mbed TLS v3.1.0
cipher.h
Go to the documentation of this file.
1 
10 /*
11  * Copyright The Mbed TLS Contributors
12  * SPDX-License-Identifier: Apache-2.0
13  *
14  * Licensed under the Apache License, Version 2.0 (the "License"); you may
15  * not use this file except in compliance with the License.
16  * You may obtain a copy of the License at
17  *
18  * http://www.apache.org/licenses/LICENSE-2.0
19  *
20  * Unless required by applicable law or agreed to in writing, software
21  * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
22  * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
23  * See the License for the specific language governing permissions and
24  * limitations under the License.
25  */
26 
27 #ifndef MBEDTLS_CIPHER_H
28 #define MBEDTLS_CIPHER_H
29 #include "mbedtls/private_access.h"
30 
31 #include "mbedtls/build_info.h"
32 
33 #include <stddef.h>
34 #include "mbedtls/platform_util.h"
35 
36 #if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
37 #define MBEDTLS_CIPHER_MODE_AEAD
38 #endif
39 
40 #if defined(MBEDTLS_CIPHER_MODE_CBC)
41 #define MBEDTLS_CIPHER_MODE_WITH_PADDING
42 #endif
43 
44 #if defined(MBEDTLS_CIPHER_NULL_CIPHER) || \
45  defined(MBEDTLS_CHACHA20_C)
46 #define MBEDTLS_CIPHER_MODE_STREAM
47 #endif
48 
49 #if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
50  !defined(inline) && !defined(__cplusplus)
51 #define inline __inline
52 #endif
53 
55 #define MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE -0x6080
56 
57 #define MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA -0x6100
58 
59 #define MBEDTLS_ERR_CIPHER_ALLOC_FAILED -0x6180
60 
61 #define MBEDTLS_ERR_CIPHER_INVALID_PADDING -0x6200
62 
63 #define MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED -0x6280
64 
65 #define MBEDTLS_ERR_CIPHER_AUTH_FAILED -0x6300
66 
67 #define MBEDTLS_ERR_CIPHER_INVALID_CONTEXT -0x6380
68 
69 #define MBEDTLS_CIPHER_VARIABLE_IV_LEN 0x01
70 #define MBEDTLS_CIPHER_VARIABLE_KEY_LEN 0x02
72 #ifdef __cplusplus
73 extern "C" {
74 #endif
75 
83 typedef enum {
84  MBEDTLS_CIPHER_ID_NONE = 0,
85  MBEDTLS_CIPHER_ID_NULL,
86  MBEDTLS_CIPHER_ID_AES,
87  MBEDTLS_CIPHER_ID_DES,
88  MBEDTLS_CIPHER_ID_3DES,
89  MBEDTLS_CIPHER_ID_CAMELLIA,
90  MBEDTLS_CIPHER_ID_ARIA,
91  MBEDTLS_CIPHER_ID_CHACHA20,
92 } mbedtls_cipher_id_t;
93 
101 typedef enum {
102  MBEDTLS_CIPHER_NONE = 0,
103  MBEDTLS_CIPHER_NULL,
104  MBEDTLS_CIPHER_AES_128_ECB,
105  MBEDTLS_CIPHER_AES_192_ECB,
106  MBEDTLS_CIPHER_AES_256_ECB,
107  MBEDTLS_CIPHER_AES_128_CBC,
108  MBEDTLS_CIPHER_AES_192_CBC,
109  MBEDTLS_CIPHER_AES_256_CBC,
110  MBEDTLS_CIPHER_AES_128_CFB128,
111  MBEDTLS_CIPHER_AES_192_CFB128,
112  MBEDTLS_CIPHER_AES_256_CFB128,
113  MBEDTLS_CIPHER_AES_128_CTR,
114  MBEDTLS_CIPHER_AES_192_CTR,
115  MBEDTLS_CIPHER_AES_256_CTR,
116  MBEDTLS_CIPHER_AES_128_GCM,
117  MBEDTLS_CIPHER_AES_192_GCM,
118  MBEDTLS_CIPHER_AES_256_GCM,
119  MBEDTLS_CIPHER_CAMELLIA_128_ECB,
120  MBEDTLS_CIPHER_CAMELLIA_192_ECB,
121  MBEDTLS_CIPHER_CAMELLIA_256_ECB,
122  MBEDTLS_CIPHER_CAMELLIA_128_CBC,
123  MBEDTLS_CIPHER_CAMELLIA_192_CBC,
124  MBEDTLS_CIPHER_CAMELLIA_256_CBC,
125  MBEDTLS_CIPHER_CAMELLIA_128_CFB128,
126  MBEDTLS_CIPHER_CAMELLIA_192_CFB128,
127  MBEDTLS_CIPHER_CAMELLIA_256_CFB128,
128  MBEDTLS_CIPHER_CAMELLIA_128_CTR,
129  MBEDTLS_CIPHER_CAMELLIA_192_CTR,
130  MBEDTLS_CIPHER_CAMELLIA_256_CTR,
131  MBEDTLS_CIPHER_CAMELLIA_128_GCM,
132  MBEDTLS_CIPHER_CAMELLIA_192_GCM,
133  MBEDTLS_CIPHER_CAMELLIA_256_GCM,
134  MBEDTLS_CIPHER_DES_ECB,
135  MBEDTLS_CIPHER_DES_CBC,
136  MBEDTLS_CIPHER_DES_EDE_ECB,
137  MBEDTLS_CIPHER_DES_EDE_CBC,
138  MBEDTLS_CIPHER_DES_EDE3_ECB,
139  MBEDTLS_CIPHER_DES_EDE3_CBC,
140  MBEDTLS_CIPHER_AES_128_CCM,
141  MBEDTLS_CIPHER_AES_192_CCM,
142  MBEDTLS_CIPHER_AES_256_CCM,
143  MBEDTLS_CIPHER_AES_128_CCM_STAR_NO_TAG,
144  MBEDTLS_CIPHER_AES_192_CCM_STAR_NO_TAG,
145  MBEDTLS_CIPHER_AES_256_CCM_STAR_NO_TAG,
146  MBEDTLS_CIPHER_CAMELLIA_128_CCM,
147  MBEDTLS_CIPHER_CAMELLIA_192_CCM,
148  MBEDTLS_CIPHER_CAMELLIA_256_CCM,
149  MBEDTLS_CIPHER_CAMELLIA_128_CCM_STAR_NO_TAG,
150  MBEDTLS_CIPHER_CAMELLIA_192_CCM_STAR_NO_TAG,
151  MBEDTLS_CIPHER_CAMELLIA_256_CCM_STAR_NO_TAG,
152  MBEDTLS_CIPHER_ARIA_128_ECB,
153  MBEDTLS_CIPHER_ARIA_192_ECB,
154  MBEDTLS_CIPHER_ARIA_256_ECB,
155  MBEDTLS_CIPHER_ARIA_128_CBC,
156  MBEDTLS_CIPHER_ARIA_192_CBC,
157  MBEDTLS_CIPHER_ARIA_256_CBC,
158  MBEDTLS_CIPHER_ARIA_128_CFB128,
159  MBEDTLS_CIPHER_ARIA_192_CFB128,
160  MBEDTLS_CIPHER_ARIA_256_CFB128,
161  MBEDTLS_CIPHER_ARIA_128_CTR,
162  MBEDTLS_CIPHER_ARIA_192_CTR,
163  MBEDTLS_CIPHER_ARIA_256_CTR,
164  MBEDTLS_CIPHER_ARIA_128_GCM,
165  MBEDTLS_CIPHER_ARIA_192_GCM,
166  MBEDTLS_CIPHER_ARIA_256_GCM,
167  MBEDTLS_CIPHER_ARIA_128_CCM,
168  MBEDTLS_CIPHER_ARIA_192_CCM,
169  MBEDTLS_CIPHER_ARIA_256_CCM,
170  MBEDTLS_CIPHER_ARIA_128_CCM_STAR_NO_TAG,
171  MBEDTLS_CIPHER_ARIA_192_CCM_STAR_NO_TAG,
172  MBEDTLS_CIPHER_ARIA_256_CCM_STAR_NO_TAG,
173  MBEDTLS_CIPHER_AES_128_OFB,
174  MBEDTLS_CIPHER_AES_192_OFB,
175  MBEDTLS_CIPHER_AES_256_OFB,
176  MBEDTLS_CIPHER_AES_128_XTS,
177  MBEDTLS_CIPHER_AES_256_XTS,
178  MBEDTLS_CIPHER_CHACHA20,
179  MBEDTLS_CIPHER_CHACHA20_POLY1305,
180  MBEDTLS_CIPHER_AES_128_KW,
181  MBEDTLS_CIPHER_AES_192_KW,
182  MBEDTLS_CIPHER_AES_256_KW,
183  MBEDTLS_CIPHER_AES_128_KWP,
184  MBEDTLS_CIPHER_AES_192_KWP,
185  MBEDTLS_CIPHER_AES_256_KWP,
186 } mbedtls_cipher_type_t;
187 
189 typedef enum {
190  MBEDTLS_MODE_NONE = 0,
191  MBEDTLS_MODE_ECB,
192  MBEDTLS_MODE_CBC,
193  MBEDTLS_MODE_CFB,
194  MBEDTLS_MODE_OFB,
195  MBEDTLS_MODE_CTR,
196  MBEDTLS_MODE_GCM,
197  MBEDTLS_MODE_STREAM,
198  MBEDTLS_MODE_CCM,
199  MBEDTLS_MODE_CCM_STAR_NO_TAG,
200  MBEDTLS_MODE_XTS,
201  MBEDTLS_MODE_CHACHAPOLY,
202  MBEDTLS_MODE_KW,
203  MBEDTLS_MODE_KWP,
204 } mbedtls_cipher_mode_t;
205 
207 typedef enum {
208  MBEDTLS_PADDING_PKCS7 = 0,
209  MBEDTLS_PADDING_ONE_AND_ZEROS,
210  MBEDTLS_PADDING_ZEROS_AND_LEN,
211  MBEDTLS_PADDING_ZEROS,
212  MBEDTLS_PADDING_NONE,
213 } mbedtls_cipher_padding_t;
214 
216 typedef enum {
217  MBEDTLS_OPERATION_NONE = -1,
218  MBEDTLS_DECRYPT = 0,
219  MBEDTLS_ENCRYPT,
220 } mbedtls_operation_t;
221 
222 enum {
224  MBEDTLS_KEY_LENGTH_NONE = 0,
226  MBEDTLS_KEY_LENGTH_DES = 64,
228  MBEDTLS_KEY_LENGTH_DES_EDE = 128,
230  MBEDTLS_KEY_LENGTH_DES_EDE3 = 192,
231 };
232 
234 /* This should ideally be derived automatically from list of ciphers.
235  * This should be kept in sync with MBEDTLS_SSL_MAX_IV_LENGTH defined
236  * in library/ssl_misc.h. */
237 #define MBEDTLS_MAX_IV_LENGTH 16
238 
240 /* This should ideally be derived automatically from list of ciphers.
241  * This should be kept in sync with MBEDTLS_SSL_MAX_BLOCK_LENGTH defined
242  * in library/ssl_misc.h. */
243 #define MBEDTLS_MAX_BLOCK_LENGTH 16
244 
246 /* This should ideally be derived automatically from list of ciphers.
247  * For now, only check whether XTS is enabled which uses 64 Byte keys,
248  * and use 32 Bytes as an upper bound for the maximum key length otherwise.
249  * This should be kept in sync with MBEDTLS_SSL_MAX_BLOCK_LENGTH defined
250  * in library/ssl_misc.h, which however deliberately ignores the case of XTS
251  * since the latter isn't used in SSL/TLS. */
252 #if defined(MBEDTLS_CIPHER_MODE_XTS)
253 #define MBEDTLS_MAX_KEY_LENGTH 64
254 #else
255 #define MBEDTLS_MAX_KEY_LENGTH 32
256 #endif /* MBEDTLS_CIPHER_MODE_XTS */
257 
261 typedef struct mbedtls_cipher_base_t mbedtls_cipher_base_t;
262 
266 typedef struct mbedtls_cmac_context_t mbedtls_cmac_context_t;
267 
279 typedef struct mbedtls_cipher_info_t
280 {
284  mbedtls_cipher_type_t MBEDTLS_PRIVATE(type);
285 
287  mbedtls_cipher_mode_t MBEDTLS_PRIVATE(mode);
288 
293  unsigned int MBEDTLS_PRIVATE(key_bitlen);
294 
296  const char * MBEDTLS_PRIVATE(name);
297 
302  unsigned int MBEDTLS_PRIVATE(iv_size);
303 
308  int MBEDTLS_PRIVATE(flags);
309 
311  unsigned int MBEDTLS_PRIVATE(block_size);
312 
314  const mbedtls_cipher_base_t *MBEDTLS_PRIVATE(base);
315 
316 } mbedtls_cipher_info_t;
317 
321 typedef struct mbedtls_cipher_context_t
322 {
324  const mbedtls_cipher_info_t *MBEDTLS_PRIVATE(cipher_info);
325 
327  int MBEDTLS_PRIVATE(key_bitlen);
328 
332  mbedtls_operation_t MBEDTLS_PRIVATE(operation);
333 
334 #if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
335 
338  void (*MBEDTLS_PRIVATE(add_padding))( unsigned char *output, size_t olen, size_t data_len );
339  int (*MBEDTLS_PRIVATE(get_padding))( unsigned char *input, size_t ilen, size_t *data_len );
340 #endif
341 
343  unsigned char MBEDTLS_PRIVATE(unprocessed_data)[MBEDTLS_MAX_BLOCK_LENGTH];
344 
346  size_t MBEDTLS_PRIVATE(unprocessed_len);
347 
350  unsigned char MBEDTLS_PRIVATE(iv)[MBEDTLS_MAX_IV_LENGTH];
351 
353  size_t MBEDTLS_PRIVATE(iv_size);
354 
356  void *MBEDTLS_PRIVATE(cipher_ctx);
357 
358 #if defined(MBEDTLS_CMAC_C)
359 
360  mbedtls_cmac_context_t *MBEDTLS_PRIVATE(cmac_ctx);
361 #endif
362 
363 #if defined(MBEDTLS_USE_PSA_CRYPTO)
364 
371  unsigned char MBEDTLS_PRIVATE(psa_enabled);
372 #endif /* MBEDTLS_USE_PSA_CRYPTO */
373 
374 } mbedtls_cipher_context_t;
375 
389 const int *mbedtls_cipher_list( void );
390 
402 const mbedtls_cipher_info_t *mbedtls_cipher_info_from_string( const char *cipher_name );
403 
414 const mbedtls_cipher_info_t *mbedtls_cipher_info_from_type( const mbedtls_cipher_type_t cipher_type );
415 
430 const mbedtls_cipher_info_t *mbedtls_cipher_info_from_values( const mbedtls_cipher_id_t cipher_id,
431  int key_bitlen,
432  const mbedtls_cipher_mode_t mode );
433 
443 static inline mbedtls_cipher_type_t mbedtls_cipher_info_get_type(
444  const mbedtls_cipher_info_t *info )
445 {
446  if( info == NULL )
447  return( MBEDTLS_CIPHER_NONE );
448  else
449  return( info->MBEDTLS_PRIVATE(type) );
450 }
451 
461 static inline mbedtls_cipher_mode_t mbedtls_cipher_info_get_mode(
462  const mbedtls_cipher_info_t *info )
463 {
464  if( info == NULL )
465  return( MBEDTLS_MODE_NONE );
466  else
467  return( info->MBEDTLS_PRIVATE(mode) );
468 }
469 
481 static inline size_t mbedtls_cipher_info_get_key_bitlen(
482  const mbedtls_cipher_info_t *info )
483 {
484  if( info == NULL )
485  return( 0 );
486  else
487  return( info->MBEDTLS_PRIVATE(key_bitlen) );
488 }
489 
501 static inline const char *mbedtls_cipher_info_get_name(
502  const mbedtls_cipher_info_t *info )
503 {
504  if( info == NULL )
505  return( NULL );
506  else
507  return( info->MBEDTLS_PRIVATE(name) );
508 }
509 
520 static inline size_t mbedtls_cipher_info_get_iv_size(
521  const mbedtls_cipher_info_t *info )
522 {
523  if( info == NULL )
524  return( 0 );
525 
526  return( (size_t) info->MBEDTLS_PRIVATE(iv_size) );
527 }
528 
539 static inline size_t mbedtls_cipher_info_get_block_size(
540  const mbedtls_cipher_info_t *info )
541 {
542  if( info == NULL )
543  return( 0 );
544 
545  return( (size_t) info->MBEDTLS_PRIVATE(block_size) );
546 }
547 
557 static inline int mbedtls_cipher_info_has_variable_key_bitlen(
558  const mbedtls_cipher_info_t *info )
559 {
560  if( info == NULL )
561  return( 0 );
562 
563  return( info->MBEDTLS_PRIVATE(flags) & MBEDTLS_CIPHER_VARIABLE_KEY_LEN );
564 }
565 
575 static inline int mbedtls_cipher_info_has_variable_iv_size(
576  const mbedtls_cipher_info_t *info )
577 {
578  if( info == NULL )
579  return( 0 );
580 
581  return( info->MBEDTLS_PRIVATE(flags) & MBEDTLS_CIPHER_VARIABLE_IV_LEN );
582 }
583 
589 void mbedtls_cipher_init( mbedtls_cipher_context_t *ctx );
590 
600 void mbedtls_cipher_free( mbedtls_cipher_context_t *ctx );
601 
602 
629 int mbedtls_cipher_setup( mbedtls_cipher_context_t *ctx,
630  const mbedtls_cipher_info_t *cipher_info );
631 
632 #if defined(MBEDTLS_USE_PSA_CRYPTO)
633 
654 int mbedtls_cipher_setup_psa( mbedtls_cipher_context_t *ctx,
655  const mbedtls_cipher_info_t *cipher_info,
656  size_t taglen );
657 #endif /* MBEDTLS_USE_PSA_CRYPTO */
658 
669 static inline unsigned int mbedtls_cipher_get_block_size(
670  const mbedtls_cipher_context_t *ctx )
671 {
672  MBEDTLS_INTERNAL_VALIDATE_RET( ctx != NULL, 0 );
673  if( ctx->MBEDTLS_PRIVATE(cipher_info) == NULL )
674  return 0;
675 
676  return ctx->MBEDTLS_PRIVATE(cipher_info)->MBEDTLS_PRIVATE(block_size);
677 }
678 
688 static inline mbedtls_cipher_mode_t mbedtls_cipher_get_cipher_mode(
689  const mbedtls_cipher_context_t *ctx )
690 {
691  MBEDTLS_INTERNAL_VALIDATE_RET( ctx != NULL, MBEDTLS_MODE_NONE );
692  if( ctx->MBEDTLS_PRIVATE(cipher_info) == NULL )
693  return MBEDTLS_MODE_NONE;
694 
695  return ctx->MBEDTLS_PRIVATE(cipher_info)->MBEDTLS_PRIVATE(mode);
696 }
697 
708 static inline int mbedtls_cipher_get_iv_size(
709  const mbedtls_cipher_context_t *ctx )
710 {
711  MBEDTLS_INTERNAL_VALIDATE_RET( ctx != NULL, 0 );
712  if( ctx->MBEDTLS_PRIVATE(cipher_info) == NULL )
713  return 0;
714 
715  if( ctx->MBEDTLS_PRIVATE(iv_size) != 0 )
716  return (int) ctx->MBEDTLS_PRIVATE(iv_size);
717 
718  return (int) ctx->MBEDTLS_PRIVATE(cipher_info)->MBEDTLS_PRIVATE(iv_size);
719 }
720 
729 static inline mbedtls_cipher_type_t mbedtls_cipher_get_type(
730  const mbedtls_cipher_context_t *ctx )
731 {
732  MBEDTLS_INTERNAL_VALIDATE_RET(
733  ctx != NULL, MBEDTLS_CIPHER_NONE );
734  if( ctx->MBEDTLS_PRIVATE(cipher_info) == NULL )
735  return MBEDTLS_CIPHER_NONE;
736 
737  return ctx->MBEDTLS_PRIVATE(cipher_info)->MBEDTLS_PRIVATE(type);
738 }
739 
749 static inline const char *mbedtls_cipher_get_name(
750  const mbedtls_cipher_context_t *ctx )
751 {
752  MBEDTLS_INTERNAL_VALIDATE_RET( ctx != NULL, 0 );
753  if( ctx->MBEDTLS_PRIVATE(cipher_info) == NULL )
754  return 0;
755 
756  return ctx->MBEDTLS_PRIVATE(cipher_info)->MBEDTLS_PRIVATE(name);
757 }
758 
768 static inline int mbedtls_cipher_get_key_bitlen(
769  const mbedtls_cipher_context_t *ctx )
770 {
771  MBEDTLS_INTERNAL_VALIDATE_RET(
772  ctx != NULL, MBEDTLS_KEY_LENGTH_NONE );
773  if( ctx->MBEDTLS_PRIVATE(cipher_info) == NULL )
774  return MBEDTLS_KEY_LENGTH_NONE;
775 
776  return (int) ctx->MBEDTLS_PRIVATE(cipher_info)->MBEDTLS_PRIVATE(key_bitlen);
777 }
778 
787 static inline mbedtls_operation_t mbedtls_cipher_get_operation(
788  const mbedtls_cipher_context_t *ctx )
789 {
790  MBEDTLS_INTERNAL_VALIDATE_RET(
791  ctx != NULL, MBEDTLS_OPERATION_NONE );
792  if( ctx->MBEDTLS_PRIVATE(cipher_info) == NULL )
793  return MBEDTLS_OPERATION_NONE;
794 
795  return ctx->MBEDTLS_PRIVATE(operation);
796 }
797 
814 int mbedtls_cipher_setkey( mbedtls_cipher_context_t *ctx,
815  const unsigned char *key,
816  int key_bitlen,
817  const mbedtls_operation_t operation );
818 
819 #if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
820 
836 int mbedtls_cipher_set_padding_mode( mbedtls_cipher_context_t *ctx,
837  mbedtls_cipher_padding_t mode );
838 #endif /* MBEDTLS_CIPHER_MODE_WITH_PADDING */
839 
858 int mbedtls_cipher_set_iv( mbedtls_cipher_context_t *ctx,
859  const unsigned char *iv,
860  size_t iv_len );
861 
894 int mbedtls_cipher_reset( mbedtls_cipher_context_t *ctx );
895 
896 #if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
897 
909 int mbedtls_cipher_update_ad( mbedtls_cipher_context_t *ctx,
910  const unsigned char *ad, size_t ad_len );
911 #endif /* MBEDTLS_GCM_C || MBEDTLS_CHACHAPOLY_C */
912 
942 int mbedtls_cipher_update( mbedtls_cipher_context_t *ctx,
943  const unsigned char *input,
944  size_t ilen, unsigned char *output,
945  size_t *olen );
946 
969 int mbedtls_cipher_finish( mbedtls_cipher_context_t *ctx,
970  unsigned char *output, size_t *olen );
971 
972 #if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
973 
989 int mbedtls_cipher_write_tag( mbedtls_cipher_context_t *ctx,
990  unsigned char *tag, size_t tag_len );
991 
1005 int mbedtls_cipher_check_tag( mbedtls_cipher_context_t *ctx,
1006  const unsigned char *tag, size_t tag_len );
1007 #endif /* MBEDTLS_GCM_C || MBEDTLS_CHACHAPOLY_C */
1008 
1042 int mbedtls_cipher_crypt( mbedtls_cipher_context_t *ctx,
1043  const unsigned char *iv, size_t iv_len,
1044  const unsigned char *input, size_t ilen,
1045  unsigned char *output, size_t *olen );
1046 
1047 #if defined(MBEDTLS_CIPHER_MODE_AEAD) || defined(MBEDTLS_NIST_KW_C)
1048 
1092 int mbedtls_cipher_auth_encrypt_ext( mbedtls_cipher_context_t *ctx,
1093  const unsigned char *iv, size_t iv_len,
1094  const unsigned char *ad, size_t ad_len,
1095  const unsigned char *input, size_t ilen,
1096  unsigned char *output, size_t output_len,
1097  size_t *olen, size_t tag_len );
1098 
1148 int mbedtls_cipher_auth_decrypt_ext( mbedtls_cipher_context_t *ctx,
1149  const unsigned char *iv, size_t iv_len,
1150  const unsigned char *ad, size_t ad_len,
1151  const unsigned char *input, size_t ilen,
1152  unsigned char *output, size_t output_len,
1153  size_t *olen, size_t tag_len );
1154 #endif /* MBEDTLS_CIPHER_MODE_AEAD || MBEDTLS_NIST_KW_C */
1155 #ifdef __cplusplus
1156 }
1157 #endif
1158 
1159 #endif /* MBEDTLS_CIPHER_H */
MBEDTLS_CIPHER_VARIABLE_KEY_LEN
#define MBEDTLS_CIPHER_VARIABLE_KEY_LEN
Definition: cipher.h:70
MBEDTLS_CIPHER_VARIABLE_IV_LEN
#define MBEDTLS_CIPHER_VARIABLE_IV_LEN
Definition: cipher.h:69
mbedtls_operation_t
mbedtls_operation_t
Definition: cipher.h:216
mbedtls_cipher_info_get_name
static const char * mbedtls_cipher_info_get_name(const mbedtls_cipher_info_t *info)
Retrieve the human-readable name for a cipher info structure.
Definition: cipher.h:501
mbedtls_cipher_padding_t
mbedtls_cipher_padding_t
Definition: cipher.h:207
mbedtls_cipher_get_cipher_mode
static mbedtls_cipher_mode_t mbedtls_cipher_get_cipher_mode(const mbedtls_cipher_context_t *ctx)
This function returns the mode of operation for the cipher. For example, MBEDTLS_MODE_CBC.
Definition: cipher.h:688
MBEDTLS_INTERNAL_VALIDATE_RET
#define MBEDTLS_INTERNAL_VALIDATE_RET(cond, ret)
Definition: platform_util.h:39
mbedtls_cipher_get_block_size
static unsigned int mbedtls_cipher_get_block_size(const mbedtls_cipher_context_t *ctx)
This function returns the block size of the given cipher in bytes.
Definition: cipher.h:669
mbedtls_cipher_setup_psa
int mbedtls_cipher_setup_psa(mbedtls_cipher_context_t *ctx, const mbedtls_cipher_info_t *cipher_info, size_t taglen)
This function initializes a cipher context for PSA-based use with the given cipher primitive...
mbedtls_cipher_info_get_key_bitlen
static size_t mbedtls_cipher_info_get_key_bitlen(const mbedtls_cipher_info_t *info)
Retrieve the key size for a cipher info structure.
Definition: cipher.h:481
mbedtls_cipher_mode_t
mbedtls_cipher_mode_t
Definition: cipher.h:189
mbedtls_cipher_info_from_string
const mbedtls_cipher_info_t * mbedtls_cipher_info_from_string(const char *cipher_name)
This function retrieves the cipher-information structure associated with the given cipher name...
mbedtls_cipher_info_has_variable_iv_size
static int mbedtls_cipher_info_has_variable_iv_size(const mbedtls_cipher_info_t *info)
This function returns a non-zero value if the IV size for the given cipher is variable.
Definition: cipher.h:575
mbedtls_cipher_finish
int mbedtls_cipher_finish(mbedtls_cipher_context_t *ctx, unsigned char *output, size_t *olen)
The generic cipher finalization function. If data still needs to be flushed from an incomplete block...
mbedtls_cipher_context_t
Definition: cipher.h:321
mbedtls_cipher_auth_decrypt_ext
int mbedtls_cipher_auth_decrypt_ext(mbedtls_cipher_context_t *ctx, const unsigned char *iv, size_t iv_len, const unsigned char *ad, size_t ad_len, const unsigned char *input, size_t ilen, unsigned char *output, size_t output_len, size_t *olen, size_t tag_len)
The authenticated encryption (AEAD/NIST_KW) function.
mbedtls_cipher_reset
int mbedtls_cipher_reset(mbedtls_cipher_context_t *ctx)
This function resets the cipher state.
mbedtls_cipher_get_name
static const char * mbedtls_cipher_get_name(const mbedtls_cipher_context_t *ctx)
This function returns the name of the given cipher as a string.
Definition: cipher.h:749
MBEDTLS_PRIVATE
#define MBEDTLS_PRIVATE(member)
Definition: private_access.h:27
mbedtls_cipher_set_iv
int mbedtls_cipher_set_iv(mbedtls_cipher_context_t *ctx, const unsigned char *iv, size_t iv_len)
This function sets the initialization vector (IV) or nonce.
mbedtls_cipher_info_t
Definition: cipher.h:279
mbedtls_cipher_info_has_variable_key_bitlen
static int mbedtls_cipher_info_has_variable_key_bitlen(const mbedtls_cipher_info_t *info)
This function returns a non-zero value if the key length for the given cipher is variable.
Definition: cipher.h:557
mbedtls_cipher_set_padding_mode
int mbedtls_cipher_set_padding_mode(mbedtls_cipher_context_t *ctx, mbedtls_cipher_padding_t mode)
This function sets the padding mode, for cipher modes that use padding.
mbedtls_cipher_info_get_iv_size
static size_t mbedtls_cipher_info_get_iv_size(const mbedtls_cipher_info_t *info)
This function returns the size of the IV or nonce for the cipher info structure, in bytes...
Definition: cipher.h:520
mbedtls_cipher_update
int mbedtls_cipher_update(mbedtls_cipher_context_t *ctx, const unsigned char *input, size_t ilen, unsigned char *output, size_t *olen)
The generic cipher update function. It encrypts or decrypts using the given cipher context...
mbedtls_cipher_free
void mbedtls_cipher_free(mbedtls_cipher_context_t *ctx)
This function frees and clears the cipher-specific context of ctx. Freeing ctx itself remains the res...
mbedtls_cipher_get_operation
static mbedtls_operation_t mbedtls_cipher_get_operation(const mbedtls_cipher_context_t *ctx)
This function returns the operation of the given cipher.
Definition: cipher.h:787
mbedtls_cipher_list
const int * mbedtls_cipher_list(void)
This function retrieves the list of ciphers supported by the generic cipher module.
mbedtls_cipher_get_key_bitlen
static int mbedtls_cipher_get_key_bitlen(const mbedtls_cipher_context_t *ctx)
This function returns the key length of the cipher.
Definition: cipher.h:768
mbedtls_cipher_type_t
mbedtls_cipher_type_t
Supported {cipher type, cipher mode} pairs.
Definition: cipher.h:101
mbedtls_cipher_info_t
struct mbedtls_cipher_info_t mbedtls_cipher_info_t
platform_util.h
Common and shared functions used by multiple modules in the Mbed TLS library.
mbedtls_cipher_base_t
struct mbedtls_cipher_base_t mbedtls_cipher_base_t
Definition: cipher.h:261
mbedtls_cipher_info_from_values
const mbedtls_cipher_info_t * mbedtls_cipher_info_from_values(const mbedtls_cipher_id_t cipher_id, int key_bitlen, const mbedtls_cipher_mode_t mode)
This function retrieves the cipher-information structure associated with the given cipher ID...
mbedtls_cipher_get_type
static mbedtls_cipher_type_t mbedtls_cipher_get_type(const mbedtls_cipher_context_t *ctx)
This function returns the type of the given cipher.
Definition: cipher.h:729
mbedtls_cipher_id_t
mbedtls_cipher_id_t
Supported cipher types.
Definition: cipher.h:83
mbedtls_cipher_setkey
int mbedtls_cipher_setkey(mbedtls_cipher_context_t *ctx, const unsigned char *key, int key_bitlen, const mbedtls_operation_t operation)
This function sets the key to use with the given context.
mbedtls_cipher_info_get_mode
static mbedtls_cipher_mode_t mbedtls_cipher_info_get_mode(const mbedtls_cipher_info_t *info)
Retrieve the operation mode for a cipher info structure.
Definition: cipher.h:461
mbedtls_cipher_auth_encrypt_ext
int mbedtls_cipher_auth_encrypt_ext(mbedtls_cipher_context_t *ctx, const unsigned char *iv, size_t iv_len, const unsigned char *ad, size_t ad_len, const unsigned char *input, size_t ilen, unsigned char *output, size_t output_len, size_t *olen, size_t tag_len)
The authenticated encryption (AEAD/NIST_KW) function.
MBEDTLS_MAX_IV_LENGTH
#define MBEDTLS_MAX_IV_LENGTH
Definition: cipher.h:237
private_access.h
Macro wrapper for struct's memebrs.
build_info.h
Build-time configuration info.
mbedtls_cipher_crypt
int mbedtls_cipher_crypt(mbedtls_cipher_context_t *ctx, const unsigned char *iv, size_t iv_len, const unsigned char *input, size_t ilen, unsigned char *output, size_t *olen)
The generic all-in-one encryption/decryption function, for all ciphers except AEAD constructs...
mbedtls_cmac_context_t
struct mbedtls_cmac_context_t mbedtls_cmac_context_t
Definition: cipher.h:266
mbedtls_cipher_init
void mbedtls_cipher_init(mbedtls_cipher_context_t *ctx)
This function initializes a cipher_context as NONE.
mbedtls_cipher_update_ad
int mbedtls_cipher_update_ad(mbedtls_cipher_context_t *ctx, const unsigned char *ad, size_t ad_len)
This function adds additional data for AEAD ciphers. Currently supported with GCM and ChaCha20+Poly13...
mbedtls_cipher_setup
int mbedtls_cipher_setup(mbedtls_cipher_context_t *ctx, const mbedtls_cipher_info_t *cipher_info)
This function prepares a cipher context for use with the given cipher primitive.
mbedtls_cipher_check_tag
int mbedtls_cipher_check_tag(mbedtls_cipher_context_t *ctx, const unsigned char *tag, size_t tag_len)
This function checks the tag for AEAD ciphers. Currently supported with GCM and ChaCha20+Poly1305. This must be called after mbedtls_cipher_finish().
mbedtls_cipher_get_iv_size
static int mbedtls_cipher_get_iv_size(const mbedtls_cipher_context_t *ctx)
This function returns the size of the IV or nonce of the cipher, in Bytes.
Definition: cipher.h:708
mbedtls_cipher_context_t
struct mbedtls_cipher_context_t mbedtls_cipher_context_t
mbedtls_cipher_info_get_type
static mbedtls_cipher_type_t mbedtls_cipher_info_get_type(const mbedtls_cipher_info_t *info)
Retrieve the identifier for a cipher info structure.
Definition: cipher.h:443
mbedtls_cipher_write_tag
int mbedtls_cipher_write_tag(mbedtls_cipher_context_t *ctx, unsigned char *tag, size_t tag_len)
This function writes a tag for AEAD ciphers. Currently supported with GCM and ChaCha20+Poly1305. This must be called after mbedtls_cipher_finish().
mbedtls_cipher_info_get_block_size
static size_t mbedtls_cipher_info_get_block_size(const mbedtls_cipher_info_t *info)
This function returns the block size of the given cipher info structure in bytes. ...
Definition: cipher.h:539
MBEDTLS_MAX_BLOCK_LENGTH
#define MBEDTLS_MAX_BLOCK_LENGTH
Definition: cipher.h:243
mbedtls_cipher_info_from_type
const mbedtls_cipher_info_t * mbedtls_cipher_info_from_type(const mbedtls_cipher_type_t cipher_type)
This function retrieves the cipher-information structure associated with the given cipher type...
Generated on Tue Aug 30 2022 09:50:16 for mbed TLS v3.1.0 by   doxygen 1.8.6