lib/crypto-api.c

   1 /*
   2  * Copyright (C) 2000, 2004, 2005, 2008, 2010 Free Software Foundation,
   3  * Inc.
   4  *
   5  * Author: Nikos Mavrogiannopoulos
   6  *
   7  * This file is part of GnuTLS.
   8  *
   9  * The GnuTLS is free software; you can redistribute it and/or
  10  * modify it under the terms of the GNU Lesser General Public License
  11  * as published by the Free Software Foundation; either version 2.1 of
  12  * the License, or (at your option) any later version.
  13  *
  14  * This library is distributed in the hope that it will be useful, but
  15  * WITHOUT ANY WARRANTY; without even the implied warranty of
  16  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  17  * Lesser General Public License for more details.
  18  *
  19  * You should have received a copy of the GNU Lesser General Public
  20  * License along with this library; if not, write to the Free Software
  21  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301,
  22  * USA
  23  *
  24  */
  25
  26 #include <gnutls_int.h>
  27 #include <gnutls_errors.h>
  28 #include <gnutls_cipher_int.h>
  29 #include <gnutls_datum.h>
  30 #include <gnutls/crypto.h>
  31 #include <crypto.h>
  32
  33 /**
  34  * gnutls_cipher_init:
  35  * @handle: is a #gnutls_cipher_hd_t structure.
  36  * @cipher: the encryption algorithm to use
  37  * @key: The key to be used for encryption
  38  * @iv: The IV to use (if not applicable set NULL)
  39  *
  40  * This function will initialize an context that can be used for
  41  * encryption/decryption of data. This will effectively use the
  42  * current crypto backend in use by gnutls or the cryptographic
  43  * accelerator in use.
  44  *
  45  * Returns: Zero or a negative value on error.
  46  *
  47  * Since: 2.10.0
  48  **/
  49 int
  50 gnutls_cipher_init (gnutls_cipher_hd_t * handle,
  51                     gnutls_cipher_algorithm_t cipher,
  52                     const gnutls_datum_t * key, const gnutls_datum_t * iv)
  53 {
  54   *handle = gnutls_malloc (sizeof (cipher_hd_st));
  55   if (*handle == NULL)
  56     {
  57       gnutls_assert ();
  58       return GNUTLS_E_MEMORY_ERROR;
  59     }
  60
  61   return _gnutls_cipher_init (((cipher_hd_st *) * handle), cipher, key, iv);
  62 }
  63
  64 /**
  65  * gnutls_cipher_tag:
  66  * @handle: is a #gnutls_cipher_hd_t structure.
  67  * @tag: will hold the tag
  68  * @tag_size: The length of the tag to return
  69  *
  70  * This function operates on authenticated encryption with
  71  * associated data (AEAD) ciphers and will return the
  72  * output tag.
  73  *
  74  * Returns: Zero or a negative value on error.
  75  *
  76  * Since: 2.99.0
  77  **/
  78 int
  79 gnutls_cipher_tag (gnutls_cipher_hd_t handle, void *tag, size_t tag_size)
  80 {
  81   if (_gnutls_cipher_is_aead( (cipher_hd_st*)handle)==0)
  82     return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
  83
  84   _gnutls_cipher_tag( (cipher_hd_st*)handle, tag, tag_size);
  85
  86   return 0;
  87 }
  88
  89 /**
  90  * gnutls_cipher_add_auth:
  91  * @handle: is a #gnutls_cipher_hd_t structure.
  92  * @text: the data to be authenticated
  93  * @text_size: The length of the data
  94  *
  95  * This function operates on authenticated encryption with
  96  * associated data (AEAD) ciphers and authenticate the
  97  * input data. This function can only be called before
  98  * encryption operations.
  99  *
 100  * Returns: Zero or a negative value on error.
 101  *
 102  * Since: 2.99.0
 103  **/
 104 int
 105 gnutls_cipher_add_auth (gnutls_cipher_hd_t handle, const void *text, size_t text_size)
 106 {
 107   if (_gnutls_cipher_is_aead( (cipher_hd_st*)handle)==0)
 108     return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
 109
 110   _gnutls_cipher_auth( (cipher_hd_st*)handle, text, text_size);
 111
 112   return 0;
 113 }
 114
 115 /**
 116  * gnutls_cipher_encrypt:
 117  * @handle: is a #gnutls_cipher_hd_t structure.
 118  * @text: the data to encrypt
 119  * @textlen: The length of data to encrypt
 120  *
 121  * This function will encrypt the given data using the algorithm
 122  * specified by the context.
 123  *
 124  * Returns: Zero or a negative value on error.
 125  *
 126  * Since: 2.10.0
 127  **/
 128 int
 129 gnutls_cipher_encrypt (gnutls_cipher_hd_t handle, void *text, size_t textlen)
 130 {
 131   return _gnutls_cipher_encrypt ((cipher_hd_st *) handle, text, textlen);
 132 }
 133
 134 /**
 135  * gnutls_cipher_decrypt:
 136  * @handle: is a #gnutls_cipher_hd_t structure.
 137  * @ciphertext: the data to encrypt
 138  * @ciphertextlen: The length of data to encrypt
 139  *
 140  * This function will decrypt the given data using the algorithm
 141  * specified by the context.
 142  *
 143  * Returns: Zero or a negative value on error.
 144  *
 145  * Since: 2.10.0
 146  **/
 147 int
 148 gnutls_cipher_decrypt (gnutls_cipher_hd_t handle, void *ciphertext,
 149                        size_t ciphertextlen)
 150 {
 151   return _gnutls_cipher_decrypt ((cipher_hd_st *) handle, ciphertext,
 152                                  ciphertextlen);
 153 }
 154
 155 /**
 156  * gnutls_cipher_encrypt2:
 157  * @handle: is a #gnutls_cipher_hd_t structure.
 158  * @text: the data to encrypt
 159  * @textlen: The length of data to encrypt
 160  * @ciphertext: the encrypted data
 161  * @ciphertextlen: The available length for encrypted data
 162  *
 163  * This function will encrypt the given data using the algorithm
 164  * specified by the context.
 165  *
 166  * Returns: Zero or a negative value on error.
 167  *
 168  * Since: 2.10.0
 169  **/
 170 int
 171 gnutls_cipher_encrypt2 (gnutls_cipher_hd_t handle, void *text, size_t textlen,
 172                         void *ciphertext, size_t ciphertextlen)
 173 {
 174   return _gnutls_cipher_encrypt2 ((cipher_hd_st *) handle, text, textlen,
 175                                   ciphertext, ciphertextlen);
 176 }
 177
 178 /**
 179  * gnutls_cipher_decrypt2:
 180  * @handle: is a #gnutls_cipher_hd_t structure.
 181  * @ciphertext: the data to encrypt
 182  * @ciphertextlen: The length of data to encrypt
 183  * @text: the decrypted data
 184  * @textlen: The available length for decrypted data
 185  *
 186  * This function will decrypt the given data using the algorithm
 187  * specified by the context.
 188  *
 189  * Returns: Zero or a negative value on error.
 190  *
 191  * Since: 2.10.0
 192  **/
 193 int
 194 gnutls_cipher_decrypt2 (gnutls_cipher_hd_t handle, const void *ciphertext,
 195                         size_t ciphertextlen, void *text, size_t textlen)
 196 {
 197   return _gnutls_cipher_decrypt2 ((cipher_hd_st *) handle, ciphertext,
 198                                   ciphertextlen, text, textlen);
 199 }
 200
 201 /**
 202  * gnutls_cipher_deinit:
 203  * @handle: is a #gnutls_cipher_hd_t structure.
 204  *
 205  * This function will deinitialize all resources occupied by the given
 206  * encryption context.
 207  *
 208  * Since: 2.10.0
 209  **/
 210 void
 211 gnutls_cipher_deinit (gnutls_cipher_hd_t handle)
 212 {
 213   _gnutls_cipher_deinit ((cipher_hd_st *) handle);
 214   gnutls_free (handle);
 215 }
 216
 217
 218 /* HMAC */
 219
 220 /**
 221  * gnutls_hmac_init:
 222  * @dig: is a #gnutls_hmac_hd_t structure.
 223  * @algorithm: the HMAC algorithm to use
 224  * @key: The key to be used for encryption
 225  * @keylen: The length of the key
 226  *
 227  * This function will initialize an context that can be used to
 228  * produce a Message Authentication Code (MAC) of data.  This will
 229  * effectively use the current crypto backend in use by gnutls or the
 230  * cryptographic accelerator in use.
 231  *
 232  * Returns: Zero or a negative value on error.
 233  *
 234  * Since: 2.10.0
 235  **/
 236 int
 237 gnutls_hmac_init (gnutls_hmac_hd_t * dig,
 238                   gnutls_digest_algorithm_t algorithm,
 239                   const void *key, size_t keylen)
 240 {
 241   *dig = gnutls_malloc (sizeof (digest_hd_st));
 242   if (*dig == NULL)
 243     {
 244       gnutls_assert ();
 245       return GNUTLS_E_MEMORY_ERROR;
 246     }
 247
 248   return _gnutls_hmac_init (((digest_hd_st *) * dig), algorithm, key, keylen);
 249 }
 250
 251 /**
 252  * gnutls_hmac:
 253  * @handle: is a #gnutls_cipher_hd_t structure.
 254  * @text: the data to hash
 255  * @textlen: The length of data to hash
 256  *
 257  * This function will hash the given data using the algorithm
 258  * specified by the context.
 259  *
 260  * Returns: Zero or a negative value on error.
 261  *
 262  * Since: 2.10.0
 263  **/
 264 int
 265 gnutls_hmac (gnutls_hmac_hd_t handle, const void *text, size_t textlen)
 266 {
 267   return _gnutls_hmac ((digest_hd_st *) handle, text, textlen);
 268 }
 269
 270 /**
 271  * gnutls_hmac_output:
 272  * @handle: is a #gnutls_hmac_hd_t structure.
 273  * @digest: is the output value of the MAC
 274  *
 275  * This function will output the current MAC value.
 276  *
 277  * Since: 2.10.0
 278  **/
 279 void
 280 gnutls_hmac_output (gnutls_hmac_hd_t handle, void *digest)
 281 {
 282   _gnutls_hmac_output ((digest_hd_st *) handle, digest);
 283 }
 284
 285 /**
 286  * gnutls_hmac_deinit:
 287  * @handle: is a #gnutls_hmac_hd_t structure.
 288  * @digest: is the output value of the MAC
 289  *
 290  * This function will deinitialize all resources occupied by
 291  * the given hmac context.
 292  *
 293  * Since: 2.10.0
 294  **/
 295 void
 296 gnutls_hmac_deinit (gnutls_hmac_hd_t handle, void *digest)
 297 {
 298   _gnutls_hmac_deinit ((digest_hd_st *) handle, digest);
 299   gnutls_free (handle);
 300 }
 301
 302 /**
 303  * gnutls_hmac_get_len:
 304  * @algorithm: the hmac algorithm to use
 305  *
 306  * This function will return the length of the output data
 307  * of the given hmac algorithm.
 308  *
 309  * Returns: The length or zero on error.
 310  *
 311  * Since: 2.10.0
 312  **/
 313 int
 314 gnutls_hmac_get_len (gnutls_mac_algorithm_t algorithm)
 315 {
 316   return _gnutls_hmac_get_algo_len (algorithm);
 317 }
 318
 319 /**
 320  * gnutls_hmac_fast:
 321  * @algorithm: the hash algorithm to use
 322  * @key: the key to use
 323  * @keylen: The length of the key
 324  * @text: the data to hash
 325  * @textlen: The length of data to hash
 326  * @digest: is the output value of the hash
 327  *
 328  * This convenience function will hash the given data and return output
 329  * on a single call.
 330  *
 331  * Returns: Zero or a negative value on error.
 332  *
 333  * Since: 2.10.0
 334  **/
 335 int
 336 gnutls_hmac_fast (gnutls_mac_algorithm_t algorithm,
 337                   const void *key, size_t keylen,
 338                   const void *text, size_t textlen, void *digest)
 339 {
 340   return _gnutls_hmac_fast (algorithm, key, keylen, text, textlen, digest);
 341 }
 342
 343 /* HASH */
 344
 345 /**
 346  * gnutls_hash_init:
 347  * @dig: is a #gnutls_hash_hd_t structure.
 348  * @algorithm: the hash algorithm to use
 349  *
 350  * This function will initialize an context that can be used to
 351  * produce a Message Digest of data.  This will effectively use the
 352  * current crypto backend in use by gnutls or the cryptographic
 353  * accelerator in use.
 354  *
 355  * Returns: Zero or a negative value on error.
 356  *
 357  * Since: 2.10.0
 358  **/
 359 int
 360 gnutls_hash_init (gnutls_hash_hd_t * dig, gnutls_digest_algorithm_t algorithm)
 361 {
 362   *dig = gnutls_malloc (sizeof (digest_hd_st));
 363   if (*dig == NULL)
 364     {
 365       gnutls_assert ();
 366       return GNUTLS_E_MEMORY_ERROR;
 367     }
 368
 369   return _gnutls_hash_init (((digest_hd_st *) * dig), algorithm);
 370 }
 371
 372 /**
 373  * gnutls_hash:
 374  * @handle: is a #gnutls_cipher_hd_t structure.
 375  * @text: the data to hash
 376  * @textlen: The length of data to hash
 377  *
 378  * This function will hash the given data using the algorithm
 379  * specified by the context.
 380  *
 381  * Returns: Zero or a negative value on error.
 382  *
 383  * Since: 2.10.0
 384  **/
 385 int
 386 gnutls_hash (gnutls_hash_hd_t handle, const void *text, size_t textlen)
 387 {
 388   return _gnutls_hash ((digest_hd_st *) handle, text, textlen);
 389 }
 390
 391 /**
 392  * gnutls_hash_output:
 393  * @handle: is a #gnutls_hash_hd_t structure.
 394  * @digest: is the output value of the hash
 395  *
 396  * This function will output the current hash value.
 397  *
 398  * Since: 2.10.0
 399  **/
 400 void
 401 gnutls_hash_output (gnutls_hash_hd_t handle, void *digest)
 402 {
 403   _gnutls_hash_output ((digest_hd_st *) handle, digest);
 404 }
 405
 406 /**
 407  * gnutls_hash_deinit:
 408  * @handle: is a #gnutls_hash_hd_t structure.
 409  * @digest: is the output value of the hash
 410  *
 411  * This function will deinitialize all resources occupied by
 412  * the given hash context.
 413  *
 414  * Since: 2.10.0
 415  **/
 416 void
 417 gnutls_hash_deinit (gnutls_hash_hd_t handle, void *digest)
 418 {
 419   _gnutls_hash_deinit ((digest_hd_st *) handle, digest);
 420   gnutls_free (handle);
 421 }
 422
 423 /**
 424  * gnutls_hash_get_len:
 425  * @algorithm: the hash algorithm to use
 426  *
 427  * This function will return the length of the output data
 428  * of the given hash algorithm.
 429  *
 430  * Returns: The length or zero on error.
 431  *
 432  * Since: 2.10.0
 433  **/
 434 int
 435 gnutls_hash_get_len (gnutls_digest_algorithm_t algorithm)
 436 {
 437   return _gnutls_hash_get_algo_len (algorithm);
 438 }
 439
 440 /**
 441  * gnutls_hash_fast:
 442  * @algorithm: the hash algorithm to use
 443  * @text: the data to hash
 444  * @textlen: The length of data to hash
 445  * @digest: is the output value of the hash
 446  *
 447  * This convenience function will hash the given data and return output
 448  * on a single call.
 449  *
 450  * Returns: Zero or a negative value on error.
 451  *
 452  * Since: 2.10.0
 453  **/
 454 int
 455 gnutls_hash_fast (gnutls_digest_algorithm_t algorithm,
 456                   const void *text, size_t textlen, void *digest)
 457 {
 458   return _gnutls_hash_fast (algorithm, text, textlen, digest);
 459 }