The branch master has been updated via dc7aa029007da3849a04291a4c258587228daac8 (commit) via e85f3a14f8be2e1ee2bb362b64e24ac6d0cb8b2f (commit) from 3dbc5156b0b2c7a57be160706e6ad38a14edae37 (commit)
- Log ----------------------------------------------------------------- commit dc7aa029007da3849a04291a4c258587228daac8 Author: Richard Levitte <levi...@openssl.org> Date: Wed Dec 11 13:43:24 2019 +0100 PROV: Move AES_GCM specialisation away from common cipher header The AES_GCM specialisation was defined in the common cipher header providers/implementations/include/prov/ciphercommon_gcm.h, when it should in fact be in a local providers/implementations/ciphers/ header. Reviewed-by: Shane Lontis <shane.lon...@oracle.com> (Merged from https://github.com/openssl/openssl/pull/10606) commit e85f3a14f8be2e1ee2bb362b64e24ac6d0cb8b2f Author: Richard Levitte <levi...@openssl.org> Date: Wed Dec 11 13:11:34 2019 +0100 PROV: Move AES_CCM specialisation away from common cipher header The AES_CCM specialisation was defined in the common cipher header providers/implementations/include/prov/ciphercommon_ccm.h, when it should in fact be in a local providers/implementations/ciphers/ header. Reviewed-by: Shane Lontis <shane.lon...@oracle.com> (Merged from https://github.com/openssl/openssl/pull/10606) ----------------------------------------------------------------------- Summary of changes: providers/implementations/ciphers/cipher_aes.h | 1 - providers/implementations/ciphers/cipher_aes_ccm.c | 3 +- providers/implementations/ciphers/cipher_aes_ccm.h | 47 ++++++++++++++++++++++ .../implementations/ciphers/cipher_aes_ccm_hw.c | 3 +- providers/implementations/ciphers/cipher_aes_gcm.c | 3 +- providers/implementations/ciphers/cipher_aes_gcm.h | 43 ++++++++++++++++++++ .../implementations/ciphers/cipher_aes_gcm_hw.c | 3 +- .../include/prov/ciphercommon_ccm.h | 39 +----------------- .../include/prov/ciphercommon_gcm.h | 30 -------------- 9 files changed, 96 insertions(+), 76 deletions(-) create mode 100644 providers/implementations/ciphers/cipher_aes_ccm.h create mode 100644 providers/implementations/ciphers/cipher_aes_gcm.h diff --git a/providers/implementations/ciphers/cipher_aes.h b/providers/implementations/ciphers/cipher_aes.h index d00fab13ef..f05ff1b7d5 100644 --- a/providers/implementations/ciphers/cipher_aes.h +++ b/providers/implementations/ciphers/cipher_aes.h @@ -59,4 +59,3 @@ const PROV_CIPHER_HW *PROV_CIPHER_HW_aes_cfb128(size_t keybits); const PROV_CIPHER_HW *PROV_CIPHER_HW_aes_cfb1(size_t keybits); const PROV_CIPHER_HW *PROV_CIPHER_HW_aes_cfb8(size_t keybits); const PROV_CIPHER_HW *PROV_CIPHER_HW_aes_ctr(size_t keybits); - diff --git a/providers/implementations/ciphers/cipher_aes_ccm.c b/providers/implementations/ciphers/cipher_aes_ccm.c index b6655143d9..c800d1284d 100644 --- a/providers/implementations/ciphers/cipher_aes_ccm.c +++ b/providers/implementations/ciphers/cipher_aes_ccm.c @@ -9,8 +9,7 @@ /* Dispatch functions for AES CCM mode */ -#include "prov/ciphercommon.h" -#include "prov/ciphercommon_ccm.h" +#include "cipher_aes_ccm.h" #include "prov/implementations.h" static void *aes_ccm_newctx(void *provctx, size_t keybits) diff --git a/providers/implementations/ciphers/cipher_aes_ccm.h b/providers/implementations/ciphers/cipher_aes_ccm.h new file mode 100644 index 0000000000..a0dc4b6f25 --- /dev/null +++ b/providers/implementations/ciphers/cipher_aes_ccm.h @@ -0,0 +1,47 @@ +/* + * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include <openssl/aes.h> +#include "prov/ciphercommon.h" +#include "prov/ciphercommon_ccm.h" + +typedef struct prov_aes_ccm_ctx_st { + PROV_CCM_CTX base; /* Must be first */ + union { + OSSL_UNION_ALIGN; + /*- + * Padding is chosen so that s390x.kmac.k overlaps with ks.ks and + * fc with ks.ks.rounds. Remember that on s390x, an AES_KEY's + * rounds field is used to store the function code and that the key + * schedule is not stored (if aes hardware support is detected). + */ + struct { + unsigned char pad[16]; + AES_KEY ks; + } ks; +#if defined(OPENSSL_CPUID_OBJ) && defined(__s390__) + struct { + S390X_KMAC_PARAMS kmac; + unsigned long long blocks; + union { + unsigned long long g[2]; + unsigned char b[AES_BLOCK_SIZE]; + } nonce; + union { + unsigned long long g[2]; + unsigned char b[AES_BLOCK_SIZE]; + } buf; + unsigned char dummy_pad[168]; + unsigned int fc; /* fc has same offset as ks.ks.rounds */ + } s390x; +#endif /* defined(OPENSSL_CPUID_OBJ) && defined(__s390__) */ + } ccm; +} PROV_AES_CCM_CTX; + +const PROV_CCM_HW *PROV_AES_HW_ccm(size_t keylen); diff --git a/providers/implementations/ciphers/cipher_aes_ccm_hw.c b/providers/implementations/ciphers/cipher_aes_ccm_hw.c index 0b1e50163b..5f4accdb54 100644 --- a/providers/implementations/ciphers/cipher_aes_ccm_hw.c +++ b/providers/implementations/ciphers/cipher_aes_ccm_hw.c @@ -9,8 +9,7 @@ /* AES CCM mode */ -#include "prov/ciphercommon.h" -#include "prov/ciphercommon_ccm.h" +#include "cipher_aes_ccm.h" #define AES_HW_CCM_SET_KEY_FN(fn_set_enc_key, fn_blk, fn_ccm_enc, fn_ccm_dec) \ fn_set_enc_key(key, keylen * 8, &actx->ccm.ks.ks); \ diff --git a/providers/implementations/ciphers/cipher_aes_gcm.c b/providers/implementations/ciphers/cipher_aes_gcm.c index 18277c705e..bb0b8debc0 100644 --- a/providers/implementations/ciphers/cipher_aes_gcm.c +++ b/providers/implementations/ciphers/cipher_aes_gcm.c @@ -9,8 +9,7 @@ /* Dispatch functions for AES GCM mode */ -#include "prov/ciphercommon.h" -#include "prov/ciphercommon_gcm.h" +#include "cipher_aes_gcm.h" #include "prov/implementations.h" static void *aes_gcm_newctx(void *provctx, size_t keybits) diff --git a/providers/implementations/ciphers/cipher_aes_gcm.h b/providers/implementations/ciphers/cipher_aes_gcm.h new file mode 100644 index 0000000000..6c81790640 --- /dev/null +++ b/providers/implementations/ciphers/cipher_aes_gcm.h @@ -0,0 +1,43 @@ +/* + * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include <openssl/aes.h> +#include "prov/ciphercommon.h" +#include "prov/ciphercommon_gcm.h" + +typedef struct prov_aes_gcm_ctx_st { + PROV_GCM_CTX base; /* must be first entry in struct */ + union { + OSSL_UNION_ALIGN; + AES_KEY ks; + } ks; /* AES key schedule to use */ + + /* Platform specific data */ + union { + int dummy; +#if defined(OPENSSL_CPUID_OBJ) && defined(__s390__) + struct { + union { + OSSL_UNION_ALIGN; + S390X_KMA_PARAMS kma; + } param; + unsigned int fc; + unsigned char ares[16]; + unsigned char mres[16]; + unsigned char kres[16]; + int areslen; + int mreslen; + int kreslen; + int res; + } s390x; +#endif /* defined(OPENSSL_CPUID_OBJ) && defined(__s390__) */ + } plat; +} PROV_AES_GCM_CTX; + +const PROV_GCM_HW *PROV_AES_HW_gcm(size_t keybits); diff --git a/providers/implementations/ciphers/cipher_aes_gcm_hw.c b/providers/implementations/ciphers/cipher_aes_gcm_hw.c index 6a2f8a5fd4..0373917a18 100644 --- a/providers/implementations/ciphers/cipher_aes_gcm_hw.c +++ b/providers/implementations/ciphers/cipher_aes_gcm_hw.c @@ -9,8 +9,7 @@ /* Dispatch functions for AES GCM mode */ -#include "prov/ciphercommon.h" -#include "prov/ciphercommon_gcm.h" +#include "cipher_aes_gcm.h" static int generic_aes_gcm_initkey(PROV_GCM_CTX *ctx, const unsigned char *key, size_t keylen) diff --git a/providers/implementations/include/prov/ciphercommon_ccm.h b/providers/implementations/include/prov/ciphercommon_ccm.h index 0c2af15d54..7059789fd1 100644 --- a/providers/implementations/include/prov/ciphercommon_ccm.h +++ b/providers/implementations/include/prov/ciphercommon_ccm.h @@ -37,46 +37,13 @@ typedef struct prov_ccm_st { size_t keylen; size_t tls_aad_len; /* TLS AAD length */ size_t tls_aad_pad_sz; - unsigned char iv[AES_BLOCK_SIZE]; - unsigned char buf[AES_BLOCK_SIZE]; + unsigned char iv[GENERIC_BLOCK_SIZE]; + unsigned char buf[GENERIC_BLOCK_SIZE]; CCM128_CONTEXT ccm_ctx; ccm128_f str; const PROV_CCM_HW *hw; /* hardware specific methods */ } PROV_CCM_CTX; -typedef struct prov_aes_ccm_ctx_st { - PROV_CCM_CTX base; /* Must be first */ - union { - OSSL_UNION_ALIGN; - /*- - * Padding is chosen so that s390x.kmac.k overlaps with ks.ks and - * fc with ks.ks.rounds. Remember that on s390x, an AES_KEY's - * rounds field is used to store the function code and that the key - * schedule is not stored (if aes hardware support is detected). - */ - struct { - unsigned char pad[16]; - AES_KEY ks; - } ks; -#if defined(OPENSSL_CPUID_OBJ) && defined(__s390__) - struct { - S390X_KMAC_PARAMS kmac; - unsigned long long blocks; - union { - unsigned long long g[2]; - unsigned char b[AES_BLOCK_SIZE]; - } nonce; - union { - unsigned long long g[2]; - unsigned char b[AES_BLOCK_SIZE]; - } buf; - unsigned char dummy_pad[168]; - unsigned int fc; /* fc has same offset as ks.ks.rounds */ - } s390x; -#endif /* defined(OPENSSL_CPUID_OBJ) && defined(__s390__) */ - } ccm; -} PROV_AES_CCM_CTX; - PROV_CIPHER_FUNC(int, CCM_cipher, (PROV_CCM_CTX *ctx, unsigned char *out, \ size_t *padlen, const unsigned char *in, \ size_t len)); @@ -111,8 +78,6 @@ struct prov_ccm_hw_st { OSSL_CCM_gettag_fn gettag; }; -const PROV_CCM_HW *PROV_AES_HW_ccm(size_t keylen); - OSSL_OP_cipher_encrypt_init_fn ccm_einit; OSSL_OP_cipher_decrypt_init_fn ccm_dinit; OSSL_OP_cipher_get_ctx_params_fn ccm_get_ctx_params; diff --git a/providers/implementations/include/prov/ciphercommon_gcm.h b/providers/implementations/include/prov/ciphercommon_gcm.h index 1932e14c4c..d651b3827a 100644 --- a/providers/implementations/include/prov/ciphercommon_gcm.h +++ b/providers/implementations/include/prov/ciphercommon_gcm.h @@ -79,35 +79,6 @@ typedef struct prov_gcm_ctx_st { const void *ks; } PROV_GCM_CTX; -typedef struct prov_aes_gcm_ctx_st { - PROV_GCM_CTX base; /* must be first entry in struct */ - union { - OSSL_UNION_ALIGN; - AES_KEY ks; - } ks; /* AES key schedule to use */ - - /* Platform specific data */ - union { - int dummy; -#if defined(OPENSSL_CPUID_OBJ) && defined(__s390__) - struct { - union { - OSSL_UNION_ALIGN; - S390X_KMA_PARAMS kma; - } param; - unsigned int fc; - unsigned char ares[16]; - unsigned char mres[16]; - unsigned char kres[16]; - int areslen; - int mreslen; - int kreslen; - int res; - } s390x; -#endif /* defined(OPENSSL_CPUID_OBJ) && defined(__s390__) */ - } plat; -} PROV_AES_GCM_CTX; - PROV_CIPHER_FUNC(int, GCM_setkey, (PROV_GCM_CTX *ctx, const unsigned char *key, size_t keylen)); PROV_CIPHER_FUNC(int, GCM_setiv, (PROV_GCM_CTX *dat, const unsigned char *iv, @@ -130,7 +101,6 @@ struct prov_gcm_hw_st { OSSL_GCM_cipherfinal_fn cipherfinal; OSSL_GCM_oneshot_fn oneshot; }; -const PROV_GCM_HW *PROV_AES_HW_gcm(size_t keybits); OSSL_OP_cipher_encrypt_init_fn gcm_einit; OSSL_OP_cipher_decrypt_init_fn gcm_dinit;