[proxmark3-svn] / common / mbedtls / des.h

/**
 * \file des.h
 *
 * \brief DES block cipher
 *
 * \warning   DES is considered a weak cipher and its use constitutes a
 *            security risk. We recommend considering stronger ciphers
 *            instead.
 */
/*
 *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
 *  SPDX-License-Identifier: GPL-2.0
 *
 *  This program is free software; you can redistribute it and/or modify
 *  it under the terms of the GNU General Public License as published by
 *  the Free Software Foundation; either version 2 of the License, or
 *  (at your option) any later version.
 *
 *  This program is distributed in the hope that it will be useful,
 *  but WITHOUT ANY WARRANTY; without even the implied warranty of
 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 *  GNU General Public License for more details.
 *
 *  You should have received a copy of the GNU General Public License along
 *  with this program; if not, write to the Free Software Foundation, Inc.,
 *  51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 *
 *  This file is part of mbed TLS (https://tls.mbed.org)
 *
 */
#ifndef MBEDTLS_DES_H
#define MBEDTLS_DES_H

#if !defined(MBEDTLS_CONFIG_FILE)
#include "config.h"
#else
#include MBEDTLS_CONFIG_FILE
#endif

#include <stddef.h>
#include <stdint.h>

#define MBEDTLS_DES_ENCRYPT     1
#define MBEDTLS_DES_DECRYPT     0

#define MBEDTLS_ERR_DES_INVALID_INPUT_LENGTH              -0x0032  /**< The data input has an invalid length. */
#define MBEDTLS_ERR_DES_HW_ACCEL_FAILED                   -0x0033  /**< DES hardware accelerator failed. */

#define MBEDTLS_DES_KEY_SIZE    8

#ifdef __cplusplus
extern "C" {
#endif

#if !defined(MBEDTLS_DES_ALT)
// Regular implementation
//

/**
 * \brief          DES context structure
 *
 * \warning        DES is considered a weak cipher and its use constitutes a
 *                 security risk. We recommend considering stronger ciphers
 *                 instead.
 */
typedef struct mbedtls_des_context
{
    uint32_t sk[32];            /*!<  DES subkeys       */
}
mbedtls_des_context;

/**
 * \brief          Triple-DES context structure
 */
typedef struct mbedtls_des3_context
{
    uint32_t sk[96];            /*!<  3DES subkeys      */
}
mbedtls_des3_context;

#else  /* MBEDTLS_DES_ALT */
#include "des_alt.h"
#endif /* MBEDTLS_DES_ALT */

/**
 * \brief          Initialize DES context
 *
 * \param ctx      DES context to be initialized
 *
 * \warning        DES is considered a weak cipher and its use constitutes a
 *                 security risk. We recommend considering stronger ciphers
 *                 instead.
 */
void mbedtls_des_init( mbedtls_des_context *ctx );

/**
 * \brief          Clear DES context
 *
 * \param ctx      DES context to be cleared
 *
 * \warning        DES is considered a weak cipher and its use constitutes a
 *                 security risk. We recommend considering stronger ciphers
 *                 instead.
 */
void mbedtls_des_free( mbedtls_des_context *ctx );

/**
 * \brief          Initialize Triple-DES context
 *
 * \param ctx      DES3 context to be initialized
 */
void mbedtls_des3_init( mbedtls_des3_context *ctx );

/**
 * \brief          Clear Triple-DES context
 *
 * \param ctx      DES3 context to be cleared
 */
void mbedtls_des3_free( mbedtls_des3_context *ctx );

/**
 * \brief          Set key parity on the given key to odd.
 *
 *                 DES keys are 56 bits long, but each byte is padded with
 *                 a parity bit to allow verification.
 *
 * \param key      8-byte secret key
 *
 * \warning        DES is considered a weak cipher and its use constitutes a
 *                 security risk. We recommend considering stronger ciphers
 *                 instead.
 */
void mbedtls_des_key_set_parity( unsigned char key[MBEDTLS_DES_KEY_SIZE] );

/**
 * \brief          Check that key parity on the given key is odd.
 *
 *                 DES keys are 56 bits long, but each byte is padded with
 *                 a parity bit to allow verification.
 *
 * \param key      8-byte secret key
 *
 * \return         0 is parity was ok, 1 if parity was not correct.
 *
 * \warning        DES is considered a weak cipher and its use constitutes a
 *                 security risk. We recommend considering stronger ciphers
 *                 instead.
 */
int mbedtls_des_key_check_key_parity( const unsigned char key[MBEDTLS_DES_KEY_SIZE] );

/**
 * \brief          Check that key is not a weak or semi-weak DES key
 *
 * \param key      8-byte secret key
 *
 * \return         0 if no weak key was found, 1 if a weak key was identified.
 *
 * \warning        DES is considered a weak cipher and its use constitutes a
 *                 security risk. We recommend considering stronger ciphers
 *                 instead.
 */
int mbedtls_des_key_check_weak( const unsigned char key[MBEDTLS_DES_KEY_SIZE] );

/**
 * \brief          DES key schedule (56-bit, encryption)
 *
 * \param ctx      DES context to be initialized
 * \param key      8-byte secret key
 *
 * \return         0
 *
 * \warning        DES is considered a weak cipher and its use constitutes a
 *                 security risk. We recommend considering stronger ciphers
 *                 instead.
 */
int mbedtls_des_setkey_enc( mbedtls_des_context *ctx, const unsigned char key[MBEDTLS_DES_KEY_SIZE] );

/**
 * \brief          DES key schedule (56-bit, decryption)
 *
 * \param ctx      DES context to be initialized
 * \param key      8-byte secret key
 *
 * \return         0
 *
 * \warning        DES is considered a weak cipher and its use constitutes a
 *                 security risk. We recommend considering stronger ciphers
 *                 instead.
 */
int mbedtls_des_setkey_dec( mbedtls_des_context *ctx, const unsigned char key[MBEDTLS_DES_KEY_SIZE] );

/**
 * \brief          Triple-DES key schedule (112-bit, encryption)
 *
 * \param ctx      3DES context to be initialized
 * \param key      16-byte secret key
 *
 * \return         0
 */
int mbedtls_des3_set2key_enc( mbedtls_des3_context *ctx,
                      const unsigned char key[MBEDTLS_DES_KEY_SIZE * 2] );

/**
 * \brief          Triple-DES key schedule (112-bit, decryption)
 *
 * \param ctx      3DES context to be initialized
 * \param key      16-byte secret key
 *
 * \return         0
 */
int mbedtls_des3_set2key_dec( mbedtls_des3_context *ctx,
                      const unsigned char key[MBEDTLS_DES_KEY_SIZE * 2] );

/**
 * \brief          Triple-DES key schedule (168-bit, encryption)
 *
 * \param ctx      3DES context to be initialized
 * \param key      24-byte secret key
 *
 * \return         0
 */
int mbedtls_des3_set3key_enc( mbedtls_des3_context *ctx,
                      const unsigned char key[MBEDTLS_DES_KEY_SIZE * 3] );

/**
 * \brief          Triple-DES key schedule (168-bit, decryption)
 *
 * \param ctx      3DES context to be initialized
 * \param key      24-byte secret key
 *
 * \return         0
 */
int mbedtls_des3_set3key_dec( mbedtls_des3_context *ctx,
                      const unsigned char key[MBEDTLS_DES_KEY_SIZE * 3] );

/**
 * \brief          DES-ECB block encryption/decryption
 *
 * \param ctx      DES context
 * \param input    64-bit input block
 * \param output   64-bit output block
 *
 * \return         0 if successful
 *
 * \warning        DES is considered a weak cipher and its use constitutes a
 *                 security risk. We recommend considering stronger ciphers
 *                 instead.
 */
int mbedtls_des_crypt_ecb( mbedtls_des_context *ctx,
                    const unsigned char input[8],
                    unsigned char output[8] );

#if defined(MBEDTLS_CIPHER_MODE_CBC)
/**
 * \brief          DES-CBC buffer encryption/decryption
 *
 * \note           Upon exit, the content of the IV is updated so that you can
 *                 call the function same function again on the following
 *                 block(s) of data and get the same result as if it was
 *                 encrypted in one call. This allows a "streaming" usage.
 *                 If on the other hand you need to retain the contents of the
 *                 IV, you should either save it manually or use the cipher
 *                 module instead.
 *
 * \param ctx      DES context
 * \param mode     MBEDTLS_DES_ENCRYPT or MBEDTLS_DES_DECRYPT
 * \param length   length of the input data
 * \param iv       initialization vector (updated after use)
 * \param input    buffer holding the input data
 * \param output   buffer holding the output data
 *
 * \warning        DES is considered a weak cipher and its use constitutes a
 *                 security risk. We recommend considering stronger ciphers
 *                 instead.
 */
int mbedtls_des_crypt_cbc( mbedtls_des_context *ctx,
                    int mode,
                    size_t length,
                    unsigned char iv[8],
                    const unsigned char *input,
                    unsigned char *output );
#endif /* MBEDTLS_CIPHER_MODE_CBC */

/**
 * \brief          3DES-ECB block encryption/decryption
 *
 * \param ctx      3DES context
 * \param input    64-bit input block
 * \param output   64-bit output block
 *
 * \return         0 if successful
 */
int mbedtls_des3_crypt_ecb( mbedtls_des3_context *ctx,
                     const unsigned char input[8],
                     unsigned char output[8] );

#if defined(MBEDTLS_CIPHER_MODE_CBC)
/**
 * \brief          3DES-CBC buffer encryption/decryption
 *
 * \note           Upon exit, the content of the IV is updated so that you can
 *                 call the function same function again on the following
 *                 block(s) of data and get the same result as if it was
 *                 encrypted in one call. This allows a "streaming" usage.
 *                 If on the other hand you need to retain the contents of the
 *                 IV, you should either save it manually or use the cipher
 *                 module instead.
 *
 * \param ctx      3DES context
 * \param mode     MBEDTLS_DES_ENCRYPT or MBEDTLS_DES_DECRYPT
 * \param length   length of the input data
 * \param iv       initialization vector (updated after use)
 * \param input    buffer holding the input data
 * \param output   buffer holding the output data
 *
 * \return         0 if successful, or MBEDTLS_ERR_DES_INVALID_INPUT_LENGTH
 */
int mbedtls_des3_crypt_cbc( mbedtls_des3_context *ctx,
                     int mode,
                     size_t length,
                     unsigned char iv[8],
                     const unsigned char *input,
                     unsigned char *output );
#endif /* MBEDTLS_CIPHER_MODE_CBC */

/**
 * \brief          Internal function for key expansion.
 *                 (Only exposed to allow overriding it,
 *                 see MBEDTLS_DES_SETKEY_ALT)
 *
 * \param SK       Round keys
 * \param key      Base key
 *
 * \warning        DES is considered a weak cipher and its use constitutes a
 *                 security risk. We recommend considering stronger ciphers
 *                 instead.
 */
void mbedtls_des_setkey( uint32_t SK[32],
                         const unsigned char key[MBEDTLS_DES_KEY_SIZE] );

/**
 * \brief          Checkup routine
 *
 * \return         0 if successful, or 1 if the test failed
 */
int mbedtls_des_self_test( int verbose );

#ifdef __cplusplus
}
#endif

#endif /* des.h */
Commit	Line	Data
700d8687 OM	1	/**
	2	* \file des.h
	3	*
	4	* \brief DES block cipher
	5	*
	6	* \warning DES is considered a weak cipher and its use constitutes a
	7	* security risk. We recommend considering stronger ciphers
	8	* instead.
	9	*/
	10	/*
	11	* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
	12	* SPDX-License-Identifier: GPL-2.0
	13	*
	14	* This program is free software; you can redistribute it and/or modify
	15	* it under the terms of the GNU General Public License as published by
	16	* the Free Software Foundation; either version 2 of the License, or
	17	* (at your option) any later version.
	18	*
	19	* This program is distributed in the hope that it will be useful,
	20	* but WITHOUT ANY WARRANTY; without even the implied warranty of
	21	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	22	* GNU General Public License for more details.
	23	*
	24	* You should have received a copy of the GNU General Public License along
	25	* with this program; if not, write to the Free Software Foundation, Inc.,
	26	* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
	27	*
	28	* This file is part of mbed TLS (https://tls.mbed.org)
	29	*
	30	*/
	31	#ifndef MBEDTLS_DES_H
	32	#define MBEDTLS_DES_H
	33
	34	#if !defined(MBEDTLS_CONFIG_FILE)
	35	#include "config.h"
	36	#else
	37	#include MBEDTLS_CONFIG_FILE
	38	#endif
	39
	40	#include <stddef.h>
	41	#include <stdint.h>
	42
	43	#define MBEDTLS_DES_ENCRYPT 1
	44	#define MBEDTLS_DES_DECRYPT 0
	45
	46	#define MBEDTLS_ERR_DES_INVALID_INPUT_LENGTH -0x0032 /*< The data input has an invalid length. /
	47	#define MBEDTLS_ERR_DES_HW_ACCEL_FAILED -0x0033 /*< DES hardware accelerator failed. /
	48
	49	#define MBEDTLS_DES_KEY_SIZE 8
	50
	51	#ifdef __cplusplus
	52	extern "C" {
	53	#endif
	54
	55	#if !defined(MBEDTLS_DES_ALT)
	56	// Regular implementation
	57	//
	58
	59	/**
	60	* \brief DES context structure
	61	*
	62	* \warning DES is considered a weak cipher and its use constitutes a
	63	* security risk. We recommend considering stronger ciphers
	64	* instead.
65	*/
66	typedef struct mbedtls_des_context
67	{
68	uint32_t sk[32]; /!< DES subkeys /
69	}
70	mbedtls_des_context;
71
72	/**
73	* \brief Triple-DES context structure
74	*/
75	typedef struct mbedtls_des3_context
76	{
77	uint32_t sk[96]; /!< 3DES subkeys /
78	}
79	mbedtls_des3_context;
80
81	#else /* MBEDTLS_DES_ALT */
82	#include "des_alt.h"
83	#endif /* MBEDTLS_DES_ALT */
84
85	/**
86	* \brief Initialize DES context
87	*
88	* \param ctx DES context to be initialized
89	*
90	* \warning DES is considered a weak cipher and its use constitutes a
91	* security risk. We recommend considering stronger ciphers
92	* instead.
93	*/
94	void mbedtls_des_init( mbedtls_des_context *ctx );
95
96	/**
97	* \brief Clear DES context
98	*
99	* \param ctx DES context to be cleared
100	*
101	* \warning DES is considered a weak cipher and its use constitutes a
102	* security risk. We recommend considering stronger ciphers
103	* instead.
104	*/
105	void mbedtls_des_free( mbedtls_des_context *ctx );
106
107	/**
108	* \brief Initialize Triple-DES context
109	*
110	* \param ctx DES3 context to be initialized
111	*/
112	void mbedtls_des3_init( mbedtls_des3_context *ctx );
113
114	/**
115	* \brief Clear Triple-DES context
116	*
117	* \param ctx DES3 context to be cleared
118	*/
119	void mbedtls_des3_free( mbedtls_des3_context *ctx );
120
121	/**
122	* \brief Set key parity on the given key to odd.
123	*
124	* DES keys are 56 bits long, but each byte is padded with
125	* a parity bit to allow verification.
126	*
127	* \param key 8-byte secret key
128	*
129	* \warning DES is considered a weak cipher and its use constitutes a
130	* security risk. We recommend considering stronger ciphers
131	* instead.
132	*/
133	void mbedtls_des_key_set_parity( unsigned char key[MBEDTLS_DES_KEY_SIZE] );
134
135	/**
136	* \brief Check that key parity on the given key is odd.
137	*
138	* DES keys are 56 bits long, but each byte is padded with
139	* a parity bit to allow verification.
140	*
141	* \param key 8-byte secret key
142	*
143	* \return 0 is parity was ok, 1 if parity was not correct.
144	*
145	* \warning DES is considered a weak cipher and its use constitutes a
146	* security risk. We recommend considering stronger ciphers
147	* instead.
148	*/
149	int mbedtls_des_key_check_key_parity( const unsigned char key[MBEDTLS_DES_KEY_SIZE] );
150
151	/**
152	* \brief Check that key is not a weak or semi-weak DES key
153	*
154	* \param key 8-byte secret key
155	*
156	* \return 0 if no weak key was found, 1 if a weak key was identified.
157	*
158	* \warning DES is considered a weak cipher and its use constitutes a
159	* security risk. We recommend considering stronger ciphers
160	* instead.
161	*/
162	int mbedtls_des_key_check_weak( const unsigned char key[MBEDTLS_DES_KEY_SIZE] );
163
164	/**
165	* \brief DES key schedule (56-bit, encryption)
166	*
167	* \param ctx DES context to be initialized
168	* \param key 8-byte secret key
169	*
170	* \return 0
171	*
172	* \warning DES is considered a weak cipher and its use constitutes a
173	* security risk. We recommend considering stronger ciphers
174	* instead.
175	*/
176	int mbedtls_des_setkey_enc( mbedtls_des_context *ctx, const unsigned char key[MBEDTLS_DES_KEY_SIZE] );
177
178	/**
179	* \brief DES key schedule (56-bit, decryption)
180	*
181	* \param ctx DES context to be initialized
182	* \param key 8-byte secret key
183	*
184	* \return 0
185	*
186	* \warning DES is considered a weak cipher and its use constitutes a
187	* security risk. We recommend considering stronger ciphers
188	* instead.
189	*/
190	int mbedtls_des_setkey_dec( mbedtls_des_context *ctx, const unsigned char key[MBEDTLS_DES_KEY_SIZE] );
191
192	/**
193	* \brief Triple-DES key schedule (112-bit, encryption)
194	*
195	* \param ctx 3DES context to be initialized
196	* \param key 16-byte secret key
197	*
198	* \return 0
199	*/
200	int mbedtls_des3_set2key_enc( mbedtls_des3_context *ctx,
201	const unsigned char key[MBEDTLS_DES_KEY_SIZE * 2] );
202
203	/**
204	* \brief Triple-DES key schedule (112-bit, decryption)
205	*
206	* \param ctx 3DES context to be initialized
207	* \param key 16-byte secret key
208	*
209	* \return 0
210	*/
211	int mbedtls_des3_set2key_dec( mbedtls_des3_context *ctx,
212	const unsigned char key[MBEDTLS_DES_KEY_SIZE * 2] );
213
214	/**
215	* \brief Triple-DES key schedule (168-bit, encryption)
216	*
217	* \param ctx 3DES context to be initialized
218	* \param key 24-byte secret key
219	*
220	* \return 0
221	*/
222	int mbedtls_des3_set3key_enc( mbedtls_des3_context *ctx,
223	const unsigned char key[MBEDTLS_DES_KEY_SIZE * 3] );
224
225	/**
226	* \brief Triple-DES key schedule (168-bit, decryption)
227	*
228	* \param ctx 3DES context to be initialized
229	* \param key 24-byte secret key
230	*
231	* \return 0
232	*/
233	int mbedtls_des3_set3key_dec( mbedtls_des3_context *ctx,
234	const unsigned char key[MBEDTLS_DES_KEY_SIZE * 3] );
235
236	/**
237	* \brief DES-ECB block encryption/decryption
238	*
239	* \param ctx DES context
240	* \param input 64-bit input block
241	* \param output 64-bit output block
242	*
243	* \return 0 if successful
244	*
245	* \warning DES is considered a weak cipher and its use constitutes a
246	* security risk. We recommend considering stronger ciphers
247	* instead.
248	*/
249	int mbedtls_des_crypt_ecb( mbedtls_des_context *ctx,
250	const unsigned char input[8],
251	unsigned char output[8] );
252
253	#if defined(MBEDTLS_CIPHER_MODE_CBC)
254	/**
255	* \brief DES-CBC buffer encryption/decryption
256	*
257	* \note Upon exit, the content of the IV is updated so that you can
258	* call the function same function again on the following
259	* block(s) of data and get the same result as if it was
260	* encrypted in one call. This allows a "streaming" usage.
261	* If on the other hand you need to retain the contents of the
262	* IV, you should either save it manually or use the cipher
263	* module instead.
264	*
265	* \param ctx DES context
266	* \param mode MBEDTLS_DES_ENCRYPT or MBEDTLS_DES_DECRYPT
267	* \param length length of the input data
268	* \param iv initialization vector (updated after use)
269	* \param input buffer holding the input data
270	* \param output buffer holding the output data
271	*
272	* \warning DES is considered a weak cipher and its use constitutes a
273	* security risk. We recommend considering stronger ciphers
274	* instead.
275	*/
276	int mbedtls_des_crypt_cbc( mbedtls_des_context *ctx,
277	int mode,
278	size_t length,
279	unsigned char iv[8],
280	const unsigned char *input,
281	unsigned char *output );
282	#endif /* MBEDTLS_CIPHER_MODE_CBC */
283
284	/**
285	* \brief 3DES-ECB block encryption/decryption
286	*
287	* \param ctx 3DES context
288	* \param input 64-bit input block
289	* \param output 64-bit output block
290	*
291	* \return 0 if successful
292	*/
293	int mbedtls_des3_crypt_ecb( mbedtls_des3_context *ctx,
294	const unsigned char input[8],
295	unsigned char output[8] );
296
297	#if defined(MBEDTLS_CIPHER_MODE_CBC)
298	/**
299	* \brief 3DES-CBC buffer encryption/decryption
300	*
301	* \note Upon exit, the content of the IV is updated so that you can
302	* call the function same function again on the following
303	* block(s) of data and get the same result as if it was
304	* encrypted in one call. This allows a "streaming" usage.
305	* If on the other hand you need to retain the contents of the
306	* IV, you should either save it manually or use the cipher
307	* module instead.
308	*
309	* \param ctx 3DES context
310	* \param mode MBEDTLS_DES_ENCRYPT or MBEDTLS_DES_DECRYPT
311	* \param length length of the input data
312	* \param iv initialization vector (updated after use)
313	* \param input buffer holding the input data
314	* \param output buffer holding the output data
315	*
316	* \return 0 if successful, or MBEDTLS_ERR_DES_INVALID_INPUT_LENGTH
317	*/
318	int mbedtls_des3_crypt_cbc( mbedtls_des3_context *ctx,
319	int mode,
320	size_t length,
321	unsigned char iv[8],
322	const unsigned char *input,
323	unsigned char *output );
324	#endif /* MBEDTLS_CIPHER_MODE_CBC */
325
326	/**
327	* \brief Internal function for key expansion.
328	* (Only exposed to allow overriding it,
329	* see MBEDTLS_DES_SETKEY_ALT)
330	*
331	* \param SK Round keys
332	* \param key Base key
333	*
334	* \warning DES is considered a weak cipher and its use constitutes a
335	* security risk. We recommend considering stronger ciphers
336	* instead.
337	*/
338	void mbedtls_des_setkey( uint32_t SK[32],
339	const unsigned char key[MBEDTLS_DES_KEY_SIZE] );
340
341	/**
342	* \brief Checkup routine
343	*
344	* \return 0 if successful, or 1 if the test failed
345	*/
346	int mbedtls_des_self_test( int verbose );
347
348	#ifdef __cplusplus
349	}
350	#endif
351
352	#endif /* des.h */