2N/A * The contents of this file are subject to the terms of the 2N/A * Common Development and Distribution License (the "License"). 2N/A * You may not use this file except in compliance with the License. 2N/A * See the License for the specific language governing permissions 2N/A * and limitations under the License. 2N/A * When distributing Covered Code, include this CDDL HEADER in each 2N/A * If applicable, add the following below this CDDL HEADER, with the 2N/A * fields enclosed by brackets "[]" replaced with your own identifying 2N/A * information: Portions Copyright [yyyy] [name of copyright owner] 2N/A * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved. 2N/A/* Threshold to use optimized AES-NI Modes code when AES-NI is present */ 2N/A * Return 1 if executing on Intel with AES-NI instructions, 2N/A * otherwise 0 (i.e., Intel without AES-NI or AMD64). 2N/A * Cache the result, as the CPU can't change. 2N/A * Allocate context for the active encryption or decryption operation, and 2N/A * generate AES key schedule to speed up the operation. 2N/A * If this is a non-sensitive key and it does NOT have 2N/A * a key schedule yet, then allocate one and expand it. 2N/A * Otherwise, if it's a non-sensitive key, and it DOES have 2N/A * a key schedule already attached to it, just copy the 2N/A * pre-expanded schedule to the context and avoid the 2N/A * extra key schedule expansion operation. 2N/A#
else /* !__sparcv9 */ 2N/A#
endif /* __sparcv9 */ 2N/A * Initialize key schedule for AES. aes_init_keysched() 2N/A * requires key length in bits. 2N/A#
else /* !__sparcv9 */ 2N/A#
endif /* __sparcv9 */ 2N/A * soft_aes_encrypt_common() 2N/A * session_p: pointer to soft_session_t struct 2N/A * pData: pointer to the input data to be encrypted 2N/A * ulDataLen: length of the input data 2N/A * pEncrypted: pointer to the output data after encryption 2N/A * pulEncryptedLen: pointer to the length of the output data 2N/A * update: boolean flag indicates caller is soft_encrypt 2N/A * or soft_encrypt_update 2N/A * This function calls the corresponding encrypt routine based 2N/A * CKR_BUFFER_TOO_SMALL: the output buffer provided by application 2N/A * CKR_FUNCTION_FAILED: encrypt function failed 2N/A * CKR_DATA_LEN_RANGE: the input data is not a multiple of blocksize 2N/A * AES only takes input length that is a multiple of blocksize 2N/A * for C_Encrypt function with the mechanism CKM_AES_ECB or 2N/A * AES allows any input length for C_Encrypt function with the 2N/A * mechanism CKM_AES_CBC_PAD and for C_EncryptUpdate function. 2N/A * Called by C_Encrypt 2N/A * For CKM_AES_CBC_PAD, compute output length to 2N/A * count for the padding. If the length of input 2N/A * data is a multiple of blocksize, then make output 2N/A * length to be the sum of the input length and 2N/A * one blocksize. Otherwise, output length will 2N/A * be rounded up to the next multiple of blocksize. 2N/A * For non-padding mode, the output length will 2N/A * be same as the input length. 2N/A * If application asks for the length of the output buffer 2N/A * to hold the ciphertext? 2N/A /* Is the application-supplied buffer large enough? */ 2N/A /* Encrypt pad bytes in a separate operation */ 2N/A * Called by C_EncryptUpdate 2N/A * Add the lengths of last remaining data and current 2N/A * plaintext together to get the total input length. 2N/A * If the total input length is less than one blocksize, 2N/A * or if the total input length is just one blocksize and 2N/A * the mechanism is CKM_AES_CBC_PAD, we will need to delay 2N/A * encryption until when more data comes in next 2N/A * C_EncryptUpdate or when C_EncryptFinal is called. 2N/A * Save input data and its length in 2N/A * the remaining buffer of AES context. 2N/A /* Set encrypted data length to 0. */ 2N/A /* Compute the length of remaining data. */ 2N/A * Make sure that the output length is a multiple of 2N/A * If application asks for the length of the output buffer 2N/A * to hold the ciphertext? 2N/A /* Is the application-supplied buffer large enough? */ 2N/A * Copy last remaining data and current input data 2N/A * to the output buffer. 2N/A * Begin Encryption now. 2N/A /* LINTED E_CONSTANT_CONDITION */ 2N/A * AES-NI for small buffers - 2N/A * call block-level AES encrypt function directly. 2N/A /* Crunch one block of data for AES. */ 2N/A * aes_encrypt_contiguous_blocks(). 2N/A /* Encrypt multiple blocks of data. */ 2N/A * For encrypt update, if there is remaining 2N/A * data, save it and its length in the context. 2N/A /* Encrypt multiple blocks of data. */ 2N/A * For encrypt update, if there is remaining data, 2N/A * save it and its length in the context. 2N/A * Save the remainder of the input 2N/A * block in a temporary block because 2N/A * we don't want to overrun the buffer 2N/A * by tacking on pad bytes. 2N/A /* Encrypt last block containing pad bytes. */ 2N/A * The following code will be executed if the caller is 2N/A * soft_encrypt() or an error occurred. The encryption 2N/A * operation will be terminated so we need to do some cleanup. 2N/A * soft_aes_decrypt_common() 2N/A * session_p: pointer to soft_session_t struct 2N/A * pEncrypted: pointer to the input data to be decrypted 2N/A * ulEncryptedLen: length of the input data 2N/A * pData: pointer to the output data 2N/A * pulDataLen: pointer to the length of the output data 2N/A * Update: boolean flag indicates caller is soft_decrypt 2N/A * or soft_decrypt_update 2N/A * This function calls the corresponding decrypt routine based 2N/A * CKR_BUFFER_TOO_SMALL: the output buffer provided by application 2N/A * CKR_ENCRYPTED_DATA_LEN_RANGE: the input data is not a multiple 2N/A * CKR_FUNCTION_FAILED: decrypt function failed 2N/A * AES only takes input length that is a multiple of 16 bytes 2N/A * for C_Decrypt function with the mechanism CKM_AES_ECB, 2N/A * CKM_AES_CBC or CKM_AES_CBC_PAD. 2N/A * AES allows any input length for C_DecryptUpdate function. 2N/A * Called by C_Decrypt 2N/A * If application asks for the length of the output buffer 2N/A * to hold the plaintext? 2N/A /* Is the application-supplied buffer large enough? */ 2N/A * For CKM_AES_CBC_PAD, we don't know how 2N/A * many bytes for padding at this time, so 2N/A * we'd assume one block was padded. 2N/A * Called by C_DecryptUpdate 2N/A * Add the lengths of last remaining data and current 2N/A * input data together to get the total input length. 2N/A * If the total input length is less than one blocksize, 2N/A * or if the total input length is just one blocksize and 2N/A * the mechanism is CKM_AES_CBC_PAD, we will need to delay 2N/A * decryption until when more data comes in next 2N/A * C_DecryptUpdate or when C_DecryptFinal is called. 2N/A * Save input data and its length in 2N/A * the remaining buffer of AES context. 2N/A /* Set output data length to 0. */ 2N/A /* Compute the length of remaining data. */ 2N/A * Make sure that the output length is a multiple of 2N/A * If the input data length is a multiple of 2N/A * blocksize, then save the last block of input 2N/A * data in the remaining buffer. C_DecryptFinal 2N/A * will handle this last block of data. 2N/A * If application asks for the length of the output buffer 2N/A * to hold the plaintext? 2N/A * Is the application-supplied buffer large enough? 2N/A * Copy last remaining data and current input data 2N/A * to the output buffer. 2N/A /* LINTED E_CONSTANT_CONDITION */ 2N/A * AES-NI for small buffers - 2N/A * call block-level AES encrypt function directly. 2N/A /* Crunch one block of data for AES. */ 2N/A * aes_decrypt_contiguous_blocks(). 2N/A /* Decrypt multiple blocks of data. */ 2N/A * For decrypt update, if there is remaining 2N/A * data, save it and its length in the context. 2N/A /* Decrypt multiple blocks of data. */ 2N/A /* Decrypt last block containing pad bytes. */ 2N/A /* Decrypt last block containing pad bytes. */ 2N/A * Remove padding bytes after decryption of 2N/A * ciphertext block to produce the original 2N/A * For decrypt update, if there is remaining data 2N/A * save it and its length in the context. 2N/A * The following code will be executed if the caller is 2N/A * soft_decrypt() or an error occurred. The decryption 2N/A * operation will be terminated so we need to do some cleanup. 2N/A * Allocate and initialize a context for AES ECB mode of operation. 2N/A * This is done only for AMD64 to use combined AES/ECB mode 2N/A * optimization. Otherwise, the block-level AES encrypt and decrypt 2N/A * functions are called directly. 2N/A * Allocate and initialize a context for AES CBC mode of operation. 2N/A * Allocate and initialize a context for AES CTR mode of operation. 2N/A /* LINTED: pointer alignment */