aes_operation.h revision 7a62f5e84c579b85104fd617040a57b5dcb9fef2
1907c3015d0edf1e43cdc9e0bba0e3fc23dca8cfcShawn Willden/* 2907c3015d0edf1e43cdc9e0bba0e3fc23dca8cfcShawn Willden * Copyright 2014 The Android Open Source Project 3907c3015d0edf1e43cdc9e0bba0e3fc23dca8cfcShawn Willden * 4907c3015d0edf1e43cdc9e0bba0e3fc23dca8cfcShawn Willden * Licensed under the Apache License, Version 2.0 (the "License"); 5907c3015d0edf1e43cdc9e0bba0e3fc23dca8cfcShawn Willden * you may not use this file except in compliance with the License. 6907c3015d0edf1e43cdc9e0bba0e3fc23dca8cfcShawn Willden * You may obtain a copy of the License at 7907c3015d0edf1e43cdc9e0bba0e3fc23dca8cfcShawn Willden * 8907c3015d0edf1e43cdc9e0bba0e3fc23dca8cfcShawn Willden * http://www.apache.org/licenses/LICENSE-2.0 9907c3015d0edf1e43cdc9e0bba0e3fc23dca8cfcShawn Willden * 10907c3015d0edf1e43cdc9e0bba0e3fc23dca8cfcShawn Willden * Unless required by applicable law or agreed to in writing, software 11907c3015d0edf1e43cdc9e0bba0e3fc23dca8cfcShawn Willden * distributed under the License is distributed on an "AS IS" BASIS, 12907c3015d0edf1e43cdc9e0bba0e3fc23dca8cfcShawn Willden * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13907c3015d0edf1e43cdc9e0bba0e3fc23dca8cfcShawn Willden * See the License for the specific language governing permissions and 14907c3015d0edf1e43cdc9e0bba0e3fc23dca8cfcShawn Willden * limitations under the License. 15907c3015d0edf1e43cdc9e0bba0e3fc23dca8cfcShawn Willden */ 16907c3015d0edf1e43cdc9e0bba0e3fc23dca8cfcShawn Willden 17907c3015d0edf1e43cdc9e0bba0e3fc23dca8cfcShawn Willden#ifndef SYSTEM_KEYMASTER_AES_OPERATION_H_ 18907c3015d0edf1e43cdc9e0bba0e3fc23dca8cfcShawn Willden#define SYSTEM_KEYMASTER_AES_OPERATION_H_ 19907c3015d0edf1e43cdc9e0bba0e3fc23dca8cfcShawn Willden 20f0f68b976b0ffac10d3e0efddc5bee38fd9d1ea3Shawn Willden#include <openssl/evp.h> 21f0f68b976b0ffac10d3e0efddc5bee38fd9d1ea3Shawn Willden 226dde87c27ec620c0962507b58ece3fbe94bbff02Shawn Willden#include "aead_mode_operation.h" 23907c3015d0edf1e43cdc9e0bba0e3fc23dca8cfcShawn Willden#include "ocb_utils.h" 24907c3015d0edf1e43cdc9e0bba0e3fc23dca8cfcShawn Willden#include "operation.h" 25907c3015d0edf1e43cdc9e0bba0e3fc23dca8cfcShawn Willden 26907c3015d0edf1e43cdc9e0bba0e3fc23dca8cfcShawn Willdennamespace keymaster { 27907c3015d0edf1e43cdc9e0bba0e3fc23dca8cfcShawn Willden 286dde87c27ec620c0962507b58ece3fbe94bbff02Shawn Willdenclass AesOcbOperation : public AeadModeOperation { 29907c3015d0edf1e43cdc9e0bba0e3fc23dca8cfcShawn Willden public: 30907c3015d0edf1e43cdc9e0bba0e3fc23dca8cfcShawn Willden static const size_t NONCE_LENGTH = 12; 31907c3015d0edf1e43cdc9e0bba0e3fc23dca8cfcShawn Willden 32567a4a04f43d35b785d50508e6459b01f2ab4d14Shawn Willden AesOcbOperation(keymaster_purpose_t purpose, const uint8_t* key, size_t key_size, 33dfa1c030e941cba4e66b362854d84b19298353c9Shawn Willden size_t chunk_length, size_t tag_length, bool caller_nonce) 34567a4a04f43d35b785d50508e6459b01f2ab4d14Shawn Willden : AeadModeOperation(purpose, key, key_size, chunk_length, tag_length, NONCE_LENGTH, 35dfa1c030e941cba4e66b362854d84b19298353c9Shawn Willden caller_nonce) {} 366dde87c27ec620c0962507b58ece3fbe94bbff02Shawn Willden 376dde87c27ec620c0962507b58ece3fbe94bbff02Shawn Willden virtual keymaster_error_t Abort() { 386dde87c27ec620c0962507b58ece3fbe94bbff02Shawn Willden /* All cleanup is in the dtor */ 396dde87c27ec620c0962507b58ece3fbe94bbff02Shawn Willden return KM_ERROR_OK; 40907c3015d0edf1e43cdc9e0bba0e3fc23dca8cfcShawn Willden } 41907c3015d0edf1e43cdc9e0bba0e3fc23dca8cfcShawn Willden 426dde87c27ec620c0962507b58ece3fbe94bbff02Shawn Willden protected: 436dde87c27ec620c0962507b58ece3fbe94bbff02Shawn Willden ae_ctx* ctx() { return ctx_.get(); } 44907c3015d0edf1e43cdc9e0bba0e3fc23dca8cfcShawn Willden 45907c3015d0edf1e43cdc9e0bba0e3fc23dca8cfcShawn Willden private: 466dde87c27ec620c0962507b58ece3fbe94bbff02Shawn Willden virtual keymaster_error_t Initialize(uint8_t* key, size_t key_size, size_t nonce_length, 476dde87c27ec620c0962507b58ece3fbe94bbff02Shawn Willden size_t tag_length); 486dde87c27ec620c0962507b58ece3fbe94bbff02Shawn Willden virtual keymaster_error_t EncryptChunk(const uint8_t* nonce, size_t nonce_length, 496dde87c27ec620c0962507b58ece3fbe94bbff02Shawn Willden size_t tag_length, 506dde87c27ec620c0962507b58ece3fbe94bbff02Shawn Willden const keymaster_blob_t additional_data, uint8_t* chunk, 516dde87c27ec620c0962507b58ece3fbe94bbff02Shawn Willden size_t chunk_size, Buffer* output); 526dde87c27ec620c0962507b58ece3fbe94bbff02Shawn Willden virtual keymaster_error_t DecryptChunk(const uint8_t* nonce, size_t nonce_length, 536dde87c27ec620c0962507b58ece3fbe94bbff02Shawn Willden const uint8_t* tag, size_t tag_length, 546dde87c27ec620c0962507b58ece3fbe94bbff02Shawn Willden const keymaster_blob_t additional_data, uint8_t* chunk, 556dde87c27ec620c0962507b58ece3fbe94bbff02Shawn Willden size_t chunk_size, Buffer* output); 56907c3015d0edf1e43cdc9e0bba0e3fc23dca8cfcShawn Willden AeCtx ctx_; 57907c3015d0edf1e43cdc9e0bba0e3fc23dca8cfcShawn Willden}; 58907c3015d0edf1e43cdc9e0bba0e3fc23dca8cfcShawn Willden 59f0f68b976b0ffac10d3e0efddc5bee38fd9d1ea3Shawn Willdenclass AesEvpOperation : public Operation { 60f0f68b976b0ffac10d3e0efddc5bee38fd9d1ea3Shawn Willden public: 61f0f68b976b0ffac10d3e0efddc5bee38fd9d1ea3Shawn Willden AesEvpOperation(keymaster_purpose_t purpose, keymaster_block_mode_t block_mode, 627a62f5e84c579b85104fd617040a57b5dcb9fef2Shawn Willden keymaster_padding_t padding, bool caller_iv, const uint8_t* key, 637a62f5e84c579b85104fd617040a57b5dcb9fef2Shawn Willden size_t key_size); 64f0f68b976b0ffac10d3e0efddc5bee38fd9d1ea3Shawn Willden ~AesEvpOperation(); 65f0f68b976b0ffac10d3e0efddc5bee38fd9d1ea3Shawn Willden 66f0f68b976b0ffac10d3e0efddc5bee38fd9d1ea3Shawn Willden virtual keymaster_error_t Begin(const AuthorizationSet& input_params, 67f0f68b976b0ffac10d3e0efddc5bee38fd9d1ea3Shawn Willden AuthorizationSet* output_params); 68f0f68b976b0ffac10d3e0efddc5bee38fd9d1ea3Shawn Willden virtual keymaster_error_t Update(const AuthorizationSet& additional_params, const Buffer& input, 69f0f68b976b0ffac10d3e0efddc5bee38fd9d1ea3Shawn Willden Buffer* output, size_t* input_consumed); 70f0f68b976b0ffac10d3e0efddc5bee38fd9d1ea3Shawn Willden virtual keymaster_error_t Finish(const AuthorizationSet& additional_params, 71dfa1c030e941cba4e66b362854d84b19298353c9Shawn Willden const Buffer& signature, Buffer* output); 72f0f68b976b0ffac10d3e0efddc5bee38fd9d1ea3Shawn Willden virtual keymaster_error_t Abort(); 73f0f68b976b0ffac10d3e0efddc5bee38fd9d1ea3Shawn Willden 74f0f68b976b0ffac10d3e0efddc5bee38fd9d1ea3Shawn Willden virtual int evp_encrypt_mode() = 0; 75f0f68b976b0ffac10d3e0efddc5bee38fd9d1ea3Shawn Willden 76f0f68b976b0ffac10d3e0efddc5bee38fd9d1ea3Shawn Willden private: 77f0f68b976b0ffac10d3e0efddc5bee38fd9d1ea3Shawn Willden keymaster_error_t InitializeCipher(); 787a62f5e84c579b85104fd617040a57b5dcb9fef2Shawn Willden keymaster_error_t GetIv(const AuthorizationSet& input_params); 79f0f68b976b0ffac10d3e0efddc5bee38fd9d1ea3Shawn Willden bool need_iv() const; 80f0f68b976b0ffac10d3e0efddc5bee38fd9d1ea3Shawn Willden 81f0f68b976b0ffac10d3e0efddc5bee38fd9d1ea3Shawn Willden EVP_CIPHER_CTX ctx_; 82f0f68b976b0ffac10d3e0efddc5bee38fd9d1ea3Shawn Willden const size_t key_size_; 83f0f68b976b0ffac10d3e0efddc5bee38fd9d1ea3Shawn Willden const keymaster_block_mode_t block_mode_; 84f0f68b976b0ffac10d3e0efddc5bee38fd9d1ea3Shawn Willden const keymaster_padding_t padding_; 857a62f5e84c579b85104fd617040a57b5dcb9fef2Shawn Willden const bool caller_iv_; 867a62f5e84c579b85104fd617040a57b5dcb9fef2Shawn Willden UniquePtr<uint8_t> iv_; 87f0f68b976b0ffac10d3e0efddc5bee38fd9d1ea3Shawn Willden uint8_t key_[SymmetricKey::MAX_KEY_SIZE]; 88f0f68b976b0ffac10d3e0efddc5bee38fd9d1ea3Shawn Willden}; 89f0f68b976b0ffac10d3e0efddc5bee38fd9d1ea3Shawn Willden 90f0f68b976b0ffac10d3e0efddc5bee38fd9d1ea3Shawn Willdenclass AesEvpEncryptOperation : public AesEvpOperation { 91f0f68b976b0ffac10d3e0efddc5bee38fd9d1ea3Shawn Willden public: 92f0f68b976b0ffac10d3e0efddc5bee38fd9d1ea3Shawn Willden AesEvpEncryptOperation(keymaster_block_mode_t block_mode, keymaster_padding_t padding, 937a62f5e84c579b85104fd617040a57b5dcb9fef2Shawn Willden bool caller_iv, const uint8_t* key, size_t key_size) 947a62f5e84c579b85104fd617040a57b5dcb9fef2Shawn Willden : AesEvpOperation(KM_PURPOSE_ENCRYPT, block_mode, padding, caller_iv, key, key_size) {} 95f0f68b976b0ffac10d3e0efddc5bee38fd9d1ea3Shawn Willden int evp_encrypt_mode() { return 1; } 96f0f68b976b0ffac10d3e0efddc5bee38fd9d1ea3Shawn Willden}; 97f0f68b976b0ffac10d3e0efddc5bee38fd9d1ea3Shawn Willden 98f0f68b976b0ffac10d3e0efddc5bee38fd9d1ea3Shawn Willdenclass AesEvpDecryptOperation : public AesEvpOperation { 99f0f68b976b0ffac10d3e0efddc5bee38fd9d1ea3Shawn Willden public: 100f0f68b976b0ffac10d3e0efddc5bee38fd9d1ea3Shawn Willden AesEvpDecryptOperation(keymaster_block_mode_t block_mode, keymaster_padding_t padding, 101f0f68b976b0ffac10d3e0efddc5bee38fd9d1ea3Shawn Willden const uint8_t* key, size_t key_size) 1027a62f5e84c579b85104fd617040a57b5dcb9fef2Shawn Willden : AesEvpOperation(KM_PURPOSE_DECRYPT, block_mode, padding, 1037a62f5e84c579b85104fd617040a57b5dcb9fef2Shawn Willden false /* caller_iv -- don't care */, key, key_size) {} 104f0f68b976b0ffac10d3e0efddc5bee38fd9d1ea3Shawn Willden 105f0f68b976b0ffac10d3e0efddc5bee38fd9d1ea3Shawn Willden int evp_encrypt_mode() { return 0; } 106f0f68b976b0ffac10d3e0efddc5bee38fd9d1ea3Shawn Willden}; 107f0f68b976b0ffac10d3e0efddc5bee38fd9d1ea3Shawn Willden 108907c3015d0edf1e43cdc9e0bba0e3fc23dca8cfcShawn Willden} // namespace keymaster 109907c3015d0edf1e43cdc9e0bba0e3fc23dca8cfcShawn Willden 110907c3015d0edf1e43cdc9e0bba0e3fc23dca8cfcShawn Willden#endif // SYSTEM_KEYMASTER_AES_OPERATION_H_ 111