Blame - ae.h - fp2-dev/platform/system/keymaster

blob: 864d34916039124dc320818a860d81c0b659a99b [file] [log] [blame]

Shawn Willden	128ffe0	2014-08-06 12:31:33 -0600	[diff] [blame]	1	/* ---------------------------------------------------------------------------
				2	*
				3	* AEAD API 0.12 - 23-MAY-2012
				4	*
				5	* This file gives an interface appropriate for many authenticated
				6	* encryption with associated data (AEAD) implementations. It does not try
				7	* to accommodate all possible options or limitations that an implementation
				8	* might have -- you should consult the documentation of your chosen
				9	* implementation to find things like RFC 5116 constants, alignment
				10	* requirements, whether the incremental interface is supported, etc.
				11	*
				12	* This file is in the public domain. It is provided "as is", without
				13	* warranty of any kind. Use at your own risk.
				14	*
				15	* Comments are welcome: Ted Krovetz <ted@krovetz>.
				16	*
				17	* ------------------------------------------------------------------------ */
				18
				19	#ifndef _AE_H_
				20	#define _AE_H_
				21
				22	#ifdef __cplusplus
				23	extern "C" {
				24	#endif
				25
				26	/* --------------------------------------------------------------------------
				27	*
				28	* Constants
				29	*
				30	* ----------------------------------------------------------------------- */
				31
				32	/* Return status codes: Negative return values indicate an error occurred.
				33	* For full explanations of error values, consult the implementation's
				34	* documentation. */
				35	#define AE_SUCCESS (0) /* Indicates successful completion of call */
				36	#define AE_INVALID (-1) /* Indicates bad tag during decryption */
				37	#define AE_NOT_SUPPORTED (-2) /* Indicates unsupported option requested */
				38
				39	/* Flags: When data can be processed "incrementally", these flags are used
				40	* to indicate whether the submitted data is the last or not. */
				41	#define AE_FINALIZE (1) /* This is the last of data */
				42	#define AE_PENDING (0) /* More data of is coming */
				43
				44	/* --------------------------------------------------------------------------
				45	*
				46	* AEAD opaque structure definition
				47	*
				48	* ----------------------------------------------------------------------- */
				49
				50	typedef struct _ae_ctx ae_ctx;
				51
				52	/* --------------------------------------------------------------------------
				53	*
				54	* Data Structure Routines
				55	*
				56	* ----------------------------------------------------------------------- */
				57
				58	ae_ctx* ae_allocate(void* misc); /* Allocate ae_ctx, set optional ptr */
				59	void ae_free(ae_ctx* ctx); /* Deallocate ae_ctx struct */
				60	int ae_clear(ae_ctx* ctx); /* Undo initialization */
				61	int ae_ctx_sizeof(void); /* Return sizeof(ae_ctx) */
				62	/* ae_allocate() allocates an ae_ctx structure, but does not initialize it.
				63	* ae_free() deallocates an ae_ctx structure, but does not zero it.
				64	* ae_clear() zeroes sensitive values associated with an ae_ctx structure
				65	* and deallocates any auxiliary structures allocated during ae_init().
				66	* ae_ctx_sizeof() returns sizeof(ae_ctx), to aid in any static allocations.
				67	*/
				68
				69	/* --------------------------------------------------------------------------
				70	*
				71	* AEAD Routines
				72	*
				73	* ----------------------------------------------------------------------- */
				74
				75	int ae_init(ae_ctx* ctx, const void* key, int key_len, int nonce_len, int tag_len);
				76	/* --------------------------------------------------------------------------
				77	*
				78	* Initialize an ae_ctx context structure.
				79	*
				80	* Parameters:
				81	* ctx - Pointer to an ae_ctx structure to be initialized
				82	* key - Pointer to user-supplied key
				83	* key_len - Length of key supplied, in bytes
				84	* nonce_len - Length of nonces to be used for this key, in bytes
				85	* tag_len - Length of tags to be produced for this key, in bytes
				86	*
				87	* Returns:
				88	* AE_SUCCESS - Success. Ctx ready for use.
				89	* AE_NOT_SUPPORTED - An unsupported length was supplied. Ctx is untouched.
				90	* Otherwise - Error. Check implementation documentation for codes.
				91	*
				92	* ----------------------------------------------------------------------- */
				93
				94	int ae_encrypt(ae_ctx* ctx, const void* nonce, const void* pt, int pt_len, const void* ad,
				95	int ad_len, void* ct, void* tag, int final);
				96	/* --------------------------------------------------------------------------
				97	*
				98	* Encrypt plaintext; provide for authentication of ciphertext/associated data.
				99	*
				100	* Parameters:
				101	* ctx - Pointer to an ae_ctx structure initialized by ae_init.
				102	* nonce - Pointer to a nonce_len (defined in ae_init) byte nonce.
				103	* pt - Pointer to plaintext bytes to be encrypted.
				104	* pt_len - number of bytes pointed to by pt.
				105	* ad - Pointer to associated data.
				106	* ad_len - number of bytes pointed to by ad.
				107	* ct - Pointer to buffer to receive ciphertext encryption.
				108	* tag - Pointer to receive authentication tag; or NULL
				109	* if tag is to be bundled into the ciphertext.
				110	* final - Non-zero if this call completes the plaintext being encrypted.
				111	*
				112	* If nonce!=NULL then a message is being initiated. If final!=0
				113	* then a message is being finalized. If final==0 or nonce==NULL
				114	* then the incremental interface is being used. If nonce!=NULL and
				115	* ad_len<0, then use same ad as last message.
				116	*
				117	* Returns:
				118	* non-negative - Number of bytes written to ct.
				119	* AE_NOT_SUPPORTED - Usage mode unsupported (eg, incremental and/or sticky).
				120	* Otherwise - Error. Check implementation documentation for codes.
				121	*
				122	* ----------------------------------------------------------------------- */
				123
				124	int ae_decrypt(ae_ctx* ctx, const void* nonce, const void* ct, int ct_len, const void* ad,
				125	int ad_len, void* pt, const void* tag, int final);
				126	/* --------------------------------------------------------------------------
				127	*
				128	* Decrypt ciphertext; provide authenticity of plaintext and associated data.
				129	*
				130	* Parameters:
				131	* ctx - Pointer to an ae_ctx structure initialized by ae_init.
				132	* nonce - Pointer to a nonce_len (defined in ae_init) byte nonce.
				133	* ct - Pointer to ciphertext bytes to be decrypted.
				134	* ct_len - number of bytes pointed to by ct.
				135	* ad - Pointer to associated data.
				136	* ad_len - number of bytes pointed to by ad.
				137	* pt - Pointer to buffer to receive plaintext decryption.
				138	* tag - Pointer to tag_len (defined in ae_init) bytes; or NULL
				139	* if tag is bundled into the ciphertext. Non-NULL tag is only
				140	* read when final is non-zero.
				141	* final - Non-zero if this call completes the ciphertext being decrypted.
				142	*
				143	* If nonce!=NULL then "ct" points to the start of a ciphertext. If final!=0
				144	* then "in" points to the final piece of ciphertext. If final==0 or nonce==
				145	* NULL then the incremental interface is being used. If nonce!=NULL and
				146	* ad_len<0, then use same ad as last message.
				147	*
				148	* Returns:
				149	* non-negative - Number of bytes written to pt.
				150	* AE_INVALID - Authentication failure.
				151	* AE_NOT_SUPPORTED - Usage mode unsupported (eg, incremental and/or sticky).
				152	* Otherwise - Error. Check implementation documentation for codes.
				153	*
				154	* NOTE !!! NOTE !!! -- The ciphertext should be assumed possibly inauthentic
				155	* until it has been completely written and it is
				156	* verified that this routine did not return AE_INVALID.
				157	*
				158	* ----------------------------------------------------------------------- */
				159
				160	#ifdef __cplusplus
				161	} /* closing brace for extern "C" */
				162	#endif
				163
				164	#endif /* _AE_H_ */