1*32b31808SJens Wiklander /** 2*32b31808SJens Wiklander * \file cipher_wrap.h 3*32b31808SJens Wiklander * 4*32b31808SJens Wiklander * \brief Cipher wrappers. 5*32b31808SJens Wiklander * 6*32b31808SJens Wiklander * \author Adriaan de Jong <dejong@fox-it.com> 7*32b31808SJens Wiklander */ 8*32b31808SJens Wiklander /* 9*32b31808SJens Wiklander * Copyright The Mbed TLS Contributors 10*32b31808SJens Wiklander * SPDX-License-Identifier: Apache-2.0 11*32b31808SJens Wiklander * 12*32b31808SJens Wiklander * Licensed under the Apache License, Version 2.0 (the "License"); you may 13*32b31808SJens Wiklander * not use this file except in compliance with the License. 14*32b31808SJens Wiklander * You may obtain a copy of the License at 15*32b31808SJens Wiklander * 16*32b31808SJens Wiklander * http://www.apache.org/licenses/LICENSE-2.0 17*32b31808SJens Wiklander * 18*32b31808SJens Wiklander * Unless required by applicable law or agreed to in writing, software 19*32b31808SJens Wiklander * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT 20*32b31808SJens Wiklander * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 21*32b31808SJens Wiklander * See the License for the specific language governing permissions and 22*32b31808SJens Wiklander * limitations under the License. 23*32b31808SJens Wiklander */ 24*32b31808SJens Wiklander #ifndef MBEDTLS_CIPHER_WRAP_H 25*32b31808SJens Wiklander #define MBEDTLS_CIPHER_WRAP_H 26*32b31808SJens Wiklander 27*32b31808SJens Wiklander #include "mbedtls/build_info.h" 28*32b31808SJens Wiklander 29*32b31808SJens Wiklander #include "mbedtls/cipher.h" 30*32b31808SJens Wiklander 31*32b31808SJens Wiklander #if defined(MBEDTLS_USE_PSA_CRYPTO) 32*32b31808SJens Wiklander #include "psa/crypto.h" 33*32b31808SJens Wiklander #endif /* MBEDTLS_USE_PSA_CRYPTO */ 34*32b31808SJens Wiklander 35*32b31808SJens Wiklander #ifdef __cplusplus 36*32b31808SJens Wiklander extern "C" { 37*32b31808SJens Wiklander #endif 38*32b31808SJens Wiklander 39*32b31808SJens Wiklander /** 40*32b31808SJens Wiklander * Base cipher information. The non-mode specific functions and values. 41*32b31808SJens Wiklander */ 42*32b31808SJens Wiklander struct mbedtls_cipher_base_t { 43*32b31808SJens Wiklander /** Base Cipher type (e.g. MBEDTLS_CIPHER_ID_AES) */ 44*32b31808SJens Wiklander mbedtls_cipher_id_t cipher; 45*32b31808SJens Wiklander 46*32b31808SJens Wiklander /** Encrypt using ECB */ 47*32b31808SJens Wiklander int (*ecb_func)(void *ctx, mbedtls_operation_t mode, 48*32b31808SJens Wiklander const unsigned char *input, unsigned char *output); 49*32b31808SJens Wiklander 50*32b31808SJens Wiklander #if defined(MBEDTLS_CIPHER_MODE_CBC) 51*32b31808SJens Wiklander /** Encrypt using CBC */ 52*32b31808SJens Wiklander int (*cbc_func)(void *ctx, mbedtls_operation_t mode, size_t length, 53*32b31808SJens Wiklander unsigned char *iv, const unsigned char *input, 54*32b31808SJens Wiklander unsigned char *output); 55*32b31808SJens Wiklander #endif 56*32b31808SJens Wiklander 57*32b31808SJens Wiklander #if defined(MBEDTLS_CIPHER_MODE_CFB) 58*32b31808SJens Wiklander /** Encrypt using CFB (Full length) */ 59*32b31808SJens Wiklander int (*cfb_func)(void *ctx, mbedtls_operation_t mode, size_t length, size_t *iv_off, 60*32b31808SJens Wiklander unsigned char *iv, const unsigned char *input, 61*32b31808SJens Wiklander unsigned char *output); 62*32b31808SJens Wiklander #endif 63*32b31808SJens Wiklander 64*32b31808SJens Wiklander #if defined(MBEDTLS_CIPHER_MODE_OFB) 65*32b31808SJens Wiklander /** Encrypt using OFB (Full length) */ 66*32b31808SJens Wiklander int (*ofb_func)(void *ctx, size_t length, size_t *iv_off, 67*32b31808SJens Wiklander unsigned char *iv, 68*32b31808SJens Wiklander const unsigned char *input, 69*32b31808SJens Wiklander unsigned char *output); 70*32b31808SJens Wiklander #endif 71*32b31808SJens Wiklander 72*32b31808SJens Wiklander #if defined(MBEDTLS_CIPHER_MODE_CTR) 73*32b31808SJens Wiklander /** Encrypt using CTR */ 74*32b31808SJens Wiklander int (*ctr_func)(void *ctx, size_t length, size_t *nc_off, 75*32b31808SJens Wiklander unsigned char *nonce_counter, unsigned char *stream_block, 76*32b31808SJens Wiklander const unsigned char *input, unsigned char *output); 77*32b31808SJens Wiklander #endif 78*32b31808SJens Wiklander 79*32b31808SJens Wiklander #if defined(MBEDTLS_CIPHER_MODE_XTS) 80*32b31808SJens Wiklander /** Encrypt or decrypt using XTS. */ 81*32b31808SJens Wiklander int (*xts_func)(void *ctx, mbedtls_operation_t mode, size_t length, 82*32b31808SJens Wiklander const unsigned char data_unit[16], 83*32b31808SJens Wiklander const unsigned char *input, unsigned char *output); 84*32b31808SJens Wiklander #endif 85*32b31808SJens Wiklander 86*32b31808SJens Wiklander #if defined(MBEDTLS_CIPHER_MODE_STREAM) 87*32b31808SJens Wiklander /** Encrypt using STREAM */ 88*32b31808SJens Wiklander int (*stream_func)(void *ctx, size_t length, 89*32b31808SJens Wiklander const unsigned char *input, unsigned char *output); 90*32b31808SJens Wiklander #endif 91*32b31808SJens Wiklander 92*32b31808SJens Wiklander /** Set key for encryption purposes */ 93*32b31808SJens Wiklander int (*setkey_enc_func)(void *ctx, const unsigned char *key, 94*32b31808SJens Wiklander unsigned int key_bitlen); 95*32b31808SJens Wiklander 96*32b31808SJens Wiklander /** Set key for decryption purposes */ 97*32b31808SJens Wiklander int (*setkey_dec_func)(void *ctx, const unsigned char *key, 98*32b31808SJens Wiklander unsigned int key_bitlen); 99*32b31808SJens Wiklander 100*32b31808SJens Wiklander /** Allocate a new context */ 101*32b31808SJens Wiklander void * (*ctx_alloc_func)(void); 102*32b31808SJens Wiklander 103*32b31808SJens Wiklander /** Clone context **/ 104*32b31808SJens Wiklander void (*ctx_clone_func)( void *dst, const void *src ); 105*32b31808SJens Wiklander 106*32b31808SJens Wiklander /** Free the given context */ 107*32b31808SJens Wiklander void (*ctx_free_func)(void *ctx); 108*32b31808SJens Wiklander 109*32b31808SJens Wiklander }; 110*32b31808SJens Wiklander 111*32b31808SJens Wiklander typedef struct { 112*32b31808SJens Wiklander mbedtls_cipher_type_t type; 113*32b31808SJens Wiklander const mbedtls_cipher_info_t *info; 114*32b31808SJens Wiklander } mbedtls_cipher_definition_t; 115*32b31808SJens Wiklander 116*32b31808SJens Wiklander #if defined(MBEDTLS_USE_PSA_CRYPTO) 117*32b31808SJens Wiklander typedef enum { 118*32b31808SJens Wiklander MBEDTLS_CIPHER_PSA_KEY_UNSET = 0, 119*32b31808SJens Wiklander MBEDTLS_CIPHER_PSA_KEY_OWNED, /* Used for PSA-based cipher contexts which */ 120*32b31808SJens Wiklander /* use raw key material internally imported */ 121*32b31808SJens Wiklander /* as a volatile key, and which hence need */ 122*32b31808SJens Wiklander /* to destroy that key when the context is */ 123*32b31808SJens Wiklander /* freed. */ 124*32b31808SJens Wiklander MBEDTLS_CIPHER_PSA_KEY_NOT_OWNED, /* Used for PSA-based cipher contexts */ 125*32b31808SJens Wiklander /* which use a key provided by the */ 126*32b31808SJens Wiklander /* user, and which hence will not be */ 127*32b31808SJens Wiklander /* destroyed when the context is freed. */ 128*32b31808SJens Wiklander } mbedtls_cipher_psa_key_ownership; 129*32b31808SJens Wiklander 130*32b31808SJens Wiklander typedef struct { 131*32b31808SJens Wiklander psa_algorithm_t alg; 132*32b31808SJens Wiklander mbedtls_svc_key_id_t slot; 133*32b31808SJens Wiklander mbedtls_cipher_psa_key_ownership slot_state; 134*32b31808SJens Wiklander } mbedtls_cipher_context_psa; 135*32b31808SJens Wiklander #endif /* MBEDTLS_USE_PSA_CRYPTO */ 136*32b31808SJens Wiklander 137*32b31808SJens Wiklander extern const mbedtls_cipher_definition_t mbedtls_cipher_definitions[]; 138*32b31808SJens Wiklander 139*32b31808SJens Wiklander extern int mbedtls_cipher_supported[]; 140*32b31808SJens Wiklander 141*32b31808SJens Wiklander #ifdef __cplusplus 142*32b31808SJens Wiklander } 143*32b31808SJens Wiklander #endif 144*32b31808SJens Wiklander 145*32b31808SJens Wiklander #endif /* MBEDTLS_CIPHER_WRAP_H */ 146