Blame - include/polarssl/gcm.h - mirror/mbed-tls

blob: 77baa17565f4fd51a7e2f9dcb83b8d6b2c1de4b5 [file] [log] [blame]

Paul Bakker	89e80c9	2012-03-20 13:50:09 +0000	[diff] [blame]	1	/**
				2	* \file gcm.h
				3	*
				4	* \brief Galois/Counter mode for AES
				5	*
				6	* Copyright (C) 2006-2012, Brainspark B.V.
				7	*
				8	* This file is part of PolarSSL (http://www.polarssl.org)
				9	* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
				10	*
				11	* All rights reserved.
				12	*
				13	* This program is free software; you can redistribute it and/or modify
				14	* it under the terms of the GNU General Public License as published by
				15	* the Free Software Foundation; either version 2 of the License, or
				16	* (at your option) any later version.
				17	*
				18	* This program is distributed in the hope that it will be useful,
				19	* but WITHOUT ANY WARRANTY; without even the implied warranty of
				20	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
				21	* GNU General Public License for more details.
				22	*
				23	* You should have received a copy of the GNU General Public License along
				24	* with this program; if not, write to the Free Software Foundation, Inc.,
				25	* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
				26	*/
				27	#ifndef POLARSSL_GCM_H
				28	#define POLARSSL_GCM_H
				29
				30	#include "aes.h"
				31
Paul Bakker	4a2bd0d	2012-11-02 11:06:08 +0000	[diff] [blame]	32	#ifdef _MSC_VER
				33	#include <basetsd.h>
				34	typedef UINT64 uint64_t;
				35	#else
Paul Bakker	89e80c9	2012-03-20 13:50:09 +0000	[diff] [blame]	36	#include <stdint.h>
Paul Bakker	4a2bd0d	2012-11-02 11:06:08 +0000	[diff] [blame]	37	#endif
Paul Bakker	89e80c9	2012-03-20 13:50:09 +0000	[diff] [blame]	38
				39	#define GCM_ENCRYPT 1
				40	#define GCM_DECRYPT 0
				41
				42	#define POLARSSL_ERR_GCM_AUTH_FAILED -0x0012 /*< Authenticated decryption failed. /
Paul Bakker	ca4ab49	2012-04-18 14:23:57 +0000	[diff] [blame]	43	#define POLARSSL_ERR_GCM_BAD_INPUT -0x0014 /*< Bad input parameters to function. /
Paul Bakker	89e80c9	2012-03-20 13:50:09 +0000	[diff] [blame]	44
				45	/**
				46	* \brief GCM context structure
				47	*/
				48	typedef struct {
				49	aes_context aes_ctx; /!< AES context used /
				50	uint64_t HL[16]; /!< Precalculated HTable /
				51	uint64_t HH[16]; /!< Precalculated HTable /
				52	}
				53	gcm_context;
				54
				55	#ifdef __cplusplus
				56	extern "C" {
				57	#endif
				58
				59	/**
				60	* \brief GCM initialization (encryption)
				61	*
				62	* \param ctx GCM context to be initialized
				63	* \param key encryption key
				64	* \param keysize must be 128, 192 or 256
				65	*
				66	* \return 0 if successful, or POLARSSL_ERR_AES_INVALID_KEY_LENGTH
				67	*/
				68	int gcm_init( gcm_context ctx, const unsigned char key, unsigned int keysize );
				69
				70	/**
				71	* \brief GCM buffer encryption/decryption using AES
				72	*
Paul Bakker	ca4ab49	2012-04-18 14:23:57 +0000	[diff] [blame]	73	* \note On encryption, the output buffer can be the same as the input buffer.
				74	* On decryption, the output buffer cannot be the same as input buffer.
				75	* If buffers overlap, the output buffer must trail at least 8 bytes
				76	* behind the input buffer.
				77	*
Paul Bakker	89e80c9	2012-03-20 13:50:09 +0000	[diff] [blame]	78	* \param ctx GCM context
				79	* \param mode GCM_ENCRYPT or GCM_DECRYPT
				80	* \param length length of the input data
				81	* \param iv initialization vector
				82	* \param iv_len length of IV
				83	* \param add additional data
				84	* \param add_len length of additional data
				85	* \param input buffer holding the input data
				86	* \param output buffer for holding the output data
				87	* \param tag_len length of the tag to generate
				88	* \param tag buffer for holding the tag
				89	*
				90	* \return 0 if successful
				91	*/
				92	int gcm_crypt_and_tag( gcm_context *ctx,
				93	int mode,
				94	size_t length,
				95	const unsigned char *iv,
				96	size_t iv_len,
				97	const unsigned char *add,
				98	size_t add_len,
				99	const unsigned char *input,
				100	unsigned char *output,
				101	size_t tag_len,
				102	unsigned char *tag );
				103
				104	/**
				105	* \brief GCM buffer authenticated decryption using AES
				106	*
Paul Bakker	ca4ab49	2012-04-18 14:23:57 +0000	[diff] [blame]	107	* \note On decryption, the output buffer cannot be the same as input buffer.
				108	* If buffers overlap, the output buffer must trail at least 8 bytes
				109	* behind the input buffer.
				110	*
Paul Bakker	89e80c9	2012-03-20 13:50:09 +0000	[diff] [blame]	111	* \param ctx GCM context
				112	* \param length length of the input data
				113	* \param iv initialization vector
				114	* \param iv_len length of IV
				115	* \param add additional data
				116	* \param add_len length of additional data
				117	* \param tag buffer holding the tag
				118	* \param tag_len length of the tag
				119	* \param input buffer holding the input data
				120	* \param output buffer for holding the output data
				121	*
				122	* \return 0 if successful and authenticated,
				123	* POLARSSL_ERR_GCM_AUTH_FAILED if tag does not match
				124	*/
				125	int gcm_auth_decrypt( gcm_context *ctx,
				126	size_t length,
				127	const unsigned char *iv,
				128	size_t iv_len,
				129	const unsigned char *add,
				130	size_t add_len,
				131	const unsigned char *tag,
				132	size_t tag_len,
				133	const unsigned char *input,
				134	unsigned char *output );
				135
				136	/**
				137	* \brief Checkup routine
				138	*
				139	* \return 0 if successful, or 1 if the test failed
				140	*/
				141	int gcm_self_test( int verbose );
				142
				143	#ifdef __cplusplus
				144	}
				145	#endif
				146
				147	#endif /* gcm.h */