mbed TLS v2.16.7
cipher.h
Go to the documentation of this file.
1 
10 /*
11  * Copyright (C) 2006-2018, Arm Limited (or its affiliates), All Rights Reserved
12  * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
13  *
14  * This file is provided under the Apache License 2.0, or the
15  * GNU General Public License v2.0 or later.
16  *
17  * **********
18  * Apache License 2.0:
19  *
20  * Licensed under the Apache License, Version 2.0 (the "License"); you may
21  * not use this file except in compliance with the License.
22  * You may obtain a copy of the License at
23  *
24  * http://www.apache.org/licenses/LICENSE-2.0
25  *
26  * Unless required by applicable law or agreed to in writing, software
27  * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
28  * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
29  * See the License for the specific language governing permissions and
30  * limitations under the License.
31  *
32  * **********
33  *
34  * **********
35  * GNU General Public License v2.0 or later:
36  *
37  * This program is free software; you can redistribute it and/or modify
38  * it under the terms of the GNU General Public License as published by
39  * the Free Software Foundation; either version 2 of the License, or
40  * (at your option) any later version.
41  *
42  * This program is distributed in the hope that it will be useful,
43  * but WITHOUT ANY WARRANTY; without even the implied warranty of
44  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
45  * GNU General Public License for more details.
46  *
47  * You should have received a copy of the GNU General Public License along
48  * with this program; if not, write to the Free Software Foundation, Inc.,
49  * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
50  *
51  * **********
52  *
53  * This file is part of Mbed TLS (https://tls.mbed.org)
54  */
55 
56 #ifndef MBEDTLS_CIPHER_H
57 #define MBEDTLS_CIPHER_H
58 
59 #if !defined(MBEDTLS_CONFIG_FILE)
60 #include "config.h"
61 #else
62 #include MBEDTLS_CONFIG_FILE
63 #endif
64 
65 #include <stddef.h>
66 #include "platform_util.h"
67 
68 #if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
69 #define MBEDTLS_CIPHER_MODE_AEAD
70 #endif
71 
72 #if defined(MBEDTLS_CIPHER_MODE_CBC)
73 #define MBEDTLS_CIPHER_MODE_WITH_PADDING
74 #endif
75 
76 #if defined(MBEDTLS_ARC4_C) || defined(MBEDTLS_CIPHER_NULL_CIPHER) || \
77  defined(MBEDTLS_CHACHA20_C)
78 #define MBEDTLS_CIPHER_MODE_STREAM
79 #endif
80 
81 #if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
82  !defined(inline) && !defined(__cplusplus)
83 #define inline __inline
84 #endif
85 
86 #define MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE -0x6080
87 #define MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA -0x6100
88 #define MBEDTLS_ERR_CIPHER_ALLOC_FAILED -0x6180
89 #define MBEDTLS_ERR_CIPHER_INVALID_PADDING -0x6200
90 #define MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED -0x6280
91 #define MBEDTLS_ERR_CIPHER_AUTH_FAILED -0x6300
92 #define MBEDTLS_ERR_CIPHER_INVALID_CONTEXT -0x6380
94 /* MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED is deprecated and should not be used. */
95 #define MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED -0x6400
97 #define MBEDTLS_CIPHER_VARIABLE_IV_LEN 0x01
98 #define MBEDTLS_CIPHER_VARIABLE_KEY_LEN 0x02
100 #ifdef __cplusplus
101 extern "C" {
102 #endif
103 
111 typedef enum {
123 
131 typedef enum {
207 
209 typedef enum {
222 
224 typedef enum {
231 
233 typedef enum {
238 
239 enum {
248 };
249 
251 #define MBEDTLS_MAX_IV_LENGTH 16
252 
253 #define MBEDTLS_MAX_BLOCK_LENGTH 16
254 
259 
264 
269 typedef struct mbedtls_cipher_info_t
270 {
275 
278 
283  unsigned int key_bitlen;
284 
286  const char * name;
287 
292  unsigned int iv_size;
293 
298  int flags;
299 
301  unsigned int block_size;
302 
305 
307 
312 {
315 
318 
323 
324 #if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
325 
328  void (*add_padding)( unsigned char *output, size_t olen, size_t data_len );
329  int (*get_padding)( unsigned char *input, size_t ilen, size_t *data_len );
330 #endif
331 
334 
337 
340  unsigned char iv[MBEDTLS_MAX_IV_LENGTH];
341 
343  size_t iv_size;
344 
346  void *cipher_ctx;
347 
348 #if defined(MBEDTLS_CMAC_C)
349 
350  mbedtls_cmac_context_t *cmac_ctx;
351 #endif
353 
361 const int *mbedtls_cipher_list( void );
362 
374 const mbedtls_cipher_info_t *mbedtls_cipher_info_from_string( const char *cipher_name );
375 
387 
403  int key_bitlen,
404  const mbedtls_cipher_mode_t mode );
405 
412 
423 
424 
444  const mbedtls_cipher_info_t *cipher_info );
445 
454 static inline unsigned int mbedtls_cipher_get_block_size(
455  const mbedtls_cipher_context_t *ctx )
456 {
457  MBEDTLS_INTERNAL_VALIDATE_RET( ctx != NULL, 0 );
458  if( ctx->cipher_info == NULL )
459  return 0;
460 
461  return ctx->cipher_info->block_size;
462 }
463 
474  const mbedtls_cipher_context_t *ctx )
475 {
477  if( ctx->cipher_info == NULL )
478  return MBEDTLS_MODE_NONE;
479 
480  return ctx->cipher_info->mode;
481 }
482 
493 static inline int mbedtls_cipher_get_iv_size(
494  const mbedtls_cipher_context_t *ctx )
495 {
496  MBEDTLS_INTERNAL_VALIDATE_RET( ctx != NULL, 0 );
497  if( ctx->cipher_info == NULL )
498  return 0;
499 
500  if( ctx->iv_size != 0 )
501  return (int) ctx->iv_size;
502 
503  return (int) ctx->cipher_info->iv_size;
504 }
505 
515  const mbedtls_cipher_context_t *ctx )
516 {
518  ctx != NULL, MBEDTLS_CIPHER_NONE );
519  if( ctx->cipher_info == NULL )
520  return MBEDTLS_CIPHER_NONE;
521 
522  return ctx->cipher_info->type;
523 }
524 
534 static inline const char *mbedtls_cipher_get_name(
535  const mbedtls_cipher_context_t *ctx )
536 {
537  MBEDTLS_INTERNAL_VALIDATE_RET( ctx != NULL, 0 );
538  if( ctx->cipher_info == NULL )
539  return 0;
540 
541  return ctx->cipher_info->name;
542 }
543 
554  const mbedtls_cipher_context_t *ctx )
555 {
557  ctx != NULL, MBEDTLS_KEY_LENGTH_NONE );
558  if( ctx->cipher_info == NULL )
560 
561  return (int) ctx->cipher_info->key_bitlen;
562 }
563 
573  const mbedtls_cipher_context_t *ctx )
574 {
576  ctx != NULL, MBEDTLS_OPERATION_NONE );
577  if( ctx->cipher_info == NULL )
578  return MBEDTLS_OPERATION_NONE;
579 
580  return ctx->operation;
581 }
582 
600  const unsigned char *key,
601  int key_bitlen,
602  const mbedtls_operation_t operation );
603 
604 #if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
605 
623 #endif /* MBEDTLS_CIPHER_MODE_WITH_PADDING */
624 
644  const unsigned char *iv,
645  size_t iv_len );
646 
657 
658 #if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
659 
674  const unsigned char *ad, size_t ad_len );
675 #endif /* MBEDTLS_GCM_C || MBEDTLS_CHACHAPOLY_C */
676 
711 int mbedtls_cipher_update( mbedtls_cipher_context_t *ctx, const unsigned char *input,
712  size_t ilen, unsigned char *output, size_t *olen );
713 
737  unsigned char *output, size_t *olen );
738 
739 #if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
740 
757  unsigned char *tag, size_t tag_len );
758 
773  const unsigned char *tag, size_t tag_len );
774 #endif /* MBEDTLS_GCM_C || MBEDTLS_CHACHAPOLY_C */
775 
810  const unsigned char *iv, size_t iv_len,
811  const unsigned char *input, size_t ilen,
812  unsigned char *output, size_t *olen );
813 
814 #if defined(MBEDTLS_CIPHER_MODE_AEAD)
815 
846  const unsigned char *iv, size_t iv_len,
847  const unsigned char *ad, size_t ad_len,
848  const unsigned char *input, size_t ilen,
849  unsigned char *output, size_t *olen,
850  unsigned char *tag, size_t tag_len );
851 
888  const unsigned char *iv, size_t iv_len,
889  const unsigned char *ad, size_t ad_len,
890  const unsigned char *input, size_t ilen,
891  unsigned char *output, size_t *olen,
892  const unsigned char *tag, size_t tag_len );
893 #endif /* MBEDTLS_CIPHER_MODE_AEAD */
894 
895 #ifdef __cplusplus
896 }
897 #endif
898 
899 #endif /* MBEDTLS_CIPHER_H */
unsigned char unprocessed_data[MBEDTLS_MAX_BLOCK_LENGTH]
Definition: cipher.h:333
mbedtls_operation_t
Definition: cipher.h:233
unsigned int iv_size
Definition: cipher.h:292
mbedtls_cipher_padding_t
Definition: cipher.h:224
static mbedtls_cipher_mode_t mbedtls_cipher_get_cipher_mode(const mbedtls_cipher_context_t *ctx)
This function returns the mode of operation for the cipher. For example, MBEDTLS_MODE_CBC.
Definition: cipher.h:473
#define MBEDTLS_INTERNAL_VALIDATE_RET(cond, ret)
static unsigned int mbedtls_cipher_get_block_size(const mbedtls_cipher_context_t *ctx)
This function returns the block size of the given cipher.
Definition: cipher.h:454
mbedtls_cipher_mode_t
Definition: cipher.h:209
const mbedtls_cipher_info_t * mbedtls_cipher_info_from_string(const char *cipher_name)
This function retrieves the cipher-information structure associated with the given cipher name...
int mbedtls_cipher_finish(mbedtls_cipher_context_t *ctx, unsigned char *output, size_t *olen)
The generic cipher finalization function. If data still needs to be flushed from an incomplete block...
void(* add_padding)(unsigned char *output, size_t olen, size_t data_len)
Definition: cipher.h:328
int mbedtls_cipher_reset(mbedtls_cipher_context_t *ctx)
This function resets the cipher state.
static const char * mbedtls_cipher_get_name(const mbedtls_cipher_context_t *ctx)
This function returns the name of the given cipher as a string.
Definition: cipher.h:534
Configuration options (set of defines)
int mbedtls_cipher_set_iv(mbedtls_cipher_context_t *ctx, const unsigned char *iv, size_t iv_len)
This function sets the initialization vector (IV) or nonce.
int mbedtls_cipher_set_padding_mode(mbedtls_cipher_context_t *ctx, mbedtls_cipher_padding_t mode)
This function sets the padding mode, for cipher modes that use padding.
mbedtls_cipher_mode_t mode
Definition: cipher.h:277
int mbedtls_cipher_update(mbedtls_cipher_context_t *ctx, const unsigned char *input, size_t ilen, unsigned char *output, size_t *olen)
The generic cipher update function. It encrypts or decrypts using the given cipher context...
unsigned int block_size
Definition: cipher.h:301
void mbedtls_cipher_free(mbedtls_cipher_context_t *ctx)
This function frees and clears the cipher-specific context of ctx. Freeing ctx itself remains the res...
static mbedtls_operation_t mbedtls_cipher_get_operation(const mbedtls_cipher_context_t *ctx)
This function returns the operation of the given cipher.
Definition: cipher.h:572
const int * mbedtls_cipher_list(void)
This function retrieves the list of ciphers supported by the generic cipher module.
static int mbedtls_cipher_get_key_bitlen(const mbedtls_cipher_context_t *ctx)
This function returns the key length of the cipher.
Definition: cipher.h:553
mbedtls_cipher_type_t
Supported {cipher type, cipher mode} pairs.
Definition: cipher.h:131
struct mbedtls_cipher_info_t mbedtls_cipher_info_t
Common and shared functions used by multiple modules in the Mbed TLS library.
const mbedtls_cipher_info_t * cipher_info
Definition: cipher.h:314
struct mbedtls_cipher_base_t mbedtls_cipher_base_t
Definition: cipher.h:258
const mbedtls_cipher_info_t * mbedtls_cipher_info_from_values(const mbedtls_cipher_id_t cipher_id, int key_bitlen, const mbedtls_cipher_mode_t mode)
This function retrieves the cipher-information structure associated with the given cipher ID...
static mbedtls_cipher_type_t mbedtls_cipher_get_type(const mbedtls_cipher_context_t *ctx)
This function returns the type of the given cipher.
Definition: cipher.h:514
int(* get_padding)(unsigned char *input, size_t ilen, size_t *data_len)
Definition: cipher.h:329
mbedtls_operation_t operation
Definition: cipher.h:322
mbedtls_cipher_id_t
Supported cipher types.
Definition: cipher.h:111
unsigned char iv[MBEDTLS_MAX_IV_LENGTH]
Definition: cipher.h:340
int mbedtls_cipher_setkey(mbedtls_cipher_context_t *ctx, const unsigned char *key, int key_bitlen, const mbedtls_operation_t operation)
This function sets the key to use with the given context.
#define MBEDTLS_MAX_IV_LENGTH
Definition: cipher.h:251
int mbedtls_cipher_auth_decrypt(mbedtls_cipher_context_t *ctx, const unsigned char *iv, size_t iv_len, const unsigned char *ad, size_t ad_len, const unsigned char *input, size_t ilen, unsigned char *output, size_t *olen, const unsigned char *tag, size_t tag_len)
The generic autenticated decryption (AEAD) function.
const char * name
Definition: cipher.h:286
int mbedtls_cipher_auth_encrypt(mbedtls_cipher_context_t *ctx, const unsigned char *iv, size_t iv_len, const unsigned char *ad, size_t ad_len, const unsigned char *input, size_t ilen, unsigned char *output, size_t *olen, unsigned char *tag, size_t tag_len)
The generic autenticated encryption (AEAD) function.
int mbedtls_cipher_crypt(mbedtls_cipher_context_t *ctx, const unsigned char *iv, size_t iv_len, const unsigned char *input, size_t ilen, unsigned char *output, size_t *olen)
The generic all-in-one encryption/decryption function, for all ciphers except AEAD constructs...
void mbedtls_cipher_init(mbedtls_cipher_context_t *ctx)
This function initializes a cipher_context as NONE.
int mbedtls_cipher_update_ad(mbedtls_cipher_context_t *ctx, const unsigned char *ad, size_t ad_len)
This function adds additional data for AEAD ciphers. Currently supported with GCM and ChaCha20+Poly13...
int mbedtls_cipher_setup(mbedtls_cipher_context_t *ctx, const mbedtls_cipher_info_t *cipher_info)
This function initializes and fills the cipher-context structure with the appropriate values...
int mbedtls_cipher_check_tag(mbedtls_cipher_context_t *ctx, const unsigned char *tag, size_t tag_len)
This function checks the tag for AEAD ciphers. Currently supported with GCM and ChaCha20+Poly1305. This must be called after mbedtls_cipher_finish().
static int mbedtls_cipher_get_iv_size(const mbedtls_cipher_context_t *ctx)
This function returns the size of the IV or nonce of the cipher, in Bytes.
Definition: cipher.h:493
struct mbedtls_cipher_context_t mbedtls_cipher_context_t
int mbedtls_cipher_write_tag(mbedtls_cipher_context_t *ctx, unsigned char *tag, size_t tag_len)
This function writes a tag for AEAD ciphers. Currently supported with GCM and ChaCha20+Poly1305. This must be called after mbedtls_cipher_finish().
#define MBEDTLS_MAX_BLOCK_LENGTH
Definition: cipher.h:253
unsigned int key_bitlen
Definition: cipher.h:283
mbedtls_cipher_type_t type
Definition: cipher.h:274
const mbedtls_cipher_info_t * mbedtls_cipher_info_from_type(const mbedtls_cipher_type_t cipher_type)
This function retrieves the cipher-information structure associated with the given cipher type...
const mbedtls_cipher_base_t * base
Definition: cipher.h:304