1 /* Copyright (c) (2010,2011,2012,2013,2015,2016,2017,2018,2019) Apple Inc. All rights reserved. 2 * 3 * corecrypto is licensed under Apple Inc.’s Internal Use License Agreement (which 4 * is contained in the License.txt file distributed with corecrypto) and only to 5 * people who accept that license. IMPORTANT: Any license rights granted to you by 6 * Apple Inc. (if any) are limited to internal use within your organization only on 7 * devices and computers you own or control, for the sole purpose of verifying the 8 * security characteristics and correct functioning of the Apple Software. You may 9 * not, directly or indirectly, redistribute the Apple Software or any portions thereof. 10 */ 11 12 #ifndef _CORECRYPTO_CCAES_H_ 13 #define _CORECRYPTO_CCAES_H_ 14 15 #include <corecrypto/cc_config.h> 16 #include <corecrypto/ccmode.h> 17 18 #define CCAES_BLOCK_SIZE 16 19 #define CCAES_KEY_SIZE_128 16 20 #define CCAES_KEY_SIZE_192 24 21 #define CCAES_KEY_SIZE_256 32 22 23 #define CCAES_CTR_MAX_PARALLEL_NBLOCKS 8 24 25 extern const struct ccmode_ecb ccaes_ltc_ecb_decrypt_mode; 26 extern const struct ccmode_ecb ccaes_ltc_ecb_encrypt_mode; 27 28 extern const struct ccmode_cbc ccaes_gladman_cbc_encrypt_mode; 29 extern const struct ccmode_cbc ccaes_gladman_cbc_decrypt_mode; 30 31 #if CCAES_ARM_ASM 32 extern const struct ccmode_ecb ccaes_arm_ecb_encrypt_mode; 33 extern const struct ccmode_ecb ccaes_arm_ecb_decrypt_mode; 34 35 extern const struct ccmode_cbc ccaes_arm_cbc_encrypt_mode; 36 extern const struct ccmode_cbc ccaes_arm_cbc_decrypt_mode; 37 38 extern const struct ccmode_xts ccaes_arm_xts_encrypt_mode; 39 extern const struct ccmode_xts ccaes_arm_xts_decrypt_mode; 40 41 extern const struct ccmode_cfb ccaes_arm_cfb_encrypt_mode; 42 extern const struct ccmode_cfb ccaes_arm_cfb_decrypt_mode; 43 44 extern const struct ccmode_ofb ccaes_arm_ofb_crypt_mode; 45 46 #endif 47 48 #if CCAES_MUX 49 /* Runtime check to see if hardware should be used */ 50 int ccaes_ios_hardware_enabled(int operation); 51 52 extern const struct ccmode_cbc ccaes_ios_hardware_cbc_encrypt_mode; 53 extern const struct ccmode_cbc ccaes_ios_hardware_cbc_decrypt_mode; 54 55 extern const struct ccmode_ctr ccaes_ios_hardware_ctr_crypt_mode; 56 57 extern const struct ccmode_cbc *ccaes_ios_mux_cbc_encrypt_mode(void); 58 extern const struct ccmode_cbc *ccaes_ios_mux_cbc_decrypt_mode(void); 59 60 extern const struct ccmode_ctr *ccaes_ios_mux_ctr_crypt_mode(void); 61 62 #endif 63 64 #if CCAES_INTEL_ASM 65 extern const struct ccmode_ecb ccaes_intel_ecb_encrypt_opt_mode; 66 extern const struct ccmode_ecb ccaes_intel_ecb_encrypt_aesni_mode; 67 68 extern const struct ccmode_ecb ccaes_intel_ecb_decrypt_opt_mode; 69 extern const struct ccmode_ecb ccaes_intel_ecb_decrypt_aesni_mode; 70 71 extern const struct ccmode_cbc ccaes_intel_cbc_encrypt_opt_mode; 72 extern const struct ccmode_cbc ccaes_intel_cbc_encrypt_aesni_mode; 73 74 extern const struct ccmode_cbc ccaes_intel_cbc_decrypt_opt_mode; 75 extern const struct ccmode_cbc ccaes_intel_cbc_decrypt_aesni_mode; 76 77 extern const struct ccmode_xts ccaes_intel_xts_encrypt_opt_mode; 78 extern const struct ccmode_xts ccaes_intel_xts_encrypt_aesni_mode; 79 80 extern const struct ccmode_xts ccaes_intel_xts_decrypt_opt_mode; 81 extern const struct ccmode_xts ccaes_intel_xts_decrypt_aesni_mode; 82 #endif 83 84 #if CC_USE_L4 85 extern const struct ccmode_cbc ccaes_skg_cbc_encrypt_mode; 86 extern const struct ccmode_cbc ccaes_skg_cbc_decrypt_mode; 87 88 extern const struct ccmode_ecb ccaes_skg_ecb_encrypt_mode; 89 extern const struct ccmode_ecb ccaes_skg_ecb_decrypt_mode; 90 91 extern const struct ccmode_ecb ccaes_trng_ecb_encrypt_mode; 92 #endif 93 94 /* Implementation Selectors: */ 95 const struct ccmode_ecb *ccaes_ecb_encrypt_mode(void); 96 const struct ccmode_cbc *ccaes_cbc_encrypt_mode(void); 97 const struct ccmode_cfb *ccaes_cfb_encrypt_mode(void); 98 const struct ccmode_cfb8 *ccaes_cfb8_encrypt_mode(void); 99 const struct ccmode_xts *ccaes_xts_encrypt_mode(void); 100 const struct ccmode_gcm *ccaes_gcm_encrypt_mode(void); 101 const struct ccmode_ccm *ccaes_ccm_encrypt_mode(void); 102 103 const struct ccmode_ecb *ccaes_ecb_decrypt_mode(void); 104 const struct ccmode_cbc *ccaes_cbc_decrypt_mode(void); 105 const struct ccmode_cfb *ccaes_cfb_decrypt_mode(void); 106 const struct ccmode_cfb8 *ccaes_cfb8_decrypt_mode(void); 107 const struct ccmode_xts *ccaes_xts_decrypt_mode(void); 108 const struct ccmode_gcm *ccaes_gcm_decrypt_mode(void); 109 const struct ccmode_ccm *ccaes_ccm_decrypt_mode(void); 110 111 const struct ccmode_ctr *ccaes_ctr_crypt_mode(void); 112 const struct ccmode_ofb *ccaes_ofb_crypt_mode(void); 113 114 const struct ccmode_siv *ccaes_siv_encrypt_mode(void); 115 const struct ccmode_siv *ccaes_siv_decrypt_mode(void); 116 117 const struct ccmode_siv_hmac *ccaes_siv_hmac_sha256_encrypt_mode(void); 118 const struct ccmode_siv_hmac *ccaes_siv_hmac_sha256_decrypt_mode(void); 119 120 /*! 121 @function ccaes_unwind 122 @abstract "Unwind" an AES encryption key to the equivalent decryption key. 123 124 @param key_nbytes Length in bytes of both the input and output keys 125 @param key The input AES encryption key 126 @param out The output AES decryption key 127 128 @result @p CCERR_OK iff successful. 129 @discussion Only AES256 (i.e. 32-byte) keys are supported. This function is not necessary in typical AES usage; consult the maintainers before using it. 130 */ 131 int ccaes_unwind(size_t key_nbytes, const void *key, void *out); 132 133 #endif /* _CORECRYPTO_CCAES_H_ */ 134