TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / e1171bd26f93e70115a1bf7b51ac4badb755f9fe / . / tf-psa-crypto / drivers / builtin / include / mbedtls / des.h
blob: c2d910cbfa7bedd040aa5c03d87cef41cfcf1396 [file] [log] [blame]
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1/**
2 * \file des.h
Paul Bakkere0ccd0a2009-01-04 16:27:10 +0000[diff] [blame]3 *
Paul Bakkerf3b86c12011-01-27 15:24:17 +0000[diff] [blame]4 * \brief DES block cipher
Hanno Beckerbbca8c52017-09-25 14:53:51 +0100[diff] [blame]5 *
Dave Rodgmanc04515b2023-02-02 10:47:58 +0000[diff] [blame]6 * \warning DES/3DES are considered weak ciphers and their use constitutes a
Hanno Beckerbbca8c52017-09-25 14:53:51 +0100[diff] [blame]7 * security risk. We recommend considering stronger ciphers
8 * instead.
Darryl Greena40a1012018-01-05 15:33:17 +0000[diff] [blame]9 */
10/*
Bence Szépkúti1e148272020-08-07 13:07:28 +0200[diff] [blame]11 * Copyright The Mbed TLS Contributors
Dave Rodgman16799db2023-11-02 19:47:20 +0000[diff] [blame]12 * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
Paul Bakkerb96f1542010-07-18 20:36:00 +0000[diff] [blame]13 *
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]14 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]15#ifndef MBEDTLS_DES_H
16#define MBEDTLS_DES_H
Mateusz Starzyk846f0212021-05-19 19:44:07 +0200[diff] [blame]17#include "mbedtls/private_access.h"
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]18
Bence Szépkútic662b362021-05-27 11:25:03 +0200[diff] [blame]19#include "mbedtls/build_info.h"
Mateusz Starzyke35f8f62021-08-04 15:38:09 +0200[diff] [blame]20#include "mbedtls/platform_util.h"
Paul Bakker90995b52013-06-24 19:20:35 +0200[diff] [blame]21
Rich Evans00ab4702015-02-06 13:43:58 +0000[diff] [blame]22#include <stddef.h>
Manuel Pégourié-Gonnardab229102015-04-15 11:53:16 +0200[diff] [blame]23#include <stdint.h>
Paul Bakker5c2364c2012-10-01 14:41:15 +0000[diff] [blame]24
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]25#define MBEDTLS_DES_ENCRYPT 1
26#define MBEDTLS_DES_DECRYPT 0
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]27
Gilles Peskined2971572021-07-26 18:48:10 +0200[diff] [blame]28/** The data input has an invalid length. */
29#define MBEDTLS_ERR_DES_INVALID_INPUT_LENGTH -0x0032
Ron Eldor9924bdc2018-10-04 10:59:13 +0300[diff] [blame]30
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]31#define MBEDTLS_DES_KEY_SIZE 8
Paul Bakker1f87fb62011-01-15 17:32:24 +0000[diff] [blame]32
Paul Bakker407a0da2013-06-27 14:29:21 +0200[diff] [blame]33#ifdef __cplusplus
34extern "C" {
35#endif
36
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]37/**
38 * \brief DES context structure
Hanno Beckerbbca8c52017-09-25 14:53:51 +0100[diff] [blame]39 *
Dave Rodgmanc04515b2023-02-02 10:47:58 +0000[diff] [blame]40 * \warning DES/3DES are considered weak ciphers and their use constitutes a
Hanno Beckerbbca8c52017-09-25 14:53:51 +0100[diff] [blame]41 * security risk. We recommend considering stronger ciphers
42 * instead.
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]43 */
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]44typedef struct mbedtls_des_context {
Mateusz Starzyk846f0212021-05-19 19:44:07 +0200[diff] [blame]45 uint32_t MBEDTLS_PRIVATE(sk)[32]; /*!< DES subkeys */
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]46}
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]47mbedtls_des_context;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]48
49/**
50 * \brief Triple-DES context structure
Dave Rodgmanc04515b2023-02-02 10:47:58 +0000[diff] [blame]51 *
52 * \warning DES/3DES are considered weak ciphers and their use constitutes a
53 * security risk. We recommend considering stronger ciphers
54 * instead.
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]55 */
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]56typedef struct mbedtls_des3_context {
Mateusz Starzyk846f0212021-05-19 19:44:07 +0200[diff] [blame]57 uint32_t MBEDTLS_PRIVATE(sk)[96]; /*!< 3DES subkeys */
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]58}
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]59mbedtls_des3_context;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]60
Ron Eldor05d0e512018-04-16 17:40:04 +0300[diff] [blame]61
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]62/**
Paul Bakkerc7ea99a2014-06-18 11:12:03 +0200[diff] [blame]63 * \brief Initialize DES context
64 *
65 * \param ctx DES context to be initialized
Hanno Beckerbbca8c52017-09-25 14:53:51 +0100[diff] [blame]66 *
Dave Rodgmanc04515b2023-02-02 10:47:58 +0000[diff] [blame]67 * \warning DES/3DES are considered weak ciphers and their use constitutes a
Hanno Beckerbbca8c52017-09-25 14:53:51 +0100[diff] [blame]68 * security risk. We recommend considering stronger ciphers
69 * instead.
Paul Bakkerc7ea99a2014-06-18 11:12:03 +0200[diff] [blame]70 */
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]71void mbedtls_des_init(mbedtls_des_context *ctx);
Paul Bakkerc7ea99a2014-06-18 11:12:03 +0200[diff] [blame]72
73/**
74 * \brief Clear DES context
75 *
76 * \param ctx DES context to be cleared
Hanno Beckerbbca8c52017-09-25 14:53:51 +0100[diff] [blame]77 *
Dave Rodgmanc04515b2023-02-02 10:47:58 +0000[diff] [blame]78 * \warning DES/3DES are considered weak ciphers and their use constitutes a
Hanno Beckerbbca8c52017-09-25 14:53:51 +0100[diff] [blame]79 * security risk. We recommend considering stronger ciphers
80 * instead.
Paul Bakkerc7ea99a2014-06-18 11:12:03 +0200[diff] [blame]81 */
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]82void mbedtls_des_free(mbedtls_des_context *ctx);
Paul Bakkerc7ea99a2014-06-18 11:12:03 +0200[diff] [blame]83
84/**
85 * \brief Initialize Triple-DES context
86 *
87 * \param ctx DES3 context to be initialized
Dave Rodgmanc04515b2023-02-02 10:47:58 +0000[diff] [blame]88 *
89 * \warning DES/3DES are considered weak ciphers and their use constitutes a
90 * security risk. We recommend considering stronger ciphers
91 * instead.
Paul Bakkerc7ea99a2014-06-18 11:12:03 +0200[diff] [blame]92 */
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]93void mbedtls_des3_init(mbedtls_des3_context *ctx);
Paul Bakkerc7ea99a2014-06-18 11:12:03 +0200[diff] [blame]94
95/**
96 * \brief Clear Triple-DES context
97 *
98 * \param ctx DES3 context to be cleared
Dave Rodgmanc04515b2023-02-02 10:47:58 +0000[diff] [blame]99 *
100 * \warning DES/3DES are considered weak ciphers and their use constitutes a
101 * security risk. We recommend considering stronger ciphers
102 * instead.
Paul Bakkerc7ea99a2014-06-18 11:12:03 +0200[diff] [blame]103 */
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]104void mbedtls_des3_free(mbedtls_des3_context *ctx);
Paul Bakkerc7ea99a2014-06-18 11:12:03 +0200[diff] [blame]105
106/**
Paul Bakker1f87fb62011-01-15 17:32:24 +0000[diff] [blame]107 * \brief Set key parity on the given key to odd.
108 *
109 * DES keys are 56 bits long, but each byte is padded with
110 * a parity bit to allow verification.
111 *
112 * \param key 8-byte secret key
Hanno Beckerbbca8c52017-09-25 14:53:51 +0100[diff] [blame]113 *
Dave Rodgmanc04515b2023-02-02 10:47:58 +0000[diff] [blame]114 * \warning DES/3DES are considered weak ciphers and their use constitutes a
Hanno Beckerbbca8c52017-09-25 14:53:51 +0100[diff] [blame]115 * security risk. We recommend considering stronger ciphers
116 * instead.
Paul Bakker1f87fb62011-01-15 17:32:24 +0000[diff] [blame]117 */
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]118void mbedtls_des_key_set_parity(unsigned char key[MBEDTLS_DES_KEY_SIZE]);
Paul Bakker1f87fb62011-01-15 17:32:24 +0000[diff] [blame]119
120/**
121 * \brief Check that key parity on the given key is odd.
122 *
123 * DES keys are 56 bits long, but each byte is padded with
124 * a parity bit to allow verification.
125 *
126 * \param key 8-byte secret key
Paul Bakker73206952011-07-06 14:37:33 +0000[diff] [blame]127 *
128 * \return 0 is parity was ok, 1 if parity was not correct.
Hanno Beckerbbca8c52017-09-25 14:53:51 +0100[diff] [blame]129 *
Dave Rodgmanc04515b2023-02-02 10:47:58 +0000[diff] [blame]130 * \warning DES/3DES are considered weak ciphers and their use constitutes a
Hanno Beckerbbca8c52017-09-25 14:53:51 +0100[diff] [blame]131 * security risk. We recommend considering stronger ciphers
132 * instead.
Paul Bakker1f87fb62011-01-15 17:32:24 +0000[diff] [blame]133 */
Gilles Peskinee41803a2021-09-23 17:35:37 +0200[diff] [blame]134MBEDTLS_CHECK_RETURN_TYPICAL
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]135int mbedtls_des_key_check_key_parity(const unsigned char key[MBEDTLS_DES_KEY_SIZE]);
Paul Bakker1f87fb62011-01-15 17:32:24 +0000[diff] [blame]136
Paul Bakker1f87fb62011-01-15 17:32:24 +0000[diff] [blame]137/**
138 * \brief Check that key is not a weak or semi-weak DES key
139 *
140 * \param key 8-byte secret key
Paul Bakker73206952011-07-06 14:37:33 +0000[diff] [blame]141 *
Paul Bakker4793cc42011-08-17 09:40:55 +0000[diff] [blame]142 * \return 0 if no weak key was found, 1 if a weak key was identified.
Hanno Beckerbbca8c52017-09-25 14:53:51 +0100[diff] [blame]143 *
Dave Rodgmanc04515b2023-02-02 10:47:58 +0000[diff] [blame]144 * \warning DES/3DES are considered weak ciphers and their use constitutes a
Hanno Beckerbbca8c52017-09-25 14:53:51 +0100[diff] [blame]145 * security risk. We recommend considering stronger ciphers
146 * instead.
Paul Bakker1f87fb62011-01-15 17:32:24 +0000[diff] [blame]147 */
Gilles Peskinee41803a2021-09-23 17:35:37 +0200[diff] [blame]148MBEDTLS_CHECK_RETURN_TYPICAL
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]149int mbedtls_des_key_check_weak(const unsigned char key[MBEDTLS_DES_KEY_SIZE]);
Paul Bakker1f87fb62011-01-15 17:32:24 +0000[diff] [blame]150
151/**
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]152 * \brief DES key schedule (56-bit, encryption)
153 *
154 * \param ctx DES context to be initialized
155 * \param key 8-byte secret key
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]156 *
157 * \return 0
Hanno Beckerbbca8c52017-09-25 14:53:51 +0100[diff] [blame]158 *
Dave Rodgmanc04515b2023-02-02 10:47:58 +0000[diff] [blame]159 * \warning DES/3DES are considered weak ciphers and their use constitutes a
Hanno Beckerbbca8c52017-09-25 14:53:51 +0100[diff] [blame]160 * security risk. We recommend considering stronger ciphers
161 * instead.
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]162 */
Gilles Peskinee41803a2021-09-23 17:35:37 +0200[diff] [blame]163MBEDTLS_CHECK_RETURN_TYPICAL
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]164int mbedtls_des_setkey_enc(mbedtls_des_context *ctx, const unsigned char key[MBEDTLS_DES_KEY_SIZE]);
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]165
166/**
167 * \brief DES key schedule (56-bit, decryption)
168 *
169 * \param ctx DES context to be initialized
170 * \param key 8-byte secret key
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]171 *
172 * \return 0
Hanno Beckerbbca8c52017-09-25 14:53:51 +0100[diff] [blame]173 *
Dave Rodgmanc04515b2023-02-02 10:47:58 +0000[diff] [blame]174 * \warning DES/3DES are considered weak ciphers and their use constitutes a
Hanno Beckerbbca8c52017-09-25 14:53:51 +0100[diff] [blame]175 * security risk. We recommend considering stronger ciphers
176 * instead.
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]177 */
Gilles Peskinee41803a2021-09-23 17:35:37 +0200[diff] [blame]178MBEDTLS_CHECK_RETURN_TYPICAL
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]179int mbedtls_des_setkey_dec(mbedtls_des_context *ctx, const unsigned char key[MBEDTLS_DES_KEY_SIZE]);
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]180
181/**
182 * \brief Triple-DES key schedule (112-bit, encryption)
183 *
184 * \param ctx 3DES context to be initialized
185 * \param key 16-byte secret key
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]186 *
187 * \return 0
Dave Rodgmanc04515b2023-02-02 10:47:58 +0000[diff] [blame]188 *
189 * \warning DES/3DES are considered weak ciphers and their use constitutes a
190 * security risk. We recommend considering stronger ciphers
191 * instead.
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]192 */
Gilles Peskinee41803a2021-09-23 17:35:37 +0200[diff] [blame]193MBEDTLS_CHECK_RETURN_TYPICAL
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]194int mbedtls_des3_set2key_enc(mbedtls_des3_context *ctx,
195 const unsigned char key[MBEDTLS_DES_KEY_SIZE * 2]);
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]196
197/**
198 * \brief Triple-DES key schedule (112-bit, decryption)
199 *
200 * \param ctx 3DES context to be initialized
201 * \param key 16-byte secret key
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]202 *
203 * \return 0
Dave Rodgmanc04515b2023-02-02 10:47:58 +0000[diff] [blame]204 *
205 * \warning DES/3DES are considered weak ciphers and their use constitutes a
206 * security risk. We recommend considering stronger ciphers
207 * instead.
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]208 */
Gilles Peskinee41803a2021-09-23 17:35:37 +0200[diff] [blame]209MBEDTLS_CHECK_RETURN_TYPICAL
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]210int mbedtls_des3_set2key_dec(mbedtls_des3_context *ctx,
211 const unsigned char key[MBEDTLS_DES_KEY_SIZE * 2]);
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]212
213/**
214 * \brief Triple-DES key schedule (168-bit, encryption)
215 *
216 * \param ctx 3DES context to be initialized
217 * \param key 24-byte secret key
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]218 *
219 * \return 0
Dave Rodgmanc04515b2023-02-02 10:47:58 +0000[diff] [blame]220 *
221 * \warning DES/3DES are considered weak ciphers and their use constitutes a
222 * security risk. We recommend considering stronger ciphers
223 * instead.
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]224 */
Gilles Peskinee41803a2021-09-23 17:35:37 +0200[diff] [blame]225MBEDTLS_CHECK_RETURN_TYPICAL
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]226int mbedtls_des3_set3key_enc(mbedtls_des3_context *ctx,
227 const unsigned char key[MBEDTLS_DES_KEY_SIZE * 3]);
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]228
229/**
230 * \brief Triple-DES key schedule (168-bit, decryption)
231 *
232 * \param ctx 3DES context to be initialized
233 * \param key 24-byte secret key
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]234 *
235 * \return 0
Dave Rodgmanc04515b2023-02-02 10:47:58 +0000[diff] [blame]236 *
237 * \warning DES/3DES are considered weak ciphers and their use constitutes a
238 * security risk. We recommend considering stronger ciphers
239 * instead.
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]240 */
Gilles Peskinee41803a2021-09-23 17:35:37 +0200[diff] [blame]241MBEDTLS_CHECK_RETURN_TYPICAL
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]242int mbedtls_des3_set3key_dec(mbedtls_des3_context *ctx,
243 const unsigned char key[MBEDTLS_DES_KEY_SIZE * 3]);
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]244
245/**
246 * \brief DES-ECB block encryption/decryption
247 *
248 * \param ctx DES context
249 * \param input 64-bit input block
250 * \param output 64-bit output block
Paul Bakkerf3ccc682010-03-18 21:21:02 +0000[diff] [blame]251 *
Paul Bakker27caa8a2010-03-21 15:43:59 +0000[diff] [blame]252 * \return 0 if successful
Hanno Beckerbbca8c52017-09-25 14:53:51 +0100[diff] [blame]253 *
Dave Rodgmanc04515b2023-02-02 10:47:58 +0000[diff] [blame]254 * \warning DES/3DES are considered weak ciphers and their use constitutes a
Hanno Beckerbbca8c52017-09-25 14:53:51 +0100[diff] [blame]255 * security risk. We recommend considering stronger ciphers
256 * instead.
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]257 */
Gilles Peskinee41803a2021-09-23 17:35:37 +0200[diff] [blame]258MBEDTLS_CHECK_RETURN_TYPICAL
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]259int mbedtls_des_crypt_ecb(mbedtls_des_context *ctx,
260 const unsigned char input[8],
261 unsigned char output[8]);
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]262
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]263#if defined(MBEDTLS_CIPHER_MODE_CBC)
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]264/**
265 * \brief DES-CBC buffer encryption/decryption
266 *
Manuel Pégourié-Gonnard2be147a2015-01-23 16:19:47 +0000[diff] [blame]267 * \note Upon exit, the content of the IV is updated so that you can
268 * call the function same function again on the following
269 * block(s) of data and get the same result as if it was
270 * encrypted in one call. This allows a "streaming" usage.
271 * If on the other hand you need to retain the contents of the
272 * IV, you should either save it manually or use the cipher
273 * module instead.
274 *
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]275 * \param ctx DES context
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]276 * \param mode MBEDTLS_DES_ENCRYPT or MBEDTLS_DES_DECRYPT
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]277 * \param length length of the input data
278 * \param iv initialization vector (updated after use)
279 * \param input buffer holding the input data
280 * \param output buffer holding the output data
Hanno Beckerbbca8c52017-09-25 14:53:51 +0100[diff] [blame]281 *
Dave Rodgmanc04515b2023-02-02 10:47:58 +0000[diff] [blame]282 * \warning DES/3DES are considered weak ciphers and their use constitutes a
Hanno Beckerbbca8c52017-09-25 14:53:51 +0100[diff] [blame]283 * security risk. We recommend considering stronger ciphers
284 * instead.
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]285 */
Gilles Peskinee41803a2021-09-23 17:35:37 +0200[diff] [blame]286MBEDTLS_CHECK_RETURN_TYPICAL
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]287int mbedtls_des_crypt_cbc(mbedtls_des_context *ctx,
288 int mode,
289 size_t length,
290 unsigned char iv[8],
291 const unsigned char *input,
292 unsigned char *output);
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]293#endif /* MBEDTLS_CIPHER_MODE_CBC */
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]294
295/**
296 * \brief 3DES-ECB block encryption/decryption
297 *
298 * \param ctx 3DES context
299 * \param input 64-bit input block
300 * \param output 64-bit output block
Paul Bakkerf3ccc682010-03-18 21:21:02 +0000[diff] [blame]301 *
Paul Bakker27caa8a2010-03-21 15:43:59 +0000[diff] [blame]302 * \return 0 if successful
Dave Rodgmanc04515b2023-02-02 10:47:58 +0000[diff] [blame]303 *
304 * \warning DES/3DES are considered weak ciphers and their use constitutes a
305 * security risk. We recommend considering stronger ciphers
306 * instead.
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]307 */
Gilles Peskinee41803a2021-09-23 17:35:37 +0200[diff] [blame]308MBEDTLS_CHECK_RETURN_TYPICAL
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]309int mbedtls_des3_crypt_ecb(mbedtls_des3_context *ctx,
310 const unsigned char input[8],
311 unsigned char output[8]);
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]312
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]313#if defined(MBEDTLS_CIPHER_MODE_CBC)
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]314/**
315 * \brief 3DES-CBC buffer encryption/decryption
316 *
Manuel Pégourié-Gonnard2be147a2015-01-23 16:19:47 +0000[diff] [blame]317 * \note Upon exit, the content of the IV is updated so that you can
318 * call the function same function again on the following
319 * block(s) of data and get the same result as if it was
320 * encrypted in one call. This allows a "streaming" usage.
321 * If on the other hand you need to retain the contents of the
322 * IV, you should either save it manually or use the cipher
323 * module instead.
324 *
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]325 * \param ctx 3DES context
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]326 * \param mode MBEDTLS_DES_ENCRYPT or MBEDTLS_DES_DECRYPT
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]327 * \param length length of the input data
328 * \param iv initialization vector (updated after use)
329 * \param input buffer holding the input data
330 * \param output buffer holding the output data
Paul Bakkerf3ccc682010-03-18 21:21:02 +0000[diff] [blame]331 *
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]332 * \return 0 if successful, or MBEDTLS_ERR_DES_INVALID_INPUT_LENGTH
Dave Rodgmanc04515b2023-02-02 10:47:58 +0000[diff] [blame]333 *
334 * \warning DES/3DES are considered weak ciphers and their use constitutes a
335 * security risk. We recommend considering stronger ciphers
336 * instead.
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]337 */
Gilles Peskinee41803a2021-09-23 17:35:37 +0200[diff] [blame]338MBEDTLS_CHECK_RETURN_TYPICAL
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]339int mbedtls_des3_crypt_cbc(mbedtls_des3_context *ctx,
340 int mode,
341 size_t length,
342 unsigned char iv[8],
343 const unsigned char *input,
344 unsigned char *output);
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]345#endif /* MBEDTLS_CIPHER_MODE_CBC */
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]346
Manuel Pégourié-Gonnard70a50102015-05-12 15:02:45 +0200[diff] [blame]347/**
348 * \brief Internal function for key expansion.
349 * (Only exposed to allow overriding it,
350 * see MBEDTLS_DES_SETKEY_ALT)
351 *
352 * \param SK Round keys
353 * \param key Base key
Hanno Beckerbbca8c52017-09-25 14:53:51 +0100[diff] [blame]354 *
Dave Rodgmanc04515b2023-02-02 10:47:58 +0000[diff] [blame]355 * \warning DES/3DES are considered weak ciphers and their use constitutes a
Hanno Beckerbbca8c52017-09-25 14:53:51 +0100[diff] [blame]356 * security risk. We recommend considering stronger ciphers
357 * instead.
Manuel Pégourié-Gonnard70a50102015-05-12 15:02:45 +0200[diff] [blame]358 */
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]359void mbedtls_des_setkey(uint32_t SK[32],
360 const unsigned char key[MBEDTLS_DES_KEY_SIZE]);
Paul Bakker90995b52013-06-24 19:20:35 +0200[diff] [blame]361
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]362#if defined(MBEDTLS_SELF_TEST)
363
Paul Bakker9a736322012-11-14 12:39:52 +0000[diff] [blame]364/**
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]365 * \brief Checkup routine
366 *
367 * \return 0 if successful, or 1 if the test failed
368 */
Gilles Peskinee41803a2021-09-23 17:35:37 +0200[diff] [blame]369MBEDTLS_CHECK_RETURN_CRITICAL
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]370int mbedtls_des_self_test(int verbose);
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]371
Andrzej Kurekc470b6b2019-01-31 08:20:20 -0500[diff] [blame]372#endif /* MBEDTLS_SELF_TEST */
373
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]374#ifdef __cplusplus
375}
376#endif
377
378#endif /* des.h */