/* Copyright 2015 OpenMarket Ltd * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ #ifndef OLM_CIPHER_H_ #define OLM_CIPHER_H_ #include #include #ifdef __cplusplus extern "C" { #endif struct olm_cipher; struct cipher_ops { /** * Returns the length of the message authentication code that will be * appended to the output. */ size_t (*mac_length)(const struct olm_cipher *cipher); /** * Returns the length of cipher-text for a given length of plain-text. */ size_t (*encrypt_ciphertext_length)(const struct olm_cipher *cipher, size_t plaintext_length); /* * Encrypts the plain-text into the output buffer and authenticates the * contents of the output buffer covering both cipher-text and any other * associated data in the output buffer. * * |---------------------------------------output_length-->| * output |--ciphertext_length-->| |---mac_length-->| * ciphertext * * The plain-text pointers and cipher-text pointers may be the same. * * Returns size_t(-1) if the length of the cipher-text or the output * buffer is too small. Otherwise returns the length of the output buffer. */ size_t (*encrypt)( const struct olm_cipher *cipher, uint8_t const * key, size_t key_length, uint8_t const * plaintext, size_t plaintext_length, uint8_t * ciphertext, size_t ciphertext_length, uint8_t * output, size_t output_length ); /** * Returns the maximum length of plain-text that a given length of * cipher-text can contain. */ size_t (*decrypt_max_plaintext_length)( const struct olm_cipher *cipher, size_t ciphertext_length ); /** * Authenticates the input and decrypts the cipher-text into the plain-text * buffer. * * |----------------------------------------input_length-->| * input |--ciphertext_length-->| |---mac_length-->| * ciphertext * * The plain-text pointers and cipher-text pointers may be the same. * * Returns size_t(-1) if the length of the plain-text buffer is too * small or if the authentication check fails. Otherwise returns the length * of the plain text. */ size_t (*decrypt)( const struct olm_cipher *cipher, uint8_t const * key, size_t key_length, uint8_t const * input, size_t input_length, uint8_t const * ciphertext, size_t ciphertext_length, uint8_t * plaintext, size_t max_plaintext_length ); /** destroy any private data associated with this cipher */ void (*destruct)(struct olm_cipher *cipher); }; struct olm_cipher { const struct cipher_ops *ops; /* cipher-specific fields follow */ }; struct olm_cipher_aes_sha_256 { struct olm_cipher base_cipher; uint8_t const * kdf_info; size_t kdf_info_length; }; /** * initialises a cipher type which uses AES256 for encryption and SHA256 for * authentication. * * cipher: structure to be initialised * * kdf_info: context string for the HKDF used for deriving the AES256 key, HMAC * key, and AES IV, from the key material passed to encrypt/decrypt. Note that * this is NOT copied so must have a lifetime at least as long as the cipher * instance. * * kdf_info_length: length of context string kdf_info */ struct olm_cipher *olm_cipher_aes_sha_256_init( struct olm_cipher_aes_sha_256 *cipher, uint8_t const * kdf_info, size_t kdf_info_length); #ifdef __cplusplus } /* extern "C" */ #endif #endif /* OLM_CIPHER_H_ */