takashi kadono / Mbed OS Nucleo_446

Important changes to repositories hosted on mbed.com

Mbed hosted mercurial repositories are deprecated and are due to be permanently deleted in July 2026.

To keep a copy of this software download the repository Zip archive or clone locally using Mercurial.

It is also possible to export all your personal repositories from the account settings page.

Dependencies:   ssd1331

Embed: (wiki syntax)

« Back to documentation index

Show/hide line numbers chacha20.h Source File

chacha20.h

Go to the documentation of this file.
00001 /**
00002  * \file chacha20.h
00003  *
00004  * \brief   This file contains ChaCha20 definitions and functions.
00005  *
00006  *          ChaCha20 is a stream cipher that can encrypt and decrypt
00007  *          information. ChaCha was created by Daniel Bernstein as a variant of
00008  *          its Salsa cipher https://cr.yp.to/chacha/chacha-20080128.pdf
00009  *          ChaCha20 is the variant with 20 rounds, that was also standardized
00010  *          in RFC 7539.
00011  *
00012  * \author Daniel King <damaki.gh@gmail.com>
00013  */
00014 
00015 /*  Copyright (C) 2006-2018, Arm Limited (or its affiliates), All Rights Reserved.
00016  *  SPDX-License-Identifier: Apache-2.0
00017  *
00018  *  Licensed under the Apache License, Version 2.0 (the "License"); you may
00019  *  not use this file except in compliance with the License.
00020  *  You may obtain a copy of the License at
00021  *
00022  *  http://www.apache.org/licenses/LICENSE-2.0
00023  *
00024  *  Unless required by applicable law or agreed to in writing, software
00025  *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
00026  *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
00027  *  See the License for the specific language governing permissions and
00028  *  limitations under the License.
00029  *
00030  *  This file is part of Mbed TLS (https://tls.mbed.org)
00031  */
00032 
00033 #ifndef MBEDTLS_CHACHA20_H
00034 #define MBEDTLS_CHACHA20_H
00035 
00036 #if !defined(MBEDTLS_CONFIG_FILE)
00037 #include "config.h"
00038 #else
00039 #include MBEDTLS_CONFIG_FILE
00040 #endif
00041 
00042 #include <stdint.h>
00043 #include <stddef.h>
00044 
00045 #define MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA         -0x0051 /**< Invalid input parameter(s). */
00046 #define MBEDTLS_ERR_CHACHA20_FEATURE_UNAVAILABLE    -0x0053 /**< Feature not available. For example, s part of the API is not implemented. */
00047 #define MBEDTLS_ERR_CHACHA20_HW_ACCEL_FAILED        -0x0055  /**< Chacha20 hardware accelerator failed. */
00048 
00049 #ifdef __cplusplus
00050 extern "C" {
00051 #endif
00052 
00053 #if !defined(MBEDTLS_CHACHA20_ALT)
00054 
00055 typedef struct mbedtls_chacha20_context
00056 {
00057     uint32_t state[16];          /*! The state (before round operations). */
00058     uint8_t  keystream8[64];     /*! Leftover keystream bytes. */
00059     size_t keystream_bytes_used; /*! Number of keystream bytes already used. */
00060 }
00061 mbedtls_chacha20_context;
00062 
00063 #else  /* MBEDTLS_CHACHA20_ALT */
00064 #include "chacha20_alt.h"
00065 #endif /* MBEDTLS_CHACHA20_ALT */
00066 
00067 /**
00068  * \brief           This function initializes the specified ChaCha20 context.
00069  *
00070  *                  It must be the first API called before using
00071  *                  the context.
00072  *
00073  *                  It is usually followed by calls to
00074  *                  \c mbedtls_chacha20_setkey() and
00075  *                  \c mbedtls_chacha20_starts(), then one or more calls to
00076  *                  to \c mbedtls_chacha20_update(), and finally to
00077  *                  \c mbedtls_chacha20_free().
00078  *
00079  * \param ctx       The ChaCha20 context to initialize.
00080  */
00081 void mbedtls_chacha20_init( mbedtls_chacha20_context *ctx );
00082 
00083 /**
00084  * \brief           This function releases and clears the specified ChaCha20 context.
00085  *
00086  * \param ctx       The ChaCha20 context to clear.
00087  */
00088 void mbedtls_chacha20_free( mbedtls_chacha20_context *ctx );
00089 
00090 /**
00091  * \brief           This function sets the encryption/decryption key.
00092  *
00093  * \note            After using this function, you must also call
00094  *                  \c mbedtls_chacha20_starts() to set a nonce before you
00095  *                  start encrypting/decrypting data with
00096  *                  \c mbedtls_chacha_update().
00097  *
00098  * \param ctx       The ChaCha20 context to which the key should be bound.
00099  * \param key       The encryption/decryption key. Must be 32 bytes in length.
00100  *
00101  * \return          \c 0 on success.
00102  * \return          #MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA if ctx or key is NULL.
00103  */
00104 int mbedtls_chacha20_setkey( mbedtls_chacha20_context *ctx,
00105                              const unsigned char key[32] );
00106 
00107 /**
00108  * \brief           This function sets the nonce and initial counter value.
00109  *
00110  * \note            A ChaCha20 context can be re-used with the same key by
00111  *                  calling this function to change the nonce.
00112  *
00113  * \warning         You must never use the same nonce twice with the same key.
00114  *                  This would void any confidentiality guarantees for the
00115  *                  messages encrypted with the same nonce and key.
00116  *
00117  * \param ctx       The ChaCha20 context to which the nonce should be bound.
00118  * \param nonce     The nonce. Must be 12 bytes in size.
00119  * \param counter   The initial counter value. This is usually 0.
00120  *
00121  * \return          \c 0 on success.
00122  * \return          #MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA if ctx or nonce is
00123  *                  NULL.
00124  */
00125 int mbedtls_chacha20_starts( mbedtls_chacha20_context* ctx,
00126                              const unsigned char nonce[12],
00127                              uint32_t counter );
00128 
00129 /**
00130  * \brief           This function encrypts or decrypts data.
00131  *
00132  *                  Since ChaCha20 is a stream cipher, the same operation is
00133  *                  used for encrypting and decrypting data.
00134  *
00135  * \note            The \p input and \p output pointers must either be equal or
00136  *                  point to non-overlapping buffers.
00137  *
00138  * \note            \c mbedtls_chacha20_setkey() and
00139  *                  \c mbedtls_chacha20_starts() must be called at least once
00140  *                  to setup the context before this function can be called.
00141  *
00142  * \note            This function can be called multiple times in a row in
00143  *                  order to encrypt of decrypt data piecewise with the same
00144  *                  key and nonce.
00145  *
00146  * \param ctx       The ChaCha20 context to use for encryption or decryption.
00147  * \param size      The length of the input data in bytes.
00148  * \param input     The buffer holding the input data.
00149  *                  This pointer can be NULL if size == 0.
00150  * \param output    The buffer holding the output data.
00151  *                  Must be able to hold \p size bytes.
00152  *                  This pointer can be NULL if size == 0.
00153  *
00154  * \return          \c 0 on success.
00155  * \return          #MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA if the ctx, input, or
00156  *                  output pointers are NULL.
00157  */
00158 int mbedtls_chacha20_update( mbedtls_chacha20_context *ctx,
00159                              size_t size,
00160                              const unsigned char *input,
00161                              unsigned char *output );
00162 
00163 /**
00164  * \brief           This function encrypts or decrypts data with ChaCha20 and
00165  *                  the given key and nonce.
00166  *
00167  *                  Since ChaCha20 is a stream cipher, the same operation is
00168  *                  used for encrypting and decrypting data.
00169  *
00170  * \warning         You must never use the same (key, nonce) pair more than
00171  *                  once. This would void any confidentiality guarantees for
00172  *                  the messages encrypted with the same nonce and key.
00173  *
00174  * \note            The \p input and \p output pointers must either be equal or
00175  *                  point to non-overlapping buffers.
00176  *
00177  * \param key       The encryption/decryption key. Must be 32 bytes in length.
00178  * \param nonce     The nonce. Must be 12 bytes in size.
00179  * \param counter   The initial counter value. This is usually 0.
00180  * \param size      The length of the input data in bytes.
00181  * \param input     The buffer holding the input data.
00182  *                  This pointer can be NULL if size == 0.
00183  * \param output    The buffer holding the output data.
00184  *                  Must be able to hold \p size bytes.
00185  *                  This pointer can be NULL if size == 0.
00186  *
00187  * \return          \c 0 on success.
00188  * \return          #MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA if key, nonce, input,
00189  *                  or output is NULL.
00190  */
00191 int mbedtls_chacha20_crypt( const unsigned char key[32],
00192                             const unsigned char nonce[12],
00193                             uint32_t counter,
00194                             size_t size,
00195                             const unsigned char* input,
00196                             unsigned char* output );
00197 
00198 #if defined(MBEDTLS_SELF_TEST)
00199 /**
00200  * \brief           The ChaCha20 checkup routine.
00201  *
00202  * \return          \c 0 on success.
00203  * \return          \c 1 on failure.
00204  */
00205 int mbedtls_chacha20_self_test( int verbose );
00206 #endif /* MBEDTLS_SELF_TEST */
00207 
00208 #ifdef __cplusplus
00209 }
00210 #endif
00211 
00212 #endif /* MBEDTLS_CHACHA20_H */
Generated on Tue Aug 9 2022 00:37:04 by  doxygen 1.7.2