search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
if we rotate our onion key, publish a new descriptor, and
[tor.git] / src / common / crypto.h
blob375e2c55008a629b179372217b1bad7ce1d6fe18
1 /* Copyright (c) 2001 Matej Pfajfar.
2 * Copyright (c) 2001-2004, Roger Dingledine.
3 * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. */
4 /* See LICENSE for licensing information */
5 /* $Id$ */
6
7 /**
8 * \file crypto.h
9 *
10 * \brief Headers for crypto.c
11 **/
12
13 #ifndef __CRYPTO_H
14 #define __CRYPTO_H
15 #define CRYPTO_H_ID "$Id$"
16
17 #include <stdio.h>
18 #include "torint.h"
19
20 /** Length of the output of our message digest. */
21 #define DIGEST_LEN 20
22 /** Length of our symmetric cipher's keys. */
23 #define CIPHER_KEY_LEN 16
24 /** Length of our public keys. */
25 #define PK_BYTES (1024/8)
26 /** Length of our DH keys. */
27 #define DH_BYTES (1024/8)
28
29 /** Length of a message digest when encoded in base64 with trailing = signs
30 * removed. */
31 #define BASE64_DIGEST_LEN 27
32
33 /** Constants used to indicate no padding for public-key encryption */
34 #define PK_NO_PADDING 60000
35 /** Constants used to indicate PKCS1 padding for public-key encryption */
36 #define PK_PKCS1_PADDING 60001
37 /** Constants used to indicate OAEP padding for public-key encryption */
38 #define PK_PKCS1_OAEP_PADDING 60002
39
40 /** Number of bytes added for PKCS1 padding. */
41 #define PKCS1_PADDING_OVERHEAD 11
42 /** Number of bytes added for PKCS1-OAEP padding. */
43 #define PKCS1_OAEP_PADDING_OVERHEAD 42
44
45 /** Length of encoded public key fingerprints, including space; but not
46 * including terminating NUL. */
47 #define FINGERPRINT_LEN 49
48 /** Length of hex encoding of SHA1 digest, not including final NUL. */
49 #define HEX_DIGEST_LEN 40
50
51 typedef struct crypto_pk_env_t crypto_pk_env_t;
52 typedef struct crypto_cipher_env_t crypto_cipher_env_t;
53 typedef struct crypto_digest_env_t crypto_digest_env_t;
54 typedef struct crypto_dh_env_t crypto_dh_env_t;
55
56 /* global state */
57 int crypto_global_init(int hardwareAccel);
58 void crypto_thread_cleanup(void);
59 int crypto_global_cleanup(void);
60
61 /* environment setup */
62 crypto_pk_env_t *crypto_new_pk_env(void);
63 void crypto_free_pk_env(crypto_pk_env_t *env);
64
65 /* convenience function: wraps crypto_create_crypto_env, set_key, and init. */
66 crypto_cipher_env_t *crypto_create_init_cipher(const char *key,
67 int encrypt_mode);
68
69 crypto_cipher_env_t *crypto_new_cipher_env(void);
70 void crypto_free_cipher_env(crypto_cipher_env_t *env);
71
72 /* public key crypto */
73 int crypto_pk_generate_key(crypto_pk_env_t *env);
74
75 int crypto_pk_read_private_key_from_filename(crypto_pk_env_t *env,
76 const char *keyfile);
77 int crypto_pk_write_public_key_to_string(crypto_pk_env_t *env,
78 char **dest, size_t *len);
79 int crypto_pk_read_public_key_from_string(crypto_pk_env_t *env,
80 const char *src, size_t len);
81 int crypto_pk_write_private_key_to_filename(crypto_pk_env_t *env,
82 const char *fname);
83
84 int crypto_pk_check_key(crypto_pk_env_t *env);
85 int crypto_pk_cmp_keys(crypto_pk_env_t *a, crypto_pk_env_t *b);
86 size_t crypto_pk_keysize(crypto_pk_env_t *env);
87 crypto_pk_env_t *crypto_pk_dup_key(crypto_pk_env_t *orig);
88
89 int crypto_pk_public_encrypt(crypto_pk_env_t *env, char *to,
90 const char *from, size_t fromlen, int padding);
91 int crypto_pk_private_decrypt(crypto_pk_env_t *env, char *to,
92 const char *from, size_t fromlen,
93 int padding, int warnOnFailure);
94 int crypto_pk_public_checksig(crypto_pk_env_t *env, char *to,
95 const char *from, size_t fromlen);
96 int crypto_pk_public_checksig_digest(crypto_pk_env_t *env, const char *data,
97 int datalen, const char *sig, int siglen);
98 int crypto_pk_private_sign(crypto_pk_env_t *env, char *to,
99 const char *from, size_t fromlen);
100 int crypto_pk_private_sign_digest(crypto_pk_env_t *env, char *to,
101 const char *from, size_t fromlen);
102 int crypto_pk_public_hybrid_encrypt(crypto_pk_env_t *env, char *to,
103 const char *from, size_t fromlen,
104 int padding, int force);
105 int crypto_pk_private_hybrid_decrypt(crypto_pk_env_t *env, char *to,
106 const char *from, size_t fromlen,
107 int padding, int warnOnFailure);
108
109 int crypto_pk_asn1_encode(crypto_pk_env_t *pk, char *dest, int dest_len);
110 crypto_pk_env_t *crypto_pk_asn1_decode(const char *str, size_t len);
111 int crypto_pk_get_digest(crypto_pk_env_t *pk, char *digest_out);
112 int crypto_pk_get_fingerprint(crypto_pk_env_t *pk, char *fp_out,int add_space);
113 int crypto_pk_check_fingerprint_syntax(const char *s);
114
115 /* symmetric crypto */
116 int crypto_cipher_generate_key(crypto_cipher_env_t *env);
117 int crypto_cipher_set_key(crypto_cipher_env_t *env, const char *key);
118 const char *crypto_cipher_get_key(crypto_cipher_env_t *env);
119 int crypto_cipher_encrypt_init_cipher(crypto_cipher_env_t *env);
120 int crypto_cipher_decrypt_init_cipher(crypto_cipher_env_t *env);
121
122 int crypto_cipher_encrypt(crypto_cipher_env_t *env, char *to,
123 const char *from, size_t fromlen);
124 int crypto_cipher_decrypt(crypto_cipher_env_t *env, char *to,
125 const char *from, size_t fromlen);
126
127 /* SHA-1 */
128 int crypto_digest(char *digest, const char *m, size_t len);
129 crypto_digest_env_t *crypto_new_digest_env(void);
130 void crypto_free_digest_env(crypto_digest_env_t *digest);
131 void crypto_digest_add_bytes(crypto_digest_env_t *digest, const char *data,
132 size_t len);
133 void crypto_digest_get_digest(crypto_digest_env_t *digest,
134 char *out, size_t out_len);
135 crypto_digest_env_t *crypto_digest_dup(const crypto_digest_env_t *digest);
136 void crypto_digest_assign(crypto_digest_env_t *into,
137 const crypto_digest_env_t *from);
138
139 /* Key negotiation */
140 crypto_dh_env_t *crypto_dh_new(void);
141 int crypto_dh_get_bytes(crypto_dh_env_t *dh);
142 int crypto_dh_generate_public(crypto_dh_env_t *dh);
143 int crypto_dh_get_public(crypto_dh_env_t *dh, char *pubkey_out,
144 size_t pubkey_out_len);
145 int crypto_dh_compute_secret(crypto_dh_env_t *dh,
146 const char *pubkey, size_t pubkey_len,
147 char *secret_out, size_t secret_out_len);
148 void crypto_dh_free(crypto_dh_env_t *dh);
149 int crypto_expand_key_material(const char *key_in, size_t in_len,
150 char *key_out, size_t key_out_len);
151
152 /* random numbers */
153 int crypto_seed_rng(void);
154 int crypto_rand(char *to, size_t n);
155 int crypto_rand_int(unsigned int max);
156 uint64_t crypto_rand_uint64(uint64_t max);
157
158 struct smartlist_t;
159 void *smartlist_choose(const struct smartlist_t *sl);
160
161 int base64_encode(char *dest, size_t destlen, const char *src, size_t srclen);
162 int base64_decode(char *dest, size_t destlen, const char *src, size_t srclen);
163 #define BASE32_CHARS "abcdefghijklmnopqrstuvwxyz234567"
164 void base32_encode(char *dest, size_t destlen, const char *src, size_t srclen);
165
166 int digest_to_base64(char *d64, const char *digest);
167 int digest_from_base64(char *digest, const char *d64);
168
169 #define S2K_SPECIFIER_LEN 9
170 void secret_to_key(char *key_out, size_t key_out_len, const char *secret,
171 size_t secret_len, const char *s2k_specifier);
172
173 #endif
174
The Onion Router