mirror of
https://github.com/cuberite/polarssl.git
synced 2025-11-03 20:22:59 -05:00
b2aacec417
The cryptographic API should not be related to whether or not there is alternative implementation. The API should be same for regular implementation, and for alternative implementation, so it is defined outside of the XXX_ALT precompilation check in the cryptographic API header
206 lines
7.4 KiB
C
206 lines
7.4 KiB
C
/**
|
|
* \file blowfish.h
|
|
*
|
|
* \brief Blowfish block cipher
|
|
*/
|
|
/*
|
|
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
|
|
* SPDX-License-Identifier: Apache-2.0
|
|
*
|
|
* Licensed under the Apache License, Version 2.0 (the "License"); you may
|
|
* not use this file except in compliance with the License.
|
|
* You may obtain a copy of the License at
|
|
*
|
|
* http://www.apache.org/licenses/LICENSE-2.0
|
|
*
|
|
* Unless required by applicable law or agreed to in writing, software
|
|
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
|
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
* See the License for the specific language governing permissions and
|
|
* limitations under the License.
|
|
*
|
|
* This file is part of mbed TLS (https://tls.mbed.org)
|
|
*/
|
|
#ifndef MBEDTLS_BLOWFISH_H
|
|
#define MBEDTLS_BLOWFISH_H
|
|
|
|
#if !defined(MBEDTLS_CONFIG_FILE)
|
|
#include "config.h"
|
|
#else
|
|
#include MBEDTLS_CONFIG_FILE
|
|
#endif
|
|
|
|
#include <stddef.h>
|
|
#include <stdint.h>
|
|
|
|
#define MBEDTLS_BLOWFISH_ENCRYPT 1
|
|
#define MBEDTLS_BLOWFISH_DECRYPT 0
|
|
#define MBEDTLS_BLOWFISH_MAX_KEY_BITS 448
|
|
#define MBEDTLS_BLOWFISH_MIN_KEY_BITS 32
|
|
#define MBEDTLS_BLOWFISH_ROUNDS 16 /**< Rounds to use. When increasing this value, make sure to extend the initialisation vectors */
|
|
#define MBEDTLS_BLOWFISH_BLOCKSIZE 8 /* Blowfish uses 64 bit blocks */
|
|
|
|
#define MBEDTLS_ERR_BLOWFISH_INVALID_KEY_LENGTH -0x0016 /**< Invalid key length. */
|
|
#define MBEDTLS_ERR_BLOWFISH_HW_ACCEL_FAILED -0x0017 /**< Blowfish hardware accelerator failed. */
|
|
#define MBEDTLS_ERR_BLOWFISH_INVALID_INPUT_LENGTH -0x0018 /**< Invalid data input length. */
|
|
|
|
#ifdef __cplusplus
|
|
extern "C" {
|
|
#endif
|
|
|
|
#if !defined(MBEDTLS_BLOWFISH_ALT)
|
|
// Regular implementation
|
|
//
|
|
|
|
/**
|
|
* \brief Blowfish context structure
|
|
*/
|
|
typedef struct
|
|
{
|
|
uint32_t P[MBEDTLS_BLOWFISH_ROUNDS + 2]; /*!< Blowfish round keys */
|
|
uint32_t S[4][256]; /*!< key dependent S-boxes */
|
|
}
|
|
mbedtls_blowfish_context;
|
|
|
|
#else /* MBEDTLS_BLOWFISH_ALT */
|
|
#include "blowfish_alt.h"
|
|
#endif /* MBEDTLS_BLOWFISH_ALT */
|
|
|
|
/**
|
|
* \brief Initialize Blowfish context
|
|
*
|
|
* \param ctx Blowfish context to be initialized
|
|
*/
|
|
void mbedtls_blowfish_init( mbedtls_blowfish_context *ctx );
|
|
|
|
/**
|
|
* \brief Clear Blowfish context
|
|
*
|
|
* \param ctx Blowfish context to be cleared
|
|
*/
|
|
void mbedtls_blowfish_free( mbedtls_blowfish_context *ctx );
|
|
|
|
/**
|
|
* \brief Blowfish key schedule
|
|
*
|
|
* \param ctx Blowfish context to be initialized
|
|
* \param key encryption key
|
|
* \param keybits must be between 32 and 448 bits
|
|
*
|
|
* \return 0 if successful, or MBEDTLS_ERR_BLOWFISH_INVALID_KEY_LENGTH
|
|
*/
|
|
int mbedtls_blowfish_setkey( mbedtls_blowfish_context *ctx, const unsigned char *key,
|
|
unsigned int keybits );
|
|
|
|
/**
|
|
* \brief Blowfish-ECB block encryption/decryption
|
|
*
|
|
* \param ctx Blowfish context
|
|
* \param mode MBEDTLS_BLOWFISH_ENCRYPT or MBEDTLS_BLOWFISH_DECRYPT
|
|
* \param input 8-byte input block
|
|
* \param output 8-byte output block
|
|
*
|
|
* \return 0 if successful
|
|
*/
|
|
int mbedtls_blowfish_crypt_ecb( mbedtls_blowfish_context *ctx,
|
|
int mode,
|
|
const unsigned char input[MBEDTLS_BLOWFISH_BLOCKSIZE],
|
|
unsigned char output[MBEDTLS_BLOWFISH_BLOCKSIZE] );
|
|
|
|
#if defined(MBEDTLS_CIPHER_MODE_CBC)
|
|
/**
|
|
* \brief Blowfish-CBC buffer encryption/decryption
|
|
* Length should be a multiple of the block
|
|
* size (8 bytes)
|
|
*
|
|
* \note Upon exit, the content of the IV is updated so that you can
|
|
* call the function same function again on the following
|
|
* block(s) of data and get the same result as if it was
|
|
* encrypted in one call. This allows a "streaming" usage.
|
|
* If on the other hand you need to retain the contents of the
|
|
* IV, you should either save it manually or use the cipher
|
|
* module instead.
|
|
*
|
|
* \param ctx Blowfish context
|
|
* \param mode MBEDTLS_BLOWFISH_ENCRYPT or MBEDTLS_BLOWFISH_DECRYPT
|
|
* \param length length of the input data
|
|
* \param iv initialization vector (updated after use)
|
|
* \param input buffer holding the input data
|
|
* \param output buffer holding the output data
|
|
*
|
|
* \return 0 if successful, or
|
|
* MBEDTLS_ERR_BLOWFISH_INVALID_INPUT_LENGTH
|
|
*/
|
|
int mbedtls_blowfish_crypt_cbc( mbedtls_blowfish_context *ctx,
|
|
int mode,
|
|
size_t length,
|
|
unsigned char iv[MBEDTLS_BLOWFISH_BLOCKSIZE],
|
|
const unsigned char *input,
|
|
unsigned char *output );
|
|
#endif /* MBEDTLS_CIPHER_MODE_CBC */
|
|
|
|
#if defined(MBEDTLS_CIPHER_MODE_CFB)
|
|
/**
|
|
* \brief Blowfish CFB buffer encryption/decryption.
|
|
*
|
|
* \note Upon exit, the content of the IV is updated so that you can
|
|
* call the function same function again on the following
|
|
* block(s) of data and get the same result as if it was
|
|
* encrypted in one call. This allows a "streaming" usage.
|
|
* If on the other hand you need to retain the contents of the
|
|
* IV, you should either save it manually or use the cipher
|
|
* module instead.
|
|
*
|
|
* \param ctx Blowfish context
|
|
* \param mode MBEDTLS_BLOWFISH_ENCRYPT or MBEDTLS_BLOWFISH_DECRYPT
|
|
* \param length length of the input data
|
|
* \param iv_off offset in IV (updated after use)
|
|
* \param iv initialization vector (updated after use)
|
|
* \param input buffer holding the input data
|
|
* \param output buffer holding the output data
|
|
*
|
|
* \return 0 if successful
|
|
*/
|
|
int mbedtls_blowfish_crypt_cfb64( mbedtls_blowfish_context *ctx,
|
|
int mode,
|
|
size_t length,
|
|
size_t *iv_off,
|
|
unsigned char iv[MBEDTLS_BLOWFISH_BLOCKSIZE],
|
|
const unsigned char *input,
|
|
unsigned char *output );
|
|
#endif /*MBEDTLS_CIPHER_MODE_CFB */
|
|
|
|
#if defined(MBEDTLS_CIPHER_MODE_CTR)
|
|
/**
|
|
* \brief Blowfish-CTR buffer encryption/decryption
|
|
*
|
|
* Warning: You have to keep the maximum use of your counter in mind!
|
|
*
|
|
* \param ctx Blowfish context
|
|
* \param length The length of the data
|
|
* \param nc_off The offset in the current stream_block (for resuming
|
|
* within current cipher stream). The offset pointer to
|
|
* should be 0 at the start of a stream.
|
|
* \param nonce_counter The 64-bit nonce and counter.
|
|
* \param stream_block The saved stream-block for resuming. Is overwritten
|
|
* by the function.
|
|
* \param input The input data stream
|
|
* \param output The output data stream
|
|
*
|
|
* \return 0 if successful
|
|
*/
|
|
int mbedtls_blowfish_crypt_ctr( mbedtls_blowfish_context *ctx,
|
|
size_t length,
|
|
size_t *nc_off,
|
|
unsigned char nonce_counter[MBEDTLS_BLOWFISH_BLOCKSIZE],
|
|
unsigned char stream_block[MBEDTLS_BLOWFISH_BLOCKSIZE],
|
|
const unsigned char *input,
|
|
unsigned char *output );
|
|
#endif /* MBEDTLS_CIPHER_MODE_CTR */
|
|
|
|
#ifdef __cplusplus
|
|
}
|
|
#endif
|
|
|
|
#endif /* blowfish.h */
|