1 /*
2  * xfm.h
3  *
4  * interface for abstract crypto transform
5  *
6  * David A. McGrew
7  * Cisco Systems, Inc.
8  */
9 
10 #ifndef XFM_H
11 #define XFM_H
12 
13 #include "crypto_kernel.h"
14 #include "err.h"
15 
16 /**
17  * @defgroup Crypto Cryptography
18  *
19  * A simple interface to an abstract cryptographic transform that
20  * provides both confidentiality and message authentication.
21  *
22  * @{
23  */
24 
25 /**
26  * @brief applies a crypto transform
27  *
28  * The function pointer xfm_func_t points to a function that
29  * implements a crypto transform, and provides a uniform API for
30  * accessing crypto mechanisms.
31  *
32  * @param key       location of secret key
33  *
34  * @param clear     data to be authenticated only
35  *
36  * @param clear_len length of data to be authenticated only
37  *
38  * @param iv        location to write the Initialization Vector (IV)
39  *
40  * @param protect   location of the data to be encrypted and
41  * authenticated (before the function call), and the ciphertext
42  * and authentication tag (after the call)
43  *
44  * @param protected_len location of the length of the data to be
45  * encrypted and authenticated (before the function call), and the
46  * length of the ciphertext (after the call)
47  *
48  * @param auth_tag   location to write auth tag
49  */
50 
51 typedef err_status_t (*xfm_func_t)
52      (void *key,
53       void *clear,
54       unsigned clear_len,
55       void *iv,
56       void *protect,
57       unsigned *protected_len,
58       void *auth_tag
59       );
60 
61 typedef
62 err_status_t (*xfm_inv_t)
63      (void *key,            /* location of secret key                  */
64       void *clear,          /* data to be authenticated only           */
65       unsigned clear_len,   /* length of data to be authenticated only */
66       void *iv,             /* location of iv                          */
67       void *opaque,         /* data to be decrypted and authenticated  */
68       unsigned *opaque_len, /* location of the length of data to be
69 			     * decrypted and authd (before and after)
70 			     */
71       void *auth_tag        /* location of auth tag                    */
72       );
73 
74 typedef struct xfm_ctx_t {
75   xfm_func_t func;
76   xfm_inv_t  inv;
77   unsigned key_len;
78   unsigned iv_len;
79   unsigned auth_tag_len;
80 } xfm_ctx_t;
81 
82 typedef xfm_ctx_t *xfm_t;
83 
84 #define xfm_get_key_len(xfm) ((xfm)->key_len)
85 
86 #define xfm_get_iv_len(xfm) ((xfm)->iv_len)
87 
88 #define xfm_get_auth_tag_len(xfm) ((xfm)->auth_tag_len)
89 
90 
91 /* cryptoalgo - 5/28 */
92 
93 typedef err_status_t (*cryptoalg_func_t)
94      (void *key,
95       void *clear,
96       unsigned clear_len,
97       void *iv,
98       void *opaque,
99       unsigned *opaque_len
100       );
101 
102 typedef
103 err_status_t (*cryptoalg_inv_t)
104      (void *key,            /* location of secret key                  */
105       void *clear,          /* data to be authenticated only           */
106       unsigned clear_len,   /* length of data to be authenticated only */
107       void *iv,             /* location of iv                          */
108       void *opaque,         /* data to be decrypted and authenticated  */
109       unsigned *opaque_len  /* location of the length of data to be
110 			     * decrypted and authd (before and after)
111 			     */
112       );
113 
114 typedef struct cryptoalg_ctx_t {
115   cryptoalg_func_t enc;
116   cryptoalg_inv_t  dec;
117   unsigned key_len;
118   unsigned iv_len;
119   unsigned auth_tag_len;
120   unsigned max_expansion;
121 } cryptoalg_ctx_t;
122 
123 typedef cryptoalg_ctx_t *cryptoalg_t;
124 
125 #define cryptoalg_get_key_len(cryptoalg) ((cryptoalg)->key_len)
126 
127 #define cryptoalg_get_iv_len(cryptoalg) ((cryptoalg)->iv_len)
128 
129 #define cryptoalg_get_auth_tag_len(cryptoalg) ((cryptoalg)->auth_tag_len)
130 
131 
132 
133 /**
134  * @}
135  */
136 
137 #endif /* XFM_H */
138 
139 
140