Annotation of embedaddon/strongswan/src/libstrongswan/crypto/crypters/crypter.h, revision 1.1
1.1 ! misho 1: /*
! 2: * Copyright (C) 2005-2006 Martin Willi
! 3: * Copyright (C) 2005 Jan Hutter
! 4: * HSR Hochschule fuer Technik Rapperswil
! 5: *
! 6: * This program is free software; you can redistribute it and/or modify it
! 7: * under the terms of the GNU General Public License as published by the
! 8: * Free Software Foundation; either version 2 of the License, or (at your
! 9: * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
! 10: *
! 11: * This program is distributed in the hope that it will be useful, but
! 12: * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
! 13: * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
! 14: * for more details.
! 15: */
! 16:
! 17: /**
! 18: * @defgroup crypter crypter
! 19: * @{ @ingroup crypto
! 20: */
! 21:
! 22: #ifndef CRYPTER_H_
! 23: #define CRYPTER_H_
! 24:
! 25: typedef enum encryption_algorithm_t encryption_algorithm_t;
! 26: typedef struct crypter_t crypter_t;
! 27:
! 28: #include <library.h>
! 29:
! 30: /**
! 31: * Encryption algorithm, as in IKEv2 RFC 3.3.2.
! 32: */
! 33: enum encryption_algorithm_t {
! 34: ENCR_DES_IV64 = 1,
! 35: ENCR_DES = 2,
! 36: ENCR_3DES = 3,
! 37: ENCR_RC5 = 4,
! 38: ENCR_IDEA = 5,
! 39: ENCR_CAST = 6,
! 40: ENCR_BLOWFISH = 7,
! 41: ENCR_3IDEA = 8,
! 42: ENCR_DES_IV32 = 9,
! 43: ENCR_NULL = 11,
! 44: ENCR_AES_CBC = 12,
! 45: /** CTR as specified for IPsec (RFC5930/RFC3686), nonce appended to key */
! 46: ENCR_AES_CTR = 13,
! 47: ENCR_AES_CCM_ICV8 = 14,
! 48: ENCR_AES_CCM_ICV12 = 15,
! 49: ENCR_AES_CCM_ICV16 = 16,
! 50: ENCR_AES_GCM_ICV8 = 18,
! 51: ENCR_AES_GCM_ICV12 = 19,
! 52: ENCR_AES_GCM_ICV16 = 20,
! 53: ENCR_NULL_AUTH_AES_GMAC = 21,
! 54: ENCR_CAMELLIA_CBC = 23,
! 55: /* CTR as specified for IPsec (RFC5529), nonce appended to key */
! 56: ENCR_CAMELLIA_CTR = 24,
! 57: ENCR_CAMELLIA_CCM_ICV8 = 25,
! 58: ENCR_CAMELLIA_CCM_ICV12 = 26,
! 59: ENCR_CAMELLIA_CCM_ICV16 = 27,
! 60: ENCR_CHACHA20_POLY1305 = 28,
! 61: ENCR_UNDEFINED = 1024,
! 62: ENCR_DES_ECB = 1025,
! 63: ENCR_SERPENT_CBC = 1026,
! 64: ENCR_TWOFISH_CBC = 1027,
! 65: /* see macros below to handle RC2 (effective) key length */
! 66: ENCR_RC2_CBC = 1028,
! 67: ENCR_AES_ECB = 1029,
! 68: };
! 69:
! 70: #define DES_BLOCK_SIZE 8
! 71: #define BLOWFISH_BLOCK_SIZE 8
! 72: #define AES_BLOCK_SIZE 16
! 73: #define CAMELLIA_BLOCK_SIZE 16
! 74: #define SERPENT_BLOCK_SIZE 16
! 75: #define TWOFISH_BLOCK_SIZE 16
! 76:
! 77: /**
! 78: * For RC2, if the effective key size in bits is not key_size * 8, it should
! 79: * be encoded with the macro below. It can be decoded with the other two macros.
! 80: * After decoding the value should be validated.
! 81: */
! 82: #define RC2_KEY_SIZE(kl, eff) ((kl) | ((eff) << 8))
! 83: #define RC2_EFFECTIVE_KEY_LEN(ks) ((ks) >> 8)
! 84: #define RC2_KEY_LEN(ks) ((ks) & 0xff)
! 85:
! 86: /**
! 87: * enum name for encryption_algorithm_t.
! 88: */
! 89: extern enum_name_t *encryption_algorithm_names;
! 90:
! 91: /**
! 92: * Generic interface for symmetric encryption algorithms.
! 93: */
! 94: struct crypter_t {
! 95:
! 96: /**
! 97: * Encrypt a chunk of data and allocate space for the encrypted value.
! 98: *
! 99: * The length of the iv must equal to get_iv_size(), while the length
! 100: * of data must be a multiple of get_block_size().
! 101: * If encrypted is NULL, the encryption is done in-place (overwriting data).
! 102: *
! 103: * @param data data to encrypt
! 104: * @param iv initializing vector
! 105: * @param encrypted chunk to allocate encrypted data, or NULL
! 106: * @return TRUE if encryption successful
! 107: */
! 108: bool (*encrypt)(crypter_t *this, chunk_t data, chunk_t iv,
! 109: chunk_t *encrypted) __attribute__((warn_unused_result));
! 110:
! 111: /**
! 112: * Decrypt a chunk of data and allocate space for the decrypted value.
! 113: *
! 114: * The length of the iv must equal to get_iv_size(), while the length
! 115: * of data must be a multiple of get_block_size().
! 116: * If decrypted is NULL, the encryption is done in-place (overwriting data).
! 117: *
! 118: * @param data data to decrypt
! 119: * @param iv initializing vector
! 120: * @param encrypted chunk to allocate decrypted data, or NULL
! 121: * @return TRUE if decryption successful
! 122: */
! 123: bool (*decrypt)(crypter_t *this, chunk_t data, chunk_t iv,
! 124: chunk_t *decrypted) __attribute__((warn_unused_result));
! 125:
! 126: /**
! 127: * Get the block size of the crypto algorithm.
! 128: *
! 129: * get_block_size() returns the smallest block the crypter can handle,
! 130: * not the block size of the underlying crypto algorithm. For counter mode,
! 131: * it is usually 1.
! 132: *
! 133: * @return block size in bytes
! 134: */
! 135: size_t (*get_block_size)(crypter_t *this);
! 136:
! 137: /**
! 138: * Get the IV size of the crypto algorithm.
! 139: *
! 140: * @return initialization vector size in bytes
! 141: */
! 142: size_t (*get_iv_size)(crypter_t *this);
! 143:
! 144: /**
! 145: * Get the key size of the crypto algorithm.
! 146: *
! 147: * get_key_size() might return a key length different from the key
! 148: * size passed to the factory constructor. For Counter Mode, the nonce
! 149: * is handled as a part of the key material and is passed to set_key().
! 150: *
! 151: * @return key size in bytes
! 152: */
! 153: size_t (*get_key_size)(crypter_t *this);
! 154:
! 155: /**
! 156: * Set the key.
! 157: *
! 158: * The length of the key must match get_key_size().
! 159: *
! 160: * @param key key to set
! 161: * @return TRUE if key set successfully
! 162: */
! 163: bool (*set_key)(crypter_t *this,
! 164: chunk_t key) __attribute__((warn_unused_result));
! 165:
! 166: /**
! 167: * Destroys a crypter_t object.
! 168: */
! 169: void (*destroy)(crypter_t *this);
! 170: };
! 171:
! 172: /**
! 173: * Conversion of ASN.1 OID to encryption algorithm.
! 174: *
! 175: * @param oid ASN.1 OID
! 176: * @param key_size returns size of encryption key in bits
! 177: * @return encryption algorithm, ENCR_UNDEFINED if OID unsupported
! 178: */
! 179: encryption_algorithm_t encryption_algorithm_from_oid(int oid, size_t *key_size);
! 180:
! 181: /**
! 182: * Conversion of encryption algorithm to ASN.1 OID.
! 183: *
! 184: * @param alg encryption algorithm
! 185: * @param key_size size of encryption key in bits
! 186: * @return ASN.1 OID, OID_UNKNOWN if OID is unknown
! 187: */
! 188: int encryption_algorithm_to_oid(encryption_algorithm_t alg, size_t key_size);
! 189:
! 190: /**
! 191: * Check if an encryption algorithm identifier is an AEAD algorithm.
! 192: *
! 193: * @param alg algorithm identifier
! 194: * @return TRUE if it is an AEAD algorithm
! 195: */
! 196: bool encryption_algorithm_is_aead(encryption_algorithm_t alg);
! 197:
! 198: #endif /** CRYPTER_H_ @}*/
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>