1 /** 2 * \file cipher_wrap.h 3 * 4 * \brief Cipher wrappers. 5 * 6 * \author Adriaan de Jong <dejong@fox-it.com> 7 */ 8 /* 9 * Copyright The Mbed TLS Contributors 10 * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later 11 */ 12 #ifndef MBEDTLS_CIPHER_WRAP_H 13 #define MBEDTLS_CIPHER_WRAP_H 14 15 #include "mbedtls/build_info.h" 16 17 #include "mbedtls/cipher.h" 18 19 #if defined(MBEDTLS_USE_PSA_CRYPTO) 20 #include "psa/crypto.h" 21 #endif /* MBEDTLS_USE_PSA_CRYPTO */ 22 23 #ifdef __cplusplus 24 extern "C" { 25 #endif 26 27 /** 28 * Base cipher information. The non-mode specific functions and values. 29 */ 30 struct mbedtls_cipher_base_t { 31 /** Base Cipher type (e.g. MBEDTLS_CIPHER_ID_AES) */ 32 mbedtls_cipher_id_t cipher; 33 34 /** Encrypt using ECB */ 35 int (*ecb_func)(void *ctx, mbedtls_operation_t mode, 36 const unsigned char *input, unsigned char *output); 37 38 #if defined(MBEDTLS_CIPHER_MODE_CBC) 39 /** Encrypt using CBC */ 40 int (*cbc_func)(void *ctx, mbedtls_operation_t mode, size_t length, 41 unsigned char *iv, const unsigned char *input, 42 unsigned char *output); 43 #endif 44 45 #if defined(MBEDTLS_CIPHER_MODE_CFB) 46 /** Encrypt using CFB (Full length) */ 47 int (*cfb_func)(void *ctx, mbedtls_operation_t mode, size_t length, size_t *iv_off, 48 unsigned char *iv, const unsigned char *input, 49 unsigned char *output); 50 #endif 51 52 #if defined(MBEDTLS_CIPHER_MODE_OFB) 53 /** Encrypt using OFB (Full length) */ 54 int (*ofb_func)(void *ctx, size_t length, size_t *iv_off, 55 unsigned char *iv, 56 const unsigned char *input, 57 unsigned char *output); 58 #endif 59 60 #if defined(MBEDTLS_CIPHER_MODE_CTR) 61 /** Encrypt using CTR */ 62 int (*ctr_func)(void *ctx, size_t length, size_t *nc_off, 63 unsigned char *nonce_counter, unsigned char *stream_block, 64 const unsigned char *input, unsigned char *output); 65 #endif 66 67 #if defined(MBEDTLS_CIPHER_MODE_XTS) 68 /** Encrypt or decrypt using XTS. */ 69 int (*xts_func)(void *ctx, mbedtls_operation_t mode, size_t length, 70 const unsigned char data_unit[16], 71 const unsigned char *input, unsigned char *output); 72 #endif 73 74 #if defined(MBEDTLS_CIPHER_MODE_STREAM) 75 /** Encrypt using STREAM */ 76 int (*stream_func)(void *ctx, size_t length, 77 const unsigned char *input, unsigned char *output); 78 #endif 79 80 /** Set key for encryption purposes */ 81 int (*setkey_enc_func)(void *ctx, const unsigned char *key, 82 unsigned int key_bitlen); 83 84 /** Set key for decryption purposes */ 85 int (*setkey_dec_func)(void *ctx, const unsigned char *key, 86 unsigned int key_bitlen); 87 88 /** Allocate a new context */ 89 void * (*ctx_alloc_func)(void); 90 91 /** Free the given context */ 92 void (*ctx_free_func)(void *ctx); 93 94 }; 95 96 typedef struct { 97 mbedtls_cipher_type_t type; 98 const mbedtls_cipher_info_t *info; 99 } mbedtls_cipher_definition_t; 100 101 #if defined(MBEDTLS_USE_PSA_CRYPTO) 102 typedef enum { 103 MBEDTLS_CIPHER_PSA_KEY_UNSET = 0, 104 MBEDTLS_CIPHER_PSA_KEY_OWNED, /* Used for PSA-based cipher contexts which */ 105 /* use raw key material internally imported */ 106 /* as a volatile key, and which hence need */ 107 /* to destroy that key when the context is */ 108 /* freed. */ 109 MBEDTLS_CIPHER_PSA_KEY_NOT_OWNED, /* Used for PSA-based cipher contexts */ 110 /* which use a key provided by the */ 111 /* user, and which hence will not be */ 112 /* destroyed when the context is freed. */ 113 } mbedtls_cipher_psa_key_ownership; 114 115 typedef struct { 116 psa_algorithm_t alg; 117 mbedtls_svc_key_id_t slot; 118 mbedtls_cipher_psa_key_ownership slot_state; 119 } mbedtls_cipher_context_psa; 120 #endif /* MBEDTLS_USE_PSA_CRYPTO */ 121 122 extern const mbedtls_cipher_definition_t mbedtls_cipher_definitions[]; 123 124 extern int mbedtls_cipher_supported[]; 125 126 extern const mbedtls_cipher_base_t *mbedtls_cipher_base_lookup_table[]; 127 128 #ifdef __cplusplus 129 } 130 #endif 131 132 #endif /* MBEDTLS_CIPHER_WRAP_H */ 133
