TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 530927b163cccf0038df74eabab061187163e1c2 / . / include / polarssl / aes.h
blob: 7700cfe772cd4165a99b1d6533a2d99bee75a48d [file] [log] [blame]
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1/**
2 * \file aes.h
Paul Bakkere0ccd0a2009-01-04 16:27:10 +0000[diff] [blame]3 *
Paul Bakkerf3b86c12011-01-27 15:24:17 +0000[diff] [blame]4 * \brief AES block cipher
Paul Bakker37ca75d2011-01-06 12:28:03 +0000[diff] [blame]5 *
Paul Bakker530927b2015-02-13 14:24:10 +0100[diff] [blame^]6 * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
Paul Bakkerb96f1542010-07-18 20:36:00 +0000[diff] [blame]7 *
Manuel Pégourié-Gonnarde12abf92015-01-28 17:13:45 +0000[diff] [blame]8 * This file is part of mbed TLS (https://polarssl.org)
Paul Bakkere0ccd0a2009-01-04 16:27:10 +0000[diff] [blame]9 *
Paul Bakkere0ccd0a2009-01-04 16:27:10 +0000[diff] [blame]10 * This program is free software; you can redistribute it and/or modify
11 * it under the terms of the GNU General Public License as published by
12 * the Free Software Foundation; either version 2 of the License, or
13 * (at your option) any later version.
14 *
15 * This program is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 * GNU General Public License for more details.
19 *
20 * You should have received a copy of the GNU General Public License along
21 * with this program; if not, write to the Free Software Foundation, Inc.,
22 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]23 */
Paul Bakker40e46942009-01-03 21:51:57 +0000[diff] [blame]24#ifndef POLARSSL_AES_H
25#define POLARSSL_AES_H
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]26
Paul Bakker4087c472013-06-12 16:49:10 +0200[diff] [blame]27#include "config.h"
28
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]29#include <string.h>
30
Paul Bakker5c2364c2012-10-01 14:41:15 +0000[diff] [blame]31#ifdef _MSC_VER
32#include <basetsd.h>
33typedef UINT32 uint32_t;
34#else
35#include <inttypes.h>
36#endif
37
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]38#define AES_ENCRYPT 1
39#define AES_DECRYPT 0
40
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]41#define POLARSSL_ERR_AES_INVALID_KEY_LENGTH -0x0020 /**< Invalid key length. */
42#define POLARSSL_ERR_AES_INVALID_INPUT_LENGTH -0x0022 /**< Invalid data input length. */
Paul Bakker2b222c82009-07-27 21:03:45 +0000[diff] [blame]43
Paul Bakker4087c472013-06-12 16:49:10 +0200[diff] [blame]44#if !defined(POLARSSL_AES_ALT)
45// Regular implementation
46//
47
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]48/**
49 * \brief AES context structure
50 */
51typedef struct
52{
53 int nr; /*!< number of rounds */
Paul Bakker5c2364c2012-10-01 14:41:15 +0000[diff] [blame]54 uint32_t *rk; /*!< AES round keys */
55 uint32_t buf[68]; /*!< unaligned data */
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]56}
57aes_context;
58
59#ifdef __cplusplus
60extern "C" {
61#endif
62
63/**
64 * \brief AES key schedule (encryption)
65 *
66 * \param ctx AES context to be initialized
67 * \param key encryption key
68 * \param keysize must be 128, 192 or 256
Paul Bakker2b222c82009-07-27 21:03:45 +0000[diff] [blame]69 *
70 * \return 0 if successful, or POLARSSL_ERR_AES_INVALID_KEY_LENGTH
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]71 */
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]72int aes_setkey_enc( aes_context *ctx, const unsigned char *key, unsigned int keysize );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]73
74/**
75 * \brief AES key schedule (decryption)
76 *
77 * \param ctx AES context to be initialized
78 * \param key decryption key
79 * \param keysize must be 128, 192 or 256
Paul Bakker2b222c82009-07-27 21:03:45 +0000[diff] [blame]80 *
81 * \return 0 if successful, or POLARSSL_ERR_AES_INVALID_KEY_LENGTH
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]82 */
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]83int aes_setkey_dec( aes_context *ctx, const unsigned char *key, unsigned int keysize );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]84
85/**
86 * \brief AES-ECB block encryption/decryption
87 *
88 * \param ctx AES context
89 * \param mode AES_ENCRYPT or AES_DECRYPT
90 * \param input 16-byte input block
91 * \param output 16-byte output block
Paul Bakkerf3ccc682010-03-18 21:21:02 +0000[diff] [blame]92 *
Paul Bakker27caa8a2010-03-21 15:43:59 +0000[diff] [blame]93 * \return 0 if successful
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]94 */
Paul Bakkerf3ccc682010-03-18 21:21:02 +0000[diff] [blame]95int aes_crypt_ecb( aes_context *ctx,
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]96 int mode,
Paul Bakkerff60ee62010-03-16 21:09:09 +0000[diff] [blame]97 const unsigned char input[16],
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]98 unsigned char output[16] );
99
100/**
101 * \brief AES-CBC buffer encryption/decryption
Paul Bakker4c067eb2009-05-17 10:25:19 +0000[diff] [blame]102 * Length should be a multiple of the block
103 * size (16 bytes)
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]104 *
105 * \param ctx AES context
106 * \param mode AES_ENCRYPT or AES_DECRYPT
107 * \param length length of the input data
108 * \param iv initialization vector (updated after use)
109 * \param input buffer holding the input data
110 * \param output buffer holding the output data
Paul Bakkerf3ccc682010-03-18 21:21:02 +0000[diff] [blame]111 *
112 * \return 0 if successful, or POLARSSL_ERR_AES_INVALID_INPUT_LENGTH
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]113 */
Paul Bakkerf3ccc682010-03-18 21:21:02 +0000[diff] [blame]114int aes_crypt_cbc( aes_context *ctx,
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]115 int mode,
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]116 size_t length,
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]117 unsigned char iv[16],
Paul Bakkerff60ee62010-03-16 21:09:09 +0000[diff] [blame]118 const unsigned char *input,
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]119 unsigned char *output );
120
121/**
Paul Bakker4c067eb2009-05-17 10:25:19 +0000[diff] [blame]122 * \brief AES-CFB128 buffer encryption/decryption.
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]123 *
Paul Bakkerca6f3e22011-10-06 13:11:08 +0000[diff] [blame]124 * Note: Due to the nature of CFB you should use the same key schedule for
125 * both encryption and decryption. So a context initialized with
126 * aes_setkey_enc() for both AES_ENCRYPT and AES_DECRYPT.
127 *
128 * both
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]129 * \param ctx AES context
130 * \param mode AES_ENCRYPT or AES_DECRYPT
131 * \param length length of the input data
132 * \param iv_off offset in IV (updated after use)
133 * \param iv initialization vector (updated after use)
134 * \param input buffer holding the input data
135 * \param output buffer holding the output data
Paul Bakkerf3ccc682010-03-18 21:21:02 +0000[diff] [blame]136 *
Paul Bakker27caa8a2010-03-21 15:43:59 +0000[diff] [blame]137 * \return 0 if successful
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]138 */
Paul Bakkerf3ccc682010-03-18 21:21:02 +0000[diff] [blame]139int aes_crypt_cfb128( aes_context *ctx,
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]140 int mode,
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]141 size_t length,
Paul Bakker1ef71df2011-06-09 14:14:58 +0000[diff] [blame]142 size_t *iv_off,
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]143 unsigned char iv[16],
Paul Bakkerff60ee62010-03-16 21:09:09 +0000[diff] [blame]144 const unsigned char *input,
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]145 unsigned char *output );
146
Paul Bakker9a736322012-11-14 12:39:52 +0000[diff] [blame]147/**
Paul Bakkerb6ecaf52011-04-19 14:29:23 +0000[diff] [blame]148 * \brief AES-CTR buffer encryption/decryption
149 *
150 * Warning: You have to keep the maximum use of your counter in mind!
151 *
Paul Bakkerca6f3e22011-10-06 13:11:08 +0000[diff] [blame]152 * Note: Due to the nature of CTR you should use the same key schedule for
153 * both encryption and decryption. So a context initialized with
154 * aes_setkey_enc() for both AES_ENCRYPT and AES_DECRYPT.
155 *
Paul Bakkerb6ecaf52011-04-19 14:29:23 +0000[diff] [blame]156 * \param length The length of the data
157 * \param nc_off The offset in the current stream_block (for resuming
158 * within current cipher stream). The offset pointer to
159 * should be 0 at the start of a stream.
160 * \param nonce_counter The 128-bit nonce and counter.
161 * \param stream_block The saved stream-block for resuming. Is overwritten
162 * by the function.
163 * \param input The input data stream
164 * \param output The output data stream
165 *
166 * \return 0 if successful
167 */
168int aes_crypt_ctr( aes_context *ctx,
Paul Bakker1ef71df2011-06-09 14:14:58 +0000[diff] [blame]169 size_t length,
170 size_t *nc_off,
Paul Bakkerb6ecaf52011-04-19 14:29:23 +0000[diff] [blame]171 unsigned char nonce_counter[16],
172 unsigned char stream_block[16],
173 const unsigned char *input,
174 unsigned char *output );
Paul Bakker4087c472013-06-12 16:49:10 +0200[diff] [blame]175
176#ifdef __cplusplus
177}
178#endif
179
180#else /* POLARSSL_AES_ALT */
181#include "aes_alt.h"
182#endif /* POLARSSL_AES_ALT */
183
184#ifdef __cplusplus
185extern "C" {
186#endif
187
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]188/**
189 * \brief Checkup routine
190 *
191 * \return 0 if successful, or 1 if the test failed
192 */
193int aes_self_test( int verbose );
194
195#ifdef __cplusplus
196}
197#endif
198
199#endif /* aes.h */