quickjs-tart

psa_crypto_cipher.h (15581B)

---

 /*
  *  PSA cipher driver entry points and associated auxiliary functions
  */
 /*
  *  Copyright The Mbed TLS Contributors
  *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
  */
 
 #ifndef PSA_CRYPTO_CIPHER_H
 #define PSA_CRYPTO_CIPHER_H
 
 #include <mbedtls/cipher.h>
 #include <psa/crypto.h>
 
 /** Get Mbed TLS cipher information given the cipher algorithm PSA identifier
  *  as well as the PSA type and size of the key to be used with the cipher
  *  algorithm.
  *
  * \param[in]      alg          PSA cipher algorithm identifier
  * \param[in]      key_type     PSA key type
  * \param[in,out]  key_bits     Size of the key in bits. The value provided in input
  *                              might be updated if necessary.
  * \param[out]     mode         Mbed TLS cipher mode
  * \param[out]     cipher_id    Mbed TLS cipher algorithm identifier
  *
  * \return  On success \c PSA_SUCCESS is returned and key_bits, mode and cipher_id
  *          are properly updated.
  *          \c PSA_ERROR_NOT_SUPPORTED is returned if the cipher algorithm is not
  *          supported.
  */
 
 psa_status_t mbedtls_cipher_values_from_psa(psa_algorithm_t alg, psa_key_type_t key_type,
                                             size_t *key_bits, mbedtls_cipher_mode_t *mode,
                                             mbedtls_cipher_id_t *cipher_id);
 
 #if defined(MBEDTLS_CIPHER_C)
 /** Get Mbed TLS cipher information given the cipher algorithm PSA identifier
  *  as well as the PSA type and size of the key to be used with the cipher
  *  algorithm.
  *
  * \param       alg        PSA cipher algorithm identifier
  * \param       key_type   PSA key type
  * \param       key_bits   Size of the key in bits
  * \param[out]  cipher_id  Mbed TLS cipher algorithm identifier
  *
  * \return  The Mbed TLS cipher information of the cipher algorithm.
  *          \c NULL if the PSA cipher algorithm is not supported.
  */
 const mbedtls_cipher_info_t *mbedtls_cipher_info_from_psa(
     psa_algorithm_t alg, psa_key_type_t key_type, size_t key_bits,
     mbedtls_cipher_id_t *cipher_id);
 #endif /* MBEDTLS_CIPHER_C */
 
 /**
  * \brief Set the key for a multipart symmetric encryption operation.
  *
  * \note The signature of this function is that of a PSA driver
  *       cipher_encrypt_setup entry point. This function behaves as a
  *       cipher_encrypt_setup entry point as defined in the PSA driver
  *       interface specification for transparent drivers.
  *
  * \param[in,out] operation     The operation object to set up. It has been
  *                              initialized as per the documentation for
  *                              #psa_cipher_operation_t and not yet in use.
  * \param[in] attributes        The attributes of the key to use for the
  *                              operation.
  * \param[in] key_buffer        The buffer containing the key context.
  * \param[in] key_buffer_size   Size of the \p key_buffer buffer in bytes.
  * \param[in] alg               The cipher algorithm to compute
  *                              (\c PSA_ALG_XXX value such that
  *                              #PSA_ALG_IS_CIPHER(\p alg) is true).
  *
  * \retval #PSA_SUCCESS \emptydescription
  * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription
  * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
  * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription
  */
 psa_status_t mbedtls_psa_cipher_encrypt_setup(
     mbedtls_psa_cipher_operation_t *operation,
     const psa_key_attributes_t *attributes,
     const uint8_t *key_buffer, size_t key_buffer_size,
     psa_algorithm_t alg);
 
 /**
  * \brief Set the key for a multipart symmetric decryption operation.
  *
  * \note The signature of this function is that of a PSA driver
  *       cipher_decrypt_setup entry point. This function behaves as a
  *       cipher_decrypt_setup entry point as defined in the PSA driver
  *       interface specification for transparent drivers.
  *
  * \param[in,out] operation     The operation object to set up. It has been
  *                              initialized as per the documentation for
  *                              #psa_cipher_operation_t and not yet in use.
  * \param[in] attributes        The attributes of the key to use for the
  *                              operation.
  * \param[in] key_buffer        The buffer containing the key context.
  * \param[in] key_buffer_size   Size of the \p key_buffer buffer in bytes.
  * \param[in] alg               The cipher algorithm to compute
  *                              (\c PSA_ALG_XXX value such that
  *                              #PSA_ALG_IS_CIPHER(\p alg) is true).
  *
  * \retval #PSA_SUCCESS \emptydescription
  * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription
  * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
  * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription
  */
 psa_status_t mbedtls_psa_cipher_decrypt_setup(
     mbedtls_psa_cipher_operation_t *operation,
     const psa_key_attributes_t *attributes,
     const uint8_t *key_buffer, size_t key_buffer_size,
     psa_algorithm_t alg);
 
 /** Set the IV for a symmetric encryption or decryption operation.
  *
  * This function sets the IV (initialization vector), nonce
  * or initial counter value for the encryption or decryption operation.
  *
  * \note The signature of this function is that of a PSA driver
  *       cipher_set_iv entry point. This function behaves as a
  *       cipher_set_iv entry point as defined in the PSA driver
  *       interface specification for transparent drivers.
  *
  * \param[in,out] operation     Active cipher operation.
  * \param[in] iv                Buffer containing the IV to use.
  * \param[in] iv_length         Size of the IV in bytes. It is guaranteed by
  *                              the core to be less or equal to
  *                              PSA_CIPHER_IV_MAX_SIZE.
  *
  * \retval #PSA_SUCCESS \emptydescription
  * \retval #PSA_ERROR_INVALID_ARGUMENT
  *         The size of \p iv is not acceptable for the chosen algorithm,
  *         or the chosen algorithm does not use an IV.
  * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
  */
 psa_status_t mbedtls_psa_cipher_set_iv(
     mbedtls_psa_cipher_operation_t *operation,
     const uint8_t *iv, size_t iv_length);
 
 /** Encrypt or decrypt a message fragment in an active cipher operation.
  *
  * \note The signature of this function is that of a PSA driver
  *       cipher_update entry point. This function behaves as a
  *       cipher_update entry point as defined in the PSA driver
  *       interface specification for transparent drivers.
  *
  * \param[in,out] operation     Active cipher operation.
  * \param[in] input             Buffer containing the message fragment to
  *                              encrypt or decrypt.
  * \param[in] input_length      Size of the \p input buffer in bytes.
  * \param[out] output           Buffer where the output is to be written.
  * \param[in]  output_size      Size of the \p output buffer in bytes.
  * \param[out] output_length    On success, the number of bytes
  *                              that make up the returned output.
  *
  * \retval #PSA_SUCCESS \emptydescription
  * \retval #PSA_ERROR_BUFFER_TOO_SMALL
  *         The size of the \p output buffer is too small.
  * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
  */
 psa_status_t mbedtls_psa_cipher_update(
     mbedtls_psa_cipher_operation_t *operation,
     const uint8_t *input, size_t input_length,
     uint8_t *output, size_t output_size, size_t *output_length);
 
 /** Finish encrypting or decrypting a message in a cipher operation.
  *
  * \note The signature of this function is that of a PSA driver
  *       cipher_finish entry point. This function behaves as a
  *       cipher_finish entry point as defined in the PSA driver
  *       interface specification for transparent drivers.
  *
  * \param[in,out] operation     Active cipher operation.
  * \param[out] output           Buffer where the output is to be written.
  * \param[in]  output_size      Size of the \p output buffer in bytes.
  * \param[out] output_length    On success, the number of bytes
  *                              that make up the returned output.
  *
  * \retval #PSA_SUCCESS \emptydescription
  * \retval #PSA_ERROR_INVALID_ARGUMENT
  *         The total input size passed to this operation is not valid for
  *         this particular algorithm. For example, the algorithm is a based
  *         on block cipher and requires a whole number of blocks, but the
  *         total input size is not a multiple of the block size.
  * \retval #PSA_ERROR_INVALID_PADDING
  *         This is a decryption operation for an algorithm that includes
  *         padding, and the ciphertext does not contain valid padding.
  * \retval #PSA_ERROR_BUFFER_TOO_SMALL
  *         The size of the \p output buffer is too small.
  * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
  */
 psa_status_t mbedtls_psa_cipher_finish(
     mbedtls_psa_cipher_operation_t *operation,
     uint8_t *output, size_t output_size, size_t *output_length);
 
 /** Abort a cipher operation.
  *
  * Aborting an operation frees all associated resources except for the
  * \p operation structure itself. Once aborted, the operation object
  * can be reused for another operation.
  *
  * \note The signature of this function is that of a PSA driver
  *       cipher_abort entry point. This function behaves as a
  *       cipher_abort entry point as defined in the PSA driver
  *       interface specification for transparent drivers.
  *
  * \param[in,out] operation     Initialized cipher operation.
  *
  * \retval #PSA_SUCCESS \emptydescription
  */
 psa_status_t mbedtls_psa_cipher_abort(mbedtls_psa_cipher_operation_t *operation);
 
 /** Encrypt a message using a symmetric cipher.
  *
  * \note The signature of this function is that of a PSA driver
  *       cipher_encrypt entry point. This function behaves as a
  *       cipher_encrypt entry point as defined in the PSA driver
  *       interface specification for transparent drivers.
  *
  * \param[in] attributes        The attributes of the key to use for the
  *                              operation.
  * \param[in] key_buffer        The buffer containing the key context.
  * \param[in] key_buffer_size   Size of the \p key_buffer buffer in bytes.
  * \param[in] alg               The cipher algorithm to compute
  *                              (\c PSA_ALG_XXX value such that
  *                              #PSA_ALG_IS_CIPHER(\p alg) is true).
  * \param[in] iv                Buffer containing the IV for encryption. The
  *                              IV has been generated by the core.
  * \param[in] iv_length         Size of the \p iv in bytes.
  * \param[in] input             Buffer containing the message to encrypt.
  * \param[in] input_length      Size of the \p input buffer in bytes.
  * \param[in,out] output        Buffer where the output is to be written.
  * \param[in]  output_size      Size of the \p output buffer in bytes.
  * \param[out] output_length    On success, the number of bytes that make up
  *                              the returned output. Initialized to zero
  *                              by the core.
  *
  * \retval #PSA_SUCCESS \emptydescription
  * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription
  * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
  * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription
  * \retval #PSA_ERROR_BUFFER_TOO_SMALL
  *         The size of the \p output buffer is too small.
  * \retval #PSA_ERROR_INVALID_ARGUMENT
  *         The size \p iv_length is not acceptable for the chosen algorithm,
  *         or the chosen algorithm does not use an IV.
  *         The total input size passed to this operation is not valid for
  *         this particular algorithm. For example, the algorithm is a based
  *         on block cipher and requires a whole number of blocks, but the
  *         total input size is not a multiple of the block size.
  * \retval #PSA_ERROR_INVALID_PADDING
  *         This is a decryption operation for an algorithm that includes
  *         padding, and the ciphertext does not contain valid padding.
  */
 psa_status_t mbedtls_psa_cipher_encrypt(const psa_key_attributes_t *attributes,
                                         const uint8_t *key_buffer,
                                         size_t key_buffer_size,
                                         psa_algorithm_t alg,
                                         const uint8_t *iv,
                                         size_t iv_length,
                                         const uint8_t *input,
                                         size_t input_length,
                                         uint8_t *output,
                                         size_t output_size,
                                         size_t *output_length);
 
 /** Decrypt a message using a symmetric cipher.
  *
  * \note The signature of this function is that of a PSA driver
  *       cipher_decrypt entry point. This function behaves as a
  *       cipher_decrypt entry point as defined in the PSA driver
  *       interface specification for transparent drivers.
  *
  * \param[in]  attributes       The attributes of the key to use for the
  *                              operation.
  * \param[in]  key_buffer       The buffer containing the key context.
  * \param[in]  key_buffer_size  Size of the \p key_buffer buffer in bytes.
  * \param[in]  alg              The cipher algorithm to compute
  *                              (\c PSA_ALG_XXX value such that
  *                              #PSA_ALG_IS_CIPHER(\p alg) is true).
  * \param[in]  input            Buffer containing the iv and the ciphertext.
  * \param[in]  input_length     Size of the \p input buffer in bytes.
  * \param[out] output           Buffer where the output is to be written.
  * \param[in]  output_size      Size of the \p output buffer in bytes.
  * \param[out] output_length    On success, the number of bytes that make up
  *                              the returned output. Initialized to zero
  *                              by the core.
  *
  * \retval #PSA_SUCCESS \emptydescription
  * \retval #PSA_ERROR_NOT_SUPPORTED \emptydescription
  * \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
  * \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription
  * \retval #PSA_ERROR_BUFFER_TOO_SMALL
  *         The size of the \p output buffer is too small.
  * \retval #PSA_ERROR_INVALID_ARGUMENT
  *         The size of \p iv is not acceptable for the chosen algorithm,
  *         or the chosen algorithm does not use an IV.
  *         The total input size passed to this operation is not valid for
  *         this particular algorithm. For example, the algorithm is a based
  *         on block cipher and requires a whole number of blocks, but the
  *         total input size is not a multiple of the block size.
  * \retval #PSA_ERROR_INVALID_PADDING
  *         This is a decryption operation for an algorithm that includes
  *         padding, and the ciphertext does not contain valid padding.
  */
 psa_status_t mbedtls_psa_cipher_decrypt(const psa_key_attributes_t *attributes,
                                         const uint8_t *key_buffer,
                                         size_t key_buffer_size,
                                         psa_algorithm_t alg,
                                         const uint8_t *input,
                                         size_t input_length,
                                         uint8_t *output,
                                         size_t output_size,
                                         size_t *output_length);
 
 #endif /* PSA_CRYPTO_CIPHER_H */