Add the Labs projects provided in the V10.2.1_191129 zip file.

[freertos] / FreeRTOS-Labs / Source / mbedtls / include / mbedtls / chacha20.h

/**\r
 * \file chacha20.h\r
 *\r
 * \brief   This file contains ChaCha20 definitions and functions.\r
 *\r
 *          ChaCha20 is a stream cipher that can encrypt and decrypt\r
 *          information. ChaCha was created by Daniel Bernstein as a variant of\r
 *          its Salsa cipher https://cr.yp.to/chacha/chacha-20080128.pdf\r
 *          ChaCha20 is the variant with 20 rounds, that was also standardized\r
 *          in RFC 7539.\r
 *\r
 * \author Daniel King <damaki.gh@gmail.com>\r
 */\r
\r
/*  Copyright (C) 2006-2018, Arm Limited (or its affiliates), All Rights Reserved.\r
 *  SPDX-License-Identifier: Apache-2.0\r
 *\r
 *  Licensed under the Apache License, Version 2.0 (the "License"); you may\r
 *  not use this file except in compliance with the License.\r
 *  You may obtain a copy of the License at\r
 *\r
 *  http://www.apache.org/licenses/LICENSE-2.0\r
 *\r
 *  Unless required by applicable law or agreed to in writing, software\r
 *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT\r
 *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\r
 *  See the License for the specific language governing permissions and\r
 *  limitations under the License.\r
 *\r
 *  This file is part of Mbed TLS (https://tls.mbed.org)\r
 */\r
\r
#ifndef MBEDTLS_CHACHA20_H\r
#define MBEDTLS_CHACHA20_H\r
\r
#if !defined(MBEDTLS_CONFIG_FILE)\r
#include "config.h"\r
#else\r
#include MBEDTLS_CONFIG_FILE\r
#endif\r
\r
#include <stdint.h>\r
#include <stddef.h>\r
\r
#define MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA         -0x0051 /**< Invalid input parameter(s). */\r
\r
/* MBEDTLS_ERR_CHACHA20_FEATURE_UNAVAILABLE is deprecated and should not be\r
 * used. */\r
#define MBEDTLS_ERR_CHACHA20_FEATURE_UNAVAILABLE    -0x0053 /**< Feature not available. For example, s part of the API is not implemented. */\r
\r
/* MBEDTLS_ERR_CHACHA20_HW_ACCEL_FAILED is deprecated and should not be used.\r
 */\r
#define MBEDTLS_ERR_CHACHA20_HW_ACCEL_FAILED        -0x0055  /**< Chacha20 hardware accelerator failed. */\r
\r
#ifdef __cplusplus\r
extern "C" {\r
#endif\r
\r
#if !defined(MBEDTLS_CHACHA20_ALT)\r
\r
typedef struct mbedtls_chacha20_context\r
{\r
    uint32_t state[16];          /*! The state (before round operations). */\r
    uint8_t  keystream8[64];     /*! Leftover keystream bytes. */\r
    size_t keystream_bytes_used; /*! Number of keystream bytes already used. */\r
}\r
mbedtls_chacha20_context;\r
\r
#else  /* MBEDTLS_CHACHA20_ALT */\r
#include "chacha20_alt.h"\r
#endif /* MBEDTLS_CHACHA20_ALT */\r
\r
/**\r
 * \brief           This function initializes the specified ChaCha20 context.\r
 *\r
 *                  It must be the first API called before using\r
 *                  the context.\r
 *\r
 *                  It is usually followed by calls to\r
 *                  \c mbedtls_chacha20_setkey() and\r
 *                  \c mbedtls_chacha20_starts(), then one or more calls to\r
 *                  to \c mbedtls_chacha20_update(), and finally to\r
 *                  \c mbedtls_chacha20_free().\r
 *\r
 * \param ctx       The ChaCha20 context to initialize.\r
 *                  This must not be \c NULL.\r
 */\r
void mbedtls_chacha20_init( mbedtls_chacha20_context *ctx );\r
\r
/**\r
 * \brief           This function releases and clears the specified\r
 *                  ChaCha20 context.\r
 *\r
 * \param ctx       The ChaCha20 context to clear. This may be \c NULL,\r
 *                  in which case this function is a no-op. If it is not\r
 *                  \c NULL, it must point to an initialized context.\r
 *\r
 */\r
void mbedtls_chacha20_free( mbedtls_chacha20_context *ctx );\r
\r
/**\r
 * \brief           This function sets the encryption/decryption key.\r
 *\r
 * \note            After using this function, you must also call\r
 *                  \c mbedtls_chacha20_starts() to set a nonce before you\r
 *                  start encrypting/decrypting data with\r
 *                  \c mbedtls_chacha_update().\r
 *\r
 * \param ctx       The ChaCha20 context to which the key should be bound.\r
 *                  It must be initialized.\r
 * \param key       The encryption/decryption key. This must be \c 32 Bytes\r
 *                  in length.\r
 *\r
 * \return          \c 0 on success.\r
 * \return          #MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA if ctx or key is NULL.\r
 */\r
int mbedtls_chacha20_setkey( mbedtls_chacha20_context *ctx,\r
                             const unsigned char key[32] );\r
\r
/**\r
 * \brief           This function sets the nonce and initial counter value.\r
 *\r
 * \note            A ChaCha20 context can be re-used with the same key by\r
 *                  calling this function to change the nonce.\r
 *\r
 * \warning         You must never use the same nonce twice with the same key.\r
 *                  This would void any confidentiality guarantees for the\r
 *                  messages encrypted with the same nonce and key.\r
 *\r
 * \param ctx       The ChaCha20 context to which the nonce should be bound.\r
 *                  It must be initialized and bound to a key.\r
 * \param nonce     The nonce. This must be \c 12 Bytes in size.\r
 * \param counter   The initial counter value. This is usually \c 0.\r
 *\r
 * \return          \c 0 on success.\r
 * \return          #MBEDTLS_ERR_CHACHA20_BAD_INPUT_DATA if ctx or nonce is\r
 *                  NULL.\r
 */\r
int mbedtls_chacha20_starts( mbedtls_chacha20_context* ctx,\r
                             const unsigned char nonce[12],\r
                             uint32_t counter );\r
\r
/**\r
 * \brief           This function encrypts or decrypts data.\r
 *\r
 *                  Since ChaCha20 is a stream cipher, the same operation is\r
 *                  used for encrypting and decrypting data.\r
 *\r
 * \note            The \p input and \p output pointers must either be equal or\r
 *                  point to non-overlapping buffers.\r
 *\r
 * \note            \c mbedtls_chacha20_setkey() and\r
 *                  \c mbedtls_chacha20_starts() must be called at least once\r
 *                  to setup the context before this function can be called.\r
 *\r
 * \note            This function can be called multiple times in a row in\r
 *                  order to encrypt of decrypt data piecewise with the same\r
 *                  key and nonce.\r
 *\r
 * \param ctx       The ChaCha20 context to use for encryption or decryption.\r
 *                  It must be initialized and bound to a key and nonce.\r
 * \param size      The length of the input data in Bytes.\r
 * \param input     The buffer holding the input data.\r
 *                  This pointer can be \c NULL if `size == 0`.\r
 * \param output    The buffer holding the output data.\r
 *                  This must be able to hold \p size Bytes.\r
 *                  This pointer can be \c NULL if `size == 0`.\r
 *\r
 * \return          \c 0 on success.\r
 * \return          A negative error code on failure.\r
 */\r
int mbedtls_chacha20_update( mbedtls_chacha20_context *ctx,\r
                             size_t size,\r
                             const unsigned char *input,\r
                             unsigned char *output );\r
\r
/**\r
 * \brief           This function encrypts or decrypts data with ChaCha20 and\r
 *                  the given key and nonce.\r
 *\r
 *                  Since ChaCha20 is a stream cipher, the same operation is\r
 *                  used for encrypting and decrypting data.\r
 *\r
 * \warning         You must never use the same (key, nonce) pair more than\r
 *                  once. This would void any confidentiality guarantees for\r
 *                  the messages encrypted with the same nonce and key.\r
 *\r
 * \note            The \p input and \p output pointers must either be equal or\r
 *                  point to non-overlapping buffers.\r
 *\r
 * \param key       The encryption/decryption key.\r
 *                  This must be \c 32 Bytes in length.\r
 * \param nonce     The nonce. This must be \c 12 Bytes in size.\r
 * \param counter   The initial counter value. This is usually \c 0.\r
 * \param size      The length of the input data in Bytes.\r
 * \param input     The buffer holding the input data.\r
 *                  This pointer can be \c NULL if `size == 0`.\r
 * \param output    The buffer holding the output data.\r
 *                  This must be able to hold \p size Bytes.\r
 *                  This pointer can be \c NULL if `size == 0`.\r
 *\r
 * \return          \c 0 on success.\r
 * \return          A negative error code on failure.\r
 */\r
int mbedtls_chacha20_crypt( const unsigned char key[32],\r
                            const unsigned char nonce[12],\r
                            uint32_t counter,\r
                            size_t size,\r
                            const unsigned char* input,\r
                            unsigned char* output );\r
\r
#if defined(MBEDTLS_SELF_TEST)\r
/**\r
 * \brief           The ChaCha20 checkup routine.\r
 *\r
 * \return          \c 0 on success.\r
 * \return          \c 1 on failure.\r
 */\r
int mbedtls_chacha20_self_test( int verbose );\r
#endif /* MBEDTLS_SELF_TEST */\r
\r
#ifdef __cplusplus\r
}\r
#endif\r
\r
#endif /* MBEDTLS_CHACHA20_H */\r