Annotation of embedaddon/strongswan/src/libstrongswan/crypto/aead.h, revision 1.1.1.1
1.1 misho 1: /*
2: * Copyright (C) 2013 Tobias Brunner
3: * HSR Hochschule fuer Technik Rapperswil
4: *
5: * Copyright (C) 2010 Martin Willi
6: * Copyright (C) 2010 revosec AG
7: *
8: * This program is free software; you can redistribute it and/or modify it
9: * under the terms of the GNU General Public License as published by the
10: * Free Software Foundation; either version 2 of the License, or (at your
11: * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
12: *
13: * This program is distributed in the hope that it will be useful, but
14: * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
15: * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
16: * for more details.
17: */
18:
19: /**
20: * @defgroup aead aead
21: * @{ @ingroup crypto
22: */
23:
24: #ifndef AEAD_H_
25: #define AEAD_H_
26:
27: typedef struct aead_t aead_t;
28:
29: #include <library.h>
30: #include <crypto/crypters/crypter.h>
31: #include <crypto/signers/signer.h>
32: #include <crypto/iv/iv_gen.h>
33:
34: /**
35: * Authenticated encryption / authentication decryption interface.
36: */
37: struct aead_t {
38:
39: /**
40: * Encrypt and sign data, sign associated data.
41: *
42: * The plain data must be a multiple of get_block_size(), the IV must
43: * have a length of get_iv_size().
44: * If encrypted is NULL, the encryption is done inline. The buffer must
45: * have space for additional get_icv_size() data, the ICV value is
46: * appended silently to the plain chunk.
47: *
48: * @param plain data to encrypt and sign
49: * @param assoc associated data to sign
50: * @param iv initialization vector
51: * @param encrypted allocated encryption result
52: * @return TRUE if successfully encrypted
53: */
54: bool (*encrypt)(aead_t *this, chunk_t plain, chunk_t assoc, chunk_t iv,
55: chunk_t *encrypted) __attribute__((warn_unused_result));
56:
57: /**
58: * Decrypt and verify data, verify associated data.
59: *
60: * The IV must have a length of get_iv_size().
61: * If plain is NULL, the decryption is done inline. The decrypted data
62: * is returned in the encrypted chunk, the last get_icv_size() bytes
63: * contain the verified ICV.
64: *
65: * @param encrypted data to decrypt and verify
66: * @param assoc associated data to verify
67: * @param iv initialization vector
68: * @param plain allocated result, if successful
69: * @return TRUE if MAC verification successful
70: */
71: bool (*decrypt)(aead_t *this, chunk_t encrypted, chunk_t assoc, chunk_t iv,
72: chunk_t *plain);
73:
74: /**
75: * Get the block size for encryption.
76: *
77: * @return block size in bytes
78: */
79: size_t (*get_block_size)(aead_t *this);
80:
81: /**
82: * Get the integrity check value size of the algorithm.
83: *
84: * @return ICV size in bytes
85: */
86: size_t (*get_icv_size)(aead_t *this);
87:
88: /**
89: * Get the size of the initialization vector.
90: *
91: * @return IV size in bytes
92: */
93: size_t (*get_iv_size)(aead_t *this);
94:
95: /**
96: * Get the IV generator implementation
97: *
98: * @return IV generator
99: */
100: iv_gen_t *(*get_iv_gen)(aead_t *this);
101:
102: /**
103: * Get the size of the key material (for encryption and authentication).
104: *
105: * This includes any additional bytes requires for the implicit nonce part.
106: * For AEADs based on traditional ciphers, the length is for both
107: * the integrity and the encryption key in total.
108: *
109: * @return key size in bytes
110: */
111: size_t (*get_key_size)(aead_t *this);
112:
113: /**
114: * Set the key for encryption and authentication.
115: *
116: * If the AEAD uses an implicit nonce, the last part of the key shall
117: * be the implicit nonce. For AEADs based on traditional ciphers, the
118: * key shall include both integrity and encryption keys, concatenated
119: * in that order.
120: *
121: * @param key encryption and authentication key
122: * @return TRUE if key set successfully
123: */
124: bool (*set_key)(aead_t *this,
125: chunk_t key) __attribute__((warn_unused_result));
126:
127: /**
128: * Destroy an aead_t.
129: */
130: void (*destroy)(aead_t *this);
131: };
132:
133: /**
134: * Create a aead instance using traditional transforms.
135: *
136: * @param crypter encryption transform for this aead
137: * @param signer integrity transform for this aead
138: * @param iv_gen suitable IV generator for encryption algorithm
139: * @return aead transform
140: */
141: aead_t *aead_create(crypter_t *crypter, signer_t *signer, iv_gen_t *iv_gen);
142:
143: #endif /** AEAD_H_ @}*/
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>