Commit 232a385f authored by Dmitry Baryshkov's avatar Dmitry Baryshkov Committed by Niels Möller

Provide wrappers around OpenSSL AES GCM

For benchmarking purposes provide wrappers around OpenSSL AES GCM
implementation. Note, digest callback will work only for encryption due
to OpenSSL internals.
Signed-off-by: Dmitry Baryshkov's avatarDmitry Eremin-Solenikov <dbaryshkov@gmail.com>
parent 5b5a0f40
......@@ -80,7 +80,7 @@ openssl_evp_set_encrypt_key(void *p, const uint8_t *key,
{
struct openssl_cipher_ctx *ctx = p;
ctx->evp = EVP_CIPHER_CTX_new();
assert(EVP_EncryptInit_ex(ctx->evp, cipher, NULL, key, NULL) == 1);
assert(EVP_CipherInit_ex(ctx->evp, cipher, NULL, key, NULL, 1) == 1);
EVP_CIPHER_CTX_set_padding(ctx->evp, 0);
}
static void
......@@ -89,7 +89,7 @@ openssl_evp_set_decrypt_key(void *p, const uint8_t *key,
{
struct openssl_cipher_ctx *ctx = p;
ctx->evp = EVP_CIPHER_CTX_new();
assert(EVP_DecryptInit_ex(ctx->evp, cipher, NULL, key, NULL) == 1);
assert(EVP_CipherInit_ex(ctx->evp, cipher, NULL, key, NULL, 0) == 1);
EVP_CIPHER_CTX_set_padding(ctx->evp, 0);
}
......@@ -110,6 +110,47 @@ openssl_evp_decrypt(const void *p, size_t length,
assert(EVP_DecryptUpdate(ctx->evp, dst, &len, src, length) == 1);
}
static void
openssl_evp_set_nonce(void *p, const uint8_t *nonce)
{
const struct openssl_cipher_ctx *ctx = p;
assert(EVP_CipherInit_ex(ctx->evp, NULL, NULL, NULL, nonce, -1) == 1);
}
static void
openssl_evp_update(void *p, size_t length, const uint8_t *src)
{
const struct openssl_cipher_ctx *ctx = p;
int len;
assert(EVP_EncryptUpdate(ctx->evp, NULL, &len, src, length) == 1);
}
/* This will work for encryption only! */
static void
openssl_evp_gcm_digest(void *p, size_t length, uint8_t *dst)
{
const struct openssl_cipher_ctx *ctx = p;
assert(EVP_CIPHER_CTX_ctrl(ctx->evp, EVP_CTRL_GCM_GET_TAG, length, dst) == 1);
}
static void
openssl_evp_aead_encrypt(void *p, size_t length,
uint8_t *dst, const uint8_t *src)
{
const struct openssl_cipher_ctx *ctx = p;
int len;
assert(EVP_EncryptUpdate(ctx->evp, dst, &len, src, length) == 1);
}
static void
openssl_evp_aead_decrypt(void *p, size_t length,
uint8_t *dst, const uint8_t *src)
{
const struct openssl_cipher_ctx *ctx = p;
int len;
assert(EVP_DecryptUpdate(ctx->evp, dst, &len, src, length) == 1);
}
/* AES */
static nettle_set_key_func openssl_aes128_set_encrypt_key;
static nettle_set_key_func openssl_aes128_set_decrypt_key;
......@@ -175,6 +216,70 @@ nettle_openssl_aes256 = {
openssl_evp_encrypt, openssl_evp_decrypt
};
/* AES-GCM */
static void
openssl_gcm_aes128_set_encrypt_key(void *ctx, const uint8_t *key)
{
openssl_evp_set_encrypt_key(ctx, key, EVP_aes_128_gcm());
}
static void
openssl_gcm_aes128_set_decrypt_key(void *ctx, const uint8_t *key)
{
openssl_evp_set_decrypt_key(ctx, key, EVP_aes_128_gcm());
}
static void
openssl_gcm_aes192_set_encrypt_key(void *ctx, const uint8_t *key)
{
openssl_evp_set_encrypt_key(ctx, key, EVP_aes_192_gcm());
}
static void
openssl_gcm_aes192_set_decrypt_key(void *ctx, const uint8_t *key)
{
openssl_evp_set_decrypt_key(ctx, key, EVP_aes_192_gcm());
}
static void
openssl_gcm_aes256_set_encrypt_key(void *ctx, const uint8_t *key)
{
openssl_evp_set_encrypt_key(ctx, key, EVP_aes_256_gcm());
}
static void
openssl_gcm_aes256_set_decrypt_key(void *ctx, const uint8_t *key)
{
openssl_evp_set_decrypt_key(ctx, key, EVP_aes_256_gcm());
}
const struct nettle_aead
nettle_openssl_gcm_aes128 = {
"openssl gcm_aes128", sizeof(struct openssl_cipher_ctx),
16, 16, 12, 16,
openssl_gcm_aes128_set_encrypt_key, openssl_gcm_aes128_set_decrypt_key,
openssl_evp_set_nonce, openssl_evp_update,
openssl_evp_aead_encrypt, openssl_evp_aead_decrypt,
openssl_evp_gcm_digest
};
const struct nettle_aead
nettle_openssl_gcm_aes192 = {
"openssl gcm_aes192", sizeof(struct openssl_cipher_ctx),
16, 24, 12, 16,
openssl_gcm_aes192_set_encrypt_key, openssl_gcm_aes192_set_decrypt_key,
openssl_evp_set_nonce, openssl_evp_update,
openssl_evp_aead_encrypt, openssl_evp_aead_decrypt,
openssl_evp_gcm_digest
};
const struct nettle_aead
nettle_openssl_gcm_aes256 = {
"openssl gcm_aes256", sizeof(struct openssl_cipher_ctx),
16, 32, 12, 16,
openssl_gcm_aes256_set_encrypt_key, openssl_gcm_aes256_set_decrypt_key,
openssl_evp_set_nonce, openssl_evp_update,
openssl_evp_aead_encrypt, openssl_evp_aead_decrypt,
openssl_evp_gcm_digest
};
/* Arcfour */
static void
openssl_arcfour128_set_encrypt_key(void *ctx, const uint8_t *key)
......
......@@ -76,6 +76,9 @@ extern const struct nettle_aead nettle_arcfour128;
extern const struct nettle_aead nettle_chacha;
extern const struct nettle_aead nettle_salsa20;
extern const struct nettle_aead nettle_salsa20r12;
extern const struct nettle_aead nettle_openssl_gcm_aes128;
extern const struct nettle_aead nettle_openssl_gcm_aes192;
extern const struct nettle_aead nettle_openssl_gcm_aes256;
/* Glue to openssl, for comparative benchmarking. Code in
* examples/nettle-openssl.c. */
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment