Author: Pekka Riikonen <priikone@silcnet.org>
- Copyright (C) 1997 - 2006 Pekka Riikonen
+ Copyright (C) 1997 - 2007 Pekka Riikonen
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
typedef struct {
char *name;
SilcBool (*set_key)(void *, const unsigned char *, SilcUInt32, SilcBool);
+ void (*set_iv)(void *, const unsigned char *);
SilcBool (*encrypt)(void *, const unsigned char *, unsigned char *,
SilcUInt32, unsigned char *);
SilcBool (*decrypt)(void *, const unsigned char *, unsigned char *,
SilcUInt32, unsigned char *);
SilcUInt32 (*context_len)();
- unsigned int key_len : 12;
- unsigned int block_len : 10;
- unsigned int iv_len : 10;
+ unsigned int key_len : 10;
+ unsigned int block_len : 8;
+ unsigned int iv_len : 8;
+ unsigned int mode : 6;
} SilcCipherObject;
#define SILC_CIPHER_MAX_IV_SIZE 16
#define SILC_CIPHER_SIM_ENCRYPT "encrypt"
#define SILC_CIPHER_SIM_DECRYPT "decrypt"
#define SILC_CIPHER_SIM_CONTEXT_LEN "context_len"
-#define SILC_CIPHER_SIM_SET_IV "set_iv"
/* These macros can be used to implement the SILC Crypto API and to avoid
errors in the API these macros should be used always. */
#define SILC_CIPHER_API_SET_KEY(cipher) \
-SilcBool silc_##cipher##_set_key(void *context, \
+SilcBool silc_##cipher##_set_key(void *context, \
const unsigned char *key, \
SilcUInt32 keylen, \
SilcBool encryption)
-#define SILC_CIPHER_API_ENCRYPT(cipher) \
-SilcBool silc_##cipher##_encrypt(void *context, \
+#define SILC_CIPHER_API_SET_IV(cipher) \
+void silc_##cipher##_set_iv(void *context, \
+ const unsigned char *iv)
+#define SILC_CIPHER_API_ENCRYPT(cipher) \
+SilcBool silc_##cipher##_encrypt(void *context, \
const unsigned char *src, \
unsigned char *dst, \
SilcUInt32 len, \
unsigned char *iv)
#define SILC_CIPHER_API_DECRYPT(cipher) \
-SilcBool silc_##cipher##_decrypt(void *context, \
+SilcBool silc_##cipher##_decrypt(void *context, \
const unsigned char *src, \
unsigned char *dst, \
SilcUInt32 len, \
unsigned char *iv)
#define SILC_CIPHER_API_CONTEXT_LEN(cipher) \
SilcUInt32 silc_##cipher##_context_len()
-#define SILC_CIPHER_API_SET_IV(cipher) \
-SilcBool silc_##cipher##_set_iv(void *context, const unsigned char *iv)
+
+/****d* silccrypt/SilcCipherAPI/SilcCipherMode
+ *
+ * NAME
+ *
+ * typedef enum { ... } SilcCipherMode;
+ *
+ * DESCRIPTION
+ *
+ * Cipher modes.
+ *
+ * SOURCE
+ */
+typedef enum {
+ SILC_CIPHER_MODE_ECB = 1, /* ECB mode */
+ SILC_CIPHER_MODE_CBC = 2, /* CBC mode */
+ SILC_CIPHER_MODE_CTR = 3, /* CTR mode */
+ SILC_CIPHER_MODE_CFB = 4, /* CFB mode */
+ SILC_CIPHER_MODE_OFB = 5, /* OFB mode */
+} SilcCipherMode;
+/***/
/* Prototypes */
* SYNOPSIS
*
* SilcBool silc_cipher_alloc(const unsigned char *name,
- * SilcCipher *new_cipher);
+ * SilcCipher *new_cipher);
*
* DESCRIPTION
*
* caller must set the key to the cipher after this function has returned
* by calling the ciphers set_key function.
*
+ * The following ciphers are supported:
+ *
+ * aes-256-ctr AES-256, Counter mode
+ * aes-192-ctr AES-192, Counter mode
+ * aes-128-ctr AES,128, Counter mode
+ * aes-256-cbc AES-256, Cipher block chaining mode
+ * aes-192-cbc AES-192, Cipher block chaining mode
+ * aes-128-cbc AES,128, Cipher block chaining mode
+ * twofish-256-cbc Twofish-256, Cipher block chaining mode
+ * twofish-192-cbc Twofish-192, Cipher block chaining mode
+ * twofish-128-cbc Twofish-128, Cipher block chaining mode
+ *
+ * Notes about modes:
+ *
+ * The CTR is normal counter mode. The CTR mode does not require the
+ * plaintext length to be multiple by the cipher block size. If the last
+ * plaintext block is shorter the remaining bits of the key stream are
+ * used next time silc_cipher_encrypt is called. If silc_cipher_set_iv
+ * is called it will reset the counter for a new block (discarding any
+ * remaining bits from previous key stream).
+ *
+ * The CBC is mode is a standard CBC mode. The plaintext length must be
+ * multiple by the cipher block size. If it isn't the plaintext must be
+ * padded.
+ *
***/
SilcBool silc_cipher_alloc(const unsigned char *name, SilcCipher *new_cipher);
* DESCRIPTION
*
* Sets the IV (initial vector) for the cipher. The `iv' must be
- * the size of the block size of the cipher.
+ * the size of the block size of the cipher. If `iv' is NULL this
+ * does not do anything.
+ *
+ * If the encryption mode is CTR (Counter mode) this also resets the
+ * the counter for a new block. This is done also if `iv' is NULL.
*
***/
void silc_cipher_set_iv(SilcCipher cipher, const unsigned char *iv);
* DESCRIPTION
*
* Returns the IV (initial vector) of the cipher. The returned
- * pointer must not be freed by the caller.
+ * pointer must not be freed by the caller. If the caller modifies
+ * the returned pointer the IV inside cipher is also modified.
*
***/
unsigned char *silc_cipher_get_iv(SilcCipher cipher);
***/
const char *silc_cipher_get_name(SilcCipher cipher);
+/****f* silccrypt/SilcCipherAPI/silc_cipher_get_mode
+ *
+ * SYNOPSIS
+ *
+ * SilcCipherMode silc_cipher_get_mode(SilcCipher cipher);
+ *
+ * DESCRIPTION
+ *
+ * Returns the cipher mode.
+ *
+ ***/
+SilcCipherMode silc_cipher_get_mode(SilcCipher cipher);
+
#endif /* SILCCIPHER_H */
projects / silc.git / blobdiff