00001
00008
00009
00010
00011
00012
00013
00014
00015
00016
00017
00018
00019
00020
00021
00022
00023
00024
00025
00026
00027
00028
00029
00030
00031
00032
00033
00034
00035
00036
00037
00038
00039
00040
00041
00042
00043
00044
00045
00046
00047
00048
00049
00050
00051
00052
00053
00054 #ifndef MBEDTLS_CIPHER_H
00055 #define MBEDTLS_CIPHER_H
00056
00057 #if !defined(MBEDTLS_CONFIG_FILE)
00058 #include "config.h"
00059 #else
00060 #include MBEDTLS_CONFIG_FILE
00061 #endif
00062
00063 #include <stddef.h>
00064
00065 #if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CCM_C)
00066 #define MBEDTLS_CIPHER_MODE_AEAD
00067 #endif
00068
00069 #if defined(MBEDTLS_CIPHER_MODE_CBC)
00070 #define MBEDTLS_CIPHER_MODE_WITH_PADDING
00071 #endif
00072
00073 #if defined(MBEDTLS_ARC4_C) || defined(MBEDTLS_CIPHER_NULL_CIPHER)
00074 #define MBEDTLS_CIPHER_MODE_STREAM
00075 #endif
00076
00077 #if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
00078 !defined(inline) && !defined(__cplusplus)
00079 #define inline __inline
00080 #endif
00081
00082 #define MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE -0x6080
00083 #define MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA -0x6100
00084 #define MBEDTLS_ERR_CIPHER_ALLOC_FAILED -0x6180
00085 #define MBEDTLS_ERR_CIPHER_INVALID_PADDING -0x6200
00086 #define MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED -0x6280
00087 #define MBEDTLS_ERR_CIPHER_AUTH_FAILED -0x6300
00088 #define MBEDTLS_ERR_CIPHER_INVALID_CONTEXT -0x6380
00089 #define MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED -0x6400
00091 #define MBEDTLS_CIPHER_VARIABLE_IV_LEN 0x01
00092 #define MBEDTLS_CIPHER_VARIABLE_KEY_LEN 0x02
00094 #ifdef __cplusplus
00095 extern "C" {
00096 #endif
00097
00105 typedef enum {
00106 MBEDTLS_CIPHER_ID_NONE = 0,
00107 MBEDTLS_CIPHER_ID_NULL,
00108 MBEDTLS_CIPHER_ID_AES,
00109 MBEDTLS_CIPHER_ID_DES,
00110 MBEDTLS_CIPHER_ID_3DES,
00111 MBEDTLS_CIPHER_ID_CAMELLIA,
00112 MBEDTLS_CIPHER_ID_BLOWFISH,
00113 MBEDTLS_CIPHER_ID_ARC4,
00114 } mbedtls_cipher_id_t;
00115
00123 typedef enum {
00124 MBEDTLS_CIPHER_NONE = 0,
00125 MBEDTLS_CIPHER_NULL,
00126 MBEDTLS_CIPHER_AES_128_ECB,
00127 MBEDTLS_CIPHER_AES_192_ECB,
00128 MBEDTLS_CIPHER_AES_256_ECB,
00129 MBEDTLS_CIPHER_AES_128_CBC,
00130 MBEDTLS_CIPHER_AES_192_CBC,
00131 MBEDTLS_CIPHER_AES_256_CBC,
00132 MBEDTLS_CIPHER_AES_128_CFB128,
00133 MBEDTLS_CIPHER_AES_192_CFB128,
00134 MBEDTLS_CIPHER_AES_256_CFB128,
00135 MBEDTLS_CIPHER_AES_128_CTR,
00136 MBEDTLS_CIPHER_AES_192_CTR,
00137 MBEDTLS_CIPHER_AES_256_CTR,
00138 MBEDTLS_CIPHER_AES_128_GCM,
00139 MBEDTLS_CIPHER_AES_192_GCM,
00140 MBEDTLS_CIPHER_AES_256_GCM,
00141 MBEDTLS_CIPHER_CAMELLIA_128_ECB,
00142 MBEDTLS_CIPHER_CAMELLIA_192_ECB,
00143 MBEDTLS_CIPHER_CAMELLIA_256_ECB,
00144 MBEDTLS_CIPHER_CAMELLIA_128_CBC,
00145 MBEDTLS_CIPHER_CAMELLIA_192_CBC,
00146 MBEDTLS_CIPHER_CAMELLIA_256_CBC,
00147 MBEDTLS_CIPHER_CAMELLIA_128_CFB128,
00148 MBEDTLS_CIPHER_CAMELLIA_192_CFB128,
00149 MBEDTLS_CIPHER_CAMELLIA_256_CFB128,
00150 MBEDTLS_CIPHER_CAMELLIA_128_CTR,
00151 MBEDTLS_CIPHER_CAMELLIA_192_CTR,
00152 MBEDTLS_CIPHER_CAMELLIA_256_CTR,
00153 MBEDTLS_CIPHER_CAMELLIA_128_GCM,
00154 MBEDTLS_CIPHER_CAMELLIA_192_GCM,
00155 MBEDTLS_CIPHER_CAMELLIA_256_GCM,
00156 MBEDTLS_CIPHER_DES_ECB,
00157 MBEDTLS_CIPHER_DES_CBC,
00158 MBEDTLS_CIPHER_DES_EDE_ECB,
00159 MBEDTLS_CIPHER_DES_EDE_CBC,
00160 MBEDTLS_CIPHER_DES_EDE3_ECB,
00161 MBEDTLS_CIPHER_DES_EDE3_CBC,
00162 MBEDTLS_CIPHER_BLOWFISH_ECB,
00163 MBEDTLS_CIPHER_BLOWFISH_CBC,
00164 MBEDTLS_CIPHER_BLOWFISH_CFB64,
00165 MBEDTLS_CIPHER_BLOWFISH_CTR,
00166 MBEDTLS_CIPHER_ARC4_128,
00167 MBEDTLS_CIPHER_AES_128_CCM,
00168 MBEDTLS_CIPHER_AES_192_CCM,
00169 MBEDTLS_CIPHER_AES_256_CCM,
00170 MBEDTLS_CIPHER_CAMELLIA_128_CCM,
00171 MBEDTLS_CIPHER_CAMELLIA_192_CCM,
00172 MBEDTLS_CIPHER_CAMELLIA_256_CCM,
00173 } mbedtls_cipher_type_t;
00174
00176 typedef enum {
00177 MBEDTLS_MODE_NONE = 0,
00178 MBEDTLS_MODE_ECB,
00179 MBEDTLS_MODE_CBC,
00180 MBEDTLS_MODE_CFB,
00181 MBEDTLS_MODE_OFB,
00182 MBEDTLS_MODE_CTR,
00183 MBEDTLS_MODE_GCM,
00184 MBEDTLS_MODE_STREAM,
00185 MBEDTLS_MODE_CCM,
00186 } mbedtls_cipher_mode_t;
00187
00189 typedef enum {
00190 MBEDTLS_PADDING_PKCS7 = 0,
00191 MBEDTLS_PADDING_ONE_AND_ZEROS,
00192 MBEDTLS_PADDING_ZEROS_AND_LEN,
00193 MBEDTLS_PADDING_ZEROS,
00194 MBEDTLS_PADDING_NONE,
00195 } mbedtls_cipher_padding_t;
00196
00198 typedef enum {
00199 MBEDTLS_OPERATION_NONE = -1,
00200 MBEDTLS_DECRYPT = 0,
00201 MBEDTLS_ENCRYPT,
00202 } mbedtls_operation_t;
00203
00204 enum {
00206 MBEDTLS_KEY_LENGTH_NONE = 0,
00208 MBEDTLS_KEY_LENGTH_DES = 64,
00210 MBEDTLS_KEY_LENGTH_DES_EDE = 128,
00212 MBEDTLS_KEY_LENGTH_DES_EDE3 = 192,
00213 };
00214
00216 #define MBEDTLS_MAX_IV_LENGTH 16
00217
00218 #define MBEDTLS_MAX_BLOCK_LENGTH 16
00219
00223 typedef struct mbedtls_cipher_base_t mbedtls_cipher_base_t;
00224
00228 typedef struct mbedtls_cmac_context_t mbedtls_cmac_context_t;
00229
00234 typedef struct {
00238 mbedtls_cipher_type_t type;
00239
00241 mbedtls_cipher_mode_t mode;
00242
00247 unsigned int key_bitlen;
00248
00250 const char * name;
00251
00256 unsigned int iv_size;
00257
00259 int flags;
00260
00262 unsigned int block_size;
00263
00265 const mbedtls_cipher_base_t *base;
00266
00267 } mbedtls_cipher_info_t;
00268
00272 typedef struct {
00274 const mbedtls_cipher_info_t *cipher_info;
00275
00277 int key_bitlen;
00278
00282 mbedtls_operation_t operation;
00283
00284 #if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
00285
00288 void (*add_padding)( unsigned char *output, size_t olen, size_t data_len );
00289 int (*get_padding)( unsigned char *input, size_t ilen, size_t *data_len );
00290 #endif
00291
00293 unsigned char unprocessed_data[MBEDTLS_MAX_BLOCK_LENGTH];
00294
00296 size_t unprocessed_len;
00297
00299 unsigned char iv[MBEDTLS_MAX_IV_LENGTH];
00300
00302 size_t iv_size;
00303
00305 void *cipher_ctx;
00306
00307 #if defined(MBEDTLS_CMAC_C)
00308
00309 mbedtls_cmac_context_t *cmac_ctx;
00310 #endif
00311 } mbedtls_cipher_context_t;
00312
00320 const int *mbedtls_cipher_list( void );
00321
00331 const mbedtls_cipher_info_t *mbedtls_cipher_info_from_string( const char *cipher_name );
00332
00342 const mbedtls_cipher_info_t *mbedtls_cipher_info_from_type( const mbedtls_cipher_type_t cipher_type );
00343
00357 const mbedtls_cipher_info_t *mbedtls_cipher_info_from_values( const mbedtls_cipher_id_t cipher_id,
00358 int key_bitlen,
00359 const mbedtls_cipher_mode_t mode );
00360
00364 void mbedtls_cipher_init( mbedtls_cipher_context_t *ctx );
00365
00371 void mbedtls_cipher_free( mbedtls_cipher_context_t *ctx );
00372
00373
00391 int mbedtls_cipher_setup( mbedtls_cipher_context_t *ctx, const mbedtls_cipher_info_t *cipher_info );
00392
00401 static inline unsigned int mbedtls_cipher_get_block_size( const mbedtls_cipher_context_t *ctx )
00402 {
00403 if( NULL == ctx || NULL == ctx->cipher_info )
00404 return 0;
00405
00406 return ctx->cipher_info->block_size;
00407 }
00408
00418 static inline mbedtls_cipher_mode_t mbedtls_cipher_get_cipher_mode( const mbedtls_cipher_context_t *ctx )
00419 {
00420 if( NULL == ctx || NULL == ctx->cipher_info )
00421 return MBEDTLS_MODE_NONE;
00422
00423 return ctx->cipher_info->mode;
00424 }
00425
00436 static inline int mbedtls_cipher_get_iv_size( const mbedtls_cipher_context_t *ctx )
00437 {
00438 if( NULL == ctx || NULL == ctx->cipher_info )
00439 return 0;
00440
00441 if( ctx->iv_size != 0 )
00442 return (int) ctx->iv_size;
00443
00444 return (int) ctx->cipher_info->iv_size;
00445 }
00446
00455 static inline mbedtls_cipher_type_t mbedtls_cipher_get_type( const mbedtls_cipher_context_t *ctx )
00456 {
00457 if( NULL == ctx || NULL == ctx->cipher_info )
00458 return MBEDTLS_CIPHER_NONE;
00459
00460 return ctx->cipher_info->type;
00461 }
00462
00472 static inline const char *mbedtls_cipher_get_name( const mbedtls_cipher_context_t *ctx )
00473 {
00474 if( NULL == ctx || NULL == ctx->cipher_info )
00475 return 0;
00476
00477 return ctx->cipher_info->name;
00478 }
00479
00489 static inline int mbedtls_cipher_get_key_bitlen( const mbedtls_cipher_context_t *ctx )
00490 {
00491 if( NULL == ctx || NULL == ctx->cipher_info )
00492 return MBEDTLS_KEY_LENGTH_NONE;
00493
00494 return (int) ctx->cipher_info->key_bitlen;
00495 }
00496
00506 static inline mbedtls_operation_t mbedtls_cipher_get_operation( const mbedtls_cipher_context_t *ctx )
00507 {
00508 if( NULL == ctx || NULL == ctx->cipher_info )
00509 return MBEDTLS_OPERATION_NONE;
00510
00511 return ctx->operation;
00512 }
00513
00529 int mbedtls_cipher_setkey( mbedtls_cipher_context_t *ctx, const unsigned char *key,
00530 int key_bitlen, const mbedtls_operation_t operation );
00531
00532 #if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
00533
00547 int mbedtls_cipher_set_padding_mode( mbedtls_cipher_context_t *ctx, mbedtls_cipher_padding_t mode );
00548 #endif
00549
00564 int mbedtls_cipher_set_iv( mbedtls_cipher_context_t *ctx,
00565 const unsigned char *iv, size_t iv_len );
00566
00575 int mbedtls_cipher_reset( mbedtls_cipher_context_t *ctx );
00576
00577 #if defined(MBEDTLS_GCM_C)
00578
00589 int mbedtls_cipher_update_ad( mbedtls_cipher_context_t *ctx,
00590 const unsigned char *ad, size_t ad_len );
00591 #endif
00592
00623 int mbedtls_cipher_update( mbedtls_cipher_context_t *ctx, const unsigned char *input,
00624 size_t ilen, unsigned char *output, size_t *olen );
00625
00644 int mbedtls_cipher_finish( mbedtls_cipher_context_t *ctx,
00645 unsigned char *output, size_t *olen );
00646
00647 #if defined(MBEDTLS_GCM_C)
00648
00659 int mbedtls_cipher_write_tag( mbedtls_cipher_context_t *ctx,
00660 unsigned char *tag, size_t tag_len );
00661
00673 int mbedtls_cipher_check_tag( mbedtls_cipher_context_t *ctx,
00674 const unsigned char *tag, size_t tag_len );
00675 #endif
00676
00705 int mbedtls_cipher_crypt( mbedtls_cipher_context_t *ctx,
00706 const unsigned char *iv, size_t iv_len,
00707 const unsigned char *input, size_t ilen,
00708 unsigned char *output, size_t *olen );
00709
00710 #if defined(MBEDTLS_CIPHER_MODE_AEAD)
00711
00733 int mbedtls_cipher_auth_encrypt( mbedtls_cipher_context_t *ctx,
00734 const unsigned char *iv, size_t iv_len,
00735 const unsigned char *ad, size_t ad_len,
00736 const unsigned char *input, size_t ilen,
00737 unsigned char *output, size_t *olen,
00738 unsigned char *tag, size_t tag_len );
00739
00767 int mbedtls_cipher_auth_decrypt( mbedtls_cipher_context_t *ctx,
00768 const unsigned char *iv, size_t iv_len,
00769 const unsigned char *ad, size_t ad_len,
00770 const unsigned char *input, size_t ilen,
00771 unsigned char *output, size_t *olen,
00772 const unsigned char *tag, size_t tag_len );
00773 #endif
00774
00775 #ifdef __cplusplus
00776 }
00777 #endif
00778
00779 #endif