00001
00026 #ifndef MBEDTLS_CIPHER_H
00027 #define MBEDTLS_CIPHER_H
00028
00029 #if !defined(MBEDTLS_CONFIG_FILE)
00030 #include "config.h"
00031 #else
00032 #include MBEDTLS_CONFIG_FILE
00033 #endif
00034
00035 #include <stddef.h>
00036
00037 #if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CCM_C)
00038 #define MBEDTLS_CIPHER_MODE_AEAD
00039 #endif
00040
00041 #if defined(MBEDTLS_CIPHER_MODE_CBC)
00042 #define MBEDTLS_CIPHER_MODE_WITH_PADDING
00043 #endif
00044
00045 #if defined(MBEDTLS_ARC4_C)
00046 #define MBEDTLS_CIPHER_MODE_STREAM
00047 #endif
00048
00049 #if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
00050 !defined(inline) && !defined(__cplusplus)
00051 #define inline __inline
00052 #endif
00053
00054 #define MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE -0x6080
00055 #define MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA -0x6100
00056 #define MBEDTLS_ERR_CIPHER_ALLOC_FAILED -0x6180
00057 #define MBEDTLS_ERR_CIPHER_INVALID_PADDING -0x6200
00058 #define MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED -0x6280
00059 #define MBEDTLS_ERR_CIPHER_AUTH_FAILED -0x6300
00060 #define MBEDTLS_ERR_CIPHER_INVALID_CONTEXT -0x6380
00062 #define MBEDTLS_CIPHER_VARIABLE_IV_LEN 0x01
00063 #define MBEDTLS_CIPHER_VARIABLE_KEY_LEN 0x02
00065 #ifdef __cplusplus
00066 extern "C" {
00067 #endif
00068
00069 typedef enum {
00070 MBEDTLS_CIPHER_ID_NONE = 0,
00071 MBEDTLS_CIPHER_ID_NULL,
00072 MBEDTLS_CIPHER_ID_AES,
00073 MBEDTLS_CIPHER_ID_DES,
00074 MBEDTLS_CIPHER_ID_3DES,
00075 MBEDTLS_CIPHER_ID_CAMELLIA,
00076 MBEDTLS_CIPHER_ID_BLOWFISH,
00077 MBEDTLS_CIPHER_ID_ARC4,
00078 } mbedtls_cipher_id_t;
00079
00080 typedef enum {
00081 MBEDTLS_CIPHER_NONE = 0,
00082 MBEDTLS_CIPHER_NULL,
00083 MBEDTLS_CIPHER_AES_128_ECB,
00084 MBEDTLS_CIPHER_AES_192_ECB,
00085 MBEDTLS_CIPHER_AES_256_ECB,
00086 MBEDTLS_CIPHER_AES_128_CBC,
00087 MBEDTLS_CIPHER_AES_192_CBC,
00088 MBEDTLS_CIPHER_AES_256_CBC,
00089 MBEDTLS_CIPHER_AES_128_CFB128,
00090 MBEDTLS_CIPHER_AES_192_CFB128,
00091 MBEDTLS_CIPHER_AES_256_CFB128,
00092 MBEDTLS_CIPHER_AES_128_CTR,
00093 MBEDTLS_CIPHER_AES_192_CTR,
00094 MBEDTLS_CIPHER_AES_256_CTR,
00095 MBEDTLS_CIPHER_AES_128_GCM,
00096 MBEDTLS_CIPHER_AES_192_GCM,
00097 MBEDTLS_CIPHER_AES_256_GCM,
00098 MBEDTLS_CIPHER_CAMELLIA_128_ECB,
00099 MBEDTLS_CIPHER_CAMELLIA_192_ECB,
00100 MBEDTLS_CIPHER_CAMELLIA_256_ECB,
00101 MBEDTLS_CIPHER_CAMELLIA_128_CBC,
00102 MBEDTLS_CIPHER_CAMELLIA_192_CBC,
00103 MBEDTLS_CIPHER_CAMELLIA_256_CBC,
00104 MBEDTLS_CIPHER_CAMELLIA_128_CFB128,
00105 MBEDTLS_CIPHER_CAMELLIA_192_CFB128,
00106 MBEDTLS_CIPHER_CAMELLIA_256_CFB128,
00107 MBEDTLS_CIPHER_CAMELLIA_128_CTR,
00108 MBEDTLS_CIPHER_CAMELLIA_192_CTR,
00109 MBEDTLS_CIPHER_CAMELLIA_256_CTR,
00110 MBEDTLS_CIPHER_CAMELLIA_128_GCM,
00111 MBEDTLS_CIPHER_CAMELLIA_192_GCM,
00112 MBEDTLS_CIPHER_CAMELLIA_256_GCM,
00113 MBEDTLS_CIPHER_DES_ECB,
00114 MBEDTLS_CIPHER_DES_CBC,
00115 MBEDTLS_CIPHER_DES_EDE_ECB,
00116 MBEDTLS_CIPHER_DES_EDE_CBC,
00117 MBEDTLS_CIPHER_DES_EDE3_ECB,
00118 MBEDTLS_CIPHER_DES_EDE3_CBC,
00119 MBEDTLS_CIPHER_BLOWFISH_ECB,
00120 MBEDTLS_CIPHER_BLOWFISH_CBC,
00121 MBEDTLS_CIPHER_BLOWFISH_CFB64,
00122 MBEDTLS_CIPHER_BLOWFISH_CTR,
00123 MBEDTLS_CIPHER_ARC4_128,
00124 MBEDTLS_CIPHER_AES_128_CCM,
00125 MBEDTLS_CIPHER_AES_192_CCM,
00126 MBEDTLS_CIPHER_AES_256_CCM,
00127 MBEDTLS_CIPHER_CAMELLIA_128_CCM,
00128 MBEDTLS_CIPHER_CAMELLIA_192_CCM,
00129 MBEDTLS_CIPHER_CAMELLIA_256_CCM,
00130 } mbedtls_cipher_type_t;
00131
00132 typedef enum {
00133 MBEDTLS_MODE_NONE = 0,
00134 MBEDTLS_MODE_ECB,
00135 MBEDTLS_MODE_CBC,
00136 MBEDTLS_MODE_CFB,
00137 MBEDTLS_MODE_OFB,
00138 MBEDTLS_MODE_CTR,
00139 MBEDTLS_MODE_GCM,
00140 MBEDTLS_MODE_STREAM,
00141 MBEDTLS_MODE_CCM,
00142 } mbedtls_cipher_mode_t;
00143
00144 typedef enum {
00145 MBEDTLS_PADDING_PKCS7 = 0,
00146 MBEDTLS_PADDING_ONE_AND_ZEROS,
00147 MBEDTLS_PADDING_ZEROS_AND_LEN,
00148 MBEDTLS_PADDING_ZEROS,
00149 MBEDTLS_PADDING_NONE,
00150 } mbedtls_cipher_padding_t;
00151
00152 typedef enum {
00153 MBEDTLS_OPERATION_NONE = -1,
00154 MBEDTLS_DECRYPT = 0,
00155 MBEDTLS_ENCRYPT,
00156 } mbedtls_operation_t;
00157
00158 enum {
00160 MBEDTLS_KEY_LENGTH_NONE = 0,
00162 MBEDTLS_KEY_LENGTH_DES = 64,
00164 MBEDTLS_KEY_LENGTH_DES_EDE = 128,
00166 MBEDTLS_KEY_LENGTH_DES_EDE3 = 192,
00167 };
00168
00170 #define MBEDTLS_MAX_IV_LENGTH 16
00171
00172 #define MBEDTLS_MAX_BLOCK_LENGTH 16
00173
00177 typedef struct mbedtls_cipher_base_t mbedtls_cipher_base_t;
00178
00182 typedef struct {
00184 mbedtls_cipher_type_t type;
00185
00187 mbedtls_cipher_mode_t mode;
00188
00191 unsigned int key_bitlen;
00192
00194 const char * name;
00195
00198 unsigned int iv_size;
00199
00201 int flags;
00202
00204 unsigned int block_size;
00205
00207 const mbedtls_cipher_base_t *base;
00208
00209 } mbedtls_cipher_info_t;
00210
00214 typedef struct {
00216 const mbedtls_cipher_info_t *cipher_info;
00217
00219 int key_bitlen;
00220
00222 mbedtls_operation_t operation;
00223
00224 #if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
00225
00226 void (*add_padding)( unsigned char *output, size_t olen, size_t data_len );
00227 int (*get_padding)( unsigned char *input, size_t ilen, size_t *data_len );
00228 #endif
00229
00231 unsigned char unprocessed_data[MBEDTLS_MAX_BLOCK_LENGTH];
00232
00234 size_t unprocessed_len;
00235
00237 unsigned char iv[MBEDTLS_MAX_IV_LENGTH];
00238
00240 size_t iv_size;
00241
00243 void *cipher_ctx;
00244 } mbedtls_cipher_context_t;
00245
00252 const int *mbedtls_cipher_list( void );
00253
00263 const mbedtls_cipher_info_t *mbedtls_cipher_info_from_string( const char *cipher_name );
00264
00274 const mbedtls_cipher_info_t *mbedtls_cipher_info_from_type( const mbedtls_cipher_type_t cipher_type );
00275
00288 const mbedtls_cipher_info_t *mbedtls_cipher_info_from_values( const mbedtls_cipher_id_t cipher_id,
00289 int key_bitlen,
00290 const mbedtls_cipher_mode_t mode );
00291
00295 void mbedtls_cipher_init( mbedtls_cipher_context_t *ctx );
00296
00302 void mbedtls_cipher_free( mbedtls_cipher_context_t *ctx );
00303
00320 int mbedtls_cipher_setup( mbedtls_cipher_context_t *ctx, const mbedtls_cipher_info_t *cipher_info );
00321
00330 static inline unsigned int mbedtls_cipher_get_block_size( const mbedtls_cipher_context_t *ctx )
00331 {
00332 if( NULL == ctx || NULL == ctx->cipher_info )
00333 return 0;
00334
00335 return ctx->cipher_info->block_size;
00336 }
00337
00347 static inline mbedtls_cipher_mode_t mbedtls_cipher_get_cipher_mode( const mbedtls_cipher_context_t *ctx )
00348 {
00349 if( NULL == ctx || NULL == ctx->cipher_info )
00350 return MBEDTLS_MODE_NONE;
00351
00352 return ctx->cipher_info->mode;
00353 }
00354
00364 static inline int mbedtls_cipher_get_iv_size( const mbedtls_cipher_context_t *ctx )
00365 {
00366 if( NULL == ctx || NULL == ctx->cipher_info )
00367 return 0;
00368
00369 if( ctx->iv_size != 0 )
00370 return (int) ctx->iv_size;
00371
00372 return (int) ctx->cipher_info->iv_size;
00373 }
00374
00383 static inline mbedtls_cipher_type_t mbedtls_cipher_get_type( const mbedtls_cipher_context_t *ctx )
00384 {
00385 if( NULL == ctx || NULL == ctx->cipher_info )
00386 return MBEDTLS_CIPHER_NONE;
00387
00388 return ctx->cipher_info->type;
00389 }
00390
00398 static inline const char *mbedtls_cipher_get_name( const mbedtls_cipher_context_t *ctx )
00399 {
00400 if( NULL == ctx || NULL == ctx->cipher_info )
00401 return 0;
00402
00403 return ctx->cipher_info->name;
00404 }
00405
00415 static inline int mbedtls_cipher_get_key_bitlen( const mbedtls_cipher_context_t *ctx )
00416 {
00417 if( NULL == ctx || NULL == ctx->cipher_info )
00418 return MBEDTLS_KEY_LENGTH_NONE;
00419
00420 return (int) ctx->cipher_info->key_bitlen;
00421 }
00422
00432 static inline mbedtls_operation_t mbedtls_cipher_get_operation( const mbedtls_cipher_context_t *ctx )
00433 {
00434 if( NULL == ctx || NULL == ctx->cipher_info )
00435 return MBEDTLS_OPERATION_NONE;
00436
00437 return ctx->operation;
00438 }
00439
00455 int mbedtls_cipher_setkey( mbedtls_cipher_context_t *ctx, const unsigned char *key,
00456 int key_bitlen, const mbedtls_operation_t operation );
00457
00458 #if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
00459
00471 int mbedtls_cipher_set_padding_mode( mbedtls_cipher_context_t *ctx, mbedtls_cipher_padding_t mode );
00472 #endif
00473
00487 int mbedtls_cipher_set_iv( mbedtls_cipher_context_t *ctx,
00488 const unsigned char *iv, size_t iv_len );
00489
00498 int mbedtls_cipher_reset( mbedtls_cipher_context_t *ctx );
00499
00500 #if defined(MBEDTLS_GCM_C)
00501
00512 int mbedtls_cipher_update_ad( mbedtls_cipher_context_t *ctx,
00513 const unsigned char *ad, size_t ad_len );
00514 #endif
00515
00545 int mbedtls_cipher_update( mbedtls_cipher_context_t *ctx, const unsigned char *input,
00546 size_t ilen, unsigned char *output, size_t *olen );
00547
00565 int mbedtls_cipher_finish( mbedtls_cipher_context_t *ctx,
00566 unsigned char *output, size_t *olen );
00567
00568 #if defined(MBEDTLS_GCM_C)
00569
00580 int mbedtls_cipher_write_tag( mbedtls_cipher_context_t *ctx,
00581 unsigned char *tag, size_t tag_len );
00582
00594 int mbedtls_cipher_check_tag( mbedtls_cipher_context_t *ctx,
00595 const unsigned char *tag, size_t tag_len );
00596 #endif
00597
00625 int mbedtls_cipher_crypt( mbedtls_cipher_context_t *ctx,
00626 const unsigned char *iv, size_t iv_len,
00627 const unsigned char *input, size_t ilen,
00628 unsigned char *output, size_t *olen );
00629
00630 #if defined(MBEDTLS_CIPHER_MODE_AEAD)
00631
00653 int mbedtls_cipher_auth_encrypt( mbedtls_cipher_context_t *ctx,
00654 const unsigned char *iv, size_t iv_len,
00655 const unsigned char *ad, size_t ad_len,
00656 const unsigned char *input, size_t ilen,
00657 unsigned char *output, size_t *olen,
00658 unsigned char *tag, size_t tag_len );
00659
00687 int mbedtls_cipher_auth_decrypt( mbedtls_cipher_context_t *ctx,
00688 const unsigned char *iv, size_t iv_len,
00689 const unsigned char *ad, size_t ad_len,
00690 const unsigned char *input, size_t ilen,
00691 unsigned char *output, size_t *olen,
00692 const unsigned char *tag, size_t tag_len );
00693 #endif
00694
00695 #ifdef __cplusplus
00696 }
00697 #endif
00698
00699 #endif