1 /** 2 * Copyright Notice: 3 * Copyright 2021-2022 DMTF. All rights reserved. 4 * License: BSD 3-Clause License. For full text see link: https://github.com/DMTF/libspdm/blob/main/LICENSE.md 5 **/ 6 7 #ifndef CRYPTLIB_AEAD_H 8 #define CRYPTLIB_AEAD_H 9 10 /*===================================================================================== 11 * Authenticated Encryption with Associated data (AEAD) Cryptography Primitives 12 *===================================================================================== 13 */ 14 15 #if LIBSPDM_AEAD_GCM_SUPPORT 16 /** 17 * Performs AEAD AES-GCM authenticated encryption on a data buffer and additional authenticated 18 * data. 19 * 20 * iv_size must be 12, otherwise false is returned. 21 * key_size must be 16 or 32, otherwise false is returned. 22 * tag_size must be 12, 13, 14, 15, 16, otherwise false is returned. 23 * 24 * @param[in] key Pointer to the encryption key. 25 * @param[in] key_size Size of the encryption key in bytes. 26 * @param[in] iv Pointer to the IV value. 27 * @param[in] iv_size Size of the IV value in bytes. 28 * @param[in] a_data Pointer to the additional authenticated data. 29 * @param[in] a_data_size Size of the additional authenticated data in bytes. 30 * @param[in] data_in Pointer to the input data buffer to be encrypted. 31 * @param[in] data_in_size Size of the input data buffer in bytes. 32 * @param[out] tag_out Pointer to a buffer that receives the authentication tag output. 33 * @param[in] tag_size Size of the authentication tag in bytes. 34 * @param[out] data_out Pointer to a buffer that receives the encryption output. 35 * @param[out] data_out_size Size of the output data buffer in bytes. 36 * 37 * @retval true AEAD AES-GCM authenticated encryption succeeded. 38 * @retval false AEAD AES-GCM authenticated encryption failed. 39 **/ 40 extern bool libspdm_aead_aes_gcm_encrypt(const uint8_t *key, size_t key_size, 41 const uint8_t *iv, size_t iv_size, 42 const uint8_t *a_data, size_t a_data_size, 43 const uint8_t *data_in, size_t data_in_size, 44 uint8_t *tag_out, size_t tag_size, 45 uint8_t *data_out, size_t *data_out_size); 46 47 /** 48 * Performs AEAD AES-GCM authenticated decryption on a data buffer and additional authenticated 49 * data. 50 * 51 * iv_size must be 12, otherwise false is returned. 52 * key_size must be 16 or 32, otherwise false is returned. 53 * tag_size must be 12, 13, 14, 15, 16, otherwise false is returned. 54 * 55 * If data verification fails, false is returned. 56 * 57 * @param[in] key Pointer to the encryption key. 58 * @param[in] key_size Size of the encryption key in bytes. 59 * @param[in] iv Pointer to the IV value. 60 * @param[in] iv_size Size of the IV value in bytes. 61 * @param[in] a_data Pointer to the additional authenticated data. 62 * @param[in] a_data_size Size of the additional authenticated data in bytes. 63 * @param[in] data_in Pointer to the input data buffer to be decrypted. 64 * @param[in] data_in_size Size of the input data buffer in bytes. 65 * @param[in] tag Pointer to a buffer that contains the authentication tag. 66 * @param[in] tag_size Size of the authentication tag in bytes. 67 * @param[out] data_out Pointer to a buffer that receives the decryption output. 68 * @param[out] data_out_size Size of the output data buffer in bytes. 69 * 70 * @retval true AEAD AES-GCM authenticated decryption succeeded. 71 * @retval false AEAD AES-GCM authenticated decryption failed. 72 **/ 73 extern bool libspdm_aead_aes_gcm_decrypt(const uint8_t *key, size_t key_size, 74 const uint8_t *iv, size_t iv_size, 75 const uint8_t *a_data, size_t a_data_size, 76 const uint8_t *data_in, size_t data_in_size, 77 const uint8_t *tag, size_t tag_size, 78 uint8_t *data_out, size_t *data_out_size); 79 #endif /* LIBSPDM_AEAD_GCM_SUPPORT */ 80 81 #if LIBSPDM_AEAD_CHACHA20_POLY1305_SUPPORT 82 /** 83 * Performs AEAD ChaCha20Poly1305 authenticated encryption on a data buffer and additional 84 * authenticated data. 85 * 86 * iv_size must be 12, otherwise false is returned. 87 * key_size must be 32, otherwise false is returned. 88 * tag_size must be 16, otherwise false is returned. 89 * 90 * @param[in] key Pointer to the encryption key. 91 * @param[in] key_size Size of the encryption key in bytes. 92 * @param[in] iv Pointer to the IV value. 93 * @param[in] iv_size Size of the IV value in bytes. 94 * @param[in] a_data Pointer to the additional authenticated data. 95 * @param[in] a_data_size Size of the additional authenticated data in bytes. 96 * @param[in] data_in Pointer to the input data buffer to be encrypted. 97 * @param[in] data_in_size Size of the input data buffer in bytes. 98 * @param[out] tag_out Pointer to a buffer that receives the authentication tag output. 99 * @param[in] tag_size Size of the authentication tag in bytes. 100 * @param[out] data_out Pointer to a buffer that receives the encryption output. 101 * @param[out] data_out_size Size of the output data buffer in bytes. 102 * 103 * @retval true AEAD ChaCha20Poly1305 authenticated encryption succeeded. 104 * @retval false AEAD ChaCha20Poly1305 authenticated encryption failed. 105 **/ 106 extern bool libspdm_aead_chacha20_poly1305_encrypt( 107 const uint8_t *key, size_t key_size, const uint8_t *iv, 108 size_t iv_size, const uint8_t *a_data, size_t a_data_size, 109 const uint8_t *data_in, size_t data_in_size, uint8_t *tag_out, 110 size_t tag_size, uint8_t *data_out, size_t *data_out_size); 111 112 /** 113 * Performs AEAD ChaCha20Poly1305 authenticated decryption on a data buffer and additional authenticated data (AAD). 114 * 115 * iv_size must be 12, otherwise false is returned. 116 * key_size must be 32, otherwise false is returned. 117 * tag_size must be 16, otherwise false is returned. 118 * 119 * If data verification fails, false is returned. 120 * 121 * @param[in] key Pointer to the encryption key. 122 * @param[in] key_size Size of the encryption key in bytes. 123 * @param[in] iv Pointer to the IV value. 124 * @param[in] iv_size Size of the IV value in bytes. 125 * @param[in] a_data Pointer to the additional authenticated data. 126 * @param[in] a_data_size Size of the additional authenticated data in bytes. 127 * @param[in] data_in Pointer to the input data buffer to be decrypted. 128 * @param[in] data_in_size Size of the input data buffer in bytes. 129 * @param[in] tag Pointer to a buffer that contains the authentication tag. 130 * @param[in] tag_size Size of the authentication tag in bytes. 131 * @param[out] data_out Pointer to a buffer that receives the decryption output. 132 * @param[out] data_out_size Size of the output data buffer in bytes. 133 * 134 * @retval true AEAD ChaCha20Poly1305 authenticated decryption succeeded. 135 * @retval false AEAD ChaCha20Poly1305 authenticated decryption failed. 136 * 137 **/ 138 extern bool libspdm_aead_chacha20_poly1305_decrypt( 139 const uint8_t *key, size_t key_size, const uint8_t *iv, 140 size_t iv_size, const uint8_t *a_data, size_t a_data_size, 141 const uint8_t *data_in, size_t data_in_size, const uint8_t *tag, 142 size_t tag_size, uint8_t *data_out, size_t *data_out_size); 143 #endif /* LIBSPDM_AEAD_CHACHA20_POLY1305_SUPPORT */ 144 145 #if LIBSPDM_AEAD_SM4_SUPPORT 146 /** 147 * Performs AEAD SM4-GCM authenticated encryption on a data buffer and additional authenticated 148 * data. 149 * 150 * iv_size must be 12, otherwise false is returned. 151 * key_size must be 16, otherwise false is returned. 152 * tag_size must be 16, otherwise false is returned. 153 * 154 * @param[in] key Pointer to the encryption key. 155 * @param[in] key_size Size of the encryption key in bytes. 156 * @param[in] iv Pointer to the IV value. 157 * @param[in] iv_size Size of the IV value in bytes. 158 * @param[in] a_data Pointer to the additional authenticated data. 159 * @param[in] a_data_size Size of the additional authenticated data in bytes. 160 * @param[in] data_in Pointer to the input data buffer to be encrypted. 161 * @param[in] data_in_size Size of the input data buffer in bytes. 162 * @param[out] tag_out Pointer to a buffer that receives the authentication tag output. 163 * @param[in] tag_size Size of the authentication tag in bytes. 164 * @param[out] data_out Pointer to a buffer that receives the encryption output. 165 * @param[out] data_out_size Size of the output data buffer in bytes. 166 * 167 * @retval true AEAD SM4-GCM authenticated encryption succeeded. 168 * @retval false AEAD SM4-GCM authenticated encryption failed. 169 **/ 170 extern bool libspdm_aead_sm4_gcm_encrypt(const uint8_t *key, size_t key_size, 171 const uint8_t *iv, size_t iv_size, 172 const uint8_t *a_data, size_t a_data_size, 173 const uint8_t *data_in, size_t data_in_size, 174 uint8_t *tag_out, size_t tag_size, 175 uint8_t *data_out, size_t *data_out_size); 176 177 /** 178 * Performs AEAD SM4-GCM authenticated decryption on a data buffer and additional authenticated 179 * data. 180 * 181 * iv_size must be 12, otherwise false is returned. 182 * key_size must be 16, otherwise false is returned. 183 * tag_size must be 16, otherwise false is returned. 184 * 185 * If data verification fails, false is returned. 186 * 187 * @param[in] key Pointer to the encryption key. 188 * @param[in] key_size Size of the encryption key in bytes. 189 * @param[in] iv Pointer to the IV value. 190 * @param[in] iv_size Size of the IV value in bytes. 191 * @param[in] a_data Pointer to the additional authenticated data. 192 * @param[in] a_data_size Size of the additional authenticated data in bytes. 193 * @param[in] data_in Pointer to the input data buffer to be decrypted. 194 * @param[in] data_in_size Size of the input data buffer in bytes. 195 * @param[in] tag Pointer to a buffer that contains the authentication tag. 196 * @param[in] tag_size Size of the authentication tag in bytes. 197 * @param[out] data_out Pointer to a buffer that receives the decryption output. 198 * @param[out] data_out_size Size of the output data buffer in bytes. 199 * 200 * @retval true AEAD SM4-GCM authenticated decryption succeeded. 201 * @retval false AEAD SM4-GCM authenticated decryption failed. 202 **/ 203 extern bool libspdm_aead_sm4_gcm_decrypt(const uint8_t *key, size_t key_size, 204 const uint8_t *iv, size_t iv_size, 205 const uint8_t *a_data, size_t a_data_size, 206 const uint8_t *data_in, size_t data_in_size, 207 const uint8_t *tag, size_t tag_size, 208 uint8_t *data_out, size_t *data_out_size); 209 #endif /* LIBSPDM_AEAD_SM4_SUPPORT */ 210 211 #endif /* CRYPTLIB_AEAD_H */ 212