cipher.h

Go to the documentation of this file.

#ifndef MBEDTLS_CIPHER_H
#define MBEDTLS_CIPHER_H

#if !defined(MBEDTLS_CONFIG_FILE)
#include "config.h"
#else
#include MBEDTLS_CONFIG_FILE
#endif

#include <stddef.h>

#include <retro_inline.h>

#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CCM_C)
#define MBEDTLS_CIPHER_MODE_AEAD
#endif

#if defined(MBEDTLS_CIPHER_MODE_CBC)
#define MBEDTLS_CIPHER_MODE_WITH_PADDING
#endif

#if defined(MBEDTLS_ARC4_C)
#define MBEDTLS_CIPHER_MODE_STREAM
#endif

#define MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE -0x6080 
#define MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA -0x6100 
#define MBEDTLS_ERR_CIPHER_ALLOC_FAILED -0x6180 
#define MBEDTLS_ERR_CIPHER_INVALID_PADDING -0x6200 
#define MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED -0x6280 
#define MBEDTLS_ERR_CIPHER_AUTH_FAILED -0x6300 
#define MBEDTLS_ERR_CIPHER_INVALID_CONTEXT -0x6380 
#define MBEDTLS_CIPHER_VARIABLE_IV_LEN 0x01 
#define MBEDTLS_CIPHER_VARIABLE_KEY_LEN 0x02 
#ifdef __cplusplus
extern "C" {
#endif

typedef enum {
 MBEDTLS_CIPHER_ID_NONE = 0,
 MBEDTLS_CIPHER_ID_NULL,
 MBEDTLS_CIPHER_ID_AES,
 MBEDTLS_CIPHER_ID_DES,
 MBEDTLS_CIPHER_ID_3DES,
 MBEDTLS_CIPHER_ID_CAMELLIA,
 MBEDTLS_CIPHER_ID_BLOWFISH,
 MBEDTLS_CIPHER_ID_ARC4
} mbedtls_cipher_id_t;

typedef enum {
 MBEDTLS_CIPHER_NONE = 0,
 MBEDTLS_CIPHER_NULL,
 MBEDTLS_CIPHER_AES_128_ECB,
 MBEDTLS_CIPHER_AES_192_ECB,
 MBEDTLS_CIPHER_AES_256_ECB,
 MBEDTLS_CIPHER_AES_128_CBC,
 MBEDTLS_CIPHER_AES_192_CBC,
 MBEDTLS_CIPHER_AES_256_CBC,
 MBEDTLS_CIPHER_AES_128_CFB128,
 MBEDTLS_CIPHER_AES_192_CFB128,
 MBEDTLS_CIPHER_AES_256_CFB128,
 MBEDTLS_CIPHER_AES_128_CTR,
 MBEDTLS_CIPHER_AES_192_CTR,
 MBEDTLS_CIPHER_AES_256_CTR,
 MBEDTLS_CIPHER_AES_128_GCM,
 MBEDTLS_CIPHER_AES_192_GCM,
 MBEDTLS_CIPHER_AES_256_GCM,
 MBEDTLS_CIPHER_CAMELLIA_128_ECB,
 MBEDTLS_CIPHER_CAMELLIA_192_ECB,
 MBEDTLS_CIPHER_CAMELLIA_256_ECB,
 MBEDTLS_CIPHER_CAMELLIA_128_CBC,
 MBEDTLS_CIPHER_CAMELLIA_192_CBC,
 MBEDTLS_CIPHER_CAMELLIA_256_CBC,
 MBEDTLS_CIPHER_CAMELLIA_128_CFB128,
 MBEDTLS_CIPHER_CAMELLIA_192_CFB128,
 MBEDTLS_CIPHER_CAMELLIA_256_CFB128,
 MBEDTLS_CIPHER_CAMELLIA_128_CTR,
 MBEDTLS_CIPHER_CAMELLIA_192_CTR,
 MBEDTLS_CIPHER_CAMELLIA_256_CTR,
 MBEDTLS_CIPHER_CAMELLIA_128_GCM,
 MBEDTLS_CIPHER_CAMELLIA_192_GCM,
 MBEDTLS_CIPHER_CAMELLIA_256_GCM,
 MBEDTLS_CIPHER_DES_ECB,
 MBEDTLS_CIPHER_DES_CBC,
 MBEDTLS_CIPHER_DES_EDE_ECB,
 MBEDTLS_CIPHER_DES_EDE_CBC,
 MBEDTLS_CIPHER_DES_EDE3_ECB,
 MBEDTLS_CIPHER_DES_EDE3_CBC,
 MBEDTLS_CIPHER_BLOWFISH_ECB,
 MBEDTLS_CIPHER_BLOWFISH_CBC,
 MBEDTLS_CIPHER_BLOWFISH_CFB64,
 MBEDTLS_CIPHER_BLOWFISH_CTR,
 MBEDTLS_CIPHER_ARC4_128,
 MBEDTLS_CIPHER_AES_128_CCM,
 MBEDTLS_CIPHER_AES_192_CCM,
 MBEDTLS_CIPHER_AES_256_CCM,
 MBEDTLS_CIPHER_CAMELLIA_128_CCM,
 MBEDTLS_CIPHER_CAMELLIA_192_CCM,
 MBEDTLS_CIPHER_CAMELLIA_256_CCM
} mbedtls_cipher_type_t;

typedef enum {
 MBEDTLS_MODE_NONE = 0,
 MBEDTLS_MODE_ECB,
 MBEDTLS_MODE_CBC,
 MBEDTLS_MODE_CFB,
 MBEDTLS_MODE_OFB, /* Unused! */
 MBEDTLS_MODE_CTR,
 MBEDTLS_MODE_GCM,
 MBEDTLS_MODE_STREAM,
 MBEDTLS_MODE_CCM
} mbedtls_cipher_mode_t;

typedef enum {
 MBEDTLS_PADDING_PKCS7 = 0, 
 MBEDTLS_PADDING_ONE_AND_ZEROS, 
 MBEDTLS_PADDING_ZEROS_AND_LEN, 
 MBEDTLS_PADDING_ZEROS, 
 MBEDTLS_PADDING_NONE 
} mbedtls_cipher_padding_t;

typedef enum {
 MBEDTLS_OPERATION_NONE = -1,
 MBEDTLS_DECRYPT = 0,
 MBEDTLS_ENCRYPT
} mbedtls_operation_t;

enum {
 MBEDTLS_KEY_LENGTH_NONE = 0,
 MBEDTLS_KEY_LENGTH_DES = 64,
 MBEDTLS_KEY_LENGTH_DES_EDE = 128,
 MBEDTLS_KEY_LENGTH_DES_EDE3 = 192
};

#define MBEDTLS_MAX_IV_LENGTH 16

#define MBEDTLS_MAX_BLOCK_LENGTH 16

typedef struct mbedtls_cipher_base_t mbedtls_cipher_base_t;

typedef struct mbedtls_cmac_context_t mbedtls_cmac_context_t;

typedef struct {
 mbedtls_cipher_type_t type;

 mbedtls_cipher_mode_t mode;

 unsigned int key_bitlen;

 const char * name;

 unsigned int iv_size;

 int flags;

 unsigned int block_size;

 const mbedtls_cipher_base_t *base;

} mbedtls_cipher_info_t;

typedef struct {
 const mbedtls_cipher_info_t *cipher_info;

 int key_bitlen;

 mbedtls_operation_t operation;

#if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)

 void (*add_padding)( unsigned char *output, size_t olen, size_t data_len );
 int (*get_padding)( unsigned char *input, size_t ilen, size_t *data_len );
#endif

 unsigned char unprocessed_data[MBEDTLS_MAX_BLOCK_LENGTH];

 size_t unprocessed_len;

 unsigned char iv[MBEDTLS_MAX_IV_LENGTH];

 size_t iv_size;

 void *cipher_ctx;

#if defined(MBEDTLS_CMAC_C)

 mbedtls_cmac_context_t *cmac_ctx;
#endif
} mbedtls_cipher_context_t;

const int *mbedtls_cipher_list( void );

const mbedtls_cipher_info_t *mbedtls_cipher_info_from_string( const char *cipher_name );

const mbedtls_cipher_info_t *mbedtls_cipher_info_from_type( const mbedtls_cipher_type_t cipher_type );

const mbedtls_cipher_info_t *mbedtls_cipher_info_from_values( const mbedtls_cipher_id_t cipher_id,
 int key_bitlen,
 const mbedtls_cipher_mode_t mode );

void mbedtls_cipher_init( mbedtls_cipher_context_t *ctx );

void mbedtls_cipher_free( mbedtls_cipher_context_t *ctx );

int mbedtls_cipher_setup( mbedtls_cipher_context_t *ctx, const mbedtls_cipher_info_t *cipher_info );

static INLINE unsigned int mbedtls_cipher_get_block_size( const mbedtls_cipher_context_t *ctx )
{
 if( NULL == ctx || NULL == ctx->cipher_info )
 return 0;

 return ctx->cipher_info->block_size;
}

static INLINE mbedtls_cipher_mode_t mbedtls_cipher_get_cipher_mode( const mbedtls_cipher_context_t *ctx )
{
 if( NULL == ctx || NULL == ctx->cipher_info )
 return MBEDTLS_MODE_NONE;

 return ctx->cipher_info->mode;
}

static INLINE int mbedtls_cipher_get_iv_size( const mbedtls_cipher_context_t *ctx )
{
 if( NULL == ctx || NULL == ctx->cipher_info )
 return 0;

 if( ctx->iv_size != 0 )
 return (int) ctx->iv_size;

 return (int) ctx->cipher_info->iv_size;
}

static INLINE mbedtls_cipher_type_t mbedtls_cipher_get_type( const mbedtls_cipher_context_t *ctx )
{
 if( NULL == ctx || NULL == ctx->cipher_info )
 return MBEDTLS_CIPHER_NONE;

 return ctx->cipher_info->type;
}

static INLINE const char *mbedtls_cipher_get_name( const mbedtls_cipher_context_t *ctx )
{
 if( NULL == ctx || NULL == ctx->cipher_info )
 return 0;

 return ctx->cipher_info->name;
}

static INLINE int mbedtls_cipher_get_key_bitlen( const mbedtls_cipher_context_t *ctx )
{
 if( NULL == ctx || NULL == ctx->cipher_info )
 return MBEDTLS_KEY_LENGTH_NONE;

 return (int) ctx->cipher_info->key_bitlen;
}

static INLINE mbedtls_operation_t mbedtls_cipher_get_operation( const mbedtls_cipher_context_t *ctx )
{
 if( NULL == ctx || NULL == ctx->cipher_info )
 return MBEDTLS_OPERATION_NONE;

 return ctx->operation;
}

int mbedtls_cipher_setkey( mbedtls_cipher_context_t *ctx, const unsigned char *key,
 int key_bitlen, const mbedtls_operation_t operation );

#if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)

int mbedtls_cipher_set_padding_mode( mbedtls_cipher_context_t *ctx, mbedtls_cipher_padding_t mode );
#endif /* MBEDTLS_CIPHER_MODE_WITH_PADDING */

int mbedtls_cipher_set_iv( mbedtls_cipher_context_t *ctx,
 const unsigned char *iv, size_t iv_len );

int mbedtls_cipher_reset( mbedtls_cipher_context_t *ctx );

#if defined(MBEDTLS_GCM_C)

int mbedtls_cipher_update_ad( mbedtls_cipher_context_t *ctx,
 const unsigned char *ad, size_t ad_len );
#endif /* MBEDTLS_GCM_C */

int mbedtls_cipher_update( mbedtls_cipher_context_t *ctx, const unsigned char *input,
 size_t ilen, unsigned char *output, size_t *olen );

int mbedtls_cipher_finish( mbedtls_cipher_context_t *ctx,
 unsigned char *output, size_t *olen );

#if defined(MBEDTLS_GCM_C)

int mbedtls_cipher_write_tag( mbedtls_cipher_context_t *ctx,
 unsigned char *tag, size_t tag_len );

int mbedtls_cipher_check_tag( mbedtls_cipher_context_t *ctx,
 const unsigned char *tag, size_t tag_len );
#endif /* MBEDTLS_GCM_C */

int mbedtls_cipher_crypt( mbedtls_cipher_context_t *ctx,
 const unsigned char *iv, size_t iv_len,
 const unsigned char *input, size_t ilen,
 unsigned char *output, size_t *olen );

#if defined(MBEDTLS_CIPHER_MODE_AEAD)

int mbedtls_cipher_auth_encrypt( mbedtls_cipher_context_t *ctx,
 const unsigned char *iv, size_t iv_len,
 const unsigned char *ad, size_t ad_len,
 const unsigned char *input, size_t ilen,
 unsigned char *output, size_t *olen,
 unsigned char *tag, size_t tag_len );

int mbedtls_cipher_auth_decrypt( mbedtls_cipher_context_t *ctx,
 const unsigned char *iv, size_t iv_len,
 const unsigned char *ad, size_t ad_len,
 const unsigned char *input, size_t ilen,
 unsigned char *output, size_t *olen,
 const unsigned char *tag, size_t tag_len );
#endif /* MBEDTLS_CIPHER_MODE_AEAD */

#ifdef __cplusplus
}
#endif

#endif /* MBEDTLS_CIPHER_H */