X-Git-Url: http://git.tuebingen.mpg.de/?p=paraslash.git;a=blobdiff_plain;f=crypt.h;h=5ca6a54112b60f6d61b16485248fb28ff708df6b;hp=77806af6983895c13f3120f4f65c1c1d46b9b11d;hb=329bf73b72eea2c5be1bcbd9a9602c0a8994d0be;hpb=3879481ddabc38236b9eee979a090c2a9bfa74d3 diff --git a/crypt.h b/crypt.h index 77806af6..5ca6a541 100644 --- a/crypt.h +++ b/crypt.h @@ -1,20 +1,15 @@ -/* - * Copyright (C) 2005-2013 Andre Noll - * - * Licensed under the GPL v2. For licencing details see COPYING. - */ +/* Copyright (C) 2005 Andre Noll , see file COPYING. */ /** \file crypt.h Public crypto interface. */ +/* + * Asymmetric pubkey cryptosystem (apc). + * + * This is just RSA, but this fact is a hidden implementation detail. + */ -/* These are used to distinguish between loading of private/public key. */ - -/** The key to load is a public key. */ -#define LOAD_PUBLIC_KEY 0 -/** The key to load is a private key. */ -#define LOAD_PRIVATE_KEY 1 /** The size of the challenge sent to the client. */ -#define CHALLENGE_SIZE 64 +#define APC_CHALLENGE_SIZE 64 /** Opaque structure for public and private keys. */ struct asymmetric_key; @@ -29,7 +24,7 @@ struct asymmetric_key; * * \return The size of the encrypted data on success, negative on errors. */ -int pub_encrypt(struct asymmetric_key *pub, unsigned char *inbuf, +int apc_pub_encrypt(struct asymmetric_key *pub, unsigned char *inbuf, unsigned len, unsigned char *outbuf); /** @@ -44,29 +39,28 @@ int pub_encrypt(struct asymmetric_key *pub, unsigned char *inbuf, * * \return The size of the recovered plaintext on success, negative on errors. */ -int priv_decrypt(const char *key_file, unsigned char *outbuf, +int apc_priv_decrypt(const char *key_file, unsigned char *outbuf, unsigned char *inbuf, int inlen); /** * Read an asymmetric key from a file. * * \param key_file The file containing the key. - * \param private if non-zero, read the private key, otherwise the public key. * \param result The key structure is returned here. * * \return The size of the key on success, negative on errors. */ -int get_asymmetric_key(const char *key_file, int private, - struct asymmetric_key **result); +int apc_get_pubkey(const char *key_file, struct asymmetric_key **result); /** - * Deallocate an asymmetric key structure. + * Deallocate a public key. * * \param key Pointer to the key structure to free. * - * This must be called for any key obtained by get_asymmetric_key(). + * This should be called for keys obtained by \ref apc_get_pubkey() if the key is no + * longer needed. */ -void free_asymmetric_key(struct asymmetric_key *key); +void apc_free_pubkey(struct asymmetric_key *key); /** @@ -83,17 +77,20 @@ void free_asymmetric_key(struct asymmetric_key *key); void get_random_bytes_or_die(unsigned char *buf, int num); /** - * Seed pseudo random number generators. + * Initialize the crypto backend. * - * This function seeds the PRNG used by random() with a random seed obtained - * from the crypto implementation. On errors, an error message is logged and - * the function calls exit(). + * This function initializes the crypto library and seeds the pseudo random + * number generator used by random() with a random seed obtained from the + * crypto implementation. On errors, an error message is logged and the + * function calls exit(). * * \sa \ref get_random_bytes_or_die(), srandom(3), random(3), \ref * para_random(). */ -void init_random_seed_or_die(void); +void crypt_init(void); +/** Allocate all resources of the crypto backend. */ +void crypt_shutdown(void); /** Opaque structure for stream ciphers. */ struct stream_cipher; @@ -119,7 +116,7 @@ struct stream_cipher_context { }; /** - * Allocate and initialize a stream cipher structure. + * Allocate and initialize an aes_ctr128 stream cipher structure. * * \param data The key. * \param len The size of the key. @@ -161,106 +158,79 @@ _static_inline_ void sc_trafo(struct iovec *src, struct iovec *dst, /** * Deallocate a stream cipher structure. * - * \param sc A stream cipher previously obtained by sc_new(). + * \param sc A stream cipher previously obtained by \ref sc_new(). */ void sc_free(struct stream_cipher *sc); -/** - * Encrypt and send a buffer. - * - * \param scc The context. - * \param buf The buffer to send. - * \param len The size of \a buf in bytes. - * - * \return The return value of the underyling call to write_all(). - * - * \sa \ref write_all(), RC4(3). - */ -int sc_send_bin_buffer(struct stream_cipher_context *scc, char *buf, - size_t len); +/** Size of the hash value in bytes. */ +#define HASH_SIZE 20 /** - * Encrypt and send a \p NULL-terminated buffer. - * - * \param scc The context. - * \param buf The buffer to send. + * Compute the hash of the given input data. * - * \return The return value of the underyling call to sc_send_bin_buffer(). - */ -int sc_send_buffer(struct stream_cipher_context *scc, char *buf); - -/** - * Format, encrypt and send a buffer. + * \param data Pointer to the data to compute the hash value from. + * \param len The length of \a data in bytes. + * \param hash Result pointer. * - * \param scc The context. - * \param fmt A format string. + * \a hash must point to an area at least \p HASH_SIZE bytes large. * - * \return The return value of the underyling call to sc_send_buffer(). - */ -__printf_2_3 int sc_send_va_buffer(struct stream_cipher_context *scc, - const char *fmt, ...); + * \sa sha(3), openssl(1). + * */ +void hash_function(const char *data, unsigned long len, unsigned char *hash); /** - * Receive a buffer and decrypt it. - * - * \param scc The context. - * \param buf The buffer to write the decrypted data to. - * \param size The size of \a buf. + * Convert a hash value to ascii format. * - * \return The number of bytes received on success, negative on errors, zero if - * the peer has performed an orderly shutdown. + * \param hash the hash value. + * \param asc Result pointer. * - * \sa recv(2), RC4(3). + * \a asc must point to an area of at least 2 * \p HASH_SIZE + 1 bytes which + * will be filled by the function with the ascii representation of the hash + * value given by \a hash, and a terminating \p NULL byte. */ -int sc_recv_bin_buffer(struct stream_cipher_context *scc, char *buf, - size_t size); +void hash_to_asc(const unsigned char *hash, char *asc); /** - * Receive a buffer, decrypt it and write terminating NULL byte. - * - * \param scc The context. - * \param buf The buffer to write the decrypted data to. - * \param size The size of \a buf. + * Compare two hashes. * - * Read at most \a size - 1 bytes from file descriptor given by \a scc, decrypt - * the received data and write a NULL byte at the end of the decrypted data. + * \param h1 Pointer to the first hash value. + * \param h2 Pointer to the second hash value. * - * \return The return value of the underlying call to \ref - * sc_recv_bin_buffer(). + * \return 1, -1, or zero, depending on whether \a h1 is greater than, + * less than or equal to h2, respectively. */ -int sc_recv_buffer(struct stream_cipher_context *scc, char *buf, size_t size); +int hash_compare(const unsigned char *h1, const unsigned char *h2); /** Size of the hash value in bytes. */ -#define HASH_SIZE 20 - +#define HASH2_SIZE 32 /** - * Compute the hash of the given input data. + * Compute the hash2 of the given input data. * * \param data Pointer to the data to compute the hash value from. * \param len The length of \a data in bytes. * \param hash Result pointer. * - * \a hash must point to an area at least \p HASH_SIZE bytes large. + * \a hash must point to an area at least \p HASH2_SIZE bytes large. * * \sa sha(3), openssl(1). * */ -void hash_function(const char *data, unsigned long len, unsigned char *hash); +void hash2_function(const char *data, unsigned long len, unsigned char *hash); /** - * Convert a hash value to ascii format. + * Convert a hash2 value to ascii format. * * \param hash the hash value. * \param asc Result pointer. * - * \a asc must point to an area of at least 2 * \p HASH_SIZE + 1 bytes which + * \a asc must point to an area of at least 2 * \p HASH2_SIZE + 1 bytes which * will be filled by the function with the ascii representation of the hash * value given by \a hash, and a terminating \p NULL byte. */ -void hash_to_asc(unsigned char *hash, char *asc); +void hash2_to_asc(const unsigned char *hash, char *asc); /** - * Compare two hashes. + * Compare two version 2 hashes. * * \param h1 Pointer to the first hash value. * \param h2 Pointer to the second hash value. @@ -268,4 +238,4 @@ void hash_to_asc(unsigned char *hash, char *asc); * \return 1, -1, or zero, depending on whether \a h1 is greater than, * less than or equal to h2, respectively. */ -int hash_compare(unsigned char *h1, unsigned char *h2); +int hash2_compare(const unsigned char *h1, const unsigned char *h2);