wolf SSL / wolfSSL

wolfSSL SSL/TLS library, support up to TLS1.3

Dependents:   CyaSSL-Twitter-OAuth4Tw Example-client-tls-cert TwitterReader TweetTest ... more

wolfssl/wolfcrypt/aes.h@17:a5f916481144, 2020-06-05 (annotated)

Committer:
wolfSSL
Date:
Fri Jun 05 00:11:07 2020 +0000
Revision:
17:a5f916481144
Parent:
16:8e0d178b1d1e 
wolfSSL 4.4.0

Who changed what in which revision?

UserRevisionLine numberNew contents of line
wolfSSL 15:117db924cf7c 1 /* aes.h
wolfSSL 15:117db924cf7c 2 *
wolfSSL 16:8e0d178b1d1e 3 * Copyright (C) 2006-2020 wolfSSL Inc.
wolfSSL 15:117db924cf7c 4 *
wolfSSL 15:117db924cf7c 5 * This file is part of wolfSSL.
wolfSSL 15:117db924cf7c 6 *
wolfSSL 15:117db924cf7c 7 * wolfSSL is free software; you can redistribute it and/or modify
wolfSSL 15:117db924cf7c 8 * it under the terms of the GNU General Public License as published by
wolfSSL 15:117db924cf7c 9 * the Free Software Foundation; either version 2 of the License, or
wolfSSL 15:117db924cf7c 10 * (at your option) any later version.
wolfSSL 15:117db924cf7c 11 *
wolfSSL 15:117db924cf7c 12 * wolfSSL is distributed in the hope that it will be useful,
wolfSSL 15:117db924cf7c 13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
wolfSSL 15:117db924cf7c 14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
wolfSSL 15:117db924cf7c 15 * GNU General Public License for more details.
wolfSSL 15:117db924cf7c 16 *
wolfSSL 15:117db924cf7c 17 * You should have received a copy of the GNU General Public License
wolfSSL 15:117db924cf7c 18 * along with this program; if not, write to the Free Software
wolfSSL 15:117db924cf7c 19 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
wolfSSL 15:117db924cf7c 20 */
wolfSSL 15:117db924cf7c 21
wolfSSL 15:117db924cf7c 22 /*!
wolfSSL 15:117db924cf7c 23 \file wolfssl/wolfcrypt/aes.h
wolfSSL 15:117db924cf7c 24 */
wolfSSL 15:117db924cf7c 25
wolfSSL 15:117db924cf7c 26
wolfSSL 15:117db924cf7c 27 #ifndef WOLF_CRYPT_AES_H
wolfSSL 15:117db924cf7c 28 #define WOLF_CRYPT_AES_H
wolfSSL 15:117db924cf7c 29
wolfSSL 15:117db924cf7c 30 #include <wolfssl/wolfcrypt/types.h>
wolfSSL 15:117db924cf7c 31
wolfSSL 15:117db924cf7c 32 #ifndef NO_AES
wolfSSL 15:117db924cf7c 33
wolfSSL 15:117db924cf7c 34 #if defined(HAVE_FIPS) && \
wolfSSL 15:117db924cf7c 35 defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2)
wolfSSL 15:117db924cf7c 36 #include <wolfssl/wolfcrypt/fips.h>
wolfSSL 15:117db924cf7c 37 #endif /* HAVE_FIPS_VERSION >= 2 */
wolfSSL 15:117db924cf7c 38
wolfSSL 15:117db924cf7c 39 /* included for fips @wc_fips */
wolfSSL 15:117db924cf7c 40 #if defined(HAVE_FIPS) && \
wolfSSL 15:117db924cf7c 41 (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
wolfSSL 15:117db924cf7c 42 #include <cyassl/ctaocrypt/aes.h>
wolfSSL 15:117db924cf7c 43 #if defined(CYASSL_AES_COUNTER) && !defined(WOLFSSL_AES_COUNTER)
wolfSSL 15:117db924cf7c 44 #define WOLFSSL_AES_COUNTER
wolfSSL 15:117db924cf7c 45 #endif
wolfSSL 15:117db924cf7c 46 #if !defined(WOLFSSL_AES_DIRECT) && defined(CYASSL_AES_DIRECT)
wolfSSL 15:117db924cf7c 47 #define WOLFSSL_AES_DIRECT
wolfSSL 15:117db924cf7c 48 #endif
wolfSSL 15:117db924cf7c 49 #endif
wolfSSL 15:117db924cf7c 50
wolfSSL 16:8e0d178b1d1e 51 #ifndef WC_NO_RNG
wolfSSL 16:8e0d178b1d1e 52 #include <wolfssl/wolfcrypt/random.h>
wolfSSL 16:8e0d178b1d1e 53 #endif
wolfSSL 16:8e0d178b1d1e 54 #ifdef STM32_CRYPTO
wolfSSL 16:8e0d178b1d1e 55 #include <wolfssl/wolfcrypt/port/st/stm32.h>
wolfSSL 16:8e0d178b1d1e 56 #endif
wolfSSL 15:117db924cf7c 57
wolfSSL 15:117db924cf7c 58 #ifdef WOLFSSL_AESNI
wolfSSL 15:117db924cf7c 59
wolfSSL 15:117db924cf7c 60 #include <wmmintrin.h>
wolfSSL 15:117db924cf7c 61 #include <emmintrin.h>
wolfSSL 15:117db924cf7c 62 #include <smmintrin.h>
wolfSSL 15:117db924cf7c 63
wolfSSL 15:117db924cf7c 64 #endif /* WOLFSSL_AESNI */
wolfSSL 15:117db924cf7c 65
wolfSSL 15:117db924cf7c 66
wolfSSL 15:117db924cf7c 67 #ifdef WOLFSSL_XILINX_CRYPT
wolfSSL 15:117db924cf7c 68 #include "xsecure_aes.h"
wolfSSL 15:117db924cf7c 69 #endif
wolfSSL 15:117db924cf7c 70
wolfSSL 16:8e0d178b1d1e 71 #if defined(WOLFSSL_AFALG) || defined(WOLFSSL_AFALG_XILINX_AES)
wolfSSL 16:8e0d178b1d1e 72 /* included for struct msghdr */
wolfSSL 16:8e0d178b1d1e 73 #include <wolfssl/wolfcrypt/port/af_alg/wc_afalg.h>
wolfSSL 16:8e0d178b1d1e 74 #endif
wolfSSL 16:8e0d178b1d1e 75
wolfSSL 16:8e0d178b1d1e 76 #if defined(WOLFSSL_DEVCRYPTO_AES) || defined(WOLFSSL_DEVCRYPTO_CBC)
wolfSSL 16:8e0d178b1d1e 77 #include <wolfssl/wolfcrypt/port/devcrypto/wc_devcrypto.h>
wolfSSL 16:8e0d178b1d1e 78 #endif
wolfSSL 16:8e0d178b1d1e 79
wolfSSL 15:117db924cf7c 80 #if defined(HAVE_AESGCM) && !defined(WC_NO_RNG)
wolfSSL 15:117db924cf7c 81 #include <wolfssl/wolfcrypt/random.h>
wolfSSL 15:117db924cf7c 82 #endif
wolfSSL 15:117db924cf7c 83
wolfSSL 16:8e0d178b1d1e 84 #if defined(WOLFSSL_CRYPTOCELL)
wolfSSL 16:8e0d178b1d1e 85 #include <wolfssl/wolfcrypt/port/arm/cryptoCell.h>
wolfSSL 16:8e0d178b1d1e 86 #endif
wolfSSL 16:8e0d178b1d1e 87
wolfSSL 16:8e0d178b1d1e 88 #if defined(WOLFSSL_RENESAS_TSIP_TLS) && \
wolfSSL 16:8e0d178b1d1e 89 defined(WOLFSSL_RENESAS_TSIP_TLS_AES_CRYPT)
wolfSSL 16:8e0d178b1d1e 90 #include <wolfssl/wolfcrypt/port/Renesas/renesas-tsip-crypt.h>
wolfSSL 16:8e0d178b1d1e 91 #endif
wolfSSL 15:117db924cf7c 92
wolfSSL 15:117db924cf7c 93 #ifdef __cplusplus
wolfSSL 15:117db924cf7c 94 extern "C" {
wolfSSL 15:117db924cf7c 95 #endif
wolfSSL 15:117db924cf7c 96
wolfSSL 16:8e0d178b1d1e 97 #ifndef WOLFSSL_AES_KEY_SIZE_ENUM
wolfSSL 16:8e0d178b1d1e 98 #define WOLFSSL_AES_KEY_SIZE_ENUM
wolfSSL 15:117db924cf7c 99 /* these are required for FIPS and non-FIPS */
wolfSSL 15:117db924cf7c 100 enum {
wolfSSL 15:117db924cf7c 101 AES_128_KEY_SIZE = 16, /* for 128 bit */
wolfSSL 15:117db924cf7c 102 AES_192_KEY_SIZE = 24, /* for 192 bit */
wolfSSL 15:117db924cf7c 103 AES_256_KEY_SIZE = 32, /* for 256 bit */
wolfSSL 15:117db924cf7c 104
wolfSSL 15:117db924cf7c 105 AES_IV_SIZE = 16, /* always block size */
wolfSSL 15:117db924cf7c 106 };
wolfSSL 16:8e0d178b1d1e 107 #endif
wolfSSL 15:117db924cf7c 108
wolfSSL 15:117db924cf7c 109 /* avoid redefinition of structs */
wolfSSL 15:117db924cf7c 110 #if !defined(HAVE_FIPS) || \
wolfSSL 15:117db924cf7c 111 (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2))
wolfSSL 15:117db924cf7c 112
wolfSSL 15:117db924cf7c 113 #ifdef WOLFSSL_ASYNC_CRYPT
wolfSSL 15:117db924cf7c 114 #include <wolfssl/wolfcrypt/async.h>
wolfSSL 15:117db924cf7c 115 #endif
wolfSSL 15:117db924cf7c 116
wolfSSL 15:117db924cf7c 117 enum {
wolfSSL 15:117db924cf7c 118 AES_ENC_TYPE = WC_CIPHER_AES, /* cipher unique type */
wolfSSL 15:117db924cf7c 119 AES_ENCRYPTION = 0,
wolfSSL 15:117db924cf7c 120 AES_DECRYPTION = 1,
wolfSSL 15:117db924cf7c 121
wolfSSL 15:117db924cf7c 122 AES_BLOCK_SIZE = 16,
wolfSSL 15:117db924cf7c 123
wolfSSL 15:117db924cf7c 124 KEYWRAP_BLOCK_SIZE = 8,
wolfSSL 15:117db924cf7c 125
wolfSSL 15:117db924cf7c 126 GCM_NONCE_MAX_SZ = 16, /* wolfCrypt's maximum nonce size allowed. */
wolfSSL 15:117db924cf7c 127 GCM_NONCE_MID_SZ = 12, /* The usual default nonce size for AES-GCM. */
wolfSSL 15:117db924cf7c 128 GCM_NONCE_MIN_SZ = 8, /* wolfCrypt's minimum nonce size allowed. */
wolfSSL 15:117db924cf7c 129 CCM_NONCE_MIN_SZ = 7,
wolfSSL 15:117db924cf7c 130 CCM_NONCE_MAX_SZ = 13,
wolfSSL 15:117db924cf7c 131 CTR_SZ = 4,
wolfSSL 16:8e0d178b1d1e 132 AES_IV_FIXED_SZ = 4,
wolfSSL 16:8e0d178b1d1e 133 #ifdef WOLFSSL_AES_CFB
wolfSSL 16:8e0d178b1d1e 134 AES_CFB_MODE = 1,
wolfSSL 16:8e0d178b1d1e 135 #endif
wolfSSL 16:8e0d178b1d1e 136 #ifdef WOLFSSL_AES_OFB
wolfSSL 16:8e0d178b1d1e 137 AES_OFB_MODE = 2,
wolfSSL 16:8e0d178b1d1e 138 #endif
wolfSSL 16:8e0d178b1d1e 139 #ifdef WOLFSSL_AES_XTS
wolfSSL 16:8e0d178b1d1e 140 AES_XTS_MODE = 3,
wolfSSL 16:8e0d178b1d1e 141 #endif
wolfSSL 16:8e0d178b1d1e 142
wolfSSL 16:8e0d178b1d1e 143 #ifdef HAVE_PKCS11
wolfSSL 16:8e0d178b1d1e 144 AES_MAX_ID_LEN = 32,
wolfSSL 16:8e0d178b1d1e 145 #endif
wolfSSL 15:117db924cf7c 146 };
wolfSSL 15:117db924cf7c 147
wolfSSL 15:117db924cf7c 148
wolfSSL 16:8e0d178b1d1e 149 struct Aes {
wolfSSL 15:117db924cf7c 150 /* AESNI needs key first, rounds 2nd, not sure why yet */
wolfSSL 15:117db924cf7c 151 ALIGN16 word32 key[60];
wolfSSL 15:117db924cf7c 152 word32 rounds;
wolfSSL 15:117db924cf7c 153 int keylen;
wolfSSL 15:117db924cf7c 154
wolfSSL 15:117db924cf7c 155 ALIGN16 word32 reg[AES_BLOCK_SIZE / sizeof(word32)]; /* for CBC mode */
wolfSSL 15:117db924cf7c 156 ALIGN16 word32 tmp[AES_BLOCK_SIZE / sizeof(word32)]; /* same */
wolfSSL 15:117db924cf7c 157
wolfSSL 15:117db924cf7c 158 #if defined(HAVE_AESGCM) || defined(HAVE_AESCCM)
wolfSSL 15:117db924cf7c 159 word32 invokeCtr[2];
wolfSSL 15:117db924cf7c 160 word32 nonceSz;
wolfSSL 15:117db924cf7c 161 #endif
wolfSSL 15:117db924cf7c 162 #ifdef HAVE_AESGCM
wolfSSL 15:117db924cf7c 163 ALIGN16 byte H[AES_BLOCK_SIZE];
wolfSSL 16:8e0d178b1d1e 164 #ifdef OPENSSL_EXTRA
wolfSSL 16:8e0d178b1d1e 165 word32 aadH[4]; /* additional authenticated data GHASH */
wolfSSL 16:8e0d178b1d1e 166 word32 aadLen; /* additional authenticated data len */
wolfSSL 16:8e0d178b1d1e 167 #endif
wolfSSL 16:8e0d178b1d1e 168
wolfSSL 15:117db924cf7c 169 #ifdef GCM_TABLE
wolfSSL 15:117db924cf7c 170 /* key-based fast multiplication table. */
wolfSSL 15:117db924cf7c 171 ALIGN16 byte M0[256][AES_BLOCK_SIZE];
wolfSSL 15:117db924cf7c 172 #endif /* GCM_TABLE */
wolfSSL 16:8e0d178b1d1e 173 #ifdef HAVE_CAVIUM_OCTEON_SYNC
wolfSSL 16:8e0d178b1d1e 174 word32 y0;
wolfSSL 16:8e0d178b1d1e 175 #endif
wolfSSL 15:117db924cf7c 176 #endif /* HAVE_AESGCM */
wolfSSL 15:117db924cf7c 177 #ifdef WOLFSSL_AESNI
wolfSSL 15:117db924cf7c 178 byte use_aesni;
wolfSSL 15:117db924cf7c 179 #endif /* WOLFSSL_AESNI */
wolfSSL 16:8e0d178b1d1e 180 #ifdef WOLF_CRYPTO_CB
wolfSSL 16:8e0d178b1d1e 181 int devId;
wolfSSL 16:8e0d178b1d1e 182 void* devCtx;
wolfSSL 16:8e0d178b1d1e 183 #endif
wolfSSL 16:8e0d178b1d1e 184 #ifdef HAVE_PKCS11
wolfSSL 16:8e0d178b1d1e 185 byte id[AES_MAX_ID_LEN];
wolfSSL 16:8e0d178b1d1e 186 int idLen;
wolfSSL 16:8e0d178b1d1e 187 #endif
wolfSSL 15:117db924cf7c 188 #ifdef WOLFSSL_ASYNC_CRYPT
wolfSSL 15:117db924cf7c 189 WC_ASYNC_DEV asyncDev;
wolfSSL 15:117db924cf7c 190 #endif /* WOLFSSL_ASYNC_CRYPT */
wolfSSL 16:8e0d178b1d1e 191 #if defined(WOLFSSL_AES_COUNTER) || defined(WOLFSSL_AES_CFB) || \
wolfSSL 16:8e0d178b1d1e 192 defined(WOLFSSL_AES_OFB) || defined(WOLFSSL_AES_XTS)
wolfSSL 15:117db924cf7c 193 word32 left; /* unused bytes left from last call */
wolfSSL 15:117db924cf7c 194 #endif
wolfSSL 15:117db924cf7c 195 #ifdef WOLFSSL_XILINX_CRYPT
wolfSSL 15:117db924cf7c 196 XSecure_Aes xilAes;
wolfSSL 15:117db924cf7c 197 XCsuDma dma;
wolfSSL 15:117db924cf7c 198 word32 key_init[8];
wolfSSL 15:117db924cf7c 199 word32 kup;
wolfSSL 15:117db924cf7c 200 #endif
wolfSSL 16:8e0d178b1d1e 201 #if defined(WOLFSSL_AFALG) || defined(WOLFSSL_AFALG_XILINX_AES)
wolfSSL 16:8e0d178b1d1e 202 int alFd; /* server socket to bind to */
wolfSSL 16:8e0d178b1d1e 203 int rdFd; /* socket to read from */
wolfSSL 16:8e0d178b1d1e 204 struct msghdr msg;
wolfSSL 16:8e0d178b1d1e 205 int dir; /* flag for encrpyt or decrypt */
wolfSSL 16:8e0d178b1d1e 206 #ifdef WOLFSSL_AFALG_XILINX_AES
wolfSSL 16:8e0d178b1d1e 207 word32 msgBuf[CMSG_SPACE(4) + CMSG_SPACE(sizeof(struct af_alg_iv) +
wolfSSL 16:8e0d178b1d1e 208 GCM_NONCE_MID_SZ)];
wolfSSL 16:8e0d178b1d1e 209 #endif
wolfSSL 16:8e0d178b1d1e 210 #endif
wolfSSL 16:8e0d178b1d1e 211 #if defined(WOLF_CRYPTO_CB) || (defined(WOLFSSL_DEVCRYPTO) && \
wolfSSL 16:8e0d178b1d1e 212 (defined(WOLFSSL_DEVCRYPTO_AES) || defined(WOLFSSL_DEVCRYPTO_CBC))) || \
wolfSSL 16:8e0d178b1d1e 213 (defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_AES))
wolfSSL 16:8e0d178b1d1e 214 word32 devKey[AES_MAX_KEY_SIZE/WOLFSSL_BIT_SIZE/sizeof(word32)]; /* raw key */
wolfSSL 16:8e0d178b1d1e 215 #ifdef HAVE_CAVIUM_OCTEON_SYNC
wolfSSL 16:8e0d178b1d1e 216 int keySet;
wolfSSL 16:8e0d178b1d1e 217 #endif
wolfSSL 16:8e0d178b1d1e 218 #endif
wolfSSL 16:8e0d178b1d1e 219 #if defined(WOLFSSL_DEVCRYPTO) && \
wolfSSL 16:8e0d178b1d1e 220 (defined(WOLFSSL_DEVCRYPTO_AES) || defined(WOLFSSL_DEVCRYPTO_CBC))
wolfSSL 16:8e0d178b1d1e 221 WC_CRYPTODEV ctx;
wolfSSL 16:8e0d178b1d1e 222 #endif
wolfSSL 16:8e0d178b1d1e 223 #if defined(WOLFSSL_CRYPTOCELL)
wolfSSL 16:8e0d178b1d1e 224 aes_context_t ctx;
wolfSSL 16:8e0d178b1d1e 225 #endif
wolfSSL 16:8e0d178b1d1e 226 #if defined(WOLFSSL_RENESAS_TSIP_TLS) && \
wolfSSL 16:8e0d178b1d1e 227 defined(WOLFSSL_RENESAS_TSIP_TLS_AES_CRYPT)
wolfSSL 16:8e0d178b1d1e 228 TSIP_AES_CTX ctx;
wolfSSL 16:8e0d178b1d1e 229 #endif
wolfSSL 15:117db924cf7c 230 void* heap; /* memory hint to use */
wolfSSL 16:8e0d178b1d1e 231 };
wolfSSL 16:8e0d178b1d1e 232
wolfSSL 16:8e0d178b1d1e 233 #ifndef WC_AES_TYPE_DEFINED
wolfSSL 16:8e0d178b1d1e 234 typedef struct Aes Aes;
wolfSSL 16:8e0d178b1d1e 235 #define WC_AES_TYPE_DEFINED
wolfSSL 16:8e0d178b1d1e 236 #endif
wolfSSL 15:117db924cf7c 237
wolfSSL 15:117db924cf7c 238 #ifdef WOLFSSL_AES_XTS
wolfSSL 15:117db924cf7c 239 typedef struct XtsAes {
wolfSSL 15:117db924cf7c 240 Aes aes;
wolfSSL 15:117db924cf7c 241 Aes tweak;
wolfSSL 15:117db924cf7c 242 } XtsAes;
wolfSSL 15:117db924cf7c 243 #endif
wolfSSL 15:117db924cf7c 244
wolfSSL 15:117db924cf7c 245 #ifdef HAVE_AESGCM
wolfSSL 15:117db924cf7c 246 typedef struct Gmac {
wolfSSL 15:117db924cf7c 247 Aes aes;
wolfSSL 15:117db924cf7c 248 } Gmac;
wolfSSL 15:117db924cf7c 249 #endif /* HAVE_AESGCM */
wolfSSL 15:117db924cf7c 250 #endif /* HAVE_FIPS */
wolfSSL 15:117db924cf7c 251
wolfSSL 15:117db924cf7c 252
wolfSSL 15:117db924cf7c 253 /* Authenticate cipher function prototypes */
wolfSSL 15:117db924cf7c 254 typedef int (*wc_AesAuthEncryptFunc)(Aes* aes, byte* out,
wolfSSL 15:117db924cf7c 255 const byte* in, word32 sz,
wolfSSL 15:117db924cf7c 256 const byte* iv, word32 ivSz,
wolfSSL 15:117db924cf7c 257 byte* authTag, word32 authTagSz,
wolfSSL 15:117db924cf7c 258 const byte* authIn, word32 authInSz);
wolfSSL 15:117db924cf7c 259 typedef int (*wc_AesAuthDecryptFunc)(Aes* aes, byte* out,
wolfSSL 15:117db924cf7c 260 const byte* in, word32 sz,
wolfSSL 15:117db924cf7c 261 const byte* iv, word32 ivSz,
wolfSSL 15:117db924cf7c 262 const byte* authTag, word32 authTagSz,
wolfSSL 15:117db924cf7c 263 const byte* authIn, word32 authInSz);
wolfSSL 15:117db924cf7c 264
wolfSSL 15:117db924cf7c 265 /* AES-CBC */
wolfSSL 15:117db924cf7c 266 WOLFSSL_API int wc_AesSetKey(Aes* aes, const byte* key, word32 len,
wolfSSL 15:117db924cf7c 267 const byte* iv, int dir);
wolfSSL 15:117db924cf7c 268 WOLFSSL_API int wc_AesSetIV(Aes* aes, const byte* iv);
wolfSSL 16:8e0d178b1d1e 269
wolfSSL 16:8e0d178b1d1e 270 #ifdef HAVE_AES_CBC
wolfSSL 15:117db924cf7c 271 WOLFSSL_API int wc_AesCbcEncrypt(Aes* aes, byte* out,
wolfSSL 15:117db924cf7c 272 const byte* in, word32 sz);
wolfSSL 15:117db924cf7c 273 WOLFSSL_API int wc_AesCbcDecrypt(Aes* aes, byte* out,
wolfSSL 15:117db924cf7c 274 const byte* in, word32 sz);
wolfSSL 16:8e0d178b1d1e 275 #endif
wolfSSL 15:117db924cf7c 276
wolfSSL 15:117db924cf7c 277 #ifdef WOLFSSL_AES_CFB
wolfSSL 15:117db924cf7c 278 WOLFSSL_API int wc_AesCfbEncrypt(Aes* aes, byte* out,
wolfSSL 15:117db924cf7c 279 const byte* in, word32 sz);
wolfSSL 16:8e0d178b1d1e 280 WOLFSSL_API int wc_AesCfb1Encrypt(Aes* aes, byte* out,
wolfSSL 16:8e0d178b1d1e 281 const byte* in, word32 sz);
wolfSSL 16:8e0d178b1d1e 282 WOLFSSL_API int wc_AesCfb8Encrypt(Aes* aes, byte* out,
wolfSSL 16:8e0d178b1d1e 283 const byte* in, word32 sz);
wolfSSL 15:117db924cf7c 284 #ifdef HAVE_AES_DECRYPT
wolfSSL 15:117db924cf7c 285 WOLFSSL_API int wc_AesCfbDecrypt(Aes* aes, byte* out,
wolfSSL 15:117db924cf7c 286 const byte* in, word32 sz);
wolfSSL 16:8e0d178b1d1e 287 WOLFSSL_API int wc_AesCfb1Decrypt(Aes* aes, byte* out,
wolfSSL 16:8e0d178b1d1e 288 const byte* in, word32 sz);
wolfSSL 16:8e0d178b1d1e 289 WOLFSSL_API int wc_AesCfb8Decrypt(Aes* aes, byte* out,
wolfSSL 16:8e0d178b1d1e 290 const byte* in, word32 sz);
wolfSSL 15:117db924cf7c 291 #endif /* HAVE_AES_DECRYPT */
wolfSSL 15:117db924cf7c 292 #endif /* WOLFSSL_AES_CFB */
wolfSSL 15:117db924cf7c 293
wolfSSL 16:8e0d178b1d1e 294 #ifdef WOLFSSL_AES_OFB
wolfSSL 16:8e0d178b1d1e 295 WOLFSSL_API int wc_AesOfbEncrypt(Aes* aes, byte* out,
wolfSSL 16:8e0d178b1d1e 296 const byte* in, word32 sz);
wolfSSL 16:8e0d178b1d1e 297 #ifdef HAVE_AES_DECRYPT
wolfSSL 16:8e0d178b1d1e 298 WOLFSSL_API int wc_AesOfbDecrypt(Aes* aes, byte* out,
wolfSSL 16:8e0d178b1d1e 299 const byte* in, word32 sz);
wolfSSL 16:8e0d178b1d1e 300 #endif /* HAVE_AES_DECRYPT */
wolfSSL 16:8e0d178b1d1e 301 #endif /* WOLFSSL_AES_OFB */
wolfSSL 16:8e0d178b1d1e 302
wolfSSL 15:117db924cf7c 303 #ifdef HAVE_AES_ECB
wolfSSL 15:117db924cf7c 304 WOLFSSL_API int wc_AesEcbEncrypt(Aes* aes, byte* out,
wolfSSL 15:117db924cf7c 305 const byte* in, word32 sz);
wolfSSL 15:117db924cf7c 306 WOLFSSL_API int wc_AesEcbDecrypt(Aes* aes, byte* out,
wolfSSL 15:117db924cf7c 307 const byte* in, word32 sz);
wolfSSL 15:117db924cf7c 308 #endif
wolfSSL 15:117db924cf7c 309
wolfSSL 15:117db924cf7c 310 /* AES-CTR */
wolfSSL 15:117db924cf7c 311 #ifdef WOLFSSL_AES_COUNTER
wolfSSL 15:117db924cf7c 312 WOLFSSL_API int wc_AesCtrEncrypt(Aes* aes, byte* out,
wolfSSL 15:117db924cf7c 313 const byte* in, word32 sz);
wolfSSL 15:117db924cf7c 314 #endif
wolfSSL 15:117db924cf7c 315 /* AES-DIRECT */
wolfSSL 15:117db924cf7c 316 #if defined(WOLFSSL_AES_DIRECT)
wolfSSL 15:117db924cf7c 317 WOLFSSL_API void wc_AesEncryptDirect(Aes* aes, byte* out, const byte* in);
wolfSSL 15:117db924cf7c 318 WOLFSSL_API void wc_AesDecryptDirect(Aes* aes, byte* out, const byte* in);
wolfSSL 15:117db924cf7c 319 WOLFSSL_API int wc_AesSetKeyDirect(Aes* aes, const byte* key, word32 len,
wolfSSL 15:117db924cf7c 320 const byte* iv, int dir);
wolfSSL 15:117db924cf7c 321 #endif
wolfSSL 15:117db924cf7c 322
wolfSSL 15:117db924cf7c 323 #ifdef HAVE_AESGCM
wolfSSL 15:117db924cf7c 324 #ifdef WOLFSSL_XILINX_CRYPT
wolfSSL 15:117db924cf7c 325 WOLFSSL_API int wc_AesGcmSetKey_ex(Aes* aes, const byte* key, word32 len,
wolfSSL 15:117db924cf7c 326 word32 kup);
wolfSSL 16:8e0d178b1d1e 327 #elif defined(WOLFSSL_AFALG_XILINX_AES)
wolfSSL 16:8e0d178b1d1e 328 WOLFSSL_LOCAL int wc_AesGcmSetKey_ex(Aes* aes, const byte* key, word32 len,
wolfSSL 16:8e0d178b1d1e 329 word32 kup);
wolfSSL 15:117db924cf7c 330 #endif
wolfSSL 15:117db924cf7c 331 WOLFSSL_API int wc_AesGcmSetKey(Aes* aes, const byte* key, word32 len);
wolfSSL 15:117db924cf7c 332 WOLFSSL_API int wc_AesGcmEncrypt(Aes* aes, byte* out,
wolfSSL 15:117db924cf7c 333 const byte* in, word32 sz,
wolfSSL 15:117db924cf7c 334 const byte* iv, word32 ivSz,
wolfSSL 15:117db924cf7c 335 byte* authTag, word32 authTagSz,
wolfSSL 15:117db924cf7c 336 const byte* authIn, word32 authInSz);
wolfSSL 15:117db924cf7c 337 WOLFSSL_API int wc_AesGcmDecrypt(Aes* aes, byte* out,
wolfSSL 15:117db924cf7c 338 const byte* in, word32 sz,
wolfSSL 15:117db924cf7c 339 const byte* iv, word32 ivSz,
wolfSSL 15:117db924cf7c 340 const byte* authTag, word32 authTagSz,
wolfSSL 15:117db924cf7c 341 const byte* authIn, word32 authInSz);
wolfSSL 15:117db924cf7c 342
wolfSSL 15:117db924cf7c 343 #ifndef WC_NO_RNG
wolfSSL 15:117db924cf7c 344 WOLFSSL_API int wc_AesGcmSetExtIV(Aes* aes, const byte* iv, word32 ivSz);
wolfSSL 15:117db924cf7c 345 WOLFSSL_API int wc_AesGcmSetIV(Aes* aes, word32 ivSz,
wolfSSL 15:117db924cf7c 346 const byte* ivFixed, word32 ivFixedSz,
wolfSSL 15:117db924cf7c 347 WC_RNG* rng);
wolfSSL 15:117db924cf7c 348 WOLFSSL_API int wc_AesGcmEncrypt_ex(Aes* aes, byte* out,
wolfSSL 15:117db924cf7c 349 const byte* in, word32 sz,
wolfSSL 15:117db924cf7c 350 byte* ivOut, word32 ivOutSz,
wolfSSL 15:117db924cf7c 351 byte* authTag, word32 authTagSz,
wolfSSL 15:117db924cf7c 352 const byte* authIn, word32 authInSz);
wolfSSL 15:117db924cf7c 353 #endif /* WC_NO_RNG */
wolfSSL 15:117db924cf7c 354
wolfSSL 15:117db924cf7c 355 WOLFSSL_API int wc_GmacSetKey(Gmac* gmac, const byte* key, word32 len);
wolfSSL 15:117db924cf7c 356 WOLFSSL_API int wc_GmacUpdate(Gmac* gmac, const byte* iv, word32 ivSz,
wolfSSL 15:117db924cf7c 357 const byte* authIn, word32 authInSz,
wolfSSL 15:117db924cf7c 358 byte* authTag, word32 authTagSz);
wolfSSL 15:117db924cf7c 359 #ifndef WC_NO_RNG
wolfSSL 15:117db924cf7c 360 WOLFSSL_API int wc_Gmac(const byte* key, word32 keySz, byte* iv, word32 ivSz,
wolfSSL 15:117db924cf7c 361 const byte* authIn, word32 authInSz,
wolfSSL 15:117db924cf7c 362 byte* authTag, word32 authTagSz, WC_RNG* rng);
wolfSSL 15:117db924cf7c 363 WOLFSSL_API int wc_GmacVerify(const byte* key, word32 keySz,
wolfSSL 15:117db924cf7c 364 const byte* iv, word32 ivSz,
wolfSSL 15:117db924cf7c 365 const byte* authIn, word32 authInSz,
wolfSSL 15:117db924cf7c 366 const byte* authTag, word32 authTagSz);
wolfSSL 15:117db924cf7c 367 #endif /* WC_NO_RNG */
wolfSSL 15:117db924cf7c 368 WOLFSSL_LOCAL void GHASH(Aes* aes, const byte* a, word32 aSz, const byte* c,
wolfSSL 15:117db924cf7c 369 word32 cSz, byte* s, word32 sSz);
wolfSSL 15:117db924cf7c 370 #endif /* HAVE_AESGCM */
wolfSSL 15:117db924cf7c 371 #ifdef HAVE_AESCCM
wolfSSL 15:117db924cf7c 372 WOLFSSL_API int wc_AesCcmSetKey(Aes* aes, const byte* key, word32 keySz);
wolfSSL 15:117db924cf7c 373 WOLFSSL_API int wc_AesCcmEncrypt(Aes* aes, byte* out,
wolfSSL 15:117db924cf7c 374 const byte* in, word32 inSz,
wolfSSL 15:117db924cf7c 375 const byte* nonce, word32 nonceSz,
wolfSSL 15:117db924cf7c 376 byte* authTag, word32 authTagSz,
wolfSSL 15:117db924cf7c 377 const byte* authIn, word32 authInSz);
wolfSSL 15:117db924cf7c 378 WOLFSSL_API int wc_AesCcmDecrypt(Aes* aes, byte* out,
wolfSSL 15:117db924cf7c 379 const byte* in, word32 inSz,
wolfSSL 15:117db924cf7c 380 const byte* nonce, word32 nonceSz,
wolfSSL 15:117db924cf7c 381 const byte* authTag, word32 authTagSz,
wolfSSL 15:117db924cf7c 382 const byte* authIn, word32 authInSz);
wolfSSL 15:117db924cf7c 383 WOLFSSL_API int wc_AesCcmSetNonce(Aes* aes,
wolfSSL 15:117db924cf7c 384 const byte* nonce, word32 nonceSz);
wolfSSL 15:117db924cf7c 385 WOLFSSL_API int wc_AesCcmEncrypt_ex(Aes* aes, byte* out,
wolfSSL 15:117db924cf7c 386 const byte* in, word32 sz,
wolfSSL 15:117db924cf7c 387 byte* ivOut, word32 ivOutSz,
wolfSSL 15:117db924cf7c 388 byte* authTag, word32 authTagSz,
wolfSSL 15:117db924cf7c 389 const byte* authIn, word32 authInSz);
wolfSSL 15:117db924cf7c 390 #endif /* HAVE_AESCCM */
wolfSSL 15:117db924cf7c 391 #ifdef HAVE_AES_KEYWRAP
wolfSSL 15:117db924cf7c 392 WOLFSSL_API int wc_AesKeyWrap(const byte* key, word32 keySz,
wolfSSL 15:117db924cf7c 393 const byte* in, word32 inSz,
wolfSSL 15:117db924cf7c 394 byte* out, word32 outSz,
wolfSSL 15:117db924cf7c 395 const byte* iv);
wolfSSL 15:117db924cf7c 396 WOLFSSL_API int wc_AesKeyUnWrap(const byte* key, word32 keySz,
wolfSSL 15:117db924cf7c 397 const byte* in, word32 inSz,
wolfSSL 15:117db924cf7c 398 byte* out, word32 outSz,
wolfSSL 15:117db924cf7c 399 const byte* iv);
wolfSSL 15:117db924cf7c 400 #endif /* HAVE_AES_KEYWRAP */
wolfSSL 15:117db924cf7c 401
wolfSSL 15:117db924cf7c 402 #ifdef WOLFSSL_AES_XTS
wolfSSL 15:117db924cf7c 403
wolfSSL 15:117db924cf7c 404 WOLFSSL_API int wc_AesXtsSetKey(XtsAes* aes, const byte* key,
wolfSSL 15:117db924cf7c 405 word32 len, int dir, void* heap, int devId);
wolfSSL 15:117db924cf7c 406
wolfSSL 15:117db924cf7c 407 WOLFSSL_API int wc_AesXtsEncryptSector(XtsAes* aes, byte* out,
wolfSSL 15:117db924cf7c 408 const byte* in, word32 sz, word64 sector);
wolfSSL 15:117db924cf7c 409
wolfSSL 15:117db924cf7c 410 WOLFSSL_API int wc_AesXtsDecryptSector(XtsAes* aes, byte* out,
wolfSSL 15:117db924cf7c 411 const byte* in, word32 sz, word64 sector);
wolfSSL 15:117db924cf7c 412
wolfSSL 15:117db924cf7c 413 WOLFSSL_API int wc_AesXtsEncrypt(XtsAes* aes, byte* out,
wolfSSL 15:117db924cf7c 414 const byte* in, word32 sz, const byte* i, word32 iSz);
wolfSSL 15:117db924cf7c 415
wolfSSL 15:117db924cf7c 416 WOLFSSL_API int wc_AesXtsDecrypt(XtsAes* aes, byte* out,
wolfSSL 15:117db924cf7c 417 const byte* in, word32 sz, const byte* i, word32 iSz);
wolfSSL 15:117db924cf7c 418
wolfSSL 15:117db924cf7c 419 WOLFSSL_API int wc_AesXtsFree(XtsAes* aes);
wolfSSL 15:117db924cf7c 420 #endif
wolfSSL 15:117db924cf7c 421
wolfSSL 15:117db924cf7c 422 WOLFSSL_API int wc_AesGetKeySize(Aes* aes, word32* keySize);
wolfSSL 15:117db924cf7c 423
wolfSSL 16:8e0d178b1d1e 424 WOLFSSL_API int wc_AesInit(Aes* aes, void* heap, int devId);
wolfSSL 16:8e0d178b1d1e 425 #ifdef HAVE_PKCS11
wolfSSL 16:8e0d178b1d1e 426 WOLFSSL_API int wc_AesInit_Id(Aes* aes, unsigned char* id, int len, void* heap,
wolfSSL 16:8e0d178b1d1e 427 int devId);
wolfSSL 16:8e0d178b1d1e 428 #endif
wolfSSL 16:8e0d178b1d1e 429 WOLFSSL_API void wc_AesFree(Aes* aes);
wolfSSL 15:117db924cf7c 430
wolfSSL 15:117db924cf7c 431 #ifdef __cplusplus
wolfSSL 15:117db924cf7c 432 } /* extern "C" */
wolfSSL 15:117db924cf7c 433 #endif
wolfSSL 15:117db924cf7c 434
wolfSSL 15:117db924cf7c 435
wolfSSL 15:117db924cf7c 436 #endif /* NO_AES */
wolfSSL 15:117db924cf7c 437 #endif /* WOLF_CRYPT_AES_H */
wolfSSL 15:117db924cf7c 438