/**
* \brief Creates a new AES-GCM CipherState object.
*
* \return A NoiseCipherState for AES-GCM cipher use, or NULL if no such state is available.
*/
NoiseCipherState *noise_aesgcm_new(void)
{
NoiseCipherState *state = 0;
#if USE_SODIUM
if (crypto_aead_aes256gcm_is_available())
state = noise_aesgcm_new_sodium();
#endif
#if USE_OPENSSL
if (!state)
state = noise_aesgcm_new_openssl();
#else
if (!state)
state = noise_aesgcm_new_ref();
#endif
return state;
}
int
yacl_aes256gcm_encrypt(const uint8_t *plaintext, size_t plaintext_len,
const uint8_t *aad, size_t aad_len,
const uint8_t *key, size_t key_len,
const uint8_t *nonce, size_t nonce_len,
uint8_t *tag, size_t tag_len,
uint8_t *ciphertext, size_t c_len)
{
if (crypto_aead_aes256gcm_NPUBBYTES != nonce_len)
return -1;
if (plaintext_len != c_len)
return -2;
if (crypto_aead_aes256gcm_KEYBYTES != key_len)
return -3;
if (crypto_aead_aes256gcm_ABYTES != tag_len)
return -4;
#if defined HAVE_LIBSODIUM && defined HAVE_SODIUM_GCM && defined HAVE_SODIUM_GCM_ENCRYPT
if (crypto_aead_aes256gcm_is_available())
{
return crypto_aead_aes256gcm_encrypt_detached(ciphertext,
tag,
NULL,
plaintext,
tag_len,
aad,
aad_len,
NULL,
nonce,
key);
}
#endif
return aes_gcm_ae(key, key_len,
nonce, nonce_len,
plaintext, plaintext_len,
aad, aad_len,
ciphertext,
tag);
}
int32_t psAesInitGCM(psAesGcm_t *ctx,
const unsigned char key[AES_MAXKEYLEN], uint8_t keylen)
{
/* Check that structure is 16bytes aligned: */
if (((uintptr_t) (const void *) (&(ctx->libSodiumCtx))) % 16 != 0)
{
psTraceCrypto("\nFAIL: libsodium structure not 16bytes aligned");
printf("FAIL: libsodium structure not 16bytes aligned %p", &(ctx->libSodiumCtx));
psAssert(0);
return PS_FAIL;
}
/* libsodium only supports aes256, not aes128 */
if (keylen != crypto_aead_aes256gcm_KEYBYTES)
{
psTraceCrypto("FAIL: libsodium-aes doesn't support this key length");
psAssert(keylen == crypto_aead_aes256gcm_KEYBYTES);
return PS_FAIL;
}
if (sodium_init() != 0)
{
/* libsodium is already initialized, no problem */
}
if (crypto_aead_aes256gcm_is_available() == 0)
{
psTraceCrypto("FAIL: libsodium-aes not supported");
psAssert(0);
return PS_FAIL;
}
memset(ctx, 0x00, sizeof(psAesGcm_t));
if (crypto_aead_aes256gcm_beforenm(&(ctx->libSodiumCtx), key) != 0)
{
psTraceCrypto("FAIL: libsodium-aes init");
psAssert(0);
return PS_FAIL;
}
return PS_SUCCESS;
}
static void
aead_cipher_ctx_init(cipher_ctx_t *cipher_ctx, int method, int enc)
{
if (method < AES128GCM || method >= AEAD_CIPHER_NUM) {
LOGE("cipher_context_init(): Illegal method");
return;
}
if (method >= CHACHA20POLY1305IETF) {
return;
}
const char *ciphername = supported_aead_ciphers[method];
const cipher_kt_t *cipher = aead_get_cipher_type(method);
if (method == AES256GCM && crypto_aead_aes256gcm_is_available()) {
cipher_ctx->aes256gcm_ctx = ss_aligned_malloc(sizeof(aes256gcm_ctx));
memset(cipher_ctx->aes256gcm_ctx, 0, sizeof(aes256gcm_ctx));
} else {
cipher_ctx->aes256gcm_ctx = NULL;
cipher_ctx->evp = ss_malloc(sizeof(cipher_evp_t));
memset(cipher_ctx->evp, 0, sizeof(cipher_evp_t));
cipher_evp_t *evp = cipher_ctx->evp;
mbedtls_cipher_init(evp);
if (mbedtls_cipher_setup(evp, cipher) != 0) {
FATAL("Cannot initialize mbed TLS cipher context");
}
}
if (cipher == NULL) {
LOGE("Cipher %s not found in mbed TLS library", ciphername);
FATAL("Cannot initialize mbed TLS cipher");
}
#ifdef SS_DEBUG
dump("KEY", (char *)cipher_ctx->cipher->key, cipher_ctx->cipher->key_len);
#endif
}
