Google Git
Sign in
pigweed / third_party / github / ARMmbed / mbedtls / 5e0efa7ef5951d412920f0c56eb67459b4d100ad / . / library / cipher.c
blob: 8e59e62db40b606c15d792a13f70f0c44cbd1981 [file] [log] [blame]
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]1/**
2 * \file cipher.c
3 *
4 * \brief Generic cipher wrapper for PolarSSL
5 *
6 * \author Adriaan de Jong <dejong@fox-it.com>
7 *
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]8 * Copyright (C) 2006-2013, Brainspark B.V.
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]9 *
10 * This file is part of PolarSSL (http://www.polarssl.org)
11 * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
12 *
13 * All rights reserved.
14 *
15 * This program is free software; you can redistribute it and/or modify
16 * it under the terms of the GNU General Public License as published by
17 * the Free Software Foundation; either version 2 of the License, or
18 * (at your option) any later version.
19 *
20 * This program is distributed in the hope that it will be useful,
21 * but WITHOUT ANY WARRANTY; without even the implied warranty of
22 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
23 * GNU General Public License for more details.
24 *
25 * You should have received a copy of the GNU General Public License along
26 * with this program; if not, write to the Free Software Foundation, Inc.,
27 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
28 */
29
30#include "polarssl/config.h"
31
32#if defined(POLARSSL_CIPHER_C)
33
34#include "polarssl/cipher.h"
35#include "polarssl/cipher_wrap.h"
36
Manuel Pégourié-Gonnard07f8fa52013-08-30 18:34:08 +0200[diff] [blame]37#if defined(POLARSSL_GCM_C)
38#include "polarssl/gcm.h"
39#endif
40
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]41#include <stdlib.h>
42
Manuel Pégourié-Gonnardb5e85882013-08-28 16:36:14 +0200[diff] [blame]43#if defined(POLARSSL_ARC4_C) || defined(POLARSSL_CIPHER_NULL_CIPHER)
Manuel Pégourié-Gonnard37e230c2013-08-28 13:50:42 +0200[diff] [blame]44#define POLARSSL_CIPHER_MODE_STREAM
45#endif
46
Paul Bakkeraf5c85f2011-04-18 03:47:52 +0000[diff] [blame]47#if defined _MSC_VER && !defined strcasecmp
48#define strcasecmp _stricmp
49#endif
50
Paul Bakker72f62662011-01-16 21:27:44 +0000[diff] [blame]51static const int supported_ciphers[] = {
52
53#if defined(POLARSSL_AES_C)
Paul Bakker5e0efa72013-09-08 23:04:04 +0200[diff] [blame^]54 POLARSSL_CIPHER_AES_128_ECB,
55 POLARSSL_CIPHER_AES_192_ECB,
56 POLARSSL_CIPHER_AES_256_ECB,
Paul Bakker72f62662011-01-16 21:27:44 +0000[diff] [blame]57 POLARSSL_CIPHER_AES_128_CBC,
58 POLARSSL_CIPHER_AES_192_CBC,
59 POLARSSL_CIPHER_AES_256_CBC,
Paul Bakker343a8702011-06-09 14:27:58 +0000[diff] [blame]60
61#if defined(POLARSSL_CIPHER_MODE_CFB)
62 POLARSSL_CIPHER_AES_128_CFB128,
63 POLARSSL_CIPHER_AES_192_CFB128,
64 POLARSSL_CIPHER_AES_256_CFB128,
65#endif /* defined(POLARSSL_CIPHER_MODE_CFB) */
66
67#if defined(POLARSSL_CIPHER_MODE_CTR)
68 POLARSSL_CIPHER_AES_128_CTR,
69 POLARSSL_CIPHER_AES_192_CTR,
70 POLARSSL_CIPHER_AES_256_CTR,
71#endif /* defined(POLARSSL_CIPHER_MODE_CTR) */
72
Manuel Pégourié-Gonnard83f3fc02013-09-04 12:07:24 +0200[diff] [blame]73#if defined(POLARSSL_GCM_C)
74 POLARSSL_CIPHER_AES_128_GCM,
75 POLARSSL_CIPHER_AES_192_GCM,
76 POLARSSL_CIPHER_AES_256_GCM,
77#endif /* defined(POLARSSL_GCM_C) */
78
Paul Bakker72f62662011-01-16 21:27:44 +0000[diff] [blame]79#endif /* defined(POLARSSL_AES_C) */
80
Manuel Pégourié-Gonnard37e230c2013-08-28 13:50:42 +0200[diff] [blame]81#if defined(POLARSSL_ARC4_C)
82 POLARSSL_CIPHER_ARC4_128,
83#endif
84
Paul Bakker72f62662011-01-16 21:27:44 +0000[diff] [blame]85#if defined(POLARSSL_CAMELLIA_C)
Paul Bakker5e0efa72013-09-08 23:04:04 +0200[diff] [blame^]86 POLARSSL_CIPHER_CAMELLIA_128_ECB,
87 POLARSSL_CIPHER_CAMELLIA_192_ECB,
88 POLARSSL_CIPHER_CAMELLIA_256_ECB,
Paul Bakker72f62662011-01-16 21:27:44 +0000[diff] [blame]89 POLARSSL_CIPHER_CAMELLIA_128_CBC,
90 POLARSSL_CIPHER_CAMELLIA_192_CBC,
91 POLARSSL_CIPHER_CAMELLIA_256_CBC,
Paul Bakker343a8702011-06-09 14:27:58 +0000[diff] [blame]92
93#if defined(POLARSSL_CIPHER_MODE_CFB)
94 POLARSSL_CIPHER_CAMELLIA_128_CFB128,
95 POLARSSL_CIPHER_CAMELLIA_192_CFB128,
96 POLARSSL_CIPHER_CAMELLIA_256_CFB128,
97#endif /* defined(POLARSSL_CIPHER_MODE_CFB) */
98
99#if defined(POLARSSL_CIPHER_MODE_CTR)
100 POLARSSL_CIPHER_CAMELLIA_128_CTR,
101 POLARSSL_CIPHER_CAMELLIA_192_CTR,
102 POLARSSL_CIPHER_CAMELLIA_256_CTR,
103#endif /* defined(POLARSSL_CIPHER_MODE_CTR) */
104
Paul Bakker72f62662011-01-16 21:27:44 +0000[diff] [blame]105#endif /* defined(POLARSSL_CAMELLIA_C) */
106
107#if defined(POLARSSL_DES_C)
Paul Bakker5e0efa72013-09-08 23:04:04 +0200[diff] [blame^]108 POLARSSL_CIPHER_DES_ECB,
109 POLARSSL_CIPHER_DES_EDE_ECB,
110 POLARSSL_CIPHER_DES_EDE3_ECB,
Paul Bakker72f62662011-01-16 21:27:44 +0000[diff] [blame]111 POLARSSL_CIPHER_DES_CBC,
112 POLARSSL_CIPHER_DES_EDE_CBC,
113 POLARSSL_CIPHER_DES_EDE3_CBC,
114#endif /* defined(POLARSSL_DES_C) */
115
Paul Bakker6132d0a2012-07-04 17:10:40 +0000[diff] [blame]116#if defined(POLARSSL_BLOWFISH_C)
Paul Bakker5e0efa72013-09-08 23:04:04 +0200[diff] [blame^]117 POLARSSL_CIPHER_BLOWFISH_ECB,
Paul Bakker6132d0a2012-07-04 17:10:40 +0000[diff] [blame]118 POLARSSL_CIPHER_BLOWFISH_CBC,
119
120#if defined(POLARSSL_CIPHER_MODE_CFB)
121 POLARSSL_CIPHER_BLOWFISH_CFB64,
122#endif /* defined(POLARSSL_CIPHER_MODE_CFB) */
123
124#if defined(POLARSSL_CIPHER_MODE_CTR)
125 POLARSSL_CIPHER_BLOWFISH_CTR,
126#endif /* defined(POLARSSL_CIPHER_MODE_CTR) */
127
128#endif /* defined(POLARSSL_BLOWFISH_C) */
129
Paul Bakkerfab5c822012-02-06 16:45:10 +0000[diff] [blame]130#if defined(POLARSSL_CIPHER_NULL_CIPHER)
131 POLARSSL_CIPHER_NULL,
132#endif /* defined(POLARSSL_CIPHER_NULL_CIPHER) */
133
Paul Bakker72f62662011-01-16 21:27:44 +0000[diff] [blame]134 0
135};
136
137const int *cipher_list( void )
138{
139 return supported_ciphers;
140}
141
Paul Bakkerec1b9842012-01-14 18:24:43 +0000[diff] [blame]142const cipher_info_t *cipher_info_from_type( const cipher_type_t cipher_type )
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]143{
144 /* Find static cipher information */
145 switch ( cipher_type )
146 {
147#if defined(POLARSSL_AES_C)
Paul Bakker5e0efa72013-09-08 23:04:04 +0200[diff] [blame^]148 case POLARSSL_CIPHER_AES_128_ECB:
149 return &aes_128_ecb_info;
150 case POLARSSL_CIPHER_AES_192_ECB:
151 return &aes_192_ecb_info;
152 case POLARSSL_CIPHER_AES_256_ECB:
153 return &aes_256_ecb_info;
154
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]155 case POLARSSL_CIPHER_AES_128_CBC:
156 return &aes_128_cbc_info;
157 case POLARSSL_CIPHER_AES_192_CBC:
158 return &aes_192_cbc_info;
159 case POLARSSL_CIPHER_AES_256_CBC:
160 return &aes_256_cbc_info;
Paul Bakker343a8702011-06-09 14:27:58 +0000[diff] [blame]161
162#if defined(POLARSSL_CIPHER_MODE_CFB)
163 case POLARSSL_CIPHER_AES_128_CFB128:
164 return &aes_128_cfb128_info;
165 case POLARSSL_CIPHER_AES_192_CFB128:
166 return &aes_192_cfb128_info;
167 case POLARSSL_CIPHER_AES_256_CFB128:
168 return &aes_256_cfb128_info;
169#endif /* defined(POLARSSL_CIPHER_MODE_CFB) */
170
171#if defined(POLARSSL_CIPHER_MODE_CTR)
172 case POLARSSL_CIPHER_AES_128_CTR:
173 return &aes_128_ctr_info;
174 case POLARSSL_CIPHER_AES_192_CTR:
175 return &aes_192_ctr_info;
176 case POLARSSL_CIPHER_AES_256_CTR:
177 return &aes_256_ctr_info;
178#endif /* defined(POLARSSL_CIPHER_MODE_CTR) */
179
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]180#if defined(POLARSSL_GCM_C)
181 case POLARSSL_CIPHER_AES_128_GCM:
182 return &aes_128_gcm_info;
Manuel Pégourié-Gonnard83f3fc02013-09-04 12:07:24 +0200[diff] [blame]183 case POLARSSL_CIPHER_AES_192_GCM:
184 return &aes_192_gcm_info;
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]185 case POLARSSL_CIPHER_AES_256_GCM:
186 return &aes_256_gcm_info;
187#endif /* defined(POLARSSL_GCM_C) */
188
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]189#endif
190
191#if defined(POLARSSL_CAMELLIA_C)
Paul Bakker5e0efa72013-09-08 23:04:04 +0200[diff] [blame^]192 case POLARSSL_CIPHER_CAMELLIA_128_ECB:
193 return &camellia_128_ecb_info;
194 case POLARSSL_CIPHER_CAMELLIA_192_ECB:
195 return &camellia_192_ecb_info;
196 case POLARSSL_CIPHER_CAMELLIA_256_ECB:
197 return &camellia_256_ecb_info;
198
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]199 case POLARSSL_CIPHER_CAMELLIA_128_CBC:
200 return &camellia_128_cbc_info;
201 case POLARSSL_CIPHER_CAMELLIA_192_CBC:
202 return &camellia_192_cbc_info;
203 case POLARSSL_CIPHER_CAMELLIA_256_CBC:
204 return &camellia_256_cbc_info;
Paul Bakker343a8702011-06-09 14:27:58 +0000[diff] [blame]205
206#if defined(POLARSSL_CIPHER_MODE_CFB)
207 case POLARSSL_CIPHER_CAMELLIA_128_CFB128:
208 return &camellia_128_cfb128_info;
209 case POLARSSL_CIPHER_CAMELLIA_192_CFB128:
210 return &camellia_192_cfb128_info;
211 case POLARSSL_CIPHER_CAMELLIA_256_CFB128:
212 return &camellia_256_cfb128_info;
213#endif /* defined(POLARSSL_CIPHER_MODE_CFB) */
214
215#if defined(POLARSSL_CIPHER_MODE_CTR)
216 case POLARSSL_CIPHER_CAMELLIA_128_CTR:
217 return &camellia_128_ctr_info;
218 case POLARSSL_CIPHER_CAMELLIA_192_CTR:
219 return &camellia_192_ctr_info;
220 case POLARSSL_CIPHER_CAMELLIA_256_CTR:
221 return &camellia_256_ctr_info;
222#endif /* defined(POLARSSL_CIPHER_MODE_CTR) */
223
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]224#endif
225
226#if defined(POLARSSL_DES_C)
Paul Bakker5e0efa72013-09-08 23:04:04 +0200[diff] [blame^]227 case POLARSSL_CIPHER_DES_ECB:
228 return &des_ecb_info;
229 case POLARSSL_CIPHER_DES_EDE_ECB:
230 return &des_ede_ecb_info;
231 case POLARSSL_CIPHER_DES_EDE3_ECB:
232 return &des_ede3_ecb_info;
233
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]234 case POLARSSL_CIPHER_DES_CBC:
235 return &des_cbc_info;
236 case POLARSSL_CIPHER_DES_EDE_CBC:
237 return &des_ede_cbc_info;
238 case POLARSSL_CIPHER_DES_EDE3_CBC:
239 return &des_ede3_cbc_info;
240#endif
241
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]242#if defined(POLARSSL_ARC4_C)
243 case POLARSSL_CIPHER_ARC4_128:
244 return &arc4_128_info;
245#endif
246
Paul Bakker6132d0a2012-07-04 17:10:40 +0000[diff] [blame]247#if defined(POLARSSL_BLOWFISH_C)
Paul Bakker5e0efa72013-09-08 23:04:04 +0200[diff] [blame^]248 case POLARSSL_CIPHER_BLOWFISH_ECB:
249 return &blowfish_ecb_info;
250
Paul Bakker6132d0a2012-07-04 17:10:40 +0000[diff] [blame]251 case POLARSSL_CIPHER_BLOWFISH_CBC:
252 return &blowfish_cbc_info;
253
254#if defined(POLARSSL_CIPHER_MODE_CFB)
255 case POLARSSL_CIPHER_BLOWFISH_CFB64:
256 return &blowfish_cfb64_info;
257#endif /* defined(POLARSSL_CIPHER_MODE_CFB) */
258
259#if defined(POLARSSL_CIPHER_MODE_CTR)
260 case POLARSSL_CIPHER_BLOWFISH_CTR:
261 return &blowfish_ctr_info;
262#endif /* defined(POLARSSL_CIPHER_MODE_CTR) */
263
264#endif
265
Paul Bakkerfab5c822012-02-06 16:45:10 +0000[diff] [blame]266#if defined(POLARSSL_CIPHER_NULL_CIPHER)
267 case POLARSSL_CIPHER_NULL:
268 return &null_cipher_info;
269#endif /* defined(POLARSSL_CIPHER_NULL_CIPHER) */
270
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]271 default:
272 return NULL;
273 }
274}
275
276const cipher_info_t *cipher_info_from_string( const char *cipher_name )
277{
278 if( NULL == cipher_name )
279 return NULL;
280
Paul Bakker343a8702011-06-09 14:27:58 +0000[diff] [blame]281 /* Get the appropriate cipher information */
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]282#if defined(POLARSSL_CAMELLIA_C)
283 if( !strcasecmp( "CAMELLIA-128-CBC", cipher_name ) )
284 return cipher_info_from_type( POLARSSL_CIPHER_CAMELLIA_128_CBC );
285 if( !strcasecmp( "CAMELLIA-192-CBC", cipher_name ) )
286 return cipher_info_from_type( POLARSSL_CIPHER_CAMELLIA_192_CBC );
287 if( !strcasecmp( "CAMELLIA-256-CBC", cipher_name ) )
288 return cipher_info_from_type( POLARSSL_CIPHER_CAMELLIA_256_CBC );
Paul Bakker343a8702011-06-09 14:27:58 +0000[diff] [blame]289
290#if defined(POLARSSL_CIPHER_MODE_CFB)
291 if( !strcasecmp( "CAMELLIA-128-CFB128", cipher_name ) )
292 return cipher_info_from_type( POLARSSL_CIPHER_CAMELLIA_128_CFB128 );
293 if( !strcasecmp( "CAMELLIA-192-CFB128", cipher_name ) )
294 return cipher_info_from_type( POLARSSL_CIPHER_CAMELLIA_192_CFB128 );
295 if( !strcasecmp( "CAMELLIA-256-CFB128", cipher_name ) )
296 return cipher_info_from_type( POLARSSL_CIPHER_CAMELLIA_256_CFB128 );
297#endif /* defined(POLARSSL_CIPHER_MODE_CFB) */
298
299#if defined(POLARSSL_CIPHER_MODE_CTR)
300 if( !strcasecmp( "CAMELLIA-128-CTR", cipher_name ) )
301 return cipher_info_from_type( POLARSSL_CIPHER_CAMELLIA_128_CTR );
302 if( !strcasecmp( "CAMELLIA-192-CTR", cipher_name ) )
303 return cipher_info_from_type( POLARSSL_CIPHER_CAMELLIA_192_CTR );
304 if( !strcasecmp( "CAMELLIA-256-CTR", cipher_name ) )
305 return cipher_info_from_type( POLARSSL_CIPHER_CAMELLIA_256_CTR );
306#endif /* defined(POLARSSL_CIPHER_MODE_CTR) */
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]307#endif
Paul Bakker343a8702011-06-09 14:27:58 +0000[diff] [blame]308
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]309#if defined(POLARSSL_AES_C)
310 if( !strcasecmp( "AES-128-CBC", cipher_name ) )
311 return cipher_info_from_type( POLARSSL_CIPHER_AES_128_CBC );
312 if( !strcasecmp( "AES-192-CBC", cipher_name ) )
313 return cipher_info_from_type( POLARSSL_CIPHER_AES_192_CBC );
314 if( !strcasecmp( "AES-256-CBC", cipher_name ) )
315 return cipher_info_from_type( POLARSSL_CIPHER_AES_256_CBC );
Paul Bakker343a8702011-06-09 14:27:58 +0000[diff] [blame]316
317#if defined(POLARSSL_CIPHER_MODE_CFB)
318 if( !strcasecmp( "AES-128-CFB128", cipher_name ) )
319 return cipher_info_from_type( POLARSSL_CIPHER_AES_128_CFB128 );
320 if( !strcasecmp( "AES-192-CFB128", cipher_name ) )
321 return cipher_info_from_type( POLARSSL_CIPHER_AES_192_CFB128 );
322 if( !strcasecmp( "AES-256-CFB128", cipher_name ) )
323 return cipher_info_from_type( POLARSSL_CIPHER_AES_256_CFB128 );
324#endif /* defined(POLARSSL_CIPHER_MODE_CFB) */
325
326#if defined(POLARSSL_CIPHER_MODE_CTR)
327 if( !strcasecmp( "AES-128-CTR", cipher_name ) )
328 return cipher_info_from_type( POLARSSL_CIPHER_AES_128_CTR );
329 if( !strcasecmp( "AES-192-CTR", cipher_name ) )
330 return cipher_info_from_type( POLARSSL_CIPHER_AES_192_CTR );
331 if( !strcasecmp( "AES-256-CTR", cipher_name ) )
332 return cipher_info_from_type( POLARSSL_CIPHER_AES_256_CTR );
333#endif /* defined(POLARSSL_CIPHER_MODE_CTR) */
Manuel Pégourié-Gonnard07f8fa52013-08-30 18:34:08 +0200[diff] [blame]334
335#if defined(POLARSSL_GCM_C)
336 if( !strcasecmp( "AES-128-GCM", cipher_name ) )
337 return cipher_info_from_type( POLARSSL_CIPHER_AES_128_GCM );
Manuel Pégourié-Gonnard83f3fc02013-09-04 12:07:24 +0200[diff] [blame]338 if( !strcasecmp( "AES-192-GCM", cipher_name ) )
339 return cipher_info_from_type( POLARSSL_CIPHER_AES_192_GCM );
Manuel Pégourié-Gonnard07f8fa52013-08-30 18:34:08 +0200[diff] [blame]340 if( !strcasecmp( "AES-256-GCM", cipher_name ) )
341 return cipher_info_from_type( POLARSSL_CIPHER_AES_256_GCM );
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]342#endif
Manuel Pégourié-Gonnard07f8fa52013-08-30 18:34:08 +0200[diff] [blame]343#endif /* POLARSSL_AES_C */
Paul Bakker343a8702011-06-09 14:27:58 +0000[diff] [blame]344
Manuel Pégourié-Gonnard37e230c2013-08-28 13:50:42 +0200[diff] [blame]345#if defined(POLARSSL_ARC4_C)
346 if( !strcasecmp( "ARC4-128", cipher_name ) )
347 return( cipher_info_from_type( POLARSSL_CIPHER_ARC4_128 ) );
348#endif
349
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]350#if defined(POLARSSL_DES_C)
351 if( !strcasecmp( "DES-CBC", cipher_name ) )
352 return cipher_info_from_type( POLARSSL_CIPHER_DES_CBC );
353 if( !strcasecmp( "DES-EDE-CBC", cipher_name ) )
354 return cipher_info_from_type( POLARSSL_CIPHER_DES_EDE_CBC );
355 if( !strcasecmp( "DES-EDE3-CBC", cipher_name ) )
356 return cipher_info_from_type( POLARSSL_CIPHER_DES_EDE3_CBC );
357#endif
Paul Bakkerfab5c822012-02-06 16:45:10 +0000[diff] [blame]358
Paul Bakker6132d0a2012-07-04 17:10:40 +0000[diff] [blame]359#if defined(POLARSSL_BLOWFISH_C)
360 if( !strcasecmp( "BLOWFISH-CBC", cipher_name ) )
361 return cipher_info_from_type( POLARSSL_CIPHER_BLOWFISH_CBC );
362
363#if defined(POLARSSL_CIPHER_MODE_CFB)
364 if( !strcasecmp( "BLOWFISH-CFB64", cipher_name ) )
365 return cipher_info_from_type( POLARSSL_CIPHER_BLOWFISH_CFB64 );
366#endif /* defined(POLARSSL_CIPHER_MODE_CFB) */
367
368#if defined(POLARSSL_CIPHER_MODE_CTR)
369 if( !strcasecmp( "BLOWFISH-CTR", cipher_name ) )
370 return cipher_info_from_type( POLARSSL_CIPHER_BLOWFISH_CTR );
371#endif /* defined(POLARSSL_CIPHER_MODE_CTR) */
372#endif
373
Paul Bakkerfab5c822012-02-06 16:45:10 +0000[diff] [blame]374#if defined(POLARSSL_CIPHER_NULL_CIPHER)
375 if( !strcasecmp( "NULL", cipher_name ) )
376 return cipher_info_from_type( POLARSSL_CIPHER_NULL );
377#endif /* defined(POLARSSL_CIPHER_NULL_CIPHER) */
378
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]379 return NULL;
380}
381
382int cipher_init_ctx( cipher_context_t *ctx, const cipher_info_t *cipher_info )
383{
384 if( NULL == cipher_info || NULL == ctx )
Paul Bakkerff61a782011-06-09 15:42:02 +0000[diff] [blame]385 return POLARSSL_ERR_CIPHER_BAD_INPUT_DATA;
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]386
Paul Bakker279432a2012-04-26 10:09:35 +0000[diff] [blame]387 memset( ctx, 0, sizeof( cipher_context_t ) );
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]388
Paul Bakker343a8702011-06-09 14:27:58 +0000[diff] [blame]389 if( NULL == ( ctx->cipher_ctx = cipher_info->base->ctx_alloc_func() ) )
Paul Bakkerff61a782011-06-09 15:42:02 +0000[diff] [blame]390 return POLARSSL_ERR_CIPHER_ALLOC_FAILED;
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]391
392 ctx->cipher_info = cipher_info;
393
Manuel Pégourié-Gonnardac56a1a2013-07-25 12:31:10 +0200[diff] [blame]394 /*
395 * Ignore possible errors caused by a cipher mode that doesn't use padding
396 */
Paul Bakker48e93c82013-08-14 12:21:18 +0200[diff] [blame]397#if defined(POLARSSL_CIPHER_PADDING_PKCS7)
Manuel Pégourié-Gonnardac56a1a2013-07-25 12:31:10 +0200[diff] [blame]398 (void) cipher_set_padding_mode( ctx, POLARSSL_PADDING_PKCS7 );
Paul Bakker48e93c82013-08-14 12:21:18 +0200[diff] [blame]399#else
400 (void) cipher_set_padding_mode( ctx, POLARSSL_PADDING_NONE );
401#endif
Manuel Pégourié-Gonnardac56a1a2013-07-25 12:31:10 +0200[diff] [blame]402
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]403 return 0;
404}
405
406int cipher_free_ctx( cipher_context_t *ctx )
407{
408 if( ctx == NULL || ctx->cipher_info == NULL )
Paul Bakkerff61a782011-06-09 15:42:02 +0000[diff] [blame]409 return POLARSSL_ERR_CIPHER_BAD_INPUT_DATA;
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]410
Paul Bakker343a8702011-06-09 14:27:58 +0000[diff] [blame]411 ctx->cipher_info->base->ctx_free_func( ctx->cipher_ctx );
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]412
413 return 0;
414}
415
416int cipher_setkey( cipher_context_t *ctx, const unsigned char *key,
417 int key_length, const operation_t operation )
418{
419 if( NULL == ctx || NULL == ctx->cipher_info )
Paul Bakkerff61a782011-06-09 15:42:02 +0000[diff] [blame]420 return POLARSSL_ERR_CIPHER_BAD_INPUT_DATA;
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]421
422 ctx->key_length = key_length;
423 ctx->operation = operation;
424
Paul Bakker343a8702011-06-09 14:27:58 +0000[diff] [blame]425 /*
Paul Bakker6132d0a2012-07-04 17:10:40 +0000[diff] [blame]426 * For CFB and CTR mode always use the encryption key schedule
Paul Bakker343a8702011-06-09 14:27:58 +0000[diff] [blame]427 */
428 if( POLARSSL_ENCRYPT == operation ||
Paul Bakker6132d0a2012-07-04 17:10:40 +0000[diff] [blame]429 POLARSSL_MODE_CFB == ctx->cipher_info->mode ||
Paul Bakker343a8702011-06-09 14:27:58 +0000[diff] [blame]430 POLARSSL_MODE_CTR == ctx->cipher_info->mode )
431 {
432 return ctx->cipher_info->base->setkey_enc_func( ctx->cipher_ctx, key,
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]433 ctx->key_length );
Paul Bakker343a8702011-06-09 14:27:58 +0000[diff] [blame]434 }
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]435
Paul Bakker343a8702011-06-09 14:27:58 +0000[diff] [blame]436 if( POLARSSL_DECRYPT == operation )
437 return ctx->cipher_info->base->setkey_dec_func( ctx->cipher_ctx, key,
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]438 ctx->key_length );
439
Paul Bakkerff61a782011-06-09 15:42:02 +0000[diff] [blame]440 return POLARSSL_ERR_CIPHER_BAD_INPUT_DATA;
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]441}
442
Manuel Pégourié-Gonnard9c853b92013-09-03 13:04:44 +0200[diff] [blame]443int cipher_set_iv( cipher_context_t *ctx,
444 const unsigned char *iv, size_t iv_len )
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]445{
Manuel Pégourié-Gonnarda235b5b2013-09-03 13:25:52 +0200[diff] [blame]446 size_t actual_iv_size;
Manuel Pégourié-Gonnard9c853b92013-09-03 13:04:44 +0200[diff] [blame]447
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]448 if( NULL == ctx || NULL == ctx->cipher_info || NULL == iv )
Paul Bakkerff61a782011-06-09 15:42:02 +0000[diff] [blame]449 return POLARSSL_ERR_CIPHER_BAD_INPUT_DATA;
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]450
Manuel Pégourié-Gonnarda235b5b2013-09-03 13:25:52 +0200[diff] [blame]451 if( ctx->cipher_info->accepts_variable_iv_size )
452 actual_iv_size = iv_len;
453 else
454 actual_iv_size = ctx->cipher_info->iv_size;
Manuel Pégourié-Gonnard9c853b92013-09-03 13:04:44 +0200[diff] [blame]455
Manuel Pégourié-Gonnarda235b5b2013-09-03 13:25:52 +0200[diff] [blame]456 memcpy( ctx->iv, iv, actual_iv_size );
457 ctx->iv_size = actual_iv_size;
Manuel Pégourié-Gonnard9c853b92013-09-03 13:04:44 +0200[diff] [blame]458
459 return 0;
460}
461
Manuel Pégourié-Gonnard2adc40c2013-09-03 13:54:12 +0200[diff] [blame]462int cipher_reset( cipher_context_t *ctx )
Manuel Pégourié-Gonnard9c853b92013-09-03 13:04:44 +0200[diff] [blame]463{
Manuel Pégourié-Gonnard2adc40c2013-09-03 13:54:12 +0200[diff] [blame]464 if( NULL == ctx || NULL == ctx->cipher_info )
465 return POLARSSL_ERR_CIPHER_BAD_INPUT_DATA;
466
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]467 ctx->unprocessed_len = 0;
468
Manuel Pégourié-Gonnard2adc40c2013-09-03 13:54:12 +0200[diff] [blame]469 return 0;
470}
471
Manuel Pégourié-Gonnard43a47802013-09-03 16:35:53 +0200[diff] [blame]472#if defined(POLARSSL_CIPHER_MODE_AEAD)
Manuel Pégourié-Gonnard2adc40c2013-09-03 13:54:12 +0200[diff] [blame]473int cipher_update_ad( cipher_context_t *ctx,
474 const unsigned char *ad, size_t ad_len )
475{
476 if( NULL == ctx || NULL == ctx->cipher_info )
477 return POLARSSL_ERR_CIPHER_BAD_INPUT_DATA;
478
Manuel Pégourié-Gonnard07f8fa52013-08-30 18:34:08 +0200[diff] [blame]479#if defined(POLARSSL_GCM_C)
480 if( POLARSSL_MODE_GCM == ctx->cipher_info->mode )
481 {
Manuel Pégourié-Gonnard07f8fa52013-08-30 18:34:08 +0200[diff] [blame]482 return gcm_starts( ctx->cipher_ctx, ctx->operation,
Manuel Pégourié-Gonnard9c853b92013-09-03 13:04:44 +0200[diff] [blame]483 ctx->iv, ctx->iv_size, ad, ad_len );
Manuel Pégourié-Gonnard07f8fa52013-08-30 18:34:08 +0200[diff] [blame]484 }
485#endif
486
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]487 return 0;
488}
Manuel Pégourié-Gonnard43a47802013-09-03 16:35:53 +0200[diff] [blame]489#endif /* POLARSSL_CIPHER_MODE_AEAD */
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]490
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]491int cipher_update( cipher_context_t *ctx, const unsigned char *input, size_t ilen,
492 unsigned char *output, size_t *olen )
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]493{
Paul Bakkerff61a782011-06-09 15:42:02 +0000[diff] [blame]494 int ret;
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]495 size_t copy_len = 0;
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]496
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]497 *olen = 0;
498
499 if( NULL == ctx || NULL == ctx->cipher_info || NULL == olen )
Paul Bakkera885d682011-01-20 16:35:05 +0000[diff] [blame]500 {
Paul Bakkerff61a782011-06-09 15:42:02 +0000[diff] [blame]501 return POLARSSL_ERR_CIPHER_BAD_INPUT_DATA;
Paul Bakkera885d682011-01-20 16:35:05 +0000[diff] [blame]502 }
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]503
Paul Bakker5e0efa72013-09-08 23:04:04 +0200[diff] [blame^]504 if( ctx->cipher_info->mode == POLARSSL_MODE_ECB )
505 {
506 if( ilen != cipher_get_block_size( ctx ) )
507 return POLARSSL_ERR_CIPHER_FULL_BLOCK_EXPECTED;
508
509 *olen = ilen;
510
511 if( 0 != ( ret = ctx->cipher_info->base->ecb_func( ctx->cipher_ctx,
512 ctx->operation, input, output ) ) )
513 {
514 return ret;
515 }
516
517 return 0;
518 }
519
Manuel Pégourié-Gonnardb8bd5932013-09-05 13:38:15 +0200[diff] [blame]520#if defined(POLARSSL_GCM_C)
Paul Bakker5e0efa72013-09-08 23:04:04 +0200[diff] [blame^]521 if( ctx->cipher_info->mode == POLARSSL_MODE_GCM )
Manuel Pégourié-Gonnardb8bd5932013-09-05 13:38:15 +0200[diff] [blame]522 {
523 *olen = ilen;
524 return gcm_update( ctx->cipher_ctx, ilen, input, output );
525 }
526#endif
527
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]528 if( input == output &&
529 ( ctx->unprocessed_len != 0 || ilen % cipher_get_block_size( ctx ) ) )
530 {
531 return POLARSSL_ERR_CIPHER_BAD_INPUT_DATA;
532 }
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]533
Manuel Pégourié-Gonnardb8bd5932013-09-05 13:38:15 +0200[diff] [blame]534 if( ctx->cipher_info->mode == POLARSSL_MODE_CBC )
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]535 {
536 /*
537 * If there is not enough data for a full block, cache it.
538 */
539 if( ( ctx->operation == POLARSSL_DECRYPT &&
540 ilen + ctx->unprocessed_len <= cipher_get_block_size( ctx ) ) ||
541 ( ctx->operation == POLARSSL_ENCRYPT &&
542 ilen + ctx->unprocessed_len < cipher_get_block_size( ctx ) ) )
543 {
544 memcpy( &( ctx->unprocessed_data[ctx->unprocessed_len] ), input,
545 ilen );
546
547 ctx->unprocessed_len += ilen;
548 return 0;
549 }
550
551 /*
552 * Process cached data first
553 */
554 if( ctx->unprocessed_len != 0 )
555 {
556 copy_len = cipher_get_block_size( ctx ) - ctx->unprocessed_len;
557
558 memcpy( &( ctx->unprocessed_data[ctx->unprocessed_len] ), input,
559 copy_len );
560
Paul Bakkerff61a782011-06-09 15:42:02 +0000[diff] [blame]561 if( 0 != ( ret = ctx->cipher_info->base->cbc_func( ctx->cipher_ctx,
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]562 ctx->operation, cipher_get_block_size( ctx ), ctx->iv,
Paul Bakkerff61a782011-06-09 15:42:02 +0000[diff] [blame]563 ctx->unprocessed_data, output ) ) )
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]564 {
Paul Bakkerff61a782011-06-09 15:42:02 +0000[diff] [blame]565 return ret;
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]566 }
567
568 *olen += cipher_get_block_size( ctx );
569 output += cipher_get_block_size( ctx );
570 ctx->unprocessed_len = 0;
571
572 input += copy_len;
573 ilen -= copy_len;
574 }
575
576 /*
577 * Cache final, incomplete block
578 */
579 if( 0 != ilen )
580 {
581 copy_len = ilen % cipher_get_block_size( ctx );
582 if( copy_len == 0 && ctx->operation == POLARSSL_DECRYPT )
583 copy_len = cipher_get_block_size(ctx);
584
585 memcpy( ctx->unprocessed_data, &( input[ilen - copy_len] ),
586 copy_len );
587
588 ctx->unprocessed_len += copy_len;
589 ilen -= copy_len;
590 }
591
592 /*
593 * Process remaining full blocks
594 */
595 if( ilen )
596 {
Paul Bakkerff61a782011-06-09 15:42:02 +0000[diff] [blame]597 if( 0 != ( ret = ctx->cipher_info->base->cbc_func( ctx->cipher_ctx,
598 ctx->operation, ilen, ctx->iv, input, output ) ) )
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]599 {
Paul Bakkerff61a782011-06-09 15:42:02 +0000[diff] [blame]600 return ret;
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]601 }
Manuel Pégourié-Gonnard07f8fa52013-08-30 18:34:08 +0200[diff] [blame]602
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]603 *olen += ilen;
604 }
605
606 return 0;
607 }
608
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]609#if defined(POLARSSL_CIPHER_MODE_CFB)
Paul Bakker6132d0a2012-07-04 17:10:40 +0000[diff] [blame]610 if( ctx->cipher_info->mode == POLARSSL_MODE_CFB )
Paul Bakker343a8702011-06-09 14:27:58 +0000[diff] [blame]611 {
Paul Bakker6132d0a2012-07-04 17:10:40 +0000[diff] [blame]612 if( 0 != ( ret = ctx->cipher_info->base->cfb_func( ctx->cipher_ctx,
Paul Bakker343a8702011-06-09 14:27:58 +0000[diff] [blame]613 ctx->operation, ilen, &ctx->unprocessed_len, ctx->iv,
Paul Bakkerff61a782011-06-09 15:42:02 +0000[diff] [blame]614 input, output ) ) )
Paul Bakker343a8702011-06-09 14:27:58 +0000[diff] [blame]615 {
Paul Bakkerff61a782011-06-09 15:42:02 +0000[diff] [blame]616 return ret;
Paul Bakker343a8702011-06-09 14:27:58 +0000[diff] [blame]617 }
618
619 *olen = ilen;
620
621 return 0;
622 }
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]623#endif
Paul Bakker343a8702011-06-09 14:27:58 +0000[diff] [blame]624
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]625#if defined(POLARSSL_CIPHER_MODE_CTR)
Paul Bakker343a8702011-06-09 14:27:58 +0000[diff] [blame]626 if( ctx->cipher_info->mode == POLARSSL_MODE_CTR )
627 {
Paul Bakkerff61a782011-06-09 15:42:02 +0000[diff] [blame]628 if( 0 != ( ret = ctx->cipher_info->base->ctr_func( ctx->cipher_ctx,
Paul Bakker343a8702011-06-09 14:27:58 +0000[diff] [blame]629 ilen, &ctx->unprocessed_len, ctx->iv,
Paul Bakkerff61a782011-06-09 15:42:02 +0000[diff] [blame]630 ctx->unprocessed_data, input, output ) ) )
Paul Bakker343a8702011-06-09 14:27:58 +0000[diff] [blame]631 {
Paul Bakkerff61a782011-06-09 15:42:02 +0000[diff] [blame]632 return ret;
Paul Bakker343a8702011-06-09 14:27:58 +0000[diff] [blame]633 }
634
635 *olen = ilen;
636
637 return 0;
638 }
Paul Bakker68884e32013-01-07 18:20:04 +0100[diff] [blame]639#endif
Paul Bakker343a8702011-06-09 14:27:58 +0000[diff] [blame]640
Manuel Pégourié-Gonnard37e230c2013-08-28 13:50:42 +0200[diff] [blame]641#if defined(POLARSSL_CIPHER_MODE_STREAM)
642 if( ctx->cipher_info->mode == POLARSSL_MODE_STREAM )
643 {
644 if( 0 != ( ret = ctx->cipher_info->base->stream_func( ctx->cipher_ctx,
645 ilen, input, output ) ) )
646 {
647 return ret;
648 }
649
650 *olen = ilen;
651
652 return 0;
653 }
654#endif
655
Paul Bakkerff61a782011-06-09 15:42:02 +0000[diff] [blame]656 return POLARSSL_ERR_CIPHER_FEATURE_UNAVAILABLE;
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]657}
658
Paul Bakker48e93c82013-08-14 12:21:18 +0200[diff] [blame]659#if defined(POLARSSL_CIPHER_PADDING_PKCS7)
Manuel Pégourié-Gonnard679f9e92013-07-26 12:46:02 +0200[diff] [blame]660/*
661 * PKCS7 (and PKCS5) padding: fill with ll bytes, with ll = padding_len
662 */
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]663static void add_pkcs_padding( unsigned char *output, size_t output_len,
664 size_t data_len )
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]665{
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]666 size_t padding_len = output_len - data_len;
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]667 unsigned char i = 0;
668
669 for( i = 0; i < padding_len; i++ )
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]670 output[data_len + i] = (unsigned char) padding_len;
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]671}
672
Manuel Pégourié-Gonnardac56a1a2013-07-25 12:31:10 +0200[diff] [blame]673static int get_pkcs_padding( unsigned char *input, size_t input_len,
674 size_t *data_len )
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]675{
Paul Bakkerec1b9842012-01-14 18:24:43 +0000[diff] [blame]676 unsigned int i, padding_len = 0;
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]677
Paul Bakkera885d682011-01-20 16:35:05 +0000[diff] [blame]678 if( NULL == input || NULL == data_len )
Paul Bakkerff61a782011-06-09 15:42:02 +0000[diff] [blame]679 return POLARSSL_ERR_CIPHER_BAD_INPUT_DATA;
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]680
681 padding_len = input[input_len - 1];
682
Manuel Pégourié-Gonnardb7d24bc2013-07-26 10:58:48 +0200[diff] [blame]683 if( padding_len > input_len || padding_len == 0 )
Paul Bakkerff61a782011-06-09 15:42:02 +0000[diff] [blame]684 return POLARSSL_ERR_CIPHER_INVALID_PADDING;
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]685
Paul Bakkera885d682011-01-20 16:35:05 +0000[diff] [blame]686 for( i = input_len - padding_len; i < input_len; i++ )
687 if( input[i] != padding_len )
Paul Bakkerff61a782011-06-09 15:42:02 +0000[diff] [blame]688 return POLARSSL_ERR_CIPHER_INVALID_PADDING;
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]689
690 *data_len = input_len - padding_len;
691
692 return 0;
693}
Paul Bakker48e93c82013-08-14 12:21:18 +0200[diff] [blame]694#endif /* POLARSSL_CIPHER_PADDING_PKCS7 */
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]695
Paul Bakker48e93c82013-08-14 12:21:18 +0200[diff] [blame]696#if defined(POLARSSL_CIPHER_PADDING_ONE_AND_ZEROS)
Manuel Pégourié-Gonnard679f9e92013-07-26 12:46:02 +0200[diff] [blame]697/*
698 * One and zeros padding: fill with 80 00 ... 00
699 */
700static void add_one_and_zeros_padding( unsigned char *output,
701 size_t output_len, size_t data_len )
702{
703 size_t padding_len = output_len - data_len;
704 unsigned char i = 0;
705
706 output[data_len] = 0x80;
707 for( i = 1; i < padding_len; i++ )
708 output[data_len + i] = 0x00;
709}
710
711static int get_one_and_zeros_padding( unsigned char *input, size_t input_len,
712 size_t *data_len )
713{
714 unsigned char *p = input + input_len - 1;
715
716 if( NULL == input || NULL == data_len )
717 return POLARSSL_ERR_CIPHER_BAD_INPUT_DATA;
718
719 while( *p == 0x00 && p > input )
720 --p;
721
722 if( *p != 0x80 )
723 return POLARSSL_ERR_CIPHER_INVALID_PADDING;
724
725 *data_len = p - input;
726
727 return 0;
728}
Paul Bakker48e93c82013-08-14 12:21:18 +0200[diff] [blame]729#endif /* POLARSSL_CIPHER_PADDING_ONE_AND_ZEROS */
Manuel Pégourié-Gonnard679f9e92013-07-26 12:46:02 +0200[diff] [blame]730
Paul Bakker48e93c82013-08-14 12:21:18 +0200[diff] [blame]731#if defined(POLARSSL_CIPHER_PADDING_ZEROS_AND_LEN)
Manuel Pégourié-Gonnard8d4291b2013-07-26 14:55:18 +0200[diff] [blame]732/*
733 * Zeros and len padding: fill with 00 ... 00 ll, where ll is padding length
734 */
735static void add_zeros_and_len_padding( unsigned char *output,
736 size_t output_len, size_t data_len )
737{
738 size_t padding_len = output_len - data_len;
739 unsigned char i = 0;
740
741 for( i = 1; i < padding_len; i++ )
742 output[data_len + i - 1] = 0x00;
743 output[output_len - 1] = (unsigned char) padding_len;
744}
745
746static int get_zeros_and_len_padding( unsigned char *input, size_t input_len,
747 size_t *data_len )
748{
749 unsigned int i, padding_len = 0;
750
751 if( NULL == input || NULL == data_len )
752 return POLARSSL_ERR_CIPHER_BAD_INPUT_DATA;
753
754 padding_len = input[input_len - 1];
755
756 if( padding_len > input_len || padding_len == 0 )
757 return POLARSSL_ERR_CIPHER_INVALID_PADDING;
758
759 for( i = input_len - padding_len; i < input_len - 1; i++ )
760 if( input[i] != 0x00 )
761 return POLARSSL_ERR_CIPHER_INVALID_PADDING;
762
763 *data_len = input_len - padding_len;
764
765 return 0;
766}
Paul Bakker48e93c82013-08-14 12:21:18 +0200[diff] [blame]767#endif /* POLARSSL_CIPHER_PADDING_ZEROS_AND_LEN */
Manuel Pégourié-Gonnard8d4291b2013-07-26 14:55:18 +0200[diff] [blame]768
Paul Bakker48e93c82013-08-14 12:21:18 +0200[diff] [blame]769#if defined(POLARSSL_CIPHER_PADDING_ZEROS)
Manuel Pégourié-Gonnard0e7d2c02013-07-26 16:05:14 +0200[diff] [blame]770/*
771 * Zero padding: fill with 00 ... 00
772 */
773static void add_zeros_padding( unsigned char *output,
774 size_t output_len, size_t data_len )
775{
776 unsigned char i;
777
778 for( i = data_len; i < output_len; i++ )
779 output[i] = 0x00;
780}
781
782static int get_zeros_padding( unsigned char *input, size_t input_len,
783 size_t *data_len )
784{
785 unsigned char *p = input + input_len - 1;
786 if( NULL == input || NULL == data_len )
787 return POLARSSL_ERR_CIPHER_BAD_INPUT_DATA;
788
789 while( *p == 0x00 && p > input )
790 --p;
791
792 *data_len = *p == 0x00 ? 0 : p - input + 1;
793
794 return 0;
795}
Paul Bakker48e93c82013-08-14 12:21:18 +0200[diff] [blame]796#endif /* POLARSSL_CIPHER_PADDING_ZEROS */
Manuel Pégourié-Gonnard0e7d2c02013-07-26 16:05:14 +0200[diff] [blame]797
Manuel Pégourié-Gonnardebdc4132013-07-26 16:50:44 +0200[diff] [blame]798/*
799 * No padding: don't pad :)
800 *
801 * There is no add_padding function (check for NULL in cipher_finish)
802 * but a trivial get_padding function
803 */
804static int get_no_padding( unsigned char *input, size_t input_len,
805 size_t *data_len )
806{
807 if( NULL == input || NULL == data_len )
808 return POLARSSL_ERR_CIPHER_BAD_INPUT_DATA;
809
810 *data_len = input_len;
811
812 return 0;
813}
814
Manuel Pégourié-Gonnard9241be72013-08-31 17:31:03 +0200[diff] [blame]815int cipher_finish( cipher_context_t *ctx,
Manuel Pégourié-Gonnardaa9ffc52013-09-03 16:19:22 +0200[diff] [blame]816 unsigned char *output, size_t *olen )
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]817{
Paul Bakkerff61a782011-06-09 15:42:02 +0000[diff] [blame]818 int ret = 0;
819
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]820 if( NULL == ctx || NULL == ctx->cipher_info || NULL == olen )
Paul Bakkerff61a782011-06-09 15:42:02 +0000[diff] [blame]821 return POLARSSL_ERR_CIPHER_BAD_INPUT_DATA;
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]822
823 *olen = 0;
824
Paul Bakker6132d0a2012-07-04 17:10:40 +0000[diff] [blame]825 if( POLARSSL_MODE_CFB == ctx->cipher_info->mode ||
Paul Bakkerfab5c822012-02-06 16:45:10 +0000[diff] [blame]826 POLARSSL_MODE_CTR == ctx->cipher_info->mode ||
Manuel Pégourié-Gonnardb8bd5932013-09-05 13:38:15 +0200[diff] [blame]827 POLARSSL_MODE_GCM == ctx->cipher_info->mode ||
Manuel Pégourié-Gonnardb5e85882013-08-28 16:36:14 +0200[diff] [blame]828 POLARSSL_MODE_STREAM == ctx->cipher_info->mode )
Paul Bakker343a8702011-06-09 14:27:58 +0000[diff] [blame]829 {
830 return 0;
831 }
832
Paul Bakker5e0efa72013-09-08 23:04:04 +0200[diff] [blame^]833 if( POLARSSL_MODE_ECB == ctx->cipher_info->mode )
834 {
835 if( ctx->unprocessed_len != 0 )
836 return POLARSSL_ERR_CIPHER_FULL_BLOCK_EXPECTED;
837
838 return 0;
839 }
840
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]841 if( POLARSSL_MODE_CBC == ctx->cipher_info->mode )
842 {
843 if( POLARSSL_ENCRYPT == ctx->operation )
844 {
Manuel Pégourié-Gonnardebdc4132013-07-26 16:50:44 +0200[diff] [blame]845 /* check for 'no padding' mode */
846 if( NULL == ctx->add_padding )
847 {
848 if( 0 != ctx->unprocessed_len )
849 return POLARSSL_ERR_CIPHER_FULL_BLOCK_EXPECTED;
850
851 return 0;
852 }
853
Manuel Pégourié-Gonnardac56a1a2013-07-25 12:31:10 +0200[diff] [blame]854 ctx->add_padding( ctx->unprocessed_data, cipher_get_iv_size( ctx ),
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]855 ctx->unprocessed_len );
856 }
857 else if ( cipher_get_block_size( ctx ) != ctx->unprocessed_len )
858 {
Manuel Pégourié-Gonnardebdc4132013-07-26 16:50:44 +0200[diff] [blame]859 /*
860 * For decrypt operations, expect a full block,
861 * or an empty block if no padding
862 */
863 if( NULL == ctx->add_padding && 0 == ctx->unprocessed_len )
864 return 0;
865
Paul Bakkerff61a782011-06-09 15:42:02 +0000[diff] [blame]866 return POLARSSL_ERR_CIPHER_FULL_BLOCK_EXPECTED;
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]867 }
868
869 /* cipher block */
Paul Bakkerff61a782011-06-09 15:42:02 +0000[diff] [blame]870 if( 0 != ( ret = ctx->cipher_info->base->cbc_func( ctx->cipher_ctx,
871 ctx->operation, cipher_get_block_size( ctx ), ctx->iv,
872 ctx->unprocessed_data, output ) ) )
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]873 {
Paul Bakkerff61a782011-06-09 15:42:02 +0000[diff] [blame]874 return ret;
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]875 }
876
877 /* Set output size for decryption */
878 if( POLARSSL_DECRYPT == ctx->operation )
Manuel Pégourié-Gonnardac56a1a2013-07-25 12:31:10 +0200[diff] [blame]879 return ctx->get_padding( output, cipher_get_block_size( ctx ),
880 olen );
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]881
882 /* Set output size for encryption */
883 *olen = cipher_get_block_size( ctx );
884 return 0;
885 }
886
Paul Bakkerff61a782011-06-09 15:42:02 +0000[diff] [blame]887 return POLARSSL_ERR_CIPHER_FEATURE_UNAVAILABLE;
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]888}
889
Manuel Pégourié-Gonnardac56a1a2013-07-25 12:31:10 +0200[diff] [blame]890int cipher_set_padding_mode( cipher_context_t *ctx, cipher_padding_t mode )
891{
892 if( NULL == ctx ||
893 POLARSSL_MODE_CBC != ctx->cipher_info->mode )
894 {
895 return POLARSSL_ERR_CIPHER_BAD_INPUT_DATA;
896 }
897
Paul Bakker1a45d912013-08-14 12:04:26 +0200[diff] [blame]898 switch( mode )
Manuel Pégourié-Gonnardac56a1a2013-07-25 12:31:10 +0200[diff] [blame]899 {
Paul Bakker48e93c82013-08-14 12:21:18 +0200[diff] [blame]900#if defined(POLARSSL_CIPHER_PADDING_PKCS7)
Paul Bakker1a45d912013-08-14 12:04:26 +0200[diff] [blame]901 case POLARSSL_PADDING_PKCS7:
Manuel Pégourié-Gonnardac56a1a2013-07-25 12:31:10 +0200[diff] [blame]902 ctx->add_padding = add_pkcs_padding;
903 ctx->get_padding = get_pkcs_padding;
Paul Bakker1a45d912013-08-14 12:04:26 +0200[diff] [blame]904 break;
Paul Bakker48e93c82013-08-14 12:21:18 +0200[diff] [blame]905#endif
906#if defined(POLARSSL_CIPHER_PADDING_ONE_AND_ZEROS)
Paul Bakker1a45d912013-08-14 12:04:26 +0200[diff] [blame]907 case POLARSSL_PADDING_ONE_AND_ZEROS:
Manuel Pégourié-Gonnard679f9e92013-07-26 12:46:02 +0200[diff] [blame]908 ctx->add_padding = add_one_and_zeros_padding;
909 ctx->get_padding = get_one_and_zeros_padding;
Paul Bakker1a45d912013-08-14 12:04:26 +0200[diff] [blame]910 break;
Paul Bakker48e93c82013-08-14 12:21:18 +0200[diff] [blame]911#endif
912#if defined(POLARSSL_CIPHER_PADDING_ZEROS_AND_LEN)
Paul Bakker1a45d912013-08-14 12:04:26 +0200[diff] [blame]913 case POLARSSL_PADDING_ZEROS_AND_LEN:
Manuel Pégourié-Gonnard8d4291b2013-07-26 14:55:18 +0200[diff] [blame]914 ctx->add_padding = add_zeros_and_len_padding;
915 ctx->get_padding = get_zeros_and_len_padding;
Paul Bakker1a45d912013-08-14 12:04:26 +0200[diff] [blame]916 break;
Paul Bakker48e93c82013-08-14 12:21:18 +0200[diff] [blame]917#endif
918#if defined(POLARSSL_CIPHER_PADDING_ZEROS)
Paul Bakker1a45d912013-08-14 12:04:26 +0200[diff] [blame]919 case POLARSSL_PADDING_ZEROS:
Manuel Pégourié-Gonnard0e7d2c02013-07-26 16:05:14 +0200[diff] [blame]920 ctx->add_padding = add_zeros_padding;
921 ctx->get_padding = get_zeros_padding;
Paul Bakker1a45d912013-08-14 12:04:26 +0200[diff] [blame]922 break;
Paul Bakker48e93c82013-08-14 12:21:18 +0200[diff] [blame]923#endif
Paul Bakker1a45d912013-08-14 12:04:26 +0200[diff] [blame]924 case POLARSSL_PADDING_NONE:
Manuel Pégourié-Gonnardebdc4132013-07-26 16:50:44 +0200[diff] [blame]925 ctx->add_padding = NULL;
926 ctx->get_padding = get_no_padding;
Paul Bakker1a45d912013-08-14 12:04:26 +0200[diff] [blame]927 break;
928
929 default:
Paul Bakker48e93c82013-08-14 12:21:18 +0200[diff] [blame]930 return POLARSSL_ERR_CIPHER_FEATURE_UNAVAILABLE;
Manuel Pégourié-Gonnardebdc4132013-07-26 16:50:44 +0200[diff] [blame]931 }
932
Paul Bakker1a45d912013-08-14 12:04:26 +0200[diff] [blame]933 return 0;
Manuel Pégourié-Gonnardac56a1a2013-07-25 12:31:10 +0200[diff] [blame]934}
935
Manuel Pégourié-Gonnard43a47802013-09-03 16:35:53 +0200[diff] [blame]936#if defined(POLARSSL_CIPHER_MODE_AEAD)
Manuel Pégourié-Gonnardaa9ffc52013-09-03 16:19:22 +0200[diff] [blame]937int cipher_write_tag( cipher_context_t *ctx,
938 unsigned char *tag, size_t tag_len )
939{
940 if( NULL == ctx || NULL == ctx->cipher_info || NULL == tag )
941 return POLARSSL_ERR_CIPHER_BAD_INPUT_DATA;
942
Manuel Pégourié-Gonnardaa9ffc52013-09-03 16:19:22 +0200[diff] [blame]943 if( POLARSSL_ENCRYPT != ctx->operation )
944 return POLARSSL_ERR_CIPHER_BAD_INPUT_DATA;
945
Manuel Pégourié-Gonnard43a47802013-09-03 16:35:53 +0200[diff] [blame]946#if defined(POLARSSL_GCM_C)
947 if( POLARSSL_MODE_GCM == ctx->cipher_info->mode )
948 return gcm_finish( ctx->cipher_ctx, tag, tag_len );
949#endif
950
951 return 0;
Manuel Pégourié-Gonnardaa9ffc52013-09-03 16:19:22 +0200[diff] [blame]952}
953
954int cipher_check_tag( cipher_context_t *ctx,
955 const unsigned char *tag, size_t tag_len )
956{
957 int ret;
Manuel Pégourié-Gonnardaa9ffc52013-09-03 16:19:22 +0200[diff] [blame]958
Manuel Pégourié-Gonnard43a47802013-09-03 16:35:53 +0200[diff] [blame]959 if( NULL == ctx || NULL == ctx->cipher_info ||
960 POLARSSL_DECRYPT != ctx->operation )
961 {
Manuel Pégourié-Gonnardaa9ffc52013-09-03 16:19:22 +0200[diff] [blame]962 return POLARSSL_ERR_CIPHER_BAD_INPUT_DATA;
Manuel Pégourié-Gonnard43a47802013-09-03 16:35:53 +0200[diff] [blame]963 }
Manuel Pégourié-Gonnardaa9ffc52013-09-03 16:19:22 +0200[diff] [blame]964
Manuel Pégourié-Gonnard43a47802013-09-03 16:35:53 +0200[diff] [blame]965#if defined(POLARSSL_GCM_C)
966 if( POLARSSL_MODE_GCM == ctx->cipher_info->mode )
967 {
968 unsigned char check_tag[16];
969 size_t i;
970 int diff;
971
972 if( tag_len > sizeof( check_tag ) )
973 return POLARSSL_ERR_CIPHER_BAD_INPUT_DATA;
974
975 if( 0 != ( ret = gcm_finish( ctx->cipher_ctx, check_tag, tag_len ) ) )
976 return( ret );
977
978 /* Check the tag in "constant-time" */
979 for( diff = 0, i = 0; i < tag_len; i++ )
980 diff |= tag[i] ^ check_tag[i];
981
982 if( diff != 0 )
983 return( POLARSSL_ERR_GCM_AUTH_FAILED );
984
Manuel Pégourié-Gonnardaa9ffc52013-09-03 16:19:22 +0200[diff] [blame]985 return( 0 );
Manuel Pégourié-Gonnard43a47802013-09-03 16:35:53 +0200[diff] [blame]986 }
987#endif
Manuel Pégourié-Gonnardaa9ffc52013-09-03 16:19:22 +0200[diff] [blame]988
989 return( 0 );
990}
Manuel Pégourié-Gonnard43a47802013-09-03 16:35:53 +0200[diff] [blame]991#endif /* POLARSSL_CIPHER_MODE_AEAD */
Manuel Pégourié-Gonnardaa9ffc52013-09-03 16:19:22 +0200[diff] [blame]992
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]993#if defined(POLARSSL_SELF_TEST)
994
995#include <stdio.h>
996
997#define ASSERT(x) if (!(x)) { \
998 printf( "failed with %i at %s\n", value, (#x) ); \
999 return( 1 ); \
1000}
1001/*
1002 * Checkup routine
1003 */
1004
1005int cipher_self_test( int verbose )
1006{
Paul Bakkerd61e7d92011-01-18 16:17:47 +0000[diff] [blame]1007 ((void) verbose);
1008
Paul Bakker8123e9d2011-01-06 15:37:30 +0000[diff] [blame]1009 return( 0 );
1010}
1011
1012#endif
1013
1014#endif