00001
00008
00009
00010
00011
00012
00013
00014
00015
00016
00017
00018
00019
00020
00021
00022
00023
00024
00025
00026
00027
00028
00029
00030
00031
00032
00033
00034
00035
00036
00037
00038
00039
00040
00041
00042
00043
00044
00045
00046
00047
00048
00049
00050
00051
00052 #ifndef MBEDTLS_CIPHER_H
00053 #define MBEDTLS_CIPHER_H
00054
00055 #if !defined(MBEDTLS_CONFIG_FILE)
00056 #include "config.h"
00057 #else
00058 #include MBEDTLS_CONFIG_FILE
00059 #endif
00060
00061 #include <stddef.h>
00062
00063 #if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CCM_C)
00064 #define MBEDTLS_CIPHER_MODE_AEAD
00065 #endif
00066
00067 #if defined(MBEDTLS_CIPHER_MODE_CBC)
00068 #define MBEDTLS_CIPHER_MODE_WITH_PADDING
00069 #endif
00070
00071 #if defined(MBEDTLS_ARC4_C) || defined(MBEDTLS_CIPHER_NULL_CIPHER)
00072 #define MBEDTLS_CIPHER_MODE_STREAM
00073 #endif
00074
00075 #if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
00076 !defined(inline) && !defined(__cplusplus)
00077 #define inline __inline
00078 #endif
00079
00080 #define MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE -0x6080
00081 #define MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA -0x6100
00082 #define MBEDTLS_ERR_CIPHER_ALLOC_FAILED -0x6180
00083 #define MBEDTLS_ERR_CIPHER_INVALID_PADDING -0x6200
00084 #define MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED -0x6280
00085 #define MBEDTLS_ERR_CIPHER_AUTH_FAILED -0x6300
00086 #define MBEDTLS_ERR_CIPHER_INVALID_CONTEXT -0x6380
00087 #define MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED -0x6400
00089 #define MBEDTLS_CIPHER_VARIABLE_IV_LEN 0x01
00090 #define MBEDTLS_CIPHER_VARIABLE_KEY_LEN 0x02
00092 #ifdef __cplusplus
00093 extern "C" {
00094 #endif
00095
00103 typedef enum {
00104 MBEDTLS_CIPHER_ID_NONE = 0,
00105 MBEDTLS_CIPHER_ID_NULL,
00106 MBEDTLS_CIPHER_ID_AES,
00107 MBEDTLS_CIPHER_ID_DES,
00108 MBEDTLS_CIPHER_ID_3DES,
00109 MBEDTLS_CIPHER_ID_CAMELLIA,
00110 MBEDTLS_CIPHER_ID_BLOWFISH,
00111 MBEDTLS_CIPHER_ID_ARC4,
00112 } mbedtls_cipher_id_t;
00113
00121 typedef enum {
00122 MBEDTLS_CIPHER_NONE = 0,
00123 MBEDTLS_CIPHER_NULL,
00124 MBEDTLS_CIPHER_AES_128_ECB,
00125 MBEDTLS_CIPHER_AES_192_ECB,
00126 MBEDTLS_CIPHER_AES_256_ECB,
00127 MBEDTLS_CIPHER_AES_128_CBC,
00128 MBEDTLS_CIPHER_AES_192_CBC,
00129 MBEDTLS_CIPHER_AES_256_CBC,
00130 MBEDTLS_CIPHER_AES_128_CFB128,
00131 MBEDTLS_CIPHER_AES_192_CFB128,
00132 MBEDTLS_CIPHER_AES_256_CFB128,
00133 MBEDTLS_CIPHER_AES_128_CTR,
00134 MBEDTLS_CIPHER_AES_192_CTR,
00135 MBEDTLS_CIPHER_AES_256_CTR,
00136 MBEDTLS_CIPHER_AES_128_GCM,
00137 MBEDTLS_CIPHER_AES_192_GCM,
00138 MBEDTLS_CIPHER_AES_256_GCM,
00139 MBEDTLS_CIPHER_CAMELLIA_128_ECB,
00140 MBEDTLS_CIPHER_CAMELLIA_192_ECB,
00141 MBEDTLS_CIPHER_CAMELLIA_256_ECB,
00142 MBEDTLS_CIPHER_CAMELLIA_128_CBC,
00143 MBEDTLS_CIPHER_CAMELLIA_192_CBC,
00144 MBEDTLS_CIPHER_CAMELLIA_256_CBC,
00145 MBEDTLS_CIPHER_CAMELLIA_128_CFB128,
00146 MBEDTLS_CIPHER_CAMELLIA_192_CFB128,
00147 MBEDTLS_CIPHER_CAMELLIA_256_CFB128,
00148 MBEDTLS_CIPHER_CAMELLIA_128_CTR,
00149 MBEDTLS_CIPHER_CAMELLIA_192_CTR,
00150 MBEDTLS_CIPHER_CAMELLIA_256_CTR,
00151 MBEDTLS_CIPHER_CAMELLIA_128_GCM,
00152 MBEDTLS_CIPHER_CAMELLIA_192_GCM,
00153 MBEDTLS_CIPHER_CAMELLIA_256_GCM,
00154 MBEDTLS_CIPHER_DES_ECB,
00155 MBEDTLS_CIPHER_DES_CBC,
00156 MBEDTLS_CIPHER_DES_EDE_ECB,
00157 MBEDTLS_CIPHER_DES_EDE_CBC,
00158 MBEDTLS_CIPHER_DES_EDE3_ECB,
00159 MBEDTLS_CIPHER_DES_EDE3_CBC,
00160 MBEDTLS_CIPHER_BLOWFISH_ECB,
00161 MBEDTLS_CIPHER_BLOWFISH_CBC,
00162 MBEDTLS_CIPHER_BLOWFISH_CFB64,
00163 MBEDTLS_CIPHER_BLOWFISH_CTR,
00164 MBEDTLS_CIPHER_ARC4_128,
00165 MBEDTLS_CIPHER_AES_128_CCM,
00166 MBEDTLS_CIPHER_AES_192_CCM,
00167 MBEDTLS_CIPHER_AES_256_CCM,
00168 MBEDTLS_CIPHER_CAMELLIA_128_CCM,
00169 MBEDTLS_CIPHER_CAMELLIA_192_CCM,
00170 MBEDTLS_CIPHER_CAMELLIA_256_CCM,
00171 } mbedtls_cipher_type_t;
00172
00174 typedef enum {
00175 MBEDTLS_MODE_NONE = 0,
00176 MBEDTLS_MODE_ECB,
00177 MBEDTLS_MODE_CBC,
00178 MBEDTLS_MODE_CFB,
00179 MBEDTLS_MODE_OFB,
00180 MBEDTLS_MODE_CTR,
00181 MBEDTLS_MODE_GCM,
00182 MBEDTLS_MODE_STREAM,
00183 MBEDTLS_MODE_CCM,
00184 } mbedtls_cipher_mode_t;
00185
00187 typedef enum {
00188 MBEDTLS_PADDING_PKCS7 = 0,
00189 MBEDTLS_PADDING_ONE_AND_ZEROS,
00190 MBEDTLS_PADDING_ZEROS_AND_LEN,
00191 MBEDTLS_PADDING_ZEROS,
00192 MBEDTLS_PADDING_NONE,
00193 } mbedtls_cipher_padding_t;
00194
00196 typedef enum {
00197 MBEDTLS_OPERATION_NONE = -1,
00198 MBEDTLS_DECRYPT = 0,
00199 MBEDTLS_ENCRYPT,
00200 } mbedtls_operation_t;
00201
00202 enum {
00204 MBEDTLS_KEY_LENGTH_NONE = 0,
00206 MBEDTLS_KEY_LENGTH_DES = 64,
00208 MBEDTLS_KEY_LENGTH_DES_EDE = 128,
00210 MBEDTLS_KEY_LENGTH_DES_EDE3 = 192,
00211 };
00212
00214 #define MBEDTLS_MAX_IV_LENGTH 16
00215
00216 #define MBEDTLS_MAX_BLOCK_LENGTH 16
00217
00221 typedef struct mbedtls_cipher_base_t mbedtls_cipher_base_t;
00222
00226 typedef struct mbedtls_cmac_context_t mbedtls_cmac_context_t;
00227
00232 typedef struct {
00236 mbedtls_cipher_type_t type;
00237
00239 mbedtls_cipher_mode_t mode;
00240
00245 unsigned int key_bitlen;
00246
00248 const char * name;
00249
00254 unsigned int iv_size;
00255
00257 int flags;
00258
00260 unsigned int block_size;
00261
00263 const mbedtls_cipher_base_t *base;
00264
00265 } mbedtls_cipher_info_t;
00266
00270 typedef struct {
00272 const mbedtls_cipher_info_t *cipher_info;
00273
00275 int key_bitlen;
00276
00280 mbedtls_operation_t operation;
00281
00282 #if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
00283
00286 void (*add_padding)( unsigned char *output, size_t olen, size_t data_len );
00287 int (*get_padding)( unsigned char *input, size_t ilen, size_t *data_len );
00288 #endif
00289
00291 unsigned char unprocessed_data[MBEDTLS_MAX_BLOCK_LENGTH];
00292
00294 size_t unprocessed_len;
00295
00297 unsigned char iv[MBEDTLS_MAX_IV_LENGTH];
00298
00300 size_t iv_size;
00301
00303 void *cipher_ctx;
00304
00305 #if defined(MBEDTLS_CMAC_C)
00306
00307 mbedtls_cmac_context_t *cmac_ctx;
00308 #endif
00309 } mbedtls_cipher_context_t;
00310
00318 const int *mbedtls_cipher_list( void );
00319
00329 const mbedtls_cipher_info_t *mbedtls_cipher_info_from_string( const char *cipher_name );
00330
00340 const mbedtls_cipher_info_t *mbedtls_cipher_info_from_type( const mbedtls_cipher_type_t cipher_type );
00341
00355 const mbedtls_cipher_info_t *mbedtls_cipher_info_from_values( const mbedtls_cipher_id_t cipher_id,
00356 int key_bitlen,
00357 const mbedtls_cipher_mode_t mode );
00358
00362 void mbedtls_cipher_init( mbedtls_cipher_context_t *ctx );
00363
00369 void mbedtls_cipher_free( mbedtls_cipher_context_t *ctx );
00370
00371
00389 int mbedtls_cipher_setup( mbedtls_cipher_context_t *ctx, const mbedtls_cipher_info_t *cipher_info );
00390
00399 static inline unsigned int mbedtls_cipher_get_block_size( const mbedtls_cipher_context_t *ctx )
00400 {
00401 if( NULL == ctx || NULL == ctx->cipher_info )
00402 return 0;
00403
00404 return ctx->cipher_info->block_size;
00405 }
00406
00416 static inline mbedtls_cipher_mode_t mbedtls_cipher_get_cipher_mode( const mbedtls_cipher_context_t *ctx )
00417 {
00418 if( NULL == ctx || NULL == ctx->cipher_info )
00419 return MBEDTLS_MODE_NONE;
00420
00421 return ctx->cipher_info->mode;
00422 }
00423
00434 static inline int mbedtls_cipher_get_iv_size( const mbedtls_cipher_context_t *ctx )
00435 {
00436 if( NULL == ctx || NULL == ctx->cipher_info )
00437 return 0;
00438
00439 if( ctx->iv_size != 0 )
00440 return (int) ctx->iv_size;
00441
00442 return (int) ctx->cipher_info->iv_size;
00443 }
00444
00453 static inline mbedtls_cipher_type_t mbedtls_cipher_get_type( const mbedtls_cipher_context_t *ctx )
00454 {
00455 if( NULL == ctx || NULL == ctx->cipher_info )
00456 return MBEDTLS_CIPHER_NONE;
00457
00458 return ctx->cipher_info->type;
00459 }
00460
00470 static inline const char *mbedtls_cipher_get_name( const mbedtls_cipher_context_t *ctx )
00471 {
00472 if( NULL == ctx || NULL == ctx->cipher_info )
00473 return 0;
00474
00475 return ctx->cipher_info->name;
00476 }
00477
00487 static inline int mbedtls_cipher_get_key_bitlen( const mbedtls_cipher_context_t *ctx )
00488 {
00489 if( NULL == ctx || NULL == ctx->cipher_info )
00490 return MBEDTLS_KEY_LENGTH_NONE;
00491
00492 return (int) ctx->cipher_info->key_bitlen;
00493 }
00494
00504 static inline mbedtls_operation_t mbedtls_cipher_get_operation( const mbedtls_cipher_context_t *ctx )
00505 {
00506 if( NULL == ctx || NULL == ctx->cipher_info )
00507 return MBEDTLS_OPERATION_NONE;
00508
00509 return ctx->operation;
00510 }
00511
00527 int mbedtls_cipher_setkey( mbedtls_cipher_context_t *ctx, const unsigned char *key,
00528 int key_bitlen, const mbedtls_operation_t operation );
00529
00530 #if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
00531
00545 int mbedtls_cipher_set_padding_mode( mbedtls_cipher_context_t *ctx, mbedtls_cipher_padding_t mode );
00546 #endif
00547
00562 int mbedtls_cipher_set_iv( mbedtls_cipher_context_t *ctx,
00563 const unsigned char *iv, size_t iv_len );
00564
00573 int mbedtls_cipher_reset( mbedtls_cipher_context_t *ctx );
00574
00575 #if defined(MBEDTLS_GCM_C)
00576
00587 int mbedtls_cipher_update_ad( mbedtls_cipher_context_t *ctx,
00588 const unsigned char *ad, size_t ad_len );
00589 #endif
00590
00621 int mbedtls_cipher_update( mbedtls_cipher_context_t *ctx, const unsigned char *input,
00622 size_t ilen, unsigned char *output, size_t *olen );
00623
00642 int mbedtls_cipher_finish( mbedtls_cipher_context_t *ctx,
00643 unsigned char *output, size_t *olen );
00644
00645 #if defined(MBEDTLS_GCM_C)
00646
00657 int mbedtls_cipher_write_tag( mbedtls_cipher_context_t *ctx,
00658 unsigned char *tag, size_t tag_len );
00659
00671 int mbedtls_cipher_check_tag( mbedtls_cipher_context_t *ctx,
00672 const unsigned char *tag, size_t tag_len );
00673 #endif
00674
00703 int mbedtls_cipher_crypt( mbedtls_cipher_context_t *ctx,
00704 const unsigned char *iv, size_t iv_len,
00705 const unsigned char *input, size_t ilen,
00706 unsigned char *output, size_t *olen );
00707
00708 #if defined(MBEDTLS_CIPHER_MODE_AEAD)
00709
00731 int mbedtls_cipher_auth_encrypt( mbedtls_cipher_context_t *ctx,
00732 const unsigned char *iv, size_t iv_len,
00733 const unsigned char *ad, size_t ad_len,
00734 const unsigned char *input, size_t ilen,
00735 unsigned char *output, size_t *olen,
00736 unsigned char *tag, size_t tag_len );
00737
00765 int mbedtls_cipher_auth_decrypt( mbedtls_cipher_context_t *ctx,
00766 const unsigned char *iv, size_t iv_len,
00767 const unsigned char *ad, size_t ad_len,
00768 const unsigned char *input, size_t ilen,
00769 unsigned char *output, size_t *olen,
00770 const unsigned char *tag, size_t tag_len );
00771 #endif
00772
00773 #ifdef __cplusplus
00774 }
00775 #endif
00776
00777 #endif