)
133 {
134 isc_aes_crypt(key, ISC_AES128_KEYLENGTH, in, out);
135 }
136
137 void
138 isc_aes192_crypt(const unsigned char *key, const unsigned char *in,
139 unsigned char *out)
140 {
141 isc_aes_crypt(key, ISC_AES192_KEYLENGTH, in, out);
142 }
143
144 void
145 isc_aes256_crypt(const unsigned char *key, const unsigned char *in,
146 unsigned char *out)
147 {
148 isc_aes_crypt(key, ISC_AES256_KEYLENGTH, in, out);
149 }
150
151 static void
152 isc_aes_crypt(const unsigned char *key, CK_ULONG keylen,
153 const unsigned char *in, unsigned char *out)
154 {
155 CK_RV rv;
156 CK_MECHANISM mech = { CKM_AES_ECB, NULL, 0 };
157 CK_OBJECT_CLASS keyClass = CKO_SECRET_KEY;
158 CK_KEY_TYPE keyType = CKK_AES;
159 CK_ATTRIBUTE keyTemplate[] =
160 {
161 { CKA_CLASS, &keyClass, (CK_ULONG) sizeof(keyClass) },
162 { CKA_KEY_TYPE, &keyType, (CK_ULONG) sizeof(keyType) },
163 { CKA_TOKEN, &falsevalue, (CK_ULONG) sizeof(falsevalue) },
164 { CKA_PRIVATE, &falsevalue, (CK_ULONG) sizeof(falsevalue) },
165 { CKA_ENCRYPT, &truevalue, (CK_ULONG) sizeof(truevalue) },
166 { CKA_VALUE, NULL, keylen }
167 };
168 CK_ULONG blocklen;
169 CK_BYTE_PTR pData;
170 pk11_context_t ctx;
171
172 DE_CONST(key, keyTemplate[5].pValue);
173 RUNTIME_CHECK(pk11_get_session(&ctx, OP_AES, ISC_TRUE, ISC_FALSE,
174 ISC_FALSE, NULL, 0) == ISC_R_SUCCESS);
175 ctx.object = CK_INVALID_HANDLE;
176 PK11_FATALCHECK(pkcs_C_CreateObject,
177 (ctx.session, keyTemplate,
178 (CK_ULONG) 6, &ctx.object));
179 INSIST(ctx.object != CK_INVALID_HANDLE);
180 PK11_FATALCHECK(pkcs_C_EncryptInit,
181 (ctx.session, &mech, ctx.object));
182
183 DE_CONST(in, pData);
184 blocklen = (CK_ULONG) ISC_AES_BLOCK_LENGTH;
185 PK11_FATALCHECK(pkcs_C_Encrypt,
186 (ctx.session,
187 pData, (CK_ULONG) ISC_AES_BLOCK_LENGTH,
188 out, &blocklen));
189 RUNTIME_CHECK(blocklen == (CK_ULONG) ISC_AES_BLOCK_LENGTH);
190
191 (void) pkcs_C_DestroyObject(ctx.session, ctx.object);
192 ctx.object = CK_INVALID_HANDLE;
193 pk11_return_session(&ctx);
194
195 }
196
197 #endif
198 #endif /* ISC_PLATFORM_WANTAES */
MINIX 3 (repo.or.cz mirror)