1 /*
2  * auth.h
3  *
4  * common interface to authentication functions
5  *
6  * David A. McGrew
7  * Cisco Systems, Inc.
8  */
9 
10 /*
11  *
12  * Copyright (c) 2001-2006, Cisco Systems, Inc.
13  * All rights reserved.
14  *
15  * Redistribution and use in source and binary forms, with or without
16  * modification, are permitted provided that the following conditions
17  * are met:
18  *
19  *   Redistributions of source code must retain the above copyright
20  *   notice, this list of conditions and the following disclaimer.
21  *
22  *   Redistributions in binary form must reproduce the above
23  *   copyright notice, this list of conditions and the following
24  *   disclaimer in the documentation and/or other materials provided
25  *   with the distribution.
26  *
27  *   Neither the name of the Cisco Systems, Inc. nor the names of its
28  *   contributors may be used to endorse or promote products derived
29  *   from this software without specific prior written permission.
30  *
31  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
32  * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
33  * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
34  * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
35  * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
36  * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
37  * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
38  * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
39  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
40  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
41  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
42  * OF THE POSSIBILITY OF SUCH DAMAGE.
43  *
44  */
45 
46 #ifndef AUTH_H
47 #define AUTH_H
48 
49 #include "datatypes.h"
50 #include "err.h"                /* error codes    */
51 
52 typedef struct auth_type_t *auth_type_pointer;
53 typedef struct auth_t      *auth_pointer_t;
54 
55 typedef err_status_t (*auth_alloc_func)
56      (auth_pointer_t *ap, int key_len, int out_len);
57 
58 typedef err_status_t (*auth_init_func)
59      (void *state, const uint8_t *key, int key_len);
60 
61 typedef err_status_t (*auth_dealloc_func)(auth_pointer_t ap);
62 
63 typedef err_status_t (*auth_compute_func)
64      (void *state, uint8_t *buffer, int octets_to_auth,
65       int tag_len, uint8_t *tag);
66 
67 typedef err_status_t (*auth_update_func)
68      (void *state, uint8_t *buffer, int octets_to_auth);
69 
70 typedef err_status_t (*auth_start_func)(void *state);
71 
72 /* some syntactic sugar on these function types */
73 
74 #define auth_type_alloc(at, a, klen, outlen)                        \
75                  ((at)->alloc((a), (klen), (outlen)))
76 
77 #define auth_init(a, key)                                           \
78                  (((a)->type)->init((a)->state, (key), ((a)->key_len)))
79 
80 #define auth_compute(a, buf, len, res)                              \
81        (((a)->type)->compute((a)->state, (buf), (len), (a)->out_len, (res)))
82 
83 #define auth_update(a, buf, len)                                    \
84        (((a)->type)->update((a)->state, (buf), (len)))
85 
86 #define auth_start(a)(((a)->type)->start((a)->state))
87 
88 #define auth_dealloc(c) (((c)->type)->dealloc(c))
89 
90 /* functions to get information about a particular auth_t */
91 
92 int
93 auth_get_key_length(const struct auth_t *a);
94 
95 int
96 auth_get_tag_length(const struct auth_t *a);
97 
98 int
99 auth_get_prefix_length(const struct auth_t *a);
100 
101 /*
102  * auth_test_case_t is a (list of) key/message/tag values that are
103  * known to be correct for a particular cipher.  this data can be used
104  * to test an implementation in an on-the-fly self test of the
105  * correcness of the implementation.  (see the auth_type_self_test()
106  * function below)
107  */
108 
109 typedef struct auth_test_case_t {
110   int key_length_octets;                    /* octets in key            */
111   uint8_t *key;                             /* key                      */
112   int data_length_octets;                   /* octets in data           */
113   uint8_t *data;                            /* data                     */
114   int tag_length_octets;                    /* octets in tag            */
115   uint8_t *tag;                             /* tag                      */
116   struct auth_test_case_t *next_test_case;  /* pointer to next testcase */
117 } auth_test_case_t;
118 
119 /* auth_type_t */
120 
121 typedef struct auth_type_t {
122   auth_alloc_func      alloc;
123   auth_dealloc_func    dealloc;
124   auth_init_func       init;
125   auth_compute_func    compute;
126   auth_update_func     update;
127   auth_start_func      start;
128   char                *description;
129   int                  ref_count;
130   auth_test_case_t    *test_data;
131   debug_module_t      *debug;
132 } auth_type_t;
133 
134 typedef struct auth_t {
135   auth_type_t *type;
136   void        *state;
137   int          out_len;           /* length of output tag in octets */
138   int          key_len;           /* length of key in octets        */
139   int          prefix_len;        /* length of keystream prefix     */
140 } auth_t;
141 
142 /*
143  * auth_type_self_test() tests an auth_type against test cases
144  * provided in an array of values of key/message/tag that is known to
145  * be good
146  */
147 
148 err_status_t
149 auth_type_self_test(const auth_type_t *at);
150 
151 /*
152  * auth_type_get_ref_count(at) returns the reference count (the number
153  * of instantiations) of the auth_type_t at
154  */
155 
156 int
157 auth_type_get_ref_count(const auth_type_t *at);
158 
159 #endif /* AUTH_H */
160