ReactOS 0.4.16-dev-329-g9223134
cipher.c
Go to the documentation of this file.
1
51#if !defined(MBEDTLS_CONFIG_FILE)
52#include "mbedtls/config.h"
53#else
54#include MBEDTLS_CONFIG_FILE
55#endif
56
57#if defined(MBEDTLS_CIPHER_C)
58
59#include "mbedtls/cipher.h"
62
63#include <stdlib.h>
64#include <string.h>
65
66#if defined(MBEDTLS_CHACHAPOLY_C)
67#include "mbedtls/chachapoly.h"
68#endif
69
70#if defined(MBEDTLS_GCM_C)
71#include "mbedtls/gcm.h"
72#endif
73
74#if defined(MBEDTLS_CCM_C)
75#include "mbedtls/ccm.h"
76#endif
77
78#if defined(MBEDTLS_CHACHA20_C)
79#include "mbedtls/chacha20.h"
80#endif
81
82#if defined(MBEDTLS_CMAC_C)
83#include "mbedtls/cmac.h"
84#endif
85
86#if defined(MBEDTLS_PLATFORM_C)
87#include "mbedtls/platform.h"
88#else
89#define mbedtls_calloc calloc
90#define mbedtls_free free
91#endif
92
93#define CIPHER_VALIDATE_RET( cond ) \
94 MBEDTLS_INTERNAL_VALIDATE_RET( cond, MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA )
95#define CIPHER_VALIDATE( cond ) \
96 MBEDTLS_INTERNAL_VALIDATE( cond )
97
98#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
99/* Compare the contents of two buffers in constant time.
100 * Returns 0 if the contents are bitwise identical, otherwise returns
101 * a non-zero value.
102 * This is currently only used by GCM and ChaCha20+Poly1305.
103 */
104static int mbedtls_constant_time_memcmp( const void *v1, const void *v2, size_t len )
105{
106 const unsigned char *p1 = (const unsigned char*) v1;
107 const unsigned char *p2 = (const unsigned char*) v2;
108 size_t i;
109 unsigned char diff;
110
111 for( diff = 0, i = 0; i < len; i++ )
112 diff |= p1[i] ^ p2[i];
113
114 return( (int)diff );
115}
116#endif /* MBEDTLS_GCM_C || MBEDTLS_CHACHAPOLY_C */
117
118static int supported_init = 0;
119
120const int *mbedtls_cipher_list( void )
121{
123 int *type;
124
125 if( ! supported_init )
126 {
129
130 while( def->type != 0 )
131 *type++ = (*def++).type;
132
133 *type = 0;
134
135 supported_init = 1;
136 }
137
138 return( mbedtls_cipher_supported );
139}
140
142{
144
145 for( def = mbedtls_cipher_definitions; def->info != NULL; def++ )
146 if( def->type == cipher_type )
147 return( def->info );
148
149 return( NULL );
150}
151
152const mbedtls_cipher_info_t *mbedtls_cipher_info_from_string( const char *cipher_name )
153{
155
156 if( NULL == cipher_name )
157 return( NULL );
158
159 for( def = mbedtls_cipher_definitions; def->info != NULL; def++ )
160 if( ! strcmp( def->info->name, cipher_name ) )
161 return( def->info );
162
163 return( NULL );
164}
165
167 int key_bitlen,
169{
171
172 for( def = mbedtls_cipher_definitions; def->info != NULL; def++ )
173 if( def->info->base->cipher == cipher_id &&
174 def->info->key_bitlen == (unsigned) key_bitlen &&
175 def->info->mode == mode )
176 return( def->info );
177
178 return( NULL );
179}
180
182{
183 CIPHER_VALIDATE( ctx != NULL );
184 memset( ctx, 0, sizeof( mbedtls_cipher_context_t ) );
185}
186
188{
189 if( ctx == NULL )
190 return;
191
192#if defined(MBEDTLS_CMAC_C)
193 if( ctx->cmac_ctx )
194 {
195 mbedtls_platform_zeroize( ctx->cmac_ctx,
196 sizeof( mbedtls_cmac_context_t ) );
197 mbedtls_free( ctx->cmac_ctx );
198 }
199#endif
200
201 if( ctx->cipher_ctx )
202 ctx->cipher_info->base->ctx_free_func( ctx->cipher_ctx );
203
205}
206
208{
209 CIPHER_VALIDATE_RET( ctx != NULL );
210 if( cipher_info == NULL )
212
213 memset( ctx, 0, sizeof( mbedtls_cipher_context_t ) );
214
215 if( NULL == ( ctx->cipher_ctx = cipher_info->base->ctx_alloc_func() ) )
217
218 ctx->cipher_info = cipher_info;
219
220#if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
221 /*
222 * Ignore possible errors caused by a cipher mode that doesn't use padding
223 */
224#if defined(MBEDTLS_CIPHER_PADDING_PKCS7)
226#else
228#endif
229#endif /* MBEDTLS_CIPHER_MODE_WITH_PADDING */
230
231 return( 0 );
232}
233
235 const unsigned char *key,
236 int key_bitlen,
238{
239 CIPHER_VALIDATE_RET( ctx != NULL );
240 CIPHER_VALIDATE_RET( key != NULL );
241 CIPHER_VALIDATE_RET( operation == MBEDTLS_ENCRYPT ||
243 if( ctx->cipher_info == NULL )
245
246 if( ( ctx->cipher_info->flags & MBEDTLS_CIPHER_VARIABLE_KEY_LEN ) == 0 &&
247 (int) ctx->cipher_info->key_bitlen != key_bitlen )
248 {
250 }
251
252 ctx->key_bitlen = key_bitlen;
253 ctx->operation = operation;
254
255 /*
256 * For OFB, CFB and CTR mode always use the encryption key schedule
257 */
258 if( MBEDTLS_ENCRYPT == operation ||
259 MBEDTLS_MODE_CFB == ctx->cipher_info->mode ||
260 MBEDTLS_MODE_OFB == ctx->cipher_info->mode ||
261 MBEDTLS_MODE_CTR == ctx->cipher_info->mode )
262 {
263 return( ctx->cipher_info->base->setkey_enc_func( ctx->cipher_ctx, key,
264 ctx->key_bitlen ) );
265 }
266
268 return( ctx->cipher_info->base->setkey_dec_func( ctx->cipher_ctx, key,
269 ctx->key_bitlen ) );
270
272}
273
275 const unsigned char *iv,
276 size_t iv_len )
277{
278 size_t actual_iv_size;
279
280 CIPHER_VALIDATE_RET( ctx != NULL );
281 CIPHER_VALIDATE_RET( iv_len == 0 || iv != NULL );
282 if( ctx->cipher_info == NULL )
284
285 /* avoid buffer overflow in ctx->iv */
286 if( iv_len > MBEDTLS_MAX_IV_LENGTH )
288
289 if( ( ctx->cipher_info->flags & MBEDTLS_CIPHER_VARIABLE_IV_LEN ) != 0 )
290 actual_iv_size = iv_len;
291 else
292 {
293 actual_iv_size = ctx->cipher_info->iv_size;
294
295 /* avoid reading past the end of input buffer */
296 if( actual_iv_size > iv_len )
298 }
299
300#if defined(MBEDTLS_CHACHA20_C)
301 if ( ctx->cipher_info->type == MBEDTLS_CIPHER_CHACHA20 )
302 {
304 iv,
305 0U ) ) /* Initial counter value */
306 {
308 }
309 }
310#endif
311
312 if ( actual_iv_size != 0 )
313 {
314 memcpy( ctx->iv, iv, actual_iv_size );
315 ctx->iv_size = actual_iv_size;
316 }
317
318 return( 0 );
319}
320
322{
323 CIPHER_VALIDATE_RET( ctx != NULL );
324 if( ctx->cipher_info == NULL )
326
327 ctx->unprocessed_len = 0;
328
329 return( 0 );
330}
331
332#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
334 const unsigned char *ad, size_t ad_len )
335{
336 CIPHER_VALIDATE_RET( ctx != NULL );
337 CIPHER_VALIDATE_RET( ad_len == 0 || ad != NULL );
338 if( ctx->cipher_info == NULL )
340
341#if defined(MBEDTLS_GCM_C)
342 if( MBEDTLS_MODE_GCM == ctx->cipher_info->mode )
343 {
344 return( mbedtls_gcm_starts( (mbedtls_gcm_context *) ctx->cipher_ctx, ctx->operation,
345 ctx->iv, ctx->iv_size, ad, ad_len ) );
346 }
347#endif
348
349#if defined(MBEDTLS_CHACHAPOLY_C)
350 if (MBEDTLS_CIPHER_CHACHA20_POLY1305 == ctx->cipher_info->type )
351 {
352 int result;
354
355 mode = ( ctx->operation == MBEDTLS_ENCRYPT )
358
360 ctx->iv,
361 mode );
362 if ( result != 0 )
363 return( result );
364
366 ad, ad_len ) );
367 }
368#endif
369
370 return( 0 );
371}
372#endif /* MBEDTLS_GCM_C || MBEDTLS_CHACHAPOLY_C */
373
374int mbedtls_cipher_update( mbedtls_cipher_context_t *ctx, const unsigned char *input,
375 size_t ilen, unsigned char *output, size_t *olen )
376{
377 int ret;
378 size_t block_size;
379
380 CIPHER_VALIDATE_RET( ctx != NULL );
381 CIPHER_VALIDATE_RET( ilen == 0 || input != NULL );
382 CIPHER_VALIDATE_RET( output != NULL );
383 CIPHER_VALIDATE_RET( olen != NULL );
384 if( ctx->cipher_info == NULL )
386
387 *olen = 0;
389 if ( 0 == block_size )
390 {
392 }
393
394 if( ctx->cipher_info->mode == MBEDTLS_MODE_ECB )
395 {
396 if( ilen != block_size )
398
399 *olen = ilen;
400
401 if( 0 != ( ret = ctx->cipher_info->base->ecb_func( ctx->cipher_ctx,
402 ctx->operation, input, output ) ) )
403 {
404 return( ret );
405 }
406
407 return( 0 );
408 }
409
410#if defined(MBEDTLS_GCM_C)
411 if( ctx->cipher_info->mode == MBEDTLS_MODE_GCM )
412 {
413 *olen = ilen;
414 return( mbedtls_gcm_update( (mbedtls_gcm_context *) ctx->cipher_ctx, ilen, input,
415 output ) );
416 }
417#endif
418
419#if defined(MBEDTLS_CHACHAPOLY_C)
420 if ( ctx->cipher_info->type == MBEDTLS_CIPHER_CHACHA20_POLY1305 )
421 {
422 *olen = ilen;
424 ilen, input, output ) );
425 }
426#endif
427
428 if( input == output &&
429 ( ctx->unprocessed_len != 0 || ilen % block_size ) )
430 {
432 }
433
434#if defined(MBEDTLS_CIPHER_MODE_CBC)
435 if( ctx->cipher_info->mode == MBEDTLS_MODE_CBC )
436 {
437 size_t copy_len = 0;
438
439 /*
440 * If there is not enough data for a full block, cache it.
441 */
442 if( ( ctx->operation == MBEDTLS_DECRYPT && NULL != ctx->add_padding &&
443 ilen <= block_size - ctx->unprocessed_len ) ||
444 ( ctx->operation == MBEDTLS_DECRYPT && NULL == ctx->add_padding &&
445 ilen < block_size - ctx->unprocessed_len ) ||
446 ( ctx->operation == MBEDTLS_ENCRYPT &&
447 ilen < block_size - ctx->unprocessed_len ) )
448 {
449 memcpy( &( ctx->unprocessed_data[ctx->unprocessed_len] ), input,
450 ilen );
451
452 ctx->unprocessed_len += ilen;
453 return( 0 );
454 }
455
456 /*
457 * Process cached data first
458 */
459 if( 0 != ctx->unprocessed_len )
460 {
461 copy_len = block_size - ctx->unprocessed_len;
462
463 memcpy( &( ctx->unprocessed_data[ctx->unprocessed_len] ), input,
464 copy_len );
465
466 if( 0 != ( ret = ctx->cipher_info->base->cbc_func( ctx->cipher_ctx,
467 ctx->operation, block_size, ctx->iv,
468 ctx->unprocessed_data, output ) ) )
469 {
470 return( ret );
471 }
472
473 *olen += block_size;
474 output += block_size;
475 ctx->unprocessed_len = 0;
476
477 input += copy_len;
478 ilen -= copy_len;
479 }
480
481 /*
482 * Cache final, incomplete block
483 */
484 if( 0 != ilen )
485 {
486 /* Encryption: only cache partial blocks
487 * Decryption w/ padding: always keep at least one whole block
488 * Decryption w/o padding: only cache partial blocks
489 */
490 copy_len = ilen % block_size;
491 if( copy_len == 0 &&
492 ctx->operation == MBEDTLS_DECRYPT &&
493 NULL != ctx->add_padding)
494 {
495 copy_len = block_size;
496 }
497
498 memcpy( ctx->unprocessed_data, &( input[ilen - copy_len] ),
499 copy_len );
500
501 ctx->unprocessed_len += copy_len;
502 ilen -= copy_len;
503 }
504
505 /*
506 * Process remaining full blocks
507 */
508 if( ilen )
509 {
510 if( 0 != ( ret = ctx->cipher_info->base->cbc_func( ctx->cipher_ctx,
511 ctx->operation, ilen, ctx->iv, input, output ) ) )
512 {
513 return( ret );
514 }
515
516 *olen += ilen;
517 }
518
519 return( 0 );
520 }
521#endif /* MBEDTLS_CIPHER_MODE_CBC */
522
523#if defined(MBEDTLS_CIPHER_MODE_CFB)
524 if( ctx->cipher_info->mode == MBEDTLS_MODE_CFB )
525 {
526 if( 0 != ( ret = ctx->cipher_info->base->cfb_func( ctx->cipher_ctx,
527 ctx->operation, ilen, &ctx->unprocessed_len, ctx->iv,
528 input, output ) ) )
529 {
530 return( ret );
531 }
532
533 *olen = ilen;
534
535 return( 0 );
536 }
537#endif /* MBEDTLS_CIPHER_MODE_CFB */
538
539#if defined(MBEDTLS_CIPHER_MODE_OFB)
540 if( ctx->cipher_info->mode == MBEDTLS_MODE_OFB )
541 {
542 if( 0 != ( ret = ctx->cipher_info->base->ofb_func( ctx->cipher_ctx,
543 ilen, &ctx->unprocessed_len, ctx->iv, input, output ) ) )
544 {
545 return( ret );
546 }
547
548 *olen = ilen;
549
550 return( 0 );
551 }
552#endif /* MBEDTLS_CIPHER_MODE_OFB */
553
554#if defined(MBEDTLS_CIPHER_MODE_CTR)
555 if( ctx->cipher_info->mode == MBEDTLS_MODE_CTR )
556 {
557 if( 0 != ( ret = ctx->cipher_info->base->ctr_func( ctx->cipher_ctx,
558 ilen, &ctx->unprocessed_len, ctx->iv,
559 ctx->unprocessed_data, input, output ) ) )
560 {
561 return( ret );
562 }
563
564 *olen = ilen;
565
566 return( 0 );
567 }
568#endif /* MBEDTLS_CIPHER_MODE_CTR */
569
570#if defined(MBEDTLS_CIPHER_MODE_XTS)
571 if( ctx->cipher_info->mode == MBEDTLS_MODE_XTS )
572 {
573 if( ctx->unprocessed_len > 0 ) {
574 /* We can only process an entire data unit at a time. */
576 }
577
578 ret = ctx->cipher_info->base->xts_func( ctx->cipher_ctx,
579 ctx->operation, ilen, ctx->iv, input, output );
580 if( ret != 0 )
581 {
582 return( ret );
583 }
584
585 *olen = ilen;
586
587 return( 0 );
588 }
589#endif /* MBEDTLS_CIPHER_MODE_XTS */
590
591#if defined(MBEDTLS_CIPHER_MODE_STREAM)
592 if( ctx->cipher_info->mode == MBEDTLS_MODE_STREAM )
593 {
594 if( 0 != ( ret = ctx->cipher_info->base->stream_func( ctx->cipher_ctx,
595 ilen, input, output ) ) )
596 {
597 return( ret );
598 }
599
600 *olen = ilen;
601
602 return( 0 );
603 }
604#endif /* MBEDTLS_CIPHER_MODE_STREAM */
605
607}
608
609#if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
610#if defined(MBEDTLS_CIPHER_PADDING_PKCS7)
611/*
612 * PKCS7 (and PKCS5) padding: fill with ll bytes, with ll = padding_len
613 */
614static void add_pkcs_padding( unsigned char *output, size_t output_len,
615 size_t data_len )
616{
617 size_t padding_len = output_len - data_len;
618 unsigned char i;
619
620 for( i = 0; i < padding_len; i++ )
621 output[data_len + i] = (unsigned char) padding_len;
622}
623
624static int get_pkcs_padding( unsigned char *input, size_t input_len,
625 size_t *data_len )
626{
627 size_t i, pad_idx;
628 unsigned char padding_len, bad = 0;
629
630 if( NULL == input || NULL == data_len )
632
633 padding_len = input[input_len - 1];
634 *data_len = input_len - padding_len;
635
636 /* Avoid logical || since it results in a branch */
637 bad |= padding_len > input_len;
638 bad |= padding_len == 0;
639
640 /* The number of bytes checked must be independent of padding_len,
641 * so pick input_len, which is usually 8 or 16 (one block) */
642 pad_idx = input_len - padding_len;
643 for( i = 0; i < input_len; i++ )
644 bad |= ( input[i] ^ padding_len ) * ( i >= pad_idx );
645
646 return( MBEDTLS_ERR_CIPHER_INVALID_PADDING * ( bad != 0 ) );
647}
648#endif /* MBEDTLS_CIPHER_PADDING_PKCS7 */
649
650#if defined(MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS)
651/*
652 * One and zeros padding: fill with 80 00 ... 00
653 */
654static void add_one_and_zeros_padding( unsigned char *output,
655 size_t output_len, size_t data_len )
656{
657 size_t padding_len = output_len - data_len;
658 unsigned char i = 0;
659
660 output[data_len] = 0x80;
661 for( i = 1; i < padding_len; i++ )
662 output[data_len + i] = 0x00;
663}
664
665static int get_one_and_zeros_padding( unsigned char *input, size_t input_len,
666 size_t *data_len )
667{
668 size_t i;
669 unsigned char done = 0, prev_done, bad;
670
671 if( NULL == input || NULL == data_len )
673
674 bad = 0x80;
675 *data_len = 0;
676 for( i = input_len; i > 0; i-- )
677 {
678 prev_done = done;
679 done |= ( input[i - 1] != 0 );
680 *data_len |= ( i - 1 ) * ( done != prev_done );
681 bad ^= input[i - 1] * ( done != prev_done );
682 }
683
684 return( MBEDTLS_ERR_CIPHER_INVALID_PADDING * ( bad != 0 ) );
685
686}
687#endif /* MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS */
688
689#if defined(MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN)
690/*
691 * Zeros and len padding: fill with 00 ... 00 ll, where ll is padding length
692 */
693static void add_zeros_and_len_padding( unsigned char *output,
694 size_t output_len, size_t data_len )
695{
696 size_t padding_len = output_len - data_len;
697 unsigned char i = 0;
698
699 for( i = 1; i < padding_len; i++ )
700 output[data_len + i - 1] = 0x00;
701 output[output_len - 1] = (unsigned char) padding_len;
702}
703
704static int get_zeros_and_len_padding( unsigned char *input, size_t input_len,
705 size_t *data_len )
706{
707 size_t i, pad_idx;
708 unsigned char padding_len, bad = 0;
709
710 if( NULL == input || NULL == data_len )
712
713 padding_len = input[input_len - 1];
714 *data_len = input_len - padding_len;
715
716 /* Avoid logical || since it results in a branch */
717 bad |= padding_len > input_len;
718 bad |= padding_len == 0;
719
720 /* The number of bytes checked must be independent of padding_len */
721 pad_idx = input_len - padding_len;
722 for( i = 0; i < input_len - 1; i++ )
723 bad |= input[i] * ( i >= pad_idx );
724
725 return( MBEDTLS_ERR_CIPHER_INVALID_PADDING * ( bad != 0 ) );
726}
727#endif /* MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN */
728
729#if defined(MBEDTLS_CIPHER_PADDING_ZEROS)
730/*
731 * Zero padding: fill with 00 ... 00
732 */
733static void add_zeros_padding( unsigned char *output,
734 size_t output_len, size_t data_len )
735{
736 size_t i;
737
738 for( i = data_len; i < output_len; i++ )
739 output[i] = 0x00;
740}
741
742static int get_zeros_padding( unsigned char *input, size_t input_len,
743 size_t *data_len )
744{
745 size_t i;
746 unsigned char done = 0, prev_done;
747
748 if( NULL == input || NULL == data_len )
750
751 *data_len = 0;
752 for( i = input_len; i > 0; i-- )
753 {
754 prev_done = done;
755 done |= ( input[i-1] != 0 );
756 *data_len |= i * ( done != prev_done );
757 }
758
759 return( 0 );
760}
761#endif /* MBEDTLS_CIPHER_PADDING_ZEROS */
762
763/*
764 * No padding: don't pad :)
765 *
766 * There is no add_padding function (check for NULL in mbedtls_cipher_finish)
767 * but a trivial get_padding function
768 */
769static int get_no_padding( unsigned char *input, size_t input_len,
770 size_t *data_len )
771{
772 if( NULL == input || NULL == data_len )
774
775 *data_len = input_len;
776
777 return( 0 );
778}
779#endif /* MBEDTLS_CIPHER_MODE_WITH_PADDING */
780
782 unsigned char *output, size_t *olen )
783{
784 CIPHER_VALIDATE_RET( ctx != NULL );
785 CIPHER_VALIDATE_RET( output != NULL );
786 CIPHER_VALIDATE_RET( olen != NULL );
787 if( ctx->cipher_info == NULL )
789
790 *olen = 0;
791
792 if( MBEDTLS_MODE_CFB == ctx->cipher_info->mode ||
793 MBEDTLS_MODE_OFB == ctx->cipher_info->mode ||
794 MBEDTLS_MODE_CTR == ctx->cipher_info->mode ||
795 MBEDTLS_MODE_GCM == ctx->cipher_info->mode ||
796 MBEDTLS_MODE_XTS == ctx->cipher_info->mode ||
797 MBEDTLS_MODE_STREAM == ctx->cipher_info->mode )
798 {
799 return( 0 );
800 }
801
802 if ( ( MBEDTLS_CIPHER_CHACHA20 == ctx->cipher_info->type ) ||
803 ( MBEDTLS_CIPHER_CHACHA20_POLY1305 == ctx->cipher_info->type ) )
804 {
805 return( 0 );
806 }
807
808 if( MBEDTLS_MODE_ECB == ctx->cipher_info->mode )
809 {
810 if( ctx->unprocessed_len != 0 )
812
813 return( 0 );
814 }
815
816#if defined(MBEDTLS_CIPHER_MODE_CBC)
817 if( MBEDTLS_MODE_CBC == ctx->cipher_info->mode )
818 {
819 int ret = 0;
820
821 if( MBEDTLS_ENCRYPT == ctx->operation )
822 {
823 /* check for 'no padding' mode */
824 if( NULL == ctx->add_padding )
825 {
826 if( 0 != ctx->unprocessed_len )
828
829 return( 0 );
830 }
831
832 ctx->add_padding( ctx->unprocessed_data, mbedtls_cipher_get_iv_size( ctx ),
833 ctx->unprocessed_len );
834 }
835 else if( mbedtls_cipher_get_block_size( ctx ) != ctx->unprocessed_len )
836 {
837 /*
838 * For decrypt operations, expect a full block,
839 * or an empty block if no padding
840 */
841 if( NULL == ctx->add_padding && 0 == ctx->unprocessed_len )
842 return( 0 );
843
845 }
846
847 /* cipher block */
848 if( 0 != ( ret = ctx->cipher_info->base->cbc_func( ctx->cipher_ctx,
849 ctx->operation, mbedtls_cipher_get_block_size( ctx ), ctx->iv,
850 ctx->unprocessed_data, output ) ) )
851 {
852 return( ret );
853 }
854
855 /* Set output size for decryption */
856 if( MBEDTLS_DECRYPT == ctx->operation )
857 return( ctx->get_padding( output, mbedtls_cipher_get_block_size( ctx ),
858 olen ) );
859
860 /* Set output size for encryption */
862 return( 0 );
863 }
864#else
865 ((void) output);
866#endif /* MBEDTLS_CIPHER_MODE_CBC */
867
869}
870
871#if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
874{
875 CIPHER_VALIDATE_RET( ctx != NULL );
876
877 if( NULL == ctx->cipher_info || MBEDTLS_MODE_CBC != ctx->cipher_info->mode )
878 {
880 }
881
882 switch( mode )
883 {
884#if defined(MBEDTLS_CIPHER_PADDING_PKCS7)
886 ctx->add_padding = add_pkcs_padding;
887 ctx->get_padding = get_pkcs_padding;
888 break;
889#endif
890#if defined(MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS)
892 ctx->add_padding = add_one_and_zeros_padding;
893 ctx->get_padding = get_one_and_zeros_padding;
894 break;
895#endif
896#if defined(MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN)
898 ctx->add_padding = add_zeros_and_len_padding;
899 ctx->get_padding = get_zeros_and_len_padding;
900 break;
901#endif
902#if defined(MBEDTLS_CIPHER_PADDING_ZEROS)
904 ctx->add_padding = add_zeros_padding;
905 ctx->get_padding = get_zeros_padding;
906 break;
907#endif
909 ctx->add_padding = NULL;
910 ctx->get_padding = get_no_padding;
911 break;
912
913 default:
915 }
916
917 return( 0 );
918}
919#endif /* MBEDTLS_CIPHER_MODE_WITH_PADDING */
920
921#if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CHACHAPOLY_C)
923 unsigned char *tag, size_t tag_len )
924{
925 CIPHER_VALIDATE_RET( ctx != NULL );
926 CIPHER_VALIDATE_RET( tag_len == 0 || tag != NULL );
927 if( ctx->cipher_info == NULL )
929
930 if( MBEDTLS_ENCRYPT != ctx->operation )
932
933#if defined(MBEDTLS_GCM_C)
934 if( MBEDTLS_MODE_GCM == ctx->cipher_info->mode )
935 return( mbedtls_gcm_finish( (mbedtls_gcm_context *) ctx->cipher_ctx,
936 tag, tag_len ) );
937#endif
938
939#if defined(MBEDTLS_CHACHAPOLY_C)
940 if ( MBEDTLS_CIPHER_CHACHA20_POLY1305 == ctx->cipher_info->type )
941 {
942 /* Don't allow truncated MAC for Poly1305 */
943 if ( tag_len != 16U )
945
947 tag ) );
948 }
949#endif
950
951 return( 0 );
952}
953
955 const unsigned char *tag, size_t tag_len )
956{
957 unsigned char check_tag[16];
958 int ret;
959
960 CIPHER_VALIDATE_RET( ctx != NULL );
961 CIPHER_VALIDATE_RET( tag_len == 0 || tag != NULL );
962 if( ctx->cipher_info == NULL )
964
965 if( MBEDTLS_DECRYPT != ctx->operation )
966 {
968 }
969
970#if defined(MBEDTLS_GCM_C)
971 if( MBEDTLS_MODE_GCM == ctx->cipher_info->mode )
972 {
973 if( tag_len > sizeof( check_tag ) )
975
976 if( 0 != ( ret = mbedtls_gcm_finish( (mbedtls_gcm_context *) ctx->cipher_ctx,
977 check_tag, tag_len ) ) )
978 {
979 return( ret );
980 }
981
982 /* Check the tag in "constant-time" */
983 if( mbedtls_constant_time_memcmp( tag, check_tag, tag_len ) != 0 )
985
986 return( 0 );
987 }
988#endif /* MBEDTLS_GCM_C */
989
990#if defined(MBEDTLS_CHACHAPOLY_C)
991 if ( MBEDTLS_CIPHER_CHACHA20_POLY1305 == ctx->cipher_info->type )
992 {
993 /* Don't allow truncated MAC for Poly1305 */
994 if ( tag_len != sizeof( check_tag ) )
996
998 check_tag );
999 if ( ret != 0 )
1000 {
1001 return( ret );
1002 }
1003
1004 /* Check the tag in "constant-time" */
1005 if( mbedtls_constant_time_memcmp( tag, check_tag, tag_len ) != 0 )
1007
1008 return( 0 );
1009 }
1010#endif /* MBEDTLS_CHACHAPOLY_C */
1011
1012 return( 0 );
1013}
1014#endif /* MBEDTLS_GCM_C || MBEDTLS_CHACHAPOLY_C */
1015
1016/*
1017 * Packet-oriented wrapper for non-AEAD modes
1018 */
1020 const unsigned char *iv, size_t iv_len,
1021 const unsigned char *input, size_t ilen,
1022 unsigned char *output, size_t *olen )
1023{
1024 int ret;
1025 size_t finish_olen;
1026
1027 CIPHER_VALIDATE_RET( ctx != NULL );
1028 CIPHER_VALIDATE_RET( iv_len == 0 || iv != NULL );
1029 CIPHER_VALIDATE_RET( ilen == 0 || input != NULL );
1030 CIPHER_VALIDATE_RET( output != NULL );
1031 CIPHER_VALIDATE_RET( olen != NULL );
1032
1033 if( ( ret = mbedtls_cipher_set_iv( ctx, iv, iv_len ) ) != 0 )
1034 return( ret );
1035
1036 if( ( ret = mbedtls_cipher_reset( ctx ) ) != 0 )
1037 return( ret );
1038
1039 if( ( ret = mbedtls_cipher_update( ctx, input, ilen, output, olen ) ) != 0 )
1040 return( ret );
1041
1042 if( ( ret = mbedtls_cipher_finish( ctx, output + *olen, &finish_olen ) ) != 0 )
1043 return( ret );
1044
1045 *olen += finish_olen;
1046
1047 return( 0 );
1048}
1049
1050#if defined(MBEDTLS_CIPHER_MODE_AEAD)
1051/*
1052 * Packet-oriented encryption for AEAD modes
1053 */
1055 const unsigned char *iv, size_t iv_len,
1056 const unsigned char *ad, size_t ad_len,
1057 const unsigned char *input, size_t ilen,
1058 unsigned char *output, size_t *olen,
1059 unsigned char *tag, size_t tag_len )
1060{
1061 CIPHER_VALIDATE_RET( ctx != NULL );
1062 CIPHER_VALIDATE_RET( iv != NULL );
1063 CIPHER_VALIDATE_RET( ad_len == 0 || ad != NULL );
1064 CIPHER_VALIDATE_RET( ilen == 0 || input != NULL );
1065 CIPHER_VALIDATE_RET( output != NULL );
1066 CIPHER_VALIDATE_RET( olen != NULL );
1067 CIPHER_VALIDATE_RET( tag_len == 0 || tag != NULL );
1068
1069#if defined(MBEDTLS_GCM_C)
1070 if( MBEDTLS_MODE_GCM == ctx->cipher_info->mode )
1071 {
1072 *olen = ilen;
1073 return( mbedtls_gcm_crypt_and_tag( ctx->cipher_ctx, MBEDTLS_GCM_ENCRYPT, ilen,
1074 iv, iv_len, ad, ad_len, input, output,
1075 tag_len, tag ) );
1076 }
1077#endif /* MBEDTLS_GCM_C */
1078#if defined(MBEDTLS_CCM_C)
1079 if( MBEDTLS_MODE_CCM == ctx->cipher_info->mode )
1080 {
1081 *olen = ilen;
1082 return( mbedtls_ccm_encrypt_and_tag( ctx->cipher_ctx, ilen,
1083 iv, iv_len, ad, ad_len, input, output,
1084 tag, tag_len ) );
1085 }
1086#endif /* MBEDTLS_CCM_C */
1087#if defined(MBEDTLS_CHACHAPOLY_C)
1088 if ( MBEDTLS_CIPHER_CHACHA20_POLY1305 == ctx->cipher_info->type )
1089 {
1090 /* ChachaPoly has fixed length nonce and MAC (tag) */
1091 if ( ( iv_len != ctx->cipher_info->iv_size ) ||
1092 ( tag_len != 16U ) )
1093 {
1095 }
1096
1097 *olen = ilen;
1098 return( mbedtls_chachapoly_encrypt_and_tag( ctx->cipher_ctx,
1099 ilen, iv, ad, ad_len, input, output, tag ) );
1100 }
1101#endif /* MBEDTLS_CHACHAPOLY_C */
1102
1104}
1105
1106/*
1107 * Packet-oriented decryption for AEAD modes
1108 */
1110 const unsigned char *iv, size_t iv_len,
1111 const unsigned char *ad, size_t ad_len,
1112 const unsigned char *input, size_t ilen,
1113 unsigned char *output, size_t *olen,
1114 const unsigned char *tag, size_t tag_len )
1115{
1116 CIPHER_VALIDATE_RET( ctx != NULL );
1117 CIPHER_VALIDATE_RET( iv != NULL );
1118 CIPHER_VALIDATE_RET( ad_len == 0 || ad != NULL );
1119 CIPHER_VALIDATE_RET( ilen == 0 || input != NULL );
1120 CIPHER_VALIDATE_RET( output != NULL );
1121 CIPHER_VALIDATE_RET( olen != NULL );
1122 CIPHER_VALIDATE_RET( tag_len == 0 || tag != NULL );
1123
1124#if defined(MBEDTLS_GCM_C)
1125 if( MBEDTLS_MODE_GCM == ctx->cipher_info->mode )
1126 {
1127 int ret;
1128
1129 *olen = ilen;
1130 ret = mbedtls_gcm_auth_decrypt( ctx->cipher_ctx, ilen,
1131 iv, iv_len, ad, ad_len,
1132 tag, tag_len, input, output );
1133
1136
1137 return( ret );
1138 }
1139#endif /* MBEDTLS_GCM_C */
1140#if defined(MBEDTLS_CCM_C)
1141 if( MBEDTLS_MODE_CCM == ctx->cipher_info->mode )
1142 {
1143 int ret;
1144
1145 *olen = ilen;
1146 ret = mbedtls_ccm_auth_decrypt( ctx->cipher_ctx, ilen,
1147 iv, iv_len, ad, ad_len,
1148 input, output, tag, tag_len );
1149
1152
1153 return( ret );
1154 }
1155#endif /* MBEDTLS_CCM_C */
1156#if defined(MBEDTLS_CHACHAPOLY_C)
1157 if ( MBEDTLS_CIPHER_CHACHA20_POLY1305 == ctx->cipher_info->type )
1158 {
1159 int ret;
1160
1161 /* ChachaPoly has fixed length nonce and MAC (tag) */
1162 if ( ( iv_len != ctx->cipher_info->iv_size ) ||
1163 ( tag_len != 16U ) )
1164 {
1166 }
1167
1168 *olen = ilen;
1169 ret = mbedtls_chachapoly_auth_decrypt( ctx->cipher_ctx, ilen,
1170 iv, ad, ad_len, tag, input, output );
1171
1174
1175 return( ret );
1176 }
1177#endif /* MBEDTLS_CHACHAPOLY_C */
1178
1180}
1181#endif /* MBEDTLS_CIPHER_MODE_AEAD */
1182
1183#endif /* MBEDTLS_CIPHER_C */
int strcmp(const char *String1, const char *String2)
Definition: utclib.c:469
operation
Definition: copy.c:29
#define U(x)
Definition: wordpad.c:45
This file provides an API for the CCM authenticated encryption mode for block ciphers.
int mbedtls_ccm_encrypt_and_tag(mbedtls_ccm_context *ctx, size_t length, const unsigned char *iv, size_t iv_len, const unsigned char *add, size_t add_len, const unsigned char *input, unsigned char *output, unsigned char *tag, size_t tag_len)
This function encrypts a buffer using CCM.
int mbedtls_ccm_auth_decrypt(mbedtls_ccm_context *ctx, size_t length, const unsigned char *iv, size_t iv_len, const unsigned char *add, size_t add_len, const unsigned char *input, unsigned char *output, const unsigned char *tag, size_t tag_len)
This function performs a CCM authenticated decryption of a buffer.
#define MBEDTLS_ERR_CCM_AUTH_FAILED
Definition: ccm.h:86
This file contains ChaCha20 definitions and functions.
int mbedtls_chacha20_starts(mbedtls_chacha20_context *ctx, const unsigned char nonce[12], uint32_t counter)
This function sets the nonce and initial counter value.
This file contains the AEAD-ChaCha20-Poly1305 definitions and functions.
int mbedtls_chachapoly_finish(mbedtls_chachapoly_context *ctx, unsigned char mac[16])
This function finished the ChaCha20-Poly1305 operation and generates the MAC (authentication tag).
int mbedtls_chachapoly_starts(mbedtls_chachapoly_context *ctx, const unsigned char nonce[12], mbedtls_chachapoly_mode_t mode)
This function starts a ChaCha20-Poly1305 encryption or decryption operation.
int mbedtls_chachapoly_update(mbedtls_chachapoly_context *ctx, size_t len, const unsigned char *input, unsigned char *output)
Thus function feeds data to be encrypted or decrypted into an on-going ChaCha20-Poly1305 operation.
int mbedtls_chachapoly_encrypt_and_tag(mbedtls_chachapoly_context *ctx, size_t length, const unsigned char nonce[12], const unsigned char *aad, size_t aad_len, const unsigned char *input, unsigned char *output, unsigned char tag[16])
This function performs a complete ChaCha20-Poly1305 authenticated encryption with the previously-set ...
#define MBEDTLS_ERR_CHACHAPOLY_AUTH_FAILED
Definition: chachapoly.h:72
mbedtls_chachapoly_mode_t
Definition: chachapoly.h:79
@ MBEDTLS_CHACHAPOLY_ENCRYPT
Definition: chachapoly.h:80
@ MBEDTLS_CHACHAPOLY_DECRYPT
Definition: chachapoly.h:81
int mbedtls_chachapoly_auth_decrypt(mbedtls_chachapoly_context *ctx, size_t length, const unsigned char nonce[12], const unsigned char *aad, size_t aad_len, const unsigned char tag[16], const unsigned char *input, unsigned char *output)
This function performs a complete ChaCha20-Poly1305 authenticated decryption with the previously-set ...
int mbedtls_chachapoly_update_aad(mbedtls_chachapoly_context *ctx, const unsigned char *aad, size_t aad_len)
This function feeds additional data to be authenticated into an ongoing ChaCha20-Poly1305 operation.
This file contains an abstraction interface for use with the cipher primitives provided by the librar...
int mbedtls_cipher_setup(mbedtls_cipher_context_t *ctx, const mbedtls_cipher_info_t *cipher_info)
This function initializes and fills the cipher-context structure with the appropriate values....
mbedtls_cipher_type_t
Supported {cipher type, cipher mode} pairs.
Definition: cipher.h:129
@ MBEDTLS_CIPHER_CHACHA20
Definition: cipher.h:202
@ MBEDTLS_CIPHER_CHACHA20_POLY1305
Definition: cipher.h:203
int mbedtls_cipher_setkey(mbedtls_cipher_context_t *ctx, const unsigned char *key, int key_bitlen, const mbedtls_operation_t operation)
This function sets the key to use with the given context.
#define MBEDTLS_ERR_CIPHER_INVALID_PADDING
Definition: cipher.h:87
int mbedtls_cipher_crypt(mbedtls_cipher_context_t *ctx, const unsigned char *iv, size_t iv_len, const unsigned char *input, size_t ilen, unsigned char *output, size_t *olen)
The generic all-in-one encryption/decryption function, for all ciphers except AEAD constructs.
int mbedtls_cipher_reset(mbedtls_cipher_context_t *ctx)
This function resets the cipher state.
#define MBEDTLS_CIPHER_VARIABLE_IV_LEN
Definition: cipher.h:95
#define MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE
Definition: cipher.h:84
int mbedtls_cipher_set_iv(mbedtls_cipher_context_t *ctx, const unsigned char *iv, size_t iv_len)
This function sets the initialization vector (IV) or nonce.
mbedtls_cipher_padding_t
Definition: cipher.h:222
@ MBEDTLS_PADDING_ZEROS
Definition: cipher.h:226
@ MBEDTLS_PADDING_ONE_AND_ZEROS
Definition: cipher.h:224
@ MBEDTLS_PADDING_PKCS7
Definition: cipher.h:223
@ MBEDTLS_PADDING_ZEROS_AND_LEN
Definition: cipher.h:225
@ MBEDTLS_PADDING_NONE
Definition: cipher.h:227
int mbedtls_cipher_auth_encrypt(mbedtls_cipher_context_t *ctx, const unsigned char *iv, size_t iv_len, const unsigned char *ad, size_t ad_len, const unsigned char *input, size_t ilen, unsigned char *output, size_t *olen, unsigned char *tag, size_t tag_len)
The generic autenticated encryption (AEAD) function.
int mbedtls_cipher_finish(mbedtls_cipher_context_t *ctx, unsigned char *output, size_t *olen)
The generic cipher finalization function. If data still needs to be flushed from an incomplete block,...
#define MBEDTLS_ERR_CIPHER_AUTH_FAILED
Definition: cipher.h:89
#define MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA
Definition: cipher.h:85
int mbedtls_cipher_auth_decrypt(mbedtls_cipher_context_t *ctx, const unsigned char *iv, size_t iv_len, const unsigned char *ad, size_t ad_len, const unsigned char *input, size_t ilen, unsigned char *output, size_t *olen, const unsigned char *tag, size_t tag_len)
The generic autenticated decryption (AEAD) function.
const mbedtls_cipher_info_t * mbedtls_cipher_info_from_values(const mbedtls_cipher_id_t cipher_id, int key_bitlen, const mbedtls_cipher_mode_t mode)
This function retrieves the cipher-information structure associated with the given cipher ID,...
void mbedtls_cipher_init(mbedtls_cipher_context_t *ctx)
This function initializes a cipher_context as NONE.
int mbedtls_cipher_update_ad(mbedtls_cipher_context_t *ctx, const unsigned char *ad, size_t ad_len)
This function adds additional data for AEAD ciphers. Currently supported with GCM and ChaCha20+Poly13...
#define MBEDTLS_CIPHER_VARIABLE_KEY_LEN
Definition: cipher.h:96
int mbedtls_cipher_write_tag(mbedtls_cipher_context_t *ctx, unsigned char *tag, size_t tag_len)
This function writes a tag for AEAD ciphers. Currently supported with GCM and ChaCha20+Poly1305....
void mbedtls_cipher_free(mbedtls_cipher_context_t *ctx)
This function frees and clears the cipher-specific context of ctx. Freeing ctx itself remains the res...
static int mbedtls_cipher_get_iv_size(const mbedtls_cipher_context_t *ctx)
This function returns the size of the IV or nonce of the cipher, in Bytes.
Definition: cipher.h:491
int mbedtls_cipher_update(mbedtls_cipher_context_t *ctx, const unsigned char *input, size_t ilen, unsigned char *output, size_t *olen)
The generic cipher update function. It encrypts or decrypts using the given cipher context....
static unsigned int mbedtls_cipher_get_block_size(const mbedtls_cipher_context_t *ctx)
This function returns the block size of the given cipher.
Definition: cipher.h:452
mbedtls_operation_t
Definition: cipher.h:231
@ MBEDTLS_DECRYPT
Definition: cipher.h:233
@ MBEDTLS_ENCRYPT
Definition: cipher.h:234
const mbedtls_cipher_info_t * mbedtls_cipher_info_from_string(const char *cipher_name)
This function retrieves the cipher-information structure associated with the given cipher name.
const int * mbedtls_cipher_list(void)
This function retrieves the list of ciphers supported by the generic cipher module.
#define MBEDTLS_ERR_CIPHER_ALLOC_FAILED
Definition: cipher.h:86
#define MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED
Definition: cipher.h:88
int mbedtls_cipher_check_tag(mbedtls_cipher_context_t *ctx, const unsigned char *tag, size_t tag_len)
This function checks the tag for AEAD ciphers. Currently supported with GCM and ChaCha20+Poly1305....
mbedtls_cipher_mode_t
Definition: cipher.h:207
@ MBEDTLS_MODE_ECB
Definition: cipher.h:209
@ MBEDTLS_MODE_CCM
Definition: cipher.h:216
@ MBEDTLS_MODE_STREAM
Definition: cipher.h:215
@ MBEDTLS_MODE_CFB
Definition: cipher.h:211
@ MBEDTLS_MODE_CTR
Definition: cipher.h:213
@ MBEDTLS_MODE_GCM
Definition: cipher.h:214
@ MBEDTLS_MODE_CBC
Definition: cipher.h:210
@ MBEDTLS_MODE_OFB
Definition: cipher.h:212
@ MBEDTLS_MODE_XTS
Definition: cipher.h:217
#define MBEDTLS_MAX_IV_LENGTH
Definition: cipher.h:249
#define MBEDTLS_ERR_CIPHER_INVALID_CONTEXT
Definition: cipher.h:90
mbedtls_cipher_id_t
Supported cipher types.
Definition: cipher.h:109
int mbedtls_cipher_set_padding_mode(mbedtls_cipher_context_t *ctx, mbedtls_cipher_padding_t mode)
This function sets the padding mode, for cipher modes that use padding.
Cipher wrappers.
const mbedtls_cipher_definition_t mbedtls_cipher_definitions[]
int mbedtls_cipher_supported[]
This file contains CMAC definitions and functions.
#define NULL
Definition: types.h:112
unsigned char
Definition: typeof.h:29
This file contains GCM definitions and functions.
#define MBEDTLS_GCM_ENCRYPT
Definition: gcm.h:71
int mbedtls_gcm_starts(mbedtls_gcm_context *ctx, int mode, const unsigned char *iv, size_t iv_len, const unsigned char *add, size_t add_len)
This function starts a GCM encryption or decryption operation.
int mbedtls_gcm_crypt_and_tag(mbedtls_gcm_context *ctx, int mode, size_t length, const unsigned char *iv, size_t iv_len, const unsigned char *add, size_t add_len, const unsigned char *input, unsigned char *output, size_t tag_len, unsigned char *tag)
This function performs GCM encryption or decryption of a buffer.
int mbedtls_gcm_finish(mbedtls_gcm_context *ctx, unsigned char *tag, size_t tag_len)
This function finishes the GCM operation and generates the authentication tag.
#define MBEDTLS_ERR_GCM_AUTH_FAILED
Definition: gcm.h:74
int mbedtls_gcm_update(mbedtls_gcm_context *ctx, size_t length, const unsigned char *input, unsigned char *output)
This function feeds an input buffer into an ongoing GCM encryption or decryption operation.
int mbedtls_gcm_auth_decrypt(mbedtls_gcm_context *ctx, size_t length, const unsigned char *iv, size_t iv_len, const unsigned char *add, size_t add_len, const unsigned char *tag, size_t tag_len, const unsigned char *input, unsigned char *output)
This function performs a GCM authenticated decryption of a buffer.
GLuint GLuint GLsizei GLenum type
Definition: gl.h:1545
GLenum mode
Definition: glext.h:6217
GLenum GLsizei len
Definition: glext.h:6722
GLfloat GLfloat v1
Definition: glext.h:6062
GLenum GLenum GLenum input
Definition: glext.h:9031
GLfloat GLfloat GLfloat v2
Definition: glext.h:6063
GLuint64EXT * result
Definition: glext.h:11304
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
static DWORD block_size(DWORD block)
Definition: jsutils.c:66
#define memcpy(s1, s2, n)
Definition: mkisofs.h:878
void mbedtls_platform_zeroize(void *buf, size_t len)
Securely zeroize a buffer.
Definition: platform_util.c:98
Common and shared functions used by multiple modules in the Mbed TLS library.
#define mbedtls_cipher_info_from_type
Configuration options (set of defines)
This file contains the definitions and functions of the Mbed TLS platform abstraction layer.
#define mbedtls_free
Definition: platform.h:168
#define memset(x, y, z)
Definition: compat.h:39
Definition: copy.c:22
mbedtls_cipher_id_t cipher
void *(* ctx_alloc_func)(void)
mbedtls_cipher_type_t type
const mbedtls_cipher_info_t * info
unsigned int key_bitlen
Definition: cipher.h:281
mbedtls_cipher_mode_t mode
Definition: cipher.h:275
const char * name
Definition: cipher.h:284
const mbedtls_cipher_base_t * base
Definition: cipher.h:302
The GCM context structure.
Definition: gcm.h:91
Definition: ecma_167.h:138
int ret