1/* Copyright (c) (2010-2013,2015-2019,2021-2023) Apple Inc. All rights reserved.
2 *
3 * corecrypto is licensed under Apple Inc.’s Internal Use License Agreement (which
4 * is contained in the License.txt file distributed with corecrypto) and only to
5 * people who accept that license. IMPORTANT: Any license rights granted to you by
6 * Apple Inc. (if any) are limited to internal use within your organization only on
7 * devices and computers you own or control, for the sole purpose of verifying the
8 * security characteristics and correct functioning of the Apple Software. You may
9 * not, directly or indirectly, redistribute the Apple Software or any portions thereof.
10 */
11
12#ifndef _CORECRYPTO_CCAES_H_
13#define _CORECRYPTO_CCAES_H_
14
15#include <corecrypto/cc_config.h>
16#include <corecrypto/ccmode.h>
17
18CC_PTRCHECK_CAPABLE_HEADER()
19
20#define CCAES_BLOCK_SIZE 16
21#define CCAES_KEY_SIZE_128 16
22#define CCAES_KEY_SIZE_192 24
23#define CCAES_KEY_SIZE_256 32
24
25#define CCAES_CTR_MAX_PARALLEL_NBLOCKS 8
26
27extern const struct ccmode_ecb ccaes_ltc_ecb_decrypt_mode;
28extern const struct ccmode_ecb ccaes_ltc_ecb_encrypt_mode;
29
30extern const struct ccmode_cbc ccaes_gladman_cbc_encrypt_mode;
31extern const struct ccmode_cbc ccaes_gladman_cbc_decrypt_mode;
32
33#if CCAES_ARM_ASM
34extern const struct ccmode_ecb ccaes_arm_ecb_encrypt_mode;
35extern const struct ccmode_ecb ccaes_arm_ecb_decrypt_mode;
36
37extern const struct ccmode_cbc ccaes_arm_cbc_encrypt_mode;
38extern const struct ccmode_cbc ccaes_arm_cbc_decrypt_mode;
39
40extern const struct ccmode_xts ccaes_arm_xts_encrypt_mode;
41extern const struct ccmode_xts ccaes_arm_xts_decrypt_mode;
42
43extern const struct ccmode_cfb ccaes_arm_cfb_encrypt_mode;
44extern const struct ccmode_cfb ccaes_arm_cfb_decrypt_mode;
45
46extern const struct ccmode_ofb ccaes_arm_ofb_crypt_mode;
47
48#endif
49
50#if CCAES_INTEL_ASM
51extern const struct ccmode_ecb ccaes_intel_ecb_encrypt_opt_mode;
52extern const struct ccmode_ecb ccaes_intel_ecb_encrypt_aesni_mode;
53
54extern const struct ccmode_ecb ccaes_intel_ecb_decrypt_opt_mode;
55extern const struct ccmode_ecb ccaes_intel_ecb_decrypt_aesni_mode;
56
57extern const struct ccmode_cbc ccaes_intel_cbc_encrypt_opt_mode;
58extern const struct ccmode_cbc ccaes_intel_cbc_encrypt_aesni_mode;
59
60extern const struct ccmode_cbc ccaes_intel_cbc_decrypt_opt_mode;
61extern const struct ccmode_cbc ccaes_intel_cbc_decrypt_aesni_mode;
62
63extern const struct ccmode_xts ccaes_intel_xts_encrypt_opt_mode;
64extern const struct ccmode_xts ccaes_intel_xts_encrypt_aesni_mode;
65
66extern const struct ccmode_xts ccaes_intel_xts_decrypt_opt_mode;
67extern const struct ccmode_xts ccaes_intel_xts_decrypt_aesni_mode;
68#endif
69
70#if CC_USE_L4
71extern const struct ccmode_cbc ccaes_skg_cbc_encrypt_mode;
72extern const struct ccmode_cbc ccaes_skg_cbc_decrypt_mode;
73
74extern const struct ccmode_ecb ccaes_skg_ecb_encrypt_mode;
75extern const struct ccmode_ecb ccaes_skg_ecb_decrypt_mode;
76
77extern const struct ccmode_ecb ccaes_trng_ecb_encrypt_mode;
78#endif
79
80/* Implementation Selectors: */
81const struct ccmode_ecb *ccaes_ecb_encrypt_mode(void);
82const struct ccmode_cbc *ccaes_cbc_encrypt_mode(void);
83const struct ccmode_cfb *ccaes_cfb_encrypt_mode(void);
84const struct ccmode_cfb8 *ccaes_cfb8_encrypt_mode(void);
85const struct ccmode_xts *ccaes_xts_encrypt_mode(void);
86const struct ccmode_gcm *ccaes_gcm_encrypt_mode(void);
87const struct ccmode_ccm *ccaes_ccm_encrypt_mode(void);
88
89const struct ccmode_ecb *ccaes_ecb_decrypt_mode(void);
90const struct ccmode_cbc *ccaes_cbc_decrypt_mode(void);
91const struct ccmode_cfb *ccaes_cfb_decrypt_mode(void);
92const struct ccmode_cfb8 *ccaes_cfb8_decrypt_mode(void);
93const struct ccmode_xts *ccaes_xts_decrypt_mode(void);
94const struct ccmode_gcm *ccaes_gcm_decrypt_mode(void);
95const struct ccmode_ccm *ccaes_ccm_decrypt_mode(void);
96
97const struct ccmode_ctr *ccaes_ctr_crypt_mode(void);
98const struct ccmode_ofb *ccaes_ofb_crypt_mode(void);
99
100const struct ccmode_siv *ccaes_siv_encrypt_mode(void);
101const struct ccmode_siv *ccaes_siv_decrypt_mode(void);
102
103const struct ccmode_siv_hmac *ccaes_siv_hmac_sha256_encrypt_mode(void);
104const struct ccmode_siv_hmac *ccaes_siv_hmac_sha256_decrypt_mode(void);
105
106/*!
107 @function ccaes_unwind
108 @abstract "Unwind" an AES encryption key to the equivalent decryption key.
109
110 @param key_nbytes Length in bytes of both the input and output keys
111 @param key The input AES encryption key
112 @param out The output AES decryption key
113
114 @result @p CCERR_OK iff successful.
115 @discussion Only AES256 (i.e. 32-byte) keys are supported. This function is not necessary in typical AES usage; consult the maintainers before using it.
116*/
117int ccaes_unwind(size_t key_nbytes, const void *cc_sized_by(key_nbytes) key, void *cc_sized_by(key_nbytes) out);
118
119#endif /* _CORECRYPTO_CCAES_H_ */
120