-
Notifications
You must be signed in to change notification settings - Fork 128
/
qat_prov_cbc.h
239 lines (212 loc) · 8.61 KB
/
qat_prov_cbc.h
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
/* ====================================================================
*
*
* BSD LICENSE
*
* Copyright(c) 2022-2024 Intel Corporation.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* * Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* * Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
* * Neither the name of Intel Corporation nor the names of its
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
* A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
* OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*
*
* ====================================================================
*/
#ifndef QAT_PROV_CBC_H
# define QAT_PROV_CBC_H
# ifdef QAT_HW
# include <string.h>
# include <openssl/core.h>
# include <openssl/provider.h>
# include <openssl/modes.h>
# include <openssl/types.h>
# include <openssl/core_dispatch.h>
# include <openssl/params.h>
# include <openssl/err.h>
# include <openssl/proverr.h>
# include <openssl/core_names.h>
# include <openssl/evp.h>
# include <openssl/rand.h>
# include <openssl/sha.h>
# include <openssl/prov_ssl.h>
# include <openssl/aes.h>
# include <openssl/sha.h>
#include "qat_hw_ciphers.h"
#include "e_qat.h"
# include "cpa.h"
# include "cpa_types.h"
# include "cpa_cy_sym.h"
# include "cpa_cy_drbg.h"
# include "qat_utils.h"
#define MAXCHUNK ((size_t)1 << (sizeof(long) * 8 - 2))
#define MAXBITCHUNK ((size_t)1 << (sizeof(size_t) * 8 - 4))
#define GENERIC_BLOCK_SIZE 16
#define IV_STATE_UNINITIALISED 0 /* initial state is not initialized */
#define IV_STATE_BUFFERED 1 /* iv has been copied to the iv buffer */
#define IV_STATE_COPIED 2 /* iv has been copied from the iv buffer */
#define IV_STATE_FINISHED 3 /* the iv has been used - so don't reuse it */
#define PROV_CIPHER_FUNC(type, name, args) typedef type (* OSSL_##name##_fn)args
typedef struct prov_cipher_ctx_st PROV_CIPHER_CTX;
/* Internal flags that can be queried */
#define PROV_CIPHER_FLAG_AEAD 0x0001
#define PROV_CIPHER_FLAG_CUSTOM_IV 0x0002
#define PROV_CIPHER_FLAG_CTS 0x0004
#define PROV_CIPHER_FLAG_TLS1_MULTIBLOCK 0x0008
#define PROV_CIPHER_FLAG_RAND_KEY 0x0010
/* Internal flags that are only used within the provider */
#define PROV_CIPHER_FLAG_VARIABLE_LENGTH 0x0100
#define PROV_CIPHER_FLAG_INVERSE_CIPHER 0x0200
typedef struct evp_cipher_st {
int nid;
int block_size;
/* Default value for variable length ciphers */
int key_len;
int iv_len;
/* Legacy structure members */
/* Various flags */
unsigned long flags;
/* How the EVP_CIPHER was created. */
int origin;
/* init key */
int (*init) (EVP_CIPHER_CTX *ctx, const unsigned char *key,
const unsigned char *iv, int enc);
/* encrypt/decrypt data */
int (*do_cipher) (EVP_CIPHER_CTX *ctx, unsigned char *out,
const unsigned char *in, size_t inl);
/* cleanup ctx */
int (*cleanup) (EVP_CIPHER_CTX *);
/* how big ctx->cipher_data needs to be */
int ctx_size;
/* Populate a ASN1_TYPE with parameters */
int (*set_asn1_parameters) (EVP_CIPHER_CTX *, ASN1_TYPE *);
/* Get parameters from a ASN1_TYPE */
int (*get_asn1_parameters) (EVP_CIPHER_CTX *, ASN1_TYPE *);
/* Miscellaneous operations */
int (*ctrl) (EVP_CIPHER_CTX *, int type, int arg, void *ptr);
/* Application data */
void *app_data;
/* New structure members */
/* Above comment to be removed when legacy has gone */
int name_id;
char *type_name;
const char *description;
OSSL_PROVIDER *prov;
CRYPTO_REF_COUNT references;
# if OPENSSL_VERSION_NUMBER < 0x30200000
CRYPTO_RWLOCK *lock;
# endif
OSSL_FUNC_cipher_newctx_fn *newctx;
OSSL_FUNC_cipher_encrypt_init_fn *einit;
OSSL_FUNC_cipher_decrypt_init_fn *dinit;
OSSL_FUNC_cipher_update_fn *cupdate;
OSSL_FUNC_cipher_final_fn *cfinal;
OSSL_FUNC_cipher_cipher_fn *ccipher;
OSSL_FUNC_cipher_freectx_fn *freectx;
OSSL_FUNC_cipher_dupctx_fn *dupctx;
OSSL_FUNC_cipher_get_params_fn *get_params;
OSSL_FUNC_cipher_get_ctx_params_fn *get_ctx_params;
OSSL_FUNC_cipher_set_ctx_params_fn *set_ctx_params;
OSSL_FUNC_cipher_gettable_params_fn *gettable_params;
OSSL_FUNC_cipher_gettable_ctx_params_fn *gettable_ctx_params;
OSSL_FUNC_cipher_settable_ctx_params_fn *settable_ctx_params;
}PROV_EVP_CIPHER;
struct prov_cipher_ctx_st {
int nid;
block128_f block;
union {
cbc128_f cbc;
ctr128_f ctr;
ecb128_f ecb;
} stream;
unsigned int mode;
size_t keylen; /* key size (in bytes) */
size_t ivlen;
size_t blocksize;
size_t bufsz; /* Number of bytes in buf */
unsigned int cts_mode; /* Use to set the type for CTS modes */
unsigned int pad : 1; /* Whether padding should be used or not */
unsigned int enc : 1; /* Set to 1 for encrypt, or 0 otherwise */
unsigned int iv_set : 1; /* Set when the iv is copied to the iv/oiv buffers */
unsigned int updated : 1; /* Set to 1 during update for one shot ciphers */
unsigned int variable_keylength : 1;
unsigned int inverse_cipher : 1; /* set to 1 to use inverse cipher */
unsigned int use_bits : 1; /* Set to 0 for cfb1 to use bits instead of bytes */
unsigned int tlsversion; /* If TLS padding is in use the TLS version number */
unsigned char *tlsmac; /* tls MAC extracted from the last record */
int alloced; /*
* Whether the tlsmac data has been allocated or
* points into the user buffer.
*/
size_t tlsmacsize; /* Size of the TLS MAC */
int removetlspad; /* Whether TLS padding should be removed or not */
size_t removetlsfixed; /*
* Length of the fixed size data to remove when
* processing TLS data (equals mac size plus
* IV size if applicable)
*/
/*
* num contains the number of bytes of |iv| which are valid for modes that
* manage partial blocks themselves.
*/
unsigned int num;
/* The original value of the iv */
unsigned char oiv[GENERIC_BLOCK_SIZE];
/* Buffer of partial blocks processed via update calls */
unsigned char buf[GENERIC_BLOCK_SIZE];
unsigned char iv[GENERIC_BLOCK_SIZE];
const void *ks; /* Pointer to algorithm specific key data */
OSSL_LIB_CTX *libctx;
void *qat_cipher_ctx;
EVP_CIPHER_CTX *sw_ctx;
EVP_CIPHER *sw_cipher;
};
typedef struct prov_aes_hmac_sha_ctx_st {
PROV_CIPHER_CTX base;
AES_KEY ks;
size_t payload_length; /* AAD length in decrypt case */
union {
unsigned int tls_ver;
unsigned char tls_aad[16]; /* 13 used */
} aux;
/* some value that are setup by set methods - that can be retrieved */
unsigned int multiblock_interleave;
unsigned int multiblock_aad_packlen;
size_t multiblock_max_send_fragment;
size_t multiblock_encrypt_len;
size_t tls_aad_pad;
} PROV_AES_HMAC_SHA_CTX;
typedef struct prov_aes_hmac_sha1_ctx_st {
PROV_AES_HMAC_SHA_CTX base_ctx;
SHA_CTX head, tail, md;
} PROV_AES_HMAC_SHA1_CTX;
typedef struct prov_aes_hmac_sha256_ctx_st {
PROV_AES_HMAC_SHA_CTX base_ctx;
SHA256_CTX head, tail, md;
} PROV_AES_HMAC_SHA256_CTX;
PROV_EVP_CIPHER get_default_cipher_aes_cbc(int nid);
const char *qat_get_cipher_name_from_nid(int nid);
# endif /* QAT_HW */
#endif /* QAT_PROV_CBC_H */