static int aesni_init_key(EVP_CIPHER_CTX *ctx, const uint8_t *key,
const uint8_t *iv, int enc) {
int ret, mode;
EVP_AES_KEY *dat = (EVP_AES_KEY *)ctx->cipher_data;
mode = ctx->cipher->flags & EVP_CIPH_MODE_MASK;
if ((mode == EVP_CIPH_ECB_MODE || mode == EVP_CIPH_CBC_MODE) && !enc) {
ret = aesni_set_decrypt_key(key, ctx->key_len * 8, ctx->cipher_data);
dat->block = (block128_f)aesni_decrypt;
dat->stream.cbc =
mode == EVP_CIPH_CBC_MODE ? (cbc128_f)aesni_cbc_encrypt : NULL;
} else {
ret = aesni_set_encrypt_key(key, ctx->key_len * 8, ctx->cipher_data);
dat->block = (block128_f)aesni_encrypt;
if (mode == EVP_CIPH_CBC_MODE) {
dat->stream.cbc = (cbc128_f)aesni_cbc_encrypt;
} else if (mode == EVP_CIPH_CTR_MODE) {
dat->stream.ctr = (ctr128_f)aesni_ctr32_encrypt_blocks;
} else {
dat->stream.cbc = NULL;
}
}
if (ret < 0) {
OPENSSL_PUT_ERROR(CIPHER, aesni_init_key, CIPHER_R_AES_KEY_SETUP_FAILED);
return 0;
}
return 1;
}
static int aesni_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
const unsigned char *iv, int enc)
{
int ret, mode;
EVP_AES_KEY *dat = (EVP_AES_KEY *)ctx->cipher_data;
mode = ctx->cipher->flags & EVP_CIPH_MODE;
if ((mode == EVP_CIPH_ECB_MODE || mode == EVP_CIPH_CBC_MODE)
&& !enc)
{
ret = aesni_set_decrypt_key(key, ctx->key_len*8, ctx->cipher_data);
dat->block = (block128_f)aesni_decrypt;
dat->stream.cbc = mode==EVP_CIPH_CBC_MODE ?
(cbc128_f)aesni_cbc_encrypt :
NULL;
}
else {
ret = aesni_set_encrypt_key(key, ctx->key_len*8, ctx->cipher_data);
dat->block = (block128_f)aesni_encrypt;
if (mode==EVP_CIPH_CBC_MODE)
dat->stream.cbc = (cbc128_f)aesni_cbc_encrypt;
else if (mode==EVP_CIPH_CTR_MODE)
dat->stream.ctr = (ctr128_f)aesni_ctr32_encrypt_blocks;
else
dat->stream.cbc = NULL;
}
if(ret < 0)
{
EVPerr(EVP_F_AESNI_INIT_KEY,EVP_R_AES_KEY_SETUP_FAILED);
return 0;
}
return 1;
}
static int aesni_xts_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
const unsigned char *iv, int enc)
{
EVP_AES_XTS_CTX *xctx = ctx->cipher_data;
if (!iv && !key)
return 1;
if (key) {
/* key_len is two AES keys */
if (enc) {
aesni_set_encrypt_key(key, ctx->key_len * 4, &xctx->ks1);
xctx->xts.block1 = (block128_f) aesni_encrypt;
xctx->stream = aesni_xts_encrypt;
} else {
aesni_set_decrypt_key(key, ctx->key_len * 4, &xctx->ks1);
xctx->xts.block1 = (block128_f) aesni_decrypt;
xctx->stream = aesni_xts_decrypt;
}
aesni_set_encrypt_key(key + ctx->key_len / 2,
ctx->key_len * 4, &xctx->ks2);
xctx->xts.block2 = (block128_f) aesni_encrypt;
xctx->xts.key1 = &xctx->ks1;
}
if (iv) {
xctx->xts.key2 = &xctx->ks2;
memcpy(ctx->iv, iv, 16);
}
return 1;
}
static int aesni_cbc_hmac_sha256_init_key(EVP_CIPHER_CTX *ctx,
const unsigned char *inkey,
const unsigned char *iv, int enc)
{
EVP_AES_HMAC_SHA256 *key = data(ctx);
int ret;
if (enc)
memset(&key->ks, 0, sizeof(key->ks.rd_key)),
ret = aesni_set_encrypt_key(inkey,
EVP_CIPHER_CTX_key_length(ctx) * 8,
&key->ks);
else
ret = aesni_set_decrypt_key(inkey,
EVP_CIPHER_CTX_key_length(ctx) * 8,
&key->ks);
SHA256_Init(&key->head); /* handy when benchmarking */
key->tail = key->head;
key->md = key->head;
key->payload_length = NO_PAYLOAD_LENGTH;
return ret < 0 ? 0 : 1;
}
static int aesni_cbc_hmac_sha1_init_key(EVP_CIPHER_CTX *ctx,
const unsigned char *inkey,
const unsigned char *iv, int enc)
{
EVP_AES_HMAC_SHA1 *key = data(ctx);
int ret;
if (enc)
ret=aesni_set_encrypt_key(inkey,ctx->key_len*8,&key->ks);
else
ret=aesni_set_decrypt_key(inkey,ctx->key_len*8,&key->ks);
SHA1_Init(&key->head); /* handy when benchmarking */
key->tail = key->head;
key->md = key->head;
key->payload_length = 0;
return ret<0?0:1;
}
static int
aesni_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *user_key,
const unsigned char *iv, int enc)
{
int ret;
AES_KEY *key = AESNI_ALIGN(ctx->cipher_data);
if ((ctx->cipher->flags & EVP_CIPH_MODE) == EVP_CIPH_CFB_MODE
|| (ctx->cipher->flags & EVP_CIPH_MODE) == EVP_CIPH_OFB_MODE
|| enc)
ret=aesni_set_encrypt_key(user_key, ctx->key_len * 8, key);
else
ret=aesni_set_decrypt_key(user_key, ctx->key_len * 8, key);
if(ret < 0) {
EVPerr(EVP_F_AESNI_INIT_KEY,EVP_R_AES_KEY_SETUP_FAILED);
return 0;
}
return 1;
}
static int
aes_cipher_setkey(void *_ctx, const void *userkey, size_t keysize)
{
struct aes_ctx *ctx = _ctx;
int ret;
CHECK_AES_KEYSIZE(keysize);
if (ctx->enc)
ret =
aesni_set_encrypt_key(userkey, keysize * 8,
ALIGN16(&ctx->expanded_key));
else
ret =
aesni_set_decrypt_key(userkey, keysize * 8,
ALIGN16(&ctx->expanded_key));
if (ret != 0)
return gnutls_assert_val(GNUTLS_E_ENCRYPTION_FAILED);
return 0;
}