Line data Source code
1 : /* gcrypt.h - GNU Cryptographic Library Interface -*- c -*-
2 : * Copyright (C) 1998-2016 Free Software Foundation, Inc.
3 : * Copyright (C) 2012-2016 g10 Code GmbH
4 : *
5 : * This file is part of Libgcrypt.
6 : *
7 : * Libgcrypt is free software; you can redistribute it and/or modify
8 : * it under the terms of the GNU Lesser General Public License as
9 : * published by the Free Software Foundation; either version 2.1 of
10 : * the License, or (at your option) any later version.
11 : *
12 : * Libgcrypt is distributed in the hope that it will be useful,
13 : * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 : * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 : * GNU Lesser General Public License for more details.
16 : *
17 : * You should have received a copy of the GNU Lesser General Public
18 : * License along with this program; if not, see <http://www.gnu.org/licenses/>.
19 : *
20 : * File: src/gcrypt.h. Generated from gcrypt.h.in by configure.
21 : */
22 :
23 : #ifndef _GCRYPT_H
24 : #define _GCRYPT_H
25 :
26 : #include <stdlib.h>
27 : #include <stdarg.h>
28 : #include <string.h>
29 :
30 : #include <gpg-error.h>
31 :
32 : #include <sys/types.h>
33 :
34 : #if defined _WIN32 || defined __WIN32__
35 : # include <winsock2.h>
36 : # include <ws2tcpip.h>
37 : # include <time.h>
38 : # ifndef __GNUC__
39 : typedef long ssize_t;
40 : typedef int pid_t;
41 : # endif /*!__GNUC__*/
42 : #else
43 : # include <sys/socket.h>
44 : # include <sys/time.h>
45 : # include <sys/select.h>
46 : #endif /*!_WIN32*/
47 :
48 : typedef socklen_t gcry_socklen_t;
49 :
50 : /* This is required for error code compatibility. */
51 : #define _GCRY_ERR_SOURCE_DEFAULT GPG_ERR_SOURCE_GCRYPT
52 :
53 : #ifdef __cplusplus
54 : extern "C" {
55 : #if 0 /* (Keep Emacsens' auto-indent happy.) */
56 : }
57 : #endif
58 : #endif
59 :
60 : /* The version of this header should match the one of the library. It
61 : should not be used by a program because gcry_check_version() should
62 : return the same version. The purpose of this macro is to let
63 : autoconf (using the AM_PATH_GCRYPT macro) check that this header
64 : matches the installed library. */
65 : #define GCRYPT_VERSION "1.7.4"
66 :
67 : /* The version number of this header. It may be used to handle minor
68 : API incompatibilities. */
69 : #define GCRYPT_VERSION_NUMBER 0x010704
70 :
71 :
72 : /* Internal: We can't use the convenience macros for the multi
73 : precision integer functions when building this library. */
74 : #ifdef _GCRYPT_IN_LIBGCRYPT
75 : #ifndef GCRYPT_NO_MPI_MACROS
76 : #define GCRYPT_NO_MPI_MACROS 1
77 : #endif
78 : #endif
79 :
80 : /* We want to use gcc attributes when possible. Warning: Don't use
81 : these macros in your programs: As indicated by the leading
82 : underscore they are subject to change without notice. */
83 : #ifdef __GNUC__
84 :
85 : #define _GCRY_GCC_VERSION (__GNUC__ * 10000 \
86 : + __GNUC_MINOR__ * 100 \
87 : + __GNUC_PATCHLEVEL__)
88 :
89 : #if _GCRY_GCC_VERSION >= 30100
90 : #define _GCRY_GCC_ATTR_DEPRECATED __attribute__ ((__deprecated__))
91 : #endif
92 :
93 : #if _GCRY_GCC_VERSION >= 29600
94 : #define _GCRY_GCC_ATTR_PURE __attribute__ ((__pure__))
95 : #endif
96 :
97 : #if _GCRY_GCC_VERSION >= 30200
98 : #define _GCRY_GCC_ATTR_MALLOC __attribute__ ((__malloc__))
99 : #endif
100 :
101 : #define _GCRY_GCC_ATTR_PRINTF(f,a) __attribute__ ((format (printf,f,a)))
102 :
103 : #if _GCRY_GCC_VERSION >= 40000
104 : #define _GCRY_GCC_ATTR_SENTINEL(a) __attribute__ ((sentinel(a)))
105 : #endif
106 :
107 : #endif /*__GNUC__*/
108 :
109 : #ifndef _GCRY_GCC_ATTR_DEPRECATED
110 : #define _GCRY_GCC_ATTR_DEPRECATED
111 : #endif
112 : #ifndef _GCRY_GCC_ATTR_PURE
113 : #define _GCRY_GCC_ATTR_PURE
114 : #endif
115 : #ifndef _GCRY_GCC_ATTR_MALLOC
116 : #define _GCRY_GCC_ATTR_MALLOC
117 : #endif
118 : #ifndef _GCRY_GCC_ATTR_PRINTF
119 : #define _GCRY_GCC_ATTR_PRINTF(f,a)
120 : #endif
121 : #ifndef _GCRY_GCC_ATTR_SENTINEL
122 : #define _GCRY_GCC_ATTR_SENTINEL(a)
123 : #endif
124 :
125 : /* Make up an attribute to mark functions and types as deprecated but
126 : allow internal use by Libgcrypt. */
127 : #ifdef _GCRYPT_IN_LIBGCRYPT
128 : #define _GCRY_ATTR_INTERNAL
129 : #else
130 : #define _GCRY_ATTR_INTERNAL _GCRY_GCC_ATTR_DEPRECATED
131 : #endif
132 :
133 : /* Wrappers for the libgpg-error library. */
134 :
135 : typedef gpg_error_t gcry_error_t;
136 : typedef gpg_err_code_t gcry_err_code_t;
137 : typedef gpg_err_source_t gcry_err_source_t;
138 :
139 : static GPG_ERR_INLINE gcry_error_t
140 163154 : gcry_err_make (gcry_err_source_t source, gcry_err_code_t code)
141 : {
142 163154 : return gpg_err_make (source, code);
143 : }
144 :
145 : /* The user can define GPG_ERR_SOURCE_DEFAULT before including this
146 : file to specify a default source for gpg_error. */
147 : #ifndef GCRY_ERR_SOURCE_DEFAULT
148 : #define GCRY_ERR_SOURCE_DEFAULT GPG_ERR_SOURCE_USER_1
149 : #endif
150 :
151 : static GPG_ERR_INLINE gcry_error_t
152 163154 : gcry_error (gcry_err_code_t code)
153 : {
154 163154 : return gcry_err_make (GCRY_ERR_SOURCE_DEFAULT, code);
155 : }
156 :
157 : static GPG_ERR_INLINE gcry_err_code_t
158 628 : gcry_err_code (gcry_error_t err)
159 : {
160 628 : return gpg_err_code (err);
161 : }
162 :
163 :
164 : static GPG_ERR_INLINE gcry_err_source_t
165 : gcry_err_source (gcry_error_t err)
166 : {
167 : return gpg_err_source (err);
168 : }
169 :
170 : /* Return a pointer to a string containing a description of the error
171 : code in the error value ERR. */
172 : const char *gcry_strerror (gcry_error_t err);
173 :
174 : /* Return a pointer to a string containing a description of the error
175 : source in the error value ERR. */
176 : const char *gcry_strsource (gcry_error_t err);
177 :
178 : /* Retrieve the error code for the system error ERR. This returns
179 : GPG_ERR_UNKNOWN_ERRNO if the system error is not mapped (report
180 : this). */
181 : gcry_err_code_t gcry_err_code_from_errno (int err);
182 :
183 : /* Retrieve the system error for the error code CODE. This returns 0
184 : if CODE is not a system error code. */
185 : int gcry_err_code_to_errno (gcry_err_code_t code);
186 :
187 : /* Return an error value with the error source SOURCE and the system
188 : error ERR. */
189 : gcry_error_t gcry_err_make_from_errno (gcry_err_source_t source, int err);
190 :
191 : /* Return an error value with the system error ERR. */
192 : gcry_err_code_t gcry_error_from_errno (int err);
193 :
194 : �
195 : /* NOTE: Since Libgcrypt 1.6 the thread callbacks are not anymore
196 : used. However we keep it to allow for some source code
197 : compatibility if used in the standard way. */
198 :
199 : /* Constants defining the thread model to use. Used with the OPTION
200 : field of the struct gcry_thread_cbs. */
201 : #define GCRY_THREAD_OPTION_DEFAULT 0
202 : #define GCRY_THREAD_OPTION_USER 1
203 : #define GCRY_THREAD_OPTION_PTH 2
204 : #define GCRY_THREAD_OPTION_PTHREAD 3
205 :
206 : /* The version number encoded in the OPTION field of the struct
207 : gcry_thread_cbs. */
208 : #define GCRY_THREAD_OPTION_VERSION 1
209 :
210 : /* Wrapper for struct ath_ops. */
211 : struct gcry_thread_cbs
212 : {
213 : /* The OPTION field encodes the thread model and the version number
214 : of this structure.
215 : Bits 7 - 0 are used for the thread model
216 : Bits 15 - 8 are used for the version number. */
217 : unsigned int option;
218 : } _GCRY_ATTR_INTERNAL;
219 :
220 : #define GCRY_THREAD_OPTION_PTH_IMPL \
221 : static struct gcry_thread_cbs gcry_threads_pth = { \
222 : (GCRY_THREAD_OPTION_PTH | (GCRY_THREAD_OPTION_VERSION << 8))}
223 :
224 : #define GCRY_THREAD_OPTION_PTHREAD_IMPL \
225 : static struct gcry_thread_cbs gcry_threads_pthread = { \
226 : (GCRY_THREAD_OPTION_PTHREAD | (GCRY_THREAD_OPTION_VERSION << 8))}
227 :
228 :
229 : �
230 : /* A generic context object as used by some functions. */
231 : struct gcry_context;
232 : typedef struct gcry_context *gcry_ctx_t;
233 :
234 : /* The data objects used to hold multi precision integers. */
235 : struct gcry_mpi;
236 : typedef struct gcry_mpi *gcry_mpi_t;
237 : struct gcry_mpi_point;
238 : typedef struct gcry_mpi_point *gcry_mpi_point_t;
239 :
240 : #ifndef GCRYPT_NO_DEPRECATED
241 : typedef struct gcry_mpi *GCRY_MPI _GCRY_GCC_ATTR_DEPRECATED;
242 : typedef struct gcry_mpi *GcryMPI _GCRY_GCC_ATTR_DEPRECATED;
243 : #endif
244 :
245 : /* A structure used for scatter gather hashing. */
246 : typedef struct
247 : {
248 : size_t size; /* The allocated size of the buffer or 0. */
249 : size_t off; /* Offset into the buffer. */
250 : size_t len; /* The used length of the buffer. */
251 : void *data; /* The buffer. */
252 : } gcry_buffer_t;
253 :
254 :
255 : �
256 :
257 : /* Check that the library fulfills the version requirement. */
258 : const char *gcry_check_version (const char *req_version);
259 :
260 : /* Codes for function dispatchers. */
261 :
262 : /* Codes used with the gcry_control function. */
263 : enum gcry_ctl_cmds
264 : {
265 : /* Note: 1 .. 2 are not anymore used. */
266 : GCRYCTL_CFB_SYNC = 3,
267 : GCRYCTL_RESET = 4, /* e.g. for MDs */
268 : GCRYCTL_FINALIZE = 5,
269 : GCRYCTL_GET_KEYLEN = 6,
270 : GCRYCTL_GET_BLKLEN = 7,
271 : GCRYCTL_TEST_ALGO = 8,
272 : GCRYCTL_IS_SECURE = 9,
273 : GCRYCTL_GET_ASNOID = 10,
274 : GCRYCTL_ENABLE_ALGO = 11,
275 : GCRYCTL_DISABLE_ALGO = 12,
276 : GCRYCTL_DUMP_RANDOM_STATS = 13,
277 : GCRYCTL_DUMP_SECMEM_STATS = 14,
278 : GCRYCTL_GET_ALGO_NPKEY = 15,
279 : GCRYCTL_GET_ALGO_NSKEY = 16,
280 : GCRYCTL_GET_ALGO_NSIGN = 17,
281 : GCRYCTL_GET_ALGO_NENCR = 18,
282 : GCRYCTL_SET_VERBOSITY = 19,
283 : GCRYCTL_SET_DEBUG_FLAGS = 20,
284 : GCRYCTL_CLEAR_DEBUG_FLAGS = 21,
285 : GCRYCTL_USE_SECURE_RNDPOOL= 22,
286 : GCRYCTL_DUMP_MEMORY_STATS = 23,
287 : GCRYCTL_INIT_SECMEM = 24,
288 : GCRYCTL_TERM_SECMEM = 25,
289 : GCRYCTL_DISABLE_SECMEM_WARN = 27,
290 : GCRYCTL_SUSPEND_SECMEM_WARN = 28,
291 : GCRYCTL_RESUME_SECMEM_WARN = 29,
292 : GCRYCTL_DROP_PRIVS = 30,
293 : GCRYCTL_ENABLE_M_GUARD = 31,
294 : GCRYCTL_START_DUMP = 32,
295 : GCRYCTL_STOP_DUMP = 33,
296 : GCRYCTL_GET_ALGO_USAGE = 34,
297 : GCRYCTL_IS_ALGO_ENABLED = 35,
298 : GCRYCTL_DISABLE_INTERNAL_LOCKING = 36,
299 : GCRYCTL_DISABLE_SECMEM = 37,
300 : GCRYCTL_INITIALIZATION_FINISHED = 38,
301 : GCRYCTL_INITIALIZATION_FINISHED_P = 39,
302 : GCRYCTL_ANY_INITIALIZATION_P = 40,
303 : GCRYCTL_SET_CBC_CTS = 41,
304 : GCRYCTL_SET_CBC_MAC = 42,
305 : /* Note: 43 is not anymore used. */
306 : GCRYCTL_ENABLE_QUICK_RANDOM = 44,
307 : GCRYCTL_SET_RANDOM_SEED_FILE = 45,
308 : GCRYCTL_UPDATE_RANDOM_SEED_FILE = 46,
309 : GCRYCTL_SET_THREAD_CBS = 47,
310 : GCRYCTL_FAST_POLL = 48,
311 : GCRYCTL_SET_RANDOM_DAEMON_SOCKET = 49,
312 : GCRYCTL_USE_RANDOM_DAEMON = 50,
313 : GCRYCTL_FAKED_RANDOM_P = 51,
314 : GCRYCTL_SET_RNDEGD_SOCKET = 52,
315 : GCRYCTL_PRINT_CONFIG = 53,
316 : GCRYCTL_OPERATIONAL_P = 54,
317 : GCRYCTL_FIPS_MODE_P = 55,
318 : GCRYCTL_FORCE_FIPS_MODE = 56,
319 : GCRYCTL_SELFTEST = 57,
320 : /* Note: 58 .. 62 are used internally. */
321 : GCRYCTL_DISABLE_HWF = 63,
322 : GCRYCTL_SET_ENFORCED_FIPS_FLAG = 64,
323 : GCRYCTL_SET_PREFERRED_RNG_TYPE = 65,
324 : GCRYCTL_GET_CURRENT_RNG_TYPE = 66,
325 : GCRYCTL_DISABLE_LOCKED_SECMEM = 67,
326 : GCRYCTL_DISABLE_PRIV_DROP = 68,
327 : GCRYCTL_SET_CCM_LENGTHS = 69,
328 : GCRYCTL_CLOSE_RANDOM_DEVICE = 70,
329 : GCRYCTL_INACTIVATE_FIPS_FLAG = 71,
330 : GCRYCTL_REACTIVATE_FIPS_FLAG = 72,
331 : GCRYCTL_SET_SBOX = 73,
332 : GCRYCTL_DRBG_REINIT = 74,
333 : GCRYCTL_SET_TAGLEN = 75,
334 : GCRYCTL_GET_TAGLEN = 76
335 : };
336 :
337 : /* Perform various operations defined by CMD. */
338 : gcry_error_t gcry_control (enum gcry_ctl_cmds CMD, ...);
339 :
340 : �
341 : /* S-expression management. */
342 :
343 : /* The object to represent an S-expression as used with the public key
344 : functions. */
345 : struct gcry_sexp;
346 : typedef struct gcry_sexp *gcry_sexp_t;
347 :
348 : #ifndef GCRYPT_NO_DEPRECATED
349 : typedef struct gcry_sexp *GCRY_SEXP _GCRY_GCC_ATTR_DEPRECATED;
350 : typedef struct gcry_sexp *GcrySexp _GCRY_GCC_ATTR_DEPRECATED;
351 : #endif
352 :
353 : /* The possible values for the S-expression format. */
354 : enum gcry_sexp_format
355 : {
356 : GCRYSEXP_FMT_DEFAULT = 0,
357 : GCRYSEXP_FMT_CANON = 1,
358 : GCRYSEXP_FMT_BASE64 = 2,
359 : GCRYSEXP_FMT_ADVANCED = 3
360 : };
361 :
362 : /* Create an new S-expression object from BUFFER of size LENGTH and
363 : return it in RETSEXP. With AUTODETECT set to 0 the data in BUFFER
364 : is expected to be in canonized format. */
365 : gcry_error_t gcry_sexp_new (gcry_sexp_t *retsexp,
366 : const void *buffer, size_t length,
367 : int autodetect);
368 :
369 : /* Same as gcry_sexp_new but allows to pass a FREEFNC which has the
370 : effect to transfer ownership of BUFFER to the created object. */
371 : gcry_error_t gcry_sexp_create (gcry_sexp_t *retsexp,
372 : void *buffer, size_t length,
373 : int autodetect, void (*freefnc) (void *));
374 :
375 : /* Scan BUFFER and return a new S-expression object in RETSEXP. This
376 : function expects a printf like string in BUFFER. */
377 : gcry_error_t gcry_sexp_sscan (gcry_sexp_t *retsexp, size_t *erroff,
378 : const char *buffer, size_t length);
379 :
380 : /* Same as gcry_sexp_sscan but expects a string in FORMAT and can thus
381 : only be used for certain encodings. */
382 : gcry_error_t gcry_sexp_build (gcry_sexp_t *retsexp, size_t *erroff,
383 : const char *format, ...);
384 :
385 : /* Like gcry_sexp_build, but uses an array instead of variable
386 : function arguments. */
387 : gcry_error_t gcry_sexp_build_array (gcry_sexp_t *retsexp, size_t *erroff,
388 : const char *format, void **arg_list);
389 :
390 : /* Release the S-expression object SEXP */
391 : void gcry_sexp_release (gcry_sexp_t sexp);
392 :
393 : /* Calculate the length of an canonized S-expresion in BUFFER and
394 : check for a valid encoding. */
395 : size_t gcry_sexp_canon_len (const unsigned char *buffer, size_t length,
396 : size_t *erroff, gcry_error_t *errcode);
397 :
398 : /* Copies the S-expression object SEXP into BUFFER using the format
399 : specified in MODE. */
400 : size_t gcry_sexp_sprint (gcry_sexp_t sexp, int mode, void *buffer,
401 : size_t maxlength);
402 :
403 : /* Dumps the S-expression object A in a format suitable for debugging
404 : to Libgcrypt's logging stream. */
405 : void gcry_sexp_dump (const gcry_sexp_t a);
406 :
407 : gcry_sexp_t gcry_sexp_cons (const gcry_sexp_t a, const gcry_sexp_t b);
408 : gcry_sexp_t gcry_sexp_alist (const gcry_sexp_t *array);
409 : gcry_sexp_t gcry_sexp_vlist (const gcry_sexp_t a, ...);
410 : gcry_sexp_t gcry_sexp_append (const gcry_sexp_t a, const gcry_sexp_t n);
411 : gcry_sexp_t gcry_sexp_prepend (const gcry_sexp_t a, const gcry_sexp_t n);
412 :
413 : /* Scan the S-expression for a sublist with a type (the car of the
414 : list) matching the string TOKEN. If TOKLEN is not 0, the token is
415 : assumed to be raw memory of this length. The function returns a
416 : newly allocated S-expression consisting of the found sublist or
417 : `NULL' when not found. */
418 : gcry_sexp_t gcry_sexp_find_token (gcry_sexp_t list,
419 : const char *tok, size_t toklen);
420 : /* Return the length of the LIST. For a valid S-expression this
421 : should be at least 1. */
422 : int gcry_sexp_length (const gcry_sexp_t list);
423 :
424 : /* Create and return a new S-expression from the element with index
425 : NUMBER in LIST. Note that the first element has the index 0. If
426 : there is no such element, `NULL' is returned. */
427 : gcry_sexp_t gcry_sexp_nth (const gcry_sexp_t list, int number);
428 :
429 : /* Create and return a new S-expression from the first element in
430 : LIST; this called the "type" and should always exist and be a
431 : string. `NULL' is returned in case of a problem. */
432 : gcry_sexp_t gcry_sexp_car (const gcry_sexp_t list);
433 :
434 : /* Create and return a new list form all elements except for the first
435 : one. Note, that this function may return an invalid S-expression
436 : because it is not guaranteed, that the type exists and is a string.
437 : However, for parsing a complex S-expression it might be useful for
438 : intermediate lists. Returns `NULL' on error. */
439 : gcry_sexp_t gcry_sexp_cdr (const gcry_sexp_t list);
440 :
441 : gcry_sexp_t gcry_sexp_cadr (const gcry_sexp_t list);
442 :
443 :
444 : /* This function is used to get data from a LIST. A pointer to the
445 : actual data with index NUMBER is returned and the length of this
446 : data will be stored to DATALEN. If there is no data at the given
447 : index or the index represents another list, `NULL' is returned.
448 : *Note:* The returned pointer is valid as long as LIST is not
449 : modified or released. */
450 : const char *gcry_sexp_nth_data (const gcry_sexp_t list, int number,
451 : size_t *datalen);
452 :
453 : /* This function is used to get data from a LIST. A malloced buffer to the
454 : data with index NUMBER is returned and the length of this
455 : data will be stored to RLENGTH. If there is no data at the given
456 : index or the index represents another list, `NULL' is returned. */
457 : void *gcry_sexp_nth_buffer (const gcry_sexp_t list, int number,
458 : size_t *rlength);
459 :
460 : /* This function is used to get and convert data from a LIST. The
461 : data is assumed to be a Nul terminated string. The caller must
462 : release the returned value using `gcry_free'. If there is no data
463 : at the given index, the index represents a list or the value can't
464 : be converted to a string, `NULL' is returned. */
465 : char *gcry_sexp_nth_string (gcry_sexp_t list, int number);
466 :
467 : /* This function is used to get and convert data from a LIST. This
468 : data is assumed to be an MPI stored in the format described by
469 : MPIFMT and returned as a standard Libgcrypt MPI. The caller must
470 : release this returned value using `gcry_mpi_release'. If there is
471 : no data at the given index, the index represents a list or the
472 : value can't be converted to an MPI, `NULL' is returned. */
473 : gcry_mpi_t gcry_sexp_nth_mpi (gcry_sexp_t list, int number, int mpifmt);
474 :
475 : /* Extract MPIs from an s-expression using a list of parameters. The
476 : * names of these parameters are given by the string LIST. Some
477 : * special characters may be given to control the conversion:
478 : *
479 : * + :: Switch to unsigned integer format (default).
480 : * - :: Switch to standard signed format.
481 : * / :: Switch to opaque format.
482 : * & :: Switch to buffer descriptor mode - see below.
483 : * ? :: The previous parameter is optional.
484 : *
485 : * In general parameter names are single letters. To use a string for
486 : * a parameter name, enclose the name in single quotes.
487 : *
488 : * Unless in gcry_buffer_t mode for each parameter name a pointer to
489 : * an MPI variable is expected that must be set to NULL prior to
490 : * invoking this function, and finally a NULL is expected. Example:
491 : *
492 : * _gcry_sexp_extract_param (key, NULL, "n/x+ed",
493 : * &mpi_n, &mpi_x, &mpi_e, NULL)
494 : *
495 : * This stores the parameter "N" from KEY as an unsigned MPI into
496 : * MPI_N, the parameter "X" as an opaque MPI into MPI_X, and the
497 : * parameter "E" again as an unsigned MPI into MPI_E.
498 : *
499 : * If in buffer descriptor mode a pointer to gcry_buffer_t descriptor
500 : * is expected instead of a pointer to an MPI. The caller may use two
501 : * different operation modes: If the DATA field of the provided buffer
502 : * descriptor is NULL, the function allocates a new buffer and stores
503 : * it at DATA; the other fields are set accordingly with OFF being 0.
504 : * If DATA is not NULL, the function assumes that DATA, SIZE, and OFF
505 : * describe a buffer where to but the data; on return the LEN field
506 : * receives the number of bytes copied to that buffer; if the buffer
507 : * is too small, the function immediately returns with an error code
508 : * (and LEN set to 0).
509 : *
510 : * PATH is an optional string used to locate a token. The exclamation
511 : * mark separated tokens are used to via gcry_sexp_find_token to find
512 : * a start point inside SEXP.
513 : *
514 : * The function returns 0 on success. On error an error code is
515 : * returned, all passed MPIs that might have been allocated up to this
516 : * point are deallocated and set to NULL, and all passed buffers are
517 : * either truncated if the caller supplied the buffer, or deallocated
518 : * if the function allocated the buffer.
519 : */
520 : gpg_error_t gcry_sexp_extract_param (gcry_sexp_t sexp,
521 : const char *path,
522 : const char *list,
523 : ...) _GCRY_GCC_ATTR_SENTINEL(0);
524 :
525 : �
526 : /*******************************************
527 : * *
528 : * Multi Precision Integer Functions *
529 : * *
530 : *******************************************/
531 :
532 : /* Different formats of external big integer representation. */
533 : enum gcry_mpi_format
534 : {
535 : GCRYMPI_FMT_NONE= 0,
536 : GCRYMPI_FMT_STD = 1, /* Twos complement stored without length. */
537 : GCRYMPI_FMT_PGP = 2, /* As used by OpenPGP (unsigned only). */
538 : GCRYMPI_FMT_SSH = 3, /* As used by SSH (like STD but with length). */
539 : GCRYMPI_FMT_HEX = 4, /* Hex format. */
540 : GCRYMPI_FMT_USG = 5, /* Like STD but unsigned. */
541 : GCRYMPI_FMT_OPAQUE = 8 /* Opaque format (some functions only). */
542 : };
543 :
544 : /* Flags used for creating big integers. */
545 : enum gcry_mpi_flag
546 : {
547 : GCRYMPI_FLAG_SECURE = 1, /* Allocate the number in "secure" memory. */
548 : GCRYMPI_FLAG_OPAQUE = 2, /* The number is not a real one but just
549 : a way to store some bytes. This is
550 : useful for encrypted big integers. */
551 : GCRYMPI_FLAG_IMMUTABLE = 4, /* Mark the MPI as immutable. */
552 : GCRYMPI_FLAG_CONST = 8, /* Mark the MPI as a constant. */
553 : GCRYMPI_FLAG_USER1 = 0x0100,/* User flag 1. */
554 : GCRYMPI_FLAG_USER2 = 0x0200,/* User flag 2. */
555 : GCRYMPI_FLAG_USER3 = 0x0400,/* User flag 3. */
556 : GCRYMPI_FLAG_USER4 = 0x0800 /* User flag 4. */
557 : };
558 :
559 :
560 : /* Macros to return pre-defined MPI constants. */
561 : #define GCRYMPI_CONST_ONE (_gcry_mpi_get_const (1))
562 : #define GCRYMPI_CONST_TWO (_gcry_mpi_get_const (2))
563 : #define GCRYMPI_CONST_THREE (_gcry_mpi_get_const (3))
564 : #define GCRYMPI_CONST_FOUR (_gcry_mpi_get_const (4))
565 : #define GCRYMPI_CONST_EIGHT (_gcry_mpi_get_const (8))
566 :
567 : /* Allocate a new big integer object, initialize it with 0 and
568 : initially allocate memory for a number of at least NBITS. */
569 : gcry_mpi_t gcry_mpi_new (unsigned int nbits);
570 :
571 : /* Same as gcry_mpi_new() but allocate in "secure" memory. */
572 : gcry_mpi_t gcry_mpi_snew (unsigned int nbits);
573 :
574 : /* Release the number A and free all associated resources. */
575 : void gcry_mpi_release (gcry_mpi_t a);
576 :
577 : /* Create a new number with the same value as A. */
578 : gcry_mpi_t gcry_mpi_copy (const gcry_mpi_t a);
579 :
580 : /* Store the big integer value U in W and release U. */
581 : void gcry_mpi_snatch (gcry_mpi_t w, gcry_mpi_t u);
582 :
583 : /* Store the big integer value U in W. */
584 : gcry_mpi_t gcry_mpi_set (gcry_mpi_t w, const gcry_mpi_t u);
585 :
586 : /* Store the unsigned integer value U in W. */
587 : gcry_mpi_t gcry_mpi_set_ui (gcry_mpi_t w, unsigned long u);
588 :
589 : /* Swap the values of A and B. */
590 : void gcry_mpi_swap (gcry_mpi_t a, gcry_mpi_t b);
591 :
592 : /* Return 1 if A is negative; 0 if zero or positive. */
593 : int gcry_mpi_is_neg (gcry_mpi_t a);
594 :
595 : /* W = - U */
596 : void gcry_mpi_neg (gcry_mpi_t w, gcry_mpi_t u);
597 :
598 : /* W = [W] */
599 : void gcry_mpi_abs (gcry_mpi_t w);
600 :
601 : /* Compare the big integer number U and V returning 0 for equality, a
602 : positive value for U > V and a negative for U < V. */
603 : int gcry_mpi_cmp (const gcry_mpi_t u, const gcry_mpi_t v);
604 :
605 : /* Compare the big integer number U with the unsigned integer V
606 : returning 0 for equality, a positive value for U > V and a negative
607 : for U < V. */
608 : int gcry_mpi_cmp_ui (const gcry_mpi_t u, unsigned long v);
609 :
610 : /* Convert the external representation of an integer stored in BUFFER
611 : with a length of BUFLEN into a newly create MPI returned in
612 : RET_MPI. If NSCANNED is not NULL, it will receive the number of
613 : bytes actually scanned after a successful operation. */
614 : gcry_error_t gcry_mpi_scan (gcry_mpi_t *ret_mpi, enum gcry_mpi_format format,
615 : const void *buffer, size_t buflen,
616 : size_t *nscanned);
617 :
618 : /* Convert the big integer A into the external representation
619 : described by FORMAT and store it in the provided BUFFER which has
620 : been allocated by the user with a size of BUFLEN bytes. NWRITTEN
621 : receives the actual length of the external representation unless it
622 : has been passed as NULL. */
623 : gcry_error_t gcry_mpi_print (enum gcry_mpi_format format,
624 : unsigned char *buffer, size_t buflen,
625 : size_t *nwritten,
626 : const gcry_mpi_t a);
627 :
628 : /* Convert the big integer A into the external representation described
629 : by FORMAT and store it in a newly allocated buffer which address
630 : will be put into BUFFER. NWRITTEN receives the actual lengths of the
631 : external representation. */
632 : gcry_error_t gcry_mpi_aprint (enum gcry_mpi_format format,
633 : unsigned char **buffer, size_t *nwritten,
634 : const gcry_mpi_t a);
635 :
636 : /* Dump the value of A in a format suitable for debugging to
637 : Libgcrypt's logging stream. Note that one leading space but no
638 : trailing space or linefeed will be printed. It is okay to pass
639 : NULL for A. */
640 : void gcry_mpi_dump (const gcry_mpi_t a);
641 :
642 :
643 : /* W = U + V. */
644 : void gcry_mpi_add (gcry_mpi_t w, gcry_mpi_t u, gcry_mpi_t v);
645 :
646 : /* W = U + V. V is an unsigned integer. */
647 : void gcry_mpi_add_ui (gcry_mpi_t w, gcry_mpi_t u, unsigned long v);
648 :
649 : /* W = U + V mod M. */
650 : void gcry_mpi_addm (gcry_mpi_t w, gcry_mpi_t u, gcry_mpi_t v, gcry_mpi_t m);
651 :
652 : /* W = U - V. */
653 : void gcry_mpi_sub (gcry_mpi_t w, gcry_mpi_t u, gcry_mpi_t v);
654 :
655 : /* W = U - V. V is an unsigned integer. */
656 : void gcry_mpi_sub_ui (gcry_mpi_t w, gcry_mpi_t u, unsigned long v );
657 :
658 : /* W = U - V mod M */
659 : void gcry_mpi_subm (gcry_mpi_t w, gcry_mpi_t u, gcry_mpi_t v, gcry_mpi_t m);
660 :
661 : /* W = U * V. */
662 : void gcry_mpi_mul (gcry_mpi_t w, gcry_mpi_t u, gcry_mpi_t v);
663 :
664 : /* W = U * V. V is an unsigned integer. */
665 : void gcry_mpi_mul_ui (gcry_mpi_t w, gcry_mpi_t u, unsigned long v );
666 :
667 : /* W = U * V mod M. */
668 : void gcry_mpi_mulm (gcry_mpi_t w, gcry_mpi_t u, gcry_mpi_t v, gcry_mpi_t m);
669 :
670 : /* W = U * (2 ^ CNT). */
671 : void gcry_mpi_mul_2exp (gcry_mpi_t w, gcry_mpi_t u, unsigned long cnt);
672 :
673 : /* Q = DIVIDEND / DIVISOR, R = DIVIDEND % DIVISOR,
674 : Q or R may be passed as NULL. ROUND should be negative or 0. */
675 : void gcry_mpi_div (gcry_mpi_t q, gcry_mpi_t r,
676 : gcry_mpi_t dividend, gcry_mpi_t divisor, int round);
677 :
678 : /* R = DIVIDEND % DIVISOR */
679 : void gcry_mpi_mod (gcry_mpi_t r, gcry_mpi_t dividend, gcry_mpi_t divisor);
680 :
681 : /* W = B ^ E mod M. */
682 : void gcry_mpi_powm (gcry_mpi_t w,
683 : const gcry_mpi_t b, const gcry_mpi_t e,
684 : const gcry_mpi_t m);
685 :
686 : /* Set G to the greatest common divisor of A and B.
687 : Return true if the G is 1. */
688 : int gcry_mpi_gcd (gcry_mpi_t g, gcry_mpi_t a, gcry_mpi_t b);
689 :
690 : /* Set X to the multiplicative inverse of A mod M.
691 : Return true if the value exists. */
692 : int gcry_mpi_invm (gcry_mpi_t x, gcry_mpi_t a, gcry_mpi_t m);
693 :
694 : /* Create a new point object. NBITS is usually 0. */
695 : gcry_mpi_point_t gcry_mpi_point_new (unsigned int nbits);
696 :
697 : /* Release the object POINT. POINT may be NULL. */
698 : void gcry_mpi_point_release (gcry_mpi_point_t point);
699 :
700 : /* Store the projective coordinates from POINT into X, Y, and Z. */
701 : void gcry_mpi_point_get (gcry_mpi_t x, gcry_mpi_t y, gcry_mpi_t z,
702 : gcry_mpi_point_t point);
703 :
704 : /* Store the projective coordinates from POINT into X, Y, and Z and
705 : release POINT. */
706 : void gcry_mpi_point_snatch_get (gcry_mpi_t x, gcry_mpi_t y, gcry_mpi_t z,
707 : gcry_mpi_point_t point);
708 :
709 : /* Store the projective coordinates X, Y, and Z into POINT. */
710 : gcry_mpi_point_t gcry_mpi_point_set (gcry_mpi_point_t point,
711 : gcry_mpi_t x, gcry_mpi_t y, gcry_mpi_t z);
712 :
713 : /* Store the projective coordinates X, Y, and Z into POINT and release
714 : X, Y, and Z. */
715 : gcry_mpi_point_t gcry_mpi_point_snatch_set (gcry_mpi_point_t point,
716 : gcry_mpi_t x, gcry_mpi_t y,
717 : gcry_mpi_t z);
718 :
719 : /* Allocate a new context for elliptic curve operations based on the
720 : parameters given by KEYPARAM or using CURVENAME. */
721 : gpg_error_t gcry_mpi_ec_new (gcry_ctx_t *r_ctx,
722 : gcry_sexp_t keyparam, const char *curvename);
723 :
724 : /* Get a named MPI from an elliptic curve context. */
725 : gcry_mpi_t gcry_mpi_ec_get_mpi (const char *name, gcry_ctx_t ctx, int copy);
726 :
727 : /* Get a named point from an elliptic curve context. */
728 : gcry_mpi_point_t gcry_mpi_ec_get_point (const char *name,
729 : gcry_ctx_t ctx, int copy);
730 :
731 : /* Store a named MPI into an elliptic curve context. */
732 : gpg_error_t gcry_mpi_ec_set_mpi (const char *name, gcry_mpi_t newvalue,
733 : gcry_ctx_t ctx);
734 :
735 : /* Store a named point into an elliptic curve context. */
736 : gpg_error_t gcry_mpi_ec_set_point (const char *name, gcry_mpi_point_t newvalue,
737 : gcry_ctx_t ctx);
738 :
739 : /* Decode and store VALUE into RESULT. */
740 : gpg_error_t gcry_mpi_ec_decode_point (gcry_mpi_point_t result,
741 : gcry_mpi_t value, gcry_ctx_t ctx);
742 :
743 : /* Store the affine coordinates of POINT into X and Y. */
744 : int gcry_mpi_ec_get_affine (gcry_mpi_t x, gcry_mpi_t y, gcry_mpi_point_t point,
745 : gcry_ctx_t ctx);
746 :
747 : /* W = 2 * U. */
748 : void gcry_mpi_ec_dup (gcry_mpi_point_t w, gcry_mpi_point_t u, gcry_ctx_t ctx);
749 :
750 : /* W = U + V. */
751 : void gcry_mpi_ec_add (gcry_mpi_point_t w,
752 : gcry_mpi_point_t u, gcry_mpi_point_t v, gcry_ctx_t ctx);
753 :
754 : /* W = U - V. */
755 : void gcry_mpi_ec_sub (gcry_mpi_point_t w,
756 : gcry_mpi_point_t u, gcry_mpi_point_t v, gcry_ctx_t ctx);
757 :
758 : /* W = N * U. */
759 : void gcry_mpi_ec_mul (gcry_mpi_point_t w, gcry_mpi_t n, gcry_mpi_point_t u,
760 : gcry_ctx_t ctx);
761 :
762 : /* Return true if POINT is on the curve described by CTX. */
763 : int gcry_mpi_ec_curve_point (gcry_mpi_point_t w, gcry_ctx_t ctx);
764 :
765 : /* Return the number of bits required to represent A. */
766 : unsigned int gcry_mpi_get_nbits (gcry_mpi_t a);
767 :
768 : /* Return true when bit number N (counting from 0) is set in A. */
769 : int gcry_mpi_test_bit (gcry_mpi_t a, unsigned int n);
770 :
771 : /* Set bit number N in A. */
772 : void gcry_mpi_set_bit (gcry_mpi_t a, unsigned int n);
773 :
774 : /* Clear bit number N in A. */
775 : void gcry_mpi_clear_bit (gcry_mpi_t a, unsigned int n);
776 :
777 : /* Set bit number N in A and clear all bits greater than N. */
778 : void gcry_mpi_set_highbit (gcry_mpi_t a, unsigned int n);
779 :
780 : /* Clear bit number N in A and all bits greater than N. */
781 : void gcry_mpi_clear_highbit (gcry_mpi_t a, unsigned int n);
782 :
783 : /* Shift the value of A by N bits to the right and store the result in X. */
784 : void gcry_mpi_rshift (gcry_mpi_t x, gcry_mpi_t a, unsigned int n);
785 :
786 : /* Shift the value of A by N bits to the left and store the result in X. */
787 : void gcry_mpi_lshift (gcry_mpi_t x, gcry_mpi_t a, unsigned int n);
788 :
789 : /* Store NBITS of the value P points to in A and mark A as an opaque
790 : value. On success A received the the ownership of the value P.
791 : WARNING: Never use an opaque MPI for anything thing else than
792 : gcry_mpi_release, gcry_mpi_get_opaque. */
793 : gcry_mpi_t gcry_mpi_set_opaque (gcry_mpi_t a, void *p, unsigned int nbits);
794 :
795 : /* Store NBITS of the value P points to in A and mark A as an opaque
796 : value. The function takes a copy of the provided value P.
797 : WARNING: Never use an opaque MPI for anything thing else than
798 : gcry_mpi_release, gcry_mpi_get_opaque. */
799 : gcry_mpi_t gcry_mpi_set_opaque_copy (gcry_mpi_t a,
800 : const void *p, unsigned int nbits);
801 :
802 : /* Return a pointer to an opaque value stored in A and return its size
803 : in NBITS. Note that the returned pointer is still owned by A and
804 : that the function should never be used for an non-opaque MPI. */
805 : void *gcry_mpi_get_opaque (gcry_mpi_t a, unsigned int *nbits);
806 :
807 : /* Set the FLAG for the big integer A. Currently only the flag
808 : GCRYMPI_FLAG_SECURE is allowed to convert A into an big intger
809 : stored in "secure" memory. */
810 : void gcry_mpi_set_flag (gcry_mpi_t a, enum gcry_mpi_flag flag);
811 :
812 : /* Clear FLAG for the big integer A. Note that this function is
813 : currently useless as no flags are allowed. */
814 : void gcry_mpi_clear_flag (gcry_mpi_t a, enum gcry_mpi_flag flag);
815 :
816 : /* Return true if the FLAG is set for A. */
817 : int gcry_mpi_get_flag (gcry_mpi_t a, enum gcry_mpi_flag flag);
818 :
819 : /* Private function - do not use. */
820 : gcry_mpi_t _gcry_mpi_get_const (int no);
821 :
822 : /* Unless the GCRYPT_NO_MPI_MACROS is used, provide a couple of
823 : convenience macros for the big integer functions. */
824 : #ifndef GCRYPT_NO_MPI_MACROS
825 : #define mpi_new(n) gcry_mpi_new( (n) )
826 : #define mpi_secure_new( n ) gcry_mpi_snew( (n) )
827 : #define mpi_release(a) \
828 : do \
829 : { \
830 : gcry_mpi_release ((a)); \
831 : (a) = NULL; \
832 : } \
833 : while (0)
834 :
835 : #define mpi_copy( a ) gcry_mpi_copy( (a) )
836 : #define mpi_snatch( w, u) gcry_mpi_snatch( (w), (u) )
837 : #define mpi_set( w, u) gcry_mpi_set( (w), (u) )
838 : #define mpi_set_ui( w, u) gcry_mpi_set_ui( (w), (u) )
839 : #define mpi_abs( w ) gcry_mpi_abs( (w) )
840 : #define mpi_neg( w, u) gcry_mpi_neg( (w), (u) )
841 : #define mpi_cmp( u, v ) gcry_mpi_cmp( (u), (v) )
842 : #define mpi_cmp_ui( u, v ) gcry_mpi_cmp_ui( (u), (v) )
843 : #define mpi_is_neg( a ) gcry_mpi_is_neg ((a))
844 :
845 : #define mpi_add_ui(w,u,v) gcry_mpi_add_ui((w),(u),(v))
846 : #define mpi_add(w,u,v) gcry_mpi_add ((w),(u),(v))
847 : #define mpi_addm(w,u,v,m) gcry_mpi_addm ((w),(u),(v),(m))
848 : #define mpi_sub_ui(w,u,v) gcry_mpi_sub_ui ((w),(u),(v))
849 : #define mpi_sub(w,u,v) gcry_mpi_sub ((w),(u),(v))
850 : #define mpi_subm(w,u,v,m) gcry_mpi_subm ((w),(u),(v),(m))
851 : #define mpi_mul_ui(w,u,v) gcry_mpi_mul_ui ((w),(u),(v))
852 : #define mpi_mul_2exp(w,u,v) gcry_mpi_mul_2exp ((w),(u),(v))
853 : #define mpi_mul(w,u,v) gcry_mpi_mul ((w),(u),(v))
854 : #define mpi_mulm(w,u,v,m) gcry_mpi_mulm ((w),(u),(v),(m))
855 : #define mpi_powm(w,b,e,m) gcry_mpi_powm ( (w), (b), (e), (m) )
856 : #define mpi_tdiv(q,r,a,m) gcry_mpi_div ( (q), (r), (a), (m), 0)
857 : #define mpi_fdiv(q,r,a,m) gcry_mpi_div ( (q), (r), (a), (m), -1)
858 : #define mpi_mod(r,a,m) gcry_mpi_mod ((r), (a), (m))
859 : #define mpi_gcd(g,a,b) gcry_mpi_gcd ( (g), (a), (b) )
860 : #define mpi_invm(g,a,b) gcry_mpi_invm ( (g), (a), (b) )
861 :
862 : #define mpi_point_new(n) gcry_mpi_point_new((n))
863 : #define mpi_point_release(p) \
864 : do \
865 : { \
866 : gcry_mpi_point_release ((p)); \
867 : (p) = NULL; \
868 : } \
869 : while (0)
870 : #define mpi_point_get(x,y,z,p) gcry_mpi_point_get((x),(y),(z),(p))
871 : #define mpi_point_snatch_get(x,y,z,p) gcry_mpi_point_snatch_get((x),(y),(z),(p))
872 : #define mpi_point_set(p,x,y,z) gcry_mpi_point_set((p),(x),(y),(z))
873 : #define mpi_point_snatch_set(p,x,y,z) gcry_mpi_point_snatch_set((p),(x),(y),(z))
874 :
875 : #define mpi_get_nbits(a) gcry_mpi_get_nbits ((a))
876 : #define mpi_test_bit(a,b) gcry_mpi_test_bit ((a),(b))
877 : #define mpi_set_bit(a,b) gcry_mpi_set_bit ((a),(b))
878 : #define mpi_set_highbit(a,b) gcry_mpi_set_highbit ((a),(b))
879 : #define mpi_clear_bit(a,b) gcry_mpi_clear_bit ((a),(b))
880 : #define mpi_clear_highbit(a,b) gcry_mpi_clear_highbit ((a),(b))
881 : #define mpi_rshift(a,b,c) gcry_mpi_rshift ((a),(b),(c))
882 : #define mpi_lshift(a,b,c) gcry_mpi_lshift ((a),(b),(c))
883 :
884 : #define mpi_set_opaque(a,b,c) gcry_mpi_set_opaque( (a), (b), (c) )
885 : #define mpi_get_opaque(a,b) gcry_mpi_get_opaque( (a), (b) )
886 : #endif /* GCRYPT_NO_MPI_MACROS */
887 :
888 :
889 : �
890 : /************************************
891 : * *
892 : * Symmetric Cipher Functions *
893 : * *
894 : ************************************/
895 :
896 : /* The data object used to hold a handle to an encryption object. */
897 : struct gcry_cipher_handle;
898 : typedef struct gcry_cipher_handle *gcry_cipher_hd_t;
899 :
900 : #ifndef GCRYPT_NO_DEPRECATED
901 : typedef struct gcry_cipher_handle *GCRY_CIPHER_HD _GCRY_GCC_ATTR_DEPRECATED;
902 : typedef struct gcry_cipher_handle *GcryCipherHd _GCRY_GCC_ATTR_DEPRECATED;
903 : #endif
904 :
905 : /* All symmetric encryption algorithms are identified by their IDs.
906 : More IDs may be registered at runtime. */
907 : enum gcry_cipher_algos
908 : {
909 : GCRY_CIPHER_NONE = 0,
910 : GCRY_CIPHER_IDEA = 1,
911 : GCRY_CIPHER_3DES = 2,
912 : GCRY_CIPHER_CAST5 = 3,
913 : GCRY_CIPHER_BLOWFISH = 4,
914 : GCRY_CIPHER_SAFER_SK128 = 5,
915 : GCRY_CIPHER_DES_SK = 6,
916 : GCRY_CIPHER_AES = 7,
917 : GCRY_CIPHER_AES192 = 8,
918 : GCRY_CIPHER_AES256 = 9,
919 : GCRY_CIPHER_TWOFISH = 10,
920 :
921 : /* Other cipher numbers are above 300 for OpenPGP reasons. */
922 : GCRY_CIPHER_ARCFOUR = 301, /* Fully compatible with RSA's RC4 (tm). */
923 : GCRY_CIPHER_DES = 302, /* Yes, this is single key 56 bit DES. */
924 : GCRY_CIPHER_TWOFISH128 = 303,
925 : GCRY_CIPHER_SERPENT128 = 304,
926 : GCRY_CIPHER_SERPENT192 = 305,
927 : GCRY_CIPHER_SERPENT256 = 306,
928 : GCRY_CIPHER_RFC2268_40 = 307, /* Ron's Cipher 2 (40 bit). */
929 : GCRY_CIPHER_RFC2268_128 = 308, /* Ron's Cipher 2 (128 bit). */
930 : GCRY_CIPHER_SEED = 309, /* 128 bit cipher described in RFC4269. */
931 : GCRY_CIPHER_CAMELLIA128 = 310,
932 : GCRY_CIPHER_CAMELLIA192 = 311,
933 : GCRY_CIPHER_CAMELLIA256 = 312,
934 : GCRY_CIPHER_SALSA20 = 313,
935 : GCRY_CIPHER_SALSA20R12 = 314,
936 : GCRY_CIPHER_GOST28147 = 315,
937 : GCRY_CIPHER_CHACHA20 = 316
938 : };
939 :
940 : /* The Rijndael algorithm is basically AES, so provide some macros. */
941 : #define GCRY_CIPHER_AES128 GCRY_CIPHER_AES
942 : #define GCRY_CIPHER_RIJNDAEL GCRY_CIPHER_AES
943 : #define GCRY_CIPHER_RIJNDAEL128 GCRY_CIPHER_AES128
944 : #define GCRY_CIPHER_RIJNDAEL192 GCRY_CIPHER_AES192
945 : #define GCRY_CIPHER_RIJNDAEL256 GCRY_CIPHER_AES256
946 :
947 : /* The supported encryption modes. Note that not all of them are
948 : supported for each algorithm. */
949 : enum gcry_cipher_modes
950 : {
951 : GCRY_CIPHER_MODE_NONE = 0, /* Not yet specified. */
952 : GCRY_CIPHER_MODE_ECB = 1, /* Electronic codebook. */
953 : GCRY_CIPHER_MODE_CFB = 2, /* Cipher feedback. */
954 : GCRY_CIPHER_MODE_CBC = 3, /* Cipher block chaining. */
955 : GCRY_CIPHER_MODE_STREAM = 4, /* Used with stream ciphers. */
956 : GCRY_CIPHER_MODE_OFB = 5, /* Outer feedback. */
957 : GCRY_CIPHER_MODE_CTR = 6, /* Counter. */
958 : GCRY_CIPHER_MODE_AESWRAP = 7, /* AES-WRAP algorithm. */
959 : GCRY_CIPHER_MODE_CCM = 8, /* Counter with CBC-MAC. */
960 : GCRY_CIPHER_MODE_GCM = 9, /* Galois Counter Mode. */
961 : GCRY_CIPHER_MODE_POLY1305 = 10, /* Poly1305 based AEAD mode. */
962 : GCRY_CIPHER_MODE_OCB = 11, /* OCB3 mode. */
963 : GCRY_CIPHER_MODE_CFB8 = 12 /* Cipher feedback (8 bit mode). */
964 : };
965 :
966 : /* Flags used with the open function. */
967 : enum gcry_cipher_flags
968 : {
969 : GCRY_CIPHER_SECURE = 1, /* Allocate in secure memory. */
970 : GCRY_CIPHER_ENABLE_SYNC = 2, /* Enable CFB sync mode. */
971 : GCRY_CIPHER_CBC_CTS = 4, /* Enable CBC cipher text stealing (CTS). */
972 : GCRY_CIPHER_CBC_MAC = 8 /* Enable CBC message auth. code (MAC). */
973 : };
974 :
975 : /* GCM works only with blocks of 128 bits */
976 : #define GCRY_GCM_BLOCK_LEN (128 / 8)
977 :
978 : /* CCM works only with blocks of 128 bits. */
979 : #define GCRY_CCM_BLOCK_LEN (128 / 8)
980 :
981 : /* OCB works only with blocks of 128 bits. */
982 : #define GCRY_OCB_BLOCK_LEN (128 / 8)
983 :
984 : /* Create a handle for algorithm ALGO to be used in MODE. FLAGS may
985 : be given as an bitwise OR of the gcry_cipher_flags values. */
986 : gcry_error_t gcry_cipher_open (gcry_cipher_hd_t *handle,
987 : int algo, int mode, unsigned int flags);
988 :
989 : /* Close the cipher handle H and release all resource. */
990 : void gcry_cipher_close (gcry_cipher_hd_t h);
991 :
992 : /* Perform various operations on the cipher object H. */
993 : gcry_error_t gcry_cipher_ctl (gcry_cipher_hd_t h, int cmd, void *buffer,
994 : size_t buflen);
995 :
996 : /* Retrieve various information about the cipher object H. */
997 : gcry_error_t gcry_cipher_info (gcry_cipher_hd_t h, int what, void *buffer,
998 : size_t *nbytes);
999 :
1000 : /* Retrieve various information about the cipher algorithm ALGO. */
1001 : gcry_error_t gcry_cipher_algo_info (int algo, int what, void *buffer,
1002 : size_t *nbytes);
1003 :
1004 : /* Map the cipher algorithm whose ID is contained in ALGORITHM to a
1005 : string representation of the algorithm name. For unknown algorithm
1006 : IDs this function returns "?". */
1007 : const char *gcry_cipher_algo_name (int algorithm) _GCRY_GCC_ATTR_PURE;
1008 :
1009 : /* Map the algorithm name NAME to an cipher algorithm ID. Return 0 if
1010 : the algorithm name is not known. */
1011 : int gcry_cipher_map_name (const char *name) _GCRY_GCC_ATTR_PURE;
1012 :
1013 : /* Given an ASN.1 object identifier in standard IETF dotted decimal
1014 : format in STRING, return the encryption mode associated with that
1015 : OID or 0 if not known or applicable. */
1016 : int gcry_cipher_mode_from_oid (const char *string) _GCRY_GCC_ATTR_PURE;
1017 :
1018 : /* Encrypt the plaintext of size INLEN in IN using the cipher handle H
1019 : into the buffer OUT which has an allocated length of OUTSIZE. For
1020 : most algorithms it is possible to pass NULL for in and 0 for INLEN
1021 : and do a in-place decryption of the data provided in OUT. */
1022 : gcry_error_t gcry_cipher_encrypt (gcry_cipher_hd_t h,
1023 : void *out, size_t outsize,
1024 : const void *in, size_t inlen);
1025 :
1026 : /* The counterpart to gcry_cipher_encrypt. */
1027 : gcry_error_t gcry_cipher_decrypt (gcry_cipher_hd_t h,
1028 : void *out, size_t outsize,
1029 : const void *in, size_t inlen);
1030 :
1031 : /* Set KEY of length KEYLEN bytes for the cipher handle HD. */
1032 : gcry_error_t gcry_cipher_setkey (gcry_cipher_hd_t hd,
1033 : const void *key, size_t keylen);
1034 :
1035 :
1036 : /* Set initialization vector IV of length IVLEN for the cipher handle HD. */
1037 : gcry_error_t gcry_cipher_setiv (gcry_cipher_hd_t hd,
1038 : const void *iv, size_t ivlen);
1039 :
1040 : /* Provide additional authentication data for AEAD modes/ciphers. */
1041 : gcry_error_t gcry_cipher_authenticate (gcry_cipher_hd_t hd, const void *abuf,
1042 : size_t abuflen);
1043 :
1044 : /* Get authentication tag for AEAD modes/ciphers. */
1045 : gcry_error_t gcry_cipher_gettag (gcry_cipher_hd_t hd, void *outtag,
1046 : size_t taglen);
1047 :
1048 : /* Check authentication tag for AEAD modes/ciphers. */
1049 : gcry_error_t gcry_cipher_checktag (gcry_cipher_hd_t hd, const void *intag,
1050 : size_t taglen);
1051 :
1052 : /* Reset the handle to the state after open. */
1053 : #define gcry_cipher_reset(h) gcry_cipher_ctl ((h), GCRYCTL_RESET, NULL, 0)
1054 :
1055 : /* Perform the OpenPGP sync operation if this is enabled for the
1056 : cipher handle H. */
1057 : #define gcry_cipher_sync(h) gcry_cipher_ctl( (h), GCRYCTL_CFB_SYNC, NULL, 0)
1058 :
1059 : /* Enable or disable CTS in future calls to gcry_encrypt(). CBC mode only. */
1060 : #define gcry_cipher_cts(h,on) gcry_cipher_ctl( (h), GCRYCTL_SET_CBC_CTS, \
1061 : NULL, on )
1062 :
1063 : #define gcry_cipher_set_sbox(h,oid) gcry_cipher_ctl( (h), GCRYCTL_SET_SBOX, \
1064 : (oid), 0);
1065 :
1066 : /* Indicate to the encrypt and decrypt functions that the next call
1067 : provides the final data. Only used with some modes. */
1068 : #define gcry_cipher_final(a) \
1069 : gcry_cipher_ctl ((a), GCRYCTL_FINALIZE, NULL, 0)
1070 :
1071 : /* Set counter for CTR mode. (CTR,CTRLEN) must denote a buffer of
1072 : block size length, or (NULL,0) to set the CTR to the all-zero block. */
1073 : gpg_error_t gcry_cipher_setctr (gcry_cipher_hd_t hd,
1074 : const void *ctr, size_t ctrlen);
1075 :
1076 : /* Retrieve the key length in bytes used with algorithm A. */
1077 : size_t gcry_cipher_get_algo_keylen (int algo);
1078 :
1079 : /* Retrieve the block length in bytes used with algorithm A. */
1080 : size_t gcry_cipher_get_algo_blklen (int algo);
1081 :
1082 : /* Return 0 if the algorithm A is available for use. */
1083 : #define gcry_cipher_test_algo(a) \
1084 : gcry_cipher_algo_info( (a), GCRYCTL_TEST_ALGO, NULL, NULL )
1085 :
1086 : �
1087 : /************************************
1088 : * *
1089 : * Asymmetric Cipher Functions *
1090 : * *
1091 : ************************************/
1092 :
1093 : /* The algorithms and their IDs we support. */
1094 : enum gcry_pk_algos
1095 : {
1096 : GCRY_PK_RSA = 1, /* RSA */
1097 : GCRY_PK_RSA_E = 2, /* (deprecated: use 1). */
1098 : GCRY_PK_RSA_S = 3, /* (deprecated: use 1). */
1099 : GCRY_PK_ELG_E = 16, /* (deprecated: use 20). */
1100 : GCRY_PK_DSA = 17, /* Digital Signature Algorithm. */
1101 : GCRY_PK_ECC = 18, /* Generic ECC. */
1102 : GCRY_PK_ELG = 20, /* Elgamal */
1103 : GCRY_PK_ECDSA = 301, /* (only for external use). */
1104 : GCRY_PK_ECDH = 302, /* (only for external use). */
1105 : GCRY_PK_EDDSA = 303 /* (only for external use). */
1106 : };
1107 :
1108 : /* Flags describing usage capabilities of a PK algorithm. */
1109 : #define GCRY_PK_USAGE_SIGN 1 /* Good for signatures. */
1110 : #define GCRY_PK_USAGE_ENCR 2 /* Good for encryption. */
1111 : #define GCRY_PK_USAGE_CERT 4 /* Good to certify other keys. */
1112 : #define GCRY_PK_USAGE_AUTH 8 /* Good for authentication. */
1113 : #define GCRY_PK_USAGE_UNKN 128 /* Unknown usage flag. */
1114 :
1115 : /* Modes used with gcry_pubkey_get_sexp. */
1116 : #define GCRY_PK_GET_PUBKEY 1
1117 : #define GCRY_PK_GET_SECKEY 2
1118 :
1119 : /* Encrypt the DATA using the public key PKEY and store the result as
1120 : a newly created S-expression at RESULT. */
1121 : gcry_error_t gcry_pk_encrypt (gcry_sexp_t *result,
1122 : gcry_sexp_t data, gcry_sexp_t pkey);
1123 :
1124 : /* Decrypt the DATA using the private key SKEY and store the result as
1125 : a newly created S-expression at RESULT. */
1126 : gcry_error_t gcry_pk_decrypt (gcry_sexp_t *result,
1127 : gcry_sexp_t data, gcry_sexp_t skey);
1128 :
1129 : /* Sign the DATA using the private key SKEY and store the result as
1130 : a newly created S-expression at RESULT. */
1131 : gcry_error_t gcry_pk_sign (gcry_sexp_t *result,
1132 : gcry_sexp_t data, gcry_sexp_t skey);
1133 :
1134 : /* Check the signature SIGVAL on DATA using the public key PKEY. */
1135 : gcry_error_t gcry_pk_verify (gcry_sexp_t sigval,
1136 : gcry_sexp_t data, gcry_sexp_t pkey);
1137 :
1138 : /* Check that private KEY is sane. */
1139 : gcry_error_t gcry_pk_testkey (gcry_sexp_t key);
1140 :
1141 : /* Generate a new key pair according to the parameters given in
1142 : S_PARMS. The new key pair is returned in as an S-expression in
1143 : R_KEY. */
1144 : gcry_error_t gcry_pk_genkey (gcry_sexp_t *r_key, gcry_sexp_t s_parms);
1145 :
1146 : /* Catch all function for miscellaneous operations. */
1147 : gcry_error_t gcry_pk_ctl (int cmd, void *buffer, size_t buflen);
1148 :
1149 : /* Retrieve information about the public key algorithm ALGO. */
1150 : gcry_error_t gcry_pk_algo_info (int algo, int what,
1151 : void *buffer, size_t *nbytes);
1152 :
1153 : /* Map the public key algorithm whose ID is contained in ALGORITHM to
1154 : a string representation of the algorithm name. For unknown
1155 : algorithm IDs this functions returns "?". */
1156 : const char *gcry_pk_algo_name (int algorithm) _GCRY_GCC_ATTR_PURE;
1157 :
1158 : /* Map the algorithm NAME to a public key algorithm Id. Return 0 if
1159 : the algorithm name is not known. */
1160 : int gcry_pk_map_name (const char* name) _GCRY_GCC_ATTR_PURE;
1161 :
1162 : /* Return what is commonly referred as the key length for the given
1163 : public or private KEY. */
1164 : unsigned int gcry_pk_get_nbits (gcry_sexp_t key) _GCRY_GCC_ATTR_PURE;
1165 :
1166 : /* Return the so called KEYGRIP which is the SHA-1 hash of the public
1167 : key parameters expressed in a way depending on the algorithm. */
1168 : unsigned char *gcry_pk_get_keygrip (gcry_sexp_t key, unsigned char *array);
1169 :
1170 : /* Return the name of the curve matching KEY. */
1171 : const char *gcry_pk_get_curve (gcry_sexp_t key, int iterator,
1172 : unsigned int *r_nbits);
1173 :
1174 : /* Return an S-expression with the parameters of the named ECC curve
1175 : NAME. ALGO must be set to an ECC algorithm. */
1176 : gcry_sexp_t gcry_pk_get_param (int algo, const char *name);
1177 :
1178 : /* Return 0 if the public key algorithm A is available for use. */
1179 : #define gcry_pk_test_algo(a) \
1180 : gcry_pk_algo_info( (a), GCRYCTL_TEST_ALGO, NULL, NULL )
1181 :
1182 : /* Return an S-expression representing the context CTX. */
1183 : gcry_error_t gcry_pubkey_get_sexp (gcry_sexp_t *r_sexp,
1184 : int mode, gcry_ctx_t ctx);
1185 :
1186 : �
1187 :
1188 : /************************************
1189 : * *
1190 : * Cryptograhic Hash Functions *
1191 : * *
1192 : ************************************/
1193 :
1194 : /* Algorithm IDs for the hash functions we know about. Not all of them
1195 : are implemented. */
1196 : enum gcry_md_algos
1197 : {
1198 : GCRY_MD_NONE = 0,
1199 : GCRY_MD_MD5 = 1,
1200 : GCRY_MD_SHA1 = 2,
1201 : GCRY_MD_RMD160 = 3,
1202 : GCRY_MD_MD2 = 5,
1203 : GCRY_MD_TIGER = 6, /* TIGER/192 as used by gpg <= 1.3.2. */
1204 : GCRY_MD_HAVAL = 7, /* HAVAL, 5 pass, 160 bit. */
1205 : GCRY_MD_SHA256 = 8,
1206 : GCRY_MD_SHA384 = 9,
1207 : GCRY_MD_SHA512 = 10,
1208 : GCRY_MD_SHA224 = 11,
1209 :
1210 : GCRY_MD_MD4 = 301,
1211 : GCRY_MD_CRC32 = 302,
1212 : GCRY_MD_CRC32_RFC1510 = 303,
1213 : GCRY_MD_CRC24_RFC2440 = 304,
1214 : GCRY_MD_WHIRLPOOL = 305,
1215 : GCRY_MD_TIGER1 = 306, /* TIGER fixed. */
1216 : GCRY_MD_TIGER2 = 307, /* TIGER2 variant. */
1217 : GCRY_MD_GOSTR3411_94 = 308, /* GOST R 34.11-94. */
1218 : GCRY_MD_STRIBOG256 = 309, /* GOST R 34.11-2012, 256 bit. */
1219 : GCRY_MD_STRIBOG512 = 310, /* GOST R 34.11-2012, 512 bit. */
1220 : GCRY_MD_GOSTR3411_CP = 311, /* GOST R 34.11-94 with CryptoPro-A S-Box. */
1221 : GCRY_MD_SHA3_224 = 312,
1222 : GCRY_MD_SHA3_256 = 313,
1223 : GCRY_MD_SHA3_384 = 314,
1224 : GCRY_MD_SHA3_512 = 315,
1225 : GCRY_MD_SHAKE128 = 316,
1226 : GCRY_MD_SHAKE256 = 317
1227 : };
1228 :
1229 : /* Flags used with the open function. */
1230 : enum gcry_md_flags
1231 : {
1232 : GCRY_MD_FLAG_SECURE = 1, /* Allocate all buffers in "secure" memory. */
1233 : GCRY_MD_FLAG_HMAC = 2, /* Make an HMAC out of this algorithm. */
1234 : GCRY_MD_FLAG_BUGEMU1 = 0x0100
1235 : };
1236 :
1237 : /* (Forward declaration.) */
1238 : struct gcry_md_context;
1239 :
1240 : /* This object is used to hold a handle to a message digest object.
1241 : This structure is private - only to be used by the public gcry_md_*
1242 : macros. */
1243 : typedef struct gcry_md_handle
1244 : {
1245 : /* Actual context. */
1246 : struct gcry_md_context *ctx;
1247 :
1248 : /* Buffer management. */
1249 : int bufpos;
1250 : int bufsize;
1251 : unsigned char buf[1];
1252 : } *gcry_md_hd_t;
1253 :
1254 : /* Compatibility types, do not use them. */
1255 : #ifndef GCRYPT_NO_DEPRECATED
1256 : typedef struct gcry_md_handle *GCRY_MD_HD _GCRY_GCC_ATTR_DEPRECATED;
1257 : typedef struct gcry_md_handle *GcryMDHd _GCRY_GCC_ATTR_DEPRECATED;
1258 : #endif
1259 :
1260 : /* Create a message digest object for algorithm ALGO. FLAGS may be
1261 : given as an bitwise OR of the gcry_md_flags values. ALGO may be
1262 : given as 0 if the algorithms to be used are later set using
1263 : gcry_md_enable. */
1264 : gcry_error_t gcry_md_open (gcry_md_hd_t *h, int algo, unsigned int flags);
1265 :
1266 : /* Release the message digest object HD. */
1267 : void gcry_md_close (gcry_md_hd_t hd);
1268 :
1269 : /* Add the message digest algorithm ALGO to the digest object HD. */
1270 : gcry_error_t gcry_md_enable (gcry_md_hd_t hd, int algo);
1271 :
1272 : /* Create a new digest object as an exact copy of the object HD. */
1273 : gcry_error_t gcry_md_copy (gcry_md_hd_t *bhd, gcry_md_hd_t ahd);
1274 :
1275 : /* Reset the digest object HD to its initial state. */
1276 : void gcry_md_reset (gcry_md_hd_t hd);
1277 :
1278 : /* Perform various operations on the digest object HD. */
1279 : gcry_error_t gcry_md_ctl (gcry_md_hd_t hd, int cmd,
1280 : void *buffer, size_t buflen);
1281 :
1282 : /* Pass LENGTH bytes of data in BUFFER to the digest object HD so that
1283 : it can update the digest values. This is the actual hash
1284 : function. */
1285 : void gcry_md_write (gcry_md_hd_t hd, const void *buffer, size_t length);
1286 :
1287 : /* Read out the final digest from HD return the digest value for
1288 : algorithm ALGO. */
1289 : unsigned char *gcry_md_read (gcry_md_hd_t hd, int algo);
1290 :
1291 : /* Read more output from algorithm ALGO to BUFFER of size LENGTH from
1292 : * digest object HD. Algorithm needs to be 'expendable-output function'. */
1293 : gpg_error_t gcry_md_extract (gcry_md_hd_t hd, int algo, void *buffer,
1294 : size_t length);
1295 :
1296 : /* Convenience function to calculate the hash from the data in BUFFER
1297 : of size LENGTH using the algorithm ALGO avoiding the creating of a
1298 : hash object. The hash is returned in the caller provided buffer
1299 : DIGEST which must be large enough to hold the digest of the given
1300 : algorithm. */
1301 : void gcry_md_hash_buffer (int algo, void *digest,
1302 : const void *buffer, size_t length);
1303 :
1304 : /* Convenience function to hash multiple buffers. */
1305 : gpg_error_t gcry_md_hash_buffers (int algo, unsigned int flags, void *digest,
1306 : const gcry_buffer_t *iov, int iovcnt);
1307 :
1308 : /* Retrieve the algorithm used with HD. This does not work reliable
1309 : if more than one algorithm is enabled in HD. */
1310 : int gcry_md_get_algo (gcry_md_hd_t hd);
1311 :
1312 : /* Retrieve the length in bytes of the digest yielded by algorithm
1313 : ALGO. */
1314 : unsigned int gcry_md_get_algo_dlen (int algo);
1315 :
1316 : /* Return true if the the algorithm ALGO is enabled in the digest
1317 : object A. */
1318 : int gcry_md_is_enabled (gcry_md_hd_t a, int algo);
1319 :
1320 : /* Return true if the digest object A is allocated in "secure" memory. */
1321 : int gcry_md_is_secure (gcry_md_hd_t a);
1322 :
1323 : /* Retrieve various information about the object H. */
1324 : gcry_error_t gcry_md_info (gcry_md_hd_t h, int what, void *buffer,
1325 : size_t *nbytes);
1326 :
1327 : /* Retrieve various information about the algorithm ALGO. */
1328 : gcry_error_t gcry_md_algo_info (int algo, int what, void *buffer,
1329 : size_t *nbytes);
1330 :
1331 : /* Map the digest algorithm id ALGO to a string representation of the
1332 : algorithm name. For unknown algorithms this function returns
1333 : "?". */
1334 : const char *gcry_md_algo_name (int algo) _GCRY_GCC_ATTR_PURE;
1335 :
1336 : /* Map the algorithm NAME to a digest algorithm Id. Return 0 if
1337 : the algorithm name is not known. */
1338 : int gcry_md_map_name (const char* name) _GCRY_GCC_ATTR_PURE;
1339 :
1340 : /* For use with the HMAC feature, the set MAC key to the KEY of
1341 : KEYLEN bytes. */
1342 : gcry_error_t gcry_md_setkey (gcry_md_hd_t hd, const void *key, size_t keylen);
1343 :
1344 : /* Start or stop debugging for digest handle HD; i.e. create a file
1345 : named dbgmd-<n>.<suffix> while hashing. If SUFFIX is NULL,
1346 : debugging stops and the file will be closed. */
1347 : void gcry_md_debug (gcry_md_hd_t hd, const char *suffix);
1348 :
1349 :
1350 : /* Update the hash(s) of H with the character C. This is a buffered
1351 : version of the gcry_md_write function. */
1352 : #define gcry_md_putc(h,c) \
1353 : do { \
1354 : gcry_md_hd_t h__ = (h); \
1355 : if( (h__)->bufpos == (h__)->bufsize ) \
1356 : gcry_md_write( (h__), NULL, 0 ); \
1357 : (h__)->buf[(h__)->bufpos++] = (c) & 0xff; \
1358 : } while(0)
1359 :
1360 : /* Finalize the digest calculation. This is not really needed because
1361 : gcry_md_read() does this implicitly. */
1362 : #define gcry_md_final(a) \
1363 : gcry_md_ctl ((a), GCRYCTL_FINALIZE, NULL, 0)
1364 :
1365 : /* Return 0 if the algorithm A is available for use. */
1366 : #define gcry_md_test_algo(a) \
1367 : gcry_md_algo_info( (a), GCRYCTL_TEST_ALGO, NULL, NULL )
1368 :
1369 : /* Return an DER encoded ASN.1 OID for the algorithm A in buffer B. N
1370 : must point to size_t variable with the available size of buffer B.
1371 : After return it will receive the actual size of the returned
1372 : OID. */
1373 : #define gcry_md_get_asnoid(a,b,n) \
1374 : gcry_md_algo_info((a), GCRYCTL_GET_ASNOID, (b), (n))
1375 :
1376 : �
1377 :
1378 : /**********************************************
1379 : * *
1380 : * Message Authentication Code Functions *
1381 : * *
1382 : **********************************************/
1383 :
1384 : /* The data object used to hold a handle to an encryption object. */
1385 : struct gcry_mac_handle;
1386 : typedef struct gcry_mac_handle *gcry_mac_hd_t;
1387 :
1388 : /* Algorithm IDs for the hash functions we know about. Not all of them
1389 : are implemented. */
1390 : enum gcry_mac_algos
1391 : {
1392 : GCRY_MAC_NONE = 0,
1393 :
1394 : GCRY_MAC_HMAC_SHA256 = 101,
1395 : GCRY_MAC_HMAC_SHA224 = 102,
1396 : GCRY_MAC_HMAC_SHA512 = 103,
1397 : GCRY_MAC_HMAC_SHA384 = 104,
1398 : GCRY_MAC_HMAC_SHA1 = 105,
1399 : GCRY_MAC_HMAC_MD5 = 106,
1400 : GCRY_MAC_HMAC_MD4 = 107,
1401 : GCRY_MAC_HMAC_RMD160 = 108,
1402 : GCRY_MAC_HMAC_TIGER1 = 109, /* The fixed TIGER variant */
1403 : GCRY_MAC_HMAC_WHIRLPOOL = 110,
1404 : GCRY_MAC_HMAC_GOSTR3411_94 = 111,
1405 : GCRY_MAC_HMAC_STRIBOG256 = 112,
1406 : GCRY_MAC_HMAC_STRIBOG512 = 113,
1407 : GCRY_MAC_HMAC_MD2 = 114,
1408 : GCRY_MAC_HMAC_SHA3_224 = 115,
1409 : GCRY_MAC_HMAC_SHA3_256 = 116,
1410 : GCRY_MAC_HMAC_SHA3_384 = 117,
1411 : GCRY_MAC_HMAC_SHA3_512 = 118,
1412 :
1413 : GCRY_MAC_CMAC_AES = 201,
1414 : GCRY_MAC_CMAC_3DES = 202,
1415 : GCRY_MAC_CMAC_CAMELLIA = 203,
1416 : GCRY_MAC_CMAC_CAST5 = 204,
1417 : GCRY_MAC_CMAC_BLOWFISH = 205,
1418 : GCRY_MAC_CMAC_TWOFISH = 206,
1419 : GCRY_MAC_CMAC_SERPENT = 207,
1420 : GCRY_MAC_CMAC_SEED = 208,
1421 : GCRY_MAC_CMAC_RFC2268 = 209,
1422 : GCRY_MAC_CMAC_IDEA = 210,
1423 : GCRY_MAC_CMAC_GOST28147 = 211,
1424 :
1425 : GCRY_MAC_GMAC_AES = 401,
1426 : GCRY_MAC_GMAC_CAMELLIA = 402,
1427 : GCRY_MAC_GMAC_TWOFISH = 403,
1428 : GCRY_MAC_GMAC_SERPENT = 404,
1429 : GCRY_MAC_GMAC_SEED = 405,
1430 :
1431 : GCRY_MAC_POLY1305 = 501,
1432 : GCRY_MAC_POLY1305_AES = 502,
1433 : GCRY_MAC_POLY1305_CAMELLIA = 503,
1434 : GCRY_MAC_POLY1305_TWOFISH = 504,
1435 : GCRY_MAC_POLY1305_SERPENT = 505,
1436 : GCRY_MAC_POLY1305_SEED = 506
1437 : };
1438 :
1439 : /* Flags used with the open function. */
1440 : enum gcry_mac_flags
1441 : {
1442 : GCRY_MAC_FLAG_SECURE = 1 /* Allocate all buffers in "secure" memory. */
1443 : };
1444 :
1445 : /* Create a MAC handle for algorithm ALGO. FLAGS may be given as an bitwise OR
1446 : of the gcry_mac_flags values. CTX maybe NULL or gcry_ctx_t object to be
1447 : associated with HANDLE. */
1448 : gcry_error_t gcry_mac_open (gcry_mac_hd_t *handle, int algo,
1449 : unsigned int flags, gcry_ctx_t ctx);
1450 :
1451 : /* Close the MAC handle H and release all resource. */
1452 : void gcry_mac_close (gcry_mac_hd_t h);
1453 :
1454 : /* Perform various operations on the MAC object H. */
1455 : gcry_error_t gcry_mac_ctl (gcry_mac_hd_t h, int cmd, void *buffer,
1456 : size_t buflen);
1457 :
1458 : /* Retrieve various information about the MAC algorithm ALGO. */
1459 : gcry_error_t gcry_mac_algo_info (int algo, int what, void *buffer,
1460 : size_t *nbytes);
1461 :
1462 : /* Set KEY of length KEYLEN bytes for the MAC handle HD. */
1463 : gcry_error_t gcry_mac_setkey (gcry_mac_hd_t hd, const void *key,
1464 : size_t keylen);
1465 :
1466 : /* Set initialization vector IV of length IVLEN for the MAC handle HD. */
1467 : gcry_error_t gcry_mac_setiv (gcry_mac_hd_t hd, const void *iv,
1468 : size_t ivlen);
1469 :
1470 : /* Pass LENGTH bytes of data in BUFFER to the MAC object HD so that
1471 : it can update the MAC values. */
1472 : gcry_error_t gcry_mac_write (gcry_mac_hd_t hd, const void *buffer,
1473 : size_t length);
1474 :
1475 : /* Read out the final authentication code from the MAC object HD to BUFFER. */
1476 : gcry_error_t gcry_mac_read (gcry_mac_hd_t hd, void *buffer, size_t *buflen);
1477 :
1478 : /* Verify the final authentication code from the MAC object HD with BUFFER. */
1479 : gcry_error_t gcry_mac_verify (gcry_mac_hd_t hd, const void *buffer,
1480 : size_t buflen);
1481 :
1482 : /* Retrieve the algorithm used with MAC. */
1483 : int gcry_mac_get_algo (gcry_mac_hd_t hd);
1484 :
1485 : /* Retrieve the length in bytes of the MAC yielded by algorithm ALGO. */
1486 : unsigned int gcry_mac_get_algo_maclen (int algo);
1487 :
1488 : /* Retrieve the default key length in bytes used with algorithm A. */
1489 : unsigned int gcry_mac_get_algo_keylen (int algo);
1490 :
1491 : /* Map the MAC algorithm whose ID is contained in ALGORITHM to a
1492 : string representation of the algorithm name. For unknown algorithm
1493 : IDs this function returns "?". */
1494 : const char *gcry_mac_algo_name (int algorithm) _GCRY_GCC_ATTR_PURE;
1495 :
1496 : /* Map the algorithm name NAME to an MAC algorithm ID. Return 0 if
1497 : the algorithm name is not known. */
1498 : int gcry_mac_map_name (const char *name) _GCRY_GCC_ATTR_PURE;
1499 :
1500 : /* Reset the handle to the state after open/setkey. */
1501 : #define gcry_mac_reset(h) gcry_mac_ctl ((h), GCRYCTL_RESET, NULL, 0)
1502 :
1503 : /* Return 0 if the algorithm A is available for use. */
1504 : #define gcry_mac_test_algo(a) \
1505 : gcry_mac_algo_info( (a), GCRYCTL_TEST_ALGO, NULL, NULL )
1506 :
1507 : �
1508 : /******************************
1509 : * *
1510 : * Key Derivation Functions *
1511 : * *
1512 : ******************************/
1513 :
1514 : /* Algorithm IDs for the KDFs. */
1515 : enum gcry_kdf_algos
1516 : {
1517 : GCRY_KDF_NONE = 0,
1518 : GCRY_KDF_SIMPLE_S2K = 16,
1519 : GCRY_KDF_SALTED_S2K = 17,
1520 : GCRY_KDF_ITERSALTED_S2K = 19,
1521 : GCRY_KDF_PBKDF1 = 33,
1522 : GCRY_KDF_PBKDF2 = 34,
1523 : GCRY_KDF_SCRYPT = 48
1524 : };
1525 :
1526 : /* Derive a key from a passphrase. */
1527 : gpg_error_t gcry_kdf_derive (const void *passphrase, size_t passphraselen,
1528 : int algo, int subalgo,
1529 : const void *salt, size_t saltlen,
1530 : unsigned long iterations,
1531 : size_t keysize, void *keybuffer);
1532 :
1533 :
1534 :
1535 : �
1536 : /************************************
1537 : * *
1538 : * Random Generating Functions *
1539 : * *
1540 : ************************************/
1541 :
1542 : /* The type of the random number generator. */
1543 : enum gcry_rng_types
1544 : {
1545 : GCRY_RNG_TYPE_STANDARD = 1, /* The default CSPRNG generator. */
1546 : GCRY_RNG_TYPE_FIPS = 2, /* The FIPS X9.31 AES generator. */
1547 : GCRY_RNG_TYPE_SYSTEM = 3 /* The system's native generator. */
1548 : };
1549 :
1550 : /* The possible values for the random quality. The rule of thumb is
1551 : to use STRONG for session keys and VERY_STRONG for key material.
1552 : WEAK is usually an alias for STRONG and should not be used anymore
1553 : (except with gcry_mpi_randomize); use gcry_create_nonce instead. */
1554 : typedef enum gcry_random_level
1555 : {
1556 : GCRY_WEAK_RANDOM = 0,
1557 : GCRY_STRONG_RANDOM = 1,
1558 : GCRY_VERY_STRONG_RANDOM = 2
1559 : }
1560 : gcry_random_level_t;
1561 :
1562 : /* Fill BUFFER with LENGTH bytes of random, using random numbers of
1563 : quality LEVEL. */
1564 : void gcry_randomize (void *buffer, size_t length,
1565 : enum gcry_random_level level);
1566 :
1567 : /* Add the external random from BUFFER with LENGTH bytes into the
1568 : pool. QUALITY should either be -1 for unknown or in the range of 0
1569 : to 100 */
1570 : gcry_error_t gcry_random_add_bytes (const void *buffer, size_t length,
1571 : int quality);
1572 :
1573 : /* If random numbers are used in an application, this macro should be
1574 : called from time to time so that new stuff gets added to the
1575 : internal pool of the RNG. */
1576 : #define gcry_fast_random_poll() gcry_control (GCRYCTL_FAST_POLL, NULL)
1577 :
1578 :
1579 : /* Return NBYTES of allocated random using a random numbers of quality
1580 : LEVEL. */
1581 : void *gcry_random_bytes (size_t nbytes, enum gcry_random_level level)
1582 : _GCRY_GCC_ATTR_MALLOC;
1583 :
1584 : /* Return NBYTES of allocated random using a random numbers of quality
1585 : LEVEL. The random numbers are created returned in "secure"
1586 : memory. */
1587 : void *gcry_random_bytes_secure (size_t nbytes, enum gcry_random_level level)
1588 : _GCRY_GCC_ATTR_MALLOC;
1589 :
1590 :
1591 : /* Set the big integer W to a random value of NBITS using a random
1592 : generator with quality LEVEL. Note that by using a level of
1593 : GCRY_WEAK_RANDOM gcry_create_nonce is used internally. */
1594 : void gcry_mpi_randomize (gcry_mpi_t w,
1595 : unsigned int nbits, enum gcry_random_level level);
1596 :
1597 :
1598 : /* Create an unpredicable nonce of LENGTH bytes in BUFFER. */
1599 : void gcry_create_nonce (void *buffer, size_t length);
1600 :
1601 :
1602 :
1603 :
1604 : �
1605 : /*******************************/
1606 : /* */
1607 : /* Prime Number Functions */
1608 : /* */
1609 : /*******************************/
1610 :
1611 : /* Mode values passed to a gcry_prime_check_func_t. */
1612 : #define GCRY_PRIME_CHECK_AT_FINISH 0
1613 : #define GCRY_PRIME_CHECK_AT_GOT_PRIME 1
1614 : #define GCRY_PRIME_CHECK_AT_MAYBE_PRIME 2
1615 :
1616 : /* The function should return 1 if the operation shall continue, 0 to
1617 : reject the prime candidate. */
1618 : typedef int (*gcry_prime_check_func_t) (void *arg, int mode,
1619 : gcry_mpi_t candidate);
1620 :
1621 : /* Flags for gcry_prime_generate(): */
1622 :
1623 : /* Allocate prime numbers and factors in secure memory. */
1624 : #define GCRY_PRIME_FLAG_SECRET (1 << 0)
1625 :
1626 : /* Make sure that at least one prime factor is of size
1627 : `FACTOR_BITS'. */
1628 : #define GCRY_PRIME_FLAG_SPECIAL_FACTOR (1 << 1)
1629 :
1630 : /* Generate a new prime number of PRIME_BITS bits and store it in
1631 : PRIME. If FACTOR_BITS is non-zero, one of the prime factors of
1632 : (prime - 1) / 2 must be FACTOR_BITS bits long. If FACTORS is
1633 : non-zero, allocate a new, NULL-terminated array holding the prime
1634 : factors and store it in FACTORS. FLAGS might be used to influence
1635 : the prime number generation process. */
1636 : gcry_error_t gcry_prime_generate (gcry_mpi_t *prime,
1637 : unsigned int prime_bits,
1638 : unsigned int factor_bits,
1639 : gcry_mpi_t **factors,
1640 : gcry_prime_check_func_t cb_func,
1641 : void *cb_arg,
1642 : gcry_random_level_t random_level,
1643 : unsigned int flags);
1644 :
1645 : /* Find a generator for PRIME where the factorization of (prime-1) is
1646 : in the NULL terminated array FACTORS. Return the generator as a
1647 : newly allocated MPI in R_G. If START_G is not NULL, use this as
1648 : the start for the search. */
1649 : gcry_error_t gcry_prime_group_generator (gcry_mpi_t *r_g,
1650 : gcry_mpi_t prime,
1651 : gcry_mpi_t *factors,
1652 : gcry_mpi_t start_g);
1653 :
1654 :
1655 : /* Convenience function to release the FACTORS array. */
1656 : void gcry_prime_release_factors (gcry_mpi_t *factors);
1657 :
1658 :
1659 : /* Check wether the number X is prime. */
1660 : gcry_error_t gcry_prime_check (gcry_mpi_t x, unsigned int flags);
1661 :
1662 :
1663 : �
1664 : /************************************
1665 : * *
1666 : * Miscellaneous Stuff *
1667 : * *
1668 : ************************************/
1669 :
1670 : /* Release the context object CTX. */
1671 : void gcry_ctx_release (gcry_ctx_t ctx);
1672 :
1673 : /* Log data using Libgcrypt's own log interface. */
1674 : void gcry_log_debug (const char *fmt, ...) _GCRY_GCC_ATTR_PRINTF(1,2);
1675 : void gcry_log_debughex (const char *text, const void *buffer, size_t length);
1676 : void gcry_log_debugmpi (const char *text, gcry_mpi_t mpi);
1677 : void gcry_log_debugpnt (const char *text,
1678 : gcry_mpi_point_t point, gcry_ctx_t ctx);
1679 : void gcry_log_debugsxp (const char *text, gcry_sexp_t sexp);
1680 :
1681 :
1682 : /* Log levels used by the internal logging facility. */
1683 : enum gcry_log_levels
1684 : {
1685 : GCRY_LOG_CONT = 0, /* (Continue the last log line.) */
1686 : GCRY_LOG_INFO = 10,
1687 : GCRY_LOG_WARN = 20,
1688 : GCRY_LOG_ERROR = 30,
1689 : GCRY_LOG_FATAL = 40,
1690 : GCRY_LOG_BUG = 50,
1691 : GCRY_LOG_DEBUG = 100
1692 : };
1693 :
1694 : /* Type for progress handlers. */
1695 : typedef void (*gcry_handler_progress_t) (void *, const char *, int, int, int);
1696 :
1697 : /* Type for memory allocation handlers. */
1698 : typedef void *(*gcry_handler_alloc_t) (size_t n);
1699 :
1700 : /* Type for secure memory check handlers. */
1701 : typedef int (*gcry_handler_secure_check_t) (const void *);
1702 :
1703 : /* Type for memory reallocation handlers. */
1704 : typedef void *(*gcry_handler_realloc_t) (void *p, size_t n);
1705 :
1706 : /* Type for memory free handlers. */
1707 : typedef void (*gcry_handler_free_t) (void *);
1708 :
1709 : /* Type for out-of-memory handlers. */
1710 : typedef int (*gcry_handler_no_mem_t) (void *, size_t, unsigned int);
1711 :
1712 : /* Type for fatal error handlers. */
1713 : typedef void (*gcry_handler_error_t) (void *, int, const char *);
1714 :
1715 : /* Type for logging handlers. */
1716 : typedef void (*gcry_handler_log_t) (void *, int, const char *, va_list);
1717 :
1718 : /* Certain operations can provide progress information. This function
1719 : is used to register a handler for retrieving these information. */
1720 : void gcry_set_progress_handler (gcry_handler_progress_t cb, void *cb_data);
1721 :
1722 :
1723 : /* Register a custom memory allocation functions. */
1724 : void gcry_set_allocation_handler (
1725 : gcry_handler_alloc_t func_alloc,
1726 : gcry_handler_alloc_t func_alloc_secure,
1727 : gcry_handler_secure_check_t func_secure_check,
1728 : gcry_handler_realloc_t func_realloc,
1729 : gcry_handler_free_t func_free);
1730 :
1731 : /* Register a function used instead of the internal out of memory
1732 : handler. */
1733 : void gcry_set_outofcore_handler (gcry_handler_no_mem_t h, void *opaque);
1734 :
1735 : /* Register a function used instead of the internal fatal error
1736 : handler. */
1737 : void gcry_set_fatalerror_handler (gcry_handler_error_t fnc, void *opaque);
1738 :
1739 : /* Register a function used instead of the internal logging
1740 : facility. */
1741 : void gcry_set_log_handler (gcry_handler_log_t f, void *opaque);
1742 :
1743 : /* Reserved for future use. */
1744 : void gcry_set_gettext_handler (const char *(*f)(const char*));
1745 :
1746 : /* Libgcrypt uses its own memory allocation. It is important to use
1747 : gcry_free () to release memory allocated by libgcrypt. */
1748 : void *gcry_malloc (size_t n) _GCRY_GCC_ATTR_MALLOC;
1749 : void *gcry_calloc (size_t n, size_t m) _GCRY_GCC_ATTR_MALLOC;
1750 : void *gcry_malloc_secure (size_t n) _GCRY_GCC_ATTR_MALLOC;
1751 : void *gcry_calloc_secure (size_t n, size_t m) _GCRY_GCC_ATTR_MALLOC;
1752 : void *gcry_realloc (void *a, size_t n);
1753 : char *gcry_strdup (const char *string) _GCRY_GCC_ATTR_MALLOC;
1754 : void *gcry_xmalloc (size_t n) _GCRY_GCC_ATTR_MALLOC;
1755 : void *gcry_xcalloc (size_t n, size_t m) _GCRY_GCC_ATTR_MALLOC;
1756 : void *gcry_xmalloc_secure (size_t n) _GCRY_GCC_ATTR_MALLOC;
1757 : void *gcry_xcalloc_secure (size_t n, size_t m) _GCRY_GCC_ATTR_MALLOC;
1758 : void *gcry_xrealloc (void *a, size_t n);
1759 : char *gcry_xstrdup (const char * a) _GCRY_GCC_ATTR_MALLOC;
1760 : void gcry_free (void *a);
1761 :
1762 : /* Return true if A is allocated in "secure" memory. */
1763 : int gcry_is_secure (const void *a) _GCRY_GCC_ATTR_PURE;
1764 :
1765 : /* Return true if Libgcrypt is in FIPS mode. */
1766 : #define gcry_fips_mode_active() !!gcry_control (GCRYCTL_FIPS_MODE_P, 0)
1767 :
1768 :
1769 : #if 0 /* (Keep Emacsens' auto-indent happy.) */
1770 : {
1771 : #endif
1772 : #ifdef __cplusplus
1773 : }
1774 : #endif
1775 : #endif /* _GCRYPT_H */
1776 : /*
1777 : Local Variables:
1778 : buffer-read-only: t
1779 : End:
1780 : */
|
