1 /* 2 * xfm.h 3 * 4 * interface for abstract crypto transform 5 * 6 * David A. McGrew 7 * Cisco Systems, Inc. 8 */ 9 10 #ifndef XFM_H 11 #define XFM_H 12 13 #include "crypto_kernel.h" 14 #include "err.h" 15 16 /** 17 * @defgroup Crypto Cryptography 18 * 19 * A simple interface to an abstract cryptographic transform that 20 * provides both confidentiality and message authentication. 21 * 22 * @{ 23 */ 24 25 /** 26 * @brief applies a crypto transform 27 * 28 * The function pointer xfm_func_t points to a function that 29 * implements a crypto transform, and provides a uniform API for 30 * accessing crypto mechanisms. 31 * 32 * @param key location of secret key 33 * 34 * @param clear data to be authenticated only 35 * 36 * @param clear_len length of data to be authenticated only 37 * 38 * @param iv location to write the Initialization Vector (IV) 39 * 40 * @param protect location of the data to be encrypted and 41 * authenticated (before the function call), and the ciphertext 42 * and authentication tag (after the call) 43 * 44 * @param protected_len location of the length of the data to be 45 * encrypted and authenticated (before the function call), and the 46 * length of the ciphertext (after the call) 47 * 48 * @param auth_tag location to write auth tag 49 */ 50 51 typedef err_status_t (*xfm_func_t) 52 (void *key, 53 void *clear, 54 unsigned clear_len, 55 void *iv, 56 void *protect, 57 unsigned *protected_len, 58 void *auth_tag 59 ); 60 61 typedef 62 err_status_t (*xfm_inv_t) 63 (void *key, /* location of secret key */ 64 void *clear, /* data to be authenticated only */ 65 unsigned clear_len, /* length of data to be authenticated only */ 66 void *iv, /* location of iv */ 67 void *opaque, /* data to be decrypted and authenticated */ 68 unsigned *opaque_len, /* location of the length of data to be 69 * decrypted and authd (before and after) 70 */ 71 void *auth_tag /* location of auth tag */ 72 ); 73 74 typedef struct xfm_ctx_t { 75 xfm_func_t func; 76 xfm_inv_t inv; 77 unsigned key_len; 78 unsigned iv_len; 79 unsigned auth_tag_len; 80 } xfm_ctx_t; 81 82 typedef xfm_ctx_t *xfm_t; 83 84 #define xfm_get_key_len(xfm) ((xfm)->key_len) 85 86 #define xfm_get_iv_len(xfm) ((xfm)->iv_len) 87 88 #define xfm_get_auth_tag_len(xfm) ((xfm)->auth_tag_len) 89 90 91 /* cryptoalgo - 5/28 */ 92 93 typedef err_status_t (*cryptoalg_func_t) 94 (void *key, 95 void *clear, 96 unsigned clear_len, 97 void *iv, 98 void *opaque, 99 unsigned *opaque_len 100 ); 101 102 typedef 103 err_status_t (*cryptoalg_inv_t) 104 (void *key, /* location of secret key */ 105 void *clear, /* data to be authenticated only */ 106 unsigned clear_len, /* length of data to be authenticated only */ 107 void *iv, /* location of iv */ 108 void *opaque, /* data to be decrypted and authenticated */ 109 unsigned *opaque_len /* location of the length of data to be 110 * decrypted and authd (before and after) 111 */ 112 ); 113 114 typedef struct cryptoalg_ctx_t { 115 cryptoalg_func_t enc; 116 cryptoalg_inv_t dec; 117 unsigned key_len; 118 unsigned iv_len; 119 unsigned auth_tag_len; 120 unsigned max_expansion; 121 } cryptoalg_ctx_t; 122 123 typedef cryptoalg_ctx_t *cryptoalg_t; 124 125 #define cryptoalg_get_key_len(cryptoalg) ((cryptoalg)->key_len) 126 127 #define cryptoalg_get_iv_len(cryptoalg) ((cryptoalg)->iv_len) 128 129 #define cryptoalg_get_auth_tag_len(cryptoalg) ((cryptoalg)->auth_tag_len) 130 131 132 133 /** 134 * @} 135 */ 136 137 #endif /* XFM_H */ 138 139 140
