xref: /xnu-10002.41.9/EXTERNAL_HEADERS/corecrypto/ccpad.h (revision 699cd48037512bf4380799317ca44ca453c82f57) 
1*699cd480SApple OSS Distributions /* Copyright (c) (2010,2011,2012,2014,2015,2019) Apple Inc. All rights reserved.
2*699cd480SApple OSS Distributions  *
3*699cd480SApple OSS Distributions  * corecrypto is licensed under Apple Inc.’s Internal Use License Agreement (which
4*699cd480SApple OSS Distributions  * is contained in the License.txt file distributed with corecrypto) and only to
5*699cd480SApple OSS Distributions  * people who accept that license. IMPORTANT:  Any license rights granted to you by
6*699cd480SApple OSS Distributions  * Apple Inc. (if any) are limited to internal use within your organization only on
7*699cd480SApple OSS Distributions  * devices and computers you own or control, for the sole purpose of verifying the
8*699cd480SApple OSS Distributions  * security characteristics and correct functioning of the Apple Software.  You may
9*699cd480SApple OSS Distributions  * not, directly or indirectly, redistribute the Apple Software or any portions thereof.
10*699cd480SApple OSS Distributions  */
11*699cd480SApple OSS Distributions 
12*699cd480SApple OSS Distributions #ifndef _CORECRYPTO_CCPAD_H_
13*699cd480SApple OSS Distributions #define _CORECRYPTO_CCPAD_H_
14*699cd480SApple OSS Distributions 
15*699cd480SApple OSS Distributions #include <corecrypto/ccmode.h>
16*699cd480SApple OSS Distributions 
17*699cd480SApple OSS Distributions // CTS1,2,3 are defined in Addendum to 800-38A,
18*699cd480SApple OSS Distributions // "Cipher Modes of Operation: Three Variants of Ciphertext Stealing for CBC Mode"
19*699cd480SApple OSS Distributions // CTS3 is also known as "CTS" in RFC3962
20*699cd480SApple OSS Distributions 
21*699cd480SApple OSS Distributions /* Contract is nbytes is at least 1 block + 1 byte.  Also in is nbytes long out is nbytes long. */
22*699cd480SApple OSS Distributions size_t ccpad_cts1_decrypt(const struct ccmode_cbc *cbc, cccbc_ctx *ctx, cccbc_iv *iv,
23*699cd480SApple OSS Distributions                        size_t nbytes, const void *in, void *out);
24*699cd480SApple OSS Distributions 
25*699cd480SApple OSS Distributions /* Contract is nbytes is at least 1 block + 1 byte.  Also in is nbytes long out is nbytes long. */
26*699cd480SApple OSS Distributions size_t ccpad_cts1_encrypt(const struct ccmode_cbc *cbc, cccbc_ctx *ctx, cccbc_iv *iv,
27*699cd480SApple OSS Distributions                        size_t nbytes, const void *in, void *out);
28*699cd480SApple OSS Distributions /* Contract is nbytes is at least 1 block + 1 byte.  Also in is nbytes long out is nbytes long. */
29*699cd480SApple OSS Distributions size_t ccpad_cts2_decrypt(const struct ccmode_cbc *cbc, cccbc_ctx *ctx, cccbc_iv *iv,
30*699cd480SApple OSS Distributions                        size_t nbytes, const void *in, void *out);
31*699cd480SApple OSS Distributions 
32*699cd480SApple OSS Distributions /* Contract is nbytes is at least 1 block + 1 byte.  Also in is nbytes long out is nbytes long. */
33*699cd480SApple OSS Distributions size_t ccpad_cts2_encrypt(const struct ccmode_cbc *cbc, cccbc_ctx *ctx, cccbc_iv *iv,
34*699cd480SApple OSS Distributions                        size_t nbytes, const void *in, void *out);
35*699cd480SApple OSS Distributions /* Contract is nbytes is at least 1 block + 1 byte.  Also in is nbytes long out is nbytes long. */
36*699cd480SApple OSS Distributions size_t ccpad_cts3_decrypt(const struct ccmode_cbc *cbc, cccbc_ctx *ctx, cccbc_iv *iv,
37*699cd480SApple OSS Distributions                        size_t nbytes, const void *in, void *out);
38*699cd480SApple OSS Distributions 
39*699cd480SApple OSS Distributions /* Contract is nbytes is at least 1 block + 1 byte.  Also in is nbytes long out is nbytes long. */
40*699cd480SApple OSS Distributions size_t ccpad_cts3_encrypt(const struct ccmode_cbc *cbc, cccbc_ctx *ctx, cccbc_iv *iv,
41*699cd480SApple OSS Distributions                        size_t nbytes, const void *in, void *out);
42*699cd480SApple OSS Distributions 
43*699cd480SApple OSS Distributions /* Contract is nbytes is non zero and a multiple of block_size. Furthermore in is nbytes long and out is nbytes long.  Returns number of bytes written to out (technically we always write nbytes to out but the returned value is the number of bytes decrypted after removal of padding.
44*699cd480SApple OSS Distributions 
45*699cd480SApple OSS Distributions     To be safe we remove the entire offending block if the pkcs7 padding checks failed.  However we purposely don't report the failure to decode the padding since any use of this error leads to potential security exploits.  So currently there is no way to distinguish between a full block of padding and bad padding.
46*699cd480SApple OSS Distributions  */
47*699cd480SApple OSS Distributions size_t ccpad_pkcs7_decrypt(const struct ccmode_cbc *cbc, cccbc_ctx *ctx, cccbc_iv *iv,
48*699cd480SApple OSS Distributions                            size_t nbytes, const void *in, void *out);
49*699cd480SApple OSS Distributions 
50*699cd480SApple OSS Distributions /* Contract is in is nbytes long.  Writes (nbytes / block_size) + 1 times block_size to out.  In other words, out must be nbytes rounded down to the closest multiple of block_size plus block_size bytes. */
51*699cd480SApple OSS Distributions size_t ccpad_pkcs7_encrypt(const struct ccmode_cbc *cbc, cccbc_ctx *ctx, cccbc_iv *iv,
52*699cd480SApple OSS Distributions                          size_t nbytes, const void *in, void *out);
53*699cd480SApple OSS Distributions 
54*699cd480SApple OSS Distributions /* Contract is 'don't break CommonCrypto functionality that allows PKCS7 padding with ECB mode'.  This is basically the same routines above, without an IV, because calling
55*699cd480SApple OSS Distributions    crypt with an IV makes ecb cry (and crash) */
56*699cd480SApple OSS Distributions 
57*699cd480SApple OSS Distributions size_t ccpad_pkcs7_ecb_decrypt(const struct ccmode_ecb *ecb, ccecb_ctx *ecb_key,
58*699cd480SApple OSS Distributions                                size_t nbytes, const void *in, void *out);
59*699cd480SApple OSS Distributions 
60*699cd480SApple OSS Distributions size_t ccpad_pkcs7_ecb_encrypt(const struct ccmode_ecb *ecb, ccecb_ctx *ctx,
61*699cd480SApple OSS Distributions                              size_t nbytes, const void *in, void *out);
62*699cd480SApple OSS Distributions 
63*699cd480SApple OSS Distributions /* Function common to ccpad_pkcs7_ecb_decrypt and ccpad_pkcs7_decrypt */
64*699cd480SApple OSS Distributions size_t ccpad_pkcs7_decode(const size_t block_size, const uint8_t* last_block);
65*699cd480SApple OSS Distributions 
66*699cd480SApple OSS Distributions /* Contract is nbytes is at least 1 block + 1 byte.  Also in is nbytes long out is nbytes long. */
67*699cd480SApple OSS Distributions size_t ccpad_xts_decrypt(const struct ccmode_xts *xts, ccxts_ctx *ctx, ccxts_tweak *tweak,
68*699cd480SApple OSS Distributions                        size_t nbytes, const void *in, void *out);
69*699cd480SApple OSS Distributions 
70*699cd480SApple OSS Distributions /* Contract is nbytes is at least 1 block + 1 byte.  Also in is nbytes long out is nbytes long. */
71*699cd480SApple OSS Distributions void ccpad_xts_encrypt(const struct ccmode_xts *xts, ccxts_ctx *ctx, ccxts_tweak *tweak,
72*699cd480SApple OSS Distributions                        size_t nbytes, const void *in, void *out);
73*699cd480SApple OSS Distributions 
74*699cd480SApple OSS Distributions #endif /* _CORECRYPTO_CCPAD_H_ */
75