Austin Blackstone / Mbed 2 deprecated client-lwip-lightswitch-demo-expanded

mbed client lightswitch demo

Dependencies:   mbed Socket lwip-eth lwip-sys lwip

Fork of mbed-client-classic-example-lwip by Austin Blackstone

mbedtls/mbedtls/aes.h@11:cada08fc8a70, 2016-06-09 (annotated)

Committer:
mbedAustin
Date:
Thu Jun 09 17:08:36 2016 +0000
Revision:
11:cada08fc8a70
Commit for public Consumption

Who changed what in which revision?

UserRevisionLine numberNew contents of line
mbedAustin 11:cada08fc8a70 1 /**
mbedAustin 11:cada08fc8a70 2 * \file aes.h
mbedAustin 11:cada08fc8a70 3 *
mbedAustin 11:cada08fc8a70 4 * \brief AES block cipher
mbedAustin 11:cada08fc8a70 5 *
mbedAustin 11:cada08fc8a70 6 * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
mbedAustin 11:cada08fc8a70 7 * SPDX-License-Identifier: Apache-2.0
mbedAustin 11:cada08fc8a70 8 *
mbedAustin 11:cada08fc8a70 9 * Licensed under the Apache License, Version 2.0 (the "License"); you may
mbedAustin 11:cada08fc8a70 10 * not use this file except in compliance with the License.
mbedAustin 11:cada08fc8a70 11 * You may obtain a copy of the License at
mbedAustin 11:cada08fc8a70 12 *
mbedAustin 11:cada08fc8a70 13 * http://www.apache.org/licenses/LICENSE-2.0
mbedAustin 11:cada08fc8a70 14 *
mbedAustin 11:cada08fc8a70 15 * Unless required by applicable law or agreed to in writing, software
mbedAustin 11:cada08fc8a70 16 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
mbedAustin 11:cada08fc8a70 17 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
mbedAustin 11:cada08fc8a70 18 * See the License for the specific language governing permissions and
mbedAustin 11:cada08fc8a70 19 * limitations under the License.
mbedAustin 11:cada08fc8a70 20 *
mbedAustin 11:cada08fc8a70 21 * This file is part of mbed TLS (https://tls.mbed.org)
mbedAustin 11:cada08fc8a70 22 */
mbedAustin 11:cada08fc8a70 23 #ifndef MBEDTLS_AES_H
mbedAustin 11:cada08fc8a70 24 #define MBEDTLS_AES_H
mbedAustin 11:cada08fc8a70 25
mbedAustin 11:cada08fc8a70 26 #if !defined(MBEDTLS_CONFIG_FILE)
mbedAustin 11:cada08fc8a70 27 #include "config.h"
mbedAustin 11:cada08fc8a70 28 #else
mbedAustin 11:cada08fc8a70 29 #include MBEDTLS_CONFIG_FILE
mbedAustin 11:cada08fc8a70 30 #endif
mbedAustin 11:cada08fc8a70 31
mbedAustin 11:cada08fc8a70 32 #include <stddef.h>
mbedAustin 11:cada08fc8a70 33 #include <stdint.h>
mbedAustin 11:cada08fc8a70 34
mbedAustin 11:cada08fc8a70 35 /* padlock.c and aesni.c rely on these values! */
mbedAustin 11:cada08fc8a70 36 #define MBEDTLS_AES_ENCRYPT 1
mbedAustin 11:cada08fc8a70 37 #define MBEDTLS_AES_DECRYPT 0
mbedAustin 11:cada08fc8a70 38
mbedAustin 11:cada08fc8a70 39 #define MBEDTLS_ERR_AES_INVALID_KEY_LENGTH -0x0020 /**< Invalid key length. */
mbedAustin 11:cada08fc8a70 40 #define MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH -0x0022 /**< Invalid data input length. */
mbedAustin 11:cada08fc8a70 41
mbedAustin 11:cada08fc8a70 42 #if !defined(MBEDTLS_AES_ALT)
mbedAustin 11:cada08fc8a70 43 // Regular implementation
mbedAustin 11:cada08fc8a70 44 //
mbedAustin 11:cada08fc8a70 45
mbedAustin 11:cada08fc8a70 46 #ifdef __cplusplus
mbedAustin 11:cada08fc8a70 47 extern "C" {
mbedAustin 11:cada08fc8a70 48 #endif
mbedAustin 11:cada08fc8a70 49
mbedAustin 11:cada08fc8a70 50 /**
mbedAustin 11:cada08fc8a70 51 * \brief AES context structure
mbedAustin 11:cada08fc8a70 52 *
mbedAustin 11:cada08fc8a70 53 * \note buf is able to hold 32 extra bytes, which can be used:
mbedAustin 11:cada08fc8a70 54 * - for alignment purposes if VIA padlock is used, and/or
mbedAustin 11:cada08fc8a70 55 * - to simplify key expansion in the 256-bit case by
mbedAustin 11:cada08fc8a70 56 * generating an extra round key
mbedAustin 11:cada08fc8a70 57 */
mbedAustin 11:cada08fc8a70 58 typedef struct
mbedAustin 11:cada08fc8a70 59 {
mbedAustin 11:cada08fc8a70 60 int nr; /*!< number of rounds */
mbedAustin 11:cada08fc8a70 61 uint32_t *rk; /*!< AES round keys */
mbedAustin 11:cada08fc8a70 62 uint32_t buf[68]; /*!< unaligned data */
mbedAustin 11:cada08fc8a70 63 }
mbedAustin 11:cada08fc8a70 64 mbedtls_aes_context;
mbedAustin 11:cada08fc8a70 65
mbedAustin 11:cada08fc8a70 66 /**
mbedAustin 11:cada08fc8a70 67 * \brief Initialize AES context
mbedAustin 11:cada08fc8a70 68 *
mbedAustin 11:cada08fc8a70 69 * \param ctx AES context to be initialized
mbedAustin 11:cada08fc8a70 70 */
mbedAustin 11:cada08fc8a70 71 void mbedtls_aes_init( mbedtls_aes_context *ctx );
mbedAustin 11:cada08fc8a70 72
mbedAustin 11:cada08fc8a70 73 /**
mbedAustin 11:cada08fc8a70 74 * \brief Clear AES context
mbedAustin 11:cada08fc8a70 75 *
mbedAustin 11:cada08fc8a70 76 * \param ctx AES context to be cleared
mbedAustin 11:cada08fc8a70 77 */
mbedAustin 11:cada08fc8a70 78 void mbedtls_aes_free( mbedtls_aes_context *ctx );
mbedAustin 11:cada08fc8a70 79
mbedAustin 11:cada08fc8a70 80 /**
mbedAustin 11:cada08fc8a70 81 * \brief AES key schedule (encryption)
mbedAustin 11:cada08fc8a70 82 *
mbedAustin 11:cada08fc8a70 83 * \param ctx AES context to be initialized
mbedAustin 11:cada08fc8a70 84 * \param key encryption key
mbedAustin 11:cada08fc8a70 85 * \param keybits must be 128, 192 or 256
mbedAustin 11:cada08fc8a70 86 *
mbedAustin 11:cada08fc8a70 87 * \return 0 if successful, or MBEDTLS_ERR_AES_INVALID_KEY_LENGTH
mbedAustin 11:cada08fc8a70 88 */
mbedAustin 11:cada08fc8a70 89 int mbedtls_aes_setkey_enc( mbedtls_aes_context *ctx, const unsigned char *key,
mbedAustin 11:cada08fc8a70 90 unsigned int keybits );
mbedAustin 11:cada08fc8a70 91
mbedAustin 11:cada08fc8a70 92 /**
mbedAustin 11:cada08fc8a70 93 * \brief AES key schedule (decryption)
mbedAustin 11:cada08fc8a70 94 *
mbedAustin 11:cada08fc8a70 95 * \param ctx AES context to be initialized
mbedAustin 11:cada08fc8a70 96 * \param key decryption key
mbedAustin 11:cada08fc8a70 97 * \param keybits must be 128, 192 or 256
mbedAustin 11:cada08fc8a70 98 *
mbedAustin 11:cada08fc8a70 99 * \return 0 if successful, or MBEDTLS_ERR_AES_INVALID_KEY_LENGTH
mbedAustin 11:cada08fc8a70 100 */
mbedAustin 11:cada08fc8a70 101 int mbedtls_aes_setkey_dec( mbedtls_aes_context *ctx, const unsigned char *key,
mbedAustin 11:cada08fc8a70 102 unsigned int keybits );
mbedAustin 11:cada08fc8a70 103
mbedAustin 11:cada08fc8a70 104 /**
mbedAustin 11:cada08fc8a70 105 * \brief AES-ECB block encryption/decryption
mbedAustin 11:cada08fc8a70 106 *
mbedAustin 11:cada08fc8a70 107 * \param ctx AES context
mbedAustin 11:cada08fc8a70 108 * \param mode MBEDTLS_AES_ENCRYPT or MBEDTLS_AES_DECRYPT
mbedAustin 11:cada08fc8a70 109 * \param input 16-byte input block
mbedAustin 11:cada08fc8a70 110 * \param output 16-byte output block
mbedAustin 11:cada08fc8a70 111 *
mbedAustin 11:cada08fc8a70 112 * \return 0 if successful
mbedAustin 11:cada08fc8a70 113 */
mbedAustin 11:cada08fc8a70 114 int mbedtls_aes_crypt_ecb( mbedtls_aes_context *ctx,
mbedAustin 11:cada08fc8a70 115 int mode,
mbedAustin 11:cada08fc8a70 116 const unsigned char input[16],
mbedAustin 11:cada08fc8a70 117 unsigned char output[16] );
mbedAustin 11:cada08fc8a70 118
mbedAustin 11:cada08fc8a70 119 #if defined(MBEDTLS_CIPHER_MODE_CBC)
mbedAustin 11:cada08fc8a70 120 /**
mbedAustin 11:cada08fc8a70 121 * \brief AES-CBC buffer encryption/decryption
mbedAustin 11:cada08fc8a70 122 * Length should be a multiple of the block
mbedAustin 11:cada08fc8a70 123 * size (16 bytes)
mbedAustin 11:cada08fc8a70 124 *
mbedAustin 11:cada08fc8a70 125 * \note Upon exit, the content of the IV is updated so that you can
mbedAustin 11:cada08fc8a70 126 * call the function same function again on the following
mbedAustin 11:cada08fc8a70 127 * block(s) of data and get the same result as if it was
mbedAustin 11:cada08fc8a70 128 * encrypted in one call. This allows a "streaming" usage.
mbedAustin 11:cada08fc8a70 129 * If on the other hand you need to retain the contents of the
mbedAustin 11:cada08fc8a70 130 * IV, you should either save it manually or use the cipher
mbedAustin 11:cada08fc8a70 131 * module instead.
mbedAustin 11:cada08fc8a70 132 *
mbedAustin 11:cada08fc8a70 133 * \param ctx AES context
mbedAustin 11:cada08fc8a70 134 * \param mode MBEDTLS_AES_ENCRYPT or MBEDTLS_AES_DECRYPT
mbedAustin 11:cada08fc8a70 135 * \param length length of the input data
mbedAustin 11:cada08fc8a70 136 * \param iv initialization vector (updated after use)
mbedAustin 11:cada08fc8a70 137 * \param input buffer holding the input data
mbedAustin 11:cada08fc8a70 138 * \param output buffer holding the output data
mbedAustin 11:cada08fc8a70 139 *
mbedAustin 11:cada08fc8a70 140 * \return 0 if successful, or MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH
mbedAustin 11:cada08fc8a70 141 */
mbedAustin 11:cada08fc8a70 142 int mbedtls_aes_crypt_cbc( mbedtls_aes_context *ctx,
mbedAustin 11:cada08fc8a70 143 int mode,
mbedAustin 11:cada08fc8a70 144 size_t length,
mbedAustin 11:cada08fc8a70 145 unsigned char iv[16],
mbedAustin 11:cada08fc8a70 146 const unsigned char *input,
mbedAustin 11:cada08fc8a70 147 unsigned char *output );
mbedAustin 11:cada08fc8a70 148 #endif /* MBEDTLS_CIPHER_MODE_CBC */
mbedAustin 11:cada08fc8a70 149
mbedAustin 11:cada08fc8a70 150 #if defined(MBEDTLS_CIPHER_MODE_CFB)
mbedAustin 11:cada08fc8a70 151 /**
mbedAustin 11:cada08fc8a70 152 * \brief AES-CFB128 buffer encryption/decryption.
mbedAustin 11:cada08fc8a70 153 *
mbedAustin 11:cada08fc8a70 154 * Note: Due to the nature of CFB you should use the same key schedule for
mbedAustin 11:cada08fc8a70 155 * both encryption and decryption. So a context initialized with
mbedAustin 11:cada08fc8a70 156 * mbedtls_aes_setkey_enc() for both MBEDTLS_AES_ENCRYPT and MBEDTLS_AES_DECRYPT.
mbedAustin 11:cada08fc8a70 157 *
mbedAustin 11:cada08fc8a70 158 * \note Upon exit, the content of the IV is updated so that you can
mbedAustin 11:cada08fc8a70 159 * call the function same function again on the following
mbedAustin 11:cada08fc8a70 160 * block(s) of data and get the same result as if it was
mbedAustin 11:cada08fc8a70 161 * encrypted in one call. This allows a "streaming" usage.
mbedAustin 11:cada08fc8a70 162 * If on the other hand you need to retain the contents of the
mbedAustin 11:cada08fc8a70 163 * IV, you should either save it manually or use the cipher
mbedAustin 11:cada08fc8a70 164 * module instead.
mbedAustin 11:cada08fc8a70 165 *
mbedAustin 11:cada08fc8a70 166 * \param ctx AES context
mbedAustin 11:cada08fc8a70 167 * \param mode MBEDTLS_AES_ENCRYPT or MBEDTLS_AES_DECRYPT
mbedAustin 11:cada08fc8a70 168 * \param length length of the input data
mbedAustin 11:cada08fc8a70 169 * \param iv_off offset in IV (updated after use)
mbedAustin 11:cada08fc8a70 170 * \param iv initialization vector (updated after use)
mbedAustin 11:cada08fc8a70 171 * \param input buffer holding the input data
mbedAustin 11:cada08fc8a70 172 * \param output buffer holding the output data
mbedAustin 11:cada08fc8a70 173 *
mbedAustin 11:cada08fc8a70 174 * \return 0 if successful
mbedAustin 11:cada08fc8a70 175 */
mbedAustin 11:cada08fc8a70 176 int mbedtls_aes_crypt_cfb128( mbedtls_aes_context *ctx,
mbedAustin 11:cada08fc8a70 177 int mode,
mbedAustin 11:cada08fc8a70 178 size_t length,
mbedAustin 11:cada08fc8a70 179 size_t *iv_off,
mbedAustin 11:cada08fc8a70 180 unsigned char iv[16],
mbedAustin 11:cada08fc8a70 181 const unsigned char *input,
mbedAustin 11:cada08fc8a70 182 unsigned char *output );
mbedAustin 11:cada08fc8a70 183
mbedAustin 11:cada08fc8a70 184 /**
mbedAustin 11:cada08fc8a70 185 * \brief AES-CFB8 buffer encryption/decryption.
mbedAustin 11:cada08fc8a70 186 *
mbedAustin 11:cada08fc8a70 187 * Note: Due to the nature of CFB you should use the same key schedule for
mbedAustin 11:cada08fc8a70 188 * both encryption and decryption. So a context initialized with
mbedAustin 11:cada08fc8a70 189 * mbedtls_aes_setkey_enc() for both MBEDTLS_AES_ENCRYPT and MBEDTLS_AES_DECRYPT.
mbedAustin 11:cada08fc8a70 190 *
mbedAustin 11:cada08fc8a70 191 * \note Upon exit, the content of the IV is updated so that you can
mbedAustin 11:cada08fc8a70 192 * call the function same function again on the following
mbedAustin 11:cada08fc8a70 193 * block(s) of data and get the same result as if it was
mbedAustin 11:cada08fc8a70 194 * encrypted in one call. This allows a "streaming" usage.
mbedAustin 11:cada08fc8a70 195 * If on the other hand you need to retain the contents of the
mbedAustin 11:cada08fc8a70 196 * IV, you should either save it manually or use the cipher
mbedAustin 11:cada08fc8a70 197 * module instead.
mbedAustin 11:cada08fc8a70 198 *
mbedAustin 11:cada08fc8a70 199 * \param ctx AES context
mbedAustin 11:cada08fc8a70 200 * \param mode MBEDTLS_AES_ENCRYPT or MBEDTLS_AES_DECRYPT
mbedAustin 11:cada08fc8a70 201 * \param length length of the input data
mbedAustin 11:cada08fc8a70 202 * \param iv initialization vector (updated after use)
mbedAustin 11:cada08fc8a70 203 * \param input buffer holding the input data
mbedAustin 11:cada08fc8a70 204 * \param output buffer holding the output data
mbedAustin 11:cada08fc8a70 205 *
mbedAustin 11:cada08fc8a70 206 * \return 0 if successful
mbedAustin 11:cada08fc8a70 207 */
mbedAustin 11:cada08fc8a70 208 int mbedtls_aes_crypt_cfb8( mbedtls_aes_context *ctx,
mbedAustin 11:cada08fc8a70 209 int mode,
mbedAustin 11:cada08fc8a70 210 size_t length,
mbedAustin 11:cada08fc8a70 211 unsigned char iv[16],
mbedAustin 11:cada08fc8a70 212 const unsigned char *input,
mbedAustin 11:cada08fc8a70 213 unsigned char *output );
mbedAustin 11:cada08fc8a70 214 #endif /*MBEDTLS_CIPHER_MODE_CFB */
mbedAustin 11:cada08fc8a70 215
mbedAustin 11:cada08fc8a70 216 #if defined(MBEDTLS_CIPHER_MODE_CTR)
mbedAustin 11:cada08fc8a70 217 /**
mbedAustin 11:cada08fc8a70 218 * \brief AES-CTR buffer encryption/decryption
mbedAustin 11:cada08fc8a70 219 *
mbedAustin 11:cada08fc8a70 220 * Warning: You have to keep the maximum use of your counter in mind!
mbedAustin 11:cada08fc8a70 221 *
mbedAustin 11:cada08fc8a70 222 * Note: Due to the nature of CTR you should use the same key schedule for
mbedAustin 11:cada08fc8a70 223 * both encryption and decryption. So a context initialized with
mbedAustin 11:cada08fc8a70 224 * mbedtls_aes_setkey_enc() for both MBEDTLS_AES_ENCRYPT and MBEDTLS_AES_DECRYPT.
mbedAustin 11:cada08fc8a70 225 *
mbedAustin 11:cada08fc8a70 226 * \param ctx AES context
mbedAustin 11:cada08fc8a70 227 * \param length The length of the data
mbedAustin 11:cada08fc8a70 228 * \param nc_off The offset in the current stream_block (for resuming
mbedAustin 11:cada08fc8a70 229 * within current cipher stream). The offset pointer to
mbedAustin 11:cada08fc8a70 230 * should be 0 at the start of a stream.
mbedAustin 11:cada08fc8a70 231 * \param nonce_counter The 128-bit nonce and counter.
mbedAustin 11:cada08fc8a70 232 * \param stream_block The saved stream-block for resuming. Is overwritten
mbedAustin 11:cada08fc8a70 233 * by the function.
mbedAustin 11:cada08fc8a70 234 * \param input The input data stream
mbedAustin 11:cada08fc8a70 235 * \param output The output data stream
mbedAustin 11:cada08fc8a70 236 *
mbedAustin 11:cada08fc8a70 237 * \return 0 if successful
mbedAustin 11:cada08fc8a70 238 */
mbedAustin 11:cada08fc8a70 239 int mbedtls_aes_crypt_ctr( mbedtls_aes_context *ctx,
mbedAustin 11:cada08fc8a70 240 size_t length,
mbedAustin 11:cada08fc8a70 241 size_t *nc_off,
mbedAustin 11:cada08fc8a70 242 unsigned char nonce_counter[16],
mbedAustin 11:cada08fc8a70 243 unsigned char stream_block[16],
mbedAustin 11:cada08fc8a70 244 const unsigned char *input,
mbedAustin 11:cada08fc8a70 245 unsigned char *output );
mbedAustin 11:cada08fc8a70 246 #endif /* MBEDTLS_CIPHER_MODE_CTR */
mbedAustin 11:cada08fc8a70 247
mbedAustin 11:cada08fc8a70 248 /**
mbedAustin 11:cada08fc8a70 249 * \brief Internal AES block encryption function
mbedAustin 11:cada08fc8a70 250 * (Only exposed to allow overriding it,
mbedAustin 11:cada08fc8a70 251 * see MBEDTLS_AES_ENCRYPT_ALT)
mbedAustin 11:cada08fc8a70 252 *
mbedAustin 11:cada08fc8a70 253 * \param ctx AES context
mbedAustin 11:cada08fc8a70 254 * \param input Plaintext block
mbedAustin 11:cada08fc8a70 255 * \param output Output (ciphertext) block
mbedAustin 11:cada08fc8a70 256 */
mbedAustin 11:cada08fc8a70 257 void mbedtls_aes_encrypt( mbedtls_aes_context *ctx,
mbedAustin 11:cada08fc8a70 258 const unsigned char input[16],
mbedAustin 11:cada08fc8a70 259 unsigned char output[16] );
mbedAustin 11:cada08fc8a70 260
mbedAustin 11:cada08fc8a70 261 /**
mbedAustin 11:cada08fc8a70 262 * \brief Internal AES block decryption function
mbedAustin 11:cada08fc8a70 263 * (Only exposed to allow overriding it,
mbedAustin 11:cada08fc8a70 264 * see MBEDTLS_AES_DECRYPT_ALT)
mbedAustin 11:cada08fc8a70 265 *
mbedAustin 11:cada08fc8a70 266 * \param ctx AES context
mbedAustin 11:cada08fc8a70 267 * \param input Ciphertext block
mbedAustin 11:cada08fc8a70 268 * \param output Output (plaintext) block
mbedAustin 11:cada08fc8a70 269 */
mbedAustin 11:cada08fc8a70 270 void mbedtls_aes_decrypt( mbedtls_aes_context *ctx,
mbedAustin 11:cada08fc8a70 271 const unsigned char input[16],
mbedAustin 11:cada08fc8a70 272 unsigned char output[16] );
mbedAustin 11:cada08fc8a70 273
mbedAustin 11:cada08fc8a70 274 #ifdef __cplusplus
mbedAustin 11:cada08fc8a70 275 }
mbedAustin 11:cada08fc8a70 276 #endif
mbedAustin 11:cada08fc8a70 277
mbedAustin 11:cada08fc8a70 278 #else /* MBEDTLS_AES_ALT */
mbedAustin 11:cada08fc8a70 279 #include "aes_alt.h"
mbedAustin 11:cada08fc8a70 280 #endif /* MBEDTLS_AES_ALT */
mbedAustin 11:cada08fc8a70 281
mbedAustin 11:cada08fc8a70 282 #ifdef __cplusplus
mbedAustin 11:cada08fc8a70 283 extern "C" {
mbedAustin 11:cada08fc8a70 284 #endif
mbedAustin 11:cada08fc8a70 285
mbedAustin 11:cada08fc8a70 286 /**
mbedAustin 11:cada08fc8a70 287 * \brief Checkup routine
mbedAustin 11:cada08fc8a70 288 *
mbedAustin 11:cada08fc8a70 289 * \return 0 if successful, or 1 if the test failed
mbedAustin 11:cada08fc8a70 290 */
mbedAustin 11:cada08fc8a70 291 int mbedtls_aes_self_test( int verbose );
mbedAustin 11:cada08fc8a70 292
mbedAustin 11:cada08fc8a70 293 #ifdef __cplusplus
mbedAustin 11:cada08fc8a70 294 }
mbedAustin 11:cada08fc8a70 295 #endif
mbedAustin 11:cada08fc8a70 296
mbedAustin 11:cada08fc8a70 297 #endif /* aes.h */