source-git / gnutls

Clone
Source Code
GIT

Blame lib/cipher_int.h

c8 c8s master
  1.   ff70226814c3c0d38a7fec3231f87fda62d87b0a
  2.   lib
  3.   cipher_int.h
Blob History Raw
Packit Service 4684c1 
/*
Packit Service 4684c1 
 * Copyright (C) 2000-2012 Free Software Foundation, Inc.
Packit Service 4684c1 
 *
Packit Service 4684c1 
 * Author: Nikos Mavrogiannopoulos
Packit Service 4684c1 
 *
Packit Service 4684c1 
 * This file is part of GnuTLS.
Packit Service 4684c1 
 *
Packit Service 4684c1 
 * The GnuTLS is free software; you can redistribute it and/or
Packit Service 4684c1 
 * modify it under the terms of the GNU Lesser General Public License
Packit Service 4684c1 
 * as published by the Free Software Foundation; either version 2.1 of
Packit Service 4684c1 
 * the License, or (at your option) any later version.
Packit Service 4684c1 
 *
Packit Service 4684c1 
 * This library is distributed in the hope that it will be useful, but
Packit Service 4684c1 
 * WITHOUT ANY WARRANTY; without even the implied warranty of
Packit Service 4684c1 
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
Packit Service 4684c1 
 * Lesser General Public License for more details.
Packit Service 4684c1 
 *
Packit Service 4684c1 
 * You should have received a copy of the GNU Lesser General Public License
Packit Service 4684c1 
 * along with this program.  If not, see <https://www.gnu.org/licenses/>
Packit Service 4684c1 
 *
Packit Service 4684c1 
 */
Packit Service 4684c1
Packit Service 4684c1 
#ifndef GNUTLS_LIB_CIPHER_INT_H
Packit Service 4684c1 
#define GNUTLS_LIB_CIPHER_INT_H
Packit Service 4684c1
Packit Service 4684c1 
#include <gnutls/crypto.h>
Packit Service 4684c1 
#include "errors.h"
Packit Service 4684c1 
#include <crypto-backend.h>
Packit Service 4684c1
Packit Service 4684c1 
extern int crypto_cipher_prio;
Packit Service 4684c1 
extern gnutls_crypto_cipher_st _gnutls_cipher_ops;
Packit Service 4684c1
Packit Service 4684c1 
typedef int (*cipher_encrypt_func) (void *hd, const void *plaintext,
Packit Service 4684c1 
				    size_t, void *ciphertext, size_t);
Packit Service 4684c1 
typedef int (*cipher_decrypt_func) (void *hd, const void *ciphertext,
Packit Service 4684c1 
				    size_t, void *plaintext, size_t);
Packit Service 4684c1 
typedef int (*aead_cipher_encrypt_func) (void *hd,
Packit Service 4684c1 
					 const void *nonce, size_t,
Packit Service 4684c1 
					 const void *auth, size_t,
Packit Service 4684c1 
					 size_t tag,
Packit Service 4684c1 
					 const void *plaintext, size_t,
Packit Service 4684c1 
					 void *ciphertext, size_t);
Packit Service 4684c1 
typedef int (*aead_cipher_decrypt_func) (void *hd,
Packit Service 4684c1 
					 const void *nonce, size_t,
Packit Service 4684c1 
					 const void *auth, size_t,
Packit Service 4684c1 
					 size_t tag,
Packit Service 4684c1 
					 const void *ciphertext, size_t,
Packit Service 4684c1 
					 void *plaintext, size_t);
Packit Service 4684c1 
typedef void (*cipher_deinit_func) (void *hd);
Packit Service 4684c1
Packit Service 4684c1 
typedef int (*cipher_auth_func) (void *hd, const void *data, size_t);
Packit Service 4684c1 
typedef int (*cipher_setiv_func) (void *hd, const void *iv, size_t);
Packit Service 4684c1 
typedef int (*cipher_getiv_func) (void *hd, void *iv, size_t);
Packit Service 4684c1
Packit Service 4684c1 
typedef void (*cipher_tag_func) (void *hd, void *tag, size_t);
Packit Service 4684c1
Packit Service 4684c1 
typedef struct {
Packit Service 4684c1 
	void *handle;
Packit Service 4684c1 
	const cipher_entry_st *e;
Packit Service 4684c1 
	cipher_encrypt_func encrypt;
Packit Service 4684c1 
	cipher_decrypt_func decrypt;
Packit Service 4684c1 
	aead_cipher_encrypt_func aead_encrypt;
Packit Service 4684c1 
	aead_cipher_decrypt_func aead_decrypt;
Packit Service 4684c1 
	cipher_auth_func auth;
Packit Service 4684c1 
	cipher_tag_func tag;
Packit Service 4684c1 
	cipher_setiv_func setiv;
Packit Service 4684c1 
	cipher_getiv_func getiv;
Packit Service 4684c1 
	cipher_deinit_func deinit;
Packit Service 4684c1 
} cipher_hd_st;
Packit Service 4684c1
Packit Service 4684c1 
int _gnutls_cipher_init(cipher_hd_st *, const cipher_entry_st * e,
Packit Service 4684c1 
			const gnutls_datum_t * key,
Packit Service 4684c1 
			const gnutls_datum_t * iv, int enc);
Packit Service 4684c1
Packit Service 4684c1 
inline static int _gnutls_cipher_setiv(const cipher_hd_st * handle,
Packit Service 4684c1 
					const void *iv, size_t ivlen)
Packit Service 4684c1 
{
Packit Service 4684c1 
	return handle->setiv(handle->handle, iv, ivlen);
Packit Service 4684c1 
}
Packit Service 4684c1
Packit Service 4684c1 
inline static int _gnutls_cipher_getiv(const cipher_hd_st * handle,
Packit Service 4684c1 
				       void *iv, size_t ivlen)
Packit Service 4684c1 
{
Packit Service 4684c1 
	if (unlikely(handle == NULL || handle->handle == NULL ||
Packit Service 4684c1 
		    handle->getiv == NULL))
Packit Service 4684c1 
		return GNUTLS_E_INVALID_REQUEST;
Packit Service 4684c1
Packit Service 4684c1 
	return handle->getiv(handle->handle, iv, ivlen);
Packit Service 4684c1 
}
Packit Service 4684c1
Packit Service 4684c1 
inline static int
Packit Service 4684c1 
_gnutls_cipher_encrypt2(const cipher_hd_st * handle, const void *text,
Packit Service 4684c1 
			size_t textlen, void *ciphertext,
Packit Service 4684c1 
			size_t ciphertextlen)
Packit Service 4684c1 
{
Packit Service 4684c1 
	if (likely(handle != NULL && handle->handle != NULL)) {
Packit Service 4684c1 
		if (handle->encrypt == NULL) {
Packit Service 4684c1 
			return (GNUTLS_E_INVALID_REQUEST);
Packit Service 4684c1 
		}
Packit Service 4684c1 
		return handle->encrypt(handle->handle, text, textlen,
Packit Service 4684c1 
				       ciphertext, ciphertextlen);
Packit Service 4684c1 
	}
Packit Service 4684c1
Packit Service 4684c1 
	return 0;
Packit Service 4684c1 
}
Packit Service 4684c1
Packit Service 4684c1 
inline static int
Packit Service 4684c1 
_gnutls_cipher_decrypt2(const cipher_hd_st * handle,
Packit Service 4684c1 
			const void *ciphertext, size_t ciphertextlen,
Packit Service 4684c1 
			void *text, size_t textlen)
Packit Service 4684c1 
{
Packit Service 4684c1 
	if (likely(handle != NULL && handle->handle != NULL)) {
Packit Service 4684c1 
		if (handle->decrypt == NULL) {
Packit Service 4684c1 
			return (GNUTLS_E_INVALID_REQUEST);
Packit Service 4684c1 
		}
Packit Service 4684c1 
		return handle->decrypt(handle->handle, ciphertext,
Packit Service 4684c1 
				       ciphertextlen, text, textlen);
Packit Service 4684c1 
	}
Packit Service 4684c1
Packit Service 4684c1 
	return 0;
Packit Service 4684c1 
}
Packit Service 4684c1
Packit Service 4684c1 
inline static int
Packit Service 4684c1 
_gnutls_aead_cipher_encrypt(const cipher_hd_st * handle,
Packit Service 4684c1 
			    const void *nonce, size_t nonce_len,
Packit Service 4684c1 
			    const void *auth, size_t auth_len,
Packit Service 4684c1 
			    size_t tag,
Packit Service 4684c1 
			    const void *text, size_t textlen,
Packit Service 4684c1 
			    void *ciphertext, size_t ciphertextlen)
Packit Service 4684c1 
{
Packit Service 4684c1 
	if (likely(handle != NULL && handle->handle != NULL && handle->aead_encrypt != NULL)) {
Packit Service 4684c1 
		return handle->aead_encrypt(handle->handle,
Packit Service 4684c1 
					    nonce, nonce_len,
Packit Service 4684c1 
					    auth, auth_len,
Packit Service 4684c1 
					    tag,
Packit Service 4684c1 
					    text, textlen,
Packit Service 4684c1 
					    ciphertext, ciphertextlen);
Packit Service 4684c1 
	}
Packit Service 4684c1
Packit Service 4684c1 
	return GNUTLS_E_INVALID_REQUEST;
Packit Service 4684c1 
}
Packit Service 4684c1
Packit Service 4684c1 
inline static int
Packit Service 4684c1 
_gnutls_aead_cipher_decrypt(const cipher_hd_st * handle,
Packit Service 4684c1 
			    const void *nonce, size_t nonce_len,
Packit Service 4684c1 
			    const void *auth, size_t auth_len,
Packit Service 4684c1 
			    size_t tag,
Packit Service 4684c1 
			    const void *ciphertext, size_t ciphertextlen,
Packit Service 4684c1 
			    void *text, size_t textlen)
Packit Service 4684c1 
{
Packit Service 4684c1 
	if (likely(handle != NULL && handle->handle != NULL && handle->aead_decrypt != NULL)) {
Packit Service 4684c1 
		return handle->aead_decrypt(handle->handle,
Packit Service 4684c1 
					    nonce, nonce_len,
Packit Service 4684c1 
					    auth, auth_len,
Packit Service 4684c1 
					    tag,
Packit Service 4684c1 
					    ciphertext, ciphertextlen,
Packit Service 4684c1 
					    text, textlen);
Packit Service 4684c1 
	}
Packit Service 4684c1
Packit Service 4684c1 
	return GNUTLS_E_INVALID_REQUEST;
Packit Service 4684c1 
}
Packit Service 4684c1
Packit Service 4684c1 
inline static void _gnutls_cipher_deinit(cipher_hd_st * handle)
Packit Service 4684c1 
{
Packit Service 4684c1 
	if (likely(handle != NULL && handle->handle != NULL)) {
Packit Service 4684c1 
		handle->deinit(handle->handle);
Packit Service 4684c1 
		handle->handle = NULL;
Packit Service 4684c1 
	}
Packit Service 4684c1 
}
Packit Service 4684c1
Packit Service 4684c1 
int _gnutls_cipher_exists(gnutls_cipher_algorithm_t cipher);
Packit Service 4684c1
Packit Service 4684c1 
int _gnutls_cipher_get_iv(gnutls_cipher_hd_t handle, void *iv,
Packit Service 4684c1 
			  size_t ivlen);
Packit Service 4684c1
Packit Service 4684c1 
#define _gnutls_cipher_is_aead(h) _gnutls_cipher_algo_is_aead((h)->e)
Packit Service 4684c1
Packit Service 4684c1 
/* returns the tag in AUTHENC ciphers */
Packit Service 4684c1 
inline static void _gnutls_cipher_tag(const cipher_hd_st * handle,
Packit Service 4684c1 
				      void *tag, size_t tag_size)
Packit Service 4684c1 
{
Packit Service 4684c1 
	if (likely(handle != NULL && handle->handle != NULL)) {
Packit Service 4684c1 
		handle->tag(handle->handle, tag, tag_size);
Packit Service 4684c1 
	}
Packit Service 4684c1 
}
Packit Service 4684c1
Packit Service 4684c1 
/* Add auth data for AUTHENC ciphers
Packit Service 4684c1 
 */
Packit Service 4684c1 
inline static int _gnutls_cipher_auth(const cipher_hd_st * handle,
Packit Service 4684c1 
				      const void *text, size_t textlen)
Packit Service 4684c1 
{
Packit Service 4684c1 
	if (likely(handle != NULL && handle->handle != NULL)) {
Packit Service 4684c1 
		return handle->auth(handle->handle, text, textlen);
Packit Service 4684c1 
	}
Packit Service 4684c1 
	return GNUTLS_E_INTERNAL_ERROR;
Packit Service 4684c1 
}
Packit Service 4684c1
Packit Service 4684c1 
#define _gnutls_cipher_encrypt(x,y,z) _gnutls_cipher_encrypt2(x,y,z,y,z)
Packit Service 4684c1 
#define _gnutls_cipher_decrypt(x,y,z) _gnutls_cipher_decrypt2(x,y,z,y,z)
Packit Service 4684c1
Packit Service 4684c1 
/* auth_cipher API. Allows combining a cipher with a MAC.
Packit Service 4684c1 
 */
Packit Service 4684c1
Packit Service 4684c1 
typedef struct {
Packit Service 4684c1 
	cipher_hd_st cipher;
Packit Service 4684c1 
	union {
Packit Service 4684c1 
		digest_hd_st dig;
Packit Service 4684c1 
		mac_hd_st mac;
Packit Service 4684c1 
	} mac;
Packit Service 4684c1 
	unsigned int is_mac:1;
Packit Service 4684c1 
#ifdef ENABLE_SSL3
Packit Service 4684c1 
	unsigned int ssl_hmac:1;
Packit Service 4684c1 
#endif
Packit Service 4684c1 
#ifdef ENABLE_GOST
Packit Service 4684c1 
	unsigned int continuous_mac:1;
Packit Service 4684c1 
#endif
Packit Service 4684c1 
	unsigned int non_null:1;
Packit Service 4684c1 
	unsigned int etm:1;
Packit Service 4684c1 
	size_t tag_size;
Packit Service 4684c1 
} auth_cipher_hd_st;
Packit Service 4684c1
Packit Service 4684c1 
int _gnutls_auth_cipher_init(auth_cipher_hd_st * handle,
Packit Service 4684c1 
			     const cipher_entry_st * e,
Packit Service 4684c1 
			     const gnutls_datum_t * cipher_key,
Packit Service 4684c1 
			     const gnutls_datum_t * iv,
Packit Service 4684c1 
			     const mac_entry_st * me,
Packit Service 4684c1 
			     const gnutls_datum_t * mac_key,
Packit Service 4684c1 
			     unsigned etm,
Packit Service 4684c1 
#ifdef ENABLE_SSL3
Packit Service 4684c1 
			     unsigned ssl_hmac,
Packit Service 4684c1 
#endif
Packit Service 4684c1 
			     int enc);
Packit Service 4684c1
Packit Service 4684c1 
int _gnutls_auth_cipher_add_auth(auth_cipher_hd_st * handle,
Packit Service 4684c1 
				 const void *text, int textlen);
Packit Service 4684c1
Packit Service 4684c1 
int _gnutls_auth_cipher_encrypt2_tag(auth_cipher_hd_st * handle,
Packit Service 4684c1 
				     const uint8_t * text, int textlen,
Packit Service 4684c1 
				     void *ciphertext, int ciphertextlen,
Packit Service 4684c1 
				     int pad_size);
Packit Service 4684c1 
int _gnutls_auth_cipher_decrypt2(auth_cipher_hd_st * handle,
Packit Service 4684c1 
				 const void *ciphertext, int ciphertextlen,
Packit Service 4684c1 
				 void *text, int textlen);
Packit Service 4684c1 
int _gnutls_auth_cipher_tag(auth_cipher_hd_st * handle, void *tag,
Packit Service 4684c1 
			    int tag_size);
Packit Service 4684c1
Packit Service 4684c1 
inline static int _gnutls_auth_cipher_setiv(const auth_cipher_hd_st *
Packit Service 4684c1 
					     handle, const void *iv,
Packit Service 4684c1 
					     size_t ivlen)
Packit Service 4684c1 
{
Packit Service 4684c1 
	return _gnutls_cipher_setiv(&handle->cipher, iv, ivlen);
Packit Service 4684c1 
}
Packit Service 4684c1
Packit Service 4684c1 
inline static size_t _gnutls_auth_cipher_tag_len(auth_cipher_hd_st *
Packit Service 4684c1 
						 handle)
Packit Service 4684c1 
{
Packit Service 4684c1 
	return handle->tag_size;
Packit Service 4684c1 
}
Packit Service 4684c1
Packit Service 4684c1 
#define _gnutls_auth_cipher_is_aead(h) _gnutls_cipher_is_aead(&(h)->cipher)
Packit Service 4684c1
Packit Service 4684c1 
void _gnutls_auth_cipher_deinit(auth_cipher_hd_st * handle);
Packit Service 4684c1
Packit Service 4684c1
Packit Service 4684c1 
#endif /* GNUTLS_LIB_CIPHER_INT_H */

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation