wc_encrypt.h (4362B)
1 /* wc_encrypt.h 2 * 3 * Copyright (C) 2006-2025 wolfSSL Inc. 4 * 5 * This file is part of wolfSSL. 6 * 7 * wolfSSL is free software; you can redistribute it and/or modify 8 * it under the terms of the GNU General Public License as published by 9 * the Free Software Foundation; either version 3 of the License, or 10 * (at your option) any later version. 11 * 12 * wolfSSL is distributed in the hope that it will be useful, 13 * but WITHOUT ANY WARRANTY; without even the implied warranty of 14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 15 * GNU General Public License for more details. 16 * 17 * You should have received a copy of the GNU General Public License 18 * along with this program; if not, write to the Free Software 19 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA 20 */ 21 22 /*! 23 \file wolfssl/wolfcrypt/wc_encrypt.h 24 */ 25 26 27 #ifndef WOLF_CRYPT_ENCRYPT_H 28 #define WOLF_CRYPT_ENCRYPT_H 29 30 #include <wolfssl/wolfcrypt/types.h> 31 #ifndef NO_AES 32 #include <wolfssl/wolfcrypt/aes.h> 33 #endif 34 #ifdef HAVE_CHACHA 35 #include <wolfssl/wolfcrypt/chacha.h> 36 #endif 37 #ifndef NO_DES3 38 #include <wolfssl/wolfcrypt/des3.h> 39 #endif 40 #ifndef NO_RC4 41 #include <wolfssl/wolfcrypt/arc4.h> 42 #endif 43 44 #ifdef __cplusplus 45 extern "C" { 46 #endif 47 48 /* determine max cipher key size - cannot use enum values here, must be define, 49 * since WC_MAX_SYM_KEY_SIZE is used in if macro logic. */ 50 #ifndef NO_AES 51 #define WC_MAX_SYM_KEY_SIZE (AES_MAX_KEY_SIZE/8) 52 #elif defined(HAVE_CHACHA) 53 #define WC_MAX_SYM_KEY_SIZE 32 /* CHACHA_MAX_KEY_SZ */ 54 #elif !defined(NO_DES3) 55 #define WC_MAX_SYM_KEY_SIZE 24 /* DES3_KEY_SIZE */ 56 #elif !defined(NO_RC4) 57 #define WC_MAX_SYM_KEY_SIZE 16 /* RC4_KEY_SIZE */ 58 #else 59 #define WC_MAX_SYM_KEY_SIZE 32 60 #endif 61 62 63 #if (defined(HAVE_FIPS) && defined(HAVE_FIPS_VERSION) && \ 64 (HAVE_FIPS_VERSION <= 2)) || (defined(HAVE_SELFTEST) && \ 65 (!defined(HAVE_SELFTEST_VERSION) || (HAVE_SELFTEST_VERSION < 2))) 66 /* In FIPS cert 3389 and CAVP selftest v1 build, these enums are 67 * not in aes.h. Define them here outside the fips boundary. 68 */ 69 #ifndef GCM_NONCE_MID_SZ 70 /* The usual default nonce size for AES-GCM. */ 71 #define GCM_NONCE_MID_SZ 12 72 #endif 73 #ifndef CCM_NONCE_MIN_SZ 74 #define CCM_NONCE_MIN_SZ 7 75 #endif 76 #endif 77 78 79 #if !defined(NO_AES) && defined(HAVE_AES_CBC) 80 WOLFSSL_API int wc_AesCbcEncryptWithKey(byte* out, const byte* in, word32 inSz, 81 const byte* key, word32 keySz, 82 const byte* iv); 83 WOLFSSL_API int wc_AesCbcDecryptWithKey(byte* out, const byte* in, word32 inSz, 84 const byte* key, word32 keySz, 85 const byte* iv); 86 #endif /* !NO_AES */ 87 88 89 #ifndef NO_DES3 90 WOLFSSL_API int wc_Des_CbcDecryptWithKey(byte* out, 91 const byte* in, word32 sz, 92 const byte* key, const byte* iv); 93 WOLFSSL_API int wc_Des_CbcEncryptWithKey(byte* out, 94 const byte* in, word32 sz, 95 const byte* key, const byte* iv); 96 WOLFSSL_API int wc_Des3_CbcEncryptWithKey(byte* out, 97 const byte* in, word32 sz, 98 const byte* key, const byte* iv); 99 WOLFSSL_API int wc_Des3_CbcDecryptWithKey(byte* out, 100 const byte* in, word32 sz, 101 const byte* key, const byte* iv); 102 #endif /* !NO_DES3 */ 103 104 105 106 107 #ifdef WOLFSSL_ENCRYPTED_KEYS 108 struct EncryptedInfo; 109 WOLFSSL_API int wc_BufferKeyDecrypt(struct EncryptedInfo* info, byte* der, word32 derSz, 110 const byte* password, int passwordSz, int hashType); 111 WOLFSSL_API int wc_BufferKeyEncrypt(struct EncryptedInfo* info, byte* der, word32 derSz, 112 const byte* password, int passwordSz, int hashType); 113 #endif /* WOLFSSL_ENCRYPTED_KEYS */ 114 115 #ifndef NO_PWDBASED 116 WOLFSSL_LOCAL int wc_CryptKey(const char* password, int passwordSz, 117 byte* salt, int saltSz, int iterations, int id, byte* input, int length, 118 int version, byte* cbcIv, int enc, int shaOid); 119 #endif 120 121 #ifdef __cplusplus 122 } /* extern "C" */ 123 #endif 124 125 #endif /* WOLF_CRYPT_ENCRYPT_H */ 126