joey shelton / LED_Demo

Dependencies:   MAX44000 PWM_Tone_Library nexpaq_mdk

Fork of LED_Demo by Maxim nexpaq

Embed: (wiki syntax)

« Back to documentation index

Show/hide line numbers cipher.h Source File

cipher.h

Go to the documentation of this file.
00001 /**
00002  * \file cipher.h
00003  *
00004  * \brief Generic cipher wrapper.
00005  *
00006  * \author Adriaan de Jong <dejong@fox-it.com>
00007  *
00008  *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
00009  *  SPDX-License-Identifier: Apache-2.0
00010  *
00011  *  Licensed under the Apache License, Version 2.0 (the "License"); you may
00012  *  not use this file except in compliance with the License.
00013  *  You may obtain a copy of the License at
00014  *
00015  *  http://www.apache.org/licenses/LICENSE-2.0
00016  *
00017  *  Unless required by applicable law or agreed to in writing, software
00018  *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
00019  *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
00020  *  See the License for the specific language governing permissions and
00021  *  limitations under the License.
00022  *
00023  *  This file is part of mbed TLS (https://tls.mbed.org)
00024  */
00025 
00026 #ifndef MBEDTLS_CIPHER_H
00027 #define MBEDTLS_CIPHER_H
00028 
00029 #if !defined(MBEDTLS_CONFIG_FILE)
00030 #include "config.h"
00031 #else
00032 #include MBEDTLS_CONFIG_FILE
00033 #endif
00034 
00035 #include <stddef.h>
00036 
00037 #if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CCM_C)
00038 #define MBEDTLS_CIPHER_MODE_AEAD
00039 #endif
00040 
00041 #if defined(MBEDTLS_CIPHER_MODE_CBC)
00042 #define MBEDTLS_CIPHER_MODE_WITH_PADDING
00043 #endif
00044 
00045 #if defined(MBEDTLS_ARC4_C)
00046 #define MBEDTLS_CIPHER_MODE_STREAM
00047 #endif
00048 
00049 #if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
00050     !defined(inline) && !defined(__cplusplus)
00051 #define inline __inline
00052 #endif
00053 
00054 #define MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE            -0x6080  /**< The selected feature is not available. */
00055 #define MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA                 -0x6100  /**< Bad input parameters to function. */
00056 #define MBEDTLS_ERR_CIPHER_ALLOC_FAILED                   -0x6180  /**< Failed to allocate memory. */
00057 #define MBEDTLS_ERR_CIPHER_INVALID_PADDING                -0x6200  /**< Input data contains invalid padding and is rejected. */
00058 #define MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED            -0x6280  /**< Decryption of block requires a full block. */
00059 #define MBEDTLS_ERR_CIPHER_AUTH_FAILED                    -0x6300  /**< Authentication failed (for AEAD modes). */
00060 #define MBEDTLS_ERR_CIPHER_INVALID_CONTEXT              -0x6380  /**< The context is invalid, eg because it was free()ed. */
00061 
00062 #define MBEDTLS_CIPHER_VARIABLE_IV_LEN     0x01    /**< Cipher accepts IVs of variable length */
00063 #define MBEDTLS_CIPHER_VARIABLE_KEY_LEN    0x02    /**< Cipher accepts keys of variable length */
00064 
00065 #ifdef __cplusplus
00066 extern "C" {
00067 #endif
00068 
00069 typedef enum {
00070     MBEDTLS_CIPHER_ID_NONE = 0,
00071     MBEDTLS_CIPHER_ID_NULL,
00072     MBEDTLS_CIPHER_ID_AES,
00073     MBEDTLS_CIPHER_ID_DES,
00074     MBEDTLS_CIPHER_ID_3DES,
00075     MBEDTLS_CIPHER_ID_CAMELLIA,
00076     MBEDTLS_CIPHER_ID_BLOWFISH,
00077     MBEDTLS_CIPHER_ID_ARC4,
00078 } mbedtls_cipher_id_t;
00079 
00080 typedef enum {
00081     MBEDTLS_CIPHER_NONE = 0,
00082     MBEDTLS_CIPHER_NULL,
00083     MBEDTLS_CIPHER_AES_128_ECB,
00084     MBEDTLS_CIPHER_AES_192_ECB,
00085     MBEDTLS_CIPHER_AES_256_ECB,
00086     MBEDTLS_CIPHER_AES_128_CBC,
00087     MBEDTLS_CIPHER_AES_192_CBC,
00088     MBEDTLS_CIPHER_AES_256_CBC,
00089     MBEDTLS_CIPHER_AES_128_CFB128,
00090     MBEDTLS_CIPHER_AES_192_CFB128,
00091     MBEDTLS_CIPHER_AES_256_CFB128,
00092     MBEDTLS_CIPHER_AES_128_CTR,
00093     MBEDTLS_CIPHER_AES_192_CTR,
00094     MBEDTLS_CIPHER_AES_256_CTR,
00095     MBEDTLS_CIPHER_AES_128_GCM,
00096     MBEDTLS_CIPHER_AES_192_GCM,
00097     MBEDTLS_CIPHER_AES_256_GCM,
00098     MBEDTLS_CIPHER_CAMELLIA_128_ECB,
00099     MBEDTLS_CIPHER_CAMELLIA_192_ECB,
00100     MBEDTLS_CIPHER_CAMELLIA_256_ECB,
00101     MBEDTLS_CIPHER_CAMELLIA_128_CBC,
00102     MBEDTLS_CIPHER_CAMELLIA_192_CBC,
00103     MBEDTLS_CIPHER_CAMELLIA_256_CBC,
00104     MBEDTLS_CIPHER_CAMELLIA_128_CFB128,
00105     MBEDTLS_CIPHER_CAMELLIA_192_CFB128,
00106     MBEDTLS_CIPHER_CAMELLIA_256_CFB128,
00107     MBEDTLS_CIPHER_CAMELLIA_128_CTR,
00108     MBEDTLS_CIPHER_CAMELLIA_192_CTR,
00109     MBEDTLS_CIPHER_CAMELLIA_256_CTR,
00110     MBEDTLS_CIPHER_CAMELLIA_128_GCM,
00111     MBEDTLS_CIPHER_CAMELLIA_192_GCM,
00112     MBEDTLS_CIPHER_CAMELLIA_256_GCM,
00113     MBEDTLS_CIPHER_DES_ECB,
00114     MBEDTLS_CIPHER_DES_CBC,
00115     MBEDTLS_CIPHER_DES_EDE_ECB,
00116     MBEDTLS_CIPHER_DES_EDE_CBC,
00117     MBEDTLS_CIPHER_DES_EDE3_ECB,
00118     MBEDTLS_CIPHER_DES_EDE3_CBC,
00119     MBEDTLS_CIPHER_BLOWFISH_ECB,
00120     MBEDTLS_CIPHER_BLOWFISH_CBC,
00121     MBEDTLS_CIPHER_BLOWFISH_CFB64,
00122     MBEDTLS_CIPHER_BLOWFISH_CTR,
00123     MBEDTLS_CIPHER_ARC4_128,
00124     MBEDTLS_CIPHER_AES_128_CCM,
00125     MBEDTLS_CIPHER_AES_192_CCM,
00126     MBEDTLS_CIPHER_AES_256_CCM,
00127     MBEDTLS_CIPHER_CAMELLIA_128_CCM,
00128     MBEDTLS_CIPHER_CAMELLIA_192_CCM,
00129     MBEDTLS_CIPHER_CAMELLIA_256_CCM,
00130 } mbedtls_cipher_type_t;
00131 
00132 typedef enum {
00133     MBEDTLS_MODE_NONE = 0,
00134     MBEDTLS_MODE_ECB,
00135     MBEDTLS_MODE_CBC,
00136     MBEDTLS_MODE_CFB,
00137     MBEDTLS_MODE_OFB, /* Unused! */
00138     MBEDTLS_MODE_CTR,
00139     MBEDTLS_MODE_GCM,
00140     MBEDTLS_MODE_STREAM,
00141     MBEDTLS_MODE_CCM,
00142 } mbedtls_cipher_mode_t;
00143 
00144 typedef enum {
00145     MBEDTLS_PADDING_PKCS7 = 0,     /**< PKCS7 padding (default)        */
00146     MBEDTLS_PADDING_ONE_AND_ZEROS, /**< ISO/IEC 7816-4 padding         */
00147     MBEDTLS_PADDING_ZEROS_AND_LEN, /**< ANSI X.923 padding             */
00148     MBEDTLS_PADDING_ZEROS,         /**< zero padding (not reversible!) */
00149     MBEDTLS_PADDING_NONE,          /**< never pad (full blocks only)   */
00150 } mbedtls_cipher_padding_t ;
00151 
00152 typedef enum {
00153     MBEDTLS_OPERATION_NONE = -1,
00154     MBEDTLS_DECRYPT = 0,
00155     MBEDTLS_ENCRYPT,
00156 } mbedtls_operation_t;
00157 
00158 enum {
00159     /** Undefined key length */
00160     MBEDTLS_KEY_LENGTH_NONE = 0,
00161     /** Key length, in bits (including parity), for DES keys */
00162     MBEDTLS_KEY_LENGTH_DES  = 64,
00163     /** Key length, in bits (including parity), for DES in two key EDE */
00164     MBEDTLS_KEY_LENGTH_DES_EDE = 128,
00165     /** Key length, in bits (including parity), for DES in three-key EDE */
00166     MBEDTLS_KEY_LENGTH_DES_EDE3 = 192,
00167 };
00168 
00169 /** Maximum length of any IV, in bytes */
00170 #define MBEDTLS_MAX_IV_LENGTH      16
00171 /** Maximum block size of any cipher, in bytes */
00172 #define MBEDTLS_MAX_BLOCK_LENGTH   16
00173 
00174 /**
00175  * Base cipher information (opaque struct).
00176  */
00177 typedef struct mbedtls_cipher_base_t mbedtls_cipher_base_t;
00178 
00179 /**
00180  * Cipher information. Allows cipher functions to be called in a generic way.
00181  */
00182 typedef struct {
00183     /** Full cipher identifier (e.g. MBEDTLS_CIPHER_AES_256_CBC) */
00184     mbedtls_cipher_type_t type;
00185 
00186     /** Cipher mode (e.g. MBEDTLS_MODE_CBC) */
00187     mbedtls_cipher_mode_t mode;
00188 
00189     /** Cipher key length, in bits (default length for variable sized ciphers)
00190      *  (Includes parity bits for ciphers like DES) */
00191     unsigned int key_bitlen;
00192 
00193     /** Name of the cipher */
00194     const char * name;
00195 
00196     /** IV/NONCE size, in bytes.
00197      *  For cipher that accept many sizes: recommended size */
00198     unsigned int iv_size;
00199 
00200     /** Flags for variable IV size, variable key size, etc. */
00201     int flags;
00202 
00203     /** block size, in bytes */
00204     unsigned int block_size;
00205 
00206     /** Base cipher information and functions */
00207     const mbedtls_cipher_base_t *base;
00208 
00209 } mbedtls_cipher_info_t;
00210 
00211 /**
00212  * Generic cipher context.
00213  */
00214 typedef struct {
00215     /** Information about the associated cipher */
00216     const mbedtls_cipher_info_t *cipher_info;
00217 
00218     /** Key length to use */
00219     int key_bitlen;
00220 
00221     /** Operation that the context's key has been initialised for */
00222     mbedtls_operation_t operation;
00223 
00224 #if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
00225     /** Padding functions to use, if relevant for cipher mode */
00226     void (*add_padding)( unsigned char *output, size_t olen, size_t data_len );
00227     int (*get_padding)( unsigned char *input, size_t ilen, size_t *data_len );
00228 #endif
00229 
00230     /** Buffer for data that hasn't been encrypted yet */
00231     unsigned char unprocessed_data[MBEDTLS_MAX_BLOCK_LENGTH];
00232 
00233     /** Number of bytes that still need processing */
00234     size_t unprocessed_len;
00235 
00236     /** Current IV or NONCE_COUNTER for CTR-mode */
00237     unsigned char iv[MBEDTLS_MAX_IV_LENGTH];
00238 
00239     /** IV size in bytes (for ciphers with variable-length IVs) */
00240     size_t iv_size;
00241 
00242     /** Cipher-specific context */
00243     void *cipher_ctx;
00244 } mbedtls_cipher_context_t;
00245 
00246 /**
00247  * \brief Returns the list of ciphers supported by the generic cipher module.
00248  *
00249  * \return              a statically allocated array of ciphers, the last entry
00250  *                      is 0.
00251  */
00252 const int *mbedtls_cipher_list( void );
00253 
00254 /**
00255  * \brief               Returns the cipher information structure associated
00256  *                      with the given cipher name.
00257  *
00258  * \param cipher_name   Name of the cipher to search for.
00259  *
00260  * \return              the cipher information structure associated with the
00261  *                      given cipher_name, or NULL if not found.
00262  */
00263 const mbedtls_cipher_info_t *mbedtls_cipher_info_from_string( const char *cipher_name );
00264 
00265 /**
00266  * \brief               Returns the cipher information structure associated
00267  *                      with the given cipher type.
00268  *
00269  * \param cipher_type   Type of the cipher to search for.
00270  *
00271  * \return              the cipher information structure associated with the
00272  *                      given cipher_type, or NULL if not found.
00273  */
00274 const mbedtls_cipher_info_t *mbedtls_cipher_info_from_type( const mbedtls_cipher_type_t cipher_type );
00275 
00276 /**
00277  * \brief               Returns the cipher information structure associated
00278  *                      with the given cipher id, key size and mode.
00279  *
00280  * \param cipher_id     Id of the cipher to search for
00281  *                      (e.g. MBEDTLS_CIPHER_ID_AES)
00282  * \param key_bitlen    Length of the key in bits
00283  * \param mode          Cipher mode (e.g. MBEDTLS_MODE_CBC)
00284  *
00285  * \return              the cipher information structure associated with the
00286  *                      given cipher_type, or NULL if not found.
00287  */
00288 const mbedtls_cipher_info_t *mbedtls_cipher_info_from_values( const mbedtls_cipher_id_t cipher_id,
00289                                               int key_bitlen,
00290                                               const mbedtls_cipher_mode_t mode );
00291 
00292 /**
00293  * \brief               Initialize a cipher_context (as NONE)
00294  */
00295 void mbedtls_cipher_init( mbedtls_cipher_context_t *ctx );
00296 
00297 /**
00298  * \brief               Free and clear the cipher-specific context of ctx.
00299  *                      Freeing ctx itself remains the responsibility of the
00300  *                      caller.
00301  */
00302 void mbedtls_cipher_free( mbedtls_cipher_context_t *ctx );
00303 
00304 /**
00305  * \brief               Initialises and fills the cipher context structure with
00306  *                      the appropriate values.
00307  *
00308  * \note                Currently also clears structure. In future versions you
00309  *                      will be required to call mbedtls_cipher_init() on the structure
00310  *                      first.
00311  *
00312  * \param ctx           context to initialise. May not be NULL.
00313  * \param cipher_info   cipher to use.
00314  *
00315  * \return              0 on success,
00316  *                      MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA on parameter failure,
00317  *                      MBEDTLS_ERR_CIPHER_ALLOC_FAILED if allocation of the
00318  *                      cipher-specific context failed.
00319  */
00320 int mbedtls_cipher_setup( mbedtls_cipher_context_t *ctx, const mbedtls_cipher_info_t *cipher_info );
00321 
00322 /**
00323  * \brief               Returns the block size of the given cipher.
00324  *
00325  * \param ctx           cipher's context. Must have been initialised.
00326  *
00327  * \return              size of the cipher's blocks, or 0 if ctx has not been
00328  *                      initialised.
00329  */
00330 static inline unsigned int mbedtls_cipher_get_block_size( const mbedtls_cipher_context_t *ctx )
00331 {
00332     if( NULL == ctx || NULL == ctx->cipher_info )
00333         return 0;
00334 
00335     return ctx->cipher_info->block_size;
00336 }
00337 
00338 /**
00339  * \brief               Returns the mode of operation for the cipher.
00340  *                      (e.g. MBEDTLS_MODE_CBC)
00341  *
00342  * \param ctx           cipher's context. Must have been initialised.
00343  *
00344  * \return              mode of operation, or MBEDTLS_MODE_NONE if ctx
00345  *                      has not been initialised.
00346  */
00347 static inline mbedtls_cipher_mode_t mbedtls_cipher_get_cipher_mode( const mbedtls_cipher_context_t *ctx )
00348 {
00349     if( NULL == ctx || NULL == ctx->cipher_info )
00350         return MBEDTLS_MODE_NONE;
00351 
00352     return ctx->cipher_info->mode;
00353 }
00354 
00355 /**
00356  * \brief               Returns the size of the cipher's IV/NONCE in bytes.
00357  *
00358  * \param ctx           cipher's context. Must have been initialised.
00359  *
00360  * \return              If IV has not been set yet: (recommended) IV size
00361  *                      (0 for ciphers not using IV/NONCE).
00362  *                      If IV has already been set: actual size.
00363  */
00364 static inline int mbedtls_cipher_get_iv_size( const mbedtls_cipher_context_t *ctx )
00365 {
00366     if( NULL == ctx || NULL == ctx->cipher_info )
00367         return 0;
00368 
00369     if( ctx->iv_size != 0 )
00370         return (int) ctx->iv_size;
00371 
00372     return (int) ctx->cipher_info->iv_size;
00373 }
00374 
00375 /**
00376  * \brief               Returns the type of the given cipher.
00377  *
00378  * \param ctx           cipher's context. Must have been initialised.
00379  *
00380  * \return              type of the cipher, or MBEDTLS_CIPHER_NONE if ctx has
00381  *                      not been initialised.
00382  */
00383 static inline mbedtls_cipher_type_t mbedtls_cipher_get_type( const mbedtls_cipher_context_t *ctx )
00384 {
00385     if( NULL == ctx || NULL == ctx->cipher_info )
00386         return MBEDTLS_CIPHER_NONE;
00387 
00388     return ctx->cipher_info->type;
00389 }
00390 
00391 /**
00392  * \brief               Returns the name of the given cipher, as a string.
00393  *
00394  * \param ctx           cipher's context. Must have been initialised.
00395  *
00396  * \return              name of the cipher, or NULL if ctx was not initialised.
00397  */
00398 static inline const char *mbedtls_cipher_get_name( const mbedtls_cipher_context_t *ctx )
00399 {
00400     if( NULL == ctx || NULL == ctx->cipher_info )
00401         return 0;
00402 
00403     return ctx->cipher_info->name;
00404 }
00405 
00406 /**
00407  * \brief               Returns the key length of the cipher.
00408  *
00409  * \param ctx           cipher's context. Must have been initialised.
00410  *
00411  * \return              cipher's key length, in bits, or
00412  *                      MBEDTLS_KEY_LENGTH_NONE if ctx has not been
00413  *                      initialised.
00414  */
00415 static inline int mbedtls_cipher_get_key_bitlen( const mbedtls_cipher_context_t *ctx )
00416 {
00417     if( NULL == ctx || NULL == ctx->cipher_info )
00418         return MBEDTLS_KEY_LENGTH_NONE;
00419 
00420     return (int) ctx->cipher_info->key_bitlen;
00421 }
00422 
00423 /**
00424  * \brief               Returns the operation of the given cipher.
00425  *
00426  * \param ctx           cipher's context. Must have been initialised.
00427  *
00428  * \return              operation (MBEDTLS_ENCRYPT or MBEDTLS_DECRYPT),
00429  *                      or MBEDTLS_OPERATION_NONE if ctx has not been
00430  *                      initialised.
00431  */
00432 static inline mbedtls_operation_t mbedtls_cipher_get_operation( const mbedtls_cipher_context_t *ctx )
00433 {
00434     if( NULL == ctx || NULL == ctx->cipher_info )
00435         return MBEDTLS_OPERATION_NONE;
00436 
00437     return ctx->operation;
00438 }
00439 
00440 /**
00441  * \brief               Set the key to use with the given context.
00442  *
00443  * \param ctx           generic cipher context. May not be NULL. Must have been
00444  *                      initialised using cipher_context_from_type or
00445  *                      cipher_context_from_string.
00446  * \param key           The key to use.
00447  * \param key_bitlen    key length to use, in bits.
00448  * \param operation     Operation that the key will be used for, either
00449  *                      MBEDTLS_ENCRYPT or MBEDTLS_DECRYPT.
00450  *
00451  * \returns             0 on success, MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA if
00452  *                      parameter verification fails or a cipher specific
00453  *                      error code.
00454  */
00455 int mbedtls_cipher_setkey( mbedtls_cipher_context_t *ctx, const unsigned char *key,
00456                    int key_bitlen, const mbedtls_operation_t operation );
00457 
00458 #if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
00459 /**
00460  * \brief               Set padding mode, for cipher modes that use padding.
00461  *                      (Default: PKCS7 padding.)
00462  *
00463  * \param ctx           generic cipher context
00464  * \param mode          padding mode
00465  *
00466  * \returns             0 on success, MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE
00467  *                      if selected padding mode is not supported, or
00468  *                      MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA if the cipher mode
00469  *                      does not support padding.
00470  */
00471 int mbedtls_cipher_set_padding_mode( mbedtls_cipher_context_t *ctx, mbedtls_cipher_padding_t  mode );
00472 #endif /* MBEDTLS_CIPHER_MODE_WITH_PADDING */
00473 
00474 /**
00475  * \brief               Set the initialization vector (IV) or nonce
00476  *
00477  * \param ctx           generic cipher context
00478  * \param iv            IV to use (or NONCE_COUNTER for CTR-mode ciphers)
00479  * \param iv_len        IV length for ciphers with variable-size IV;
00480  *                      discarded by ciphers with fixed-size IV.
00481  *
00482  * \returns             0 on success, or MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA
00483  *
00484  * \note                Some ciphers don't use IVs nor NONCE. For these
00485  *                      ciphers, this function has no effect.
00486  */
00487 int mbedtls_cipher_set_iv( mbedtls_cipher_context_t *ctx,
00488                    const unsigned char *iv, size_t iv_len );
00489 
00490 /**
00491  * \brief               Finish preparation of the given context
00492  *
00493  * \param ctx           generic cipher context
00494  *
00495  * \returns             0 on success, MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA
00496  *                      if parameter verification fails.
00497  */
00498 int mbedtls_cipher_reset( mbedtls_cipher_context_t *ctx );
00499 
00500 #if defined(MBEDTLS_GCM_C)
00501 /**
00502  * \brief               Add additional data (for AEAD ciphers).
00503  *                      Currently only supported with GCM.
00504  *                      Must be called exactly once, after mbedtls_cipher_reset().
00505  *
00506  * \param ctx           generic cipher context
00507  * \param ad            Additional data to use.
00508  * \param ad_len        Length of ad.
00509  *
00510  * \return              0 on success, or a specific error code.
00511  */
00512 int mbedtls_cipher_update_ad( mbedtls_cipher_context_t *ctx,
00513                       const unsigned char *ad, size_t ad_len );
00514 #endif /* MBEDTLS_GCM_C */
00515 
00516 /**
00517  * \brief               Generic cipher update function. Encrypts/decrypts
00518  *                      using the given cipher context. Writes as many block
00519  *                      size'd blocks of data as possible to output. Any data
00520  *                      that cannot be written immediately will either be added
00521  *                      to the next block, or flushed when cipher_final is
00522  *                      called.
00523  *                      Exception: for MBEDTLS_MODE_ECB, expects single block
00524  *                                 in size (e.g. 16 bytes for AES)
00525  *
00526  * \param ctx           generic cipher context
00527  * \param input         buffer holding the input data
00528  * \param ilen          length of the input data
00529  * \param output        buffer for the output data. Should be able to hold at
00530  *                      least ilen + block_size. Cannot be the same buffer as
00531  *                      input!
00532  * \param olen          length of the output data, will be filled with the
00533  *                      actual number of bytes written.
00534  *
00535  * \returns             0 on success, MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA if
00536  *                      parameter verification fails,
00537  *                      MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE on an
00538  *                      unsupported mode for a cipher or a cipher specific
00539  *                      error code.
00540  *
00541  * \note                If the underlying cipher is GCM, all calls to this
00542  *                      function, except the last one before mbedtls_cipher_finish(),
00543  *                      must have ilen a multiple of the block size.
00544  */
00545 int mbedtls_cipher_update( mbedtls_cipher_context_t *ctx, const unsigned char *input,
00546                    size_t ilen, unsigned char *output, size_t *olen );
00547 
00548 /**
00549  * \brief               Generic cipher finalisation function. If data still
00550  *                      needs to be flushed from an incomplete block, data
00551  *                      contained within it will be padded with the size of
00552  *                      the last block, and written to the output buffer.
00553  *
00554  * \param ctx           Generic cipher context
00555  * \param output        buffer to write data to. Needs block_size available.
00556  * \param olen          length of the data written to the output buffer.
00557  *
00558  * \returns             0 on success, MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA if
00559  *                      parameter verification fails,
00560  *                      MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED if decryption
00561  *                      expected a full block but was not provided one,
00562  *                      MBEDTLS_ERR_CIPHER_INVALID_PADDING on invalid padding
00563  *                      while decrypting or a cipher specific error code.
00564  */
00565 int mbedtls_cipher_finish( mbedtls_cipher_context_t *ctx,
00566                    unsigned char *output, size_t *olen );
00567 
00568 #if defined(MBEDTLS_GCM_C)
00569 /**
00570  * \brief               Write tag for AEAD ciphers.
00571  *                      Currently only supported with GCM.
00572  *                      Must be called after mbedtls_cipher_finish().
00573  *
00574  * \param ctx           Generic cipher context
00575  * \param tag           buffer to write the tag
00576  * \param tag_len       Length of the tag to write
00577  *
00578  * \return              0 on success, or a specific error code.
00579  */
00580 int mbedtls_cipher_write_tag( mbedtls_cipher_context_t *ctx,
00581                       unsigned char *tag, size_t tag_len );
00582 
00583 /**
00584  * \brief               Check tag for AEAD ciphers.
00585  *                      Currently only supported with GCM.
00586  *                      Must be called after mbedtls_cipher_finish().
00587  *
00588  * \param ctx           Generic cipher context
00589  * \param tag           Buffer holding the tag
00590  * \param tag_len       Length of the tag to check
00591  *
00592  * \return              0 on success, or a specific error code.
00593  */
00594 int mbedtls_cipher_check_tag( mbedtls_cipher_context_t *ctx,
00595                       const unsigned char *tag, size_t tag_len );
00596 #endif /* MBEDTLS_GCM_C */
00597 
00598 /**
00599  * \brief               Generic all-in-one encryption/decryption
00600  *                      (for all ciphers except AEAD constructs).
00601  *
00602  * \param ctx           generic cipher context
00603  * \param iv            IV to use (or NONCE_COUNTER for CTR-mode ciphers)
00604  * \param iv_len        IV length for ciphers with variable-size IV;
00605  *                      discarded by ciphers with fixed-size IV.
00606  * \param input         buffer holding the input data
00607  * \param ilen          length of the input data
00608  * \param output        buffer for the output data. Should be able to hold at
00609  *                      least ilen + block_size. Cannot be the same buffer as
00610  *                      input!
00611  * \param olen          length of the output data, will be filled with the
00612  *                      actual number of bytes written.
00613  *
00614  * \note                Some ciphers don't use IVs nor NONCE. For these
00615  *                      ciphers, use iv = NULL and iv_len = 0.
00616  *
00617  * \returns             0 on success, or
00618  *                      MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, or
00619  *                      MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED if decryption
00620  *                      expected a full block but was not provided one, or
00621  *                      MBEDTLS_ERR_CIPHER_INVALID_PADDING on invalid padding
00622  *                      while decrypting, or
00623  *                      a cipher specific error code.
00624  */
00625 int mbedtls_cipher_crypt( mbedtls_cipher_context_t *ctx,
00626                   const unsigned char *iv, size_t iv_len,
00627                   const unsigned char *input, size_t ilen,
00628                   unsigned char *output, size_t *olen );
00629 
00630 #if defined(MBEDTLS_CIPHER_MODE_AEAD)
00631 /**
00632  * \brief               Generic autenticated encryption (AEAD ciphers).
00633  *
00634  * \param ctx           generic cipher context
00635  * \param iv            IV to use (or NONCE_COUNTER for CTR-mode ciphers)
00636  * \param iv_len        IV length for ciphers with variable-size IV;
00637  *                      discarded by ciphers with fixed-size IV.
00638  * \param ad            Additional data to authenticate.
00639  * \param ad_len        Length of ad.
00640  * \param input         buffer holding the input data
00641  * \param ilen          length of the input data
00642  * \param output        buffer for the output data.
00643  *                      Should be able to hold at least ilen.
00644  * \param olen          length of the output data, will be filled with the
00645  *                      actual number of bytes written.
00646  * \param tag           buffer for the authentication tag
00647  * \param tag_len       desired tag length
00648  *
00649  * \returns             0 on success, or
00650  *                      MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, or
00651  *                      a cipher specific error code.
00652  */
00653 int mbedtls_cipher_auth_encrypt( mbedtls_cipher_context_t *ctx,
00654                          const unsigned char *iv, size_t iv_len,
00655                          const unsigned char *ad, size_t ad_len,
00656                          const unsigned char *input, size_t ilen,
00657                          unsigned char *output, size_t *olen,
00658                          unsigned char *tag, size_t tag_len );
00659 
00660 /**
00661  * \brief               Generic autenticated decryption (AEAD ciphers).
00662  *
00663  * \param ctx           generic cipher context
00664  * \param iv            IV to use (or NONCE_COUNTER for CTR-mode ciphers)
00665  * \param iv_len        IV length for ciphers with variable-size IV;
00666  *                      discarded by ciphers with fixed-size IV.
00667  * \param ad            Additional data to be authenticated.
00668  * \param ad_len        Length of ad.
00669  * \param input         buffer holding the input data
00670  * \param ilen          length of the input data
00671  * \param output        buffer for the output data.
00672  *                      Should be able to hold at least ilen.
00673  * \param olen          length of the output data, will be filled with the
00674  *                      actual number of bytes written.
00675  * \param tag           buffer holding the authentication tag
00676  * \param tag_len       length of the authentication tag
00677  *
00678  * \returns             0 on success, or
00679  *                      MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, or
00680  *                      MBEDTLS_ERR_CIPHER_AUTH_FAILED if data isn't authentic,
00681  *                      or a cipher specific error code.
00682  *
00683  * \note                If the data is not authentic, then the output buffer
00684  *                      is zeroed out to prevent the unauthentic plaintext to
00685  *                      be used by mistake, making this interface safer.
00686  */
00687 int mbedtls_cipher_auth_decrypt( mbedtls_cipher_context_t *ctx,
00688                          const unsigned char *iv, size_t iv_len,
00689                          const unsigned char *ad, size_t ad_len,
00690                          const unsigned char *input, size_t ilen,
00691                          unsigned char *output, size_t *olen,
00692                          const unsigned char *tag, size_t tag_len );
00693 #endif /* MBEDTLS_CIPHER_MODE_AEAD */
00694 
00695 #ifdef __cplusplus
00696 }
00697 #endif
00698 
00699 #endif /* MBEDTLS_CIPHER_H */