1*e3723e1fSApple OSS Distributions /* Copyright (c) (2010-2012,2015-2022) Apple Inc. All rights reserved. 2*e3723e1fSApple OSS Distributions * 3*e3723e1fSApple OSS Distributions * corecrypto is licensed under Apple Inc.’s Internal Use License Agreement (which 4*e3723e1fSApple OSS Distributions * is contained in the License.txt file distributed with corecrypto) and only to 5*e3723e1fSApple OSS Distributions * people who accept that license. IMPORTANT: Any license rights granted to you by 6*e3723e1fSApple OSS Distributions * Apple Inc. (if any) are limited to internal use within your organization only on 7*e3723e1fSApple OSS Distributions * devices and computers you own or control, for the sole purpose of verifying the 8*e3723e1fSApple OSS Distributions * security characteristics and correct functioning of the Apple Software. You may 9*e3723e1fSApple OSS Distributions * not, directly or indirectly, redistribute the Apple Software or any portions thereof. 10*e3723e1fSApple OSS Distributions */ 11*e3723e1fSApple OSS Distributions 12*e3723e1fSApple OSS Distributions #ifndef _CORECRYPTO_CCMODE_IMPL_H_ 13*e3723e1fSApple OSS Distributions #define _CORECRYPTO_CCMODE_IMPL_H_ 14*e3723e1fSApple OSS Distributions #include <corecrypto/cc.h> 15*e3723e1fSApple OSS Distributions 16*e3723e1fSApple OSS Distributions #define CCMODE_MAX_BLOCK_SIZE 16 17*e3723e1fSApple OSS Distributions 18*e3723e1fSApple OSS Distributions /* ECB mode. */ 19*e3723e1fSApple OSS Distributions cc_aligned_struct(16) ccecb_ctx; 20*e3723e1fSApple OSS Distributions 21*e3723e1fSApple OSS Distributions /* Actual symmetric algorithm implementation should provide you one of these. */ 22*e3723e1fSApple OSS Distributions struct ccmode_ecb { 23*e3723e1fSApple OSS Distributions size_t size; /* first argument to ccecb_ctx_decl(). */ 24*e3723e1fSApple OSS Distributions size_t block_size; 25*e3723e1fSApple OSS Distributions int (*CC_SPTR(ccmode_ecb, init))(const struct ccmode_ecb *ecb, ccecb_ctx *ctx, size_t key_nbytes, const void *key); 26*e3723e1fSApple OSS Distributions int (*CC_SPTR(ccmode_ecb, ecb))(const ccecb_ctx *ctx, size_t nblocks, const void *in, void *out); 27*e3723e1fSApple OSS Distributions void (*CC_SPTR(ccmode_ecb, roundkey))(const ccecb_ctx *ctx, unsigned r, void *key); 28*e3723e1fSApple OSS Distributions cc_impl_t impl; 29*e3723e1fSApple OSS Distributions }; 30*e3723e1fSApple OSS Distributions 31*e3723e1fSApple OSS Distributions /*! 32*e3723e1fSApple OSS Distributions * @brief corecrypto symmetrical encryption and decryption modes 33*e3723e1fSApple OSS Distributions * 34*e3723e1fSApple OSS Distributions * corecrypto supports 6 stateless en(de)cryption modes and 2 stateful authenticated en(de)cryption modes 35*e3723e1fSApple OSS Distributions * stateless modes CBC, CFB, CFB8, CTR, OFB, XTS: They provide 3 interface functions that do not return errors codes 36*e3723e1fSApple OSS Distributions * 1- ccmod_xxx_init() 37*e3723e1fSApple OSS Distributions * 2- ccmod_xxx_decrypt() 38*e3723e1fSApple OSS Distributions * 3- ccmod_xxx_encrypt() 39*e3723e1fSApple OSS Distributions * 40*e3723e1fSApple OSS Distributions * stateful modes CCM and GCM: They provide 7 interface functions that return error codes if a function is called out of state 41*e3723e1fSApple OSS Distributions * 1- ccmod_xxx_init() 42*e3723e1fSApple OSS Distributions * 2- ccmod_xxx_setiv() 43*e3723e1fSApple OSS Distributions * 3- ccmod_xxx_aad() 44*e3723e1fSApple OSS Distributions * 4- ccmod_xxx_decrypt() 45*e3723e1fSApple OSS Distributions * 5- ccmod_xxx_encrypt() 46*e3723e1fSApple OSS Distributions * 6- ccmod_xxx_finalize() 47*e3723e1fSApple OSS Distributions * 7- ccmod_xxx_reset() 48*e3723e1fSApple OSS Distributions * 49*e3723e1fSApple OSS Distributions * the correct call sequences are: 50*e3723e1fSApple OSS Distributions * 51*e3723e1fSApple OSS Distributions * calls to 1, 2 and 6 arerequired 52*e3723e1fSApple OSS Distributions * 2 and 3 can be called as mant times as needed 53*e3723e1fSApple OSS Distributions * calls to 3, 4, 5 can be skipped 54*e3723e1fSApple OSS Distributions * 55*e3723e1fSApple OSS Distributions * 1, 2*n, 3*n, 4|5, 6 56*e3723e1fSApple OSS Distributions * 1, 2*n, , 4|5, 6 57*e3723e1fSApple OSS Distributions * 1, 2*n, , , 6 58*e3723e1fSApple OSS Distributions * 1, 2*n, 3*n, , 6 59*e3723e1fSApple OSS Distributions */ 60*e3723e1fSApple OSS Distributions 61*e3723e1fSApple OSS Distributions // 1- CBC mode, stateless 62*e3723e1fSApple OSS Distributions cc_aligned_struct(16) cccbc_ctx; 63*e3723e1fSApple OSS Distributions cc_aligned_struct(16) cccbc_iv; 64*e3723e1fSApple OSS Distributions 65*e3723e1fSApple OSS Distributions // This value was derived empirically. It may need to be updated to 66*e3723e1fSApple OSS Distributions // match changes in implementation. 67*e3723e1fSApple OSS Distributions #define CCCBC_MAX_CTX_SIZE 512 68*e3723e1fSApple OSS Distributions 69*e3723e1fSApple OSS Distributions struct ccmode_cbc { 70*e3723e1fSApple OSS Distributions size_t size; /* first argument to cccbc_ctx_decl(). */ 71*e3723e1fSApple OSS Distributions size_t block_size; 72*e3723e1fSApple OSS Distributions int (*CC_SPTR(ccmode_cbc, init))(const struct ccmode_cbc *cbc, cccbc_ctx *ctx, size_t key_len, const void *key); 73*e3723e1fSApple OSS Distributions /* cbc encrypt or decrypt nblocks from in to out, iv will be used and updated. */ 74*e3723e1fSApple OSS Distributions int (*CC_SPTR(ccmode_cbc, cbc))(const cccbc_ctx *ctx, cccbc_iv *iv, size_t nblocks, const void *in, void *out); 75*e3723e1fSApple OSS Distributions const void *custom; 76*e3723e1fSApple OSS Distributions }; 77*e3723e1fSApple OSS Distributions 78*e3723e1fSApple OSS Distributions // 2- CFB mode, stateless 79*e3723e1fSApple OSS Distributions cc_aligned_struct(16) cccfb_ctx; 80*e3723e1fSApple OSS Distributions 81*e3723e1fSApple OSS Distributions struct ccmode_cfb { 82*e3723e1fSApple OSS Distributions size_t size; /* first argument to cccfb_ctx_decl(). */ 83*e3723e1fSApple OSS Distributions size_t block_size; 84*e3723e1fSApple OSS Distributions int (*CC_SPTR(ccmode_cfb, 85*e3723e1fSApple OSS Distributions init))(const struct ccmode_cfb *cfb, cccfb_ctx *ctx, size_t key_len, const void *key, const void *iv); 86*e3723e1fSApple OSS Distributions int (*CC_SPTR(ccmode_cfb, cfb))(cccfb_ctx *ctx, size_t nbytes, const void *in, void *out); 87*e3723e1fSApple OSS Distributions const void *custom; 88*e3723e1fSApple OSS Distributions }; 89*e3723e1fSApple OSS Distributions 90*e3723e1fSApple OSS Distributions // 3- CFB8 mode, stateless 91*e3723e1fSApple OSS Distributions cc_aligned_struct(16) cccfb8_ctx; 92*e3723e1fSApple OSS Distributions 93*e3723e1fSApple OSS Distributions struct ccmode_cfb8 { 94*e3723e1fSApple OSS Distributions size_t size; /* first argument to cccfb8_ctx_decl(). */ 95*e3723e1fSApple OSS Distributions size_t block_size; 96*e3723e1fSApple OSS Distributions int (*CC_SPTR(ccmode_cfb8, 97*e3723e1fSApple OSS Distributions init))(const struct ccmode_cfb8 *cfb8, cccfb8_ctx *ctx, size_t key_len, const void *key, const void *iv); 98*e3723e1fSApple OSS Distributions int (*CC_SPTR(ccmode_cfb8, cfb8))(cccfb8_ctx *ctx, size_t nbytes, const void *in, void *out); 99*e3723e1fSApple OSS Distributions const void *custom; 100*e3723e1fSApple OSS Distributions }; 101*e3723e1fSApple OSS Distributions 102*e3723e1fSApple OSS Distributions // 4- CTR mode, stateless 103*e3723e1fSApple OSS Distributions cc_aligned_struct(16) ccctr_ctx; 104*e3723e1fSApple OSS Distributions 105*e3723e1fSApple OSS Distributions struct ccmode_ctr { 106*e3723e1fSApple OSS Distributions size_t size; /* first argument to ccctr_ctx_decl(). */ 107*e3723e1fSApple OSS Distributions size_t block_size; /* for historical reasons, this is set to 1 */ 108*e3723e1fSApple OSS Distributions size_t ecb_block_size; /* the actual block size of the underlying cipher */ 109*e3723e1fSApple OSS Distributions int (*CC_SPTR(ccmode_ctr, 110*e3723e1fSApple OSS Distributions init))(const struct ccmode_ctr *mode, ccctr_ctx *ctx, size_t key_len, const void *key, const void *iv); 111*e3723e1fSApple OSS Distributions int (*CC_SPTR(ccmode_ctr, setctr))(const struct ccmode_ctr *mode, ccctr_ctx *ctx, const void *ctr); 112*e3723e1fSApple OSS Distributions int (*CC_SPTR(ccmode_ctr, ctr))(ccctr_ctx *ctx, size_t nbytes, const void *in, void *out); 113*e3723e1fSApple OSS Distributions const void *custom; 114*e3723e1fSApple OSS Distributions }; 115*e3723e1fSApple OSS Distributions 116*e3723e1fSApple OSS Distributions // 5- OFB mode, stateless 117*e3723e1fSApple OSS Distributions cc_aligned_struct(16) ccofb_ctx; 118*e3723e1fSApple OSS Distributions 119*e3723e1fSApple OSS Distributions struct ccmode_ofb { 120*e3723e1fSApple OSS Distributions size_t size; /* first argument to ccofb_ctx_decl(). */ 121*e3723e1fSApple OSS Distributions size_t block_size; 122*e3723e1fSApple OSS Distributions int (*CC_SPTR(ccmode_ofb, 123*e3723e1fSApple OSS Distributions init))(const struct ccmode_ofb *ofb, ccofb_ctx *ctx, size_t key_len, const void *key, const void *iv); 124*e3723e1fSApple OSS Distributions int (*CC_SPTR(ccmode_ofb, ofb))(ccofb_ctx *ctx, size_t nbytes, const void *in, void *out); 125*e3723e1fSApple OSS Distributions const void *custom; 126*e3723e1fSApple OSS Distributions }; 127*e3723e1fSApple OSS Distributions 128*e3723e1fSApple OSS Distributions // 6- XTS mode, stateless 129*e3723e1fSApple OSS Distributions cc_aligned_struct(16) ccxts_ctx; 130*e3723e1fSApple OSS Distributions cc_aligned_struct(16) ccxts_tweak; 131*e3723e1fSApple OSS Distributions 132*e3723e1fSApple OSS Distributions struct ccmode_xts { 133*e3723e1fSApple OSS Distributions size_t size; /* first argument to ccxts_ctx_decl(). Size of the ctx data structure */ 134*e3723e1fSApple OSS Distributions size_t tweak_size; /* first argument to ccxts_tweak_decl(). Size of the tweak structure, not the expected tweak size */ 135*e3723e1fSApple OSS Distributions size_t block_size; 136*e3723e1fSApple OSS Distributions 137*e3723e1fSApple OSS Distributions /* Create a xts key from a xts mode object. 138*e3723e1fSApple OSS Distributions key must point to at least 'size' bytes of free storage. 139*e3723e1fSApple OSS Distributions tweak_key must point to at least 'tweak_size' bytes of free storage. 140*e3723e1fSApple OSS Distributions key and tweak_key must differ. 141*e3723e1fSApple OSS Distributions Returns nonzero on failure. 142*e3723e1fSApple OSS Distributions */ 143*e3723e1fSApple OSS Distributions int (*CC_SPTR(ccmode_xts, init))(const struct ccmode_xts *xts, 144*e3723e1fSApple OSS Distributions ccxts_ctx *ctx, 145*e3723e1fSApple OSS Distributions size_t key_nbytes, 146*e3723e1fSApple OSS Distributions const void *data_key, 147*e3723e1fSApple OSS Distributions const void *tweak_key); 148*e3723e1fSApple OSS Distributions 149*e3723e1fSApple OSS Distributions void (*CC_SPTR(ccmode_xts, key_sched))(const struct ccmode_xts *xts, 150*e3723e1fSApple OSS Distributions ccxts_ctx *ctx, 151*e3723e1fSApple OSS Distributions size_t key_nbytes, 152*e3723e1fSApple OSS Distributions const void *data_key, 153*e3723e1fSApple OSS Distributions const void *tweak_key); 154*e3723e1fSApple OSS Distributions 155*e3723e1fSApple OSS Distributions /* Set the tweak (sector number), the block within the sector zero. */ 156*e3723e1fSApple OSS Distributions int (*CC_SPTR(ccmode_xts, set_tweak))(const ccxts_ctx *ctx, ccxts_tweak *tweak, const void *iv); 157*e3723e1fSApple OSS Distributions 158*e3723e1fSApple OSS Distributions /* Encrypt blocks for a sector, clients must call set_tweak before calling 159*e3723e1fSApple OSS Distributions this function. Return a pointer to the tweak buffer */ 160*e3723e1fSApple OSS Distributions void *(*CC_SPTR(ccmode_xts, xts))(const ccxts_ctx *ctx, ccxts_tweak *tweak, size_t nblocks, const void *in, void *out); 161*e3723e1fSApple OSS Distributions 162*e3723e1fSApple OSS Distributions const void *custom; 163*e3723e1fSApple OSS Distributions const void *custom1; 164*e3723e1fSApple OSS Distributions cc_impl_t impl; 165*e3723e1fSApple OSS Distributions }; 166*e3723e1fSApple OSS Distributions 167*e3723e1fSApple OSS Distributions // 7- GCM mode, statful 168*e3723e1fSApple OSS Distributions cc_aligned_struct(16) ccgcm_ctx; 169*e3723e1fSApple OSS Distributions #define CCMODE_GCM_DECRYPTOR 78647 170*e3723e1fSApple OSS Distributions #define CCMODE_GCM_ENCRYPTOR 4073947 171*e3723e1fSApple OSS Distributions 172*e3723e1fSApple OSS Distributions struct ccmode_gcm { 173*e3723e1fSApple OSS Distributions size_t size; /* first argument to ccgcm_ctx_decl(). */ 174*e3723e1fSApple OSS Distributions int encdec; // is it encrypt or decrypt object 175*e3723e1fSApple OSS Distributions size_t block_size; 176*e3723e1fSApple OSS Distributions int (*CC_SPTR(ccmode_gcm, init))(const struct ccmode_gcm *gcm, ccgcm_ctx *ctx, size_t key_nbytes, const void *key); 177*e3723e1fSApple OSS Distributions int (*CC_SPTR(ccmode_gcm, set_iv))(ccgcm_ctx *ctx, size_t iv_nbytes, const void *iv); 178*e3723e1fSApple OSS Distributions int (*CC_SPTR(ccmode_gcm, gmac))(ccgcm_ctx *ctx, size_t nbytes, const void *in); // could just be gcm with NULL out 179*e3723e1fSApple OSS Distributions int (*CC_SPTR(ccmode_gcm, gcm))(ccgcm_ctx *ctx, size_t nbytes, const void *in, void *out); 180*e3723e1fSApple OSS Distributions int (*CC_SPTR(ccmode_gcm, finalize))(ccgcm_ctx *key, size_t tag_nbytes, void *tag); 181*e3723e1fSApple OSS Distributions int (*CC_SPTR(ccmode_gcm, reset))(ccgcm_ctx *ctx); 182*e3723e1fSApple OSS Distributions const void *custom; 183*e3723e1fSApple OSS Distributions }; 184*e3723e1fSApple OSS Distributions 185*e3723e1fSApple OSS Distributions // 8- CCM mode, stateful 186*e3723e1fSApple OSS Distributions cc_aligned_struct(16) ccccm_ctx; 187*e3723e1fSApple OSS Distributions cc_aligned_struct(16) ccccm_nonce; 188*e3723e1fSApple OSS Distributions 189*e3723e1fSApple OSS Distributions struct ccmode_ccm { 190*e3723e1fSApple OSS Distributions size_t size; /* first argument to ccccm_ctx_decl(). */ 191*e3723e1fSApple OSS Distributions size_t nonce_size; /* first argument to ccccm_nonce_decl(). */ 192*e3723e1fSApple OSS Distributions size_t block_size; 193*e3723e1fSApple OSS Distributions int (*CC_SPTR(ccmode_ccm, init))(const struct ccmode_ccm *ccm, ccccm_ctx *ctx, size_t key_len, const void *key); 194*e3723e1fSApple OSS Distributions int (*CC_SPTR(ccmode_ccm, set_iv))(ccccm_ctx *ctx, 195*e3723e1fSApple OSS Distributions ccccm_nonce *nonce_ctx, 196*e3723e1fSApple OSS Distributions size_t nonce_len, 197*e3723e1fSApple OSS Distributions const void *nonce, 198*e3723e1fSApple OSS Distributions size_t mac_size, 199*e3723e1fSApple OSS Distributions size_t auth_len, 200*e3723e1fSApple OSS Distributions size_t data_len); 201*e3723e1fSApple OSS Distributions int (*CC_SPTR(ccmode_ccm, cbcmac))(ccccm_ctx *ctx, 202*e3723e1fSApple OSS Distributions ccccm_nonce *nonce_ctx, 203*e3723e1fSApple OSS Distributions size_t nbytes, 204*e3723e1fSApple OSS Distributions const void *in); // could just be ccm with NULL out 205*e3723e1fSApple OSS Distributions int (*CC_SPTR(ccmode_ccm, ccm))(ccccm_ctx *ctx, ccccm_nonce *nonce_ctx, size_t nbytes, const void *in, void *out); 206*e3723e1fSApple OSS Distributions int (*CC_SPTR(ccmode_ccm, finalize))(ccccm_ctx *key, ccccm_nonce *nonce_ctx, void *mac); 207*e3723e1fSApple OSS Distributions int (*CC_SPTR(ccmode_ccm, reset))(ccccm_ctx *key, ccccm_nonce *nonce_ctx); 208*e3723e1fSApple OSS Distributions const void *custom; 209*e3723e1fSApple OSS Distributions bool enc_mode; 210*e3723e1fSApple OSS Distributions }; 211*e3723e1fSApple OSS Distributions 212*e3723e1fSApple OSS Distributions /* We need to expose this (currently)to keep CommonCrypto happy. */ 213*e3723e1fSApple OSS Distributions struct _ccmode_ccm_nonce { 214*e3723e1fSApple OSS Distributions unsigned char A_i[16]; /* crypto block iv */ 215*e3723e1fSApple OSS Distributions unsigned char B_i[16]; /* mac block iv */ 216*e3723e1fSApple OSS Distributions unsigned char MAC[16]; /* crypted mac */ 217*e3723e1fSApple OSS Distributions unsigned char buf[16]; /* crypt buffer */ 218*e3723e1fSApple OSS Distributions 219*e3723e1fSApple OSS Distributions uint32_t mode; /* mode: IV -> AD -> DATA */ 220*e3723e1fSApple OSS Distributions uint32_t buflen; /* length of data in buf */ 221*e3723e1fSApple OSS Distributions uint32_t b_i_len; /* length of cbcmac data in B_i */ 222*e3723e1fSApple OSS Distributions 223*e3723e1fSApple OSS Distributions size_t nonce_size; 224*e3723e1fSApple OSS Distributions size_t mac_size; 225*e3723e1fSApple OSS Distributions }; 226*e3723e1fSApple OSS Distributions 227*e3723e1fSApple OSS Distributions /* OMAC mode. */ 228*e3723e1fSApple OSS Distributions cc_aligned_struct(16) ccomac_ctx; 229*e3723e1fSApple OSS Distributions 230*e3723e1fSApple OSS Distributions struct ccmode_omac { 231*e3723e1fSApple OSS Distributions size_t size; /* first argument to ccomac_ctx_decl(). */ 232*e3723e1fSApple OSS Distributions size_t block_size; 233*e3723e1fSApple OSS Distributions int (*CC_SPTR(ccmode_omac, 234*e3723e1fSApple OSS Distributions init))(const struct ccmode_omac *omac, ccomac_ctx *ctx, size_t tweak_len, size_t key_len, const void *key); 235*e3723e1fSApple OSS Distributions int (*CC_SPTR(ccmode_omac, omac))(ccomac_ctx *ctx, size_t nblocks, const void *tweak, const void *in, void *out); 236*e3723e1fSApple OSS Distributions const void *custom; 237*e3723e1fSApple OSS Distributions }; 238*e3723e1fSApple OSS Distributions 239*e3723e1fSApple OSS Distributions /* This provide an implementation of SIV 240*e3723e1fSApple OSS Distributions as specified in https://tools.ietf.org/html/rfc5297 241*e3723e1fSApple OSS Distributions also in http://csrc.nist.gov/groups/ST/toolkit/BCM/documents/proposedmodes/siv/siv.pdf 242*e3723e1fSApple OSS Distributions Counter Mode where IV is based on CMAC 243*e3723e1fSApple OSS Distributions */ 244*e3723e1fSApple OSS Distributions 245*e3723e1fSApple OSS Distributions cc_aligned_struct(16) ccsiv_ctx; 246*e3723e1fSApple OSS Distributions 247*e3723e1fSApple OSS Distributions struct ccmode_siv { 248*e3723e1fSApple OSS Distributions size_t size; /* first argument to ccsiv_ctx_decl(). */ 249*e3723e1fSApple OSS Distributions size_t block_size; 250*e3723e1fSApple OSS Distributions int (*CC_SPTR(ccmode_siv, init))(const struct ccmode_siv *siv, ccsiv_ctx *ctx, 251*e3723e1fSApple OSS Distributions size_t key_len, const uint8_t *key); 252*e3723e1fSApple OSS Distributions int (*CC_SPTR(ccmode_siv, set_nonce))(ccsiv_ctx *ctx, size_t nbytes, const uint8_t *in); // could just be ccm with NULL out 253*e3723e1fSApple OSS Distributions int (*CC_SPTR(ccmode_siv, auth))(ccsiv_ctx *ctx, size_t nbytes, const uint8_t *in); // could just be ccm with NULL out 254*e3723e1fSApple OSS Distributions int (*CC_SPTR(ccmode_siv, crypt))(ccsiv_ctx *ctx, size_t nbytes, const uint8_t *in, uint8_t *out); 255*e3723e1fSApple OSS Distributions int (*CC_SPTR(ccmode_siv, reset))(ccsiv_ctx *ctx); 256*e3723e1fSApple OSS Distributions const struct ccmode_cbc *cbc; 257*e3723e1fSApple OSS Distributions const struct ccmode_ctr *ctr; 258*e3723e1fSApple OSS Distributions }; 259*e3723e1fSApple OSS Distributions 260*e3723e1fSApple OSS Distributions /* This provides an implementation of SIV using AES CTR mode with HMAC as the MAC, 261*e3723e1fSApple OSS Distributions allowing for a tagging mechanism with collision resistant tags. This is a modification of the 262*e3723e1fSApple OSS Distributions standard specified in https://tools.ietf.org/html/rfc5297 263*e3723e1fSApple OSS Distributions also in http://csrc.nist.gov/groups/ST/toolkit/BCM/documents/proposedmodes/siv/siv.pdf 264*e3723e1fSApple OSS Distributions Counter Mode where IV is based on HMAC. 265*e3723e1fSApple OSS Distributions */ 266*e3723e1fSApple OSS Distributions 267*e3723e1fSApple OSS Distributions cc_aligned_struct(16) ccsiv_hmac_ctx; 268*e3723e1fSApple OSS Distributions 269*e3723e1fSApple OSS Distributions struct ccmode_siv_hmac { 270*e3723e1fSApple OSS Distributions size_t size; /* first argument to ccsiv_hmac_ctx_decl(). */ 271*e3723e1fSApple OSS Distributions size_t block_size; 272*e3723e1fSApple OSS Distributions 273*e3723e1fSApple OSS Distributions int (*CC_SPTR(ccmode_siv_hmac, init))(const struct ccmode_siv_hmac *sivhmac, 274*e3723e1fSApple OSS Distributions ccsiv_hmac_ctx *ctx, 275*e3723e1fSApple OSS Distributions size_t key_len, 276*e3723e1fSApple OSS Distributions const uint8_t *key, 277*e3723e1fSApple OSS Distributions const size_t tag_size); 278*e3723e1fSApple OSS Distributions int (*CC_SPTR(ccmode_siv_hmac, set_nonce))(ccsiv_hmac_ctx *ctx, size_t nbytes, const uint8_t *in); 279*e3723e1fSApple OSS Distributions int (*CC_SPTR(ccmode_siv_hmac, auth))(ccsiv_hmac_ctx *ctx, size_t nbytes, const uint8_t *in); 280*e3723e1fSApple OSS Distributions int (*CC_SPTR(ccmode_siv_hmac, crypt))(ccsiv_hmac_ctx *ctx, size_t nbytes, const uint8_t *in, uint8_t *out); 281*e3723e1fSApple OSS Distributions int (*CC_SPTR(ccmode_siv_hmac, reset))(ccsiv_hmac_ctx *ctx); 282*e3723e1fSApple OSS Distributions const struct ccdigest_info *hmac_digest; // Digest to be used in HMAC; 283*e3723e1fSApple OSS Distributions const struct ccmode_ctr *ctr; 284*e3723e1fSApple OSS Distributions }; 285*e3723e1fSApple OSS Distributions 286*e3723e1fSApple OSS Distributions #endif /* _CORECRYPTO_CCMODE_IMPL_H_ */ 287