00001
00008
00009
00010
00011
00012
00013
00014
00015
00016
00017
00018
00019
00020
00021
00022
00023
00024
00025
00026
00027 #ifndef MBEDTLS_CIPHER_H
00028 #define MBEDTLS_CIPHER_H
00029
00030 #if !defined(MBEDTLS_CONFIG_FILE)
00031 #include "config.h"
00032 #else
00033 #include MBEDTLS_CONFIG_FILE
00034 #endif
00035
00036 #include <stddef.h>
00037
00038 #if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CCM_C)
00039 #define MBEDTLS_CIPHER_MODE_AEAD
00040 #endif
00041
00042 #if defined(MBEDTLS_CIPHER_MODE_CBC)
00043 #define MBEDTLS_CIPHER_MODE_WITH_PADDING
00044 #endif
00045
00046 #if defined(MBEDTLS_ARC4_C)
00047 #define MBEDTLS_CIPHER_MODE_STREAM
00048 #endif
00049
00050 #if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
00051 !defined(inline) && !defined(__cplusplus)
00052 #define inline __inline
00053 #endif
00054
00055 #define MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE -0x6080
00056 #define MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA -0x6100
00057 #define MBEDTLS_ERR_CIPHER_ALLOC_FAILED -0x6180
00058 #define MBEDTLS_ERR_CIPHER_INVALID_PADDING -0x6200
00059 #define MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED -0x6280
00060 #define MBEDTLS_ERR_CIPHER_AUTH_FAILED -0x6300
00061 #define MBEDTLS_ERR_CIPHER_INVALID_CONTEXT -0x6380
00062 #define MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED -0x6400
00064 #define MBEDTLS_CIPHER_VARIABLE_IV_LEN 0x01
00065 #define MBEDTLS_CIPHER_VARIABLE_KEY_LEN 0x02
00067 #ifdef __cplusplus
00068 extern "C" {
00069 #endif
00070
00078 typedef enum {
00079 MBEDTLS_CIPHER_ID_NONE = 0,
00080 MBEDTLS_CIPHER_ID_NULL,
00081 MBEDTLS_CIPHER_ID_AES,
00082 MBEDTLS_CIPHER_ID_DES,
00083 MBEDTLS_CIPHER_ID_3DES,
00084 MBEDTLS_CIPHER_ID_CAMELLIA,
00085 MBEDTLS_CIPHER_ID_BLOWFISH,
00086 MBEDTLS_CIPHER_ID_ARC4,
00087 } mbedtls_cipher_id_t;
00088
00096 typedef enum {
00097 MBEDTLS_CIPHER_NONE = 0,
00098 MBEDTLS_CIPHER_NULL,
00099 MBEDTLS_CIPHER_AES_128_ECB,
00100 MBEDTLS_CIPHER_AES_192_ECB,
00101 MBEDTLS_CIPHER_AES_256_ECB,
00102 MBEDTLS_CIPHER_AES_128_CBC,
00103 MBEDTLS_CIPHER_AES_192_CBC,
00104 MBEDTLS_CIPHER_AES_256_CBC,
00105 MBEDTLS_CIPHER_AES_128_CFB128,
00106 MBEDTLS_CIPHER_AES_192_CFB128,
00107 MBEDTLS_CIPHER_AES_256_CFB128,
00108 MBEDTLS_CIPHER_AES_128_CTR,
00109 MBEDTLS_CIPHER_AES_192_CTR,
00110 MBEDTLS_CIPHER_AES_256_CTR,
00111 MBEDTLS_CIPHER_AES_128_GCM,
00112 MBEDTLS_CIPHER_AES_192_GCM,
00113 MBEDTLS_CIPHER_AES_256_GCM,
00114 MBEDTLS_CIPHER_CAMELLIA_128_ECB,
00115 MBEDTLS_CIPHER_CAMELLIA_192_ECB,
00116 MBEDTLS_CIPHER_CAMELLIA_256_ECB,
00117 MBEDTLS_CIPHER_CAMELLIA_128_CBC,
00118 MBEDTLS_CIPHER_CAMELLIA_192_CBC,
00119 MBEDTLS_CIPHER_CAMELLIA_256_CBC,
00120 MBEDTLS_CIPHER_CAMELLIA_128_CFB128,
00121 MBEDTLS_CIPHER_CAMELLIA_192_CFB128,
00122 MBEDTLS_CIPHER_CAMELLIA_256_CFB128,
00123 MBEDTLS_CIPHER_CAMELLIA_128_CTR,
00124 MBEDTLS_CIPHER_CAMELLIA_192_CTR,
00125 MBEDTLS_CIPHER_CAMELLIA_256_CTR,
00126 MBEDTLS_CIPHER_CAMELLIA_128_GCM,
00127 MBEDTLS_CIPHER_CAMELLIA_192_GCM,
00128 MBEDTLS_CIPHER_CAMELLIA_256_GCM,
00129 MBEDTLS_CIPHER_DES_ECB,
00130 MBEDTLS_CIPHER_DES_CBC,
00131 MBEDTLS_CIPHER_DES_EDE_ECB,
00132 MBEDTLS_CIPHER_DES_EDE_CBC,
00133 MBEDTLS_CIPHER_DES_EDE3_ECB,
00134 MBEDTLS_CIPHER_DES_EDE3_CBC,
00135 MBEDTLS_CIPHER_BLOWFISH_ECB,
00136 MBEDTLS_CIPHER_BLOWFISH_CBC,
00137 MBEDTLS_CIPHER_BLOWFISH_CFB64,
00138 MBEDTLS_CIPHER_BLOWFISH_CTR,
00139 MBEDTLS_CIPHER_ARC4_128,
00140 MBEDTLS_CIPHER_AES_128_CCM,
00141 MBEDTLS_CIPHER_AES_192_CCM,
00142 MBEDTLS_CIPHER_AES_256_CCM,
00143 MBEDTLS_CIPHER_CAMELLIA_128_CCM,
00144 MBEDTLS_CIPHER_CAMELLIA_192_CCM,
00145 MBEDTLS_CIPHER_CAMELLIA_256_CCM,
00146 } mbedtls_cipher_type_t;
00147
00149 typedef enum {
00150 MBEDTLS_MODE_NONE = 0,
00151 MBEDTLS_MODE_ECB,
00152 MBEDTLS_MODE_CBC,
00153 MBEDTLS_MODE_CFB,
00154 MBEDTLS_MODE_OFB,
00155 MBEDTLS_MODE_CTR,
00156 MBEDTLS_MODE_GCM,
00157 MBEDTLS_MODE_STREAM,
00158 MBEDTLS_MODE_CCM,
00159 } mbedtls_cipher_mode_t;
00160
00162 typedef enum {
00163 MBEDTLS_PADDING_PKCS7 = 0,
00164 MBEDTLS_PADDING_ONE_AND_ZEROS,
00165 MBEDTLS_PADDING_ZEROS_AND_LEN,
00166 MBEDTLS_PADDING_ZEROS,
00167 MBEDTLS_PADDING_NONE,
00168 } mbedtls_cipher_padding_t;
00169
00171 typedef enum {
00172 MBEDTLS_OPERATION_NONE = -1,
00173 MBEDTLS_DECRYPT = 0,
00174 MBEDTLS_ENCRYPT,
00175 } mbedtls_operation_t;
00176
00177 enum {
00179 MBEDTLS_KEY_LENGTH_NONE = 0,
00181 MBEDTLS_KEY_LENGTH_DES = 64,
00183 MBEDTLS_KEY_LENGTH_DES_EDE = 128,
00185 MBEDTLS_KEY_LENGTH_DES_EDE3 = 192,
00186 };
00187
00189 #define MBEDTLS_MAX_IV_LENGTH 16
00190
00191 #define MBEDTLS_MAX_BLOCK_LENGTH 16
00192
00196 typedef struct mbedtls_cipher_base_t mbedtls_cipher_base_t;
00197
00201 typedef struct mbedtls_cmac_context_t mbedtls_cmac_context_t;
00202
00207 typedef struct {
00211 mbedtls_cipher_type_t type;
00212
00214 mbedtls_cipher_mode_t mode;
00215
00220 unsigned int key_bitlen;
00221
00223 const char * name;
00224
00229 unsigned int iv_size;
00230
00232 int flags;
00233
00235 unsigned int block_size;
00236
00238 const mbedtls_cipher_base_t *base;
00239
00240 } mbedtls_cipher_info_t;
00241
00245 typedef struct {
00247 const mbedtls_cipher_info_t *cipher_info;
00248
00250 int key_bitlen;
00251
00255 mbedtls_operation_t operation;
00256
00257 #if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
00258
00261 void (*add_padding)( unsigned char *output, size_t olen, size_t data_len );
00262 int (*get_padding)( unsigned char *input, size_t ilen, size_t *data_len );
00263 #endif
00264
00266 unsigned char unprocessed_data[MBEDTLS_MAX_BLOCK_LENGTH];
00267
00269 size_t unprocessed_len;
00270
00272 unsigned char iv[MBEDTLS_MAX_IV_LENGTH];
00273
00275 size_t iv_size;
00276
00278 void *cipher_ctx;
00279
00280 #if defined(MBEDTLS_CMAC_C)
00281
00282 mbedtls_cmac_context_t *cmac_ctx;
00283 #endif
00284 } mbedtls_cipher_context_t;
00285
00293 const int *mbedtls_cipher_list( void );
00294
00304 const mbedtls_cipher_info_t *mbedtls_cipher_info_from_string( const char *cipher_name );
00305
00315 const mbedtls_cipher_info_t *mbedtls_cipher_info_from_type( const mbedtls_cipher_type_t cipher_type );
00316
00330 const mbedtls_cipher_info_t *mbedtls_cipher_info_from_values( const mbedtls_cipher_id_t cipher_id,
00331 int key_bitlen,
00332 const mbedtls_cipher_mode_t mode );
00333
00337 void mbedtls_cipher_init( mbedtls_cipher_context_t *ctx );
00338
00344 void mbedtls_cipher_free( mbedtls_cipher_context_t *ctx );
00345
00346
00364 int mbedtls_cipher_setup( mbedtls_cipher_context_t *ctx, const mbedtls_cipher_info_t *cipher_info );
00365
00374 static inline unsigned int mbedtls_cipher_get_block_size( const mbedtls_cipher_context_t *ctx )
00375 {
00376 if( NULL == ctx || NULL == ctx->cipher_info )
00377 return 0;
00378
00379 return ctx->cipher_info->block_size;
00380 }
00381
00391 static inline mbedtls_cipher_mode_t mbedtls_cipher_get_cipher_mode( const mbedtls_cipher_context_t *ctx )
00392 {
00393 if( NULL == ctx || NULL == ctx->cipher_info )
00394 return MBEDTLS_MODE_NONE;
00395
00396 return ctx->cipher_info->mode;
00397 }
00398
00409 static inline int mbedtls_cipher_get_iv_size( const mbedtls_cipher_context_t *ctx )
00410 {
00411 if( NULL == ctx || NULL == ctx->cipher_info )
00412 return 0;
00413
00414 if( ctx->iv_size != 0 )
00415 return (int) ctx->iv_size;
00416
00417 return (int) ctx->cipher_info->iv_size;
00418 }
00419
00428 static inline mbedtls_cipher_type_t mbedtls_cipher_get_type( const mbedtls_cipher_context_t *ctx )
00429 {
00430 if( NULL == ctx || NULL == ctx->cipher_info )
00431 return MBEDTLS_CIPHER_NONE;
00432
00433 return ctx->cipher_info->type;
00434 }
00435
00445 static inline const char *mbedtls_cipher_get_name( const mbedtls_cipher_context_t *ctx )
00446 {
00447 if( NULL == ctx || NULL == ctx->cipher_info )
00448 return 0;
00449
00450 return ctx->cipher_info->name;
00451 }
00452
00462 static inline int mbedtls_cipher_get_key_bitlen( const mbedtls_cipher_context_t *ctx )
00463 {
00464 if( NULL == ctx || NULL == ctx->cipher_info )
00465 return MBEDTLS_KEY_LENGTH_NONE;
00466
00467 return (int) ctx->cipher_info->key_bitlen;
00468 }
00469
00479 static inline mbedtls_operation_t mbedtls_cipher_get_operation( const mbedtls_cipher_context_t *ctx )
00480 {
00481 if( NULL == ctx || NULL == ctx->cipher_info )
00482 return MBEDTLS_OPERATION_NONE;
00483
00484 return ctx->operation;
00485 }
00486
00502 int mbedtls_cipher_setkey( mbedtls_cipher_context_t *ctx, const unsigned char *key,
00503 int key_bitlen, const mbedtls_operation_t operation );
00504
00505 #if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
00506
00520 int mbedtls_cipher_set_padding_mode( mbedtls_cipher_context_t *ctx, mbedtls_cipher_padding_t mode );
00521 #endif
00522
00537 int mbedtls_cipher_set_iv( mbedtls_cipher_context_t *ctx,
00538 const unsigned char *iv, size_t iv_len );
00539
00548 int mbedtls_cipher_reset( mbedtls_cipher_context_t *ctx );
00549
00550 #if defined(MBEDTLS_GCM_C)
00551
00562 int mbedtls_cipher_update_ad( mbedtls_cipher_context_t *ctx,
00563 const unsigned char *ad, size_t ad_len );
00564 #endif
00565
00596 int mbedtls_cipher_update( mbedtls_cipher_context_t *ctx, const unsigned char *input,
00597 size_t ilen, unsigned char *output, size_t *olen );
00598
00617 int mbedtls_cipher_finish( mbedtls_cipher_context_t *ctx,
00618 unsigned char *output, size_t *olen );
00619
00620 #if defined(MBEDTLS_GCM_C)
00621
00632 int mbedtls_cipher_write_tag( mbedtls_cipher_context_t *ctx,
00633 unsigned char *tag, size_t tag_len );
00634
00646 int mbedtls_cipher_check_tag( mbedtls_cipher_context_t *ctx,
00647 const unsigned char *tag, size_t tag_len );
00648 #endif
00649
00678 int mbedtls_cipher_crypt( mbedtls_cipher_context_t *ctx,
00679 const unsigned char *iv, size_t iv_len,
00680 const unsigned char *input, size_t ilen,
00681 unsigned char *output, size_t *olen );
00682
00683 #if defined(MBEDTLS_CIPHER_MODE_AEAD)
00684
00706 int mbedtls_cipher_auth_encrypt( mbedtls_cipher_context_t *ctx,
00707 const unsigned char *iv, size_t iv_len,
00708 const unsigned char *ad, size_t ad_len,
00709 const unsigned char *input, size_t ilen,
00710 unsigned char *output, size_t *olen,
00711 unsigned char *tag, size_t tag_len );
00712
00740 int mbedtls_cipher_auth_decrypt( mbedtls_cipher_context_t *ctx,
00741 const unsigned char *iv, size_t iv_len,
00742 const unsigned char *ad, size_t ad_len,
00743 const unsigned char *input, size_t ilen,
00744 unsigned char *output, size_t *olen,
00745 const unsigned char *tag, size_t tag_len );
00746 #endif
00747
00748 #ifdef __cplusplus
00749 }
00750 #endif
00751
00752 #endif