Documentation

Documentation

Includes

config.h

#include "config.h"
#include "config.h"

MBEDTLS_CONFIG_FILE

#include MBEDTLS_CONFIG_FILE
#include MBEDTLS_CONFIG_FILE

stddef.h

#include <stddef.h>
#include 

platform_util.h

#include "platform_util.h"
#include "platform_util.h"

Macros

Marco MBEDTLS_CIPHER_H

#define MBEDTLS_CIPHER_H


      

Marco MBEDTLS_CIPHER_MODE_AEAD

#define MBEDTLS_CIPHER_MODE_AEAD


      

Marco MBEDTLS_CIPHER_MODE_WITH_PADDING

#define MBEDTLS_CIPHER_MODE_WITH_PADDING


      

Marco MBEDTLS_CIPHER_MODE_STREAM

#define MBEDTLS_CIPHER_MODE_STREAM


      

Marco inline

#define inline __inline


      

Marco MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE

#define MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE -24704 /**< The selected feature is not available. */


      

Marco MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA

#define MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA      -24832 /**< Bad input parameters. */


      

Marco MBEDTLS_ERR_CIPHER_ALLOC_FAILED

#define MBEDTLS_ERR_CIPHER_ALLOC_FAILED        -24960 /**< Failed to allocate memory. */


      

Marco MBEDTLS_ERR_CIPHER_INVALID_PADDING

#define MBEDTLS_ERR_CIPHER_INVALID_PADDING     -25088 /**< Input data contains invalid padding and is rejected. */


      

Marco MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED

#define MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED -25216 /**< Decryption of block requires a full block. */


      

Marco MBEDTLS_ERR_CIPHER_AUTH_FAILED

#define MBEDTLS_ERR_CIPHER_AUTH_FAILED         -25344 /**< Authentication failed (for AEAD modes). */


      

Marco MBEDTLS_ERR_CIPHER_INVALID_CONTEXT

#define MBEDTLS_ERR_CIPHER_INVALID_CONTEXT     -25472 /**< The context is invalid. For example, because it was freed. */


      

Marco MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED

#define MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED     -25600 /**< Cipher hardware accelerator failed. */
/* MBEDTLS_ERR_CIPHER_HW_ACCEL_FAILED is deprecated and should not be used. */

Marco MBEDTLS_CIPHER_VARIABLE_IV_LEN

#define MBEDTLS_CIPHER_VARIABLE_IV_LEN    1   /**< Cipher accepts IVs of variable length. */


      

Marco MBEDTLS_CIPHER_VARIABLE_KEY_LEN

#define MBEDTLS_CIPHER_VARIABLE_KEY_LEN   2   /**< Cipher accepts keys of variable length. */


      

Marco MBEDTLS_MAX_IV_LENGTH

#define MBEDTLS_MAX_IV_LENGTH     16
/** Maximum length of any IV, in Bytes. */

Marco MBEDTLS_MAX_BLOCK_LENGTH

#define MBEDTLS_MAX_BLOCK_LENGTH  16
/** Maximum block size of any cipher, in Bytes. */

Functions

Func mbedtls_cipher_init

void mbedtls_cipher_init( mbedtls_cipher_context_t *ctx );
/**
 * \brief               This function initializes a \p cipher_context as NONE.
 *
 * \param ctx           The context to be initialized. This must not be \c NULL.
 */

Func mbedtls_cipher_free

void mbedtls_cipher_free( mbedtls_cipher_context_t *ctx );
/**
 * \brief               This function frees and clears the cipher-specific
 *                      context of \p ctx. Freeing \p ctx itself remains the
 *                      responsibility of the caller.
 *
 * \param ctx           The context to be freed. If this is \c NULL, the
 *                      function has no effect, otherwise this must point to an
 *                      initialized context.
 */

Func mbedtls_cipher_setup

int mbedtls_cipher_setup( mbedtls_cipher_context_t *ctx,
                         const mbedtls_cipher_info_t *cipher_info );
/**
 * \brief               This function initializes and fills the cipher-context
 *                      structure with the appropriate values. It also clears
 *                      the structure.
 *
 * \param ctx           The context to initialize. This must be initialized.
 * \param cipher_info   The cipher to use.
 *
 * \return              \c 0 on success.
 * \return              #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA on
 *                      parameter-verification failure.
 * \return              #MBEDTLS_ERR_CIPHER_ALLOC_FAILED if allocation of the
 *                      cipher-specific context fails.
 *
 * \internal Currently, the function also clears the structure.
 * In future versions, the caller will be required to call
 * mbedtls_cipher_init() on the structure first.
 */

Func mbedtls_cipher_setkey

int mbedtls_cipher_setkey( mbedtls_cipher_context_t *ctx,
                          const unsigned char *key,
                          int key_bitlen,
                          const mbedtls_operation_t operation );
/**
 * \brief               This function sets the key to use with the given context.
 *
 * \param ctx           The generic cipher context. This must be initialized and
 *                      bound to a cipher information structure.
 * \param key           The key to use. This must be a readable buffer of at
 *                      least \p key_bitlen Bits.
 * \param key_bitlen    The key length to use, in Bits.
 * \param operation     The operation that the key will be used for:
 *                      #MBEDTLS_ENCRYPT or #MBEDTLS_DECRYPT.
 *
 * \return              \c 0 on success.
 * \return              #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA on
 *                      parameter-verification failure.
 * \return              A cipher-specific error code on failure.
 */

Func mbedtls_cipher_set_padding_mode

int mbedtls_cipher_set_padding_mode( mbedtls_cipher_context_t *ctx,
                                    mbedtls_cipher_padding_t mode );
/**
 * \brief               This function sets the padding mode, for cipher modes
 *                      that use padding.
 *
 *                      The default passing mode is PKCS7 padding.
 *
 * \param ctx           The generic cipher context. This must be initialized and
 *                      bound to a cipher information structure.
 * \param mode          The padding mode.
 *
 * \return              \c 0 on success.
 * \return              #MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE
 *                      if the selected padding mode is not supported.
 * \return              #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA if the cipher mode
 *                      does not support padding.
 */

Func mbedtls_cipher_set_iv

int mbedtls_cipher_set_iv( mbedtls_cipher_context_t *ctx,
                          const unsigned char *iv,
                          size_t iv_len );
/**
 * \brief           This function sets the initialization vector (IV)
 *                  or nonce.
 *
 * \note            Some ciphers do not use IVs nor nonce. For these
 *                  ciphers, this function has no effect.
 *
 * \param ctx       The generic cipher context. This must be initialized and
 *                  bound to a cipher information structure.
 * \param iv        The IV to use, or NONCE_COUNTER for CTR-mode ciphers. This
 *                  must be a readable buffer of at least \p iv_len Bytes.
 * \param iv_len    The IV length for ciphers with variable-size IV.
 *                  This parameter is discarded by ciphers with fixed-size IV.
 *
 * \return          \c 0 on success.
 * \return          #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA on
 *                  parameter-verification failure.
 */

Func mbedtls_cipher_reset

int mbedtls_cipher_reset( mbedtls_cipher_context_t *ctx );
/**
 * \brief         This function resets the cipher state.
 *
 * \param ctx     The generic cipher context. This must be initialized.
 *
 * \return        \c 0 on success.
 * \return        #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA on
 *                parameter-verification failure.
 */

Func mbedtls_cipher_update_ad

int mbedtls_cipher_update_ad( mbedtls_cipher_context_t *ctx,
                     const unsigned char *ad, size_t ad_len );
/**
 * \brief               This function adds additional data for AEAD ciphers.
 *                      Currently supported with GCM and ChaCha20+Poly1305.
 *                      This must be called exactly once, after
 *                      mbedtls_cipher_reset().
 *
 * \param ctx           The generic cipher context. This must be initialized.
 * \param ad            The additional data to use. This must be a readable
 *                      buffer of at least \p ad_len Bytes.
 * \param ad_len        the Length of \p ad Bytes.
 *
 * \return              \c 0 on success.
 * \return              A specific error code on failure.
 */

Func mbedtls_cipher_update

int mbedtls_cipher_update( mbedtls_cipher_context_t *ctx, const unsigned char *input,
                  size_t ilen, unsigned char *output, size_t *olen );
/**
 * \brief               The generic cipher update function. It encrypts or
 *                      decrypts using the given cipher context. Writes as
 *                      many block-sized blocks of data as possible to output.
 *                      Any data that cannot be written immediately is either
 *                      added to the next block, or flushed when
 *                      mbedtls_cipher_finish() is called.
 *                      Exception: For MBEDTLS_MODE_ECB, expects a single block
 *                      in size. For example, 16 Bytes for AES.
 *
 * \note                If the underlying cipher is used in GCM mode, all calls
 *                      to this function, except for the last one before
 *                      mbedtls_cipher_finish(), must have \p ilen as a
 *                      multiple of the block size of the cipher.
 *
 * \param ctx           The generic cipher context. This must be initialized and
 *                      bound to a key.
 * \param input         The buffer holding the input data. This must be a
 *                      readable buffer of at least \p ilen Bytes.
 * \param ilen          The length of the input data.
 * \param output        The buffer for the output data. This must be able to
 *                      hold at least `ilen + block_size`. This must not be the
 *                      same buffer as \p input.
 * \param olen          The length of the output data, to be updated with the
 *                      actual number of Bytes written. This must not be
 *                      \c NULL.
 *
 * \return              \c 0 on success.
 * \return              #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA on
 *                      parameter-verification failure.
 * \return              #MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE on an
 *                      unsupported mode for a cipher.
 * \return              A cipher-specific error code on failure.
 */

Func mbedtls_cipher_finish

int mbedtls_cipher_finish( mbedtls_cipher_context_t *ctx,
                  unsigned char *output, size_t *olen );
/**
 * \brief               The generic cipher finalization function. If data still
 *                      needs to be flushed from an incomplete block, the data
 *                      contained in it is padded to the size of
 *                      the last block, and written to the \p output buffer.
 *
 * \param ctx           The generic cipher context. This must be initialized and
 *                      bound to a key.
 * \param output        The buffer to write data to. This needs to be a writable
 *                      buffer of at least \p block_size Bytes.
 * \param olen          The length of the data written to the \p output buffer.
 *                      This may not be \c NULL.
 *
 * \return              \c 0 on success.
 * \return              #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA on
 *                      parameter-verification failure.
 * \return              #MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED on decryption
 *                      expecting a full block but not receiving one.
 * \return              #MBEDTLS_ERR_CIPHER_INVALID_PADDING on invalid padding
 *                      while decrypting.
 * \return              A cipher-specific error code on failure.
 */

Func mbedtls_cipher_write_tag

int mbedtls_cipher_write_tag( mbedtls_cipher_context_t *ctx,
                     unsigned char *tag, size_t tag_len );
/**
 * \brief               This function writes a tag for AEAD ciphers.
 *                      Currently supported with GCM and ChaCha20+Poly1305.
 *                      This must be called after mbedtls_cipher_finish().
 *
 * \param ctx           The generic cipher context. This must be initialized,
 *                      bound to a key, and have just completed a cipher
 *                      operation through mbedtls_cipher_finish() the tag for
 *                      which should be written.
 * \param tag           The buffer to write the tag to. This must be a writable
 *                      buffer of at least \p tag_len Bytes.
 * \param tag_len       The length of the tag to write.
 *
 * \return              \c 0 on success.
 * \return              A specific error code on failure.
 */

Func mbedtls_cipher_check_tag

int mbedtls_cipher_check_tag( mbedtls_cipher_context_t *ctx,
                     const unsigned char *tag, size_t tag_len );
/**
 * \brief               This function checks the tag for AEAD ciphers.
 *                      Currently supported with GCM and ChaCha20+Poly1305.
 *                      This must be called after mbedtls_cipher_finish().
 *
 * \param ctx           The generic cipher context. This must be initialized.
 * \param tag           The buffer holding the tag. This must be a readable
 *                      buffer of at least \p tag_len Bytes.
 * \param tag_len       The length of the tag to check.
 *
 * \return              \c 0 on success.
 * \return              A specific error code on failure.
 */

Func mbedtls_cipher_crypt

int mbedtls_cipher_crypt( mbedtls_cipher_context_t *ctx,
                 const unsigned char *iv, size_t iv_len,
                 const unsigned char *input, size_t ilen,
                 unsigned char *output, size_t *olen );
/**
 * \brief               The generic all-in-one encryption/decryption function,
 *                      for all ciphers except AEAD constructs.
 *
 * \param ctx           The generic cipher context. This must be initialized.
 * \param iv            The IV to use, or NONCE_COUNTER for CTR-mode ciphers.
 *                      This must be a readable buffer of at least \p iv_len
 *                      Bytes.
 * \param iv_len        The IV length for ciphers with variable-size IV.
 *                      This parameter is discarded by ciphers with fixed-size
 *                      IV.
 * \param input         The buffer holding the input data. This must be a
 *                      readable buffer of at least \p ilen Bytes.
 * \param ilen          The length of the input data in Bytes.
 * \param output        The buffer for the output data. This must be able to
 *                      hold at least `ilen + block_size`. This must not be the
 *                      same buffer as \p input.
 * \param olen          The length of the output data, to be updated with the
 *                      actual number of Bytes written. This must not be
 *                      \c NULL.
 *
 * \note                Some ciphers do not use IVs nor nonce. For these
 *                      ciphers, use \p iv = NULL and \p iv_len = 0.
 *
 * \return              \c 0 on success.
 * \return              #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA on
 *                      parameter-verification failure.
 * \return              #MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED on decryption
 *                      expecting a full block but not receiving one.
 * \return              #MBEDTLS_ERR_CIPHER_INVALID_PADDING on invalid padding
 *                      while decrypting.
 * \return              A cipher-specific error code on failure.
 */

Func mbedtls_cipher_auth_encrypt

int mbedtls_cipher_auth_encrypt( mbedtls_cipher_context_t *ctx,
                        const unsigned char *iv, size_t iv_len,
                        const unsigned char *ad, size_t ad_len,
                        const unsigned char *input, size_t ilen,
                        unsigned char *output, size_t *olen,
                        unsigned char *tag, size_t tag_len );
/**
 * \brief               The generic autenticated encryption (AEAD) function.
 *
 * \param ctx           The generic cipher context. This must be initialized and
 *                      bound to a key.
 * \param iv            The IV to use, or NONCE_COUNTER for CTR-mode ciphers.
 *                      This must be a readable buffer of at least \p iv_len
 *                      Bytes.
 * \param iv_len        The IV length for ciphers with variable-size IV.
 *                      This parameter is discarded by ciphers with fixed-size IV.
 * \param ad            The additional data to authenticate. This must be a
 *                      readable buffer of at least \p ad_len Bytes.
 * \param ad_len        The length of \p ad.
 * \param input         The buffer holding the input data. This must be a
 *                      readable buffer of at least \p ilen Bytes.
 * \param ilen          The length of the input data.
 * \param output        The buffer for the output data. This must be able to
 *                      hold at least \p ilen Bytes.
 * \param olen          The length of the output data, to be updated with the
 *                      actual number of Bytes written. This must not be
 *                      \c NULL.
 * \param tag           The buffer for the authentication tag. This must be a
 *                      writable buffer of at least \p tag_len Bytes.
 * \param tag_len       The desired length of the authentication tag.
 *
 * \return              \c 0 on success.
 * \return              #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA on
 *                      parameter-verification failure.
 * \return              A cipher-specific error code on failure.
 */

Func mbedtls_cipher_auth_decrypt

int mbedtls_cipher_auth_decrypt( mbedtls_cipher_context_t *ctx,
                        const unsigned char *iv, size_t iv_len,
                        const unsigned char *ad, size_t ad_len,
                        const unsigned char *input, size_t ilen,
                        unsigned char *output, size_t *olen,
                        const unsigned char *tag, size_t tag_len );
/**
 * \brief               The generic autenticated decryption (AEAD) function.
 *
 * \note                If the data is not authentic, then the output buffer
 *                      is zeroed out to prevent the unauthentic plaintext being
 *                      used, making this interface safer.
 *
 * \param ctx           The generic cipher context. This must be initialized and
 *                      and bound to a key.
 * \param iv            The IV to use, or NONCE_COUNTER for CTR-mode ciphers.
 *                      This must be a readable buffer of at least \p iv_len
 *                      Bytes.
 * \param iv_len        The IV length for ciphers with variable-size IV.
 *                      This parameter is discarded by ciphers with fixed-size IV.
 * \param ad            The additional data to be authenticated. This must be a
 *                      readable buffer of at least \p ad_len Bytes.
 * \param ad_len        The length of \p ad.
 * \param input         The buffer holding the input data. This must be a
 *                      readable buffer of at least \p ilen Bytes.
 * \param ilen          The length of the input data.
 * \param output        The buffer for the output data.
 *                      This must be able to hold at least \p ilen Bytes.
 * \param olen          The length of the output data, to be updated with the
 *                      actual number of Bytes written. This must not be
 *                      \c NULL.
 * \param tag           The buffer holding the authentication tag. This must be
 *                      a readable buffer of at least \p tag_len Bytes.
 * \param tag_len       The length of the authentication tag.
 *
 * \return              \c 0 on success.
 * \return              #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA on
 *                      parameter-verification failure.
 * \return              #MBEDTLS_ERR_CIPHER_AUTH_FAILED if data is not authentic.
 * \return              A cipher-specific error code on failure.
 */

Vars

Consts

Const

const int *mbedtls_cipher_list( void );
/**
 * \brief This function retrieves the list of ciphers supported by the generic
 * cipher module.
 *
 * \return      A statically-allocated array of ciphers. The last entry
 *              is zero.
 */

Const

const mbedtls_cipher_info_t *mbedtls_cipher_info_from_string( const char *cipher_name );
/**
 * \brief               This function retrieves the cipher-information
 *                      structure associated with the given cipher name.
 *
 * \param cipher_name   Name of the cipher to search for. This must not be
 *                      \c NULL.
 *
 * \return              The cipher information structure associated with the
 *                      given \p cipher_name.
 * \return              \c NULL if the associated cipher information is not found.
 */

Const

const mbedtls_cipher_info_t *mbedtls_cipher_info_from_type( const mbedtls_cipher_type_t cipher_type );
/**
 * \brief               This function retrieves the cipher-information
 *                      structure associated with the given cipher type.
 *
 * \param cipher_type   Type of the cipher to search for.
 *
 * \return              The cipher information structure associated with the
 *                      given \p cipher_type.
 * \return              \c NULL if the associated cipher information is not found.
 */

Const

const mbedtls_cipher_info_t *mbedtls_cipher_info_from_values( const mbedtls_cipher_id_t cipher_id,
                                             int key_bitlen,
                                             const mbedtls_cipher_mode_t mode );
/**
 * \brief               This function retrieves the cipher-information
 *                      structure associated with the given cipher ID,
 *                      key size and mode.
 *
 * \param cipher_id     The ID of the cipher to search for. For example,
 *                      #MBEDTLS_CIPHER_ID_AES.
 * \param key_bitlen    The length of the key in bits.
 * \param mode          The cipher mode. For example, #MBEDTLS_MODE_CBC.
 *
 * \return              The cipher information structure associated with the
 *                      given \p cipher_id.
 * \return              \c NULL if the associated cipher information is not found.
 */

Types

Typedefs

Typedef mbedtls_cipher_id_t;

typedef enum {
   MBEDTLS_CIPHER_ID_NONE = 0, /**< Placeholder to mark the end of cipher ID lists. */
   MBEDTLS_CIPHER_ID_NULL,     /**< The identity cipher, treated as a stream cipher. */
   MBEDTLS_CIPHER_ID_AES,      /**< The AES cipher. */
   MBEDTLS_CIPHER_ID_DES,      /**< The DES cipher. */
   MBEDTLS_CIPHER_ID_3DES,     /**< The Triple DES cipher. */
   MBEDTLS_CIPHER_ID_CAMELLIA, /**< The Camellia cipher. */
   MBEDTLS_CIPHER_ID_BLOWFISH, /**< The Blowfish cipher. */
   MBEDTLS_CIPHER_ID_ARC4,     /**< The RC4 cipher. */
   MBEDTLS_CIPHER_ID_ARIA,     /**< The Aria cipher. */
   MBEDTLS_CIPHER_ID_CHACHA20, /**< The ChaCha20 cipher. */
} mbedtls_cipher_id_t;
/**
 * \brief     Supported cipher types.
 *
 * \warning   RC4 and DES are considered weak ciphers and their use
 *            constitutes a security risk. Arm recommends considering stronger
 *            ciphers instead.
 */

Typedef mbedtls_cipher_type_t;

typedef enum {
   MBEDTLS_CIPHER_NONE = 0,            /**< Placeholder to mark the end of cipher-pair lists. */
   MBEDTLS_CIPHER_NULL,                /**< The identity stream cipher. */
   MBEDTLS_CIPHER_AES_128_ECB,         /**< AES cipher with 128-bit ECB mode. */
   MBEDTLS_CIPHER_AES_192_ECB,         /**< AES cipher with 192-bit ECB mode. */
   MBEDTLS_CIPHER_AES_256_ECB,         /**< AES cipher with 256-bit ECB mode. */
   MBEDTLS_CIPHER_AES_128_CBC,         /**< AES cipher with 128-bit CBC mode. */
   MBEDTLS_CIPHER_AES_192_CBC,         /**< AES cipher with 192-bit CBC mode. */
   MBEDTLS_CIPHER_AES_256_CBC,         /**< AES cipher with 256-bit CBC mode. */
   MBEDTLS_CIPHER_AES_128_CFB128,      /**< AES cipher with 128-bit CFB128 mode. */
   MBEDTLS_CIPHER_AES_192_CFB128,      /**< AES cipher with 192-bit CFB128 mode. */
   MBEDTLS_CIPHER_AES_256_CFB128,      /**< AES cipher with 256-bit CFB128 mode. */
   MBEDTLS_CIPHER_AES_128_CTR,         /**< AES cipher with 128-bit CTR mode. */
   MBEDTLS_CIPHER_AES_192_CTR,         /**< AES cipher with 192-bit CTR mode. */
   MBEDTLS_CIPHER_AES_256_CTR,         /**< AES cipher with 256-bit CTR mode. */
   MBEDTLS_CIPHER_AES_128_GCM,         /**< AES cipher with 128-bit GCM mode. */
   MBEDTLS_CIPHER_AES_192_GCM,         /**< AES cipher with 192-bit GCM mode. */
   MBEDTLS_CIPHER_AES_256_GCM,         /**< AES cipher with 256-bit GCM mode. */
   MBEDTLS_CIPHER_CAMELLIA_128_ECB,    /**< Camellia cipher with 128-bit ECB mode. */
   MBEDTLS_CIPHER_CAMELLIA_192_ECB,    /**< Camellia cipher with 192-bit ECB mode. */
   MBEDTLS_CIPHER_CAMELLIA_256_ECB,    /**< Camellia cipher with 256-bit ECB mode. */
   MBEDTLS_CIPHER_CAMELLIA_128_CBC,    /**< Camellia cipher with 128-bit CBC mode. */
   MBEDTLS_CIPHER_CAMELLIA_192_CBC,    /**< Camellia cipher with 192-bit CBC mode. */
   MBEDTLS_CIPHER_CAMELLIA_256_CBC,    /**< Camellia cipher with 256-bit CBC mode. */
   MBEDTLS_CIPHER_CAMELLIA_128_CFB128, /**< Camellia cipher with 128-bit CFB128 mode. */
   MBEDTLS_CIPHER_CAMELLIA_192_CFB128, /**< Camellia cipher with 192-bit CFB128 mode. */
   MBEDTLS_CIPHER_CAMELLIA_256_CFB128, /**< Camellia cipher with 256-bit CFB128 mode. */
   MBEDTLS_CIPHER_CAMELLIA_128_CTR,    /**< Camellia cipher with 128-bit CTR mode. */
   MBEDTLS_CIPHER_CAMELLIA_192_CTR,    /**< Camellia cipher with 192-bit CTR mode. */
   MBEDTLS_CIPHER_CAMELLIA_256_CTR,    /**< Camellia cipher with 256-bit CTR mode. */
   MBEDTLS_CIPHER_CAMELLIA_128_GCM,    /**< Camellia cipher with 128-bit GCM mode. */
   MBEDTLS_CIPHER_CAMELLIA_192_GCM,    /**< Camellia cipher with 192-bit GCM mode. */
   MBEDTLS_CIPHER_CAMELLIA_256_GCM,    /**< Camellia cipher with 256-bit GCM mode. */
   MBEDTLS_CIPHER_DES_ECB,             /**< DES cipher with ECB mode. */
   MBEDTLS_CIPHER_DES_CBC,             /**< DES cipher with CBC mode. */
   MBEDTLS_CIPHER_DES_EDE_ECB,         /**< DES cipher with EDE ECB mode. */
   MBEDTLS_CIPHER_DES_EDE_CBC,         /**< DES cipher with EDE CBC mode. */
   MBEDTLS_CIPHER_DES_EDE3_ECB,        /**< DES cipher with EDE3 ECB mode. */
   MBEDTLS_CIPHER_DES_EDE3_CBC,        /**< DES cipher with EDE3 CBC mode. */
   MBEDTLS_CIPHER_BLOWFISH_ECB,        /**< Blowfish cipher with ECB mode. */
   MBEDTLS_CIPHER_BLOWFISH_CBC,        /**< Blowfish cipher with CBC mode. */
   MBEDTLS_CIPHER_BLOWFISH_CFB64,      /**< Blowfish cipher with CFB64 mode. */
   MBEDTLS_CIPHER_BLOWFISH_CTR,        /**< Blowfish cipher with CTR mode. */
   MBEDTLS_CIPHER_ARC4_128,            /**< RC4 cipher with 128-bit mode. */
   MBEDTLS_CIPHER_AES_128_CCM,         /**< AES cipher with 128-bit CCM mode. */
   MBEDTLS_CIPHER_AES_192_CCM,         /**< AES cipher with 192-bit CCM mode. */
   MBEDTLS_CIPHER_AES_256_CCM,         /**< AES cipher with 256-bit CCM mode. */
   MBEDTLS_CIPHER_CAMELLIA_128_CCM,    /**< Camellia cipher with 128-bit CCM mode. */
   MBEDTLS_CIPHER_CAMELLIA_192_CCM,    /**< Camellia cipher with 192-bit CCM mode. */
   MBEDTLS_CIPHER_CAMELLIA_256_CCM,    /**< Camellia cipher with 256-bit CCM mode. */
   MBEDTLS_CIPHER_ARIA_128_ECB,        /**< Aria cipher with 128-bit key and ECB mode. */
   MBEDTLS_CIPHER_ARIA_192_ECB,        /**< Aria cipher with 192-bit key and ECB mode. */
   MBEDTLS_CIPHER_ARIA_256_ECB,        /**< Aria cipher with 256-bit key and ECB mode. */
   MBEDTLS_CIPHER_ARIA_128_CBC,        /**< Aria cipher with 128-bit key and CBC mode. */
   MBEDTLS_CIPHER_ARIA_192_CBC,        /**< Aria cipher with 192-bit key and CBC mode. */
   MBEDTLS_CIPHER_ARIA_256_CBC,        /**< Aria cipher with 256-bit key and CBC mode. */
   MBEDTLS_CIPHER_ARIA_128_CFB128,     /**< Aria cipher with 128-bit key and CFB-128 mode. */
   MBEDTLS_CIPHER_ARIA_192_CFB128,     /**< Aria cipher with 192-bit key and CFB-128 mode. */
   MBEDTLS_CIPHER_ARIA_256_CFB128,     /**< Aria cipher with 256-bit key and CFB-128 mode. */
   MBEDTLS_CIPHER_ARIA_128_CTR,        /**< Aria cipher with 128-bit key and CTR mode. */
   MBEDTLS_CIPHER_ARIA_192_CTR,        /**< Aria cipher with 192-bit key and CTR mode. */
   MBEDTLS_CIPHER_ARIA_256_CTR,        /**< Aria cipher with 256-bit key and CTR mode. */
   MBEDTLS_CIPHER_ARIA_128_GCM,        /**< Aria cipher with 128-bit key and GCM mode. */
   MBEDTLS_CIPHER_ARIA_192_GCM,        /**< Aria cipher with 192-bit key and GCM mode. */
   MBEDTLS_CIPHER_ARIA_256_GCM,        /**< Aria cipher with 256-bit key and GCM mode. */
   MBEDTLS_CIPHER_ARIA_128_CCM,        /**< Aria cipher with 128-bit key and CCM mode. */
   MBEDTLS_CIPHER_ARIA_192_CCM,        /**< Aria cipher with 192-bit key and CCM mode. */
   MBEDTLS_CIPHER_ARIA_256_CCM,        /**< Aria cipher with 256-bit key and CCM mode. */
   MBEDTLS_CIPHER_AES_128_OFB,         /**< AES 128-bit cipher in OFB mode. */
   MBEDTLS_CIPHER_AES_192_OFB,         /**< AES 192-bit cipher in OFB mode. */
   MBEDTLS_CIPHER_AES_256_OFB,         /**< AES 256-bit cipher in OFB mode. */
   MBEDTLS_CIPHER_AES_128_XTS,         /**< AES 128-bit cipher in XTS block mode. */
   MBEDTLS_CIPHER_AES_256_XTS,         /**< AES 256-bit cipher in XTS block mode. */
   MBEDTLS_CIPHER_CHACHA20,            /**< ChaCha20 stream cipher. */
   MBEDTLS_CIPHER_CHACHA20_POLY1305,   /**< ChaCha20-Poly1305 AEAD cipher. */
} mbedtls_cipher_type_t;
/**
 * \brief     Supported {cipher type, cipher mode} pairs.
 *
 * \warning   RC4 and DES are considered weak ciphers and their use
 *            constitutes a security risk. Arm recommends considering stronger
 *            ciphers instead.
 */

Typedef mbedtls_cipher_mode_t;

typedef enum {
   MBEDTLS_MODE_NONE = 0,              /**< None. */
   MBEDTLS_MODE_ECB,                   /**< The ECB cipher mode. */
   MBEDTLS_MODE_CBC,                   /**< The CBC cipher mode. */
   MBEDTLS_MODE_CFB,                   /**< The CFB cipher mode. */
   MBEDTLS_MODE_OFB,                   /**< The OFB cipher mode. */
   MBEDTLS_MODE_CTR,                   /**< The CTR cipher mode. */
   MBEDTLS_MODE_GCM,                   /**< The GCM cipher mode. */
   MBEDTLS_MODE_STREAM,                /**< The stream cipher mode. */
   MBEDTLS_MODE_CCM,                   /**< The CCM cipher mode. */
   MBEDTLS_MODE_XTS,                   /**< The XTS cipher mode. */
   MBEDTLS_MODE_CHACHAPOLY,            /**< The ChaCha-Poly cipher mode. */
} mbedtls_cipher_mode_t;
/** Supported cipher modes. */

Typedef mbedtls_cipher_padding_t;

typedef enum {
   MBEDTLS_PADDING_PKCS7 = 0,    /**< PKCS7 padding (default).        */
   MBEDTLS_PADDING_ONE_AND_ZEROS, /**< ISO/IEC 7816-4 padding.         */
   MBEDTLS_PADDING_ZEROS_AND_LEN, /**< ANSI X.923 padding.             */
   MBEDTLS_PADDING_ZEROS,        /**< Zero padding (not reversible). */
   MBEDTLS_PADDING_NONE,         /**< Never pad (full blocks only).   */
} mbedtls_cipher_padding_t;
/** Supported cipher padding types. */

Typedef mbedtls_operation_t;

typedef enum {
   MBEDTLS_OPERATION_NONE = -1,
   MBEDTLS_DECRYPT = 0,
   MBEDTLS_ENCRYPT,
} mbedtls_operation_t;
/** Type of operation. */

Typedef mbedtls_cipher_base_t

typedef struct mbedtls_cipher_base_t mbedtls_cipher_base_t;
/**
 * Base cipher information (opaque struct).
 */

Typedef mbedtls_cmac_context_t

typedef struct mbedtls_cmac_context_t mbedtls_cmac_context_t;
/**
 * CMAC context (opaque struct).
 */

Typedef mbedtls_cipher_info_t;

typedef struct mbedtls_cipher_info_t
{
   /** Full cipher identifier. For example,
     * MBEDTLS_CIPHER_AES_256_CBC.
     */
   mbedtls_cipher_type_t type;

   /** The cipher mode. For example, MBEDTLS_MODE_CBC. */
   mbedtls_cipher_mode_t mode;

   /** The cipher key length, in bits. This is the
     * default length for variable sized ciphers.
     * Includes parity bits for ciphers like DES.
     */
   unsigned int key_bitlen;

   /** Name of the cipher. */
   const char * name;

   /** IV or nonce size, in Bytes.
     * For ciphers that accept variable IV sizes,
     * this is the recommended size.
     */
   unsigned int iv_size;

   /** Bitflag comprised of MBEDTLS_CIPHER_VARIABLE_IV_LEN and
     *  MBEDTLS_CIPHER_VARIABLE_KEY_LEN indicating whether the
     *  cipher supports variable IV or variable key sizes, respectively.
     */
   int flags;

   /** The block size, in Bytes. */
   unsigned int block_size;

   /** Struct for base cipher information and functions. */
   const mbedtls_cipher_base_t *base;

} mbedtls_cipher_info_t;
/**
 * Cipher information. Allows calling cipher functions
 * in a generic way.
 */

Typedef mbedtls_cipher_context_t;

typedef struct mbedtls_cipher_context_t
{
   /** Information about the associated cipher. */
   const mbedtls_cipher_info_t *cipher_info;

   /** Key length to use. */
   int key_bitlen;

   /** Operation that the key of the context has been
     * initialized for.
     */
   mbedtls_operation_t operation;

#if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
   /** Padding functions to use, if relevant for
     * the specific cipher mode.
     */
   void (*add_padding)( unsigned char *output, size_t olen, size_t data_len );
   int (*get_padding)( unsigned char *input, size_t ilen, size_t *data_len );
#endif

   /** Buffer for input that has not been processed yet. */
   unsigned char unprocessed_data[MBEDTLS_MAX_BLOCK_LENGTH];

   /** Number of Bytes that have not been processed yet. */
   size_t unprocessed_len;

   /** Current IV or NONCE_COUNTER for CTR-mode, data unit (or sector) number
     * for XTS-mode. */
   unsigned char iv[MBEDTLS_MAX_IV_LENGTH];

   /** IV size in Bytes, for ciphers with variable-length IVs. */
   size_t iv_size;

   /** The cipher-specific context. */
   void *cipher_ctx;

#if defined(MBEDTLS_CMAC_C)
   /** CMAC-specific context. */
   mbedtls_cmac_context_t *cmac_ctx;
#endif
} mbedtls_cipher_context_t;
/**
 * Generic cipher context.
 */