1 /* 2 * xfm.h 3 * 4 * interface for abstract crypto transform 5 * 6 * David A. McGrew 7 * Cisco Systems, Inc. 8 */ 9 /* 10 * 11 * Copyright (c) 2001-2006, Cisco Systems, Inc. 12 * All rights reserved. 13 * 14 * Redistribution and use in source and binary forms, with or without 15 * modification, are permitted provided that the following conditions 16 * are met: 17 * 18 * Redistributions of source code must retain the above copyright 19 * notice, this list of conditions and the following disclaimer. 20 * 21 * Redistributions in binary form must reproduce the above 22 * copyright notice, this list of conditions and the following 23 * disclaimer in the documentation and/or other materials provided 24 * with the distribution. 25 * 26 * Neither the name of the Cisco Systems, Inc. nor the names of its 27 * contributors may be used to endorse or promote products derived 28 * from this software without specific prior written permission. 29 * 30 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 31 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 32 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 33 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE 34 * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, 35 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES 36 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR 37 * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 38 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 39 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 40 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 41 * OF THE POSSIBILITY OF SUCH DAMAGE. 42 * 43 */ 44 45 #ifndef XFM_H 46 #define XFM_H 47 48 #include "crypto_kernel.h" 49 #include "err.h" 50 51 /** 52 * @defgroup Crypto Cryptography 53 * 54 * A simple interface to an abstract cryptographic transform that 55 * provides both confidentiality and message authentication. 56 * 57 * @{ 58 */ 59 60 /** 61 * @brief applies a crypto transform 62 * 63 * The function pointer xfm_func_t points to a function that 64 * implements a crypto transform, and provides a uniform API for 65 * accessing crypto mechanisms. 66 * 67 * @param key location of secret key 68 * 69 * @param clear data to be authenticated only 70 * 71 * @param clear_len length of data to be authenticated only 72 * 73 * @param iv location to write the Initialization Vector (IV) 74 * 75 * @param protect location of the data to be encrypted and 76 * authenticated (before the function call), and the ciphertext 77 * and authentication tag (after the call) 78 * 79 * @param protected_len location of the length of the data to be 80 * encrypted and authenticated (before the function call), and the 81 * length of the ciphertext (after the call) 82 * 83 * @param auth_tag location to write auth tag 84 */ 85 86 typedef err_status_t (*xfm_func_t) 87 (void *key, 88 void *clear, 89 unsigned clear_len, 90 void *iv, 91 void *protect, 92 unsigned *protected_len, 93 void *auth_tag 94 ); 95 96 typedef 97 err_status_t (*xfm_inv_t) 98 (void *key, /* location of secret key */ 99 void *clear, /* data to be authenticated only */ 100 unsigned clear_len, /* length of data to be authenticated only */ 101 void *iv, /* location of iv */ 102 void *opaque, /* data to be decrypted and authenticated */ 103 unsigned *opaque_len, /* location of the length of data to be 104 * decrypted and authd (before and after) 105 */ 106 void *auth_tag /* location of auth tag */ 107 ); 108 109 typedef struct xfm_ctx_t { 110 xfm_func_t func; 111 xfm_inv_t inv; 112 unsigned key_len; 113 unsigned iv_len; 114 unsigned auth_tag_len; 115 } xfm_ctx_t; 116 117 typedef xfm_ctx_t *xfm_t; 118 119 #define xfm_get_key_len(xfm) ((xfm)->key_len) 120 121 #define xfm_get_iv_len(xfm) ((xfm)->iv_len) 122 123 #define xfm_get_auth_tag_len(xfm) ((xfm)->auth_tag_len) 124 125 126 /* cryptoalgo - 5/28 */ 127 128 typedef err_status_t (*cryptoalg_func_t) 129 (void *key, 130 void *clear, 131 unsigned clear_len, 132 void *iv, 133 void *opaque, 134 unsigned *opaque_len 135 ); 136 137 typedef 138 err_status_t (*cryptoalg_inv_t) 139 (void *key, /* location of secret key */ 140 void *clear, /* data to be authenticated only */ 141 unsigned clear_len, /* length of data to be authenticated only */ 142 void *iv, /* location of iv */ 143 void *opaque, /* data to be decrypted and authenticated */ 144 unsigned *opaque_len /* location of the length of data to be 145 * decrypted and authd (before and after) 146 */ 147 ); 148 149 typedef struct cryptoalg_ctx_t { 150 cryptoalg_func_t enc; 151 cryptoalg_inv_t dec; 152 unsigned key_len; 153 unsigned iv_len; 154 unsigned auth_tag_len; 155 unsigned max_expansion; 156 } cryptoalg_ctx_t; 157 158 typedef cryptoalg_ctx_t *cryptoalg_t; 159 160 #define cryptoalg_get_key_len(cryptoalg) ((cryptoalg)->key_len) 161 162 #define cryptoalg_get_iv_len(cryptoalg) ((cryptoalg)->iv_len) 163 164 #define cryptoalg_get_auth_tag_len(cryptoalg) ((cryptoalg)->auth_tag_len) 165 166 167 168 /** 169 * @} 170 */ 171 172 #endif /* XFM_H */ 173 174 175