00001
00026 #ifndef MBEDTLS_CIPHER_H
00027 #define MBEDTLS_CIPHER_H
00028
00029 #if !defined(MBEDTLS_CONFIG_FILE)
00030 #include "config.h"
00031 #else
00032 #include MBEDTLS_CONFIG_FILE
00033 #endif
00034
00035 #include <stddef.h>
00036
00037 #if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CCM_C)
00038 #define MBEDTLS_CIPHER_MODE_AEAD
00039 #endif
00040
00041 #if defined(MBEDTLS_CIPHER_MODE_CBC)
00042 #define MBEDTLS_CIPHER_MODE_WITH_PADDING
00043 #endif
00044
00045 #if defined(MBEDTLS_ARC4_C)
00046 #define MBEDTLS_CIPHER_MODE_STREAM
00047 #endif
00048
00049 #if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
00050 !defined(inline) && !defined(__cplusplus)
00051 #define inline __inline
00052 #endif
00053
00054 #define MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE -0x6080
00055 #define MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA -0x6100
00056 #define MBEDTLS_ERR_CIPHER_ALLOC_FAILED -0x6180
00057 #define MBEDTLS_ERR_CIPHER_INVALID_PADDING -0x6200
00058 #define MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED -0x6280
00059 #define MBEDTLS_ERR_CIPHER_AUTH_FAILED -0x6300
00060 #define MBEDTLS_ERR_CIPHER_INVALID_CONTEXT -0x6380
00062 #define MBEDTLS_CIPHER_VARIABLE_IV_LEN 0x01
00063 #define MBEDTLS_CIPHER_VARIABLE_KEY_LEN 0x02
00065 #ifdef __cplusplus
00066 extern "C" {
00067 #endif
00068
00069 typedef enum {
00070 MBEDTLS_CIPHER_ID_NONE = 0,
00071 MBEDTLS_CIPHER_ID_NULL,
00072 MBEDTLS_CIPHER_ID_AES,
00073 MBEDTLS_CIPHER_ID_DES,
00074 MBEDTLS_CIPHER_ID_3DES,
00075 MBEDTLS_CIPHER_ID_CAMELLIA,
00076 MBEDTLS_CIPHER_ID_BLOWFISH,
00077 MBEDTLS_CIPHER_ID_ARC4,
00078 } mbedtls_cipher_id_t;
00079
00080 typedef enum {
00081 MBEDTLS_CIPHER_NONE = 0,
00082 MBEDTLS_CIPHER_NULL,
00083 MBEDTLS_CIPHER_AES_128_ECB,
00084 MBEDTLS_CIPHER_AES_192_ECB,
00085 MBEDTLS_CIPHER_AES_256_ECB,
00086 MBEDTLS_CIPHER_AES_128_CBC,
00087 MBEDTLS_CIPHER_AES_192_CBC,
00088 MBEDTLS_CIPHER_AES_256_CBC,
00089 MBEDTLS_CIPHER_AES_128_CFB128,
00090 MBEDTLS_CIPHER_AES_192_CFB128,
00091 MBEDTLS_CIPHER_AES_256_CFB128,
00092 MBEDTLS_CIPHER_AES_128_CTR,
00093 MBEDTLS_CIPHER_AES_192_CTR,
00094 MBEDTLS_CIPHER_AES_256_CTR,
00095 MBEDTLS_CIPHER_AES_128_GCM,
00096 MBEDTLS_CIPHER_AES_192_GCM,
00097 MBEDTLS_CIPHER_AES_256_GCM,
00098 MBEDTLS_CIPHER_CAMELLIA_128_ECB,
00099 MBEDTLS_CIPHER_CAMELLIA_192_ECB,
00100 MBEDTLS_CIPHER_CAMELLIA_256_ECB,
00101 MBEDTLS_CIPHER_CAMELLIA_128_CBC,
00102 MBEDTLS_CIPHER_CAMELLIA_192_CBC,
00103 MBEDTLS_CIPHER_CAMELLIA_256_CBC,
00104 MBEDTLS_CIPHER_CAMELLIA_128_CFB128,
00105 MBEDTLS_CIPHER_CAMELLIA_192_CFB128,
00106 MBEDTLS_CIPHER_CAMELLIA_256_CFB128,
00107 MBEDTLS_CIPHER_CAMELLIA_128_CTR,
00108 MBEDTLS_CIPHER_CAMELLIA_192_CTR,
00109 MBEDTLS_CIPHER_CAMELLIA_256_CTR,
00110 MBEDTLS_CIPHER_CAMELLIA_128_GCM,
00111 MBEDTLS_CIPHER_CAMELLIA_192_GCM,
00112 MBEDTLS_CIPHER_CAMELLIA_256_GCM,
00113 MBEDTLS_CIPHER_DES_ECB,
00114 MBEDTLS_CIPHER_DES_CBC,
00115 MBEDTLS_CIPHER_DES_EDE_ECB,
00116 MBEDTLS_CIPHER_DES_EDE_CBC,
00117 MBEDTLS_CIPHER_DES_EDE3_ECB,
00118 MBEDTLS_CIPHER_DES_EDE3_CBC,
00119 MBEDTLS_CIPHER_BLOWFISH_ECB,
00120 MBEDTLS_CIPHER_BLOWFISH_CBC,
00121 MBEDTLS_CIPHER_BLOWFISH_CFB64,
00122 MBEDTLS_CIPHER_BLOWFISH_CTR,
00123 MBEDTLS_CIPHER_ARC4_128,
00124 MBEDTLS_CIPHER_AES_128_CCM,
00125 MBEDTLS_CIPHER_AES_192_CCM,
00126 MBEDTLS_CIPHER_AES_256_CCM,
00127 MBEDTLS_CIPHER_CAMELLIA_128_CCM,
00128 MBEDTLS_CIPHER_CAMELLIA_192_CCM,
00129 MBEDTLS_CIPHER_CAMELLIA_256_CCM,
00130 } mbedtls_cipher_type_t;
00131
00132 typedef enum {
00133 MBEDTLS_MODE_NONE = 0,
00134 MBEDTLS_MODE_ECB,
00135 MBEDTLS_MODE_CBC,
00136 MBEDTLS_MODE_CFB,
00137 MBEDTLS_MODE_OFB,
00138 MBEDTLS_MODE_CTR,
00139 MBEDTLS_MODE_GCM,
00140 MBEDTLS_MODE_STREAM,
00141 MBEDTLS_MODE_CCM,
00142 } mbedtls_cipher_mode_t;
00143
00144 typedef enum {
00145 MBEDTLS_PADDING_PKCS7 = 0,
00146 MBEDTLS_PADDING_ONE_AND_ZEROS,
00147 MBEDTLS_PADDING_ZEROS_AND_LEN,
00148 MBEDTLS_PADDING_ZEROS,
00149 MBEDTLS_PADDING_NONE,
00150 } mbedtls_cipher_padding_t;
00151
00152 typedef enum {
00153 MBEDTLS_OPERATION_NONE = -1,
00154 MBEDTLS_DECRYPT = 0,
00155 MBEDTLS_ENCRYPT,
00156 } mbedtls_operation_t;
00157
00158 enum {
00160 MBEDTLS_KEY_LENGTH_NONE = 0,
00162 MBEDTLS_KEY_LENGTH_DES = 64,
00164 MBEDTLS_KEY_LENGTH_DES_EDE = 128,
00166 MBEDTLS_KEY_LENGTH_DES_EDE3 = 192,
00167 };
00168
00170 #define MBEDTLS_MAX_IV_LENGTH 16
00171
00172 #define MBEDTLS_MAX_BLOCK_LENGTH 16
00173
00177 typedef struct mbedtls_cipher_base_t mbedtls_cipher_base_t;
00178
00182 typedef struct mbedtls_cmac_context_t mbedtls_cmac_context_t;
00183
00187 typedef struct {
00189 mbedtls_cipher_type_t type;
00190
00192 mbedtls_cipher_mode_t mode;
00193
00196 unsigned int key_bitlen;
00197
00199 const char * name;
00200
00203 unsigned int iv_size;
00204
00206 int flags;
00207
00209 unsigned int block_size;
00210
00212 const mbedtls_cipher_base_t *base;
00213
00214 } mbedtls_cipher_info_t;
00215
00219 typedef struct {
00221 const mbedtls_cipher_info_t *cipher_info;
00222
00224 int key_bitlen;
00225
00227 mbedtls_operation_t operation;
00228
00229 #if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
00230
00231 void (*add_padding)( unsigned char *output, size_t olen, size_t data_len );
00232 int (*get_padding)( unsigned char *input, size_t ilen, size_t *data_len );
00233 #endif
00234
00236 unsigned char unprocessed_data[MBEDTLS_MAX_BLOCK_LENGTH];
00237
00239 size_t unprocessed_len;
00240
00242 unsigned char iv[MBEDTLS_MAX_IV_LENGTH];
00243
00245 size_t iv_size;
00246
00248 void *cipher_ctx;
00249
00250 #if defined(MBEDTLS_CMAC_C)
00251
00252 mbedtls_cmac_context_t *cmac_ctx;
00253 #endif
00254 } mbedtls_cipher_context_t;
00255
00262 const int *mbedtls_cipher_list( void );
00263
00273 const mbedtls_cipher_info_t *mbedtls_cipher_info_from_string( const char *cipher_name );
00274
00284 const mbedtls_cipher_info_t *mbedtls_cipher_info_from_type( const mbedtls_cipher_type_t cipher_type );
00285
00298 const mbedtls_cipher_info_t *mbedtls_cipher_info_from_values( const mbedtls_cipher_id_t cipher_id,
00299 int key_bitlen,
00300 const mbedtls_cipher_mode_t mode );
00301
00305 void mbedtls_cipher_init( mbedtls_cipher_context_t *ctx );
00306
00312 void mbedtls_cipher_free( mbedtls_cipher_context_t *ctx );
00313
00330 int mbedtls_cipher_setup( mbedtls_cipher_context_t *ctx, const mbedtls_cipher_info_t *cipher_info );
00331
00340 static inline unsigned int mbedtls_cipher_get_block_size( const mbedtls_cipher_context_t *ctx )
00341 {
00342 if( NULL == ctx || NULL == ctx->cipher_info )
00343 return 0;
00344
00345 return ctx->cipher_info->block_size;
00346 }
00347
00357 static inline mbedtls_cipher_mode_t mbedtls_cipher_get_cipher_mode( const mbedtls_cipher_context_t *ctx )
00358 {
00359 if( NULL == ctx || NULL == ctx->cipher_info )
00360 return MBEDTLS_MODE_NONE;
00361
00362 return ctx->cipher_info->mode;
00363 }
00364
00374 static inline int mbedtls_cipher_get_iv_size( const mbedtls_cipher_context_t *ctx )
00375 {
00376 if( NULL == ctx || NULL == ctx->cipher_info )
00377 return 0;
00378
00379 if( ctx->iv_size != 0 )
00380 return (int) ctx->iv_size;
00381
00382 return (int) ctx->cipher_info->iv_size;
00383 }
00384
00393 static inline mbedtls_cipher_type_t mbedtls_cipher_get_type( const mbedtls_cipher_context_t *ctx )
00394 {
00395 if( NULL == ctx || NULL == ctx->cipher_info )
00396 return MBEDTLS_CIPHER_NONE;
00397
00398 return ctx->cipher_info->type;
00399 }
00400
00408 static inline const char *mbedtls_cipher_get_name( const mbedtls_cipher_context_t *ctx )
00409 {
00410 if( NULL == ctx || NULL == ctx->cipher_info )
00411 return 0;
00412
00413 return ctx->cipher_info->name;
00414 }
00415
00425 static inline int mbedtls_cipher_get_key_bitlen( const mbedtls_cipher_context_t *ctx )
00426 {
00427 if( NULL == ctx || NULL == ctx->cipher_info )
00428 return MBEDTLS_KEY_LENGTH_NONE;
00429
00430 return (int) ctx->cipher_info->key_bitlen;
00431 }
00432
00442 static inline mbedtls_operation_t mbedtls_cipher_get_operation( const mbedtls_cipher_context_t *ctx )
00443 {
00444 if( NULL == ctx || NULL == ctx->cipher_info )
00445 return MBEDTLS_OPERATION_NONE;
00446
00447 return ctx->operation;
00448 }
00449
00465 int mbedtls_cipher_setkey( mbedtls_cipher_context_t *ctx, const unsigned char *key,
00466 int key_bitlen, const mbedtls_operation_t operation );
00467
00468 #if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
00469
00481 int mbedtls_cipher_set_padding_mode( mbedtls_cipher_context_t *ctx, mbedtls_cipher_padding_t mode );
00482 #endif
00483
00497 int mbedtls_cipher_set_iv( mbedtls_cipher_context_t *ctx,
00498 const unsigned char *iv, size_t iv_len );
00499
00508 int mbedtls_cipher_reset( mbedtls_cipher_context_t *ctx );
00509
00510 #if defined(MBEDTLS_GCM_C)
00511
00522 int mbedtls_cipher_update_ad( mbedtls_cipher_context_t *ctx,
00523 const unsigned char *ad, size_t ad_len );
00524 #endif
00525
00555 int mbedtls_cipher_update( mbedtls_cipher_context_t *ctx, const unsigned char *input,
00556 size_t ilen, unsigned char *output, size_t *olen );
00557
00575 int mbedtls_cipher_finish( mbedtls_cipher_context_t *ctx,
00576 unsigned char *output, size_t *olen );
00577
00578 #if defined(MBEDTLS_GCM_C)
00579
00590 int mbedtls_cipher_write_tag( mbedtls_cipher_context_t *ctx,
00591 unsigned char *tag, size_t tag_len );
00592
00604 int mbedtls_cipher_check_tag( mbedtls_cipher_context_t *ctx,
00605 const unsigned char *tag, size_t tag_len );
00606 #endif
00607
00635 int mbedtls_cipher_crypt( mbedtls_cipher_context_t *ctx,
00636 const unsigned char *iv, size_t iv_len,
00637 const unsigned char *input, size_t ilen,
00638 unsigned char *output, size_t *olen );
00639
00640 #if defined(MBEDTLS_CIPHER_MODE_AEAD)
00641
00663 int mbedtls_cipher_auth_encrypt( mbedtls_cipher_context_t *ctx,
00664 const unsigned char *iv, size_t iv_len,
00665 const unsigned char *ad, size_t ad_len,
00666 const unsigned char *input, size_t ilen,
00667 unsigned char *output, size_t *olen,
00668 unsigned char *tag, size_t tag_len );
00669
00697 int mbedtls_cipher_auth_decrypt( mbedtls_cipher_context_t *ctx,
00698 const unsigned char *iv, size_t iv_len,
00699 const unsigned char *ad, size_t ad_len,
00700 const unsigned char *input, size_t ilen,
00701 unsigned char *output, size_t *olen,
00702 const unsigned char *tag, size_t tag_len );
00703 #endif
00704
00705 #ifdef __cplusplus
00706 }
00707 #endif
00708
00709 #endif