Branch data Line data Source code
1 : : /* gcrypt.h - GNU Cryptographic Library Interface -*- c -*-
2 : : Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2006
3 : : 2007, 2008, 2009 Free Software Foundation, Inc.
4 : :
5 : : This file is part of Libgcrypt.
6 : :
7 : : Libgcrypt is free software; you can redistribute it and/or modify
8 : : it under the terms of the GNU Lesser General Public License as
9 : : published by the Free Software Foundation; either version 2.1 of
10 : : the License, or (at your option) any later version.
11 : :
12 : : Libgcrypt is distributed in the hope that it will be useful,
13 : : but WITHOUT ANY WARRANTY; without even the implied warranty of
14 : : MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 : : GNU Lesser General Public License for more details.
16 : :
17 : : You should have received a copy of the GNU Lesser General Public
18 : : License along with this program; if not, see <http://www.gnu.org/licenses/>.
19 : :
20 : : File: src/gcrypt.h. Generated from gcrypt.h.in by configure. */
21 : :
22 : : #ifndef _GCRYPT_H
23 : : #define _GCRYPT_H
24 : :
25 : : #include <stdlib.h>
26 : : #include <stdarg.h>
27 : : #include <string.h>
28 : :
29 : : #include <gpg-error.h>
30 : :
31 : : #include <sys/types.h>
32 : :
33 : : #if defined _WIN32 || defined __WIN32__
34 : : # include <winsock2.h>
35 : : # include <ws2tcpip.h>
36 : : #else
37 : : # include <sys/socket.h>
38 : : #endif /*!_WIN32*/
39 : :
40 : : typedef socklen_t gcry_socklen_t;
41 : :
42 : : #include <sys/time.h>
43 : :
44 : : /* This is required for error code compatibility. */
45 : : #define _GCRY_ERR_SOURCE_DEFAULT GPG_ERR_SOURCE_GCRYPT
46 : :
47 : : #ifdef __cplusplus
48 : : extern "C" {
49 : : #if 0 /* (Keep Emacsens' auto-indent happy.) */
50 : : }
51 : : #endif
52 : : #endif
53 : :
54 : : /* The version of this header should match the one of the library. It
55 : : should not be used by a program because gcry_check_version() should
56 : : return the same version. The purpose of this macro is to let
57 : : autoconf (using the AM_PATH_GCRYPT macro) check that this header
58 : : matches the installed library. */
59 : : #define GCRYPT_VERSION "1.4.5"
60 : :
61 : : /* Internal: We can't use the convenience macros for the multi
62 : : precision integer functions when building this library. */
63 : : #ifdef _GCRYPT_IN_LIBGCRYPT
64 : : #ifndef GCRYPT_NO_MPI_MACROS
65 : : #define GCRYPT_NO_MPI_MACROS 1
66 : : #endif
67 : : #endif
68 : :
69 : : /* We want to use gcc attributes when possible. Warning: Don't use
70 : : these macros in your programs: As indicated by the leading
71 : : underscore they are subject to change without notice. */
72 : : #ifdef __GNUC__
73 : :
74 : : #define _GCRY_GCC_VERSION (__GNUC__ * 10000 \
75 : : + __GNUC_MINOR__ * 100 \
76 : : + __GNUC_PATCHLEVEL__)
77 : :
78 : : #if _GCRY_GCC_VERSION >= 30100
79 : : #define _GCRY_GCC_ATTR_DEPRECATED __attribute__ ((__deprecated__))
80 : : #endif
81 : :
82 : : #if _GCRY_GCC_VERSION >= 29600
83 : : #define _GCRY_GCC_ATTR_PURE __attribute__ ((__pure__))
84 : : #endif
85 : :
86 : : #if _GCRY_GCC_VERSION >= 30200
87 : : #define _GCRY_GCC_ATTR_MALLOC __attribute__ ((__malloc__))
88 : : #endif
89 : :
90 : : #endif /*__GNUC__*/
91 : :
92 : : #ifndef _GCRY_GCC_ATTR_DEPRECATED
93 : : #define _GCRY_GCC_ATTR_DEPRECATED
94 : : #endif
95 : : #ifndef _GCRY_GCC_ATTR_PURE
96 : : #define _GCRY_GCC_ATTR_PURE
97 : : #endif
98 : : #ifndef _GCRY_GCC_ATTR_MALLOC
99 : : #define _GCRY_GCC_ATTR_MALLOC
100 : : #endif
101 : :
102 : : /* Some members in a public type should only be used internally.
103 : : There is no "internal" attribute, so we abuse the deprecated
104 : : attribute to discourage external use. */
105 : : #ifdef _GCRYPT_IN_LIBGCRYPT
106 : : #define _GCRY_ATTR_INTERNAL
107 : : #else
108 : : #define _GCRY_ATTR_INTERNAL _GCRY_GCC_ATTR_DEPRECATED
109 : : #endif
110 : :
111 : : /* Wrappers for the libgpg-error library. */
112 : :
113 : : typedef gpg_error_t gcry_error_t;
114 : : typedef gpg_err_code_t gcry_err_code_t;
115 : : typedef gpg_err_source_t gcry_err_source_t;
116 : :
117 : : static GPG_ERR_INLINE gcry_error_t
118 : : gcry_err_make (gcry_err_source_t source, gcry_err_code_t code)
119 : : {
120 : : return gpg_err_make (source, code);
121 : : }
122 : :
123 : : /* The user can define GPG_ERR_SOURCE_DEFAULT before including this
124 : : file to specify a default source for gpg_error. */
125 : : #ifndef GCRY_ERR_SOURCE_DEFAULT
126 : : #define GCRY_ERR_SOURCE_DEFAULT GPG_ERR_SOURCE_USER_1
127 : : #endif
128 : :
129 : : static GPG_ERR_INLINE gcry_error_t
130 : : gcry_error (gcry_err_code_t code)
131 : : {
132 : : return gcry_err_make (GCRY_ERR_SOURCE_DEFAULT, code);
133 : : }
134 : :
135 : : static GPG_ERR_INLINE gcry_err_code_t
136 : 0 : gcry_err_code (gcry_error_t err)
137 : : {
138 : 0 : return gpg_err_code (err);
139 : : }
140 : :
141 : :
142 : : static GPG_ERR_INLINE gcry_err_source_t
143 : : gcry_err_source (gcry_error_t err)
144 : : {
145 : : return gpg_err_source (err);
146 : : }
147 : :
148 : : /* Return a pointer to a string containing a description of the error
149 : : code in the error value ERR. */
150 : : const char *gcry_strerror (gcry_error_t err);
151 : :
152 : : /* Return a pointer to a string containing a description of the error
153 : : source in the error value ERR. */
154 : : const char *gcry_strsource (gcry_error_t err);
155 : :
156 : : /* Retrieve the error code for the system error ERR. This returns
157 : : GPG_ERR_UNKNOWN_ERRNO if the system error is not mapped (report
158 : : this). */
159 : : gcry_err_code_t gcry_err_code_from_errno (int err);
160 : :
161 : : /* Retrieve the system error for the error code CODE. This returns 0
162 : : if CODE is not a system error code. */
163 : : int gcry_err_code_to_errno (gcry_err_code_t code);
164 : :
165 : : /* Return an error value with the error source SOURCE and the system
166 : : error ERR. */
167 : : gcry_error_t gcry_err_make_from_errno (gcry_err_source_t source, int err);
168 : :
169 : : /* Return an error value with the system error ERR. */
170 : : gcry_err_code_t gcry_error_from_errno (int err);
171 : :
172 : : �
173 : : /* This enum is deprecated; it is only declared for the sake of
174 : : complete API compatibility. */
175 : : enum gcry_thread_option
176 : : {
177 : : _GCRY_THREAD_OPTION_DUMMY
178 : : } _GCRY_GCC_ATTR_DEPRECATED;
179 : :
180 : :
181 : : /* Constants defining the thread model to use. Used with the OPTION
182 : : field of the struct gcry_thread_cbs. */
183 : : #define GCRY_THREAD_OPTION_DEFAULT 0
184 : : #define GCRY_THREAD_OPTION_USER 1
185 : : #define GCRY_THREAD_OPTION_PTH 2
186 : : #define GCRY_THREAD_OPTION_PTHREAD 3
187 : :
188 : : /* The version number encoded in the OPTION field of the struct
189 : : gcry_thread_cbs. */
190 : : #define GCRY_THREAD_OPTION_VERSION 0
191 : :
192 : : /* Wrapper for struct ath_ops. */
193 : : struct gcry_thread_cbs
194 : : {
195 : : /* The OPTION field encodes the thread model and the version number
196 : : of this structure.
197 : : Bits 7 - 0 are used for the thread model
198 : : Bits 15 - 8 are used for the version number.
199 : : */
200 : : unsigned int option;
201 : :
202 : : int (*init) (void);
203 : : int (*mutex_init) (void **priv);
204 : : int (*mutex_destroy) (void **priv);
205 : : int (*mutex_lock) (void **priv);
206 : : int (*mutex_unlock) (void **priv);
207 : : ssize_t (*read) (int fd, void *buf, size_t nbytes);
208 : : ssize_t (*write) (int fd, const void *buf, size_t nbytes);
209 : : #ifdef _WIN32
210 : : ssize_t (*select) (int nfd, void *rset, void *wset, void *eset,
211 : : struct timeval *timeout);
212 : : ssize_t (*waitpid) (pid_t pid, int *status, int options);
213 : : int (*accept) (int s, void *addr, int *length_ptr);
214 : : int (*connect) (int s, void *addr, gcry_socklen_t length);
215 : : int (*sendmsg) (int s, const void *msg, int flags);
216 : : int (*recvmsg) (int s, void *msg, int flags);
217 : : #else
218 : : ssize_t (*select) (int nfd, fd_set *rset, fd_set *wset, fd_set *eset,
219 : : struct timeval *timeout);
220 : : ssize_t (*waitpid) (pid_t pid, int *status, int options);
221 : : int (*accept) (int s, struct sockaddr *addr, gcry_socklen_t *length_ptr);
222 : : int (*connect) (int s, struct sockaddr *addr, gcry_socklen_t length);
223 : : int (*sendmsg) (int s, const struct msghdr *msg, int flags);
224 : : int (*recvmsg) (int s, struct msghdr *msg, int flags);
225 : : #endif
226 : : };
227 : :
228 : : #ifdef _WIN32
229 : : # define _GCRY_THREAD_OPTION_PTH_IMPL_NET \
230 : : static ssize_t gcry_pth_select (int nfd, void *rset, void *wset, \
231 : : void *eset, struct timeval *timeout) \
232 : : { return pth_select (nfd, rset, wset, eset, timeout); } \
233 : : static ssize_t gcry_pth_waitpid (pid_t pid, int *status, int options) \
234 : : { return pth_waitpid (pid, status, options); } \
235 : : static int gcry_pth_accept (int s, void *addr, \
236 : : gcry_socklen_t *length_ptr) \
237 : : { return pth_accept (s, addr, length_ptr); } \
238 : : static int gcry_pth_connect (int s, void *addr, \
239 : : gcry_socklen_t length) \
240 : : { return pth_connect (s, addr, length); }
241 : : #else /*!_WIN32*/
242 : : # define _GCRY_THREAD_OPTION_PTH_IMPL_NET \
243 : : static ssize_t gcry_pth_select (int nfd, fd_set *rset, fd_set *wset, \
244 : : fd_set *eset, struct timeval *timeout) \
245 : : { return pth_select (nfd, rset, wset, eset, timeout); } \
246 : : static ssize_t gcry_pth_waitpid (pid_t pid, int *status, int options) \
247 : : { return pth_waitpid (pid, status, options); } \
248 : : static int gcry_pth_accept (int s, struct sockaddr *addr, \
249 : : gcry_socklen_t *length_ptr) \
250 : : { return pth_accept (s, addr, length_ptr); } \
251 : : static int gcry_pth_connect (int s, struct sockaddr *addr, \
252 : : gcry_socklen_t length) \
253 : : { return pth_connect (s, addr, length); }
254 : : #endif /*!_WIN32*/
255 : :
256 : :
257 : :
258 : : #define GCRY_THREAD_OPTION_PTH_IMPL \
259 : : static int gcry_pth_init (void) \
260 : : { return (pth_init () == FALSE) ? errno : 0; } \
261 : : static int gcry_pth_mutex_init (void **priv) \
262 : : { \
263 : : int err = 0; \
264 : : pth_mutex_t *lock = malloc (sizeof (pth_mutex_t)); \
265 : : \
266 : : if (!lock) \
267 : : err = ENOMEM; \
268 : : if (!err) \
269 : : { \
270 : : err = pth_mutex_init (lock); \
271 : : if (err == FALSE) \
272 : : err = errno; \
273 : : else \
274 : : err = 0; \
275 : : if (err) \
276 : : free (lock); \
277 : : else \
278 : : *priv = lock; \
279 : : } \
280 : : return err; \
281 : : } \
282 : : static int gcry_pth_mutex_destroy (void **lock) \
283 : : { /* GNU Pth has no destructor function. */ free (*lock); return 0; } \
284 : : static int gcry_pth_mutex_lock (void **lock) \
285 : : { return ((pth_mutex_acquire (*lock, 0, NULL)) == FALSE) \
286 : : ? errno : 0; } \
287 : : static int gcry_pth_mutex_unlock (void **lock) \
288 : : { return ((pth_mutex_release (*lock)) == FALSE) \
289 : : ? errno : 0; } \
290 : : static ssize_t gcry_pth_read (int fd, void *buf, size_t nbytes) \
291 : : { return pth_read (fd, buf, nbytes); } \
292 : : static ssize_t gcry_pth_write (int fd, const void *buf, size_t nbytes) \
293 : : { return pth_write (fd, buf, nbytes); } \
294 : : _GCRY_THREAD_OPTION_PTH_IMPL_NET \
295 : : \
296 : : /* Note: GNU Pth is missing pth_sendmsg and pth_recvmsg. */ \
297 : : static struct gcry_thread_cbs gcry_threads_pth = { \
298 : : (GCRY_THREAD_OPTION_PTH | (GCRY_THREAD_OPTION_VERSION << 8)), \
299 : : gcry_pth_init, gcry_pth_mutex_init, gcry_pth_mutex_destroy, \
300 : : gcry_pth_mutex_lock, gcry_pth_mutex_unlock, gcry_pth_read, gcry_pth_write, \
301 : : gcry_pth_select, gcry_pth_waitpid, gcry_pth_accept, gcry_pth_connect, \
302 : : NULL, NULL }
303 : :
304 : :
305 : : #define GCRY_THREAD_OPTION_PTHREAD_IMPL \
306 : : static int gcry_pthread_mutex_init (void **priv) \
307 : : { \
308 : : int err = 0; \
309 : : pthread_mutex_t *lock = (pthread_mutex_t*)malloc (sizeof (pthread_mutex_t));\
310 : : \
311 : : if (!lock) \
312 : : err = ENOMEM; \
313 : : if (!err) \
314 : : { \
315 : : err = pthread_mutex_init (lock, NULL); \
316 : : if (err) \
317 : : free (lock); \
318 : : else \
319 : : *priv = lock; \
320 : : } \
321 : : return err; \
322 : : } \
323 : : static int gcry_pthread_mutex_destroy (void **lock) \
324 : : { int err = pthread_mutex_destroy ((pthread_mutex_t*)*lock); \
325 : : free (*lock); return err; } \
326 : : static int gcry_pthread_mutex_lock (void **lock) \
327 : : { return pthread_mutex_lock ((pthread_mutex_t*)*lock); } \
328 : : static int gcry_pthread_mutex_unlock (void **lock) \
329 : : { return pthread_mutex_unlock ((pthread_mutex_t*)*lock); } \
330 : : \
331 : : static struct gcry_thread_cbs gcry_threads_pthread = { \
332 : : (GCRY_THREAD_OPTION_PTHREAD | (GCRY_THREAD_OPTION_VERSION << 8)), \
333 : : NULL, gcry_pthread_mutex_init, gcry_pthread_mutex_destroy, \
334 : : gcry_pthread_mutex_lock, gcry_pthread_mutex_unlock, \
335 : : NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL }
336 : :
337 : : �
338 : : /* The data object used to hold a multi precision integer. */
339 : : struct gcry_mpi;
340 : : typedef struct gcry_mpi *gcry_mpi_t;
341 : :
342 : : #ifndef GCRYPT_NO_DEPRECATED
343 : : typedef struct gcry_mpi *GCRY_MPI _GCRY_GCC_ATTR_DEPRECATED;
344 : : typedef struct gcry_mpi *GcryMPI _GCRY_GCC_ATTR_DEPRECATED;
345 : : #endif
346 : :
347 : : �
348 : :
349 : : /* Check that the library fulfills the version requirement. */
350 : : const char *gcry_check_version (const char *req_version);
351 : :
352 : : /* Codes for function dispatchers. */
353 : :
354 : : /* Codes used with the gcry_control function. */
355 : : enum gcry_ctl_cmds
356 : : {
357 : : GCRYCTL_SET_KEY = 1,
358 : : GCRYCTL_SET_IV = 2,
359 : : GCRYCTL_CFB_SYNC = 3,
360 : : GCRYCTL_RESET = 4, /* e.g. for MDs */
361 : : GCRYCTL_FINALIZE = 5,
362 : : GCRYCTL_GET_KEYLEN = 6,
363 : : GCRYCTL_GET_BLKLEN = 7,
364 : : GCRYCTL_TEST_ALGO = 8,
365 : : GCRYCTL_IS_SECURE = 9,
366 : : GCRYCTL_GET_ASNOID = 10,
367 : : GCRYCTL_ENABLE_ALGO = 11,
368 : : GCRYCTL_DISABLE_ALGO = 12,
369 : : GCRYCTL_DUMP_RANDOM_STATS = 13,
370 : : GCRYCTL_DUMP_SECMEM_STATS = 14,
371 : : GCRYCTL_GET_ALGO_NPKEY = 15,
372 : : GCRYCTL_GET_ALGO_NSKEY = 16,
373 : : GCRYCTL_GET_ALGO_NSIGN = 17,
374 : : GCRYCTL_GET_ALGO_NENCR = 18,
375 : : GCRYCTL_SET_VERBOSITY = 19,
376 : : GCRYCTL_SET_DEBUG_FLAGS = 20,
377 : : GCRYCTL_CLEAR_DEBUG_FLAGS = 21,
378 : : GCRYCTL_USE_SECURE_RNDPOOL= 22,
379 : : GCRYCTL_DUMP_MEMORY_STATS = 23,
380 : : GCRYCTL_INIT_SECMEM = 24,
381 : : GCRYCTL_TERM_SECMEM = 25,
382 : : GCRYCTL_DISABLE_SECMEM_WARN = 27,
383 : : GCRYCTL_SUSPEND_SECMEM_WARN = 28,
384 : : GCRYCTL_RESUME_SECMEM_WARN = 29,
385 : : GCRYCTL_DROP_PRIVS = 30,
386 : : GCRYCTL_ENABLE_M_GUARD = 31,
387 : : GCRYCTL_START_DUMP = 32,
388 : : GCRYCTL_STOP_DUMP = 33,
389 : : GCRYCTL_GET_ALGO_USAGE = 34,
390 : : GCRYCTL_IS_ALGO_ENABLED = 35,
391 : : GCRYCTL_DISABLE_INTERNAL_LOCKING = 36,
392 : : GCRYCTL_DISABLE_SECMEM = 37,
393 : : GCRYCTL_INITIALIZATION_FINISHED = 38,
394 : : GCRYCTL_INITIALIZATION_FINISHED_P = 39,
395 : : GCRYCTL_ANY_INITIALIZATION_P = 40,
396 : : GCRYCTL_SET_CBC_CTS = 41,
397 : : GCRYCTL_SET_CBC_MAC = 42,
398 : : GCRYCTL_SET_CTR = 43,
399 : : GCRYCTL_ENABLE_QUICK_RANDOM = 44,
400 : : GCRYCTL_SET_RANDOM_SEED_FILE = 45,
401 : : GCRYCTL_UPDATE_RANDOM_SEED_FILE = 46,
402 : : GCRYCTL_SET_THREAD_CBS = 47,
403 : : GCRYCTL_FAST_POLL = 48,
404 : : GCRYCTL_SET_RANDOM_DAEMON_SOCKET = 49,
405 : : GCRYCTL_USE_RANDOM_DAEMON = 50,
406 : : GCRYCTL_FAKED_RANDOM_P = 51,
407 : : GCRYCTL_SET_RNDEGD_SOCKET = 52,
408 : : GCRYCTL_PRINT_CONFIG = 53,
409 : : GCRYCTL_OPERATIONAL_P = 54,
410 : : GCRYCTL_FIPS_MODE_P = 55,
411 : : GCRYCTL_FORCE_FIPS_MODE = 56,
412 : : GCRYCTL_SELFTEST = 57
413 : : /* Note: 58 .. 62 are used internally. */
414 : : };
415 : :
416 : : /* Perform various operations defined by CMD. */
417 : : gcry_error_t gcry_control (enum gcry_ctl_cmds CMD, ...);
418 : :
419 : : �
420 : : /* S-expression management. */
421 : :
422 : : /* The object to represent an S-expression as used with the public key
423 : : functions. */
424 : : struct gcry_sexp;
425 : : typedef struct gcry_sexp *gcry_sexp_t;
426 : :
427 : : #ifndef GCRYPT_NO_DEPRECATED
428 : : typedef struct gcry_sexp *GCRY_SEXP _GCRY_GCC_ATTR_DEPRECATED;
429 : : typedef struct gcry_sexp *GcrySexp _GCRY_GCC_ATTR_DEPRECATED;
430 : : #endif
431 : :
432 : : /* The possible values for the S-expression format. */
433 : : enum gcry_sexp_format
434 : : {
435 : : GCRYSEXP_FMT_DEFAULT = 0,
436 : : GCRYSEXP_FMT_CANON = 1,
437 : : GCRYSEXP_FMT_BASE64 = 2,
438 : : GCRYSEXP_FMT_ADVANCED = 3
439 : : };
440 : :
441 : : /* Create an new S-expression object from BUFFER of size LENGTH and
442 : : return it in RETSEXP. With AUTODETECT set to 0 the data in BUFFER
443 : : is expected to be in canonized format. */
444 : : gcry_error_t gcry_sexp_new (gcry_sexp_t *retsexp,
445 : : const void *buffer, size_t length,
446 : : int autodetect);
447 : :
448 : : /* Same as gcry_sexp_new but allows to pass a FREEFNC which has the
449 : : effect to transfer ownership of BUFFER to the created object. */
450 : : gcry_error_t gcry_sexp_create (gcry_sexp_t *retsexp,
451 : : void *buffer, size_t length,
452 : : int autodetect, void (*freefnc) (void *));
453 : :
454 : : /* Scan BUFFER and return a new S-expression object in RETSEXP. This
455 : : function expects a printf like string in BUFFER. */
456 : : gcry_error_t gcry_sexp_sscan (gcry_sexp_t *retsexp, size_t *erroff,
457 : : const char *buffer, size_t length);
458 : :
459 : : /* Same as gcry_sexp_sscan but expects a string in FORMAT and can thus
460 : : only be used for certain encodings. */
461 : : gcry_error_t gcry_sexp_build (gcry_sexp_t *retsexp, size_t *erroff,
462 : : const char *format, ...);
463 : :
464 : : /* Like gcry_sexp_build, but uses an array instead of variable
465 : : function arguments. */
466 : : gcry_error_t gcry_sexp_build_array (gcry_sexp_t *retsexp, size_t *erroff,
467 : : const char *format, void **arg_list);
468 : :
469 : : /* Release the S-expression object SEXP */
470 : : void gcry_sexp_release (gcry_sexp_t sexp);
471 : :
472 : : /* Calculate the length of an canonized S-expresion in BUFFER and
473 : : check for a valid encoding. */
474 : : size_t gcry_sexp_canon_len (const unsigned char *buffer, size_t length,
475 : : size_t *erroff, gcry_error_t *errcode);
476 : :
477 : : /* Copies the S-expression object SEXP into BUFFER using the format
478 : : specified in MODE. */
479 : : size_t gcry_sexp_sprint (gcry_sexp_t sexp, int mode, void *buffer,
480 : : size_t maxlength);
481 : :
482 : : /* Dumps the S-expression object A in a format suitable for debugging
483 : : to Libgcrypt's logging stream. */
484 : : void gcry_sexp_dump (const gcry_sexp_t a);
485 : :
486 : : gcry_sexp_t gcry_sexp_cons (const gcry_sexp_t a, const gcry_sexp_t b);
487 : : gcry_sexp_t gcry_sexp_alist (const gcry_sexp_t *array);
488 : : gcry_sexp_t gcry_sexp_vlist (const gcry_sexp_t a, ...);
489 : : gcry_sexp_t gcry_sexp_append (const gcry_sexp_t a, const gcry_sexp_t n);
490 : : gcry_sexp_t gcry_sexp_prepend (const gcry_sexp_t a, const gcry_sexp_t n);
491 : :
492 : : /* Scan the S-expression for a sublist with a type (the car of the
493 : : list) matching the string TOKEN. If TOKLEN is not 0, the token is
494 : : assumed to be raw memory of this length. The function returns a
495 : : newly allocated S-expression consisting of the found sublist or
496 : : `NULL' when not found. */
497 : : gcry_sexp_t gcry_sexp_find_token (gcry_sexp_t list,
498 : : const char *tok, size_t toklen);
499 : : /* Return the length of the LIST. For a valid S-expression this
500 : : should be at least 1. */
501 : : int gcry_sexp_length (const gcry_sexp_t list);
502 : :
503 : : /* Create and return a new S-expression from the element with index
504 : : NUMBER in LIST. Note that the first element has the index 0. If
505 : : there is no such element, `NULL' is returned. */
506 : : gcry_sexp_t gcry_sexp_nth (const gcry_sexp_t list, int number);
507 : :
508 : : /* Create and return a new S-expression from the first element in
509 : : LIST; this called the "type" and should always exist and be a
510 : : string. `NULL' is returned in case of a problem. */
511 : : gcry_sexp_t gcry_sexp_car (const gcry_sexp_t list);
512 : :
513 : : /* Create and return a new list form all elements except for the first
514 : : one. Note, that this function may return an invalid S-expression
515 : : because it is not guaranteed, that the type exists and is a string.
516 : : However, for parsing a complex S-expression it might be useful for
517 : : intermediate lists. Returns `NULL' on error. */
518 : : gcry_sexp_t gcry_sexp_cdr (const gcry_sexp_t list);
519 : :
520 : : gcry_sexp_t gcry_sexp_cadr (const gcry_sexp_t list);
521 : :
522 : :
523 : : /* This function is used to get data from a LIST. A pointer to the
524 : : actual data with index NUMBER is returned and the length of this
525 : : data will be stored to DATALEN. If there is no data at the given
526 : : index or the index represents another list, `NULL' is returned.
527 : : *Note:* The returned pointer is valid as long as LIST is not
528 : : modified or released. */
529 : : const char *gcry_sexp_nth_data (const gcry_sexp_t list, int number,
530 : : size_t *datalen);
531 : :
532 : : /* This function is used to get and convert data from a LIST. The
533 : : data is assumed to be a Nul terminated string. The caller must
534 : : release the returned value using `gcry_free'. If there is no data
535 : : at the given index, the index represents a list or the value can't
536 : : be converted to a string, `NULL' is returned. */
537 : : char *gcry_sexp_nth_string (gcry_sexp_t list, int number);
538 : :
539 : : /* This function is used to get and convert data from a LIST. This
540 : : data is assumed to be an MPI stored in the format described by
541 : : MPIFMT and returned as a standard Libgcrypt MPI. The caller must
542 : : release this returned value using `gcry_mpi_release'. If there is
543 : : no data at the given index, the index represents a list or the
544 : : value can't be converted to an MPI, `NULL' is returned. */
545 : : gcry_mpi_t gcry_sexp_nth_mpi (gcry_sexp_t list, int number, int mpifmt);
546 : :
547 : :
548 : : �
549 : : /*******************************************
550 : : * *
551 : : * Multi Precision Integer Functions *
552 : : * *
553 : : *******************************************/
554 : :
555 : : /* Different formats of external big integer representation. */
556 : : enum gcry_mpi_format
557 : : {
558 : : GCRYMPI_FMT_NONE= 0,
559 : : GCRYMPI_FMT_STD = 1, /* Twos complement stored without length. */
560 : : GCRYMPI_FMT_PGP = 2, /* As used by OpenPGP (unsigned only). */
561 : : GCRYMPI_FMT_SSH = 3, /* As used by SSH (like STD but with length). */
562 : : GCRYMPI_FMT_HEX = 4, /* Hex format. */
563 : : GCRYMPI_FMT_USG = 5 /* Like STD but unsigned. */
564 : : };
565 : :
566 : : /* Flags used for creating big integers. */
567 : : enum gcry_mpi_flag
568 : : {
569 : : GCRYMPI_FLAG_SECURE = 1, /* Allocate the number in "secure" memory. */
570 : : GCRYMPI_FLAG_OPAQUE = 2 /* The number is not a real one but just
571 : : a way to store some bytes. This is
572 : : useful for encrypted big integers. */
573 : : };
574 : :
575 : :
576 : : /* Allocate a new big integer object, initialize it with 0 and
577 : : initially allocate memory for a number of at least NBITS. */
578 : : gcry_mpi_t gcry_mpi_new (unsigned int nbits);
579 : :
580 : : /* Same as gcry_mpi_new() but allocate in "secure" memory. */
581 : : gcry_mpi_t gcry_mpi_snew (unsigned int nbits);
582 : :
583 : : /* Release the number A and free all associated resources. */
584 : : void gcry_mpi_release (gcry_mpi_t a);
585 : :
586 : : /* Create a new number with the same value as A. */
587 : : gcry_mpi_t gcry_mpi_copy (const gcry_mpi_t a);
588 : :
589 : : /* Store the big integer value U in W. */
590 : : gcry_mpi_t gcry_mpi_set (gcry_mpi_t w, const gcry_mpi_t u);
591 : :
592 : : /* Store the unsigned integer value U in W. */
593 : : gcry_mpi_t gcry_mpi_set_ui (gcry_mpi_t w, unsigned long u);
594 : :
595 : : /* Swap the values of A and B. */
596 : : void gcry_mpi_swap (gcry_mpi_t a, gcry_mpi_t b);
597 : :
598 : : /* Compare the big integer number U and V returning 0 for equality, a
599 : : positive value for U > V and a negative for U < V. */
600 : : int gcry_mpi_cmp (const gcry_mpi_t u, const gcry_mpi_t v);
601 : :
602 : : /* Compare the big integer number U with the unsigned integer V
603 : : returning 0 for equality, a positive value for U > V and a negative
604 : : for U < V. */
605 : : int gcry_mpi_cmp_ui (const gcry_mpi_t u, unsigned long v);
606 : :
607 : : /* Convert the external representation of an integer stored in BUFFER
608 : : with a length of BUFLEN into a newly create MPI returned in
609 : : RET_MPI. If NSCANNED is not NULL, it will receive the number of
610 : : bytes actually scanned after a successful operation. */
611 : : gcry_error_t gcry_mpi_scan (gcry_mpi_t *ret_mpi, enum gcry_mpi_format format,
612 : : const void *buffer, size_t buflen,
613 : : size_t *nscanned);
614 : :
615 : : /* Convert the big integer A into the external representation
616 : : described by FORMAT and store it in the provided BUFFER which has
617 : : been allocated by the user with a size of BUFLEN bytes. NWRITTEN
618 : : receives the actual length of the external representation unless it
619 : : has been passed as NULL. */
620 : : gcry_error_t gcry_mpi_print (enum gcry_mpi_format format,
621 : : unsigned char *buffer, size_t buflen,
622 : : size_t *nwritten,
623 : : const gcry_mpi_t a);
624 : :
625 : : /* Convert the big integer A int the external representation described
626 : : by FORMAT and store it in a newly allocated buffer which address
627 : : will be put into BUFFER. NWRITTEN receives the actual lengths of the
628 : : external representation. */
629 : : gcry_error_t gcry_mpi_aprint (enum gcry_mpi_format format,
630 : : unsigned char **buffer, size_t *nwritten,
631 : : const gcry_mpi_t a);
632 : :
633 : : /* Dump the value of A in a format suitable for debugging to
634 : : Libgcrypt's logging stream. Note that one leading space but no
635 : : trailing space or linefeed will be printed. It is okay to pass
636 : : NULL for A. */
637 : : void gcry_mpi_dump (const gcry_mpi_t a);
638 : :
639 : :
640 : : /* W = U + V. */
641 : : void gcry_mpi_add (gcry_mpi_t w, gcry_mpi_t u, gcry_mpi_t v);
642 : :
643 : : /* W = U + V. V is an unsigned integer. */
644 : : void gcry_mpi_add_ui (gcry_mpi_t w, gcry_mpi_t u, unsigned long v);
645 : :
646 : : /* W = U + V mod M. */
647 : : void gcry_mpi_addm (gcry_mpi_t w, gcry_mpi_t u, gcry_mpi_t v, gcry_mpi_t m);
648 : :
649 : : /* W = U - V. */
650 : : void gcry_mpi_sub (gcry_mpi_t w, gcry_mpi_t u, gcry_mpi_t v);
651 : :
652 : : /* W = U - V. V is an unsigned integer. */
653 : : void gcry_mpi_sub_ui (gcry_mpi_t w, gcry_mpi_t u, unsigned long v );
654 : :
655 : : /* W = U - V mod M */
656 : : void gcry_mpi_subm (gcry_mpi_t w, gcry_mpi_t u, gcry_mpi_t v, gcry_mpi_t m);
657 : :
658 : : /* W = U * V. */
659 : : void gcry_mpi_mul (gcry_mpi_t w, gcry_mpi_t u, gcry_mpi_t v);
660 : :
661 : : /* W = U * V. V is an unsigned integer. */
662 : : void gcry_mpi_mul_ui (gcry_mpi_t w, gcry_mpi_t u, unsigned long v );
663 : :
664 : : /* W = U * V mod M. */
665 : : void gcry_mpi_mulm (gcry_mpi_t w, gcry_mpi_t u, gcry_mpi_t v, gcry_mpi_t m);
666 : :
667 : : /* W = U * (2 ^ CNT). */
668 : : void gcry_mpi_mul_2exp (gcry_mpi_t w, gcry_mpi_t u, unsigned long cnt);
669 : :
670 : : /* Q = DIVIDEND / DIVISOR, R = DIVIDEND % DIVISOR,
671 : : Q or R may be passed as NULL. ROUND should be negative or 0. */
672 : : void gcry_mpi_div (gcry_mpi_t q, gcry_mpi_t r,
673 : : gcry_mpi_t dividend, gcry_mpi_t divisor, int round);
674 : :
675 : : /* R = DIVIDEND % DIVISOR */
676 : : void gcry_mpi_mod (gcry_mpi_t r, gcry_mpi_t dividend, gcry_mpi_t divisor);
677 : :
678 : : /* W = B ^ E mod M. */
679 : : void gcry_mpi_powm (gcry_mpi_t w,
680 : : const gcry_mpi_t b, const gcry_mpi_t e,
681 : : const gcry_mpi_t m);
682 : :
683 : : /* Set G to the greatest common divisor of A and B.
684 : : Return true if the G is 1. */
685 : : int gcry_mpi_gcd (gcry_mpi_t g, gcry_mpi_t a, gcry_mpi_t b);
686 : :
687 : : /* Set X to the multiplicative inverse of A mod M.
688 : : Return true if the value exists. */
689 : : int gcry_mpi_invm (gcry_mpi_t x, gcry_mpi_t a, gcry_mpi_t m);
690 : :
691 : :
692 : : /* Return the number of bits required to represent A. */
693 : : unsigned int gcry_mpi_get_nbits (gcry_mpi_t a);
694 : :
695 : : /* Return true when bit number N (counting from 0) is set in A. */
696 : : int gcry_mpi_test_bit (gcry_mpi_t a, unsigned int n);
697 : :
698 : : /* Set bit number N in A. */
699 : : void gcry_mpi_set_bit (gcry_mpi_t a, unsigned int n);
700 : :
701 : : /* Clear bit number N in A. */
702 : : void gcry_mpi_clear_bit (gcry_mpi_t a, unsigned int n);
703 : :
704 : : /* Set bit number N in A and clear all bits greater than N. */
705 : : void gcry_mpi_set_highbit (gcry_mpi_t a, unsigned int n);
706 : :
707 : : /* Clear bit number N in A and all bits greater than N. */
708 : : void gcry_mpi_clear_highbit (gcry_mpi_t a, unsigned int n);
709 : :
710 : : /* Shift the value of A by N bits to the right and store the result in X. */
711 : : void gcry_mpi_rshift (gcry_mpi_t x, gcry_mpi_t a, unsigned int n);
712 : :
713 : : /* Shift the value of A by N bits to the left and store the result in X. */
714 : : void gcry_mpi_lshift (gcry_mpi_t x, gcry_mpi_t a, unsigned int n);
715 : :
716 : : /* Store NBITS of the value P points to in A and mark A as an opaque
717 : : value. WARNING: Never use an opaque MPI for anything thing else then
718 : : gcry_mpi_release, gcry_mpi_get_opaque. */
719 : : gcry_mpi_t gcry_mpi_set_opaque (gcry_mpi_t a, void *p, unsigned int nbits);
720 : :
721 : : /* Return a pointer to an opaque value stored in A and return its size
722 : : in NBITS. Note that the returned pointer is still owned by A and
723 : : that the function should never be used for an non-opaque MPI. */
724 : : void *gcry_mpi_get_opaque (gcry_mpi_t a, unsigned int *nbits);
725 : :
726 : : /* Set the FLAG for the big integer A. Currently only the flag
727 : : GCRYMPI_FLAG_SECURE is allowed to convert A into an big intger
728 : : stored in "secure" memory. */
729 : : void gcry_mpi_set_flag (gcry_mpi_t a, enum gcry_mpi_flag flag);
730 : :
731 : : /* Clear FLAG for the big integer A. Note that this function is
732 : : currently useless as no flags are allowed. */
733 : : void gcry_mpi_clear_flag (gcry_mpi_t a, enum gcry_mpi_flag flag);
734 : :
735 : : /* Return true when the FLAG is set for A. */
736 : : int gcry_mpi_get_flag (gcry_mpi_t a, enum gcry_mpi_flag flag);
737 : :
738 : : /* Unless the GCRYPT_NO_MPI_MACROS is used, provide a couple of
739 : : convenience macros for the big integer functions. */
740 : : #ifndef GCRYPT_NO_MPI_MACROS
741 : : #define mpi_new(n) gcry_mpi_new( (n) )
742 : : #define mpi_secure_new( n ) gcry_mpi_snew( (n) )
743 : : #define mpi_release(a) \
744 : : do \
745 : : { \
746 : : gcry_mpi_release ((a)); \
747 : : (a) = NULL; \
748 : : } \
749 : : while (0)
750 : :
751 : : #define mpi_copy( a ) gcry_mpi_copy( (a) )
752 : : #define mpi_set( w, u) gcry_mpi_set( (w), (u) )
753 : : #define mpi_set_ui( w, u) gcry_mpi_set_ui( (w), (u) )
754 : : #define mpi_cmp( u, v ) gcry_mpi_cmp( (u), (v) )
755 : : #define mpi_cmp_ui( u, v ) gcry_mpi_cmp_ui( (u), (v) )
756 : :
757 : : #define mpi_add_ui(w,u,v) gcry_mpi_add_ui((w),(u),(v))
758 : : #define mpi_add(w,u,v) gcry_mpi_add ((w),(u),(v))
759 : : #define mpi_addm(w,u,v,m) gcry_mpi_addm ((w),(u),(v),(m))
760 : : #define mpi_sub_ui(w,u,v) gcry_mpi_sub_ui ((w),(u),(v))
761 : : #define mpi_sub(w,u,v) gcry_mpi_sub ((w),(u),(v))
762 : : #define mpi_subm(w,u,v,m) gcry_mpi_subm ((w),(u),(v),(m))
763 : : #define mpi_mul_ui(w,u,v) gcry_mpi_mul_ui ((w),(u),(v))
764 : : #define mpi_mul_2exp(w,u,v) gcry_mpi_mul_2exp ((w),(u),(v))
765 : : #define mpi_mul(w,u,v) gcry_mpi_mul ((w),(u),(v))
766 : : #define mpi_mulm(w,u,v,m) gcry_mpi_mulm ((w),(u),(v),(m))
767 : : #define mpi_powm(w,b,e,m) gcry_mpi_powm ( (w), (b), (e), (m) )
768 : : #define mpi_tdiv(q,r,a,m) gcry_mpi_div ( (q), (r), (a), (m), 0)
769 : : #define mpi_fdiv(q,r,a,m) gcry_mpi_div ( (q), (r), (a), (m), -1)
770 : : #define mpi_mod(r,a,m) gcry_mpi_mod ((r), (a), (m))
771 : : #define mpi_gcd(g,a,b) gcry_mpi_gcd ( (g), (a), (b) )
772 : : #define mpi_invm(g,a,b) gcry_mpi_invm ( (g), (a), (b) )
773 : :
774 : : #define mpi_get_nbits(a) gcry_mpi_get_nbits ((a))
775 : : #define mpi_test_bit(a,b) gcry_mpi_test_bit ((a),(b))
776 : : #define mpi_set_bit(a,b) gcry_mpi_set_bit ((a),(b))
777 : : #define mpi_set_highbit(a,b) gcry_mpi_set_highbit ((a),(b))
778 : : #define mpi_clear_bit(a,b) gcry_mpi_clear_bit ((a),(b))
779 : : #define mpi_clear_highbit(a,b) gcry_mpi_clear_highbit ((a),(b))
780 : : #define mpi_rshift(a,b,c) gcry_mpi_rshift ((a),(b),(c))
781 : : #define mpi_lshift(a,b,c) gcry_mpi_lshift ((a),(b),(c))
782 : :
783 : : #define mpi_set_opaque(a,b,c) gcry_mpi_set_opaque( (a), (b), (c) )
784 : : #define mpi_get_opaque(a,b) gcry_mpi_get_opaque( (a), (b) )
785 : : #endif /* GCRYPT_NO_MPI_MACROS */
786 : :
787 : :
788 : : �
789 : : /************************************
790 : : * *
791 : : * Symmetric Cipher Functions *
792 : : * *
793 : : ************************************/
794 : :
795 : : /* The data object used to hold a handle to an encryption object. */
796 : : struct gcry_cipher_handle;
797 : : typedef struct gcry_cipher_handle *gcry_cipher_hd_t;
798 : :
799 : : #ifndef GCRYPT_NO_DEPRECATED
800 : : typedef struct gcry_cipher_handle *GCRY_CIPHER_HD _GCRY_GCC_ATTR_DEPRECATED;
801 : : typedef struct gcry_cipher_handle *GcryCipherHd _GCRY_GCC_ATTR_DEPRECATED;
802 : : #endif
803 : :
804 : : /* All symmetric encryption algorithms are identified by their IDs.
805 : : More IDs may be registered at runtime. */
806 : : enum gcry_cipher_algos
807 : : {
808 : : GCRY_CIPHER_NONE = 0,
809 : : GCRY_CIPHER_IDEA = 1,
810 : : GCRY_CIPHER_3DES = 2,
811 : : GCRY_CIPHER_CAST5 = 3,
812 : : GCRY_CIPHER_BLOWFISH = 4,
813 : : GCRY_CIPHER_SAFER_SK128 = 5,
814 : : GCRY_CIPHER_DES_SK = 6,
815 : : GCRY_CIPHER_AES = 7,
816 : : GCRY_CIPHER_AES192 = 8,
817 : : GCRY_CIPHER_AES256 = 9,
818 : : GCRY_CIPHER_TWOFISH = 10,
819 : :
820 : : /* Other cipher numbers are above 300 for OpenPGP reasons. */
821 : : GCRY_CIPHER_ARCFOUR = 301, /* Fully compatible with RSA's RC4 (tm). */
822 : : GCRY_CIPHER_DES = 302, /* Yes, this is single key 56 bit DES. */
823 : : GCRY_CIPHER_TWOFISH128 = 303,
824 : : GCRY_CIPHER_SERPENT128 = 304,
825 : : GCRY_CIPHER_SERPENT192 = 305,
826 : : GCRY_CIPHER_SERPENT256 = 306,
827 : : GCRY_CIPHER_RFC2268_40 = 307, /* Ron's Cipher 2 (40 bit). */
828 : : GCRY_CIPHER_RFC2268_128 = 308, /* Ron's Cipher 2 (128 bit). */
829 : : GCRY_CIPHER_SEED = 309, /* 128 bit cipher described in RFC4269. */
830 : : GCRY_CIPHER_CAMELLIA128 = 310,
831 : : GCRY_CIPHER_CAMELLIA192 = 311,
832 : : GCRY_CIPHER_CAMELLIA256 = 312
833 : : };
834 : :
835 : : /* The Rijndael algorithm is basically AES, so provide some macros. */
836 : : #define GCRY_CIPHER_AES128 GCRY_CIPHER_AES
837 : : #define GCRY_CIPHER_RIJNDAEL GCRY_CIPHER_AES
838 : : #define GCRY_CIPHER_RIJNDAEL128 GCRY_CIPHER_AES128
839 : : #define GCRY_CIPHER_RIJNDAEL192 GCRY_CIPHER_AES192
840 : : #define GCRY_CIPHER_RIJNDAEL256 GCRY_CIPHER_AES256
841 : :
842 : : /* The supported encryption modes. Note that not all of them are
843 : : supported for each algorithm. */
844 : : enum gcry_cipher_modes
845 : : {
846 : : GCRY_CIPHER_MODE_NONE = 0, /* Not yet specified. */
847 : : GCRY_CIPHER_MODE_ECB = 1, /* Electronic codebook. */
848 : : GCRY_CIPHER_MODE_CFB = 2, /* Cipher feedback. */
849 : : GCRY_CIPHER_MODE_CBC = 3, /* Cipher block chaining. */
850 : : GCRY_CIPHER_MODE_STREAM = 4, /* Used with stream ciphers. */
851 : : GCRY_CIPHER_MODE_OFB = 5, /* Outer feedback. */
852 : : GCRY_CIPHER_MODE_CTR = 6 /* Counter. */
853 : : };
854 : :
855 : : /* Flags used with the open function. */
856 : : enum gcry_cipher_flags
857 : : {
858 : : GCRY_CIPHER_SECURE = 1, /* Allocate in secure memory. */
859 : : GCRY_CIPHER_ENABLE_SYNC = 2, /* Enable CFB sync mode. */
860 : : GCRY_CIPHER_CBC_CTS = 4, /* Enable CBC cipher text stealing (CTS). */
861 : : GCRY_CIPHER_CBC_MAC = 8 /* Enable CBC message auth. code (MAC). */
862 : : };
863 : :
864 : :
865 : : /* Create a handle for algorithm ALGO to be used in MODE. FLAGS may
866 : : be given as an bitwise OR of the gcry_cipher_flags values. */
867 : : gcry_error_t gcry_cipher_open (gcry_cipher_hd_t *handle,
868 : : int algo, int mode, unsigned int flags);
869 : :
870 : : /* Close the cioher handle H and release all resource. */
871 : : void gcry_cipher_close (gcry_cipher_hd_t h);
872 : :
873 : : /* Perform various operations on the cipher object H. */
874 : : gcry_error_t gcry_cipher_ctl (gcry_cipher_hd_t h, int cmd, void *buffer,
875 : : size_t buflen);
876 : :
877 : : /* Retrieve various information about the cipher object H. */
878 : : gcry_error_t gcry_cipher_info (gcry_cipher_hd_t h, int what, void *buffer,
879 : : size_t *nbytes);
880 : :
881 : : /* Retrieve various information about the cipher algorithm ALGO. */
882 : : gcry_error_t gcry_cipher_algo_info (int algo, int what, void *buffer,
883 : : size_t *nbytes);
884 : :
885 : : /* Map the cipher algorithm whose ID is contained in ALGORITHM to a
886 : : string representation of the algorithm name. For unknown algorithm
887 : : IDs this function returns "?". */
888 : : const char *gcry_cipher_algo_name (int algorithm) _GCRY_GCC_ATTR_PURE;
889 : :
890 : : /* Map the algorithm name NAME to an cipher algorithm ID. Return 0 if
891 : : the algorithm name is not known. */
892 : : int gcry_cipher_map_name (const char *name) _GCRY_GCC_ATTR_PURE;
893 : :
894 : : /* Given an ASN.1 object identifier in standard IETF dotted decimal
895 : : format in STRING, return the encryption mode associated with that
896 : : OID or 0 if not known or applicable. */
897 : : int gcry_cipher_mode_from_oid (const char *string) _GCRY_GCC_ATTR_PURE;
898 : :
899 : : /* Encrypt the plaintext of size INLEN in IN using the cipher handle H
900 : : into the buffer OUT which has an allocated length of OUTSIZE. For
901 : : most algorithms it is possible to pass NULL for in and 0 for INLEN
902 : : and do a in-place decryption of the data provided in OUT. */
903 : : gcry_error_t gcry_cipher_encrypt (gcry_cipher_hd_t h,
904 : : void *out, size_t outsize,
905 : : const void *in, size_t inlen);
906 : :
907 : : /* The counterpart to gcry_cipher_encrypt. */
908 : : gcry_error_t gcry_cipher_decrypt (gcry_cipher_hd_t h,
909 : : void *out, size_t outsize,
910 : : const void *in, size_t inlen);
911 : :
912 : : /* Set KEY of length KEYLEN for the cipher handle HD. */
913 : : gcry_error_t gcry_cipher_setkey (gcry_cipher_hd_t hd,
914 : : const void *key, size_t keylen);
915 : :
916 : :
917 : : /* Set initialization vector IV of length IVLEN for the cipher handle HD. */
918 : : gcry_error_t gcry_cipher_setiv (gcry_cipher_hd_t hd,
919 : : const void *iv, size_t ivlen);
920 : :
921 : :
922 : : /* Reset the handle to the state after open. */
923 : : #define gcry_cipher_reset(h) gcry_cipher_ctl ((h), GCRYCTL_RESET, NULL, 0)
924 : :
925 : : /* Perform the OpenPGP sync operation if this is enabled for the
926 : : cipher handle H. */
927 : : #define gcry_cipher_sync(h) gcry_cipher_ctl( (h), GCRYCTL_CFB_SYNC, NULL, 0)
928 : :
929 : : /* Enable or disable CTS in future calls to gcry_encrypt(). CBC mode only. */
930 : : #define gcry_cipher_cts(h,on) gcry_cipher_ctl( (h), GCRYCTL_SET_CBC_CTS, \
931 : : NULL, on )
932 : :
933 : : /* Set counter for CTR mode. (CTR,CTRLEN) must denote a buffer of
934 : : block size length, or (NULL,0) to set the CTR to the all-zero block. */
935 : : gpg_error_t gcry_cipher_setctr (gcry_cipher_hd_t hd,
936 : : const void *ctr, size_t ctrlen);
937 : :
938 : : /* Retrieved the key length used with algorithm A. */
939 : : size_t gcry_cipher_get_algo_keylen (int algo);
940 : :
941 : : /* Retrieve the block length used with algorithm A. */
942 : : size_t gcry_cipher_get_algo_blklen (int algo);
943 : :
944 : : /* Return 0 if the algorithm A is available for use. */
945 : : #define gcry_cipher_test_algo(a) \
946 : : gcry_cipher_algo_info( (a), GCRYCTL_TEST_ALGO, NULL, NULL )
947 : :
948 : : /* Get a list consisting of the IDs of the loaded cipher modules. If
949 : : LIST is zero, write the number of loaded cipher modules to
950 : : LIST_LENGTH and return. If LIST is non-zero, the first
951 : : *LIST_LENGTH algorithm IDs are stored in LIST, which must be of
952 : : according size. In case there are less cipher modules than
953 : : *LIST_LENGTH, *LIST_LENGTH is updated to the correct number. */
954 : : gcry_error_t gcry_cipher_list (int *list, int *list_length);
955 : :
956 : : �
957 : : /************************************
958 : : * *
959 : : * Asymmetric Cipher Functions *
960 : : * *
961 : : ************************************/
962 : :
963 : : /* The algorithms and their IDs we support. */
964 : : enum gcry_pk_algos
965 : : {
966 : : GCRY_PK_RSA = 1,
967 : : GCRY_PK_RSA_E = 2, /* (deprecated) */
968 : : GCRY_PK_RSA_S = 3, /* (deprecated) */
969 : : GCRY_PK_ELG_E = 16,
970 : : GCRY_PK_DSA = 17,
971 : : GCRY_PK_ELG = 20,
972 : : GCRY_PK_ECDSA = 301
973 : : };
974 : :
975 : : /* Flags describing usage capabilities of a PK algorithm. */
976 : : #define GCRY_PK_USAGE_SIGN 1 /* Good for signatures. */
977 : : #define GCRY_PK_USAGE_ENCR 2 /* Good for encryption. */
978 : : #define GCRY_PK_USAGE_CERT 4 /* Good to certify other keys. */
979 : : #define GCRY_PK_USAGE_AUTH 8 /* Good for authentication. */
980 : : #define GCRY_PK_USAGE_UNKN 128 /* Unknown usage flag. */
981 : :
982 : : /* Encrypt the DATA using the public key PKEY and store the result as
983 : : a newly created S-expression at RESULT. */
984 : : gcry_error_t gcry_pk_encrypt (gcry_sexp_t *result,
985 : : gcry_sexp_t data, gcry_sexp_t pkey);
986 : :
987 : : /* Decrypt the DATA using the private key SKEY and store the result as
988 : : a newly created S-expression at RESULT. */
989 : : gcry_error_t gcry_pk_decrypt (gcry_sexp_t *result,
990 : : gcry_sexp_t data, gcry_sexp_t skey);
991 : :
992 : : /* Sign the DATA using the private key SKEY and store the result as
993 : : a newly created S-expression at RESULT. */
994 : : gcry_error_t gcry_pk_sign (gcry_sexp_t *result,
995 : : gcry_sexp_t data, gcry_sexp_t skey);
996 : :
997 : : /* Check the signature SIGVAL on DATA using the public key PKEY. */
998 : : gcry_error_t gcry_pk_verify (gcry_sexp_t sigval,
999 : : gcry_sexp_t data, gcry_sexp_t pkey);
1000 : :
1001 : : /* Check that private KEY is sane. */
1002 : : gcry_error_t gcry_pk_testkey (gcry_sexp_t key);
1003 : :
1004 : : /* Generate a new key pair according to the parameters given in
1005 : : S_PARMS. The new key pair is returned in as an S-expression in
1006 : : R_KEY. */
1007 : : gcry_error_t gcry_pk_genkey (gcry_sexp_t *r_key, gcry_sexp_t s_parms);
1008 : :
1009 : : /* Catch all function for miscellaneous operations. */
1010 : : gcry_error_t gcry_pk_ctl (int cmd, void *buffer, size_t buflen);
1011 : :
1012 : : /* Retrieve information about the public key algorithm ALGO. */
1013 : : gcry_error_t gcry_pk_algo_info (int algo, int what,
1014 : : void *buffer, size_t *nbytes);
1015 : :
1016 : : /* Map the public key algorithm whose ID is contained in ALGORITHM to
1017 : : a string representation of the algorithm name. For unknown
1018 : : algorithm IDs this functions returns "?". */
1019 : : const char *gcry_pk_algo_name (int algorithm) _GCRY_GCC_ATTR_PURE;
1020 : :
1021 : : /* Map the algorithm NAME to a public key algorithm Id. Return 0 if
1022 : : the algorithm name is not known. */
1023 : : int gcry_pk_map_name (const char* name) _GCRY_GCC_ATTR_PURE;
1024 : :
1025 : : /* Return what is commonly referred as the key length for the given
1026 : : public or private KEY. */
1027 : : unsigned int gcry_pk_get_nbits (gcry_sexp_t key) _GCRY_GCC_ATTR_PURE;
1028 : :
1029 : : /* Please note that keygrip is still experimental and should not be
1030 : : used without contacting the author. */
1031 : : unsigned char *gcry_pk_get_keygrip (gcry_sexp_t key, unsigned char *array);
1032 : :
1033 : : /* Return 0 if the public key algorithm A is available for use. */
1034 : : #define gcry_pk_test_algo(a) \
1035 : : gcry_pk_algo_info( (a), GCRYCTL_TEST_ALGO, NULL, NULL )
1036 : :
1037 : : /* Get a list consisting of the IDs of the loaded pubkey modules. If
1038 : : LIST is zero, write the number of loaded pubkey modules to
1039 : : LIST_LENGTH and return. If LIST is non-zero, the first
1040 : : *LIST_LENGTH algorithm IDs are stored in LIST, which must be of
1041 : : according size. In case there are less pubkey modules than
1042 : : *LIST_LENGTH, *LIST_LENGTH is updated to the correct number. */
1043 : : gcry_error_t gcry_pk_list (int *list, int *list_length);
1044 : :
1045 : : �
1046 : :
1047 : : /************************************
1048 : : * *
1049 : : * Cryptograhic Hash Functions *
1050 : : * *
1051 : : ************************************/
1052 : :
1053 : : /* Algorithm IDs for the hash functions we know about. Not all of them
1054 : : are implemnted. */
1055 : : enum gcry_md_algos
1056 : : {
1057 : : GCRY_MD_NONE = 0,
1058 : : GCRY_MD_MD5 = 1,
1059 : : GCRY_MD_SHA1 = 2,
1060 : : GCRY_MD_RMD160 = 3,
1061 : : GCRY_MD_MD2 = 5,
1062 : : GCRY_MD_TIGER = 6, /* TIGER/192. */
1063 : : GCRY_MD_HAVAL = 7, /* HAVAL, 5 pass, 160 bit. */
1064 : : GCRY_MD_SHA256 = 8,
1065 : : GCRY_MD_SHA384 = 9,
1066 : : GCRY_MD_SHA512 = 10,
1067 : : GCRY_MD_SHA224 = 11,
1068 : : GCRY_MD_MD4 = 301,
1069 : : GCRY_MD_CRC32 = 302,
1070 : : GCRY_MD_CRC32_RFC1510 = 303,
1071 : : GCRY_MD_CRC24_RFC2440 = 304,
1072 : : GCRY_MD_WHIRLPOOL = 305
1073 : : };
1074 : :
1075 : : /* Flags used with the open function. */
1076 : : enum gcry_md_flags
1077 : : {
1078 : : GCRY_MD_FLAG_SECURE = 1, /* Allocate all buffers in "secure" memory. */
1079 : : GCRY_MD_FLAG_HMAC = 2 /* Make an HMAC out of this algorithm. */
1080 : : };
1081 : :
1082 : : /* (Forward declaration.) */
1083 : : struct gcry_md_context;
1084 : :
1085 : : /* This object is used to hold a handle to a message digest object.
1086 : : This structure is private - only to be used by the public gcry_md_*
1087 : : macros. */
1088 : : typedef struct gcry_md_handle
1089 : : {
1090 : : /* Actual context. */
1091 : : struct gcry_md_context *ctx;
1092 : :
1093 : : /* Buffer management. */
1094 : : int bufpos;
1095 : : int bufsize;
1096 : : unsigned char buf[1];
1097 : : } *gcry_md_hd_t;
1098 : :
1099 : : /* Compatibility types, do not use them. */
1100 : : #ifndef GCRYPT_NO_DEPRECATED
1101 : : typedef struct gcry_md_handle *GCRY_MD_HD _GCRY_GCC_ATTR_DEPRECATED;
1102 : : typedef struct gcry_md_handle *GcryMDHd _GCRY_GCC_ATTR_DEPRECATED;
1103 : : #endif
1104 : :
1105 : : /* Create a message digest object for algorithm ALGO. FLAGS may be
1106 : : given as an bitwise OR of the gcry_md_flags values. ALGO may be
1107 : : given as 0 if the algorithms to be used are later set using
1108 : : gcry_md_enable. */
1109 : : gcry_error_t gcry_md_open (gcry_md_hd_t *h, int algo, unsigned int flags);
1110 : :
1111 : : /* Release the message digest object HD. */
1112 : : void gcry_md_close (gcry_md_hd_t hd);
1113 : :
1114 : : /* Add the message digest algorithm ALGO to the digest object HD. */
1115 : : gcry_error_t gcry_md_enable (gcry_md_hd_t hd, int algo);
1116 : :
1117 : : /* Create a new digest object as an exact copy of the object HD. */
1118 : : gcry_error_t gcry_md_copy (gcry_md_hd_t *bhd, gcry_md_hd_t ahd);
1119 : :
1120 : : /* Reset the digest object HD to its initial state. */
1121 : : void gcry_md_reset (gcry_md_hd_t hd);
1122 : :
1123 : : /* Perform various operations on the digest object HD. */
1124 : : gcry_error_t gcry_md_ctl (gcry_md_hd_t hd, int cmd,
1125 : : void *buffer, size_t buflen);
1126 : :
1127 : : /* Pass LENGTH bytes of data in BUFFER to the digest object HD so that
1128 : : it can update the digest values. This is the actual hash
1129 : : function. */
1130 : : void gcry_md_write (gcry_md_hd_t hd, const void *buffer, size_t length);
1131 : :
1132 : : /* Read out the final digest from HD return the digest value for
1133 : : algorithm ALGO. */
1134 : : unsigned char *gcry_md_read (gcry_md_hd_t hd, int algo);
1135 : :
1136 : : /* Convenience function to calculate the hash from the data in BUFFER
1137 : : of size LENGTH using the algorithm ALGO avoiding the creating of a
1138 : : hash object. The hash is returned in the caller provided buffer
1139 : : DIGEST which must be large enough to hold the digest of the given
1140 : : algorithm. */
1141 : : void gcry_md_hash_buffer (int algo, void *digest,
1142 : : const void *buffer, size_t length);
1143 : :
1144 : : /* Retrieve the algorithm used with HD. This does not work reliable
1145 : : if more than one algorithm is enabled in HD. */
1146 : : int gcry_md_get_algo (gcry_md_hd_t hd);
1147 : :
1148 : : /* Retrieve the length in bytes of the digest yielded by algorithm
1149 : : ALGO. */
1150 : : unsigned int gcry_md_get_algo_dlen (int algo);
1151 : :
1152 : : /* Return true if the the algorithm ALGO is enabled in the digest
1153 : : object A. */
1154 : : int gcry_md_is_enabled (gcry_md_hd_t a, int algo);
1155 : :
1156 : : /* Return true if the digest object A is allocated in "secure" memory. */
1157 : : int gcry_md_is_secure (gcry_md_hd_t a);
1158 : :
1159 : : /* Retrieve various information about the object H. */
1160 : : gcry_error_t gcry_md_info (gcry_md_hd_t h, int what, void *buffer,
1161 : : size_t *nbytes);
1162 : :
1163 : : /* Retrieve various information about the algorithm ALGO. */
1164 : : gcry_error_t gcry_md_algo_info (int algo, int what, void *buffer,
1165 : : size_t *nbytes);
1166 : :
1167 : : /* Map the digest algorithm id ALGO to a string representation of the
1168 : : algorithm name. For unknown algorithms this function returns
1169 : : "?". */
1170 : : const char *gcry_md_algo_name (int algo) _GCRY_GCC_ATTR_PURE;
1171 : :
1172 : : /* Map the algorithm NAME to a digest algorithm Id. Return 0 if
1173 : : the algorithm name is not known. */
1174 : : int gcry_md_map_name (const char* name) _GCRY_GCC_ATTR_PURE;
1175 : :
1176 : : /* For use with the HMAC feature, the set MAC key to the KEY of
1177 : : KEYLEN. */
1178 : : gcry_error_t gcry_md_setkey (gcry_md_hd_t hd, const void *key, size_t keylen);
1179 : :
1180 : : /* Start or stop debugging for digest handle HD; i.e. create a file
1181 : : named dbgmd-<n>.<suffix> while hashing. If SUFFIX is NULL,
1182 : : debugging stops and the file will be closed. */
1183 : : void gcry_md_debug (gcry_md_hd_t hd, const char *suffix);
1184 : :
1185 : :
1186 : : /* Update the hash(s) of H with the character C. This is a buffered
1187 : : version of the gcry_md_write function. */
1188 : : #define gcry_md_putc(h,c) \
1189 : : do { \
1190 : : gcry_md_hd_t h__ = (h); \
1191 : : if( (h__)->bufpos == (h__)->bufsize ) \
1192 : : gcry_md_write( (h__), NULL, 0 ); \
1193 : : (h__)->buf[(h__)->bufpos++] = (c) & 0xff; \
1194 : : } while(0)
1195 : :
1196 : : /* Finalize the digest calculation. This is not really needed because
1197 : : gcry_md_read() does this implicitly. */
1198 : : #define gcry_md_final(a) \
1199 : : gcry_md_ctl ((a), GCRYCTL_FINALIZE, NULL, 0)
1200 : :
1201 : : /* Return 0 if the algorithm A is available for use. */
1202 : : #define gcry_md_test_algo(a) \
1203 : : gcry_md_algo_info( (a), GCRYCTL_TEST_ALGO, NULL, NULL )
1204 : :
1205 : : /* Return an DER encoded ASN.1 OID for the algorithm A in buffer B. N
1206 : : must point to size_t variable with the available size of buffer B.
1207 : : After return it will receive the actual size of the returned
1208 : : OID. */
1209 : : #define gcry_md_get_asnoid(a,b,n) \
1210 : : gcry_md_algo_info((a), GCRYCTL_GET_ASNOID, (b), (n))
1211 : :
1212 : : /* Enable debugging for digest object A; i.e. create files named
1213 : : dbgmd-<n>.<string> while hashing. B is a string used as the suffix
1214 : : for the filename. This macro is deprecated, use gcry_md_debug. */
1215 : : #ifndef GCRYPT_NO_DEPRECATED
1216 : : #define gcry_md_start_debug(a,b) \
1217 : : gcry_md_ctl( (a), GCRYCTL_START_DUMP, (b), 0 )
1218 : :
1219 : : /* Disable the debugging of A. This macro is deprecated, use
1220 : : gcry_md_debug. */
1221 : : #define gcry_md_stop_debug(a,b) \
1222 : : gcry_md_ctl( (a), GCRYCTL_STOP_DUMP, (b), 0 )
1223 : : #endif
1224 : :
1225 : : /* Get a list consisting of the IDs of the loaded message digest
1226 : : modules. If LIST is zero, write the number of loaded message
1227 : : digest modules to LIST_LENGTH and return. If LIST is non-zero, the
1228 : : first *LIST_LENGTH algorithm IDs are stored in LIST, which must be
1229 : : of according size. In case there are less message digest modules
1230 : : than *LIST_LENGTH, *LIST_LENGTH is updated to the correct
1231 : : number. */
1232 : : gcry_error_t gcry_md_list (int *list, int *list_length);
1233 : :
1234 : : �
1235 : :
1236 : : /* Alternative interface for asymmetric cryptography. This interface
1237 : : is deprecated. */
1238 : :
1239 : : /* The algorithm IDs. */
1240 : : typedef enum gcry_ac_id
1241 : : {
1242 : : GCRY_AC_RSA = 1,
1243 : : GCRY_AC_DSA = 17,
1244 : : GCRY_AC_ELG = 20,
1245 : : GCRY_AC_ELG_E = 16
1246 : : }
1247 : : gcry_ac_id_t;
1248 : :
1249 : : /* Key types. */
1250 : : typedef enum gcry_ac_key_type
1251 : : {
1252 : : GCRY_AC_KEY_SECRET,
1253 : : GCRY_AC_KEY_PUBLIC
1254 : : }
1255 : : gcry_ac_key_type_t;
1256 : :
1257 : : /* Encoding methods. */
1258 : : typedef enum gcry_ac_em
1259 : : {
1260 : : GCRY_AC_EME_PKCS_V1_5,
1261 : : GCRY_AC_EMSA_PKCS_V1_5
1262 : : }
1263 : : gcry_ac_em_t;
1264 : :
1265 : : /* Encryption and Signature schemes. */
1266 : : typedef enum gcry_ac_scheme
1267 : : {
1268 : : GCRY_AC_ES_PKCS_V1_5,
1269 : : GCRY_AC_SSA_PKCS_V1_5
1270 : : }
1271 : : gcry_ac_scheme_t;
1272 : :
1273 : : /* AC data. */
1274 : : #define GCRY_AC_FLAG_DEALLOC (1 << 0)
1275 : : #define GCRY_AC_FLAG_COPY (1 << 1)
1276 : : #define GCRY_AC_FLAG_NO_BLINDING (1 << 2)
1277 : :
1278 : : /* This type represents a `data set'. */
1279 : : typedef struct gcry_ac_data *gcry_ac_data_t;
1280 : :
1281 : : /* This type represents a single `key', either a secret one or a
1282 : : public one. */
1283 : : typedef struct gcry_ac_key *gcry_ac_key_t;
1284 : :
1285 : : /* This type represents a `key pair' containing a secret and a public
1286 : : key. */
1287 : : typedef struct gcry_ac_key_pair *gcry_ac_key_pair_t;
1288 : :
1289 : : /* This type represents a `handle' that is needed by functions
1290 : : performing cryptographic operations. */
1291 : : typedef struct gcry_ac_handle *gcry_ac_handle_t;
1292 : :
1293 : : typedef gpg_error_t (*gcry_ac_data_read_cb_t) (void *opaque,
1294 : : unsigned char *buffer,
1295 : : size_t *buffer_n);
1296 : :
1297 : : typedef gpg_error_t (*gcry_ac_data_write_cb_t) (void *opaque,
1298 : : unsigned char *buffer,
1299 : : size_t buffer_n);
1300 : :
1301 : : typedef enum
1302 : : {
1303 : : GCRY_AC_IO_READABLE,
1304 : : GCRY_AC_IO_WRITABLE
1305 : : }
1306 : : gcry_ac_io_mode_t;
1307 : :
1308 : : typedef enum
1309 : : {
1310 : : GCRY_AC_IO_STRING,
1311 : : GCRY_AC_IO_CALLBACK
1312 : : }
1313 : : gcry_ac_io_type_t;
1314 : :
1315 : : typedef struct gcry_ac_io
1316 : : {
1317 : : /* This is an INTERNAL structure, do NOT use manually. */
1318 : : gcry_ac_io_mode_t mode _GCRY_ATTR_INTERNAL;
1319 : : gcry_ac_io_type_t type _GCRY_ATTR_INTERNAL;
1320 : : union
1321 : : {
1322 : : union
1323 : : {
1324 : : struct
1325 : : {
1326 : : gcry_ac_data_read_cb_t cb;
1327 : : void *opaque;
1328 : : } callback;
1329 : : struct
1330 : : {
1331 : : unsigned char *data;
1332 : : size_t data_n;
1333 : : } string;
1334 : : void *opaque;
1335 : : } readable;
1336 : : union
1337 : : {
1338 : : struct
1339 : : {
1340 : : gcry_ac_data_write_cb_t cb;
1341 : : void *opaque;
1342 : : } callback;
1343 : : struct
1344 : : {
1345 : : unsigned char **data;
1346 : : size_t *data_n;
1347 : : } string;
1348 : : void *opaque;
1349 : : } writable;
1350 : : } io _GCRY_ATTR_INTERNAL;
1351 : : }
1352 : : gcry_ac_io_t;
1353 : :
1354 : : /* The caller of gcry_ac_key_pair_generate can provide one of these
1355 : : structures in order to influence the key generation process in an
1356 : : algorithm-specific way. */
1357 : : typedef struct gcry_ac_key_spec_rsa
1358 : : {
1359 : : gcry_mpi_t e; /* E to use. */
1360 : : } gcry_ac_key_spec_rsa_t;
1361 : :
1362 : : /* Structure used for passing data to the implementation of the
1363 : : `EME-PKCS-V1_5' encoding method. */
1364 : : typedef struct gcry_ac_eme_pkcs_v1_5
1365 : : {
1366 : : size_t key_size;
1367 : : } gcry_ac_eme_pkcs_v1_5_t;
1368 : :
1369 : : typedef enum gcry_md_algos gcry_md_algo_t;
1370 : :
1371 : : /* Structure used for passing data to the implementation of the
1372 : : `EMSA-PKCS-V1_5' encoding method. */
1373 : : typedef struct gcry_ac_emsa_pkcs_v1_5
1374 : : {
1375 : : gcry_md_algo_t md;
1376 : : size_t em_n;
1377 : : } gcry_ac_emsa_pkcs_v1_5_t;
1378 : :
1379 : : /* Structure used for passing data to the implementation of the
1380 : : `SSA-PKCS-V1_5' signature scheme. */
1381 : : typedef struct gcry_ac_ssa_pkcs_v1_5
1382 : : {
1383 : : gcry_md_algo_t md;
1384 : : } gcry_ac_ssa_pkcs_v1_5_t;
1385 : :
1386 : : /* Returns a new, empty data set in DATA. */
1387 : : gcry_error_t gcry_ac_data_new (gcry_ac_data_t *data);
1388 : :
1389 : : /* Destroy the data set DATA. */
1390 : : void gcry_ac_data_destroy (gcry_ac_data_t data);
1391 : :
1392 : : /* Create a copy of the data set DATA and store it in DATA_CP. */
1393 : : gcry_error_t gcry_ac_data_copy (gcry_ac_data_t *data_cp,
1394 : : gcry_ac_data_t data);
1395 : :
1396 : : /* Return the number of named MPI values inside of the data set
1397 : : DATA. */
1398 : : unsigned int gcry_ac_data_length (gcry_ac_data_t data);
1399 : :
1400 : : /* Destroy any values contained in the data set DATA. */
1401 : : void gcry_ac_data_clear (gcry_ac_data_t data);
1402 : :
1403 : : /* Add the value MPI to DATA with the label NAME. If FLAGS contains
1404 : : GCRY_AC_FLAG_DATA_COPY, the data set will contain copies of NAME
1405 : : and MPI. If FLAGS contains GCRY_AC_FLAG_DATA_DEALLOC or
1406 : : GCRY_AC_FLAG_DATA_COPY, the values contained in the data set will
1407 : : be deallocated when they are to be removed from the data set. */
1408 : : gcry_error_t gcry_ac_data_set (gcry_ac_data_t data, unsigned int flags,
1409 : : const char *name, gcry_mpi_t mpi);
1410 : :
1411 : : /* Store the value labelled with NAME found in DATA in MPI. If FLAGS
1412 : : contains GCRY_AC_FLAG_COPY, store a copy of the MPI value contained
1413 : : in the data set. MPI may be NULL. */
1414 : : gcry_error_t gcry_ac_data_get_name (gcry_ac_data_t data, unsigned int flags,
1415 : : const char *name, gcry_mpi_t *mpi);
1416 : :
1417 : : /* Stores in NAME and MPI the named MPI value contained in the data
1418 : : set DATA with the index IDX. If FLAGS contains GCRY_AC_FLAG_COPY,
1419 : : store copies of the values contained in the data set. NAME or MPI
1420 : : may be NULL. */
1421 : : gcry_error_t gcry_ac_data_get_index (gcry_ac_data_t data, unsigned int flags,
1422 : : unsigned int idx,
1423 : : const char **name, gcry_mpi_t *mpi);
1424 : :
1425 : : /* Convert the data set DATA into a new S-Expression, which is to be
1426 : : stored in SEXP, according to the identifiers contained in
1427 : : IDENTIFIERS. */
1428 : : gcry_error_t gcry_ac_data_to_sexp (gcry_ac_data_t data, gcry_sexp_t *sexp,
1429 : : const char **identifiers);
1430 : :
1431 : : /* Create a new data set, which is to be stored in DATA_SET, from the
1432 : : S-Expression SEXP, according to the identifiers contained in
1433 : : IDENTIFIERS. */
1434 : : gcry_error_t gcry_ac_data_from_sexp (gcry_ac_data_t *data, gcry_sexp_t sexp,
1435 : : const char **identifiers);
1436 : :
1437 : : /* Initialize AC_IO according to MODE, TYPE and the variable list of
1438 : : arguments. The list of variable arguments to specify depends on
1439 : : the given TYPE. */
1440 : : void gcry_ac_io_init (gcry_ac_io_t *ac_io, gcry_ac_io_mode_t mode,
1441 : : gcry_ac_io_type_t type, ...);
1442 : :
1443 : : /* Initialize AC_IO according to MODE, TYPE and the variable list of
1444 : : arguments AP. The list of variable arguments to specify depends on
1445 : : the given TYPE. */
1446 : : void gcry_ac_io_init_va (gcry_ac_io_t *ac_io, gcry_ac_io_mode_t mode,
1447 : : gcry_ac_io_type_t type, va_list ap);
1448 : :
1449 : : /* Create a new ac handle. */
1450 : : gcry_error_t gcry_ac_open (gcry_ac_handle_t *handle,
1451 : : gcry_ac_id_t algorithm, unsigned int flags);
1452 : :
1453 : : /* Destroy an ac handle. */
1454 : : void gcry_ac_close (gcry_ac_handle_t handle);
1455 : :
1456 : : /* Initialize a key from a given data set. */
1457 : : gcry_error_t gcry_ac_key_init (gcry_ac_key_t *key, gcry_ac_handle_t handle,
1458 : : gcry_ac_key_type_t type, gcry_ac_data_t data);
1459 : :
1460 : : /* Generates a new key pair via the handle HANDLE of NBITS bits and
1461 : : stores it in KEY_PAIR. In case non-standard settings are wanted, a
1462 : : pointer to a structure of type gcry_ac_key_spec_<algorithm>_t,
1463 : : matching the selected algorithm, can be given as KEY_SPEC.
1464 : : MISC_DATA is not used yet. */
1465 : : gcry_error_t gcry_ac_key_pair_generate (gcry_ac_handle_t handle,
1466 : : unsigned int nbits, void *spec,
1467 : : gcry_ac_key_pair_t *key_pair,
1468 : : gcry_mpi_t **misc_data);
1469 : :
1470 : : /* Returns the key of type WHICH out of the key pair KEY_PAIR. */
1471 : : gcry_ac_key_t gcry_ac_key_pair_extract (gcry_ac_key_pair_t key_pair,
1472 : : gcry_ac_key_type_t which);
1473 : :
1474 : : /* Returns the data set contained in the key KEY. */
1475 : : gcry_ac_data_t gcry_ac_key_data_get (gcry_ac_key_t key);
1476 : :
1477 : : /* Verifies that the key KEY is sane via HANDLE. */
1478 : : gcry_error_t gcry_ac_key_test (gcry_ac_handle_t handle, gcry_ac_key_t key);
1479 : :
1480 : : /* Stores the number of bits of the key KEY in NBITS via HANDLE. */
1481 : : gcry_error_t gcry_ac_key_get_nbits (gcry_ac_handle_t handle,
1482 : : gcry_ac_key_t key, unsigned int *nbits);
1483 : :
1484 : : /* Writes the 20 byte long key grip of the key KEY to KEY_GRIP via
1485 : : HANDLE. */
1486 : : gcry_error_t gcry_ac_key_get_grip (gcry_ac_handle_t handle, gcry_ac_key_t key,
1487 : : unsigned char *key_grip);
1488 : :
1489 : : /* Destroy a key. */
1490 : : void gcry_ac_key_destroy (gcry_ac_key_t key);
1491 : :
1492 : : /* Destroy a key pair. */
1493 : : void gcry_ac_key_pair_destroy (gcry_ac_key_pair_t key_pair);
1494 : :
1495 : : /* Encodes a message according to the encoding method METHOD. OPTIONS
1496 : : must be a pointer to a method-specific structure
1497 : : (gcry_ac_em*_t). */
1498 : : gcry_error_t gcry_ac_data_encode (gcry_ac_em_t method,
1499 : : unsigned int flags, void *options,
1500 : : gcry_ac_io_t *io_read,
1501 : : gcry_ac_io_t *io_write);
1502 : :
1503 : : /* Decodes a message according to the encoding method METHOD. OPTIONS
1504 : : must be a pointer to a method-specific structure
1505 : : (gcry_ac_em*_t). */
1506 : : gcry_error_t gcry_ac_data_decode (gcry_ac_em_t method,
1507 : : unsigned int flags, void *options,
1508 : : gcry_ac_io_t *io_read,
1509 : : gcry_ac_io_t *io_write);
1510 : :
1511 : : /* Encrypt the plain text MPI value DATA_PLAIN with the key KEY under
1512 : : the control of the flags FLAGS and store the resulting data set
1513 : : into DATA_ENCRYPTED. */
1514 : : gcry_error_t gcry_ac_data_encrypt (gcry_ac_handle_t handle,
1515 : : unsigned int flags,
1516 : : gcry_ac_key_t key,
1517 : : gcry_mpi_t data_plain,
1518 : : gcry_ac_data_t *data_encrypted);
1519 : :
1520 : : /* Decrypt the decrypted data contained in the data set DATA_ENCRYPTED
1521 : : with the key KEY under the control of the flags FLAGS and store the
1522 : : resulting plain text MPI value in DATA_PLAIN. */
1523 : : gcry_error_t gcry_ac_data_decrypt (gcry_ac_handle_t handle,
1524 : : unsigned int flags,
1525 : : gcry_ac_key_t key,
1526 : : gcry_mpi_t *data_plain,
1527 : : gcry_ac_data_t data_encrypted);
1528 : :
1529 : : /* Sign the data contained in DATA with the key KEY and store the
1530 : : resulting signature in the data set DATA_SIGNATURE. */
1531 : : gcry_error_t gcry_ac_data_sign (gcry_ac_handle_t handle,
1532 : : gcry_ac_key_t key,
1533 : : gcry_mpi_t data,
1534 : : gcry_ac_data_t *data_signature);
1535 : :
1536 : : /* Verify that the signature contained in the data set DATA_SIGNATURE
1537 : : is indeed the result of signing the data contained in DATA with the
1538 : : secret key belonging to the public key KEY. */
1539 : : gcry_error_t gcry_ac_data_verify (gcry_ac_handle_t handle,
1540 : : gcry_ac_key_t key,
1541 : : gcry_mpi_t data,
1542 : : gcry_ac_data_t data_signature);
1543 : :
1544 : : /* Encrypts the plain text readable from IO_MESSAGE through HANDLE
1545 : : with the public key KEY according to SCHEME, FLAGS and OPTS. If
1546 : : OPTS is not NULL, it has to be a pointer to a structure specific to
1547 : : the chosen scheme (gcry_ac_es_*_t). The encrypted message is
1548 : : written to IO_CIPHER. */
1549 : : gcry_error_t gcry_ac_data_encrypt_scheme (gcry_ac_handle_t handle,
1550 : : gcry_ac_scheme_t scheme,
1551 : : unsigned int flags, void *opts,
1552 : : gcry_ac_key_t key,
1553 : : gcry_ac_io_t *io_message,
1554 : : gcry_ac_io_t *io_cipher);
1555 : :
1556 : : /* Decrypts the cipher text readable from IO_CIPHER through HANDLE
1557 : : with the secret key KEY according to SCHEME, @var{flags} and OPTS.
1558 : : If OPTS is not NULL, it has to be a pointer to a structure specific
1559 : : to the chosen scheme (gcry_ac_es_*_t). The decrypted message is
1560 : : written to IO_MESSAGE. */
1561 : : gcry_error_t gcry_ac_data_decrypt_scheme (gcry_ac_handle_t handle,
1562 : : gcry_ac_scheme_t scheme,
1563 : : unsigned int flags, void *opts,
1564 : : gcry_ac_key_t key,
1565 : : gcry_ac_io_t *io_cipher,
1566 : : gcry_ac_io_t *io_message);
1567 : :
1568 : : /* Signs the message readable from IO_MESSAGE through HANDLE with the
1569 : : secret key KEY according to SCHEME, FLAGS and OPTS. If OPTS is not
1570 : : NULL, it has to be a pointer to a structure specific to the chosen
1571 : : scheme (gcry_ac_ssa_*_t). The signature is written to
1572 : : IO_SIGNATURE. */
1573 : : gcry_error_t gcry_ac_data_sign_scheme (gcry_ac_handle_t handle,
1574 : : gcry_ac_scheme_t scheme,
1575 : : unsigned int flags, void *opts,
1576 : : gcry_ac_key_t key,
1577 : : gcry_ac_io_t *io_message,
1578 : : gcry_ac_io_t *io_signature);
1579 : :
1580 : : /* Verifies through HANDLE that the signature readable from
1581 : : IO_SIGNATURE is indeed the result of signing the message readable
1582 : : from IO_MESSAGE with the secret key belonging to the public key KEY
1583 : : according to SCHEME and OPTS. If OPTS is not NULL, it has to be an
1584 : : anonymous structure (gcry_ac_ssa_*_t) specific to the chosen
1585 : : scheme. */
1586 : : gcry_error_t gcry_ac_data_verify_scheme (gcry_ac_handle_t handle,
1587 : : gcry_ac_scheme_t scheme,
1588 : : unsigned int flags, void *opts,
1589 : : gcry_ac_key_t key,
1590 : : gcry_ac_io_t *io_message,
1591 : : gcry_ac_io_t *io_signature);
1592 : :
1593 : : /* Store the textual representation of the algorithm whose id is given
1594 : : in ALGORITHM in NAME. This function is deprecated; use
1595 : : gcry_pk_algo_name. */
1596 : : #ifndef GCRYPT_NO_DEPRECATED
1597 : : gcry_error_t gcry_ac_id_to_name (gcry_ac_id_t algorithm,
1598 : : const char **name)
1599 : : /* */ _GCRY_GCC_ATTR_DEPRECATED;
1600 : : /* Store the numeric ID of the algorithm whose textual representation
1601 : : is contained in NAME in ALGORITHM. This function is deprecated;
1602 : : use gcry_pk_map_name. */
1603 : : gcry_error_t gcry_ac_name_to_id (const char *name,
1604 : : gcry_ac_id_t *algorithm)
1605 : : /* */ _GCRY_GCC_ATTR_DEPRECATED;
1606 : : #endif
1607 : :
1608 : : �
1609 : : /************************************
1610 : : * *
1611 : : * Random Generating Functions *
1612 : : * *
1613 : : ************************************/
1614 : :
1615 : : /* The possible values for the random quality. The rule of thumb is
1616 : : to use STRONG for session keys and VERY_STRONG for key material.
1617 : : WEAK is usually an alias for STRONG and should not be used anymore
1618 : : (except with gcry_mpi_randomize); use gcry_create_nonce instead. */
1619 : : typedef enum gcry_random_level
1620 : : {
1621 : : GCRY_WEAK_RANDOM = 0,
1622 : : GCRY_STRONG_RANDOM = 1,
1623 : : GCRY_VERY_STRONG_RANDOM = 2
1624 : : }
1625 : : gcry_random_level_t;
1626 : :
1627 : : /* Fill BUFFER with LENGTH bytes of random, using random numbers of
1628 : : quality LEVEL. */
1629 : : void gcry_randomize (void *buffer, size_t length,
1630 : : enum gcry_random_level level);
1631 : :
1632 : : /* Add the external random from BUFFER with LENGTH bytes into the
1633 : : pool. QUALITY should either be -1 for unknown or in the range of 0
1634 : : to 100 */
1635 : : gcry_error_t gcry_random_add_bytes (const void *buffer, size_t length,
1636 : : int quality);
1637 : :
1638 : : /* If random numbers are used in an application, this macro should be
1639 : : called from time to time so that new stuff gets added to the
1640 : : internal pool of the RNG. */
1641 : : #define gcry_fast_random_poll() gcry_control (GCRYCTL_FAST_POLL, NULL)
1642 : :
1643 : :
1644 : : /* Return NBYTES of allocated random using a random numbers of quality
1645 : : LEVEL. */
1646 : : void *gcry_random_bytes (size_t nbytes, enum gcry_random_level level)
1647 : : _GCRY_GCC_ATTR_MALLOC;
1648 : :
1649 : : /* Return NBYTES of allocated random using a random numbers of quality
1650 : : LEVEL. The random numbers are created returned in "secure"
1651 : : memory. */
1652 : : void *gcry_random_bytes_secure (size_t nbytes, enum gcry_random_level level)
1653 : : _GCRY_GCC_ATTR_MALLOC;
1654 : :
1655 : :
1656 : : /* Set the big integer W to a random value of NBITS using a random
1657 : : generator with quality LEVEL. Note that by using a level of
1658 : : GCRY_WEAK_RANDOM gcry_create_nonce is used internally. */
1659 : : void gcry_mpi_randomize (gcry_mpi_t w,
1660 : : unsigned int nbits, enum gcry_random_level level);
1661 : :
1662 : :
1663 : : /* Create an unpredicable nonce of LENGTH bytes in BUFFER. */
1664 : : void gcry_create_nonce (void *buffer, size_t length);
1665 : :
1666 : :
1667 : :
1668 : :
1669 : : �
1670 : : /*******************************/
1671 : : /* */
1672 : : /* Prime Number Functions */
1673 : : /* */
1674 : : /*******************************/
1675 : :
1676 : : /* Mode values passed to a gcry_prime_check_func_t. */
1677 : : #define GCRY_PRIME_CHECK_AT_FINISH 0
1678 : : #define GCRY_PRIME_CHECK_AT_GOT_PRIME 1
1679 : : #define GCRY_PRIME_CHECK_AT_MAYBE_PRIME 2
1680 : :
1681 : : /* The function should return 1 if the operation shall continue, 0 to
1682 : : reject the prime candidate. */
1683 : : typedef int (*gcry_prime_check_func_t) (void *arg, int mode,
1684 : : gcry_mpi_t candidate);
1685 : :
1686 : : /* Flags for gcry_prime_generate(): */
1687 : :
1688 : : /* Allocate prime numbers and factors in secure memory. */
1689 : : #define GCRY_PRIME_FLAG_SECRET (1 << 0)
1690 : :
1691 : : /* Make sure that at least one prime factor is of size
1692 : : `FACTOR_BITS'. */
1693 : : #define GCRY_PRIME_FLAG_SPECIAL_FACTOR (1 << 1)
1694 : :
1695 : : /* Generate a new prime number of PRIME_BITS bits and store it in
1696 : : PRIME. If FACTOR_BITS is non-zero, one of the prime factors of
1697 : : (prime - 1) / 2 must be FACTOR_BITS bits long. If FACTORS is
1698 : : non-zero, allocate a new, NULL-terminated array holding the prime
1699 : : factors and store it in FACTORS. FLAGS might be used to influence
1700 : : the prime number generation process. */
1701 : : gcry_error_t gcry_prime_generate (gcry_mpi_t *prime,
1702 : : unsigned int prime_bits,
1703 : : unsigned int factor_bits,
1704 : : gcry_mpi_t **factors,
1705 : : gcry_prime_check_func_t cb_func,
1706 : : void *cb_arg,
1707 : : gcry_random_level_t random_level,
1708 : : unsigned int flags);
1709 : :
1710 : : /* Find a generator for PRIME where the factorization of (prime-1) is
1711 : : in the NULL terminated array FACTORS. Return the generator as a
1712 : : newly allocated MPI in R_G. If START_G is not NULL, use this as
1713 : : teh start for the search. */
1714 : : gcry_error_t gcry_prime_group_generator (gcry_mpi_t *r_g,
1715 : : gcry_mpi_t prime,
1716 : : gcry_mpi_t *factors,
1717 : : gcry_mpi_t start_g);
1718 : :
1719 : :
1720 : : /* Convenience function to release the FACTORS array. */
1721 : : void gcry_prime_release_factors (gcry_mpi_t *factors);
1722 : :
1723 : :
1724 : : /* Check wether the number X is prime. */
1725 : : gcry_error_t gcry_prime_check (gcry_mpi_t x, unsigned int flags);
1726 : :
1727 : :
1728 : : �
1729 : : /************************************
1730 : : * *
1731 : : * Miscellaneous Stuff *
1732 : : * *
1733 : : ************************************/
1734 : :
1735 : : /* Log levels used by the internal logging facility. */
1736 : : enum gcry_log_levels
1737 : : {
1738 : : GCRY_LOG_CONT = 0, /* (Continue the last log line.) */
1739 : : GCRY_LOG_INFO = 10,
1740 : : GCRY_LOG_WARN = 20,
1741 : : GCRY_LOG_ERROR = 30,
1742 : : GCRY_LOG_FATAL = 40,
1743 : : GCRY_LOG_BUG = 50,
1744 : : GCRY_LOG_DEBUG = 100
1745 : : };
1746 : :
1747 : : /* Type for progress handlers. */
1748 : : typedef void (*gcry_handler_progress_t) (void *, const char *, int, int, int);
1749 : :
1750 : : /* Type for memory allocation handlers. */
1751 : : typedef void *(*gcry_handler_alloc_t) (size_t n);
1752 : :
1753 : : /* Type for secure memory check handlers. */
1754 : : typedef int (*gcry_handler_secure_check_t) (const void *);
1755 : :
1756 : : /* Type for memory reallocation handlers. */
1757 : : typedef void *(*gcry_handler_realloc_t) (void *p, size_t n);
1758 : :
1759 : : /* Type for memory free handlers. */
1760 : : typedef void (*gcry_handler_free_t) (void *);
1761 : :
1762 : : /* Type for out-of-memory handlers. */
1763 : : typedef int (*gcry_handler_no_mem_t) (void *, size_t, unsigned int);
1764 : :
1765 : : /* Type for fatal error handlers. */
1766 : : typedef void (*gcry_handler_error_t) (void *, int, const char *);
1767 : :
1768 : : /* Type for logging handlers. */
1769 : : typedef void (*gcry_handler_log_t) (void *, int, const char *, va_list);
1770 : :
1771 : : /* Certain operations can provide progress information. This function
1772 : : is used to register a handler for retrieving these information. */
1773 : : void gcry_set_progress_handler (gcry_handler_progress_t cb, void *cb_data);
1774 : :
1775 : :
1776 : : /* Register a custom memory allocation functions. */
1777 : : void gcry_set_allocation_handler (
1778 : : gcry_handler_alloc_t func_alloc,
1779 : : gcry_handler_alloc_t func_alloc_secure,
1780 : : gcry_handler_secure_check_t func_secure_check,
1781 : : gcry_handler_realloc_t func_realloc,
1782 : : gcry_handler_free_t func_free);
1783 : :
1784 : : /* Register a function used instead of the internal out of memory
1785 : : handler. */
1786 : : void gcry_set_outofcore_handler (gcry_handler_no_mem_t h, void *opaque);
1787 : :
1788 : : /* Register a function used instead of the internal fatal error
1789 : : handler. */
1790 : : void gcry_set_fatalerror_handler (gcry_handler_error_t fnc, void *opaque);
1791 : :
1792 : : /* Register a function used instead of the internal logging
1793 : : facility. */
1794 : : void gcry_set_log_handler (gcry_handler_log_t f, void *opaque);
1795 : :
1796 : : /* Reserved for future use. */
1797 : : void gcry_set_gettext_handler (const char *(*f)(const char*));
1798 : :
1799 : : /* Libgcrypt uses its own memory allocation. It is important to use
1800 : : gcry_free () to release memory allocated by libgcrypt. */
1801 : : void *gcry_malloc (size_t n) _GCRY_GCC_ATTR_MALLOC;
1802 : : void *gcry_calloc (size_t n, size_t m) _GCRY_GCC_ATTR_MALLOC;
1803 : : void *gcry_malloc_secure (size_t n) _GCRY_GCC_ATTR_MALLOC;
1804 : : void *gcry_calloc_secure (size_t n, size_t m) _GCRY_GCC_ATTR_MALLOC;
1805 : : void *gcry_realloc (void *a, size_t n);
1806 : : char *gcry_strdup (const char *string) _GCRY_GCC_ATTR_MALLOC;
1807 : : void *gcry_xmalloc (size_t n) _GCRY_GCC_ATTR_MALLOC;
1808 : : void *gcry_xcalloc (size_t n, size_t m) _GCRY_GCC_ATTR_MALLOC;
1809 : : void *gcry_xmalloc_secure (size_t n) _GCRY_GCC_ATTR_MALLOC;
1810 : : void *gcry_xcalloc_secure (size_t n, size_t m) _GCRY_GCC_ATTR_MALLOC;
1811 : : void *gcry_xrealloc (void *a, size_t n);
1812 : : char *gcry_xstrdup (const char * a) _GCRY_GCC_ATTR_MALLOC;
1813 : : void gcry_free (void *a);
1814 : :
1815 : : /* Return true if A is allocated in "secure" memory. */
1816 : : int gcry_is_secure (const void *a) _GCRY_GCC_ATTR_PURE;
1817 : :
1818 : : /* Return true if Libgcrypt is in FIPS mode. */
1819 : : #define gcry_fips_mode_active() !!gcry_control (GCRYCTL_FIPS_MODE_P, 0)
1820 : :
1821 : :
1822 : : /* Include support for Libgcrypt modules. */
1823 : : #include <gcrypt-module.h>
1824 : :
1825 : : #if 0 /* (Keep Emacsens' auto-indent happy.) */
1826 : : {
1827 : : #endif
1828 : : #ifdef __cplusplus
1829 : : }
1830 : : #endif
1831 : : #endif /* _GCRYPT_H */
|
