android: Improved simplified Chinese translation / 完善了简体中文翻译
[strongswan.git] / src / libstrongswan / crypto / crypters / crypter.h
1 /*
2 * Copyright (C) 2005-2006 Martin Willi
3 * Copyright (C) 2005 Jan Hutter
4 * Hochschule fuer Technik Rapperswil
5 *
6 * This program is free software; you can redistribute it and/or modify it
7 * under the terms of the GNU General Public License as published by the
8 * Free Software Foundation; either version 2 of the License, or (at your
9 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
10 *
11 * This program is distributed in the hope that it will be useful, but
12 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
13 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14 * for more details.
15 */
16
17 /**
18 * @defgroup crypter crypter
19 * @{ @ingroup crypto
20 */
21
22 #ifndef CRYPTER_H_
23 #define CRYPTER_H_
24
25 typedef enum encryption_algorithm_t encryption_algorithm_t;
26 typedef struct crypter_t crypter_t;
27
28 #include <library.h>
29
30 /**
31 * Encryption algorithm, as in IKEv2 RFC 3.3.2.
32 */
33 enum encryption_algorithm_t {
34 ENCR_DES_IV64 = 1,
35 ENCR_DES = 2,
36 ENCR_3DES = 3,
37 ENCR_RC5 = 4,
38 ENCR_IDEA = 5,
39 ENCR_CAST = 6,
40 ENCR_BLOWFISH = 7,
41 ENCR_3IDEA = 8,
42 ENCR_DES_IV32 = 9,
43 ENCR_NULL = 11,
44 ENCR_AES_CBC = 12,
45 /** CTR as specified for IPsec (RFC5930/RFC3686), nonce appended to key */
46 ENCR_AES_CTR = 13,
47 ENCR_AES_CCM_ICV8 = 14,
48 ENCR_AES_CCM_ICV12 = 15,
49 ENCR_AES_CCM_ICV16 = 16,
50 ENCR_AES_GCM_ICV8 = 18,
51 ENCR_AES_GCM_ICV12 = 19,
52 ENCR_AES_GCM_ICV16 = 20,
53 ENCR_NULL_AUTH_AES_GMAC = 21,
54 ENCR_CAMELLIA_CBC = 23,
55 /* CTR as specified for IPsec (RFC5529), nonce appended to key */
56 ENCR_CAMELLIA_CTR = 24,
57 ENCR_CAMELLIA_CCM_ICV8 = 25,
58 ENCR_CAMELLIA_CCM_ICV12 = 26,
59 ENCR_CAMELLIA_CCM_ICV16 = 27,
60 ENCR_UNDEFINED = 1024,
61 ENCR_DES_ECB = 1025,
62 ENCR_SERPENT_CBC = 1026,
63 ENCR_TWOFISH_CBC = 1027
64 };
65
66 #define DES_BLOCK_SIZE 8
67 #define BLOWFISH_BLOCK_SIZE 8
68 #define AES_BLOCK_SIZE 16
69 #define CAMELLIA_BLOCK_SIZE 16
70 #define SERPENT_BLOCK_SIZE 16
71 #define TWOFISH_BLOCK_SIZE 16
72
73 /**
74 * enum name for encryption_algorithm_t.
75 */
76 extern enum_name_t *encryption_algorithm_names;
77
78 /**
79 * Generic interface for symmetric encryption algorithms.
80 */
81 struct crypter_t {
82
83 /**
84 * Encrypt a chunk of data and allocate space for the encrypted value.
85 *
86 * The length of the iv must equal to get_iv_size(), while the length
87 * of data must be a multiple of get_block_size().
88 * If encrypted is NULL, the encryption is done in-place (overwriting data).
89 *
90 * @param data data to encrypt
91 * @param iv initializing vector
92 * @param encrypted chunk to allocate encrypted data, or NULL
93 * @return TRUE if encryption successful
94 */
95 __attribute__((warn_unused_result))
96 bool (*encrypt) (crypter_t *this, chunk_t data, chunk_t iv,
97 chunk_t *encrypted);
98
99 /**
100 * Decrypt a chunk of data and allocate space for the decrypted value.
101 *
102 * The length of the iv must equal to get_iv_size(), while the length
103 * of data must be a multiple of get_block_size().
104 * If decrpyted is NULL, the encryption is done in-place (overwriting data).
105 *
106 * @param data data to decrypt
107 * @param iv initializing vector
108 * @param encrypted chunk to allocate decrypted data, or NULL
109 * @return TRUE if decryption successful
110 */
111 __attribute__((warn_unused_result))
112 bool (*decrypt) (crypter_t *this, chunk_t data, chunk_t iv,
113 chunk_t *decrypted);
114
115 /**
116 * Get the block size of the crypto algorithm.
117 *
118 * get_block_size() returns the smallest block the crypter can handle,
119 * not the block size of the underlying crypto algorithm. For counter mode,
120 * it is usually 1.
121 *
122 * @return block size in bytes
123 */
124 size_t (*get_block_size) (crypter_t *this);
125
126 /**
127 * Get the IV size of the crypto algorithm.
128 *
129 * @return initialization vector size in bytes
130 */
131 size_t (*get_iv_size)(crypter_t *this);
132
133 /**
134 * Get the key size of the crypto algorithm.
135 *
136 * get_key_size() might return a key length different from the key
137 * size passed to the factory constructor. For Counter Mode, the nonce
138 * is handled as a part of the key material and is passed to set_key().
139 *
140 * @return key size in bytes
141 */
142 size_t (*get_key_size) (crypter_t *this);
143
144 /**
145 * Set the key.
146 *
147 * The length of the key must match get_key_size().
148 *
149 * @param key key to set
150 * @return TRUE if key set successfully
151 */
152 __attribute__((warn_unused_result))
153 bool (*set_key) (crypter_t *this, chunk_t key);
154
155 /**
156 * Destroys a crypter_t object.
157 */
158 void (*destroy) (crypter_t *this);
159 };
160
161 /**
162 * Conversion of ASN.1 OID to encryption algorithm.
163 *
164 * @param oid ASN.1 OID
165 * @param key_size returns size of encryption key in bits
166 * @return encryption algorithm, ENCR_UNDEFINED if OID unsupported
167 */
168 encryption_algorithm_t encryption_algorithm_from_oid(int oid, size_t *key_size);
169
170 /**
171 * Conversion of encryption algorithm to ASN.1 OID.
172 *
173 * @param alg encryption algorithm
174 * @param key_size size of encryption key in bits
175 * @return ASN.1 OID, OID_UNKNOWN if OID is unknown
176 */
177 int encryption_algorithm_to_oid(encryption_algorithm_t alg, size_t key_size);
178
179 /**
180 * Check if an encryption algorithm identifier is an AEAD algorithm.
181 *
182 * @param alg algorithm identifier
183 * @return TRUE if it is an AEAD algorithm
184 */
185 bool encryption_algorithm_is_aead(encryption_algorithm_t alg);
186
187 #endif /** CRYPTER_H_ @}*/