1 /* 2 * This file is part of the openHiTLS project. 3 * 4 * openHiTLS is licensed under the Mulan PSL v2. 5 * You can use this software according to the terms and conditions of the Mulan PSL v2. 6 * You may obtain a copy of Mulan PSL v2 at: 7 * 8 * http://license.coscl.org.cn/MulanPSL2 9 * 10 * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, 11 * EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, 12 * MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE. 13 * See the Mulan PSL v2 for more details. 14 */ 15 16 #ifndef CRYPT_MODES_GCM_H 17 #define CRYPT_MODES_GCM_H 18 19 #include "hitls_build.h" 20 #ifdef HITLS_CRYPTO_GCM 21 22 #include "crypt_types.h" 23 #include "crypt_modes.h" 24 #ifdef __cplusplus 25 extern "C" { 26 #endif // __cplusplus 27 #define GCM_MAX_COMBINED_LENGTH (((uint64_t)1 << 36) - 32) 28 #define GCM_MAX_INVOCATIONS_TIMES ((uint32_t)(-1)) 29 #define GCM_BLOCK_MASK (0xfffffff0) 30 typedef struct { 31 uint64_t h; 32 uint64_t l; 33 } MODES_GCM_GF128; 34 #define GCM_BLOCKSIZE 16 35 typedef struct { 36 uint8_t iv[GCM_BLOCKSIZE]; // Processed IV information. The length is 16 bytes. 37 uint8_t ghash[GCM_BLOCKSIZE]; // Intermediate data for tag calculation. 38 MODES_GCM_GF128 hTable[16]; // The window uses 4 bits, 2 ^ 4 = 16 entries need to be pre-calculated. 39 void *ciphCtx; // Context defined by each symmetric algorithm. 40 const EAL_SymMethod *ciphMeth; // algorithm method 41 uint8_t tagLen; 42 uint32_t cryptCnt; // Indicate the number of encryption times that the key can be used. 43 uint8_t last[GCM_BLOCKSIZE]; // ctr mode last 44 uint8_t remCt[GCM_BLOCKSIZE]; // Remaining ciphertext 45 uint8_t ek0[GCM_BLOCKSIZE]; // ek0 46 uint64_t plaintextLen; // use for calc tag 47 uint32_t aadLen; // use for calc tag 48 uint32_t lastLen; // ctr mode lastLen 49 } MODES_CipherGCMCtx; 50 struct ModesGcmCtx { 51 int32_t algId; 52 MODES_CipherGCMCtx gcmCtx; 53 bool enc; 54 }; 55 56 typedef struct ModesGcmCtx MODES_GCM_Ctx; 57 58 // GCM mode universal implementation 59 MODES_GCM_Ctx *MODES_GCM_NewCtx(int32_t algId); 60 int32_t MODES_GCM_InitCtx(MODES_GCM_Ctx *modeCtx, const uint8_t *key, uint32_t keyLen, const uint8_t *iv, 61 uint32_t ivLen, bool enc); 62 63 int32_t MODES_GCM_Update(MODES_GCM_Ctx *modeCtx, const uint8_t *in, uint32_t inLen, uint8_t *out, uint32_t *outLen); 64 int32_t MODES_GCM_Final(MODES_GCM_Ctx *modeCtx, uint8_t *out, uint32_t *outLen); 65 int32_t MODES_GCM_DeInitCtx(MODES_GCM_Ctx *modeCtx); 66 int32_t MODES_GCM_Ctrl(MODES_GCM_Ctx *modeCtx, int32_t cmd, void *val, uint32_t len); 67 void MODES_GCM_FreeCtx(MODES_GCM_Ctx *modeCtx); 68 69 // AES GCM optimization implementation 70 int32_t AES_GCM_Update(MODES_GCM_Ctx *modeCtx, const uint8_t *in, uint32_t inLen, uint8_t *out, uint32_t *outLen); 71 72 // SM4 GCM optimization implementation 73 int32_t SM4_GCM_InitCtx(MODES_GCM_Ctx *modeCtx, const uint8_t *key, uint32_t keyLen, const uint8_t *iv, 74 uint32_t ivLen, bool enc); 75 int32_t SM4_GCM_Update(MODES_GCM_Ctx *modeCtx, const uint8_t *in, uint32_t inLen, uint8_t *out, uint32_t *outLen); 76 77 int32_t MODES_GCM_InitCtxEx(MODES_GCM_Ctx *modeCtx, const uint8_t *key, uint32_t keyLen, const uint8_t *iv, 78 uint32_t ivLen, void *param, bool enc); 79 80 int32_t MODES_GCM_UpdateEx(MODES_GCM_Ctx *modeCtx, const uint8_t *in, uint32_t inLen, uint8_t *out, uint32_t *outLen); 81 82 int32_t MODES_GCM_InitHashTable(MODES_CipherGCMCtx *ctx); 83 int32_t MODES_GCM_SetKey(MODES_CipherGCMCtx *ctx, const uint8_t *key, uint32_t len); 84 #ifdef __cplusplus 85 } 86 #endif // __cplusplus 87 88 #endif // HITLS_CRYPTO_GCM 89 90 #endif // CRYPT_MODES_GCM_H 91