aes.h
Go to the documentation of this file.
1 /* aes.h
2  *
3  * Copyright (C) 2006-2020 wolfSSL Inc.
4  *
5  * This file is part of wolfSSL.
6  *
7  * wolfSSL is free software; you can redistribute it and/or modify
8  * it under the terms of the GNU General Public License as published by
9  * the Free Software Foundation; either version 2 of the License, or
10  * (at your option) any later version.
11  *
12  * wolfSSL is distributed in the hope that it will be useful,
13  * but WITHOUT ANY WARRANTY; without even the implied warranty of
14  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15  * GNU General Public License for more details.
16  *
17  * You should have received a copy of the GNU General Public License
18  * along with this program; if not, write to the Free Software
19  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
20  */
21 
27 #ifndef WOLF_CRYPT_AES_H
28 #define WOLF_CRYPT_AES_H
29 
30 #include <wolfssl/wolfcrypt/types.h>
31 
32 #ifndef NO_AES
33 
34 #if defined(HAVE_FIPS) && \
35  defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2)
36  #include <wolfssl/wolfcrypt/fips.h>
37 #endif /* HAVE_FIPS_VERSION >= 2 */
38 
39 /* included for fips @wc_fips */
40 #if defined(HAVE_FIPS) && \
41  (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
42 #include <cyassl/ctaocrypt/aes.h>
43 #if defined(CYASSL_AES_COUNTER) && !defined(WOLFSSL_AES_COUNTER)
44  #define WOLFSSL_AES_COUNTER
45 #endif
46 #if !defined(WOLFSSL_AES_DIRECT) && defined(CYASSL_AES_DIRECT)
47  #define WOLFSSL_AES_DIRECT
48 #endif
49 #endif
50 
51 #ifndef WC_NO_RNG
52  #include <wolfssl/wolfcrypt/random.h>
53 #endif
54 #ifdef STM32_CRYPTO
55  #include <wolfssl/wolfcrypt/port/st/stm32.h>
56 #endif
57 
58 #ifdef WOLFSSL_AESNI
59 
60 #include <wmmintrin.h>
61 #include <emmintrin.h>
62 #include <smmintrin.h>
63 
64 #endif /* WOLFSSL_AESNI */
65 
66 
67 #ifdef WOLFSSL_XILINX_CRYPT
68 #include "xsecure_aes.h"
69 #endif
70 
71 #if defined(WOLFSSL_AFALG) || defined(WOLFSSL_AFALG_XILINX_AES)
72 /* included for struct msghdr */
73 #include <wolfssl/wolfcrypt/port/af_alg/wc_afalg.h>
74 #endif
75 
76 #if defined(WOLFSSL_DEVCRYPTO_AES) || defined(WOLFSSL_DEVCRYPTO_CBC)
77 #include <wolfssl/wolfcrypt/port/devcrypto/wc_devcrypto.h>
78 #endif
79 
80 #if defined(HAVE_AESGCM) && !defined(WC_NO_RNG)
81  #include <wolfssl/wolfcrypt/random.h>
82 #endif
83 
84 #if defined(WOLFSSL_CRYPTOCELL)
85  #include <wolfssl/wolfcrypt/port/arm/cryptoCell.h>
86 #endif
87 
88 #if defined(WOLFSSL_RENESAS_TSIP_TLS) && \
89  defined(WOLFSSL_RENESAS_TSIP_TLS_AES_CRYPT)
90  #include <wolfssl/wolfcrypt/port/Renesas/renesas-tsip-crypt.h>
91 #endif
92 
93 #ifdef __cplusplus
94  extern "C" {
95 #endif
96 
97 #ifndef WOLFSSL_AES_KEY_SIZE_ENUM
98 #define WOLFSSL_AES_KEY_SIZE_ENUM
99 /* these are required for FIPS and non-FIPS */
100 enum {
101  AES_128_KEY_SIZE = 16, /* for 128 bit */
102  AES_192_KEY_SIZE = 24, /* for 192 bit */
103  AES_256_KEY_SIZE = 32, /* for 256 bit */
104 
105  AES_IV_SIZE = 16, /* always block size */
106 };
107 #endif
108 
109 /* avoid redefinition of structs */
110 #if !defined(HAVE_FIPS) || \
111  (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2))
112 
113 #ifdef WOLFSSL_ASYNC_CRYPT
114  #include <wolfssl/wolfcrypt/async.h>
115 #endif
116 
117 enum {
118  AES_ENC_TYPE = WC_CIPHER_AES, /* cipher unique type */
119  AES_ENCRYPTION = 0,
120  AES_DECRYPTION = 1,
121 
122  AES_BLOCK_SIZE = 16,
123 
124  KEYWRAP_BLOCK_SIZE = 8,
125 
126  GCM_NONCE_MAX_SZ = 16, /* wolfCrypt's maximum nonce size allowed. */
127  GCM_NONCE_MID_SZ = 12, /* The usual default nonce size for AES-GCM. */
128  GCM_NONCE_MIN_SZ = 8, /* wolfCrypt's minimum nonce size allowed. */
129  CCM_NONCE_MIN_SZ = 7,
130  CCM_NONCE_MAX_SZ = 13,
131  CTR_SZ = 4,
132  AES_IV_FIXED_SZ = 4,
133 #ifdef WOLFSSL_AES_CFB
134  AES_CFB_MODE = 1,
135 #endif
136 #ifdef WOLFSSL_AES_OFB
137  AES_OFB_MODE = 2,
138 #endif
139 #ifdef WOLFSSL_AES_XTS
140  AES_XTS_MODE = 3,
141 #endif
142 
143 #ifdef HAVE_PKCS11
144  AES_MAX_ID_LEN = 32,
145 #endif
146 };
147 
148 
149 struct Aes {
150  /* AESNI needs key first, rounds 2nd, not sure why yet */
151  ALIGN16 word32 key[60];
152  word32 rounds;
153  int keylen;
154 
155  ALIGN16 word32 reg[AES_BLOCK_SIZE / sizeof(word32)]; /* for CBC mode */
156  ALIGN16 word32 tmp[AES_BLOCK_SIZE / sizeof(word32)]; /* same */
157 
158 #if defined(HAVE_AESGCM) || defined(HAVE_AESCCM)
159  word32 invokeCtr[2];
160  word32 nonceSz;
161 #endif
162 #ifdef HAVE_AESGCM
163  ALIGN16 byte H[AES_BLOCK_SIZE];
164 #ifdef OPENSSL_EXTRA
165  word32 aadH[4]; /* additional authenticated data GHASH */
166  word32 aadLen; /* additional authenticated data len */
167 #endif
168 
169 #ifdef GCM_TABLE
170  /* key-based fast multiplication table. */
171  ALIGN16 byte M0[256][AES_BLOCK_SIZE];
172 #endif /* GCM_TABLE */
173 #ifdef HAVE_CAVIUM_OCTEON_SYNC
174  word32 y0;
175 #endif
176 #endif /* HAVE_AESGCM */
177 #ifdef WOLFSSL_AESNI
178  byte use_aesni;
179 #endif /* WOLFSSL_AESNI */
180 #ifdef WOLF_CRYPTO_CB
181  int devId;
182  void* devCtx;
183 #endif
184 #ifdef HAVE_PKCS11
185  byte id[AES_MAX_ID_LEN];
186  int idLen;
187 #endif
188 #ifdef WOLFSSL_ASYNC_CRYPT
189  WC_ASYNC_DEV asyncDev;
190 #endif /* WOLFSSL_ASYNC_CRYPT */
191 #if defined(WOLFSSL_AES_COUNTER) || defined(WOLFSSL_AES_CFB) || \
192  defined(WOLFSSL_AES_OFB) || defined(WOLFSSL_AES_XTS)
193  word32 left; /* unused bytes left from last call */
194 #endif
195 #ifdef WOLFSSL_XILINX_CRYPT
196  XSecure_Aes xilAes;
197  XCsuDma dma;
198  word32 key_init[8];
199  word32 kup;
200 #endif
201 #if defined(WOLFSSL_AFALG) || defined(WOLFSSL_AFALG_XILINX_AES)
202  int alFd; /* server socket to bind to */
203  int rdFd; /* socket to read from */
204  struct msghdr msg;
205  int dir; /* flag for encrpyt or decrypt */
206 #ifdef WOLFSSL_AFALG_XILINX_AES
207  word32 msgBuf[CMSG_SPACE(4) + CMSG_SPACE(sizeof(struct af_alg_iv) +
208  GCM_NONCE_MID_SZ)];
209 #endif
210 #endif
211 #if defined(WOLF_CRYPTO_CB) || (defined(WOLFSSL_DEVCRYPTO) && \
212  (defined(WOLFSSL_DEVCRYPTO_AES) || defined(WOLFSSL_DEVCRYPTO_CBC))) || \
213  (defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_AES))
214  word32 devKey[AES_MAX_KEY_SIZE/WOLFSSL_BIT_SIZE/sizeof(word32)]; /* raw key */
215 #ifdef HAVE_CAVIUM_OCTEON_SYNC
216  int keySet;
217 #endif
218 #endif
219 #if defined(WOLFSSL_DEVCRYPTO) && \
220  (defined(WOLFSSL_DEVCRYPTO_AES) || defined(WOLFSSL_DEVCRYPTO_CBC))
221  WC_CRYPTODEV ctx;
222 #endif
223 #if defined(WOLFSSL_CRYPTOCELL)
224  aes_context_t ctx;
225 #endif
226 #if defined(WOLFSSL_RENESAS_TSIP_TLS) && \
227  defined(WOLFSSL_RENESAS_TSIP_TLS_AES_CRYPT)
228  TSIP_AES_CTX ctx;
229 #endif
230  void* heap; /* memory hint to use */
231 };
232 
233 #ifndef WC_AES_TYPE_DEFINED
234  typedef struct Aes Aes;
235  #define WC_AES_TYPE_DEFINED
236 #endif
237 
238 #ifdef WOLFSSL_AES_XTS
239 typedef struct XtsAes {
240  Aes aes;
241  Aes tweak;
242 } XtsAes;
243 #endif
244 
245 #ifdef HAVE_AESGCM
246 typedef struct Gmac {
247  Aes aes;
248 } Gmac;
249 #endif /* HAVE_AESGCM */
250 #endif /* HAVE_FIPS */
251 
252 
253 /* Authenticate cipher function prototypes */
254 typedef int (*wc_AesAuthEncryptFunc)(Aes* aes, byte* out,
255  const byte* in, word32 sz,
256  const byte* iv, word32 ivSz,
257  byte* authTag, word32 authTagSz,
258  const byte* authIn, word32 authInSz);
259 typedef int (*wc_AesAuthDecryptFunc)(Aes* aes, byte* out,
260  const byte* in, word32 sz,
261  const byte* iv, word32 ivSz,
262  const byte* authTag, word32 authTagSz,
263  const byte* authIn, word32 authInSz);
264 
265 /* AES-CBC */
266 WOLFSSL_API int wc_AesSetKey(Aes* aes, const byte* key, word32 len,
267  const byte* iv, int dir);
268 WOLFSSL_API int wc_AesSetIV(Aes* aes, const byte* iv);
269 
270 #ifdef HAVE_AES_CBC
271 WOLFSSL_API int wc_AesCbcEncrypt(Aes* aes, byte* out,
272  const byte* in, word32 sz);
273 WOLFSSL_API int wc_AesCbcDecrypt(Aes* aes, byte* out,
274  const byte* in, word32 sz);
275 #endif
276 
277 #ifdef WOLFSSL_AES_CFB
278 WOLFSSL_API int wc_AesCfbEncrypt(Aes* aes, byte* out,
279  const byte* in, word32 sz);
280 WOLFSSL_API int wc_AesCfb1Encrypt(Aes* aes, byte* out,
281  const byte* in, word32 sz);
282 WOLFSSL_API int wc_AesCfb8Encrypt(Aes* aes, byte* out,
283  const byte* in, word32 sz);
284 #ifdef HAVE_AES_DECRYPT
285 WOLFSSL_API int wc_AesCfbDecrypt(Aes* aes, byte* out,
286  const byte* in, word32 sz);
287 WOLFSSL_API int wc_AesCfb1Decrypt(Aes* aes, byte* out,
288  const byte* in, word32 sz);
289 WOLFSSL_API int wc_AesCfb8Decrypt(Aes* aes, byte* out,
290  const byte* in, word32 sz);
291 #endif /* HAVE_AES_DECRYPT */
292 #endif /* WOLFSSL_AES_CFB */
293 
294 #ifdef WOLFSSL_AES_OFB
295 WOLFSSL_API int wc_AesOfbEncrypt(Aes* aes, byte* out,
296  const byte* in, word32 sz);
297 #ifdef HAVE_AES_DECRYPT
298 WOLFSSL_API int wc_AesOfbDecrypt(Aes* aes, byte* out,
299  const byte* in, word32 sz);
300 #endif /* HAVE_AES_DECRYPT */
301 #endif /* WOLFSSL_AES_OFB */
302 
303 #ifdef HAVE_AES_ECB
304 WOLFSSL_API int wc_AesEcbEncrypt(Aes* aes, byte* out,
305  const byte* in, word32 sz);
306 WOLFSSL_API int wc_AesEcbDecrypt(Aes* aes, byte* out,
307  const byte* in, word32 sz);
308 #endif
309 
310 /* AES-CTR */
311 #ifdef WOLFSSL_AES_COUNTER
312  WOLFSSL_API int wc_AesCtrEncrypt(Aes* aes, byte* out,
313  const byte* in, word32 sz);
314 #endif
315 /* AES-DIRECT */
316 #if defined(WOLFSSL_AES_DIRECT)
317  WOLFSSL_API void wc_AesEncryptDirect(Aes* aes, byte* out, const byte* in);
318  WOLFSSL_API void wc_AesDecryptDirect(Aes* aes, byte* out, const byte* in);
319  WOLFSSL_API int wc_AesSetKeyDirect(Aes* aes, const byte* key, word32 len,
320  const byte* iv, int dir);
321 #endif
322 
323 #ifdef HAVE_AESGCM
324 #ifdef WOLFSSL_XILINX_CRYPT
325  WOLFSSL_API int wc_AesGcmSetKey_ex(Aes* aes, const byte* key, word32 len,
326  word32 kup);
327 #elif defined(WOLFSSL_AFALG_XILINX_AES)
328  WOLFSSL_LOCAL int wc_AesGcmSetKey_ex(Aes* aes, const byte* key, word32 len,
329  word32 kup);
330 #endif
331  WOLFSSL_API int wc_AesGcmSetKey(Aes* aes, const byte* key, word32 len);
332  WOLFSSL_API int wc_AesGcmEncrypt(Aes* aes, byte* out,
333  const byte* in, word32 sz,
334  const byte* iv, word32 ivSz,
335  byte* authTag, word32 authTagSz,
336  const byte* authIn, word32 authInSz);
337  WOLFSSL_API int wc_AesGcmDecrypt(Aes* aes, byte* out,
338  const byte* in, word32 sz,
339  const byte* iv, word32 ivSz,
340  const byte* authTag, word32 authTagSz,
341  const byte* authIn, word32 authInSz);
342 
343 #ifndef WC_NO_RNG
344  WOLFSSL_API int wc_AesGcmSetExtIV(Aes* aes, const byte* iv, word32 ivSz);
345  WOLFSSL_API int wc_AesGcmSetIV(Aes* aes, word32 ivSz,
346  const byte* ivFixed, word32 ivFixedSz,
347  WC_RNG* rng);
348  WOLFSSL_API int wc_AesGcmEncrypt_ex(Aes* aes, byte* out,
349  const byte* in, word32 sz,
350  byte* ivOut, word32 ivOutSz,
351  byte* authTag, word32 authTagSz,
352  const byte* authIn, word32 authInSz);
353 #endif /* WC_NO_RNG */
354 
355  WOLFSSL_API int wc_GmacSetKey(Gmac* gmac, const byte* key, word32 len);
356  WOLFSSL_API int wc_GmacUpdate(Gmac* gmac, const byte* iv, word32 ivSz,
357  const byte* authIn, word32 authInSz,
358  byte* authTag, word32 authTagSz);
359 #ifndef WC_NO_RNG
360  WOLFSSL_API int wc_Gmac(const byte* key, word32 keySz, byte* iv, word32 ivSz,
361  const byte* authIn, word32 authInSz,
362  byte* authTag, word32 authTagSz, WC_RNG* rng);
363  WOLFSSL_API int wc_GmacVerify(const byte* key, word32 keySz,
364  const byte* iv, word32 ivSz,
365  const byte* authIn, word32 authInSz,
366  const byte* authTag, word32 authTagSz);
367 #endif /* WC_NO_RNG */
368  WOLFSSL_LOCAL void GHASH(Aes* aes, const byte* a, word32 aSz, const byte* c,
369  word32 cSz, byte* s, word32 sSz);
370 #endif /* HAVE_AESGCM */
371 #ifdef HAVE_AESCCM
372  WOLFSSL_API int wc_AesCcmSetKey(Aes* aes, const byte* key, word32 keySz);
373  WOLFSSL_API int wc_AesCcmEncrypt(Aes* aes, byte* out,
374  const byte* in, word32 inSz,
375  const byte* nonce, word32 nonceSz,
376  byte* authTag, word32 authTagSz,
377  const byte* authIn, word32 authInSz);
378  WOLFSSL_API int wc_AesCcmDecrypt(Aes* aes, byte* out,
379  const byte* in, word32 inSz,
380  const byte* nonce, word32 nonceSz,
381  const byte* authTag, word32 authTagSz,
382  const byte* authIn, word32 authInSz);
383  WOLFSSL_API int wc_AesCcmSetNonce(Aes* aes,
384  const byte* nonce, word32 nonceSz);
385  WOLFSSL_API int wc_AesCcmEncrypt_ex(Aes* aes, byte* out,
386  const byte* in, word32 sz,
387  byte* ivOut, word32 ivOutSz,
388  byte* authTag, word32 authTagSz,
389  const byte* authIn, word32 authInSz);
390 #endif /* HAVE_AESCCM */
391 #ifdef HAVE_AES_KEYWRAP
392  WOLFSSL_API int wc_AesKeyWrap(const byte* key, word32 keySz,
393  const byte* in, word32 inSz,
394  byte* out, word32 outSz,
395  const byte* iv);
396  WOLFSSL_API int wc_AesKeyUnWrap(const byte* key, word32 keySz,
397  const byte* in, word32 inSz,
398  byte* out, word32 outSz,
399  const byte* iv);
400 #endif /* HAVE_AES_KEYWRAP */
401 
402 #ifdef WOLFSSL_AES_XTS
403 
404 WOLFSSL_API int wc_AesXtsSetKey(XtsAes* aes, const byte* key,
405  word32 len, int dir, void* heap, int devId);
406 
407 WOLFSSL_API int wc_AesXtsEncryptSector(XtsAes* aes, byte* out,
408  const byte* in, word32 sz, word64 sector);
409 
410 WOLFSSL_API int wc_AesXtsDecryptSector(XtsAes* aes, byte* out,
411  const byte* in, word32 sz, word64 sector);
412 
413 WOLFSSL_API int wc_AesXtsEncrypt(XtsAes* aes, byte* out,
414  const byte* in, word32 sz, const byte* i, word32 iSz);
415 
416 WOLFSSL_API int wc_AesXtsDecrypt(XtsAes* aes, byte* out,
417  const byte* in, word32 sz, const byte* i, word32 iSz);
418 
419 WOLFSSL_API int wc_AesXtsFree(XtsAes* aes);
420 #endif
421 
422 WOLFSSL_API int wc_AesGetKeySize(Aes* aes, word32* keySize);
423 
424 WOLFSSL_API int wc_AesInit(Aes* aes, void* heap, int devId);
425 #ifdef HAVE_PKCS11
426 WOLFSSL_API int wc_AesInit_Id(Aes* aes, unsigned char* id, int len, void* heap,
427  int devId);
428 #endif
429 WOLFSSL_API void wc_AesFree(Aes* aes);
430 
431 #ifdef __cplusplus
432  } /* extern "C" */
433 #endif
434 
435 
436 #endif /* NO_AES */
437 #endif /* WOLF_CRYPT_AES_H */
TSIP_AES_CTX
Definition: renesas-tsip-crypt.h:131
wc_AesCbcDecrypt
WOLFSSL_API int wc_AesCbcDecrypt(Aes *aes, byte *out, const byte *in, word32 sz)
Decrypts a cipher from the input buffer in, and places the resulting plain text in the output buffer ...
Definition: aes.c:3008
wc_AesEncryptDirect
WOLFSSL_API void wc_AesEncryptDirect(Aes *aes, byte *out, const byte *in)
This function is a one-block encrypt of the input block, in, into the output block, out. It uses the key and iv (initialization vector) of the provided AES structure, which should be initialized with wc_AesSetKey before calling this function. It is only enabled if the configure option WOLFSSL_AES_DIRECT is enabled. Warning: In nearly all use cases ECB mode is considered to be less secure. Please avoid using ECB API’s directly whenever possible.
Definition: aes.c:2860
XtsAes
Definition: aes.h:239
wc_AesCcmEncrypt
WOLFSSL_API int wc_AesCcmEncrypt(Aes *aes, byte *out, const byte *in, word32 inSz, const byte *nonce, word32 nonceSz, byte *authTag, word32 authTagSz, const byte *authIn, word32 authInSz)
This function encrypts the input message, in, into the output buffer, out, using CCM (Counter with CB...
Definition: aes.c:6985
WC_CRYPTODEV
Definition: wc_devcrypto.h:35
Gmac
Definition: aes.h:246
wc_AesXtsEncrypt
WOLFSSL_API int wc_AesXtsEncrypt(XtsAes *aes, byte *out, const byte *in, word32 sz, const byte *i, word32 iSz)
AES with XTS mode. (XTS) XEX encryption with Tweak and cipher text Stealing.
Definition: aes.c:8465
wc_AesXtsDecrypt
WOLFSSL_API int wc_AesXtsDecrypt(XtsAes *aes, byte *out, const byte *in, word32 sz, const byte *i, word32 iSz)
Same process as encryption but Aes key is AES_DECRYPTION type.
Definition: aes.c:8573
wc_AesXtsEncryptSector
WOLFSSL_API int wc_AesXtsEncryptSector(XtsAes *aes, byte *out, const byte *in, word32 sz, word64 sector)
Same process as wc_AesXtsEncrypt but uses a word64 type as the tweak value instead of a byte array...
Definition: aes.c:8368
wc_GmacSetKey
WOLFSSL_API int wc_GmacSetKey(Gmac *gmac, const byte *key, word32 len)
This function initializes and sets the key for a GMAC object to be used for Galois Message Authentica...
Definition: aes.c:6943
wc_AesCbcEncrypt
WOLFSSL_API int wc_AesCbcEncrypt(Aes *aes, byte *out, const byte *in, word32 sz)
Encrypts a plaintext message from the input buffer in, and places the resulting cipher text in the ou...
Definition: aes.c:2951
aes_context_t
Definition: cryptoCell.h:44
Aes
Definition: aes.h:149
wc_AesInit
WOLFSSL_API int wc_AesInit(Aes *, void *, int)
Initialize Aes structure. Sets heap hint to be used and ID for use with async hardware.
Definition: aes.c:7447
wc_AesXtsFree
WOLFSSL_API int wc_AesXtsFree(XtsAes *aes)
This is to free up any resources used by the XtsAes structure.
Definition: aes.c:8345
wc_AesXtsSetKey
WOLFSSL_API int wc_AesXtsSetKey(XtsAes *aes, const byte *key, word32 len, int dir, void *heap, int devId)
This is to help with setting keys to correct encrypt or decrypt type. It is up to user to call wc_Aes...
Definition: aes.c:8304
wc_AesCcmSetKey
WOLFSSL_API int wc_AesCcmSetKey(Aes *aes, const byte *key, word32 keySz)
This function sets the key for an AES object using CCM (Counter with CBC-MAC). It takes a pointer to ...
Definition: aes.c:6965
wc_AesCcmDecrypt
WOLFSSL_API int wc_AesCcmDecrypt(Aes *aes, byte *out, const byte *in, word32 inSz, const byte *nonce, word32 nonceSz, const byte *authTag, word32 authTagSz, const byte *authIn, word32 authInSz)
This function decrypts the input cipher text, in, into the output buffer, out, using CCM (Counter wit...
Definition: aes.c:7013
WC_RNG
Definition: random.h:153
wc_AesSetIV
WOLFSSL_API int wc_AesSetIV(Aes *aes, const byte *iv)
This function sets the initialization vector for a particular AES object. The AES object should be in...
Definition: aes.c:2840
wc_GmacUpdate
WOLFSSL_API int wc_GmacUpdate(Gmac *gmac, const byte *iv, word32 ivSz, const byte *authIn, word32 authInSz, byte *authTag, word32 authTagSz)
This function generates the Gmac hash of the authIn input and stores the result in the authTag buffer...
Definition: aes.c:6952
wc_AesGcmSetKey
WOLFSSL_API int wc_AesGcmSetKey(Aes *aes, const byte *key, word32 len)
This function is used to set the key for AES GCM (Galois/Counter Mode). It initializes an AES object ...
Definition: aes.c:4118
wc_AesGcmDecrypt
WOLFSSL_API int wc_AesGcmDecrypt(Aes *aes, byte *out, const byte *in, word32 sz, const byte *iv, word32 ivSz, const byte *authTag, word32 authTagSz, const byte *authIn, word32 authInSz)
This function decrypts the input cipher text, held in the buffer in, and stores the resulting message...
Definition: aes.c:6319
wc_AesSetKey
WOLFSSL_API int wc_AesSetKey(Aes *aes, const byte *key, word32 len, const byte *iv, int dir)
This function initializes an AES structure by setting the key and then setting the initialization vec...
Definition: aes.c:2178
wc_AesDecryptDirect
WOLFSSL_API void wc_AesDecryptDirect(Aes *aes, byte *out, const byte *in)
This function is a one-block decrypt of the input block, in, into the output block, out. It uses the key and iv (initialization vector) of the provided AES structure, which should be initialized with wc_AesSetKey before calling this function. It is only enabled if the configure option WOLFSSL_AES_DIRECT is enabled, and there is support for direct AES encryption on the system in question. Warning: In nearly all use cases ECB mode is considered to be less secure. Please avoid using ECB API’s directly whenever possible.
Definition: aes.c:2873
wc_AesGcmEncrypt
WOLFSSL_API int wc_AesGcmEncrypt(Aes *aes, byte *out, const byte *in, word32 sz, const byte *iv, word32 ivSz, byte *authTag, word32 authTagSz, const byte *authIn, word32 authInSz)
This function encrypts the input message, held in the buffer in, and stores the resulting cipher text...
Definition: aes.c:5885
wc_AesCtrEncrypt
WOLFSSL_API int wc_AesCtrEncrypt(Aes *aes, byte *out, const byte *in, word32 sz)
Encrypts/Decrypts a message from the input buffer in, and places the resulting cipher text in the out...
Definition: aes.c:3859
wc_AesSetKeyDirect
WOLFSSL_API int wc_AesSetKeyDirect(Aes *aes, const byte *key, word32 len, const byte *iv, int dir)
This function is used to set the AES keys for CTR mode with AES. It initializes an AES object with th...
Definition: aes.c:2208
wc_AesXtsDecryptSector
WOLFSSL_API int wc_AesXtsDecryptSector(XtsAes *aes, byte *out, const byte *in, word32 sz, word64 sector)
Same process as wc_AesXtsDecrypt but uses a word64 type as the tweak value instead of a byte array...
Definition: aes.c:8396