1/* Copyright (c) (2017-2019,2021,2022) Apple Inc. All rights reserved.
2 *
3 * corecrypto is licensed under Apple Inc.’s Internal Use License Agreement (which
4 * is contained in the License.txt file distributed with corecrypto) and only to
5 * people who accept that license. IMPORTANT: Any license rights granted to you by
6 * Apple Inc. (if any) are limited to internal use within your organization only on
7 * devices and computers you own or control, for the sole purpose of verifying the
8 * security characteristics and correct functioning of the Apple Software. You may
9 * not, directly or indirectly, redistribute the Apple Software or any portions thereof.
10 *
11 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
12 *
13 * This file contains Original Code and/or Modifications of Original Code
14 * as defined in and that are subject to the Apple Public Source License
15 * Version 2.0 (the 'License'). You may not use this file except in
16 * compliance with the License. The rights granted to you under the License
17 * may not be used to create, or enable the creation or redistribution of,
18 * unlawful or unlicensed copies of an Apple operating system, or to
19 * circumvent, violate, or enable the circumvention or violation of, any
20 * terms of an Apple operating system software license agreement.
21 *
22 * Please obtain a copy of the License at
23 * http://www.opensource.apple.com/apsl/ and read it before using this file.
24 *
25 * The Original Code and all software distributed under the License are
26 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
27 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
28 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
29 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
30 * Please see the License for the specific language governing rights and
31 * limitations under the License.
32 *
33 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
34 */
35
36#include "cc_config.h"
37#include "cc_internal.h"
38#include "cc_macros.h"
39#include "fipspost_trace.h"
40#include <corecrypto/ccmode.h>
41
42size_t
43cccbc_context_size(const struct ccmode_cbc *mode)
44{
45 CC_ENSURE_DIT_ENABLED
46
47 return mode->size;
48}
49
50size_t
51cccbc_block_size(const struct ccmode_cbc *mode)
52{
53 CC_ENSURE_DIT_ENABLED
54
55 return mode->block_size;
56}
57
58int
59cccbc_init(const struct ccmode_cbc *mode,
60 cccbc_ctx *ctx,
61 size_t key_len,
62 const void *cc_sized_by(key_len)key)
63{
64 CC_ENSURE_DIT_ENABLED
65
66 return mode->init(mode, ctx, key_len, key);
67}
68
69int
70cccbc_copy_iv(cccbc_iv *cc_sized_by(len)iv_ctx,
71 const void *cc_sized_by(len)iv,
72 size_t len)
73{
74 CC_ENSURE_DIT_ENABLED
75
76#if CC_IBOOT
77 // Currently ptrcheck in iboot doesn't understand the above annotations
78 // and fails when we use cc_memcpy. A future version of ptrcheck will
79 // fix this issue. See rdar://79987676
80 memcpy(iv_ctx, iv, len);
81#else
82 cc_memcpy(iv_ctx, iv, len);
83#endif
84 return 0;
85}
86
87int
88cccbc_clear_iv(cccbc_iv *cc_sized_by(len)iv_ctx, size_t len)
89{
90 CC_ENSURE_DIT_ENABLED
91
92 cc_clear(len, dst: iv_ctx);
93 return 0;
94}
95
96int
97cccbc_set_iv(const struct ccmode_cbc *mode, cccbc_iv *iv_ctx, const void *iv)
98{
99 CC_ENSURE_DIT_ENABLED
100
101 if (iv) {
102 return cccbc_copy_iv(iv_ctx, iv, len: mode->block_size);
103 }
104
105 return cccbc_clear_iv(iv_ctx, len: mode->block_size);
106}
107
108int
109cccbc_update(const struct ccmode_cbc *mode,
110 const cccbc_ctx *ctx,
111 cccbc_iv *iv,
112 size_t nblocks,
113 const void *cc_indexable in,
114 void *cc_indexable out)
115{
116 CC_ENSURE_DIT_ENABLED
117
118 return mode->cbc(ctx, iv, nblocks, in, out);
119}
120
121int
122cccbc_one_shot(const struct ccmode_cbc *mode,
123 size_t key_len,
124 const void *cc_sized_by(key_len)key,
125 const void *iv,
126 size_t nblocks,
127 const void *in,
128 void *out)
129{
130 CC_ENSURE_DIT_ENABLED
131
132 FIPSPOST_TRACE_EVENT;
133
134 size_t iv_len = 0;
135 if (iv) {
136 iv_len = mode->block_size;
137 }
138
139 return cccbc_one_shot_explicit(mode,
140 key_len,
141 iv_len,
142 block_size: mode->block_size,
143 nblocks,
144 key,
145 cc_unsafe_forge_bidi_indexable(iv, iv_len),
146 cc_unsafe_forge_bidi_indexable(in, mode->block_size * nblocks),
147 cc_unsafe_forge_bidi_indexable(out, mode->block_size * nblocks));
148}
149
150int
151cccbc_one_shot_explicit(const struct ccmode_cbc *mode,
152 size_t key_len,
153 size_t iv_len,
154 size_t block_size,
155 size_t nblocks,
156 const void *cc_sized_by(key_len)key,
157 const void *cc_sized_by(iv_len)iv,
158 const void *cc_sized_by(block_size * nblocks)in,
159 void *cc_sized_by(block_size * nblocks)out)
160{
161 CC_ENSURE_DIT_ENABLED
162
163 FIPSPOST_TRACE_EVENT;
164
165 // iv_len must be either equal to block_size, or 0 if the iv is NULL.
166 // Once __sized_by_or_null is available, we can get rid of iv_len and use
167 // cc_sized_by_or_null(block_size) to annotate the length of iv instead.
168 if (block_size != mode->block_size || (iv_len != block_size && iv_len != 0)) {
169 return CCERR_PARAMETER; /* Invalid input size */
170 }
171
172 int rc;
173 cccbc_ctx_decl(mode->size, ctx);
174 cccbc_iv_decl(mode->block_size, iv_ctx);
175 rc = mode->init(mode, ctx, key_len, key);
176 cc_require_or_return(rc == CCERR_OK, rc);
177 if (iv) {
178 cc_memcpy(iv_ctx, iv, mode->block_size);
179 } else {
180 cc_clear(len: mode->block_size, dst: iv_ctx);
181 }
182 rc = mode->cbc(ctx, iv_ctx, nblocks, in, out);
183 cccbc_ctx_clear(mode->size, ctx);
184 return rc;
185}
186