mbed TLS v2.12.0
cipher.h
Go to the documentation of this file.
1 
10 /*
11  * Copyright (C) 2006-2018, Arm Limited (or its affiliates), All Rights Reserved
12  * SPDX-License-Identifier: Apache-2.0
13  *
14  * Licensed under the Apache License, Version 2.0 (the "License"); you may
15  * not use this file except in compliance with the License.
16  * You may obtain a copy of the License at
17  *
18  * http://www.apache.org/licenses/LICENSE-2.0
19  *
20  * Unless required by applicable law or agreed to in writing, software
21  * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
22  * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
23  * See the License for the specific language governing permissions and
24  * limitations under the License.
25  *
26  * This file is part of Mbed TLS (https://tls.mbed.org)
27  */
28 
29 #ifndef MBEDTLS_CIPHER_H
30 #define MBEDTLS_CIPHER_H
31 
32 #if !defined(MBEDTLS_CONFIG_FILE)
33 #include "config.h"
34 #else
35 #include MBEDTLS_CONFIG_FILE
36 #endif
37 
38 #include <stddef.h>
39 
40 #if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
41 #define MBEDTLS_CIPHER_MODE_AEAD
42 #endif
43 
44 #if defined(MBEDTLS_CIPHER_MODE_CBC)
45 #define MBEDTLS_CIPHER_MODE_WITH_PADDING
46 #endif
47 
48 #if defined(MBEDTLS_ARC4_C) || defined(MBEDTLS_CIPHER_NULL_CIPHER)
49 #define MBEDTLS_CIPHER_MODE_STREAM
50 #endif
51 
52 #if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
53  !defined(inline) && !defined(__cplusplus)
54 #define inline __inline
55 #endif
56 
57 #define MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE -0x6080
58 #define MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA -0x6100
59 #define MBEDTLS_ERR_CIPHER_ALLOC_FAILED -0x6180
60 #define MBEDTLS_ERR_CIPHER_INVALID_PADDING -0x6200
61 #define MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED -0x6280
62 #define MBEDTLS_ERR_CIPHER_AUTH_FAILED -0x6300
63 #define MBEDTLS_ERR_CIPHER_INVALID_CONTEXT -0x6380
64 #define MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED -0x6400
66 #define MBEDTLS_CIPHER_VARIABLE_IV_LEN 0x01
67 #define MBEDTLS_CIPHER_VARIABLE_KEY_LEN 0x02
69 #ifdef __cplusplus
70 extern "C" {
71 #endif
72 
80 typedef enum {
92 
100 typedef enum {
176 
178 typedef enum {
191 
193 typedef enum {
200 
202 typedef enum {
207 
208 enum {
217 };
218 
220 #define MBEDTLS_MAX_IV_LENGTH 16
221 
222 #define MBEDTLS_MAX_BLOCK_LENGTH 16
223 
228 
233 
238 typedef struct {
242  mbedtls_cipher_type_t type;
243 
245  mbedtls_cipher_mode_t mode;
246 
251  unsigned int key_bitlen;
252 
254  const char * name;
255 
260  unsigned int iv_size;
261 
266  int flags;
267 
269  unsigned int block_size;
270 
273 
275 
279 typedef struct {
282 
285 
289  mbedtls_operation_t operation;
290 
291 #if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
292 
295  void (*add_padding)( unsigned char *output, size_t olen, size_t data_len );
296  int (*get_padding)( unsigned char *input, size_t ilen, size_t *data_len );
297 #endif
298 
300  unsigned char unprocessed_data[MBEDTLS_MAX_BLOCK_LENGTH];
301 
304 
307  unsigned char iv[MBEDTLS_MAX_IV_LENGTH];
308 
310  size_t iv_size;
311 
313  void *cipher_ctx;
314 
315 #if defined(MBEDTLS_CMAC_C)
316 
317  mbedtls_cmac_context_t *cmac_ctx;
318 #endif
320 
328 const int *mbedtls_cipher_list( void );
329 
340 const mbedtls_cipher_info_t *mbedtls_cipher_info_from_string( const char *cipher_name );
341 
352 const mbedtls_cipher_info_t *mbedtls_cipher_info_from_type( const mbedtls_cipher_type_t cipher_type );
353 
368 const mbedtls_cipher_info_t *mbedtls_cipher_info_from_values( const mbedtls_cipher_id_t cipher_id,
369  int key_bitlen,
370  const mbedtls_cipher_mode_t mode );
371 
376 
383 
384 
404 
413 static inline unsigned int mbedtls_cipher_get_block_size( const mbedtls_cipher_context_t *ctx )
414 {
415  if( NULL == ctx || NULL == ctx->cipher_info )
416  return 0;
417 
418  return ctx->cipher_info->block_size;
419 }
420 
430 static inline mbedtls_cipher_mode_t mbedtls_cipher_get_cipher_mode( const mbedtls_cipher_context_t *ctx )
431 {
432  if( NULL == ctx || NULL == ctx->cipher_info )
433  return MBEDTLS_MODE_NONE;
434 
435  return ctx->cipher_info->mode;
436 }
437 
449 {
450  if( NULL == ctx || NULL == ctx->cipher_info )
451  return 0;
452 
453  if( ctx->iv_size != 0 )
454  return (int) ctx->iv_size;
455 
456  return (int) ctx->cipher_info->iv_size;
457 }
458 
467 static inline mbedtls_cipher_type_t mbedtls_cipher_get_type( const mbedtls_cipher_context_t *ctx )
468 {
469  if( NULL == ctx || NULL == ctx->cipher_info )
470  return MBEDTLS_CIPHER_NONE;
471 
472  return ctx->cipher_info->type;
473 }
474 
484 static inline const char *mbedtls_cipher_get_name( const mbedtls_cipher_context_t *ctx )
485 {
486  if( NULL == ctx || NULL == ctx->cipher_info )
487  return 0;
488 
489  return ctx->cipher_info->name;
490 }
491 
502 {
503  if( NULL == ctx || NULL == ctx->cipher_info )
505 
506  return (int) ctx->cipher_info->key_bitlen;
507 }
508 
517 static inline mbedtls_operation_t mbedtls_cipher_get_operation( const mbedtls_cipher_context_t *ctx )
518 {
519  if( NULL == ctx || NULL == ctx->cipher_info )
520  return MBEDTLS_OPERATION_NONE;
521 
522  return ctx->operation;
523 }
524 
541 int mbedtls_cipher_setkey( mbedtls_cipher_context_t *ctx, const unsigned char *key,
542  int key_bitlen, const mbedtls_operation_t operation );
543 
544 #if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
545 
560 int mbedtls_cipher_set_padding_mode( mbedtls_cipher_context_t *ctx, mbedtls_cipher_padding_t mode );
561 #endif /* MBEDTLS_CIPHER_MODE_WITH_PADDING */
562 
580  const unsigned char *iv, size_t iv_len );
581 
592 
593 #if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
594 
607  const unsigned char *ad, size_t ad_len );
608 #endif /* MBEDTLS_GCM_C || MBEDTLS_CHACHAPOLY_C */
609 
641 int mbedtls_cipher_update( mbedtls_cipher_context_t *ctx, const unsigned char *input,
642  size_t ilen, unsigned char *output, size_t *olen );
643 
664  unsigned char *output, size_t *olen );
665 
666 #if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
667 
680  unsigned char *tag, size_t tag_len );
681 
695  const unsigned char *tag, size_t tag_len );
696 #endif /* MBEDTLS_GCM_C || MBEDTLS_CHACHAPOLY_C */
697 
728  const unsigned char *iv, size_t iv_len,
729  const unsigned char *input, size_t ilen,
730  unsigned char *output, size_t *olen );
731 
732 #if defined(MBEDTLS_CIPHER_MODE_AEAD)
733 
757  const unsigned char *iv, size_t iv_len,
758  const unsigned char *ad, size_t ad_len,
759  const unsigned char *input, size_t ilen,
760  unsigned char *output, size_t *olen,
761  unsigned char *tag, size_t tag_len );
762 
792  const unsigned char *iv, size_t iv_len,
793  const unsigned char *ad, size_t ad_len,
794  const unsigned char *input, size_t ilen,
795  unsigned char *output, size_t *olen,
796  const unsigned char *tag, size_t tag_len );
797 #endif /* MBEDTLS_CIPHER_MODE_AEAD */
798 
799 #ifdef __cplusplus
800 }
801 #endif
802 
803 #endif /* MBEDTLS_CIPHER_H */
mbedtls_operation_t
Definition: cipher.h:202
unsigned int iv_size
Definition: cipher.h:260
mbedtls_cipher_padding_t
Definition: cipher.h:193
static mbedtls_cipher_mode_t mbedtls_cipher_get_cipher_mode(const mbedtls_cipher_context_t *ctx)
This function returns the mode of operation for the cipher. For example, MBEDTLS_MODE_CBC.
Definition: cipher.h:430
static unsigned int mbedtls_cipher_get_block_size(const mbedtls_cipher_context_t *ctx)
This function returns the block size of the given cipher.
Definition: cipher.h:413
mbedtls_cipher_mode_t
Definition: cipher.h:178
const mbedtls_cipher_info_t * mbedtls_cipher_info_from_string(const char *cipher_name)
This function retrieves the cipher-information structure associated with the given cipher name...
int mbedtls_cipher_finish(mbedtls_cipher_context_t *ctx, unsigned char *output, size_t *olen)
The generic cipher finalization function. If data still needs to be flushed from an incomplete block...
int mbedtls_cipher_reset(mbedtls_cipher_context_t *ctx)
This function resets the cipher state.
static const char * mbedtls_cipher_get_name(const mbedtls_cipher_context_t *ctx)
This function returns the name of the given cipher as a string.
Definition: cipher.h:484
Configuration options (set of defines)
int mbedtls_cipher_set_iv(mbedtls_cipher_context_t *ctx, const unsigned char *iv, size_t iv_len)
This function sets the initialization vector (IV) or nonce.
int mbedtls_cipher_set_padding_mode(mbedtls_cipher_context_t *ctx, mbedtls_cipher_padding_t mode)
This function sets the padding mode, for cipher modes that use padding.
mbedtls_cipher_mode_t mode
Definition: cipher.h:245
int mbedtls_cipher_update(mbedtls_cipher_context_t *ctx, const unsigned char *input, size_t ilen, unsigned char *output, size_t *olen)
The generic cipher update function. It encrypts or decrypts using the given cipher context...
unsigned int block_size
Definition: cipher.h:269
void mbedtls_cipher_free(mbedtls_cipher_context_t *ctx)
This function frees and clears the cipher-specific context of ctx. Freeing ctx itself remains the res...
static mbedtls_operation_t mbedtls_cipher_get_operation(const mbedtls_cipher_context_t *ctx)
This function returns the operation of the given cipher.
Definition: cipher.h:517
const int * mbedtls_cipher_list(void)
This function retrieves the list of ciphers supported by the generic cipher module.
static int mbedtls_cipher_get_key_bitlen(const mbedtls_cipher_context_t *ctx)
This function returns the key length of the cipher.
Definition: cipher.h:501
mbedtls_cipher_type_t
Supported {cipher type, cipher mode} pairs.
Definition: cipher.h:100
const mbedtls_cipher_info_t * cipher_info
Definition: cipher.h:281
struct mbedtls_cipher_base_t mbedtls_cipher_base_t
Definition: cipher.h:227
const mbedtls_cipher_info_t * mbedtls_cipher_info_from_values(const mbedtls_cipher_id_t cipher_id, int key_bitlen, const mbedtls_cipher_mode_t mode)
This function retrieves the cipher-information structure associated with the given cipher ID...
static mbedtls_cipher_type_t mbedtls_cipher_get_type(const mbedtls_cipher_context_t *ctx)
This function returns the type of the given cipher.
Definition: cipher.h:467
mbedtls_operation_t operation
Definition: cipher.h:289
mbedtls_cipher_id_t
Supported cipher types.
Definition: cipher.h:80
int mbedtls_cipher_setkey(mbedtls_cipher_context_t *ctx, const unsigned char *key, int key_bitlen, const mbedtls_operation_t operation)
This function sets the key to use with the given context.
#define MBEDTLS_MAX_IV_LENGTH
Definition: cipher.h:220
int mbedtls_cipher_auth_decrypt(mbedtls_cipher_context_t *ctx, const unsigned char *iv, size_t iv_len, const unsigned char *ad, size_t ad_len, const unsigned char *input, size_t ilen, unsigned char *output, size_t *olen, const unsigned char *tag, size_t tag_len)
The generic autenticated decryption (AEAD) function.
const char * name
Definition: cipher.h:254
int mbedtls_cipher_auth_encrypt(mbedtls_cipher_context_t *ctx, const unsigned char *iv, size_t iv_len, const unsigned char *ad, size_t ad_len, const unsigned char *input, size_t ilen, unsigned char *output, size_t *olen, unsigned char *tag, size_t tag_len)
The generic autenticated encryption (AEAD) function.
int mbedtls_cipher_crypt(mbedtls_cipher_context_t *ctx, const unsigned char *iv, size_t iv_len, const unsigned char *input, size_t ilen, unsigned char *output, size_t *olen)
The generic all-in-one encryption/decryption function, for all ciphers except AEAD constructs...
void mbedtls_cipher_init(mbedtls_cipher_context_t *ctx)
This function initializes a cipher_context as NONE.
int mbedtls_cipher_update_ad(mbedtls_cipher_context_t *ctx, const unsigned char *ad, size_t ad_len)
This function adds additional data for AEAD ciphers. Currently supported with GCM and ChaCha20+Poly13...
int mbedtls_cipher_setup(mbedtls_cipher_context_t *ctx, const mbedtls_cipher_info_t *cipher_info)
This function initializes and fills the cipher-context structure with the appropriate values...
int mbedtls_cipher_check_tag(mbedtls_cipher_context_t *ctx, const unsigned char *tag, size_t tag_len)
This function checks the tag for AEAD ciphers. Currently supported with GCM and ChaCha20+Poly1305. Must be called after mbedtls_cipher_finish().
static int mbedtls_cipher_get_iv_size(const mbedtls_cipher_context_t *ctx)
This function returns the size of the IV or nonce of the cipher, in Bytes.
Definition: cipher.h:448
int mbedtls_cipher_write_tag(mbedtls_cipher_context_t *ctx, unsigned char *tag, size_t tag_len)
This function writes a tag for AEAD ciphers. Currently supported with GCM and ChaCha20+Poly1305. Must be called after mbedtls_cipher_finish().
#define MBEDTLS_MAX_BLOCK_LENGTH
Definition: cipher.h:222
unsigned int key_bitlen
Definition: cipher.h:251
mbedtls_cipher_type_t type
Definition: cipher.h:242
const mbedtls_cipher_info_t * mbedtls_cipher_info_from_type(const mbedtls_cipher_type_t cipher_type)
This function retrieves the cipher-information structure associated with the given cipher type...
const mbedtls_cipher_base_t * base
Definition: cipher.h:272