1 /* rijndael-api-fst.h --- Rijndael cipher implementation.
2 * Copyright (C) 2005, 2009-2017 Free Software Foundation, Inc.
4 * This file is free software; you can redistribute it and/or modify
5 * it under the terms of the GNU General Public License as published
6 * by the Free Software Foundation; either version 2, or (at your
7 * option) any later version.
9 * This file is distributed in the hope that it will be useful, but
10 * WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
12 * General Public License for more details.
14 * You should have received a copy of the GNU General Public License
15 * along with this file; if not, see <http://www.gnu.org/licenses/>.
19 /* Adapted for gnulib by Simon Josefsson. */
24 * @version 2.9 (December 2000)
26 * Optimised ANSI C code for the Rijndael cipher (now AES)
28 * @author Vincent Rijmen <vincent.rijmen@esat.kuleuven.ac.be>
29 * @author Antoon Bosselaers <antoon.bosselaers@esat.kuleuven.ac.be>
30 * @author Paulo Barreto <paulo.barreto@terra.com.br>
32 * This code is hereby placed in the public domain.
34 * THIS SOFTWARE IS PROVIDED BY THE AUTHORS ''AS IS'' AND ANY EXPRESS
35 * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
36 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
37 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE
38 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
39 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
40 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
41 * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
42 * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
43 * OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
44 * EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
48 * We are deeply indebted to the following people for their bug reports,
49 * fixes, and improvement suggestions to this implementation. Though we
50 * tried to list all contributions, we apologise in advance for any
53 * Andrew Bales <Andrew.Bales@Honeywell.com>
54 * Markus Friedl <markus.friedl@informatik.uni-erlangen.de>
55 * John Skodon <skodonj@webquill.com>
58 #ifndef __RIJNDAEL_API_FST_H
59 #define __RIJNDAEL_API_FST_H
61 #include "rijndael-alg-fst.h"
65 /* Default number of bits in a cipher block */
66 #define RIJNDAEL_BITSPERBLOCK 128
68 /* Number of ASCII char's needed to represent a key */
69 #define RIJNDAEL_MAX_KEY_SIZE 64
71 /* Number bytes needed to represent an IV */
72 #define RIJNDAEL_MAX_IV_SIZE 16
76 /* Key direction is invalid, e.g., unknown value */
77 RIJNDAEL_BAD_KEY_DIR
= -1,
78 /* Key material not of correct length */
79 RIJNDAEL_BAD_KEY_MAT
= -2,
80 /* Key passed is not valid */
81 RIJNDAEL_BAD_KEY_INSTANCE
= -3,
82 /* Params struct passed to cipherInit invalid */
83 RIJNDAEL_BAD_CIPHER_MODE
= -4,
84 /* Cipher in wrong state (e.g., not initialized) */
85 RIJNDAEL_BAD_CIPHER_STATE
= -5,
86 RIJNDAEL_BAD_BLOCK_LENGTH
= -6,
87 RIJNDAEL_BAD_CIPHER_INSTANCE
= -7,
88 /* Data contents are invalid, e.g., invalid padding */
89 RIJNDAEL_BAD_DATA
= -8,
91 RIJNDAEL_BAD_OTHER
= -9
96 RIJNDAEL_DIR_ENCRYPT
= 0, /* Are we encrypting? */
97 RIJNDAEL_DIR_DECRYPT
= 1 /* Are we decrypting? */
102 RIJNDAEL_MODE_ECB
= 1, /* Are we ciphering in ECB mode? */
103 RIJNDAEL_MODE_CBC
= 2, /* Are we ciphering in CBC mode? */
104 RIJNDAEL_MODE_CFB1
= 3 /* Are we ciphering in 1-bit CFB mode? */
107 /* The structure for key information */
110 /* Key used for encrypting or decrypting? */
111 rijndael_direction direction
;
112 /* Length of the key */
114 /* Raw key data in ASCII, e.g., user input or KAT values */
115 char keyMaterial
[RIJNDAEL_MAX_KEY_SIZE
+ 1];
116 /* key-length-dependent number of rounds */
119 uint32_t rk
[4 * (RIJNDAEL_MAXNR
+ 1)];
120 /* CFB1 key schedule (encryption only) */
121 uint32_t ek
[4 * (RIJNDAEL_MAXNR
+ 1)];
122 } rijndaelKeyInstance
;
124 /* The structure for cipher information */
126 { /* changed order of the components */
127 rijndael_mode mode
; /* MODE_ECB, MODE_CBC, or MODE_CFB1 */
128 /* A possible Initialization Vector for ciphering */
129 char IV
[RIJNDAEL_MAX_IV_SIZE
];
130 } rijndaelCipherInstance
;
132 /* Function prototypes */
134 /* Create KEY, for encryption or decryption depending on DIRECTION,
135 from KEYMATERIAL, a hex string, of KEYLEN size. KEYLEN should be
136 128, 192 or 256. Returns 0 on success, or an error code. */
138 rijndaelMakeKey (rijndaelKeyInstance
*key
, rijndael_direction direction
,
139 size_t keyLen
, const char *keyMaterial
);
141 /* Initialize cipher state CIPHER for encryption MODE (e.g.,
142 RIJNDAEL_MODE_CBC) with initialization vector IV, a hex string of
143 2*RIJNDAEL_MAX_IV_SIZE length. IV may be NULL for modes that do
144 not need an IV (i.e., RIJNDAEL_MODE_ECB). */
146 rijndaelCipherInit (rijndaelCipherInstance
*cipher
,
147 rijndael_mode mode
, const char *IV
);
149 /* Encrypt data in INPUT, of INPUTLEN/8 bytes length, placing the
150 output in the pre-allocated OUTBUFFER which must hold at least
151 INPUTLEN/8 bytes of data. The CIPHER is used as state, and must be
152 initialized with rijndaelCipherInit before calling this function.
153 The encryption KEY must be initialized with rijndaelMakeKey before
154 calling this function. Return the number of bits written, or a
155 negative rijndael_rc error code. */
157 rijndaelBlockEncrypt (rijndaelCipherInstance
*cipher
,
158 const rijndaelKeyInstance
*key
,
159 const char *input
, size_t inputLen
,
162 /* Encrypt data in INPUT, of INPUTOCTETS bytes length, placing the
163 output in the pre-allocated OUTBUFFER which must hold at least
164 INPUTOCTETS aligned to the next block size boundary.
165 Ciphertext-Stealing as described in RFC 2040 is used to encrypt
166 partial blocks. The CIPHER is used as state, and must be
167 initialized with rijndaelCipherInit before calling this function.
168 The encryption KEY must be initialized with rijndaelMakeKey before
169 calling this function. Return the number of bits written, or a
170 negative rijndael_rc error code. */
172 rijndaelPadEncrypt (rijndaelCipherInstance
*cipher
,
173 const rijndaelKeyInstance
*key
,
174 const char *input
, size_t inputOctets
,
177 /* Decrypt data in INPUT, of INPUTLEN/8 bytes length, placing the
178 output in the pre-allocated OUTBUFFER which must hold at least
179 INPUTLEN/8 bytes of data. The CIPHER is used as state, and must be
180 initialized with rijndaelCipherInit before calling this function.
181 The encryption KEY must be initialized with rijndaelMakeKey before
182 calling this function. Return the number of bits written, or a
183 negative rijndael_rc error code. */
185 rijndaelBlockDecrypt (rijndaelCipherInstance
*cipher
,
186 const rijndaelKeyInstance
*key
,
187 const char *input
, size_t inputLen
,
190 /* Decrypt data in INPUT, of INPUTOCTETS bytes length, placing the
191 output in the pre-allocated OUTBUFFER which must hold at least
192 INPUTOCTETS aligned to the next block size boundary.
193 Ciphertext-Stealing as described in RFC 2040 is used to encrypt
194 partial blocks. The CIPHER is used as state, and must be
195 initialized with rijndaelCipherInit before calling this function.
196 The encryption KEY must be initialized with rijndaelMakeKey before
197 calling this function. Return the number of bits written, or a
198 negative rijndael_rc error code. */
200 rijndaelPadDecrypt (rijndaelCipherInstance
*cipher
,
201 const rijndaelKeyInstance
*key
,
202 const char *input
, size_t inputOctets
,
205 #endif /* __RIJNDAEL_API_FST_H */