Annotation of embedaddon/strongswan/src/libstrongswan/crypto/aead.h, revision 1.1
1.1 ! misho 1: /*
! 2: * Copyright (C) 2013 Tobias Brunner
! 3: * HSR Hochschule fuer Technik Rapperswil
! 4: *
! 5: * Copyright (C) 2010 Martin Willi
! 6: * Copyright (C) 2010 revosec AG
! 7: *
! 8: * This program is free software; you can redistribute it and/or modify it
! 9: * under the terms of the GNU General Public License as published by the
! 10: * Free Software Foundation; either version 2 of the License, or (at your
! 11: * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
! 12: *
! 13: * This program is distributed in the hope that it will be useful, but
! 14: * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
! 15: * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
! 16: * for more details.
! 17: */
! 18:
! 19: /**
! 20: * @defgroup aead aead
! 21: * @{ @ingroup crypto
! 22: */
! 23:
! 24: #ifndef AEAD_H_
! 25: #define AEAD_H_
! 26:
! 27: typedef struct aead_t aead_t;
! 28:
! 29: #include <library.h>
! 30: #include <crypto/crypters/crypter.h>
! 31: #include <crypto/signers/signer.h>
! 32: #include <crypto/iv/iv_gen.h>
! 33:
! 34: /**
! 35: * Authenticated encryption / authentication decryption interface.
! 36: */
! 37: struct aead_t {
! 38:
! 39: /**
! 40: * Encrypt and sign data, sign associated data.
! 41: *
! 42: * The plain data must be a multiple of get_block_size(), the IV must
! 43: * have a length of get_iv_size().
! 44: * If encrypted is NULL, the encryption is done inline. The buffer must
! 45: * have space for additional get_icv_size() data, the ICV value is
! 46: * appended silently to the plain chunk.
! 47: *
! 48: * @param plain data to encrypt and sign
! 49: * @param assoc associated data to sign
! 50: * @param iv initialization vector
! 51: * @param encrypted allocated encryption result
! 52: * @return TRUE if successfully encrypted
! 53: */
! 54: bool (*encrypt)(aead_t *this, chunk_t plain, chunk_t assoc, chunk_t iv,
! 55: chunk_t *encrypted) __attribute__((warn_unused_result));
! 56:
! 57: /**
! 58: * Decrypt and verify data, verify associated data.
! 59: *
! 60: * The IV must have a length of get_iv_size().
! 61: * If plain is NULL, the decryption is done inline. The decrypted data
! 62: * is returned in the encrypted chunk, the last get_icv_size() bytes
! 63: * contain the verified ICV.
! 64: *
! 65: * @param encrypted data to decrypt and verify
! 66: * @param assoc associated data to verify
! 67: * @param iv initialization vector
! 68: * @param plain allocated result, if successful
! 69: * @return TRUE if MAC verification successful
! 70: */
! 71: bool (*decrypt)(aead_t *this, chunk_t encrypted, chunk_t assoc, chunk_t iv,
! 72: chunk_t *plain);
! 73:
! 74: /**
! 75: * Get the block size for encryption.
! 76: *
! 77: * @return block size in bytes
! 78: */
! 79: size_t (*get_block_size)(aead_t *this);
! 80:
! 81: /**
! 82: * Get the integrity check value size of the algorithm.
! 83: *
! 84: * @return ICV size in bytes
! 85: */
! 86: size_t (*get_icv_size)(aead_t *this);
! 87:
! 88: /**
! 89: * Get the size of the initialization vector.
! 90: *
! 91: * @return IV size in bytes
! 92: */
! 93: size_t (*get_iv_size)(aead_t *this);
! 94:
! 95: /**
! 96: * Get the IV generator implementation
! 97: *
! 98: * @return IV generator
! 99: */
! 100: iv_gen_t *(*get_iv_gen)(aead_t *this);
! 101:
! 102: /**
! 103: * Get the size of the key material (for encryption and authentication).
! 104: *
! 105: * This includes any additional bytes requires for the implicit nonce part.
! 106: * For AEADs based on traditional ciphers, the length is for both
! 107: * the integrity and the encryption key in total.
! 108: *
! 109: * @return key size in bytes
! 110: */
! 111: size_t (*get_key_size)(aead_t *this);
! 112:
! 113: /**
! 114: * Set the key for encryption and authentication.
! 115: *
! 116: * If the AEAD uses an implicit nonce, the last part of the key shall
! 117: * be the implicit nonce. For AEADs based on traditional ciphers, the
! 118: * key shall include both integrity and encryption keys, concatenated
! 119: * in that order.
! 120: *
! 121: * @param key encryption and authentication key
! 122: * @return TRUE if key set successfully
! 123: */
! 124: bool (*set_key)(aead_t *this,
! 125: chunk_t key) __attribute__((warn_unused_result));
! 126:
! 127: /**
! 128: * Destroy an aead_t.
! 129: */
! 130: void (*destroy)(aead_t *this);
! 131: };
! 132:
! 133: /**
! 134: * Create a aead instance using traditional transforms.
! 135: *
! 136: * @param crypter encryption transform for this aead
! 137: * @param signer integrity transform for this aead
! 138: * @param iv_gen suitable IV generator for encryption algorithm
! 139: * @return aead transform
! 140: */
! 141: aead_t *aead_create(crypter_t *crypter, signer_t *signer, iv_gen_t *iv_gen);
! 142:
! 143: #endif /** AEAD_H_ @}*/
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>