takashi kadono
/
Nucleo446_SSD1331
Important changes to repositories hosted on mbed.com
Mbed hosted mercurial repositories are deprecated and are due to be permanently deleted in July 2026.
To keep a copy of this software download the repository Zip archive or clone locally using Mercurial.
It is also possible to export all your personal repositories from the account settings page.
Embed:
(wiki syntax)
Show/hide line numbers
cipher.h
Go to the documentation of this file.
00001 /** 00002 * \file cipher.h 00003 * 00004 * \brief This file contains an abstraction interface for use with the cipher 00005 * primitives provided by the library. It provides a common interface to all of 00006 * the available cipher operations. 00007 * 00008 * \author Adriaan de Jong <dejong@fox-it.com> 00009 */ 00010 /* 00011 * Copyright (C) 2006-2018, Arm Limited (or its affiliates), All Rights Reserved 00012 * SPDX-License-Identifier: Apache-2.0 00013 * 00014 * Licensed under the Apache License, Version 2.0 (the "License"); you may 00015 * not use this file except in compliance with the License. 00016 * You may obtain a copy of the License at 00017 * 00018 * http://www.apache.org/licenses/LICENSE-2.0 00019 * 00020 * Unless required by applicable law or agreed to in writing, software 00021 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT 00022 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 00023 * See the License for the specific language governing permissions and 00024 * limitations under the License. 00025 * 00026 * This file is part of Mbed TLS (https://tls.mbed.org) 00027 */ 00028 00029 #ifndef MBEDTLS_CIPHER_H 00030 #define MBEDTLS_CIPHER_H 00031 00032 #if !defined(MBEDTLS_CONFIG_FILE) 00033 #include "config.h" 00034 #else 00035 #include MBEDTLS_CONFIG_FILE 00036 #endif 00037 00038 #include <stddef.h> 00039 00040 #if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CCM_C) || defined(MBEDTLS_CHACHAPOLY_C) 00041 #define MBEDTLS_CIPHER_MODE_AEAD 00042 #endif 00043 00044 #if defined(MBEDTLS_CIPHER_MODE_CBC) 00045 #define MBEDTLS_CIPHER_MODE_WITH_PADDING 00046 #endif 00047 00048 #if defined(MBEDTLS_ARC4_C) || defined(MBEDTLS_CIPHER_NULL_CIPHER) || \ 00049 defined(MBEDTLS_CHACHA20_C) 00050 #define MBEDTLS_CIPHER_MODE_STREAM 00051 #endif 00052 00053 #if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \ 00054 !defined(inline) && !defined(__cplusplus) 00055 #define inline __inline 00056 #endif 00057 00058 #define MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE -0x6080 /**< The selected feature is not available. */ 00059 #define MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA -0x6100 /**< Bad input parameters. */ 00060 #define MBEDTLS_ERR_CIPHER_ALLOC_FAILED -0x6180 /**< Failed to allocate memory. */ 00061 #define MBEDTLS_ERR_CIPHER_INVALID_PADDING -0x6200 /**< Input data contains invalid padding and is rejected. */ 00062 #define MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED -0x6280 /**< Decryption of block requires a full block. */ 00063 #define MBEDTLS_ERR_CIPHER_AUTH_FAILED -0x6300 /**< Authentication failed (for AEAD modes). */ 00064 #define MBEDTLS_ERR_CIPHER_INVALID_CONTEXT -0x6380 /**< The context is invalid. For example, because it was freed. */ 00065 #define MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED -0x6400 /**< Cipher hardware accelerator failed. */ 00066 00067 #define MBEDTLS_CIPHER_VARIABLE_IV_LEN 0x01 /**< Cipher accepts IVs of variable length. */ 00068 #define MBEDTLS_CIPHER_VARIABLE_KEY_LEN 0x02 /**< Cipher accepts keys of variable length. */ 00069 00070 #ifdef __cplusplus 00071 extern "C" { 00072 #endif 00073 00074 /** 00075 * \brief Supported cipher types. 00076 * 00077 * \warning RC4 and DES are considered weak ciphers and their use 00078 * constitutes a security risk. Arm recommends considering stronger 00079 * ciphers instead. 00080 */ 00081 typedef enum { 00082 MBEDTLS_CIPHER_ID_NONE = 0, /**< Placeholder to mark the end of cipher ID lists. */ 00083 MBEDTLS_CIPHER_ID_NULL, /**< The identity cipher, treated as a stream cipher. */ 00084 MBEDTLS_CIPHER_ID_AES, /**< The AES cipher. */ 00085 MBEDTLS_CIPHER_ID_DES, /**< The DES cipher. */ 00086 MBEDTLS_CIPHER_ID_3DES, /**< The Triple DES cipher. */ 00087 MBEDTLS_CIPHER_ID_CAMELLIA, /**< The Camellia cipher. */ 00088 MBEDTLS_CIPHER_ID_BLOWFISH, /**< The Blowfish cipher. */ 00089 MBEDTLS_CIPHER_ID_ARC4, /**< The RC4 cipher. */ 00090 MBEDTLS_CIPHER_ID_ARIA, /**< The Aria cipher. */ 00091 MBEDTLS_CIPHER_ID_CHACHA20, /**< The ChaCha20 cipher. */ 00092 } mbedtls_cipher_id_t; 00093 00094 /** 00095 * \brief Supported {cipher type, cipher mode} pairs. 00096 * 00097 * \warning RC4 and DES are considered weak ciphers and their use 00098 * constitutes a security risk. Arm recommends considering stronger 00099 * ciphers instead. 00100 */ 00101 typedef enum { 00102 MBEDTLS_CIPHER_NONE = 0, /**< Placeholder to mark the end of cipher-pair lists. */ 00103 MBEDTLS_CIPHER_NULL, /**< The identity stream cipher. */ 00104 MBEDTLS_CIPHER_AES_128_ECB, /**< AES cipher with 128-bit ECB mode. */ 00105 MBEDTLS_CIPHER_AES_192_ECB, /**< AES cipher with 192-bit ECB mode. */ 00106 MBEDTLS_CIPHER_AES_256_ECB, /**< AES cipher with 256-bit ECB mode. */ 00107 MBEDTLS_CIPHER_AES_128_CBC, /**< AES cipher with 128-bit CBC mode. */ 00108 MBEDTLS_CIPHER_AES_192_CBC, /**< AES cipher with 192-bit CBC mode. */ 00109 MBEDTLS_CIPHER_AES_256_CBC, /**< AES cipher with 256-bit CBC mode. */ 00110 MBEDTLS_CIPHER_AES_128_CFB128, /**< AES cipher with 128-bit CFB128 mode. */ 00111 MBEDTLS_CIPHER_AES_192_CFB128, /**< AES cipher with 192-bit CFB128 mode. */ 00112 MBEDTLS_CIPHER_AES_256_CFB128, /**< AES cipher with 256-bit CFB128 mode. */ 00113 MBEDTLS_CIPHER_AES_128_CTR, /**< AES cipher with 128-bit CTR mode. */ 00114 MBEDTLS_CIPHER_AES_192_CTR, /**< AES cipher with 192-bit CTR mode. */ 00115 MBEDTLS_CIPHER_AES_256_CTR, /**< AES cipher with 256-bit CTR mode. */ 00116 MBEDTLS_CIPHER_AES_128_GCM, /**< AES cipher with 128-bit GCM mode. */ 00117 MBEDTLS_CIPHER_AES_192_GCM, /**< AES cipher with 192-bit GCM mode. */ 00118 MBEDTLS_CIPHER_AES_256_GCM, /**< AES cipher with 256-bit GCM mode. */ 00119 MBEDTLS_CIPHER_CAMELLIA_128_ECB, /**< Camellia cipher with 128-bit ECB mode. */ 00120 MBEDTLS_CIPHER_CAMELLIA_192_ECB, /**< Camellia cipher with 192-bit ECB mode. */ 00121 MBEDTLS_CIPHER_CAMELLIA_256_ECB, /**< Camellia cipher with 256-bit ECB mode. */ 00122 MBEDTLS_CIPHER_CAMELLIA_128_CBC, /**< Camellia cipher with 128-bit CBC mode. */ 00123 MBEDTLS_CIPHER_CAMELLIA_192_CBC, /**< Camellia cipher with 192-bit CBC mode. */ 00124 MBEDTLS_CIPHER_CAMELLIA_256_CBC, /**< Camellia cipher with 256-bit CBC mode. */ 00125 MBEDTLS_CIPHER_CAMELLIA_128_CFB128, /**< Camellia cipher with 128-bit CFB128 mode. */ 00126 MBEDTLS_CIPHER_CAMELLIA_192_CFB128, /**< Camellia cipher with 192-bit CFB128 mode. */ 00127 MBEDTLS_CIPHER_CAMELLIA_256_CFB128, /**< Camellia cipher with 256-bit CFB128 mode. */ 00128 MBEDTLS_CIPHER_CAMELLIA_128_CTR, /**< Camellia cipher with 128-bit CTR mode. */ 00129 MBEDTLS_CIPHER_CAMELLIA_192_CTR, /**< Camellia cipher with 192-bit CTR mode. */ 00130 MBEDTLS_CIPHER_CAMELLIA_256_CTR, /**< Camellia cipher with 256-bit CTR mode. */ 00131 MBEDTLS_CIPHER_CAMELLIA_128_GCM, /**< Camellia cipher with 128-bit GCM mode. */ 00132 MBEDTLS_CIPHER_CAMELLIA_192_GCM, /**< Camellia cipher with 192-bit GCM mode. */ 00133 MBEDTLS_CIPHER_CAMELLIA_256_GCM, /**< Camellia cipher with 256-bit GCM mode. */ 00134 MBEDTLS_CIPHER_DES_ECB, /**< DES cipher with ECB mode. */ 00135 MBEDTLS_CIPHER_DES_CBC, /**< DES cipher with CBC mode. */ 00136 MBEDTLS_CIPHER_DES_EDE_ECB, /**< DES cipher with EDE ECB mode. */ 00137 MBEDTLS_CIPHER_DES_EDE_CBC, /**< DES cipher with EDE CBC mode. */ 00138 MBEDTLS_CIPHER_DES_EDE3_ECB, /**< DES cipher with EDE3 ECB mode. */ 00139 MBEDTLS_CIPHER_DES_EDE3_CBC, /**< DES cipher with EDE3 CBC mode. */ 00140 MBEDTLS_CIPHER_BLOWFISH_ECB, /**< Blowfish cipher with ECB mode. */ 00141 MBEDTLS_CIPHER_BLOWFISH_CBC, /**< Blowfish cipher with CBC mode. */ 00142 MBEDTLS_CIPHER_BLOWFISH_CFB64, /**< Blowfish cipher with CFB64 mode. */ 00143 MBEDTLS_CIPHER_BLOWFISH_CTR, /**< Blowfish cipher with CTR mode. */ 00144 MBEDTLS_CIPHER_ARC4_128, /**< RC4 cipher with 128-bit mode. */ 00145 MBEDTLS_CIPHER_AES_128_CCM, /**< AES cipher with 128-bit CCM mode. */ 00146 MBEDTLS_CIPHER_AES_192_CCM, /**< AES cipher with 192-bit CCM mode. */ 00147 MBEDTLS_CIPHER_AES_256_CCM, /**< AES cipher with 256-bit CCM mode. */ 00148 MBEDTLS_CIPHER_CAMELLIA_128_CCM, /**< Camellia cipher with 128-bit CCM mode. */ 00149 MBEDTLS_CIPHER_CAMELLIA_192_CCM, /**< Camellia cipher with 192-bit CCM mode. */ 00150 MBEDTLS_CIPHER_CAMELLIA_256_CCM, /**< Camellia cipher with 256-bit CCM mode. */ 00151 MBEDTLS_CIPHER_ARIA_128_ECB, /**< Aria cipher with 128-bit key and ECB mode. */ 00152 MBEDTLS_CIPHER_ARIA_192_ECB, /**< Aria cipher with 192-bit key and ECB mode. */ 00153 MBEDTLS_CIPHER_ARIA_256_ECB, /**< Aria cipher with 256-bit key and ECB mode. */ 00154 MBEDTLS_CIPHER_ARIA_128_CBC, /**< Aria cipher with 128-bit key and CBC mode. */ 00155 MBEDTLS_CIPHER_ARIA_192_CBC, /**< Aria cipher with 192-bit key and CBC mode. */ 00156 MBEDTLS_CIPHER_ARIA_256_CBC, /**< Aria cipher with 256-bit key and CBC mode. */ 00157 MBEDTLS_CIPHER_ARIA_128_CFB128, /**< Aria cipher with 128-bit key and CFB-128 mode. */ 00158 MBEDTLS_CIPHER_ARIA_192_CFB128, /**< Aria cipher with 192-bit key and CFB-128 mode. */ 00159 MBEDTLS_CIPHER_ARIA_256_CFB128, /**< Aria cipher with 256-bit key and CFB-128 mode. */ 00160 MBEDTLS_CIPHER_ARIA_128_CTR, /**< Aria cipher with 128-bit key and CTR mode. */ 00161 MBEDTLS_CIPHER_ARIA_192_CTR, /**< Aria cipher with 192-bit key and CTR mode. */ 00162 MBEDTLS_CIPHER_ARIA_256_CTR, /**< Aria cipher with 256-bit key and CTR mode. */ 00163 MBEDTLS_CIPHER_ARIA_128_GCM, /**< Aria cipher with 128-bit key and GCM mode. */ 00164 MBEDTLS_CIPHER_ARIA_192_GCM, /**< Aria cipher with 192-bit key and GCM mode. */ 00165 MBEDTLS_CIPHER_ARIA_256_GCM, /**< Aria cipher with 256-bit key and GCM mode. */ 00166 MBEDTLS_CIPHER_ARIA_128_CCM, /**< Aria cipher with 128-bit key and CCM mode. */ 00167 MBEDTLS_CIPHER_ARIA_192_CCM, /**< Aria cipher with 192-bit key and CCM mode. */ 00168 MBEDTLS_CIPHER_ARIA_256_CCM, /**< Aria cipher with 256-bit key and CCM mode. */ 00169 MBEDTLS_CIPHER_AES_128_OFB, /**< AES 128-bit cipher in OFB mode. */ 00170 MBEDTLS_CIPHER_AES_192_OFB, /**< AES 192-bit cipher in OFB mode. */ 00171 MBEDTLS_CIPHER_AES_256_OFB, /**< AES 256-bit cipher in OFB mode. */ 00172 MBEDTLS_CIPHER_AES_128_XTS, /**< AES 128-bit cipher in XTS block mode. */ 00173 MBEDTLS_CIPHER_AES_256_XTS, /**< AES 256-bit cipher in XTS block mode. */ 00174 MBEDTLS_CIPHER_CHACHA20, /**< ChaCha20 stream cipher. */ 00175 MBEDTLS_CIPHER_CHACHA20_POLY1305, /**< ChaCha20-Poly1305 AEAD cipher. */ 00176 } mbedtls_cipher_type_t; 00177 00178 /** Supported cipher modes. */ 00179 typedef enum { 00180 MBEDTLS_MODE_NONE = 0, /**< None. */ 00181 MBEDTLS_MODE_ECB, /**< The ECB cipher mode. */ 00182 MBEDTLS_MODE_CBC, /**< The CBC cipher mode. */ 00183 MBEDTLS_MODE_CFB, /**< The CFB cipher mode. */ 00184 MBEDTLS_MODE_OFB, /**< The OFB cipher mode. */ 00185 MBEDTLS_MODE_CTR, /**< The CTR cipher mode. */ 00186 MBEDTLS_MODE_GCM, /**< The GCM cipher mode. */ 00187 MBEDTLS_MODE_STREAM, /**< The stream cipher mode. */ 00188 MBEDTLS_MODE_CCM, /**< The CCM cipher mode. */ 00189 MBEDTLS_MODE_XTS, /**< The XTS cipher mode. */ 00190 MBEDTLS_MODE_CHACHAPOLY, /**< The ChaCha-Poly cipher mode. */ 00191 } mbedtls_cipher_mode_t; 00192 00193 /** Supported cipher padding types. */ 00194 typedef enum { 00195 MBEDTLS_PADDING_PKCS7 = 0, /**< PKCS7 padding (default). */ 00196 MBEDTLS_PADDING_ONE_AND_ZEROS, /**< ISO/IEC 7816-4 padding. */ 00197 MBEDTLS_PADDING_ZEROS_AND_LEN, /**< ANSI X.923 padding. */ 00198 MBEDTLS_PADDING_ZEROS, /**< Zero padding (not reversible). */ 00199 MBEDTLS_PADDING_NONE, /**< Never pad (full blocks only). */ 00200 } mbedtls_cipher_padding_t; 00201 00202 /** Type of operation. */ 00203 typedef enum { 00204 MBEDTLS_OPERATION_NONE = -1, 00205 MBEDTLS_DECRYPT = 0, 00206 MBEDTLS_ENCRYPT, 00207 } mbedtls_operation_t; 00208 00209 enum { 00210 /** Undefined key length. */ 00211 MBEDTLS_KEY_LENGTH_NONE = 0, 00212 /** Key length, in bits (including parity), for DES keys. */ 00213 MBEDTLS_KEY_LENGTH_DES = 64, 00214 /** Key length in bits, including parity, for DES in two-key EDE. */ 00215 MBEDTLS_KEY_LENGTH_DES_EDE = 128, 00216 /** Key length in bits, including parity, for DES in three-key EDE. */ 00217 MBEDTLS_KEY_LENGTH_DES_EDE3 = 192, 00218 }; 00219 00220 /** Maximum length of any IV, in Bytes. */ 00221 #define MBEDTLS_MAX_IV_LENGTH 16 00222 /** Maximum block size of any cipher, in Bytes. */ 00223 #define MBEDTLS_MAX_BLOCK_LENGTH 16 00224 00225 /** 00226 * Base cipher information (opaque struct). 00227 */ 00228 typedef struct mbedtls_cipher_base_t mbedtls_cipher_base_t; 00229 00230 /** 00231 * CMAC context (opaque struct). 00232 */ 00233 typedef struct mbedtls_cmac_context_t mbedtls_cmac_context_t; 00234 00235 /** 00236 * Cipher information. Allows calling cipher functions 00237 * in a generic way. 00238 */ 00239 typedef struct mbedtls_cipher_info_t 00240 { 00241 /** Full cipher identifier. For example, 00242 * MBEDTLS_CIPHER_AES_256_CBC. 00243 */ 00244 mbedtls_cipher_type_t type; 00245 00246 /** The cipher mode. For example, MBEDTLS_MODE_CBC. */ 00247 mbedtls_cipher_mode_t mode; 00248 00249 /** The cipher key length, in bits. This is the 00250 * default length for variable sized ciphers. 00251 * Includes parity bits for ciphers like DES. 00252 */ 00253 unsigned int key_bitlen; 00254 00255 /** Name of the cipher. */ 00256 const char * name; 00257 00258 /** IV or nonce size, in Bytes. 00259 * For ciphers that accept variable IV sizes, 00260 * this is the recommended size. 00261 */ 00262 unsigned int iv_size; 00263 00264 /** Bitflag comprised of MBEDTLS_CIPHER_VARIABLE_IV_LEN and 00265 * MBEDTLS_CIPHER_VARIABLE_KEY_LEN indicating whether the 00266 * cipher supports variable IV or variable key sizes, respectively. 00267 */ 00268 int flags; 00269 00270 /** The block size, in Bytes. */ 00271 unsigned int block_size; 00272 00273 /** Struct for base cipher information and functions. */ 00274 const mbedtls_cipher_base_t *base; 00275 00276 } mbedtls_cipher_info_t; 00277 00278 /** 00279 * Generic cipher context. 00280 */ 00281 typedef struct mbedtls_cipher_context_t 00282 { 00283 /** Information about the associated cipher. */ 00284 const mbedtls_cipher_info_t *cipher_info; 00285 00286 /** Key length to use. */ 00287 int key_bitlen; 00288 00289 /** Operation that the key of the context has been 00290 * initialized for. 00291 */ 00292 mbedtls_operation_t operation; 00293 00294 #if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING) 00295 /** Padding functions to use, if relevant for 00296 * the specific cipher mode. 00297 */ 00298 void (*add_padding)( unsigned char *output, size_t olen, size_t data_len ); 00299 int (*get_padding)( unsigned char *input, size_t ilen, size_t *data_len ); 00300 #endif 00301 00302 /** Buffer for input that has not been processed yet. */ 00303 unsigned char unprocessed_data[MBEDTLS_MAX_BLOCK_LENGTH]; 00304 00305 /** Number of Bytes that have not been processed yet. */ 00306 size_t unprocessed_len; 00307 00308 /** Current IV or NONCE_COUNTER for CTR-mode, data unit (or sector) number 00309 * for XTS-mode. */ 00310 unsigned char iv[MBEDTLS_MAX_IV_LENGTH]; 00311 00312 /** IV size in Bytes, for ciphers with variable-length IVs. */ 00313 size_t iv_size; 00314 00315 /** The cipher-specific context. */ 00316 void *cipher_ctx; 00317 00318 #if defined(MBEDTLS_CMAC_C) 00319 /** CMAC-specific context. */ 00320 mbedtls_cmac_context_t *cmac_ctx; 00321 #endif 00322 } mbedtls_cipher_context_t; 00323 00324 /** 00325 * \brief This function retrieves the list of ciphers supported by the generic 00326 * cipher module. 00327 * 00328 * \return A statically-allocated array of ciphers. The last entry 00329 * is zero. 00330 */ 00331 const int *mbedtls_cipher_list( void ); 00332 00333 /** 00334 * \brief This function retrieves the cipher-information 00335 * structure associated with the given cipher name. 00336 * 00337 * \param cipher_name Name of the cipher to search for. 00338 * 00339 * \return The cipher information structure associated with the 00340 * given \p cipher_name. 00341 * \return NULL if the associated cipher information is not found. 00342 */ 00343 const mbedtls_cipher_info_t *mbedtls_cipher_info_from_string( const char *cipher_name ); 00344 00345 /** 00346 * \brief This function retrieves the cipher-information 00347 * structure associated with the given cipher type. 00348 * 00349 * \param cipher_type Type of the cipher to search for. 00350 * 00351 * \return The cipher information structure associated with the 00352 * given \p cipher_type. 00353 * \return NULL if the associated cipher information is not found. 00354 */ 00355 const mbedtls_cipher_info_t *mbedtls_cipher_info_from_type( const mbedtls_cipher_type_t cipher_type ); 00356 00357 /** 00358 * \brief This function retrieves the cipher-information 00359 * structure associated with the given cipher ID, 00360 * key size and mode. 00361 * 00362 * \param cipher_id The ID of the cipher to search for. For example, 00363 * #MBEDTLS_CIPHER_ID_AES. 00364 * \param key_bitlen The length of the key in bits. 00365 * \param mode The cipher mode. For example, #MBEDTLS_MODE_CBC. 00366 * 00367 * \return The cipher information structure associated with the 00368 * given \p cipher_id. 00369 * \return NULL if the associated cipher information is not found. 00370 */ 00371 const mbedtls_cipher_info_t *mbedtls_cipher_info_from_values( const mbedtls_cipher_id_t cipher_id, 00372 int key_bitlen, 00373 const mbedtls_cipher_mode_t mode ); 00374 00375 /** 00376 * \brief This function initializes a \p cipher_context as NONE. 00377 */ 00378 void mbedtls_cipher_init( mbedtls_cipher_context_t *ctx ); 00379 00380 /** 00381 * \brief This function frees and clears the cipher-specific 00382 * context of \p ctx. Freeing \p ctx itself remains the 00383 * responsibility of the caller. 00384 */ 00385 void mbedtls_cipher_free( mbedtls_cipher_context_t *ctx ); 00386 00387 00388 /** 00389 * \brief This function initializes and fills the cipher-context 00390 * structure with the appropriate values. It also clears 00391 * the structure. 00392 * 00393 * \param ctx The context to initialize. May not be NULL. 00394 * \param cipher_info The cipher to use. 00395 * 00396 * \return \c 0 on success. 00397 * \return #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA on 00398 * parameter-verification failure. 00399 * \return #MBEDTLS_ERR_CIPHER_ALLOC_FAILED if allocation of the 00400 * cipher-specific context fails. 00401 * 00402 * \internal Currently, the function also clears the structure. 00403 * In future versions, the caller will be required to call 00404 * mbedtls_cipher_init() on the structure first. 00405 */ 00406 int mbedtls_cipher_setup( mbedtls_cipher_context_t *ctx, const mbedtls_cipher_info_t *cipher_info ); 00407 00408 /** 00409 * \brief This function returns the block size of the given cipher. 00410 * 00411 * \param ctx The context of the cipher. Must be initialized. 00412 * 00413 * \return The size of the blocks of the cipher. 00414 * \return 0 if \p ctx has not been initialized. 00415 */ 00416 static inline unsigned int mbedtls_cipher_get_block_size( const mbedtls_cipher_context_t *ctx ) 00417 { 00418 if( NULL == ctx || NULL == ctx->cipher_info ) 00419 return 0; 00420 00421 return ctx->cipher_info->block_size; 00422 } 00423 00424 /** 00425 * \brief This function returns the mode of operation for 00426 * the cipher. For example, MBEDTLS_MODE_CBC. 00427 * 00428 * \param ctx The context of the cipher. Must be initialized. 00429 * 00430 * \return The mode of operation. 00431 * \return #MBEDTLS_MODE_NONE if \p ctx has not been initialized. 00432 */ 00433 static inline mbedtls_cipher_mode_t mbedtls_cipher_get_cipher_mode( const mbedtls_cipher_context_t *ctx ) 00434 { 00435 if( NULL == ctx || NULL == ctx->cipher_info ) 00436 return MBEDTLS_MODE_NONE; 00437 00438 return ctx->cipher_info->mode; 00439 } 00440 00441 /** 00442 * \brief This function returns the size of the IV or nonce 00443 * of the cipher, in Bytes. 00444 * 00445 * \param ctx The context of the cipher. Must be initialized. 00446 * 00447 * \return The recommended IV size if no IV has been set. 00448 * \return \c 0 for ciphers not using an IV or a nonce. 00449 * \return The actual size if an IV has been set. 00450 */ 00451 static inline int mbedtls_cipher_get_iv_size( const mbedtls_cipher_context_t *ctx ) 00452 { 00453 if( NULL == ctx || NULL == ctx->cipher_info ) 00454 return 0; 00455 00456 if( ctx->iv_size != 0 ) 00457 return (int) ctx->iv_size; 00458 00459 return (int) ctx->cipher_info->iv_size; 00460 } 00461 00462 /** 00463 * \brief This function returns the type of the given cipher. 00464 * 00465 * \param ctx The context of the cipher. Must be initialized. 00466 * 00467 * \return The type of the cipher. 00468 * \return #MBEDTLS_CIPHER_NONE if \p ctx has not been initialized. 00469 */ 00470 static inline mbedtls_cipher_type_t mbedtls_cipher_get_type( const mbedtls_cipher_context_t *ctx ) 00471 { 00472 if( NULL == ctx || NULL == ctx->cipher_info ) 00473 return MBEDTLS_CIPHER_NONE; 00474 00475 return ctx->cipher_info->type; 00476 } 00477 00478 /** 00479 * \brief This function returns the name of the given cipher 00480 * as a string. 00481 * 00482 * \param ctx The context of the cipher. Must be initialized. 00483 * 00484 * \return The name of the cipher. 00485 * \return NULL if \p ctx has not been not initialized. 00486 */ 00487 static inline const char *mbedtls_cipher_get_name( const mbedtls_cipher_context_t *ctx ) 00488 { 00489 if( NULL == ctx || NULL == ctx->cipher_info ) 00490 return 0; 00491 00492 return ctx->cipher_info->name; 00493 } 00494 00495 /** 00496 * \brief This function returns the key length of the cipher. 00497 * 00498 * \param ctx The context of the cipher. Must be initialized. 00499 * 00500 * \return The key length of the cipher in bits. 00501 * \return #MBEDTLS_KEY_LENGTH_NONE if ctx \p has not been 00502 * initialized. 00503 */ 00504 static inline int mbedtls_cipher_get_key_bitlen( const mbedtls_cipher_context_t *ctx ) 00505 { 00506 if( NULL == ctx || NULL == ctx->cipher_info ) 00507 return MBEDTLS_KEY_LENGTH_NONE; 00508 00509 return (int) ctx->cipher_info->key_bitlen; 00510 } 00511 00512 /** 00513 * \brief This function returns the operation of the given cipher. 00514 * 00515 * \param ctx The context of the cipher. Must be initialized. 00516 * 00517 * \return The type of operation: #MBEDTLS_ENCRYPT or #MBEDTLS_DECRYPT. 00518 * \return #MBEDTLS_OPERATION_NONE if \p ctx has not been initialized. 00519 */ 00520 static inline mbedtls_operation_t mbedtls_cipher_get_operation( const mbedtls_cipher_context_t *ctx ) 00521 { 00522 if( NULL == ctx || NULL == ctx->cipher_info ) 00523 return MBEDTLS_OPERATION_NONE; 00524 00525 return ctx->operation; 00526 } 00527 00528 /** 00529 * \brief This function sets the key to use with the given context. 00530 * 00531 * \param ctx The generic cipher context. May not be NULL. Must have 00532 * been initialized using mbedtls_cipher_info_from_type() 00533 * or mbedtls_cipher_info_from_string(). 00534 * \param key The key to use. 00535 * \param key_bitlen The key length to use, in bits. 00536 * \param operation The operation that the key will be used for: 00537 * #MBEDTLS_ENCRYPT or #MBEDTLS_DECRYPT. 00538 * 00539 * \return \c 0 on success. 00540 * \return #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA on 00541 * parameter-verification failure. 00542 * \return A cipher-specific error code on failure. 00543 */ 00544 int mbedtls_cipher_setkey( mbedtls_cipher_context_t *ctx, const unsigned char *key, 00545 int key_bitlen, const mbedtls_operation_t operation ); 00546 00547 #if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING) 00548 /** 00549 * \brief This function sets the padding mode, for cipher modes 00550 * that use padding. 00551 * 00552 * The default passing mode is PKCS7 padding. 00553 * 00554 * \param ctx The generic cipher context. 00555 * \param mode The padding mode. 00556 * 00557 * \return \c 0 on success. 00558 * \return #MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE 00559 * if the selected padding mode is not supported. 00560 * \return #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA if the cipher mode 00561 * does not support padding. 00562 */ 00563 int mbedtls_cipher_set_padding_mode( mbedtls_cipher_context_t *ctx, mbedtls_cipher_padding_t mode ); 00564 #endif /* MBEDTLS_CIPHER_MODE_WITH_PADDING */ 00565 00566 /** 00567 * \brief This function sets the initialization vector (IV) 00568 * or nonce. 00569 * 00570 * \note Some ciphers do not use IVs nor nonce. For these 00571 * ciphers, this function has no effect. 00572 * 00573 * \param ctx The generic cipher context. 00574 * \param iv The IV to use, or NONCE_COUNTER for CTR-mode ciphers. 00575 * \param iv_len The IV length for ciphers with variable-size IV. 00576 * This parameter is discarded by ciphers with fixed-size IV. 00577 * 00578 * \return \c 0 on success. 00579 * \return #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA on 00580 * parameter-verification failure. 00581 */ 00582 int mbedtls_cipher_set_iv( mbedtls_cipher_context_t *ctx, 00583 const unsigned char *iv, size_t iv_len ); 00584 00585 /** 00586 * \brief This function resets the cipher state. 00587 * 00588 * \param ctx The generic cipher context. 00589 * 00590 * \return \c 0 on success. 00591 * \return #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA on 00592 * parameter-verification failure. 00593 */ 00594 int mbedtls_cipher_reset( mbedtls_cipher_context_t *ctx ); 00595 00596 #if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C) 00597 /** 00598 * \brief This function adds additional data for AEAD ciphers. 00599 * Currently supported with GCM and ChaCha20+Poly1305. 00600 * Must be called exactly once, after mbedtls_cipher_reset(). 00601 * 00602 * \param ctx The generic cipher context. 00603 * \param ad The additional data to use. 00604 * \param ad_len the Length of \p ad. 00605 * 00606 * \return \c 0 on success. 00607 * \return A specific error code on failure. 00608 */ 00609 int mbedtls_cipher_update_ad( mbedtls_cipher_context_t *ctx, 00610 const unsigned char *ad, size_t ad_len ); 00611 #endif /* MBEDTLS_GCM_C || MBEDTLS_CHACHAPOLY_C */ 00612 00613 /** 00614 * \brief The generic cipher update function. It encrypts or 00615 * decrypts using the given cipher context. Writes as 00616 * many block-sized blocks of data as possible to output. 00617 * Any data that cannot be written immediately is either 00618 * added to the next block, or flushed when 00619 * mbedtls_cipher_finish() is called. 00620 * Exception: For MBEDTLS_MODE_ECB, expects a single block 00621 * in size. For example, 16 Bytes for AES. 00622 * 00623 * \note If the underlying cipher is used in GCM mode, all calls 00624 * to this function, except for the last one before 00625 * mbedtls_cipher_finish(), must have \p ilen as a 00626 * multiple of the block size of the cipher. 00627 * 00628 * \param ctx The generic cipher context. 00629 * \param input The buffer holding the input data. 00630 * \param ilen The length of the input data. 00631 * \param output The buffer for the output data. Must be able to hold at 00632 * least \p ilen + block_size. Must not be the same buffer 00633 * as input. 00634 * \param olen The length of the output data, to be updated with the 00635 * actual number of Bytes written. 00636 * 00637 * \return \c 0 on success. 00638 * \return #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA on 00639 * parameter-verification failure. 00640 * \return #MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE on an 00641 * unsupported mode for a cipher. 00642 * \return A cipher-specific error code on failure. 00643 */ 00644 int mbedtls_cipher_update( mbedtls_cipher_context_t *ctx, const unsigned char *input, 00645 size_t ilen, unsigned char *output, size_t *olen ); 00646 00647 /** 00648 * \brief The generic cipher finalization function. If data still 00649 * needs to be flushed from an incomplete block, the data 00650 * contained in it is padded to the size of 00651 * the last block, and written to the \p output buffer. 00652 * 00653 * \param ctx The generic cipher context. 00654 * \param output The buffer to write data to. Needs block_size available. 00655 * \param olen The length of the data written to the \p output buffer. 00656 * 00657 * \return \c 0 on success. 00658 * \return #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA on 00659 * parameter-verification failure. 00660 * \return #MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED on decryption 00661 * expecting a full block but not receiving one. 00662 * \return #MBEDTLS_ERR_CIPHER_INVALID_PADDING on invalid padding 00663 * while decrypting. 00664 * \return A cipher-specific error code on failure. 00665 */ 00666 int mbedtls_cipher_finish( mbedtls_cipher_context_t *ctx, 00667 unsigned char *output, size_t *olen ); 00668 00669 #if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C) 00670 /** 00671 * \brief This function writes a tag for AEAD ciphers. 00672 * Currently supported with GCM and ChaCha20+Poly1305. 00673 * Must be called after mbedtls_cipher_finish(). 00674 * 00675 * \param ctx The generic cipher context. 00676 * \param tag The buffer to write the tag to. 00677 * \param tag_len The length of the tag to write. 00678 * 00679 * \return \c 0 on success. 00680 * \return A specific error code on failure. 00681 */ 00682 int mbedtls_cipher_write_tag( mbedtls_cipher_context_t *ctx, 00683 unsigned char *tag, size_t tag_len ); 00684 00685 /** 00686 * \brief This function checks the tag for AEAD ciphers. 00687 * Currently supported with GCM and ChaCha20+Poly1305. 00688 * Must be called after mbedtls_cipher_finish(). 00689 * 00690 * \param ctx The generic cipher context. 00691 * \param tag The buffer holding the tag. 00692 * \param tag_len The length of the tag to check. 00693 * 00694 * \return \c 0 on success. 00695 * \return A specific error code on failure. 00696 */ 00697 int mbedtls_cipher_check_tag( mbedtls_cipher_context_t *ctx, 00698 const unsigned char *tag, size_t tag_len ); 00699 #endif /* MBEDTLS_GCM_C || MBEDTLS_CHACHAPOLY_C */ 00700 00701 /** 00702 * \brief The generic all-in-one encryption/decryption function, 00703 * for all ciphers except AEAD constructs. 00704 * 00705 * \param ctx The generic cipher context. 00706 * \param iv The IV to use, or NONCE_COUNTER for CTR-mode ciphers. 00707 * \param iv_len The IV length for ciphers with variable-size IV. 00708 * This parameter is discarded by ciphers with fixed-size 00709 * IV. 00710 * \param input The buffer holding the input data. 00711 * \param ilen The length of the input data. 00712 * \param output The buffer for the output data. Must be able to hold at 00713 * least \p ilen + block_size. Must not be the same buffer 00714 * as input. 00715 * \param olen The length of the output data, to be updated with the 00716 * actual number of Bytes written. 00717 * 00718 * \note Some ciphers do not use IVs nor nonce. For these 00719 * ciphers, use \p iv = NULL and \p iv_len = 0. 00720 * 00721 * \return \c 0 on success. 00722 * \return #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA on 00723 * parameter-verification failure. 00724 * \return #MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED on decryption 00725 * expecting a full block but not receiving one. 00726 * \return #MBEDTLS_ERR_CIPHER_INVALID_PADDING on invalid padding 00727 * while decrypting. 00728 * \return A cipher-specific error code on failure. 00729 */ 00730 int mbedtls_cipher_crypt( mbedtls_cipher_context_t *ctx, 00731 const unsigned char *iv, size_t iv_len, 00732 const unsigned char *input, size_t ilen, 00733 unsigned char *output, size_t *olen ); 00734 00735 #if defined(MBEDTLS_CIPHER_MODE_AEAD) 00736 /** 00737 * \brief The generic autenticated encryption (AEAD) function. 00738 * 00739 * \param ctx The generic cipher context. 00740 * \param iv The IV to use, or NONCE_COUNTER for CTR-mode ciphers. 00741 * \param iv_len The IV length for ciphers with variable-size IV. 00742 * This parameter is discarded by ciphers with fixed-size IV. 00743 * \param ad The additional data to authenticate. 00744 * \param ad_len The length of \p ad. 00745 * \param input The buffer holding the input data. 00746 * \param ilen The length of the input data. 00747 * \param output The buffer for the output data. 00748 * Must be able to hold at least \p ilen. 00749 * \param olen The length of the output data, to be updated with the 00750 * actual number of Bytes written. 00751 * \param tag The buffer for the authentication tag. 00752 * \param tag_len The desired length of the authentication tag. 00753 * 00754 * \return \c 0 on success. 00755 * \return #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA on 00756 * parameter-verification failure. 00757 * \return A cipher-specific error code on failure. 00758 */ 00759 int mbedtls_cipher_auth_encrypt( mbedtls_cipher_context_t *ctx, 00760 const unsigned char *iv, size_t iv_len, 00761 const unsigned char *ad, size_t ad_len, 00762 const unsigned char *input, size_t ilen, 00763 unsigned char *output, size_t *olen, 00764 unsigned char *tag, size_t tag_len ); 00765 00766 /** 00767 * \brief The generic autenticated decryption (AEAD) function. 00768 * 00769 * \note If the data is not authentic, then the output buffer 00770 * is zeroed out to prevent the unauthentic plaintext being 00771 * used, making this interface safer. 00772 * 00773 * \param ctx The generic cipher context. 00774 * \param iv The IV to use, or NONCE_COUNTER for CTR-mode ciphers. 00775 * \param iv_len The IV length for ciphers with variable-size IV. 00776 * This parameter is discarded by ciphers with fixed-size IV. 00777 * \param ad The additional data to be authenticated. 00778 * \param ad_len The length of \p ad. 00779 * \param input The buffer holding the input data. 00780 * \param ilen The length of the input data. 00781 * \param output The buffer for the output data. 00782 * Must be able to hold at least \p ilen. 00783 * \param olen The length of the output data, to be updated with the 00784 * actual number of Bytes written. 00785 * \param tag The buffer holding the authentication tag. 00786 * \param tag_len The length of the authentication tag. 00787 * 00788 * \return \c 0 on success. 00789 * \return #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA on 00790 * parameter-verification failure. 00791 * \return #MBEDTLS_ERR_CIPHER_AUTH_FAILED if data is not authentic. 00792 * \return A cipher-specific error code on failure. 00793 */ 00794 int mbedtls_cipher_auth_decrypt( mbedtls_cipher_context_t *ctx, 00795 const unsigned char *iv, size_t iv_len, 00796 const unsigned char *ad, size_t ad_len, 00797 const unsigned char *input, size_t ilen, 00798 unsigned char *output, size_t *olen, 00799 const unsigned char *tag, size_t tag_len ); 00800 #endif /* MBEDTLS_CIPHER_MODE_AEAD */ 00801 00802 #ifdef __cplusplus 00803 } 00804 #endif 00805 00806 #endif /* MBEDTLS_CIPHER_H */
Generated on Tue Jul 12 2022 13:53:04 by
1.7.2