summaryrefslogtreecommitdiff
path: root/plugins/MirOTR/Libgcrypt/src/gcrypt.h
diff options
context:
space:
mode:
Diffstat (limited to 'plugins/MirOTR/Libgcrypt/src/gcrypt.h')
-rw-r--r--plugins/MirOTR/Libgcrypt/src/gcrypt.h1066
1 files changed, 452 insertions, 614 deletions
diff --git a/plugins/MirOTR/Libgcrypt/src/gcrypt.h b/plugins/MirOTR/Libgcrypt/src/gcrypt.h
index ef4196c266..3071732bf6 100644
--- a/plugins/MirOTR/Libgcrypt/src/gcrypt.h
+++ b/plugins/MirOTR/Libgcrypt/src/gcrypt.h
@@ -1,23 +1,24 @@
/* gcrypt.h - GNU Cryptographic Library Interface -*- c -*-
- Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2006
- 2007, 2008, 2009, 2010 Free Software Foundation, Inc.
-
- This file is part of Libgcrypt.
-
- Libgcrypt is free software; you can redistribute it and/or modify
- it under the terms of the GNU Lesser General Public License as
- published by the Free Software Foundation; either version 2.1 of
- the License, or (at your option) any later version.
-
- Libgcrypt is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public
- License along with this program; if not, see <http://www.gnu.org/licenses/>.
-
- File: src/gcrypt.h. Generated from gcrypt.h.in by configure. */
+ * Copyright (C) 1998-2015 Free Software Foundation, Inc.
+ * Copyright (C) 2012-2015 g10 Code GmbH
+ *
+ * This file is part of Libgcrypt.
+ *
+ * Libgcrypt is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * Libgcrypt is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this program; if not, see <http://www.gnu.org/licenses/>.
+ *
+ * File: src/gcrypt.h. Generated from gcrypt.h.in by configure.
+ */
#ifndef _GCRYPT_H
#define _GCRYPT_H
@@ -25,30 +26,26 @@
#include <stdlib.h>
#include <stdarg.h>
#include <string.h>
-#include <tchar.h>
#include <gpg-error.h>
#include <sys/types.h>
#if defined _WIN32 || defined __WIN32__
-#ifdef socklen_t
- #undef socklen_t
-#endif
# include <winsock2.h>
# include <ws2tcpip.h>
# include <time.h>
# ifndef __GNUC__
- typedef signed int ssize_t;
+ typedef long ssize_t;
typedef int pid_t;
# endif /*!__GNUC__*/
#else
# include <sys/socket.h>
# include <sys/time.h>
+#
#endif /*!_WIN32*/
-typedef socklen_t gcry_socklen_t;
-
+typedef int gcry_socklen_t;
/* This is required for error code compatibility. */
#define _GCRY_ERR_SOURCE_DEFAULT GPG_ERR_SOURCE_GCRYPT
@@ -65,7 +62,12 @@ extern "C" {
return the same version. The purpose of this macro is to let
autoconf (using the AM_PATH_GCRYPT macro) check that this header
matches the installed library. */
-#define GCRYPT_VERSION "1.4.6"
+#define GCRYPT_VERSION "1.6.3"
+
+/* The version number of this header. It may be used to handle minor
+ API incompatibilities. */
+#define GCRYPT_VERSION_NUMBER 0x010603
+
/* Internal: We can't use the convenience macros for the multi
precision integer functions when building this library. */
@@ -96,6 +98,12 @@ extern "C" {
#define _GCRY_GCC_ATTR_MALLOC __attribute__ ((__malloc__))
#endif
+#define _GCRY_GCC_ATTR_PRINTF(f,a) __attribute__ ((format (printf,f,a)))
+
+#if _GCRY_GCC_VERSION >= 40000
+#define _GCRY_GCC_ATTR_SENTINEL(a) __attribute__ ((sentinel(a)))
+#endif
+
#endif /*__GNUC__*/
#ifndef _GCRY_GCC_ATTR_DEPRECATED
@@ -107,10 +115,15 @@ extern "C" {
#ifndef _GCRY_GCC_ATTR_MALLOC
#define _GCRY_GCC_ATTR_MALLOC
#endif
+#ifndef _GCRY_GCC_ATTR_PRINTF
+#define _GCRY_GCC_ATTR_PRINTF(f,a)
+#endif
+#ifndef _GCRY_GCC_ATTR_SENTINEL
+#define _GCRY_GCC_ATTR_SENTINEL(a)
+#endif
-/* Some members in a public type should only be used internally.
- There is no "internal" attribute, so we abuse the deprecated
- attribute to discourage external use. */
+/* Make up an attribute to mark functions and types as deprecated but
+ allow internal use by Libgcrypt. */
#ifdef _GCRYPT_IN_LIBGCRYPT
#define _GCRY_ATTR_INTERNAL
#else
@@ -179,13 +192,9 @@ gcry_error_t gcry_err_make_from_errno (gcry_err_source_t source, int err);
gcry_err_code_t gcry_error_from_errno (int err);
-/* This enum is deprecated; it is only declared for the sake of
- complete API compatibility. */
-enum gcry_thread_option
- {
- _GCRY_THREAD_OPTION_DUMMY
- } _GCRY_GCC_ATTR_DEPRECATED;
-
+/* NOTE: Since Libgcrypt 1.6 the thread callbacks are not anymore
+ used. However we keep it to allow for some source code
+ compatibility if used in the standard way. */
/* Constants defining the thread model to use. Used with the OPTION
field of the struct gcry_thread_cbs. */
@@ -196,163 +205,53 @@ enum gcry_thread_option
/* The version number encoded in the OPTION field of the struct
gcry_thread_cbs. */
-#define GCRY_THREAD_OPTION_VERSION 0
+#define GCRY_THREAD_OPTION_VERSION 1
/* Wrapper for struct ath_ops. */
struct gcry_thread_cbs
{
/* The OPTION field encodes the thread model and the version number
- of this structure.
+ of this structure.
Bits 7 - 0 are used for the thread model
- Bits 15 - 8 are used for the version number.
- */
+ Bits 15 - 8 are used for the version number. */
unsigned int option;
+} _GCRY_ATTR_INTERNAL;
- int (*init) (void);
- int (*mutex_init) (void **priv);
- int (*mutex_destroy) (void **priv);
- int (*mutex_lock) (void **priv);
- int (*mutex_unlock) (void **priv);
- ssize_t (*read) (int fd, void *buf, size_t nbytes);
- ssize_t (*write) (int fd, const void *buf, size_t nbytes);
-#ifdef _WIN32
- ssize_t (*select) (int nfd, void *rset, void *wset, void *eset,
- struct timeval *timeout);
- ssize_t (*waitpid) (pid_t pid, int *status, int options);
- int (*accept) (int s, void *addr, int *length_ptr);
- int (*connect) (int s, void *addr, gcry_socklen_t length);
- int (*sendmsg) (int s, const void *msg, int flags);
- int (*recvmsg) (int s, void *msg, int flags);
-#else
- ssize_t (*select) (int nfd, fd_set *rset, fd_set *wset, fd_set *eset,
- struct timeval *timeout);
- ssize_t (*waitpid) (pid_t pid, int *status, int options);
- int (*accept) (int s, struct sockaddr *addr, gcry_socklen_t *length_ptr);
- int (*connect) (int s, struct sockaddr *addr, gcry_socklen_t length);
- int (*sendmsg) (int s, const struct msghdr *msg, int flags);
- int (*recvmsg) (int s, struct msghdr *msg, int flags);
-#endif
-};
-
-#ifdef _WIN32
-# define _GCRY_THREAD_OPTION_PTH_IMPL_NET \
-static ssize_t gcry_pth_select (int nfd, void *rset, void *wset, \
- void *eset, struct timeval *timeout) \
- { return pth_select (nfd, rset, wset, eset, timeout); } \
-static ssize_t gcry_pth_waitpid (pid_t pid, int *status, int options) \
- { return pth_waitpid (pid, status, options); } \
-static int gcry_pth_accept (int s, void *addr, \
- gcry_socklen_t *length_ptr) \
- { return pth_accept (s, addr, length_ptr); } \
-static int gcry_pth_connect (int s, void *addr, \
- gcry_socklen_t length) \
- { return pth_connect (s, addr, length); }
-#else /*!_WIN32*/
-# define _GCRY_THREAD_OPTION_PTH_IMPL_NET \
-static ssize_t gcry_pth_select (int nfd, fd_set *rset, fd_set *wset, \
- fd_set *eset, struct timeval *timeout) \
- { return pth_select (nfd, rset, wset, eset, timeout); } \
-static ssize_t gcry_pth_waitpid (pid_t pid, int *status, int options) \
- { return pth_waitpid (pid, status, options); } \
-static int gcry_pth_accept (int s, struct sockaddr *addr, \
- gcry_socklen_t *length_ptr) \
- { return pth_accept (s, addr, length_ptr); } \
-static int gcry_pth_connect (int s, struct sockaddr *addr, \
- gcry_socklen_t length) \
- { return pth_connect (s, addr, length); }
-#endif /*!_WIN32*/
-
+#define GCRY_THREAD_OPTION_PTH_IMPL \
+ static struct gcry_thread_cbs gcry_threads_pth = { \
+ (GCRY_THREAD_OPTION_PTH | (GCRY_THREAD_OPTION_VERSION << 8))}
+#define GCRY_THREAD_OPTION_PTHREAD_IMPL \
+ static struct gcry_thread_cbs gcry_threads_pthread = { \
+ (GCRY_THREAD_OPTION_PTHREAD | (GCRY_THREAD_OPTION_VERSION << 8))}
-#define GCRY_THREAD_OPTION_PTH_IMPL \
-static int gcry_pth_init (void) \
-{ return (pth_init () == FALSE) ? errno : 0; } \
-static int gcry_pth_mutex_init (void **priv) \
-{ \
- int err = 0; \
- pth_mutex_t *lock = malloc (sizeof (pth_mutex_t)); \
- \
- if (!lock) \
- err = ENOMEM; \
- if (!err) \
- { \
- err = pth_mutex_init (lock); \
- if (err == FALSE) \
- err = errno; \
- else \
- err = 0; \
- if (err) \
- free (lock); \
- else \
- *priv = lock; \
- } \
- return err; \
-} \
-static int gcry_pth_mutex_destroy (void **lock) \
- { /* GNU Pth has no destructor function. */ free (*lock); return 0; } \
-static int gcry_pth_mutex_lock (void **lock) \
- { return ((pth_mutex_acquire (*lock, 0, NULL)) == FALSE) \
- ? errno : 0; } \
-static int gcry_pth_mutex_unlock (void **lock) \
- { return ((pth_mutex_release (*lock)) == FALSE) \
- ? errno : 0; } \
-static ssize_t gcry_pth_read (int fd, void *buf, size_t nbytes) \
- { return pth_read (fd, buf, nbytes); } \
-static ssize_t gcry_pth_write (int fd, const void *buf, size_t nbytes) \
- { return pth_write (fd, buf, nbytes); } \
-_GCRY_THREAD_OPTION_PTH_IMPL_NET \
- \
-/* Note: GNU Pth is missing pth_sendmsg and pth_recvmsg. */ \
-static struct gcry_thread_cbs gcry_threads_pth = { \
- (GCRY_THREAD_OPTION_PTH | (GCRY_THREAD_OPTION_VERSION << 8)), \
- gcry_pth_init, gcry_pth_mutex_init, gcry_pth_mutex_destroy, \
- gcry_pth_mutex_lock, gcry_pth_mutex_unlock, gcry_pth_read, gcry_pth_write, \
- gcry_pth_select, gcry_pth_waitpid, gcry_pth_accept, gcry_pth_connect, \
- NULL, NULL }
-
-
-#define GCRY_THREAD_OPTION_PTHREAD_IMPL \
-static int gcry_pthread_mutex_init (void **priv) \
-{ \
- int err = 0; \
- pthread_mutex_t *lock = (pthread_mutex_t*)malloc (sizeof (pthread_mutex_t));\
- \
- if (!lock) \
- err = ENOMEM; \
- if (!err) \
- { \
- err = pthread_mutex_init (lock, NULL); \
- if (err) \
- free (lock); \
- else \
- *priv = lock; \
- } \
- return err; \
-} \
-static int gcry_pthread_mutex_destroy (void **lock) \
- { int err = pthread_mutex_destroy ((pthread_mutex_t*)*lock); \
- free (*lock); return err; } \
-static int gcry_pthread_mutex_lock (void **lock) \
- { return pthread_mutex_lock ((pthread_mutex_t*)*lock); } \
-static int gcry_pthread_mutex_unlock (void **lock) \
- { return pthread_mutex_unlock ((pthread_mutex_t*)*lock); } \
- \
-static struct gcry_thread_cbs gcry_threads_pthread = { \
- (GCRY_THREAD_OPTION_PTHREAD | (GCRY_THREAD_OPTION_VERSION << 8)), \
- NULL, gcry_pthread_mutex_init, gcry_pthread_mutex_destroy, \
- gcry_pthread_mutex_lock, gcry_pthread_mutex_unlock, \
- NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL }
-/* The data object used to hold a multi precision integer. */
+/* A generic context object as used by some functions. */
+struct gcry_context;
+typedef struct gcry_context *gcry_ctx_t;
+
+/* The data objects used to hold multi precision integers. */
struct gcry_mpi;
typedef struct gcry_mpi *gcry_mpi_t;
+struct gcry_mpi_point;
+typedef struct gcry_mpi_point *gcry_mpi_point_t;
#ifndef GCRYPT_NO_DEPRECATED
typedef struct gcry_mpi *GCRY_MPI _GCRY_GCC_ATTR_DEPRECATED;
typedef struct gcry_mpi *GcryMPI _GCRY_GCC_ATTR_DEPRECATED;
#endif
+/* A structure used for scatter gather hashing. */
+typedef struct
+{
+ size_t size; /* The allocated size of the buffer or 0. */
+ size_t off; /* Offset into the buffer. */
+ size_t len; /* The used length of the buffer. */
+ void *data; /* The buffer. */
+} gcry_buffer_t;
+
+
/* Check that the library fulfills the version requirement. */
@@ -361,10 +260,9 @@ const char *gcry_check_version (const char *req_version);
/* Codes for function dispatchers. */
/* Codes used with the gcry_control function. */
-enum gcry_ctl_cmds
+enum gcry_ctl_cmds
{
- GCRYCTL_SET_KEY = 1,
- GCRYCTL_SET_IV = 2,
+ /* Note: 1 .. 2 are not anymore used. */
GCRYCTL_CFB_SYNC = 3,
GCRYCTL_RESET = 4, /* e.g. for MDs */
GCRYCTL_FINALIZE = 5,
@@ -404,7 +302,7 @@ enum gcry_ctl_cmds
GCRYCTL_ANY_INITIALIZATION_P = 40,
GCRYCTL_SET_CBC_CTS = 41,
GCRYCTL_SET_CBC_MAC = 42,
- GCRYCTL_SET_CTR = 43,
+ /* Note: 43 is not anymore used. */
GCRYCTL_ENABLE_QUICK_RANDOM = 44,
GCRYCTL_SET_RANDOM_SEED_FILE = 45,
GCRYCTL_UPDATE_RANDOM_SEED_FILE = 46,
@@ -418,15 +316,25 @@ enum gcry_ctl_cmds
GCRYCTL_OPERATIONAL_P = 54,
GCRYCTL_FIPS_MODE_P = 55,
GCRYCTL_FORCE_FIPS_MODE = 56,
- GCRYCTL_SELFTEST = 57
+ GCRYCTL_SELFTEST = 57,
/* Note: 58 .. 62 are used internally. */
+ GCRYCTL_DISABLE_HWF = 63,
+ GCRYCTL_SET_ENFORCED_FIPS_FLAG = 64,
+ GCRYCTL_SET_PREFERRED_RNG_TYPE = 65,
+ GCRYCTL_GET_CURRENT_RNG_TYPE = 66,
+ GCRYCTL_DISABLE_LOCKED_SECMEM = 67,
+ GCRYCTL_DISABLE_PRIV_DROP = 68,
+ GCRYCTL_SET_CCM_LENGTHS = 69,
+ GCRYCTL_CLOSE_RANDOM_DEVICE = 70,
+ GCRYCTL_INACTIVATE_FIPS_FLAG = 71,
+ GCRYCTL_REACTIVATE_FIPS_FLAG = 72
};
/* Perform various operations defined by CMD. */
gcry_error_t gcry_control (enum gcry_ctl_cmds CMD, ...);
-/* S-expression management. */
+/* S-expression management. */
/* The object to represent an S-expression as used with the public key
functions. */
@@ -480,7 +388,7 @@ void gcry_sexp_release (gcry_sexp_t sexp);
/* Calculate the length of an canonized S-expresion in BUFFER and
check for a valid encoding. */
-size_t gcry_sexp_canon_len (const unsigned char *buffer, size_t length,
+size_t gcry_sexp_canon_len (const unsigned char *buffer, size_t length,
size_t *erroff, gcry_error_t *errcode);
/* Copies the S-expression object SEXP into BUFFER using the format
@@ -538,6 +446,13 @@ gcry_sexp_t gcry_sexp_cadr (const gcry_sexp_t list);
const char *gcry_sexp_nth_data (const gcry_sexp_t list, int number,
size_t *datalen);
+/* This function is used to get data from a LIST. A malloced buffer to the
+ data with index NUMBER is returned and the length of this
+ data will be stored to RLENGTH. If there is no data at the given
+ index or the index represents another list, `NULL' is returned. */
+void *gcry_sexp_nth_buffer (const gcry_sexp_t list, int number,
+ size_t *rlength);
+
/* This function is used to get and convert data from a LIST. The
data is assumed to be a Nul terminated string. The caller must
release the returned value using `gcry_free'. If there is no data
@@ -553,6 +468,12 @@ char *gcry_sexp_nth_string (gcry_sexp_t list, int number);
value can't be converted to an MPI, `NULL' is returned. */
gcry_mpi_t gcry_sexp_nth_mpi (gcry_sexp_t list, int number, int mpifmt);
+/* Convenience fucntion to extract parameters from an S-expression
+ * using a list of single letter parameters. */
+gpg_error_t gcry_sexp_extract_param (gcry_sexp_t sexp,
+ const char *path,
+ const char *list,
+ ...) _GCRY_GCC_ATTR_SENTINEL(0);
/*******************************************
@@ -562,26 +483,40 @@ gcry_mpi_t gcry_sexp_nth_mpi (gcry_sexp_t list, int number, int mpifmt);
*******************************************/
/* Different formats of external big integer representation. */
-enum gcry_mpi_format
+enum gcry_mpi_format
{
GCRYMPI_FMT_NONE= 0,
GCRYMPI_FMT_STD = 1, /* Twos complement stored without length. */
GCRYMPI_FMT_PGP = 2, /* As used by OpenPGP (unsigned only). */
GCRYMPI_FMT_SSH = 3, /* As used by SSH (like STD but with length). */
GCRYMPI_FMT_HEX = 4, /* Hex format. */
- GCRYMPI_FMT_USG = 5 /* Like STD but unsigned. */
+ GCRYMPI_FMT_USG = 5, /* Like STD but unsigned. */
+ GCRYMPI_FMT_OPAQUE = 8 /* Opaque format (some functions only). */
};
/* Flags used for creating big integers. */
-enum gcry_mpi_flag
+enum gcry_mpi_flag
{
GCRYMPI_FLAG_SECURE = 1, /* Allocate the number in "secure" memory. */
- GCRYMPI_FLAG_OPAQUE = 2 /* The number is not a real one but just
+ GCRYMPI_FLAG_OPAQUE = 2, /* The number is not a real one but just
a way to store some bytes. This is
useful for encrypted big integers. */
+ GCRYMPI_FLAG_IMMUTABLE = 4, /* Mark the MPI as immutable. */
+ GCRYMPI_FLAG_CONST = 8, /* Mark the MPI as a constant. */
+ GCRYMPI_FLAG_USER1 = 0x0100,/* User flag 1. */
+ GCRYMPI_FLAG_USER2 = 0x0200,/* User flag 2. */
+ GCRYMPI_FLAG_USER3 = 0x0400,/* User flag 3. */
+ GCRYMPI_FLAG_USER4 = 0x0800,/* User flag 4. */
};
+/* Macros to return pre-defined MPI constants. */
+#define GCRYMPI_CONST_ONE (_gcry_mpi_get_const (1))
+#define GCRYMPI_CONST_TWO (_gcry_mpi_get_const (2))
+#define GCRYMPI_CONST_THREE (_gcry_mpi_get_const (3))
+#define GCRYMPI_CONST_FOUR (_gcry_mpi_get_const (4))
+#define GCRYMPI_CONST_EIGHT (_gcry_mpi_get_const (8))
+
/* Allocate a new big integer object, initialize it with 0 and
initially allocate memory for a number of at least NBITS. */
gcry_mpi_t gcry_mpi_new (unsigned int nbits);
@@ -595,6 +530,9 @@ void gcry_mpi_release (gcry_mpi_t a);
/* Create a new number with the same value as A. */
gcry_mpi_t gcry_mpi_copy (const gcry_mpi_t a);
+/* Store the big integer value U in W and release U. */
+void gcry_mpi_snatch (gcry_mpi_t w, gcry_mpi_t u);
+
/* Store the big integer value U in W. */
gcry_mpi_t gcry_mpi_set (gcry_mpi_t w, const gcry_mpi_t u);
@@ -604,6 +542,15 @@ gcry_mpi_t gcry_mpi_set_ui (gcry_mpi_t w, unsigned long u);
/* Swap the values of A and B. */
void gcry_mpi_swap (gcry_mpi_t a, gcry_mpi_t b);
+/* Return 1 if A is negative; 0 if zero or positive. */
+int gcry_mpi_is_neg (gcry_mpi_t a);
+
+/* W = - U */
+void gcry_mpi_neg (gcry_mpi_t w, gcry_mpi_t u);
+
+/* W = [W] */
+void gcry_mpi_abs (gcry_mpi_t w);
+
/* Compare the big integer number U and V returning 0 for equality, a
positive value for U > V and a negative for U < V. */
int gcry_mpi_cmp (const gcry_mpi_t u, const gcry_mpi_t v);
@@ -618,7 +565,7 @@ int gcry_mpi_cmp_ui (const gcry_mpi_t u, unsigned long v);
RET_MPI. If NSCANNED is not NULL, it will receive the number of
bytes actually scanned after a successful operation. */
gcry_error_t gcry_mpi_scan (gcry_mpi_t *ret_mpi, enum gcry_mpi_format format,
- const void *buffer, size_t buflen,
+ const void *buffer, size_t buflen,
size_t *nscanned);
/* Convert the big integer A into the external representation
@@ -689,7 +636,7 @@ void gcry_mpi_powm (gcry_mpi_t w,
const gcry_mpi_t b, const gcry_mpi_t e,
const gcry_mpi_t m);
-/* Set G to the greatest common divisor of A and B.
+/* Set G to the greatest common divisor of A and B.
Return true if the G is 1. */
int gcry_mpi_gcd (gcry_mpi_t g, gcry_mpi_t a, gcry_mpi_t b);
@@ -697,6 +644,68 @@ int gcry_mpi_gcd (gcry_mpi_t g, gcry_mpi_t a, gcry_mpi_t b);
Return true if the value exists. */
int gcry_mpi_invm (gcry_mpi_t x, gcry_mpi_t a, gcry_mpi_t m);
+/* Create a new point object. NBITS is usually 0. */
+gcry_mpi_point_t gcry_mpi_point_new (unsigned int nbits);
+
+/* Release the object POINT. POINT may be NULL. */
+void gcry_mpi_point_release (gcry_mpi_point_t point);
+
+/* Store the projective coordinates from POINT into X, Y, and Z. */
+void gcry_mpi_point_get (gcry_mpi_t x, gcry_mpi_t y, gcry_mpi_t z,
+ gcry_mpi_point_t point);
+
+/* Store the projective coordinates from POINT into X, Y, and Z and
+ release POINT. */
+void gcry_mpi_point_snatch_get (gcry_mpi_t x, gcry_mpi_t y, gcry_mpi_t z,
+ gcry_mpi_point_t point);
+
+/* Store the projective coordinates X, Y, and Z into POINT. */
+gcry_mpi_point_t gcry_mpi_point_set (gcry_mpi_point_t point,
+ gcry_mpi_t x, gcry_mpi_t y, gcry_mpi_t z);
+
+/* Store the projective coordinates X, Y, and Z into POINT and release
+ X, Y, and Z. */
+gcry_mpi_point_t gcry_mpi_point_snatch_set (gcry_mpi_point_t point,
+ gcry_mpi_t x, gcry_mpi_t y,
+ gcry_mpi_t z);
+
+/* Allocate a new context for elliptic curve operations based on the
+ parameters given by KEYPARAM or using CURVENAME. */
+gpg_error_t gcry_mpi_ec_new (gcry_ctx_t *r_ctx,
+ gcry_sexp_t keyparam, const char *curvename);
+
+/* Get a named MPI from an elliptic curve context. */
+gcry_mpi_t gcry_mpi_ec_get_mpi (const char *name, gcry_ctx_t ctx, int copy);
+
+/* Get a named point from an elliptic curve context. */
+gcry_mpi_point_t gcry_mpi_ec_get_point (const char *name,
+ gcry_ctx_t ctx, int copy);
+
+/* Store a named MPI into an elliptic curve context. */
+gpg_error_t gcry_mpi_ec_set_mpi (const char *name, gcry_mpi_t newvalue,
+ gcry_ctx_t ctx);
+
+/* Store a named point into an elliptic curve context. */
+gpg_error_t gcry_mpi_ec_set_point (const char *name, gcry_mpi_point_t newvalue,
+ gcry_ctx_t ctx);
+
+/* Store the affine coordinates of POINT into X and Y. */
+int gcry_mpi_ec_get_affine (gcry_mpi_t x, gcry_mpi_t y, gcry_mpi_point_t point,
+ gcry_ctx_t ctx);
+
+/* W = 2 * U. */
+void gcry_mpi_ec_dup (gcry_mpi_point_t w, gcry_mpi_point_t u, gcry_ctx_t ctx);
+
+/* W = U + V. */
+void gcry_mpi_ec_add (gcry_mpi_point_t w,
+ gcry_mpi_point_t u, gcry_mpi_point_t v, gcry_ctx_t ctx);
+
+/* W = N * U. */
+void gcry_mpi_ec_mul (gcry_mpi_point_t w, gcry_mpi_t n, gcry_mpi_point_t u,
+ gcry_ctx_t ctx);
+
+/* Return true if POINT is on the curve described by CTX. */
+int gcry_mpi_ec_curve_point (gcry_mpi_point_t w, gcry_ctx_t ctx);
/* Return the number of bits required to represent A. */
unsigned int gcry_mpi_get_nbits (gcry_mpi_t a);
@@ -723,10 +732,18 @@ void gcry_mpi_rshift (gcry_mpi_t x, gcry_mpi_t a, unsigned int n);
void gcry_mpi_lshift (gcry_mpi_t x, gcry_mpi_t a, unsigned int n);
/* Store NBITS of the value P points to in A and mark A as an opaque
- value. WARNING: Never use an opaque MPI for anything thing else then
+ value. On success A received the the ownership of the value P.
+ WARNING: Never use an opaque MPI for anything thing else than
gcry_mpi_release, gcry_mpi_get_opaque. */
gcry_mpi_t gcry_mpi_set_opaque (gcry_mpi_t a, void *p, unsigned int nbits);
+/* Store NBITS of the value P points to in A and mark A as an opaque
+ value. The function takes a copy of the provided value P.
+ WARNING: Never use an opaque MPI for anything thing else than
+ gcry_mpi_release, gcry_mpi_get_opaque. */
+gcry_mpi_t gcry_mpi_set_opaque_copy (gcry_mpi_t a,
+ const void *p, unsigned int nbits);
+
/* Return a pointer to an opaque value stored in A and return its size
in NBITS. Note that the returned pointer is still owned by A and
that the function should never be used for an non-opaque MPI. */
@@ -741,9 +758,12 @@ void gcry_mpi_set_flag (gcry_mpi_t a, enum gcry_mpi_flag flag);
currently useless as no flags are allowed. */
void gcry_mpi_clear_flag (gcry_mpi_t a, enum gcry_mpi_flag flag);
-/* Return true when the FLAG is set for A. */
+/* Return true if the FLAG is set for A. */
int gcry_mpi_get_flag (gcry_mpi_t a, enum gcry_mpi_flag flag);
+/* Private function - do not use. */
+gcry_mpi_t _gcry_mpi_get_const (int no);
+
/* Unless the GCRYPT_NO_MPI_MACROS is used, provide a couple of
convenience macros for the big integer functions. */
#ifndef GCRYPT_NO_MPI_MACROS
@@ -758,11 +778,15 @@ int gcry_mpi_get_flag (gcry_mpi_t a, enum gcry_mpi_flag flag);
while (0)
#define mpi_copy( a ) gcry_mpi_copy( (a) )
+#define mpi_snatch( w, u) gcry_mpi_snatch( (w), (u) )
#define mpi_set( w, u) gcry_mpi_set( (w), (u) )
#define mpi_set_ui( w, u) gcry_mpi_set_ui( (w), (u) )
+#define mpi_abs( w ) gcry_mpi_abs( (w) )
+#define mpi_neg( w, u) gcry_mpi_neg( (w), (u) )
#define mpi_cmp( u, v ) gcry_mpi_cmp( (u), (v) )
#define mpi_cmp_ui( u, v ) gcry_mpi_cmp_ui( (u), (v) )
-
+#define mpi_is_neg( a ) gcry_mpi_is_neg ((a))
+
#define mpi_add_ui(w,u,v) gcry_mpi_add_ui((w),(u),(v))
#define mpi_add(w,u,v) gcry_mpi_add ((w),(u),(v))
#define mpi_addm(w,u,v,m) gcry_mpi_addm ((w),(u),(v),(m))
@@ -780,6 +804,19 @@ int gcry_mpi_get_flag (gcry_mpi_t a, enum gcry_mpi_flag flag);
#define mpi_gcd(g,a,b) gcry_mpi_gcd ( (g), (a), (b) )
#define mpi_invm(g,a,b) gcry_mpi_invm ( (g), (a), (b) )
+#define mpi_point_new(n) gcry_mpi_point_new((n))
+#define mpi_point_release(p) \
+ do \
+ { \
+ gcry_mpi_point_release ((p)); \
+ (p) = NULL; \
+ } \
+ while (0)
+#define mpi_point_get(x,y,z,p) gcry_mpi_point_get((x),(y),(z),(p))
+#define mpi_point_snatch_get(x,y,z,p) gcry_mpi_point_snatch_get((x),(y),(z),(p))
+#define mpi_point_set(p,x,y,z) gcry_mpi_point_set((p),(x),(y),(z))
+#define mpi_point_snatch_set(p,x,y,z) gcry_mpi_point_snatch_set((p),(x),(y),(z))
+
#define mpi_get_nbits(a) gcry_mpi_get_nbits ((a))
#define mpi_test_bit(a,b) gcry_mpi_test_bit ((a),(b))
#define mpi_set_bit(a,b) gcry_mpi_set_bit ((a),(b))
@@ -838,19 +875,22 @@ enum gcry_cipher_algos
GCRY_CIPHER_SEED = 309, /* 128 bit cipher described in RFC4269. */
GCRY_CIPHER_CAMELLIA128 = 310,
GCRY_CIPHER_CAMELLIA192 = 311,
- GCRY_CIPHER_CAMELLIA256 = 312
+ GCRY_CIPHER_CAMELLIA256 = 312,
+ GCRY_CIPHER_SALSA20 = 313,
+ GCRY_CIPHER_SALSA20R12 = 314,
+ GCRY_CIPHER_GOST28147 = 315
};
/* The Rijndael algorithm is basically AES, so provide some macros. */
-#define GCRY_CIPHER_AES128 GCRY_CIPHER_AES
-#define GCRY_CIPHER_RIJNDAEL GCRY_CIPHER_AES
-#define GCRY_CIPHER_RIJNDAEL128 GCRY_CIPHER_AES128
-#define GCRY_CIPHER_RIJNDAEL192 GCRY_CIPHER_AES192
-#define GCRY_CIPHER_RIJNDAEL256 GCRY_CIPHER_AES256
+#define GCRY_CIPHER_AES128 GCRY_CIPHER_AES
+#define GCRY_CIPHER_RIJNDAEL GCRY_CIPHER_AES
+#define GCRY_CIPHER_RIJNDAEL128 GCRY_CIPHER_AES128
+#define GCRY_CIPHER_RIJNDAEL192 GCRY_CIPHER_AES192
+#define GCRY_CIPHER_RIJNDAEL256 GCRY_CIPHER_AES256
/* The supported encryption modes. Note that not all of them are
supported for each algorithm. */
-enum gcry_cipher_modes
+enum gcry_cipher_modes
{
GCRY_CIPHER_MODE_NONE = 0, /* Not yet specified. */
GCRY_CIPHER_MODE_ECB = 1, /* Electronic codebook. */
@@ -859,10 +899,12 @@ enum gcry_cipher_modes
GCRY_CIPHER_MODE_STREAM = 4, /* Used with stream ciphers. */
GCRY_CIPHER_MODE_OFB = 5, /* Outer feedback. */
GCRY_CIPHER_MODE_CTR = 6, /* Counter. */
- GCRY_CIPHER_MODE_AESWRAP= 7 /* AES-WRAP algorithm. */
+ GCRY_CIPHER_MODE_AESWRAP= 7, /* AES-WRAP algorithm. */
+ GCRY_CIPHER_MODE_CCM = 8, /* Counter with CBC-MAC. */
+ GCRY_CIPHER_MODE_GCM = 9 /* Galois Counter Mode. */
};
-/* Flags used with the open function. */
+/* Flags used with the open function. */
enum gcry_cipher_flags
{
GCRY_CIPHER_SECURE = 1, /* Allocate in secure memory. */
@@ -871,6 +913,11 @@ enum gcry_cipher_flags
GCRY_CIPHER_CBC_MAC = 8 /* Enable CBC message auth. code (MAC). */
};
+/* GCM works only with blocks of 128 bits */
+#define GCRY_GCM_BLOCK_LEN (128 / 8)
+
+/* CCM works only with blocks of 128 bits. */
+#define GCRY_CCM_BLOCK_LEN (128 / 8)
/* Create a handle for algorithm ALGO to be used in MODE. FLAGS may
be given as an bitwise OR of the gcry_cipher_flags values. */
@@ -928,6 +975,17 @@ gcry_error_t gcry_cipher_setkey (gcry_cipher_hd_t hd,
gcry_error_t gcry_cipher_setiv (gcry_cipher_hd_t hd,
const void *iv, size_t ivlen);
+/* Provide additional authentication data for AEAD modes/ciphers. */
+gcry_error_t gcry_cipher_authenticate (gcry_cipher_hd_t hd, const void *abuf,
+ size_t abuflen);
+
+/* Get authentication tag for AEAD modes/ciphers. */
+gcry_error_t gcry_cipher_gettag (gcry_cipher_hd_t hd, void *outtag,
+ size_t taglen);
+
+/* Check authentication tag for AEAD modes/ciphers. */
+gcry_error_t gcry_cipher_checktag (gcry_cipher_hd_t hd, const void *intag,
+ size_t taglen);
/* Reset the handle to the state after open. */
#define gcry_cipher_reset(h) gcry_cipher_ctl ((h), GCRYCTL_RESET, NULL, 0)
@@ -945,7 +1003,7 @@ gcry_error_t gcry_cipher_setiv (gcry_cipher_hd_t hd,
gpg_error_t gcry_cipher_setctr (gcry_cipher_hd_t hd,
const void *ctr, size_t ctrlen);
-/* Retrieved the key length in bytes used with algorithm A. */
+/* Retrieve the key length in bytes used with algorithm A. */
size_t gcry_cipher_get_algo_keylen (int algo);
/* Retrieve the block length in bytes used with algorithm A. */
@@ -955,14 +1013,6 @@ size_t gcry_cipher_get_algo_blklen (int algo);
#define gcry_cipher_test_algo(a) \
gcry_cipher_algo_info( (a), GCRYCTL_TEST_ALGO, NULL, NULL )
-/* Get a list consisting of the IDs of the loaded cipher modules. If
- LIST is zero, write the number of loaded cipher modules to
- LIST_LENGTH and return. If LIST is non-zero, the first
- *LIST_LENGTH algorithm IDs are stored in LIST, which must be of
- according size. In case there are less cipher modules than
- *LIST_LENGTH, *LIST_LENGTH is updated to the correct number. */
-gcry_error_t gcry_cipher_list (int *list, int *list_length);
-
/************************************
* *
@@ -970,24 +1020,30 @@ gcry_error_t gcry_cipher_list (int *list, int *list_length);
* *
************************************/
-/* The algorithms and their IDs we support. */
-enum gcry_pk_algos
+/* The algorithms and their IDs we support. */
+enum gcry_pk_algos
{
- GCRY_PK_RSA = 1,
- GCRY_PK_RSA_E = 2, /* (deprecated) */
- GCRY_PK_RSA_S = 3, /* (deprecated) */
- GCRY_PK_ELG_E = 16,
- GCRY_PK_DSA = 17,
- GCRY_PK_ELG = 20,
- GCRY_PK_ECDSA = 301
+ GCRY_PK_RSA = 1, /* RSA */
+ GCRY_PK_RSA_E = 2, /* (deprecated: use 1). */
+ GCRY_PK_RSA_S = 3, /* (deprecated: use 1). */
+ GCRY_PK_ELG_E = 16, /* (deprecated: use 20). */
+ GCRY_PK_DSA = 17, /* Digital Signature Algorithm. */
+ GCRY_PK_ECC = 18, /* Generic ECC. */
+ GCRY_PK_ELG = 20, /* Elgamal */
+ GCRY_PK_ECDSA = 301, /* (deprecated: use 18). */
+ GCRY_PK_ECDH = 302 /* (deprecated: use 18). */
};
/* Flags describing usage capabilities of a PK algorithm. */
-#define GCRY_PK_USAGE_SIGN 1 /* Good for signatures. */
-#define GCRY_PK_USAGE_ENCR 2 /* Good for encryption. */
+#define GCRY_PK_USAGE_SIGN 1 /* Good for signatures. */
+#define GCRY_PK_USAGE_ENCR 2 /* Good for encryption. */
#define GCRY_PK_USAGE_CERT 4 /* Good to certify other keys. */
-#define GCRY_PK_USAGE_AUTH 8 /* Good for authentication. */
-#define GCRY_PK_USAGE_UNKN 128 /* Unknown usage flag. */
+#define GCRY_PK_USAGE_AUTH 8 /* Good for authentication. */
+#define GCRY_PK_USAGE_UNKN 128 /* Unknown usage flag. */
+
+/* Modes used with gcry_pubkey_get_sexp. */
+#define GCRY_PK_GET_PUBKEY 1
+#define GCRY_PK_GET_SECKEY 2
/* Encrypt the DATA using the public key PKEY and store the result as
a newly created S-expression at RESULT. */
@@ -1036,21 +1092,25 @@ int gcry_pk_map_name (const char* name) _GCRY_GCC_ATTR_PURE;
public or private KEY. */
unsigned int gcry_pk_get_nbits (gcry_sexp_t key) _GCRY_GCC_ATTR_PURE;
-/* Please note that keygrip is still experimental and should not be
- used without contacting the author. */
+/* Return the so called KEYGRIP which is the SHA-1 hash of the public
+ key parameters expressed in a way depending on the algorithm. */
unsigned char *gcry_pk_get_keygrip (gcry_sexp_t key, unsigned char *array);
+/* Return the name of the curve matching KEY. */
+const char *gcry_pk_get_curve (gcry_sexp_t key, int iterator,
+ unsigned int *r_nbits);
+
+/* Return an S-expression with the parameters of the named ECC curve
+ NAME. ALGO must be set to an ECC algorithm. */
+gcry_sexp_t gcry_pk_get_param (int algo, const char *name);
+
/* Return 0 if the public key algorithm A is available for use. */
#define gcry_pk_test_algo(a) \
gcry_pk_algo_info( (a), GCRYCTL_TEST_ALGO, NULL, NULL )
-/* Get a list consisting of the IDs of the loaded pubkey modules. If
- LIST is zero, write the number of loaded pubkey modules to
- LIST_LENGTH and return. If LIST is non-zero, the first
- *LIST_LENGTH algorithm IDs are stored in LIST, which must be of
- according size. In case there are less pubkey modules than
- *LIST_LENGTH, *LIST_LENGTH is updated to the correct number. */
-gcry_error_t gcry_pk_list (int *list, int *list_length);
+/* Return an S-expression representing the context CTX. */
+gcry_error_t gcry_pubkey_get_sexp (gcry_sexp_t *r_sexp,
+ int mode, gcry_ctx_t ctx);
@@ -1064,12 +1124,12 @@ gcry_error_t gcry_pk_list (int *list, int *list_length);
are implemnted. */
enum gcry_md_algos
{
- GCRY_MD_NONE = 0,
+ GCRY_MD_NONE = 0,
GCRY_MD_MD5 = 1,
GCRY_MD_SHA1 = 2,
GCRY_MD_RMD160 = 3,
GCRY_MD_MD2 = 5,
- GCRY_MD_TIGER = 6, /* TIGER/192 as used by GnuPG <= 1.3.2. */
+ GCRY_MD_TIGER = 6, /* TIGER/192 as used by gpg <= 1.3.2. */
GCRY_MD_HAVAL = 7, /* HAVAL, 5 pass, 160 bit. */
GCRY_MD_SHA256 = 8,
GCRY_MD_SHA384 = 9,
@@ -1079,16 +1139,20 @@ enum gcry_md_algos
GCRY_MD_CRC32 = 302,
GCRY_MD_CRC32_RFC1510 = 303,
GCRY_MD_CRC24_RFC2440 = 304,
- GCRY_MD_WHIRLPOOL = 305,
- GCRY_MD_TIGER1 = 306, /* TIGER (fixed). */
- GCRY_MD_TIGER2 = 307 /* TIGER2 variant. */
+ GCRY_MD_WHIRLPOOL = 305,
+ GCRY_MD_TIGER1 = 306, /* TIGER fixed. */
+ GCRY_MD_TIGER2 = 307, /* TIGER2 variant. */
+ GCRY_MD_GOSTR3411_94 = 308, /* GOST R 34.11-94. */
+ GCRY_MD_STRIBOG256 = 309, /* GOST R 34.11-2012, 256 bit. */
+ GCRY_MD_STRIBOG512 = 310 /* GOST R 34.11-2012, 512 bit. */
};
/* Flags used with the open function. */
enum gcry_md_flags
{
GCRY_MD_FLAG_SECURE = 1, /* Allocate all buffers in "secure" memory. */
- GCRY_MD_FLAG_HMAC = 2 /* Make an HMAC out of this algorithm. */
+ GCRY_MD_FLAG_HMAC = 2, /* Make an HMAC out of this algorithm. */
+ GCRY_MD_FLAG_BUGEMU1 = 0x0100
};
/* (Forward declaration.) */
@@ -1097,11 +1161,11 @@ struct gcry_md_context;
/* This object is used to hold a handle to a message digest object.
This structure is private - only to be used by the public gcry_md_*
macros. */
-typedef struct gcry_md_handle
+typedef struct gcry_md_handle
{
/* Actual context. */
struct gcry_md_context *ctx;
-
+
/* Buffer management. */
int bufpos;
int bufsize;
@@ -1153,6 +1217,10 @@ unsigned char *gcry_md_read (gcry_md_hd_t hd, int algo);
void gcry_md_hash_buffer (int algo, void *digest,
const void *buffer, size_t length);
+/* Convenience function to hash multiple buffers. */
+gpg_error_t gcry_md_hash_buffers (int algo, unsigned int flags, void *digest,
+ const gcry_buffer_t *iov, int iovcnt);
+
/* Retrieve the algorithm used with HD. This does not work reliable
if more than one algorithm is enabled in HD. */
int gcry_md_get_algo (gcry_md_hd_t hd);
@@ -1221,401 +1289,149 @@ void gcry_md_debug (gcry_md_hd_t hd, const char *suffix);
#define gcry_md_get_asnoid(a,b,n) \
gcry_md_algo_info((a), GCRYCTL_GET_ASNOID, (b), (n))
-/* Enable debugging for digest object A; i.e. create files named
- dbgmd-<n>.<string> while hashing. B is a string used as the suffix
- for the filename. This macro is deprecated, use gcry_md_debug. */
-#ifndef GCRYPT_NO_DEPRECATED
-#define gcry_md_start_debug(a,b) \
- gcry_md_ctl( (a), GCRYCTL_START_DUMP, (b), 0 )
-
-/* Disable the debugging of A. This macro is deprecated, use
- gcry_md_debug. */
-#define gcry_md_stop_debug(a,b) \
- gcry_md_ctl( (a), GCRYCTL_STOP_DUMP, (b), 0 )
-#endif
-
-/* Get a list consisting of the IDs of the loaded message digest
- modules. If LIST is zero, write the number of loaded message
- digest modules to LIST_LENGTH and return. If LIST is non-zero, the
- first *LIST_LENGTH algorithm IDs are stored in LIST, which must be
- of according size. In case there are less message digest modules
- than *LIST_LENGTH, *LIST_LENGTH is updated to the correct
- number. */
-gcry_error_t gcry_md_list (int *list, int *list_length);
-
-/* Alternative interface for asymmetric cryptography. This interface
- is deprecated. */
+/**********************************************
+ * *
+ * Message Authentication Code Functions *
+ * *
+ **********************************************/
-/* The algorithm IDs. */
-typedef enum gcry_ac_id
- {
- GCRY_AC_RSA = 1,
- GCRY_AC_DSA = 17,
- GCRY_AC_ELG = 20,
- GCRY_AC_ELG_E = 16
- }
-gcry_ac_id_t;
+/* The data object used to hold a handle to an encryption object. */
+struct gcry_mac_handle;
+typedef struct gcry_mac_handle *gcry_mac_hd_t;
-/* Key types. */
-typedef enum gcry_ac_key_type
+/* Algorithm IDs for the hash functions we know about. Not all of them
+ are implemented. */
+enum gcry_mac_algos
{
- GCRY_AC_KEY_SECRET,
- GCRY_AC_KEY_PUBLIC
- }
-gcry_ac_key_type_t;
+ GCRY_MAC_NONE = 0,
+
+ GCRY_MAC_HMAC_SHA256 = 101,
+ GCRY_MAC_HMAC_SHA224 = 102,
+ GCRY_MAC_HMAC_SHA512 = 103,
+ GCRY_MAC_HMAC_SHA384 = 104,
+ GCRY_MAC_HMAC_SHA1 = 105,
+ GCRY_MAC_HMAC_MD5 = 106,
+ GCRY_MAC_HMAC_MD4 = 107,
+ GCRY_MAC_HMAC_RMD160 = 108,
+ GCRY_MAC_HMAC_TIGER1 = 109, /* The fixed TIGER variant */
+ GCRY_MAC_HMAC_WHIRLPOOL = 110,
+ GCRY_MAC_HMAC_GOSTR3411_94 = 111,
+ GCRY_MAC_HMAC_STRIBOG256 = 112,
+ GCRY_MAC_HMAC_STRIBOG512 = 113,
+
+ GCRY_MAC_CMAC_AES = 201,
+ GCRY_MAC_CMAC_3DES = 202,
+ GCRY_MAC_CMAC_CAMELLIA = 203,
+ GCRY_MAC_CMAC_CAST5 = 204,
+ GCRY_MAC_CMAC_BLOWFISH = 205,
+ GCRY_MAC_CMAC_TWOFISH = 206,
+ GCRY_MAC_CMAC_SERPENT = 207,
+ GCRY_MAC_CMAC_SEED = 208,
+ GCRY_MAC_CMAC_RFC2268 = 209,
+ GCRY_MAC_CMAC_IDEA = 210,
+ GCRY_MAC_CMAC_GOST28147 = 211,
+
+ GCRY_MAC_GMAC_AES = 401,
+ GCRY_MAC_GMAC_CAMELLIA = 402,
+ GCRY_MAC_GMAC_TWOFISH = 403,
+ GCRY_MAC_GMAC_SERPENT = 404,
+ GCRY_MAC_GMAC_SEED = 405
+ };
-/* Encoding methods. */
-typedef enum gcry_ac_em
+/* Flags used with the open function. */
+enum gcry_mac_flags
{
- GCRY_AC_EME_PKCS_V1_5,
- GCRY_AC_EMSA_PKCS_V1_5
- }
-gcry_ac_em_t;
+ GCRY_MAC_FLAG_SECURE = 1, /* Allocate all buffers in "secure" memory. */
+ };
-/* Encryption and Signature schemes. */
-typedef enum gcry_ac_scheme
- {
- GCRY_AC_ES_PKCS_V1_5,
- GCRY_AC_SSA_PKCS_V1_5
- }
-gcry_ac_scheme_t;
+/* Create a MAC handle for algorithm ALGO. FLAGS may be given as an bitwise OR
+ of the gcry_mac_flags values. CTX maybe NULL or gcry_ctx_t object to be
+ associated with HANDLE. */
+gcry_error_t gcry_mac_open (gcry_mac_hd_t *handle, int algo,
+ unsigned int flags, gcry_ctx_t ctx);
-/* AC data. */
-#define GCRY_AC_FLAG_DEALLOC (1 << 0)
-#define GCRY_AC_FLAG_COPY (1 << 1)
-#define GCRY_AC_FLAG_NO_BLINDING (1 << 2)
+/* Close the MAC handle H and release all resource. */
+void gcry_mac_close (gcry_mac_hd_t h);
-/* This type represents a `data set'. */
-typedef struct gcry_ac_data *gcry_ac_data_t;
+/* Perform various operations on the MAC object H. */
+gcry_error_t gcry_mac_ctl (gcry_mac_hd_t h, int cmd, void *buffer,
+ size_t buflen);
-/* This type represents a single `key', either a secret one or a
- public one. */
-typedef struct gcry_ac_key *gcry_ac_key_t;
+/* Retrieve various information about the MAC algorithm ALGO. */
+gcry_error_t gcry_mac_algo_info (int algo, int what, void *buffer,
+ size_t *nbytes);
-/* This type represents a `key pair' containing a secret and a public
- key. */
-typedef struct gcry_ac_key_pair *gcry_ac_key_pair_t;
+/* Set KEY of length KEYLEN bytes for the MAC handle HD. */
+gcry_error_t gcry_mac_setkey (gcry_mac_hd_t hd, const void *key,
+ size_t keylen);
-/* This type represents a `handle' that is needed by functions
- performing cryptographic operations. */
-typedef struct gcry_ac_handle *gcry_ac_handle_t;
+/* Set initialization vector IV of length IVLEN for the MAC handle HD. */
+gcry_error_t gcry_mac_setiv (gcry_mac_hd_t hd, const void *iv,
+ size_t ivlen);
-typedef gpg_error_t (*gcry_ac_data_read_cb_t) (void *opaque,
- unsigned char *buffer,
- size_t *buffer_n);
+/* Pass LENGTH bytes of data in BUFFER to the MAC object HD so that
+ it can update the MAC values. */
+gcry_error_t gcry_mac_write (gcry_mac_hd_t hd, const void *buffer,
+ size_t length);
-typedef gpg_error_t (*gcry_ac_data_write_cb_t) (void *opaque,
- unsigned char *buffer,
- size_t buffer_n);
+/* Read out the final authentication code from the MAC object HD to BUFFER. */
+gcry_error_t gcry_mac_read (gcry_mac_hd_t hd, void *buffer, size_t *buflen);
-typedef enum
- {
- GCRY_AC_IO_READABLE,
- GCRY_AC_IO_WRITABLE
- }
-gcry_ac_io_mode_t;
+/* Verify the final authentication code from the MAC object HD with BUFFER. */
+gcry_error_t gcry_mac_verify (gcry_mac_hd_t hd, const void *buffer,
+ size_t buflen);
-typedef enum
- {
- GCRY_AC_IO_STRING,
- GCRY_AC_IO_CALLBACK
- }
-gcry_ac_io_type_t;
+/* Retrieve the length in bytes of the MAC yielded by algorithm ALGO. */
+unsigned int gcry_mac_get_algo_maclen (int algo);
-typedef struct gcry_ac_io
-{
- /* This is an INTERNAL structure, do NOT use manually. */
- gcry_ac_io_mode_t mode _GCRY_ATTR_INTERNAL;
- gcry_ac_io_type_t type _GCRY_ATTR_INTERNAL;
- union
- {
- union
- {
- struct
- {
- gcry_ac_data_read_cb_t cb;
- void *opaque;
- } callback;
- struct
- {
- unsigned char *data;
- size_t data_n;
- } string;
- void *opaque;
- } readable;
- union
- {
- struct
- {
- gcry_ac_data_write_cb_t cb;
- void *opaque;
- } callback;
- struct
- {
- unsigned char **data;
- size_t *data_n;
- } string;
- void *opaque;
- } writable;
- } io _GCRY_ATTR_INTERNAL;
-}
-gcry_ac_io_t;
+/* Retrieve the default key length in bytes used with algorithm A. */
+unsigned int gcry_mac_get_algo_keylen (int algo);
-/* The caller of gcry_ac_key_pair_generate can provide one of these
- structures in order to influence the key generation process in an
- algorithm-specific way. */
-typedef struct gcry_ac_key_spec_rsa
-{
- gcry_mpi_t e; /* E to use. */
-} gcry_ac_key_spec_rsa_t;
+/* Map the MAC algorithm whose ID is contained in ALGORITHM to a
+ string representation of the algorithm name. For unknown algorithm
+ IDs this function returns "?". */
+const char *gcry_mac_algo_name (int algorithm) _GCRY_GCC_ATTR_PURE;
-/* Structure used for passing data to the implementation of the
- `EME-PKCS-V1_5' encoding method. */
-typedef struct gcry_ac_eme_pkcs_v1_5
-{
- size_t key_size;
-} gcry_ac_eme_pkcs_v1_5_t;
+/* Map the algorithm name NAME to an MAC algorithm ID. Return 0 if
+ the algorithm name is not known. */
+int gcry_mac_map_name (const char *name) _GCRY_GCC_ATTR_PURE;
-typedef enum gcry_md_algos gcry_md_algo_t;
+/* Reset the handle to the state after open/setkey. */
+#define gcry_mac_reset(h) gcry_mac_ctl ((h), GCRYCTL_RESET, NULL, 0)
+
+/* Return 0 if the algorithm A is available for use. */
+#define gcry_mac_test_algo(a) \
+ gcry_mac_algo_info( (a), GCRYCTL_TEST_ALGO, NULL, NULL )
+
+
+/******************************
+ * *
+ * Key Derivation Functions *
+ * *
+ ******************************/
+
+/* Algorithm IDs for the KDFs. */
+enum gcry_kdf_algos
+ {
+ GCRY_KDF_NONE = 0,
+ GCRY_KDF_SIMPLE_S2K = 16,
+ GCRY_KDF_SALTED_S2K = 17,
+ GCRY_KDF_ITERSALTED_S2K = 19,
+ GCRY_KDF_PBKDF1 = 33,
+ GCRY_KDF_PBKDF2 = 34,
+ GCRY_KDF_SCRYPT = 48
+ };
+
+/* Derive a key from a passphrase. */
+gpg_error_t gcry_kdf_derive (const void *passphrase, size_t passphraselen,
+ int algo, int subalgo,
+ const void *salt, size_t saltlen,
+ unsigned long iterations,
+ size_t keysize, void *keybuffer);
-/* Structure used for passing data to the implementation of the
- `EMSA-PKCS-V1_5' encoding method. */
-typedef struct gcry_ac_emsa_pkcs_v1_5
-{
- gcry_md_algo_t md;
- size_t em_n;
-} gcry_ac_emsa_pkcs_v1_5_t;
-/* Structure used for passing data to the implementation of the
- `SSA-PKCS-V1_5' signature scheme. */
-typedef struct gcry_ac_ssa_pkcs_v1_5
-{
- gcry_md_algo_t md;
-} gcry_ac_ssa_pkcs_v1_5_t;
-
-/* Returns a new, empty data set in DATA. */
-gcry_error_t gcry_ac_data_new (gcry_ac_data_t *data);
-
-/* Destroy the data set DATA. */
-void gcry_ac_data_destroy (gcry_ac_data_t data);
-
-/* Create a copy of the data set DATA and store it in DATA_CP. */
-gcry_error_t gcry_ac_data_copy (gcry_ac_data_t *data_cp,
- gcry_ac_data_t data);
-
-/* Return the number of named MPI values inside of the data set
- DATA. */
-unsigned int gcry_ac_data_length (gcry_ac_data_t data);
-
-/* Destroy any values contained in the data set DATA. */
-void gcry_ac_data_clear (gcry_ac_data_t data);
-
-/* Add the value MPI to DATA with the label NAME. If FLAGS contains
- GCRY_AC_FLAG_DATA_COPY, the data set will contain copies of NAME
- and MPI. If FLAGS contains GCRY_AC_FLAG_DATA_DEALLOC or
- GCRY_AC_FLAG_DATA_COPY, the values contained in the data set will
- be deallocated when they are to be removed from the data set. */
-gcry_error_t gcry_ac_data_set (gcry_ac_data_t data, unsigned int flags,
- const char *name, gcry_mpi_t mpi);
-
-/* Store the value labelled with NAME found in DATA in MPI. If FLAGS
- contains GCRY_AC_FLAG_COPY, store a copy of the MPI value contained
- in the data set. MPI may be NULL. */
-gcry_error_t gcry_ac_data_get_name (gcry_ac_data_t data, unsigned int flags,
- const char *name, gcry_mpi_t *mpi);
-
-/* Stores in NAME and MPI the named MPI value contained in the data
- set DATA with the index IDX. If FLAGS contains GCRY_AC_FLAG_COPY,
- store copies of the values contained in the data set. NAME or MPI
- may be NULL. */
-gcry_error_t gcry_ac_data_get_index (gcry_ac_data_t data, unsigned int flags,
- unsigned int idx,
- const char **name, gcry_mpi_t *mpi);
-
-/* Convert the data set DATA into a new S-Expression, which is to be
- stored in SEXP, according to the identifiers contained in
- IDENTIFIERS. */
-gcry_error_t gcry_ac_data_to_sexp (gcry_ac_data_t data, gcry_sexp_t *sexp,
- const char **identifiers);
-
-/* Create a new data set, which is to be stored in DATA_SET, from the
- S-Expression SEXP, according to the identifiers contained in
- IDENTIFIERS. */
-gcry_error_t gcry_ac_data_from_sexp (gcry_ac_data_t *data, gcry_sexp_t sexp,
- const char **identifiers);
-
-/* Initialize AC_IO according to MODE, TYPE and the variable list of
- arguments. The list of variable arguments to specify depends on
- the given TYPE. */
-void gcry_ac_io_init (gcry_ac_io_t *ac_io, gcry_ac_io_mode_t mode,
- gcry_ac_io_type_t type, ...);
-
-/* Initialize AC_IO according to MODE, TYPE and the variable list of
- arguments AP. The list of variable arguments to specify depends on
- the given TYPE. */
-void gcry_ac_io_init_va (gcry_ac_io_t *ac_io, gcry_ac_io_mode_t mode,
- gcry_ac_io_type_t type, va_list ap);
-
-/* Create a new ac handle. */
-gcry_error_t gcry_ac_open (gcry_ac_handle_t *handle,
- gcry_ac_id_t algorithm, unsigned int flags);
-
-/* Destroy an ac handle. */
-void gcry_ac_close (gcry_ac_handle_t handle);
-
-/* Initialize a key from a given data set. */
-gcry_error_t gcry_ac_key_init (gcry_ac_key_t *key, gcry_ac_handle_t handle,
- gcry_ac_key_type_t type, gcry_ac_data_t data);
-
-/* Generates a new key pair via the handle HANDLE of NBITS bits and
- stores it in KEY_PAIR. In case non-standard settings are wanted, a
- pointer to a structure of type gcry_ac_key_spec_<algorithm>_t,
- matching the selected algorithm, can be given as KEY_SPEC.
- MISC_DATA is not used yet. */
-gcry_error_t gcry_ac_key_pair_generate (gcry_ac_handle_t handle,
- unsigned int nbits, void *spec,
- gcry_ac_key_pair_t *key_pair,
- gcry_mpi_t **misc_data);
-
-/* Returns the key of type WHICH out of the key pair KEY_PAIR. */
-gcry_ac_key_t gcry_ac_key_pair_extract (gcry_ac_key_pair_t key_pair,
- gcry_ac_key_type_t which);
-
-/* Returns the data set contained in the key KEY. */
-gcry_ac_data_t gcry_ac_key_data_get (gcry_ac_key_t key);
-
-/* Verifies that the key KEY is sane via HANDLE. */
-gcry_error_t gcry_ac_key_test (gcry_ac_handle_t handle, gcry_ac_key_t key);
-
-/* Stores the number of bits of the key KEY in NBITS via HANDLE. */
-gcry_error_t gcry_ac_key_get_nbits (gcry_ac_handle_t handle,
- gcry_ac_key_t key, unsigned int *nbits);
-
-/* Writes the 20 byte long key grip of the key KEY to KEY_GRIP via
- HANDLE. */
-gcry_error_t gcry_ac_key_get_grip (gcry_ac_handle_t handle, gcry_ac_key_t key,
- unsigned char *key_grip);
-
-/* Destroy a key. */
-void gcry_ac_key_destroy (gcry_ac_key_t key);
-
-/* Destroy a key pair. */
-void gcry_ac_key_pair_destroy (gcry_ac_key_pair_t key_pair);
-
-/* Encodes a message according to the encoding method METHOD. OPTIONS
- must be a pointer to a method-specific structure
- (gcry_ac_em*_t). */
-gcry_error_t gcry_ac_data_encode (gcry_ac_em_t method,
- unsigned int flags, void *options,
- gcry_ac_io_t *io_read,
- gcry_ac_io_t *io_write);
-
-/* Decodes a message according to the encoding method METHOD. OPTIONS
- must be a pointer to a method-specific structure
- (gcry_ac_em*_t). */
-gcry_error_t gcry_ac_data_decode (gcry_ac_em_t method,
- unsigned int flags, void *options,
- gcry_ac_io_t *io_read,
- gcry_ac_io_t *io_write);
-
-/* Encrypt the plain text MPI value DATA_PLAIN with the key KEY under
- the control of the flags FLAGS and store the resulting data set
- into DATA_ENCRYPTED. */
-gcry_error_t gcry_ac_data_encrypt (gcry_ac_handle_t handle,
- unsigned int flags,
- gcry_ac_key_t key,
- gcry_mpi_t data_plain,
- gcry_ac_data_t *data_encrypted);
-
-/* Decrypt the decrypted data contained in the data set DATA_ENCRYPTED
- with the key KEY under the control of the flags FLAGS and store the
- resulting plain text MPI value in DATA_PLAIN. */
-gcry_error_t gcry_ac_data_decrypt (gcry_ac_handle_t handle,
- unsigned int flags,
- gcry_ac_key_t key,
- gcry_mpi_t *data_plain,
- gcry_ac_data_t data_encrypted);
-
-/* Sign the data contained in DATA with the key KEY and store the
- resulting signature in the data set DATA_SIGNATURE. */
-gcry_error_t gcry_ac_data_sign (gcry_ac_handle_t handle,
- gcry_ac_key_t key,
- gcry_mpi_t data,
- gcry_ac_data_t *data_signature);
-
-/* Verify that the signature contained in the data set DATA_SIGNATURE
- is indeed the result of signing the data contained in DATA with the
- secret key belonging to the public key KEY. */
-gcry_error_t gcry_ac_data_verify (gcry_ac_handle_t handle,
- gcry_ac_key_t key,
- gcry_mpi_t data,
- gcry_ac_data_t data_signature);
-
-/* Encrypts the plain text readable from IO_MESSAGE through HANDLE
- with the public key KEY according to SCHEME, FLAGS and OPTS. If
- OPTS is not NULL, it has to be a pointer to a structure specific to
- the chosen scheme (gcry_ac_es_*_t). The encrypted message is
- written to IO_CIPHER. */
-gcry_error_t gcry_ac_data_encrypt_scheme (gcry_ac_handle_t handle,
- gcry_ac_scheme_t scheme,
- unsigned int flags, void *opts,
- gcry_ac_key_t key,
- gcry_ac_io_t *io_message,
- gcry_ac_io_t *io_cipher);
-
-/* Decrypts the cipher text readable from IO_CIPHER through HANDLE
- with the secret key KEY according to SCHEME, @var{flags} and OPTS.
- If OPTS is not NULL, it has to be a pointer to a structure specific
- to the chosen scheme (gcry_ac_es_*_t). The decrypted message is
- written to IO_MESSAGE. */
-gcry_error_t gcry_ac_data_decrypt_scheme (gcry_ac_handle_t handle,
- gcry_ac_scheme_t scheme,
- unsigned int flags, void *opts,
- gcry_ac_key_t key,
- gcry_ac_io_t *io_cipher,
- gcry_ac_io_t *io_message);
-
-/* Signs the message readable from IO_MESSAGE through HANDLE with the
- secret key KEY according to SCHEME, FLAGS and OPTS. If OPTS is not
- NULL, it has to be a pointer to a structure specific to the chosen
- scheme (gcry_ac_ssa_*_t). The signature is written to
- IO_SIGNATURE. */
-gcry_error_t gcry_ac_data_sign_scheme (gcry_ac_handle_t handle,
- gcry_ac_scheme_t scheme,
- unsigned int flags, void *opts,
- gcry_ac_key_t key,
- gcry_ac_io_t *io_message,
- gcry_ac_io_t *io_signature);
-
-/* Verifies through HANDLE that the signature readable from
- IO_SIGNATURE is indeed the result of signing the message readable
- from IO_MESSAGE with the secret key belonging to the public key KEY
- according to SCHEME and OPTS. If OPTS is not NULL, it has to be an
- anonymous structure (gcry_ac_ssa_*_t) specific to the chosen
- scheme. */
-gcry_error_t gcry_ac_data_verify_scheme (gcry_ac_handle_t handle,
- gcry_ac_scheme_t scheme,
- unsigned int flags, void *opts,
- gcry_ac_key_t key,
- gcry_ac_io_t *io_message,
- gcry_ac_io_t *io_signature);
-
-/* Store the textual representation of the algorithm whose id is given
- in ALGORITHM in NAME. This function is deprecated; use
- gcry_pk_algo_name. */
-#ifndef GCRYPT_NO_DEPRECATED
-gcry_error_t gcry_ac_id_to_name (gcry_ac_id_t algorithm,
- const char **name)
- /* */ _GCRY_GCC_ATTR_DEPRECATED;
-/* Store the numeric ID of the algorithm whose textual representation
- is contained in NAME in ALGORITHM. This function is deprecated;
- use gcry_pk_map_name. */
-gcry_error_t gcry_ac_name_to_id (const char *name,
- gcry_ac_id_t *algorithm)
- /* */ _GCRY_GCC_ATTR_DEPRECATED;
-#endif
/************************************
@@ -1624,6 +1440,14 @@ gcry_error_t gcry_ac_name_to_id (const char *name,
* *
************************************/
+/* The type of the random number generator. */
+enum gcry_rng_types
+ {
+ GCRY_RNG_TYPE_STANDARD = 1, /* The default CSPRNG generator. */
+ GCRY_RNG_TYPE_FIPS = 2, /* The FIPS X9.31 AES generator. */
+ GCRY_RNG_TYPE_SYSTEM = 3 /* The system's native generator. */
+ };
+
/* The possible values for the random quality. The rule of thumb is
to use STRONG for session keys and VERY_STRONG for key material.
WEAK is usually an alias for STRONG and should not be used anymore
@@ -1744,8 +1568,20 @@ gcry_error_t gcry_prime_check (gcry_mpi_t x, unsigned int flags);
* *
************************************/
+/* Release the context object CTX. */
+void gcry_ctx_release (gcry_ctx_t ctx);
+
+/* Log data using Libgcrypt's own log interface. */
+void gcry_log_debug (const char *fmt, ...) _GCRY_GCC_ATTR_PRINTF(1,2);
+void gcry_log_debughex (const char *text, const void *buffer, size_t length);
+void gcry_log_debugmpi (const char *text, gcry_mpi_t mpi);
+void gcry_log_debugpnt (const char *text,
+ gcry_mpi_point_t point, gcry_ctx_t ctx);
+void gcry_log_debugsxp (const char *text, gcry_sexp_t sexp);
+
+
/* Log levels used by the internal logging facility. */
-enum gcry_log_levels
+enum gcry_log_levels
{
GCRY_LOG_CONT = 0, /* (Continue the last log line.) */
GCRY_LOG_INFO = 10,
@@ -1831,9 +1667,6 @@ int gcry_is_secure (const void *a) _GCRY_GCC_ATTR_PURE;
#define gcry_fips_mode_active() !!gcry_control (GCRYCTL_FIPS_MODE_P, 0)
-/* Include support for Libgcrypt modules. */
-#include <gcrypt-module.h>
-
#if 0 /* (Keep Emacsens' auto-indent happy.) */
{
#endif
@@ -1841,3 +1674,8 @@ int gcry_is_secure (const void *a) _GCRY_GCC_ATTR_PURE;
}
#endif
#endif /* _GCRYPT_H */
+/*
+Local Variables:
+buffer-read-only: t
+End:
+*/
generated by cgit v1.2.3 (git 2.25.1) at 2025-01-10 10:46:45 +0000