Avoid problems with Doxygen by adding warn_unused_result attribute at the end of...
[strongswan.git] / src / libstrongswan / crypto / crypters / crypter.h
1 /*
2 * Copyright (C) 2005-2006 Martin Willi
3 * Copyright (C) 2005 Jan Hutter
4 * Hochschule fuer Technik Rapperswil
5 *
6 * This program is free software; you can redistribute it and/or modify it
7 * under the terms of the GNU General Public License as published by the
8 * Free Software Foundation; either version 2 of the License, or (at your
9 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
10 *
11 * This program is distributed in the hope that it will be useful, but
12 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
13 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14 * for more details.
15 */
16
17 /**
18 * @defgroup crypter crypter
19 * @{ @ingroup crypto
20 */
21
22 #ifndef CRYPTER_H_
23 #define CRYPTER_H_
24
25 typedef enum encryption_algorithm_t encryption_algorithm_t;
26 typedef struct crypter_t crypter_t;
27
28 #include <library.h>
29
30 /**
31 * Encryption algorithm, as in IKEv2 RFC 3.3.2.
32 */
33 enum encryption_algorithm_t {
34 ENCR_DES_IV64 = 1,
35 ENCR_DES = 2,
36 ENCR_3DES = 3,
37 ENCR_RC5 = 4,
38 ENCR_IDEA = 5,
39 ENCR_CAST = 6,
40 ENCR_BLOWFISH = 7,
41 ENCR_3IDEA = 8,
42 ENCR_DES_IV32 = 9,
43 ENCR_NULL = 11,
44 ENCR_AES_CBC = 12,
45 /** CTR as specified for IPsec (RFC5930/RFC3686), nonce appended to key */
46 ENCR_AES_CTR = 13,
47 ENCR_AES_CCM_ICV8 = 14,
48 ENCR_AES_CCM_ICV12 = 15,
49 ENCR_AES_CCM_ICV16 = 16,
50 ENCR_AES_GCM_ICV8 = 18,
51 ENCR_AES_GCM_ICV12 = 19,
52 ENCR_AES_GCM_ICV16 = 20,
53 ENCR_NULL_AUTH_AES_GMAC = 21,
54 ENCR_CAMELLIA_CBC = 23,
55 /* CTR as specified for IPsec (RFC5529), nonce appended to key */
56 ENCR_CAMELLIA_CTR = 24,
57 ENCR_CAMELLIA_CCM_ICV8 = 25,
58 ENCR_CAMELLIA_CCM_ICV12 = 26,
59 ENCR_CAMELLIA_CCM_ICV16 = 27,
60 ENCR_UNDEFINED = 1024,
61 ENCR_DES_ECB = 1025,
62 ENCR_SERPENT_CBC = 1026,
63 ENCR_TWOFISH_CBC = 1027
64 };
65
66 #define DES_BLOCK_SIZE 8
67 #define BLOWFISH_BLOCK_SIZE 8
68 #define AES_BLOCK_SIZE 16
69 #define CAMELLIA_BLOCK_SIZE 16
70 #define SERPENT_BLOCK_SIZE 16
71 #define TWOFISH_BLOCK_SIZE 16
72
73 /**
74 * enum name for encryption_algorithm_t.
75 */
76 extern enum_name_t *encryption_algorithm_names;
77
78 /**
79 * Generic interface for symmetric encryption algorithms.
80 */
81 struct crypter_t {
82
83 /**
84 * Encrypt a chunk of data and allocate space for the encrypted value.
85 *
86 * The length of the iv must equal to get_iv_size(), while the length
87 * of data must be a multiple of get_block_size().
88 * If encrypted is NULL, the encryption is done in-place (overwriting data).
89 *
90 * @param data data to encrypt
91 * @param iv initializing vector
92 * @param encrypted chunk to allocate encrypted data, or NULL
93 * @return TRUE if encryption successful
94 */
95 bool (*encrypt)(crypter_t *this, chunk_t data, chunk_t iv,
96 chunk_t *encrypted) __attribute__((warn_unused_result));
97
98 /**
99 * Decrypt a chunk of data and allocate space for the decrypted value.
100 *
101 * The length of the iv must equal to get_iv_size(), while the length
102 * of data must be a multiple of get_block_size().
103 * If decrpyted is NULL, the encryption is done in-place (overwriting data).
104 *
105 * @param data data to decrypt
106 * @param iv initializing vector
107 * @param encrypted chunk to allocate decrypted data, or NULL
108 * @return TRUE if decryption successful
109 */
110 bool (*decrypt)(crypter_t *this, chunk_t data, chunk_t iv,
111 chunk_t *decrypted) __attribute__((warn_unused_result));
112
113 /**
114 * Get the block size of the crypto algorithm.
115 *
116 * get_block_size() returns the smallest block the crypter can handle,
117 * not the block size of the underlying crypto algorithm. For counter mode,
118 * it is usually 1.
119 *
120 * @return block size in bytes
121 */
122 size_t (*get_block_size)(crypter_t *this);
123
124 /**
125 * Get the IV size of the crypto algorithm.
126 *
127 * @return initialization vector size in bytes
128 */
129 size_t (*get_iv_size)(crypter_t *this);
130
131 /**
132 * Get the key size of the crypto algorithm.
133 *
134 * get_key_size() might return a key length different from the key
135 * size passed to the factory constructor. For Counter Mode, the nonce
136 * is handled as a part of the key material and is passed to set_key().
137 *
138 * @return key size in bytes
139 */
140 size_t (*get_key_size)(crypter_t *this);
141
142 /**
143 * Set the key.
144 *
145 * The length of the key must match get_key_size().
146 *
147 * @param key key to set
148 * @return TRUE if key set successfully
149 */
150 bool (*set_key)(crypter_t *this,
151 chunk_t key) __attribute__((warn_unused_result));
152
153 /**
154 * Destroys a crypter_t object.
155 */
156 void (*destroy)(crypter_t *this);
157 };
158
159 /**
160 * Conversion of ASN.1 OID to encryption algorithm.
161 *
162 * @param oid ASN.1 OID
163 * @param key_size returns size of encryption key in bits
164 * @return encryption algorithm, ENCR_UNDEFINED if OID unsupported
165 */
166 encryption_algorithm_t encryption_algorithm_from_oid(int oid, size_t *key_size);
167
168 /**
169 * Conversion of encryption algorithm to ASN.1 OID.
170 *
171 * @param alg encryption algorithm
172 * @param key_size size of encryption key in bits
173 * @return ASN.1 OID, OID_UNKNOWN if OID is unknown
174 */
175 int encryption_algorithm_to_oid(encryption_algorithm_t alg, size_t key_size);
176
177 /**
178 * Check if an encryption algorithm identifier is an AEAD algorithm.
179 *
180 * @param alg algorithm identifier
181 * @return TRUE if it is an AEAD algorithm
182 */
183 bool encryption_algorithm_is_aead(encryption_algorithm_t alg);
184
185 #endif /** CRYPTER_H_ @}*/