mbed TLS v2.7.6
cipher.h
Go to the documentation of this file.
1 
8 /*
9  * Copyright (C) 2006-2018, Arm Limited (or its affiliates), All Rights Reserved
10  * SPDX-License-Identifier: Apache-2.0
11  *
12  * Licensed under the Apache License, Version 2.0 (the "License"); you may
13  * not use this file except in compliance with the License.
14  * You may obtain a copy of the License at
15  *
16  * http://www.apache.org/licenses/LICENSE-2.0
17  *
18  * Unless required by applicable law or agreed to in writing, software
19  * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
20  * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
21  * See the License for the specific language governing permissions and
22  * limitations under the License.
23  *
24  * This file is part of Mbed TLS (https://tls.mbed.org)
25  */
26 
27 #ifndef MBEDTLS_CIPHER_H
28 #define MBEDTLS_CIPHER_H
29 
30 #if !defined(MBEDTLS_CONFIG_FILE)
31 #include "config.h"
32 #else
33 #include MBEDTLS_CONFIG_FILE
34 #endif
35 
36 #include <stddef.h>
37 
38 #if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CCM_C)
39 #define MBEDTLS_CIPHER_MODE_AEAD
40 #endif
41 
42 #if defined(MBEDTLS_CIPHER_MODE_CBC)
43 #define MBEDTLS_CIPHER_MODE_WITH_PADDING
44 #endif
45 
46 #if defined(MBEDTLS_ARC4_C) || defined(MBEDTLS_CIPHER_NULL_CIPHER)
47 #define MBEDTLS_CIPHER_MODE_STREAM
48 #endif
49 
50 #if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
51  !defined(inline) && !defined(__cplusplus)
52 #define inline __inline
53 #endif
54 
55 #define MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE -0x6080
56 #define MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA -0x6100
57 #define MBEDTLS_ERR_CIPHER_ALLOC_FAILED -0x6180
58 #define MBEDTLS_ERR_CIPHER_INVALID_PADDING -0x6200
59 #define MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED -0x6280
60 #define MBEDTLS_ERR_CIPHER_AUTH_FAILED -0x6300
61 #define MBEDTLS_ERR_CIPHER_INVALID_CONTEXT -0x6380
62 #define MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED -0x6400
64 #define MBEDTLS_CIPHER_VARIABLE_IV_LEN 0x01
65 #define MBEDTLS_CIPHER_VARIABLE_KEY_LEN 0x02
67 #ifdef __cplusplus
68 extern "C" {
69 #endif
70 
78 typedef enum {
88 
96 typedef enum {
147 
149 typedef enum {
154  MBEDTLS_MODE_OFB, /* Unused! */
160 
162 typedef enum {
169 
171 typedef enum {
176 
177 enum {
186 };
187 
189 #define MBEDTLS_MAX_IV_LENGTH 16
190 
191 #define MBEDTLS_MAX_BLOCK_LENGTH 16
192 
197 
202 
207 typedef struct {
211  mbedtls_cipher_type_t type;
212 
214  mbedtls_cipher_mode_t mode;
215 
220  unsigned int key_bitlen;
221 
223  const char * name;
224 
229  unsigned int iv_size;
230 
232  int flags;
233 
235  unsigned int block_size;
236 
239 
241 
245 typedef struct {
248 
251 
255  mbedtls_operation_t operation;
256 
257 #if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
258 
261  void (*add_padding)( unsigned char *output, size_t olen, size_t data_len );
262  int (*get_padding)( unsigned char *input, size_t ilen, size_t *data_len );
263 #endif
264 
266  unsigned char unprocessed_data[MBEDTLS_MAX_BLOCK_LENGTH];
267 
270 
272  unsigned char iv[MBEDTLS_MAX_IV_LENGTH];
273 
275  size_t iv_size;
276 
278  void *cipher_ctx;
279 
280 #if defined(MBEDTLS_CMAC_C)
281 
282  mbedtls_cmac_context_t *cmac_ctx;
283 #endif
285 
293 const int *mbedtls_cipher_list( void );
294 
304 const mbedtls_cipher_info_t *mbedtls_cipher_info_from_string( const char *cipher_name );
305 
315 const mbedtls_cipher_info_t *mbedtls_cipher_info_from_type( const mbedtls_cipher_type_t cipher_type );
316 
330 const mbedtls_cipher_info_t *mbedtls_cipher_info_from_values( const mbedtls_cipher_id_t cipher_id,
331  int key_bitlen,
332  const mbedtls_cipher_mode_t mode );
333 
338 
345 
346 
365 
374 static inline unsigned int mbedtls_cipher_get_block_size( const mbedtls_cipher_context_t *ctx )
375 {
376  if( NULL == ctx || NULL == ctx->cipher_info )
377  return 0;
378 
379  return ctx->cipher_info->block_size;
380 }
381 
391 static inline mbedtls_cipher_mode_t mbedtls_cipher_get_cipher_mode( const mbedtls_cipher_context_t *ctx )
392 {
393  if( NULL == ctx || NULL == ctx->cipher_info )
394  return MBEDTLS_MODE_NONE;
395 
396  return ctx->cipher_info->mode;
397 }
398 
410 {
411  if( NULL == ctx || NULL == ctx->cipher_info )
412  return 0;
413 
414  if( ctx->iv_size != 0 )
415  return (int) ctx->iv_size;
416 
417  return (int) ctx->cipher_info->iv_size;
418 }
419 
428 static inline mbedtls_cipher_type_t mbedtls_cipher_get_type( const mbedtls_cipher_context_t *ctx )
429 {
430  if( NULL == ctx || NULL == ctx->cipher_info )
431  return MBEDTLS_CIPHER_NONE;
432 
433  return ctx->cipher_info->type;
434 }
435 
445 static inline const char *mbedtls_cipher_get_name( const mbedtls_cipher_context_t *ctx )
446 {
447  if( NULL == ctx || NULL == ctx->cipher_info )
448  return 0;
449 
450  return ctx->cipher_info->name;
451 }
452 
463 {
464  if( NULL == ctx || NULL == ctx->cipher_info )
466 
467  return (int) ctx->cipher_info->key_bitlen;
468 }
469 
479 static inline mbedtls_operation_t mbedtls_cipher_get_operation( const mbedtls_cipher_context_t *ctx )
480 {
481  if( NULL == ctx || NULL == ctx->cipher_info )
482  return MBEDTLS_OPERATION_NONE;
483 
484  return ctx->operation;
485 }
486 
502 int mbedtls_cipher_setkey( mbedtls_cipher_context_t *ctx, const unsigned char *key,
503  int key_bitlen, const mbedtls_operation_t operation );
504 
505 #if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
506 
520 int mbedtls_cipher_set_padding_mode( mbedtls_cipher_context_t *ctx, mbedtls_cipher_padding_t mode );
521 #endif /* MBEDTLS_CIPHER_MODE_WITH_PADDING */
522 
538  const unsigned char *iv, size_t iv_len );
539 
549 
550 #if defined(MBEDTLS_GCM_C)
551 
563  const unsigned char *ad, size_t ad_len );
564 #endif /* MBEDTLS_GCM_C */
565 
596 int mbedtls_cipher_update( mbedtls_cipher_context_t *ctx, const unsigned char *input,
597  size_t ilen, unsigned char *output, size_t *olen );
598 
618  unsigned char *output, size_t *olen );
619 
620 #if defined(MBEDTLS_GCM_C)
621 
633  unsigned char *tag, size_t tag_len );
634 
647  const unsigned char *tag, size_t tag_len );
648 #endif /* MBEDTLS_GCM_C */
649 
679  const unsigned char *iv, size_t iv_len,
680  const unsigned char *input, size_t ilen,
681  unsigned char *output, size_t *olen );
682 
683 #if defined(MBEDTLS_CIPHER_MODE_AEAD)
684 
707  const unsigned char *iv, size_t iv_len,
708  const unsigned char *ad, size_t ad_len,
709  const unsigned char *input, size_t ilen,
710  unsigned char *output, size_t *olen,
711  unsigned char *tag, size_t tag_len );
712 
741  const unsigned char *iv, size_t iv_len,
742  const unsigned char *ad, size_t ad_len,
743  const unsigned char *input, size_t ilen,
744  unsigned char *output, size_t *olen,
745  const unsigned char *tag, size_t tag_len );
746 #endif /* MBEDTLS_CIPHER_MODE_AEAD */
747 
748 #ifdef __cplusplus
749 }
750 #endif
751 
752 #endif /* MBEDTLS_CIPHER_H */
mbedtls_operation_t
Definition: cipher.h:171
unsigned int iv_size
Definition: cipher.h:229
mbedtls_cipher_padding_t
Definition: cipher.h:162
static mbedtls_cipher_mode_t mbedtls_cipher_get_cipher_mode(const mbedtls_cipher_context_t *ctx)
This function returns the mode of operation for the cipher. For example, MBEDTLS_MODE_CBC.
Definition: cipher.h:391
static unsigned int mbedtls_cipher_get_block_size(const mbedtls_cipher_context_t *ctx)
This function returns the block size of the given cipher.
Definition: cipher.h:374
mbedtls_cipher_mode_t
Definition: cipher.h:149
const mbedtls_cipher_info_t * mbedtls_cipher_info_from_string(const char *cipher_name)
This function retrieves the cipher-information structure associated with the given cipher name...
int mbedtls_cipher_finish(mbedtls_cipher_context_t *ctx, unsigned char *output, size_t *olen)
The generic cipher finalization function. If data still needs to be flushed from an incomplete block...
int mbedtls_cipher_reset(mbedtls_cipher_context_t *ctx)
This function resets the cipher state.
static const char * mbedtls_cipher_get_name(const mbedtls_cipher_context_t *ctx)
This function returns the name of the given cipher as a string.
Definition: cipher.h:445
Configuration options (set of defines)
int mbedtls_cipher_set_iv(mbedtls_cipher_context_t *ctx, const unsigned char *iv, size_t iv_len)
This function sets the initialization vector (IV) or nonce.
int mbedtls_cipher_set_padding_mode(mbedtls_cipher_context_t *ctx, mbedtls_cipher_padding_t mode)
This function sets the padding mode, for cipher modes that use padding.
mbedtls_cipher_mode_t mode
Definition: cipher.h:214
int mbedtls_cipher_update(mbedtls_cipher_context_t *ctx, const unsigned char *input, size_t ilen, unsigned char *output, size_t *olen)
The generic cipher update function. It encrypts or decrypts using the given cipher context...
unsigned int block_size
Definition: cipher.h:235
void mbedtls_cipher_free(mbedtls_cipher_context_t *ctx)
This function frees and clears the cipher-specific context of ctx. Freeing ctx itself remains the res...
static mbedtls_operation_t mbedtls_cipher_get_operation(const mbedtls_cipher_context_t *ctx)
This function returns the operation of the given cipher.
Definition: cipher.h:479
const int * mbedtls_cipher_list(void)
This function retrieves the list of ciphers supported by the generic cipher module.
static int mbedtls_cipher_get_key_bitlen(const mbedtls_cipher_context_t *ctx)
This function returns the key length of the cipher.
Definition: cipher.h:462
mbedtls_cipher_type_t
An enumeration of supported (cipher, mode) pairs.
Definition: cipher.h:96
const mbedtls_cipher_info_t * cipher_info
Definition: cipher.h:247
struct mbedtls_cipher_base_t mbedtls_cipher_base_t
Definition: cipher.h:196
const mbedtls_cipher_info_t * mbedtls_cipher_info_from_values(const mbedtls_cipher_id_t cipher_id, int key_bitlen, const mbedtls_cipher_mode_t mode)
This function retrieves the cipher-information structure associated with the given cipher ID...
static mbedtls_cipher_type_t mbedtls_cipher_get_type(const mbedtls_cipher_context_t *ctx)
This function returns the type of the given cipher.
Definition: cipher.h:428
mbedtls_operation_t operation
Definition: cipher.h:255
mbedtls_cipher_id_t
An enumeration of supported ciphers.
Definition: cipher.h:78
int mbedtls_cipher_setkey(mbedtls_cipher_context_t *ctx, const unsigned char *key, int key_bitlen, const mbedtls_operation_t operation)
This function sets the key to use with the given context.
#define MBEDTLS_MAX_IV_LENGTH
Definition: cipher.h:189
int mbedtls_cipher_auth_decrypt(mbedtls_cipher_context_t *ctx, const unsigned char *iv, size_t iv_len, const unsigned char *ad, size_t ad_len, const unsigned char *input, size_t ilen, unsigned char *output, size_t *olen, const unsigned char *tag, size_t tag_len)
The generic autenticated decryption (AEAD) function.
const char * name
Definition: cipher.h:223
int mbedtls_cipher_auth_encrypt(mbedtls_cipher_context_t *ctx, const unsigned char *iv, size_t iv_len, const unsigned char *ad, size_t ad_len, const unsigned char *input, size_t ilen, unsigned char *output, size_t *olen, unsigned char *tag, size_t tag_len)
The generic autenticated encryption (AEAD) function.
int mbedtls_cipher_crypt(mbedtls_cipher_context_t *ctx, const unsigned char *iv, size_t iv_len, const unsigned char *input, size_t ilen, unsigned char *output, size_t *olen)
The generic all-in-one encryption/decryption function, for all ciphers except AEAD constructs...
void mbedtls_cipher_init(mbedtls_cipher_context_t *ctx)
This function initializes a cipher_context as NONE.
int mbedtls_cipher_update_ad(mbedtls_cipher_context_t *ctx, const unsigned char *ad, size_t ad_len)
This function adds additional data for AEAD ciphers. Only supported with GCM. Must be called exactly ...
int mbedtls_cipher_setup(mbedtls_cipher_context_t *ctx, const mbedtls_cipher_info_t *cipher_info)
This function initializes and fills the cipher-context structure with the appropriate values...
int mbedtls_cipher_check_tag(mbedtls_cipher_context_t *ctx, const unsigned char *tag, size_t tag_len)
This function checks the tag for AEAD ciphers. Only supported with GCM. Must be called after mbedtls_...
static int mbedtls_cipher_get_iv_size(const mbedtls_cipher_context_t *ctx)
This function returns the size of the IV or nonce of the cipher, in Bytes.
Definition: cipher.h:409
int mbedtls_cipher_write_tag(mbedtls_cipher_context_t *ctx, unsigned char *tag, size_t tag_len)
This function writes a tag for AEAD ciphers. Only supported with GCM. Must be called after mbedtls_ci...
#define MBEDTLS_MAX_BLOCK_LENGTH
Definition: cipher.h:191
unsigned int key_bitlen
Definition: cipher.h:220
mbedtls_cipher_type_t type
Definition: cipher.h:211
const mbedtls_cipher_info_t * mbedtls_cipher_info_from_type(const mbedtls_cipher_type_t cipher_type)
This function retrieves the cipher-information structure associated with the given cipher type...
const mbedtls_cipher_base_t * base
Definition: cipher.h:238