forked from RNCryptor/RNCryptor
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathRNCryptor.h
1545 lines (1246 loc) · 56.7 KB
/
RNCryptor.h
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
//
// RNCryptor.h
//
// Copyright © 2015 Rob Napier. All rights reserved.
//
// This code is licensed under the MIT License:
//
// Permission is hereby granted, free of charge, to any person obtaining a
// copy of this software and associated documentation files (the "Software"),
// to deal in the Software without restriction, including without limitation
// the rights to use, copy, modify, merge, publish, distribute, sublicense,
// and/or sell copies of the Software, and to permit persons to whom the
// Software is furnished to do so, subject to the following conditions:
//
// The above copyright notice and this permission notice shall be included in
// all copies or substantial portions of the Software.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
// FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT. IN NO EVENT SHALL THE
// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
// FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
// DEALINGS IN THE SOFTWARE.
//
@import Foundation;
//! Project version number for RNCryptor.
FOUNDATION_EXPORT double RNCryptorVersionNumber;
//! Project version string for RNCryptor.
FOUNDATION_EXPORT const unsigned char RNCryptorVersionString[];
//
// CommonCryptoError.h
// CommonCrypto
//
// Created by Richard Murphy on 4/15/14.
// Copyright (c) 2014 Platform Security. All rights reserved.
//
#ifndef CommonCrypto_CommonCryptoError_h
#define CommonCrypto_CommonCryptoError_h
/*
* Copyright (c) 2014 Apple Inc. All Rights Reserved.
*
* @APPLE_LICENSE_HEADER_START@
*
* This file contains Original Code and/or Modifications of Original Code
* as defined in and that are subject to the Apple Public Source License
* Version 2.0 (the 'License'). You may not use this file except in
* compliance with the License. Please obtain a copy of the License at
* http://www.opensource.apple.com/apsl/ and read it before using this
* file.
*
* The Original Code and all software distributed under the License are
* distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
* EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
* INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
* Please see the License for the specific language governing rights and
* limitations under the License.
*
* @APPLE_LICENSE_HEADER_END@
*/
#include <stdint.h>
#if defined(__cplusplus)
extern "C" {
#endif
/*!
@enum CCCryptorStatus
@abstract Return values from CommonCryptor operations.
@constant kCCSuccess Operation completed normally.
@constant kCCParamError Illegal parameter value.
@constant kCCBufferTooSmall Insufficent buffer provided for specified
operation.
@constant kCCMemoryFailure Memory allocation failure.
@constant kCCAlignmentError Input size was not aligned properly.
@constant kCCDecodeError Input data did not decode or decrypt
properly.
@constant kCCUnimplemented Function not implemented for the current
algorithm.
*/
enum {
kCCSuccess = 0,
kCCParamError = -4300,
kCCBufferTooSmall = -4301,
kCCMemoryFailure = -4302,
kCCAlignmentError = -4303,
kCCDecodeError = -4304,
kCCUnimplemented = -4305,
kCCOverflow = -4306,
kCCRNGFailure = -4307,
};
typedef int32_t CCStatus;
typedef int32_t CCCryptorStatus;
#if defined(__cplusplus)
}
#endif
#endif
/*
* Copyright (c) 2006-2010 Apple, Inc. All Rights Reserved.
*
* @APPLE_LICENSE_HEADER_START@
*
* This file contains Original Code and/or Modifications of Original Code
* as defined in and that are subject to the Apple Public Source License
* Version 2.0 (the 'License'). You may not use this file except in
* compliance with the License. Please obtain a copy of the License at
* http://www.opensource.apple.com/apsl/ and read it before using this
* file.
*
* The Original Code and all software distributed under the License are
* distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
* EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
* INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
* Please see the License for the specific language governing rights and
* limitations under the License.
*
* @APPLE_LICENSE_HEADER_END@
*/
/*!
@header CommonCryptor.h
@abstract Generic interface for symmetric encryption.
@discussion This interface provides access to a number of symmetric
encryption algorithms. Symmetric encryption algorithms come
in two "flavors" - block ciphers, and stream ciphers. Block
ciphers process data (while both encrypting and decrypting)
in discrete chunks of data called blocks; stream ciphers
operate on arbitrary sized data.
The object declared in this interface, CCCryptor, provides
access to both block ciphers and stream ciphers with the same
API; however some options are available for block ciphers that
do not apply to stream ciphers.
The general operation of a CCCryptor is: initialize it
with raw key data and other optional fields with
CCCryptorCreate(); process input data via one or more calls to
CCCryptorUpdate(), each of which may result in output data
being written to caller-supplied memory; and obtain possible
remaining output data with CCCryptorFinal(). The CCCryptor is
disposed of via CCCryptorRelease(), or it can be reused (with
the same key data as provided to CCCryptorCreate()) by calling
CCCryptorReset().
CCCryptors can be dynamically allocated by this module, or
their memory can be allocated by the caller. See discussion for
CCCryptorCreate() and CCCryptorCreateFromData() for information
on CCCryptor allocation.
One option for block ciphers is padding, as defined in PKCS7;
when padding is enabled, the total amount of data encrypted
does not have to be an even multiple of the block size, and
the actual length of plaintext is calculated during decryption.
Another option for block ciphers is Cipher Block Chaining, known
as CBC mode. When using CBC mode, an Initialization Vector (IV)
is provided along with the key when starting an encrypt
or decrypt operation. If CBC mode is selected and no IV is
provided, an IV of all zeroes will be used.
CCCryptor also implements block bufferring, so that individual
calls to CCCryptorUpdate() do not have to provide data whose
length is aligned to the block size. (If padding is disabled,
encrypting with block ciphers does require that the *total*
length of data input to CCCryptorUpdate() call(s) be aligned
to the block size.)
A given CCCryptor can only be used by one thread at a time;
multiple threads can use safely different CCCryptors at the
same time.
*/
#ifndef _CC_COMMON_CRYPTOR_
#define _CC_COMMON_CRYPTOR_
#include <stdbool.h>
#include <stdint.h>
#ifndef KERNEL
#include <stddef.h>
#endif /* KERNEL */
#include <Availability.h>
#ifdef __cplusplus
extern "C" {
#endif
/*!
@typedef CCCryptorRef
@abstract Opaque reference to a CCCryptor object.
*/
typedef struct _CCCryptor *CCCryptorRef;
/*!
@enum CCOperation
@abstract Operations that an CCCryptor can perform.
@constant kCCEncrypt Symmetric encryption.
@constant kCCDecrypt Symmetric decryption.
*/
enum {
kCCEncrypt = 0,
kCCDecrypt,
};
typedef uint32_t CCOperation;
/*!
@enum CCAlgorithm
@abstract Encryption algorithms implemented by this module.
@constant kCCAlgorithmAES128 Advanced Encryption Standard, 128-bit block
This is kept for historical reasons. It's
preferred now to use kCCAlgorithmAES since
128-bit blocks are part of the standard.
@constant kCCAlgorithmAES Advanced Encryption Standard, 128-bit block
@constant kCCAlgorithmDES Data Encryption Standard
@constant kCCAlgorithm3DES Triple-DES, three key, EDE configuration
@constant kCCAlgorithmCAST CAST
@constant kCCAlgorithmRC4 RC4 stream cipher
@constant kCCAlgorithmBlowfish Blowfish block cipher
*/
enum {
kCCAlgorithmAES128 = 0,
kCCAlgorithmAES = 0,
kCCAlgorithmDES,
kCCAlgorithm3DES,
kCCAlgorithmCAST,
kCCAlgorithmRC4,
kCCAlgorithmRC2,
kCCAlgorithmBlowfish
};
typedef uint32_t CCAlgorithm;
/*!
@enum CCOptions
@abstract Options flags, passed to CCCryptorCreate().
@constant kCCOptionPKCS7Padding Perform PKCS7 padding.
@constant kCCOptionECBMode Electronic Code Book Mode.
Default is CBC.
*/
enum {
/* options for block ciphers */
kCCOptionPKCS7Padding = 0x0001,
kCCOptionECBMode = 0x0002
/* stream ciphers currently have no options */
};
typedef uint32_t CCOptions;
/*!
@enum Key sizes
@discussion Key sizes, in bytes, for supported algorithms. Use these
constants to select any keysize variants you wish to use
for algorithms that support them (ie AES-128, AES-192, AES-256)
@constant kCCKeySizeAES128 128 bit AES key size.
@constant kCCKeySizeAES192 192 bit AES key size.
@constant kCCKeySizeAES256 256 bit AES key size.
@constant kCCKeySizeDES DES key size.
@constant kCCKeySize3DES Triple DES key size.
@constant kCCKeySizeMinCAST CAST minimum key size.
@constant kCCKeySizeMaxCAST CAST maximum key size.
@constant kCCKeySizeMinRC4 RC4 minimum key size.
@constant kCCKeySizeMaxRC4 RC4 maximum key size.
@discussion DES and TripleDES have fixed key sizes.
AES has three discrete key sizes.
CAST and RC4 have variable key sizes.
*/
enum {
kCCKeySizeAES128 = 16,
kCCKeySizeAES192 = 24,
kCCKeySizeAES256 = 32,
kCCKeySizeDES = 8,
kCCKeySize3DES = 24,
kCCKeySizeMinCAST = 5,
kCCKeySizeMaxCAST = 16,
kCCKeySizeMinRC4 = 1,
kCCKeySizeMaxRC4 = 512,
kCCKeySizeMinRC2 = 1,
kCCKeySizeMaxRC2 = 128,
kCCKeySizeMinBlowfish = 8,
kCCKeySizeMaxBlowfish = 56,
};
/*!
@enum Block sizes
@discussion Block sizes, in bytes, for supported algorithms.
@constant kCCBlockSizeAES128 AES block size (currently, only 128-bit
blocks are supported).
@constant kCCBlockSizeDES DES block size.
@constant kCCBlockSize3DES Triple DES block size.
@constant kCCBlockSizeCAST CAST block size.
*/
enum {
/* AES */
kCCBlockSizeAES128 = 16,
/* DES */
kCCBlockSizeDES = 8,
/* 3DES */
kCCBlockSize3DES = 8,
/* CAST */
kCCBlockSizeCAST = 8,
kCCBlockSizeRC2 = 8,
kCCBlockSizeBlowfish = 8,
};
/*!
@enum Minimum context sizes
@discussion Minimum context sizes, for caller-allocated CCCryptorRefs.
To minimize dynamic allocation memory, a caller can create
a CCCryptorRef by passing caller-supplied memory to the
CCCryptorCreateFromData() function.
These constants define the minimum amount of memory, in
bytes, needed for CCCryptorRefs for each supported algorithm.
Note: these constants are valid for the current version of
this library; they may change in subsequent releases, so
applications wishing to allocate their own memory for use
in creating CCCryptorRefs must be prepared to deal with
a kCCBufferTooSmall return from CCCryptorCreateFromData().
See discussion for the CCCryptorCreateFromData() function.
@constant kCCContextSizeAES128 - Minimum context size for kCCAlgorithmAES128.
@constant kCCContextSizeDES - Minimum context size for kCCAlgorithmDES.
@constant kCCContextSize3DES - Minimum context size for kCCAlgorithm3DES.
@constant kCCContextSizeCAST - Minimum context size for kCCAlgorithmCAST.
@constant kCCContextSizeRC4 - Minimum context size for kCCAlgorithmRC4.
*/
enum {
kCCContextSizeAES128 = 404,
kCCContextSizeDES = 240,
kCCContextSize3DES = 496,
kCCContextSizeCAST = 240,
kCCContextSizeRC4 = 1072
};
/*!
@function CCCryptorCreate
@abstract Create a cryptographic context.
@param op Defines the basic operation: kCCEncrypt or
kCCDecrypt.
@param alg Defines the algorithm.
@param options A word of flags defining options. See discussion
for the CCOptions type.
@param key Raw key material, length keyLength bytes.
@param keyLength Length of key material. Must be appropriate
for the selected operation and algorithm. Some
algorithms provide for varying key lengths.
@param iv Initialization vector, optional. Used by
block ciphers when Cipher Block Chaining (CBC)
mode is enabled. If present, must be the same
length as the selected algorithm's block size.
If CBC mode is selected (by the absence of the
kCCOptionECBMode bit in the options flags) and no
IV is present, a NULL (all zeroes) IV will be used.
This parameter is ignored if ECB mode is used or
if a stream cipher algorithm is selected.
@param cryptorRef A (required) pointer to the returned CCCryptorRef.
@result Possible error returns are kCCParamError and kCCMemoryFailure.
*/
CCCryptorStatus CCCryptorCreate(
CCOperation op, /* kCCEncrypt, etc. */
CCAlgorithm alg, /* kCCAlgorithmDES, etc. */
CCOptions options, /* kCCOptionPKCS7Padding, etc. */
const void *key, /* raw key material */
size_t keyLength,
const void *iv, /* optional initialization vector */
CCCryptorRef *cryptorRef) /* RETURNED */
__OSX_AVAILABLE_STARTING(__MAC_10_4, __IPHONE_2_0);
/*!
@function CCCryptorCreateFromData
@abstract Create a cryptographic context using caller-supplied memory.
@param op Defines the basic operation: kCCEncrypt or
kCCDecrypt.
@param alg Defines the algorithm.
@param options A word of flags defining options. See discussion
for the CCOptions type.
@param key Raw key material, length keyLength bytes.
@param keyLength Length of key material. Must be appropriate
for the selected operation and algorithm. Some
algorithms provide for varying key lengths.
@param iv Initialization vector, optional. Used by
block ciphers when Cipher Block Chaining (CBC)
mode is enabled. If present, must be the same
length as the selected algorithm's block size.
If CBC mode is selected (by the absence of the
kCCOptionECBMode bit in the options flags) and no
IV is present, a NULL (all zeroes) IV will be used.
This parameter is ignored if ECB mode is used or
if a stream cipher algorithm is selected.
@param data A pointer to caller-supplied memory from which the
CCCryptorRef will be created.
@param dataLength The size of the caller-supplied memory in bytes.
@param cryptorRef A (required) pointer to the returned CCCryptorRef.
@param dataUsed Optional. If present, the actual number of bytes of
the caller-supplied memory which was consumed by
creation of the CCCryptorRef is returned here. Also,
if the supplied memory is of insufficent size to create
a CCCryptorRef, kCCBufferTooSmall is returned, and
the minimum required buffer size is returned via this
parameter if present.
@result Possible error returns are kCCParamError and kCCBufferTooSmall.
@discussion The CCCryptorRef created by this function *may* be disposed of
via CCCRyptorRelease; that call is not strictly necessary, but
if it's not performed, good security practice dictates that the
caller should zero the memory provided to create the CCCryptorRef
when the caller is finished using the CCCryptorRef.
*/
CCCryptorStatus CCCryptorCreateFromData(
CCOperation op, /* kCCEncrypt, etc. */
CCAlgorithm alg, /* kCCAlgorithmDES, etc. */
CCOptions options, /* kCCOptionPKCS7Padding, etc. */
const void *key, /* raw key material */
size_t keyLength,
const void *iv, /* optional initialization vector */
const void *data, /* caller-supplied memory */
size_t dataLength, /* length of data in bytes */
CCCryptorRef *cryptorRef, /* RETURNED */
size_t *dataUsed) /* optional, RETURNED */
__OSX_AVAILABLE_STARTING(__MAC_10_4, __IPHONE_2_0);
/*!
@function CCCryptorRelease
@abstract Free a context created by CCCryptorCreate or
CCCryptorCreateFromData().
@param cryptorRef The CCCryptorRef to release.
@result The only possible error return is kCCParamError resulting
from passing in a null CCCryptorRef.
*/
CCCryptorStatus CCCryptorRelease(
CCCryptorRef cryptorRef)
__OSX_AVAILABLE_STARTING(__MAC_10_4, __IPHONE_2_0);
/*!
@function CCCryptorUpdate
@abstract Process (encrypt, decrypt) some data. The result, if any,
is written to a caller-provided buffer.
@param cryptorRef A CCCryptorRef created via CCCryptorCreate() or
CCCryptorCreateFromData().
@param dataIn Data to process, length dataInLength bytes.
@param dataInLength Length of data to process.
@param dataOut Result is written here. Allocated by caller.
Encryption and decryption can be performed
"in-place", with the same buffer used for
input and output.
@param dataOutAvailable The size of the dataOut buffer in bytes.
@param dataOutMoved On successful return, the number of bytes
written to dataOut.
@result kCCBufferTooSmall indicates insufficent space in the dataOut
buffer. The caller can use
CCCryptorGetOutputLength() to determine the
required output buffer size in this case. The
operation can be retried; no state is lost
when this is returned.
@discussion This routine can be called multiple times. The caller does
not need to align input data lengths to block sizes; input is
bufferred as necessary for block ciphers.
When performing symmetric encryption with block ciphers,
and padding is enabled via kCCOptionPKCS7Padding, the total
number of bytes provided by all the calls to this function
when encrypting can be arbitrary (i.e., the total number
of bytes does not have to be block aligned). However if
padding is disabled, or when decrypting, the total number
of bytes does have to be aligned to the block size; otherwise
CCCryptFinal() will return kCCAlignmentError.
A general rule for the size of the output buffer which must be
provided by the caller is that for block ciphers, the output
length is never larger than the input length plus the block size.
For stream ciphers, the output length is always exactly the same
as the input length. See the discussion for
CCCryptorGetOutputLength() for more information on this topic.
Generally, when all data has been processed, call
CCCryptorFinal().
In the following cases, the CCCryptorFinal() is superfluous as
it will not yield any data nor return an error:
1. Encrypting or decrypting with a block cipher with padding
disabled, when the total amount of data provided to
CCCryptorUpdate() is an integral multiple of the block size.
2. Encrypting or decrypting with a stream cipher.
*/
CCCryptorStatus CCCryptorUpdate(
CCCryptorRef cryptorRef,
const void *dataIn,
size_t dataInLength,
void *dataOut, /* data RETURNED here */
size_t dataOutAvailable,
size_t *dataOutMoved) /* number of bytes written */
__OSX_AVAILABLE_STARTING(__MAC_10_4, __IPHONE_2_0);
/*!
@function CCCryptorFinal
@abstract Finish an encrypt or decrypt operation, and obtain the (possible)
final data output.
@param cryptorRef A CCCryptorRef created via CCCryptorCreate() or
CCCryptorCreateFromData().
@param dataOut Result is written here. Allocated by caller.
@param dataOutAvailable The size of the dataOut buffer in bytes.
@param dataOutMoved On successful return, the number of bytes
written to dataOut.
@result kCCBufferTooSmall indicates insufficent space in the dataOut
buffer. The caller can use
CCCryptorGetOutputLength() to determine the
required output buffer size in this case. The
operation can be retried; no state is lost
when this is returned.
kCCAlignmentError When decrypting, or when encrypting with a
block cipher with padding disabled,
kCCAlignmentError will be returned if the total
number of bytes provided to CCCryptUpdate() is
not an integral multiple of the current
algorithm's block size.
kCCDecodeError Indicates garbled ciphertext or the
wrong key during decryption. This can only
be returned while decrypting with padding
enabled.
@discussion Except when kCCBufferTooSmall is returned, the CCCryptorRef
can no longer be used for subsequent operations unless
CCCryptorReset() is called on it.
It is not necessary to call CCCryptorFinal() when performing
symmetric encryption or decryption if padding is disabled, or
when using a stream cipher.
It is not necessary to call CCCryptorFinal() prior to
CCCryptorRelease() when aborting an operation.
*/
CCCryptorStatus CCCryptorFinal(
CCCryptorRef cryptorRef,
void *dataOut,
size_t dataOutAvailable,
size_t *dataOutMoved) /* number of bytes written */
__OSX_AVAILABLE_STARTING(__MAC_10_4, __IPHONE_2_0);
/*!
@function CCCryptorGetOutputLength
@abstract Determine output buffer size required to process a given input
size.
@param cryptorRef A CCCryptorRef created via CCCryptorCreate() or
CCCryptorCreateFromData().
@param inputLength The length of data which will be provided to
CCCryptorUpdate().
@param final If false, the returned value will indicate the
output buffer space needed when 'inputLength'
bytes are provided to CCCryptorUpdate(). When
'final' is true, the returned value will indicate
the total combined buffer space needed when
'inputLength' bytes are provided to
CCCryptorUpdate() and then CCCryptorFinal() is
called.
@result The maximum buffer space need to perform CCCryptorUpdate() and
optionally CCCryptorFinal().
@discussion Some general rules apply that allow clients of this module to
know a priori how much output buffer space will be required
in a given situation. For stream ciphers, the output size is
always equal to the input size, and CCCryptorFinal() never
produces any data. For block ciphers, the output size will
always be less than or equal to the input size plus the size
of one block. For block ciphers, if the input size provided
to each call to CCCryptorUpdate() is is an integral multiple
of the block size, then the output size for each call to
CCCryptorUpdate() is less than or equal to the input size
for that call to CCCryptorUpdate(). CCCryptorFinal() only
produces output when using a block cipher with padding enabled.
*/
size_t CCCryptorGetOutputLength(
CCCryptorRef cryptorRef,
size_t inputLength,
bool final)
__OSX_AVAILABLE_STARTING(__MAC_10_4, __IPHONE_2_0);
/*!
@function CCCryptorReset
@abstract Reinitializes an existing CCCryptorRef with a (possibly)
new initialization vector. The CCCryptorRef's key is
unchanged. Not implemented for stream ciphers.
@param cryptorRef A CCCryptorRef created via CCCryptorCreate() or
CCCryptorCreateFromData().
@param iv Optional initialization vector; if present, must
be the same size as the current algorithm's block
size.
@result The the only possible errors are kCCParamError and
kCCUnimplemented.
@discussion This can be called on a CCCryptorRef with data pending (i.e.
in a padded mode operation before CCCryptFinal is called);
however any pending data will be lost in that case.
*/
CCCryptorStatus CCCryptorReset(
CCCryptorRef cryptorRef,
const void *iv)
__OSX_AVAILABLE_STARTING(__MAC_10_4, __IPHONE_2_0);
/*!
@function CCCrypt
@abstract Stateless, one-shot encrypt or decrypt operation.
This basically performs a sequence of CCCrytorCreate(),
CCCryptorUpdate(), CCCryptorFinal(), and CCCryptorRelease().
@param alg Defines the encryption algorithm.
@param op Defines the basic operation: kCCEncrypt or
kCCDecrypt.
@param options A word of flags defining options. See discussion
for the CCOptions type.
@param key Raw key material, length keyLength bytes.
@param keyLength Length of key material. Must be appropriate
for the select algorithm. Some algorithms may
provide for varying key lengths.
@param iv Initialization vector, optional. Used for
Cipher Block Chaining (CBC) mode. If present,
must be the same length as the selected
algorithm's block size. If CBC mode is
selected (by the absence of any mode bits in
the options flags) and no IV is present, a
NULL (all zeroes) IV will be used. This is
ignored if ECB mode is used or if a stream
cipher algorithm is selected.
@param dataIn Data to encrypt or decrypt, length dataInLength
bytes.
@param dataInLength Length of data to encrypt or decrypt.
@param dataOut Result is written here. Allocated by caller.
Encryption and decryption can be performed
"in-place", with the same buffer used for
input and output.
@param dataOutAvailable The size of the dataOut buffer in bytes.
@param dataOutMoved On successful return, the number of bytes
written to dataOut. If kCCBufferTooSmall is
returned as a result of insufficient buffer
space being provided, the required buffer space
is returned here.
@result kCCBufferTooSmall indicates insufficent space in the dataOut
buffer. In this case, the *dataOutMoved
parameter will indicate the size of the buffer
needed to complete the operation. The
operation can be retried with minimal runtime
penalty.
kCCAlignmentError indicates that dataInLength was not properly
aligned. This can only be returned for block
ciphers, and then only when decrypting or when
encrypting with block with padding disabled.
kCCDecodeError Indicates improperly formatted ciphertext or
a "wrong key" error; occurs only during decrypt
operations.
*/
CCCryptorStatus CCCrypt(
CCOperation op, /* kCCEncrypt, etc. */
CCAlgorithm alg, /* kCCAlgorithmAES128, etc. */
CCOptions options, /* kCCOptionPKCS7Padding, etc. */
const void *key,
size_t keyLength,
const void *iv, /* optional initialization vector */
const void *dataIn, /* optional per op and alg */
size_t dataInLength,
void *dataOut, /* data RETURNED here */
size_t dataOutAvailable,
size_t *dataOutMoved)
__OSX_AVAILABLE_STARTING(__MAC_10_4, __IPHONE_2_0);
/*!
@enum Cipher Modes
@discussion These are the selections available for modes of operation for
use with block ciphers. If RC4 is selected as the cipher (a stream
cipher) the only correct mode is kCCModeRC4.
@constant kCCModeECB - Electronic Code Book Mode.
@constant kCCModeCBC - Cipher Block Chaining Mode.
@constant kCCModeCFB - Cipher Feedback Mode.
@constant kCCModeOFB - Output Feedback Mode.
@constant kCCModeXTS - XEX-based Tweaked CodeBook Mode.
@constant kCCModeRC4 - RC4 as a streaming cipher is handled internally as a mode.
@constant kCCModeCFB8 - Cipher Feedback Mode producing 8 bits per round.
*/
enum {
kCCModeECB = 1,
kCCModeCBC = 2,
kCCModeCFB = 3,
kCCModeCTR = 4,
kCCModeF8 = 5, // Unimplemented for now (not included)
kCCModeLRW = 6, // Unimplemented for now (not included)
kCCModeOFB = 7,
kCCModeXTS = 8,
kCCModeRC4 = 9,
kCCModeCFB8 = 10,
};
typedef uint32_t CCMode;
/*!
@enum Padding for Block Ciphers
@discussion These are the padding options available for block modes.
@constant ccNoPadding - No padding.
@constant ccPKCS7Padding - PKCS7 Padding.
*/
enum {
ccNoPadding = 0,
ccPKCS7Padding = 1,
};
typedef uint32_t CCPadding;
/*!
@enum Mode options - Not currently in use.
@discussion Values used to specify options for modes. This was used for counter
mode operations in 10.8, now only Big Endian mode is supported.
@constant kCCModeOptionCTR_LE - CTR Mode Little Endian.
@constant kCCModeOptionCTR_BE - CTR Mode Big Endian.
*/
enum {
kCCModeOptionCTR_LE = 0x0001, // Deprecated in iPhoneOS 6.0 and MacOSX10.9
kCCModeOptionCTR_BE = 0x0002 // Deprecated in iPhoneOS 6.0 and MacOSX10.9
};
typedef uint32_t CCModeOptions;
/*!
@function CCCryptorCreateWithMode
@abstract Create a cryptographic context.
@param op Defines the basic operation: kCCEncrypt or
kCCDecrypt.
@param mode Specifies the cipher mode to use for operations.
@param alg Defines the algorithm.
@param padding Specifies the padding to use.
@param iv Initialization vector, optional. Used by
block ciphers with the following modes:
Cipher Block Chaining (CBC)
Cipher Feedback (CFB and CFB8)
Output Feedback (OFB)
Counter (CTR)
If present, must be the same length as the selected
algorithm's block size. If no IV is present, a NULL
(all zeroes) IV will be used.
This parameter is ignored if ECB mode is used or
if a stream cipher algorithm is selected.
@param key Raw key material, length keyLength bytes.
@param keyLength Length of key material. Must be appropriate
for the selected operation and algorithm. Some
algorithms provide for varying key lengths.
@param tweak Raw key material, length keyLength bytes. Used for the
tweak key in XEX-based Tweaked CodeBook (XTS) mode.
@param tweakLength Length of tweak key material. Must be appropriate
for the selected operation and algorithm. Some
algorithms provide for varying key lengths. For XTS
this is the same length as the encryption key.
@param numRounds The number of rounds of the cipher to use. 0 uses the default.
@param options A word of flags defining options. See discussion
for the CCModeOptions type.
@param cryptorRef A (required) pointer to the returned CCCryptorRef.
@result Possible error returns are kCCParamError and kCCMemoryFailure.
*/
CCCryptorStatus CCCryptorCreateWithMode(
CCOperation op, /* kCCEncrypt, kCCEncrypt */
CCMode mode,
CCAlgorithm alg,
CCPadding padding,
const void *iv, /* optional initialization vector */
const void *key, /* raw key material */
size_t keyLength,
const void *tweak, /* raw tweak material */
size_t tweakLength,
int numRounds, /* 0 == default */
CCModeOptions options,
CCCryptorRef *cryptorRef) /* RETURNED */
__OSX_AVAILABLE_STARTING(__MAC_10_7, __IPHONE_5_0);
#ifdef __cplusplus
}
#endif
#endif /* _CC_COMMON_CRYPTOR_ */
/*
* Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
*
* @APPLE_LICENSE_HEADER_START@
*
* This file contains Original Code and/or Modifications of Original Code
* as defined in and that are subject to the Apple Public Source License
* Version 2.0 (the 'License'). You may not use this file except in
* compliance with the License. Please obtain a copy of the License at
* http://www.opensource.apple.com/apsl/ and read it before using this
* file.
*
* The Original Code and all software distributed under the License are
* distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
* EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
* INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
* Please see the License for the specific language governing rights and
* limitations under the License.
*
* @APPLE_LICENSE_HEADER_END@
*/
/*
* CommonDigest.h - common digest routines: MD2, MD4, MD5, SHA1.
*/
#ifndef _CC_COMMON_DIGEST_H_
#define _CC_COMMON_DIGEST_H_
#include <stdint.h>
#include <Availability.h>
#ifdef __cplusplus
extern "C" {
#endif
/*
* For compatibility with legacy implementations, the *Init(), *Update(),
* and *Final() functions declared here *always* return a value of 1 (one).
* This corresponds to "success" in the similar openssl implementations.
* There are no errors of any kind which can be, or are, reported here,
* so you can safely ignore the return values of all of these functions
* if you are implementing new code.
*
* The one-shot functions (CC_MD2(), CC_SHA1(), etc.) perform digest
* calculation and place the result in the caller-supplied buffer
* indicated by the md parameter. They return the md parameter.
* Unlike the opensssl counterparts, these one-shot functions require
* a non-NULL md pointer. Passing in NULL for the md parameter
* results in a NULL return and no digest calculation.
*/
typedef uint32_t CC_LONG; /* 32 bit unsigned integer */
typedef uint64_t CC_LONG64; /* 64 bit unsigned integer */
/*** MD2 ***/
#define CC_MD2_DIGEST_LENGTH 16 /* digest length in bytes */
#define CC_MD2_BLOCK_BYTES 64 /* block size in bytes */
#define CC_MD2_BLOCK_LONG (CC_MD2_BLOCK_BYTES / sizeof(CC_LONG))
typedef struct CC_MD2state_st
{
int num;
unsigned char data[CC_MD2_DIGEST_LENGTH];
CC_LONG cksm[CC_MD2_BLOCK_LONG];
CC_LONG state[CC_MD2_BLOCK_LONG];
} CC_MD2_CTX;
extern int CC_MD2_Init(CC_MD2_CTX *c)
__OSX_AVAILABLE_STARTING(__MAC_10_4, __IPHONE_2_0);
extern int CC_MD2_Update(CC_MD2_CTX *c, const void *data, CC_LONG len)
__OSX_AVAILABLE_STARTING(__MAC_10_4, __IPHONE_2_0);
extern int CC_MD2_Final(unsigned char *md, CC_MD2_CTX *c)
__OSX_AVAILABLE_STARTING(__MAC_10_4, __IPHONE_2_0);
extern unsigned char *CC_MD2(const void *data, CC_LONG len, unsigned char *md)
__OSX_AVAILABLE_STARTING(__MAC_10_4, __IPHONE_2_0);
/*** MD4 ***/
#define CC_MD4_DIGEST_LENGTH 16 /* digest length in bytes */
#define CC_MD4_BLOCK_BYTES 64 /* block size in bytes */
#define CC_MD4_BLOCK_LONG (CC_MD4_BLOCK_BYTES / sizeof(CC_LONG))
typedef struct CC_MD4state_st
{
CC_LONG A,B,C,D;
CC_LONG Nl,Nh;
CC_LONG data[CC_MD4_BLOCK_LONG];
uint32_t num;
} CC_MD4_CTX;
extern int CC_MD4_Init(CC_MD4_CTX *c)
__OSX_AVAILABLE_STARTING(__MAC_10_4, __IPHONE_2_0);
extern int CC_MD4_Update(CC_MD4_CTX *c, const void *data, CC_LONG len)
__OSX_AVAILABLE_STARTING(__MAC_10_4, __IPHONE_2_0);
extern int CC_MD4_Final(unsigned char *md, CC_MD4_CTX *c)
__OSX_AVAILABLE_STARTING(__MAC_10_4, __IPHONE_2_0);
extern unsigned char *CC_MD4(const void *data, CC_LONG len, unsigned char *md)
__OSX_AVAILABLE_STARTING(__MAC_10_4, __IPHONE_2_0);
/*** MD5 ***/
#define CC_MD5_DIGEST_LENGTH 16 /* digest length in bytes */
#define CC_MD5_BLOCK_BYTES 64 /* block size in bytes */
#define CC_MD5_BLOCK_LONG (CC_MD5_BLOCK_BYTES / sizeof(CC_LONG))
typedef struct CC_MD5state_st
{
CC_LONG A,B,C,D;
CC_LONG Nl,Nh;
CC_LONG data[CC_MD5_BLOCK_LONG];
int num;
} CC_MD5_CTX;
extern int CC_MD5_Init(CC_MD5_CTX *c)
__OSX_AVAILABLE_STARTING(__MAC_10_4, __IPHONE_2_0);
extern int CC_MD5_Update(CC_MD5_CTX *c, const void *data, CC_LONG len)
__OSX_AVAILABLE_STARTING(__MAC_10_4, __IPHONE_2_0);
extern int CC_MD5_Final(unsigned char *md, CC_MD5_CTX *c)