123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300 |
- /**
- * \file aes.h
- *
- * \brief AES block cipher
- *
- * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
- * SPDX-License-Identifier: GPL-2.0
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License along
- * with this program; if not, write to the Free Software Foundation, Inc.,
- * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
- *
- * This file is part of mbed TLS (https://tls.mbed.org)
- */
- #ifndef MBEDTLS_AES_H
- #define MBEDTLS_AES_H
- #if !defined(MBEDTLS_CONFIG_FILE)
- #include "config.h"
- #else
- #include MBEDTLS_CONFIG_FILE
- #endif
- #include <stddef.h>
- #include <stdint.h>
- /* padlock.c and aesni.c rely on these values! */
- #define MBEDTLS_AES_ENCRYPT 1
- #define MBEDTLS_AES_DECRYPT 0
- #define MBEDTLS_ERR_AES_INVALID_KEY_LENGTH -0x0020 /**< Invalid key length. */
- #define MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH -0x0022 /**< Invalid data input length. */
- #if !defined(MBEDTLS_AES_ALT)
- // Regular implementation
- //
- #ifdef __cplusplus
- extern "C" {
- #endif
- /**
- * \brief AES context structure
- *
- * \note buf is able to hold 32 extra bytes, which can be used:
- * - for alignment purposes if VIA padlock is used, and/or
- * - to simplify key expansion in the 256-bit case by
- * generating an extra round key
- */
- typedef struct
- {
- int nr; /*!< number of rounds */
- uint32_t *rk; /*!< AES round keys */
- uint32_t buf[68]; /*!< unaligned data */
- }
- mbedtls_aes_context;
- /**
- * \brief Initialize AES context
- *
- * \param ctx AES context to be initialized
- */
- void mbedtls_aes_init( mbedtls_aes_context *ctx );
- /**
- * \brief Clear AES context
- *
- * \param ctx AES context to be cleared
- */
- void mbedtls_aes_free( mbedtls_aes_context *ctx );
- /**
- * \brief AES key schedule (encryption)
- *
- * \param ctx AES context to be initialized
- * \param key encryption key
- * \param keybits must be 128, 192 or 256
- *
- * \return 0 if successful, or MBEDTLS_ERR_AES_INVALID_KEY_LENGTH
- */
- int mbedtls_aes_setkey_enc( mbedtls_aes_context *ctx, const unsigned char *key,
- unsigned int keybits );
- /**
- * \brief AES key schedule (decryption)
- *
- * \param ctx AES context to be initialized
- * \param key decryption key
- * \param keybits must be 128, 192 or 256
- *
- * \return 0 if successful, or MBEDTLS_ERR_AES_INVALID_KEY_LENGTH
- */
- int mbedtls_aes_setkey_dec( mbedtls_aes_context *ctx, const unsigned char *key,
- unsigned int keybits );
- /**
- * \brief AES-ECB block encryption/decryption
- *
- * \param ctx AES context
- * \param mode MBEDTLS_AES_ENCRYPT or MBEDTLS_AES_DECRYPT
- * \param input 16-byte input block
- * \param output 16-byte output block
- *
- * \return 0 if successful
- */
- int mbedtls_aes_crypt_ecb( mbedtls_aes_context *ctx,
- int mode,
- const unsigned char input[16],
- unsigned char output[16] );
- #if defined(MBEDTLS_CIPHER_MODE_CBC)
- /**
- * \brief AES-CBC buffer encryption/decryption
- * Length should be a multiple of the block
- * size (16 bytes)
- *
- * \note Upon exit, the content of the IV is updated so that you can
- * call the function same function again on the following
- * block(s) of data and get the same result as if it was
- * encrypted in one call. This allows a "streaming" usage.
- * If on the other hand you need to retain the contents of the
- * IV, you should either save it manually or use the cipher
- * module instead.
- *
- * \param ctx AES context
- * \param mode MBEDTLS_AES_ENCRYPT or MBEDTLS_AES_DECRYPT
- * \param length length of the input data
- * \param iv initialization vector (updated after use)
- * \param input buffer holding the input data
- * \param output buffer holding the output data
- *
- * \return 0 if successful, or MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH
- */
- int mbedtls_aes_crypt_cbc( mbedtls_aes_context *ctx,
- int mode,
- size_t length,
- unsigned char iv[16],
- const unsigned char *input,
- unsigned char *output );
- #endif /* MBEDTLS_CIPHER_MODE_CBC */
- #if defined(MBEDTLS_CIPHER_MODE_CFB)
- /**
- * \brief AES-CFB128 buffer encryption/decryption.
- *
- * Note: Due to the nature of CFB you should use the same key schedule for
- * both encryption and decryption. So a context initialized with
- * mbedtls_aes_setkey_enc() for both MBEDTLS_AES_ENCRYPT and MBEDTLS_AES_DECRYPT.
- *
- * \note Upon exit, the content of the IV is updated so that you can
- * call the function same function again on the following
- * block(s) of data and get the same result as if it was
- * encrypted in one call. This allows a "streaming" usage.
- * If on the other hand you need to retain the contents of the
- * IV, you should either save it manually or use the cipher
- * module instead.
- *
- * \param ctx AES context
- * \param mode MBEDTLS_AES_ENCRYPT or MBEDTLS_AES_DECRYPT
- * \param length length of the input data
- * \param iv_off offset in IV (updated after use)
- * \param iv initialization vector (updated after use)
- * \param input buffer holding the input data
- * \param output buffer holding the output data
- *
- * \return 0 if successful
- */
- int mbedtls_aes_crypt_cfb128( mbedtls_aes_context *ctx,
- int mode,
- size_t length,
- size_t *iv_off,
- unsigned char iv[16],
- const unsigned char *input,
- unsigned char *output );
- /**
- * \brief AES-CFB8 buffer encryption/decryption.
- *
- * Note: Due to the nature of CFB you should use the same key schedule for
- * both encryption and decryption. So a context initialized with
- * mbedtls_aes_setkey_enc() for both MBEDTLS_AES_ENCRYPT and MBEDTLS_AES_DECRYPT.
- *
- * \note Upon exit, the content of the IV is updated so that you can
- * call the function same function again on the following
- * block(s) of data and get the same result as if it was
- * encrypted in one call. This allows a "streaming" usage.
- * If on the other hand you need to retain the contents of the
- * IV, you should either save it manually or use the cipher
- * module instead.
- *
- * \param ctx AES context
- * \param mode MBEDTLS_AES_ENCRYPT or MBEDTLS_AES_DECRYPT
- * \param length length of the input data
- * \param iv initialization vector (updated after use)
- * \param input buffer holding the input data
- * \param output buffer holding the output data
- *
- * \return 0 if successful
- */
- int mbedtls_aes_crypt_cfb8( mbedtls_aes_context *ctx,
- int mode,
- size_t length,
- unsigned char iv[16],
- const unsigned char *input,
- unsigned char *output );
- #endif /*MBEDTLS_CIPHER_MODE_CFB */
- #if defined(MBEDTLS_CIPHER_MODE_CTR)
- /**
- * \brief AES-CTR buffer encryption/decryption
- *
- * Warning: You have to keep the maximum use of your counter in mind!
- *
- * Note: Due to the nature of CTR you should use the same key schedule for
- * both encryption and decryption. So a context initialized with
- * mbedtls_aes_setkey_enc() for both MBEDTLS_AES_ENCRYPT and MBEDTLS_AES_DECRYPT.
- *
- * \param ctx AES context
- * \param length The length of the data
- * \param nc_off The offset in the current stream_block (for resuming
- * within current cipher stream). The offset pointer to
- * should be 0 at the start of a stream.
- * \param nonce_counter The 128-bit nonce and counter.
- * \param stream_block The saved stream-block for resuming. Is overwritten
- * by the function.
- * \param input The input data stream
- * \param output The output data stream
- *
- * \return 0 if successful
- */
- int mbedtls_aes_crypt_ctr( mbedtls_aes_context *ctx,
- size_t length,
- size_t *nc_off,
- unsigned char nonce_counter[16],
- unsigned char stream_block[16],
- const unsigned char *input,
- unsigned char *output );
- #endif /* MBEDTLS_CIPHER_MODE_CTR */
- /**
- * \brief Internal AES block encryption function
- * (Only exposed to allow overriding it,
- * see MBEDTLS_AES_ENCRYPT_ALT)
- *
- * \param ctx AES context
- * \param input Plaintext block
- * \param output Output (ciphertext) block
- */
- void mbedtls_aes_encrypt( mbedtls_aes_context *ctx,
- const unsigned char input[16],
- unsigned char output[16] );
- /**
- * \brief Internal AES block decryption function
- * (Only exposed to allow overriding it,
- * see MBEDTLS_AES_DECRYPT_ALT)
- *
- * \param ctx AES context
- * \param input Ciphertext block
- * \param output Output (plaintext) block
- */
- void mbedtls_aes_decrypt( mbedtls_aes_context *ctx,
- const unsigned char input[16],
- unsigned char output[16] );
- #ifdef __cplusplus
- }
- #endif
- #else /* MBEDTLS_AES_ALT */
- #include "aes_alt.h"
- #endif /* MBEDTLS_AES_ALT */
- #ifdef __cplusplus
- extern "C" {
- #endif
- /**
- * \brief Checkup routine
- *
- * \return 0 if successful, or 1 if the test failed
- */
- int mbedtls_aes_self_test( int verbose );
- #ifdef __cplusplus
- }
- #endif
- #endif /* aes.h */
|