2 * Copyright (C) 2008, 2009, 2010 Free Software Foundation, Inc.
4 * Author: Nikos Mavrogiannopoulos
6 * This file is part of GnuTLS.
8 * The GnuTLS is free software; you can redistribute it and/or
9 * modify it under the terms of the GNU Lesser General Public License
10 * as published by the Free Software Foundation; either version 2.1 of
11 * the License, or (at your option) any later version.
13 * This library is distributed in the hope that it will be useful, but
14 * WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 * Lesser General Public License for more details.
18 * You should have received a copy of the GNU Lesser General Public
19 * License along with this library; if not, write to the Free Software
20 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301,
25 #ifndef GNUTLS_CRYPTO_H
26 #define GNUTLS_CRYPTO_H
33 typedef struct cipher_hd_st *gnutls_cipher_hd_t;
35 int gnutls_cipher_init (gnutls_cipher_hd_t * handle,
36 gnutls_cipher_algorithm_t cipher,
37 const gnutls_datum_t * key,
38 const gnutls_datum_t * iv);
39 int gnutls_cipher_encrypt (const gnutls_cipher_hd_t handle,
40 void *text, size_t textlen);
41 int gnutls_cipher_decrypt (const gnutls_cipher_hd_t handle,
42 void *ciphertext, size_t ciphertextlen);
43 int gnutls_cipher_decrypt2 (gnutls_cipher_hd_t handle,
44 const void *ciphertext, size_t ciphertextlen,
45 void *text, size_t textlen);
46 int gnutls_cipher_encrypt2 (gnutls_cipher_hd_t handle, void *text,
47 size_t textlen, void *ciphertext,
48 size_t ciphertextlen);
50 void gnutls_cipher_deinit (gnutls_cipher_hd_t handle);
51 int gnutls_cipher_get_block_size (gnutls_cipher_algorithm_t algorithm);
54 typedef struct hash_hd_st *gnutls_hash_hd_t;
55 typedef struct hmac_hd_st *gnutls_hmac_hd_t;
57 int gnutls_hmac_init (gnutls_hmac_hd_t * dig,
58 gnutls_digest_algorithm_t algorithm, const void *key,
60 int gnutls_hmac (gnutls_hmac_hd_t handle, const void *text, size_t textlen);
61 void gnutls_hmac_output (gnutls_hmac_hd_t handle, void *digest);
62 void gnutls_hmac_deinit (gnutls_hmac_hd_t handle, void *digest);
63 int gnutls_hmac_get_len (gnutls_mac_algorithm_t algorithm);
64 int gnutls_hmac_fast (gnutls_mac_algorithm_t algorithm, const void *key,
65 size_t keylen, const void *text, size_t textlen,
68 int gnutls_hash_init (gnutls_hash_hd_t * dig,
69 gnutls_digest_algorithm_t algorithm);
70 int gnutls_hash (gnutls_hash_hd_t handle, const void *text, size_t textlen);
71 void gnutls_hash_output (gnutls_hash_hd_t handle, void *digest);
72 void gnutls_hash_deinit (gnutls_hash_hd_t handle, void *digest);
73 int gnutls_hash_get_len (gnutls_digest_algorithm_t algorithm);
74 int gnutls_hash_fast (gnutls_digest_algorithm_t algorithm,
75 const void *text, size_t textlen, void *digest);
77 /* register ciphers */
79 #define GNUTLS_CRYPTO_API_VERSION 0x03
81 #define gnutls_crypto_single_cipher_st gnutls_crypto_cipher_st
82 #define gnutls_crypto_single_mac_st gnutls_crypto_mac_st
83 #define gnutls_crypto_single_digest_st gnutls_crypto_digest_st
87 int (*init) (gnutls_cipher_algorithm_t, void **ctx);
88 int (*setkey) (void *ctx, const void *key, size_t keysize);
89 int (*setiv) (void *ctx, const void *iv, size_t ivsize);
90 int (*encrypt) (void *ctx, const void *plain, size_t plainsize,
91 void *encr, size_t encrsize);
92 int (*decrypt) (void *ctx, const void *encr, size_t encrsize,
93 void *plain, size_t plainsize);
94 void (*deinit) (void *ctx);
95 } gnutls_crypto_cipher_st;
99 int (*init) (gnutls_mac_algorithm_t, void **ctx);
100 int (*setkey) (void *ctx, const void *key, size_t keysize);
101 int (*hash) (void *ctx, const void *text, size_t textsize);
102 int (*output) (void *src_ctx, void *digest, size_t digestsize);
103 void (*deinit) (void *ctx);
104 } gnutls_crypto_mac_st;
108 int (*init) (gnutls_mac_algorithm_t, void **ctx);
109 int (*hash) (void *ctx, const void *text, size_t textsize);
110 int (*copy) (void **dst_ctx, void *src_ctx);
111 int (*output) (void *src_ctx, void *digest, size_t digestsize);
112 void (*deinit) (void *ctx);
113 } gnutls_crypto_digest_st;
116 * gnutls_rnd_level_t:
117 * @GNUTLS_RND_NONCE: Non-predictable random number. Fatal in parts
118 * of session if broken, i.e., vulnerable to statistical analysis.
119 * @GNUTLS_RND_RANDOM: Pseudo-random cryptographic random number.
120 * Fatal in session if broken.
121 * @GNUTLS_RND_KEY: Fatal in many sessions if broken.
123 * Enumeration of random quality levels.
125 typedef enum gnutls_rnd_level
127 GNUTLS_RND_NONCE = 0,
128 GNUTLS_RND_RANDOM = 1,
130 } gnutls_rnd_level_t;
132 int gnutls_rnd (gnutls_rnd_level_t level, void *data, size_t len);
137 * @GNUTLS_PK_FLAG_NONE: No flag.
139 * Enumeration of public-key flag.
143 GNUTLS_PK_FLAG_NONE = 0
146 typedef struct gnutls_crypto_rnd
148 int (*init) (void **ctx);
149 int (*rnd) (void *ctx, int level, void *data, size_t datasize);
150 void (*deinit) (void *ctx);
151 } gnutls_crypto_rnd_st;
153 typedef void *bigint_t;
156 * gnutls_bigint_format_t:
157 * @GNUTLS_MPI_FORMAT_USG: Raw unsigned integer format.
158 * @GNUTLS_MPI_FORMAT_STD: Raw signed integer format, always a leading
159 * zero when positive.
160 * @GNUTLS_MPI_FORMAT_PGP: The pgp integer format.
162 * Enumeration of different bignum integer encoding formats.
166 /* raw unsigned integer format */
167 GNUTLS_MPI_FORMAT_USG = 0,
168 /* raw signed integer format - always a leading zero when positive */
169 GNUTLS_MPI_FORMAT_STD = 1,
170 /* the pgp integer format */
171 GNUTLS_MPI_FORMAT_PGP = 2
172 } gnutls_bigint_format_t;
176 bigint_t g; /* group generator */
177 bigint_t p; /* prime */
180 /* Multi precision integer arithmetic */
181 typedef struct gnutls_crypto_bigint
183 bigint_t (*bigint_new) (int nbits);
184 void (*bigint_release) (bigint_t n);
185 /* 0 for equality, > 0 for m1>m2, < 0 for m1<m2 */
186 int (*bigint_cmp) (const bigint_t m1, const bigint_t m2);
188 int (*bigint_cmp_ui) (const bigint_t m1, unsigned long m2);
190 bigint_t (*bigint_mod) (const bigint_t a, const bigint_t b);
191 /* a = b -> ret == a */
192 bigint_t (*bigint_set) (bigint_t a, const bigint_t b);
193 /* a = b -> ret == a */
194 bigint_t (*bigint_set_ui) (bigint_t a, unsigned long b);
195 unsigned int (*bigint_get_nbits) (const bigint_t a);
196 /* w = b ^ e mod m */
197 bigint_t (*bigint_powm) (bigint_t w, const bigint_t b,
198 const bigint_t e, const bigint_t m);
199 /* w = a + b mod m */
200 bigint_t (*bigint_addm) (bigint_t w, const bigint_t a,
201 const bigint_t b, const bigint_t m);
202 /* w = a - b mod m */
203 bigint_t (*bigint_subm) (bigint_t w, const bigint_t a, const bigint_t b,
205 /* w = a * b mod m */
206 bigint_t (*bigint_mulm) (bigint_t w, const bigint_t a, const bigint_t b,
208 /* w = a + b */ bigint_t (*bigint_add) (bigint_t w, const bigint_t a,
210 /* w = a - b */ bigint_t (*bigint_sub) (bigint_t w, const bigint_t a,
213 bigint_t (*bigint_mul) (bigint_t w, const bigint_t a, const bigint_t b);
215 bigint_t (*bigint_add_ui) (bigint_t w, const bigint_t a,
218 bigint_t (*bigint_sub_ui) (bigint_t w, const bigint_t a,
221 bigint_t (*bigint_mul_ui) (bigint_t w, const bigint_t a,
224 bigint_t (*bigint_div) (bigint_t q, const bigint_t a, const bigint_t b);
226 int (*bigint_prime_check) (const bigint_t pp);
227 int (*bigint_generate_group) (gnutls_group_st * gg, unsigned int bits);
229 /* reads an bigint from a buffer */
230 /* stores an bigint into the buffer. returns
231 * GNUTLS_E_SHORT_MEMORY_BUFFER if buf_size is not sufficient to
232 * store this integer, and updates the buf_size;
234 bigint_t (*bigint_scan) (const void *buf, size_t buf_size,
235 gnutls_bigint_format_t format);
236 int (*bigint_print) (const bigint_t a, void *buf, size_t * buf_size,
237 gnutls_bigint_format_t format);
238 } gnutls_crypto_bigint_st;
240 #define GNUTLS_MAX_PK_PARAMS 16
244 bigint_t params[GNUTLS_MAX_PK_PARAMS];
245 unsigned int params_nr; /* the number of parameters */
247 } gnutls_pk_params_st;
249 void gnutls_pk_params_release (gnutls_pk_params_st * p);
250 void gnutls_pk_params_init (gnutls_pk_params_st * p);
255 * [1] is public exponent
256 * [2] is private exponent (private key only)
257 * [3] is prime1 (p) (private key only)
258 * [4] is prime2 (q) (private key only)
259 * [5] is coefficient (u == inverse of p mod q) (private key only)
260 * [6] e1 == d mod (p-1)
261 * [7] e2 == d mod (q-1)
263 * note that for libgcrypt that does not use the inverse of q mod p,
264 * we need to perform conversions using fixup_params().
270 * [3] is y (public key)
271 * [4] is x (private key only)
275 * gnutls_direction_t:
276 * @GNUTLS_IMPORT: Import direction.
277 * @GNUTLS_EXPORT: Export direction.
279 * Enumeration of different directions.
285 } gnutls_direction_t;
287 /* Public key algorithms */
288 typedef struct gnutls_crypto_pk
290 /* The params structure should contain the private or public key
291 * parameters, depending on the operation */
292 int (*encrypt) (gnutls_pk_algorithm_t, gnutls_datum_t * ciphertext,
293 const gnutls_datum_t * plaintext,
294 const gnutls_pk_params_st * pub);
295 int (*decrypt) (gnutls_pk_algorithm_t, gnutls_datum_t * plaintext,
296 const gnutls_datum_t * ciphertext,
297 const gnutls_pk_params_st * priv);
299 int (*sign) (gnutls_pk_algorithm_t, gnutls_datum_t * signature,
300 const gnutls_datum_t * data,
301 const gnutls_pk_params_st * priv);
302 int (*verify) (gnutls_pk_algorithm_t, const gnutls_datum_t * data,
303 const gnutls_datum_t * signature,
304 const gnutls_pk_params_st * pub);
306 int (*generate) (gnutls_pk_algorithm_t, unsigned int nbits,
307 gnutls_pk_params_st *);
308 /* this function should convert params to ones suitable
309 * for the above functions
311 int (*pk_fixup_private_params) (gnutls_pk_algorithm_t, gnutls_direction_t,
312 gnutls_pk_params_st *);
314 } gnutls_crypto_pk_st;
316 /* priority: infinity for backend algorithms, 90 for kernel
317 algorithms, lowest wins
319 #define gnutls_crypto_single_cipher_register(algo, prio, st) \
320 gnutls_crypto_single_cipher_register2 (algo, prio, \
321 GNUTLS_CRYPTO_API_VERSION, st)
322 #define gnutls_crypto_single_mac_register(algo, prio, st) \
323 gnutls_crypto_single_mac_register2 (algo, prio, \
324 GNUTLS_CRYPTO_API_VERSION, st)
325 #define gnutls_crypto_single_digest_register(algo, prio, st) \
326 gnutls_crypto_single_digest_register2(algo, prio, \
327 GNUTLS_CRYPTO_API_VERSION, st)
329 int gnutls_crypto_single_cipher_register2 (gnutls_cipher_algorithm_t
330 algorithm, int priority,
333 gnutls_crypto_single_cipher_st *
335 int gnutls_crypto_single_mac_register2 (gnutls_mac_algorithm_t algorithm,
336 int priority, int version,
337 const gnutls_crypto_single_mac_st *
339 int gnutls_crypto_single_digest_register2 (gnutls_digest_algorithm_t
340 algorithm, int priority,
343 gnutls_crypto_single_digest_st *
346 #define gnutls_crypto_cipher_register(prio, st) \
347 gnutls_crypto_cipher_register2 (prio, GNUTLS_CRYPTO_API_VERSION, st)
348 #define gnutls_crypto_mac_register(prio, st) \
349 gnutls_crypto_mac_register2 (prio, GNUTLS_CRYPTO_API_VERSION, st)
350 #define gnutls_crypto_digest_register(prio, st) \
351 gnutls_crypto_digest_register2 (prio, GNUTLS_CRYPTO_API_VERSION, st)
353 int gnutls_crypto_cipher_register2 (int priority, int version,
354 const gnutls_crypto_cipher_st * s);
355 int gnutls_crypto_mac_register2 (int priority, int version,
356 const gnutls_crypto_mac_st * s);
357 int gnutls_crypto_digest_register2 (int priority, int version,
358 const gnutls_crypto_digest_st * s);
360 #define gnutls_crypto_rnd_register(prio, st) \
361 gnutls_crypto_rnd_register2 (prio, GNUTLS_CRYPTO_API_VERSION, st)
362 #define gnutls_crypto_pk_register(prio, st) \
363 gnutls_crypto_pk_register2 (prio, GNUTLS_CRYPTO_API_VERSION, st)
364 #define gnutls_crypto_bigint_register(prio, st) \
365 gnutls_crypto_bigint_register2 (prio, GNUTLS_CRYPTO_API_VERSION, st)
367 int gnutls_crypto_rnd_register2 (int priority, int version,
368 const gnutls_crypto_rnd_st * s);
369 int gnutls_crypto_pk_register2 (int priority, int version,
370 const gnutls_crypto_pk_st * s);
371 int gnutls_crypto_bigint_register2 (int priority, int version,
372 const gnutls_crypto_bigint_st * s);