1*aca3beaaSApple OSS Distributions /* Copyright (c) (2010-2012,2014-2021) Apple Inc. All rights reserved.
2*aca3beaaSApple OSS Distributions *
3*aca3beaaSApple OSS Distributions * corecrypto is licensed under Apple Inc.’s Internal Use License Agreement (which
4*aca3beaaSApple OSS Distributions * is contained in the License.txt file distributed with corecrypto) and only to
5*aca3beaaSApple OSS Distributions * people who accept that license. IMPORTANT: Any license rights granted to you by
6*aca3beaaSApple OSS Distributions * Apple Inc. (if any) are limited to internal use within your organization only on
7*aca3beaaSApple OSS Distributions * devices and computers you own or control, for the sole purpose of verifying the
8*aca3beaaSApple OSS Distributions * security characteristics and correct functioning of the Apple Software. You may
9*aca3beaaSApple OSS Distributions * not, directly or indirectly, redistribute the Apple Software or any portions thereof.
10*aca3beaaSApple OSS Distributions */
11*aca3beaaSApple OSS Distributions
12*aca3beaaSApple OSS Distributions #ifndef _CORECRYPTO_CCMODE_H_
13*aca3beaaSApple OSS Distributions #define _CORECRYPTO_CCMODE_H_
14*aca3beaaSApple OSS Distributions
15*aca3beaaSApple OSS Distributions #include <corecrypto/cc_config.h>
16*aca3beaaSApple OSS Distributions #include <corecrypto/cc.h>
17*aca3beaaSApple OSS Distributions #include <corecrypto/ccmode_impl.h>
18*aca3beaaSApple OSS Distributions #include <corecrypto/ccmode_siv.h>
19*aca3beaaSApple OSS Distributions #include <corecrypto/ccmode_siv_hmac.h>
20*aca3beaaSApple OSS Distributions
21*aca3beaaSApple OSS Distributions
22*aca3beaaSApple OSS Distributions
CC_PTRCHECK_CAPABLE_HEADER()23*aca3beaaSApple OSS Distributions CC_PTRCHECK_CAPABLE_HEADER()
24*aca3beaaSApple OSS Distributions
25*aca3beaaSApple OSS Distributions /* ECB mode. */
26*aca3beaaSApple OSS Distributions
27*aca3beaaSApple OSS Distributions /* Declare a ecb key named _name_. Pass the size field of a struct ccmode_ecb
28*aca3beaaSApple OSS Distributions for _size_. */
29*aca3beaaSApple OSS Distributions #define ccecb_ctx_decl(_size_, _name_) cc_ctx_decl_vla(ccecb_ctx, _size_, _name_)
30*aca3beaaSApple OSS Distributions #define ccecb_ctx_clear(_size_, _name_) cc_clear(_size_, _name_)
31*aca3beaaSApple OSS Distributions
32*aca3beaaSApple OSS Distributions CC_INLINE size_t ccecb_context_size(const struct ccmode_ecb *mode)
33*aca3beaaSApple OSS Distributions {
34*aca3beaaSApple OSS Distributions return mode->size;
35*aca3beaaSApple OSS Distributions }
36*aca3beaaSApple OSS Distributions
ccecb_block_size(const struct ccmode_ecb * mode)37*aca3beaaSApple OSS Distributions CC_INLINE size_t ccecb_block_size(const struct ccmode_ecb *mode)
38*aca3beaaSApple OSS Distributions {
39*aca3beaaSApple OSS Distributions return mode->block_size;
40*aca3beaaSApple OSS Distributions }
41*aca3beaaSApple OSS Distributions
ccecb_init(const struct ccmode_ecb * mode,ccecb_ctx * ctx,size_t key_len,const void * cc_sized_by (key_len)key)42*aca3beaaSApple OSS Distributions CC_INLINE int ccecb_init(const struct ccmode_ecb *mode, ccecb_ctx *ctx, size_t key_len, const void *cc_sized_by(key_len) key)
43*aca3beaaSApple OSS Distributions {
44*aca3beaaSApple OSS Distributions return mode->init(mode, ctx, key_len, key);
45*aca3beaaSApple OSS Distributions }
46*aca3beaaSApple OSS Distributions
ccecb_update(const struct ccmode_ecb * mode,const ccecb_ctx * ctx,size_t nblocks,const void * cc_indexable in,void * cc_indexable out)47*aca3beaaSApple OSS Distributions CC_INLINE int ccecb_update(const struct ccmode_ecb *mode, const ccecb_ctx *ctx, size_t nblocks, const void *cc_indexable in, void *cc_indexable out)
48*aca3beaaSApple OSS Distributions {
49*aca3beaaSApple OSS Distributions return mode->ecb(ctx, nblocks, in, out);
50*aca3beaaSApple OSS Distributions }
51*aca3beaaSApple OSS Distributions
52*aca3beaaSApple OSS Distributions CC_INLINE int
ccecb_one_shot(const struct ccmode_ecb * mode,size_t key_len,const void * key,size_t nblocks,const void * cc_indexable in,void * cc_indexable out)53*aca3beaaSApple OSS Distributions ccecb_one_shot(const struct ccmode_ecb *mode, size_t key_len, const void *key, size_t nblocks, const void *cc_indexable in, void *cc_indexable out)
54*aca3beaaSApple OSS Distributions {
55*aca3beaaSApple OSS Distributions int rc;
56*aca3beaaSApple OSS Distributions ccecb_ctx_decl(mode->size, ctx);
57*aca3beaaSApple OSS Distributions rc = mode->init(mode, ctx, key_len, key);
58*aca3beaaSApple OSS Distributions if (rc == 0) {
59*aca3beaaSApple OSS Distributions rc = mode->ecb(ctx, nblocks, in, out);
60*aca3beaaSApple OSS Distributions }
61*aca3beaaSApple OSS Distributions ccecb_ctx_clear(mode->size, ctx);
62*aca3beaaSApple OSS Distributions return rc;
63*aca3beaaSApple OSS Distributions }
64*aca3beaaSApple OSS Distributions
65*aca3beaaSApple OSS Distributions /* CBC mode. */
66*aca3beaaSApple OSS Distributions
67*aca3beaaSApple OSS Distributions /* Declare a cbc key named _name_. Pass the size field of a struct ccmode_cbc
68*aca3beaaSApple OSS Distributions for _size_. */
69*aca3beaaSApple OSS Distributions #define cccbc_ctx_decl(_size_, _name_) cc_ctx_decl_vla(cccbc_ctx, _size_, _name_)
70*aca3beaaSApple OSS Distributions #define cccbc_ctx_clear(_size_, _name_) cc_clear(_size_, _name_)
71*aca3beaaSApple OSS Distributions
72*aca3beaaSApple OSS Distributions /* Declare a cbc iv tweak named _name_. Pass the blocksize field of a
73*aca3beaaSApple OSS Distributions struct ccmode_cbc for _size_. */
74*aca3beaaSApple OSS Distributions #define cccbc_iv_decl(_size_, _name_) cc_ctx_decl_vla(cccbc_iv, _size_, _name_)
75*aca3beaaSApple OSS Distributions #define cccbc_iv_clear(_size_, _name_) cc_clear(_size_, _name_)
76*aca3beaaSApple OSS Distributions
77*aca3beaaSApple OSS Distributions /* Actual symmetric algorithm implementation can provide you one of these.
78*aca3beaaSApple OSS Distributions
79*aca3beaaSApple OSS Distributions Alternatively you can create a ccmode_cbc instance from any ccmode_ecb
80*aca3beaaSApple OSS Distributions cipher. To do so, statically initialize a struct ccmode_cbc using the
81*aca3beaaSApple OSS Distributions CCMODE_FACTORY_CBC_DECRYPT or CCMODE_FACTORY_CBC_ENCRYPT macros.
82*aca3beaaSApple OSS Distributions Alternatively you can dynamically initialize a struct ccmode_cbc
83*aca3beaaSApple OSS Distributions ccmode_factory_cbc_decrypt() or ccmode_factory_cbc_encrypt(). */
84*aca3beaaSApple OSS Distributions
cccbc_context_size(const struct ccmode_cbc * mode)85*aca3beaaSApple OSS Distributions CC_INLINE size_t cccbc_context_size(const struct ccmode_cbc *mode)
86*aca3beaaSApple OSS Distributions {
87*aca3beaaSApple OSS Distributions return mode->size;
88*aca3beaaSApple OSS Distributions }
89*aca3beaaSApple OSS Distributions
cccbc_block_size(const struct ccmode_cbc * mode)90*aca3beaaSApple OSS Distributions CC_INLINE size_t cccbc_block_size(const struct ccmode_cbc *mode)
91*aca3beaaSApple OSS Distributions {
92*aca3beaaSApple OSS Distributions return mode->block_size;
93*aca3beaaSApple OSS Distributions }
94*aca3beaaSApple OSS Distributions
cccbc_init(const struct ccmode_cbc * mode,cccbc_ctx * ctx,size_t key_len,const void * cc_sized_by (key_len)key)95*aca3beaaSApple OSS Distributions CC_INLINE int cccbc_init(const struct ccmode_cbc *mode, cccbc_ctx *ctx, size_t key_len, const void *cc_sized_by(key_len) key)
96*aca3beaaSApple OSS Distributions {
97*aca3beaaSApple OSS Distributions return mode->init(mode, ctx, key_len, key);
98*aca3beaaSApple OSS Distributions }
99*aca3beaaSApple OSS Distributions
cccbc_copy_iv(cccbc_iv * cc_sized_by (len)iv_ctx,const void * cc_sized_by (len)iv,size_t len)100*aca3beaaSApple OSS Distributions CC_INLINE int cccbc_copy_iv(cccbc_iv *cc_sized_by(len) iv_ctx, const void *cc_sized_by(len) iv, size_t len) {
101*aca3beaaSApple OSS Distributions cc_copy(len, iv_ctx, iv);
102*aca3beaaSApple OSS Distributions return 0;
103*aca3beaaSApple OSS Distributions }
cccbc_clear_iv(cccbc_iv * cc_sized_by (len)iv_ctx,size_t len)104*aca3beaaSApple OSS Distributions CC_INLINE int cccbc_clear_iv(cccbc_iv *cc_sized_by(len) iv_ctx, size_t len) {
105*aca3beaaSApple OSS Distributions cc_clear(len, iv_ctx);
106*aca3beaaSApple OSS Distributions return 0;
107*aca3beaaSApple OSS Distributions }
108*aca3beaaSApple OSS Distributions
109*aca3beaaSApple OSS Distributions #if CC_PTRCHECK
110*aca3beaaSApple OSS Distributions cc_unavailable() // Use cccbc_copy_iv() or cccbc_clear_iv() directly.
111*aca3beaaSApple OSS Distributions int cccbc_set_iv(const struct ccmode_cbc *mode, cccbc_iv *iv_ctx, const void *iv);
112*aca3beaaSApple OSS Distributions #else
cccbc_set_iv(const struct ccmode_cbc * mode,cccbc_iv * iv_ctx,const void * iv)113*aca3beaaSApple OSS Distributions CC_INLINE int cccbc_set_iv(const struct ccmode_cbc *mode, cccbc_iv *iv_ctx, const void *iv)
114*aca3beaaSApple OSS Distributions {
115*aca3beaaSApple OSS Distributions return iv ? cccbc_copy_iv(iv_ctx, iv, mode->block_size) : cccbc_clear_iv(iv_ctx, mode->block_size);
116*aca3beaaSApple OSS Distributions }
117*aca3beaaSApple OSS Distributions #endif
118*aca3beaaSApple OSS Distributions
cccbc_update(const struct ccmode_cbc * mode,cccbc_ctx * ctx,cccbc_iv * iv,size_t nblocks,const void * cc_indexable in,void * cc_indexable out)119*aca3beaaSApple OSS Distributions CC_INLINE int cccbc_update(const struct ccmode_cbc *mode, cccbc_ctx *ctx, cccbc_iv *iv, size_t nblocks, const void *cc_indexable in, void *cc_indexable out)
120*aca3beaaSApple OSS Distributions {
121*aca3beaaSApple OSS Distributions return mode->cbc(ctx, iv, nblocks, in, out);
122*aca3beaaSApple OSS Distributions }
123*aca3beaaSApple OSS Distributions
124*aca3beaaSApple OSS Distributions int cccbc_one_shot(const struct ccmode_cbc *mode,
125*aca3beaaSApple OSS Distributions size_t key_len,
126*aca3beaaSApple OSS Distributions const void *cc_sized_by(key_len) key,
127*aca3beaaSApple OSS Distributions const void *cc_sized_by(key_len) iv,
128*aca3beaaSApple OSS Distributions size_t nblocks,
129*aca3beaaSApple OSS Distributions const void *cc_indexable in,
130*aca3beaaSApple OSS Distributions void *cc_indexable out);
131*aca3beaaSApple OSS Distributions
132*aca3beaaSApple OSS Distributions /* CFB mode. */
133*aca3beaaSApple OSS Distributions
134*aca3beaaSApple OSS Distributions /* Declare a cfb key named _name_. Pass the size field of a struct ccmode_cfb
135*aca3beaaSApple OSS Distributions for _size_. */
136*aca3beaaSApple OSS Distributions #define cccfb_ctx_decl(_size_, _name_) cc_ctx_decl_vla(cccfb_ctx, _size_, _name_)
137*aca3beaaSApple OSS Distributions #define cccfb_ctx_clear(_size_, _name_) cc_clear(_size_, _name_)
138*aca3beaaSApple OSS Distributions
cccfb_context_size(const struct ccmode_cfb * mode)139*aca3beaaSApple OSS Distributions CC_INLINE size_t cccfb_context_size(const struct ccmode_cfb *mode)
140*aca3beaaSApple OSS Distributions {
141*aca3beaaSApple OSS Distributions return mode->size;
142*aca3beaaSApple OSS Distributions }
143*aca3beaaSApple OSS Distributions
cccfb_block_size(const struct ccmode_cfb * mode)144*aca3beaaSApple OSS Distributions CC_INLINE size_t cccfb_block_size(const struct ccmode_cfb *mode)
145*aca3beaaSApple OSS Distributions {
146*aca3beaaSApple OSS Distributions return mode->block_size;
147*aca3beaaSApple OSS Distributions }
148*aca3beaaSApple OSS Distributions
cccfb_init(const struct ccmode_cfb * mode,cccfb_ctx * ctx,size_t key_len,const void * cc_sized_by (key_len)key,const void * cc_indexable iv)149*aca3beaaSApple OSS Distributions CC_INLINE int cccfb_init(const struct ccmode_cfb *mode, cccfb_ctx *ctx, size_t key_len, const void *cc_sized_by(key_len) key, const void *cc_indexable iv)
150*aca3beaaSApple OSS Distributions {
151*aca3beaaSApple OSS Distributions return mode->init(mode, ctx, key_len, key, iv);
152*aca3beaaSApple OSS Distributions }
153*aca3beaaSApple OSS Distributions
cccfb_update(const struct ccmode_cfb * mode,cccfb_ctx * ctx,size_t nbytes,const void * cc_sized_by (nbytes)in,void * cc_sized_by (nbytes)out)154*aca3beaaSApple OSS Distributions CC_INLINE int cccfb_update(const struct ccmode_cfb *mode, cccfb_ctx *ctx, size_t nbytes, const void *cc_sized_by(nbytes) in, void *cc_sized_by(nbytes) out)
155*aca3beaaSApple OSS Distributions {
156*aca3beaaSApple OSS Distributions return mode->cfb(ctx, nbytes, in, out);
157*aca3beaaSApple OSS Distributions }
158*aca3beaaSApple OSS Distributions
cccfb_one_shot(const struct ccmode_cfb * mode,size_t key_len,const void * cc_sized_by (key_len)key,const void * cc_indexable iv,size_t nbytes,const void * cc_sized_by (nbytes)in,void * cc_sized_by (nbytes)out)159*aca3beaaSApple OSS Distributions CC_INLINE int cccfb_one_shot(const struct ccmode_cfb *mode,
160*aca3beaaSApple OSS Distributions size_t key_len,
161*aca3beaaSApple OSS Distributions const void *cc_sized_by(key_len) key,
162*aca3beaaSApple OSS Distributions const void *cc_indexable iv,
163*aca3beaaSApple OSS Distributions size_t nbytes,
164*aca3beaaSApple OSS Distributions const void *cc_sized_by(nbytes) in,
165*aca3beaaSApple OSS Distributions void *cc_sized_by(nbytes) out)
166*aca3beaaSApple OSS Distributions {
167*aca3beaaSApple OSS Distributions int rc;
168*aca3beaaSApple OSS Distributions cccfb_ctx_decl(mode->size, ctx);
169*aca3beaaSApple OSS Distributions rc = mode->init(mode, ctx, key_len, key, iv);
170*aca3beaaSApple OSS Distributions if (rc == 0) {
171*aca3beaaSApple OSS Distributions rc = mode->cfb(ctx, nbytes, in, out);
172*aca3beaaSApple OSS Distributions }
173*aca3beaaSApple OSS Distributions cccfb_ctx_clear(mode->size, ctx);
174*aca3beaaSApple OSS Distributions return rc;
175*aca3beaaSApple OSS Distributions }
176*aca3beaaSApple OSS Distributions
177*aca3beaaSApple OSS Distributions /* CFB8 mode. */
178*aca3beaaSApple OSS Distributions
179*aca3beaaSApple OSS Distributions /* Declare a cfb8 key named _name_. Pass the size field of a struct ccmode_cfb8
180*aca3beaaSApple OSS Distributions for _size_. */
181*aca3beaaSApple OSS Distributions #define cccfb8_ctx_decl(_size_, _name_) cc_ctx_decl_vla(cccfb8_ctx, _size_, _name_)
182*aca3beaaSApple OSS Distributions #define cccfb8_ctx_clear(_size_, _name_) cc_clear(_size_, _name_)
183*aca3beaaSApple OSS Distributions
cccfb8_context_size(const struct ccmode_cfb8 * mode)184*aca3beaaSApple OSS Distributions CC_INLINE size_t cccfb8_context_size(const struct ccmode_cfb8 *mode)
185*aca3beaaSApple OSS Distributions {
186*aca3beaaSApple OSS Distributions return mode->size;
187*aca3beaaSApple OSS Distributions }
188*aca3beaaSApple OSS Distributions
cccfb8_block_size(const struct ccmode_cfb8 * mode)189*aca3beaaSApple OSS Distributions CC_INLINE size_t cccfb8_block_size(const struct ccmode_cfb8 *mode)
190*aca3beaaSApple OSS Distributions {
191*aca3beaaSApple OSS Distributions return mode->block_size;
192*aca3beaaSApple OSS Distributions }
193*aca3beaaSApple OSS Distributions
cccfb8_init(const struct ccmode_cfb8 * mode,cccfb8_ctx * ctx,size_t key_len,const void * cc_sized_by (key_len)key,const void * cc_indexable iv)194*aca3beaaSApple OSS Distributions CC_INLINE int cccfb8_init(const struct ccmode_cfb8 *mode, cccfb8_ctx *ctx, size_t key_len, const void *cc_sized_by(key_len) key, const void *cc_indexable iv)
195*aca3beaaSApple OSS Distributions {
196*aca3beaaSApple OSS Distributions return mode->init(mode, ctx, key_len, key, iv);
197*aca3beaaSApple OSS Distributions }
198*aca3beaaSApple OSS Distributions
cccfb8_update(const struct ccmode_cfb8 * mode,cccfb8_ctx * ctx,size_t nbytes,const void * cc_sized_by (nbytes)in,void * cc_sized_by (nbytes)out)199*aca3beaaSApple OSS Distributions CC_INLINE int cccfb8_update(const struct ccmode_cfb8 *mode, cccfb8_ctx *ctx, size_t nbytes, const void *cc_sized_by(nbytes) in, void *cc_sized_by(nbytes) out)
200*aca3beaaSApple OSS Distributions {
201*aca3beaaSApple OSS Distributions return mode->cfb8(ctx, nbytes, in, out);
202*aca3beaaSApple OSS Distributions }
203*aca3beaaSApple OSS Distributions
cccfb8_one_shot(const struct ccmode_cfb8 * mode,size_t key_len,const void * cc_sized_by (key_len)key,const void * cc_indexable iv,size_t nbytes,const void * cc_sized_by (nbytes)in,void * cc_sized_by (nbytes)out)204*aca3beaaSApple OSS Distributions CC_INLINE int cccfb8_one_shot(const struct ccmode_cfb8 *mode,
205*aca3beaaSApple OSS Distributions size_t key_len,
206*aca3beaaSApple OSS Distributions const void *cc_sized_by(key_len) key,
207*aca3beaaSApple OSS Distributions const void *cc_indexable iv,
208*aca3beaaSApple OSS Distributions size_t nbytes,
209*aca3beaaSApple OSS Distributions const void *cc_sized_by(nbytes) in,
210*aca3beaaSApple OSS Distributions void *cc_sized_by(nbytes) out)
211*aca3beaaSApple OSS Distributions {
212*aca3beaaSApple OSS Distributions int rc;
213*aca3beaaSApple OSS Distributions cccfb8_ctx_decl(mode->size, ctx);
214*aca3beaaSApple OSS Distributions rc = mode->init(mode, ctx, key_len, key, iv);
215*aca3beaaSApple OSS Distributions if (rc == 0) {
216*aca3beaaSApple OSS Distributions rc = mode->cfb8(ctx, nbytes, in, out);
217*aca3beaaSApple OSS Distributions }
218*aca3beaaSApple OSS Distributions cccfb8_ctx_clear(mode->size, ctx);
219*aca3beaaSApple OSS Distributions return rc;
220*aca3beaaSApple OSS Distributions }
221*aca3beaaSApple OSS Distributions
222*aca3beaaSApple OSS Distributions /* CTR mode. */
223*aca3beaaSApple OSS Distributions
224*aca3beaaSApple OSS Distributions /* Declare a ctr key named _name_. Pass the size field of a struct ccmode_ctr
225*aca3beaaSApple OSS Distributions for _size_. */
226*aca3beaaSApple OSS Distributions #define ccctr_ctx_decl(_size_, _name_) cc_ctx_decl_vla(ccctr_ctx, _size_, _name_)
227*aca3beaaSApple OSS Distributions #define ccctr_ctx_clear(_size_, _name_) cc_clear(_size_, _name_)
228*aca3beaaSApple OSS Distributions
229*aca3beaaSApple OSS Distributions /* This is Integer Counter Mode: The IV is the initial value of the counter
230*aca3beaaSApple OSS Distributions that is incremented by 1 for each new block. Use the mode flags to select
231*aca3beaaSApple OSS Distributions if the IV/Counter is stored in big or little endian. */
232*aca3beaaSApple OSS Distributions
ccctr_context_size(const struct ccmode_ctr * mode)233*aca3beaaSApple OSS Distributions CC_INLINE size_t ccctr_context_size(const struct ccmode_ctr *mode)
234*aca3beaaSApple OSS Distributions {
235*aca3beaaSApple OSS Distributions return mode->size;
236*aca3beaaSApple OSS Distributions }
237*aca3beaaSApple OSS Distributions
ccctr_block_size(const struct ccmode_ctr * mode)238*aca3beaaSApple OSS Distributions CC_INLINE size_t ccctr_block_size(const struct ccmode_ctr *mode)
239*aca3beaaSApple OSS Distributions {
240*aca3beaaSApple OSS Distributions return mode->block_size;
241*aca3beaaSApple OSS Distributions }
242*aca3beaaSApple OSS Distributions
ccctr_init(const struct ccmode_ctr * mode,ccctr_ctx * ctx,size_t key_len,const void * cc_sized_by (key_len)key,const void * cc_indexable iv)243*aca3beaaSApple OSS Distributions CC_INLINE int ccctr_init(const struct ccmode_ctr *mode, ccctr_ctx *ctx, size_t key_len, const void *cc_sized_by(key_len) key, const void *cc_indexable iv)
244*aca3beaaSApple OSS Distributions {
245*aca3beaaSApple OSS Distributions return mode->init(mode, ctx, key_len, key, iv);
246*aca3beaaSApple OSS Distributions }
247*aca3beaaSApple OSS Distributions
ccctr_update(const struct ccmode_ctr * mode,ccctr_ctx * ctx,size_t nbytes,const void * cc_sized_by (nbytes)in,void * cc_sized_by (nbytes)out)248*aca3beaaSApple OSS Distributions CC_INLINE int ccctr_update(const struct ccmode_ctr *mode, ccctr_ctx *ctx, size_t nbytes, const void *cc_sized_by(nbytes) in, void *cc_sized_by(nbytes) out)
249*aca3beaaSApple OSS Distributions {
250*aca3beaaSApple OSS Distributions return mode->ctr(ctx, nbytes, in, out);
251*aca3beaaSApple OSS Distributions }
252*aca3beaaSApple OSS Distributions
ccctr_one_shot(const struct ccmode_ctr * mode,size_t key_len,const void * cc_sized_by (key_len)key,const void * cc_indexable iv,size_t nbytes,const void * cc_sized_by (nbytes)in,void * cc_sized_by (nbytes)out)253*aca3beaaSApple OSS Distributions CC_INLINE int ccctr_one_shot(const struct ccmode_ctr *mode,
254*aca3beaaSApple OSS Distributions size_t key_len,
255*aca3beaaSApple OSS Distributions const void *cc_sized_by(key_len) key,
256*aca3beaaSApple OSS Distributions const void *cc_indexable iv,
257*aca3beaaSApple OSS Distributions size_t nbytes,
258*aca3beaaSApple OSS Distributions const void *cc_sized_by(nbytes) in,
259*aca3beaaSApple OSS Distributions void *cc_sized_by(nbytes) out)
260*aca3beaaSApple OSS Distributions {
261*aca3beaaSApple OSS Distributions int rc;
262*aca3beaaSApple OSS Distributions ccctr_ctx_decl(mode->size, ctx);
263*aca3beaaSApple OSS Distributions rc = mode->init(mode, ctx, key_len, key, iv);
264*aca3beaaSApple OSS Distributions if (rc == 0) {
265*aca3beaaSApple OSS Distributions rc = mode->ctr(ctx, nbytes, in, out);
266*aca3beaaSApple OSS Distributions }
267*aca3beaaSApple OSS Distributions ccctr_ctx_clear(mode->size, ctx);
268*aca3beaaSApple OSS Distributions return rc;
269*aca3beaaSApple OSS Distributions }
270*aca3beaaSApple OSS Distributions
271*aca3beaaSApple OSS Distributions /* OFB mode. */
272*aca3beaaSApple OSS Distributions
273*aca3beaaSApple OSS Distributions /* Declare a ofb key named _name_. Pass the size field of a struct ccmode_ofb
274*aca3beaaSApple OSS Distributions for _size_. */
275*aca3beaaSApple OSS Distributions #define ccofb_ctx_decl(_size_, _name_) cc_ctx_decl_vla(ccofb_ctx, _size_, _name_)
276*aca3beaaSApple OSS Distributions #define ccofb_ctx_clear(_size_, _name_) cc_clear(_size_, _name_)
277*aca3beaaSApple OSS Distributions
ccofb_context_size(const struct ccmode_ofb * mode)278*aca3beaaSApple OSS Distributions CC_INLINE size_t ccofb_context_size(const struct ccmode_ofb *mode)
279*aca3beaaSApple OSS Distributions {
280*aca3beaaSApple OSS Distributions return mode->size;
281*aca3beaaSApple OSS Distributions }
282*aca3beaaSApple OSS Distributions
ccofb_block_size(const struct ccmode_ofb * mode)283*aca3beaaSApple OSS Distributions CC_INLINE size_t ccofb_block_size(const struct ccmode_ofb *mode)
284*aca3beaaSApple OSS Distributions {
285*aca3beaaSApple OSS Distributions return mode->block_size;
286*aca3beaaSApple OSS Distributions }
287*aca3beaaSApple OSS Distributions
ccofb_init(const struct ccmode_ofb * mode,ccofb_ctx * ctx,size_t key_len,const void * cc_sized_by (key_len)key,const void * cc_indexable iv)288*aca3beaaSApple OSS Distributions CC_INLINE int ccofb_init(const struct ccmode_ofb *mode, ccofb_ctx *ctx, size_t key_len, const void *cc_sized_by(key_len) key, const void *cc_indexable iv)
289*aca3beaaSApple OSS Distributions {
290*aca3beaaSApple OSS Distributions return mode->init(mode, ctx, key_len, key, iv);
291*aca3beaaSApple OSS Distributions }
292*aca3beaaSApple OSS Distributions
ccofb_update(const struct ccmode_ofb * mode,ccofb_ctx * ctx,size_t nbytes,const void * cc_sized_by (nbytes)in,void * cc_sized_by (nbytes)out)293*aca3beaaSApple OSS Distributions CC_INLINE int ccofb_update(const struct ccmode_ofb *mode, ccofb_ctx *ctx, size_t nbytes, const void *cc_sized_by(nbytes) in, void *cc_sized_by(nbytes) out)
294*aca3beaaSApple OSS Distributions {
295*aca3beaaSApple OSS Distributions return mode->ofb(ctx, nbytes, in, out);
296*aca3beaaSApple OSS Distributions }
297*aca3beaaSApple OSS Distributions
ccofb_one_shot(const struct ccmode_ofb * mode,size_t key_len,const void * cc_sized_by (key_len)key,const void * cc_indexable iv,size_t nbytes,const void * cc_sized_by (nbytes)in,void * cc_sized_by (nbytes)out)298*aca3beaaSApple OSS Distributions CC_INLINE int ccofb_one_shot(const struct ccmode_ofb *mode,
299*aca3beaaSApple OSS Distributions size_t key_len,
300*aca3beaaSApple OSS Distributions const void *cc_sized_by(key_len) key,
301*aca3beaaSApple OSS Distributions const void *cc_indexable iv,
302*aca3beaaSApple OSS Distributions size_t nbytes,
303*aca3beaaSApple OSS Distributions const void *cc_sized_by(nbytes) in,
304*aca3beaaSApple OSS Distributions void *cc_sized_by(nbytes) out)
305*aca3beaaSApple OSS Distributions {
306*aca3beaaSApple OSS Distributions int rc;
307*aca3beaaSApple OSS Distributions ccofb_ctx_decl(mode->size, ctx);
308*aca3beaaSApple OSS Distributions rc = mode->init(mode, ctx, key_len, key, iv);
309*aca3beaaSApple OSS Distributions if (rc == 0) {
310*aca3beaaSApple OSS Distributions rc = mode->ofb(ctx, nbytes, in, out);
311*aca3beaaSApple OSS Distributions }
312*aca3beaaSApple OSS Distributions ccofb_ctx_clear(mode->size, ctx);
313*aca3beaaSApple OSS Distributions return rc;
314*aca3beaaSApple OSS Distributions }
315*aca3beaaSApple OSS Distributions
316*aca3beaaSApple OSS Distributions /* XTS mode. */
317*aca3beaaSApple OSS Distributions
318*aca3beaaSApple OSS Distributions /* Declare a xts key named _name_. Pass the size field of a struct ccmode_xts
319*aca3beaaSApple OSS Distributions for _size_. */
320*aca3beaaSApple OSS Distributions #define ccxts_ctx_decl(_size_, _name_) cc_ctx_decl_vla(ccxts_ctx, _size_, _name_)
321*aca3beaaSApple OSS Distributions #define ccxts_ctx_clear(_size_, _name_) cc_clear(_size_, _name_)
322*aca3beaaSApple OSS Distributions
323*aca3beaaSApple OSS Distributions /* Declare a xts tweak named _name_. Pass the tweak_size field of a
324*aca3beaaSApple OSS Distributions struct ccmode_xts for _size_. */
325*aca3beaaSApple OSS Distributions #define ccxts_tweak_decl(_size_, _name_) cc_ctx_decl_vla(ccxts_tweak, _size_, _name_)
326*aca3beaaSApple OSS Distributions #define ccxts_tweak_clear(_size_, _name_) cc_clear(_size_, _name_)
327*aca3beaaSApple OSS Distributions
328*aca3beaaSApple OSS Distributions /* Actual symmetric algorithm implementation can provide you one of these.
329*aca3beaaSApple OSS Distributions
330*aca3beaaSApple OSS Distributions Alternatively you can create a ccmode_xts instance from any ccmode_ecb
331*aca3beaaSApple OSS Distributions cipher. To do so, statically initialize a struct ccmode_xts using the
332*aca3beaaSApple OSS Distributions CCMODE_FACTORY_XTS_DECRYPT or CCMODE_FACTORY_XTS_ENCRYPT macros. Alternatively
333*aca3beaaSApple OSS Distributions you can dynamically initialize a struct ccmode_xts
334*aca3beaaSApple OSS Distributions ccmode_factory_xts_decrypt() or ccmode_factory_xts_encrypt(). */
335*aca3beaaSApple OSS Distributions
336*aca3beaaSApple OSS Distributions /* NOTE that xts mode does not do cts padding. It's really an xex mode.
337*aca3beaaSApple OSS Distributions If you need cts padding use the ccpad_xts_encrypt and ccpad_xts_decrypt
338*aca3beaaSApple OSS Distributions functions. Also note that xts only works for ecb modes with a block_size
339*aca3beaaSApple OSS Distributions of 16. */
340*aca3beaaSApple OSS Distributions
ccxts_context_size(const struct ccmode_xts * mode)341*aca3beaaSApple OSS Distributions CC_INLINE size_t ccxts_context_size(const struct ccmode_xts *mode)
342*aca3beaaSApple OSS Distributions {
343*aca3beaaSApple OSS Distributions return mode->size;
344*aca3beaaSApple OSS Distributions }
345*aca3beaaSApple OSS Distributions
ccxts_block_size(const struct ccmode_xts * mode)346*aca3beaaSApple OSS Distributions CC_INLINE size_t ccxts_block_size(const struct ccmode_xts *mode)
347*aca3beaaSApple OSS Distributions {
348*aca3beaaSApple OSS Distributions return mode->block_size;
349*aca3beaaSApple OSS Distributions }
350*aca3beaaSApple OSS Distributions
351*aca3beaaSApple OSS Distributions /*!
352*aca3beaaSApple OSS Distributions @function ccxts_init
353*aca3beaaSApple OSS Distributions @abstract Initialize an XTS context.
354*aca3beaaSApple OSS Distributions
355*aca3beaaSApple OSS Distributions @param mode Descriptor for the mode
356*aca3beaaSApple OSS Distributions @param ctx Context for this instance
357*aca3beaaSApple OSS Distributions @param key_nbytes Length of the key arguments in bytes
358*aca3beaaSApple OSS Distributions @param data_key Key for data encryption
359*aca3beaaSApple OSS Distributions @param tweak_key Key for tweak generation
360*aca3beaaSApple OSS Distributions
361*aca3beaaSApple OSS Distributions @result 0 iff successful.
362*aca3beaaSApple OSS Distributions
363*aca3beaaSApple OSS Distributions @discussion For security reasons, the two keys must be different.
364*aca3beaaSApple OSS Distributions */
365*aca3beaaSApple OSS Distributions CC_INLINE int
ccxts_init(const struct ccmode_xts * mode,ccxts_ctx * ctx,size_t key_nbytes,const void * cc_sized_by (key_nbytes)data_key,const void * cc_sized_by (key_nbytes)tweak_key)366*aca3beaaSApple OSS Distributions ccxts_init(const struct ccmode_xts *mode, ccxts_ctx *ctx, size_t key_nbytes, const void *cc_sized_by(key_nbytes) data_key, const void *cc_sized_by(key_nbytes) tweak_key)
367*aca3beaaSApple OSS Distributions {
368*aca3beaaSApple OSS Distributions return mode->init(mode, ctx, key_nbytes, data_key, tweak_key);
369*aca3beaaSApple OSS Distributions }
370*aca3beaaSApple OSS Distributions
371*aca3beaaSApple OSS Distributions /*!
372*aca3beaaSApple OSS Distributions @function ccxts_set_tweak
373*aca3beaaSApple OSS Distributions @abstract Initialize the tweak for a sector.
374*aca3beaaSApple OSS Distributions
375*aca3beaaSApple OSS Distributions @param mode Descriptor for the mode
376*aca3beaaSApple OSS Distributions @param ctx Context for this instance
377*aca3beaaSApple OSS Distributions @param tweak Context for the tweak for this sector
378*aca3beaaSApple OSS Distributions @param iv Data used to generate the tweak
379*aca3beaaSApple OSS Distributions
380*aca3beaaSApple OSS Distributions @discussion The IV must be exactly one block in length.
381*aca3beaaSApple OSS Distributions */
ccxts_set_tweak(const struct ccmode_xts * mode,ccxts_ctx * ctx,ccxts_tweak * tweak,const void * cc_indexable iv)382*aca3beaaSApple OSS Distributions CC_INLINE int ccxts_set_tweak(const struct ccmode_xts *mode, ccxts_ctx *ctx, ccxts_tweak *tweak, const void *cc_indexable iv)
383*aca3beaaSApple OSS Distributions {
384*aca3beaaSApple OSS Distributions return mode->set_tweak(ctx, tweak, iv);
385*aca3beaaSApple OSS Distributions }
386*aca3beaaSApple OSS Distributions
387*aca3beaaSApple OSS Distributions /*!
388*aca3beaaSApple OSS Distributions @function ccxts_update
389*aca3beaaSApple OSS Distributions @abstract Encrypt or decrypt data.
390*aca3beaaSApple OSS Distributions
391*aca3beaaSApple OSS Distributions @param mode Descriptor for the mode
392*aca3beaaSApple OSS Distributions @param ctx Context for an instance
393*aca3beaaSApple OSS Distributions @param tweak Context for the tweak for this sector
394*aca3beaaSApple OSS Distributions @param nblocks Length of the data in blocks
395*aca3beaaSApple OSS Distributions @param in Input data
396*aca3beaaSApple OSS Distributions @param out Output buffer
397*aca3beaaSApple OSS Distributions
398*aca3beaaSApple OSS Distributions @result The updated internal buffer of the tweak context. May be ignored.
399*aca3beaaSApple OSS Distributions */
400*aca3beaaSApple OSS Distributions CC_INLINE void *cc_unsafe_indexable
ccxts_update(const struct ccmode_xts * mode,ccxts_ctx * ctx,ccxts_tweak * tweak,size_t nblocks,const void * cc_indexable in,void * cc_indexable out)401*aca3beaaSApple OSS Distributions ccxts_update(const struct ccmode_xts *mode, ccxts_ctx *ctx, ccxts_tweak *tweak, size_t nblocks, const void *cc_indexable in, void *cc_indexable out)
402*aca3beaaSApple OSS Distributions {
403*aca3beaaSApple OSS Distributions return mode->xts(ctx, tweak, nblocks, in, out);
404*aca3beaaSApple OSS Distributions }
405*aca3beaaSApple OSS Distributions
406*aca3beaaSApple OSS Distributions /*!
407*aca3beaaSApple OSS Distributions @function ccxts_one_shot
408*aca3beaaSApple OSS Distributions @abstract Encrypt or decrypt data in XTS mode.
409*aca3beaaSApple OSS Distributions
410*aca3beaaSApple OSS Distributions @param mode Descriptor for the mode
411*aca3beaaSApple OSS Distributions @param key_nbytes Length of the key arguments in bytes
412*aca3beaaSApple OSS Distributions @param data_key Key for data encryption
413*aca3beaaSApple OSS Distributions @param tweak_key Key for tweak generation
414*aca3beaaSApple OSS Distributions @param iv Data used to generate the tweak
415*aca3beaaSApple OSS Distributions @param nblocks Length of the data in blocks
416*aca3beaaSApple OSS Distributions @param in Input data
417*aca3beaaSApple OSS Distributions @param out Output buffer
418*aca3beaaSApple OSS Distributions
419*aca3beaaSApple OSS Distributions @result 0 iff successful.
420*aca3beaaSApple OSS Distributions
421*aca3beaaSApple OSS Distributions @discussion For security reasons, the two keys must be different.
422*aca3beaaSApple OSS Distributions */
423*aca3beaaSApple OSS Distributions int ccxts_one_shot(const struct ccmode_xts *mode,
424*aca3beaaSApple OSS Distributions size_t key_nbytes,
425*aca3beaaSApple OSS Distributions const void *cc_sized_by(key_nbytes) data_key,
426*aca3beaaSApple OSS Distributions const void *cc_sized_by(key_nbytes) tweak_key,
427*aca3beaaSApple OSS Distributions const void *cc_unsafe_indexable iv,
428*aca3beaaSApple OSS Distributions size_t nblocks,
429*aca3beaaSApple OSS Distributions const void *cc_unsafe_indexable in,
430*aca3beaaSApple OSS Distributions void *cc_unsafe_indexable out);
431*aca3beaaSApple OSS Distributions
432*aca3beaaSApple OSS Distributions /* Authenticated cipher modes. */
433*aca3beaaSApple OSS Distributions
434*aca3beaaSApple OSS Distributions /* GCM mode. */
435*aca3beaaSApple OSS Distributions
436*aca3beaaSApple OSS Distributions /* Declare a gcm key named _name_. Pass the size field of a struct ccmode_gcm
437*aca3beaaSApple OSS Distributions for _size_. */
438*aca3beaaSApple OSS Distributions #define ccgcm_ctx_decl(_size_, _name_) cc_ctx_decl_vla(ccgcm_ctx, _size_, _name_)
439*aca3beaaSApple OSS Distributions #define ccgcm_ctx_clear(_size_, _name_) cc_clear(_size_, _name_)
440*aca3beaaSApple OSS Distributions
441*aca3beaaSApple OSS Distributions #define CCGCM_IV_NBYTES 12
442*aca3beaaSApple OSS Distributions #define CCGCM_BLOCK_NBYTES 16
443*aca3beaaSApple OSS Distributions
444*aca3beaaSApple OSS Distributions /* (2^32 - 2) blocks */
445*aca3beaaSApple OSS Distributions /* (2^36 - 32) bytes */
446*aca3beaaSApple OSS Distributions /* (2^39 - 256) bits */
447*aca3beaaSApple OSS Distributions /* Exceeding this figure breaks confidentiality and authenticity. */
448*aca3beaaSApple OSS Distributions #define CCGCM_TEXT_MAX_NBYTES ((1ULL << 36) - 32ULL)
449*aca3beaaSApple OSS Distributions
ccgcm_context_size(const struct ccmode_gcm * mode)450*aca3beaaSApple OSS Distributions CC_INLINE size_t ccgcm_context_size(const struct ccmode_gcm *mode)
451*aca3beaaSApple OSS Distributions {
452*aca3beaaSApple OSS Distributions return mode->size;
453*aca3beaaSApple OSS Distributions }
454*aca3beaaSApple OSS Distributions
ccgcm_block_size(const struct ccmode_gcm * mode)455*aca3beaaSApple OSS Distributions CC_INLINE size_t ccgcm_block_size(const struct ccmode_gcm *mode)
456*aca3beaaSApple OSS Distributions {
457*aca3beaaSApple OSS Distributions return mode->block_size;
458*aca3beaaSApple OSS Distributions }
459*aca3beaaSApple OSS Distributions
460*aca3beaaSApple OSS Distributions /*!
461*aca3beaaSApple OSS Distributions @function ccgcm_init
462*aca3beaaSApple OSS Distributions @abstract Initialize a GCM context.
463*aca3beaaSApple OSS Distributions
464*aca3beaaSApple OSS Distributions @param mode Descriptor for the mode
465*aca3beaaSApple OSS Distributions @param ctx Context for this instance
466*aca3beaaSApple OSS Distributions @param key_nbytes Length of the key in bytes
467*aca3beaaSApple OSS Distributions @param key Key for the underlying blockcipher (AES)
468*aca3beaaSApple OSS Distributions
469*aca3beaaSApple OSS Distributions @result 0 iff successful.
470*aca3beaaSApple OSS Distributions
471*aca3beaaSApple OSS Distributions @discussion The correct sequence of calls is:
472*aca3beaaSApple OSS Distributions
473*aca3beaaSApple OSS Distributions @code ccgcm_init(...)
474*aca3beaaSApple OSS Distributions ccgcm_set_iv(...)
475*aca3beaaSApple OSS Distributions ccgcm_aad(...) (may be called zero or more times)
476*aca3beaaSApple OSS Distributions ccgcm_update(...) (may be called zero or more times)
477*aca3beaaSApple OSS Distributions ccgcm_finalize(...)
478*aca3beaaSApple OSS Distributions
479*aca3beaaSApple OSS Distributions To reuse the context for additional encryptions, follow this sequence:
480*aca3beaaSApple OSS Distributions
481*aca3beaaSApple OSS Distributions @code ccgcm_reset(...)
482*aca3beaaSApple OSS Distributions ccgcm_set_iv(...)
483*aca3beaaSApple OSS Distributions ccgcm_aad(...) (may be called zero or more times)
484*aca3beaaSApple OSS Distributions ccgcm_update(...) (may be called zero or more times)
485*aca3beaaSApple OSS Distributions ccgcm_finalize(...)
486*aca3beaaSApple OSS Distributions
487*aca3beaaSApple OSS Distributions @warning The key-IV pair must be unique per encryption. The IV must be nonzero in length.
488*aca3beaaSApple OSS Distributions
489*aca3beaaSApple OSS Distributions @warning It is not permitted to call @p ccgcm_inc_iv after initializing the cipher via the @p ccgcm_init interface. Nonzero is
490*aca3beaaSApple OSS Distributions returned in the event of an improper call sequence.
491*aca3beaaSApple OSS Distributions
492*aca3beaaSApple OSS Distributions @warning This function is not FIPS-compliant. Use @p ccgcm_init_with_iv instead.
493*aca3beaaSApple OSS Distributions */
ccgcm_init(const struct ccmode_gcm * mode,ccgcm_ctx * ctx,size_t key_nbytes,const void * cc_sized_by (key_nbytes)key)494*aca3beaaSApple OSS Distributions CC_INLINE int ccgcm_init(const struct ccmode_gcm *mode, ccgcm_ctx *ctx, size_t key_nbytes, const void *cc_sized_by(key_nbytes) key)
495*aca3beaaSApple OSS Distributions {
496*aca3beaaSApple OSS Distributions return mode->init(mode, ctx, key_nbytes, key);
497*aca3beaaSApple OSS Distributions }
498*aca3beaaSApple OSS Distributions
499*aca3beaaSApple OSS Distributions /*!
500*aca3beaaSApple OSS Distributions @function ccgcm_init_with_iv
501*aca3beaaSApple OSS Distributions @abstract Initialize a GCM context to manage IVs internally.
502*aca3beaaSApple OSS Distributions
503*aca3beaaSApple OSS Distributions @param mode Descriptor for the mode
504*aca3beaaSApple OSS Distributions @param ctx Context for this instance
505*aca3beaaSApple OSS Distributions @param key_nbytes Length of the key in bytes
506*aca3beaaSApple OSS Distributions @param key Key for the underlying blockcipher (AES)
507*aca3beaaSApple OSS Distributions @param iv IV for the first encryption
508*aca3beaaSApple OSS Distributions
509*aca3beaaSApple OSS Distributions @result 0 iff successful.
510*aca3beaaSApple OSS Distributions
511*aca3beaaSApple OSS Distributions @discussion The correct sequence of calls is:
512*aca3beaaSApple OSS Distributions
513*aca3beaaSApple OSS Distributions @code ccgcm_init_with_iv(...)
514*aca3beaaSApple OSS Distributions ccgcm_aad(...) (may be called zero or more times)
515*aca3beaaSApple OSS Distributions ccgcm_update(...) (may be called zero or more times)
516*aca3beaaSApple OSS Distributions ccgcm_finalize(...)
517*aca3beaaSApple OSS Distributions
518*aca3beaaSApple OSS Distributions To reuse the context for additional encryptions, follow this sequence:
519*aca3beaaSApple OSS Distributions
520*aca3beaaSApple OSS Distributions @code ccgcm_reset(...)
521*aca3beaaSApple OSS Distributions ccgcm_inc_iv(...)
522*aca3beaaSApple OSS Distributions ccgcm_aad(...) (may be called zero or more times)
523*aca3beaaSApple OSS Distributions ccgcm_update(...) (may be called zero or more times)
524*aca3beaaSApple OSS Distributions ccgcm_finalize(...)
525*aca3beaaSApple OSS Distributions
526*aca3beaaSApple OSS Distributions The IV must be exactly 12 bytes in length.
527*aca3beaaSApple OSS Distributions
528*aca3beaaSApple OSS Distributions Internally, the IV is treated as a four-byte salt followed by an eight-byte counter. This is to match the behavior of certain
529*aca3beaaSApple OSS Distributions protocols (e.g. TLS). In the call to @p ccgcm_inc_iv, the counter component will be interpreted as a big-endian, unsigned value
530*aca3beaaSApple OSS Distributions and incremented in place.
531*aca3beaaSApple OSS Distributions
532*aca3beaaSApple OSS Distributions @warning It is not permitted to call @p ccgcm_set_iv after initializing the cipher via the @p ccgcm_init_with_iv interface.
533*aca3beaaSApple OSS Distributions Nonzero is returned in the event of an improper call sequence.
534*aca3beaaSApple OSS Distributions
535*aca3beaaSApple OSS Distributions @warning The security of GCM depends on the uniqueness of key-IV pairs. To avoid key-IV repetition, callers should not initialize
536*aca3beaaSApple OSS Distributions multiple contexts with the same key material via the @p ccgcm_init_with_iv interface.
537*aca3beaaSApple OSS Distributions */
538*aca3beaaSApple OSS Distributions int ccgcm_init_with_iv(const struct ccmode_gcm *mode, ccgcm_ctx *ctx, size_t key_nbytes, const void *cc_sized_by(key_nbytes) key, const void *cc_unsafe_indexable iv);
539*aca3beaaSApple OSS Distributions
540*aca3beaaSApple OSS Distributions /*!
541*aca3beaaSApple OSS Distributions @function ccgcm_set_iv
542*aca3beaaSApple OSS Distributions @abstract Set the IV for encryption.
543*aca3beaaSApple OSS Distributions
544*aca3beaaSApple OSS Distributions @param mode Descriptor for the mode
545*aca3beaaSApple OSS Distributions @param ctx Context for this instance
546*aca3beaaSApple OSS Distributions @param iv_nbytes Length of the IV in bytes
547*aca3beaaSApple OSS Distributions @param iv Initialization vector
548*aca3beaaSApple OSS Distributions
549*aca3beaaSApple OSS Distributions @result 0 iff successful.
550*aca3beaaSApple OSS Distributions
551*aca3beaaSApple OSS Distributions @discussion Set the initialization vector for encryption.
552*aca3beaaSApple OSS Distributions
553*aca3beaaSApple OSS Distributions @warning The key-IV pair must be unique per encryption. The IV must be nonzero in length.
554*aca3beaaSApple OSS Distributions
555*aca3beaaSApple OSS Distributions In stateful protocols, if each packet exposes a guaranteed-unique value, it is recommended to format this as a 12-byte value for
556*aca3beaaSApple OSS Distributions use as the IV.
557*aca3beaaSApple OSS Distributions
558*aca3beaaSApple OSS Distributions In stateless protocols, it is recommended to choose a 16-byte value using a cryptographically-secure pseudorandom number
559*aca3beaaSApple OSS Distributions generator (e.g. @p ccrng).
560*aca3beaaSApple OSS Distributions
561*aca3beaaSApple OSS Distributions @warning This function may not be used after initializing the cipher via @p ccgcm_init_with_iv. Nonzero is returned in the event
562*aca3beaaSApple OSS Distributions of an improper call sequence.
563*aca3beaaSApple OSS Distributions
564*aca3beaaSApple OSS Distributions @warning This function is not FIPS-compliant. Use @p ccgcm_init_with_iv instead.
565*aca3beaaSApple OSS Distributions */
ccgcm_set_iv(const struct ccmode_gcm * mode,ccgcm_ctx * ctx,size_t iv_nbytes,const void * cc_sized_by (iv_nbytes)iv)566*aca3beaaSApple OSS Distributions CC_INLINE int ccgcm_set_iv(const struct ccmode_gcm *mode, ccgcm_ctx *ctx, size_t iv_nbytes, const void *cc_sized_by(iv_nbytes) iv)
567*aca3beaaSApple OSS Distributions {
568*aca3beaaSApple OSS Distributions return mode->set_iv(ctx, iv_nbytes, iv);
569*aca3beaaSApple OSS Distributions }
570*aca3beaaSApple OSS Distributions
571*aca3beaaSApple OSS Distributions /*!
572*aca3beaaSApple OSS Distributions @function ccgcm_set_iv_legacy
573*aca3beaaSApple OSS Distributions @abstract Set the IV for encryption.
574*aca3beaaSApple OSS Distributions
575*aca3beaaSApple OSS Distributions @param mode Descriptor for the mode
576*aca3beaaSApple OSS Distributions @param ctx Context for this instance
577*aca3beaaSApple OSS Distributions @param iv_nbytes Length of the IV in bytes
578*aca3beaaSApple OSS Distributions @param iv Initialization vector
579*aca3beaaSApple OSS Distributions
580*aca3beaaSApple OSS Distributions @result 0 iff successful.
581*aca3beaaSApple OSS Distributions
582*aca3beaaSApple OSS Distributions @discussion Identical to @p ccgcm_set_iv except that it allows zero-length IVs.
583*aca3beaaSApple OSS Distributions
584*aca3beaaSApple OSS Distributions @warning Zero-length IVs nullify the authenticity guarantees of GCM.
585*aca3beaaSApple OSS Distributions
586*aca3beaaSApple OSS Distributions @warning Do not use this function in new applications.
587*aca3beaaSApple OSS Distributions */
588*aca3beaaSApple OSS Distributions int ccgcm_set_iv_legacy(const struct ccmode_gcm *mode, ccgcm_ctx *ctx, size_t iv_nbytes, const void *cc_sized_by(iv_nbytes) iv);
589*aca3beaaSApple OSS Distributions
590*aca3beaaSApple OSS Distributions /*!
591*aca3beaaSApple OSS Distributions @function ccgcm_inc_iv
592*aca3beaaSApple OSS Distributions @abstract Increment the IV for another encryption.
593*aca3beaaSApple OSS Distributions
594*aca3beaaSApple OSS Distributions @param mode Descriptor for the mode
595*aca3beaaSApple OSS Distributions @param ctx Context for this instance
596*aca3beaaSApple OSS Distributions @param iv Updated initialization vector
597*aca3beaaSApple OSS Distributions
598*aca3beaaSApple OSS Distributions @result 0 iff successful.
599*aca3beaaSApple OSS Distributions
600*aca3beaaSApple OSS Distributions @discussion Updates the IV internally for another encryption.
601*aca3beaaSApple OSS Distributions
602*aca3beaaSApple OSS Distributions Internally, the IV is treated as a four-byte salt followed by an eight-byte counter. This is to match the behavior of certain
603*aca3beaaSApple OSS Distributions protocols (e.g. TLS). The counter component is interpreted as a big-endian, unsigned value and incremented in place.
604*aca3beaaSApple OSS Distributions
605*aca3beaaSApple OSS Distributions The updated IV is copied to @p iv. This is to support protocols that require part of the IV to be specified explicitly in each
606*aca3beaaSApple OSS Distributions packet (e.g. TLS).
607*aca3beaaSApple OSS Distributions
608*aca3beaaSApple OSS Distributions @warning This function may be used only after initializing the cipher via @p ccgcm_init_with_iv.
609*aca3beaaSApple OSS Distributions */
610*aca3beaaSApple OSS Distributions int ccgcm_inc_iv(const struct ccmode_gcm *mode, ccgcm_ctx *ctx, void *cc_unsafe_indexable iv);
611*aca3beaaSApple OSS Distributions
612*aca3beaaSApple OSS Distributions /*!
613*aca3beaaSApple OSS Distributions @function ccgcm_aad
614*aca3beaaSApple OSS Distributions @abstract Authenticate additional data.
615*aca3beaaSApple OSS Distributions
616*aca3beaaSApple OSS Distributions @param mode Descriptor for the mode
617*aca3beaaSApple OSS Distributions @param ctx Context for this instance
618*aca3beaaSApple OSS Distributions @param nbytes Length of the additional data in bytes
619*aca3beaaSApple OSS Distributions @param additional_data Additional data to authenticate
620*aca3beaaSApple OSS Distributions
621*aca3beaaSApple OSS Distributions @result 0 iff successful.
622*aca3beaaSApple OSS Distributions
623*aca3beaaSApple OSS Distributions @discussion This is typically used to authenticate data that cannot be encrypted (e.g. packet headers).
624*aca3beaaSApple OSS Distributions
625*aca3beaaSApple OSS Distributions This function may be called zero or more times.
626*aca3beaaSApple OSS Distributions */
ccgcm_aad(const struct ccmode_gcm * mode,ccgcm_ctx * ctx,size_t nbytes,const void * cc_sized_by (nbytes)additional_data)627*aca3beaaSApple OSS Distributions CC_INLINE int ccgcm_aad(const struct ccmode_gcm *mode, ccgcm_ctx *ctx, size_t nbytes, const void *cc_sized_by(nbytes) additional_data)
628*aca3beaaSApple OSS Distributions {
629*aca3beaaSApple OSS Distributions return mode->gmac(ctx, nbytes, additional_data);
630*aca3beaaSApple OSS Distributions }
631*aca3beaaSApple OSS Distributions
632*aca3beaaSApple OSS Distributions /*!
633*aca3beaaSApple OSS Distributions @function ccgcm_gmac
634*aca3beaaSApple OSS Distributions
635*aca3beaaSApple OSS Distributions @discussion ccgcm_gmac is deprecated. Use the drop-in replacement 'ccgcm_aad' instead.
636*aca3beaaSApple OSS Distributions */
ccgcm_gmac(const struct ccmode_gcm * mode,ccgcm_ctx * ctx,size_t nbytes,const void * cc_sized_by (nbytes)in)637*aca3beaaSApple OSS Distributions CC_INLINE int ccgcm_gmac (const struct ccmode_gcm *mode, ccgcm_ctx *ctx, size_t nbytes, const void *cc_sized_by(nbytes) in)
638*aca3beaaSApple OSS Distributions cc_deprecate_with_replacement("ccgcm_aad", 13.0, 10.15, 13.0, 6.0, 4.0)
639*aca3beaaSApple OSS Distributions {
640*aca3beaaSApple OSS Distributions return mode->gmac(ctx, nbytes, in);
641*aca3beaaSApple OSS Distributions }
642*aca3beaaSApple OSS Distributions
643*aca3beaaSApple OSS Distributions /*!
644*aca3beaaSApple OSS Distributions @function ccgcm_update
645*aca3beaaSApple OSS Distributions @abstract Encrypt or decrypt data.
646*aca3beaaSApple OSS Distributions
647*aca3beaaSApple OSS Distributions @param mode Descriptor for the mode
648*aca3beaaSApple OSS Distributions @param ctx Context for this instance
649*aca3beaaSApple OSS Distributions @param nbytes Length of the data in bytes
650*aca3beaaSApple OSS Distributions @param in Input plaintext or ciphertext
651*aca3beaaSApple OSS Distributions @param out Output ciphertext or plaintext
652*aca3beaaSApple OSS Distributions
653*aca3beaaSApple OSS Distributions @result 0 iff successful.
654*aca3beaaSApple OSS Distributions
655*aca3beaaSApple OSS Distributions @discussion In-place processing is supported.
656*aca3beaaSApple OSS Distributions
657*aca3beaaSApple OSS Distributions This function may be called zero or more times.
658*aca3beaaSApple OSS Distributions */
ccgcm_update(const struct ccmode_gcm * mode,ccgcm_ctx * ctx,size_t nbytes,const void * cc_sized_by (nbytes)in,void * cc_sized_by (nbytes)out)659*aca3beaaSApple OSS Distributions CC_INLINE int ccgcm_update(const struct ccmode_gcm *mode, ccgcm_ctx *ctx, size_t nbytes, const void *cc_sized_by(nbytes) in, void *cc_sized_by(nbytes) out)
660*aca3beaaSApple OSS Distributions {
661*aca3beaaSApple OSS Distributions return mode->gcm(ctx, nbytes, in, out);
662*aca3beaaSApple OSS Distributions }
663*aca3beaaSApple OSS Distributions
664*aca3beaaSApple OSS Distributions /*!
665*aca3beaaSApple OSS Distributions @function ccgcm_finalize
666*aca3beaaSApple OSS Distributions @abstract Finish processing and authenticate.
667*aca3beaaSApple OSS Distributions
668*aca3beaaSApple OSS Distributions @param mode Descriptor for the mode
669*aca3beaaSApple OSS Distributions @param ctx Context for this instance
670*aca3beaaSApple OSS Distributions @param tag_nbytes Length of the tag in bytes
671*aca3beaaSApple OSS Distributions @param tag Authentication tag
672*aca3beaaSApple OSS Distributions
673*aca3beaaSApple OSS Distributions @result 0 iff successful.
674*aca3beaaSApple OSS Distributions
675*aca3beaaSApple OSS Distributions @discussion Finish processing a packet and generate the authentication tag.
676*aca3beaaSApple OSS Distributions
677*aca3beaaSApple OSS Distributions On encryption, @p tag is purely an output parameter. The generated tag is written to @p tag.
678*aca3beaaSApple OSS Distributions
679*aca3beaaSApple OSS Distributions On decryption, @p tag is both an input and an output parameter. Well-behaved callers should provide the authentication tag
680*aca3beaaSApple OSS Distributions generated during encryption. The function will return nonzero if the input tag does not match the generated tag. The generated
681*aca3beaaSApple OSS Distributions tag will be written into the @p tag buffer whether authentication succeeds or fails.
682*aca3beaaSApple OSS Distributions
683*aca3beaaSApple OSS Distributions @warning The generated tag is written to @p tag to support legacy applications that perform authentication manually. Do not
684*aca3beaaSApple OSS Distributions follow this usage pattern in new applications. Rely on the function's error code to verify authenticity.
685*aca3beaaSApple OSS Distributions */
ccgcm_finalize(const struct ccmode_gcm * mode,ccgcm_ctx * ctx,size_t tag_nbytes,void * cc_sized_by (tag_nbytes)tag)686*aca3beaaSApple OSS Distributions CC_INLINE int ccgcm_finalize(const struct ccmode_gcm *mode, ccgcm_ctx *ctx, size_t tag_nbytes, void *cc_sized_by(tag_nbytes) tag)
687*aca3beaaSApple OSS Distributions {
688*aca3beaaSApple OSS Distributions return mode->finalize(ctx, tag_nbytes, tag);
689*aca3beaaSApple OSS Distributions }
690*aca3beaaSApple OSS Distributions
691*aca3beaaSApple OSS Distributions /*!
692*aca3beaaSApple OSS Distributions @function ccgcm_reset
693*aca3beaaSApple OSS Distributions @abstract Reset the context for another encryption.
694*aca3beaaSApple OSS Distributions
695*aca3beaaSApple OSS Distributions @param mode Descriptor for the mode
696*aca3beaaSApple OSS Distributions @param ctx Context for this instance
697*aca3beaaSApple OSS Distributions
698*aca3beaaSApple OSS Distributions @result 0 iff successful.
699*aca3beaaSApple OSS Distributions
700*aca3beaaSApple OSS Distributions @discussion Refer to @p ccgcm_init for correct usage.
701*aca3beaaSApple OSS Distributions */
ccgcm_reset(const struct ccmode_gcm * mode,ccgcm_ctx * ctx)702*aca3beaaSApple OSS Distributions CC_INLINE int ccgcm_reset(const struct ccmode_gcm *mode, ccgcm_ctx *ctx)
703*aca3beaaSApple OSS Distributions {
704*aca3beaaSApple OSS Distributions return mode->reset(ctx);
705*aca3beaaSApple OSS Distributions }
706*aca3beaaSApple OSS Distributions
707*aca3beaaSApple OSS Distributions /*!
708*aca3beaaSApple OSS Distributions @function ccgcm_one_shot
709*aca3beaaSApple OSS Distributions @abstract Encrypt or decrypt with GCM.
710*aca3beaaSApple OSS Distributions
711*aca3beaaSApple OSS Distributions @param mode Descriptor for the mode
712*aca3beaaSApple OSS Distributions @param key_nbytes Length of the key in bytes
713*aca3beaaSApple OSS Distributions @param key Key for the underlying blockcipher (AES)
714*aca3beaaSApple OSS Distributions @param iv_nbytes Length of the IV in bytes
715*aca3beaaSApple OSS Distributions @param iv Initialization vector
716*aca3beaaSApple OSS Distributions @param adata_nbytes Length of the additional data in bytes
717*aca3beaaSApple OSS Distributions @param adata Additional data to authenticate
718*aca3beaaSApple OSS Distributions @param nbytes Length of the data in bytes
719*aca3beaaSApple OSS Distributions @param in Input plaintext or ciphertext
720*aca3beaaSApple OSS Distributions @param out Output ciphertext or plaintext
721*aca3beaaSApple OSS Distributions @param tag_nbytes Length of the tag in bytes
722*aca3beaaSApple OSS Distributions @param tag Authentication tag
723*aca3beaaSApple OSS Distributions
724*aca3beaaSApple OSS Distributions @result 0 iff successful.
725*aca3beaaSApple OSS Distributions
726*aca3beaaSApple OSS Distributions @discussion Perform GCM encryption or decryption.
727*aca3beaaSApple OSS Distributions
728*aca3beaaSApple OSS Distributions @warning The key-IV pair must be unique per encryption. The IV must be nonzero in length.
729*aca3beaaSApple OSS Distributions
730*aca3beaaSApple OSS Distributions In stateful protocols, if each packet exposes a guaranteed-unique value, it is recommended to format this as a 12-byte value for
731*aca3beaaSApple OSS Distributions use as the IV.
732*aca3beaaSApple OSS Distributions
733*aca3beaaSApple OSS Distributions In stateless protocols, it is recommended to choose a 16-byte value using a cryptographically-secure pseudorandom number
734*aca3beaaSApple OSS Distributions generator (e.g. @p ccrng).
735*aca3beaaSApple OSS Distributions
736*aca3beaaSApple OSS Distributions In-place processing is supported.
737*aca3beaaSApple OSS Distributions
738*aca3beaaSApple OSS Distributions On encryption, @p tag is purely an output parameter. The generated tag is written to @p tag.
739*aca3beaaSApple OSS Distributions
740*aca3beaaSApple OSS Distributions On decryption, @p tag is primarily an input parameter. The caller should provide the authentication tag generated during
741*aca3beaaSApple OSS Distributions encryption. The function will return nonzero if the input tag does not match the generated tag.
742*aca3beaaSApple OSS Distributions
743*aca3beaaSApple OSS Distributions @warning To support legacy applications, @p tag is also an output parameter during decryption. The generated tag is written to @p
744*aca3beaaSApple OSS Distributions tag. Legacy callers may choose to compare this to the tag generated during encryption. Do not follow this usage pattern in new
745*aca3beaaSApple OSS Distributions applications.
746*aca3beaaSApple OSS Distributions */
747*aca3beaaSApple OSS Distributions int ccgcm_one_shot(const struct ccmode_gcm *mode,
748*aca3beaaSApple OSS Distributions size_t key_nbytes,
749*aca3beaaSApple OSS Distributions const void *cc_sized_by(key_nbytes) key,
750*aca3beaaSApple OSS Distributions size_t iv_nbytes,
751*aca3beaaSApple OSS Distributions const void *cc_sized_by(iv_nbytes) iv,
752*aca3beaaSApple OSS Distributions size_t adata_nbytes,
753*aca3beaaSApple OSS Distributions const void *cc_sized_by(adata_nbytes) adata,
754*aca3beaaSApple OSS Distributions size_t nbytes,
755*aca3beaaSApple OSS Distributions const void *cc_sized_by(nbytes) in,
756*aca3beaaSApple OSS Distributions void *cc_sized_by(nbytes) out,
757*aca3beaaSApple OSS Distributions size_t tag_nbytes,
758*aca3beaaSApple OSS Distributions void *cc_sized_by(tag_nbytes) tag);
759*aca3beaaSApple OSS Distributions
760*aca3beaaSApple OSS Distributions /*!
761*aca3beaaSApple OSS Distributions @function ccgcm_one_shot_legacy
762*aca3beaaSApple OSS Distributions @abstract Encrypt or decrypt with GCM.
763*aca3beaaSApple OSS Distributions
764*aca3beaaSApple OSS Distributions @param mode Descriptor for the mode
765*aca3beaaSApple OSS Distributions @param key_nbytes Length of the key in bytes
766*aca3beaaSApple OSS Distributions @param key Key for the underlying blockcipher (AES)
767*aca3beaaSApple OSS Distributions @param iv_nbytes Length of the IV in bytes
768*aca3beaaSApple OSS Distributions @param iv Initialization vector
769*aca3beaaSApple OSS Distributions @param adata_nbytes Length of the additional data in bytes
770*aca3beaaSApple OSS Distributions @param adata Additional data to authenticate
771*aca3beaaSApple OSS Distributions @param nbytes Length of the data in bytes
772*aca3beaaSApple OSS Distributions @param in Input plaintext or ciphertext
773*aca3beaaSApple OSS Distributions @param out Output ciphertext or plaintext
774*aca3beaaSApple OSS Distributions @param tag_nbytes Length of the tag in bytes
775*aca3beaaSApple OSS Distributions @param tag Authentication tag
776*aca3beaaSApple OSS Distributions
777*aca3beaaSApple OSS Distributions @result 0 iff successful.
778*aca3beaaSApple OSS Distributions
779*aca3beaaSApple OSS Distributions @discussion Identical to @p ccgcm_one_shot except that it allows zero-length IVs.
780*aca3beaaSApple OSS Distributions
781*aca3beaaSApple OSS Distributions @warning Zero-length IVs nullify the authenticity guarantees of GCM.
782*aca3beaaSApple OSS Distributions
783*aca3beaaSApple OSS Distributions @warning Do not use this function in new applications.
784*aca3beaaSApple OSS Distributions */
785*aca3beaaSApple OSS Distributions int ccgcm_one_shot_legacy(const struct ccmode_gcm *mode,
786*aca3beaaSApple OSS Distributions size_t key_nbytes,
787*aca3beaaSApple OSS Distributions const void *cc_sized_by(key_nbytes) key,
788*aca3beaaSApple OSS Distributions size_t iv_nbytes,
789*aca3beaaSApple OSS Distributions const void *cc_sized_by(iv_nbytes) iv,
790*aca3beaaSApple OSS Distributions size_t adata_nbytes,
791*aca3beaaSApple OSS Distributions const void *cc_sized_by(adata_nbytes) adata,
792*aca3beaaSApple OSS Distributions size_t nbytes,
793*aca3beaaSApple OSS Distributions const void *cc_sized_by(nbytes) in,
794*aca3beaaSApple OSS Distributions void *cc_sized_by(nbytes) out,
795*aca3beaaSApple OSS Distributions size_t tag_nbytes,
796*aca3beaaSApple OSS Distributions void *cc_sized_by(tag_nbytes) tag);
797*aca3beaaSApple OSS Distributions
798*aca3beaaSApple OSS Distributions /* CCM */
799*aca3beaaSApple OSS Distributions #define CCM_MAX_TAG_SIZE 16
800*aca3beaaSApple OSS Distributions #define ccccm_ctx_decl(_size_, _name_) cc_ctx_decl_vla(ccccm_ctx, _size_, _name_)
801*aca3beaaSApple OSS Distributions #define ccccm_ctx_clear(_size_, _name_) cc_clear(_size_, _name_)
802*aca3beaaSApple OSS Distributions
803*aca3beaaSApple OSS Distributions /* Declare a ccm nonce named _name_. Pass the mode->nonce_ctx_size for _size_. */
804*aca3beaaSApple OSS Distributions #define ccccm_nonce_decl(_size_, _name_) cc_ctx_decl_vla(ccccm_nonce, _size_, _name_)
805*aca3beaaSApple OSS Distributions #define ccccm_nonce_clear(_size_, _name_) cc_clear(_size_, _name_)
806*aca3beaaSApple OSS Distributions
ccccm_context_size(const struct ccmode_ccm * mode)807*aca3beaaSApple OSS Distributions CC_INLINE size_t ccccm_context_size(const struct ccmode_ccm *mode)
808*aca3beaaSApple OSS Distributions {
809*aca3beaaSApple OSS Distributions return mode->size;
810*aca3beaaSApple OSS Distributions }
811*aca3beaaSApple OSS Distributions
ccccm_block_size(const struct ccmode_ccm * mode)812*aca3beaaSApple OSS Distributions CC_INLINE size_t ccccm_block_size(const struct ccmode_ccm *mode)
813*aca3beaaSApple OSS Distributions {
814*aca3beaaSApple OSS Distributions return mode->block_size;
815*aca3beaaSApple OSS Distributions }
816*aca3beaaSApple OSS Distributions
817*aca3beaaSApple OSS Distributions /// Initialize a ccm authenticated encryption/decryption mode
818*aca3beaaSApple OSS Distributions /// @param mode mode descriptor
819*aca3beaaSApple OSS Distributions /// @param ctx context for this instance
820*aca3beaaSApple OSS Distributions /// @param key_len length in bytes of key provided
821*aca3beaaSApple OSS Distributions /// @param key bytes defining key
ccccm_init(const struct ccmode_ccm * mode,ccccm_ctx * ctx,size_t key_len,const void * cc_sized_by (key_len)key)822*aca3beaaSApple OSS Distributions CC_INLINE int ccccm_init(const struct ccmode_ccm *mode, ccccm_ctx *ctx, size_t key_len, const void *cc_sized_by(key_len) key)
823*aca3beaaSApple OSS Distributions {
824*aca3beaaSApple OSS Distributions return mode->init(mode, ctx, key_len, key);
825*aca3beaaSApple OSS Distributions }
826*aca3beaaSApple OSS Distributions
827*aca3beaaSApple OSS Distributions /// Set the initialization value/nonce for the ccm authenticated encryption/decryption
828*aca3beaaSApple OSS Distributions /// @param mode mode descriptor
829*aca3beaaSApple OSS Distributions /// @param ctx context for this ccm instance
830*aca3beaaSApple OSS Distributions /// @param nonce_ctx context for this nonce
831*aca3beaaSApple OSS Distributions /// @param nonce_len length in bytes of cmac nonce/iv
832*aca3beaaSApple OSS Distributions /// @param nonce bytes defining none
833*aca3beaaSApple OSS Distributions /// @param mac_size length in bytes of mac tag
834*aca3beaaSApple OSS Distributions /// @param auth_len length in bytes of authenticating data
835*aca3beaaSApple OSS Distributions /// @param data_len length in bytes of plaintext
ccccm_set_iv(const struct ccmode_ccm * mode,ccccm_ctx * ctx,ccccm_nonce * nonce_ctx,size_t nonce_len,const void * cc_sized_by (nonce_len)nonce,size_t mac_size,size_t auth_len,size_t data_len)836*aca3beaaSApple OSS Distributions CC_INLINE int ccccm_set_iv(const struct ccmode_ccm *mode,
837*aca3beaaSApple OSS Distributions ccccm_ctx *ctx,
838*aca3beaaSApple OSS Distributions ccccm_nonce *nonce_ctx,
839*aca3beaaSApple OSS Distributions size_t nonce_len,
840*aca3beaaSApple OSS Distributions const void *cc_sized_by(nonce_len) nonce,
841*aca3beaaSApple OSS Distributions size_t mac_size,
842*aca3beaaSApple OSS Distributions size_t auth_len,
843*aca3beaaSApple OSS Distributions size_t data_len)
844*aca3beaaSApple OSS Distributions {
845*aca3beaaSApple OSS Distributions return mode->set_iv(ctx, nonce_ctx, nonce_len, nonce, mac_size, auth_len, data_len);
846*aca3beaaSApple OSS Distributions }
847*aca3beaaSApple OSS Distributions
848*aca3beaaSApple OSS Distributions /// (Deprecated) Add associated data to the ccm authenticated encryption/decryption
849*aca3beaaSApple OSS Distributions /// @param mode mode descriptor
850*aca3beaaSApple OSS Distributions /// @param ctx context for this ccm instance
851*aca3beaaSApple OSS Distributions /// @param nonce_ctx context for this nonce
852*aca3beaaSApple OSS Distributions /// @param nbytes nbytes length in bytes of associated data being provided in this invocation
853*aca3beaaSApple OSS Distributions /// @param in authenticated data being provided in this invocation
ccccm_cbcmac(const struct ccmode_ccm * mode,ccccm_ctx * ctx,ccccm_nonce * nonce_ctx,size_t nbytes,const void * cc_sized_by (nbytes)in)854*aca3beaaSApple OSS Distributions CC_INLINE int ccccm_cbcmac(const struct ccmode_ccm *mode, ccccm_ctx *ctx, ccccm_nonce *nonce_ctx, size_t nbytes, const void *cc_sized_by(nbytes) in)
855*aca3beaaSApple OSS Distributions {
856*aca3beaaSApple OSS Distributions return mode->cbcmac(ctx, nonce_ctx, nbytes, in);
857*aca3beaaSApple OSS Distributions }
858*aca3beaaSApple OSS Distributions
859*aca3beaaSApple OSS Distributions ///Add associated data to the ccm authenticated encryption/decryption
860*aca3beaaSApple OSS Distributions /// @param mode mode descriptor
861*aca3beaaSApple OSS Distributions /// @param ctx context for this ccm instance
862*aca3beaaSApple OSS Distributions /// @param nonce_ctx context for this nonce
863*aca3beaaSApple OSS Distributions /// @param ad_nbytes nbytes length in bytes of associated data being provided in this invocation
864*aca3beaaSApple OSS Distributions /// @param ad authenticated data being provided in this invocation
ccccm_aad(const struct ccmode_ccm * mode,ccccm_ctx * ctx,ccccm_nonce * nonce_ctx,size_t ad_nbytes,const uint8_t * cc_sized_by (ad_nbytes)ad)865*aca3beaaSApple OSS Distributions CC_INLINE int ccccm_aad(const struct ccmode_ccm *mode, ccccm_ctx *ctx, ccccm_nonce *nonce_ctx, size_t ad_nbytes, const uint8_t *cc_sized_by(ad_nbytes) ad)
866*aca3beaaSApple OSS Distributions {
867*aca3beaaSApple OSS Distributions return mode->cbcmac(ctx, nonce_ctx, ad_nbytes, ad);
868*aca3beaaSApple OSS Distributions }
869*aca3beaaSApple OSS Distributions
870*aca3beaaSApple OSS Distributions /// Add plaintext data to the ccm authenticated encryption/decryption
871*aca3beaaSApple OSS Distributions /// @param mode mode descriptor
872*aca3beaaSApple OSS Distributions /// @param ctx context for this ccm instance
873*aca3beaaSApple OSS Distributions /// @param nonce_ctx context for this nonce
874*aca3beaaSApple OSS Distributions /// @param nbytes length in bytes of both plaintext and encrypted plaintext
875*aca3beaaSApple OSS Distributions /// @param in In encryption mode plaintext data, in decryption mode encrypted plaintext data.
876*aca3beaaSApple OSS Distributions /// @param out in encryption mode resulting encrypted plaintext data. In decryption mode resulting plaintext data
ccccm_update(const struct ccmode_ccm * mode,ccccm_ctx * ctx,ccccm_nonce * nonce_ctx,size_t nbytes,const void * cc_sized_by (nbytes)in,void * cc_sized_by (nbytes)out)877*aca3beaaSApple OSS Distributions CC_INLINE int ccccm_update(const struct ccmode_ccm *mode, ccccm_ctx *ctx, ccccm_nonce *nonce_ctx, size_t nbytes, const void *cc_sized_by(nbytes) in, void *cc_sized_by(nbytes) out)
878*aca3beaaSApple OSS Distributions {
879*aca3beaaSApple OSS Distributions return mode->ccm(ctx, nonce_ctx, nbytes, in, out);
880*aca3beaaSApple OSS Distributions }
881*aca3beaaSApple OSS Distributions
882*aca3beaaSApple OSS Distributions /// Add plaintext data to the ccm authenticated encryption
883*aca3beaaSApple OSS Distributions /// @param mode mode descriptor
884*aca3beaaSApple OSS Distributions /// @param ctx context for this ccm instance
885*aca3beaaSApple OSS Distributions /// @param nonce_ctx context for this nonce
886*aca3beaaSApple OSS Distributions /// @param nbytes length in bytes of both plaintext and encrypted plaintext
887*aca3beaaSApple OSS Distributions /// @param plaintext In encryption mode plaintext data, in decryption mode encrypted plaintext data.
888*aca3beaaSApple OSS Distributions /// @param encrypted_plaintext in encryption mode resulting encrypted plaintext data. In decryption mode resulting plaintext data
889*aca3beaaSApple OSS Distributions int ccccm_encrypt(const struct ccmode_ccm *mode, ccccm_ctx *ctx, ccccm_nonce *nonce_ctx, size_t nbytes, const uint8_t *cc_sized_by(nbytes) plaintext, uint8_t *cc_sized_by(nbytes) encrypted_plaintext);
890*aca3beaaSApple OSS Distributions
891*aca3beaaSApple OSS Distributions /// Add ciphertext data to the ccm authenticated decryption
892*aca3beaaSApple OSS Distributions /// @param mode mode descriptor
893*aca3beaaSApple OSS Distributions /// @param ctx context for this ccm instance
894*aca3beaaSApple OSS Distributions /// @param nonce_ctx context for this nonce
895*aca3beaaSApple OSS Distributions /// @param nbytes length in bytes of both plaintext and encrypted plaintext
896*aca3beaaSApple OSS Distributions /// @param encrypted_plaintext In encryption mode plaintext data, in decryption mode encrypted plaintext data.
897*aca3beaaSApple OSS Distributions /// @param plaintext in encryption mode resulting encrypted plaintext data. In decryption mode resulting plaintext data
898*aca3beaaSApple OSS Distributions int ccccm_decrypt(const struct ccmode_ccm *mode, ccccm_ctx *ctx, ccccm_nonce *nonce_ctx, size_t nbytes, const uint8_t *cc_sized_by(nbytes) encrypted_plaintext, uint8_t *cc_sized_by(nbytes) plaintext);
899*aca3beaaSApple OSS Distributions
900*aca3beaaSApple OSS Distributions
901*aca3beaaSApple OSS Distributions /// (Deprecated) Compute tag for ccm
902*aca3beaaSApple OSS Distributions /// @param mode mode descriptor
903*aca3beaaSApple OSS Distributions /// @param ctx context for this ccm instance
904*aca3beaaSApple OSS Distributions /// @param nonce_ctx context for this nonce
905*aca3beaaSApple OSS Distributions /// @param mac tag portion of ciphertext that is computed from ccm MAC.
906*aca3beaaSApple OSS Distributions /// @discussion This is being deprecated, as it requires the caller to manually verify that the returned mac tag is correct when decrypting. Please use ccccm_finalize_and_verify instead.
ccccm_finalize(const struct ccmode_ccm * mode,ccccm_ctx * ctx,ccccm_nonce * nonce_ctx,void * cc_indexable mac)907*aca3beaaSApple OSS Distributions CC_INLINE int ccccm_finalize(const struct ccmode_ccm *mode, ccccm_ctx *ctx, ccccm_nonce *nonce_ctx, void *cc_indexable mac)
908*aca3beaaSApple OSS Distributions {
909*aca3beaaSApple OSS Distributions return mode->finalize(ctx, nonce_ctx, mac);
910*aca3beaaSApple OSS Distributions }
911*aca3beaaSApple OSS Distributions
912*aca3beaaSApple OSS Distributions /// Ends encryption and computes tag when in encryption mode
913*aca3beaaSApple OSS Distributions /// @param mode mode descriptor
914*aca3beaaSApple OSS Distributions /// @param ctx context for this ccm instance
915*aca3beaaSApple OSS Distributions /// @param nonce_ctx context for this nonce
916*aca3beaaSApple OSS Distributions /// @param mac For encryption mode the resulting mac tag portion of the ciphertext is copied to this buffer. For decryption mode, it provides an input of the expected tag in the ciphertext
917*aca3beaaSApple OSS Distributions /// @return For decryption returns CCERR_OK if the provided mac matches the computed mac, and otherwise returns CCMODE_INTEGRITY_FAILURE.
918*aca3beaaSApple OSS Distributions int ccccm_finalize_and_generate_tag(const struct ccmode_ccm *mode, ccccm_ctx *ctx, ccccm_nonce *nonce_ctx, uint8_t *cc_indexable mac);
919*aca3beaaSApple OSS Distributions
920*aca3beaaSApple OSS Distributions /// Ends decryption and verifies tag when in decryption mode
921*aca3beaaSApple OSS Distributions /// @param mode mode descriptor
922*aca3beaaSApple OSS Distributions /// @param ctx context for this ccm instance
923*aca3beaaSApple OSS Distributions /// @param nonce_ctx context for this nonce
924*aca3beaaSApple OSS Distributions /// @param mac It provides an input of the expected tag in the ciphertext
925*aca3beaaSApple OSS Distributions /// @return Returns CCERR_OK if the provided mac matches the computed mac, and otherwise returns CCMODE_INTEGRITY_FAILURE.
926*aca3beaaSApple OSS Distributions int ccccm_finalize_and_verify_tag(const struct ccmode_ccm *mode, ccccm_ctx *ctx, ccccm_nonce *nonce_ctx, const uint8_t *cc_indexable mac);
927*aca3beaaSApple OSS Distributions
928*aca3beaaSApple OSS Distributions /// Resets the state of the encryptor/decryptor, maintaining the key, but clearing the nonce/iv, allowing for a new encryption or decryption
929*aca3beaaSApple OSS Distributions /// @param mode mode descriptor
930*aca3beaaSApple OSS Distributions /// @param ctx context for this ccm instance
931*aca3beaaSApple OSS Distributions /// @param nonce_ctx context for this nonce
ccccm_reset(const struct ccmode_ccm * mode,ccccm_ctx * ctx,ccccm_nonce * nonce_ctx)932*aca3beaaSApple OSS Distributions CC_INLINE int ccccm_reset(const struct ccmode_ccm *mode, ccccm_ctx *ctx, ccccm_nonce *nonce_ctx)
933*aca3beaaSApple OSS Distributions {
934*aca3beaaSApple OSS Distributions return mode->reset(ctx, nonce_ctx);
935*aca3beaaSApple OSS Distributions }
936*aca3beaaSApple OSS Distributions
937*aca3beaaSApple OSS Distributions /// (Deprecated) Encrypts/Decrypts a plaintext/ciphertext using the AEAD CCM mode.
938*aca3beaaSApple OSS Distributions /// @param mode mode descriptor
939*aca3beaaSApple OSS Distributions /// @param key_len key length in bytes
940*aca3beaaSApple OSS Distributions /// @param key buffer holding key
941*aca3beaaSApple OSS Distributions /// @param nonce_len nonce length in bytes
942*aca3beaaSApple OSS Distributions /// @param nonce buffer holding nonce
943*aca3beaaSApple OSS Distributions /// @param nbytes the length of the plaintext and encrypted-plaintext
944*aca3beaaSApple OSS Distributions /// @param in buffer holding plaintext in encryption mode, and encrypted plaintext portion of ciphertext in decryption mode
945*aca3beaaSApple OSS Distributions /// @param out buffer receiving resulting encrypted plaintext in encryption mode, and resulting plaintext in decryption mode
946*aca3beaaSApple OSS Distributions /// @param adata_len length in bytes of associated data
947*aca3beaaSApple OSS Distributions /// @param adata authenticated data being provided in this invocation.
948*aca3beaaSApple OSS Distributions /// @param mac_size length in bytes of CCM mac tag
949*aca3beaaSApple OSS Distributions /// @param mac portion of ciphertext that is computed from ccm MAC.
950*aca3beaaSApple OSS Distributions /// @return This is being deprecated, as it requires the caller to manually verify that the returned mac tag is correct when decrypting. Please use ccccm_one_shot_with_verify instead
ccccm_one_shot(const struct ccmode_ccm * mode,size_t key_len,const void * cc_sized_by (key_len)key,size_t nonce_len,const void * cc_sized_by (nonce_len)nonce,size_t nbytes,const void * cc_sized_by (nbytes)in,void * cc_sized_by (nbytes)out,size_t adata_len,const void * cc_sized_by (adata_len)adata,size_t mac_size,void * cc_sized_by (mac_size)mac)951*aca3beaaSApple OSS Distributions CC_INLINE int ccccm_one_shot(const struct ccmode_ccm *mode,
952*aca3beaaSApple OSS Distributions size_t key_len,
953*aca3beaaSApple OSS Distributions const void *cc_sized_by(key_len) key,
954*aca3beaaSApple OSS Distributions size_t nonce_len,
955*aca3beaaSApple OSS Distributions const void *cc_sized_by(nonce_len) nonce,
956*aca3beaaSApple OSS Distributions size_t nbytes,
957*aca3beaaSApple OSS Distributions const void *cc_sized_by(nbytes) in,
958*aca3beaaSApple OSS Distributions void *cc_sized_by(nbytes) out,
959*aca3beaaSApple OSS Distributions size_t adata_len,
960*aca3beaaSApple OSS Distributions const void *cc_sized_by(adata_len) adata,
961*aca3beaaSApple OSS Distributions size_t mac_size,
962*aca3beaaSApple OSS Distributions void *cc_sized_by(mac_size) mac)
963*aca3beaaSApple OSS Distributions {
964*aca3beaaSApple OSS Distributions int rc;
965*aca3beaaSApple OSS Distributions ccccm_ctx_decl(mode->size, ctx);
966*aca3beaaSApple OSS Distributions ccccm_nonce_decl(mode->nonce_size, nonce_ctx);
967*aca3beaaSApple OSS Distributions rc = mode->init(mode, ctx, key_len, key);
968*aca3beaaSApple OSS Distributions if (rc == 0) {
969*aca3beaaSApple OSS Distributions rc = mode->set_iv(ctx, nonce_ctx, nonce_len, nonce, mac_size, adata_len, nbytes);
970*aca3beaaSApple OSS Distributions }
971*aca3beaaSApple OSS Distributions if (rc == 0) {
972*aca3beaaSApple OSS Distributions rc = mode->cbcmac(ctx, nonce_ctx, adata_len, adata);
973*aca3beaaSApple OSS Distributions }
974*aca3beaaSApple OSS Distributions if (rc == 0) {
975*aca3beaaSApple OSS Distributions rc = mode->ccm(ctx, nonce_ctx, nbytes, in, out);
976*aca3beaaSApple OSS Distributions }
977*aca3beaaSApple OSS Distributions if (rc == 0) {
978*aca3beaaSApple OSS Distributions rc = mode->finalize(ctx, nonce_ctx, mac);
979*aca3beaaSApple OSS Distributions }
980*aca3beaaSApple OSS Distributions ccccm_ctx_clear(mode->size, ctx);
981*aca3beaaSApple OSS Distributions ccccm_nonce_clear(mode->nonce_size, nonce_ctx);
982*aca3beaaSApple OSS Distributions
983*aca3beaaSApple OSS Distributions return rc;
984*aca3beaaSApple OSS Distributions }
985*aca3beaaSApple OSS Distributions
986*aca3beaaSApple OSS Distributions /// Encrypts a plaintext using the AEAD CCM mode, and provides corresponding mac tag. The encrypted plaintext and tag together are the AEAD ciphertext
987*aca3beaaSApple OSS Distributions /// @param mode mode descriptor
988*aca3beaaSApple OSS Distributions /// @param key_nbytes key length in bytes
989*aca3beaaSApple OSS Distributions /// @param key buffer holding key
990*aca3beaaSApple OSS Distributions /// @param nonce_nbytes nonce length in bytes
991*aca3beaaSApple OSS Distributions /// @param nonce buffer holding nonce
992*aca3beaaSApple OSS Distributions /// @param nbytes the length of the plaintext and encrypted-plaintext
993*aca3beaaSApple OSS Distributions /// @param plaintext buffer holding plaintext in encryption mode, and encrypted plaintext portion of ciphertext in decryption mode
994*aca3beaaSApple OSS Distributions /// @param encrypted_plaintext buffer receiving resulting encrypted plaintext in encryption mode
995*aca3beaaSApple OSS Distributions /// @param adata_nbytes length in bytes of associated data
996*aca3beaaSApple OSS Distributions /// @param adata authenticated data being provided in this invocation.
997*aca3beaaSApple OSS Distributions /// @param mac_tag_nbytes length in bytes of CCM mac tag
998*aca3beaaSApple OSS Distributions /// @param mac_tag portion of ciphertext that is computed from ccm MAC.
999*aca3beaaSApple OSS Distributions /// @return CERR_OK on successful encryption
1000*aca3beaaSApple OSS Distributions int ccccm_one_shot_encrypt(const struct ccmode_ccm *mode,
1001*aca3beaaSApple OSS Distributions size_t key_nbytes,
1002*aca3beaaSApple OSS Distributions const uint8_t *cc_sized_by(key_nbytes) key,
1003*aca3beaaSApple OSS Distributions size_t nonce_nbytes,
1004*aca3beaaSApple OSS Distributions const uint8_t *cc_sized_by(nonce_nbytes) nonce,
1005*aca3beaaSApple OSS Distributions size_t nbytes,
1006*aca3beaaSApple OSS Distributions const uint8_t *cc_sized_by(nbytes) plaintext,
1007*aca3beaaSApple OSS Distributions uint8_t *cc_sized_by(nbytes) encrypted_plaintext,
1008*aca3beaaSApple OSS Distributions size_t adata_nbytes,
1009*aca3beaaSApple OSS Distributions const uint8_t *cc_sized_by(adata_nbytes) adata,
1010*aca3beaaSApple OSS Distributions size_t mac_tag_nbytes,
1011*aca3beaaSApple OSS Distributions uint8_t *cc_sized_by(mac_tag_nbytes) mac_tag);
1012*aca3beaaSApple OSS Distributions
1013*aca3beaaSApple OSS Distributions /// Decrypts a ciphertext using the AEAD CCM mode and ensures authenticity of the ciphertext. An AEAD CCM ciphertext consists of encrypted plaintext and mac tag
1014*aca3beaaSApple OSS Distributions /// @param mode mode descriptor
1015*aca3beaaSApple OSS Distributions /// @param key_nbytes key length in bytes
1016*aca3beaaSApple OSS Distributions /// @param key buffer holding key
1017*aca3beaaSApple OSS Distributions /// @param nonce_nbytes nonce length in bytes
1018*aca3beaaSApple OSS Distributions /// @param nonce buffer holding nonce
1019*aca3beaaSApple OSS Distributions /// @param nbytes the length of the plaintext and encrypted-plaintext
1020*aca3beaaSApple OSS Distributions /// @param encrypted_plaintext buffer holding the encrypted plaintext portion of ciphertext
1021*aca3beaaSApple OSS Distributions /// @param plaintext buffer receiving resulting plaintext
1022*aca3beaaSApple OSS Distributions /// @param adata_nbytes length in bytes of associated data
1023*aca3beaaSApple OSS Distributions /// @param adata authenticated data being provided in this invocation.
1024*aca3beaaSApple OSS Distributions /// @param mac_tag_nbytes length in bytes of CCM mac tag
1025*aca3beaaSApple OSS Distributions /// @param mac_tag portion of ciphertext that is computed from ccm MAC.
1026*aca3beaaSApple OSS Distributions /// @return For decryption returns CCERR_OK if the provided mac matches the computed mac, and otherwise returns CCMODE_INTEGRITY_FAILURE.
1027*aca3beaaSApple OSS Distributions int ccccm_one_shot_decrypt(const struct ccmode_ccm *mode,
1028*aca3beaaSApple OSS Distributions size_t key_nbytes,
1029*aca3beaaSApple OSS Distributions const uint8_t *cc_sized_by(key_nbytes) key,
1030*aca3beaaSApple OSS Distributions size_t nonce_nbytes,
1031*aca3beaaSApple OSS Distributions const uint8_t *cc_sized_by(nonce_nbytes) nonce,
1032*aca3beaaSApple OSS Distributions size_t nbytes,
1033*aca3beaaSApple OSS Distributions const uint8_t *cc_sized_by(nbytes) encrypted_plaintext,
1034*aca3beaaSApple OSS Distributions uint8_t *cc_sized_by(nbytes) plaintext,
1035*aca3beaaSApple OSS Distributions size_t adata_nbytes,
1036*aca3beaaSApple OSS Distributions const uint8_t *cc_sized_by(adata_nbytes) adata,
1037*aca3beaaSApple OSS Distributions size_t mac_tag_nbytes,
1038*aca3beaaSApple OSS Distributions const uint8_t *cc_sized_by(mac_tag_nbytes) mac_tag);
1039*aca3beaaSApple OSS Distributions
1040*aca3beaaSApple OSS Distributions /* OMAC mode. */
1041*aca3beaaSApple OSS Distributions
1042*aca3beaaSApple OSS Distributions /* Declare a omac key named _name_. Pass the size field of a struct ccmode_omac
1043*aca3beaaSApple OSS Distributions for _size_. */
1044*aca3beaaSApple OSS Distributions #define ccomac_ctx_decl(_size_, _name_) cc_ctx_decl_vla(ccomac_ctx, _size_, _name_)
1045*aca3beaaSApple OSS Distributions #define ccomac_ctx_clear(_size_, _name_) cc_clear(_size_, _name_)
1046*aca3beaaSApple OSS Distributions
ccomac_context_size(const struct ccmode_omac * mode)1047*aca3beaaSApple OSS Distributions CC_INLINE size_t ccomac_context_size(const struct ccmode_omac *mode)
1048*aca3beaaSApple OSS Distributions {
1049*aca3beaaSApple OSS Distributions return mode->size;
1050*aca3beaaSApple OSS Distributions }
1051*aca3beaaSApple OSS Distributions
ccomac_block_size(const struct ccmode_omac * mode)1052*aca3beaaSApple OSS Distributions CC_INLINE size_t ccomac_block_size(const struct ccmode_omac *mode)
1053*aca3beaaSApple OSS Distributions {
1054*aca3beaaSApple OSS Distributions return mode->block_size;
1055*aca3beaaSApple OSS Distributions }
1056*aca3beaaSApple OSS Distributions
ccomac_init(const struct ccmode_omac * mode,ccomac_ctx * ctx,size_t tweak_len,size_t key_len,const void * cc_sized_by (key_len)key)1057*aca3beaaSApple OSS Distributions CC_INLINE int ccomac_init(const struct ccmode_omac *mode, ccomac_ctx *ctx, size_t tweak_len, size_t key_len, const void *cc_sized_by(key_len) key)
1058*aca3beaaSApple OSS Distributions {
1059*aca3beaaSApple OSS Distributions return mode->init(mode, ctx, tweak_len, key_len, key);
1060*aca3beaaSApple OSS Distributions }
1061*aca3beaaSApple OSS Distributions
1062*aca3beaaSApple OSS Distributions CC_INLINE int
ccomac_update(const struct ccmode_omac * mode,ccomac_ctx * ctx,size_t nblocks,const void * tweak,const void * cc_indexable in,void * cc_indexable out)1063*aca3beaaSApple OSS Distributions ccomac_update(const struct ccmode_omac *mode, ccomac_ctx *ctx, size_t nblocks, const void *tweak, const void *cc_indexable in, void *cc_indexable out)
1064*aca3beaaSApple OSS Distributions {
1065*aca3beaaSApple OSS Distributions return mode->omac(ctx, nblocks, tweak, in, out);
1066*aca3beaaSApple OSS Distributions }
1067*aca3beaaSApple OSS Distributions
ccomac_one_shot(const struct ccmode_omac * mode,size_t tweak_len,size_t key_len,const void * cc_sized_by (key_len)key,const void * cc_sized_by (tweak_len)tweak,size_t nblocks,const void * cc_indexable in,void * cc_indexable out)1068*aca3beaaSApple OSS Distributions CC_INLINE int ccomac_one_shot(const struct ccmode_omac *mode,
1069*aca3beaaSApple OSS Distributions size_t tweak_len,
1070*aca3beaaSApple OSS Distributions size_t key_len,
1071*aca3beaaSApple OSS Distributions const void *cc_sized_by(key_len) key,
1072*aca3beaaSApple OSS Distributions const void *cc_sized_by(tweak_len) tweak,
1073*aca3beaaSApple OSS Distributions size_t nblocks,
1074*aca3beaaSApple OSS Distributions const void *cc_indexable in,
1075*aca3beaaSApple OSS Distributions void *cc_indexable out)
1076*aca3beaaSApple OSS Distributions {
1077*aca3beaaSApple OSS Distributions int rc;
1078*aca3beaaSApple OSS Distributions ccomac_ctx_decl(mode->size, ctx);
1079*aca3beaaSApple OSS Distributions rc = mode->init(mode, ctx, tweak_len, key_len, key);
1080*aca3beaaSApple OSS Distributions if (rc == 0) {
1081*aca3beaaSApple OSS Distributions rc = mode->omac(ctx, nblocks, tweak, in, out);
1082*aca3beaaSApple OSS Distributions }
1083*aca3beaaSApple OSS Distributions ccomac_ctx_clear(mode->size, ctx);
1084*aca3beaaSApple OSS Distributions return rc;
1085*aca3beaaSApple OSS Distributions }
1086*aca3beaaSApple OSS Distributions
1087*aca3beaaSApple OSS Distributions #endif /* _CORECRYPTO_CCMODE_H_ */
1088