Home | History | Annotate | Download | only in include 
      1 /*
      2  * crypto_types.h
      3  *
      4  * constants for cipher types and auth func types
      5  *
      6  * David A. McGrew
      7  * Cisco Systems, Inc.
      8  */
      9 /*
     10  *
     11  * Copyright(c) 2001-2006 Cisco Systems, Inc.
     12  * All rights reserved.
     13  *
     14  * Redistribution and use in source and binary forms, with or without
     15  * modification, are permitted provided that the following conditions
     16  * are met:
     17  *
     18  *   Redistributions of source code must retain the above copyright
     19  *   notice, this list of conditions and the following disclaimer.
     20  *
     21  *   Redistributions in binary form must reproduce the above
     22  *   copyright notice, this list of conditions and the following
     23  *   disclaimer in the documentation and/or other materials provided
     24  *   with the distribution.
     25  *
     26  *   Neither the name of the Cisco Systems, Inc. nor the names of its
     27  *   contributors may be used to endorse or promote products derived
     28  *   from this software without specific prior written permission.
     29  *
     30  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
     31  * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
     32  * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
     33  * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
     34  * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
     35  * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
     36  * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
     37  * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
     38  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
     39  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
     40  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
     41  * OF THE POSSIBILITY OF SUCH DAMAGE.
     42  *
     43  */
     44 
     45 #ifndef CRYPTO_TYPES_H
     46 #define CRYPTO_TYPES_H
     47 
     48 /**
     49  * @defgroup Algos Cryptographic Algorithms
     50  *
     51  *
     52  * This library provides several different cryptographic algorithms,
     53  * each of which can be selected by using the cipher_type_id_t and
     54  * auth_type_id_t.  These algorithms are documented below.
     55  *
     56  * Authentication functions that use the Universal Security Transform
     57  * (UST) must be used in conjunction with a cipher other than the null
     58  * cipher.  These functions require a per-message pseudorandom input
     59  * that is generated by the cipher.
     60  *
     61  * The identifiers STRONGHOLD_AUTH and STRONGHOLD_CIPHER identify the
     62  * strongest available authentication function and cipher,
     63  * respectively.  They are resolved at compile time to the strongest
     64  * available algorithm.  The stronghold algorithms can serve as did
     65  * the keep of a medieval fortification; they provide the strongest
     66  * defense (or the last refuge).
     67  *
     68  * @{
     69  */
     70 
     71 /**
     72  * @defgroup Ciphers Cipher Types
     73  *
     74  * @brief    Each cipher type is identified by an unsigned integer.  The
     75  *           cipher types available in this edition of libSRTP are given
     76  *           by the #defines below.
     77  *
     78  * A cipher_type_id_t is an identifier for a cipher_type; only values
     79  * given by the #defines above (or those present in the file
     80  * crypto_types.h) should be used.
     81  *
     82  * The identifier STRONGHOLD_CIPHER indicates the strongest available
     83  * cipher, allowing an application to choose the strongest available
     84  * algorithm without any advance knowledge about the avaliable
     85  * algorithms.
     86  *
     87  * @{
     88  */
     89 
     90 /**
     91  * @brief The null cipher performs no encryption.
     92  *
     93  * The NULL_CIPHER leaves its inputs unaltered, during both the
     94  * encryption and decryption operations.  This cipher can be chosen
     95  * to indicate that no encryption is to be performed.
     96  */
     97 #define NULL_CIPHER        0
     98 
     99 /**
    100  * @brief AES-128 Integer Counter Mode (AES ICM)
    101  *
    102  * AES-128 ICM is the variant of counter mode that is used by Secure RTP.
    103  * This cipher uses a 16-octet key and a 30-octet offset (or salt) value.
    104  */
    105 #define AES_128_ICM        1
    106 
    107 /**
    108  * @brief SEAL 3.0
    109  *
    110  * SEAL is the Software-Optimized Encryption Algorithm of Coppersmith
    111  * and Rogaway.  Nota bene: this cipher is IBM proprietary.
    112  */
    113 #define SEAL               2
    114 
    115 /**
    116  * @brief AES-128 Integer Counter Mode (AES ICM)
    117  *
    118  * AES-128 ICM is the variant of counter mode that is used by Secure RTP.
    119  * This cipher uses a 16-octet key and a 30-octet offset (or salt) value.
    120  */
    121 #define AES_128_CBC        3
    122 
    123 /**
    124  * @brief Strongest available cipher.
    125  *
    126  * This identifier resolves to the strongest cipher type available.
    127  */
    128 #define STRONGHOLD_CIPHER  AES_128_ICM
    129 
    130 /**
    131  * @}
    132  */
    133 
    134 
    135 
    136 /**
    137  * @defgroup Authentication Authentication Function Types
    138  *
    139  * @brief Each authentication function type is identified by an
    140  * unsigned integer.  The authentication function types available in
    141  * this edition of libSRTP are given by the #defines below.
    142  *
    143  * An auth_type_id_t is an identifier for an authentication function type;
    144  * only values given by the #defines above (or those present in the
    145  * file crypto_types.h) should be used.
    146  *
    147  * The identifier STRONGHOLD_AUTH indicates the strongest available
    148  * authentication function, allowing an application to choose the
    149  * strongest available algorithm without any advance knowledge about
    150  * the avaliable algorithms.  The stronghold algorithms can serve as
    151  * did the keep of a medieval fortification; they provide the
    152  * strongest defense (or the last refuge).
    153  *
    154  * @{
    155  */
    156 
    157 /**
    158  * @brief The null authentication function performs no authentication.
    159  *
    160  * The NULL_AUTH function does nothing, and can be selected to indicate
    161  * that authentication should not be performed.
    162  */
    163 #define NULL_AUTH          0
    164 
    165 /**
    166  * @brief UST with TMMH Version 2
    167  *
    168  * UST_TMMHv2 implements the Truncated Multi-Modular Hash using
    169  * UST.  This function must be used in conjunction with a cipher other
    170  * than the null cipher.
    171  * with a cipher.
    172  */
    173 #define UST_TMMHv2         1
    174 
    175 /**
    176  * @brief (UST) AES-128 XORMAC
    177  *
    178  * UST_AES_128_XMAC implements AES-128 XORMAC, using UST. Nota bene:
    179  * the XORMAC algorithm is IBM proprietary.
    180  */
    181 #define UST_AES_128_XMAC   2
    182 
    183 /**
    184  * @brief HMAC-SHA1
    185  *
    186  * HMAC_SHA1 implements the Hash-based MAC using the NIST Secure
    187  * Hash Algorithm version 1 (SHA1).
    188  */
    189 #define HMAC_SHA1          3
    190 
    191 /**
    192  * @brief Strongest available authentication function.
    193  *
    194  * This identifier resolves to the strongest available authentication
    195  * function.
    196  */
    197 #define STRONGHOLD_AUTH    HMAC_SHA1
    198 
    199 /**
    200  * @}
    201  */
    202 /**
    203  * @}
    204  */
    205 
    206 #endif  /* CRYPTO_TYPES_H */
    207