2
0

aes_icm_ossl.c 18 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544
  1. /*
  2. * aes_icm_ossl.c
  3. *
  4. * AES Integer Counter Mode
  5. *
  6. * John A. Foley
  7. * Cisco Systems, Inc.
  8. *
  9. * 2/24/2012: This module was modified to use CiscoSSL for AES counter
  10. * mode. Eddy Lem contributed the code to allow this.
  11. *
  12. * 12/20/2012: Added support for AES-192 and AES-256.
  13. */
  14. /*
  15. *
  16. * Copyright (c) 2013, Cisco Systems, Inc.
  17. * All rights reserved.
  18. *
  19. * Redistribution and use in source and binary forms, with or without
  20. * modification, are permitted provided that the following conditions
  21. * are met:
  22. *
  23. * Redistributions of source code must retain the above copyright
  24. * notice, this list of conditions and the following disclaimer.
  25. *
  26. * Redistributions in binary form must reproduce the above
  27. * copyright notice, this list of conditions and the following
  28. * disclaimer in the documentation and/or other materials provided
  29. * with the distribution.
  30. *
  31. * Neither the name of the Cisco Systems, Inc. nor the names of its
  32. * contributors may be used to endorse or promote products derived
  33. * from this software without specific prior written permission.
  34. *
  35. * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
  36. * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
  37. * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
  38. * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
  39. * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
  40. * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
  41. * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
  42. * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  43. * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
  44. * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
  45. * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
  46. * OF THE POSSIBILITY OF SUCH DAMAGE.
  47. *
  48. */
  49. #include <openssl/evp.h>
  50. #include "aes_icm_ossl.h"
  51. #include "crypto_types.h"
  52. #include "alloc.h"
  53. #include "crypto_types.h"
  54. debug_module_t mod_aes_icm = {
  55. 0, /* debugging is off by default */
  56. "aes icm ossl" /* printable module name */
  57. };
  58. extern cipher_test_case_t aes_icm_test_case_0;
  59. extern cipher_type_t aes_icm;
  60. extern cipher_type_t aes_icm_192;
  61. extern cipher_type_t aes_icm_256;
  62. /*
  63. * integer counter mode works as follows:
  64. *
  65. * 16 bits
  66. * <----->
  67. * +------+------+------+------+------+------+------+------+
  68. * | nonce | pakcet index | ctr |---+
  69. * +------+------+------+------+------+------+------+------+ |
  70. * |
  71. * +------+------+------+------+------+------+------+------+ v
  72. * | salt |000000|->(+)
  73. * +------+------+------+------+------+------+------+------+ |
  74. * |
  75. * +---------+
  76. * | encrypt |
  77. * +---------+
  78. * |
  79. * +------+------+------+------+------+------+------+------+ |
  80. * | keystream block |<--+
  81. * +------+------+------+------+------+------+------+------+
  82. *
  83. * All fields are big-endian
  84. *
  85. * ctr is the block counter, which increments from zero for
  86. * each packet (16 bits wide)
  87. *
  88. * packet index is distinct for each packet (48 bits wide)
  89. *
  90. * nonce can be distinct across many uses of the same key, or
  91. * can be a fixed value per key, or can be per-packet randomness
  92. * (64 bits)
  93. *
  94. */
  95. /*
  96. * This function allocates a new instance of this crypto engine.
  97. * The key_len parameter should be one of 30, 38, or 46 for
  98. * AES-128, AES-192, and AES-256 respectively. Note, this key_len
  99. * value is inflated, as it also accounts for the 112 bit salt
  100. * value. The tlen argument is for the AEAD tag length, which
  101. * isn't used in counter mode.
  102. */
  103. err_status_t aes_icm_openssl_alloc (cipher_t **c, int key_len, int tlen)
  104. {
  105. aes_icm_ctx_t *icm;
  106. int tmp;
  107. uint8_t *allptr;
  108. debug_print(mod_aes_icm, "allocating cipher with key length %d", key_len);
  109. /*
  110. * Verify the key_len is valid for one of: AES-128/192/256
  111. */
  112. if (key_len != AES_128_KEYSIZE_WSALT && key_len != AES_192_KEYSIZE_WSALT &&
  113. key_len != AES_256_KEYSIZE_WSALT) {
  114. return err_status_bad_param;
  115. }
  116. /* allocate memory a cipher of type aes_icm */
  117. tmp = sizeof(cipher_t) + sizeof(aes_icm_ctx_t);
  118. allptr = (uint8_t*)crypto_alloc(tmp);
  119. if (allptr == NULL) {
  120. return err_status_alloc_fail;
  121. }
  122. /* set pointers */
  123. *c = (cipher_t*)allptr;
  124. (*c)->state = allptr + sizeof(cipher_t);
  125. icm = (aes_icm_ctx_t*)(*c)->state;
  126. /* increment ref_count */
  127. switch (key_len) {
  128. case AES_128_KEYSIZE_WSALT:
  129. (*c)->algorithm = AES_128_ICM;
  130. (*c)->type = &aes_icm;
  131. aes_icm.ref_count++;
  132. ((aes_icm_ctx_t*)(*c)->state)->key_size = AES_128_KEYSIZE;
  133. break;
  134. case AES_192_KEYSIZE_WSALT:
  135. (*c)->algorithm = AES_192_ICM;
  136. (*c)->type = &aes_icm_192;
  137. aes_icm_192.ref_count++;
  138. ((aes_icm_ctx_t*)(*c)->state)->key_size = AES_192_KEYSIZE;
  139. break;
  140. case AES_256_KEYSIZE_WSALT:
  141. (*c)->algorithm = AES_256_ICM;
  142. (*c)->type = &aes_icm_256;
  143. aes_icm_256.ref_count++;
  144. ((aes_icm_ctx_t*)(*c)->state)->key_size = AES_256_KEYSIZE;
  145. break;
  146. }
  147. /* set key size */
  148. (*c)->key_len = key_len;
  149. EVP_CIPHER_CTX_init(&icm->ctx);
  150. return err_status_ok;
  151. }
  152. /*
  153. * This function deallocates an instance of this engine
  154. */
  155. err_status_t aes_icm_openssl_dealloc (cipher_t *c)
  156. {
  157. aes_icm_ctx_t *ctx;
  158. if (c == NULL) {
  159. return err_status_bad_param;
  160. }
  161. /*
  162. * Free the EVP context
  163. */
  164. ctx = (aes_icm_ctx_t*)c->state;
  165. if (ctx != NULL) {
  166. EVP_CIPHER_CTX_cleanup(&ctx->ctx);
  167. /* decrement ref_count for the appropriate engine */
  168. switch (ctx->key_size) {
  169. case AES_256_KEYSIZE:
  170. aes_icm_256.ref_count--;
  171. break;
  172. case AES_192_KEYSIZE:
  173. aes_icm_192.ref_count--;
  174. break;
  175. case AES_128_KEYSIZE:
  176. aes_icm.ref_count--;
  177. break;
  178. default:
  179. return err_status_dealloc_fail;
  180. break;
  181. }
  182. }
  183. /* zeroize entire state*/
  184. octet_string_set_to_zero((uint8_t*)c,
  185. sizeof(cipher_t) + sizeof(aes_icm_ctx_t));
  186. /* free memory */
  187. crypto_free(c);
  188. return err_status_ok;
  189. }
  190. /*
  191. * aes_icm_openssl_context_init(...) initializes the aes_icm_context
  192. * using the value in key[].
  193. *
  194. * the key is the secret key
  195. *
  196. * the salt is unpredictable (but not necessarily secret) data which
  197. * randomizes the starting point in the keystream
  198. */
  199. err_status_t aes_icm_openssl_context_init (aes_icm_ctx_t *c, const uint8_t *key)
  200. {
  201. /*
  202. * set counter and initial values to 'offset' value, being careful not to
  203. * go past the end of the key buffer
  204. */
  205. v128_set_to_zero(&c->counter);
  206. v128_set_to_zero(&c->offset);
  207. memcpy(&c->counter, key + c->key_size, SALT_SIZE);
  208. memcpy(&c->offset, key + c->key_size, SALT_SIZE);
  209. /* force last two octets of the offset to zero (for srtp compatibility) */
  210. c->offset.v8[SALT_SIZE] = c->offset.v8[SALT_SIZE + 1] = 0;
  211. c->counter.v8[SALT_SIZE] = c->counter.v8[SALT_SIZE + 1] = 0;
  212. /* copy key to be used later when CiscoSSL crypto context is created */
  213. v128_copy_octet_string((v128_t*)&c->key, key);
  214. /* if the key is greater than 16 bytes, copy the second
  215. * half. Note, we treat AES-192 and AES-256 the same here
  216. * for simplicity. The storage location receiving the
  217. * key is statically allocated to handle a full 32 byte key
  218. * regardless of the cipher in use.
  219. */
  220. if (c->key_size == AES_256_KEYSIZE || c->key_size == AES_192_KEYSIZE) {
  221. debug_print(mod_aes_icm, "Copying last 16 bytes of key: %s",
  222. v128_hex_string((v128_t*)(key + AES_128_KEYSIZE)));
  223. v128_copy_octet_string(((v128_t*)(&c->key.v8)) + 1, key + AES_128_KEYSIZE);
  224. }
  225. debug_print(mod_aes_icm, "key: %s", v128_hex_string((v128_t*)&c->key));
  226. debug_print(mod_aes_icm, "offset: %s", v128_hex_string(&c->offset));
  227. EVP_CIPHER_CTX_cleanup(&c->ctx);
  228. return err_status_ok;
  229. }
  230. /*
  231. * aes_icm_set_iv(c, iv) sets the counter value to the exor of iv with
  232. * the offset
  233. */
  234. err_status_t aes_icm_openssl_set_iv (aes_icm_ctx_t *c, void *iv, int dir)
  235. {
  236. const EVP_CIPHER *evp;
  237. v128_t nonce;
  238. /* set nonce (for alignment) */
  239. v128_copy_octet_string(&nonce, iv);
  240. debug_print(mod_aes_icm, "setting iv: %s", v128_hex_string(&nonce));
  241. v128_xor(&c->counter, &c->offset, &nonce);
  242. debug_print(mod_aes_icm, "set_counter: %s", v128_hex_string(&c->counter));
  243. switch (c->key_size) {
  244. case AES_256_KEYSIZE:
  245. evp = EVP_aes_256_ctr();
  246. break;
  247. case AES_192_KEYSIZE:
  248. evp = EVP_aes_192_ctr();
  249. break;
  250. case AES_128_KEYSIZE:
  251. evp = EVP_aes_128_ctr();
  252. break;
  253. default:
  254. return err_status_bad_param;
  255. break;
  256. }
  257. if (!EVP_EncryptInit_ex(&c->ctx, evp,
  258. NULL, c->key.v8, c->counter.v8)) {
  259. return err_status_fail;
  260. } else {
  261. return err_status_ok;
  262. }
  263. }
  264. /*
  265. * This function encrypts a buffer using AES CTR mode
  266. *
  267. * Parameters:
  268. * c Crypto context
  269. * buf data to encrypt
  270. * enc_len length of encrypt buffer
  271. */
  272. err_status_t aes_icm_openssl_encrypt (aes_icm_ctx_t *c, unsigned char *buf, unsigned int *enc_len)
  273. {
  274. int len = 0;
  275. debug_print(mod_aes_icm, "rs0: %s", v128_hex_string(&c->counter));
  276. if (!EVP_EncryptUpdate(&c->ctx, buf, &len, buf, *enc_len)) {
  277. return err_status_cipher_fail;
  278. }
  279. *enc_len = len;
  280. if (!EVP_EncryptFinal_ex(&c->ctx, buf, (int*)&len)) {
  281. return err_status_cipher_fail;
  282. }
  283. *enc_len += len;
  284. return err_status_ok;
  285. }
  286. /*
  287. * Abstraction layer for encrypt.
  288. */
  289. err_status_t aes_icm_output (aes_icm_ctx_t *c, uint8_t *buffer, int num_octets_to_output)
  290. {
  291. unsigned int len = num_octets_to_output;
  292. /* zeroize the buffer */
  293. octet_string_set_to_zero(buffer, num_octets_to_output);
  294. /* exor keystream into buffer */
  295. return aes_icm_openssl_encrypt(c, buffer, &len);
  296. }
  297. /*
  298. * Name of this crypto engine
  299. */
  300. char aes_icm_openssl_description[] = "AES-128 counter mode using openssl";
  301. char aes_icm_192_openssl_description[] = "AES-192 counter mode using openssl";
  302. char aes_icm_256_openssl_description[] = "AES-256 counter mode using openssl";
  303. /*
  304. * KAT values for AES self-test. These
  305. * values came from the legacy libsrtp code.
  306. */
  307. uint8_t aes_icm_test_case_0_key[AES_128_KEYSIZE_WSALT] = {
  308. 0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6,
  309. 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c,
  310. 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7,
  311. 0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd
  312. };
  313. uint8_t aes_icm_test_case_0_nonce[16] = {
  314. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  315. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
  316. };
  317. uint8_t aes_icm_test_case_0_plaintext[32] = {
  318. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  319. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  320. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  321. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  322. };
  323. uint8_t aes_icm_test_case_0_ciphertext[32] = {
  324. 0xe0, 0x3e, 0xad, 0x09, 0x35, 0xc9, 0x5e, 0x80,
  325. 0xe1, 0x66, 0xb1, 0x6d, 0xd9, 0x2b, 0x4e, 0xb4,
  326. 0xd2, 0x35, 0x13, 0x16, 0x2b, 0x02, 0xd0, 0xf7,
  327. 0x2a, 0x43, 0xa2, 0xfe, 0x4a, 0x5f, 0x97, 0xab
  328. };
  329. cipher_test_case_t aes_icm_test_case_0 = {
  330. AES_128_KEYSIZE_WSALT, /* octets in key */
  331. aes_icm_test_case_0_key, /* key */
  332. aes_icm_test_case_0_nonce, /* packet index */
  333. 32, /* octets in plaintext */
  334. aes_icm_test_case_0_plaintext, /* plaintext */
  335. 32, /* octets in ciphertext */
  336. aes_icm_test_case_0_ciphertext, /* ciphertext */
  337. 0,
  338. NULL,
  339. 0,
  340. NULL /* pointer to next testcase */
  341. };
  342. /*
  343. * KAT values for AES-192-CTR self-test. These
  344. * values came from section 7 of RFC 6188.
  345. */
  346. uint8_t aes_icm_192_test_case_1_key[AES_192_KEYSIZE_WSALT] = {
  347. 0xea, 0xb2, 0x34, 0x76, 0x4e, 0x51, 0x7b, 0x2d,
  348. 0x3d, 0x16, 0x0d, 0x58, 0x7d, 0x8c, 0x86, 0x21,
  349. 0x97, 0x40, 0xf6, 0x5f, 0x99, 0xb6, 0xbc, 0xf7,
  350. 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7,
  351. 0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd
  352. };
  353. uint8_t aes_icm_192_test_case_1_nonce[16] = {
  354. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  355. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
  356. };
  357. uint8_t aes_icm_192_test_case_1_plaintext[32] = {
  358. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  359. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  360. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  361. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  362. };
  363. uint8_t aes_icm_192_test_case_1_ciphertext[32] = {
  364. 0x35, 0x09, 0x6c, 0xba, 0x46, 0x10, 0x02, 0x8d,
  365. 0xc1, 0xb5, 0x75, 0x03, 0x80, 0x4c, 0xe3, 0x7c,
  366. 0x5d, 0xe9, 0x86, 0x29, 0x1d, 0xcc, 0xe1, 0x61,
  367. 0xd5, 0x16, 0x5e, 0xc4, 0x56, 0x8f, 0x5c, 0x9a
  368. };
  369. cipher_test_case_t aes_icm_192_test_case_1 = {
  370. AES_192_KEYSIZE_WSALT, /* octets in key */
  371. aes_icm_192_test_case_1_key, /* key */
  372. aes_icm_192_test_case_1_nonce, /* packet index */
  373. 32, /* octets in plaintext */
  374. aes_icm_192_test_case_1_plaintext, /* plaintext */
  375. 32, /* octets in ciphertext */
  376. aes_icm_192_test_case_1_ciphertext, /* ciphertext */
  377. 0,
  378. NULL,
  379. 0,
  380. NULL /* pointer to next testcase */
  381. };
  382. /*
  383. * KAT values for AES-256-CTR self-test. These
  384. * values came from section 7 of RFC 6188.
  385. */
  386. uint8_t aes_icm_256_test_case_2_key[AES_256_KEYSIZE_WSALT] = {
  387. 0x57, 0xf8, 0x2f, 0xe3, 0x61, 0x3f, 0xd1, 0x70,
  388. 0xa8, 0x5e, 0xc9, 0x3c, 0x40, 0xb1, 0xf0, 0x92,
  389. 0x2e, 0xc4, 0xcb, 0x0d, 0xc0, 0x25, 0xb5, 0x82,
  390. 0x72, 0x14, 0x7c, 0xc4, 0x38, 0x94, 0x4a, 0x98,
  391. 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7,
  392. 0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd
  393. };
  394. uint8_t aes_icm_256_test_case_2_nonce[16] = {
  395. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  396. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
  397. };
  398. uint8_t aes_icm_256_test_case_2_plaintext[32] = {
  399. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  400. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  401. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  402. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  403. };
  404. uint8_t aes_icm_256_test_case_2_ciphertext[32] = {
  405. 0x92, 0xbd, 0xd2, 0x8a, 0x93, 0xc3, 0xf5, 0x25,
  406. 0x11, 0xc6, 0x77, 0xd0, 0x8b, 0x55, 0x15, 0xa4,
  407. 0x9d, 0xa7, 0x1b, 0x23, 0x78, 0xa8, 0x54, 0xf6,
  408. 0x70, 0x50, 0x75, 0x6d, 0xed, 0x16, 0x5b, 0xac
  409. };
  410. cipher_test_case_t aes_icm_256_test_case_2 = {
  411. AES_256_KEYSIZE_WSALT, /* octets in key */
  412. aes_icm_256_test_case_2_key, /* key */
  413. aes_icm_256_test_case_2_nonce, /* packet index */
  414. 32, /* octets in plaintext */
  415. aes_icm_256_test_case_2_plaintext, /* plaintext */
  416. 32, /* octets in ciphertext */
  417. aes_icm_256_test_case_2_ciphertext, /* ciphertext */
  418. 0,
  419. NULL,
  420. 0,
  421. NULL /* pointer to next testcase */
  422. };
  423. /*
  424. * This is the function table for this crypto engine.
  425. * note: the encrypt function is identical to the decrypt function
  426. */
  427. cipher_type_t aes_icm = {
  428. (cipher_alloc_func_t) aes_icm_openssl_alloc,
  429. (cipher_dealloc_func_t) aes_icm_openssl_dealloc,
  430. (cipher_init_func_t) aes_icm_openssl_context_init,
  431. (cipher_set_aad_func_t) 0,
  432. (cipher_encrypt_func_t) aes_icm_openssl_encrypt,
  433. (cipher_decrypt_func_t) aes_icm_openssl_encrypt,
  434. (cipher_set_iv_func_t) aes_icm_openssl_set_iv,
  435. (cipher_get_tag_func_t) 0,
  436. (char*) aes_icm_openssl_description,
  437. (int) 0, /* instance count */
  438. (cipher_test_case_t*) &aes_icm_test_case_0,
  439. (debug_module_t*) &mod_aes_icm,
  440. (cipher_type_id_t) AES_ICM
  441. };
  442. /*
  443. * This is the function table for this crypto engine.
  444. * note: the encrypt function is identical to the decrypt function
  445. */
  446. cipher_type_t aes_icm_192 = {
  447. (cipher_alloc_func_t) aes_icm_openssl_alloc,
  448. (cipher_dealloc_func_t) aes_icm_openssl_dealloc,
  449. (cipher_init_func_t) aes_icm_openssl_context_init,
  450. (cipher_set_aad_func_t) 0,
  451. (cipher_encrypt_func_t) aes_icm_openssl_encrypt,
  452. (cipher_decrypt_func_t) aes_icm_openssl_encrypt,
  453. (cipher_set_iv_func_t) aes_icm_openssl_set_iv,
  454. (cipher_get_tag_func_t) 0,
  455. (char*) aes_icm_192_openssl_description,
  456. (int) 0, /* instance count */
  457. (cipher_test_case_t*) &aes_icm_192_test_case_1,
  458. (debug_module_t*) &mod_aes_icm,
  459. (cipher_type_id_t) AES_192_ICM
  460. };
  461. /*
  462. * This is the function table for this crypto engine.
  463. * note: the encrypt function is identical to the decrypt function
  464. */
  465. cipher_type_t aes_icm_256 = {
  466. (cipher_alloc_func_t) aes_icm_openssl_alloc,
  467. (cipher_dealloc_func_t) aes_icm_openssl_dealloc,
  468. (cipher_init_func_t) aes_icm_openssl_context_init,
  469. (cipher_set_aad_func_t) 0,
  470. (cipher_encrypt_func_t) aes_icm_openssl_encrypt,
  471. (cipher_decrypt_func_t) aes_icm_openssl_encrypt,
  472. (cipher_set_iv_func_t) aes_icm_openssl_set_iv,
  473. (cipher_get_tag_func_t) 0,
  474. (char*) aes_icm_256_openssl_description,
  475. (int) 0, /* instance count */
  476. (cipher_test_case_t*) &aes_icm_256_test_case_2,
  477. (debug_module_t*) &mod_aes_icm,
  478. (cipher_type_id_t) AES_256_ICM
  479. };