Blame - library/block_cipher.c - mirror/mbed-tls

blob: 0fd78abdbd950f930167fbad1bc8a3e04c63b8e2 [file] [log] [blame]

Manuel Pégourié-Gonnard	2171876	2023-11-10 11:21:17 +0100	[diff] [blame]	1	/**
				2	* \file block_cipher.c
				3	*
				4	* \brief Lightweight abstraction layer for block ciphers with 128 bit blocks,
				5	* for use by the GCM and CCM modules.
				6	*/
				7	/*
				8	* Copyright The Mbed TLS Contributors
				9	* SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
				10	*/
				11
				12	#include "common.h"
				13
Valerio Setti	c1db99d	2023-12-12 11:19:17 +0100	[diff] [blame^]	14	#if defined(MBEDTLS_BLOCK_CIPHER_SOME_PSA)
				15	#include "psa_crypto_core.h"
				16	#include "psa/crypto.h"
				17	#include "psa_util_internal.h"
				18	#endif
				19
Manuel Pégourié-Gonnard	2171876	2023-11-10 11:21:17 +0100	[diff] [blame]	20	#include "block_cipher_internal.h"
				21
				22	#if defined(MBEDTLS_BLOCK_CIPHER_C)
				23
Valerio Setti	c1db99d	2023-12-12 11:19:17 +0100	[diff] [blame^]	24	#if defined(MBEDTLS_BLOCK_CIPHER_SOME_PSA)
				25	static psa_key_type_t psa_key_type_from_cipher_id(mbedtls_cipher_id_t cipher_id)
				26	{
				27	switch (cipher_id) {
				28	#if defined(MBEDTLS_BLOCK_CIPHER_AES_VIA_PSA)
				29	case MBEDTLS_CIPHER_ID_AES:
				30	return PSA_KEY_TYPE_AES;
				31	#endif
				32	#if defined(MBEDTLS_BLOCK_CIPHER_ARIA_VIA_PSA)
				33	case MBEDTLS_CIPHER_ID_ARIA:
				34	return PSA_KEY_TYPE_ARIA;
				35	#endif
				36	#if defined(MBEDTLS_BLOCK_CIPHER_CAMELLIA_VIA_PSA)
				37	case MBEDTLS_CIPHER_ID_CAMELLIA:
				38	return PSA_KEY_TYPE_CAMELLIA;
				39	#endif
				40	default:
				41	return PSA_KEY_TYPE_NONE;
				42	}
				43	}
				44
				45	int mbedtls_cipher_error_from_psa(psa_status_t status)
				46	{
				47	return PSA_TO_MBEDTLS_ERR_LIST(status, psa_to_cipher_errors,
				48	psa_generic_status_to_mbedtls);
				49	}
				50	#endif /* MBEDTLS_BLOCK_CIPHER_SOME_PSA */
				51
Manuel Pégourié-Gonnard	2171876	2023-11-10 11:21:17 +0100	[diff] [blame]	52	void mbedtls_block_cipher_free(mbedtls_block_cipher_context_t *ctx)
				53	{
Valerio Setti	c1db99d	2023-12-12 11:19:17 +0100	[diff] [blame^]	54	#if defined(MBEDTLS_BLOCK_CIPHER_SOME_PSA)
				55	if (ctx->engine == MBEDTLS_BLOCK_CIPHER_ENGINE_PSA) {
				56	psa_cipher_abort(&ctx->psa_operation);
				57	psa_destroy_key(ctx->psa_key_id);
				58	return;
				59	}
				60	#endif
Manuel Pégourié-Gonnard	2171876	2023-11-10 11:21:17 +0100	[diff] [blame]	61	switch (ctx->id) {
				62	#if defined(MBEDTLS_AES_C)
				63	case MBEDTLS_BLOCK_CIPHER_ID_AES:
				64	mbedtls_aes_free(&ctx->ctx.aes);
				65	break;
				66	#endif
				67	#if defined(MBEDTLS_ARIA_C)
				68	case MBEDTLS_BLOCK_CIPHER_ID_ARIA:
				69	mbedtls_aria_free(&ctx->ctx.aria);
				70	break;
				71	#endif
				72	#if defined(MBEDTLS_CAMELLIA_C)
				73	case MBEDTLS_BLOCK_CIPHER_ID_CAMELLIA:
				74	mbedtls_camellia_free(&ctx->ctx.camellia);
				75	break;
				76	#endif
				77	default:
				78	break;
				79	}
				80	ctx->id = MBEDTLS_BLOCK_CIPHER_ID_NONE;
				81	}
				82
				83	int mbedtls_block_cipher_setup(mbedtls_block_cipher_context_t *ctx,
				84	mbedtls_cipher_id_t cipher_id)
				85	{
Valerio Setti	c1db99d	2023-12-12 11:19:17 +0100	[diff] [blame^]	86	#if defined(MBEDTLS_BLOCK_CIPHER_SOME_PSA)
				87	if (psa_can_do_cipher(cipher_id)) {
				88	ctx->psa_key_type = psa_key_type_from_cipher_id(cipher_id);
				89	if (ctx->psa_key_type != PSA_KEY_TYPE_NONE) {
				90	ctx->engine = MBEDTLS_BLOCK_CIPHER_ENGINE_PSA;
				91	return 0;
				92	}
				93	}
				94	ctx->engine = MBEDTLS_BLOCK_CIPHER_ENGINE_LEGACY;
				95	#endif
				96
Manuel Pégourié-Gonnard	2171876	2023-11-10 11:21:17 +0100	[diff] [blame]	97	switch (cipher_id) {
				98	#if defined(MBEDTLS_AES_C)
				99	case MBEDTLS_CIPHER_ID_AES:
				100	ctx->id = MBEDTLS_BLOCK_CIPHER_ID_AES;
				101	mbedtls_aes_init(&ctx->ctx.aes);
				102	return 0;
				103	#endif
				104	#if defined(MBEDTLS_ARIA_C)
				105	case MBEDTLS_CIPHER_ID_ARIA:
				106	ctx->id = MBEDTLS_BLOCK_CIPHER_ID_ARIA;
				107	mbedtls_aria_init(&ctx->ctx.aria);
				108	return 0;
				109	#endif
				110	#if defined(MBEDTLS_CAMELLIA_C)
				111	case MBEDTLS_CIPHER_ID_CAMELLIA:
				112	ctx->id = MBEDTLS_BLOCK_CIPHER_ID_CAMELLIA;
				113	mbedtls_camellia_init(&ctx->ctx.camellia);
				114	return 0;
				115	#endif
				116	default:
				117	return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
				118	}
				119	}
				120
Manuel Pégourié-Gonnard	3e0884f	2023-11-10 11:52:10 +0100	[diff] [blame]	121	int mbedtls_block_cipher_setkey(mbedtls_block_cipher_context_t *ctx,
				122	const unsigned char *key,
				123	unsigned key_bitlen)
				124	{
Valerio Setti	c1db99d	2023-12-12 11:19:17 +0100	[diff] [blame^]	125	#if defined(MBEDTLS_BLOCK_CIPHER_SOME_PSA)
				126	if (ctx->engine == MBEDTLS_BLOCK_CIPHER_ENGINE_PSA) {
				127	psa_key_attributes_t key_attr = PSA_KEY_ATTRIBUTES_INIT;
				128	psa_status_t status;
				129
				130	psa_set_key_type(&key_attr, ctx->psa_key_type);
				131	psa_set_key_bits(&key_attr, key_bitlen);
				132	psa_set_key_algorithm(&key_attr, PSA_ALG_ECB_NO_PADDING);
				133	psa_set_key_usage_flags(&key_attr, PSA_KEY_USAGE_ENCRYPT);
				134
				135	status = psa_import_key(&key_attr, key, key_bitlen/8, &ctx->psa_key_id);
				136	if (status != PSA_SUCCESS) {
				137	return mbedtls_cipher_error_from_psa(status);
				138	}
				139	psa_reset_key_attributes(&key_attr);
				140
				141	status = psa_cipher_encrypt_setup(&ctx->psa_operation, ctx->psa_key_id,
				142	PSA_ALG_ECB_NO_PADDING);
				143	if (status != PSA_SUCCESS) {
				144	return mbedtls_cipher_error_from_psa(status);
				145	}
				146
				147	return 0;
				148	}
				149	#endif /* MBEDTLS_BLOCK_CIPHER_SOME_PSA */
				150
Manuel Pégourié-Gonnard	3e0884f	2023-11-10 11:52:10 +0100	[diff] [blame]	151	switch (ctx->id) {
				152	#if defined(MBEDTLS_AES_C)
				153	case MBEDTLS_BLOCK_CIPHER_ID_AES:
				154	return mbedtls_aes_setkey_enc(&ctx->ctx.aes, key, key_bitlen);
				155	#endif
				156	#if defined(MBEDTLS_ARIA_C)
				157	case MBEDTLS_BLOCK_CIPHER_ID_ARIA:
				158	return mbedtls_aria_setkey_enc(&ctx->ctx.aria, key, key_bitlen);
				159	#endif
				160	#if defined(MBEDTLS_CAMELLIA_C)
				161	case MBEDTLS_BLOCK_CIPHER_ID_CAMELLIA:
				162	return mbedtls_camellia_setkey_enc(&ctx->ctx.camellia, key, key_bitlen);
				163	#endif
				164	default:
				165	return MBEDTLS_ERR_CIPHER_INVALID_CONTEXT;
				166	}
				167	}
Manuel Pégourié-Gonnard	76fa16c	2023-11-10 12:02:53 +0100	[diff] [blame]	168
				169	int mbedtls_block_cipher_encrypt(mbedtls_block_cipher_context_t *ctx,
				170	const unsigned char input[16],
				171	unsigned char output[16])
				172	{
Valerio Setti	c1db99d	2023-12-12 11:19:17 +0100	[diff] [blame^]	173	#if defined(MBEDTLS_BLOCK_CIPHER_SOME_PSA)
				174	if (ctx->engine == MBEDTLS_BLOCK_CIPHER_ENGINE_PSA) {
				175	psa_status_t status;
				176	size_t olen;
				177
				178	status = psa_cipher_encrypt(ctx->psa_key_id, PSA_ALG_ECB_NO_PADDING,
				179	input, 16, output, 16, &olen);
				180	if (status != PSA_SUCCESS) {
				181	return mbedtls_cipher_error_from_psa(status);
				182	}
				183	return 0;
				184	}
				185	#endif /* MBEDTLS_BLOCK_CIPHER_SOME_PSA */
				186
Manuel Pégourié-Gonnard	76fa16c	2023-11-10 12:02:53 +0100	[diff] [blame]	187	switch (ctx->id) {
				188	#if defined(MBEDTLS_AES_C)
				189	case MBEDTLS_BLOCK_CIPHER_ID_AES:
				190	return mbedtls_aes_crypt_ecb(&ctx->ctx.aes, MBEDTLS_AES_ENCRYPT,
				191	input, output);
				192	#endif
				193	#if defined(MBEDTLS_ARIA_C)
				194	case MBEDTLS_BLOCK_CIPHER_ID_ARIA:
				195	return mbedtls_aria_crypt_ecb(&ctx->ctx.aria, input, output);
				196	#endif
				197	#if defined(MBEDTLS_CAMELLIA_C)
				198	case MBEDTLS_BLOCK_CIPHER_ID_CAMELLIA:
				199	return mbedtls_camellia_crypt_ecb(&ctx->ctx.camellia,
				200	MBEDTLS_CAMELLIA_ENCRYPT,
				201	input, output);
				202	#endif
				203	default:
				204	return MBEDTLS_ERR_CIPHER_INVALID_CONTEXT;
				205	}
				206	}
				207
Manuel Pégourié-Gonnard	2171876	2023-11-10 11:21:17 +0100	[diff] [blame]	208	#endif /* MBEDTLS_BLOCK_CIPHER_C */