1 /**
2  * \file cipher_wrap.h
3  *
4  * \brief Cipher wrappers.
5  *
6  * \author Adriaan de Jong <dejong@fox-it.com>
7  */
8 /*
9  *  Copyright The Mbed TLS Contributors
10  *  SPDX-License-Identifier: Apache-2.0
11  *
12  *  Licensed under the Apache License, Version 2.0 (the "License"); you may
13  *  not use this file except in compliance with the License.
14  *  You may obtain a copy of the License at
15  *
16  *  http://www.apache.org/licenses/LICENSE-2.0
17  *
18  *  Unless required by applicable law or agreed to in writing, software
19  *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
20  *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
21  *  See the License for the specific language governing permissions and
22  *  limitations under the License.
23  */
24 #ifndef MBEDTLS_CIPHER_WRAP_H
25 #define MBEDTLS_CIPHER_WRAP_H
26 
27 #include "mbedtls/build_info.h"
28 
29 #include "mbedtls/cipher.h"
30 
31 #if defined(MBEDTLS_USE_PSA_CRYPTO)
32 #include "psa/crypto.h"
33 #endif /* MBEDTLS_USE_PSA_CRYPTO */
34 
35 #ifdef __cplusplus
36 extern "C" {
37 #endif
38 
39 /**
40  * Base cipher information. The non-mode specific functions and values.
41  */
42 struct mbedtls_cipher_base_t {
43     /** Base Cipher type (e.g. MBEDTLS_CIPHER_ID_AES) */
44     mbedtls_cipher_id_t cipher;
45 
46     /** Encrypt using ECB */
47     int (*ecb_func)(void *ctx, mbedtls_operation_t mode,
48                     const unsigned char *input, unsigned char *output);
49 
50 #if defined(MBEDTLS_CIPHER_MODE_CBC)
51     /** Encrypt using CBC */
52     int (*cbc_func)(void *ctx, mbedtls_operation_t mode, size_t length,
53                     unsigned char *iv, const unsigned char *input,
54                     unsigned char *output);
55 #endif
56 
57 #if defined(MBEDTLS_CIPHER_MODE_CFB)
58     /** Encrypt using CFB (Full length) */
59     int (*cfb_func)(void *ctx, mbedtls_operation_t mode, size_t length, size_t *iv_off,
60                     unsigned char *iv, const unsigned char *input,
61                     unsigned char *output);
62 #endif
63 
64 #if defined(MBEDTLS_CIPHER_MODE_OFB)
65     /** Encrypt using OFB (Full length) */
66     int (*ofb_func)(void *ctx, size_t length, size_t *iv_off,
67                     unsigned char *iv,
68                     const unsigned char *input,
69                     unsigned char *output);
70 #endif
71 
72 #if defined(MBEDTLS_CIPHER_MODE_CTR)
73     /** Encrypt using CTR */
74     int (*ctr_func)(void *ctx, size_t length, size_t *nc_off,
75                     unsigned char *nonce_counter, unsigned char *stream_block,
76                     const unsigned char *input, unsigned char *output);
77 #endif
78 
79 #if defined(MBEDTLS_CIPHER_MODE_XTS)
80     /** Encrypt or decrypt using XTS. */
81     int (*xts_func)(void *ctx, mbedtls_operation_t mode, size_t length,
82                     const unsigned char data_unit[16],
83                     const unsigned char *input, unsigned char *output);
84 #endif
85 
86 #if defined(MBEDTLS_CIPHER_MODE_STREAM)
87     /** Encrypt using STREAM */
88     int (*stream_func)(void *ctx, size_t length,
89                        const unsigned char *input, unsigned char *output);
90 #endif
91 
92     /** Set key for encryption purposes */
93     int (*setkey_enc_func)(void *ctx, const unsigned char *key,
94                            unsigned int key_bitlen);
95 
96     /** Set key for decryption purposes */
97     int (*setkey_dec_func)(void *ctx, const unsigned char *key,
98                            unsigned int key_bitlen);
99 
100     /** Allocate a new context */
101     void * (*ctx_alloc_func)(void);
102 
103     /** Free the given context */
104     void (*ctx_free_func)(void *ctx);
105 
106 };
107 
108 typedef struct {
109     mbedtls_cipher_type_t type;
110     const mbedtls_cipher_info_t *info;
111 } mbedtls_cipher_definition_t;
112 
113 #if defined(MBEDTLS_USE_PSA_CRYPTO)
114 typedef enum {
115     MBEDTLS_CIPHER_PSA_KEY_UNSET = 0,
116     MBEDTLS_CIPHER_PSA_KEY_OWNED, /* Used for PSA-based cipher contexts which */
117                                   /* use raw key material internally imported */
118                                   /* as a volatile key, and which hence need  */
119                                   /* to destroy that key when the context is  */
120                                   /* freed.                                   */
121     MBEDTLS_CIPHER_PSA_KEY_NOT_OWNED, /* Used for PSA-based cipher contexts   */
122                                       /* which use a key provided by the      */
123                                       /* user, and which hence will not be    */
124                                       /* destroyed when the context is freed. */
125 } mbedtls_cipher_psa_key_ownership;
126 
127 typedef struct {
128     psa_algorithm_t alg;
129     mbedtls_svc_key_id_t slot;
130     mbedtls_cipher_psa_key_ownership slot_state;
131 } mbedtls_cipher_context_psa;
132 #endif /* MBEDTLS_USE_PSA_CRYPTO */
133 
134 extern const mbedtls_cipher_definition_t mbedtls_cipher_definitions[];
135 
136 extern int mbedtls_cipher_supported[];
137 
138 #ifdef __cplusplus
139 }
140 #endif
141 
142 #endif /* MBEDTLS_CIPHER_WRAP_H */
143