Marco Zecchini
/
Example_RTOS
Rtos API example
Embed:
(wiki syntax)
Show/hide line numbers
aes.h
Go to the documentation of this file.
00001 /** 00002 * \file aes.h 00003 * 00004 * \brief AES block cipher 00005 * 00006 * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved 00007 * SPDX-License-Identifier: Apache-2.0 00008 * 00009 * Licensed under the Apache License, Version 2.0 (the "License"); you may 00010 * not use this file except in compliance with the License. 00011 * You may obtain a copy of the License at 00012 * 00013 * http://www.apache.org/licenses/LICENSE-2.0 00014 * 00015 * Unless required by applicable law or agreed to in writing, software 00016 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT 00017 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 00018 * See the License for the specific language governing permissions and 00019 * limitations under the License. 00020 * 00021 * This file is part of mbed TLS (https://tls.mbed.org) 00022 */ 00023 #ifndef MBEDTLS_AES_H 00024 #define MBEDTLS_AES_H 00025 00026 #if !defined(MBEDTLS_CONFIG_FILE) 00027 #include "config.h" 00028 #else 00029 #include MBEDTLS_CONFIG_FILE 00030 #endif 00031 00032 #include <stddef.h> 00033 #include <stdint.h> 00034 00035 /* padlock.c and aesni.c rely on these values! */ 00036 #define MBEDTLS_AES_ENCRYPT 1 00037 #define MBEDTLS_AES_DECRYPT 0 00038 00039 #define MBEDTLS_ERR_AES_INVALID_KEY_LENGTH -0x0020 /**< Invalid key length. */ 00040 #define MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH -0x0022 /**< Invalid data input length. */ 00041 00042 #if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \ 00043 !defined(inline) && !defined(__cplusplus) 00044 #define inline __inline 00045 #endif 00046 00047 #if !defined(MBEDTLS_AES_ALT) 00048 // Regular implementation 00049 // 00050 00051 #ifdef __cplusplus 00052 extern "C" { 00053 #endif 00054 00055 /** 00056 * \brief AES context structure 00057 * 00058 * \note buf is able to hold 32 extra bytes, which can be used: 00059 * - for alignment purposes if VIA padlock is used, and/or 00060 * - to simplify key expansion in the 256-bit case by 00061 * generating an extra round key 00062 */ 00063 typedef struct 00064 { 00065 int nr ; /*!< number of rounds */ 00066 uint32_t *rk ; /*!< AES round keys */ 00067 uint32_t buf[68]; /*!< unaligned data */ 00068 } 00069 mbedtls_aes_context; 00070 00071 /** 00072 * \brief Initialize AES context 00073 * 00074 * \param ctx AES context to be initialized 00075 */ 00076 void mbedtls_aes_init( mbedtls_aes_context *ctx ); 00077 00078 /** 00079 * \brief Clear AES context 00080 * 00081 * \param ctx AES context to be cleared 00082 */ 00083 void mbedtls_aes_free( mbedtls_aes_context *ctx ); 00084 00085 /** 00086 * \brief AES key schedule (encryption) 00087 * 00088 * \param ctx AES context to be initialized 00089 * \param key encryption key 00090 * \param keybits must be 128, 192 or 256 00091 * 00092 * \return 0 if successful, or MBEDTLS_ERR_AES_INVALID_KEY_LENGTH 00093 */ 00094 int mbedtls_aes_setkey_enc( mbedtls_aes_context *ctx, const unsigned char *key, 00095 unsigned int keybits ); 00096 00097 /** 00098 * \brief AES key schedule (decryption) 00099 * 00100 * \param ctx AES context to be initialized 00101 * \param key decryption key 00102 * \param keybits must be 128, 192 or 256 00103 * 00104 * \return 0 if successful, or MBEDTLS_ERR_AES_INVALID_KEY_LENGTH 00105 */ 00106 int mbedtls_aes_setkey_dec( mbedtls_aes_context *ctx, const unsigned char *key, 00107 unsigned int keybits ); 00108 00109 /** 00110 * \brief AES-ECB block encryption/decryption 00111 * 00112 * \param ctx AES context 00113 * \param mode MBEDTLS_AES_ENCRYPT or MBEDTLS_AES_DECRYPT 00114 * \param input 16-byte input block 00115 * \param output 16-byte output block 00116 * 00117 * \return 0 if successful 00118 */ 00119 int mbedtls_aes_crypt_ecb( mbedtls_aes_context *ctx, 00120 int mode, 00121 const unsigned char input[16], 00122 unsigned char output[16] ); 00123 00124 #if defined(MBEDTLS_CIPHER_MODE_CBC) 00125 /** 00126 * \brief AES-CBC buffer encryption/decryption 00127 * Length should be a multiple of the block 00128 * size (16 bytes) 00129 * 00130 * \note Upon exit, the content of the IV is updated so that you can 00131 * call the function same function again on the following 00132 * block(s) of data and get the same result as if it was 00133 * encrypted in one call. This allows a "streaming" usage. 00134 * If on the other hand you need to retain the contents of the 00135 * IV, you should either save it manually or use the cipher 00136 * module instead. 00137 * 00138 * \param ctx AES context 00139 * \param mode MBEDTLS_AES_ENCRYPT or MBEDTLS_AES_DECRYPT 00140 * \param length length of the input data 00141 * \param iv initialization vector (updated after use) 00142 * \param input buffer holding the input data 00143 * \param output buffer holding the output data 00144 * 00145 * \return 0 if successful, or MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH 00146 */ 00147 int mbedtls_aes_crypt_cbc( mbedtls_aes_context *ctx, 00148 int mode, 00149 size_t length, 00150 unsigned char iv[16], 00151 const unsigned char *input, 00152 unsigned char *output ); 00153 #endif /* MBEDTLS_CIPHER_MODE_CBC */ 00154 00155 #if defined(MBEDTLS_CIPHER_MODE_CFB) 00156 /** 00157 * \brief AES-CFB128 buffer encryption/decryption. 00158 * 00159 * Note: Due to the nature of CFB you should use the same key schedule for 00160 * both encryption and decryption. So a context initialized with 00161 * mbedtls_aes_setkey_enc() for both MBEDTLS_AES_ENCRYPT and MBEDTLS_AES_DECRYPT. 00162 * 00163 * \note Upon exit, the content of the IV is updated so that you can 00164 * call the function same function again on the following 00165 * block(s) of data and get the same result as if it was 00166 * encrypted in one call. This allows a "streaming" usage. 00167 * If on the other hand you need to retain the contents of the 00168 * IV, you should either save it manually or use the cipher 00169 * module instead. 00170 * 00171 * \param ctx AES context 00172 * \param mode MBEDTLS_AES_ENCRYPT or MBEDTLS_AES_DECRYPT 00173 * \param length length of the input data 00174 * \param iv_off offset in IV (updated after use) 00175 * \param iv initialization vector (updated after use) 00176 * \param input buffer holding the input data 00177 * \param output buffer holding the output data 00178 * 00179 * \return 0 if successful 00180 */ 00181 int mbedtls_aes_crypt_cfb128( mbedtls_aes_context *ctx, 00182 int mode, 00183 size_t length, 00184 size_t *iv_off, 00185 unsigned char iv[16], 00186 const unsigned char *input, 00187 unsigned char *output ); 00188 00189 /** 00190 * \brief AES-CFB8 buffer encryption/decryption. 00191 * 00192 * Note: Due to the nature of CFB you should use the same key schedule for 00193 * both encryption and decryption. So a context initialized with 00194 * mbedtls_aes_setkey_enc() for both MBEDTLS_AES_ENCRYPT and MBEDTLS_AES_DECRYPT. 00195 * 00196 * \note Upon exit, the content of the IV is updated so that you can 00197 * call the function same function again on the following 00198 * block(s) of data and get the same result as if it was 00199 * encrypted in one call. This allows a "streaming" usage. 00200 * If on the other hand you need to retain the contents of the 00201 * IV, you should either save it manually or use the cipher 00202 * module instead. 00203 * 00204 * \param ctx AES context 00205 * \param mode MBEDTLS_AES_ENCRYPT or MBEDTLS_AES_DECRYPT 00206 * \param length length of the input data 00207 * \param iv initialization vector (updated after use) 00208 * \param input buffer holding the input data 00209 * \param output buffer holding the output data 00210 * 00211 * \return 0 if successful 00212 */ 00213 int mbedtls_aes_crypt_cfb8( mbedtls_aes_context *ctx, 00214 int mode, 00215 size_t length, 00216 unsigned char iv[16], 00217 const unsigned char *input, 00218 unsigned char *output ); 00219 #endif /*MBEDTLS_CIPHER_MODE_CFB */ 00220 00221 #if defined(MBEDTLS_CIPHER_MODE_CTR) 00222 /** 00223 * \brief AES-CTR buffer encryption/decryption 00224 * 00225 * Warning: You have to keep the maximum use of your counter in mind! 00226 * 00227 * Note: Due to the nature of CTR you should use the same key schedule for 00228 * both encryption and decryption. So a context initialized with 00229 * mbedtls_aes_setkey_enc() for both MBEDTLS_AES_ENCRYPT and MBEDTLS_AES_DECRYPT. 00230 * 00231 * \param ctx AES context 00232 * \param length The length of the data 00233 * \param nc_off The offset in the current stream_block (for resuming 00234 * within current cipher stream). The offset pointer to 00235 * should be 0 at the start of a stream. 00236 * \param nonce_counter The 128-bit nonce and counter. 00237 * \param stream_block The saved stream-block for resuming. Is overwritten 00238 * by the function. 00239 * \param input The input data stream 00240 * \param output The output data stream 00241 * 00242 * \return 0 if successful 00243 */ 00244 int mbedtls_aes_crypt_ctr( mbedtls_aes_context *ctx, 00245 size_t length, 00246 size_t *nc_off, 00247 unsigned char nonce_counter[16], 00248 unsigned char stream_block[16], 00249 const unsigned char *input, 00250 unsigned char *output ); 00251 #endif /* MBEDTLS_CIPHER_MODE_CTR */ 00252 00253 /** 00254 * \brief Internal AES block encryption function 00255 * (Only exposed to allow overriding it, 00256 * see MBEDTLS_AES_ENCRYPT_ALT) 00257 * 00258 * \param ctx AES context 00259 * \param input Plaintext block 00260 * \param output Output (ciphertext) block 00261 * 00262 * \return 0 if successful 00263 */ 00264 int mbedtls_internal_aes_encrypt( mbedtls_aes_context *ctx, 00265 const unsigned char input[16], 00266 unsigned char output[16] ); 00267 00268 /** 00269 * \brief Internal AES block decryption function 00270 * (Only exposed to allow overriding it, 00271 * see MBEDTLS_AES_DECRYPT_ALT) 00272 * 00273 * \param ctx AES context 00274 * \param input Ciphertext block 00275 * \param output Output (plaintext) block 00276 * 00277 * \return 0 if successful 00278 */ 00279 int mbedtls_internal_aes_decrypt( mbedtls_aes_context *ctx, 00280 const unsigned char input[16], 00281 unsigned char output[16] ); 00282 00283 #if !defined(MBEDTLS_DEPRECATED_REMOVED) 00284 #if defined(MBEDTLS_DEPRECATED_WARNING) 00285 #define MBEDTLS_DEPRECATED __attribute__((deprecated)) 00286 #else 00287 #define MBEDTLS_DEPRECATED 00288 #endif 00289 /** 00290 * \brief Deprecated internal AES block encryption function 00291 * without return value. 00292 * 00293 * \deprecated Superseded by mbedtls_aes_encrypt_ext() in 2.5.0 00294 * 00295 * \param ctx AES context 00296 * \param input Plaintext block 00297 * \param output Output (ciphertext) block 00298 */ 00299 MBEDTLS_DEPRECATED void mbedtls_aes_encrypt( mbedtls_aes_context *ctx, 00300 const unsigned char input[16], 00301 unsigned char output[16] ); 00302 00303 /** 00304 * \brief Deprecated internal AES block decryption function 00305 * without return value. 00306 * 00307 * \deprecated Superseded by mbedtls_aes_decrypt_ext() in 2.5.0 00308 * 00309 * \param ctx AES context 00310 * \param input Ciphertext block 00311 * \param output Output (plaintext) block 00312 */ 00313 MBEDTLS_DEPRECATED void mbedtls_aes_decrypt( mbedtls_aes_context *ctx, 00314 const unsigned char input[16], 00315 unsigned char output[16] ); 00316 00317 #undef MBEDTLS_DEPRECATED 00318 #endif /* !MBEDTLS_DEPRECATED_REMOVED */ 00319 00320 #ifdef __cplusplus 00321 } 00322 #endif 00323 00324 #else /* MBEDTLS_AES_ALT */ 00325 #include "aes_alt.h" 00326 #endif /* MBEDTLS_AES_ALT */ 00327 00328 #ifdef __cplusplus 00329 extern "C" { 00330 #endif 00331 00332 /** 00333 * \brief Checkup routine 00334 * 00335 * \return 0 if successful, or 1 if the test failed 00336 */ 00337 int mbedtls_aes_self_test( int verbose ); 00338 00339 #ifdef __cplusplus 00340 } 00341 #endif 00342 00343 #endif /* aes.h */
Generated on Sun Jul 17 2022 08:25:18 by 1.7.2