Blame - include/polarssl/gcm.h - mirror/mbed-tls

blob: 2d72b2cfd2798e0a2248e7c8ab687140a6a61099 [file] [log] [blame]

Paul Bakker	89e80c9	2012-03-20 13:50:09 +0000	[diff] [blame]	1	/**
				2	* \file gcm.h
				3	*
				4	* \brief Galois/Counter mode for AES
				5	*
Paul Bakker	530927b	2015-02-13 14:24:10 +0100	[diff] [blame]	6	* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
Paul Bakker	89e80c9	2012-03-20 13:50:09 +0000	[diff] [blame]	7	*
Manuel Pégourié-Gonnard	e12abf9	2015-01-28 17:13:45 +0000	[diff] [blame]	8	* This file is part of mbed TLS (https://polarssl.org)
Paul Bakker	89e80c9	2012-03-20 13:50:09 +0000	[diff] [blame]	9	*
				10	* This program is free software; you can redistribute it and/or modify
				11	* it under the terms of the GNU General Public License as published by
				12	* the Free Software Foundation; either version 2 of the License, or
				13	* (at your option) any later version.
				14	*
				15	* This program is distributed in the hope that it will be useful,
				16	* but WITHOUT ANY WARRANTY; without even the implied warranty of
				17	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
				18	* GNU General Public License for more details.
				19	*
				20	* You should have received a copy of the GNU General Public License along
				21	* with this program; if not, write to the Free Software Foundation, Inc.,
				22	* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
				23	*/
				24	#ifndef POLARSSL_GCM_H
				25	#define POLARSSL_GCM_H
				26
				27	#include "aes.h"
				28
Paul Bakker	4a2bd0d	2012-11-02 11:06:08 +0000	[diff] [blame]	29	#ifdef _MSC_VER
				30	#include <basetsd.h>
				31	typedef UINT64 uint64_t;
				32	#else
Paul Bakker	89e80c9	2012-03-20 13:50:09 +0000	[diff] [blame]	33	#include <stdint.h>
Paul Bakker	4a2bd0d	2012-11-02 11:06:08 +0000	[diff] [blame]	34	#endif
Paul Bakker	89e80c9	2012-03-20 13:50:09 +0000	[diff] [blame]	35
				36	#define GCM_ENCRYPT 1
				37	#define GCM_DECRYPT 0
				38
				39	#define POLARSSL_ERR_GCM_AUTH_FAILED -0x0012 /*< Authenticated decryption failed. /
Paul Bakker	ca4ab49	2012-04-18 14:23:57 +0000	[diff] [blame]	40	#define POLARSSL_ERR_GCM_BAD_INPUT -0x0014 /*< Bad input parameters to function. /
Paul Bakker	89e80c9	2012-03-20 13:50:09 +0000	[diff] [blame]	41
				42	/**
				43	* \brief GCM context structure
				44	*/
				45	typedef struct {
				46	aes_context aes_ctx; /!< AES context used /
				47	uint64_t HL[16]; /!< Precalculated HTable /
				48	uint64_t HH[16]; /!< Precalculated HTable /
				49	}
				50	gcm_context;
				51
				52	#ifdef __cplusplus
				53	extern "C" {
				54	#endif
				55
				56	/**
				57	* \brief GCM initialization (encryption)
				58	*
				59	* \param ctx GCM context to be initialized
				60	* \param key encryption key
				61	* \param keysize must be 128, 192 or 256
				62	*
				63	* \return 0 if successful, or POLARSSL_ERR_AES_INVALID_KEY_LENGTH
				64	*/
				65	int gcm_init( gcm_context ctx, const unsigned char key, unsigned int keysize );
				66
				67	/**
				68	* \brief GCM buffer encryption/decryption using AES
				69	*
Paul Bakker	ca4ab49	2012-04-18 14:23:57 +0000	[diff] [blame]	70	* \note On encryption, the output buffer can be the same as the input buffer.
				71	* On decryption, the output buffer cannot be the same as input buffer.
				72	* If buffers overlap, the output buffer must trail at least 8 bytes
				73	* behind the input buffer.
				74	*
Paul Bakker	89e80c9	2012-03-20 13:50:09 +0000	[diff] [blame]	75	* \param ctx GCM context
				76	* \param mode GCM_ENCRYPT or GCM_DECRYPT
				77	* \param length length of the input data
				78	* \param iv initialization vector
				79	* \param iv_len length of IV
				80	* \param add additional data
				81	* \param add_len length of additional data
				82	* \param input buffer holding the input data
				83	* \param output buffer for holding the output data
				84	* \param tag_len length of the tag to generate
				85	* \param tag buffer for holding the tag
				86	*
				87	* \return 0 if successful
				88	*/
				89	int gcm_crypt_and_tag( gcm_context *ctx,
				90	int mode,
				91	size_t length,
				92	const unsigned char *iv,
				93	size_t iv_len,
				94	const unsigned char *add,
				95	size_t add_len,
				96	const unsigned char *input,
				97	unsigned char *output,
				98	size_t tag_len,
				99	unsigned char *tag );
				100
				101	/**
				102	* \brief GCM buffer authenticated decryption using AES
				103	*
Paul Bakker	ca4ab49	2012-04-18 14:23:57 +0000	[diff] [blame]	104	* \note On decryption, the output buffer cannot be the same as input buffer.
				105	* If buffers overlap, the output buffer must trail at least 8 bytes
				106	* behind the input buffer.
				107	*
Paul Bakker	89e80c9	2012-03-20 13:50:09 +0000	[diff] [blame]	108	* \param ctx GCM context
				109	* \param length length of the input data
				110	* \param iv initialization vector
				111	* \param iv_len length of IV
				112	* \param add additional data
				113	* \param add_len length of additional data
				114	* \param tag buffer holding the tag
				115	* \param tag_len length of the tag
				116	* \param input buffer holding the input data
				117	* \param output buffer for holding the output data
				118	*
				119	* \return 0 if successful and authenticated,
				120	* POLARSSL_ERR_GCM_AUTH_FAILED if tag does not match
				121	*/
				122	int gcm_auth_decrypt( gcm_context *ctx,
				123	size_t length,
				124	const unsigned char *iv,
				125	size_t iv_len,
				126	const unsigned char *add,
				127	size_t add_len,
				128	const unsigned char *tag,
				129	size_t tag_len,
				130	const unsigned char *input,
				131	unsigned char *output );
				132
				133	/**
				134	* \brief Checkup routine
				135	*
				136	* \return 0 if successful, or 1 if the test failed
				137	*/
				138	int gcm_self_test( int verbose );
				139
				140	#ifdef __cplusplus
				141	}
				142	#endif
				143
				144	#endif /* gcm.h */