1/*
2 * xfm.h
3 *
4 * interface for abstract crypto transform
5 *
6 * David A. McGrew
7 * Cisco Systems, Inc.
8 */
9
10#ifndef XFM_H
11#define XFM_H
12
13#include "crypto_kernel.h"
14#include "err.h"
15
16/**
17 * @defgroup Crypto Cryptography
18 *
19 * A simple interface to an abstract cryptographic transform that
20 * provides both confidentiality and message authentication.
21 *
22 * @{
23 */
24
25/**
26 * @brief applies a crypto transform
27 *
28 * The function pointer xfm_func_t points to a function that
29 * implements a crypto transform, and provides a uniform API for
30 * accessing crypto mechanisms.
31 *
32 * @param key       location of secret key
33 *
34 * @param clear     data to be authenticated only
35 *
36 * @param clear_len length of data to be authenticated only
37 *
38 * @param iv        location to write the Initialization Vector (IV)
39 *
40 * @param protect   location of the data to be encrypted and
41 * authenticated (before the function call), and the ciphertext
42 * and authentication tag (after the call)
43 *
44 * @param protected_len location of the length of the data to be
45 * encrypted and authenticated (before the function call), and the
46 * length of the ciphertext (after the call)
47 *
48 * @param auth_tag   location to write auth tag
49 */
50
51typedef err_status_t (*xfm_func_t)
52     (void *key,
53      void *clear,
54      unsigned clear_len,
55      void *iv,
56      void *protect,
57      unsigned *protected_len,
58      void *auth_tag
59      );
60
61typedef
62err_status_t (*xfm_inv_t)
63     (void *key,            /* location of secret key                  */
64      void *clear,          /* data to be authenticated only           */
65      unsigned clear_len,   /* length of data to be authenticated only */
66      void *iv,             /* location of iv                          */
67      void *opaque,         /* data to be decrypted and authenticated  */
68      unsigned *opaque_len, /* location of the length of data to be
69			     * decrypted and authd (before and after)
70			     */
71      void *auth_tag        /* location of auth tag                    */
72      );
73
74typedef struct xfm_ctx_t {
75  xfm_func_t func;
76  xfm_inv_t  inv;
77  unsigned key_len;
78  unsigned iv_len;
79  unsigned auth_tag_len;
80} xfm_ctx_t;
81
82typedef xfm_ctx_t *xfm_t;
83
84#define xfm_get_key_len(xfm) ((xfm)->key_len)
85
86#define xfm_get_iv_len(xfm) ((xfm)->iv_len)
87
88#define xfm_get_auth_tag_len(xfm) ((xfm)->auth_tag_len)
89
90
91/* cryptoalgo - 5/28 */
92
93typedef err_status_t (*cryptoalg_func_t)
94     (void *key,
95      void *clear,
96      unsigned clear_len,
97      void *iv,
98      void *opaque,
99      unsigned *opaque_len
100      );
101
102typedef
103err_status_t (*cryptoalg_inv_t)
104     (void *key,            /* location of secret key                  */
105      void *clear,          /* data to be authenticated only           */
106      unsigned clear_len,   /* length of data to be authenticated only */
107      void *iv,             /* location of iv                          */
108      void *opaque,         /* data to be decrypted and authenticated  */
109      unsigned *opaque_len  /* location of the length of data to be
110			     * decrypted and authd (before and after)
111			     */
112      );
113
114typedef struct cryptoalg_ctx_t {
115  cryptoalg_func_t enc;
116  cryptoalg_inv_t  dec;
117  unsigned key_len;
118  unsigned iv_len;
119  unsigned auth_tag_len;
120  unsigned max_expansion;
121} cryptoalg_ctx_t;
122
123typedef cryptoalg_ctx_t *cryptoalg_t;
124
125#define cryptoalg_get_key_len(cryptoalg) ((cryptoalg)->key_len)
126
127#define cryptoalg_get_iv_len(cryptoalg) ((cryptoalg)->iv_len)
128
129#define cryptoalg_get_auth_tag_len(cryptoalg) ((cryptoalg)->auth_tag_len)
130
131
132
133/**
134 * @}
135 */
136
137#endif /* XFM_H */
138
139
140