commit 343a870daad730ab08d92194cc41974686a2cdd0
author Paul Bakker <p.j.bakker@polarssl.org> Thu Jun 09 14:27:58 2011 +0000
committer Paul Bakker <p.j.bakker@polarssl.org> Thu Jun 09 14:27:58 2011 +0000
tree 5076d8403a84967b48a93295e4e6fc30264327d5
parent 1ef71dffc7f33c9cee95d6f39ea8fac3986cc3d6

 - Expanded generic cipher layer with support for CTR and CFB128 modes of operation.

include/polarssl/cipher.h

diff --git a/include/polarssl/cipher.h b/include/polarssl/cipher.h
index 67819da..16941c8 100644
--- a/include/polarssl/cipher.h
+++ b/include/polarssl/cipher.h
@@ -36,6 +36,8 @@
 #define inline _inline
 #endif
 
+#define POLARSSL_ERR_CIPHER_FEATURE_UNAVAILABLE            -0x6080  /**< The selected feature is not available. */
+
 typedef enum {
     POLARSSL_CIPHER_ID_NONE = 0,
     POLARSSL_CIPHER_ID_AES,
@@ -46,12 +48,24 @@
 
 typedef enum {
     POLARSSL_CIPHER_NONE = 0,
-    POLARSSL_CIPHER_CAMELLIA_128_CBC,
-    POLARSSL_CIPHER_CAMELLIA_192_CBC,
-    POLARSSL_CIPHER_CAMELLIA_256_CBC,
     POLARSSL_CIPHER_AES_128_CBC,
     POLARSSL_CIPHER_AES_192_CBC,
     POLARSSL_CIPHER_AES_256_CBC,
+    POLARSSL_CIPHER_AES_128_CFB128,
+    POLARSSL_CIPHER_AES_192_CFB128,
+    POLARSSL_CIPHER_AES_256_CFB128,
+    POLARSSL_CIPHER_AES_128_CTR,
+    POLARSSL_CIPHER_AES_192_CTR,
+    POLARSSL_CIPHER_AES_256_CTR,
+    POLARSSL_CIPHER_CAMELLIA_128_CBC,
+    POLARSSL_CIPHER_CAMELLIA_192_CBC,
+    POLARSSL_CIPHER_CAMELLIA_256_CBC,
+    POLARSSL_CIPHER_CAMELLIA_128_CFB128,
+    POLARSSL_CIPHER_CAMELLIA_192_CFB128,
+    POLARSSL_CIPHER_CAMELLIA_256_CFB128,
+    POLARSSL_CIPHER_CAMELLIA_128_CTR,
+    POLARSSL_CIPHER_CAMELLIA_192_CTR,
+    POLARSSL_CIPHER_CAMELLIA_256_CTR,
     POLARSSL_CIPHER_DES_CBC,
     POLARSSL_CIPHER_DES_EDE_CBC,
     POLARSSL_CIPHER_DES_EDE3_CBC
@@ -60,8 +74,9 @@
 typedef enum {
     POLARSSL_MODE_NONE = 0,
     POLARSSL_MODE_CBC,
-    POLARSSL_MODE_CFB,
+    POLARSSL_MODE_CFB128,
     POLARSSL_MODE_OFB,
+    POLARSSL_MODE_CTR,
 } cipher_mode_t;
 
 typedef enum {
@@ -83,15 +98,46 @@
 };
 
 /**
+ * Base cipher information. The non-mode specific functions and values.
+ */
+typedef struct {
+
+    /** Base Cipher type (e.g. POLARSSL_CIPHER_ID_AES) */
+    cipher_id_t cipher;
+
+    /** Encrypt using CBC */
+    int (*cbc_func)( void *ctx, operation_t mode, size_t length, unsigned char *iv,
+            const unsigned char *input, unsigned char *output );
+
+    /** Encrypt using CFB128 */
+    int (*cfb128_func)( void *ctx, operation_t mode, size_t length, size_t *iv_off,
+            unsigned char *iv, const unsigned char *input, unsigned char *output );
+
+    /** Encrypt using CTR */
+    int (*ctr_func)( void *ctx, size_t length, size_t *nc_off, unsigned char *nonce_counter,
+            unsigned char *stream_block, const unsigned char *input, unsigned char *output );
+
+    /** Set key for encryption purposes */
+    int (*setkey_enc_func)( void *ctx, const unsigned char *key, unsigned int key_length);
+
+    /** Set key for decryption purposes */
+    int (*setkey_dec_func)( void *ctx, const unsigned char *key, unsigned int key_length);
+
+    /** Allocate a new context */
+    void * (*ctx_alloc_func)( void );
+
+    /** Free the given context */
+    void (*ctx_free_func)( void *ctx );
+
+} cipher_base_t;
+
+/**
  * Cipher information. Allows cipher functions to be called in a generic way.
  */
 typedef struct {
     /** Full cipher identifier (e.g. POLARSSL_CIPHER_AES_256_CBC) */
     cipher_type_t type;
 
-    /** Base Cipher type (e.g. POLARSSL_CIPHER_ID_AES) */
-    cipher_id_t cipher;
-
     /** Cipher mode (e.g. POLARSSL_CIPHER_MODE_CBC) */
     cipher_mode_t mode;
 
@@ -107,21 +153,8 @@
     /** block size, in bytes */
     unsigned int block_size;
 
-    /** Encrypt using CBC */
-    int (*cbc_func)( void *ctx, operation_t mode, size_t length, unsigned char *iv,
-            const unsigned char *input, unsigned char *output );
-
-    /** Set key for encryption purposes */
-    int (*setkey_enc_func)( void *ctx, const unsigned char *key, unsigned int key_length);
-
-    /** Set key for decryption purposes */
-    int (*setkey_dec_func)( void *ctx, const unsigned char *key, unsigned int key_length);
-
-    /** Allocate a new context */
-    void * (*ctx_alloc_func)( void );
-
-    /** Free the given context */
-    void (*ctx_free_func)( void *ctx );
+    /** Base cipher information and functions */
+    const cipher_base_t *base;
 
 } cipher_info_t;
 
@@ -144,7 +177,7 @@
     /** Number of bytes that still need processing */
     size_t unprocessed_len;
 
-    /** Current IV */
+    /** Current IV or NONCE_COUNTER for CTR-mode */
     unsigned char iv[POLARSSL_MAX_IV_LENGTH];
 
     /** Cipher-specific context */
@@ -307,7 +340,7 @@
  * \brief               Reset the given context, setting the IV to iv
  *
  * \param ctx           generic cipher context
- * \param iv            IV to use
+ * \param iv            IV to use or NONCE_COUNTER in the case of a CTR-mode cipher
  *
  * \returns             0 on success, 1 if parameter verification fails.
  */