Blame - include/mbedtls/chacha20.h - mirror/mbed-tls

blob: d32da1b77f389f0bb45eaedfebf5534df5aa5d49 [file] [log] [blame]

Daniel King	34b822c	2016-05-15 17:28:08 -0300	[diff] [blame]	1	/**
				2	* \file chacha20.h
				3	*
				4	* \brief ChaCha20 cipher.
				5	*
				6	* \author Daniel King <damaki.gh@gmail.com>
				7	*
				8	* Copyright (C) 2006-2016, ARM Limited, All Rights Reserved
				9	* SPDX-License-Identifier: Apache-2.0
				10	*
				11	* Licensed under the Apache License, Version 2.0 (the "License"); you may
				12	* not use this file except in compliance with the License.
				13	* You may obtain a copy of the License at
				14	*
				15	* http://www.apache.org/licenses/LICENSE-2.0
				16	*
				17	* Unless required by applicable law or agreed to in writing, software
				18	* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
				19	* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
				20	* See the License for the specific language governing permissions and
				21	* limitations under the License.
				22	*
				23	* This file is part of mbed TLS (https://tls.mbed.org)
				24	*/
				25	#ifndef MBEDTLS_CHACHA20_H
				26	#define MBEDTLS_CHACHA20_H
				27
				28	#if !defined(MBEDTLS_CONFIG_FILE)
				29	#include "config.h"
				30	#else
				31	#include MBEDTLS_CONFIG_FILE
				32	#endif
				33
Daniel King	34b822c	2016-05-15 17:28:08 -0300	[diff] [blame]	34	#include <stdint.h>
				35	#include <stddef.h>
				36
				37	#define MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA -0x003B /*< Invalid input parameter(s). /
				38
Manuel Pégourié-Gonnard	823b7a0	2018-05-07 10:10:30 +0200	[diff] [blame]	39	#ifdef __cplusplus
				40	extern "C" {
				41	#endif
				42
Manuel Pégourié-Gonnard	95d0bdb	2018-05-07 09:58:35 +0200	[diff] [blame]	43	#if !defined(MBEDTLS_CHACHA20_ALT)
				44
Daniel King	34b822c	2016-05-15 17:28:08 -0300	[diff] [blame]	45	typedef struct
				46	{
				47	uint32_t initial_state[16]; /! Holds the initial state (before round operations) /
				48	uint32_t working_state[16]; /! Holds the working state (after round operations) /
				49	uint8_t keystream8[64]; /! Holds leftover keystream bytes /
				50	size_t keystream_bytes_used; /! Number of keystream bytes currently used /
				51	}
				52	mbedtls_chacha20_context;
				53
Manuel Pégourié-Gonnard	95d0bdb	2018-05-07 09:58:35 +0200	[diff] [blame]	54	#else /* MBEDTLS_CHACHA20_ALT */
				55	#include "chacha20_alt.h"
				56	#endif /* MBEDTLS_CHACHA20_ALT */
				57
Daniel King	34b822c	2016-05-15 17:28:08 -0300	[diff] [blame]	58	/**
				59	* \brief Initialize ChaCha20 context
				60	*
				61	* \param ctx ChaCha20 context to be initialized
				62	*/
				63	void mbedtls_chacha20_init( mbedtls_chacha20_context *ctx );
				64
				65	/**
				66	* \brief Clear ChaCha20 context
				67	*
				68	* \param ctx ChaCha20 context to be cleared
				69	*/
				70	void mbedtls_chacha20_free( mbedtls_chacha20_context *ctx );
				71
				72	/**
				73	* \brief Set the ChaCha20 key.
				74	*
				75	* \note The nonce and counter must be set after calling this function,
				76	* before data can be encrypted/decrypted. The nonce and
				77	* counter are set by calling mbedtls_chacha20_starts.
				78	*
				79	* \see mbedtls_chacha20_starts
				80	*
				81	* \param ctx The context to setup.
				82	* \param key Buffer containing the 256-bit key. Must be 32 bytes in length.
				83	*
				84	* \return MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA is returned if ctx or key
				85	* is NULL, or if key_bits is not 128 or 256.
				86	* Otherwise, 0 is returned to indicate success.
				87	*/
				88	int mbedtls_chacha20_setkey( mbedtls_chacha20_context *ctx,
				89	const unsigned char key[32] );
				90
				91	/**
				92	* \brief Set the ChaCha20 nonce and initial counter value.
				93	*
				94	* \note A ChaCha20 context can be re-used with the same key by
				95	* calling this function to change the nonce and/or initial
				96	* counter value.
				97	*
				98	* \param ctx The ChaCha20 context.
				99	* \param nonce Buffer containing the 96-bit nonce. Must be 12 bytes in size.
				100	* \param counter Initial counter value to use. This is usually 0.
				101	*
				102	* \return MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA is returned if ctx or
				103	* nonce is NULL.
				104	* Otherwise, 0 is returned to indicate success.
				105	*/
				106	int mbedtls_chacha20_starts( mbedtls_chacha20_context* ctx,
				107	const unsigned char nonce[12],
				108	uint32_t counter );
				109
				110	/**
				111	* \brief Encrypt or decrypt data.
				112	*
				113	* This function is used to both encrypt and decrypt data.
				114	*
Manuel Pégourié-Gonnard	502f189	2018-05-07 11:57:05 +0200	[diff] [blame]	115	* \note The \p input and \p output pointers must either be equal or
				116	* point to non-overlapping buffers.
Daniel King	34b822c	2016-05-15 17:28:08 -0300	[diff] [blame]	117	*
				118	* \note mbedtls_chacha20_setkey and mbedtls_chacha20_starts must be
				119	* called at least once to setup the context before this function
				120	* can be called.
				121	*
				122	* \param ctx The ChaCha20 context.
				123	* \param size The length (in bytes) to process. This can have any length.
				124	* \param input Buffer containing the input data.
Daniel King	a310c5e	2016-05-17 15:56:26 -0300	[diff] [blame]	125	* This pointer can be NULL if size == 0.
Daniel King	34b822c	2016-05-15 17:28:08 -0300	[diff] [blame]	126	* \param output Buffer containing the output data.
Daniel King	a310c5e	2016-05-17 15:56:26 -0300	[diff] [blame]	127	* This pointer can be NULL if size == 0.
Daniel King	34b822c	2016-05-15 17:28:08 -0300	[diff] [blame]	128	*
				129	* \return MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA if the ctx, input, or
				130	* output pointers are NULL.
				131	* Otherwise, 0 is returned to indicate success.
				132	*/
Daniel King	bd92062	2016-05-15 19:56:20 -0300	[diff] [blame]	133	int mbedtls_chacha20_update( mbedtls_chacha20_context *ctx,
Daniel King	34b822c	2016-05-15 17:28:08 -0300	[diff] [blame]	134	size_t size,
				135	const unsigned char *input,
				136	unsigned char *output );
				137
Daniel King	34b822c	2016-05-15 17:28:08 -0300	[diff] [blame]	138	/**
				139	* \brief Encrypt or decrypt a message using ChaCha20.
				140	*
				141	* This function is used the same way for encrypting and
				142	* decrypting data. It's not necessary to specify which
				143	* operation is being performed.
				144	*
				145	* \note The \p input and \p output buffers may overlap, but only
				146	* if input >= output (i.e. only if input points ahead of
				147	* the output pointer).
				148	*
				149	* \param key Buffer containing the 256-bit key. Must be 32 bytes in length.
				150	* \param nonce Buffer containing the 96-bit nonce. Must be 12 bytes in length.
				151	* \param counter The initial counter value. This is usually 0.
				152	* \param data_len The number of bytes to process.
				153	* \param input Buffer containing the input data (data to encrypt or decrypt).
				154	* \param output Buffer to where the processed data is written.
				155	*
				156	* \return MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA if key, nonce, input,
				157	* or output is NULL.
				158	* Otherwise, 0 is returned to indicate success.
				159	*/
				160	int mbedtls_chacha20_crypt( const unsigned char key[32],
				161	const unsigned char nonce[12],
				162	uint32_t counter,
				163	size_t data_len,
				164	const unsigned char* input,
				165	unsigned char* output );
				166
				167	/**
				168	* \brief Checkup routine
				169	*
				170	* \return 0 if successful, or 1 if the test failed
				171	*/
				172	int mbedtls_chacha20_self_test( int verbose );
				173
Manuel Pégourié-Gonnard	823b7a0	2018-05-07 10:10:30 +0200	[diff] [blame]	174	#ifdef __cplusplus
				175	}
				176	#endif
				177
Daniel King	34b822c	2016-05-15 17:28:08 -0300	[diff] [blame]	178	#endif /* MBEDTLS_CHACHA20_H */