|
Packit |
aea12f |
/*
|
|
Packit |
aea12f |
* Copyright (C) 2008-2012 Free Software Foundation, Inc.
|
|
Packit |
aea12f |
*
|
|
Packit |
aea12f |
* Author: Nikos Mavrogiannopoulos
|
|
Packit |
aea12f |
*
|
|
Packit |
aea12f |
* This file is part of GnuTLS.
|
|
Packit |
aea12f |
*
|
|
Packit |
aea12f |
* The GnuTLS is free software; you can redistribute it and/or
|
|
Packit |
aea12f |
* modify it under the terms of the GNU Lesser General Public License
|
|
Packit |
aea12f |
* as published by the Free Software Foundation; either version 2.1 of
|
|
Packit |
aea12f |
* the License, or (at your option) any later version.
|
|
Packit |
aea12f |
*
|
|
Packit |
aea12f |
* This library is distributed in the hope that it will be useful, but
|
|
Packit |
aea12f |
* WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
Packit |
aea12f |
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
Packit |
aea12f |
* Lesser General Public License for more details.
|
|
Packit |
aea12f |
*
|
|
Packit |
aea12f |
* You should have received a copy of the GNU Lesser General Public License
|
|
Packit |
aea12f |
* along with this program. If not, see <https://www.gnu.org/licenses/>
|
|
Packit |
aea12f |
*
|
|
Packit |
aea12f |
*/
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
#ifndef GNUTLS_CRYPTO_H
|
|
Packit |
aea12f |
#define GNUTLS_CRYPTO_H
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
#include <gnutls/gnutls.h>
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
/* *INDENT-OFF* */
|
|
Packit |
aea12f |
#ifdef __cplusplus
|
|
Packit |
aea12f |
extern "C" {
|
|
Packit |
aea12f |
#endif
|
|
Packit |
aea12f |
/* *INDENT-ON* */
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
typedef struct api_cipher_hd_st *gnutls_cipher_hd_t;
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
int gnutls_cipher_init(gnutls_cipher_hd_t * handle,
|
|
Packit |
aea12f |
gnutls_cipher_algorithm_t cipher,
|
|
Packit |
aea12f |
const gnutls_datum_t * key,
|
|
Packit |
aea12f |
const gnutls_datum_t * iv);
|
|
Packit |
aea12f |
int gnutls_cipher_encrypt(const gnutls_cipher_hd_t handle,
|
|
Packit |
aea12f |
void *text, size_t textlen);
|
|
Packit |
aea12f |
int gnutls_cipher_decrypt(const gnutls_cipher_hd_t handle,
|
|
Packit |
aea12f |
void *ciphertext, size_t ciphertextlen);
|
|
Packit |
aea12f |
int gnutls_cipher_decrypt2(gnutls_cipher_hd_t handle,
|
|
Packit |
aea12f |
const void *ciphertext,
|
|
Packit |
aea12f |
size_t ciphertextlen, void *text,
|
|
Packit |
aea12f |
size_t textlen);
|
|
Packit |
aea12f |
int gnutls_cipher_encrypt2(gnutls_cipher_hd_t handle,
|
|
Packit |
aea12f |
const void *text, size_t textlen,
|
|
Packit |
aea12f |
void *ciphertext, size_t ciphertextlen);
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
void gnutls_cipher_set_iv(gnutls_cipher_hd_t handle, void *iv,
|
|
Packit |
aea12f |
size_t ivlen);
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
int gnutls_cipher_tag(gnutls_cipher_hd_t handle, void *tag,
|
|
Packit |
aea12f |
size_t tag_size);
|
|
Packit |
aea12f |
int gnutls_cipher_add_auth(gnutls_cipher_hd_t handle,
|
|
Packit |
aea12f |
const void *text, size_t text_size);
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
void gnutls_cipher_deinit(gnutls_cipher_hd_t handle);
|
|
Packit |
aea12f |
unsigned gnutls_cipher_get_block_size(gnutls_cipher_algorithm_t algorithm) __GNUTLS_CONST__;
|
|
Packit |
aea12f |
unsigned gnutls_cipher_get_iv_size(gnutls_cipher_algorithm_t algorithm) __GNUTLS_CONST__;
|
|
Packit |
aea12f |
unsigned gnutls_cipher_get_tag_size(gnutls_cipher_algorithm_t algorithm) __GNUTLS_CONST__;
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
/* AEAD API
|
|
Packit |
aea12f |
*/
|
|
Packit |
aea12f |
typedef struct api_aead_cipher_hd_st *gnutls_aead_cipher_hd_t;
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
int gnutls_aead_cipher_init(gnutls_aead_cipher_hd_t * handle,
|
|
Packit |
aea12f |
gnutls_cipher_algorithm_t cipher,
|
|
Packit |
aea12f |
const gnutls_datum_t * key);
|
|
Packit |
aea12f |
int
|
|
Packit |
aea12f |
gnutls_aead_cipher_decrypt(gnutls_aead_cipher_hd_t handle,
|
|
Packit |
aea12f |
const void *nonce, size_t nonce_len,
|
|
Packit |
aea12f |
const void *auth, size_t auth_len,
|
|
Packit |
aea12f |
size_t tag_size,
|
|
Packit |
aea12f |
const void *ctext, size_t ctext_len,
|
|
Packit |
aea12f |
void *ptext, size_t *ptext_len);
|
|
Packit |
aea12f |
int
|
|
Packit |
aea12f |
gnutls_aead_cipher_encrypt(gnutls_aead_cipher_hd_t handle,
|
|
Packit |
aea12f |
const void *nonce, size_t nonce_len,
|
|
Packit |
aea12f |
const void *auth, size_t auth_len,
|
|
Packit |
aea12f |
size_t tag_size,
|
|
Packit |
aea12f |
const void *ptext, size_t ptext_len,
|
|
Packit |
aea12f |
void *ctext, size_t *ctext_len);
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
int
|
|
Packit |
aea12f |
gnutls_aead_cipher_encryptv(gnutls_aead_cipher_hd_t handle,
|
|
Packit |
aea12f |
const void *nonce, size_t nonce_len,
|
|
Packit |
aea12f |
const giovec_t *auth_iov, int auth_iovcnt,
|
|
Packit |
aea12f |
size_t tag_size,
|
|
Packit |
aea12f |
const giovec_t *iov, int iovcnt,
|
|
Packit |
aea12f |
void *ctext, size_t *ctext_len);
|
|
Packit |
aea12f |
|
|
Packit |
c36854 |
int
|
|
Packit |
c36854 |
gnutls_aead_cipher_encryptv2(gnutls_aead_cipher_hd_t handle,
|
|
Packit |
c36854 |
const void *nonce, size_t nonce_len,
|
|
Packit |
c36854 |
const giovec_t *auth_iov, int auth_iovcnt,
|
|
Packit |
c36854 |
const giovec_t *iov, int iovcnt,
|
|
Packit |
c36854 |
void *tag, size_t *tag_size);
|
|
Packit |
c36854 |
|
|
Packit |
c36854 |
int
|
|
Packit |
c36854 |
gnutls_aead_cipher_decryptv2(gnutls_aead_cipher_hd_t handle,
|
|
Packit |
c36854 |
const void *nonce, size_t nonce_len,
|
|
Packit |
c36854 |
const giovec_t *auth_iov, int auth_iovcnt,
|
|
Packit |
c36854 |
const giovec_t *iov, int iovcnt,
|
|
Packit |
c36854 |
void *tag, size_t tag_size);
|
|
Packit |
c36854 |
|
|
Packit |
aea12f |
void gnutls_aead_cipher_deinit(gnutls_aead_cipher_hd_t handle);
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
/* Hash - MAC API */
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
typedef struct hash_hd_st *gnutls_hash_hd_t;
|
|
Packit |
aea12f |
typedef struct hmac_hd_st *gnutls_hmac_hd_t;
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
size_t gnutls_mac_get_nonce_size(gnutls_mac_algorithm_t algorithm) __GNUTLS_CONST__;
|
|
Packit |
aea12f |
int gnutls_hmac_init(gnutls_hmac_hd_t * dig,
|
|
Packit |
aea12f |
gnutls_mac_algorithm_t algorithm,
|
|
Packit |
aea12f |
const void *key, size_t keylen);
|
|
Packit |
aea12f |
void gnutls_hmac_set_nonce(gnutls_hmac_hd_t handle,
|
|
Packit |
aea12f |
const void *nonce, size_t nonce_len);
|
|
Packit |
aea12f |
int gnutls_hmac(gnutls_hmac_hd_t handle, const void *text, size_t textlen);
|
|
Packit |
aea12f |
void gnutls_hmac_output(gnutls_hmac_hd_t handle, void *digest);
|
|
Packit |
aea12f |
void gnutls_hmac_deinit(gnutls_hmac_hd_t handle, void *digest);
|
|
Packit |
aea12f |
unsigned gnutls_hmac_get_len(gnutls_mac_algorithm_t algorithm) __GNUTLS_CONST__;
|
|
Packit |
aea12f |
int gnutls_hmac_fast(gnutls_mac_algorithm_t algorithm,
|
|
Packit |
aea12f |
const void *key, size_t keylen,
|
|
Packit |
aea12f |
const void *text, size_t textlen, void *digest);
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
int gnutls_hash_init(gnutls_hash_hd_t * dig,
|
|
Packit |
aea12f |
gnutls_digest_algorithm_t algorithm);
|
|
Packit |
aea12f |
int gnutls_hash(gnutls_hash_hd_t handle, const void *text, size_t textlen);
|
|
Packit |
aea12f |
void gnutls_hash_output(gnutls_hash_hd_t handle, void *digest);
|
|
Packit |
aea12f |
void gnutls_hash_deinit(gnutls_hash_hd_t handle, void *digest);
|
|
Packit |
aea12f |
unsigned gnutls_hash_get_len(gnutls_digest_algorithm_t algorithm) __GNUTLS_CONST__;
|
|
Packit |
aea12f |
int gnutls_hash_fast(gnutls_digest_algorithm_t algorithm,
|
|
Packit |
aea12f |
const void *text, size_t textlen, void *digest);
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
/* register ciphers */
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
/**
|
|
Packit |
aea12f |
* gnutls_rnd_level_t:
|
|
Packit |
aea12f |
* @GNUTLS_RND_NONCE: Non-predictable random number. Fatal in parts
|
|
Packit |
aea12f |
* of session if broken, i.e., vulnerable to statistical analysis.
|
|
Packit |
aea12f |
* @GNUTLS_RND_RANDOM: Pseudo-random cryptographic random number.
|
|
Packit |
aea12f |
* Fatal in session if broken. Example use: temporal keys.
|
|
Packit |
aea12f |
* @GNUTLS_RND_KEY: Fatal in many sessions if broken. Example use:
|
|
Packit |
aea12f |
* Long-term keys.
|
|
Packit |
aea12f |
*
|
|
Packit |
aea12f |
* Enumeration of random quality levels.
|
|
Packit |
aea12f |
*/
|
|
Packit |
aea12f |
typedef enum gnutls_rnd_level {
|
|
Packit |
aea12f |
GNUTLS_RND_NONCE = 0,
|
|
Packit |
aea12f |
GNUTLS_RND_RANDOM = 1,
|
|
Packit |
aea12f |
GNUTLS_RND_KEY = 2
|
|
Packit |
aea12f |
} gnutls_rnd_level_t;
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
int gnutls_rnd(gnutls_rnd_level_t level, void *data, size_t len);
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
void gnutls_rnd_refresh(void);
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
/* API to override ciphers and MAC algorithms
|
|
Packit |
aea12f |
*/
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
typedef int (*gnutls_cipher_init_func) (gnutls_cipher_algorithm_t, void **ctx, int enc);
|
|
Packit |
aea12f |
typedef int (*gnutls_cipher_setkey_func) (void *ctx, const void *key, size_t keysize);
|
|
Packit |
aea12f |
/* old style ciphers */
|
|
Packit |
aea12f |
typedef int (*gnutls_cipher_setiv_func) (void *ctx, const void *iv, size_t ivsize);
|
|
Packit |
aea12f |
typedef int (*gnutls_cipher_getiv_func) (void *ctx, void *iv, size_t ivsize);
|
|
Packit |
aea12f |
typedef int (*gnutls_cipher_encrypt_func) (void *ctx, const void *plain, size_t plainsize,
|
|
Packit |
aea12f |
void *encr, size_t encrsize);
|
|
Packit |
aea12f |
typedef int (*gnutls_cipher_decrypt_func) (void *ctx, const void *encr, size_t encrsize,
|
|
Packit |
aea12f |
void *plain, size_t plainsize);
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
/* aead ciphers */
|
|
Packit |
aea12f |
typedef int (*gnutls_cipher_auth_func) (void *ctx, const void *data, size_t datasize);
|
|
Packit |
aea12f |
typedef void (*gnutls_cipher_tag_func) (void *ctx, void *tag, size_t tagsize);
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
typedef int (*gnutls_cipher_aead_encrypt_func) (void *ctx,
|
|
Packit |
aea12f |
const void *nonce, size_t noncesize,
|
|
Packit |
aea12f |
const void *auth, size_t authsize,
|
|
Packit |
aea12f |
size_t tag_size,
|
|
Packit |
aea12f |
const void *plain, size_t plainsize,
|
|
Packit |
aea12f |
void *encr, size_t encrsize);
|
|
Packit |
aea12f |
typedef int (*gnutls_cipher_aead_decrypt_func) (void *ctx,
|
|
Packit |
aea12f |
const void *nonce, size_t noncesize,
|
|
Packit |
aea12f |
const void *auth, size_t authsize,
|
|
Packit |
aea12f |
size_t tag_size,
|
|
Packit |
aea12f |
const void *encr, size_t encrsize,
|
|
Packit |
aea12f |
void *plain, size_t plainsize);
|
|
Packit |
aea12f |
typedef void (*gnutls_cipher_deinit_func) (void *ctx);
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
int
|
|
Packit |
aea12f |
gnutls_crypto_register_cipher(gnutls_cipher_algorithm_t algorithm,
|
|
Packit |
aea12f |
int priority,
|
|
Packit |
aea12f |
gnutls_cipher_init_func init,
|
|
Packit |
aea12f |
gnutls_cipher_setkey_func setkey,
|
|
Packit |
aea12f |
gnutls_cipher_setiv_func setiv,
|
|
Packit |
aea12f |
gnutls_cipher_encrypt_func encrypt,
|
|
Packit |
aea12f |
gnutls_cipher_decrypt_func decrypt,
|
|
Packit |
aea12f |
gnutls_cipher_deinit_func deinit);
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
int
|
|
Packit |
aea12f |
gnutls_crypto_register_aead_cipher(gnutls_cipher_algorithm_t algorithm,
|
|
Packit |
aea12f |
int priority,
|
|
Packit |
aea12f |
gnutls_cipher_init_func init,
|
|
Packit |
aea12f |
gnutls_cipher_setkey_func setkey,
|
|
Packit |
aea12f |
gnutls_cipher_aead_encrypt_func aead_encrypt,
|
|
Packit |
aea12f |
gnutls_cipher_aead_decrypt_func aead_decrypt,
|
|
Packit |
aea12f |
gnutls_cipher_deinit_func deinit);
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
typedef int (*gnutls_mac_init_func) (gnutls_mac_algorithm_t, void **ctx);
|
|
Packit |
aea12f |
typedef int (*gnutls_mac_setkey_func) (void *ctx, const void *key, size_t keysize);
|
|
Packit |
aea12f |
typedef int (*gnutls_mac_setnonce_func) (void *ctx, const void *nonce, size_t noncesize);
|
|
Packit |
aea12f |
typedef int (*gnutls_mac_hash_func) (void *ctx, const void *text, size_t textsize);
|
|
Packit |
aea12f |
typedef int (*gnutls_mac_output_func) (void *src_ctx, void *digest, size_t digestsize);
|
|
Packit |
aea12f |
typedef void (*gnutls_mac_deinit_func) (void *ctx);
|
|
Packit |
aea12f |
typedef int (*gnutls_mac_fast_func) (gnutls_mac_algorithm_t, const void *nonce,
|
|
Packit |
aea12f |
size_t nonce_size, const void *key, size_t keysize,
|
|
Packit |
aea12f |
const void *text, size_t textsize, void *digest);
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
int
|
|
Packit |
aea12f |
gnutls_crypto_register_mac(gnutls_mac_algorithm_t mac,
|
|
Packit |
aea12f |
int priority,
|
|
Packit |
aea12f |
gnutls_mac_init_func init,
|
|
Packit |
aea12f |
gnutls_mac_setkey_func setkey,
|
|
Packit |
aea12f |
gnutls_mac_setnonce_func setnonce,
|
|
Packit |
aea12f |
gnutls_mac_hash_func hash,
|
|
Packit |
aea12f |
gnutls_mac_output_func output,
|
|
Packit |
aea12f |
gnutls_mac_deinit_func deinit,
|
|
Packit |
aea12f |
gnutls_mac_fast_func hash_fast);
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
typedef int (*gnutls_digest_init_func) (gnutls_digest_algorithm_t, void **ctx);
|
|
Packit |
aea12f |
typedef int (*gnutls_digest_hash_func) (void *ctx, const void *text, size_t textsize);
|
|
Packit |
aea12f |
typedef int (*gnutls_digest_output_func) (void *src_ctx, void *digest, size_t digestsize);
|
|
Packit |
aea12f |
typedef void (*gnutls_digest_deinit_func) (void *ctx);
|
|
Packit |
aea12f |
typedef int (*gnutls_digest_fast_func) (gnutls_digest_algorithm_t,
|
|
Packit |
aea12f |
const void *text, size_t textsize, void *digest);
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
int
|
|
Packit |
aea12f |
gnutls_crypto_register_digest(gnutls_digest_algorithm_t digest,
|
|
Packit |
aea12f |
int priority,
|
|
Packit |
aea12f |
gnutls_digest_init_func init,
|
|
Packit |
aea12f |
gnutls_digest_hash_func hash,
|
|
Packit |
aea12f |
gnutls_digest_output_func output,
|
|
Packit |
aea12f |
gnutls_digest_deinit_func deinit,
|
|
Packit |
aea12f |
gnutls_digest_fast_func hash_fast);
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
/* RSA-PKCS#1 1.5 helper functions */
|
|
Packit |
aea12f |
int
|
|
Packit |
aea12f |
gnutls_encode_ber_digest_info(gnutls_digest_algorithm_t hash,
|
|
Packit |
aea12f |
const gnutls_datum_t * digest,
|
|
Packit |
aea12f |
gnutls_datum_t * output);
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
int
|
|
Packit |
aea12f |
gnutls_decode_ber_digest_info(const gnutls_datum_t * info,
|
|
Packit |
aea12f |
gnutls_digest_algorithm_t *hash,
|
|
Packit |
aea12f |
unsigned char *digest, unsigned int *digest_size);
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
int gnutls_decode_rs_value(const gnutls_datum_t * sig_value, gnutls_datum_t *r, gnutls_datum_t *s);
|
|
Packit |
aea12f |
int gnutls_encode_rs_value(gnutls_datum_t * sig_value, const gnutls_datum_t * r, const gnutls_datum_t * s);
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
int gnutls_encode_gost_rs_value(gnutls_datum_t * sig_value, const gnutls_datum_t * r, const gnutls_datum_t *s);
|
|
Packit |
aea12f |
int gnutls_decode_gost_rs_value(const gnutls_datum_t * sig_value, gnutls_datum_t * r, gnutls_datum_t * s);
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
/* *INDENT-OFF* */
|
|
Packit |
aea12f |
#ifdef __cplusplus
|
|
Packit |
aea12f |
}
|
|
Packit |
aea12f |
#endif
|
|
Packit |
aea12f |
/* *INDENT-ON* */
|
|
Packit |
aea12f |
#endif
|