Hannes Tschofenig
Example program to test AES-GCM functionality. Used for a workshop
SSL/include/polarssl/cipher.h@0:796d0f61a05b, 2018-09-27 (annotated)
- Committer:
- HannesTschofenig
- Date:
- Thu Sep 27 06:34:22 2018 +0000
- Revision:
- 0:796d0f61a05b
Example AES-GCM test program
Who changed what in which revision?
| User | Revision | Line number | New contents of line |
|---|---|---|---|
| HannesTschofenig | 0:796d0f61a05b | 1 | /** |
| HannesTschofenig | 0:796d0f61a05b | 2 | * \file cipher.h |
| HannesTschofenig | 0:796d0f61a05b | 3 | * |
| HannesTschofenig | 0:796d0f61a05b | 4 | * \brief Generic cipher wrapper. |
| HannesTschofenig | 0:796d0f61a05b | 5 | * |
| HannesTschofenig | 0:796d0f61a05b | 6 | * \author Adriaan de Jong <dejong@fox-it.com> |
| HannesTschofenig | 0:796d0f61a05b | 7 | * |
| HannesTschofenig | 0:796d0f61a05b | 8 | * Copyright (C) 2006-2014, Brainspark B.V. |
| HannesTschofenig | 0:796d0f61a05b | 9 | * |
| HannesTschofenig | 0:796d0f61a05b | 10 | * This file is part of PolarSSL (http://www.polarssl.org) |
| HannesTschofenig | 0:796d0f61a05b | 11 | * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org> |
| HannesTschofenig | 0:796d0f61a05b | 12 | * |
| HannesTschofenig | 0:796d0f61a05b | 13 | * All rights reserved. |
| HannesTschofenig | 0:796d0f61a05b | 14 | * |
| HannesTschofenig | 0:796d0f61a05b | 15 | * This program is free software; you can redistribute it and/or modify |
| HannesTschofenig | 0:796d0f61a05b | 16 | * it under the terms of the GNU General Public License as published by |
| HannesTschofenig | 0:796d0f61a05b | 17 | * the Free Software Foundation; either version 2 of the License, or |
| HannesTschofenig | 0:796d0f61a05b | 18 | * (at your option) any later version. |
| HannesTschofenig | 0:796d0f61a05b | 19 | * |
| HannesTschofenig | 0:796d0f61a05b | 20 | * This program is distributed in the hope that it will be useful, |
| HannesTschofenig | 0:796d0f61a05b | 21 | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
| HannesTschofenig | 0:796d0f61a05b | 22 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
| HannesTschofenig | 0:796d0f61a05b | 23 | * GNU General Public License for more details. |
| HannesTschofenig | 0:796d0f61a05b | 24 | * |
| HannesTschofenig | 0:796d0f61a05b | 25 | * You should have received a copy of the GNU General Public License along |
| HannesTschofenig | 0:796d0f61a05b | 26 | * with this program; if not, write to the Free Software Foundation, Inc., |
| HannesTschofenig | 0:796d0f61a05b | 27 | * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. |
| HannesTschofenig | 0:796d0f61a05b | 28 | */ |
| HannesTschofenig | 0:796d0f61a05b | 29 | |
| HannesTschofenig | 0:796d0f61a05b | 30 | #ifndef POLARSSL_CIPHER_H |
| HannesTschofenig | 0:796d0f61a05b | 31 | #define POLARSSL_CIPHER_H |
| HannesTschofenig | 0:796d0f61a05b | 32 | |
| HannesTschofenig | 0:796d0f61a05b | 33 | #if !defined(POLARSSL_CONFIG_FILE) |
| HannesTschofenig | 0:796d0f61a05b | 34 | #include "config.h" |
| HannesTschofenig | 0:796d0f61a05b | 35 | #else |
| HannesTschofenig | 0:796d0f61a05b | 36 | #include POLARSSL_CONFIG_FILE |
| HannesTschofenig | 0:796d0f61a05b | 37 | #endif |
| HannesTschofenig | 0:796d0f61a05b | 38 | |
| HannesTschofenig | 0:796d0f61a05b | 39 | #if defined(POLARSSL_GCM_C) |
| HannesTschofenig | 0:796d0f61a05b | 40 | #define POLARSSL_CIPHER_MODE_AEAD |
| HannesTschofenig | 0:796d0f61a05b | 41 | #endif |
| HannesTschofenig | 0:796d0f61a05b | 42 | |
| HannesTschofenig | 0:796d0f61a05b | 43 | #if defined(POLARSSL_CIPHER_MODE_CBC) |
| HannesTschofenig | 0:796d0f61a05b | 44 | #define POLARSSL_CIPHER_MODE_WITH_PADDING |
| HannesTschofenig | 0:796d0f61a05b | 45 | #endif |
| HannesTschofenig | 0:796d0f61a05b | 46 | |
| HannesTschofenig | 0:796d0f61a05b | 47 | #include <string.h> |
| HannesTschofenig | 0:796d0f61a05b | 48 | |
| HannesTschofenig | 0:796d0f61a05b | 49 | #if defined(_MSC_VER) && !defined(inline) |
| HannesTschofenig | 0:796d0f61a05b | 50 | #define inline _inline |
| HannesTschofenig | 0:796d0f61a05b | 51 | #else |
| HannesTschofenig | 0:796d0f61a05b | 52 | #if defined(__ARMCC_VERSION) && !defined(inline) |
| HannesTschofenig | 0:796d0f61a05b | 53 | #define inline __inline |
| HannesTschofenig | 0:796d0f61a05b | 54 | #endif /* __ARMCC_VERSION */ |
| HannesTschofenig | 0:796d0f61a05b | 55 | #endif /*_MSC_VER */ |
| HannesTschofenig | 0:796d0f61a05b | 56 | |
| HannesTschofenig | 0:796d0f61a05b | 57 | #define POLARSSL_ERR_CIPHER_FEATURE_UNAVAILABLE -0x6080 /**< The selected feature is not available. */ |
| HannesTschofenig | 0:796d0f61a05b | 58 | #define POLARSSL_ERR_CIPHER_BAD_INPUT_DATA -0x6100 /**< Bad input parameters to function. */ |
| HannesTschofenig | 0:796d0f61a05b | 59 | #define POLARSSL_ERR_CIPHER_ALLOC_FAILED -0x6180 /**< Failed to allocate memory. */ |
| HannesTschofenig | 0:796d0f61a05b | 60 | #define POLARSSL_ERR_CIPHER_INVALID_PADDING -0x6200 /**< Input data contains invalid padding and is rejected. */ |
| HannesTschofenig | 0:796d0f61a05b | 61 | #define POLARSSL_ERR_CIPHER_FULL_BLOCK_EXPECTED -0x6280 /**< Decryption of block requires a full block. */ |
| HannesTschofenig | 0:796d0f61a05b | 62 | #define POLARSSL_ERR_CIPHER_AUTH_FAILED -0x6300 /**< Authentication failed (for AEAD modes). */ |
| HannesTschofenig | 0:796d0f61a05b | 63 | |
| HannesTschofenig | 0:796d0f61a05b | 64 | #ifdef __cplusplus |
| HannesTschofenig | 0:796d0f61a05b | 65 | extern "C" { |
| HannesTschofenig | 0:796d0f61a05b | 66 | #endif |
| HannesTschofenig | 0:796d0f61a05b | 67 | |
| HannesTschofenig | 0:796d0f61a05b | 68 | typedef enum { |
| HannesTschofenig | 0:796d0f61a05b | 69 | POLARSSL_CIPHER_ID_NONE = 0, |
| HannesTschofenig | 0:796d0f61a05b | 70 | POLARSSL_CIPHER_ID_NULL, |
| HannesTschofenig | 0:796d0f61a05b | 71 | POLARSSL_CIPHER_ID_AES, |
| HannesTschofenig | 0:796d0f61a05b | 72 | POLARSSL_CIPHER_ID_DES, |
| HannesTschofenig | 0:796d0f61a05b | 73 | POLARSSL_CIPHER_ID_3DES, |
| HannesTschofenig | 0:796d0f61a05b | 74 | POLARSSL_CIPHER_ID_CAMELLIA, |
| HannesTschofenig | 0:796d0f61a05b | 75 | POLARSSL_CIPHER_ID_BLOWFISH, |
| HannesTschofenig | 0:796d0f61a05b | 76 | POLARSSL_CIPHER_ID_ARC4, |
| HannesTschofenig | 0:796d0f61a05b | 77 | } cipher_id_t; |
| HannesTschofenig | 0:796d0f61a05b | 78 | |
| HannesTschofenig | 0:796d0f61a05b | 79 | typedef enum { |
| HannesTschofenig | 0:796d0f61a05b | 80 | POLARSSL_CIPHER_NONE = 0, |
| HannesTschofenig | 0:796d0f61a05b | 81 | POLARSSL_CIPHER_NULL, |
| HannesTschofenig | 0:796d0f61a05b | 82 | POLARSSL_CIPHER_AES_128_ECB, |
| HannesTschofenig | 0:796d0f61a05b | 83 | POLARSSL_CIPHER_AES_192_ECB, |
| HannesTschofenig | 0:796d0f61a05b | 84 | POLARSSL_CIPHER_AES_256_ECB, |
| HannesTschofenig | 0:796d0f61a05b | 85 | POLARSSL_CIPHER_AES_128_CBC, |
| HannesTschofenig | 0:796d0f61a05b | 86 | POLARSSL_CIPHER_AES_192_CBC, |
| HannesTschofenig | 0:796d0f61a05b | 87 | POLARSSL_CIPHER_AES_256_CBC, |
| HannesTschofenig | 0:796d0f61a05b | 88 | POLARSSL_CIPHER_AES_128_CFB128, |
| HannesTschofenig | 0:796d0f61a05b | 89 | POLARSSL_CIPHER_AES_192_CFB128, |
| HannesTschofenig | 0:796d0f61a05b | 90 | POLARSSL_CIPHER_AES_256_CFB128, |
| HannesTschofenig | 0:796d0f61a05b | 91 | POLARSSL_CIPHER_AES_128_CTR, |
| HannesTschofenig | 0:796d0f61a05b | 92 | POLARSSL_CIPHER_AES_192_CTR, |
| HannesTschofenig | 0:796d0f61a05b | 93 | POLARSSL_CIPHER_AES_256_CTR, |
| HannesTschofenig | 0:796d0f61a05b | 94 | POLARSSL_CIPHER_AES_128_GCM, |
| HannesTschofenig | 0:796d0f61a05b | 95 | POLARSSL_CIPHER_AES_192_GCM, |
| HannesTschofenig | 0:796d0f61a05b | 96 | POLARSSL_CIPHER_AES_256_GCM, |
| HannesTschofenig | 0:796d0f61a05b | 97 | POLARSSL_CIPHER_CAMELLIA_128_ECB, |
| HannesTschofenig | 0:796d0f61a05b | 98 | POLARSSL_CIPHER_CAMELLIA_192_ECB, |
| HannesTschofenig | 0:796d0f61a05b | 99 | POLARSSL_CIPHER_CAMELLIA_256_ECB, |
| HannesTschofenig | 0:796d0f61a05b | 100 | POLARSSL_CIPHER_CAMELLIA_128_CBC, |
| HannesTschofenig | 0:796d0f61a05b | 101 | POLARSSL_CIPHER_CAMELLIA_192_CBC, |
| HannesTschofenig | 0:796d0f61a05b | 102 | POLARSSL_CIPHER_CAMELLIA_256_CBC, |
| HannesTschofenig | 0:796d0f61a05b | 103 | POLARSSL_CIPHER_CAMELLIA_128_CFB128, |
| HannesTschofenig | 0:796d0f61a05b | 104 | POLARSSL_CIPHER_CAMELLIA_192_CFB128, |
| HannesTschofenig | 0:796d0f61a05b | 105 | POLARSSL_CIPHER_CAMELLIA_256_CFB128, |
| HannesTschofenig | 0:796d0f61a05b | 106 | POLARSSL_CIPHER_CAMELLIA_128_CTR, |
| HannesTschofenig | 0:796d0f61a05b | 107 | POLARSSL_CIPHER_CAMELLIA_192_CTR, |
| HannesTschofenig | 0:796d0f61a05b | 108 | POLARSSL_CIPHER_CAMELLIA_256_CTR, |
| HannesTschofenig | 0:796d0f61a05b | 109 | POLARSSL_CIPHER_CAMELLIA_128_GCM, |
| HannesTschofenig | 0:796d0f61a05b | 110 | POLARSSL_CIPHER_CAMELLIA_192_GCM, |
| HannesTschofenig | 0:796d0f61a05b | 111 | POLARSSL_CIPHER_CAMELLIA_256_GCM, |
| HannesTschofenig | 0:796d0f61a05b | 112 | POLARSSL_CIPHER_DES_ECB, |
| HannesTschofenig | 0:796d0f61a05b | 113 | POLARSSL_CIPHER_DES_CBC, |
| HannesTschofenig | 0:796d0f61a05b | 114 | POLARSSL_CIPHER_DES_EDE_ECB, |
| HannesTschofenig | 0:796d0f61a05b | 115 | POLARSSL_CIPHER_DES_EDE_CBC, |
| HannesTschofenig | 0:796d0f61a05b | 116 | POLARSSL_CIPHER_DES_EDE3_ECB, |
| HannesTschofenig | 0:796d0f61a05b | 117 | POLARSSL_CIPHER_DES_EDE3_CBC, |
| HannesTschofenig | 0:796d0f61a05b | 118 | POLARSSL_CIPHER_BLOWFISH_ECB, |
| HannesTschofenig | 0:796d0f61a05b | 119 | POLARSSL_CIPHER_BLOWFISH_CBC, |
| HannesTschofenig | 0:796d0f61a05b | 120 | POLARSSL_CIPHER_BLOWFISH_CFB64, |
| HannesTschofenig | 0:796d0f61a05b | 121 | POLARSSL_CIPHER_BLOWFISH_CTR, |
| HannesTschofenig | 0:796d0f61a05b | 122 | POLARSSL_CIPHER_ARC4_128, |
| HannesTschofenig | 0:796d0f61a05b | 123 | } cipher_type_t; |
| HannesTschofenig | 0:796d0f61a05b | 124 | |
| HannesTschofenig | 0:796d0f61a05b | 125 | typedef enum { |
| HannesTschofenig | 0:796d0f61a05b | 126 | POLARSSL_MODE_NONE = 0, |
| HannesTschofenig | 0:796d0f61a05b | 127 | POLARSSL_MODE_ECB, |
| HannesTschofenig | 0:796d0f61a05b | 128 | POLARSSL_MODE_CBC, |
| HannesTschofenig | 0:796d0f61a05b | 129 | POLARSSL_MODE_CFB, |
| HannesTschofenig | 0:796d0f61a05b | 130 | POLARSSL_MODE_OFB, |
| HannesTschofenig | 0:796d0f61a05b | 131 | POLARSSL_MODE_CTR, |
| HannesTschofenig | 0:796d0f61a05b | 132 | POLARSSL_MODE_GCM, |
| HannesTschofenig | 0:796d0f61a05b | 133 | POLARSSL_MODE_STREAM, |
| HannesTschofenig | 0:796d0f61a05b | 134 | } cipher_mode_t; |
| HannesTschofenig | 0:796d0f61a05b | 135 | |
| HannesTschofenig | 0:796d0f61a05b | 136 | typedef enum { |
| HannesTschofenig | 0:796d0f61a05b | 137 | POLARSSL_PADDING_PKCS7 = 0, /**< PKCS7 padding (default) */ |
| HannesTschofenig | 0:796d0f61a05b | 138 | POLARSSL_PADDING_ONE_AND_ZEROS, /**< ISO/IEC 7816-4 padding */ |
| HannesTschofenig | 0:796d0f61a05b | 139 | POLARSSL_PADDING_ZEROS_AND_LEN, /**< ANSI X.923 padding */ |
| HannesTschofenig | 0:796d0f61a05b | 140 | POLARSSL_PADDING_ZEROS, /**< zero padding (not reversible!) */ |
| HannesTschofenig | 0:796d0f61a05b | 141 | POLARSSL_PADDING_NONE, /**< never pad (full blocks only) */ |
| HannesTschofenig | 0:796d0f61a05b | 142 | } cipher_padding_t; |
| HannesTschofenig | 0:796d0f61a05b | 143 | |
| HannesTschofenig | 0:796d0f61a05b | 144 | typedef enum { |
| HannesTschofenig | 0:796d0f61a05b | 145 | POLARSSL_OPERATION_NONE = -1, |
| HannesTschofenig | 0:796d0f61a05b | 146 | POLARSSL_DECRYPT = 0, |
| HannesTschofenig | 0:796d0f61a05b | 147 | POLARSSL_ENCRYPT, |
| HannesTschofenig | 0:796d0f61a05b | 148 | } operation_t; |
| HannesTschofenig | 0:796d0f61a05b | 149 | |
| HannesTschofenig | 0:796d0f61a05b | 150 | enum { |
| HannesTschofenig | 0:796d0f61a05b | 151 | /** Undefined key length */ |
| HannesTschofenig | 0:796d0f61a05b | 152 | POLARSSL_KEY_LENGTH_NONE = 0, |
| HannesTschofenig | 0:796d0f61a05b | 153 | /** Key length, in bits (including parity), for DES keys */ |
| HannesTschofenig | 0:796d0f61a05b | 154 | POLARSSL_KEY_LENGTH_DES = 64, |
| HannesTschofenig | 0:796d0f61a05b | 155 | /** Key length, in bits (including parity), for DES in two key EDE */ |
| HannesTschofenig | 0:796d0f61a05b | 156 | POLARSSL_KEY_LENGTH_DES_EDE = 128, |
| HannesTschofenig | 0:796d0f61a05b | 157 | /** Key length, in bits (including parity), for DES in three-key EDE */ |
| HannesTschofenig | 0:796d0f61a05b | 158 | POLARSSL_KEY_LENGTH_DES_EDE3 = 192, |
| HannesTschofenig | 0:796d0f61a05b | 159 | }; |
| HannesTschofenig | 0:796d0f61a05b | 160 | |
| HannesTschofenig | 0:796d0f61a05b | 161 | /** Maximum length of any IV, in bytes */ |
| HannesTschofenig | 0:796d0f61a05b | 162 | #define POLARSSL_MAX_IV_LENGTH 16 |
| HannesTschofenig | 0:796d0f61a05b | 163 | /** Maximum block size of any cipher, in bytes */ |
| HannesTschofenig | 0:796d0f61a05b | 164 | #define POLARSSL_MAX_BLOCK_LENGTH 16 |
| HannesTschofenig | 0:796d0f61a05b | 165 | |
| HannesTschofenig | 0:796d0f61a05b | 166 | /** |
| HannesTschofenig | 0:796d0f61a05b | 167 | * Base cipher information. The non-mode specific functions and values. |
| HannesTschofenig | 0:796d0f61a05b | 168 | */ |
| HannesTschofenig | 0:796d0f61a05b | 169 | typedef struct { |
| HannesTschofenig | 0:796d0f61a05b | 170 | |
| HannesTschofenig | 0:796d0f61a05b | 171 | /** Base Cipher type (e.g. POLARSSL_CIPHER_ID_AES) */ |
| HannesTschofenig | 0:796d0f61a05b | 172 | cipher_id_t cipher; |
| HannesTschofenig | 0:796d0f61a05b | 173 | |
| HannesTschofenig | 0:796d0f61a05b | 174 | /** Encrypt using ECB */ |
| HannesTschofenig | 0:796d0f61a05b | 175 | int (*ecb_func)( void *ctx, operation_t mode, |
| HannesTschofenig | 0:796d0f61a05b | 176 | const unsigned char *input, unsigned char *output ); |
| HannesTschofenig | 0:796d0f61a05b | 177 | |
| HannesTschofenig | 0:796d0f61a05b | 178 | /** Encrypt using CBC */ |
| HannesTschofenig | 0:796d0f61a05b | 179 | int (*cbc_func)( void *ctx, operation_t mode, size_t length, |
| HannesTschofenig | 0:796d0f61a05b | 180 | unsigned char *iv, const unsigned char *input, |
| HannesTschofenig | 0:796d0f61a05b | 181 | unsigned char *output ); |
| HannesTschofenig | 0:796d0f61a05b | 182 | |
| HannesTschofenig | 0:796d0f61a05b | 183 | /** Encrypt using CFB (Full length) */ |
| HannesTschofenig | 0:796d0f61a05b | 184 | int (*cfb_func)( void *ctx, operation_t mode, size_t length, size_t *iv_off, |
| HannesTschofenig | 0:796d0f61a05b | 185 | unsigned char *iv, const unsigned char *input, |
| HannesTschofenig | 0:796d0f61a05b | 186 | unsigned char *output ); |
| HannesTschofenig | 0:796d0f61a05b | 187 | |
| HannesTschofenig | 0:796d0f61a05b | 188 | /** Encrypt using CTR */ |
| HannesTschofenig | 0:796d0f61a05b | 189 | int (*ctr_func)( void *ctx, size_t length, size_t *nc_off, |
| HannesTschofenig | 0:796d0f61a05b | 190 | unsigned char *nonce_counter, unsigned char *stream_block, |
| HannesTschofenig | 0:796d0f61a05b | 191 | const unsigned char *input, unsigned char *output ); |
| HannesTschofenig | 0:796d0f61a05b | 192 | |
| HannesTschofenig | 0:796d0f61a05b | 193 | /** Encrypt using STREAM */ |
| HannesTschofenig | 0:796d0f61a05b | 194 | int (*stream_func)( void *ctx, size_t length, |
| HannesTschofenig | 0:796d0f61a05b | 195 | const unsigned char *input, unsigned char *output ); |
| HannesTschofenig | 0:796d0f61a05b | 196 | |
| HannesTschofenig | 0:796d0f61a05b | 197 | /** Set key for encryption purposes */ |
| HannesTschofenig | 0:796d0f61a05b | 198 | int (*setkey_enc_func)( void *ctx, const unsigned char *key, |
| HannesTschofenig | 0:796d0f61a05b | 199 | unsigned int key_length ); |
| HannesTschofenig | 0:796d0f61a05b | 200 | |
| HannesTschofenig | 0:796d0f61a05b | 201 | /** Set key for decryption purposes */ |
| HannesTschofenig | 0:796d0f61a05b | 202 | int (*setkey_dec_func)( void *ctx, const unsigned char *key, |
| HannesTschofenig | 0:796d0f61a05b | 203 | unsigned int key_length); |
| HannesTschofenig | 0:796d0f61a05b | 204 | |
| HannesTschofenig | 0:796d0f61a05b | 205 | /** Allocate a new context */ |
| HannesTschofenig | 0:796d0f61a05b | 206 | void * (*ctx_alloc_func)( void ); |
| HannesTschofenig | 0:796d0f61a05b | 207 | |
| HannesTschofenig | 0:796d0f61a05b | 208 | /** Free the given context */ |
| HannesTschofenig | 0:796d0f61a05b | 209 | void (*ctx_free_func)( void *ctx ); |
| HannesTschofenig | 0:796d0f61a05b | 210 | |
| HannesTschofenig | 0:796d0f61a05b | 211 | } cipher_base_t; |
| HannesTschofenig | 0:796d0f61a05b | 212 | |
| HannesTschofenig | 0:796d0f61a05b | 213 | /** |
| HannesTschofenig | 0:796d0f61a05b | 214 | * Cipher information. Allows cipher functions to be called in a generic way. |
| HannesTschofenig | 0:796d0f61a05b | 215 | */ |
| HannesTschofenig | 0:796d0f61a05b | 216 | typedef struct { |
| HannesTschofenig | 0:796d0f61a05b | 217 | /** Full cipher identifier (e.g. POLARSSL_CIPHER_AES_256_CBC) */ |
| HannesTschofenig | 0:796d0f61a05b | 218 | cipher_type_t type; |
| HannesTschofenig | 0:796d0f61a05b | 219 | |
| HannesTschofenig | 0:796d0f61a05b | 220 | /** Cipher mode (e.g. POLARSSL_MODE_CBC) */ |
| HannesTschofenig | 0:796d0f61a05b | 221 | cipher_mode_t mode; |
| HannesTschofenig | 0:796d0f61a05b | 222 | |
| HannesTschofenig | 0:796d0f61a05b | 223 | /** Cipher key length, in bits (default length for variable sized ciphers) |
| HannesTschofenig | 0:796d0f61a05b | 224 | * (Includes parity bits for ciphers like DES) */ |
| HannesTschofenig | 0:796d0f61a05b | 225 | unsigned int key_length; |
| HannesTschofenig | 0:796d0f61a05b | 226 | |
| HannesTschofenig | 0:796d0f61a05b | 227 | /** Name of the cipher */ |
| HannesTschofenig | 0:796d0f61a05b | 228 | const char * name; |
| HannesTschofenig | 0:796d0f61a05b | 229 | |
| HannesTschofenig | 0:796d0f61a05b | 230 | /** IV/NONCE size, in bytes. |
| HannesTschofenig | 0:796d0f61a05b | 231 | * For cipher that accept many sizes: recommended size */ |
| HannesTschofenig | 0:796d0f61a05b | 232 | unsigned int iv_size; |
| HannesTschofenig | 0:796d0f61a05b | 233 | |
| HannesTschofenig | 0:796d0f61a05b | 234 | /** Flag for ciphers that accept many sizes of IV/NONCE */ |
| HannesTschofenig | 0:796d0f61a05b | 235 | int accepts_variable_iv_size; |
| HannesTschofenig | 0:796d0f61a05b | 236 | |
| HannesTschofenig | 0:796d0f61a05b | 237 | /** block size, in bytes */ |
| HannesTschofenig | 0:796d0f61a05b | 238 | unsigned int block_size; |
| HannesTschofenig | 0:796d0f61a05b | 239 | |
| HannesTschofenig | 0:796d0f61a05b | 240 | /** Base cipher information and functions */ |
| HannesTschofenig | 0:796d0f61a05b | 241 | const cipher_base_t *base; |
| HannesTschofenig | 0:796d0f61a05b | 242 | |
| HannesTschofenig | 0:796d0f61a05b | 243 | } cipher_info_t; |
| HannesTschofenig | 0:796d0f61a05b | 244 | |
| HannesTschofenig | 0:796d0f61a05b | 245 | /** |
| HannesTschofenig | 0:796d0f61a05b | 246 | * Generic cipher context. |
| HannesTschofenig | 0:796d0f61a05b | 247 | */ |
| HannesTschofenig | 0:796d0f61a05b | 248 | typedef struct { |
| HannesTschofenig | 0:796d0f61a05b | 249 | /** Information about the associated cipher */ |
| HannesTschofenig | 0:796d0f61a05b | 250 | const cipher_info_t *cipher_info; |
| HannesTschofenig | 0:796d0f61a05b | 251 | |
| HannesTschofenig | 0:796d0f61a05b | 252 | /** Key length to use */ |
| HannesTschofenig | 0:796d0f61a05b | 253 | int key_length; |
| HannesTschofenig | 0:796d0f61a05b | 254 | |
| HannesTschofenig | 0:796d0f61a05b | 255 | /** Operation that the context's key has been initialised for */ |
| HannesTschofenig | 0:796d0f61a05b | 256 | operation_t operation; |
| HannesTschofenig | 0:796d0f61a05b | 257 | |
| HannesTschofenig | 0:796d0f61a05b | 258 | /** Padding functions to use, if relevant for cipher mode */ |
| HannesTschofenig | 0:796d0f61a05b | 259 | void (*add_padding)( unsigned char *output, size_t olen, size_t data_len ); |
| HannesTschofenig | 0:796d0f61a05b | 260 | int (*get_padding)( unsigned char *input, size_t ilen, size_t *data_len ); |
| HannesTschofenig | 0:796d0f61a05b | 261 | |
| HannesTschofenig | 0:796d0f61a05b | 262 | /** Buffer for data that hasn't been encrypted yet */ |
| HannesTschofenig | 0:796d0f61a05b | 263 | unsigned char unprocessed_data[POLARSSL_MAX_BLOCK_LENGTH]; |
| HannesTschofenig | 0:796d0f61a05b | 264 | |
| HannesTschofenig | 0:796d0f61a05b | 265 | /** Number of bytes that still need processing */ |
| HannesTschofenig | 0:796d0f61a05b | 266 | size_t unprocessed_len; |
| HannesTschofenig | 0:796d0f61a05b | 267 | |
| HannesTschofenig | 0:796d0f61a05b | 268 | /** Current IV or NONCE_COUNTER for CTR-mode */ |
| HannesTschofenig | 0:796d0f61a05b | 269 | unsigned char iv[POLARSSL_MAX_IV_LENGTH]; |
| HannesTschofenig | 0:796d0f61a05b | 270 | |
| HannesTschofenig | 0:796d0f61a05b | 271 | /** IV size in bytes (for ciphers with variable-length IVs) */ |
| HannesTschofenig | 0:796d0f61a05b | 272 | size_t iv_size; |
| HannesTschofenig | 0:796d0f61a05b | 273 | |
| HannesTschofenig | 0:796d0f61a05b | 274 | /** Cipher-specific context */ |
| HannesTschofenig | 0:796d0f61a05b | 275 | void *cipher_ctx; |
| HannesTschofenig | 0:796d0f61a05b | 276 | } cipher_context_t; |
| HannesTschofenig | 0:796d0f61a05b | 277 | |
| HannesTschofenig | 0:796d0f61a05b | 278 | /** |
| HannesTschofenig | 0:796d0f61a05b | 279 | * \brief Returns the list of ciphers supported by the generic cipher module. |
| HannesTschofenig | 0:796d0f61a05b | 280 | * |
| HannesTschofenig | 0:796d0f61a05b | 281 | * \return a statically allocated array of ciphers, the last entry |
| HannesTschofenig | 0:796d0f61a05b | 282 | * is 0. |
| HannesTschofenig | 0:796d0f61a05b | 283 | */ |
| HannesTschofenig | 0:796d0f61a05b | 284 | const int *cipher_list( void ); |
| HannesTschofenig | 0:796d0f61a05b | 285 | |
| HannesTschofenig | 0:796d0f61a05b | 286 | /** |
| HannesTschofenig | 0:796d0f61a05b | 287 | * \brief Returns the cipher information structure associated |
| HannesTschofenig | 0:796d0f61a05b | 288 | * with the given cipher name. |
| HannesTschofenig | 0:796d0f61a05b | 289 | * |
| HannesTschofenig | 0:796d0f61a05b | 290 | * \param cipher_name Name of the cipher to search for. |
| HannesTschofenig | 0:796d0f61a05b | 291 | * |
| HannesTschofenig | 0:796d0f61a05b | 292 | * \return the cipher information structure associated with the |
| HannesTschofenig | 0:796d0f61a05b | 293 | * given cipher_name, or NULL if not found. |
| HannesTschofenig | 0:796d0f61a05b | 294 | */ |
| HannesTschofenig | 0:796d0f61a05b | 295 | const cipher_info_t *cipher_info_from_string( const char *cipher_name ); |
| HannesTschofenig | 0:796d0f61a05b | 296 | |
| HannesTschofenig | 0:796d0f61a05b | 297 | /** |
| HannesTschofenig | 0:796d0f61a05b | 298 | * \brief Returns the cipher information structure associated |
| HannesTschofenig | 0:796d0f61a05b | 299 | * with the given cipher type. |
| HannesTschofenig | 0:796d0f61a05b | 300 | * |
| HannesTschofenig | 0:796d0f61a05b | 301 | * \param cipher_type Type of the cipher to search for. |
| HannesTschofenig | 0:796d0f61a05b | 302 | * |
| HannesTschofenig | 0:796d0f61a05b | 303 | * \return the cipher information structure associated with the |
| HannesTschofenig | 0:796d0f61a05b | 304 | * given cipher_type, or NULL if not found. |
| HannesTschofenig | 0:796d0f61a05b | 305 | */ |
| HannesTschofenig | 0:796d0f61a05b | 306 | const cipher_info_t *cipher_info_from_type( const cipher_type_t cipher_type ); |
| HannesTschofenig | 0:796d0f61a05b | 307 | |
| HannesTschofenig | 0:796d0f61a05b | 308 | /** |
| HannesTschofenig | 0:796d0f61a05b | 309 | * \brief Returns the cipher information structure associated |
| HannesTschofenig | 0:796d0f61a05b | 310 | * with the given cipher id, key size and mode. |
| HannesTschofenig | 0:796d0f61a05b | 311 | * |
| HannesTschofenig | 0:796d0f61a05b | 312 | * \param cipher_id Id of the cipher to search for |
| HannesTschofenig | 0:796d0f61a05b | 313 | * (e.g. POLARSSL_CIPHER_ID_AES) |
| HannesTschofenig | 0:796d0f61a05b | 314 | * \param key_length Length of the key in bits |
| HannesTschofenig | 0:796d0f61a05b | 315 | * \param mode Cipher mode (e.g. POLARSSL_MODE_CBC) |
| HannesTschofenig | 0:796d0f61a05b | 316 | * |
| HannesTschofenig | 0:796d0f61a05b | 317 | * \return the cipher information structure associated with the |
| HannesTschofenig | 0:796d0f61a05b | 318 | * given cipher_type, or NULL if not found. |
| HannesTschofenig | 0:796d0f61a05b | 319 | */ |
| HannesTschofenig | 0:796d0f61a05b | 320 | const cipher_info_t *cipher_info_from_values( const cipher_id_t cipher_id, |
| HannesTschofenig | 0:796d0f61a05b | 321 | int key_length, |
| HannesTschofenig | 0:796d0f61a05b | 322 | const cipher_mode_t mode ); |
| HannesTschofenig | 0:796d0f61a05b | 323 | |
| HannesTschofenig | 0:796d0f61a05b | 324 | /** |
| HannesTschofenig | 0:796d0f61a05b | 325 | * \brief Initialises and fills the cipher context structure with |
| HannesTschofenig | 0:796d0f61a05b | 326 | * the appropriate values. |
| HannesTschofenig | 0:796d0f61a05b | 327 | * |
| HannesTschofenig | 0:796d0f61a05b | 328 | * \param ctx context to initialise. May not be NULL. |
| HannesTschofenig | 0:796d0f61a05b | 329 | * \param cipher_info cipher to use. |
| HannesTschofenig | 0:796d0f61a05b | 330 | * |
| HannesTschofenig | 0:796d0f61a05b | 331 | * \return 0 on success, |
| HannesTschofenig | 0:796d0f61a05b | 332 | * POLARSSL_ERR_CIPHER_BAD_INPUT_DATA on parameter failure, |
| HannesTschofenig | 0:796d0f61a05b | 333 | * POLARSSL_ERR_CIPHER_ALLOC_FAILED if allocation of the |
| HannesTschofenig | 0:796d0f61a05b | 334 | * cipher-specific context failed. |
| HannesTschofenig | 0:796d0f61a05b | 335 | */ |
| HannesTschofenig | 0:796d0f61a05b | 336 | int cipher_init_ctx( cipher_context_t *ctx, const cipher_info_t *cipher_info ); |
| HannesTschofenig | 0:796d0f61a05b | 337 | |
| HannesTschofenig | 0:796d0f61a05b | 338 | /** |
| HannesTschofenig | 0:796d0f61a05b | 339 | * \brief Free the cipher-specific context of ctx. Freeing ctx |
| HannesTschofenig | 0:796d0f61a05b | 340 | * itself remains the responsibility of the caller. |
| HannesTschofenig | 0:796d0f61a05b | 341 | * |
| HannesTschofenig | 0:796d0f61a05b | 342 | * \param ctx Free the cipher-specific context |
| HannesTschofenig | 0:796d0f61a05b | 343 | * |
| HannesTschofenig | 0:796d0f61a05b | 344 | * \returns 0 on success, POLARSSL_ERR_CIPHER_BAD_INPUT_DATA if |
| HannesTschofenig | 0:796d0f61a05b | 345 | * parameter verification fails. |
| HannesTschofenig | 0:796d0f61a05b | 346 | */ |
| HannesTschofenig | 0:796d0f61a05b | 347 | int cipher_free_ctx( cipher_context_t *ctx ); |
| HannesTschofenig | 0:796d0f61a05b | 348 | |
| HannesTschofenig | 0:796d0f61a05b | 349 | /** |
| HannesTschofenig | 0:796d0f61a05b | 350 | * \brief Returns the block size of the given cipher. |
| HannesTschofenig | 0:796d0f61a05b | 351 | * |
| HannesTschofenig | 0:796d0f61a05b | 352 | * \param ctx cipher's context. Must have been initialised. |
| HannesTschofenig | 0:796d0f61a05b | 353 | * |
| HannesTschofenig | 0:796d0f61a05b | 354 | * \return size of the cipher's blocks, or 0 if ctx has not been |
| HannesTschofenig | 0:796d0f61a05b | 355 | * initialised. |
| HannesTschofenig | 0:796d0f61a05b | 356 | */ |
| HannesTschofenig | 0:796d0f61a05b | 357 | static inline unsigned int cipher_get_block_size( const cipher_context_t *ctx ) |
| HannesTschofenig | 0:796d0f61a05b | 358 | { |
| HannesTschofenig | 0:796d0f61a05b | 359 | if( NULL == ctx || NULL == ctx->cipher_info ) |
| HannesTschofenig | 0:796d0f61a05b | 360 | return 0; |
| HannesTschofenig | 0:796d0f61a05b | 361 | |
| HannesTschofenig | 0:796d0f61a05b | 362 | return ctx->cipher_info->block_size; |
| HannesTschofenig | 0:796d0f61a05b | 363 | } |
| HannesTschofenig | 0:796d0f61a05b | 364 | |
| HannesTschofenig | 0:796d0f61a05b | 365 | /** |
| HannesTschofenig | 0:796d0f61a05b | 366 | * \brief Returns the mode of operation for the cipher. |
| HannesTschofenig | 0:796d0f61a05b | 367 | * (e.g. POLARSSL_MODE_CBC) |
| HannesTschofenig | 0:796d0f61a05b | 368 | * |
| HannesTschofenig | 0:796d0f61a05b | 369 | * \param ctx cipher's context. Must have been initialised. |
| HannesTschofenig | 0:796d0f61a05b | 370 | * |
| HannesTschofenig | 0:796d0f61a05b | 371 | * \return mode of operation, or POLARSSL_MODE_NONE if ctx |
| HannesTschofenig | 0:796d0f61a05b | 372 | * has not been initialised. |
| HannesTschofenig | 0:796d0f61a05b | 373 | */ |
| HannesTschofenig | 0:796d0f61a05b | 374 | static inline cipher_mode_t cipher_get_cipher_mode( const cipher_context_t *ctx ) |
| HannesTschofenig | 0:796d0f61a05b | 375 | { |
| HannesTschofenig | 0:796d0f61a05b | 376 | if( NULL == ctx || NULL == ctx->cipher_info ) |
| HannesTschofenig | 0:796d0f61a05b | 377 | return POLARSSL_MODE_NONE; |
| HannesTschofenig | 0:796d0f61a05b | 378 | |
| HannesTschofenig | 0:796d0f61a05b | 379 | return ctx->cipher_info->mode; |
| HannesTschofenig | 0:796d0f61a05b | 380 | } |
| HannesTschofenig | 0:796d0f61a05b | 381 | |
| HannesTschofenig | 0:796d0f61a05b | 382 | /** |
| HannesTschofenig | 0:796d0f61a05b | 383 | * \brief Returns the size of the cipher's IV/NONCE in bytes. |
| HannesTschofenig | 0:796d0f61a05b | 384 | * |
| HannesTschofenig | 0:796d0f61a05b | 385 | * \param ctx cipher's context. Must have been initialised. |
| HannesTschofenig | 0:796d0f61a05b | 386 | * |
| HannesTschofenig | 0:796d0f61a05b | 387 | * \return If IV has not been set yet: (recommended) IV size |
| HannesTschofenig | 0:796d0f61a05b | 388 | * (0 for ciphers not using IV/NONCE). |
| HannesTschofenig | 0:796d0f61a05b | 389 | * If IV has already been set: actual size. |
| HannesTschofenig | 0:796d0f61a05b | 390 | */ |
| HannesTschofenig | 0:796d0f61a05b | 391 | static inline int cipher_get_iv_size( const cipher_context_t *ctx ) |
| HannesTschofenig | 0:796d0f61a05b | 392 | { |
| HannesTschofenig | 0:796d0f61a05b | 393 | if( NULL == ctx || NULL == ctx->cipher_info ) |
| HannesTschofenig | 0:796d0f61a05b | 394 | return 0; |
| HannesTschofenig | 0:796d0f61a05b | 395 | |
| HannesTschofenig | 0:796d0f61a05b | 396 | if( ctx->iv_size != 0 ) |
| HannesTschofenig | 0:796d0f61a05b | 397 | return (int) ctx->iv_size; |
| HannesTschofenig | 0:796d0f61a05b | 398 | |
| HannesTschofenig | 0:796d0f61a05b | 399 | return ctx->cipher_info->iv_size; |
| HannesTschofenig | 0:796d0f61a05b | 400 | } |
| HannesTschofenig | 0:796d0f61a05b | 401 | |
| HannesTschofenig | 0:796d0f61a05b | 402 | /** |
| HannesTschofenig | 0:796d0f61a05b | 403 | * \brief Returns the type of the given cipher. |
| HannesTschofenig | 0:796d0f61a05b | 404 | * |
| HannesTschofenig | 0:796d0f61a05b | 405 | * \param ctx cipher's context. Must have been initialised. |
| HannesTschofenig | 0:796d0f61a05b | 406 | * |
| HannesTschofenig | 0:796d0f61a05b | 407 | * \return type of the cipher, or POLARSSL_CIPHER_NONE if ctx has |
| HannesTschofenig | 0:796d0f61a05b | 408 | * not been initialised. |
| HannesTschofenig | 0:796d0f61a05b | 409 | */ |
| HannesTschofenig | 0:796d0f61a05b | 410 | static inline cipher_type_t cipher_get_type( const cipher_context_t *ctx ) |
| HannesTschofenig | 0:796d0f61a05b | 411 | { |
| HannesTschofenig | 0:796d0f61a05b | 412 | if( NULL == ctx || NULL == ctx->cipher_info ) |
| HannesTschofenig | 0:796d0f61a05b | 413 | return POLARSSL_CIPHER_NONE; |
| HannesTschofenig | 0:796d0f61a05b | 414 | |
| HannesTschofenig | 0:796d0f61a05b | 415 | return ctx->cipher_info->type; |
| HannesTschofenig | 0:796d0f61a05b | 416 | } |
| HannesTschofenig | 0:796d0f61a05b | 417 | |
| HannesTschofenig | 0:796d0f61a05b | 418 | /** |
| HannesTschofenig | 0:796d0f61a05b | 419 | * \brief Returns the name of the given cipher, as a string. |
| HannesTschofenig | 0:796d0f61a05b | 420 | * |
| HannesTschofenig | 0:796d0f61a05b | 421 | * \param ctx cipher's context. Must have been initialised. |
| HannesTschofenig | 0:796d0f61a05b | 422 | * |
| HannesTschofenig | 0:796d0f61a05b | 423 | * \return name of the cipher, or NULL if ctx was not initialised. |
| HannesTschofenig | 0:796d0f61a05b | 424 | */ |
| HannesTschofenig | 0:796d0f61a05b | 425 | static inline const char *cipher_get_name( const cipher_context_t *ctx ) |
| HannesTschofenig | 0:796d0f61a05b | 426 | { |
| HannesTschofenig | 0:796d0f61a05b | 427 | if( NULL == ctx || NULL == ctx->cipher_info ) |
| HannesTschofenig | 0:796d0f61a05b | 428 | return 0; |
| HannesTschofenig | 0:796d0f61a05b | 429 | |
| HannesTschofenig | 0:796d0f61a05b | 430 | return ctx->cipher_info->name; |
| HannesTschofenig | 0:796d0f61a05b | 431 | } |
| HannesTschofenig | 0:796d0f61a05b | 432 | |
| HannesTschofenig | 0:796d0f61a05b | 433 | /** |
| HannesTschofenig | 0:796d0f61a05b | 434 | * \brief Returns the key length of the cipher. |
| HannesTschofenig | 0:796d0f61a05b | 435 | * |
| HannesTschofenig | 0:796d0f61a05b | 436 | * \param ctx cipher's context. Must have been initialised. |
| HannesTschofenig | 0:796d0f61a05b | 437 | * |
| HannesTschofenig | 0:796d0f61a05b | 438 | * \return cipher's key length, in bits, or |
| HannesTschofenig | 0:796d0f61a05b | 439 | * POLARSSL_KEY_LENGTH_NONE if ctx has not been |
| HannesTschofenig | 0:796d0f61a05b | 440 | * initialised. |
| HannesTschofenig | 0:796d0f61a05b | 441 | */ |
| HannesTschofenig | 0:796d0f61a05b | 442 | static inline int cipher_get_key_size ( const cipher_context_t *ctx ) |
| HannesTschofenig | 0:796d0f61a05b | 443 | { |
| HannesTschofenig | 0:796d0f61a05b | 444 | if( NULL == ctx || NULL == ctx->cipher_info ) |
| HannesTschofenig | 0:796d0f61a05b | 445 | return POLARSSL_KEY_LENGTH_NONE; |
| HannesTschofenig | 0:796d0f61a05b | 446 | |
| HannesTschofenig | 0:796d0f61a05b | 447 | return ctx->cipher_info->key_length; |
| HannesTschofenig | 0:796d0f61a05b | 448 | } |
| HannesTschofenig | 0:796d0f61a05b | 449 | |
| HannesTschofenig | 0:796d0f61a05b | 450 | /** |
| HannesTschofenig | 0:796d0f61a05b | 451 | * \brief Returns the operation of the given cipher. |
| HannesTschofenig | 0:796d0f61a05b | 452 | * |
| HannesTschofenig | 0:796d0f61a05b | 453 | * \param ctx cipher's context. Must have been initialised. |
| HannesTschofenig | 0:796d0f61a05b | 454 | * |
| HannesTschofenig | 0:796d0f61a05b | 455 | * \return operation (POLARSSL_ENCRYPT or POLARSSL_DECRYPT), |
| HannesTschofenig | 0:796d0f61a05b | 456 | * or POLARSSL_OPERATION_NONE if ctx has not been |
| HannesTschofenig | 0:796d0f61a05b | 457 | * initialised. |
| HannesTschofenig | 0:796d0f61a05b | 458 | */ |
| HannesTschofenig | 0:796d0f61a05b | 459 | static inline operation_t cipher_get_operation( const cipher_context_t *ctx ) |
| HannesTschofenig | 0:796d0f61a05b | 460 | { |
| HannesTschofenig | 0:796d0f61a05b | 461 | if( NULL == ctx || NULL == ctx->cipher_info ) |
| HannesTschofenig | 0:796d0f61a05b | 462 | return POLARSSL_OPERATION_NONE; |
| HannesTschofenig | 0:796d0f61a05b | 463 | |
| HannesTschofenig | 0:796d0f61a05b | 464 | return ctx->operation; |
| HannesTschofenig | 0:796d0f61a05b | 465 | } |
| HannesTschofenig | 0:796d0f61a05b | 466 | |
| HannesTschofenig | 0:796d0f61a05b | 467 | /** |
| HannesTschofenig | 0:796d0f61a05b | 468 | * \brief Set the key to use with the given context. |
| HannesTschofenig | 0:796d0f61a05b | 469 | * |
| HannesTschofenig | 0:796d0f61a05b | 470 | * \param ctx generic cipher context. May not be NULL. Must have been |
| HannesTschofenig | 0:796d0f61a05b | 471 | * initialised using cipher_context_from_type or |
| HannesTschofenig | 0:796d0f61a05b | 472 | * cipher_context_from_string. |
| HannesTschofenig | 0:796d0f61a05b | 473 | * \param key The key to use. |
| HannesTschofenig | 0:796d0f61a05b | 474 | * \param key_length key length to use, in bits. |
| HannesTschofenig | 0:796d0f61a05b | 475 | * \param operation Operation that the key will be used for, either |
| HannesTschofenig | 0:796d0f61a05b | 476 | * POLARSSL_ENCRYPT or POLARSSL_DECRYPT. |
| HannesTschofenig | 0:796d0f61a05b | 477 | * |
| HannesTschofenig | 0:796d0f61a05b | 478 | * \returns 0 on success, POLARSSL_ERR_CIPHER_BAD_INPUT_DATA if |
| HannesTschofenig | 0:796d0f61a05b | 479 | * parameter verification fails or a cipher specific |
| HannesTschofenig | 0:796d0f61a05b | 480 | * error code. |
| HannesTschofenig | 0:796d0f61a05b | 481 | */ |
| HannesTschofenig | 0:796d0f61a05b | 482 | int cipher_setkey( cipher_context_t *ctx, const unsigned char *key, |
| HannesTschofenig | 0:796d0f61a05b | 483 | int key_length, const operation_t operation ); |
| HannesTschofenig | 0:796d0f61a05b | 484 | |
| HannesTschofenig | 0:796d0f61a05b | 485 | #if defined(POLARSSL_CIPHER_MODE_WITH_PADDING) |
| HannesTschofenig | 0:796d0f61a05b | 486 | /** |
| HannesTschofenig | 0:796d0f61a05b | 487 | * \brief Set padding mode, for cipher modes that use padding. |
| HannesTschofenig | 0:796d0f61a05b | 488 | * (Default: PKCS7 padding.) |
| HannesTschofenig | 0:796d0f61a05b | 489 | * |
| HannesTschofenig | 0:796d0f61a05b | 490 | * \param ctx generic cipher context |
| HannesTschofenig | 0:796d0f61a05b | 491 | * \param mode padding mode |
| HannesTschofenig | 0:796d0f61a05b | 492 | * |
| HannesTschofenig | 0:796d0f61a05b | 493 | * \returns 0 on success, POLARSSL_ERR_CIPHER_FEATURE_UNAVAILABLE |
| HannesTschofenig | 0:796d0f61a05b | 494 | * if selected padding mode is not supported, or |
| HannesTschofenig | 0:796d0f61a05b | 495 | * POLARSSL_ERR_CIPHER_BAD_INPUT_DATA if the cipher mode |
| HannesTschofenig | 0:796d0f61a05b | 496 | * does not support padding. |
| HannesTschofenig | 0:796d0f61a05b | 497 | */ |
| HannesTschofenig | 0:796d0f61a05b | 498 | int cipher_set_padding_mode( cipher_context_t *ctx, cipher_padding_t mode ); |
| HannesTschofenig | 0:796d0f61a05b | 499 | #endif /* POLARSSL_CIPHER_MODE_WITH_PADDING */ |
| HannesTschofenig | 0:796d0f61a05b | 500 | |
| HannesTschofenig | 0:796d0f61a05b | 501 | /** |
| HannesTschofenig | 0:796d0f61a05b | 502 | * \brief Set the initialization vector (IV) or nonce |
| HannesTschofenig | 0:796d0f61a05b | 503 | * |
| HannesTschofenig | 0:796d0f61a05b | 504 | * \param ctx generic cipher context |
| HannesTschofenig | 0:796d0f61a05b | 505 | * \param iv IV to use (or NONCE_COUNTER for CTR-mode ciphers) |
| HannesTschofenig | 0:796d0f61a05b | 506 | * \param iv_len IV length for ciphers with variable-size IV; |
| HannesTschofenig | 0:796d0f61a05b | 507 | * discarded by ciphers with fixed-size IV. |
| HannesTschofenig | 0:796d0f61a05b | 508 | * |
| HannesTschofenig | 0:796d0f61a05b | 509 | * \returns O on success, or POLARSSL_ERR_CIPHER_BAD_INPUT_DATA |
| HannesTschofenig | 0:796d0f61a05b | 510 | * |
| HannesTschofenig | 0:796d0f61a05b | 511 | * \note Some ciphers don't use IVs nor NONCE. For these |
| HannesTschofenig | 0:796d0f61a05b | 512 | * ciphers, this function has no effect. |
| HannesTschofenig | 0:796d0f61a05b | 513 | */ |
| HannesTschofenig | 0:796d0f61a05b | 514 | int cipher_set_iv( cipher_context_t *ctx, |
| HannesTschofenig | 0:796d0f61a05b | 515 | const unsigned char *iv, size_t iv_len ); |
| HannesTschofenig | 0:796d0f61a05b | 516 | |
| HannesTschofenig | 0:796d0f61a05b | 517 | /** |
| HannesTschofenig | 0:796d0f61a05b | 518 | * \brief Finish preparation of the given context |
| HannesTschofenig | 0:796d0f61a05b | 519 | * |
| HannesTschofenig | 0:796d0f61a05b | 520 | * \param ctx generic cipher context |
| HannesTschofenig | 0:796d0f61a05b | 521 | * |
| HannesTschofenig | 0:796d0f61a05b | 522 | * \returns 0 on success, POLARSSL_ERR_CIPHER_BAD_INPUT_DATA |
| HannesTschofenig | 0:796d0f61a05b | 523 | * if parameter verification fails. |
| HannesTschofenig | 0:796d0f61a05b | 524 | */ |
| HannesTschofenig | 0:796d0f61a05b | 525 | int cipher_reset( cipher_context_t *ctx ); |
| HannesTschofenig | 0:796d0f61a05b | 526 | |
| HannesTschofenig | 0:796d0f61a05b | 527 | #if defined(POLARSSL_CIPHER_MODE_AEAD) |
| HannesTschofenig | 0:796d0f61a05b | 528 | /** |
| HannesTschofenig | 0:796d0f61a05b | 529 | * \brief Add additional data (for AEAD ciphers). |
| HannesTschofenig | 0:796d0f61a05b | 530 | * This function has no effect for non-AEAD ciphers. |
| HannesTschofenig | 0:796d0f61a05b | 531 | * For AEAD ciphers, it may or may not be called |
| HannesTschofenig | 0:796d0f61a05b | 532 | * repeatedly, and/or interleaved with calls to |
| HannesTschofenig | 0:796d0f61a05b | 533 | * cipher_udpate(), depending on the cipher. |
| HannesTschofenig | 0:796d0f61a05b | 534 | * E.g. for GCM is must be called exactly once, right |
| HannesTschofenig | 0:796d0f61a05b | 535 | * after cipher_reset(). |
| HannesTschofenig | 0:796d0f61a05b | 536 | * |
| HannesTschofenig | 0:796d0f61a05b | 537 | * \param ctx generic cipher context |
| HannesTschofenig | 0:796d0f61a05b | 538 | * \param ad Additional data to use. |
| HannesTschofenig | 0:796d0f61a05b | 539 | * \param ad_len Length of ad. |
| HannesTschofenig | 0:796d0f61a05b | 540 | * |
| HannesTschofenig | 0:796d0f61a05b | 541 | * \returns 0 on success, or a specific error code. |
| HannesTschofenig | 0:796d0f61a05b | 542 | */ |
| HannesTschofenig | 0:796d0f61a05b | 543 | int cipher_update_ad( cipher_context_t *ctx, |
| HannesTschofenig | 0:796d0f61a05b | 544 | const unsigned char *ad, size_t ad_len ); |
| HannesTschofenig | 0:796d0f61a05b | 545 | #endif /* POLARSSL_CIPHER_MODE_AEAD */ |
| HannesTschofenig | 0:796d0f61a05b | 546 | |
| HannesTschofenig | 0:796d0f61a05b | 547 | /** |
| HannesTschofenig | 0:796d0f61a05b | 548 | * \brief Generic cipher update function. Encrypts/decrypts |
| HannesTschofenig | 0:796d0f61a05b | 549 | * using the given cipher context. Writes as many block |
| HannesTschofenig | 0:796d0f61a05b | 550 | * size'd blocks of data as possible to output. Any data |
| HannesTschofenig | 0:796d0f61a05b | 551 | * that cannot be written immediately will either be added |
| HannesTschofenig | 0:796d0f61a05b | 552 | * to the next block, or flushed when cipher_final is |
| HannesTschofenig | 0:796d0f61a05b | 553 | * called. |
| HannesTschofenig | 0:796d0f61a05b | 554 | * Exception: for POLARSSL_MODE_ECB, expects single block |
| HannesTschofenig | 0:796d0f61a05b | 555 | * in size (e.g. 16 bytes for AES) |
| HannesTschofenig | 0:796d0f61a05b | 556 | * |
| HannesTschofenig | 0:796d0f61a05b | 557 | * \param ctx generic cipher context |
| HannesTschofenig | 0:796d0f61a05b | 558 | * \param input buffer holding the input data |
| HannesTschofenig | 0:796d0f61a05b | 559 | * \param ilen length of the input data |
| HannesTschofenig | 0:796d0f61a05b | 560 | * \param output buffer for the output data. Should be able to hold at |
| HannesTschofenig | 0:796d0f61a05b | 561 | * least ilen + block_size. Cannot be the same buffer as |
| HannesTschofenig | 0:796d0f61a05b | 562 | * input! |
| HannesTschofenig | 0:796d0f61a05b | 563 | * \param olen length of the output data, will be filled with the |
| HannesTschofenig | 0:796d0f61a05b | 564 | * actual number of bytes written. |
| HannesTschofenig | 0:796d0f61a05b | 565 | * |
| HannesTschofenig | 0:796d0f61a05b | 566 | * \returns 0 on success, POLARSSL_ERR_CIPHER_BAD_INPUT_DATA if |
| HannesTschofenig | 0:796d0f61a05b | 567 | * parameter verification fails, |
| HannesTschofenig | 0:796d0f61a05b | 568 | * POLARSSL_ERR_CIPHER_FEATURE_UNAVAILABLE on an |
| HannesTschofenig | 0:796d0f61a05b | 569 | * unsupported mode for a cipher or a cipher specific |
| HannesTschofenig | 0:796d0f61a05b | 570 | * error code. |
| HannesTschofenig | 0:796d0f61a05b | 571 | * |
| HannesTschofenig | 0:796d0f61a05b | 572 | * \note If the underlying cipher is GCM, all calls to this |
| HannesTschofenig | 0:796d0f61a05b | 573 | * function, except the last one before cipher_finish(), |
| HannesTschofenig | 0:796d0f61a05b | 574 | * must have ilen a multiple of the block size. |
| HannesTschofenig | 0:796d0f61a05b | 575 | */ |
| HannesTschofenig | 0:796d0f61a05b | 576 | int cipher_update( cipher_context_t *ctx, const unsigned char *input, |
| HannesTschofenig | 0:796d0f61a05b | 577 | size_t ilen, unsigned char *output, size_t *olen ); |
| HannesTschofenig | 0:796d0f61a05b | 578 | |
| HannesTschofenig | 0:796d0f61a05b | 579 | /** |
| HannesTschofenig | 0:796d0f61a05b | 580 | * \brief Generic cipher finalisation function. If data still |
| HannesTschofenig | 0:796d0f61a05b | 581 | * needs to be flushed from an incomplete block, data |
| HannesTschofenig | 0:796d0f61a05b | 582 | * contained within it will be padded with the size of |
| HannesTschofenig | 0:796d0f61a05b | 583 | * the last block, and written to the output buffer. |
| HannesTschofenig | 0:796d0f61a05b | 584 | * |
| HannesTschofenig | 0:796d0f61a05b | 585 | * \param ctx Generic cipher context |
| HannesTschofenig | 0:796d0f61a05b | 586 | * \param output buffer to write data to. Needs block_size available. |
| HannesTschofenig | 0:796d0f61a05b | 587 | * \param olen length of the data written to the output buffer. |
| HannesTschofenig | 0:796d0f61a05b | 588 | * |
| HannesTschofenig | 0:796d0f61a05b | 589 | * \returns 0 on success, POLARSSL_ERR_CIPHER_BAD_INPUT_DATA if |
| HannesTschofenig | 0:796d0f61a05b | 590 | * parameter verification fails, |
| HannesTschofenig | 0:796d0f61a05b | 591 | * POLARSSL_ERR_CIPHER_FULL_BLOCK_EXPECTED if decryption |
| HannesTschofenig | 0:796d0f61a05b | 592 | * expected a full block but was not provided one, |
| HannesTschofenig | 0:796d0f61a05b | 593 | * POLARSSL_ERR_CIPHER_INVALID_PADDING on invalid padding |
| HannesTschofenig | 0:796d0f61a05b | 594 | * while decrypting or a cipher specific error code. |
| HannesTschofenig | 0:796d0f61a05b | 595 | */ |
| HannesTschofenig | 0:796d0f61a05b | 596 | int cipher_finish( cipher_context_t *ctx, |
| HannesTschofenig | 0:796d0f61a05b | 597 | unsigned char *output, size_t *olen ); |
| HannesTschofenig | 0:796d0f61a05b | 598 | |
| HannesTschofenig | 0:796d0f61a05b | 599 | #if defined(POLARSSL_CIPHER_MODE_AEAD) |
| HannesTschofenig | 0:796d0f61a05b | 600 | /** |
| HannesTschofenig | 0:796d0f61a05b | 601 | * \brief Write tag for AEAD ciphers. |
| HannesTschofenig | 0:796d0f61a05b | 602 | * No effect for other ciphers. |
| HannesTschofenig | 0:796d0f61a05b | 603 | * Must be called after cipher_finish(). |
| HannesTschofenig | 0:796d0f61a05b | 604 | * |
| HannesTschofenig | 0:796d0f61a05b | 605 | * \param ctx Generic cipher context |
| HannesTschofenig | 0:796d0f61a05b | 606 | * \param tag buffer to write the tag |
| HannesTschofenig | 0:796d0f61a05b | 607 | * \param tag_len Length of the tag to write |
| HannesTschofenig | 0:796d0f61a05b | 608 | * |
| HannesTschofenig | 0:796d0f61a05b | 609 | * \return 0 on success, or a specific error code. |
| HannesTschofenig | 0:796d0f61a05b | 610 | */ |
| HannesTschofenig | 0:796d0f61a05b | 611 | int cipher_write_tag( cipher_context_t *ctx, |
| HannesTschofenig | 0:796d0f61a05b | 612 | unsigned char *tag, size_t tag_len ); |
| HannesTschofenig | 0:796d0f61a05b | 613 | |
| HannesTschofenig | 0:796d0f61a05b | 614 | /** |
| HannesTschofenig | 0:796d0f61a05b | 615 | * \brief Check tag for AEAD ciphers. |
| HannesTschofenig | 0:796d0f61a05b | 616 | * No effect for other ciphers. |
| HannesTschofenig | 0:796d0f61a05b | 617 | * Calling time depends on the cipher: |
| HannesTschofenig | 0:796d0f61a05b | 618 | * for GCM, must be called after cipher_finish(). |
| HannesTschofenig | 0:796d0f61a05b | 619 | * |
| HannesTschofenig | 0:796d0f61a05b | 620 | * \param ctx Generic cipher context |
| HannesTschofenig | 0:796d0f61a05b | 621 | * \param tag Buffer holding the tag |
| HannesTschofenig | 0:796d0f61a05b | 622 | * \param tag_len Length of the tag to check |
| HannesTschofenig | 0:796d0f61a05b | 623 | * |
| HannesTschofenig | 0:796d0f61a05b | 624 | * \return 0 on success, or a specific error code. |
| HannesTschofenig | 0:796d0f61a05b | 625 | */ |
| HannesTschofenig | 0:796d0f61a05b | 626 | int cipher_check_tag( cipher_context_t *ctx, |
| HannesTschofenig | 0:796d0f61a05b | 627 | const unsigned char *tag, size_t tag_len ); |
| HannesTschofenig | 0:796d0f61a05b | 628 | #endif /* POLARSSL_CIPHER_MODE_AEAD */ |
| HannesTschofenig | 0:796d0f61a05b | 629 | |
| HannesTschofenig | 0:796d0f61a05b | 630 | /** |
| HannesTschofenig | 0:796d0f61a05b | 631 | * \brief Checkup routine |
| HannesTschofenig | 0:796d0f61a05b | 632 | * |
| HannesTschofenig | 0:796d0f61a05b | 633 | * \return 0 if successful, or 1 if the test failed |
| HannesTschofenig | 0:796d0f61a05b | 634 | */ |
| HannesTschofenig | 0:796d0f61a05b | 635 | int cipher_self_test( int verbose ); |
| HannesTschofenig | 0:796d0f61a05b | 636 | |
| HannesTschofenig | 0:796d0f61a05b | 637 | #ifdef __cplusplus |
| HannesTschofenig | 0:796d0f61a05b | 638 | } |
| HannesTschofenig | 0:796d0f61a05b | 639 | #endif |
| HannesTschofenig | 0:796d0f61a05b | 640 | |
| HannesTschofenig | 0:796d0f61a05b | 641 | #endif /* POLARSSL_CIPHER_H */ |
| HannesTschofenig | 0:796d0f61a05b | 642 | |
| HannesTschofenig | 0:796d0f61a05b | 643 |