mbed TLS v2.7.17
cipher.h
Go to the documentation of this file.
1 
8 /*
9  * Copyright The Mbed TLS Contributors
10  * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
11  *
12  * This file is provided under the Apache License 2.0, or the
13  * GNU General Public License v2.0 or later.
14  *
15  * **********
16  * Apache License 2.0:
17  *
18  * Licensed under the Apache License, Version 2.0 (the "License"); you may
19  * not use this file except in compliance with the License.
20  * You may obtain a copy of the License at
21  *
22  * http://www.apache.org/licenses/LICENSE-2.0
23  *
24  * Unless required by applicable law or agreed to in writing, software
25  * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
26  * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
27  * See the License for the specific language governing permissions and
28  * limitations under the License.
29  *
30  * **********
31  *
32  * **********
33  * GNU General Public License v2.0 or later:
34  *
35  * This program is free software; you can redistribute it and/or modify
36  * it under the terms of the GNU General Public License as published by
37  * the Free Software Foundation; either version 2 of the License, or
38  * (at your option) any later version.
39  *
40  * This program is distributed in the hope that it will be useful,
41  * but WITHOUT ANY WARRANTY; without even the implied warranty of
42  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
43  * GNU General Public License for more details.
44  *
45  * You should have received a copy of the GNU General Public License along
46  * with this program; if not, write to the Free Software Foundation, Inc.,
47  * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
48  *
49  * **********
50  */
51 
52 #ifndef MBEDTLS_CIPHER_H
53 #define MBEDTLS_CIPHER_H
54 
55 #if !defined(MBEDTLS_CONFIG_FILE)
56 #include "config.h"
57 #else
58 #include MBEDTLS_CONFIG_FILE
59 #endif
60 
61 #include <stddef.h>
62 
63 #if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CCM_C)
64 #define MBEDTLS_CIPHER_MODE_AEAD
65 #endif
66 
67 #if defined(MBEDTLS_CIPHER_MODE_CBC)
68 #define MBEDTLS_CIPHER_MODE_WITH_PADDING
69 #endif
70 
71 #if defined(MBEDTLS_ARC4_C) || defined(MBEDTLS_CIPHER_NULL_CIPHER)
72 #define MBEDTLS_CIPHER_MODE_STREAM
73 #endif
74 
75 #if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
76  !defined(inline) && !defined(__cplusplus)
77 #define inline __inline
78 #endif
79 
80 #define MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE -0x6080
81 #define MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA -0x6100
82 #define MBEDTLS_ERR_CIPHER_ALLOC_FAILED -0x6180
83 #define MBEDTLS_ERR_CIPHER_INVALID_PADDING -0x6200
84 #define MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED -0x6280
85 #define MBEDTLS_ERR_CIPHER_AUTH_FAILED -0x6300
86 #define MBEDTLS_ERR_CIPHER_INVALID_CONTEXT -0x6380
87 #define MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED -0x6400
89 #define MBEDTLS_CIPHER_VARIABLE_IV_LEN 0x01
90 #define MBEDTLS_CIPHER_VARIABLE_KEY_LEN 0x02
92 #ifdef __cplusplus
93 extern "C" {
94 #endif
95 
103 typedef enum {
113 
121 typedef enum {
172 
174 typedef enum {
179  MBEDTLS_MODE_OFB, /* Unused! */
185 
187 typedef enum {
194 
196 typedef enum {
201 
202 enum {
211 };
212 
214 #define MBEDTLS_MAX_IV_LENGTH 16
215 
216 #define MBEDTLS_MAX_BLOCK_LENGTH 16
217 
222 
227 
232 typedef struct {
237 
240 
245  unsigned int key_bitlen;
246 
248  const char * name;
249 
254  unsigned int iv_size;
255 
257  int flags;
258 
260  unsigned int block_size;
261 
264 
266 
270 typedef struct {
273 
276 
281 
282 #if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
283 
286  void (*add_padding)( unsigned char *output, size_t olen, size_t data_len );
287  int (*get_padding)( unsigned char *input, size_t ilen, size_t *data_len );
288 #endif
289 
291  unsigned char unprocessed_data[MBEDTLS_MAX_BLOCK_LENGTH];
292 
295 
297  unsigned char iv[MBEDTLS_MAX_IV_LENGTH];
298 
300  size_t iv_size;
301 
303  void *cipher_ctx;
304 
305 #if defined(MBEDTLS_CMAC_C)
306 
307  mbedtls_cmac_context_t *cmac_ctx;
308 #endif
310 
318 const int *mbedtls_cipher_list( void );
319 
329 const mbedtls_cipher_info_t *mbedtls_cipher_info_from_string( const char *cipher_name );
330 
341 
356  int key_bitlen,
357  const mbedtls_cipher_mode_t mode );
358 
363 
370 
371 
390 
399 static inline unsigned int mbedtls_cipher_get_block_size( const mbedtls_cipher_context_t *ctx )
400 {
401  if( NULL == ctx || NULL == ctx->cipher_info )
402  return 0;
403 
404  return ctx->cipher_info->block_size;
405 }
406 
417 {
418  if( NULL == ctx || NULL == ctx->cipher_info )
419  return MBEDTLS_MODE_NONE;
420 
421  return ctx->cipher_info->mode;
422 }
423 
435 {
436  if( NULL == ctx || NULL == ctx->cipher_info )
437  return 0;
438 
439  if( ctx->iv_size != 0 )
440  return (int) ctx->iv_size;
441 
442  return (int) ctx->cipher_info->iv_size;
443 }
444 
454 {
455  if( NULL == ctx || NULL == ctx->cipher_info )
456  return MBEDTLS_CIPHER_NONE;
457 
458  return ctx->cipher_info->type;
459 }
460 
470 static inline const char *mbedtls_cipher_get_name( const mbedtls_cipher_context_t *ctx )
471 {
472  if( NULL == ctx || NULL == ctx->cipher_info )
473  return 0;
474 
475  return ctx->cipher_info->name;
476 }
477 
488 {
489  if( NULL == ctx || NULL == ctx->cipher_info )
491 
492  return (int) ctx->cipher_info->key_bitlen;
493 }
494 
505 {
506  if( NULL == ctx || NULL == ctx->cipher_info )
507  return MBEDTLS_OPERATION_NONE;
508 
509  return ctx->operation;
510 }
511 
527 int mbedtls_cipher_setkey( mbedtls_cipher_context_t *ctx, const unsigned char *key,
528  int key_bitlen, const mbedtls_operation_t operation );
529 
530 #if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
531 
546 #endif /* MBEDTLS_CIPHER_MODE_WITH_PADDING */
547 
563  const unsigned char *iv, size_t iv_len );
564 
574 
575 #if defined(MBEDTLS_GCM_C)
576 
588  const unsigned char *ad, size_t ad_len );
589 #endif /* MBEDTLS_GCM_C */
590 
621 int mbedtls_cipher_update( mbedtls_cipher_context_t *ctx, const unsigned char *input,
622  size_t ilen, unsigned char *output, size_t *olen );
623 
643  unsigned char *output, size_t *olen );
644 
645 #if defined(MBEDTLS_GCM_C)
646 
658  unsigned char *tag, size_t tag_len );
659 
672  const unsigned char *tag, size_t tag_len );
673 #endif /* MBEDTLS_GCM_C */
674 
704  const unsigned char *iv, size_t iv_len,
705  const unsigned char *input, size_t ilen,
706  unsigned char *output, size_t *olen );
707 
708 #if defined(MBEDTLS_CIPHER_MODE_AEAD)
709 
732  const unsigned char *iv, size_t iv_len,
733  const unsigned char *ad, size_t ad_len,
734  const unsigned char *input, size_t ilen,
735  unsigned char *output, size_t *olen,
736  unsigned char *tag, size_t tag_len );
737 
766  const unsigned char *iv, size_t iv_len,
767  const unsigned char *ad, size_t ad_len,
768  const unsigned char *input, size_t ilen,
769  unsigned char *output, size_t *olen,
770  const unsigned char *tag, size_t tag_len );
771 #endif /* MBEDTLS_CIPHER_MODE_AEAD */
772 
773 #ifdef __cplusplus
774 }
775 #endif
776 
777 #endif /* MBEDTLS_CIPHER_H */
mbedtls_operation_t
Definition: cipher.h:196
unsigned int iv_size
Definition: cipher.h:254
mbedtls_cipher_padding_t
Definition: cipher.h:187
static mbedtls_cipher_mode_t mbedtls_cipher_get_cipher_mode(const mbedtls_cipher_context_t *ctx)
This function returns the mode of operation for the cipher. For example, MBEDTLS_MODE_CBC.
Definition: cipher.h:416
static unsigned int mbedtls_cipher_get_block_size(const mbedtls_cipher_context_t *ctx)
This function returns the block size of the given cipher.
Definition: cipher.h:399
mbedtls_cipher_mode_t
Definition: cipher.h:174
const mbedtls_cipher_info_t * mbedtls_cipher_info_from_string(const char *cipher_name)
This function retrieves the cipher-information structure associated with the given cipher name...
int mbedtls_cipher_finish(mbedtls_cipher_context_t *ctx, unsigned char *output, size_t *olen)
The generic cipher finalization function. If data still needs to be flushed from an incomplete block...
int mbedtls_cipher_reset(mbedtls_cipher_context_t *ctx)
This function resets the cipher state.
static const char * mbedtls_cipher_get_name(const mbedtls_cipher_context_t *ctx)
This function returns the name of the given cipher as a string.
Definition: cipher.h:470
Configuration options (set of defines)
int mbedtls_cipher_set_iv(mbedtls_cipher_context_t *ctx, const unsigned char *iv, size_t iv_len)
This function sets the initialization vector (IV) or nonce.
int mbedtls_cipher_set_padding_mode(mbedtls_cipher_context_t *ctx, mbedtls_cipher_padding_t mode)
This function sets the padding mode, for cipher modes that use padding.
mbedtls_cipher_mode_t mode
Definition: cipher.h:239
int mbedtls_cipher_update(mbedtls_cipher_context_t *ctx, const unsigned char *input, size_t ilen, unsigned char *output, size_t *olen)
The generic cipher update function. It encrypts or decrypts using the given cipher context...
unsigned int block_size
Definition: cipher.h:260
void mbedtls_cipher_free(mbedtls_cipher_context_t *ctx)
This function frees and clears the cipher-specific context of ctx. Freeing ctx itself remains the res...
static mbedtls_operation_t mbedtls_cipher_get_operation(const mbedtls_cipher_context_t *ctx)
This function returns the operation of the given cipher.
Definition: cipher.h:504
const int * mbedtls_cipher_list(void)
This function retrieves the list of ciphers supported by the generic cipher module.
static int mbedtls_cipher_get_key_bitlen(const mbedtls_cipher_context_t *ctx)
This function returns the key length of the cipher.
Definition: cipher.h:487
mbedtls_cipher_type_t
An enumeration of supported (cipher, mode) pairs.
Definition: cipher.h:121
const mbedtls_cipher_info_t * cipher_info
Definition: cipher.h:272
struct mbedtls_cipher_base_t mbedtls_cipher_base_t
Definition: cipher.h:221
const mbedtls_cipher_info_t * mbedtls_cipher_info_from_values(const mbedtls_cipher_id_t cipher_id, int key_bitlen, const mbedtls_cipher_mode_t mode)
This function retrieves the cipher-information structure associated with the given cipher ID...
static mbedtls_cipher_type_t mbedtls_cipher_get_type(const mbedtls_cipher_context_t *ctx)
This function returns the type of the given cipher.
Definition: cipher.h:453
mbedtls_operation_t operation
Definition: cipher.h:280
mbedtls_cipher_id_t
An enumeration of supported ciphers.
Definition: cipher.h:103
int mbedtls_cipher_setkey(mbedtls_cipher_context_t *ctx, const unsigned char *key, int key_bitlen, const mbedtls_operation_t operation)
This function sets the key to use with the given context.
#define MBEDTLS_MAX_IV_LENGTH
Definition: cipher.h:214
int mbedtls_cipher_auth_decrypt(mbedtls_cipher_context_t *ctx, const unsigned char *iv, size_t iv_len, const unsigned char *ad, size_t ad_len, const unsigned char *input, size_t ilen, unsigned char *output, size_t *olen, const unsigned char *tag, size_t tag_len)
The generic autenticated decryption (AEAD) function.
const char * name
Definition: cipher.h:248
int mbedtls_cipher_auth_encrypt(mbedtls_cipher_context_t *ctx, const unsigned char *iv, size_t iv_len, const unsigned char *ad, size_t ad_len, const unsigned char *input, size_t ilen, unsigned char *output, size_t *olen, unsigned char *tag, size_t tag_len)
The generic autenticated encryption (AEAD) function.
int mbedtls_cipher_crypt(mbedtls_cipher_context_t *ctx, const unsigned char *iv, size_t iv_len, const unsigned char *input, size_t ilen, unsigned char *output, size_t *olen)
The generic all-in-one encryption/decryption function, for all ciphers except AEAD constructs...
void mbedtls_cipher_init(mbedtls_cipher_context_t *ctx)
This function initializes a cipher_context as NONE.
int mbedtls_cipher_update_ad(mbedtls_cipher_context_t *ctx, const unsigned char *ad, size_t ad_len)
This function adds additional data for AEAD ciphers. Only supported with GCM. Must be called exactly ...
int mbedtls_cipher_setup(mbedtls_cipher_context_t *ctx, const mbedtls_cipher_info_t *cipher_info)
This function initializes and fills the cipher-context structure with the appropriate values...
int mbedtls_cipher_check_tag(mbedtls_cipher_context_t *ctx, const unsigned char *tag, size_t tag_len)
This function checks the tag for AEAD ciphers. Only supported with GCM. Must be called after mbedtls_...
static int mbedtls_cipher_get_iv_size(const mbedtls_cipher_context_t *ctx)
This function returns the size of the IV or nonce of the cipher, in Bytes.
Definition: cipher.h:434
int mbedtls_cipher_write_tag(mbedtls_cipher_context_t *ctx, unsigned char *tag, size_t tag_len)
This function writes a tag for AEAD ciphers. Only supported with GCM. Must be called after mbedtls_ci...
#define MBEDTLS_MAX_BLOCK_LENGTH
Definition: cipher.h:216
unsigned int key_bitlen
Definition: cipher.h:245
mbedtls_cipher_type_t type
Definition: cipher.h:236
const mbedtls_cipher_info_t * mbedtls_cipher_info_from_type(const mbedtls_cipher_type_t cipher_type)
This function retrieves the cipher-information structure associated with the given cipher type...
const mbedtls_cipher_base_t * base
Definition: cipher.h:263