/* Forward declarations */
typedef struct SilcCipherObjectStruct SilcCipherObject;
-/****s* silccrypt/SilcCipherAPI/SilcCipher
+/****s* silccrypt/SilcCipher
*
* NAME
*
***/
typedef struct SilcCipherStruct *SilcCipher;
-/****d* silccrypt/SilcCipherAPI/SilcCipherMode
+/****d* silccrypt/Ciphers
+ *
+ * NAME
+ *
+ * Ciphers
+ *
+ * DESCRIPTION
+ *
+ * Supported ciphers names. These names can be given as argument
+ * to silc_cipher_alloc.
+ *
+ * SOURCE
+ */
+
+/* AES in CTR mode, in different key lengths */
+#define SILC_CIPHER_AES_256_CTR "aes-256-ctr"
+#define SILC_CIPHER_AES_192_CTR "aes-192-ctr"
+#define SILC_CIPHER_AES_128_CTR "aes-128-ctr"
+
+/* AES in CBC mode, in different key lengths */
+#define SILC_CIPHER_AES_256_CBC "aes-256-cbc"
+#define SILC_CIPHER_AES_192_CBC "aes-192-cbc"
+#define SILC_CIPHER_AES_128_CBC "aes-128-cbc"
+
+/* AES in CFB mode, in different key lengths */
+#define SILC_CIPHER_AES_256_CFB "aes-256-cfb"
+#define SILC_CIPHER_AES_192_CFB "aes-192-cfb"
+#define SILC_CIPHER_AES_128_CFB "aes-128-cfb"
+
+/* AES in ECB mode, in different key lengths */
+#define SILC_CIPHER_AES_256_ECB "aes-256-ecb"
+#define SILC_CIPHER_AES_192_ECB "aes-192-ecb"
+#define SILC_CIPHER_AES_128_ECB "aes-128-ecb"
+
+/* Twofish in CTR mode, in different key lengths */
+#define SILC_CIPHER_TWOFISH_256_CTR "twofish-256-ctr"
+#define SILC_CIPHER_TWOFISH_192_CTR "twofish-192-ctr"
+#define SILC_CIPHER_TWOFISH_128_CTR "twofish-128-ctr"
+
+/* Twofish in CBC mode, in different key lengths */
+#define SILC_CIPHER_TWOFISH_256_CBC "twofish-256-cbc"
+#define SILC_CIPHER_TWOFISH_192_CBC "twofish-192-cbc"
+#define SILC_CIPHER_TWOFISH_128_CBC "twofish-128-cbc"
+
+/* Twofish in CFB mode, in different key lengths */
+#define SILC_CIPHER_TWOFISH_256_CFB "twofish-256-cfb"
+#define SILC_CIPHER_TWOFISH_192_CFB "twofish-192-cfb"
+#define SILC_CIPHER_TWOFISH_128_CFB "twofish-128-cfb"
+
+/* Twofish in ECB mode, in different key lengths */
+#define SILC_CIPHER_TWOFISH_256_ECB "twofish-256-ecb"
+#define SILC_CIPHER_TWOFISH_192_ECB "twofish-192-ecb"
+#define SILC_CIPHER_TWOFISH_128_ECB "twofish-128-ecb"
+
+/* CAST-128 in CTR, CBC, CFB, ECB modes, 128-bit key length */
+#define SILC_CIPHER_CAST5_128_CTR "cast5-128-ctr"
+#define SILC_CIPHER_CAST5_128_CBC "cast5-128-cbc"
+#define SILC_CIPHER_CAST5_128_CFB "cast5-128-cfb"
+#define SILC_CIPHER_CAST5_128_ECB "cast5-128-ecb"
+
+/* DES in CTR, CBC, CFB, ECB modes, 56-bit key length */
+#define SILC_CIPHER_DES_56_CTR "des-56-ctr"
+#define SILC_CIPHER_DES_56_CBC "des-56-cbc"
+#define SILC_CIPHER_DES_56_CFB "des-56-cfb"
+#define SILC_CIPHER_DES_56_ECB "des-56-ecb"
+
+/* 3DES in CTR, CBC, CFB, ECB modes, 168-bit (192-bit) key length */
+#define SILC_CIPHER_3DES_168_CTR "3des-168-ctr"
+#define SILC_CIPHER_3DES_168_CBC "3des-168-cbc"
+#define SILC_CIPHER_3DES_168_CFB "3des-168-cfb"
+#define SILC_CIPHER_3DES_168_ECB "3des-168-ecb"
+
+/* No encryption */
+#define SILC_CIPHER_NONE "none"
+/***/
+
+/****d* silccrypt/Cipher Algorithms
+ *
+ * NAME
+ *
+ * Cipher Algorithms
+ *
+ * DESCRIPTION
+ *
+ * Supported cipher algorithm names. These names can be give as argument
+ * to silc_cipher_alloc_full.
+ *
+ * SOURCE
+ */
+#define SILC_CIPHER_AES "aes" /* AES */
+#define SILC_CIPHER_TWOFISH "twofish" /* Twofish */
+#define SILC_CIPHER_CAST5 "cast5" /* CAST-128 */
+#define SILC_CIPHER_DES "des" /* DES */
+#define SILC_CIPHER_3DES "3des" /* Triple-DES */
+/***/
+
+/****d* silccrypt/SilcCipherMode
*
* NAME
*
*
* SILC_CIPHER_MODE_CBC
*
- * The Cipher-block Chaining mode. The CBC is mode is a standard CBC
- * mode. The plaintext length must be multiple by the cipher block size.
- * If it isn't the plaintext must be padded.
+ * The Cipher-block Chaining mode. The plaintext length must be
+ * multiple by the cipher block size. If it isn't the plaintext must
+ * be padded.
*
* SILC_CIPHER_MODE_CTR
*
- * The Counter mode. The CTR is normal counter mode. The CTR mode does
- * not require the plaintext length to be multiple by the cipher block
- * size. If the last plaintext block is shorter the remaining bits of
- * the key stream are used next time silc_cipher_encrypt is called. If
- * silc_cipher_set_iv is called it will reset the counter for a new block
- * (discarding any remaining bits from previous key stream). The counter
- * mode expects MSB first ordered counter. Note also, the counter is
- * incremented when silc_cipher_encrypt is called for the first time,
- * before encrypting.
+ * The Counter mode. The CTR mode does not require the plaintext length
+ * to be multiple by the cipher block size. If the last plaintext block
+ * is shorter the remaining bits of the key stream are used next time
+ * silc_cipher_encrypt is called. If silc_cipher_set_iv is called it
+ * will reset the counter for a new block (discarding any remaining
+ * bits from previous key stream). The CTR mode expects MSB first
+ * ordered counter. Note also, the counter is incremented when
+ * silc_cipher_encrypt is called for the first time, before encrypting.
*
* SILC_CIPHER_MODE_CFB
*
- * The Cipher Feedback mode. The CFB mode is normal cipher feedback mode.
- * The CFB mode does not require the plaintext length to be multiple by
- * the cipher block size. If the last plaintext block is shorter the
- * remaining bits of the stream are used next time silc_cipher_encrypt is
- * called. If silc_cipher_set_iv is called it will reset the feedback
- * for a new block (discarding any remaining bits from previous stream).
+ * The Cipher Feedback mode. The CFB mode does not require the plaintext
+ * length to be multiple by the cipher block size. If the last plaintext
+ * block is shorter the remaining bits of the stream are used next time
+ * silc_cipher_encrypt is called. If silc_cipher_set_iv is called it
+ * will reset the feedback for a new block (discarding any remaining
+ * bits from previous stream).
*
* SILC_CIPHER_MODE_OFB
*
* SILC_CIPHER_MODE_ECB
*
* The Electronic Codebook mode. This mode does not provide sufficient
- * security and should not be used.
+ * security and should not be used alone.
*
- * Each mode modifies the IV (initialization vector) of the cipher when
- * silc_cipher_encrypt or silc_cipher_decrypt is called. The IV may be
- * set/reset by calling silc_cipher_set_iv and the current IV can be
- * retrieved by calling silc_cipher_get_iv.
+ * Each mode using and IV (initialization vector) modifies the IV of the
+ * cipher when silc_cipher_encrypt or silc_cipher_decrypt is called. The
+ * IV may be set/reset by calling silc_cipher_set_iv and the current IV
+ * can be retrieved by calling silc_cipher_get_iv.
*
* SOURCE
*/
/***/
#define SILC_CIPHER_MAX_IV_SIZE 16 /* Maximum IV size */
-#define SILC_DEFAULT_CIPHER "aes-256-cbc" /* Default cipher */
/* Marks for all ciphers in silc. This can be used in silc_cipher_unregister
to unregister all ciphers at once. */
/* Prototypes */
-/****f* silccrypt/SilcCipherAPI/silc_cipher_register
+/****f* silccrypt/silc_cipher_register
*
* SYNOPSIS
*
*
* DESCRIPTION
*
- * Register a new cipher into SILC. This is used at the initialization of
- * the SILC. This function allocates a new object for the cipher to be
- * registered. Therefore, if memory has been allocated for the object sent
- * as argument it has to be free'd after this function returns succesfully.
+ * Register a new cipher into SILC. This can be used at the initialization
+ * of an applicatio. Usually this function is not needed. The default
+ * ciphers are automatically registered. This can be used to change the
+ * order of the registered ciphers by re-registering them in desired order,
+ * or add new ciphers.
*
***/
SilcBool silc_cipher_register(const SilcCipherObject *cipher);
-/****f* silccrypt/SilcCipherAPI/silc_cipher_unregister
+/****f* silccrypt/silc_cipher_unregister
*
* SYNOPSIS
*
***/
SilcBool silc_cipher_unregister(SilcCipherObject *cipher);
-/****f* silccrypt/SilcCipherAPI/silc_cipher_register_default
+/****f* silccrypt/silc_cipher_register_default
*
* SYNOPSIS
*
* DESCRIPTION
*
* Function that registers all the default ciphers (all builtin ciphers).
- * The application may use this to register the default ciphers if specific
- * ciphers in any specific order is not wanted.
+ * Application need not call this directly. By calling silc_crypto_init
+ * this function is called.
*
***/
SilcBool silc_cipher_register_default(void);
-/****f* silccrypt/SilcCipherAPI/silc_cipher_unregister_all
+/****f* silccrypt/silc_cipher_unregister_all
*
* SYNOPSIS
*
*
* DESCRIPTION
*
- * Unregisters all ciphers.
+ * Unregisters all ciphers. Application need not call this directly.
+ * By calling silc_crypto_init this function is called.
*
***/
SilcBool silc_cipher_unregister_all(void);
-/****f* silccrypt/SilcCipherAPI/silc_cipher_alloc
+/****f* silccrypt/silc_cipher_alloc
*
* SYNOPSIS
*
*
* DESCRIPTION
*
- * Allocates a new SILC cipher object. Function returns TRUE on succes
+ * Allocates a new SILC cipher object. Function returns TRUE on succes
* and FALSE on error. The allocated cipher is returned in new_cipher
* argument. The caller must set the key to the cipher after this
* function has returned by calling the silc_cipher_set_key.
*
- * The following ciphers are supported:
- *
- * aes-256-ctr AES-256, Counter mode
- * aes-192-ctr AES-192, Counter mode
- * aes-128-ctr AES,128, Counter mode
- * aes-256-cbc AES-256, Cipher block chaining mode
- * aes-192-cbc AES-192, Cipher block chaining mode
- * aes-128-cbc AES,128, Cipher block chaining mode
- * twofish-256-cbc Twofish-256, Cipher block chaining mode
- * twofish-192-cbc Twofish-192, Cipher block chaining mode
- * twofish-128-cbc Twofish-128, Cipher block chaining mode
- *
- * Notes about modes:
- *
***/
SilcBool silc_cipher_alloc(const char *name, SilcCipher *new_cipher);
-/****f* silccrypt/SilcCipherAPI/silc_cipher_alloc
+/****f* silccrypt/silc_cipher_alloc
*
* SYNOPSIS
*
* DESCRIPTION
*
* Same as silc_cipher_alloc but takes the cipher algorithm name,
- * key length and mode as separate arguments.
+ * key length and mode as separate arguments.
*
***/
SilcBool silc_cipher_alloc_full(const char *alg_name, SilcUInt32 key_len,
SilcCipherMode mode, SilcCipher *new_cipher);
-/****f* silccrypt/SilcCipherAPI/silc_cipher_free
+/****f* silccrypt/silc_cipher_free
*
* SYNOPSIS
*
***/
void silc_cipher_free(SilcCipher cipher);
-/****f* silccrypt/SilcCipherAPI/silc_cipher_is_supported
+/****f* silccrypt/silc_cipher_is_supported
*
* SYNOPSIS
*
***/
SilcBool silc_cipher_is_supported(const char *name);
-/****f* silccrypt/SilcCipherAPI/silc_cipher_get_supported
+/****f* silccrypt/silc_cipher_get_supported
*
* SYNOPSIS
*
***/
char *silc_cipher_get_supported(SilcBool only_registered);
-/****f* silccrypt/SilcCipherAPI/silc_cipher_encrypt
+/****f* silccrypt/silc_cipher_encrypt
*
* SYNOPSIS
*
unsigned char *dst, SilcUInt32 len,
unsigned char *iv);
-/****f* silccrypt/SilcCipherAPI/silc_cipher_decrypt
+/****f* silccrypt/silc_cipher_decrypt
*
* SYNOPSIS
*
unsigned char *dst, SilcUInt32 len,
unsigned char *iv);
-/****f* silccrypt/SilcCipherAPI/silc_cipher_set_key
+/****f* silccrypt/silc_cipher_set_key
*
* SYNOPSIS
*
SilcBool silc_cipher_set_key(SilcCipher cipher, const unsigned char *key,
SilcUInt32 bit_keylen, SilcBool encryption);
-/****f* silccrypt/SilcCipherAPI/silc_cipher_set_iv
+/****f* silccrypt/silc_cipher_set_iv
*
* SYNOPSIS
*
***/
void silc_cipher_set_iv(SilcCipher cipher, const unsigned char *iv);
-/****f* silccrypt/SilcCipherAPI/silc_cipher_get_iv
+/****f* silccrypt/silc_cipher_get_iv
*
* SYNOPSIS
*
***/
unsigned char *silc_cipher_get_iv(SilcCipher cipher);
-/****f* silccrypt/SilcCipherAPI/silc_cipher_get_key_len
+/****f* silccrypt/silc_cipher_get_key_len
*
* SYNOPSIS
*
***/
SilcUInt32 silc_cipher_get_key_len(SilcCipher cipher);
-/****f* silccrypt/SilcCipherAPI/silc_cipher_get_block_len
+/****f* silccrypt/silc_cipher_get_block_len
*
* SYNOPSIS
*
***/
SilcUInt32 silc_cipher_get_block_len(SilcCipher cipher);
-/****f* silccrypt/SilcCipherAPI/silc_cipher_get_iv_len
+/****f* silccrypt/silc_cipher_get_iv_len
*
* SYNOPSIS
*
***/
SilcUInt32 silc_cipher_get_iv_len(SilcCipher cipher);
-/****f* silccrypt/SilcCipherAPI/silc_cipher_get_name
+/****f* silccrypt/silc_cipher_get_name
*
* SYNOPSIS
*
***/
const char *silc_cipher_get_name(SilcCipher cipher);
-/****f* silccrypt/SilcCipherAPI/silc_cipher_get_alg_name
+/****f* silccrypt/silc_cipher_get_alg_name
*
* SYNOPSIS
*
***/
const char *silc_cipher_get_alg_name(SilcCipher cipher);
-/****f* silccrypt/SilcCipherAPI/silc_cipher_get_mode
+/****f* silccrypt/silc_cipher_get_mode
*
* SYNOPSIS
*
Author: Pekka Riikonen <priikone@silcnet.org>
- Copyright (C) 1997 - 2007 Pekka Riikonen
+ Copyright (C) 1997 - 2008 Pekka Riikonen
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
*
***/
-/****s* silccrypt/SilcHashAPI/SilcHash
+/****s* silccrypt/SilcHash
*
* NAME
*
***/
typedef struct SilcHashStruct *SilcHash;
-/****s* silccrypt/SilcHashAPI/SilcHashObject
+/****d* silccrypt/Hashes
*
* NAME
*
- * typedef struct { ... } SilcHashObject;
+ * Hash functions
*
* DESCRIPTION
*
- * This structure represents one hash function. The hash function's
- * name, digest length and block length are defined in the structure.
- * This structure is then given as argument to the silc_hash_register.
- * That function is used to register all hash functions into SILC.
- * They can be then allocated by the name found in this structure by
- * calling the silc_hash_alloc.
+ * Supported hash function names. These names can be given as argument
+ * to silc_hash_alloc.
*
- ***/
+ * SOURCE
+ */
+#define SILC_HASH_SHA256 "sha256" /* SHA-256 */
+#define SILC_HASH_SHA512 "sha512" /* SHA-512 */
+#define SILC_HASH_SHA1 "sha1" /* SHA-1 */
+#define SILC_HASH_MD5 "md5" /* MD5 */
+/***/
+
+/* Hash implementation object */
typedef struct {
char *name;
char *oid;
/* Default hash functions for silc_hash_register_default(). */
extern DLLAPI const SilcHashObject silc_default_hash[];
-/* Default HASH function in the SILC protocol */
-#define SILC_DEFAULT_HASH "sha1"
+/* Max hash length */
#define SILC_HASH_MAXLEN 64
/* Macros */
/* Following macros are used to implement the SILC Hash API. These
macros should be used instead of declaring functions by hand. */
-/* Function names in SILC Hash modules. The name of the hash function
- is appended into these names and used to the get correct symbol out
- of the module. All SILC Hash API compliant modules has to support
- these names as function names (use macros below to assure this). */
-#define SILC_HASH_SIM_INIT "init"
-#define SILC_HASH_SIM_UPDATE "update"
-#define SILC_HASH_SIM_FINAL "final"
-#define SILC_HASH_SIM_TRANSFORM "transform"
-#define SILC_HASH_SIM_CONTEXT_LEN "context_len"
-
/* Macros that can be used to declare SILC Hash API functions. */
#define SILC_HASH_API_INIT(hash) \
void silc_##hash##_init(void *context)
/* Prototypes */
-/****f* silccrypt/SilcHashAPI/silc_hash_register
+/****f* silccrypt/silc_hash_register
*
* SYNOPSIS
*
*
* DESCRIPTION
*
- * Registers a new hash function into the SILC. This function is used
- * at the initialization of the SILC. All registered hash functions
- * should be unregistered with silc_hash_unregister. The `hash' includes
- * the name of the hash function, digest length and block length. Usually
- * this function is not called directly. Instead, application can call
- * the silc_hash_register_default to register all default hash functions
- * that are builtin the sources. Returns FALSE on error.
+ * Registers a new hash function into the SILC. This function can be
+ * used at the initialization. All registered hash functions should be
+ * unregistered with silc_hash_unregister. Returns FALSE on error.
+ * Usually this function is not needed. The default hash functions are
+ * automatically registered. This can be used to change the order of
+ * the registered hash functions by re-registering them in desired order,
+ * or add new hash functions.
*
***/
SilcBool silc_hash_register(const SilcHashObject *hash);
-/****f* silccrypt/SilcHashAPI/silc_hash_unregister
+/****f* silccrypt/silc_hash_unregister
*
* SYNOPSIS
*
* DESCRIPTION
*
* Unregister a hash function from SILC by the SilcHashObject `hash'.
- * This should be called for all registered hash functions. Returns
- * FALSE on error.
+ * This should be called for all hash functions registered with
+ * silc_hash_register. Returns FALSE on error.
*
***/
SilcBool silc_hash_unregister(SilcHashObject *hash);
-/****f* silccrypt/SilcHashAPI/silc_hash_register_default
+/****f* silccrypt/silc_hash_register_default
*
* SYNOPSIS
*
*
* DESCRIPTION
*
- * Registers all default hash functions into the SILC. These are the
- * hash functions that are builtin in the sources. See the list of
- * default hash functions in the silchash.c source file. The application
- * may use this to register default hash functions if specific hash
- * function in any specific order is not wanted (application's
- * configuration usually may decide the order of the registration, in
- * which case this function should not be used).
+ * Registers all default hash functions into the SILC. Application
+ * need not call this directly. By calling silc_crypto_init this function
+ * is called.
*
***/
SilcBool silc_hash_register_default(void);
-/****f* silccrypt/SilcHashAPI/silc_hash_unregister_all
+/****f* silccrypt/silc_hash_unregister_all
*
* SYNOPSIS
*
*
* DESCRIPTION
*
- * Unregisters all registered hash functions.
+ * Unregisters all registered hash functions. Application need not
+ * call this directly. By calling silc_crypto_uninit this function is
+ * called.
*
***/
SilcBool silc_hash_unregister_all(void);
-/****f* silccrypt/SilcHashAPI/silc_hash_alloc
+/****f* silccrypt/silc_hash_alloc
*
* SYNOPSIS
*
***/
SilcBool silc_hash_alloc(const char *name, SilcHash *new_hash);
-/****f* silccrypt/SilcHashAPI/silc_hash_alloc_by_oid
+/****f* silccrypt/silc_hash_alloc_by_oid
*
* SYNOPSIS
*
***/
SilcBool silc_hash_alloc_by_oid(const char *oid, SilcHash *new_hash);
-/****f* silccrypt/SilcHashAPI/silc_hash_free
+/****f* silccrypt/silc_hash_free
*
* SYNOPSIS
*
***/
void silc_hash_free(SilcHash hash);
-/****f* silccrypt/SilcHashAPI/silc_hash_is_supported
+/****f* silccrypt/silc_hash_is_supported
*
* SYNOPSIS
*
***/
SilcBool silc_hash_is_supported(const char *name);
-/****f* silccrypt/SilcHashAPI/silc_hash_get_supported
+/****f* silccrypt/silc_hash_get_supported
*
* SYNOPSIS
*
***/
char *silc_hash_get_supported(void);
-/****f* silccrypt/SilcHashAPI/silc_hash_len
+/****f* silccrypt/silc_hash_len
*
* SYNOPSIS
*
***/
SilcUInt32 silc_hash_len(SilcHash hash);
-/****f* silccrypt/SilcHashAPI/silc_hash_block_len
+/****f* silccrypt/silc_hash_block_len
*
* SYNOPSIS
*
***/
SilcUInt32 silc_hash_block_len(SilcHash hash);
-/****f* silccrypt/SilcHashAPI/silc_hash_get_name
+/****f* silccrypt/silc_hash_get_name
*
* SYNOPSIS
*
***/
const char *silc_hash_get_name(SilcHash hash);
-/****f* silccrypt/SilcHashAPI/silc_hash_get_oid
+/****f* silccrypt/silc_hash_get_oid
*
* SYNOPSIS
*
***/
const char *silc_hash_get_oid(SilcHash hash);
-/****f* silccrypt/SilcHashAPI/silc_hash_make
+/****f* silccrypt/silc_hash_make
*
* SYNOPSIS
*
void silc_hash_make(SilcHash hash, const unsigned char *data,
SilcUInt32 len, unsigned char *return_hash);
-/****f* silccrypt/SilcHashAPI/silc_hash_init
+/****f* silccrypt/silc_hash_init
*
* SYNOPSIS
*
***/
void silc_hash_init(SilcHash hash);
-/****f* silccrypt/SilcHashAPI/silc_hash_update
+/****f* silccrypt/silc_hash_update
*
* SYNOPSIS
*
void silc_hash_update(SilcHash hash, const unsigned char *data,
SilcUInt32 data_len);
-/****f* silccrypt/SilcHashAPI/silc_hash_final
+/****f* silccrypt/silc_hash_final
*
* SYNOPSIS
*
***/
void silc_hash_final(SilcHash hash, unsigned char *return_hash);
-/****f* silccrypt/SilcHashAPI/silc_hash_transform
+/****f* silccrypt/silc_hash_transform
*
* SYNOPSIS
*
void silc_hash_transform(SilcHash hash, void *state,
const unsigned char *data);
-/****f* silccrypt/SilcHashAPI/silc_hash_fingerprint
+/****f* silccrypt/silc_hash_fingerprint
*
* SYNOPSIS
*
char *silc_hash_fingerprint(SilcHash hash, const unsigned char *data,
SilcUInt32 data_len);
-/****f* silccrypt/SilcHashAPI/silc_hash_babbleprint
+/****f* silccrypt/silc_hash_babbleprint
*
* SYNOPSIS
*
projects / crypto.git / commitdiff