summaryrefslogtreecommitdiff
path: root/src/libstrongswan/crypto/crypters/crypter.h
diff options
context:
space:
mode:
Diffstat (limited to 'src/libstrongswan/crypto/crypters/crypter.h')
-rw-r--r--src/libstrongswan/crypto/crypters/crypter.h121
1 files changed, 45 insertions, 76 deletions
diff --git a/src/libstrongswan/crypto/crypters/crypter.h b/src/libstrongswan/crypto/crypters/crypter.h
index 46d94ce93..aade888fa 100644
--- a/src/libstrongswan/crypto/crypters/crypter.h
+++ b/src/libstrongswan/crypto/crypters/crypter.h
@@ -1,10 +1,3 @@
-/**
- * @file crypter.h
- *
- * @brief Interface crypter_t
- *
- */
-
/*
* Copyright (C) 2005-2006 Martin Willi
* Copyright (C) 2005 Jan Hutter
@@ -19,6 +12,13 @@
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* for more details.
+ *
+ * $Id: crypter.h 3971 2008-05-16 13:27:21Z tobias $
+ */
+
+/**
+ * @defgroup crypter crypter
+ * @{ @ingroup crypto
*/
#ifndef CRYPTER_H_
@@ -30,21 +30,12 @@ typedef struct crypter_t crypter_t;
#include <library.h>
/**
- * @brief Encryption algorithm, as in IKEv2 RFC 3.3.2.
- *
- * Currently only the following algorithms are implemented:
- * - ENCR_AES_CBC
- * - ENCR_DES
- * - ENCR_3DES
- *
- * @ingroup crypters
+ * Encryption algorithm, as in IKEv2 RFC 3.3.2.
*/
enum encryption_algorithm_t {
ENCR_UNDEFINED = 1024,
ENCR_DES_IV64 = 1,
- /** Implemented in class des_crypter_t */
ENCR_DES = 2,
- /** Implemented in class des_crypter_t */
ENCR_3DES = 3,
ENCR_RC5 = 4,
ENCR_IDEA = 5,
@@ -53,9 +44,14 @@ enum encryption_algorithm_t {
ENCR_3IDEA = 8,
ENCR_DES_IV32 = 9,
ENCR_NULL = 11,
- /** Implemented in class aes_cbc_crypter_t */
ENCR_AES_CBC = 12,
- ENCR_AES_CTR = 13
+ ENCR_AES_CTR = 13,
+ ENCR_AES_CCM_ICV8 = 14,
+ ENCR_AES_CCM_ICV12 = 15,
+ ENCR_AES_CCM_ICV16 = 16,
+ ENCR_AES_GCM_ICV8 = 18,
+ ENCR_AES_GCM_ICV12 = 19,
+ ENCR_AES_GCM_ICV16 = 20
};
/**
@@ -64,92 +60,65 @@ enum encryption_algorithm_t {
extern enum_name_t *encryption_algorithm_names;
/**
- * @brief Generic interface for symmetric encryption algorithms.
- *
- * @b Constructors:
- * - crypter_create()
- *
- * @ingroup crypters
+ * Generic interface for symmetric encryption algorithms.
*/
struct crypter_t {
/**
- * @brief Encrypt a chunk of data and allocate space for the encrypted value.
+ * Encrypt a chunk of data and allocate space for the encrypted value.
*
- * @param this calling object
- * @param data data to encrypt
- * @param iv initializing vector
- * @param[out] encrypted pointer where the encrypted bytes will be written
- * @return
- * - SUCCESS
- * - INVALID_ARG if data size not a multiple of block size
+ * The length of the iv must equal to get_block_size(), while the length
+ * of data must be a multiple it.
+ * If encrypted is NULL, the encryption is done in-place (overwriting data).
+ *
+ * @param data data to encrypt
+ * @param iv initializing vector
+ * @param encrypted chunk to allocate encrypted data, or NULL
*/
- status_t (*encrypt) (crypter_t *this, chunk_t data, chunk_t iv, chunk_t *encrypted);
+ void (*encrypt) (crypter_t *this, chunk_t data, chunk_t iv,
+ chunk_t *encrypted);
/**
- * @brief Decrypt a chunk of data and allocate space for the decrypted value.
+ * Decrypt a chunk of data and allocate space for the decrypted value.
+ *
+ * The length of the iv must equal to get_block_size(), while the length
+ * of data must be a multiple it.
+ * If decrpyted is NULL, the encryption is done in-place (overwriting data).
*
- * @param this calling object
- * @param data data to decrypt
- * @param iv initializing vector
- * @param[out] encrypted pointer where the decrypted bytes will be written
- * @return
- * - SUCCESS
- * - INVALID_ARG if data size not a multiple of block size
+ * @param data data to decrypt
+ * @param iv initializing vector
+ * @param encrypted chunk to allocate decrypted data, or NULL
*/
- status_t (*decrypt) (crypter_t *this, chunk_t data, chunk_t iv, chunk_t *decrypted);
+ void (*decrypt) (crypter_t *this, chunk_t data, chunk_t iv,
+ chunk_t *decrypted);
/**
- * @brief Get the block size of this crypter_t object.
+ * Get the block size of the crypto algorithm.
*
- * @param this calling object
* @return block size in bytes
*/
size_t (*get_block_size) (crypter_t *this);
/**
- * @brief Get the key size of this crypter_t object.
+ * Get the key size of the crypto algorithm.
*
- * @param this calling object
* @return key size in bytes
*/
size_t (*get_key_size) (crypter_t *this);
/**
- * @brief Set the key for this crypter_t object.
- *
- * @param this calling object
+ * Set the key.
+ *
+ * The length of the key must match get_key_size().
+ *
* @param key key to set
- * @return
- * - SUCCESS
- * - INVALID_ARG if key length invalid
*/
- status_t (*set_key) (crypter_t *this, chunk_t key);
+ void (*set_key) (crypter_t *this, chunk_t key);
/**
- * @brief Destroys a crypter_t object.
- *
- * @param this calling object
+ * Destroys a crypter_t object.
*/
void (*destroy) (crypter_t *this);
};
-/**
- * @brief Generic constructor for crypter_t objects.
- *
- * Currently only the following algorithms are implemented:
- * - ENCR_AES_CBC
- * - ENCR_DES
- * - ENCR_3DES
- *
- * The key_size is ignored for algorithms with fixed key size.
- *
- * @param encryption_algorithm Algorithm to use for crypter
- * @param key_size size of the key in bytes
- * @return
- * - crypter_t object
- * - NULL if encryption algorithm/key_size is not supported
- */
-crypter_t *crypter_create(encryption_algorithm_t encryption_algorithm, size_t key_size);
-
-#endif /*CRYPTER_H_*/
+#endif /*CRYPTER_H_ @} */