Line data Source code
1 : /*
2 : * Copyright (C) 2000-2012 Free Software Foundation, Inc.
3 : *
4 : * Author: Nikos Mavrogiannopoulos
5 : *
6 : * This file is part of GnuTLS.
7 : *
8 : * The GnuTLS is free software; you can redistribute it and/or
9 : * modify it under the terms of the GNU Lesser General Public License
10 : * as published by the Free Software Foundation; either version 2.1 of
11 : * the License, or (at your option) any later version.
12 : *
13 : * This library is distributed in the hope that it will be useful, but
14 : * WITHOUT ANY WARRANTY; without even the implied warranty of
15 : * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 : * Lesser General Public License for more details.
17 : *
18 : * You should have received a copy of the GNU Lesser General Public License
19 : * along with this program. If not, see <https://www.gnu.org/licenses/>
20 : *
21 : */
22 :
23 : #ifndef GNUTLS_LIB_CIPHER_INT_H
24 : #define GNUTLS_LIB_CIPHER_INT_H
25 :
26 : #include <gnutls/crypto.h>
27 : #include "errors.h"
28 : #include <crypto-backend.h>
29 :
30 : extern int crypto_cipher_prio;
31 : extern gnutls_crypto_cipher_st _gnutls_cipher_ops;
32 :
33 : typedef int (*cipher_encrypt_func) (void *hd, const void *plaintext,
34 : size_t, void *ciphertext, size_t);
35 : typedef int (*cipher_decrypt_func) (void *hd, const void *ciphertext,
36 : size_t, void *plaintext, size_t);
37 : typedef int (*aead_cipher_encrypt_func) (void *hd,
38 : const void *nonce, size_t,
39 : const void *auth, size_t,
40 : size_t tag,
41 : const void *plaintext, size_t,
42 : void *ciphertext, size_t);
43 : typedef int (*aead_cipher_decrypt_func) (void *hd,
44 : const void *nonce, size_t,
45 : const void *auth, size_t,
46 : size_t tag,
47 : const void *ciphertext, size_t,
48 : void *plaintext, size_t);
49 : typedef void (*cipher_deinit_func) (void *hd);
50 :
51 : typedef int (*cipher_auth_func) (void *hd, const void *data, size_t);
52 : typedef int (*cipher_setiv_func) (void *hd, const void *iv, size_t);
53 : typedef int (*cipher_getiv_func) (void *hd, void *iv, size_t);
54 :
55 : typedef int (*cipher_setkey_func) (void *hd, const void *key, size_t keysize);
56 :
57 : typedef void (*cipher_tag_func) (void *hd, void *tag, size_t);
58 :
59 : typedef struct {
60 : void *handle;
61 : const cipher_entry_st *e;
62 : cipher_encrypt_func encrypt;
63 : cipher_decrypt_func decrypt;
64 : aead_cipher_encrypt_func aead_encrypt;
65 : aead_cipher_decrypt_func aead_decrypt;
66 : cipher_auth_func auth;
67 : cipher_tag_func tag;
68 : cipher_setiv_func setiv;
69 : cipher_getiv_func getiv;
70 : cipher_setkey_func setkey;
71 : cipher_deinit_func deinit;
72 : } cipher_hd_st;
73 :
74 : int _gnutls_cipher_init(cipher_hd_st *, const cipher_entry_st * e,
75 : const gnutls_datum_t * key,
76 : const gnutls_datum_t * iv, int enc);
77 :
78 1061895 : inline static int _gnutls_cipher_setiv(const cipher_hd_st * handle,
79 : const void *iv, size_t ivlen)
80 : {
81 1061895 : return handle->setiv(handle->handle, iv, ivlen);
82 : }
83 :
84 15 : inline static int _gnutls_cipher_getiv(const cipher_hd_st * handle,
85 : void *iv, size_t ivlen)
86 : {
87 15 : if (unlikely(handle == NULL || handle->handle == NULL ||
88 : handle->getiv == NULL))
89 : return GNUTLS_E_INVALID_REQUEST;
90 :
91 15 : return handle->getiv(handle->handle, iv, ivlen);
92 : }
93 :
94 20 : inline static int _gnutls_cipher_setkey(const cipher_hd_st * handle,
95 : const void *key, size_t keylen)
96 : {
97 20 : return handle->setkey(handle->handle, key, keylen);
98 : }
99 :
100 : inline static int
101 2717277 : _gnutls_cipher_encrypt2(const cipher_hd_st * handle, const void *text,
102 : size_t textlen, void *ciphertext,
103 : size_t ciphertextlen)
104 : {
105 2717277 : if (likely(handle != NULL && handle->handle != NULL)) {
106 2717277 : if (handle->encrypt == NULL) {
107 : return (GNUTLS_E_INVALID_REQUEST);
108 : }
109 2717277 : return handle->encrypt(handle->handle, text, textlen,
110 : ciphertext, ciphertextlen);
111 : }
112 :
113 : return 0;
114 : }
115 :
116 : inline static int
117 1033672 : _gnutls_cipher_decrypt2(const cipher_hd_st * handle,
118 : const void *ciphertext, size_t ciphertextlen,
119 : void *text, size_t textlen)
120 : {
121 1033672 : if (likely(handle != NULL && handle->handle != NULL)) {
122 1033672 : if (handle->decrypt == NULL) {
123 : return (GNUTLS_E_INVALID_REQUEST);
124 : }
125 1033672 : return handle->decrypt(handle->handle, ciphertext,
126 : ciphertextlen, text, textlen);
127 : }
128 :
129 : return 0;
130 : }
131 :
132 : inline static int
133 798036 : _gnutls_aead_cipher_encrypt(const cipher_hd_st * handle,
134 : const void *nonce, size_t nonce_len,
135 : const void *auth, size_t auth_len,
136 : size_t tag,
137 : const void *text, size_t textlen,
138 : void *ciphertext, size_t ciphertextlen)
139 : {
140 798036 : if (likely(handle != NULL && handle->handle != NULL && handle->aead_encrypt != NULL)) {
141 798036 : return handle->aead_encrypt(handle->handle,
142 : nonce, nonce_len,
143 : auth, auth_len,
144 : tag,
145 : text, textlen,
146 : ciphertext, ciphertextlen);
147 : }
148 :
149 : return GNUTLS_E_INVALID_REQUEST;
150 : }
151 :
152 : inline static int
153 1195278 : _gnutls_aead_cipher_decrypt(const cipher_hd_st * handle,
154 : const void *nonce, size_t nonce_len,
155 : const void *auth, size_t auth_len,
156 : size_t tag,
157 : const void *ciphertext, size_t ciphertextlen,
158 : void *text, size_t textlen)
159 : {
160 1195278 : if (likely(handle != NULL && handle->handle != NULL && handle->aead_decrypt != NULL)) {
161 1195278 : return handle->aead_decrypt(handle->handle,
162 : nonce, nonce_len,
163 : auth, auth_len,
164 : tag,
165 : ciphertext, ciphertextlen,
166 : text, textlen);
167 : }
168 :
169 : return GNUTLS_E_INVALID_REQUEST;
170 : }
171 :
172 52556 : inline static void _gnutls_cipher_deinit(cipher_hd_st * handle)
173 : {
174 52556 : if (likely(handle != NULL && handle->handle != NULL)) {
175 52512 : handle->deinit(handle->handle);
176 52556 : handle->handle = NULL;
177 : }
178 : }
179 :
180 : int _gnutls_cipher_exists(gnutls_cipher_algorithm_t cipher);
181 :
182 : int _gnutls_cipher_get_iv(gnutls_cipher_hd_t handle, void *iv,
183 : size_t ivlen);
184 :
185 : int _gnutls_cipher_set_key(gnutls_cipher_hd_t handle, void *key, size_t keylen);
186 :
187 : #define _gnutls_cipher_is_aead(h) _gnutls_cipher_algo_is_aead((h)->e)
188 :
189 : /* returns the tag in AUTHENC ciphers */
190 418312 : inline static void _gnutls_cipher_tag(const cipher_hd_st * handle,
191 : void *tag, size_t tag_size)
192 : {
193 418312 : if (likely(handle != NULL && handle->handle != NULL)) {
194 418312 : handle->tag(handle->handle, tag, tag_size);
195 : }
196 : }
197 :
198 : /* Add auth data for AUTHENC ciphers
199 : */
200 418310 : inline static int _gnutls_cipher_auth(const cipher_hd_st * handle,
201 : const void *text, size_t textlen)
202 : {
203 418310 : if (likely(handle != NULL && handle->handle != NULL)) {
204 418310 : return handle->auth(handle->handle, text, textlen);
205 : }
206 : return GNUTLS_E_INTERNAL_ERROR;
207 : }
208 :
209 : #define _gnutls_cipher_encrypt(x,y,z) _gnutls_cipher_encrypt2(x,y,z,y,z)
210 : #define _gnutls_cipher_decrypt(x,y,z) _gnutls_cipher_decrypt2(x,y,z,y,z)
211 :
212 : /* auth_cipher API. Allows combining a cipher with a MAC.
213 : */
214 :
215 : typedef struct {
216 : cipher_hd_st cipher;
217 : union {
218 : digest_hd_st dig;
219 : mac_hd_st mac;
220 : } mac;
221 : unsigned int is_mac:1;
222 : #ifdef ENABLE_SSL3
223 : unsigned int ssl_hmac:1;
224 : #endif
225 : #ifdef ENABLE_GOST
226 : unsigned int continuous_mac:1;
227 : #endif
228 : unsigned int non_null:1;
229 : unsigned int etm:1;
230 : size_t tag_size;
231 : } auth_cipher_hd_st;
232 :
233 : int _gnutls_auth_cipher_init(auth_cipher_hd_st * handle,
234 : const cipher_entry_st * e,
235 : const gnutls_datum_t * cipher_key,
236 : const gnutls_datum_t * iv,
237 : const mac_entry_st * me,
238 : const gnutls_datum_t * mac_key,
239 : unsigned etm,
240 : #ifdef ENABLE_SSL3
241 : unsigned ssl_hmac,
242 : #endif
243 : int enc);
244 :
245 : int _gnutls_auth_cipher_add_auth(auth_cipher_hd_st * handle,
246 : const void *text, int textlen);
247 :
248 : int _gnutls_auth_cipher_encrypt2_tag(auth_cipher_hd_st * handle,
249 : const uint8_t * text, int textlen,
250 : void *ciphertext, int ciphertextlen,
251 : int pad_size);
252 : int _gnutls_auth_cipher_decrypt2(auth_cipher_hd_st * handle,
253 : const void *ciphertext, int ciphertextlen,
254 : void *text, int textlen);
255 : int _gnutls_auth_cipher_tag(auth_cipher_hd_st * handle, void *tag,
256 : int tag_size);
257 :
258 643185 : inline static int _gnutls_auth_cipher_setiv(const auth_cipher_hd_st *
259 : handle, const void *iv,
260 : size_t ivlen)
261 : {
262 643185 : return _gnutls_cipher_setiv(&handle->cipher, iv, ivlen);
263 : }
264 :
265 4724431 : inline static size_t _gnutls_auth_cipher_tag_len(auth_cipher_hd_st *
266 : handle)
267 : {
268 4724431 : return handle->tag_size;
269 : }
270 :
271 : #define _gnutls_auth_cipher_is_aead(h) _gnutls_cipher_is_aead(&(h)->cipher)
272 :
273 : void _gnutls_auth_cipher_deinit(auth_cipher_hd_st * handle);
274 :
275 :
276 : #endif /* GNUTLS_LIB_CIPHER_INT_H */
|