Gitiles
Code Review Sign In
git01.mediatek.com / openwrt / feeds / mtk-openwrt-feeds / 704367979bd2789fb5ba587ae47b45d994ee94c9 / . / feed / openssl-fips-ext / src / aesgcm.c
blob: 5bbb2d990209123aebca4cc5c305037b2d09067e [file] [log] [blame]
developer70436792023-05-19 09:31:20 +0800[diff] [blame^]1#include "aesgcm.h"
2#include "openssl/crypto.h"
3
4struct operator gcm_oper = {
5 .init = gcm_init,
6 .uninit = gcm_uninit,
7 .encrypt = gcm_encrypt,
8 .decrypt = gcm_decrypt,
9 .check = gcm_check,
10};
11
12static struct gcm_data data;
13
14int gcm_init(void)
15{
16 if (input_data.key == NULL || input_data.iv == NULL)
17 return -1;
18 hex2bin(&data.key, input_data.key, &(data.key_size));
19 hex2bin(&data.iv, input_data.iv, &(data.iv_size));
20 hex2bin(&data.pt, input_data.pt, &(data.pt_size));
21 hex2bin(&data.add, input_data.add, &(data.add_size));
22 hex2bin(&data.ct, input_data.ct, &(data.ct_size));
23 hex2bin(&data.tag, input_data.tag, &(data.tag_size));
24
25 if (input_data.tag_output_size != 0)
26 data.tag_output_size = input_data.tag_output_size;
27 else
28 data.tag_output_size = 16;
29
30 return 0;
31}
32
33void init_gcm_evp_encrypt(EVP_CIPHER_CTX **ctx)
34{
35 if (data.key_size == 16)
36 EVP_EncryptInit_ex(*ctx, EVP_aes_128_gcm(), NULL, NULL, NULL);
37 else if (data.key_size == 24)
38 EVP_EncryptInit_ex(*ctx, EVP_aes_192_gcm(), NULL, NULL, NULL);
39 else if (data.key_size == 32)
40 EVP_EncryptInit_ex(*ctx, EVP_aes_256_gcm(), NULL, NULL, NULL);
41}
42
43void init_gcm_evp_decrypt(EVP_CIPHER_CTX **ctx)
44{
45 if (data.key_size == 16)
46 EVP_DecryptInit_ex(*ctx, EVP_aes_128_gcm(), NULL, NULL, NULL);
47 else if (data.key_size == 24)
48 EVP_DecryptInit_ex(*ctx, EVP_aes_192_gcm(), NULL, NULL, NULL);
49 else if (data.key_size == 32)
50 EVP_DecryptInit_ex(*ctx, EVP_aes_256_gcm(), NULL, NULL, NULL);
51}
52
53int gcm_encrypt(void)
54{
55 EVP_CIPHER_CTX *ctx;
56 int outlen;
57 unsigned char outbuf[1024];
58
59 ctx = EVP_CIPHER_CTX_new();
60
61 init_gcm_evp_encrypt(&ctx);
62
63 EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, data.iv_size, NULL);
64 EVP_EncryptInit_ex(ctx, NULL, NULL, data.key, data.iv);
65
66 if (data.add != NULL)
67 EVP_EncryptUpdate(ctx, NULL, &outlen, data.add, data.add_size);
68 if (data.pt != NULL) {
69 EVP_EncryptUpdate(ctx, outbuf, &outlen, data.pt, data.pt_size);
70 printf("Ciphertext: ");
71 print_hex(outbuf, outlen);
72 } else {
73 printf("Ciphertext: none\n");
74 }
75 EVP_EncryptFinal_ex(ctx, outbuf, &outlen);
76 EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, data.tag_output_size, outbuf);
77
78 printf("Tag: ");
79 print_hex(outbuf, data.tag_output_size);
80
81 EVP_CIPHER_CTX_free(ctx);
82 return 0;
83}
84
85int gcm_decrypt(void)
86{
87 EVP_CIPHER_CTX *ctx;
88 int outlen, tmplen, rv;
89 unsigned char outbuf[1024];
90
91 ctx = EVP_CIPHER_CTX_new();
92
93 init_gcm_evp_decrypt(&ctx);
94
95 EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, data.iv_size, NULL);
96 EVP_DecryptInit_ex(ctx, NULL, NULL, data.key, data.iv);
97
98 if (data.add != NULL)
99 EVP_DecryptUpdate(ctx, NULL, &outlen, data.add, data.add_size);
100 if (data.ct != NULL) {
101 EVP_DecryptUpdate(ctx, outbuf, &outlen, data.ct, data.ct_size);
102 printf("Plaintext: ");
103 print_hex(outbuf, outlen);
104 }
105
106 EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, data.tag_size,
107 data.tag);
108 rv = EVP_DecryptFinal_ex(ctx, outbuf, &outlen);
109 printf("Tag Verify %s\n", rv > 0 ? "Pass" : "Fail");
110 EVP_CIPHER_CTX_free(ctx);
111 return 0;
112}
113
114int gcm_uninit(void)
115{
116 free_openssl_data(data.key);
117 free_openssl_data(data.iv);
118 free_openssl_data(data.pt);
119 free_openssl_data(data.add);
120 free_openssl_data(data.ct);
121 free_openssl_data(data.tag);
122 return 0;
123}
124
125int gcm_check(void)
126{
127 if (data.key == NULL || data.iv == NULL) {
128 printf("gcm must have Key and IV\n");
129 return -1;
130 }
131
132 if (input_data.oper == DECRYPT && data.tag == NULL) {
133 printf("gcm decrypt must have Tag\n");
134 return -1;
135 }
136
137 return 0;
138}