/** \file crypt.h Public crypto interface. */
+/*
+ * Asymmetric pubkey cryptosystem (apc).
+ *
+ * This is just RSA, but this fact is a hidden implementation detail.
+ */
-/* These are used to distinguish between loading of private/public key. */
-
-/** The key to load is a public key. */
-#define LOAD_PUBLIC_KEY 0
-/** The key to load is a private key. */
-#define LOAD_PRIVATE_KEY 1
/** The size of the challenge sent to the client. */
-#define CHALLENGE_SIZE 64
+#define APC_CHALLENGE_SIZE 64
/** Opaque structure for public and private keys. */
struct asymmetric_key;
*
* \return The size of the encrypted data on success, negative on errors.
*/
-int pub_encrypt(struct asymmetric_key *pub, unsigned char *inbuf,
+int apc_pub_encrypt(struct asymmetric_key *pub, unsigned char *inbuf,
unsigned len, unsigned char *outbuf);
/**
*
* \return The size of the recovered plaintext on success, negative on errors.
*/
-int priv_decrypt(const char *key_file, unsigned char *outbuf,
+int apc_priv_decrypt(const char *key_file, unsigned char *outbuf,
unsigned char *inbuf, int inlen);
/**
*
* \return The size of the key on success, negative on errors.
*/
-int get_public_key(const char *key_file, struct asymmetric_key **result);
+int apc_get_pubkey(const char *key_file, struct asymmetric_key **result);
/**
* Deallocate a public key.
*
* \param key Pointer to the key structure to free.
*
- * This should be called for keys obtained by get_public_key() if the key is no
+ * This should be called for keys obtained by \ref apc_get_pubkey() if the key is no
* longer needed.
*/
-void free_public_key(struct asymmetric_key *key);
+void apc_free_pubkey(struct asymmetric_key *key);
/**
void get_random_bytes_or_die(unsigned char *buf, int num);
/**
- * Seed pseudo random number generators.
+ * Initialize the crypto backend.
*
- * This function seeds the PRNG used by random() with a random seed obtained
- * from the crypto implementation. On errors, an error message is logged and
- * the function calls exit().
+ * This function initializes the crypto library and seeds the pseudo random
+ * number generator used by random() with a random seed obtained from the
+ * crypto implementation. On errors, an error message is logged and the
+ * function calls exit().
*
* \sa \ref get_random_bytes_or_die(), srandom(3), random(3), \ref
* para_random().
*/
-void init_random_seed_or_die(void);
+void crypt_init(void);
+/** Allocate all resources of the crypto backend. */
+void crypt_shutdown(void);
/** Opaque structure for stream ciphers. */
struct stream_cipher;
/**
* Deallocate a stream cipher structure.
*
- * \param sc A stream cipher previously obtained by sc_new().
+ * \param sc A stream cipher previously obtained by \ref sc_new().
*/
void sc_free(struct stream_cipher *sc);
* will be filled by the function with the ascii representation of the hash
* value given by \a hash, and a terminating \p NULL byte.
*/
-void hash_to_asc(unsigned char *hash, char *asc);
+void hash_to_asc(const unsigned char *hash, char *asc);
/**
* Compare two hashes.
* \return 1, -1, or zero, depending on whether \a h1 is greater than,
* less than or equal to h2, respectively.
*/
-int hash_compare(unsigned char *h1, unsigned char *h2);
+int hash_compare(const unsigned char *h1, const unsigned char *h2);
+
+/** Size of the hash value in bytes. */
+#define HASH2_SIZE 32
+
+/**
+ * Compute the hash2 of the given input data.
+ *
+ * \param data Pointer to the data to compute the hash value from.
+ * \param len The length of \a data in bytes.
+ * \param hash Result pointer.
+ *
+ * \a hash must point to an area at least \p HASH2_SIZE bytes large.
+ *
+ * \sa sha(3), openssl(1).
+ * */
+void hash2_function(const char *data, unsigned long len, unsigned char *hash);
+
+/**
+ * Convert a hash2 value to ascii format.
+ *
+ * \param hash the hash value.
+ * \param asc Result pointer.
+ *
+ * \a asc must point to an area of at least 2 * \p HASH2_SIZE + 1 bytes which
+ * will be filled by the function with the ascii representation of the hash
+ * value given by \a hash, and a terminating \p NULL byte.
+ */
+void hash2_to_asc(const unsigned char *hash, char *asc);
+
+/**
+ * Compare two version 2 hashes.
+ *
+ * \param h1 Pointer to the first hash value.
+ * \param h2 Pointer to the second hash value.
+ *
+ * \return 1, -1, or zero, depending on whether \a h1 is greater than,
+ * less than or equal to h2, respectively.
+ */
+int hash2_compare(const unsigned char *h1, const unsigned char *h2);