Implemented an AEAD wrapper for traditional crypter/signer transforms
[strongswan.git] / src / libstrongswan / crypto / aead.h
1 /*
2 * Copyright (C) 2010 Martin Willi
3 * Copyright (C) 2010 revosec AG
4 *
5 * This program is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License as published by the
7 * Free Software Foundation; either version 2 of the License, or (at your
8 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
9 *
10 * This program is distributed in the hope that it will be useful, but
11 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
12 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
13 * for more details.
14 */
15
16 /**
17 * @defgroup aead aead
18 * @{ @ingroup crypto
19 */
20
21 #ifndef AEAD_H_
22 #define AEAD_H_
23
24 typedef struct aead_t aead_t;
25
26 #include <library.h>
27 #include <crypto/crypters/crypter.h>
28 #include <crypto/signers/signer.h>
29
30 /**
31 * Authenticated encryption / authentication decryption interface.
32 */
33 struct aead_t {
34
35 /**
36 * Encrypt and sign data, sign associated data.
37 *
38 * The plain data must be a multiple of get_block_size(), the IV must
39 * have a length of get_iv_size().
40 * If encrypted is NULL, the encryption is done inline. The buffer must
41 * have space for additional get_icv_size() data, the ICV value is
42 * appended silently to the plain chunk.
43 *
44 * @param plain data to encrypt and sign
45 * @param assoc associated data to sign
46 * @param iv initialization vector
47 * @param encrypted allocated encryption result
48 */
49 void (*encrypt)(aead_t *this, chunk_t plain, chunk_t assoc, chunk_t iv,
50 chunk_t *encrypted);
51
52 /**
53 * Decrypt and verify data, verify associated data.
54 *
55 * The IV must have a length of get_iv_size().
56 * If plain is NULL, the decryption is done inline. The decrypted data
57 * is returned in the encrypted chunk, the last get_icv_size() bytes
58 * contain the verified ICV.
59 *
60 * @param encrypted data to encrypt and verify
61 * @param assoc associated data to verify
62 * @param iv initialization vector
63 * @param plain allocated result, if successful
64 * @return TRUE if MAC verification successful
65 */
66 bool (*decrypt)(aead_t *this, chunk_t encrypted, chunk_t assoc, chunk_t iv,
67 chunk_t *plain);
68
69 /**
70 * Get the block size for encryption.
71 *
72 * @return block size in bytes
73 */
74 size_t (*get_block_size)(aead_t *this);
75
76 /**
77 * Get the integrity check value size of the algorithm.
78 *
79 * @return ICV size in bytes
80 */
81 size_t (*get_icv_size)(aead_t *this);
82
83 /**
84 * Get the size of the initialization vector.
85 *
86 * @return IV size in bytes
87 */
88 size_t (*get_iv_size)(aead_t *this);
89
90 /**
91 * Get the size of the key material (for encryption and authentication).
92 *
93 * @return key size in bytes
94 */
95 size_t (*get_key_size)(aead_t *this);
96
97 /**
98 * Set the key for encryption and authentication.
99 *
100 * @param key encryption and authentication key
101 */
102 void (*set_key)(aead_t *this, chunk_t key);
103
104 /**
105 * Destroy a aead_t.
106 */
107 void (*destroy)(aead_t *this);
108 };
109
110 /**
111 * Create a aead instance using traditional transforms.
112 *
113 * @param crypter encryption transform for this aead
114 * @param signer integrity tranform for this aead
115 * @return aead transform
116 */
117 aead_t *aead_create(crypter_t *crypter, signer_t *signer);
118
119 #endif /** AEAD_H_ @}*/