sandbox
mbedtls ported to mbed-classic
Fork of
mbedtls
by 
Christopher Haster
Embed:
(wiki syntax)
Show/hide line numbers
aes.h
Go to the documentation of this file.
00001 /** 00002 * \file aes.h 00003 * 00004 * \brief AES block cipher 00005 * 00006 * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved 00007 * SPDX-License-Identifier: Apache-2.0 00008 * 00009 * Licensed under the Apache License, Version 2.0 (the "License"); you may 00010 * not use this file except in compliance with the License. 00011 * You may obtain a copy of the License at 00012 * 00013 * http://www.apache.org/licenses/LICENSE-2.0 00014 * 00015 * Unless required by applicable law or agreed to in writing, software 00016 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT 00017 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 00018 * See the License for the specific language governing permissions and 00019 * limitations under the License. 00020 * 00021 * This file is part of mbed TLS (https://tls.mbed.org) 00022 */ 00023 #ifndef MBEDTLS_AES_H 00024 #define MBEDTLS_AES_H 00025 00026 #if !defined(MBEDTLS_CONFIG_FILE) 00027 #include "config.h" 00028 #else 00029 #include MBEDTLS_CONFIG_FILE 00030 #endif 00031 00032 #include <stddef.h> 00033 #include <stdint.h> 00034 00035 /* padlock.c and aesni.c rely on these values! */ 00036 #define MBEDTLS_AES_ENCRYPT 1 00037 #define MBEDTLS_AES_DECRYPT 0 00038 00039 #define MBEDTLS_ERR_AES_INVALID_KEY_LENGTH -0x0020 /**< Invalid key length. */ 00040 #define MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH -0x0022 /**< Invalid data input length. */ 00041 00042 #if !defined(MBEDTLS_AES_ALT) 00043 // Regular implementation 00044 // 00045 00046 #ifdef __cplusplus 00047 extern "C" { 00048 #endif 00049 00050 /** 00051 * \brief AES context structure 00052 * 00053 * \note buf is able to hold 32 extra bytes, which can be used: 00054 * - for alignment purposes if VIA padlock is used, and/or 00055 * - to simplify key expansion in the 256-bit case by 00056 * generating an extra round key 00057 */ 00058 typedef struct 00059 { 00060 int nr ; /*!< number of rounds */ 00061 uint32_t *rk ; /*!< AES round keys */ 00062 uint32_t buf[68]; /*!< unaligned data */ 00063 } 00064 mbedtls_aes_context; 00065 00066 /** 00067 * \brief Initialize AES context 00068 * 00069 * \param ctx AES context to be initialized 00070 */ 00071 void mbedtls_aes_init( mbedtls_aes_context *ctx ); 00072 00073 /** 00074 * \brief Clear AES context 00075 * 00076 * \param ctx AES context to be cleared 00077 */ 00078 void mbedtls_aes_free( mbedtls_aes_context *ctx ); 00079 00080 /** 00081 * \brief AES key schedule (encryption) 00082 * 00083 * \param ctx AES context to be initialized 00084 * \param key encryption key 00085 * \param keybits must be 128, 192 or 256 00086 * 00087 * \return 0 if successful, or MBEDTLS_ERR_AES_INVALID_KEY_LENGTH 00088 */ 00089 int mbedtls_aes_setkey_enc( mbedtls_aes_context *ctx, const unsigned char *key, 00090 unsigned int keybits ); 00091 00092 /** 00093 * \brief AES key schedule (decryption) 00094 * 00095 * \param ctx AES context to be initialized 00096 * \param key decryption key 00097 * \param keybits must be 128, 192 or 256 00098 * 00099 * \return 0 if successful, or MBEDTLS_ERR_AES_INVALID_KEY_LENGTH 00100 */ 00101 int mbedtls_aes_setkey_dec( mbedtls_aes_context *ctx, const unsigned char *key, 00102 unsigned int keybits ); 00103 00104 /** 00105 * \brief AES-ECB block encryption/decryption 00106 * 00107 * \param ctx AES context 00108 * \param mode MBEDTLS_AES_ENCRYPT or MBEDTLS_AES_DECRYPT 00109 * \param input 16-byte input block 00110 * \param output 16-byte output block 00111 * 00112 * \return 0 if successful 00113 */ 00114 int mbedtls_aes_crypt_ecb( mbedtls_aes_context *ctx, 00115 int mode, 00116 const unsigned char input[16], 00117 unsigned char output[16] ); 00118 00119 #if defined(MBEDTLS_CIPHER_MODE_CBC) 00120 /** 00121 * \brief AES-CBC buffer encryption/decryption 00122 * Length should be a multiple of the block 00123 * size (16 bytes) 00124 * 00125 * \note Upon exit, the content of the IV is updated so that you can 00126 * call the function same function again on the following 00127 * block(s) of data and get the same result as if it was 00128 * encrypted in one call. This allows a "streaming" usage. 00129 * If on the other hand you need to retain the contents of the 00130 * IV, you should either save it manually or use the cipher 00131 * module instead. 00132 * 00133 * \param ctx AES context 00134 * \param mode MBEDTLS_AES_ENCRYPT or MBEDTLS_AES_DECRYPT 00135 * \param length length of the input data 00136 * \param iv initialization vector (updated after use) 00137 * \param input buffer holding the input data 00138 * \param output buffer holding the output data 00139 * 00140 * \return 0 if successful, or MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH 00141 */ 00142 int mbedtls_aes_crypt_cbc( mbedtls_aes_context *ctx, 00143 int mode, 00144 size_t length, 00145 unsigned char iv[16], 00146 const unsigned char *input, 00147 unsigned char *output ); 00148 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 00149 00150 #if defined(MBEDTLS_CIPHER_MODE_CFB) 00151 /** 00152 * \brief AES-CFB128 buffer encryption/decryption. 00153 * 00154 * Note: Due to the nature of CFB you should use the same key schedule for 00155 * both encryption and decryption. So a context initialized with 00156 * mbedtls_aes_setkey_enc() for both MBEDTLS_AES_ENCRYPT and MBEDTLS_AES_DECRYPT. 00157 * 00158 * \note Upon exit, the content of the IV is updated so that you can 00159 * call the function same function again on the following 00160 * block(s) of data and get the same result as if it was 00161 * encrypted in one call. This allows a "streaming" usage. 00162 * If on the other hand you need to retain the contents of the 00163 * IV, you should either save it manually or use the cipher 00164 * module instead. 00165 * 00166 * \param ctx AES context 00167 * \param mode MBEDTLS_AES_ENCRYPT or MBEDTLS_AES_DECRYPT 00168 * \param length length of the input data 00169 * \param iv_off offset in IV (updated after use) 00170 * \param iv initialization vector (updated after use) 00171 * \param input buffer holding the input data 00172 * \param output buffer holding the output data 00173 * 00174 * \return 0 if successful 00175 */ 00176 int mbedtls_aes_crypt_cfb128( mbedtls_aes_context *ctx, 00177 int mode, 00178 size_t length, 00179 size_t *iv_off, 00180 unsigned char iv[16], 00181 const unsigned char *input, 00182 unsigned char *output ); 00183 00184 /** 00185 * \brief AES-CFB8 buffer encryption/decryption. 00186 * 00187 * Note: Due to the nature of CFB you should use the same key schedule for 00188 * both encryption and decryption. So a context initialized with 00189 * mbedtls_aes_setkey_enc() for both MBEDTLS_AES_ENCRYPT and MBEDTLS_AES_DECRYPT. 00190 * 00191 * \note Upon exit, the content of the IV is updated so that you can 00192 * call the function same function again on the following 00193 * block(s) of data and get the same result as if it was 00194 * encrypted in one call. This allows a "streaming" usage. 00195 * If on the other hand you need to retain the contents of the 00196 * IV, you should either save it manually or use the cipher 00197 * module instead. 00198 * 00199 * \param ctx AES context 00200 * \param mode MBEDTLS_AES_ENCRYPT or MBEDTLS_AES_DECRYPT 00201 * \param length length of the input data 00202 * \param iv initialization vector (updated after use) 00203 * \param input buffer holding the input data 00204 * \param output buffer holding the output data 00205 * 00206 * \return 0 if successful 00207 */ 00208 int mbedtls_aes_crypt_cfb8( mbedtls_aes_context *ctx, 00209 int mode, 00210 size_t length, 00211 unsigned char iv[16], 00212 const unsigned char *input, 00213 unsigned char *output ); 00214 #endif /*MBEDTLS_CIPHER_MODE_CFB */ 00215 00216 #if defined(MBEDTLS_CIPHER_MODE_CTR) 00217 /** 00218 * \brief AES-CTR buffer encryption/decryption 00219 * 00220 * Warning: You have to keep the maximum use of your counter in mind! 00221 * 00222 * Note: Due to the nature of CTR you should use the same key schedule for 00223 * both encryption and decryption. So a context initialized with 00224 * mbedtls_aes_setkey_enc() for both MBEDTLS_AES_ENCRYPT and MBEDTLS_AES_DECRYPT. 00225 * 00226 * \param ctx AES context 00227 * \param length The length of the data 00228 * \param nc_off The offset in the current stream_block (for resuming 00229 * within current cipher stream). The offset pointer to 00230 * should be 0 at the start of a stream. 00231 * \param nonce_counter The 128-bit nonce and counter. 00232 * \param stream_block The saved stream-block for resuming. Is overwritten 00233 * by the function. 00234 * \param input The input data stream 00235 * \param output The output data stream 00236 * 00237 * \return 0 if successful 00238 */ 00239 int mbedtls_aes_crypt_ctr( mbedtls_aes_context *ctx, 00240 size_t length, 00241 size_t *nc_off, 00242 unsigned char nonce_counter[16], 00243 unsigned char stream_block[16], 00244 const unsigned char *input, 00245 unsigned char *output ); 00246 #endif /* MBEDTLS_CIPHER_MODE_CTR */ 00247 00248 /** 00249 * \brief Internal AES block encryption function 00250 * (Only exposed to allow overriding it, 00251 * see MBEDTLS_AES_ENCRYPT_ALT) 00252 * 00253 * \param ctx AES context 00254 * \param input Plaintext block 00255 * \param output Output (ciphertext) block 00256 */ 00257 void mbedtls_aes_encrypt( mbedtls_aes_context *ctx, 00258 const unsigned char input[16], 00259 unsigned char output[16] ); 00260 00261 /** 00262 * \brief Internal AES block decryption function 00263 * (Only exposed to allow overriding it, 00264 * see MBEDTLS_AES_DECRYPT_ALT) 00265 * 00266 * \param ctx AES context 00267 * \param input Ciphertext block 00268 * \param output Output (plaintext) block 00269 */ 00270 void mbedtls_aes_decrypt( mbedtls_aes_context *ctx, 00271 const unsigned char input[16], 00272 unsigned char output[16] ); 00273 00274 #ifdef __cplusplus 00275 } 00276 #endif 00277 00278 #else /* MBEDTLS_AES_ALT */ 00279 #include "aes_alt.h" 00280 #endif /* MBEDTLS_AES_ALT */ 00281 00282 #ifdef __cplusplus 00283 extern "C" { 00284 #endif 00285 00286 /** 00287 * \brief Checkup routine 00288 * 00289 * \return 0 if successful, or 1 if the test failed 00290 */ 00291 int mbedtls_aes_self_test( int verbose ); 00292 00293 #ifdef __cplusplus 00294 } 00295 #endif 00296 00297 #endif /* aes.h */
Generated on Tue Jul 12 2022 12:52:40 by
1.7.2