mbed TLS v2.7.16
cipher.h
Go to the documentation of this file.
1 
8 /*
9  * Copyright (C) 2006-2018, Arm Limited (or its affiliates), All Rights Reserved
10  * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
11  *
12  * This file is provided under the Apache License 2.0, or the
13  * GNU General Public License v2.0 or later.
14  *
15  * **********
16  * Apache License 2.0:
17  *
18  * Licensed under the Apache License, Version 2.0 (the "License"); you may
19  * not use this file except in compliance with the License.
20  * You may obtain a copy of the License at
21  *
22  * http://www.apache.org/licenses/LICENSE-2.0
23  *
24  * Unless required by applicable law or agreed to in writing, software
25  * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
26  * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
27  * See the License for the specific language governing permissions and
28  * limitations under the License.
29  *
30  * **********
31  *
32  * **********
33  * GNU General Public License v2.0 or later:
34  *
35  * This program is free software; you can redistribute it and/or modify
36  * it under the terms of the GNU General Public License as published by
37  * the Free Software Foundation; either version 2 of the License, or
38  * (at your option) any later version.
39  *
40  * This program is distributed in the hope that it will be useful,
41  * but WITHOUT ANY WARRANTY; without even the implied warranty of
42  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
43  * GNU General Public License for more details.
44  *
45  * You should have received a copy of the GNU General Public License along
46  * with this program; if not, write to the Free Software Foundation, Inc.,
47  * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
48  *
49  * **********
50  *
51  * This file is part of Mbed TLS (https://tls.mbed.org)
52  */
53 
54 #ifndef MBEDTLS_CIPHER_H
55 #define MBEDTLS_CIPHER_H
56 
57 #if !defined(MBEDTLS_CONFIG_FILE)
58 #include "config.h"
59 #else
60 #include MBEDTLS_CONFIG_FILE
61 #endif
62 
63 #include <stddef.h>
64 
65 #if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CCM_C)
66 #define MBEDTLS_CIPHER_MODE_AEAD
67 #endif
68 
69 #if defined(MBEDTLS_CIPHER_MODE_CBC)
70 #define MBEDTLS_CIPHER_MODE_WITH_PADDING
71 #endif
72 
73 #if defined(MBEDTLS_ARC4_C) || defined(MBEDTLS_CIPHER_NULL_CIPHER)
74 #define MBEDTLS_CIPHER_MODE_STREAM
75 #endif
76 
77 #if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
78  !defined(inline) && !defined(__cplusplus)
79 #define inline __inline
80 #endif
81 
82 #define MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE -0x6080
83 #define MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA -0x6100
84 #define MBEDTLS_ERR_CIPHER_ALLOC_FAILED -0x6180
85 #define MBEDTLS_ERR_CIPHER_INVALID_PADDING -0x6200
86 #define MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED -0x6280
87 #define MBEDTLS_ERR_CIPHER_AUTH_FAILED -0x6300
88 #define MBEDTLS_ERR_CIPHER_INVALID_CONTEXT -0x6380
89 #define MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED -0x6400
91 #define MBEDTLS_CIPHER_VARIABLE_IV_LEN 0x01
92 #define MBEDTLS_CIPHER_VARIABLE_KEY_LEN 0x02
94 #ifdef __cplusplus
95 extern "C" {
96 #endif
97 
105 typedef enum {
115 
123 typedef enum {
174 
176 typedef enum {
181  MBEDTLS_MODE_OFB, /* Unused! */
187 
189 typedef enum {
196 
198 typedef enum {
203 
204 enum {
213 };
214 
216 #define MBEDTLS_MAX_IV_LENGTH 16
217 
218 #define MBEDTLS_MAX_BLOCK_LENGTH 16
219 
224 
229 
234 typedef struct {
239 
242 
247  unsigned int key_bitlen;
248 
250  const char * name;
251 
256  unsigned int iv_size;
257 
259  int flags;
260 
262  unsigned int block_size;
263 
266 
268 
272 typedef struct {
275 
278 
283 
284 #if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
285 
288  void (*add_padding)( unsigned char *output, size_t olen, size_t data_len );
289  int (*get_padding)( unsigned char *input, size_t ilen, size_t *data_len );
290 #endif
291 
293  unsigned char unprocessed_data[MBEDTLS_MAX_BLOCK_LENGTH];
294 
297 
299  unsigned char iv[MBEDTLS_MAX_IV_LENGTH];
300 
302  size_t iv_size;
303 
305  void *cipher_ctx;
306 
307 #if defined(MBEDTLS_CMAC_C)
308 
309  mbedtls_cmac_context_t *cmac_ctx;
310 #endif
312 
320 const int *mbedtls_cipher_list( void );
321 
331 const mbedtls_cipher_info_t *mbedtls_cipher_info_from_string( const char *cipher_name );
332 
343 
358  int key_bitlen,
359  const mbedtls_cipher_mode_t mode );
360 
365 
372 
373 
392 
401 static inline unsigned int mbedtls_cipher_get_block_size( const mbedtls_cipher_context_t *ctx )
402 {
403  if( NULL == ctx || NULL == ctx->cipher_info )
404  return 0;
405 
406  return ctx->cipher_info->block_size;
407 }
408 
419 {
420  if( NULL == ctx || NULL == ctx->cipher_info )
421  return MBEDTLS_MODE_NONE;
422 
423  return ctx->cipher_info->mode;
424 }
425 
437 {
438  if( NULL == ctx || NULL == ctx->cipher_info )
439  return 0;
440 
441  if( ctx->iv_size != 0 )
442  return (int) ctx->iv_size;
443 
444  return (int) ctx->cipher_info->iv_size;
445 }
446 
456 {
457  if( NULL == ctx || NULL == ctx->cipher_info )
458  return MBEDTLS_CIPHER_NONE;
459 
460  return ctx->cipher_info->type;
461 }
462 
472 static inline const char *mbedtls_cipher_get_name( const mbedtls_cipher_context_t *ctx )
473 {
474  if( NULL == ctx || NULL == ctx->cipher_info )
475  return 0;
476 
477  return ctx->cipher_info->name;
478 }
479 
490 {
491  if( NULL == ctx || NULL == ctx->cipher_info )
493 
494  return (int) ctx->cipher_info->key_bitlen;
495 }
496 
507 {
508  if( NULL == ctx || NULL == ctx->cipher_info )
509  return MBEDTLS_OPERATION_NONE;
510 
511  return ctx->operation;
512 }
513 
529 int mbedtls_cipher_setkey( mbedtls_cipher_context_t *ctx, const unsigned char *key,
530  int key_bitlen, const mbedtls_operation_t operation );
531 
532 #if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
533 
548 #endif /* MBEDTLS_CIPHER_MODE_WITH_PADDING */
549 
565  const unsigned char *iv, size_t iv_len );
566 
576 
577 #if defined(MBEDTLS_GCM_C)
578 
590  const unsigned char *ad, size_t ad_len );
591 #endif /* MBEDTLS_GCM_C */
592 
623 int mbedtls_cipher_update( mbedtls_cipher_context_t *ctx, const unsigned char *input,
624  size_t ilen, unsigned char *output, size_t *olen );
625 
645  unsigned char *output, size_t *olen );
646 
647 #if defined(MBEDTLS_GCM_C)
648 
660  unsigned char *tag, size_t tag_len );
661 
674  const unsigned char *tag, size_t tag_len );
675 #endif /* MBEDTLS_GCM_C */
676 
706  const unsigned char *iv, size_t iv_len,
707  const unsigned char *input, size_t ilen,
708  unsigned char *output, size_t *olen );
709 
710 #if defined(MBEDTLS_CIPHER_MODE_AEAD)
711 
734  const unsigned char *iv, size_t iv_len,
735  const unsigned char *ad, size_t ad_len,
736  const unsigned char *input, size_t ilen,
737  unsigned char *output, size_t *olen,
738  unsigned char *tag, size_t tag_len );
739 
768  const unsigned char *iv, size_t iv_len,
769  const unsigned char *ad, size_t ad_len,
770  const unsigned char *input, size_t ilen,
771  unsigned char *output, size_t *olen,
772  const unsigned char *tag, size_t tag_len );
773 #endif /* MBEDTLS_CIPHER_MODE_AEAD */
774 
775 #ifdef __cplusplus
776 }
777 #endif
778 
779 #endif /* MBEDTLS_CIPHER_H */
mbedtls_operation_t
Definition: cipher.h:198
unsigned int iv_size
Definition: cipher.h:256
mbedtls_cipher_padding_t
Definition: cipher.h:189
static mbedtls_cipher_mode_t mbedtls_cipher_get_cipher_mode(const mbedtls_cipher_context_t *ctx)
This function returns the mode of operation for the cipher. For example, MBEDTLS_MODE_CBC.
Definition: cipher.h:418
static unsigned int mbedtls_cipher_get_block_size(const mbedtls_cipher_context_t *ctx)
This function returns the block size of the given cipher.
Definition: cipher.h:401
mbedtls_cipher_mode_t
Definition: cipher.h:176
const mbedtls_cipher_info_t * mbedtls_cipher_info_from_string(const char *cipher_name)
This function retrieves the cipher-information structure associated with the given cipher name...
int mbedtls_cipher_finish(mbedtls_cipher_context_t *ctx, unsigned char *output, size_t *olen)
The generic cipher finalization function. If data still needs to be flushed from an incomplete block...
int mbedtls_cipher_reset(mbedtls_cipher_context_t *ctx)
This function resets the cipher state.
static const char * mbedtls_cipher_get_name(const mbedtls_cipher_context_t *ctx)
This function returns the name of the given cipher as a string.
Definition: cipher.h:472
Configuration options (set of defines)
int mbedtls_cipher_set_iv(mbedtls_cipher_context_t *ctx, const unsigned char *iv, size_t iv_len)
This function sets the initialization vector (IV) or nonce.
int mbedtls_cipher_set_padding_mode(mbedtls_cipher_context_t *ctx, mbedtls_cipher_padding_t mode)
This function sets the padding mode, for cipher modes that use padding.
mbedtls_cipher_mode_t mode
Definition: cipher.h:241
int mbedtls_cipher_update(mbedtls_cipher_context_t *ctx, const unsigned char *input, size_t ilen, unsigned char *output, size_t *olen)
The generic cipher update function. It encrypts or decrypts using the given cipher context...
unsigned int block_size
Definition: cipher.h:262
void mbedtls_cipher_free(mbedtls_cipher_context_t *ctx)
This function frees and clears the cipher-specific context of ctx. Freeing ctx itself remains the res...
static mbedtls_operation_t mbedtls_cipher_get_operation(const mbedtls_cipher_context_t *ctx)
This function returns the operation of the given cipher.
Definition: cipher.h:506
const int * mbedtls_cipher_list(void)
This function retrieves the list of ciphers supported by the generic cipher module.
static int mbedtls_cipher_get_key_bitlen(const mbedtls_cipher_context_t *ctx)
This function returns the key length of the cipher.
Definition: cipher.h:489
mbedtls_cipher_type_t
An enumeration of supported (cipher, mode) pairs.
Definition: cipher.h:123
const mbedtls_cipher_info_t * cipher_info
Definition: cipher.h:274
struct mbedtls_cipher_base_t mbedtls_cipher_base_t
Definition: cipher.h:223
const mbedtls_cipher_info_t * mbedtls_cipher_info_from_values(const mbedtls_cipher_id_t cipher_id, int key_bitlen, const mbedtls_cipher_mode_t mode)
This function retrieves the cipher-information structure associated with the given cipher ID...
static mbedtls_cipher_type_t mbedtls_cipher_get_type(const mbedtls_cipher_context_t *ctx)
This function returns the type of the given cipher.
Definition: cipher.h:455
mbedtls_operation_t operation
Definition: cipher.h:282
mbedtls_cipher_id_t
An enumeration of supported ciphers.
Definition: cipher.h:105
int mbedtls_cipher_setkey(mbedtls_cipher_context_t *ctx, const unsigned char *key, int key_bitlen, const mbedtls_operation_t operation)
This function sets the key to use with the given context.
#define MBEDTLS_MAX_IV_LENGTH
Definition: cipher.h:216
int mbedtls_cipher_auth_decrypt(mbedtls_cipher_context_t *ctx, const unsigned char *iv, size_t iv_len, const unsigned char *ad, size_t ad_len, const unsigned char *input, size_t ilen, unsigned char *output, size_t *olen, const unsigned char *tag, size_t tag_len)
The generic autenticated decryption (AEAD) function.
const char * name
Definition: cipher.h:250
int mbedtls_cipher_auth_encrypt(mbedtls_cipher_context_t *ctx, const unsigned char *iv, size_t iv_len, const unsigned char *ad, size_t ad_len, const unsigned char *input, size_t ilen, unsigned char *output, size_t *olen, unsigned char *tag, size_t tag_len)
The generic autenticated encryption (AEAD) function.
int mbedtls_cipher_crypt(mbedtls_cipher_context_t *ctx, const unsigned char *iv, size_t iv_len, const unsigned char *input, size_t ilen, unsigned char *output, size_t *olen)
The generic all-in-one encryption/decryption function, for all ciphers except AEAD constructs...
void mbedtls_cipher_init(mbedtls_cipher_context_t *ctx)
This function initializes a cipher_context as NONE.
int mbedtls_cipher_update_ad(mbedtls_cipher_context_t *ctx, const unsigned char *ad, size_t ad_len)
This function adds additional data for AEAD ciphers. Only supported with GCM. Must be called exactly ...
int mbedtls_cipher_setup(mbedtls_cipher_context_t *ctx, const mbedtls_cipher_info_t *cipher_info)
This function initializes and fills the cipher-context structure with the appropriate values...
int mbedtls_cipher_check_tag(mbedtls_cipher_context_t *ctx, const unsigned char *tag, size_t tag_len)
This function checks the tag for AEAD ciphers. Only supported with GCM. Must be called after mbedtls_...
static int mbedtls_cipher_get_iv_size(const mbedtls_cipher_context_t *ctx)
This function returns the size of the IV or nonce of the cipher, in Bytes.
Definition: cipher.h:436
int mbedtls_cipher_write_tag(mbedtls_cipher_context_t *ctx, unsigned char *tag, size_t tag_len)
This function writes a tag for AEAD ciphers. Only supported with GCM. Must be called after mbedtls_ci...
#define MBEDTLS_MAX_BLOCK_LENGTH
Definition: cipher.h:218
unsigned int key_bitlen
Definition: cipher.h:247
mbedtls_cipher_type_t type
Definition: cipher.h:238
const mbedtls_cipher_info_t * mbedtls_cipher_info_from_type(const mbedtls_cipher_type_t cipher_type)
This function retrieves the cipher-information structure associated with the given cipher type...
const mbedtls_cipher_base_t * base
Definition: cipher.h:265