Home | History | Annotate | Download | only in include
      1 /*
      2  * auth.h
      3  *
      4  * common interface to authentication functions
      5  *
      6  * David A. McGrew
      7  * Cisco Systems, Inc.
      8  */
      9 
     10 /*
     11  *
     12  * Copyright (c) 2001-2006, Cisco Systems, Inc.
     13  * All rights reserved.
     14  *
     15  * Redistribution and use in source and binary forms, with or without
     16  * modification, are permitted provided that the following conditions
     17  * are met:
     18  *
     19  *   Redistributions of source code must retain the above copyright
     20  *   notice, this list of conditions and the following disclaimer.
     21  *
     22  *   Redistributions in binary form must reproduce the above
     23  *   copyright notice, this list of conditions and the following
     24  *   disclaimer in the documentation and/or other materials provided
     25  *   with the distribution.
     26  *
     27  *   Neither the name of the Cisco Systems, Inc. nor the names of its
     28  *   contributors may be used to endorse or promote products derived
     29  *   from this software without specific prior written permission.
     30  *
     31  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
     32  * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
     33  * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
     34  * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
     35  * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
     36  * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
     37  * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
     38  * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
     39  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
     40  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
     41  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
     42  * OF THE POSSIBILITY OF SUCH DAMAGE.
     43  *
     44  */
     45 
     46 #ifndef AUTH_H
     47 #define AUTH_H
     48 
     49 #include "datatypes.h"
     50 #include "err.h"                /* error codes    */
     51 #include "crypto.h"		/* for auth_type_id_t */
     52 #include "crypto_types.h"	/* for values of auth_type_id_t */
     53 
     54 typedef struct auth_type_t *auth_type_pointer;
     55 typedef struct auth_t      *auth_pointer_t;
     56 
     57 typedef err_status_t (*auth_alloc_func)
     58      (auth_pointer_t *ap, int key_len, int out_len);
     59 
     60 typedef err_status_t (*auth_init_func)
     61      (void *state, const uint8_t *key, int key_len);
     62 
     63 typedef err_status_t (*auth_dealloc_func)(auth_pointer_t ap);
     64 
     65 typedef err_status_t (*auth_compute_func)
     66      (void *state, uint8_t *buffer, int octets_to_auth,
     67       int tag_len, uint8_t *tag);
     68 
     69 typedef err_status_t (*auth_update_func)
     70      (void *state, uint8_t *buffer, int octets_to_auth);
     71 
     72 typedef err_status_t (*auth_start_func)(void *state);
     73 
     74 /* some syntactic sugar on these function types */
     75 
     76 #define auth_type_alloc(at, a, klen, outlen)                        \
     77                  ((at)->alloc((a), (klen), (outlen)))
     78 
     79 #define auth_init(a, key)                                           \
     80                  (((a)->type)->init((a)->state, (key), ((a)->key_len)))
     81 
     82 #define auth_compute(a, buf, len, res)                              \
     83        (((a)->type)->compute((a)->state, (buf), (len), (a)->out_len, (res)))
     84 
     85 #define auth_update(a, buf, len)                                    \
     86        (((a)->type)->update((a)->state, (buf), (len)))
     87 
     88 #define auth_start(a)(((a)->type)->start((a)->state))
     89 
     90 #define auth_dealloc(c) (((c)->type)->dealloc(c))
     91 
     92 /* functions to get information about a particular auth_t */
     93 
     94 int
     95 auth_get_key_length(const struct auth_t *a);
     96 
     97 int
     98 auth_get_tag_length(const struct auth_t *a);
     99 
    100 int
    101 auth_get_prefix_length(const struct auth_t *a);
    102 
    103 /*
    104  * auth_test_case_t is a (list of) key/message/tag values that are
    105  * known to be correct for a particular cipher.  this data can be used
    106  * to test an implementation in an on-the-fly self test of the
    107  * correcness of the implementation.  (see the auth_type_self_test()
    108  * function below)
    109  */
    110 
    111 typedef struct auth_test_case_t {
    112   int key_length_octets;                    /* octets in key            */
    113   uint8_t *key;                             /* key                      */
    114   int data_length_octets;                   /* octets in data           */
    115   uint8_t *data;                            /* data                     */
    116   int tag_length_octets;                    /* octets in tag            */
    117   uint8_t *tag;                             /* tag                      */
    118   struct auth_test_case_t *next_test_case;  /* pointer to next testcase */
    119 } auth_test_case_t;
    120 
    121 /* auth_type_t */
    122 
    123 typedef struct auth_type_t {
    124   auth_alloc_func      alloc;
    125   auth_dealloc_func    dealloc;
    126   auth_init_func       init;
    127   auth_compute_func    compute;
    128   auth_update_func     update;
    129   auth_start_func      start;
    130   char                *description;
    131   int                  ref_count;
    132   auth_test_case_t    *test_data;
    133   debug_module_t      *debug;
    134   auth_type_id_t       id;
    135 } auth_type_t;
    136 
    137 typedef struct auth_t {
    138   auth_type_t *type;
    139   void        *state;
    140   int          out_len;           /* length of output tag in octets */
    141   int          key_len;           /* length of key in octets        */
    142   int          prefix_len;        /* length of keystream prefix     */
    143 } auth_t;
    144 
    145 /*
    146  * auth_type_self_test() tests an auth_type against test cases
    147  * provided in an array of values of key/message/tag that is known to
    148  * be good
    149  */
    150 
    151 err_status_t
    152 auth_type_self_test(const auth_type_t *at);
    153 
    154 /*
    155  * auth_type_test() tests an auth_type against external test cases
    156  * provided in an array of values of key/message/tag that is known to
    157  * be good
    158  */
    159 
    160 err_status_t
    161 auth_type_test(const auth_type_t *at, const auth_test_case_t *test_data);
    162 
    163 /*
    164  * auth_type_get_ref_count(at) returns the reference count (the number
    165  * of instantiations) of the auth_type_t at
    166  */
    167 
    168 int
    169 auth_type_get_ref_count(const auth_type_t *at);
    170 
    171 #endif /* AUTH_H */
    172