search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Merge pull request #2747 from Eltrick/stylise-dormakaba
[RRG-proxmark3.git] / common / mbedtls / aes.h
blob0ca3a20dbff5344fbf3e7c4e07b851d0393ec715
1 /**
2 * \file aes.h
3 *
4 * \brief This file contains AES definitions and functions.
5 *
6 * The Advanced Encryption Standard (AES) specifies a FIPS-approved
7 * cryptographic algorithm that can be used to protect electronic
8 * data.
9 *
10 * The AES algorithm is a symmetric block cipher that can
11 * encrypt and decrypt information. For more information, see
12 * <em>FIPS Publication 197: Advanced Encryption Standard</em> and
13 * <em>ISO/IEC 18033-2:2006: Information technology -- Security
14 * techniques -- Encryption algorithms -- Part 2: Asymmetric
15 * ciphers</em>.
16 *
17 * The AES-XTS block mode is standardized by NIST SP 800-38E
18 * <https://nvlpubs.nist.gov/nistpubs/legacy/sp/nistspecialpublication800-38e.pdf>
19 * and described in detail by IEEE P1619
20 * <https://ieeexplore.ieee.org/servlet/opac?punumber=4375278>.
21 */
22
23 /*
24 * Copyright The Mbed TLS Contributors
25 * SPDX-License-Identifier: Apache-2.0
26 *
27 * Licensed under the Apache License, Version 2.0 (the "License"); you may
28 * not use this file except in compliance with the License.
29 * You may obtain a copy of the License at
30 *
31 * http://www.apache.org/licenses/LICENSE-2.0
32 *
33 * Unless required by applicable law or agreed to in writing, software
34 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
35 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
36 * See the License for the specific language governing permissions and
37 * limitations under the License.
38 */
39
40 #ifndef MBEDTLS_AES_H
41 #define MBEDTLS_AES_H
42
43 #if !defined(MBEDTLS_CONFIG_FILE)
44 #include "mbedtls/config.h"
45 #else
46 #include MBEDTLS_CONFIG_FILE
47 #endif
48
49 #include <stddef.h>
50 #include <stdint.h>
51
52 /* padlock.c and aesni.c rely on these values! */
53 #define MBEDTLS_AES_ENCRYPT 1 /**< AES encryption. */
54 #define MBEDTLS_AES_DECRYPT 0 /**< AES decryption. */
55
56 /* Error codes in range 0x0020-0x0022 */
57 #define MBEDTLS_ERR_AES_INVALID_KEY_LENGTH -0x0020 /**< Invalid key length. */
58 #define MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH -0x0022 /**< Invalid data input length. */
59
60 /* Error codes in range 0x0021-0x0025 */
61 #define MBEDTLS_ERR_AES_BAD_INPUT_DATA -0x0021 /**< Invalid input data. */
62
63 /* MBEDTLS_ERR_AES_FEATURE_UNAVAILABLE is deprecated and should not be used. */
64 #define MBEDTLS_ERR_AES_FEATURE_UNAVAILABLE -0x0023 /**< Feature not available. For example, an unsupported AES key size. */
65
66 /* MBEDTLS_ERR_AES_HW_ACCEL_FAILED is deprecated and should not be used. */
67 #define MBEDTLS_ERR_AES_HW_ACCEL_FAILED -0x0025 /**< AES hardware accelerator failed. */
68
69 #if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
70 !defined(inline) && !defined(__cplusplus)
71 #define inline __inline
72 #endif
73
74 #ifdef __cplusplus
75 extern "C" {
76 #endif
77
78 #if !defined(MBEDTLS_AES_ALT)
79 // Regular implementation
80 //
81
82 /**
83 * \brief The AES context-type definition.
84 */
85 typedef struct mbedtls_aes_context {
86 int nr; /*!< The number of rounds. */
87 uint32_t *rk; /*!< AES round keys. */
88 uint32_t buf[68]; /*!< Unaligned data buffer. This buffer can
89 hold 32 extra Bytes, which can be used for
90 one of the following purposes:
91 <ul><li>Alignment if VIA padlock is
92 used.</li>
93 <li>Simplifying key expansion in the 256-bit
94 case by generating an extra round key.
95 </li></ul> */
96 }
97 mbedtls_aes_context;
98
99 #if defined(MBEDTLS_CIPHER_MODE_XTS)
100 /**
101 * \brief The AES XTS context-type definition.
102 */
103 typedef struct mbedtls_aes_xts_context {
104 mbedtls_aes_context crypt; /*!< The AES context to use for AES block
105 encryption or decryption. */
106 mbedtls_aes_context tweak; /*!< The AES context used for tweak
107 computation. */
108 } mbedtls_aes_xts_context;
109 #endif /* MBEDTLS_CIPHER_MODE_XTS */
110
111 #else /* MBEDTLS_AES_ALT */
112 #include "aes_alt.h"
113 #endif /* MBEDTLS_AES_ALT */
114
115 /**
116 * \brief This function initializes the specified AES context.
117 *
118 * It must be the first API called before using
119 * the context.
120 *
121 * \param ctx The AES context to initialize. This must not be \c NULL.
122 */
123 void mbedtls_aes_init(mbedtls_aes_context *ctx);
124
125 /**
126 * \brief This function releases and clears the specified AES context.
127 *
128 * \param ctx The AES context to clear.
129 * If this is \c NULL, this function does nothing.
130 * Otherwise, the context must have been at least initialized.
131 */
132 void mbedtls_aes_free(mbedtls_aes_context *ctx);
133
134 #if defined(MBEDTLS_CIPHER_MODE_XTS)
135 /**
136 * \brief This function initializes the specified AES XTS context.
137 *
138 * It must be the first API called before using
139 * the context.
140 *
141 * \param ctx The AES XTS context to initialize. This must not be \c NULL.
142 */
143 void mbedtls_aes_xts_init(mbedtls_aes_xts_context *ctx);
144
145 /**
146 * \brief This function releases and clears the specified AES XTS context.
147 *
148 * \param ctx The AES XTS context to clear.
149 * If this is \c NULL, this function does nothing.
150 * Otherwise, the context must have been at least initialized.
151 */
152 void mbedtls_aes_xts_free(mbedtls_aes_xts_context *ctx);
153 #endif /* MBEDTLS_CIPHER_MODE_XTS */
154
155 /**
156 * \brief This function sets the encryption key.
157 *
158 * \param ctx The AES context to which the key should be bound.
159 * It must be initialized.
160 * \param key The encryption key.
161 * This must be a readable buffer of size \p keybits bits.
162 * \param keybits The size of data passed in bits. Valid options are:
163 * <ul><li>128 bits</li>
164 * <li>192 bits</li>
165 * <li>256 bits</li></ul>
166 *
167 * \return \c 0 on success.
168 * \return #MBEDTLS_ERR_AES_INVALID_KEY_LENGTH on failure.
169 */
170 int mbedtls_aes_setkey_enc(mbedtls_aes_context *ctx, const unsigned char *key,
171 unsigned int keybits);
172
173 /**
174 * \brief This function sets the decryption key.
175 *
176 * \param ctx The AES context to which the key should be bound.
177 * It must be initialized.
178 * \param key The decryption key.
179 * This must be a readable buffer of size \p keybits bits.
180 * \param keybits The size of data passed. Valid options are:
181 * <ul><li>128 bits</li>
182 * <li>192 bits</li>
183 * <li>256 bits</li></ul>
184 *
185 * \return \c 0 on success.
186 * \return #MBEDTLS_ERR_AES_INVALID_KEY_LENGTH on failure.
187 */
188 int mbedtls_aes_setkey_dec(mbedtls_aes_context *ctx, const unsigned char *key,
189 unsigned int keybits);
190
191 #if defined(MBEDTLS_CIPHER_MODE_XTS)
192 /**
193 * \brief This function prepares an XTS context for encryption and
194 * sets the encryption key.
195 *
196 * \param ctx The AES XTS context to which the key should be bound.
197 * It must be initialized.
198 * \param key The encryption key. This is comprised of the XTS key1
199 * concatenated with the XTS key2.
200 * This must be a readable buffer of size \p keybits bits.
201 * \param keybits The size of \p key passed in bits. Valid options are:
202 * <ul><li>256 bits (each of key1 and key2 is a 128-bit key)</li>
203 * <li>512 bits (each of key1 and key2 is a 256-bit key)</li></ul>
204 *
205 * \return \c 0 on success.
206 * \return #MBEDTLS_ERR_AES_INVALID_KEY_LENGTH on failure.
207 */
208 int mbedtls_aes_xts_setkey_enc(mbedtls_aes_xts_context *ctx,
209 const unsigned char *key,
210 unsigned int keybits);
211
212 /**
213 * \brief This function prepares an XTS context for decryption and
214 * sets the decryption key.
215 *
216 * \param ctx The AES XTS context to which the key should be bound.
217 * It must be initialized.
218 * \param key The decryption key. This is comprised of the XTS key1
219 * concatenated with the XTS key2.
220 * This must be a readable buffer of size \p keybits bits.
221 * \param keybits The size of \p key passed in bits. Valid options are:
222 * <ul><li>256 bits (each of key1 and key2 is a 128-bit key)</li>
223 * <li>512 bits (each of key1 and key2 is a 256-bit key)</li></ul>
224 *
225 * \return \c 0 on success.
226 * \return #MBEDTLS_ERR_AES_INVALID_KEY_LENGTH on failure.
227 */
228 int mbedtls_aes_xts_setkey_dec(mbedtls_aes_xts_context *ctx,
229 const unsigned char *key,
230 unsigned int keybits);
231 #endif /* MBEDTLS_CIPHER_MODE_XTS */
232
233 /**
234 * \brief This function performs an AES single-block encryption or
235 * decryption operation.
236 *
237 * It performs the operation defined in the \p mode parameter
238 * (encrypt or decrypt), on the input data buffer defined in
239 * the \p input parameter.
240 *
241 * mbedtls_aes_init(), and either mbedtls_aes_setkey_enc() or
242 * mbedtls_aes_setkey_dec() must be called before the first
243 * call to this API with the same context.
244 *
245 * \param ctx The AES context to use for encryption or decryption.
246 * It must be initialized and bound to a key.
247 * \param mode The AES operation: #MBEDTLS_AES_ENCRYPT or
248 * #MBEDTLS_AES_DECRYPT.
249 * \param input The buffer holding the input data.
250 * It must be readable and at least \c 16 Bytes long.
251 * \param output The buffer where the output data will be written.
252 * It must be writeable and at least \c 16 Bytes long.
253
254 * \return \c 0 on success.
255 */
256 int mbedtls_aes_crypt_ecb(mbedtls_aes_context *ctx,
257 int mode,
258 const unsigned char input[16],
259 unsigned char output[16]);
260
261 #if defined(MBEDTLS_CIPHER_MODE_CBC)
262 /**
263 * \brief This function performs an AES-CBC encryption or decryption operation
264 * on full blocks.
265 *
266 * It performs the operation defined in the \p mode
267 * parameter (encrypt/decrypt), on the input data buffer defined in
268 * the \p input parameter.
269 *
270 * It can be called as many times as needed, until all the input
271 * data is processed. mbedtls_aes_init(), and either
272 * mbedtls_aes_setkey_enc() or mbedtls_aes_setkey_dec() must be called
273 * before the first call to this API with the same context.
274 *
275 * \note This function operates on full blocks, that is, the input size
276 * must be a multiple of the AES block size of \c 16 Bytes.
277 *
278 * \note Upon exit, the content of the IV is updated so that you can
279 * call the same function again on the next
280 * block(s) of data and get the same result as if it was
281 * encrypted in one call. This allows a "streaming" usage.
282 * If you need to retain the contents of the IV, you should
283 * either save it manually or use the cipher module instead.
284 *
285 *
286 * \param ctx The AES context to use for encryption or decryption.
287 * It must be initialized and bound to a key.
288 * \param mode The AES operation: #MBEDTLS_AES_ENCRYPT or
289 * #MBEDTLS_AES_DECRYPT.
290 * \param length The length of the input data in Bytes. This must be a
291 * multiple of the block size (\c 16 Bytes).
292 * \param iv Initialization vector (updated after use).
293 * It must be a readable and writeable buffer of \c 16 Bytes.
294 * \param input The buffer holding the input data.
295 * It must be readable and of size \p length Bytes.
296 * \param output The buffer holding the output data.
297 * It must be writeable and of size \p length Bytes.
298 *
299 * \return \c 0 on success.
300 * \return #MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH
301 * on failure.
302 */
303 int mbedtls_aes_crypt_cbc(mbedtls_aes_context *ctx,
304 int mode,
305 size_t length,
306 unsigned char iv[16],
307 const unsigned char *input,
308 unsigned char *output);
309 #endif /* MBEDTLS_CIPHER_MODE_CBC */
310
311 #if defined(MBEDTLS_CIPHER_MODE_XTS)
312 /**
313 * \brief This function performs an AES-XTS encryption or decryption
314 * operation for an entire XTS data unit.
315 *
316 * AES-XTS encrypts or decrypts blocks based on their location as
317 * defined by a data unit number. The data unit number must be
318 * provided by \p data_unit.
319 *
320 * NIST SP 800-38E limits the maximum size of a data unit to 2^20
321 * AES blocks. If the data unit is larger than this, this function
322 * returns #MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH.
323 *
324 * \param ctx The AES XTS context to use for AES XTS operations.
325 * It must be initialized and bound to a key.
326 * \param mode The AES operation: #MBEDTLS_AES_ENCRYPT or
327 * #MBEDTLS_AES_DECRYPT.
328 * \param length The length of a data unit in Bytes. This can be any
329 * length between 16 bytes and 2^24 bytes inclusive
330 * (between 1 and 2^20 block cipher blocks).
331 * \param data_unit The address of the data unit encoded as an array of 16
332 * bytes in little-endian format. For disk encryption, this
333 * is typically the index of the block device sector that
334 * contains the data.
335 * \param input The buffer holding the input data (which is an entire
336 * data unit). This function reads \p length Bytes from \p
337 * input.
338 * \param output The buffer holding the output data (which is an entire
339 * data unit). This function writes \p length Bytes to \p
340 * output.
341 *
342 * \return \c 0 on success.
343 * \return #MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH if \p length is
344 * smaller than an AES block in size (16 Bytes) or if \p
345 * length is larger than 2^20 blocks (16 MiB).
346 */
347 int mbedtls_aes_crypt_xts(mbedtls_aes_xts_context *ctx,
348 int mode,
349 size_t length,
350 const unsigned char data_unit[16],
351 const unsigned char *input,
352 unsigned char *output);
353 #endif /* MBEDTLS_CIPHER_MODE_XTS */
354
355 #if defined(MBEDTLS_CIPHER_MODE_CFB)
356 /**
357 * \brief This function performs an AES-CFB128 encryption or decryption
358 * operation.
359 *
360 * It performs the operation defined in the \p mode
361 * parameter (encrypt or decrypt), on the input data buffer
362 * defined in the \p input parameter.
363 *
364 * For CFB, you must set up the context with mbedtls_aes_setkey_enc(),
365 * regardless of whether you are performing an encryption or decryption
366 * operation, that is, regardless of the \p mode parameter. This is
367 * because CFB mode uses the same key schedule for encryption and
368 * decryption.
369 *
370 * \note Upon exit, the content of the IV is updated so that you can
371 * call the same function again on the next
372 * block(s) of data and get the same result as if it was
373 * encrypted in one call. This allows a "streaming" usage.
374 * If you need to retain the contents of the
375 * IV, you must either save it manually or use the cipher
376 * module instead.
377 *
378 *
379 * \param ctx The AES context to use for encryption or decryption.
380 * It must be initialized and bound to a key.
381 * \param mode The AES operation: #MBEDTLS_AES_ENCRYPT or
382 * #MBEDTLS_AES_DECRYPT.
383 * \param length The length of the input data in Bytes.
384 * \param iv_off The offset in IV (updated after use).
385 * It must point to a valid \c size_t.
386 * \param iv The initialization vector (updated after use).
387 * It must be a readable and writeable buffer of \c 16 Bytes.
388 * \param input The buffer holding the input data.
389 * It must be readable and of size \p length Bytes.
390 * \param output The buffer holding the output data.
391 * It must be writeable and of size \p length Bytes.
392 *
393 * \return \c 0 on success.
394 */
395 int mbedtls_aes_crypt_cfb128(mbedtls_aes_context *ctx,
396 int mode,
397 size_t length,
398 size_t *iv_off,
399 unsigned char iv[16],
400 const unsigned char *input,
401 unsigned char *output);
402
403 /**
404 * \brief This function performs an AES-CFB8 encryption or decryption
405 * operation.
406 *
407 * It performs the operation defined in the \p mode
408 * parameter (encrypt/decrypt), on the input data buffer defined
409 * in the \p input parameter.
410 *
411 * Due to the nature of CFB, you must use the same key schedule for
412 * both encryption and decryption operations. Therefore, you must
413 * use the context initialized with mbedtls_aes_setkey_enc() for
414 * both #MBEDTLS_AES_ENCRYPT and #MBEDTLS_AES_DECRYPT.
415 *
416 * \note Upon exit, the content of the IV is updated so that you can
417 * call the same function again on the next
418 * block(s) of data and get the same result as if it was
419 * encrypted in one call. This allows a "streaming" usage.
420 * If you need to retain the contents of the
421 * IV, you should either save it manually or use the cipher
422 * module instead.
423 *
424 *
425 * \param ctx The AES context to use for encryption or decryption.
426 * It must be initialized and bound to a key.
427 * \param mode The AES operation: #MBEDTLS_AES_ENCRYPT or
428 * #MBEDTLS_AES_DECRYPT
429 * \param length The length of the input data.
430 * \param iv The initialization vector (updated after use).
431 * It must be a readable and writeable buffer of \c 16 Bytes.
432 * \param input The buffer holding the input data.
433 * It must be readable and of size \p length Bytes.
434 * \param output The buffer holding the output data.
435 * It must be writeable and of size \p length Bytes.
436 *
437 * \return \c 0 on success.
438 */
439 int mbedtls_aes_crypt_cfb8(mbedtls_aes_context *ctx,
440 int mode,
441 size_t length,
442 unsigned char iv[16],
443 const unsigned char *input,
444 unsigned char *output);
445 #endif /*MBEDTLS_CIPHER_MODE_CFB */
446
447 #if defined(MBEDTLS_CIPHER_MODE_OFB)
448 /**
449 * \brief This function performs an AES-OFB (Output Feedback Mode)
450 * encryption or decryption operation.
451 *
452 * For OFB, you must set up the context with
453 * mbedtls_aes_setkey_enc(), regardless of whether you are
454 * performing an encryption or decryption operation. This is
455 * because OFB mode uses the same key schedule for encryption and
456 * decryption.
457 *
458 * The OFB operation is identical for encryption or decryption,
459 * therefore no operation mode needs to be specified.
460 *
461 * \note Upon exit, the content of iv, the Initialisation Vector, is
462 * updated so that you can call the same function again on the next
463 * block(s) of data and get the same result as if it was encrypted
464 * in one call. This allows a "streaming" usage, by initialising
465 * iv_off to 0 before the first call, and preserving its value
466 * between calls.
467 *
468 * For non-streaming use, the iv should be initialised on each call
469 * to a unique value, and iv_off set to 0 on each call.
470 *
471 * If you need to retain the contents of the initialisation vector,
472 * you must either save it manually or use the cipher module
473 * instead.
474 *
475 * \warning For the OFB mode, the initialisation vector must be unique
476 * every encryption operation. Reuse of an initialisation vector
477 * will compromise security.
478 *
479 * \param ctx The AES context to use for encryption or decryption.
480 * It must be initialized and bound to a key.
481 * \param length The length of the input data.
482 * \param iv_off The offset in IV (updated after use).
483 * It must point to a valid \c size_t.
484 * \param iv The initialization vector (updated after use).
485 * It must be a readable and writeable buffer of \c 16 Bytes.
486 * \param input The buffer holding the input data.
487 * It must be readable and of size \p length Bytes.
488 * \param output The buffer holding the output data.
489 * It must be writeable and of size \p length Bytes.
490 *
491 * \return \c 0 on success.
492 */
493 int mbedtls_aes_crypt_ofb(mbedtls_aes_context *ctx,
494 size_t length,
495 size_t *iv_off,
496 unsigned char iv[16],
497 const unsigned char *input,
498 unsigned char *output);
499
500 #endif /* MBEDTLS_CIPHER_MODE_OFB */
501
502 #if defined(MBEDTLS_CIPHER_MODE_CTR)
503 /**
504 * \brief This function performs an AES-CTR encryption or decryption
505 * operation.
506 *
507 * This function performs the operation defined in the \p mode
508 * parameter (encrypt/decrypt), on the input data buffer
509 * defined in the \p input parameter.
510 *
511 * Due to the nature of CTR, you must use the same key schedule
512 * for both encryption and decryption operations. Therefore, you
513 * must use the context initialized with mbedtls_aes_setkey_enc()
514 * for both #MBEDTLS_AES_ENCRYPT and #MBEDTLS_AES_DECRYPT.
515 *
516 * \warning You must never reuse a nonce value with the same key. Doing so
517 * would void the encryption for the two messages encrypted with
518 * the same nonce and key.
519 *
520 * There are two common strategies for managing nonces with CTR:
521 *
522 * 1. You can handle everything as a single message processed over
523 * successive calls to this function. In that case, you want to
524 * set \p nonce_counter and \p nc_off to 0 for the first call, and
525 * then preserve the values of \p nonce_counter, \p nc_off and \p
526 * stream_block across calls to this function as they will be
527 * updated by this function.
528 *
529 * With this strategy, you must not encrypt more than 2**128
530 * blocks of data with the same key.
531 *
532 * 2. You can encrypt separate messages by dividing the \p
533 * nonce_counter buffer in two areas: the first one used for a
534 * per-message nonce, handled by yourself, and the second one
535 * updated by this function internally.
536 *
537 * For example, you might reserve the first 12 bytes for the
538 * per-message nonce, and the last 4 bytes for internal use. In that
539 * case, before calling this function on a new message you need to
540 * set the first 12 bytes of \p nonce_counter to your chosen nonce
541 * value, the last 4 to 0, and \p nc_off to 0 (which will cause \p
542 * stream_block to be ignored). That way, you can encrypt at most
543 * 2**96 messages of up to 2**32 blocks each with the same key.
544 *
545 * The per-message nonce (or information sufficient to reconstruct
546 * it) needs to be communicated with the ciphertext and must be unique.
547 * The recommended way to ensure uniqueness is to use a message
548 * counter. An alternative is to generate random nonces, but this
549 * limits the number of messages that can be securely encrypted:
550 * for example, with 96-bit random nonces, you should not encrypt
551 * more than 2**32 messages with the same key.
552 *
553 * Note that for both stategies, sizes are measured in blocks and
554 * that an AES block is 16 bytes.
555 *
556 * \warning Upon return, \p stream_block contains sensitive data. Its
557 * content must not be written to insecure storage and should be
558 * securely discarded as soon as it's no longer needed.
559 *
560 * \param ctx The AES context to use for encryption or decryption.
561 * It must be initialized and bound to a key.
562 * \param length The length of the input data.
563 * \param nc_off The offset in the current \p stream_block, for
564 * resuming within the current cipher stream. The
565 * offset pointer should be 0 at the start of a stream.
566 * It must point to a valid \c size_t.
567 * \param nonce_counter The 128-bit nonce and counter.
568 * It must be a readable-writeable buffer of \c 16 Bytes.
569 * \param stream_block The saved stream block for resuming. This is
570 * overwritten by the function.
571 * It must be a readable-writeable buffer of \c 16 Bytes.
572 * \param input The buffer holding the input data.
573 * It must be readable and of size \p length Bytes.
574 * \param output The buffer holding the output data.
575 * It must be writeable and of size \p length Bytes.
576 *
577 * \return \c 0 on success.
578 */
579 int mbedtls_aes_crypt_ctr(mbedtls_aes_context *ctx,
580 size_t length,
581 size_t *nc_off,
582 unsigned char nonce_counter[16],
583 unsigned char stream_block[16],
584 const unsigned char *input,
585 unsigned char *output);
586 #endif /* MBEDTLS_CIPHER_MODE_CTR */
587
588 /**
589 * \brief Internal AES block encryption function. This is only
590 * exposed to allow overriding it using
591 * \c MBEDTLS_AES_ENCRYPT_ALT.
592 *
593 * \param ctx The AES context to use for encryption.
594 * \param input The plaintext block.
595 * \param output The output (ciphertext) block.
596 *
597 * \return \c 0 on success.
598 */
599 int mbedtls_internal_aes_encrypt(mbedtls_aes_context *ctx,
600 const unsigned char input[16],
601 unsigned char output[16]);
602
603 /**
604 * \brief Internal AES block decryption function. This is only
605 * exposed to allow overriding it using see
606 * \c MBEDTLS_AES_DECRYPT_ALT.
607 *
608 * \param ctx The AES context to use for decryption.
609 * \param input The ciphertext block.
610 * \param output The output (plaintext) block.
611 *
612 * \return \c 0 on success.
613 */
614 int mbedtls_internal_aes_decrypt(mbedtls_aes_context *ctx,
615 const unsigned char input[16],
616 unsigned char output[16]);
617
618 #if !defined(MBEDTLS_DEPRECATED_REMOVED)
619 #if defined(MBEDTLS_DEPRECATED_WARNING)
620 #define MBEDTLS_DEPRECATED __attribute__((deprecated))
621 #else
622 #define MBEDTLS_DEPRECATED
623 #endif
624 /**
625 * \brief Deprecated internal AES block encryption function
626 * without return value.
627 *
628 * \deprecated Superseded by mbedtls_internal_aes_encrypt()
629 *
630 * \param ctx The AES context to use for encryption.
631 * \param input Plaintext block.
632 * \param output Output (ciphertext) block.
633 */
634 MBEDTLS_DEPRECATED void mbedtls_aes_encrypt(mbedtls_aes_context *ctx,
635 const unsigned char input[16],
636 unsigned char output[16]);
637
638 /**
639 * \brief Deprecated internal AES block decryption function
640 * without return value.
641 *
642 * \deprecated Superseded by mbedtls_internal_aes_decrypt()
643 *
644 * \param ctx The AES context to use for decryption.
645 * \param input Ciphertext block.
646 * \param output Output (plaintext) block.
647 */
648 MBEDTLS_DEPRECATED void mbedtls_aes_decrypt(mbedtls_aes_context *ctx,
649 const unsigned char input[16],
650 unsigned char output[16]);
651
652 #undef MBEDTLS_DEPRECATED
653 #endif /* !MBEDTLS_DEPRECATED_REMOVED */
654
655
656 #if defined(MBEDTLS_SELF_TEST)
657 /**
658 * \brief Checkup routine.
659 *
660 * \return \c 0 on success.
661 * \return \c 1 on failure.
662 */
663 int mbedtls_aes_self_test(int verbose);
664
665 #endif /* MBEDTLS_SELF_TEST */
666
667 #ifdef __cplusplus
668 }
669 #endif
670
671 #endif /* aes.h */
Proxmark3 - the RFID research Swiss army knife. Iceman firmware