Fawwaz Nadzmy
mbed library sources. Supersedes mbed-src.
Fork of
mbed-dev
by 
mbed official
targets/TARGET_NUVOTON/TARGET_NUC472/crypto/aes/aes_alt.h@149:156823d33999, 2016-10-28 (annotated)
- Committer:
- <>
- Date:
- Fri Oct 28 11:17:30 2016 +0100
- Revision:
- 149:156823d33999
This updates the lib to the mbed lib v128
NOTE: This release includes a restructuring of the file and directory locations and thus some
include paths in your code may need updating accordingly.
Who changed what in which revision?
| User | Revision | Line number | New contents of line |
|---|---|---|---|
| <> | 149:156823d33999 | 1 | /** |
| <> | 149:156823d33999 | 2 | * \file aes_alt.h |
| <> | 149:156823d33999 | 3 | * |
| <> | 149:156823d33999 | 4 | * \brief AES block cipher |
| <> | 149:156823d33999 | 5 | * |
| <> | 149:156823d33999 | 6 | * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved |
| <> | 149:156823d33999 | 7 | * SPDX-License-Identifier: Apache-2.0 |
| <> | 149:156823d33999 | 8 | * |
| <> | 149:156823d33999 | 9 | * Licensed under the Apache License, Version 2.0 (the "License"); you may |
| <> | 149:156823d33999 | 10 | * not use this file except in compliance with the License. |
| <> | 149:156823d33999 | 11 | * You may obtain a copy of the License at |
| <> | 149:156823d33999 | 12 | * |
| <> | 149:156823d33999 | 13 | * http://www.apache.org/licenses/LICENSE-2.0 |
| <> | 149:156823d33999 | 14 | * |
| <> | 149:156823d33999 | 15 | * Unless required by applicable law or agreed to in writing, software |
| <> | 149:156823d33999 | 16 | * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT |
| <> | 149:156823d33999 | 17 | * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| <> | 149:156823d33999 | 18 | * See the License for the specific language governing permissions and |
| <> | 149:156823d33999 | 19 | * limitations under the License. |
| <> | 149:156823d33999 | 20 | * |
| <> | 149:156823d33999 | 21 | * This file is part of mbed TLS (https://tls.mbed.org) |
| <> | 149:156823d33999 | 22 | */ |
| <> | 149:156823d33999 | 23 | |
| <> | 149:156823d33999 | 24 | #if defined(MBEDTLS_AES_ALT) |
| <> | 149:156823d33999 | 25 | // Regular implementation |
| <> | 149:156823d33999 | 26 | // |
| <> | 149:156823d33999 | 27 | #ifdef __cplusplus |
| <> | 149:156823d33999 | 28 | extern "C" { |
| <> | 149:156823d33999 | 29 | #endif |
| <> | 149:156823d33999 | 30 | |
| <> | 149:156823d33999 | 31 | /** |
| <> | 149:156823d33999 | 32 | * \brief AES context structure |
| <> | 149:156823d33999 | 33 | * |
| <> | 149:156823d33999 | 34 | * \note buf is able to hold 32 extra bytes, which can be used: |
| <> | 149:156823d33999 | 35 | * - for alignment purposes if VIA padlock is used, and/or |
| <> | 149:156823d33999 | 36 | * - to simplify key expansion in the 256-bit case by |
| <> | 149:156823d33999 | 37 | * generating an extra round key |
| <> | 149:156823d33999 | 38 | */ |
| <> | 149:156823d33999 | 39 | typedef struct |
| <> | 149:156823d33999 | 40 | { |
| <> | 149:156823d33999 | 41 | uint32_t keySize; |
| <> | 149:156823d33999 | 42 | uint32_t encDec; |
| <> | 149:156823d33999 | 43 | uint32_t opMode; |
| <> | 149:156823d33999 | 44 | uint32_t channel; |
| <> | 149:156823d33999 | 45 | uint32_t swapType; |
| <> | 149:156823d33999 | 46 | uint32_t *iv; |
| <> | 149:156823d33999 | 47 | unsigned char prv_iv[16]; |
| <> | 149:156823d33999 | 48 | #if 1 |
| <> | 149:156823d33999 | 49 | uint32_t buf[8]; |
| <> | 149:156823d33999 | 50 | /* For comparsion with software AES for correctness */ |
| <> | 149:156823d33999 | 51 | #else |
| <> | 149:156823d33999 | 52 | uint32_t buf[68]; /*!< unaligned data */ |
| <> | 149:156823d33999 | 53 | int nr; /*!< number of rounds */ |
| <> | 149:156823d33999 | 54 | uint32_t *rk; /*!< AES round keys */ |
| <> | 149:156823d33999 | 55 | #endif |
| <> | 149:156823d33999 | 56 | } |
| <> | 149:156823d33999 | 57 | mbedtls_aes_context; |
| <> | 149:156823d33999 | 58 | |
| <> | 149:156823d33999 | 59 | /** |
| <> | 149:156823d33999 | 60 | * \brief Initialize AES context |
| <> | 149:156823d33999 | 61 | * |
| <> | 149:156823d33999 | 62 | * \param ctx AES context to be initialized |
| <> | 149:156823d33999 | 63 | */ |
| <> | 149:156823d33999 | 64 | void mbedtls_aes_init( mbedtls_aes_context *ctx ); |
| <> | 149:156823d33999 | 65 | |
| <> | 149:156823d33999 | 66 | /** |
| <> | 149:156823d33999 | 67 | * \brief Clear AES context |
| <> | 149:156823d33999 | 68 | * |
| <> | 149:156823d33999 | 69 | * \param ctx AES context to be cleared |
| <> | 149:156823d33999 | 70 | */ |
| <> | 149:156823d33999 | 71 | void mbedtls_aes_free( mbedtls_aes_context *ctx ); |
| <> | 149:156823d33999 | 72 | |
| <> | 149:156823d33999 | 73 | /** |
| <> | 149:156823d33999 | 74 | * \brief AES key schedule (encryption) |
| <> | 149:156823d33999 | 75 | * |
| <> | 149:156823d33999 | 76 | * \param ctx AES context to be initialized |
| <> | 149:156823d33999 | 77 | * \param key encryption key |
| <> | 149:156823d33999 | 78 | * \param keybits must be 128, 192 or 256 |
| <> | 149:156823d33999 | 79 | * |
| <> | 149:156823d33999 | 80 | * \return 0 if successful, or MBEDTLS_ERR_AES_INVALID_KEY_LENGTH |
| <> | 149:156823d33999 | 81 | */ |
| <> | 149:156823d33999 | 82 | int mbedtls_aes_setkey_enc( mbedtls_aes_context *ctx, const unsigned char *key, |
| <> | 149:156823d33999 | 83 | unsigned int keybits ); |
| <> | 149:156823d33999 | 84 | |
| <> | 149:156823d33999 | 85 | /** |
| <> | 149:156823d33999 | 86 | * \brief AES key schedule (decryption) |
| <> | 149:156823d33999 | 87 | * |
| <> | 149:156823d33999 | 88 | * \param ctx AES context to be initialized |
| <> | 149:156823d33999 | 89 | * \param key decryption key |
| <> | 149:156823d33999 | 90 | * \param keybits must be 128, 192 or 256 |
| <> | 149:156823d33999 | 91 | * |
| <> | 149:156823d33999 | 92 | * \return 0 if successful, or MBEDTLS_ERR_AES_INVALID_KEY_LENGTH |
| <> | 149:156823d33999 | 93 | */ |
| <> | 149:156823d33999 | 94 | int mbedtls_aes_setkey_dec( mbedtls_aes_context *ctx, const unsigned char *key, |
| <> | 149:156823d33999 | 95 | unsigned int keybits ); |
| <> | 149:156823d33999 | 96 | |
| <> | 149:156823d33999 | 97 | /** |
| <> | 149:156823d33999 | 98 | * \brief AES-ECB block encryption/decryption |
| <> | 149:156823d33999 | 99 | * |
| <> | 149:156823d33999 | 100 | * \param ctx AES context |
| <> | 149:156823d33999 | 101 | * \param mode MBEDTLS_AES_ENCRYPT or MBEDTLS_AES_DECRYPT |
| <> | 149:156823d33999 | 102 | * \param input 16-byte input block |
| <> | 149:156823d33999 | 103 | * \param output 16-byte output block |
| <> | 149:156823d33999 | 104 | * |
| <> | 149:156823d33999 | 105 | * \return 0 if successful |
| <> | 149:156823d33999 | 106 | */ |
| <> | 149:156823d33999 | 107 | int mbedtls_aes_crypt_ecb( mbedtls_aes_context *ctx, |
| <> | 149:156823d33999 | 108 | int mode, |
| <> | 149:156823d33999 | 109 | const unsigned char input[16], |
| <> | 149:156823d33999 | 110 | unsigned char output[16] ); |
| <> | 149:156823d33999 | 111 | |
| <> | 149:156823d33999 | 112 | #if defined(MBEDTLS_CIPHER_MODE_CBC) |
| <> | 149:156823d33999 | 113 | /** |
| <> | 149:156823d33999 | 114 | * \brief AES-CBC buffer encryption/decryption |
| <> | 149:156823d33999 | 115 | * Length should be a multiple of the block |
| <> | 149:156823d33999 | 116 | * size (16 bytes) |
| <> | 149:156823d33999 | 117 | * |
| <> | 149:156823d33999 | 118 | * \note Upon exit, the content of the IV is updated so that you can |
| <> | 149:156823d33999 | 119 | * call the function same function again on the following |
| <> | 149:156823d33999 | 120 | * block(s) of data and get the same result as if it was |
| <> | 149:156823d33999 | 121 | * encrypted in one call. This allows a "streaming" usage. |
| <> | 149:156823d33999 | 122 | * If on the other hand you need to retain the contents of the |
| <> | 149:156823d33999 | 123 | * IV, you should either save it manually or use the cipher |
| <> | 149:156823d33999 | 124 | * module instead. |
| <> | 149:156823d33999 | 125 | * |
| <> | 149:156823d33999 | 126 | * \param ctx AES context |
| <> | 149:156823d33999 | 127 | * \param mode MBEDTLS_AES_ENCRYPT or MBEDTLS_AES_DECRYPT |
| <> | 149:156823d33999 | 128 | * \param length length of the input data |
| <> | 149:156823d33999 | 129 | * \param iv initialization vector (updated after use) |
| <> | 149:156823d33999 | 130 | * \param input buffer holding the input data |
| <> | 149:156823d33999 | 131 | * \param output buffer holding the output data |
| <> | 149:156823d33999 | 132 | * |
| <> | 149:156823d33999 | 133 | * \return 0 if successful, or MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH |
| <> | 149:156823d33999 | 134 | */ |
| <> | 149:156823d33999 | 135 | int mbedtls_aes_crypt_cbc( mbedtls_aes_context *ctx, |
| <> | 149:156823d33999 | 136 | int mode, |
| <> | 149:156823d33999 | 137 | size_t length, |
| <> | 149:156823d33999 | 138 | unsigned char iv[16], |
| <> | 149:156823d33999 | 139 | const unsigned char *input, |
| <> | 149:156823d33999 | 140 | unsigned char *output ); |
| <> | 149:156823d33999 | 141 | #endif /* MBEDTLS_CIPHER_MODE_CBC */ |
| <> | 149:156823d33999 | 142 | |
| <> | 149:156823d33999 | 143 | #if defined(MBEDTLS_CIPHER_MODE_CFB) |
| <> | 149:156823d33999 | 144 | /** |
| <> | 149:156823d33999 | 145 | * \brief AES-CFB128 buffer encryption/decryption. |
| <> | 149:156823d33999 | 146 | * |
| <> | 149:156823d33999 | 147 | * Note: Due to the nature of CFB you should use the same key schedule for |
| <> | 149:156823d33999 | 148 | * both encryption and decryption. So a context initialized with |
| <> | 149:156823d33999 | 149 | * mbedtls_aes_setkey_enc() for both MBEDTLS_AES_ENCRYPT and MBEDTLS_AES_DECRYPT. |
| <> | 149:156823d33999 | 150 | * |
| <> | 149:156823d33999 | 151 | * \note Upon exit, the content of the IV is updated so that you can |
| <> | 149:156823d33999 | 152 | * call the function same function again on the following |
| <> | 149:156823d33999 | 153 | * block(s) of data and get the same result as if it was |
| <> | 149:156823d33999 | 154 | * encrypted in one call. This allows a "streaming" usage. |
| <> | 149:156823d33999 | 155 | * If on the other hand you need to retain the contents of the |
| <> | 149:156823d33999 | 156 | * IV, you should either save it manually or use the cipher |
| <> | 149:156823d33999 | 157 | * module instead. |
| <> | 149:156823d33999 | 158 | * |
| <> | 149:156823d33999 | 159 | * \param ctx AES context |
| <> | 149:156823d33999 | 160 | * \param mode MBEDTLS_AES_ENCRYPT or MBEDTLS_AES_DECRYPT |
| <> | 149:156823d33999 | 161 | * \param length length of the input data |
| <> | 149:156823d33999 | 162 | * \param iv_off offset in IV (updated after use) |
| <> | 149:156823d33999 | 163 | * \param iv initialization vector (updated after use) |
| <> | 149:156823d33999 | 164 | * \param input buffer holding the input data |
| <> | 149:156823d33999 | 165 | * \param output buffer holding the output data |
| <> | 149:156823d33999 | 166 | * |
| <> | 149:156823d33999 | 167 | * \return 0 if successful |
| <> | 149:156823d33999 | 168 | */ |
| <> | 149:156823d33999 | 169 | int mbedtls_aes_crypt_cfb128( mbedtls_aes_context *ctx, |
| <> | 149:156823d33999 | 170 | int mode, |
| <> | 149:156823d33999 | 171 | size_t length, |
| <> | 149:156823d33999 | 172 | size_t *iv_off, |
| <> | 149:156823d33999 | 173 | unsigned char iv[16], |
| <> | 149:156823d33999 | 174 | const unsigned char *input, |
| <> | 149:156823d33999 | 175 | unsigned char *output ); |
| <> | 149:156823d33999 | 176 | |
| <> | 149:156823d33999 | 177 | /** |
| <> | 149:156823d33999 | 178 | * \brief AES-CFB8 buffer encryption/decryption. |
| <> | 149:156823d33999 | 179 | * |
| <> | 149:156823d33999 | 180 | * Note: Due to the nature of CFB you should use the same key schedule for |
| <> | 149:156823d33999 | 181 | * both encryption and decryption. So a context initialized with |
| <> | 149:156823d33999 | 182 | * mbedtls_aes_setkey_enc() for both MBEDTLS_AES_ENCRYPT and MBEDTLS_AES_DECRYPT. |
| <> | 149:156823d33999 | 183 | * |
| <> | 149:156823d33999 | 184 | * \note Upon exit, the content of the IV is updated so that you can |
| <> | 149:156823d33999 | 185 | * call the function same function again on the following |
| <> | 149:156823d33999 | 186 | * block(s) of data and get the same result as if it was |
| <> | 149:156823d33999 | 187 | * encrypted in one call. This allows a "streaming" usage. |
| <> | 149:156823d33999 | 188 | * If on the other hand you need to retain the contents of the |
| <> | 149:156823d33999 | 189 | * IV, you should either save it manually or use the cipher |
| <> | 149:156823d33999 | 190 | * module instead. |
| <> | 149:156823d33999 | 191 | * |
| <> | 149:156823d33999 | 192 | * \param ctx AES context |
| <> | 149:156823d33999 | 193 | * \param mode MBEDTLS_AES_ENCRYPT or MBEDTLS_AES_DECRYPT |
| <> | 149:156823d33999 | 194 | * \param length length of the input data |
| <> | 149:156823d33999 | 195 | * \param iv initialization vector (updated after use) |
| <> | 149:156823d33999 | 196 | * \param input buffer holding the input data |
| <> | 149:156823d33999 | 197 | * \param output buffer holding the output data |
| <> | 149:156823d33999 | 198 | * |
| <> | 149:156823d33999 | 199 | * \return 0 if successful |
| <> | 149:156823d33999 | 200 | */ |
| <> | 149:156823d33999 | 201 | int mbedtls_aes_crypt_cfb8( mbedtls_aes_context *ctx, |
| <> | 149:156823d33999 | 202 | int mode, |
| <> | 149:156823d33999 | 203 | size_t length, |
| <> | 149:156823d33999 | 204 | unsigned char iv[16], |
| <> | 149:156823d33999 | 205 | const unsigned char *input, |
| <> | 149:156823d33999 | 206 | unsigned char *output ); |
| <> | 149:156823d33999 | 207 | #endif /*MBEDTLS_CIPHER_MODE_CFB */ |
| <> | 149:156823d33999 | 208 | |
| <> | 149:156823d33999 | 209 | #if defined(MBEDTLS_CIPHER_MODE_CTR) |
| <> | 149:156823d33999 | 210 | /** |
| <> | 149:156823d33999 | 211 | * \brief AES-CTR buffer encryption/decryption |
| <> | 149:156823d33999 | 212 | * |
| <> | 149:156823d33999 | 213 | * Warning: You have to keep the maximum use of your counter in mind! |
| <> | 149:156823d33999 | 214 | * |
| <> | 149:156823d33999 | 215 | * Note: Due to the nature of CTR you should use the same key schedule for |
| <> | 149:156823d33999 | 216 | * both encryption and decryption. So a context initialized with |
| <> | 149:156823d33999 | 217 | * mbedtls_aes_setkey_enc() for both MBEDTLS_AES_ENCRYPT and MBEDTLS_AES_DECRYPT. |
| <> | 149:156823d33999 | 218 | * |
| <> | 149:156823d33999 | 219 | * \param ctx AES context |
| <> | 149:156823d33999 | 220 | * \param length The length of the data |
| <> | 149:156823d33999 | 221 | * \param nc_off The offset in the current stream_block (for resuming |
| <> | 149:156823d33999 | 222 | * within current cipher stream). The offset pointer to |
| <> | 149:156823d33999 | 223 | * should be 0 at the start of a stream. |
| <> | 149:156823d33999 | 224 | * \param nonce_counter The 128-bit nonce and counter. |
| <> | 149:156823d33999 | 225 | * \param stream_block The saved stream-block for resuming. Is overwritten |
| <> | 149:156823d33999 | 226 | * by the function. |
| <> | 149:156823d33999 | 227 | * \param input The input data stream |
| <> | 149:156823d33999 | 228 | * \param output The output data stream |
| <> | 149:156823d33999 | 229 | * |
| <> | 149:156823d33999 | 230 | * \return 0 if successful |
| <> | 149:156823d33999 | 231 | */ |
| <> | 149:156823d33999 | 232 | int mbedtls_aes_crypt_ctr( mbedtls_aes_context *ctx, |
| <> | 149:156823d33999 | 233 | size_t length, |
| <> | 149:156823d33999 | 234 | size_t *nc_off, |
| <> | 149:156823d33999 | 235 | unsigned char nonce_counter[16], |
| <> | 149:156823d33999 | 236 | unsigned char stream_block[16], |
| <> | 149:156823d33999 | 237 | const unsigned char *input, |
| <> | 149:156823d33999 | 238 | unsigned char *output ); |
| <> | 149:156823d33999 | 239 | #endif /* MBEDTLS_CIPHER_MODE_CTR */ |
| <> | 149:156823d33999 | 240 | |
| <> | 149:156823d33999 | 241 | /** |
| <> | 149:156823d33999 | 242 | * \brief Internal AES block encryption function |
| <> | 149:156823d33999 | 243 | * (Only exposed to allow overriding it, |
| <> | 149:156823d33999 | 244 | * see MBEDTLS_AES_ENCRYPT_ALT) |
| <> | 149:156823d33999 | 245 | * |
| <> | 149:156823d33999 | 246 | * \param ctx AES context |
| <> | 149:156823d33999 | 247 | * \param input Plaintext block |
| <> | 149:156823d33999 | 248 | * \param output Output (ciphertext) block |
| <> | 149:156823d33999 | 249 | */ |
| <> | 149:156823d33999 | 250 | void mbedtls_aes_encrypt( mbedtls_aes_context *ctx, |
| <> | 149:156823d33999 | 251 | const unsigned char input[16], |
| <> | 149:156823d33999 | 252 | unsigned char output[16] ); |
| <> | 149:156823d33999 | 253 | |
| <> | 149:156823d33999 | 254 | /** |
| <> | 149:156823d33999 | 255 | * \brief Internal AES block decryption function |
| <> | 149:156823d33999 | 256 | * (Only exposed to allow overriding it, |
| <> | 149:156823d33999 | 257 | * see MBEDTLS_AES_DECRYPT_ALT) |
| <> | 149:156823d33999 | 258 | * |
| <> | 149:156823d33999 | 259 | * \param ctx AES context |
| <> | 149:156823d33999 | 260 | * \param input Ciphertext block |
| <> | 149:156823d33999 | 261 | * \param output Output (plaintext) block |
| <> | 149:156823d33999 | 262 | */ |
| <> | 149:156823d33999 | 263 | void mbedtls_aes_decrypt( mbedtls_aes_context *ctx, |
| <> | 149:156823d33999 | 264 | const unsigned char input[16], |
| <> | 149:156823d33999 | 265 | unsigned char output[16] ); |
| <> | 149:156823d33999 | 266 | |
| <> | 149:156823d33999 | 267 | #ifdef __cplusplus |
| <> | 149:156823d33999 | 268 | } |
| <> | 149:156823d33999 | 269 | #endif |
| <> | 149:156823d33999 | 270 | |
| <> | 149:156823d33999 | 271 | |
| <> | 149:156823d33999 | 272 | #endif /* MBEDTLS_AES_ALT */ |
| <> | 149:156823d33999 | 273 | |
| <> | 149:156823d33999 | 274 |