lgl/rijndael-api-fst.h

   1 /* rijndael-api-fst.h --- Rijndael cipher implementation.
   2  * Copyright (C) 2005 Free Software Foundation, Inc.
   3  *
   4  * This file is free software; you can redistribute it and/or modify
   5  * it under the terms of the GNU Lesser General Public License as published
   6  * by the Free Software Foundation; either version 2.1, or (at your
   7  * option) any later version.
   8  *
   9  * This file is distributed in the hope that it will be useful, but
  10  * WITHOUT ANY WARRANTY; without even the implied warranty of
  11  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  12  * General Public License for more details.
  13  *
  14  * You should have received a copy of the GNU Lesser General Public License
  15  * along with this file; if not, write to the Free Software
  16  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
  17  * 02110-1301, USA.
  18  *
  19  */
  20
  21 /* Adapted for gnulib by Simon Josefsson. */
  22
  23 /**
  24  * rijndael-api-fst.h
  25  *
  26  * @version 2.9 (December 2000)
  27  *
  28  * Optimised ANSI C code for the Rijndael cipher (now AES)
  29  *
  30  * @author Vincent Rijmen <vincent.rijmen@esat.kuleuven.ac.be>
  31  * @author Antoon Bosselaers <antoon.bosselaers@esat.kuleuven.ac.be>
  32  * @author Paulo Barreto <paulo.barreto@terra.com.br>
  33  *
  34  * This code is hereby placed in the public domain.
  35  *
  36  * THIS SOFTWARE IS PROVIDED BY THE AUTHORS ''AS IS'' AND ANY EXPRESS
  37  * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
  38  * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
  39  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE
  40  * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
  41  * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
  42  * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
  43  * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
  44  * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
  45  * OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
  46  * EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  47  *
  48  * Acknowledgements:
  49  *
  50  * We are deeply indebted to the following people for their bug reports,
  51  * fixes, and improvement suggestions to this implementation. Though we
  52  * tried to list all contributions, we apologise in advance for any
  53  * missing reference.
  54  *
  55  * Andrew Bales <Andrew.Bales@Honeywell.com>
  56  * Markus Friedl <markus.friedl@informatik.uni-erlangen.de>
  57  * John Skodon <skodonj@webquill.com>
  58  */
  59
  60 #ifndef __RIJNDAEL_API_FST_H
  61 #define __RIJNDAEL_API_FST_H
  62
  63 #include "rijndael-alg-fst.h"
  64
  65 #include <stdio.h>
  66
  67 /* Default number of bits in a cipher block */
  68 #define RIJNDAEL_BITSPERBLOCK 128
  69
  70 /* Number of ASCII char's needed to represent a key */
  71 #define RIJNDAEL_MAX_KEY_SIZE 64
  72
  73 /* Number bytes needed to represent an IV  */
  74 #define RIJNDAEL_MAX_IV_SIZE 16
  75
  76 typedef enum
  77 {
  78   /*  Key direction is invalid, e.g., unknown value */
  79   RIJNDAEL_BAD_KEY_DIR = -1,
  80   /*  Key material not of correct length */
  81   RIJNDAEL_BAD_KEY_MAT = -2,
  82   /*  Key passed is not valid */
  83   RIJNDAEL_BAD_KEY_INSTANCE = -3,
  84   /*  Params struct passed to cipherInit invalid */
  85   RIJNDAEL_BAD_CIPHER_MODE = -4,
  86   /*  Cipher in wrong state (e.g., not initialized) */
  87   RIJNDAEL_BAD_CIPHER_STATE = -5,
  88   RIJNDAEL_BAD_BLOCK_LENGTH = -6,
  89   RIJNDAEL_BAD_CIPHER_INSTANCE = -7,
  90   /*  Data contents are invalid, e.g., invalid padding */
  91   RIJNDAEL_BAD_DATA = -8,
  92   /*  Unknown error */
  93   RIJNDAEL_BAD_OTHER = -9
  94 } rijndael_rc;
  95
  96 typedef enum
  97 {
  98   RIJNDAEL_DIR_ENCRYPT = 0,     /*  Are we encrypting?  */
  99   RIJNDAEL_DIR_DECRYPT = 1      /*  Are we decrypting?  */
 100 } rijndael_direction;
 101
 102 typedef enum
 103 {
 104   RIJNDAEL_MODE_ECB = 1,        /*  Are we ciphering in ECB mode?   */
 105   RIJNDAEL_MODE_CBC = 2,        /*  Are we ciphering in CBC mode?   */
 106   RIJNDAEL_MODE_CFB1 = 3        /*  Are we ciphering in 1-bit CFB mode? */
 107 } rijndael_mode;
 108
 109 /*  The structure for key information */
 110 typedef struct
 111 {
 112   /* Key used for encrypting or decrypting? */
 113   rijndael_direction direction;
 114   /* Length of the key  */
 115   size_t keyLen;
 116   /* Raw key data in ASCII, e.g., user input or KAT values */
 117   char keyMaterial[RIJNDAEL_MAX_KEY_SIZE + 1];
 118   /* key-length-dependent number of rounds */
 119   int Nr;
 120   /* key schedule */
 121   uint32_t rk[4 * (RIJNDAEL_MAXNR + 1)];
 122   /* CFB1 key schedule (encryption only) */
 123   uint32_t ek[4 * (RIJNDAEL_MAXNR + 1)];
 124 } rijndaelKeyInstance;
 125
 126 /*  The structure for cipher information */
 127 typedef struct
 128 {                               /* changed order of the components */
 129   rijndael_mode mode;           /* MODE_ECB, MODE_CBC, or MODE_CFB1 */
 130   /* A possible Initialization Vector for ciphering */
 131   char IV[RIJNDAEL_MAX_IV_SIZE];
 132 } rijndaelCipherInstance;
 133
 134 /*  Function prototypes  */
 135
 136 /* Create KEY, for encryption or decryption depending on DIRECTION,
 137    from KEYMATERIAL, a hex string, of KEYLEN size.  KEYLEN should be
 138    128, 192 or 256. Returns 0 on success, or an error code. */
 139 extern rijndael_rc
 140 rijndaelMakeKey (rijndaelKeyInstance *key, rijndael_direction direction,
 141                  size_t keyLen, const char *keyMaterial);
 142
 143 /* Initialize cipher state CIPHER for encryption MODE (e.g.,
 144    RIJNDAEL_MODE_CBC) with initialization vector IV, a hex string of
 145    2*RIJNDAEL_MAX_IV_SIZE length.  IV may be NULL for modes that do
 146    not need an IV (i.e., RIJNDAEL_MODE_ECB).  */
 147 extern rijndael_rc
 148 rijndaelCipherInit (rijndaelCipherInstance *cipher,
 149                     rijndael_mode mode, const char *IV);
 150
 151 /* Encrypt data in INPUT, of INPUTLEN/8 bytes length, placing the
 152    output in the pre-allocated OUTBUFFER which must hold at least
 153    INPUTLEN/8 bytes of data.  The CIPHER is used as state, and must be
 154    initialized with rijndaelCipherInit before calling this function.
 155    The encryption KEY must be initialized with rijndaelMakeKey before
 156    calling this function.  Return the number of bits written, or a
 157    negative rijndael_rc error code. */
 158 extern int
 159 rijndaelBlockEncrypt (rijndaelCipherInstance *cipher,
 160                       const rijndaelKeyInstance *key,
 161                       const char *input, size_t inputLen,
 162                       char *outBuffer);
 163
 164 /* Encrypt data in INPUT, of INPUTOCTETS bytes length, placing the
 165    output in the pre-allocated OUTBUFFER which must hold at least
 166    INPUTOCTETS aligned to the next block size boundary.
 167    Ciphertext-Stealing as described in RFC 2040 is used to encrypt
 168    partial blocks.  The CIPHER is used as state, and must be
 169    initialized with rijndaelCipherInit before calling this function.
 170    The encryption KEY must be initialized with rijndaelMakeKey before
 171    calling this function.  Return the number of bits written, or a
 172    negative rijndael_rc error code. */
 173 extern int
 174 rijndaelPadEncrypt (rijndaelCipherInstance *cipher,
 175                     const rijndaelKeyInstance *key,
 176                     const char *input, size_t inputOctets,
 177                     char *outBuffer);
 178
 179 /* Decrypt data in INPUT, of INPUTLEN/8 bytes length, placing the
 180    output in the pre-allocated OUTBUFFER which must hold at least
 181    INPUTLEN/8 bytes of data.  The CIPHER is used as state, and must be
 182    initialized with rijndaelCipherInit before calling this function.
 183    The encryption KEY must be initialized with rijndaelMakeKey before
 184    calling this function.  Return the number of bits written, or a
 185    negative rijndael_rc error code. */
 186 extern int
 187 rijndaelBlockDecrypt (rijndaelCipherInstance *cipher,
 188                       const rijndaelKeyInstance *key,
 189                       const char *input, size_t inputLen,
 190                       char *outBuffer);
 191
 192 /* Decrypt data in INPUT, of INPUTOCTETS bytes length, placing the
 193    output in the pre-allocated OUTBUFFER which must hold at least
 194    INPUTOCTETS aligned to the next block size boundary.
 195    Ciphertext-Stealing as described in RFC 2040 is used to encrypt
 196    partial blocks.  The CIPHER is used as state, and must be
 197    initialized with rijndaelCipherInit before calling this function.
 198    The encryption KEY must be initialized with rijndaelMakeKey before
 199    calling this function.  Return the number of bits written, or a
 200    negative rijndael_rc error code. */
 201 extern int
 202 rijndaelPadDecrypt (rijndaelCipherInstance *cipher,
 203                     const rijndaelKeyInstance *key,
 204                     const char *input, size_t inputOctets,
 205                     char *outBuffer);
 206
 207 #endif /* __RIJNDAEL_API_FST_H */