1 /**
2  * \file cipher_wrap.h
3  *
4  * \brief Cipher wrappers.
5  *
6  * \author Adriaan de Jong <dejong@fox-it.com>
7  */
8 /*
9  *  Copyright The Mbed TLS Contributors
10  *  SPDX-License-Identifier: Apache-2.0
11  *
12  *  Licensed under the Apache License, Version 2.0 (the "License"); you may
13  *  not use this file except in compliance with the License.
14  *  You may obtain a copy of the License at
15  *
16  *  http://www.apache.org/licenses/LICENSE-2.0
17  *
18  *  Unless required by applicable law or agreed to in writing, software
19  *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
20  *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
21  *  See the License for the specific language governing permissions and
22  *  limitations under the License.
23  */
24 #ifndef MBEDTLS_CIPHER_WRAP_H
25 #define MBEDTLS_CIPHER_WRAP_H
26 
27 #include "mbedtls/build_info.h"
28 
29 #include "mbedtls/cipher.h"
30 
31 #if defined(MBEDTLS_USE_PSA_CRYPTO)
32 #include "psa/crypto.h"
33 #endif /* MBEDTLS_USE_PSA_CRYPTO */
34 
35 #ifdef __cplusplus
36 extern "C" {
37 #endif
38 
39 /**
40  * Base cipher information. The non-mode specific functions and values.
41  */
42 struct mbedtls_cipher_base_t
43 {
44     /** Base Cipher type (e.g. MBEDTLS_CIPHER_ID_AES) */
45     mbedtls_cipher_id_t cipher;
46 
47     /** Encrypt using ECB */
48     int (*ecb_func)( void *ctx, mbedtls_operation_t mode,
49                      const unsigned char *input, unsigned char *output );
50 
51 #if defined(MBEDTLS_CIPHER_MODE_CBC)
52     /** Encrypt using CBC */
53     int (*cbc_func)( void *ctx, mbedtls_operation_t mode, size_t length,
54                      unsigned char *iv, const unsigned char *input,
55                      unsigned char *output );
56 #endif
57 
58 #if defined(MBEDTLS_CIPHER_MODE_CFB)
59     /** Encrypt using CFB (Full length) */
60     int (*cfb_func)( void *ctx, mbedtls_operation_t mode, size_t length, size_t *iv_off,
61                      unsigned char *iv, const unsigned char *input,
62                      unsigned char *output );
63 #endif
64 
65 #if defined(MBEDTLS_CIPHER_MODE_OFB)
66     /** Encrypt using OFB (Full length) */
67     int (*ofb_func)( void *ctx, size_t length, size_t *iv_off,
68                      unsigned char *iv,
69                      const unsigned char *input,
70                      unsigned char *output );
71 #endif
72 
73 #if defined(MBEDTLS_CIPHER_MODE_CTR)
74     /** Encrypt using CTR */
75     int (*ctr_func)( void *ctx, size_t length, size_t *nc_off,
76                      unsigned char *nonce_counter, unsigned char *stream_block,
77                      const unsigned char *input, unsigned char *output );
78 #endif
79 
80 #if defined(MBEDTLS_CIPHER_MODE_XTS)
81     /** Encrypt or decrypt using XTS. */
82     int (*xts_func)( void *ctx, mbedtls_operation_t mode, size_t length,
83                      const unsigned char data_unit[16],
84                      const unsigned char *input, unsigned char *output );
85 #endif
86 
87 #if defined(MBEDTLS_CIPHER_MODE_STREAM)
88     /** Encrypt using STREAM */
89     int (*stream_func)( void *ctx, size_t length,
90                         const unsigned char *input, unsigned char *output );
91 #endif
92 
93     /** Set key for encryption purposes */
94     int (*setkey_enc_func)( void *ctx, const unsigned char *key,
95                             unsigned int key_bitlen );
96 
97     /** Set key for decryption purposes */
98     int (*setkey_dec_func)( void *ctx, const unsigned char *key,
99                             unsigned int key_bitlen);
100 
101     /** Allocate a new context */
102     void * (*ctx_alloc_func)( void );
103 
104     /** Free the given context */
105     void (*ctx_free_func)( void *ctx );
106 
107 };
108 
109 typedef struct
110 {
111     mbedtls_cipher_type_t type;
112     const mbedtls_cipher_info_t *info;
113 } mbedtls_cipher_definition_t;
114 
115 #if defined(MBEDTLS_USE_PSA_CRYPTO)
116 typedef enum
117 {
118     MBEDTLS_CIPHER_PSA_KEY_UNSET = 0,
119     MBEDTLS_CIPHER_PSA_KEY_OWNED, /* Used for PSA-based cipher contexts which */
120                                   /* use raw key material internally imported */
121                                   /* as a volatile key, and which hence need  */
122                                   /* to destroy that key when the context is  */
123                                   /* freed.                                   */
124     MBEDTLS_CIPHER_PSA_KEY_NOT_OWNED, /* Used for PSA-based cipher contexts   */
125                                       /* which use a key provided by the      */
126                                       /* user, and which hence will not be    */
127                                       /* destroyed when the context is freed. */
128 } mbedtls_cipher_psa_key_ownership;
129 
130 typedef struct
131 {
132     psa_algorithm_t alg;
133     psa_key_id_t slot;
134     mbedtls_cipher_psa_key_ownership slot_state;
135 } mbedtls_cipher_context_psa;
136 #endif /* MBEDTLS_USE_PSA_CRYPTO */
137 
138 extern const mbedtls_cipher_definition_t mbedtls_cipher_definitions[];
139 
140 extern int mbedtls_cipher_supported[];
141 
142 #ifdef __cplusplus
143 }
144 #endif
145 
146 #endif /* MBEDTLS_CIPHER_WRAP_H */
147