]> git.saurik.com Git - apple/xnu.git/blame_incremental - EXTERNAL_HEADERS/corecrypto/ccpad.h
xnu-2422.115.4.tar.gz
[apple/xnu.git] / EXTERNAL_HEADERS / corecrypto / ccpad.h
... / ...
CommitLineData
1/*
2 * ccpad.h
3 * corecrypto
4 *
5 * Created by Michael Brouwer on 12/6/10.
6 * Copyright 2010,2011 Apple Inc. All rights reserved.
7 *
8 */
9
10#ifndef _CORECRYPTO_CCPAD_H_
11#define _CORECRYPTO_CCPAD_H_
12
13#include <corecrypto/ccmode.h>
14
15/* Contract is nbytes is at least 1 block + 1 byte. Also in is nbytes long out is nbytes long. */
16void ccpad_cts_decrypt(const struct ccmode_cbc *cbc, cccbc_ctx *ctx,
17 unsigned long nbytes, const void *in, void *out);
18
19/* Contract is nbytes is at least 1 block + 1 byte. Also in is nbytes long out is nbytes long. */
20void ccpad_cts_encrypt(const struct ccmode_cbc *cbc, cccbc_ctx *ctx,
21 unsigned long nbytes, const void *in, void *out);
22
23/* Contract is nbytes is at least 1 block + 1 byte. Also in is nbytes long out is nbytes long. */
24void ccpad_cts1_decrypt(const struct ccmode_cbc *cbc, cccbc_ctx *ctx,
25 unsigned long nbytes, const void *in, void *out);
26
27/* Contract is nbytes is at least 1 block + 1 byte. Also in is nbytes long out is nbytes long. */
28void ccpad_cts1_encrypt(const struct ccmode_cbc *cbc, cccbc_ctx *ctx,
29 unsigned long nbytes, const void *in, void *out);
30/* Contract is nbytes is at least 1 block + 1 byte. Also in is nbytes long out is nbytes long. */
31void ccpad_cts2_decrypt(const struct ccmode_cbc *cbc, cccbc_ctx *ctx,
32 unsigned long nbytes, const void *in, void *out);
33
34/* Contract is nbytes is at least 1 block + 1 byte. Also in is nbytes long out is nbytes long. */
35void ccpad_cts2_encrypt(const struct ccmode_cbc *cbc, cccbc_ctx *ctx,
36 unsigned long nbytes, const void *in, void *out);
37/* Contract is nbytes is at least 1 block + 1 byte. Also in is nbytes long out is nbytes long. */
38void ccpad_cts3_decrypt(const struct ccmode_cbc *cbc, cccbc_ctx *ctx,
39 unsigned long nbytes, const void *in, void *out);
40
41/* Contract is nbytes is at least 1 block + 1 byte. Also in is nbytes long out is nbytes long. */
42void ccpad_cts3_encrypt(const struct ccmode_cbc *cbc, cccbc_ctx *ctx,
43 unsigned long nbytes, const void *in, void *out);
44
45/* Contract is nbytes is non zero and a multiple of block_size. Furthermore in is nbytes long and out is nbytes long. Returns number of bytes written to out (technically we always write nbytes to out but the returned value is the number of bytes decrypted after removal of padding.
46
47 To be safe we remove the entire offending block if the pkcs7 padding checks failed. However we purposely don't report the failure to decode the padding since any use of this error leads to potential security exploits. So currently there is no way to distinguish between a full block of padding and bad padding.
48 */
49unsigned long ccpad_pkcs7_decrypt(const struct ccmode_cbc *cbc, cccbc_ctx *ctx,
50 unsigned long nbytes, const void *in,
51 void *out);
52
53/* Contract is in is nbytes long. Writes (nbytes / block_size) + 1 times block_size to out. In other words, out must be nbytes rounded down to the closest multiple of block_size plus block_size bytes. */
54void ccpad_pkcs7_encrypt(const struct ccmode_cbc *cbc, cccbc_ctx *ctx,
55 unsigned long nbytes, const void *in, void *out);
56
57/* Contract is nbytes is at least 1 block + 1 byte. Also in is nbytes long out is nbytes long. */
58void ccpad_xts_decrypt(const struct ccmode_xts *xts, ccxts_ctx *ctx,
59 unsigned long nbytes, const void *in, void *out);
60
61/* Contract is nbytes is at least 1 block + 1 byte. Also in is nbytes long out is nbytes long. */
62void ccpad_xts_encrypt(const struct ccmode_xts *xts, ccxts_ctx *ctx,
63 unsigned long nbytes, const void *in, void *out);
64
65#endif /* _CORECRYPTO_CCPAD_H_ */