1 /**
2  * \file cipher_internal.h
3  *
4  * \brief Cipher wrappers.
5  *
6  * \author Adriaan de Jong <dejong@fox-it.com>
7  */
8 /*
9  *  Copyright The Mbed TLS Contributors
10  *  SPDX-License-Identifier: Apache-2.0
11  *
12  *  Licensed under the Apache License, Version 2.0 (the "License"); you may
13  *  not use this file except in compliance with the License.
14  *  You may obtain a copy of the License at
15  *
16  *  http://www.apache.org/licenses/LICENSE-2.0
17  *
18  *  Unless required by applicable law or agreed to in writing, software
19  *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
20  *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
21  *  See the License for the specific language governing permissions and
22  *  limitations under the License.
23  */
24 #ifndef MBEDTLS_CIPHER_WRAP_H
25 #define MBEDTLS_CIPHER_WRAP_H
26 
27 #if !defined(MBEDTLS_CONFIG_FILE)
28 #include "mbedtls/config.h"
29 #else
30 #include MBEDTLS_CONFIG_FILE
31 #endif
32 
33 #include "mbedtls/cipher.h"
34 
35 #if defined(MBEDTLS_USE_PSA_CRYPTO)
36 #include "psa/crypto.h"
37 #endif /* MBEDTLS_USE_PSA_CRYPTO */
38 
39 #ifdef __cplusplus
40 extern "C" {
41 #endif
42 
43 /**
44  * Base cipher information. The non-mode specific functions and values.
45  */
46 struct mbedtls_cipher_base_t
47 {
48     /** Base Cipher type (e.g. MBEDTLS_CIPHER_ID_AES) */
49     mbedtls_cipher_id_t cipher;
50 
51     /** Encrypt using ECB */
52     int (*ecb_func)( void *ctx, mbedtls_operation_t mode,
53                      const unsigned char *input, unsigned char *output );
54 
55 #if defined(MBEDTLS_CIPHER_MODE_CBC)
56     /** Encrypt using CBC */
57     int (*cbc_func)( void *ctx, mbedtls_operation_t mode, size_t length,
58                      unsigned char *iv, const unsigned char *input,
59                      unsigned char *output );
60 #endif
61 
62 #if defined(MBEDTLS_CIPHER_MODE_CFB)
63     /** Encrypt using CFB (Full length) */
64     int (*cfb_func)( void *ctx, mbedtls_operation_t mode, size_t length, size_t *iv_off,
65                      unsigned char *iv, const unsigned char *input,
66                      unsigned char *output );
67 #endif
68 
69 #if defined(MBEDTLS_CIPHER_MODE_OFB)
70     /** Encrypt using OFB (Full length) */
71     int (*ofb_func)( void *ctx, size_t length, size_t *iv_off,
72                      unsigned char *iv,
73                      const unsigned char *input,
74                      unsigned char *output );
75 #endif
76 
77 #if defined(MBEDTLS_CIPHER_MODE_CTR)
78     /** Encrypt using CTR */
79     int (*ctr_func)( void *ctx, size_t length, size_t *nc_off,
80                      unsigned char *nonce_counter, unsigned char *stream_block,
81                      const unsigned char *input, unsigned char *output );
82 #endif
83 
84 #if defined(MBEDTLS_CIPHER_MODE_XTS)
85     /** Encrypt or decrypt using XTS. */
86     int (*xts_func)( void *ctx, mbedtls_operation_t mode, size_t length,
87                      const unsigned char data_unit[16],
88                      const unsigned char *input, unsigned char *output );
89 #endif
90 
91 #if defined(MBEDTLS_CIPHER_MODE_STREAM)
92     /** Encrypt using STREAM */
93     int (*stream_func)( void *ctx, size_t length,
94                         const unsigned char *input, unsigned char *output );
95 #endif
96 
97     /** Set key for encryption purposes */
98     int (*setkey_enc_func)( void *ctx, const unsigned char *key,
99                             unsigned int key_bitlen );
100 
101     /** Set key for decryption purposes */
102     int (*setkey_dec_func)( void *ctx, const unsigned char *key,
103                             unsigned int key_bitlen);
104 
105     /** Allocate a new context */
106     void * (*ctx_alloc_func)( void );
107 
108     /** Clone context **/
109     void (*ctx_clone_func)( void *dst, const void *src );
110 
111     /** Free the given context */
112     void (*ctx_free_func)( void *ctx );
113 
114 };
115 
116 typedef struct
117 {
118     mbedtls_cipher_type_t type;
119     const mbedtls_cipher_info_t *info;
120 } mbedtls_cipher_definition_t;
121 
122 #if defined(MBEDTLS_USE_PSA_CRYPTO)
123 typedef enum
124 {
125     MBEDTLS_CIPHER_PSA_KEY_UNSET = 0,
126     MBEDTLS_CIPHER_PSA_KEY_OWNED, /* Used for PSA-based cipher contexts which */
127                                   /* use raw key material internally imported */
128                                   /* as a volatile key, and which hence need  */
129                                   /* to destroy that key when the context is  */
130                                   /* freed.                                   */
131     MBEDTLS_CIPHER_PSA_KEY_NOT_OWNED, /* Used for PSA-based cipher contexts   */
132                                       /* which use a key provided by the      */
133                                       /* user, and which hence will not be    */
134                                       /* destroyed when the context is freed. */
135 } mbedtls_cipher_psa_key_ownership;
136 
137 typedef struct
138 {
139     psa_algorithm_t alg;
140     psa_key_id_t slot;
141     mbedtls_cipher_psa_key_ownership slot_state;
142 } mbedtls_cipher_context_psa;
143 #endif /* MBEDTLS_USE_PSA_CRYPTO */
144 
145 extern const mbedtls_cipher_definition_t mbedtls_cipher_definitions[];
146 
147 extern int mbedtls_cipher_supported[];
148 
149 #ifdef __cplusplus
150 }
151 #endif
152 
153 #endif /* MBEDTLS_CIPHER_WRAP_H */
154