X-Git-Url: http://git.tuebingen.mpg.de/?p=paraslash.git;a=blobdiff_plain;f=crypt.h;h=85623fbae9a561a4809c26bf7e5e85ca5bbad6d4;hp=4696ee4a118c5791cfa40ae5cef2c4eb634807ef;hb=263cda6ee386b9c5d409ca02798632ca67282796;hpb=82d08fb6da4dfc7d93d1ee0cce4706721378fe12 diff --git a/crypt.h b/crypt.h index 4696ee4a..85623fba 100644 --- a/crypt.h +++ b/crypt.h @@ -1,19 +1,16 @@ -/* - * Copyright (C) 2005-2011 Andre Noll - * - * Licensed under the GPL v2. For licencing details see COPYING. - */ +/* Copyright (C) 2005 Andre Noll , see file COPYING. */ /** \file crypt.h Public crypto interface. */ -/** \cond used to distinguish between loading of private/public key */ +/* These are used to distinguish between loading of private/public key. */ + +/** The key to load is a public key. */ #define LOAD_PUBLIC_KEY 0 +/** The key to load is a private key. */ #define LOAD_PRIVATE_KEY 1 +/** The size of the challenge sent to the client. */ #define CHALLENGE_SIZE 64 -/** \endcond **/ - -/* asymetric (public key) crypto */ /** Opaque structure for public and private keys. */ struct asymmetric_key; @@ -50,22 +47,21 @@ int priv_decrypt(const char *key_file, unsigned char *outbuf, * Read an asymmetric key from a file. * * \param key_file The file containing the key. - * \param private if non-zero, read the private key, otherwise the public key. * \param result The key structure is returned here. * * \return The size of the key on success, negative on errors. */ -int get_asymmetric_key(const char *key_file, int private, - struct asymmetric_key **result); +int get_public_key(const char *key_file, struct asymmetric_key **result); /** - * Deallocate an asymmetric key structure. + * Deallocate a public key. * * \param key Pointer to the key structure to free. * - * This must be called for any key obtained by get_asymmetric_key(). + * This should be called for keys obtained by get_public_key() if the key is no + * longer needed. */ -void free_asymmetric_key(struct asymmetric_key *key); +void free_public_key(struct asymmetric_key *key); /** @@ -118,7 +114,7 @@ struct stream_cipher_context { }; /** - * Allocate and initialize a stream cipher structure. + * Allocate and initialize an aes_ctr128 stream cipher structure. * * \param data The key. * \param len The size of the key. @@ -128,82 +124,45 @@ struct stream_cipher_context { struct stream_cipher *sc_new(const unsigned char *data, int len); /** - * Deallocate a stream cipher structure. - * - * \param sc A stream cipher previously obtained by sc_new(). - */ -void sc_free(struct stream_cipher *sc); - -/** - * Encrypt and send a buffer. - * - * \param scc The context. - * \param buf The buffer to send. - * \param len The size of \a buf in bytes. + * Encrypt or decrypt a buffer using a stream cipher. * - * \return The return value of the underyling call to write_all(). + * \param sc Crypto key. + * \param src The source buffer and length. + * \param dst The destination buffer and length, filled out by the function. * - * \sa \ref write_all(), RC4(3). + * It is up to the implementation to decide whether the crypt operation is + * performed in place. The caller can tell by looking if the buffers given by + * \a src and \a dst coincide after the call. If (and only if) the crypt + * operation was not performed in place, the function allocated a new buffer + * for the result, so dst->iov_base is different from src->iov_base. In this + * case, the destination buffer must be freed by the caller when it is no + * longer needed. */ -int sc_send_bin_buffer(struct stream_cipher_context *scc, char *buf, - size_t len); +void sc_crypt(struct stream_cipher *sc, struct iovec *src, struct iovec *dst); /** - * Encrypt and send a \p NULL-terminated buffer. + * Wrapper for \ref sc_crypt() that can be used as a sideband transformation. * - * \param scc The context. - * \param buf The buffer to send. - * - * \return The return value of the underyling call to sc_send_bin_buffer(). + * \param src Passed verbatim to \ref sc_crypt(). + * \param dst Passed verbatim to \ref sc_crypt(). + * \param trafo_context Must point to an initialized stream cipher. */ -int sc_send_buffer(struct stream_cipher_context *scc, char *buf); +_static_inline_ void sc_trafo(struct iovec *src, struct iovec *dst, + void *trafo_context) +{ + sc_crypt(trafo_context, src, dst); +} /** - * Format, encrypt and send a buffer. - * - * \param scc The context. - * \param fmt A format string. - * - * \return The return value of the underyling call to sc_send_buffer(). - */ -__printf_2_3 int sc_send_va_buffer(struct stream_cipher_context *scc, - const char *fmt, ...); - -/** - * Receive a buffer and decrypt it. - * - * \param scc The context. - * \param buf The buffer to write the decrypted data to. - * \param size The size of \a buf. - * - * \return The number of bytes received on success, negative on errors, zero if - * the peer has performed an orderly shutdown. - * - * \sa recv(2), RC4(3). - */ -int sc_recv_bin_buffer(struct stream_cipher_context *scc, char *buf, - size_t size); - -/** - * Receive a buffer, decrypt it and write terminating NULL byte. - * - * \param scc The context. - * \param buf The buffer to write the decrypted data to. - * \param size The size of \a buf. - * - * Read at most \a size - 1 bytes from file descriptor given by \a scc, decrypt - * the received data and write a NULL byte at the end of the decrypted data. + * Deallocate a stream cipher structure. * - * \return The return value of the underlying call to \ref - * sc_recv_bin_buffer(). + * \param sc A stream cipher previously obtained by sc_new(). */ -int sc_recv_buffer(struct stream_cipher_context *scc, char *buf, size_t size); - +void sc_free(struct stream_cipher *sc); /** Size of the hash value in bytes. */ #define HASH_SIZE 20 - /** * Compute the hash of the given input data. *