search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
certtool is able to set certificate policies via a template
[gnutls.git] / lib / gnutls_cipher_int.h
bloba7805d0f8e1e0aec8c4b958bc9510a68550e1e16
1 /*
2 * Copyright (C) 2000-2012 Free Software Foundation, Inc.
3 *
4 * Author: Nikos Mavrogiannopoulos
5 *
6 * This file is part of GnuTLS.
7 *
8 * The GnuTLS is free software; you can redistribute it and/or
9 * modify it under the terms of the GNU Lesser General Public License
10 * as published by the Free Software Foundation; either version 3 of
11 * the License, or (at your option) any later version.
12 *
13 * This library is distributed in the hope that it will be useful, but
14 * WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 * Lesser General Public License for more details.
17 *
18 * You should have received a copy of the GNU Lesser General Public License
19 * along with this program. If not, see <http://www.gnu.org/licenses/>
20 *
21 */
22
23 #ifndef GNUTLS_CIPHER_INT
24 #define GNUTLS_CIPHER_INT
25
26 #include <gnutls/crypto.h>
27 #include <crypto-backend.h>
28
29 extern int crypto_cipher_prio;
30 extern gnutls_crypto_cipher_st _gnutls_cipher_ops;
31
32 typedef int (*cipher_encrypt_func) (void *hd, const void *plaintext, size_t,
33 void *ciphertext, size_t);
34 typedef int (*cipher_decrypt_func) (void *hd, const void *ciphertext, size_t,
35 void *plaintext, size_t);
36 typedef void (*cipher_deinit_func) (void *hd);
37
38 typedef int (*cipher_auth_func) (void *hd, const void *data, size_t);
39 typedef int (*cipher_setiv_func) (void *hd, const void *iv, size_t);
40
41 typedef void (*cipher_tag_func) (void *hd, void *tag, size_t);
42
43 typedef struct
44 {
45 void *handle;
46 cipher_encrypt_func encrypt;
47 cipher_decrypt_func decrypt;
48 cipher_auth_func auth;
49 cipher_tag_func tag;
50 cipher_setiv_func setiv;
51 cipher_deinit_func deinit;
52
53 size_t tag_size;
54 unsigned int is_aead:1;
55 } cipher_hd_st;
56
57 int _gnutls_cipher_init (cipher_hd_st *, gnutls_cipher_algorithm_t cipher,
58 const gnutls_datum_t * key,
59 const gnutls_datum_t * iv, int enc);
60
61 inline static void _gnutls_cipher_setiv (const cipher_hd_st * handle,
62 const void *iv, size_t ivlen)
63 {
64 handle->setiv(handle->handle, iv, ivlen);
65 }
66
67 inline static int
68 _gnutls_cipher_encrypt2 (const cipher_hd_st * handle, const void *text,
69 size_t textlen, void *ciphertext, size_t ciphertextlen)
70 {
71 if (handle != NULL && handle->handle != NULL)
72 {
73 return handle->encrypt (handle->handle, text, textlen, ciphertext,
74 ciphertextlen);
75 }
76
77 return 0;
78 }
79
80 inline static int
81 _gnutls_cipher_decrypt2 (const cipher_hd_st * handle, const void *ciphertext,
82 size_t ciphertextlen, void *text, size_t textlen)
83 {
84 if (handle != NULL && handle->handle != NULL)
85 {
86 return handle->decrypt (handle->handle, ciphertext, ciphertextlen,
87 text, textlen);
88 }
89
90 return 0;
91 }
92
93 inline static void
94 _gnutls_cipher_deinit (cipher_hd_st * handle)
95 {
96 if (handle != NULL && handle->handle != NULL)
97 {
98 handle->deinit (handle->handle);
99 handle->handle = NULL;
100 }
101 }
102
103 int _gnutls_cipher_exists(gnutls_cipher_algorithm_t cipher);
104 inline static size_t _gnutls_cipher_tag_len( cipher_hd_st * handle)
105 {
106 return handle->tag_size;
107 }
108
109 inline static unsigned int _gnutls_cipher_is_aead( cipher_hd_st * handle)
110 {
111 return handle->is_aead;
112 }
113
114 /* returns the tag in AUTHENC ciphers */
115 inline static void _gnutls_cipher_tag( const cipher_hd_st * handle, void* tag, size_t tag_size)
116 {
117 if (handle != NULL && handle->handle != NULL)
118 {
119 handle->tag (handle->handle, tag, tag_size);
120 }
121 }
122
123 /* Add auth data for AUTHENC ciphers
124 */
125 inline static int _gnutls_cipher_auth (const cipher_hd_st * handle, const void *text,
126 size_t textlen)
127 {
128 if (handle != NULL && handle->handle != NULL)
129 {
130 return handle->auth (handle->handle, text, textlen);
131 }
132 return GNUTLS_E_INTERNAL_ERROR;
133 }
134
135 #define _gnutls_cipher_encrypt(x,y,z) _gnutls_cipher_encrypt2(x,y,z,y,z)
136 #define _gnutls_cipher_decrypt(x,y,z) _gnutls_cipher_decrypt2(x,y,z,y,z)
137
138 /* auth_cipher API. Allows combining a cipher with a MAC.
139 */
140
141 typedef struct
142 {
143 cipher_hd_st cipher;
144 digest_hd_st mac;
145 unsigned int is_mac:1;
146 unsigned int ssl_hmac:1;
147 unsigned int is_null:1;
148 size_t tag_size;
149 } auth_cipher_hd_st;
150
151 int _gnutls_auth_cipher_init (auth_cipher_hd_st * handle,
152 gnutls_cipher_algorithm_t cipher,
153 const gnutls_datum_t * cipher_key,
154 const gnutls_datum_t * iv,
155 gnutls_mac_algorithm_t mac,
156 const gnutls_datum_t * mac_key, int ssl_hmac, int enc);
157
158 int _gnutls_auth_cipher_add_auth (auth_cipher_hd_st * handle, const void *text,
159 int textlen);
160
161 int _gnutls_auth_cipher_encrypt2_tag (auth_cipher_hd_st * handle, const uint8_t *text,
162 int textlen, void *ciphertext, int ciphertextlen,
163 void* tag_ptr, int tag_size,
164 int auth_size);
165 int _gnutls_auth_cipher_decrypt2 (auth_cipher_hd_st * handle,
166 const void *ciphertext, int ciphertextlen,
167 void *text, int textlen);
168 int _gnutls_auth_cipher_tag( auth_cipher_hd_st * handle, void* tag, int tag_size);
169
170 inline static void _gnutls_auth_cipher_setiv (const auth_cipher_hd_st * handle,
171 const void *iv, size_t ivlen)
172 {
173 _gnutls_cipher_setiv(&handle->cipher, iv, ivlen);
174 }
175
176 inline static size_t _gnutls_auth_cipher_tag_len( auth_cipher_hd_st * handle)
177 {
178 return handle->tag_size;
179 }
180
181 inline static unsigned int _gnutls_auth_cipher_is_aead( auth_cipher_hd_st * handle)
182 {
183 return _gnutls_cipher_is_aead(&handle->cipher);
184 }
185
186 void _gnutls_auth_cipher_deinit (auth_cipher_hd_st * handle);
187
188
189 #endif /* GNUTLS_CIPHER_INT */
Implementation of the SSL/TLS protocol