#ifndef CIPHER_H #define CIPHER_H #include #include "cc_log.h" #define AES_GCM_TAG_SIZE 16 #define IV_FIELD_SIZE 16 #define AES_KEY_SIZE 16 /* 128 bits key */ #define IV_SIZE 12 enum tz_error_n { UNSUPPORTED_CMD = -100, INTEGRITY_CHECK_FAILURE_7 = -97, INTEGRITY_CHECK_FAILURE_6, INTEGRITY_CHECK_FAILURE_5, INTEGRITY_CHECK_FAILURE_4, INTEGRITY_CHECK_FAILURE_3, INTEGRITY_CHECK_FAILURE_2, INTEGRITY_CHECK_FAILURE_1, INTEGRITY_CHECK_FAILURE, INVALID_ARGUMENT, CRYPTO_FAILED, WRONG_TAG, TZ_RNG_FAILED, TZ_KDF_FAILED, NOT_INITIALIZED, BUFFER_TOO_SMALL, FAILED, SUCCESS = 0 }; /** * @brief tima_aes_gcm_encrypt - encrypt data with AES GCM * @param key - encryption key (derived from REK) * @param key_size - size of encryption key (in bytes) * @param iv - initial vector for GCM encryption mode * @param iv_size - size of initial vector (in bytes) * @param data - i/o data buffer * @param input_size - size of input data (in bytes) * @param output_size - pointer to size of output buffer * @param flags - special flags (to be protected by MAC) * @return status code from enum tz_error_n (tz_app.h) */ int32_t aes_gcm_encrypt( const uint8_t* key, uint32_t key_size, const uint8_t* iv, uint32_t iv_size, const uint8_t* aad, uint32_t aad_size, uint8_t* data, uint32_t input_size, uint32_t* output_size); /** * @brief tima_aes_gcm_decrypt - decrypt data with AES GCM * @param key - decryption key (derived from REK) * @param key_size - size of decryption key (in bytes) * @param iv - initial vector for GCM decryption mode * @param iv_size - size of initial vector (in bytes) * @param data - i/o data buffer * @param input_size - size of input data (in bytes) * @param output_size - pointer to size of output buffer * @param flags - special flags (to be protected by MAC) * @return status code from enum tz_error_n (tz_app.h) */ int32_t aes_gcm_decrypt( const uint8_t* key, uint32_t key_size, const uint8_t* iv, uint32_t iv_size, const uint8_t* aad, uint32_t aad_size, uint8_t* data, uint32_t input_size, uint32_t* output_size); #endif