Shawn Willden | 128ffe0 | 2014-08-06 12:31:33 -0600 | [diff] [blame] | 1 | /* --------------------------------------------------------------------------- |
| 2 | * |
| 3 | * AEAD API 0.12 - 23-MAY-2012 |
| 4 | * |
| 5 | * This file gives an interface appropriate for many authenticated |
| 6 | * encryption with associated data (AEAD) implementations. It does not try |
| 7 | * to accommodate all possible options or limitations that an implementation |
| 8 | * might have -- you should consult the documentation of your chosen |
| 9 | * implementation to find things like RFC 5116 constants, alignment |
| 10 | * requirements, whether the incremental interface is supported, etc. |
| 11 | * |
| 12 | * This file is in the public domain. It is provided "as is", without |
| 13 | * warranty of any kind. Use at your own risk. |
| 14 | * |
| 15 | * Comments are welcome: Ted Krovetz <ted@krovetz>. |
| 16 | * |
| 17 | * ------------------------------------------------------------------------ */ |
| 18 | |
| 19 | #ifndef _AE_H_ |
| 20 | #define _AE_H_ |
| 21 | |
| 22 | #ifdef __cplusplus |
| 23 | extern "C" { |
| 24 | #endif |
| 25 | |
| 26 | /* -------------------------------------------------------------------------- |
| 27 | * |
| 28 | * Constants |
| 29 | * |
| 30 | * ----------------------------------------------------------------------- */ |
| 31 | |
| 32 | /* Return status codes: Negative return values indicate an error occurred. |
| 33 | * For full explanations of error values, consult the implementation's |
| 34 | * documentation. */ |
| 35 | #define AE_SUCCESS (0) /* Indicates successful completion of call */ |
| 36 | #define AE_INVALID (-1) /* Indicates bad tag during decryption */ |
| 37 | #define AE_NOT_SUPPORTED (-2) /* Indicates unsupported option requested */ |
| 38 | |
| 39 | /* Flags: When data can be processed "incrementally", these flags are used |
| 40 | * to indicate whether the submitted data is the last or not. */ |
| 41 | #define AE_FINALIZE (1) /* This is the last of data */ |
| 42 | #define AE_PENDING (0) /* More data of is coming */ |
| 43 | |
| 44 | /* -------------------------------------------------------------------------- |
| 45 | * |
| 46 | * AEAD opaque structure definition |
| 47 | * |
| 48 | * ----------------------------------------------------------------------- */ |
| 49 | |
| 50 | typedef struct _ae_ctx ae_ctx; |
| 51 | |
| 52 | /* -------------------------------------------------------------------------- |
| 53 | * |
| 54 | * Data Structure Routines |
| 55 | * |
| 56 | * ----------------------------------------------------------------------- */ |
| 57 | |
| 58 | ae_ctx* ae_allocate(void* misc); /* Allocate ae_ctx, set optional ptr */ |
| 59 | void ae_free(ae_ctx* ctx); /* Deallocate ae_ctx struct */ |
| 60 | int ae_clear(ae_ctx* ctx); /* Undo initialization */ |
| 61 | int ae_ctx_sizeof(void); /* Return sizeof(ae_ctx) */ |
| 62 | /* ae_allocate() allocates an ae_ctx structure, but does not initialize it. |
| 63 | * ae_free() deallocates an ae_ctx structure, but does not zero it. |
| 64 | * ae_clear() zeroes sensitive values associated with an ae_ctx structure |
| 65 | * and deallocates any auxiliary structures allocated during ae_init(). |
| 66 | * ae_ctx_sizeof() returns sizeof(ae_ctx), to aid in any static allocations. |
| 67 | */ |
| 68 | |
| 69 | /* -------------------------------------------------------------------------- |
| 70 | * |
| 71 | * AEAD Routines |
| 72 | * |
| 73 | * ----------------------------------------------------------------------- */ |
| 74 | |
| 75 | int ae_init(ae_ctx* ctx, const void* key, int key_len, int nonce_len, int tag_len); |
| 76 | /* -------------------------------------------------------------------------- |
| 77 | * |
| 78 | * Initialize an ae_ctx context structure. |
| 79 | * |
| 80 | * Parameters: |
| 81 | * ctx - Pointer to an ae_ctx structure to be initialized |
| 82 | * key - Pointer to user-supplied key |
| 83 | * key_len - Length of key supplied, in bytes |
| 84 | * nonce_len - Length of nonces to be used for this key, in bytes |
| 85 | * tag_len - Length of tags to be produced for this key, in bytes |
| 86 | * |
| 87 | * Returns: |
| 88 | * AE_SUCCESS - Success. Ctx ready for use. |
| 89 | * AE_NOT_SUPPORTED - An unsupported length was supplied. Ctx is untouched. |
| 90 | * Otherwise - Error. Check implementation documentation for codes. |
| 91 | * |
| 92 | * ----------------------------------------------------------------------- */ |
| 93 | |
| 94 | int ae_encrypt(ae_ctx* ctx, const void* nonce, const void* pt, int pt_len, const void* ad, |
| 95 | int ad_len, void* ct, void* tag, int final); |
| 96 | /* -------------------------------------------------------------------------- |
| 97 | * |
| 98 | * Encrypt plaintext; provide for authentication of ciphertext/associated data. |
| 99 | * |
| 100 | * Parameters: |
| 101 | * ctx - Pointer to an ae_ctx structure initialized by ae_init. |
| 102 | * nonce - Pointer to a nonce_len (defined in ae_init) byte nonce. |
| 103 | * pt - Pointer to plaintext bytes to be encrypted. |
| 104 | * pt_len - number of bytes pointed to by pt. |
| 105 | * ad - Pointer to associated data. |
| 106 | * ad_len - number of bytes pointed to by ad. |
| 107 | * ct - Pointer to buffer to receive ciphertext encryption. |
| 108 | * tag - Pointer to receive authentication tag; or NULL |
| 109 | * if tag is to be bundled into the ciphertext. |
| 110 | * final - Non-zero if this call completes the plaintext being encrypted. |
| 111 | * |
| 112 | * If nonce!=NULL then a message is being initiated. If final!=0 |
| 113 | * then a message is being finalized. If final==0 or nonce==NULL |
| 114 | * then the incremental interface is being used. If nonce!=NULL and |
| 115 | * ad_len<0, then use same ad as last message. |
| 116 | * |
| 117 | * Returns: |
| 118 | * non-negative - Number of bytes written to ct. |
| 119 | * AE_NOT_SUPPORTED - Usage mode unsupported (eg, incremental and/or sticky). |
| 120 | * Otherwise - Error. Check implementation documentation for codes. |
| 121 | * |
| 122 | * ----------------------------------------------------------------------- */ |
| 123 | |
| 124 | int ae_decrypt(ae_ctx* ctx, const void* nonce, const void* ct, int ct_len, const void* ad, |
| 125 | int ad_len, void* pt, const void* tag, int final); |
| 126 | /* -------------------------------------------------------------------------- |
| 127 | * |
| 128 | * Decrypt ciphertext; provide authenticity of plaintext and associated data. |
| 129 | * |
| 130 | * Parameters: |
| 131 | * ctx - Pointer to an ae_ctx structure initialized by ae_init. |
| 132 | * nonce - Pointer to a nonce_len (defined in ae_init) byte nonce. |
| 133 | * ct - Pointer to ciphertext bytes to be decrypted. |
| 134 | * ct_len - number of bytes pointed to by ct. |
| 135 | * ad - Pointer to associated data. |
| 136 | * ad_len - number of bytes pointed to by ad. |
| 137 | * pt - Pointer to buffer to receive plaintext decryption. |
| 138 | * tag - Pointer to tag_len (defined in ae_init) bytes; or NULL |
| 139 | * if tag is bundled into the ciphertext. Non-NULL tag is only |
| 140 | * read when final is non-zero. |
| 141 | * final - Non-zero if this call completes the ciphertext being decrypted. |
| 142 | * |
| 143 | * If nonce!=NULL then "ct" points to the start of a ciphertext. If final!=0 |
| 144 | * then "in" points to the final piece of ciphertext. If final==0 or nonce== |
| 145 | * NULL then the incremental interface is being used. If nonce!=NULL and |
| 146 | * ad_len<0, then use same ad as last message. |
| 147 | * |
| 148 | * Returns: |
| 149 | * non-negative - Number of bytes written to pt. |
| 150 | * AE_INVALID - Authentication failure. |
| 151 | * AE_NOT_SUPPORTED - Usage mode unsupported (eg, incremental and/or sticky). |
| 152 | * Otherwise - Error. Check implementation documentation for codes. |
| 153 | * |
| 154 | * NOTE !!! NOTE !!! -- The ciphertext should be assumed possibly inauthentic |
| 155 | * until it has been completely written and it is |
| 156 | * verified that this routine did not return AE_INVALID. |
| 157 | * |
| 158 | * ----------------------------------------------------------------------- */ |
| 159 | |
| 160 | #ifdef __cplusplus |
| 161 | } /* closing brace for extern "C" */ |
| 162 | #endif |
| 163 | |
| 164 | #endif /* _AE_H_ */ |