| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315 |
- /*
- * Copyright (c) 2010 Apple Inc. All Rights Reserved.
- *
- * @APPLE_LICENSE_HEADER_START@
- *
- * This file contains Original Code and/or Modifications of Original Code
- * as defined in and that are subject to the Apple Public Source License
- * Version 2.0 (the 'License'). You may not use this file except in
- * compliance with the License. Please obtain a copy of the License at
- * http://www.opensource.apple.com/apsl/ and read it before using this
- * file.
- *
- * The Original Code and all software distributed under the License are
- * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
- * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
- * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
- * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
- * Please see the License for the specific language governing rights and
- * limitations under the License.
- *
- * @APPLE_LICENSE_HEADER_END@
- */
- #ifndef _CC_CryptorSPI_H_
- #define _CC_CryptorSPI_H_
- #include <sys/types.h>
- #include <sys/param.h>
- #include <stdint.h>
- #include <string.h>
- #ifdef KERNEL
- #include <machine/limits.h>
- #else
- #include <limits.h>
- #include <stdlib.h>
- #endif /* KERNEL */
- #include <Availability.h>
- #ifdef __cplusplus
- extern "C" {
- #endif
-
- /*
- This is an SPI header. It includes some work in progress implementation notes that
- will be removed when this is promoted to an API set.
- */
-
- /*
- Private Ciphers
- */
-
- /* Lion SPI name for no padding. Defining for compatibility. Is now
- ccNoPadding in CommonCryptor.h
- */
-
- enum {
- ccDefaultPadding = 0,
- };
-
-
- enum {
- kCCAlgorithmAES128NoHardware = 20,
- kCCAlgorithmAES128WithHardware = 21
- };
-
- /*
- Private Modes
- */
- enum {
- kCCModeGCM = 11,
- };
-
- /*
- Private Paddings
- */
- enum {
- ccCBCCTS1 = 10,
- ccCBCCTS2 = 11,
- ccCBCCTS3 = 12,
- };
-
- /*
- Private Cryptor direction (op)
- */
- enum {
- kCCBoth = 3,
- };
-
-
-
-
- /*
- Supports a mode call of
- int mode_setup(int cipher, const unsigned char *IV, const unsigned char *key, int keylen,
- const unsigned char *tweak, int tweaklen, int num_rounds, int options, mode_context *ctx);
- */
-
- /* User supplied space for the CryptorRef */
-
- CCCryptorStatus CCCryptorCreateFromDataWithMode(
- CCOperation op, /* kCCEncrypt, kCCEncrypt, kCCBoth (default for BlockMode) */
- CCMode mode,
- CCAlgorithm alg,
- CCPadding padding,
- const void *iv, /* optional initialization vector */
- const void *key, /* raw key material */
- size_t keyLength,
- const void *tweak, /* raw tweak material */
- size_t tweakLength,
- int numRounds,
- CCModeOptions options,
- const void *data, /* caller-supplied memory */
- size_t dataLength, /* length of data in bytes */
- CCCryptorRef *cryptorRef, /* RETURNED */
- size_t *dataUsed) /* optional, RETURNED */
- __OSX_AVAILABLE_STARTING(__MAC_10_7, __IPHONE_5_0);
-
-
- /*
- Assuming we can use existing CCCryptorCreateFromData for all modes serviced by these:
- int mode_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, mode_context *ctx);
- int mode_decrypt(const unsigned char *ct, unsigned char *pt, unsigned long len, mode_context *ctx);
- */
-
- /*
- Block mode encrypt and decrypt interfaces for IV tweaked blocks (XTS and CBC)
-
- int mode_encrypt_tweaked(const unsigned char *pt, unsigned long len, unsigned char *ct, const unsigned char *tweak, mode_context *ctx);
- int mode_decrypt_tweaked(const unsigned char *ct, unsigned long len, unsigned char *pt, const unsigned char *tweak, mode_context *ctx);
- */
-
- CCCryptorStatus CCCryptorEncryptDataBlock(
- CCCryptorRef cryptorRef,
- const void *iv,
- const void *dataIn,
- size_t dataInLength,
- void *dataOut)
- __OSX_AVAILABLE_STARTING(__MAC_10_7, __IPHONE_5_0);
-
-
- CCCryptorStatus CCCryptorDecryptDataBlock(
- CCCryptorRef cryptorRef,
- const void *iv,
- const void *dataIn,
- size_t dataInLength,
- void *dataOut)
- __OSX_AVAILABLE_STARTING(__MAC_10_7, __IPHONE_5_0);
-
- /*
- Assuming we can use the existing CCCryptorRelease() interface for
- int mode_done(mode_context *ctx);
- */
-
- /*
- Not surfacing these other than with CCCryptorReset()
-
- int mode_setiv(const unsigned char *IV, unsigned long len, mode_context *ctx);
- int mode_getiv(const unsigned char *IV, unsigned long *len, mode_context *ctx);
- */
-
- /*
- DES key utilities
- */
-
- CCCryptorStatus CCDesIsWeakKey(
- void *key,
- size_t Length)
- __OSX_AVAILABLE_STARTING(__MAC_10_7, __IPHONE_5_0);
-
- void CCDesSetOddParity(
- void *key,
- size_t Length)
- __OSX_AVAILABLE_STARTING(__MAC_10_7, __IPHONE_5_0);
-
- uint32_t CCDesCBCCksum(void *input, void *output,
- size_t length, void *key, size_t keylen,
- void *ivec)
- __OSX_AVAILABLE_STARTING(__MAC_10_7, __IPHONE_5_0);
-
-
- /*
- * returns a cipher blocksize length iv in the provided iv buffer.
- */
-
- CCCryptorStatus
- CCCryptorGetIV(CCCryptorRef cryptorRef, void *iv)
- __OSX_AVAILABLE_STARTING(__MAC_10_7, __IPHONE_5_0);
-
- /*
- GCM Support Interfaces
-
- Use CCCryptorCreateWithMode() with the kCCModeGCM selector to initialize
- a CryptoRef. Only kCCAlgorithmAES128 can be used with GCM and these
- functions. IV Setting etc will be ignored from CCCryptorCreateWithMode().
- Use the CCCryptorGCMAddIV() routine below for IV setup.
- */
-
- /*
- This adds the initial vector octets from iv of length ivLen to the GCM
- CCCryptorRef. You can call this function as many times as required to
- process the entire IV.
- */
-
- CCCryptorStatus
- CCCryptorGCMAddIV(CCCryptorRef cryptorRef,
- const void *iv,
- size_t ivLen)
- __OSX_AVAILABLE_STARTING(__MAC_10_8, __IPHONE_5_0);
-
- /*
- Additional Authentication Data
- After the entire IV has been processed, the additional authentication
- data can be processed. Unlike the IV, a packet/session does not require
- additional authentication data (AAD) for security. The AAD is meant to
- be used as side–channel data you want to be authenticated with the packet.
- Note: once you begin adding AAD to the GCM CCCryptorRef you cannot return
- to adding IV data until the state has been reset.
- */
-
- CCCryptorStatus
- CCCryptorGCMAddAAD(CCCryptorRef cryptorRef,
- const void *aData,
- size_t aDataLen)
- __OSX_AVAILABLE_STARTING(__MAC_10_8, __IPHONE_6_0);
-
- // Maintain the old symbol with incorrect camel-case for now.
- CCCryptorStatus
- CCCryptorGCMaddAAD(CCCryptorRef cryptorRef,
- const void *aData,
- size_t aDataLen)
- __OSX_AVAILABLE_STARTING(__MAC_10_8, __IPHONE_6_0);
-
- // This is for old iOS5 clients
- CCCryptorStatus
- CCCryptorGCMAddADD(CCCryptorRef cryptorRef,
- const void *aData,
- size_t aDataLen)
- __OSX_AVAILABLE_STARTING(__MAC_10_8, __IPHONE_5_0);
-
-
- CCCryptorStatus CCCryptorGCMEncrypt(
- CCCryptorRef cryptorRef,
- const void *dataIn,
- size_t dataInLength,
- void *dataOut)
- __OSX_AVAILABLE_STARTING(__MAC_10_8, __IPHONE_5_0);
-
-
- CCCryptorStatus CCCryptorGCMDecrypt(
- CCCryptorRef cryptorRef,
- const void *dataIn,
- size_t dataInLength,
- void *dataOut)
- __OSX_AVAILABLE_STARTING(__MAC_10_8, __IPHONE_5_0);
-
- /*
- This terminates the GCM state gcm and stores the tag in tag of length
- taglen octets.
- */
-
- CCCryptorStatus CCCryptorGCMFinal(
- CCCryptorRef cryptorRef,
- const void *tag,
- size_t *tagLength)
- __OSX_AVAILABLE_STARTING(__MAC_10_8, __IPHONE_5_0);
-
- /*
- This will reset the GCM CCCryptorRef to the state that CCCryptorCreateWithMode()
- left it. The user would then call CCCryptorGCMAddIV(), CCCryptorGCMaddAAD(), etc.
- */
-
- CCCryptorStatus CCCryptorGCMReset(
- CCCryptorRef cryptorRef)
- __OSX_AVAILABLE_STARTING(__MAC_10_8, __IPHONE_5_0);
-
- /*
- This will initialize the GCM state with the given key, IV and AAD value
- then proceed to encrypt or decrypt the message text and store the final
- message tag. The definition of the variables is the same as it is for all
- the manual functions. If you are processing many packets under the same
- key you shouldn’t use this function as it invokes the pre–computation
- with each call.
- */
-
- CCCryptorStatus CCCryptorGCM(
- CCOperation op, /* kCCEncrypt, kCCDecrypt */
- CCAlgorithm alg,
- const void *key, /* raw key material */
- size_t keyLength,
- const void *iv,
- size_t ivLen,
- const void *aData,
- size_t aDataLen,
- const void *dataIn,
- size_t dataInLength,
- void *dataOut,
- const void *tag,
- size_t *tagLength)
- __OSX_AVAILABLE_STARTING(__MAC_10_8, __IPHONE_5_0);
-
-
- void CC_RC4_set_key(void *ctx, int len, const unsigned char *data)
- __OSX_AVAILABLE_STARTING(__MAC_10_4, __IPHONE_5_0);
-
- void CC_RC4(void *ctx, unsigned long len, const unsigned char *indata,
- unsigned char *outdata)
- __OSX_AVAILABLE_STARTING(__MAC_10_4, __IPHONE_5_0);
-
-
- #ifdef __cplusplus
- }
- #endif
- #endif /* _CC_CryptorSPI_H_ */
|
