NCBI C++ ToolKit
camellia.h
Go to the documentation of this file.

Go to the SVN repository for this file.

1 /**
2  * \file camellia.h
3  *
4  * \brief Camellia block cipher
5  */
6 /*
7  * Copyright The Mbed TLS Contributors
8  * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
9  */
10 #ifndef MBEDTLS_CAMELLIA_H
11 #define MBEDTLS_CAMELLIA_H
12 #include "mbedtls/private_access.h"
13 
14 #include "mbedtls/build_info.h"
15 
16 #include <stddef.h>
17 #include <stdint.h>
18 
19 #include "mbedtls/platform_util.h"
20 
21 #define MBEDTLS_CAMELLIA_ENCRYPT 1
22 #define MBEDTLS_CAMELLIA_DECRYPT 0
23 
24 /** Bad input data. */
25 #define MBEDTLS_ERR_CAMELLIA_BAD_INPUT_DATA -0x0024
26 
27 /** Invalid data input length. */
28 #define MBEDTLS_ERR_CAMELLIA_INVALID_INPUT_LENGTH -0x0026
29 
30 #ifdef __cplusplus
31 extern "C" {
32 #endif
33 
34 #if !defined(MBEDTLS_CAMELLIA_ALT)
35 // Regular implementation
36 //
37 
38 /**
39  * \brief CAMELLIA context structure
40  */
41 typedef struct mbedtls_camellia_context {
42  int MBEDTLS_PRIVATE(nr); /*!< number of rounds */
43  uint32_t MBEDTLS_PRIVATE(rk)[68]; /*!< CAMELLIA round keys */
44 }
46 
47 #else /* MBEDTLS_CAMELLIA_ALT */
48 #include "camellia_alt.h"
49 #endif /* MBEDTLS_CAMELLIA_ALT */
50 
51 /**
52  * \brief Initialize a CAMELLIA context.
53  *
54  * \param ctx The CAMELLIA context to be initialized.
55  * This must not be \c NULL.
56  */
58 
59 /**
60  * \brief Clear a CAMELLIA context.
61  *
62  * \param ctx The CAMELLIA context to be cleared. This may be \c NULL,
63  * in which case this function returns immediately. If it is not
64  * \c NULL, it must be initialized.
65  */
67 
68 /**
69  * \brief Perform a CAMELLIA key schedule operation for encryption.
70  *
71  * \param ctx The CAMELLIA context to use. This must be initialized.
72  * \param key The encryption key to use. This must be a readable buffer
73  * of size \p keybits Bits.
74  * \param keybits The length of \p key in Bits. This must be either \c 128,
75  * \c 192 or \c 256.
76  *
77  * \return \c 0 if successful.
78  * \return A negative error code on failure.
79  */
81  const unsigned char *key,
82  unsigned int keybits);
83 
84 #if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT)
85 /**
86  * \brief Perform a CAMELLIA key schedule operation for decryption.
87  *
88  * \param ctx The CAMELLIA context to use. This must be initialized.
89  * \param key The decryption key. This must be a readable buffer
90  * of size \p keybits Bits.
91  * \param keybits The length of \p key in Bits. This must be either \c 128,
92  * \c 192 or \c 256.
93  *
94  * \return \c 0 if successful.
95  * \return A negative error code on failure.
96  */
98  const unsigned char *key,
99  unsigned int keybits);
100 #endif /* !MBEDTLS_BLOCK_CIPHER_NO_DECRYPT */
101 
102 /**
103  * \brief Perform a CAMELLIA-ECB block encryption/decryption operation.
104  *
105  * \param ctx The CAMELLIA context to use. This must be initialized
106  * and bound to a key.
107  * \param mode The mode of operation. This must be either
108  * #MBEDTLS_CAMELLIA_ENCRYPT or #MBEDTLS_CAMELLIA_DECRYPT.
109  * \param input The input block. This must be a readable buffer
110  * of size \c 16 Bytes.
111  * \param output The output block. This must be a writable buffer
112  * of size \c 16 Bytes.
113  *
114  * \return \c 0 if successful.
115  * \return A negative error code on failure.
116  */
118  int mode,
119  const unsigned char input[16],
120  unsigned char output[16]);
121 
122 #if defined(MBEDTLS_CIPHER_MODE_CBC)
123 /**
124  * \brief Perform a CAMELLIA-CBC buffer encryption/decryption operation.
125  *
126  * \note Upon exit, the content of the IV is updated so that you can
127  * call the function same function again on the following
128  * block(s) of data and get the same result as if it was
129  * encrypted in one call. This allows a "streaming" usage.
130  * If on the other hand you need to retain the contents of the
131  * IV, you should either save it manually or use the cipher
132  * module instead.
133  *
134  * \param ctx The CAMELLIA context to use. This must be initialized
135  * and bound to a key.
136  * \param mode The mode of operation. This must be either
137  * #MBEDTLS_CAMELLIA_ENCRYPT or #MBEDTLS_CAMELLIA_DECRYPT.
138  * \param length The length in Bytes of the input data \p input.
139  * This must be a multiple of \c 16 Bytes.
140  * \param iv The initialization vector. This must be a read/write buffer
141  * of length \c 16 Bytes. It is updated to allow streaming
142  * use as explained above.
143  * \param input The buffer holding the input data. This must point to a
144  * readable buffer of length \p length Bytes.
145  * \param output The buffer holding the output data. This must point to a
146  * writable buffer of length \p length Bytes.
147  *
148  * \return \c 0 if successful.
149  * \return A negative error code on failure.
150  */
152  int mode,
153  size_t length,
154  unsigned char iv[16],
155  const unsigned char *input,
156  unsigned char *output);
157 #endif /* MBEDTLS_CIPHER_MODE_CBC */
158 
159 #if defined(MBEDTLS_CIPHER_MODE_CFB)
160 /**
161  * \brief Perform a CAMELLIA-CFB128 buffer encryption/decryption
162  * operation.
163  *
164  * \note Due to the nature of CFB mode, you should use the same
165  * key for both encryption and decryption. In particular, calls
166  * to this function should be preceded by a key-schedule via
167  * mbedtls_camellia_setkey_enc() regardless of whether \p mode
168  * is #MBEDTLS_CAMELLIA_ENCRYPT or #MBEDTLS_CAMELLIA_DECRYPT.
169  *
170  * \note Upon exit, the content of the IV is updated so that you can
171  * call the function same function again on the following
172  * block(s) of data and get the same result as if it was
173  * encrypted in one call. This allows a "streaming" usage.
174  * If on the other hand you need to retain the contents of the
175  * IV, you should either save it manually or use the cipher
176  * module instead.
177  *
178  * \param ctx The CAMELLIA context to use. This must be initialized
179  * and bound to a key.
180  * \param mode The mode of operation. This must be either
181  * #MBEDTLS_CAMELLIA_ENCRYPT or #MBEDTLS_CAMELLIA_DECRYPT.
182  * \param length The length of the input data \p input. Any value is allowed.
183  * \param iv_off The current offset in the IV. This must be smaller
184  * than \c 16 Bytes. It is updated after this call to allow
185  * the aforementioned streaming usage.
186  * \param iv The initialization vector. This must be a read/write buffer
187  * of length \c 16 Bytes. It is updated after this call to
188  * allow the aforementioned streaming usage.
189  * \param input The buffer holding the input data. This must be a readable
190  * buffer of size \p length Bytes.
191  * \param output The buffer to hold the output data. This must be a writable
192  * buffer of length \p length Bytes.
193  *
194  * \return \c 0 if successful.
195  * \return A negative error code on failure.
196  */
198  int mode,
199  size_t length,
200  size_t *iv_off,
201  unsigned char iv[16],
202  const unsigned char *input,
203  unsigned char *output);
204 #endif /* MBEDTLS_CIPHER_MODE_CFB */
205 
206 #if defined(MBEDTLS_CIPHER_MODE_CTR)
207 /**
208  * \brief Perform a CAMELLIA-CTR buffer encryption/decryption operation.
209  *
210  * *note Due to the nature of CTR mode, you should use the same
211  * key for both encryption and decryption. In particular, calls
212  * to this function should be preceded by a key-schedule via
213  * mbedtls_camellia_setkey_enc() regardless of whether the mode
214  * is #MBEDTLS_CAMELLIA_ENCRYPT or #MBEDTLS_CAMELLIA_DECRYPT.
215  *
216  * \warning You must never reuse a nonce value with the same key. Doing so
217  * would void the encryption for the two messages encrypted with
218  * the same nonce and key.
219  *
220  * There are two common strategies for managing nonces with CTR:
221  *
222  * 1. You can handle everything as a single message processed over
223  * successive calls to this function. In that case, you want to
224  * set \p nonce_counter and \p nc_off to 0 for the first call, and
225  * then preserve the values of \p nonce_counter, \p nc_off and \p
226  * stream_block across calls to this function as they will be
227  * updated by this function.
228  *
229  * With this strategy, you must not encrypt more than 2**128
230  * blocks of data with the same key.
231  *
232  * 2. You can encrypt separate messages by dividing the \p
233  * nonce_counter buffer in two areas: the first one used for a
234  * per-message nonce, handled by yourself, and the second one
235  * updated by this function internally.
236  *
237  * For example, you might reserve the first \c 12 Bytes for the
238  * per-message nonce, and the last \c 4 Bytes for internal use.
239  * In that case, before calling this function on a new message you
240  * need to set the first \c 12 Bytes of \p nonce_counter to your
241  * chosen nonce value, the last four to \c 0, and \p nc_off to \c 0
242  * (which will cause \p stream_block to be ignored). That way, you
243  * can encrypt at most \c 2**96 messages of up to \c 2**32 blocks
244  * each with the same key.
245  *
246  * The per-message nonce (or information sufficient to reconstruct
247  * it) needs to be communicated with the ciphertext and must be
248  * unique. The recommended way to ensure uniqueness is to use a
249  * message counter. An alternative is to generate random nonces,
250  * but this limits the number of messages that can be securely
251  * encrypted: for example, with 96-bit random nonces, you should
252  * not encrypt more than 2**32 messages with the same key.
253  *
254  * Note that for both strategies, sizes are measured in blocks and
255  * that a CAMELLIA block is \c 16 Bytes.
256  *
257  * \warning Upon return, \p stream_block contains sensitive data. Its
258  * content must not be written to insecure storage and should be
259  * securely discarded as soon as it's no longer needed.
260  *
261  * \param ctx The CAMELLIA context to use. This must be initialized
262  * and bound to a key.
263  * \param length The length of the input data \p input in Bytes.
264  * Any value is allowed.
265  * \param nc_off The offset in the current \p stream_block (for resuming
266  * within current cipher stream). The offset pointer to
267  * should be \c 0 at the start of a stream. It is updated
268  * at the end of this call.
269  * \param nonce_counter The 128-bit nonce and counter. This must be a read/write
270  * buffer of length \c 16 Bytes.
271  * \param stream_block The saved stream-block for resuming. This must be a
272  * read/write buffer of length \c 16 Bytes.
273  * \param input The input data stream. This must be a readable buffer of
274  * size \p length Bytes.
275  * \param output The output data stream. This must be a writable buffer
276  * of size \p length Bytes.
277  *
278  * \return \c 0 if successful.
279  * \return A negative error code on failure.
280  */
282  size_t length,
283  size_t *nc_off,
284  unsigned char nonce_counter[16],
285  unsigned char stream_block[16],
286  const unsigned char *input,
287  unsigned char *output);
288 #endif /* MBEDTLS_CIPHER_MODE_CTR */
289 
290 #if defined(MBEDTLS_SELF_TEST)
291 
292 /**
293  * \brief Checkup routine
294  *
295  * \return 0 if successful, or 1 if the test failed
296  */
297 int mbedtls_camellia_self_test(int verbose);
298 
299 #endif /* MBEDTLS_SELF_TEST */
300 
301 #ifdef __cplusplus
302 }
303 #endif
304 
305 #endif /* camellia.h */
int mbedtls_camellia_setkey_enc(mbedtls_camellia_context *ctx, const unsigned char *key, unsigned int keybits)
Perform a CAMELLIA key schedule operation for encryption.
int mbedtls_camellia_crypt_ecb(mbedtls_camellia_context *ctx, int mode, const unsigned char input[16], unsigned char output[16])
Perform a CAMELLIA-ECB block encryption/decryption operation.
int mbedtls_camellia_setkey_dec(mbedtls_camellia_context *ctx, const unsigned char *key, unsigned int keybits)
Perform a CAMELLIA key schedule operation for decryption.
void mbedtls_camellia_init(mbedtls_camellia_context *ctx)
Initialize a CAMELLIA context.
struct mbedtls_camellia_context mbedtls_camellia_context
CAMELLIA context structure.
void mbedtls_camellia_free(mbedtls_camellia_context *ctx)
Clear a CAMELLIA context.
CS_CONTEXT * ctx
Definition: t0006.c:12
static SQLCHAR output[256]
Definition: print.c:5
Uint4 uint32_t
static int input()
Build-time configuration info.
mdb_mode_t mode
Definition: lmdb++.h:38
const struct ncbi::grid::netcache::search::fields::KEY key
#define mbedtls_camellia_crypt_ctr
#define mbedtls_camellia_crypt_cfb128
#define mbedtls_camellia_crypt_cbc
Common and shared functions used by multiple modules in the Mbed TLS library.
Macro wrapper for struct's members.
true_type verbose
Definition: processing.cpp:890
CAMELLIA context structure.
Definition: camellia.h:41
uint32_t MBEDTLS_PRIVATE(rk)[68]
Modified on Sat May 25 14:20:29 2024 by modify_doxy.py rev. 669887