////////////////////////////////////////////////////////////////////////////////
// Copyright 2016 Google LLC.
//
// This software is licensed under the terms defined in the Widevine Master
// License Agreement. For a copy of this agreement, please contact
// widevine-licensing@google.com.
////////////////////////////////////////////////////////////////////////////////

#ifndef COMMON_AES_CBC_UTIL_H_
#define COMMON_AES_CBC_UTIL_H_

#include <string>

namespace widevine {
namespace crypto_util {

// Helper for wrapping AES CBC encryption. Uses PKCS7 padding.
std::string EncryptAesCbc(const std::string& key, const std::string& iv,
                          const std::string& plaintext);

// Helper for wrapping AES CBC encryption. Adds no padding, so the input
// must be an multiple of the 16-byte AES block size. Returns empty std::string
// on error.
std::string EncryptAesCbcNoPad(const std::string& key, const std::string& iv,
                               const std::string& plaintext);

// Helper for common Keybox decrypt operations; wraps AES-CBC.  Returns an
// empty std::string on error or the plaintext on success. Expects PKCS7 padding.
std::string DecryptAesCbc(const std::string& key, const std::string& iv,
                          const std::string& ciphertext);

// Helper for common Keybox decrypt operations; wraps AES-CBC.  Returns an
// empty std::string on error or the plaintext on success.
// Uses no padding; fails if the ciphertext is not a multiple of 16 bytes.
// This is used to decrypt the encrypted blob in the WVM keyboxes, with
// a zero iv.
std::string DecryptAesCbcNoPad(const std::string& key, const std::string& iv,
                               const std::string& ciphertext);

}  // namespace crypto_util
}  // namespace widevine

#endif  // COMMON_AES_CBC_UTIL_H_