27 #ifndef MBEDTLS_CIPHER_H 28 #define MBEDTLS_CIPHER_H 30 #if !defined(MBEDTLS_CONFIG_FILE) 33 #include MBEDTLS_CONFIG_FILE 39 #if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CCM_C) || defined(MBEDTLS_CHACHAPOLY_C) 40 #define MBEDTLS_CIPHER_MODE_AEAD 43 #if defined(MBEDTLS_CIPHER_MODE_CBC) 44 #define MBEDTLS_CIPHER_MODE_WITH_PADDING 47 #if defined(MBEDTLS_ARC4_C) || defined(MBEDTLS_CIPHER_NULL_CIPHER) || \ 48 defined(MBEDTLS_CHACHA20_C) 49 #define MBEDTLS_CIPHER_MODE_STREAM 52 #if (defined(__ARMCC_VERSION) || defined(_MSC_VER)) && \ 53 !defined(inline) && !defined(__cplusplus) 54 #define inline __inline 58 #define MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE -0x6080 60 #define MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA -0x6100 62 #define MBEDTLS_ERR_CIPHER_ALLOC_FAILED -0x6180 64 #define MBEDTLS_ERR_CIPHER_INVALID_PADDING -0x6200 66 #define MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED -0x6280 68 #define MBEDTLS_ERR_CIPHER_AUTH_FAILED -0x6300 70 #define MBEDTLS_ERR_CIPHER_INVALID_CONTEXT -0x6380 74 #define MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED -0x6400 76 #define MBEDTLS_CIPHER_VARIABLE_IV_LEN 0x01 77 #define MBEDTLS_CIPHER_VARIABLE_KEY_LEN 0x02 241 #define MBEDTLS_MAX_IV_LENGTH 16 247 #define MBEDTLS_MAX_BLOCK_LENGTH 16 256 #if defined(MBEDTLS_CIPHER_MODE_XTS) 257 #define MBEDTLS_MAX_KEY_LENGTH 64 259 #define MBEDTLS_MAX_KEY_LENGTH 32 329 #if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING) 333 void (*
add_padding)(
unsigned char *output,
size_t olen,
size_t data_len);
334 int (*
get_padding)(
unsigned char *input,
size_t ilen,
size_t *data_len);
353 #if defined(MBEDTLS_CMAC_C) 358 #if defined(MBEDTLS_USE_PSA_CRYPTO) 366 unsigned char psa_enabled;
487 #if defined(MBEDTLS_USE_PSA_CRYPTO) 676 const unsigned char *key,
680 #if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING) 718 const unsigned char *iv,
754 #if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C) 770 const unsigned char *ad,
size_t ad_len);
808 const unsigned char *input,
809 size_t ilen,
unsigned char *output,
835 unsigned char *output,
size_t *olen);
837 #if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C) 855 unsigned char *tag,
size_t tag_len);
871 const unsigned char *tag,
size_t tag_len);
908 const unsigned char *iv,
size_t iv_len,
909 const unsigned char *input,
size_t ilen,
910 unsigned char *output,
size_t *olen);
912 #if defined(MBEDTLS_CIPHER_MODE_AEAD) 913 #if !defined(MBEDTLS_DEPRECATED_REMOVED) 914 #if defined(MBEDTLS_DEPRECATED_WARNING) 915 #define MBEDTLS_DEPRECATED __attribute__((deprecated)) 917 #define MBEDTLS_DEPRECATED 967 const unsigned char *iv,
size_t iv_len,
968 const unsigned char *ad,
size_t ad_len,
969 const unsigned char *input,
size_t ilen,
970 unsigned char *output,
size_t *olen,
971 unsigned char *tag,
size_t tag_len);
1026 const unsigned char *iv,
size_t iv_len,
1027 const unsigned char *ad,
size_t ad_len,
1028 const unsigned char *input,
size_t ilen,
1029 unsigned char *output,
size_t *olen,
1030 const unsigned char *tag,
size_t tag_len);
1031 #undef MBEDTLS_DEPRECATED 1035 #if defined(MBEDTLS_CIPHER_MODE_AEAD) || defined(MBEDTLS_NIST_KW_C) 1081 const unsigned char *iv,
size_t iv_len,
1082 const unsigned char *ad,
size_t ad_len,
1083 const unsigned char *input,
size_t ilen,
1084 unsigned char *output,
size_t output_len,
1085 size_t *olen,
size_t tag_len);
1137 const unsigned char *iv,
size_t iv_len,
1138 const unsigned char *ad,
size_t ad_len,
1139 const unsigned char *input,
size_t ilen,
1140 unsigned char *output,
size_t output_len,
1141 size_t *olen,
size_t tag_len);
unsigned char unprocessed_data[MBEDTLS_MAX_BLOCK_LENGTH]
static mbedtls_cipher_mode_t mbedtls_cipher_get_cipher_mode(const mbedtls_cipher_context_t *ctx)
This function returns the mode of operation for the cipher. For example, MBEDTLS_MODE_CBC.
static unsigned int mbedtls_cipher_get_block_size(const mbedtls_cipher_context_t *ctx)
This function returns the block size of the given cipher.
const mbedtls_cipher_info_t * mbedtls_cipher_info_from_string(const char *cipher_name)
This function retrieves the cipher-information structure associated with the given cipher name...
int mbedtls_cipher_finish(mbedtls_cipher_context_t *ctx, unsigned char *output, size_t *olen)
The generic cipher finalization function. If data still needs to be flushed from an incomplete block...
void(* add_padding)(unsigned char *output, size_t olen, size_t data_len)
int mbedtls_cipher_auth_decrypt_ext(mbedtls_cipher_context_t *ctx, const unsigned char *iv, size_t iv_len, const unsigned char *ad, size_t ad_len, const unsigned char *input, size_t ilen, unsigned char *output, size_t output_len, size_t *olen, size_t tag_len)
The authenticated encryption (AEAD/NIST_KW) function.
int mbedtls_cipher_reset(mbedtls_cipher_context_t *ctx)
This function resets the cipher state.
static const char * mbedtls_cipher_get_name(const mbedtls_cipher_context_t *ctx)
This function returns the name of the given cipher as a string.
Configuration options (set of defines)
int mbedtls_cipher_set_iv(mbedtls_cipher_context_t *ctx, const unsigned char *iv, size_t iv_len)
This function sets the initialization vector (IV) or nonce.
int mbedtls_cipher_set_padding_mode(mbedtls_cipher_context_t *ctx, mbedtls_cipher_padding_t mode)
This function sets the padding mode, for cipher modes that use padding.
mbedtls_cipher_mode_t mode
int mbedtls_cipher_update(mbedtls_cipher_context_t *ctx, const unsigned char *input, size_t ilen, unsigned char *output, size_t *olen)
The generic cipher update function. It encrypts or decrypts using the given cipher context...
void mbedtls_cipher_free(mbedtls_cipher_context_t *ctx)
This function frees and clears the cipher-specific context of ctx. Freeing ctx itself remains the res...
static mbedtls_operation_t mbedtls_cipher_get_operation(const mbedtls_cipher_context_t *ctx)
This function returns the operation of the given cipher.
const int * mbedtls_cipher_list(void)
This function retrieves the list of ciphers supported by the generic cipher module.
static int mbedtls_cipher_get_key_bitlen(const mbedtls_cipher_context_t *ctx)
This function returns the key length of the cipher.
mbedtls_cipher_type_t
Supported {cipher type, cipher mode} pairs.
struct mbedtls_cipher_info_t mbedtls_cipher_info_t
const mbedtls_cipher_info_t * cipher_info
struct mbedtls_cipher_base_t mbedtls_cipher_base_t
const mbedtls_cipher_info_t * mbedtls_cipher_info_from_values(const mbedtls_cipher_id_t cipher_id, int key_bitlen, const mbedtls_cipher_mode_t mode)
This function retrieves the cipher-information structure associated with the given cipher ID...
int MBEDTLS_DEPRECATED mbedtls_cipher_auth_encrypt(mbedtls_cipher_context_t *ctx, const unsigned char *iv, size_t iv_len, const unsigned char *ad, size_t ad_len, const unsigned char *input, size_t ilen, unsigned char *output, size_t *olen, unsigned char *tag, size_t tag_len)
The generic authenticated encryption (AEAD) function.
static mbedtls_cipher_type_t mbedtls_cipher_get_type(const mbedtls_cipher_context_t *ctx)
This function returns the type of the given cipher.
int(* get_padding)(unsigned char *input, size_t ilen, size_t *data_len)
#define MBEDTLS_DEPRECATED
mbedtls_operation_t operation
mbedtls_cipher_id_t
Supported cipher types.
unsigned char iv[MBEDTLS_MAX_IV_LENGTH]
int mbedtls_cipher_setkey(mbedtls_cipher_context_t *ctx, const unsigned char *key, int key_bitlen, const mbedtls_operation_t operation)
This function sets the key to use with the given context.
int mbedtls_cipher_auth_encrypt_ext(mbedtls_cipher_context_t *ctx, const unsigned char *iv, size_t iv_len, const unsigned char *ad, size_t ad_len, const unsigned char *input, size_t ilen, unsigned char *output, size_t output_len, size_t *olen, size_t tag_len)
The authenticated encryption (AEAD/NIST_KW) function.
#define MBEDTLS_MAX_IV_LENGTH
int mbedtls_cipher_crypt(mbedtls_cipher_context_t *ctx, const unsigned char *iv, size_t iv_len, const unsigned char *input, size_t ilen, unsigned char *output, size_t *olen)
The generic all-in-one encryption/decryption function, for all ciphers except AEAD constructs...
void mbedtls_cipher_init(mbedtls_cipher_context_t *ctx)
This function initializes a ctx as NONE.
int mbedtls_cipher_update_ad(mbedtls_cipher_context_t *ctx, const unsigned char *ad, size_t ad_len)
This function adds additional data for AEAD ciphers. Currently supported with GCM and ChaCha20+Poly13...
int MBEDTLS_DEPRECATED mbedtls_cipher_auth_decrypt(mbedtls_cipher_context_t *ctx, const unsigned char *iv, size_t iv_len, const unsigned char *ad, size_t ad_len, const unsigned char *input, size_t ilen, unsigned char *output, size_t *olen, const unsigned char *tag, size_t tag_len)
The generic authenticated decryption (AEAD) function.
int mbedtls_cipher_setup(mbedtls_cipher_context_t *ctx, const mbedtls_cipher_info_t *cipher_info)
This function prepares a cipher context for use with the given cipher primitive.
int mbedtls_cipher_check_tag(mbedtls_cipher_context_t *ctx, const unsigned char *tag, size_t tag_len)
This function checks the tag for AEAD ciphers. Currently supported with GCM and ChaCha20+Poly1305. This must be called after mbedtls_cipher_finish().
static int mbedtls_cipher_get_iv_size(const mbedtls_cipher_context_t *ctx)
This function returns the size of the IV or nonce of the cipher, in Bytes.
struct mbedtls_cipher_context_t mbedtls_cipher_context_t
int mbedtls_cipher_write_tag(mbedtls_cipher_context_t *ctx, unsigned char *tag, size_t tag_len)
This function writes a tag for AEAD ciphers. Currently supported with GCM and ChaCha20+Poly1305. This must be called after mbedtls_cipher_finish().
#define MBEDTLS_MAX_BLOCK_LENGTH
mbedtls_cipher_type_t type
const mbedtls_cipher_info_t * mbedtls_cipher_info_from_type(const mbedtls_cipher_type_t cipher_type)
This function retrieves the cipher-information structure associated with the given cipher type...
const mbedtls_cipher_base_t * base