TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-crypto / f7dc378ead4f10d2cb9421579087177f8cc87da0 / . / library / cipher.c
blob: 8fded8186c154f6f936f743f04eb9565b116e911 [file] [log] [blame]
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]1/**
2 * \file cipher.c
3 *
4 * \brief Generic cipher wrapper for PolarSSL
5 *
6 * \author Adriaan de Jong <dejong@fox-it.com>
7 *
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]8 * Copyright (C) 2006-2013, Brainspark B.V.
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]9 *
10 * This file is part of PolarSSL (http://www.polarssl.org)
11 * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
12 *
13 * All rights reserved.
14 *
15 * This program is free software; you can redistribute it and/or modify
16 * it under the terms of the GNU General Public License as published by
17 * the Free Software Foundation; either version 2 of the License, or
18 * (at your option) any later version.
19 *
20 * This program is distributed in the hope that it will be useful,
21 * but WITHOUT ANY WARRANTY; without even the implied warranty of
22 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
23 * GNU General Public License for more details.
24 *
25 * You should have received a copy of the GNU General Public License along
26 * with this program; if not, write to the Free Software Foundation, Inc.,
27 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
28 */
29
30#include "polarssl/config.h"
31
32#if defined(POLARSSL_CIPHER_C)
33
34#include "polarssl/cipher.h"
35#include "polarssl/cipher_wrap.h"
36
Manuel Pégourié-Gonnard07f8fa52013-08-30 18:34:08 +0200[diff] [blame]37#if defined(POLARSSL_GCM_C)
38#include "polarssl/gcm.h"
39#endif
40
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]41#include <stdlib.h>
42
Manuel Pégourié-Gonnardb5e85882013-08-28 16:36:14 +0200[diff] [blame]43#if defined(POLARSSL_ARC4_C) || defined(POLARSSL_CIPHER_NULL_CIPHER)
Manuel Pégourié-Gonnard37e230c2013-08-28 13:50:42 +0200[diff] [blame]44#define POLARSSL_CIPHER_MODE_STREAM
45#endif
46
Paul Bakkeraf5c85f2011-04-18 03:47:52 +0000[diff] [blame]47#if defined _MSC_VER && !defined strcasecmp
48#define strcasecmp _stricmp
49#endif
50
Paul Bakker72f62662011-01-16 21:27:44 +0000[diff] [blame]51static const int supported_ciphers[] = {
52
53#if defined(POLARSSL_AES_C)
Paul Bakker5e0efa72013-09-08 23:04:04 +0200[diff] [blame]54 POLARSSL_CIPHER_AES_128_ECB,
55 POLARSSL_CIPHER_AES_192_ECB,
56 POLARSSL_CIPHER_AES_256_ECB,
Paul Bakker72f62662011-01-16 21:27:44 +0000[diff] [blame]57 POLARSSL_CIPHER_AES_128_CBC,
58 POLARSSL_CIPHER_AES_192_CBC,
59 POLARSSL_CIPHER_AES_256_CBC,
Paul Bakker343a8702011-06-09 14:27:58 +0000[diff] [blame]60
61#if defined(POLARSSL_CIPHER_MODE_CFB)
62 POLARSSL_CIPHER_AES_128_CFB128,
63 POLARSSL_CIPHER_AES_192_CFB128,
64 POLARSSL_CIPHER_AES_256_CFB128,
65#endif /* defined(POLARSSL_CIPHER_MODE_CFB) */
66
67#if defined(POLARSSL_CIPHER_MODE_CTR)
68 POLARSSL_CIPHER_AES_128_CTR,
69 POLARSSL_CIPHER_AES_192_CTR,
70 POLARSSL_CIPHER_AES_256_CTR,
71#endif /* defined(POLARSSL_CIPHER_MODE_CTR) */
72
Manuel Pégourié-Gonnard83f3fc02013-09-04 12:07:24 +0200[diff] [blame]73#if defined(POLARSSL_GCM_C)
74 POLARSSL_CIPHER_AES_128_GCM,
75 POLARSSL_CIPHER_AES_192_GCM,
76 POLARSSL_CIPHER_AES_256_GCM,
77#endif /* defined(POLARSSL_GCM_C) */
78
Paul Bakker72f62662011-01-16 21:27:44 +0000[diff] [blame]79#endif /* defined(POLARSSL_AES_C) */
80
Manuel Pégourié-Gonnard37e230c2013-08-28 13:50:42 +0200[diff] [blame]81#if defined(POLARSSL_ARC4_C)
82 POLARSSL_CIPHER_ARC4_128,
83#endif
84
Paul Bakker72f62662011-01-16 21:27:44 +0000[diff] [blame]85#if defined(POLARSSL_CAMELLIA_C)
Paul Bakker5e0efa72013-09-08 23:04:04 +0200[diff] [blame]86 POLARSSL_CIPHER_CAMELLIA_128_ECB,
87 POLARSSL_CIPHER_CAMELLIA_192_ECB,
88 POLARSSL_CIPHER_CAMELLIA_256_ECB,
Paul Bakker72f62662011-01-16 21:27:44 +0000[diff] [blame]89 POLARSSL_CIPHER_CAMELLIA_128_CBC,
90 POLARSSL_CIPHER_CAMELLIA_192_CBC,
91 POLARSSL_CIPHER_CAMELLIA_256_CBC,
Paul Bakker343a8702011-06-09 14:27:58 +0000[diff] [blame]92
93#if defined(POLARSSL_CIPHER_MODE_CFB)
94 POLARSSL_CIPHER_CAMELLIA_128_CFB128,
95 POLARSSL_CIPHER_CAMELLIA_192_CFB128,
96 POLARSSL_CIPHER_CAMELLIA_256_CFB128,
97#endif /* defined(POLARSSL_CIPHER_MODE_CFB) */
98
99#if defined(POLARSSL_CIPHER_MODE_CTR)
100 POLARSSL_CIPHER_CAMELLIA_128_CTR,
101 POLARSSL_CIPHER_CAMELLIA_192_CTR,
102 POLARSSL_CIPHER_CAMELLIA_256_CTR,
103#endif /* defined(POLARSSL_CIPHER_MODE_CTR) */
104
Paul Bakker72f62662011-01-16 21:27:44 +0000[diff] [blame]105#endif /* defined(POLARSSL_CAMELLIA_C) */
106
107#if defined(POLARSSL_DES_C)
Paul Bakker5e0efa72013-09-08 23:04:04 +0200[diff] [blame]108 POLARSSL_CIPHER_DES_ECB,
109 POLARSSL_CIPHER_DES_EDE_ECB,
110 POLARSSL_CIPHER_DES_EDE3_ECB,
Paul Bakker72f62662011-01-16 21:27:44 +0000[diff] [blame]111 POLARSSL_CIPHER_DES_CBC,
112 POLARSSL_CIPHER_DES_EDE_CBC,
113 POLARSSL_CIPHER_DES_EDE3_CBC,
114#endif /* defined(POLARSSL_DES_C) */
115
Paul Bakker6132d0a2012-07-04 17:10:40 +0000[diff] [blame]116#if defined(POLARSSL_BLOWFISH_C)
Paul Bakker5e0efa72013-09-08 23:04:04 +0200[diff] [blame]117 POLARSSL_CIPHER_BLOWFISH_ECB,
Paul Bakker6132d0a2012-07-04 17:10:40 +0000[diff] [blame]118 POLARSSL_CIPHER_BLOWFISH_CBC,
119
120#if defined(POLARSSL_CIPHER_MODE_CFB)
121 POLARSSL_CIPHER_BLOWFISH_CFB64,
122#endif /* defined(POLARSSL_CIPHER_MODE_CFB) */
123
124#if defined(POLARSSL_CIPHER_MODE_CTR)
125 POLARSSL_CIPHER_BLOWFISH_CTR,
126#endif /* defined(POLARSSL_CIPHER_MODE_CTR) */
127
128#endif /* defined(POLARSSL_BLOWFISH_C) */
129
Paul Bakkerfab5c822012-02-06 16:45:10 +0000[diff] [blame]130#if defined(POLARSSL_CIPHER_NULL_CIPHER)
131 POLARSSL_CIPHER_NULL,
132#endif /* defined(POLARSSL_CIPHER_NULL_CIPHER) */
133
Paul Bakker72f62662011-01-16 21:27:44 +0000[diff] [blame]134 0
135};
136
137const int *cipher_list( void )
138{
139 return supported_ciphers;
140}
141
Paul Bakkerec1b9842012-01-14 18:24:43 +0000[diff] [blame]142const cipher_info_t *cipher_info_from_type( const cipher_type_t cipher_type )
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]143{
144 /* Find static cipher information */
145 switch ( cipher_type )
146 {
147#if defined(POLARSSL_AES_C)
Paul Bakker5e0efa72013-09-08 23:04:04 +0200[diff] [blame]148 case POLARSSL_CIPHER_AES_128_ECB:
149 return &aes_128_ecb_info;
150 case POLARSSL_CIPHER_AES_192_ECB:
151 return &aes_192_ecb_info;
152 case POLARSSL_CIPHER_AES_256_ECB:
153 return &aes_256_ecb_info;
154
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]155 case POLARSSL_CIPHER_AES_128_CBC:
156 return &aes_128_cbc_info;
157 case POLARSSL_CIPHER_AES_192_CBC:
158 return &aes_192_cbc_info;
159 case POLARSSL_CIPHER_AES_256_CBC:
160 return &aes_256_cbc_info;
Paul Bakker343a8702011-06-09 14:27:58 +0000[diff] [blame]161
162#if defined(POLARSSL_CIPHER_MODE_CFB)
163 case POLARSSL_CIPHER_AES_128_CFB128:
164 return &aes_128_cfb128_info;
165 case POLARSSL_CIPHER_AES_192_CFB128:
166 return &aes_192_cfb128_info;
167 case POLARSSL_CIPHER_AES_256_CFB128:
168 return &aes_256_cfb128_info;
169#endif /* defined(POLARSSL_CIPHER_MODE_CFB) */
170
171#if defined(POLARSSL_CIPHER_MODE_CTR)
172 case POLARSSL_CIPHER_AES_128_CTR:
173 return &aes_128_ctr_info;
174 case POLARSSL_CIPHER_AES_192_CTR:
175 return &aes_192_ctr_info;
176 case POLARSSL_CIPHER_AES_256_CTR:
177 return &aes_256_ctr_info;
178#endif /* defined(POLARSSL_CIPHER_MODE_CTR) */
179
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]180#if defined(POLARSSL_GCM_C)
181 case POLARSSL_CIPHER_AES_128_GCM:
182 return &aes_128_gcm_info;
Manuel Pégourié-Gonnard83f3fc02013-09-04 12:07:24 +0200[diff] [blame]183 case POLARSSL_CIPHER_AES_192_GCM:
184 return &aes_192_gcm_info;
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]185 case POLARSSL_CIPHER_AES_256_GCM:
186 return &aes_256_gcm_info;
187#endif /* defined(POLARSSL_GCM_C) */
188
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]189#endif
190
191#if defined(POLARSSL_CAMELLIA_C)
Paul Bakker5e0efa72013-09-08 23:04:04 +0200[diff] [blame]192 case POLARSSL_CIPHER_CAMELLIA_128_ECB:
193 return &camellia_128_ecb_info;
194 case POLARSSL_CIPHER_CAMELLIA_192_ECB:
195 return &camellia_192_ecb_info;
196 case POLARSSL_CIPHER_CAMELLIA_256_ECB:
197 return &camellia_256_ecb_info;
198
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]199 case POLARSSL_CIPHER_CAMELLIA_128_CBC:
200 return &camellia_128_cbc_info;
201 case POLARSSL_CIPHER_CAMELLIA_192_CBC:
202 return &camellia_192_cbc_info;
203 case POLARSSL_CIPHER_CAMELLIA_256_CBC:
204 return &camellia_256_cbc_info;
Paul Bakker343a8702011-06-09 14:27:58 +0000[diff] [blame]205
206#if defined(POLARSSL_CIPHER_MODE_CFB)
207 case POLARSSL_CIPHER_CAMELLIA_128_CFB128:
208 return &camellia_128_cfb128_info;
209 case POLARSSL_CIPHER_CAMELLIA_192_CFB128:
210 return &camellia_192_cfb128_info;
211 case POLARSSL_CIPHER_CAMELLIA_256_CFB128:
212 return &camellia_256_cfb128_info;
213#endif /* defined(POLARSSL_CIPHER_MODE_CFB) */
214
215#if defined(POLARSSL_CIPHER_MODE_CTR)
216 case POLARSSL_CIPHER_CAMELLIA_128_CTR:
217 return &camellia_128_ctr_info;
218 case POLARSSL_CIPHER_CAMELLIA_192_CTR:
219 return &camellia_192_ctr_info;
220 case POLARSSL_CIPHER_CAMELLIA_256_CTR:
221 return &camellia_256_ctr_info;
222#endif /* defined(POLARSSL_CIPHER_MODE_CTR) */
223
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]224#endif
225
226#if defined(POLARSSL_DES_C)
Paul Bakker5e0efa72013-09-08 23:04:04 +0200[diff] [blame]227 case POLARSSL_CIPHER_DES_ECB:
228 return &des_ecb_info;
229 case POLARSSL_CIPHER_DES_EDE_ECB:
230 return &des_ede_ecb_info;
231 case POLARSSL_CIPHER_DES_EDE3_ECB:
232 return &des_ede3_ecb_info;
233
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]234 case POLARSSL_CIPHER_DES_CBC:
235 return &des_cbc_info;
236 case POLARSSL_CIPHER_DES_EDE_CBC:
237 return &des_ede_cbc_info;
238 case POLARSSL_CIPHER_DES_EDE3_CBC:
239 return &des_ede3_cbc_info;
240#endif
241
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]242#if defined(POLARSSL_ARC4_C)
243 case POLARSSL_CIPHER_ARC4_128:
244 return &arc4_128_info;
245#endif
246
Paul Bakker6132d0a2012-07-04 17:10:40 +0000[diff] [blame]247#if defined(POLARSSL_BLOWFISH_C)
Paul Bakker5e0efa72013-09-08 23:04:04 +0200[diff] [blame]248 case POLARSSL_CIPHER_BLOWFISH_ECB:
249 return &blowfish_ecb_info;
250
Paul Bakker6132d0a2012-07-04 17:10:40 +0000[diff] [blame]251 case POLARSSL_CIPHER_BLOWFISH_CBC:
252 return &blowfish_cbc_info;
253
254#if defined(POLARSSL_CIPHER_MODE_CFB)
255 case POLARSSL_CIPHER_BLOWFISH_CFB64:
256 return &blowfish_cfb64_info;
257#endif /* defined(POLARSSL_CIPHER_MODE_CFB) */
258
259#if defined(POLARSSL_CIPHER_MODE_CTR)
260 case POLARSSL_CIPHER_BLOWFISH_CTR:
261 return &blowfish_ctr_info;
262#endif /* defined(POLARSSL_CIPHER_MODE_CTR) */
263
264#endif
265
Paul Bakkerfab5c822012-02-06 16:45:10 +0000[diff] [blame]266#if defined(POLARSSL_CIPHER_NULL_CIPHER)
267 case POLARSSL_CIPHER_NULL:
268 return &null_cipher_info;
269#endif /* defined(POLARSSL_CIPHER_NULL_CIPHER) */
270
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]271 default:
272 return NULL;
273 }
274}
275
276const cipher_info_t *cipher_info_from_string( const char *cipher_name )
277{
278 if( NULL == cipher_name )
279 return NULL;
280
Paul Bakker343a8702011-06-09 14:27:58 +0000[diff] [blame]281 /* Get the appropriate cipher information */
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]282#if defined(POLARSSL_CAMELLIA_C)
283 if( !strcasecmp( "CAMELLIA-128-CBC", cipher_name ) )
284 return cipher_info_from_type( POLARSSL_CIPHER_CAMELLIA_128_CBC );
285 if( !strcasecmp( "CAMELLIA-192-CBC", cipher_name ) )
286 return cipher_info_from_type( POLARSSL_CIPHER_CAMELLIA_192_CBC );
287 if( !strcasecmp( "CAMELLIA-256-CBC", cipher_name ) )
288 return cipher_info_from_type( POLARSSL_CIPHER_CAMELLIA_256_CBC );
Paul Bakker343a8702011-06-09 14:27:58 +0000[diff] [blame]289
290#if defined(POLARSSL_CIPHER_MODE_CFB)
291 if( !strcasecmp( "CAMELLIA-128-CFB128", cipher_name ) )
292 return cipher_info_from_type( POLARSSL_CIPHER_CAMELLIA_128_CFB128 );
293 if( !strcasecmp( "CAMELLIA-192-CFB128", cipher_name ) )
294 return cipher_info_from_type( POLARSSL_CIPHER_CAMELLIA_192_CFB128 );
295 if( !strcasecmp( "CAMELLIA-256-CFB128", cipher_name ) )
296 return cipher_info_from_type( POLARSSL_CIPHER_CAMELLIA_256_CFB128 );
297#endif /* defined(POLARSSL_CIPHER_MODE_CFB) */
298
299#if defined(POLARSSL_CIPHER_MODE_CTR)
300 if( !strcasecmp( "CAMELLIA-128-CTR", cipher_name ) )
301 return cipher_info_from_type( POLARSSL_CIPHER_CAMELLIA_128_CTR );
302 if( !strcasecmp( "CAMELLIA-192-CTR", cipher_name ) )
303 return cipher_info_from_type( POLARSSL_CIPHER_CAMELLIA_192_CTR );
304 if( !strcasecmp( "CAMELLIA-256-CTR", cipher_name ) )
305 return cipher_info_from_type( POLARSSL_CIPHER_CAMELLIA_256_CTR );
306#endif /* defined(POLARSSL_CIPHER_MODE_CTR) */
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]307#endif
Paul Bakker343a8702011-06-09 14:27:58 +0000[diff] [blame]308
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]309#if defined(POLARSSL_AES_C)
310 if( !strcasecmp( "AES-128-CBC", cipher_name ) )
311 return cipher_info_from_type( POLARSSL_CIPHER_AES_128_CBC );
312 if( !strcasecmp( "AES-192-CBC", cipher_name ) )
313 return cipher_info_from_type( POLARSSL_CIPHER_AES_192_CBC );
314 if( !strcasecmp( "AES-256-CBC", cipher_name ) )
315 return cipher_info_from_type( POLARSSL_CIPHER_AES_256_CBC );
Paul Bakker343a8702011-06-09 14:27:58 +0000[diff] [blame]316
317#if defined(POLARSSL_CIPHER_MODE_CFB)
318 if( !strcasecmp( "AES-128-CFB128", cipher_name ) )
319 return cipher_info_from_type( POLARSSL_CIPHER_AES_128_CFB128 );
320 if( !strcasecmp( "AES-192-CFB128", cipher_name ) )
321 return cipher_info_from_type( POLARSSL_CIPHER_AES_192_CFB128 );
322 if( !strcasecmp( "AES-256-CFB128", cipher_name ) )
323 return cipher_info_from_type( POLARSSL_CIPHER_AES_256_CFB128 );
324#endif /* defined(POLARSSL_CIPHER_MODE_CFB) */
325
326#if defined(POLARSSL_CIPHER_MODE_CTR)
327 if( !strcasecmp( "AES-128-CTR", cipher_name ) )
328 return cipher_info_from_type( POLARSSL_CIPHER_AES_128_CTR );
329 if( !strcasecmp( "AES-192-CTR", cipher_name ) )
330 return cipher_info_from_type( POLARSSL_CIPHER_AES_192_CTR );
331 if( !strcasecmp( "AES-256-CTR", cipher_name ) )
332 return cipher_info_from_type( POLARSSL_CIPHER_AES_256_CTR );
333#endif /* defined(POLARSSL_CIPHER_MODE_CTR) */
Manuel Pégourié-Gonnard07f8fa52013-08-30 18:34:08 +0200[diff] [blame]334
335#if defined(POLARSSL_GCM_C)
336 if( !strcasecmp( "AES-128-GCM", cipher_name ) )
337 return cipher_info_from_type( POLARSSL_CIPHER_AES_128_GCM );
Manuel Pégourié-Gonnard83f3fc02013-09-04 12:07:24 +0200[diff] [blame]338 if( !strcasecmp( "AES-192-GCM", cipher_name ) )
339 return cipher_info_from_type( POLARSSL_CIPHER_AES_192_GCM );
Manuel Pégourié-Gonnard07f8fa52013-08-30 18:34:08 +0200[diff] [blame]340 if( !strcasecmp( "AES-256-GCM", cipher_name ) )
341 return cipher_info_from_type( POLARSSL_CIPHER_AES_256_GCM );
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]342#endif
Manuel Pégourié-Gonnard07f8fa52013-08-30 18:34:08 +0200[diff] [blame]343#endif /* POLARSSL_AES_C */
Paul Bakker343a8702011-06-09 14:27:58 +0000[diff] [blame]344
Manuel Pégourié-Gonnard37e230c2013-08-28 13:50:42 +0200[diff] [blame]345#if defined(POLARSSL_ARC4_C)
346 if( !strcasecmp( "ARC4-128", cipher_name ) )
347 return( cipher_info_from_type( POLARSSL_CIPHER_ARC4_128 ) );
348#endif
349
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]350#if defined(POLARSSL_DES_C)
351 if( !strcasecmp( "DES-CBC", cipher_name ) )
352 return cipher_info_from_type( POLARSSL_CIPHER_DES_CBC );
353 if( !strcasecmp( "DES-EDE-CBC", cipher_name ) )
354 return cipher_info_from_type( POLARSSL_CIPHER_DES_EDE_CBC );
355 if( !strcasecmp( "DES-EDE3-CBC", cipher_name ) )
356 return cipher_info_from_type( POLARSSL_CIPHER_DES_EDE3_CBC );
357#endif
Paul Bakkerfab5c822012-02-06 16:45:10 +0000[diff] [blame]358
Paul Bakker6132d0a2012-07-04 17:10:40 +0000[diff] [blame]359#if defined(POLARSSL_BLOWFISH_C)
360 if( !strcasecmp( "BLOWFISH-CBC", cipher_name ) )
361 return cipher_info_from_type( POLARSSL_CIPHER_BLOWFISH_CBC );
362
363#if defined(POLARSSL_CIPHER_MODE_CFB)
364 if( !strcasecmp( "BLOWFISH-CFB64", cipher_name ) )
365 return cipher_info_from_type( POLARSSL_CIPHER_BLOWFISH_CFB64 );
366#endif /* defined(POLARSSL_CIPHER_MODE_CFB) */
367
368#if defined(POLARSSL_CIPHER_MODE_CTR)
369 if( !strcasecmp( "BLOWFISH-CTR", cipher_name ) )
370 return cipher_info_from_type( POLARSSL_CIPHER_BLOWFISH_CTR );
371#endif /* defined(POLARSSL_CIPHER_MODE_CTR) */
372#endif
373
Paul Bakkerfab5c822012-02-06 16:45:10 +0000[diff] [blame]374#if defined(POLARSSL_CIPHER_NULL_CIPHER)
375 if( !strcasecmp( "NULL", cipher_name ) )
376 return cipher_info_from_type( POLARSSL_CIPHER_NULL );
377#endif /* defined(POLARSSL_CIPHER_NULL_CIPHER) */
378
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]379 return NULL;
380}
381
Paul Bakkerf46b6952013-09-09 00:08:26 +0200[diff] [blame]382const cipher_info_t *cipher_info_from_values( const cipher_id_t cipher_id,
383 int key_length,
384 const cipher_mode_t mode )
385{
386#if defined(POLARSSL_AES_C)
387 if( cipher_id == POLARSSL_CIPHER_ID_AES )
388 {
389 if( mode == POLARSSL_MODE_ECB )
390 {
391 if( key_length == 128 )
392 return &aes_128_ecb_info;
393 if( key_length == 192 )
394 return &aes_192_ecb_info;
395 if( key_length == 256 )
396 return &aes_256_ecb_info;
397 }
398
399 if( mode == POLARSSL_MODE_CBC )
400 {
401 if( key_length == 128 )
402 return &aes_128_cbc_info;
403 if( key_length == 192 )
404 return &aes_192_cbc_info;
405 if( key_length == 256 )
406 return &aes_256_cbc_info;
407 }
408
409#if defined(POLARSSL_CIPHER_MODE_CFB)
410 if( mode == POLARSSL_MODE_CFB )
411 {
412 if( key_length == 128 )
413 return &aes_128_cfb128_info;
414 if( key_length == 192 )
415 return &aes_192_cfb128_info;
416 if( key_length == 256 )
417 return &aes_256_cfb128_info;
418 }
419#endif /* defined(POLARSSL_CIPHER_MODE_CFB) */
420
421#if defined(POLARSSL_CIPHER_MODE_CTR)
422 if( mode == POLARSSL_MODE_CTR )
423 {
424 if( key_length == 128 )
425 return &aes_128_ctr_info;
426 if( key_length == 192 )
427 return &aes_192_ctr_info;
428 if( key_length == 256 )
429 return &aes_256_ctr_info;
430 }
431#endif /* defined(POLARSSL_CIPHER_MODE_CTR) */
432
433#if defined(POLARSSL_GCM_C)
434 if( mode == POLARSSL_MODE_GCM )
435 {
436 if( key_length == 128 )
437 return &aes_128_gcm_info;
438 if( key_length == 192 )
439 return &aes_192_gcm_info;
440 if( key_length == 256 )
441 return &aes_256_gcm_info;
442 }
443#endif /* defined(POLARSSL_GCM_C) */
444 }
445#endif
446
447#if defined(POLARSSL_CAMELLIA_C)
448 if( cipher_id == POLARSSL_CIPHER_ID_CAMELLIA )
449 {
450 if( mode == POLARSSL_MODE_ECB )
451 {
452 if( key_length == 128 )
453 return &camellia_128_ecb_info;
454 if( key_length == 192 )
455 return &camellia_192_ecb_info;
456 if( key_length == 256 )
457 return &camellia_256_ecb_info;
458 }
459
460 if( mode == POLARSSL_MODE_CBC )
461 {
462 if( key_length == 128 )
463 return &camellia_128_cbc_info;
464 if( key_length == 192 )
465 return &camellia_192_cbc_info;
466 if( key_length == 256 )
467 return &camellia_256_cbc_info;
468 }
469
470#if defined(POLARSSL_CIPHER_MODE_CFB)
471 if( mode == POLARSSL_MODE_CFB )
472 {
473 if( key_length == 128 )
474 return &camellia_128_cfb128_info;
475 if( key_length == 192 )
476 return &camellia_192_cfb128_info;
477 if( key_length == 256 )
478 return &camellia_256_cfb128_info;
479 }
480#endif /* defined(POLARSSL_CIPHER_MODE_CFB) */
481
482#if defined(POLARSSL_CIPHER_MODE_CTR)
483 if( mode == POLARSSL_MODE_CTR )
484 {
485 if( key_length == 128 )
486 return &camellia_128_ctr_info;
487 if( key_length == 192 )
488 return &camellia_192_ctr_info;
489 if( key_length == 256 )
490 return &camellia_256_ctr_info;
491 }
492#endif /* defined(POLARSSL_CIPHER_MODE_CTR) */
493 }
494#endif
495
496#if defined(POLARSSL_DES_C)
Paul Bakker2a6a3a72013-09-10 14:29:28 +0200[diff] [blame]497 if( cipher_id == POLARSSL_CIPHER_ID_DES && key_length == 64 )
Paul Bakkerf46b6952013-09-09 00:08:26 +0200[diff] [blame]498 {
499 if( mode == POLARSSL_MODE_ECB )
500 return &des_ecb_info;
501
502 if( mode == POLARSSL_MODE_CBC )
503 return &des_cbc_info;
504 }
505
506 if( cipher_id == POLARSSL_CIPHER_ID_3DES )
507 {
508 if( mode == POLARSSL_MODE_ECB )
509 {
510 if( key_length == 128 )
511 return &des_ede_ecb_info;
512 if( key_length == 192 )
513 return &des_ede3_ecb_info;
514 }
515
516 if( mode == POLARSSL_MODE_CBC )
517 {
518 if( key_length == 128 )
519 return &des_ede_cbc_info;
520 if( key_length == 192 )
521 return &des_ede3_cbc_info;
522 }
523 }
524#endif
525
526#if defined(POLARSSL_ARC4_C)
Paul Bakker2a6a3a72013-09-10 14:29:28 +0200[diff] [blame]527 if( cipher_id == POLARSSL_CIPHER_ID_ARC4 &&
528 key_length == 128 && mode == POLARSSL_MODE_STREAM )
Paul Bakkerf46b6952013-09-09 00:08:26 +0200[diff] [blame]529 return &arc4_128_info;
530#endif
531
532#if defined(POLARSSL_BLOWFISH_C)
Paul Bakker2a6a3a72013-09-10 14:29:28 +0200[diff] [blame]533 if( cipher_id == POLARSSL_CIPHER_ID_BLOWFISH && key_length == 128 )
Paul Bakkerf46b6952013-09-09 00:08:26 +0200[diff] [blame]534 {
535 if( mode == POLARSSL_MODE_ECB )
536 return &blowfish_ecb_info;
537
538 if( mode == POLARSSL_MODE_CBC )
539 return &blowfish_cbc_info;
540
541#if defined(POLARSSL_CIPHER_MODE_CFB)
542 if( mode == POLARSSL_MODE_CFB )
543 return &blowfish_cfb64_info;
544#endif /* defined(POLARSSL_CIPHER_MODE_CFB) */
545
546#if defined(POLARSSL_CIPHER_MODE_CTR)
547 if( mode == POLARSSL_MODE_CTR )
548 return &blowfish_ctr_info;
549#endif /* defined(POLARSSL_CIPHER_MODE_CTR) */
550 }
551#endif
552
553#if defined(POLARSSL_CIPHER_NULL_CIPHER)
554 if( cipher_id == POLARSSL_CIPHER_ID_NULL )
555 return &null_cipher_info;
556#endif /* defined(POLARSSL_CIPHER_NULL_CIPHER) */
557
558 return NULL;
559}
560
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]561int cipher_init_ctx( cipher_context_t *ctx, const cipher_info_t *cipher_info )
562{
563 if( NULL == cipher_info || NULL == ctx )
Paul Bakkerff61a782011-06-09 15:42:02 +0000[diff] [blame]564 return POLARSSL_ERR_CIPHER_BAD_INPUT_DATA;
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]565
Paul Bakker279432a2012-04-26 10:09:35 +0000[diff] [blame]566 memset( ctx, 0, sizeof( cipher_context_t ) );
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]567
Paul Bakker343a8702011-06-09 14:27:58 +0000[diff] [blame]568 if( NULL == ( ctx->cipher_ctx = cipher_info->base->ctx_alloc_func() ) )
Paul Bakkerff61a782011-06-09 15:42:02 +0000[diff] [blame]569 return POLARSSL_ERR_CIPHER_ALLOC_FAILED;
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]570
571 ctx->cipher_info = cipher_info;
572
Manuel Pégourié-Gonnardac56a1a2013-07-25 12:31:10 +0200[diff] [blame]573 /*
574 * Ignore possible errors caused by a cipher mode that doesn't use padding
575 */
Paul Bakker48e93c82013-08-14 12:21:18 +0200[diff] [blame]576#if defined(POLARSSL_CIPHER_PADDING_PKCS7)
Manuel Pégourié-Gonnardac56a1a2013-07-25 12:31:10 +0200[diff] [blame]577 (void) cipher_set_padding_mode( ctx, POLARSSL_PADDING_PKCS7 );
Paul Bakker48e93c82013-08-14 12:21:18 +0200[diff] [blame]578#else
579 (void) cipher_set_padding_mode( ctx, POLARSSL_PADDING_NONE );
580#endif
Manuel Pégourié-Gonnardac56a1a2013-07-25 12:31:10 +0200[diff] [blame]581
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]582 return 0;
583}
584
585int cipher_free_ctx( cipher_context_t *ctx )
586{
587 if( ctx == NULL || ctx->cipher_info == NULL )
Paul Bakkerff61a782011-06-09 15:42:02 +0000[diff] [blame]588 return POLARSSL_ERR_CIPHER_BAD_INPUT_DATA;
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]589
Paul Bakker343a8702011-06-09 14:27:58 +0000[diff] [blame]590 ctx->cipher_info->base->ctx_free_func( ctx->cipher_ctx );
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]591
592 return 0;
593}
594
595int cipher_setkey( cipher_context_t *ctx, const unsigned char *key,
596 int key_length, const operation_t operation )
597{
598 if( NULL == ctx || NULL == ctx->cipher_info )
Paul Bakkerff61a782011-06-09 15:42:02 +0000[diff] [blame]599 return POLARSSL_ERR_CIPHER_BAD_INPUT_DATA;
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]600
601 ctx->key_length = key_length;
602 ctx->operation = operation;
603
Paul Bakker343a8702011-06-09 14:27:58 +0000[diff] [blame]604 /*
Paul Bakker6132d0a2012-07-04 17:10:40 +0000[diff] [blame]605 * For CFB and CTR mode always use the encryption key schedule
Paul Bakker343a8702011-06-09 14:27:58 +0000[diff] [blame]606 */
607 if( POLARSSL_ENCRYPT == operation ||
Paul Bakker6132d0a2012-07-04 17:10:40 +0000[diff] [blame]608 POLARSSL_MODE_CFB == ctx->cipher_info->mode ||
Paul Bakker343a8702011-06-09 14:27:58 +0000[diff] [blame]609 POLARSSL_MODE_CTR == ctx->cipher_info->mode )
610 {
611 return ctx->cipher_info->base->setkey_enc_func( ctx->cipher_ctx, key,
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]612 ctx->key_length );
Paul Bakker343a8702011-06-09 14:27:58 +0000[diff] [blame]613 }
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]614
Paul Bakker343a8702011-06-09 14:27:58 +0000[diff] [blame]615 if( POLARSSL_DECRYPT == operation )
616 return ctx->cipher_info->base->setkey_dec_func( ctx->cipher_ctx, key,
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]617 ctx->key_length );
618
Paul Bakkerff61a782011-06-09 15:42:02 +0000[diff] [blame]619 return POLARSSL_ERR_CIPHER_BAD_INPUT_DATA;
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]620}
621
Manuel Pégourié-Gonnard9c853b92013-09-03 13:04:44 +0200[diff] [blame]622int cipher_set_iv( cipher_context_t *ctx,
623 const unsigned char *iv, size_t iv_len )
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]624{
Manuel Pégourié-Gonnarda235b5b2013-09-03 13:25:52 +0200[diff] [blame]625 size_t actual_iv_size;
Manuel Pégourié-Gonnard9c853b92013-09-03 13:04:44 +0200[diff] [blame]626
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]627 if( NULL == ctx || NULL == ctx->cipher_info || NULL == iv )
Paul Bakkerff61a782011-06-09 15:42:02 +0000[diff] [blame]628 return POLARSSL_ERR_CIPHER_BAD_INPUT_DATA;
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]629
Manuel Pégourié-Gonnarda235b5b2013-09-03 13:25:52 +0200[diff] [blame]630 if( ctx->cipher_info->accepts_variable_iv_size )
631 actual_iv_size = iv_len;
632 else
633 actual_iv_size = ctx->cipher_info->iv_size;
Manuel Pégourié-Gonnard9c853b92013-09-03 13:04:44 +0200[diff] [blame]634
Manuel Pégourié-Gonnarda235b5b2013-09-03 13:25:52 +0200[diff] [blame]635 memcpy( ctx->iv, iv, actual_iv_size );
636 ctx->iv_size = actual_iv_size;
Manuel Pégourié-Gonnard9c853b92013-09-03 13:04:44 +0200[diff] [blame]637
638 return 0;
639}
640
Manuel Pégourié-Gonnard2adc40c2013-09-03 13:54:12 +0200[diff] [blame]641int cipher_reset( cipher_context_t *ctx )
Manuel Pégourié-Gonnard9c853b92013-09-03 13:04:44 +0200[diff] [blame]642{
Manuel Pégourié-Gonnard2adc40c2013-09-03 13:54:12 +0200[diff] [blame]643 if( NULL == ctx || NULL == ctx->cipher_info )
644 return POLARSSL_ERR_CIPHER_BAD_INPUT_DATA;
645
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]646 ctx->unprocessed_len = 0;
647
Manuel Pégourié-Gonnard2adc40c2013-09-03 13:54:12 +0200[diff] [blame]648 return 0;
649}
650
Manuel Pégourié-Gonnard43a47802013-09-03 16:35:53 +0200[diff] [blame]651#if defined(POLARSSL_CIPHER_MODE_AEAD)
Manuel Pégourié-Gonnard2adc40c2013-09-03 13:54:12 +0200[diff] [blame]652int cipher_update_ad( cipher_context_t *ctx,
653 const unsigned char *ad, size_t ad_len )
654{
655 if( NULL == ctx || NULL == ctx->cipher_info )
656 return POLARSSL_ERR_CIPHER_BAD_INPUT_DATA;
657
Manuel Pégourié-Gonnard07f8fa52013-08-30 18:34:08 +0200[diff] [blame]658#if defined(POLARSSL_GCM_C)
659 if( POLARSSL_MODE_GCM == ctx->cipher_info->mode )
660 {
Manuel Pégourié-Gonnard07f8fa52013-08-30 18:34:08 +0200[diff] [blame]661 return gcm_starts( ctx->cipher_ctx, ctx->operation,
Manuel Pégourié-Gonnard9c853b92013-09-03 13:04:44 +0200[diff] [blame]662 ctx->iv, ctx->iv_size, ad, ad_len );
Manuel Pégourié-Gonnard07f8fa52013-08-30 18:34:08 +0200[diff] [blame]663 }
664#endif
665
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]666 return 0;
667}
Manuel Pégourié-Gonnard43a47802013-09-03 16:35:53 +0200[diff] [blame]668#endif /* POLARSSL_CIPHER_MODE_AEAD */
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]669
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]670int cipher_update( cipher_context_t *ctx, const unsigned char *input, size_t ilen,
671 unsigned char *output, size_t *olen )
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]672{
Paul Bakkerff61a782011-06-09 15:42:02 +0000[diff] [blame]673 int ret;
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]674 size_t copy_len = 0;
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]675
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]676 *olen = 0;
677
678 if( NULL == ctx || NULL == ctx->cipher_info || NULL == olen )
Paul Bakkera885d682011-01-20 16:35:05 +0000[diff] [blame]679 {
Paul Bakkerff61a782011-06-09 15:42:02 +0000[diff] [blame]680 return POLARSSL_ERR_CIPHER_BAD_INPUT_DATA;
Paul Bakkera885d682011-01-20 16:35:05 +0000[diff] [blame]681 }
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]682
Paul Bakker5e0efa72013-09-08 23:04:04 +0200[diff] [blame]683 if( ctx->cipher_info->mode == POLARSSL_MODE_ECB )
684 {
685 if( ilen != cipher_get_block_size( ctx ) )
686 return POLARSSL_ERR_CIPHER_FULL_BLOCK_EXPECTED;
687
688 *olen = ilen;
689
690 if( 0 != ( ret = ctx->cipher_info->base->ecb_func( ctx->cipher_ctx,
691 ctx->operation, input, output ) ) )
692 {
693 return ret;
694 }
695
696 return 0;
697 }
698
Manuel Pégourié-Gonnardb8bd5932013-09-05 13:38:15 +0200[diff] [blame]699#if defined(POLARSSL_GCM_C)
Paul Bakker5e0efa72013-09-08 23:04:04 +0200[diff] [blame]700 if( ctx->cipher_info->mode == POLARSSL_MODE_GCM )
Manuel Pégourié-Gonnardb8bd5932013-09-05 13:38:15 +0200[diff] [blame]701 {
702 *olen = ilen;
703 return gcm_update( ctx->cipher_ctx, ilen, input, output );
704 }
705#endif
706
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]707 if( input == output &&
708 ( ctx->unprocessed_len != 0 || ilen % cipher_get_block_size( ctx ) ) )
709 {
710 return POLARSSL_ERR_CIPHER_BAD_INPUT_DATA;
711 }
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]712
Manuel Pégourié-Gonnardb8bd5932013-09-05 13:38:15 +0200[diff] [blame]713 if( ctx->cipher_info->mode == POLARSSL_MODE_CBC )
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]714 {
715 /*
716 * If there is not enough data for a full block, cache it.
717 */
718 if( ( ctx->operation == POLARSSL_DECRYPT &&
719 ilen + ctx->unprocessed_len <= cipher_get_block_size( ctx ) ) ||
720 ( ctx->operation == POLARSSL_ENCRYPT &&
721 ilen + ctx->unprocessed_len < cipher_get_block_size( ctx ) ) )
722 {
723 memcpy( &( ctx->unprocessed_data[ctx->unprocessed_len] ), input,
724 ilen );
725
726 ctx->unprocessed_len += ilen;
727 return 0;
728 }
729
730 /*
731 * Process cached data first
732 */
733 if( ctx->unprocessed_len != 0 )
734 {
735 copy_len = cipher_get_block_size( ctx ) - ctx->unprocessed_len;
736
737 memcpy( &( ctx->unprocessed_data[ctx->unprocessed_len] ), input,
738 copy_len );
739
Paul Bakkerff61a782011-06-09 15:42:02 +0000[diff] [blame]740 if( 0 != ( ret = ctx->cipher_info->base->cbc_func( ctx->cipher_ctx,
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]741 ctx->operation, cipher_get_block_size( ctx ), ctx->iv,
Paul Bakkerff61a782011-06-09 15:42:02 +0000[diff] [blame]742 ctx->unprocessed_data, output ) ) )
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]743 {
Paul Bakkerff61a782011-06-09 15:42:02 +0000[diff] [blame]744 return ret;
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]745 }
746
747 *olen += cipher_get_block_size( ctx );
748 output += cipher_get_block_size( ctx );
749 ctx->unprocessed_len = 0;
750
751 input += copy_len;
752 ilen -= copy_len;
753 }
754
755 /*
756 * Cache final, incomplete block
757 */
758 if( 0 != ilen )
759 {
760 copy_len = ilen % cipher_get_block_size( ctx );
761 if( copy_len == 0 && ctx->operation == POLARSSL_DECRYPT )
762 copy_len = cipher_get_block_size(ctx);
763
764 memcpy( ctx->unprocessed_data, &( input[ilen - copy_len] ),
765 copy_len );
766
767 ctx->unprocessed_len += copy_len;
768 ilen -= copy_len;
769 }
770
771 /*
772 * Process remaining full blocks
773 */
774 if( ilen )
775 {
Paul Bakkerff61a782011-06-09 15:42:02 +0000[diff] [blame]776 if( 0 != ( ret = ctx->cipher_info->base->cbc_func( ctx->cipher_ctx,
777 ctx->operation, ilen, ctx->iv, input, output ) ) )
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]778 {
Paul Bakkerff61a782011-06-09 15:42:02 +0000[diff] [blame]779 return ret;
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]780 }
Manuel Pégourié-Gonnard07f8fa52013-08-30 18:34:08 +0200[diff] [blame]781
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]782 *olen += ilen;
783 }
784
785 return 0;
786 }
787
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]788#if defined(POLARSSL_CIPHER_MODE_CFB)
Paul Bakker6132d0a2012-07-04 17:10:40 +0000[diff] [blame]789 if( ctx->cipher_info->mode == POLARSSL_MODE_CFB )
Paul Bakker343a8702011-06-09 14:27:58 +0000[diff] [blame]790 {
Paul Bakker6132d0a2012-07-04 17:10:40 +0000[diff] [blame]791 if( 0 != ( ret = ctx->cipher_info->base->cfb_func( ctx->cipher_ctx,
Paul Bakker343a8702011-06-09 14:27:58 +0000[diff] [blame]792 ctx->operation, ilen, &ctx->unprocessed_len, ctx->iv,
Paul Bakkerff61a782011-06-09 15:42:02 +0000[diff] [blame]793 input, output ) ) )
Paul Bakker343a8702011-06-09 14:27:58 +0000[diff] [blame]794 {
Paul Bakkerff61a782011-06-09 15:42:02 +0000[diff] [blame]795 return ret;
Paul Bakker343a8702011-06-09 14:27:58 +0000[diff] [blame]796 }
797
798 *olen = ilen;
799
800 return 0;
801 }
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]802#endif
Paul Bakker343a8702011-06-09 14:27:58 +0000[diff] [blame]803
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]804#if defined(POLARSSL_CIPHER_MODE_CTR)
Paul Bakker343a8702011-06-09 14:27:58 +0000[diff] [blame]805 if( ctx->cipher_info->mode == POLARSSL_MODE_CTR )
806 {
Paul Bakkerff61a782011-06-09 15:42:02 +0000[diff] [blame]807 if( 0 != ( ret = ctx->cipher_info->base->ctr_func( ctx->cipher_ctx,
Paul Bakker343a8702011-06-09 14:27:58 +0000[diff] [blame]808 ilen, &ctx->unprocessed_len, ctx->iv,
Paul Bakkerff61a782011-06-09 15:42:02 +0000[diff] [blame]809 ctx->unprocessed_data, input, output ) ) )
Paul Bakker343a8702011-06-09 14:27:58 +0000[diff] [blame]810 {
Paul Bakkerff61a782011-06-09 15:42:02 +0000[diff] [blame]811 return ret;
Paul Bakker343a8702011-06-09 14:27:58 +0000[diff] [blame]812 }
813
814 *olen = ilen;
815
816 return 0;
817 }
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]818#endif
Paul Bakker343a8702011-06-09 14:27:58 +0000[diff] [blame]819
Manuel Pégourié-Gonnard37e230c2013-08-28 13:50:42 +0200[diff] [blame]820#if defined(POLARSSL_CIPHER_MODE_STREAM)
821 if( ctx->cipher_info->mode == POLARSSL_MODE_STREAM )
822 {
823 if( 0 != ( ret = ctx->cipher_info->base->stream_func( ctx->cipher_ctx,
824 ilen, input, output ) ) )
825 {
826 return ret;
827 }
828
829 *olen = ilen;
830
831 return 0;
832 }
833#endif
834
Paul Bakkerff61a782011-06-09 15:42:02 +0000[diff] [blame]835 return POLARSSL_ERR_CIPHER_FEATURE_UNAVAILABLE;
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]836}
837
Paul Bakker48e93c82013-08-14 12:21:18 +0200[diff] [blame]838#if defined(POLARSSL_CIPHER_PADDING_PKCS7)
Manuel Pégourié-Gonnard679f9e92013-07-26 12:46:02 +0200[diff] [blame]839/*
840 * PKCS7 (and PKCS5) padding: fill with ll bytes, with ll = padding_len
841 */
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]842static void add_pkcs_padding( unsigned char *output, size_t output_len,
843 size_t data_len )
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]844{
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]845 size_t padding_len = output_len - data_len;
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]846 unsigned char i = 0;
847
848 for( i = 0; i < padding_len; i++ )
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]849 output[data_len + i] = (unsigned char) padding_len;
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]850}
851
Manuel Pégourié-Gonnardac56a1a2013-07-25 12:31:10 +0200[diff] [blame]852static int get_pkcs_padding( unsigned char *input, size_t input_len,
853 size_t *data_len )
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]854{
Paul Bakkerec1b9842012-01-14 18:24:43 +0000[diff] [blame]855 unsigned int i, padding_len = 0;
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]856
Paul Bakkera885d682011-01-20 16:35:05 +0000[diff] [blame]857 if( NULL == input || NULL == data_len )
Paul Bakkerff61a782011-06-09 15:42:02 +0000[diff] [blame]858 return POLARSSL_ERR_CIPHER_BAD_INPUT_DATA;
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]859
860 padding_len = input[input_len - 1];
861
Manuel Pégourié-Gonnardb7d24bc2013-07-26 10:58:48 +0200[diff] [blame]862 if( padding_len > input_len || padding_len == 0 )
Paul Bakkerff61a782011-06-09 15:42:02 +0000[diff] [blame]863 return POLARSSL_ERR_CIPHER_INVALID_PADDING;
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]864
Paul Bakkera885d682011-01-20 16:35:05 +0000[diff] [blame]865 for( i = input_len - padding_len; i < input_len; i++ )
866 if( input[i] != padding_len )
Paul Bakkerff61a782011-06-09 15:42:02 +0000[diff] [blame]867 return POLARSSL_ERR_CIPHER_INVALID_PADDING;
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]868
869 *data_len = input_len - padding_len;
870
871 return 0;
872}
Paul Bakker48e93c82013-08-14 12:21:18 +0200[diff] [blame]873#endif /* POLARSSL_CIPHER_PADDING_PKCS7 */
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]874
Paul Bakker48e93c82013-08-14 12:21:18 +0200[diff] [blame]875#if defined(POLARSSL_CIPHER_PADDING_ONE_AND_ZEROS)
Manuel Pégourié-Gonnard679f9e92013-07-26 12:46:02 +0200[diff] [blame]876/*
877 * One and zeros padding: fill with 80 00 ... 00
878 */
879static void add_one_and_zeros_padding( unsigned char *output,
880 size_t output_len, size_t data_len )
881{
882 size_t padding_len = output_len - data_len;
883 unsigned char i = 0;
884
885 output[data_len] = 0x80;
886 for( i = 1; i < padding_len; i++ )
887 output[data_len + i] = 0x00;
888}
889
890static int get_one_and_zeros_padding( unsigned char *input, size_t input_len,
891 size_t *data_len )
892{
893 unsigned char *p = input + input_len - 1;
894
895 if( NULL == input || NULL == data_len )
896 return POLARSSL_ERR_CIPHER_BAD_INPUT_DATA;
897
898 while( *p == 0x00 && p > input )
899 --p;
900
901 if( *p != 0x80 )
902 return POLARSSL_ERR_CIPHER_INVALID_PADDING;
903
904 *data_len = p - input;
905
906 return 0;
907}
Paul Bakker48e93c82013-08-14 12:21:18 +0200[diff] [blame]908#endif /* POLARSSL_CIPHER_PADDING_ONE_AND_ZEROS */
Manuel Pégourié-Gonnard679f9e92013-07-26 12:46:02 +0200[diff] [blame]909
Paul Bakker48e93c82013-08-14 12:21:18 +0200[diff] [blame]910#if defined(POLARSSL_CIPHER_PADDING_ZEROS_AND_LEN)
Manuel Pégourié-Gonnard8d4291b2013-07-26 14:55:18 +0200[diff] [blame]911/*
912 * Zeros and len padding: fill with 00 ... 00 ll, where ll is padding length
913 */
914static void add_zeros_and_len_padding( unsigned char *output,
915 size_t output_len, size_t data_len )
916{
917 size_t padding_len = output_len - data_len;
918 unsigned char i = 0;
919
920 for( i = 1; i < padding_len; i++ )
921 output[data_len + i - 1] = 0x00;
922 output[output_len - 1] = (unsigned char) padding_len;
923}
924
925static int get_zeros_and_len_padding( unsigned char *input, size_t input_len,
926 size_t *data_len )
927{
928 unsigned int i, padding_len = 0;
929
930 if( NULL == input || NULL == data_len )
931 return POLARSSL_ERR_CIPHER_BAD_INPUT_DATA;
932
933 padding_len = input[input_len - 1];
934
935 if( padding_len > input_len || padding_len == 0 )
936 return POLARSSL_ERR_CIPHER_INVALID_PADDING;
937
938 for( i = input_len - padding_len; i < input_len - 1; i++ )
939 if( input[i] != 0x00 )
940 return POLARSSL_ERR_CIPHER_INVALID_PADDING;
941
942 *data_len = input_len - padding_len;
943
944 return 0;
945}
Paul Bakker48e93c82013-08-14 12:21:18 +0200[diff] [blame]946#endif /* POLARSSL_CIPHER_PADDING_ZEROS_AND_LEN */
Manuel Pégourié-Gonnard8d4291b2013-07-26 14:55:18 +0200[diff] [blame]947
Paul Bakker48e93c82013-08-14 12:21:18 +0200[diff] [blame]948#if defined(POLARSSL_CIPHER_PADDING_ZEROS)
Manuel Pégourié-Gonnard0e7d2c02013-07-26 16:05:14 +0200[diff] [blame]949/*
950 * Zero padding: fill with 00 ... 00
951 */
952static void add_zeros_padding( unsigned char *output,
953 size_t output_len, size_t data_len )
954{
955 unsigned char i;
956
957 for( i = data_len; i < output_len; i++ )
958 output[i] = 0x00;
959}
960
961static int get_zeros_padding( unsigned char *input, size_t input_len,
962 size_t *data_len )
963{
964 unsigned char *p = input + input_len - 1;
965 if( NULL == input || NULL == data_len )
966 return POLARSSL_ERR_CIPHER_BAD_INPUT_DATA;
967
968 while( *p == 0x00 && p > input )
969 --p;
970
971 *data_len = *p == 0x00 ? 0 : p - input + 1;
972
973 return 0;
974}
Paul Bakker48e93c82013-08-14 12:21:18 +0200[diff] [blame]975#endif /* POLARSSL_CIPHER_PADDING_ZEROS */
Manuel Pégourié-Gonnard0e7d2c02013-07-26 16:05:14 +0200[diff] [blame]976
Manuel Pégourié-Gonnardebdc4132013-07-26 16:50:44 +0200[diff] [blame]977/*
978 * No padding: don't pad :)
979 *
980 * There is no add_padding function (check for NULL in cipher_finish)
981 * but a trivial get_padding function
982 */
983static int get_no_padding( unsigned char *input, size_t input_len,
984 size_t *data_len )
985{
986 if( NULL == input || NULL == data_len )
987 return POLARSSL_ERR_CIPHER_BAD_INPUT_DATA;
988
989 *data_len = input_len;
990
991 return 0;
992}
993
Manuel Pégourié-Gonnard9241be72013-08-31 17:31:03 +0200[diff] [blame]994int cipher_finish( cipher_context_t *ctx,
Manuel Pégourié-Gonnardaa9ffc52013-09-03 16:19:22 +0200[diff] [blame]995 unsigned char *output, size_t *olen )
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]996{
Paul Bakkerff61a782011-06-09 15:42:02 +0000[diff] [blame]997 int ret = 0;
998
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]999 if( NULL == ctx || NULL == ctx->cipher_info || NULL == olen )
Paul Bakkerff61a782011-06-09 15:42:02 +0000[diff] [blame]1000 return POLARSSL_ERR_CIPHER_BAD_INPUT_DATA;
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]1001
1002 *olen = 0;
1003
Paul Bakker6132d0a2012-07-04 17:10:40 +0000[diff] [blame]1004 if( POLARSSL_MODE_CFB == ctx->cipher_info->mode ||
Paul Bakkerfab5c822012-02-06 16:45:10 +0000[diff] [blame]1005 POLARSSL_MODE_CTR == ctx->cipher_info->mode ||
Manuel Pégourié-Gonnardb8bd5932013-09-05 13:38:15 +0200[diff] [blame]1006 POLARSSL_MODE_GCM == ctx->cipher_info->mode ||
Manuel Pégourié-Gonnardb5e85882013-08-28 16:36:14 +0200[diff] [blame]1007 POLARSSL_MODE_STREAM == ctx->cipher_info->mode )
Paul Bakker343a8702011-06-09 14:27:58 +0000[diff] [blame]1008 {
1009 return 0;
1010 }
1011
Paul Bakker5e0efa72013-09-08 23:04:04 +0200[diff] [blame]1012 if( POLARSSL_MODE_ECB == ctx->cipher_info->mode )
1013 {
1014 if( ctx->unprocessed_len != 0 )
1015 return POLARSSL_ERR_CIPHER_FULL_BLOCK_EXPECTED;
1016
1017 return 0;
1018 }
1019
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]1020 if( POLARSSL_MODE_CBC == ctx->cipher_info->mode )
1021 {
1022 if( POLARSSL_ENCRYPT == ctx->operation )
1023 {
Manuel Pégourié-Gonnardebdc4132013-07-26 16:50:44 +0200[diff] [blame]1024 /* check for 'no padding' mode */
1025 if( NULL == ctx->add_padding )
1026 {
1027 if( 0 != ctx->unprocessed_len )
1028 return POLARSSL_ERR_CIPHER_FULL_BLOCK_EXPECTED;
1029
1030 return 0;
1031 }
1032
Manuel Pégourié-Gonnardac56a1a2013-07-25 12:31:10 +0200[diff] [blame]1033 ctx->add_padding( ctx->unprocessed_data, cipher_get_iv_size( ctx ),
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]1034 ctx->unprocessed_len );
1035 }
1036 else if ( cipher_get_block_size( ctx ) != ctx->unprocessed_len )
1037 {
Manuel Pégourié-Gonnardebdc4132013-07-26 16:50:44 +0200[diff] [blame]1038 /*
1039 * For decrypt operations, expect a full block,
1040 * or an empty block if no padding
1041 */
1042 if( NULL == ctx->add_padding && 0 == ctx->unprocessed_len )
1043 return 0;
1044
Paul Bakkerff61a782011-06-09 15:42:02 +0000[diff] [blame]1045 return POLARSSL_ERR_CIPHER_FULL_BLOCK_EXPECTED;
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]1046 }
1047
1048 /* cipher block */
Paul Bakkerff61a782011-06-09 15:42:02 +0000[diff] [blame]1049 if( 0 != ( ret = ctx->cipher_info->base->cbc_func( ctx->cipher_ctx,
1050 ctx->operation, cipher_get_block_size( ctx ), ctx->iv,
1051 ctx->unprocessed_data, output ) ) )
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]1052 {
Paul Bakkerff61a782011-06-09 15:42:02 +0000[diff] [blame]1053 return ret;
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]1054 }
1055
1056 /* Set output size for decryption */
1057 if( POLARSSL_DECRYPT == ctx->operation )
Manuel Pégourié-Gonnardac56a1a2013-07-25 12:31:10 +0200[diff] [blame]1058 return ctx->get_padding( output, cipher_get_block_size( ctx ),
1059 olen );
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]1060
1061 /* Set output size for encryption */
1062 *olen = cipher_get_block_size( ctx );
1063 return 0;
1064 }
1065
Paul Bakkerff61a782011-06-09 15:42:02 +0000[diff] [blame]1066 return POLARSSL_ERR_CIPHER_FEATURE_UNAVAILABLE;
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]1067}
1068
Manuel Pégourié-Gonnardac56a1a2013-07-25 12:31:10 +0200[diff] [blame]1069int cipher_set_padding_mode( cipher_context_t *ctx, cipher_padding_t mode )
1070{
1071 if( NULL == ctx ||
1072 POLARSSL_MODE_CBC != ctx->cipher_info->mode )
1073 {
1074 return POLARSSL_ERR_CIPHER_BAD_INPUT_DATA;
1075 }
1076
Paul Bakker1a45d912013-08-14 12:04:26 +0200[diff] [blame]1077 switch( mode )
Manuel Pégourié-Gonnardac56a1a2013-07-25 12:31:10 +0200[diff] [blame]1078 {
Paul Bakker48e93c82013-08-14 12:21:18 +0200[diff] [blame]1079#if defined(POLARSSL_CIPHER_PADDING_PKCS7)
Paul Bakker1a45d912013-08-14 12:04:26 +0200[diff] [blame]1080 case POLARSSL_PADDING_PKCS7:
Manuel Pégourié-Gonnardac56a1a2013-07-25 12:31:10 +0200[diff] [blame]1081 ctx->add_padding = add_pkcs_padding;
1082 ctx->get_padding = get_pkcs_padding;
Paul Bakker1a45d912013-08-14 12:04:26 +0200[diff] [blame]1083 break;
Paul Bakker48e93c82013-08-14 12:21:18 +0200[diff] [blame]1084#endif
1085#if defined(POLARSSL_CIPHER_PADDING_ONE_AND_ZEROS)
Paul Bakker1a45d912013-08-14 12:04:26 +0200[diff] [blame]1086 case POLARSSL_PADDING_ONE_AND_ZEROS:
Manuel Pégourié-Gonnard679f9e92013-07-26 12:46:02 +0200[diff] [blame]1087 ctx->add_padding = add_one_and_zeros_padding;
1088 ctx->get_padding = get_one_and_zeros_padding;
Paul Bakker1a45d912013-08-14 12:04:26 +0200[diff] [blame]1089 break;
Paul Bakker48e93c82013-08-14 12:21:18 +0200[diff] [blame]1090#endif
1091#if defined(POLARSSL_CIPHER_PADDING_ZEROS_AND_LEN)
Paul Bakker1a45d912013-08-14 12:04:26 +0200[diff] [blame]1092 case POLARSSL_PADDING_ZEROS_AND_LEN:
Manuel Pégourié-Gonnard8d4291b2013-07-26 14:55:18 +0200[diff] [blame]1093 ctx->add_padding = add_zeros_and_len_padding;
1094 ctx->get_padding = get_zeros_and_len_padding;
Paul Bakker1a45d912013-08-14 12:04:26 +0200[diff] [blame]1095 break;
Paul Bakker48e93c82013-08-14 12:21:18 +0200[diff] [blame]1096#endif
1097#if defined(POLARSSL_CIPHER_PADDING_ZEROS)
Paul Bakker1a45d912013-08-14 12:04:26 +0200[diff] [blame]1098 case POLARSSL_PADDING_ZEROS:
Manuel Pégourié-Gonnard0e7d2c02013-07-26 16:05:14 +0200[diff] [blame]1099 ctx->add_padding = add_zeros_padding;
1100 ctx->get_padding = get_zeros_padding;
Paul Bakker1a45d912013-08-14 12:04:26 +0200[diff] [blame]1101 break;
Paul Bakker48e93c82013-08-14 12:21:18 +0200[diff] [blame]1102#endif
Paul Bakker1a45d912013-08-14 12:04:26 +0200[diff] [blame]1103 case POLARSSL_PADDING_NONE:
Manuel Pégourié-Gonnardebdc4132013-07-26 16:50:44 +0200[diff] [blame]1104 ctx->add_padding = NULL;
1105 ctx->get_padding = get_no_padding;
Paul Bakker1a45d912013-08-14 12:04:26 +0200[diff] [blame]1106 break;
1107
1108 default:
Paul Bakker48e93c82013-08-14 12:21:18 +0200[diff] [blame]1109 return POLARSSL_ERR_CIPHER_FEATURE_UNAVAILABLE;
Manuel Pégourié-Gonnardebdc4132013-07-26 16:50:44 +0200[diff] [blame]1110 }
1111
Paul Bakker1a45d912013-08-14 12:04:26 +0200[diff] [blame]1112 return 0;
Manuel Pégourié-Gonnardac56a1a2013-07-25 12:31:10 +0200[diff] [blame]1113}
1114
Manuel Pégourié-Gonnard43a47802013-09-03 16:35:53 +0200[diff] [blame]1115#if defined(POLARSSL_CIPHER_MODE_AEAD)
Manuel Pégourié-Gonnardaa9ffc52013-09-03 16:19:22 +0200[diff] [blame]1116int cipher_write_tag( cipher_context_t *ctx,
1117 unsigned char *tag, size_t tag_len )
1118{
1119 if( NULL == ctx || NULL == ctx->cipher_info || NULL == tag )
1120 return POLARSSL_ERR_CIPHER_BAD_INPUT_DATA;
1121
Manuel Pégourié-Gonnardaa9ffc52013-09-03 16:19:22 +0200[diff] [blame]1122 if( POLARSSL_ENCRYPT != ctx->operation )
1123 return POLARSSL_ERR_CIPHER_BAD_INPUT_DATA;
1124
Manuel Pégourié-Gonnard43a47802013-09-03 16:35:53 +0200[diff] [blame]1125#if defined(POLARSSL_GCM_C)
1126 if( POLARSSL_MODE_GCM == ctx->cipher_info->mode )
1127 return gcm_finish( ctx->cipher_ctx, tag, tag_len );
1128#endif
1129
1130 return 0;
Manuel Pégourié-Gonnardaa9ffc52013-09-03 16:19:22 +0200[diff] [blame]1131}
1132
1133int cipher_check_tag( cipher_context_t *ctx,
1134 const unsigned char *tag, size_t tag_len )
1135{
1136 int ret;
Manuel Pégourié-Gonnardaa9ffc52013-09-03 16:19:22 +0200[diff] [blame]1137
Manuel Pégourié-Gonnard43a47802013-09-03 16:35:53 +0200[diff] [blame]1138 if( NULL == ctx || NULL == ctx->cipher_info ||
1139 POLARSSL_DECRYPT != ctx->operation )
1140 {
Manuel Pégourié-Gonnardaa9ffc52013-09-03 16:19:22 +0200[diff] [blame]1141 return POLARSSL_ERR_CIPHER_BAD_INPUT_DATA;
Manuel Pégourié-Gonnard43a47802013-09-03 16:35:53 +0200[diff] [blame]1142 }
Manuel Pégourié-Gonnardaa9ffc52013-09-03 16:19:22 +0200[diff] [blame]1143
Manuel Pégourié-Gonnard43a47802013-09-03 16:35:53 +0200[diff] [blame]1144#if defined(POLARSSL_GCM_C)
1145 if( POLARSSL_MODE_GCM == ctx->cipher_info->mode )
1146 {
1147 unsigned char check_tag[16];
1148 size_t i;
1149 int diff;
1150
1151 if( tag_len > sizeof( check_tag ) )
1152 return POLARSSL_ERR_CIPHER_BAD_INPUT_DATA;
1153
1154 if( 0 != ( ret = gcm_finish( ctx->cipher_ctx, check_tag, tag_len ) ) )
1155 return( ret );
1156
1157 /* Check the tag in "constant-time" */
1158 for( diff = 0, i = 0; i < tag_len; i++ )
1159 diff |= tag[i] ^ check_tag[i];
1160
1161 if( diff != 0 )
1162 return( POLARSSL_ERR_GCM_AUTH_FAILED );
1163
Manuel Pégourié-Gonnardaa9ffc52013-09-03 16:19:22 +0200[diff] [blame]1164 return( 0 );
Manuel Pégourié-Gonnard43a47802013-09-03 16:35:53 +0200[diff] [blame]1165 }
1166#endif
Manuel Pégourié-Gonnardaa9ffc52013-09-03 16:19:22 +0200[diff] [blame]1167
1168 return( 0 );
1169}
Manuel Pégourié-Gonnard43a47802013-09-03 16:35:53 +0200[diff] [blame]1170#endif /* POLARSSL_CIPHER_MODE_AEAD */
Manuel Pégourié-Gonnardaa9ffc52013-09-03 16:19:22 +0200[diff] [blame]1171
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]1172#if defined(POLARSSL_SELF_TEST)
1173
1174#include <stdio.h>
1175
1176#define ASSERT(x) if (!(x)) { \
1177 printf( "failed with %i at %s\n", value, (#x) ); \
1178 return( 1 ); \
1179}
1180/*
1181 * Checkup routine
1182 */
1183
1184int cipher_self_test( int verbose )
1185{
Paul Bakkerd61e7d92011-01-18 16:17:47 +0000[diff] [blame]1186 ((void) verbose);
1187
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]1188 return( 0 );
1189}
1190
1191#endif
1192
1193#endif