├── key
├── makefile
├── keygen.c
└── encrypt.c
├── .gitignore
├── LICENSE.rst
├── main.py
├── Header.svg
├── README.md
└── include
├── gcrypt-module.h
├── gpg-error.h
└── gcrypt.h
/key/makefile:
--------------------------------------------------------------------------------
1 | # build an executable named from encrypt.c
2 | all: .encrypt.c
3 | gcc -g -Wall -o encrypt encrypt.c
4 |
5 | clean:
6 | $(RM) encrypt
7 | # build an executable named from Keygen.c
8 | all: Keygen.c
9 | gcc -g -Wall -o Keygen Keygen.c
10 |
11 | clean:
12 | $(RM) Keygen
--------------------------------------------------------------------------------
/.gitignore:
--------------------------------------------------------------------------------
1 | # Prerequisites
2 | *.d
3 |
4 | # Object files
5 | *.o
6 | *.ko
7 | *.obj
8 | *.elf
9 |
10 | # Linker output
11 | *.ilk
12 | *.map
13 | *.exp
14 |
15 | # Precompiled Headers
16 | *.gch
17 | *.pch
18 |
19 | # Libraries
20 | *.lib
21 | *.a
22 | *.la
23 | *.lo
24 |
25 | # Shared objects (inc. Windows DLLs)
26 | *.dll
27 | *.so
28 | *.so.*
29 | *.dylib
30 |
31 | # Executables
32 | *.exe
33 | *.out
34 | *.app
35 | *.i*86
36 | *.x86_64
37 | *.hex
38 |
39 | # Debug files
40 | *.dSYM/
41 | *.su
42 | *.idb
43 | *.pdb
44 |
45 | # Kernel Module Compile Results
46 | *.mod*
47 | *.cmd
48 | .tmp_versions/
49 | modules.order
50 | Module.symvers
51 | Mkfile.old
52 | dkms.conf
53 |
--------------------------------------------------------------------------------
/LICENSE.rst:
--------------------------------------------------------------------------------
1 | MIT License
2 |
3 | Copyright (c) 2021 Yasser Tahiri
4 |
5 | Permission is hereby granted, free of charge, to any person obtaining a copy
6 | of this software and associated documentation files (the "Software"), to deal
7 | in the Software without restriction, including without limitation the rights
8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
9 | copies of the Software, and to permit persons to whom the Software is
10 | furnished to do so, subject to the following conditions:
11 |
12 | The above copyright notice and this permission notice shall be included in all
13 | copies or substantial portions of the Software.
14 |
15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21 | SOFTWARE.
22 |
--------------------------------------------------------------------------------
/main.py:
--------------------------------------------------------------------------------
1 | from subprocess import call
2 | import random
3 |
4 | # define isQR
5 |
6 |
7 | def isQR(x, p):
8 | q = (p - 1) / 2
9 | return pow(x, q, p)
10 |
11 | # define findQNR
12 |
13 |
14 | def findQNR(p):
15 | r = random.randint(1, p - 1)
16 | while isQR(r, p) == 1:
17 | r = random.randint(1, p - 1)
18 | return r
19 |
20 | # define findQR
21 |
22 |
23 | def findQR(p):
24 | r = random.randint(1, p - 1)
25 | return pow(r, 2, p)
26 |
27 |
28 | # Generate the key from Keygen.c
29 | print("Generating the key...")
30 | call(["gcc", "-o", "keygen", "key/keygen.c", "-lgcrypt"])
31 | call(["gcc", "-o", "encrypt", "key/encrypt.c", "-lgcrypt"])
32 | call("key/keygen")
33 |
34 | p = int(open("./p").read(), 16)
35 | y = int(open("./y").read(), 16)
36 |
37 | wrong = 0
38 | runs = 1000
39 | # experiment running
40 | print("Running the experiment...")
41 |
42 | for i in range(runs):
43 | pk = y
44 |
45 | plaintexts = dict()
46 | plaintexts[0] = findQNR(p)
47 | plaintexts[1] = findQR(p)
48 |
49 | challenge_bit = random.randint(0, 1)
50 | challenge_string = hex(plaintexts[challenge_bit])
51 | challenge_string = challenge_string[2:-1]
52 | challenge_string = challenge_string.zfill(256)
53 | challenge_string = challenge_string.upper()
54 | open("./pt", "wb").write(challenge_string)
55 |
56 | call("key/encrypt")
57 | ct_a = int(open("./ct_a").read(), 16)
58 | ct_b = int(open("./ct_b").read(), 16)
59 |
60 | output = -1
61 |
62 | if ((isQR(pk, p) == 1) or (isQR(ct_a, p) == 1)):
63 | if isQR(ct_b, p) == 1:
64 | output = 1
65 | else:
66 | output = 0
67 | else:
68 | if isQR(ct_b, p) == 1:
69 | output = 0
70 | else:
71 | output = 1
72 |
73 | if output != challenge_bit:
74 | wrong = wrong + 1
75 | # output
76 | print("Number of times the guess was wrong (should be 50% if this shit is secure):"), wrong, "/", runs
77 |
--------------------------------------------------------------------------------
/Header.svg:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/key/keygen.c:
--------------------------------------------------------------------------------
1 | #include
2 | #include
3 | #include
4 | #include
5 | #include
6 | #include
7 |
8 | #define GCRYPT_VERSION "1.4.4"
9 |
10 | void initialize()
11 | {
12 | gcry_error_t err = 0;
13 |
14 | if (!gcry_check_version(GCRYPT_VERSION))
15 | {
16 | printf("gcrypt version is mismatched.\n");
17 | exit(1);
18 | }
19 | err |= gcry_control(GCRYCTL_DISABLE_SECMEM, 0);
20 | err |= gcry_control(GCRYCTL_INITIALIZATION_FINISHED, 0);
21 |
22 | if (err)
23 | {
24 | printf("there is an error in gcrypt initialization.\n");
25 | exit(1);
26 | }
27 | }
28 |
29 | void keygen(gcry_sexp_t *pp, gcry_sexp_t *kp)
30 | {
31 | gcry_error_t err = 0;
32 | err = gcry_sexp_build(pp, NULL, "(genkey (elg (nbits 3:512)))");
33 | if (err)
34 | {
35 | printf("cannot establish the shit key generation.\n");
36 | exit(1);
37 | }
38 |
39 | err = gcry_pk_genkey(kp, *pp);
40 | if (err)
41 | {
42 | printf("cannot generate the shit key pair.\n");
43 | exit(1);
44 | }
45 | }
46 |
47 | void savekey(gcry_sexp_t *kp)
48 | {
49 | FILE *fp = fopen("./key", "wb");
50 | if (fp == NULL)
51 | {
52 | printf("cannot create the key file.\n");
53 | exit(1);
54 | }
55 |
56 | void *shit_buf = malloc(512 / 8 * 1024);
57 | if (shit_buf == NULL)
58 | {
59 | printf("failed to allocate the space to store the key.\n");
60 | exit(1);
61 | }
62 |
63 | size_t shit_buf_len;
64 | shit_buf_len = gcry_sexp_sprint(*kp, GCRYSEXP_FMT_DEFAULT, shit_buf, 512 / 8 * 1024);
65 |
66 | fwrite(shit_buf, 1, shit_buf_len, fp);
67 | fclose(fp);
68 | free(shit_buf);
69 | }
70 |
71 | void savepp(gcry_sexp_t *kp)
72 | {
73 | gcry_error_t err = 0;
74 | gcry_sexp_t shit_p_exp = gcry_sexp_find_token(*kp, "p", 1);
75 | gcry_sexp_t shit_y_exp = gcry_sexp_find_token(*kp, "y", 1);
76 |
77 | gcry_mpi_t shit_p = gcry_mpi_new(1024);
78 | gcry_sexp_extract_param(shit_p_exp, NULL, "p", &shit_p, NULL);
79 |
80 | gcry_mpi_t shit_y = gcry_mpi_new(1024);
81 | gcry_sexp_extract_param(shit_y_exp, NULL, "y", &shit_y, NULL);
82 |
83 | void *shit_p_str = malloc(512 / 8 * 1024);
84 | if (shit_p_str == NULL)
85 | {
86 | printf("failed to allocate the space to store the prime p.\n");
87 | exit(1);
88 | }
89 |
90 | err = gcry_mpi_print(GCRYMPI_FMT_HEX, shit_p_str, 512 / 8 * 1024, NULL, shit_p);
91 | if (err)
92 | {
93 | printf("failed to convert the prime p.\n");
94 | exit(1);
95 | }
96 | FILE *fp_p = fopen("./p", "wb");
97 | if (fp_p == NULL)
98 | {
99 | printf("failed to store the prime p.\n");
100 | exit(1);
101 | }
102 | fprintf(fp_p, "%s\n", (char *)shit_p_str);
103 | fclose(fp_p);
104 |
105 | void *shit_y_str = malloc(512 / 8 * 1024);
106 | if (shit_y_str == NULL)
107 | {
108 | printf("failed to allocate the space to store the public key y.\n");
109 | exit(1);
110 | }
111 |
112 | err = gcry_mpi_print(GCRYMPI_FMT_HEX, shit_y_str, 512 / 8 * 1024, NULL, shit_y);
113 | if (err)
114 | {
115 | printf("failed to convert the public key y.\n");
116 | exit(1);
117 | }
118 | FILE *fp_y = fopen("./y", "wb");
119 | if (fp_y == NULL)
120 | {
121 | printf("failed to store the public key y.\n");
122 | exit(1);
123 | }
124 | fprintf(fp_y, "%s\n", (char *)shit_y_str);
125 | fclose(fp_y);
126 | gcry_sexp_release(shit_p_exp);
127 | gcry_sexp_release(shit_y_exp);
128 | gcry_mpi_release(shit_p);
129 | gcry_mpi_release(shit_y);
130 | free(shit_p_str);
131 | free(shit_y_str);
132 | }
133 |
134 | int main()
135 | {
136 | gcry_error_t err = 0;
137 | initialize();
138 |
139 | gcry_sexp_t shit_parms;
140 | gcry_sexp_t shit_keypair;
141 |
142 | keygen(&shit_parms, &shit_keypair);
143 | savekey(&shit_keypair);
144 | savepp(&shit_keypair);
145 |
146 | gcry_sexp_release(shit_parms);
147 | gcry_sexp_release(shit_keypair);
148 |
149 | return 0;
150 | }
151 |
--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | # ShitCrypt
2 |
3 | 
4 |
5 | WinGPG is a tray-based classical Windows application, Windows NT Explorer shell extension, and a classic GPGv2 distribution. Secure your data with our simple encryption tool.
6 |
7 | ## Features
8 |
9 | ### Encrypting
10 |
11 | A public and private key each have a specific role when encrypting and decrypting documents. A public key may be thought of as an open safe. When a correspondent encrypts a document using a public key, that document is put in the safe, the safe shut, and the combination lock spun several times. The corresponding private key is the combination that can reopen the safe and retrieve the document. In other words, only the person who holds the private key can recover a document encrypted using the associated public key.
12 |
13 | The procedure for encrypting and decrypting documents is straightforward with this mental model. If you want to encrypt a message to Alice, you encrypt it using Alice's public key, and she decrypts it with her private key. If Alice wants to send you a message, she encrypts it using your public key, and you decrypt it with your key.
14 |
15 | To encrypt a document the option `--encrypt` is used. You must have the public keys of the intended recipients. The software expects the name of the document to encrypt as input or, if omitted, on standard input. The encrypted result is placed on standard output or as specified using the option `--output`. The document is compressed for additional security in addition to encrypting it.
16 |
17 | ```shell
18 | alice% gpg --output doc.gpg --encrypt --recipient blake@cyb.org doc
19 | ```
20 |
21 | The `--recipient` option is used once for each recipient and takes an extra argument specifying the public key to which the document should be encrypted. The encrypted document can only be decrypted by someone with a private key that complements one of the recipients' public keys. In particular, you cannot decrypt a document encrypted by you unless you included your own public key in the recipient list.
22 |
23 | ## decrypting
24 |
25 | To decrypt a message the option `--decrypt` is used. You need the private key to which the message was encrypted. Similar to the encryption process, the document to decrypt is input, and the decrypted result is output.
26 |
27 | ```bash
28 | blake% gpg --output doc --decrypt doc.gpg
29 | ```
30 |
31 | Documents may also be encrypted without using public-key cryptography. Instead, only a symmetric cipher is used to encrypt the document. The key used to drive the symmetric cipher is derived from a passphrase supplied when the document is encrypted, and for good security, it should not be the same passphrase that you use to protect your private key. Symmetric encryption is useful for securing documents when the passphrase does not need to be communicated to others. A document can be encrypted with a symmetric cipher by using the `--symmetric` option.
32 |
33 | ```bash
34 | alice% gpg --output doc.gpg --symmetric doc
35 | Enter passphrase:
36 | ```
37 |
38 | ## How to use ShitCrypt
39 |
40 | - install Python 3.x.x
41 | - install a C libraries and C Compiler (Gcc, Clang, MSVC)
42 | - Check the includes folder and header files for key files
43 | - [encrypt.c](key/encrypt.c)
44 |
45 | ```c
46 | #include
47 | #include
48 | #include
49 | #include
50 | #include
51 | #include
52 | ```
53 |
54 | - Now you can run the Python file and see the result.
55 |
56 | __Note:__ You could see errors like this if you use windows :
57 |
58 | ```shell
59 | Exception has occurred: FileNotFoundError
60 | [WinError 2] The system cannot find the file specified
61 | File "path\ShitCrypt\main.py", line 30, in
62 | call(["gcc", "-o", "keygen", "key/keygen.c", "-lgcrypt"])
63 | ```
64 |
65 | - This errors are because you don't have the C libraries installed and the keygen or encrypt file run under errors.
66 |
67 | ```py
68 | call(["gcc", "-o", "keygen", "key/keygen.c", "-lgcrypt"])
69 | call(["gcc", "-o", "encrypt", "key/encrypt.c", "-lgcrypt"])
70 | call("key/keygen")
71 | ```
72 |
73 | - Understand more By reading some threads or [this](https://stackoverflow.com/questions/371878/how-to-compile-and-link-a-c-program-in-windows-using-mingw) or also [this](https://stackoverflow.com/questions/65789957/include-errors-detected-linux)
74 |
75 | ## License
76 |
77 | This program is free software under MIT license. Please see the [LICENSE](LICENSE.rst) file in our repository for the full text.
78 |
--------------------------------------------------------------------------------
/key/encrypt.c:
--------------------------------------------------------------------------------
1 | #include
2 | #include
3 | #include
4 | #include
5 | #include
6 | #include
7 |
8 | #define GCRYPT_VERSION "1.4.4"
9 |
10 | void initialize()
11 | {
12 | gcry_error_t err = 0;
13 |
14 | if (!gcry_check_version(GCRYPT_VERSION))
15 | {
16 | printf("gcrypt version is mismatched.\n");
17 | exit(1);
18 | }
19 | err |= gcry_control(GCRYCTL_DISABLE_SECMEM, 0);
20 | err |= gcry_control(GCRYCTL_INITIALIZATION_FINISHED, 0);
21 |
22 | if (err)
23 | {
24 | printf("there is an error in gcrypt initialization.\n");
25 | exit(1);
26 | }
27 | }
28 |
29 | void loadkey(gcry_sexp_t *kp)
30 | {
31 | FILE *fp = fopen("./key", "rb");
32 | if (fp == NULL)
33 | {
34 | printf("cannot open the key file.\n");
35 | exit(1);
36 | }
37 |
38 | size_t file_len;
39 | fseek(fp, 0, SEEK_END);
40 | file_len = ftell(fp);
41 | fseek(fp, 0, SEEK_SET);
42 |
43 | void *shit_buf = malloc(512 / 8 * 1024);
44 | if (shit_buf == NULL)
45 | {
46 | printf("failed to allocate the space to store the key.\n");
47 | exit(1);
48 | }
49 |
50 | fread(shit_buf, 1, file_len, fp);
51 | fclose(fp);
52 |
53 | size_t error_offset = -1;
54 | gcry_sexp_sscan(kp, &error_offset, shit_buf, file_len);
55 | if (error_offset != -1)
56 | {
57 | printf("failed to load the key.\n");
58 | exit(1);
59 | }
60 | free(shit_buf);
61 | }
62 |
63 | void encrypt(gcry_sexp_t *kp)
64 | {
65 | gcry_error_t err = 0;
66 | FILE *fp = fopen("./pt", "rb");
67 | if (fp == NULL)
68 | {
69 | printf("cannot open the plaintext file.\n");
70 | exit(1);
71 | }
72 |
73 | size_t file_len;
74 | fseek(fp, 0, SEEK_END);
75 | file_len = ftell(fp);
76 | fseek(fp, 0, SEEK_SET);
77 |
78 | char *pt_buf = malloc(512 / 8 * 1024);
79 | if (pt_buf == NULL)
80 | {
81 | printf("failed to allocate the space to store the plaintext.\n");
82 | exit(1);
83 | }
84 | memset(pt_buf, 0, 512 / 8 * 1024);
85 | fread(pt_buf, 1, file_len, fp);
86 | fclose(fp);
87 |
88 | gcry_mpi_t plaintext = gcry_mpi_new(1024);
89 | err = gcry_mpi_scan(&plaintext, GCRYMPI_FMT_HEX, pt_buf, 0, NULL);
90 | if (err)
91 | {
92 | printf("failed to parse the plaintext.\n");
93 | exit(1);
94 | }
95 |
96 | gcry_sexp_t plaintext_exp;
97 | err = gcry_sexp_build(&plaintext_exp, NULL,
98 | "(data (flags raw) (value %M))", plaintext);
99 | if (err)
100 | {
101 | printf("failed to load the plaintext.\n");
102 | exit(1);
103 | }
104 |
105 | gcry_sexp_t ciphertext_exp;
106 | err = gcry_pk_encrypt(&ciphertext_exp, plaintext_exp, *kp);
107 | if (err)
108 | {
109 | printf("failed to encrypt.\n");
110 | exit(1);
111 | }
112 |
113 | gcry_sexp_t shit_a_exp = gcry_sexp_find_token(ciphertext_exp, "a", 1);
114 | gcry_sexp_t shit_b_exp = gcry_sexp_find_token(ciphertext_exp, "b", 1);
115 |
116 | gcry_mpi_t shit_a = gcry_mpi_new(1024);
117 | gcry_sexp_extract_param(shit_a_exp, NULL, "a", &shit_a, NULL);
118 |
119 | gcry_mpi_t shit_b = gcry_mpi_new(1024);
120 | gcry_sexp_extract_param(shit_b_exp, NULL, "b", &shit_b, NULL);
121 |
122 | void *shit_a_str = malloc(512 / 8 * 1024);
123 | if (shit_a_str == NULL)
124 | {
125 | printf("failed to allocate the space to store the ciphertext.\n");
126 | exit(1);
127 | }
128 |
129 | void *shit_b_str = malloc(512 / 8 * 1024);
130 | if (shit_b_str == NULL)
131 | {
132 | printf("failed to allocate the space to store the ciphertext.\n");
133 | exit(1);
134 | }
135 |
136 | err = gcry_mpi_print(GCRYMPI_FMT_HEX, shit_a_str, 512 / 8 * 1024, NULL, shit_a);
137 | if (err)
138 | {
139 | printf("failed to convert the ciphertext value a.\n");
140 | exit(1);
141 | }
142 |
143 | FILE *fp_a = fopen("./ct_a", "wb");
144 | if (fp_a == NULL)
145 | {
146 | printf("failed to store the ciphertext.\n");
147 | exit(1);
148 | }
149 | fprintf(fp_a, "%s\n", (char *)shit_a_str);
150 | fclose(fp_a);
151 |
152 | err = gcry_mpi_print(GCRYMPI_FMT_HEX, shit_b_str, 512 / 8 * 1024, NULL, shit_b);
153 | if (err)
154 | {
155 | printf("failed to convert the ciphertext value b.\n");
156 | exit(1);
157 | }
158 |
159 | FILE *fp_b = fopen("./ct_b", "wb");
160 | if (fp_b == NULL)
161 | {
162 | printf("failed to store the ciphertext.\n");
163 | exit(1);
164 | }
165 | fprintf(fp_b, "%s\n", (char *)shit_b_str);
166 | fclose(fp_b);
167 | gcry_mpi_release(plaintext);
168 | gcry_sexp_release(plaintext_exp);
169 | gcry_sexp_release(ciphertext_exp);
170 | gcry_sexp_release(shit_a_exp);
171 | gcry_sexp_release(shit_b_exp);
172 | gcry_mpi_release(shit_a);
173 | gcry_mpi_release(shit_b);
174 | free(shit_a_str);
175 | free(shit_b_str);
176 | }
177 |
178 | int main()
179 | {
180 | gcry_error_t err = 0;
181 | initialize();
182 |
183 | gcry_sexp_t shit_keypair;
184 |
185 | loadkey(&shit_keypair);
186 | encrypt(&shit_keypair);
187 |
188 | gcry_sexp_release(shit_keypair);
189 |
190 | return 0;
191 | }
192 |
--------------------------------------------------------------------------------
/include/gcrypt-module.h:
--------------------------------------------------------------------------------
1 | #ifndef _GCRYPT_MODULE_H
2 | #define _GCRYPT_MODULE_H
3 |
4 | #ifdef __cplusplus
5 | extern "C" {
6 | #if 0 /* keep Emacsens's auto-indent happy */
7 | }
8 | #endif
9 | #endif
10 |
11 | /* The interfaces using the module system reserve a certain range of
12 | IDs for application use. These IDs are not valid within Libgcrypt
13 | but Libgcrypt makes sure never to allocate such a module ID. */
14 | #define GCRY_MODULE_ID_USER 1024
15 | #define GCRY_MODULE_ID_USER_LAST 4095
16 |
17 |
18 | /* This type represents a `module'. */
19 | typedef struct gcry_module *gcry_module_t;
20 |
21 | /* Check that the library fulfills the version requirement. */
22 |
23 | /* Type for the cipher_setkey function. */
24 | typedef gcry_err_code_t (*gcry_cipher_setkey_t) (void *c,
25 | const unsigned char *key,
26 | unsigned keylen);
27 |
28 | /* Type for the cipher_encrypt function. */
29 | typedef void (*gcry_cipher_encrypt_t) (void *c,
30 | unsigned char *outbuf,
31 | const unsigned char *inbuf);
32 |
33 | /* Type for the cipher_decrypt function. */
34 | typedef void (*gcry_cipher_decrypt_t) (void *c,
35 | unsigned char *outbuf,
36 | const unsigned char *inbuf);
37 |
38 | /* Type for the cipher_stencrypt function. */
39 | typedef void (*gcry_cipher_stencrypt_t) (void *c,
40 | unsigned char *outbuf,
41 | const unsigned char *inbuf,
42 | unsigned int n);
43 |
44 | /* Type for the cipher_stdecrypt function. */
45 | typedef void (*gcry_cipher_stdecrypt_t) (void *c,
46 | unsigned char *outbuf,
47 | const unsigned char *inbuf,
48 | unsigned int n);
49 |
50 | typedef struct gcry_cipher_oid_spec
51 | {
52 | const char *oid;
53 | int mode;
54 | } gcry_cipher_oid_spec_t;
55 |
56 | /* Module specification structure for ciphers. */
57 | typedef struct gcry_cipher_spec
58 | {
59 | const char *name;
60 | const char **aliases;
61 | gcry_cipher_oid_spec_t *oids;
62 | size_t blocksize;
63 | size_t keylen;
64 | size_t contextsize;
65 | gcry_cipher_setkey_t setkey;
66 | gcry_cipher_encrypt_t encrypt;
67 | gcry_cipher_decrypt_t decrypt;
68 | gcry_cipher_stencrypt_t stencrypt;
69 | gcry_cipher_stdecrypt_t stdecrypt;
70 | } gcry_cipher_spec_t;
71 |
72 | /* Register a new cipher module whose specification can be found in
73 | CIPHER. On success, a new algorithm ID is stored in ALGORITHM_ID
74 | and a pointer representing this module is stored in MODULE. */
75 | gcry_error_t gcry_cipher_register (gcry_cipher_spec_t *cipher,
76 | int *algorithm_id,
77 | gcry_module_t *module);
78 |
79 | /* Unregister the cipher identified by MODULE, which must have been
80 | registered with gcry_cipher_register. */
81 | void gcry_cipher_unregister (gcry_module_t module);
82 |
83 | /* ********************** */
84 |
85 | /* Type for the pk_generate function. */
86 | typedef gcry_err_code_t (*gcry_pk_generate_t) (int algo,
87 | unsigned int nbits,
88 | unsigned long use_e,
89 | gcry_mpi_t *skey,
90 | gcry_mpi_t **retfactors);
91 |
92 | /* Type for the pk_check_secret_key function. */
93 | typedef gcry_err_code_t (*gcry_pk_check_secret_key_t) (int algo,
94 | gcry_mpi_t *skey);
95 |
96 | /* Type for the pk_encrypt function. */
97 | typedef gcry_err_code_t (*gcry_pk_encrypt_t) (int algo,
98 | gcry_mpi_t *resarr,
99 | gcry_mpi_t data,
100 | gcry_mpi_t *pkey,
101 | int flags);
102 |
103 | /* Type for the pk_decrypt function. */
104 | typedef gcry_err_code_t (*gcry_pk_decrypt_t) (int algo,
105 | gcry_mpi_t *result,
106 | gcry_mpi_t *data,
107 | gcry_mpi_t *skey,
108 | int flags);
109 |
110 | /* Type for the pk_sign function. */
111 | typedef gcry_err_code_t (*gcry_pk_sign_t) (int algo,
112 | gcry_mpi_t *resarr,
113 | gcry_mpi_t data,
114 | gcry_mpi_t *skey);
115 |
116 | /* Type for the pk_verify function. */
117 | typedef gcry_err_code_t (*gcry_pk_verify_t) (int algo,
118 | gcry_mpi_t hash,
119 | gcry_mpi_t *data,
120 | gcry_mpi_t *pkey,
121 | int (*cmp) (void *, gcry_mpi_t),
122 | void *opaquev);
123 |
124 | /* Type for the pk_get_nbits function. */
125 | typedef unsigned (*gcry_pk_get_nbits_t) (int algo, gcry_mpi_t *pkey);
126 |
127 | /* Module specification structure for message digests. */
128 | typedef struct gcry_pk_spec
129 | {
130 | const char *name;
131 | const char **aliases;
132 | const char *elements_pkey;
133 | const char *elements_skey;
134 | const char *elements_enc;
135 | const char *elements_sig;
136 | const char *elements_grip;
137 | int use;
138 | gcry_pk_generate_t generate;
139 | gcry_pk_check_secret_key_t check_secret_key;
140 | gcry_pk_encrypt_t encrypt;
141 | gcry_pk_decrypt_t decrypt;
142 | gcry_pk_sign_t sign;
143 | gcry_pk_verify_t verify;
144 | gcry_pk_get_nbits_t get_nbits;
145 | } gcry_pk_spec_t;
146 |
147 | /* Register a new pubkey module whose specification can be found in
148 | PUBKEY. On success, a new algorithm ID is stored in ALGORITHM_ID
149 | and a pointer representhing this module is stored in MODULE. */
150 | gcry_error_t gcry_pk_register (gcry_pk_spec_t *pubkey,
151 | unsigned int *algorithm_id,
152 | gcry_module_t *module);
153 |
154 | /* Unregister the pubkey identified by ID, which must have been
155 | registered with gcry_pk_register. */
156 | void gcry_pk_unregister (gcry_module_t module);
157 |
158 | /* ********************** */
159 |
160 | /* Type for the md_init function. */
161 | typedef void (*gcry_md_init_t) (void *c);
162 |
163 | /* Type for the md_write function. */
164 | typedef void (*gcry_md_write_t) (void *c, const void *buf, size_t nbytes);
165 |
166 | /* Type for the md_final function. */
167 | typedef void (*gcry_md_final_t) (void *c);
168 |
169 | /* Type for the md_read function. */
170 | typedef unsigned char *(*gcry_md_read_t) (void *c);
171 |
172 | typedef struct gcry_md_oid_spec
173 | {
174 | const char *oidstring;
175 | } gcry_md_oid_spec_t;
176 |
177 | /* Module specification structure for message digests. */
178 | typedef struct gcry_md_spec
179 | {
180 | const char *name;
181 | unsigned char *asnoid;
182 | int asnlen;
183 | gcry_md_oid_spec_t *oids;
184 | int mdlen;
185 | gcry_md_init_t init;
186 | gcry_md_write_t write;
187 | gcry_md_final_t final;
188 | gcry_md_read_t read;
189 | size_t contextsize; /* allocate this amount of context */
190 | } gcry_md_spec_t;
191 |
192 | /* Register a new digest module whose specification can be found in
193 | DIGEST. On success, a new algorithm ID is stored in ALGORITHM_ID
194 | and a pointer representhing this module is stored in MODULE. */
195 | gcry_error_t gcry_md_register (gcry_md_spec_t *digest,
196 | unsigned int *algorithm_id,
197 | gcry_module_t *module);
198 |
199 | /* Unregister the digest identified by ID, which must have been
200 | registered with gcry_digest_register. */
201 | void gcry_md_unregister (gcry_module_t module);
202 |
203 | #if 0 /* keep Emacsens's auto-indent happy */
204 | {
205 | #endif
206 | #ifdef __cplusplus
207 | }
208 | #endif
209 | #endif
210 |
--------------------------------------------------------------------------------
/include/gpg-error.h:
--------------------------------------------------------------------------------
1 | #ifndef SH_TCRYPT_GPG_ERROR_H
2 | #define SH_TCRYPT_GPG_ERROR_H
3 |
4 | #endif //SH_TCRYPT_GPG_ERROR_H
5 |
6 | /* gpg-error.h - Public interface to libgpg-error.
7 | Copyright (C) 2003, 2004, 2010 g10 Code GmbH
8 |
9 | This file is part of libgpg-error.
10 |
11 | libgpg-error is free software; you can redistribute it and/or
12 | modify it under the terms of the GNU Lesser General Public License
13 | as published by the Free Software Foundation; either version 2.1 of
14 | the License, or (at your option) any later version.
15 |
16 | libgpg-error is distributed in the hope that it will be useful, but
17 | WITHOUT ANY WARRANTY; without even the implied warranty of
18 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
19 | Lesser General Public License for more details.
20 |
21 | You should have received a copy of the GNU Lesser General Public
22 | License along with this program; if not, see .
23 | */
24 |
25 |
26 | #ifndef GPG_ERROR_H
27 | #define GPG_ERROR_H 1
28 |
29 | #include
30 |
31 | #ifdef __GNUC__
32 | #define GPG_ERR_INLINE __inline__
33 | #elif _MSC_VER >= 1300
34 | #define GPG_ERR_INLINE __inline
35 | #elif __STDC_VERSION__ >= 199901L
36 | #define GPG_ERR_INLINE inline
37 | #else
38 | #ifndef GPG_ERR_INLINE
39 | #define GPG_ERR_INLINE
40 | #endif
41 | #endif
42 |
43 |
44 | #ifdef __cplusplus
45 | extern "C" {
46 | #if 0 /* just to make Emacs auto-indent happy */
47 | }
48 | #endif
49 | #endif /* __cplusplus */
50 |
51 | /* The GnuPG project consists of many components. Error codes are
52 | exchanged between all components. The common error codes and their
53 | user-presentable descriptions are kept into a shared library to
54 | allow adding new error codes and components without recompiling any
55 | of the other components. The interface will not change in a
56 | backward incompatible way.
57 |
58 | An error code together with an error source build up an error
59 | value. As the error value is been passed from one component to
60 | another, it preserver the information about the source and nature
61 | of the error.
62 |
63 | A component of the GnuPG project can define the following macros to
64 | tune the behaviour of the library:
65 |
66 | GPG_ERR_SOURCE_DEFAULT: Define to an error source of type
67 | gpg_err_source_t to make that source the default for gpg_error().
68 | Otherwise GPG_ERR_SOURCE_UNKNOWN is used as default.
69 |
70 | GPG_ERR_ENABLE_GETTEXT_MACROS: Define to provide macros to map the
71 | internal gettext API to standard names. This has only an effect on
72 | Windows platforms. */
73 |
74 |
75 | /* The error source type gpg_err_source_t.
76 |
77 | Where as the Poo out of a welle small
78 | Taketh his firste springing and his sours.
79 | --Chaucer. */
80 |
81 | /* Only use free slots, never change or reorder the existing
82 | entries. */
83 | typedef enum
84 | {
85 | @include err-sources.h.in
86 |
87 | /* This is one more than the largest allowed entry. */
88 | GPG_ERR_SOURCE_DIM = 128
89 | } gpg_err_source_t;
90 |
91 |
92 | /* The error code type gpg_err_code_t. */
93 |
94 | /* Only use free slots, never change or reorder the existing
95 | entries. */
96 | typedef enum
97 | {
98 | @include err-codes.h.in
99 |
100 | /* The following error codes are used to map system errors. */
101 | #define GPG_ERR_SYSTEM_ERROR (1 << 15)
102 | @include errnos.in
103 |
104 | /* This is one more than the largest allowed entry. */
105 | GPG_ERR_CODE_DIM = 65536
106 | } gpg_err_code_t;
107 |
108 |
109 | /* The error value type gpg_error_t. */
110 |
111 | /* We would really like to use bit-fields in a struct, but using
112 | structs as return values can cause binary compatibility issues, in
113 | particular if you want to do it effeciently (also see
114 | -freg-struct-return option to GCC). */
115 | typedef unsigned int gpg_error_t;
116 |
117 | /* We use the lowest 16 bits of gpg_error_t for error codes. The 16th
118 | bit indicates system errors. */
119 | #define GPG_ERR_CODE_MASK (GPG_ERR_CODE_DIM - 1)
120 |
121 | /* Bits 17 to 24 are reserved. */
122 |
123 | /* We use the upper 7 bits of gpg_error_t for error sources. */
124 | #define GPG_ERR_SOURCE_MASK (GPG_ERR_SOURCE_DIM - 1)
125 | #define GPG_ERR_SOURCE_SHIFT 24
126 |
127 | /* The highest bit is reserved. It shouldn't be used to prevent
128 | potential negative numbers when transmitting error values as
129 | text. */
130 |
131 |
132 | /* GCC feature test. */
133 | #undef _GPG_ERR_HAVE_CONSTRUCTOR
134 | #if __GNUC__
135 | #define _GPG_ERR_GCC_VERSION (__GNUC__ * 10000 \
136 | + __GNUC_MINOR__ * 100 \
137 | + __GNUC_PATCHLEVEL__)
138 |
139 | #if _GPG_ERR_GCC_VERSION > 30100
140 | #define _GPG_ERR_CONSTRUCTOR __attribute__ ((__constructor__))
141 | #define _GPG_ERR_HAVE_CONSTRUCTOR
142 | #endif
143 | #endif
144 |
145 | #ifndef _GPG_ERR_CONSTRUCTOR
146 | #define _GPG_ERR_CONSTRUCTOR
147 | #endif
148 |
149 |
150 | /* Initialization function. */
151 |
152 | /* Initialize the library. This function should be run early. */
153 | gpg_error_t gpg_err_init (void) _GPG_ERR_CONSTRUCTOR;
154 |
155 | /* If this is defined, the library is already initialized by the
156 | constructor and does not need to be initialized explicitely. */
157 | #undef GPG_ERR_INITIALIZED
158 | #ifdef _GPG_ERR_HAVE_CONSTRUCTOR
159 | #define GPG_ERR_INITIALIZED 1
160 | #endif
161 |
162 | /* See the source on how to use the deinit function; it is usually not
163 | required. */
164 | void gpg_err_deinit (int mode);
165 |
166 |
167 | /* Constructor and accessor functions. */
168 |
169 | /* Construct an error value from an error code and source. Within a
170 | subsystem, use gpg_error. */
171 | static GPG_ERR_INLINE gpg_error_t
172 | gpg_err_make (gpg_err_source_t source, gpg_err_code_t code)
173 | {
174 | return code == GPG_ERR_NO_ERROR ? GPG_ERR_NO_ERROR
175 | : (((source & GPG_ERR_SOURCE_MASK) << GPG_ERR_SOURCE_SHIFT)
176 | | (code & GPG_ERR_CODE_MASK));
177 | }
178 |
179 |
180 | /* The user should define GPG_ERR_SOURCE_DEFAULT before including this
181 | file to specify a default source for gpg_error. */
182 | #ifndef GPG_ERR_SOURCE_DEFAULT
183 | #define GPG_ERR_SOURCE_DEFAULT GPG_ERR_SOURCE_UNKNOWN
184 | #endif
185 |
186 | static GPG_ERR_INLINE gpg_error_t
187 | gpg_error (gpg_err_code_t code)
188 | {
189 | return gpg_err_make (GPG_ERR_SOURCE_DEFAULT, code);
190 | }
191 |
192 |
193 | /* Retrieve the error code from an error value. */
194 | static GPG_ERR_INLINE gpg_err_code_t
195 | gpg_err_code (gpg_error_t err)
196 | {
197 | return (gpg_err_code_t) (err & GPG_ERR_CODE_MASK);
198 | }
199 |
200 |
201 | /* Retrieve the error source from an error value. */
202 | static GPG_ERR_INLINE gpg_err_source_t
203 | gpg_err_source (gpg_error_t err)
204 | {
205 | return (gpg_err_source_t) ((err >> GPG_ERR_SOURCE_SHIFT)
206 | & GPG_ERR_SOURCE_MASK);
207 | }
208 |
209 |
210 | /* String functions. */
211 |
212 | /* Return a pointer to a string containing a description of the error
213 | code in the error value ERR. This function is not thread-safe. */
214 | const char *gpg_strerror (gpg_error_t err);
215 |
216 | /* Return the error string for ERR in the user-supplied buffer BUF of
217 | size BUFLEN. This function is, in contrast to gpg_strerror,
218 | thread-safe if a thread-safe strerror_r() function is provided by
219 | the system. If the function succeeds, 0 is returned and BUF
220 | contains the string describing the error. If the buffer was not
221 | large enough, ERANGE is returned and BUF contains as much of the
222 | beginning of the error string as fits into the buffer. */
223 | int gpg_strerror_r (gpg_error_t err, char *buf, size_t buflen);
224 |
225 | /* Return a pointer to a string containing a description of the error
226 | source in the error value ERR. */
227 | const char *gpg_strsource (gpg_error_t err);
228 |
229 |
230 | /* Mapping of system errors (errno). */
231 |
232 | /* Retrieve the error code for the system error ERR. This returns
233 | GPG_ERR_UNKNOWN_ERRNO if the system error is not mapped (report
234 | this). */
235 | gpg_err_code_t gpg_err_code_from_errno (int err);
236 |
237 |
238 | /* Retrieve the system error for the error code CODE. This returns 0
239 | if CODE is not a system error code. */
240 | int gpg_err_code_to_errno (gpg_err_code_t code);
241 |
242 |
243 | /* Retrieve the error code directly from the ERRNO variable. This
244 | returns GPG_ERR_UNKNOWN_ERRNO if the system error is not mapped
245 | (report this) and GPG_ERR_MISSING_ERRNO if ERRNO has the value 0. */
246 | gpg_err_code_t gpg_err_code_from_syserror (void);
247 |
248 |
249 | /* Set the ERRNO variable. This function is the preferred way to set
250 | ERRNO due to peculiarities on WindowsCE. */
251 | void gpg_err_set_errno (int err);
252 |
253 | @include extra-h.in
254 |
255 | /* Self-documenting convenience functions. */
256 |
257 | static GPG_ERR_INLINE gpg_error_t
258 | gpg_err_make_from_errno (gpg_err_source_t source, int err)
259 | {
260 | return gpg_err_make (source, gpg_err_code_from_errno (err));
261 | }
262 |
263 |
264 | static GPG_ERR_INLINE gpg_error_t
265 | gpg_error_from_errno (int err)
266 | {
267 | return gpg_error (gpg_err_code_from_errno (err));
268 | }
269 |
270 | static GPG_ERR_INLINE gpg_error_t
271 | gpg_error_from_syserror (void)
272 | {
273 | return gpg_error (gpg_err_code_from_syserror ());
274 | }
275 |
276 | #ifdef __cplusplus
277 | }
278 | #endif
279 |
280 |
281 | #endif /* GPG_ERROR_H */
282 |
--------------------------------------------------------------------------------
/include/gcrypt.h:
--------------------------------------------------------------------------------
1 | /* gcrypt.h - GNU Cryptographic Library Interface -*- c -*-
2 | Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2006
3 | 2007, 2008, 2009 Free Software Foundation, Inc.
4 |
5 | This file is part of Libgcrypt.
6 |
7 | Libgcrypt is free software; you can redistribute it and/or modify
8 | it under the terms of the GNU Lesser General Public License as
9 | published by the Free Software Foundation; either version 2.1 of
10 | the License, or (at your option) any later version.
11 |
12 | Libgcrypt is distributed in the hope that it will be useful,
13 | but WITHOUT ANY WARRANTY; without even the implied warranty of
14 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 | GNU Lesser General Public License for more details.
16 |
17 | You should have received a copy of the GNU Lesser General Public
18 | License along with this program; if not, see .
19 | File: src/gcrypt.h. Generated from gcrypt.h.in by configure. */
20 |
21 | #ifndef _GCRYPT_H
22 | #define _GCRYPT_H
23 |
24 | #include
25 | #include
26 | #include
27 |
28 | #include
29 |
30 | #include
31 |
32 | #if defined _WIN32 || defined __WIN32__
33 | # include
34 | # include
35 | #else
36 | # include
37 | #endif /*!_WIN32*/
38 |
39 | typedef socklen_t gcry_socklen_t;
40 |
41 | #include
42 |
43 | /* This is required for error code compatibility. */
44 | #define _GCRY_ERR_SOURCE_DEFAULT GPG_ERR_SOURCE_GCRYPT
45 |
46 | #ifdef __cplusplus
47 | extern "C" {
48 | #if 0 /* (Keep Emacsens' auto-indent happy.) */
49 | }
50 | #endif
51 | #endif
52 |
53 | /* The version of this header should match the one of the library. It
54 | should not be used by a program because gcry_check_version() should
55 | return the same version. The purpose of this macro is to let
56 | autoconf (using the AM_PATH_GCRYPT macro) check that this header
57 | matches the installed library. */
58 | #define GCRYPT_VERSION "1.4.4"
59 |
60 | /* Internal: We can't use the convenience macros for the multi
61 | precision integer functions when building this library. */
62 | #ifdef _GCRYPT_IN_LIBGCRYPT
63 | #ifndef GCRYPT_NO_MPI_MACROS
64 | #define GCRYPT_NO_MPI_MACROS 1
65 | #endif
66 | #endif
67 |
68 | /* We want to use gcc attributes when possible. Warning: Don't use
69 | these macros in your programs: As indicated by the leading
70 | underscore they are subject to change without notice. */
71 | #ifdef __GNUC__
72 |
73 | #define _GCRY_GCC_VERSION (__GNUC__ * 10000 \
74 | + __GNUC_MINOR__ * 100 \
75 | + __GNUC_PATCHLEVEL__)
76 |
77 | #if _GCRY_GCC_VERSION >= 30100
78 | #define _GCRY_GCC_ATTR_DEPRECATED __attribute__ ((__deprecated__))
79 | #endif
80 |
81 | #if _GCRY_GCC_VERSION >= 29600
82 | #define _GCRY_GCC_ATTR_PURE __attribute__ ((__pure__))
83 | #endif
84 |
85 | #if _GCRY_GCC_VERSION >= 30200
86 | #define _GCRY_GCC_ATTR_MALLOC __attribute__ ((__malloc__))
87 | #endif
88 |
89 | #endif /*__GNUC__*/
90 |
91 | #ifndef _GCRY_GCC_ATTR_DEPRECATED
92 | #define _GCRY_GCC_ATTR_DEPRECATED
93 | #endif
94 | #ifndef _GCRY_GCC_ATTR_PURE
95 | #define _GCRY_GCC_ATTR_PURE
96 | #endif
97 | #ifndef _GCRY_GCC_ATTR_MALLOC
98 | #define _GCRY_GCC_ATTR_MALLOC
99 | #endif
100 |
101 | /* Some members in a public type should only be used internally.
102 | There is no "internal" attribute, so we abuse the deprecated
103 | attribute to discourage external use. */
104 | #ifdef _GCRYPT_IN_LIBGCRYPT
105 | #define _GCRY_ATTR_INTERNAL
106 | #else
107 | #define _GCRY_ATTR_INTERNAL _GCRY_GCC_ATTR_DEPRECATED
108 | #endif
109 |
110 | /* Wrappers for the libgpg-error library. */
111 |
112 | typedef gpg_error_t gcry_error_t;
113 | typedef gpg_err_code_t gcry_err_code_t;
114 | typedef gpg_err_source_t gcry_err_source_t;
115 |
116 | static GPG_ERR_INLINE gcry_error_t
117 | gcry_err_make (gcry_err_source_t source, gcry_err_code_t code)
118 | {
119 | return gpg_err_make (source, code);
120 | }
121 |
122 | /* The user can define GPG_ERR_SOURCE_DEFAULT before including this
123 | file to specify a default source for gpg_error. */
124 | #ifndef GCRY_ERR_SOURCE_DEFAULT
125 | #define GCRY_ERR_SOURCE_DEFAULT GPG_ERR_SOURCE_USER_1
126 | #endif
127 |
128 | static GPG_ERR_INLINE gcry_error_t
129 | gcry_error (gcry_err_code_t code)
130 | {
131 | return gcry_err_make (GCRY_ERR_SOURCE_DEFAULT, code);
132 | }
133 |
134 | static GPG_ERR_INLINE gcry_err_code_t
135 | gcry_err_code (gcry_error_t err)
136 | {
137 | return gpg_err_code (err);
138 | }
139 |
140 |
141 | static GPG_ERR_INLINE gcry_err_source_t
142 | gcry_err_source (gcry_error_t err)
143 | {
144 | return gpg_err_source (err);
145 | }
146 |
147 | /* Return a pointer to a string containing a description of the error
148 | code in the error value ERR. */
149 | const char *gcry_strerror (gcry_error_t err);
150 |
151 | /* Return a pointer to a string containing a description of the error
152 | source in the error value ERR. */
153 | const char *gcry_strsource (gcry_error_t err);
154 |
155 | /* Retrieve the error code for the system error ERR. This returns
156 | GPG_ERR_UNKNOWN_ERRNO if the system error is not mapped (report
157 | this). */
158 | gcry_err_code_t gcry_err_code_from_errno (int err);
159 |
160 | /* Retrieve the system error for the error code CODE. This returns 0
161 | if CODE is not a system error code. */
162 | int gcry_err_code_to_errno (gcry_err_code_t code);
163 |
164 | /* Return an error value with the error source SOURCE and the system
165 | error ERR. */
166 | gcry_error_t gcry_err_make_from_errno (gcry_err_source_t source, int err);
167 |
168 | /* Return an error value with the system error ERR. */
169 | gcry_err_code_t gcry_error_from_errno (int err);
170 |
171 |
172 | /* This enum is deprecated; it is only declared for the sake of
173 | complete API compatibility. */
174 | enum gcry_thread_option
175 | {
176 | _GCRY_THREAD_OPTION_DUMMY
177 | } _GCRY_GCC_ATTR_DEPRECATED;
178 |
179 |
180 | /* Constants defining the thread model to use. Used with the OPTION
181 | field of the struct gcry_thread_cbs. */
182 | #define GCRY_THREAD_OPTION_DEFAULT 0
183 | #define GCRY_THREAD_OPTION_USER 1
184 | #define GCRY_THREAD_OPTION_PTH 2
185 | #define GCRY_THREAD_OPTION_PTHREAD 3
186 |
187 | /* The version number encoded in the OPTION field of the struct
188 | gcry_thread_cbs. */
189 | #define GCRY_THREAD_OPTION_VERSION 0
190 |
191 | /* Wrapper for struct ath_ops. */
192 | struct gcry_thread_cbs
193 | {
194 | /* The OPTION field encodes the thread model and the version number
195 | of this structure.
196 | Bits 7 - 0 are used for the thread model
197 | Bits 15 - 8 are used for the version number.
198 | */
199 | unsigned int option;
200 |
201 | int (*init) (void);
202 | int (*mutex_init) (void **priv);
203 | int (*mutex_destroy) (void **priv);
204 | int (*mutex_lock) (void **priv);
205 | int (*mutex_unlock) (void **priv);
206 | ssize_t (*read) (int fd, void *buf, size_t nbytes);
207 | ssize_t (*write) (int fd, const void *buf, size_t nbytes);
208 | #ifdef _WIN32
209 | ssize_t (*select) (int nfd, void *rset, void *wset, void *eset,
210 | struct timeval *timeout);
211 | ssize_t (*waitpid) (pid_t pid, int *status, int options);
212 | int (*accept) (int s, void *addr, int *length_ptr);
213 | int (*connect) (int s, void *addr, gcry_socklen_t length);
214 | int (*sendmsg) (int s, const void *msg, int flags);
215 | int (*recvmsg) (int s, void *msg, int flags);
216 | #else
217 | ssize_t (*select) (int nfd, fd_set *rset, fd_set *wset, fd_set *eset,
218 | struct timeval *timeout);
219 | ssize_t (*waitpid) (pid_t pid, int *status, int options);
220 | int (*accept) (int s, struct sockaddr *addr, gcry_socklen_t *length_ptr);
221 | int (*connect) (int s, struct sockaddr *addr, gcry_socklen_t length);
222 | int (*sendmsg) (int s, const struct msghdr *msg, int flags);
223 | int (*recvmsg) (int s, struct msghdr *msg, int flags);
224 | #endif
225 | };
226 |
227 | #ifdef _WIN32
228 | # define _GCRY_THREAD_OPTION_PTH_IMPL_NET \
229 | static ssize_t gcry_pth_select (int nfd, void *rset, void *wset, \
230 | void *eset, struct timeval *timeout) \
231 | { return pth_select (nfd, rset, wset, eset, timeout); } \
232 | static ssize_t gcry_pth_waitpid (pid_t pid, int *status, int options) \
233 | { return pth_waitpid (pid, status, options); } \
234 | static int gcry_pth_accept (int s, void *addr, \
235 | gcry_socklen_t *length_ptr) \
236 | { return pth_accept (s, addr, length_ptr); } \
237 | static int gcry_pth_connect (int s, void *addr, \
238 | gcry_socklen_t length) \
239 | { return pth_connect (s, addr, length); }
240 | #else /*!_WIN32*/
241 | # define _GCRY_THREAD_OPTION_PTH_IMPL_NET \
242 | static ssize_t gcry_pth_select (int nfd, fd_set *rset, fd_set *wset, \
243 | fd_set *eset, struct timeval *timeout) \
244 | { return pth_select (nfd, rset, wset, eset, timeout); } \
245 | static ssize_t gcry_pth_waitpid (pid_t pid, int *status, int options) \
246 | { return pth_waitpid (pid, status, options); } \
247 | static int gcry_pth_accept (int s, struct sockaddr *addr, \
248 | gcry_socklen_t *length_ptr) \
249 | { return pth_accept (s, addr, length_ptr); } \
250 | static int gcry_pth_connect (int s, struct sockaddr *addr, \
251 | gcry_socklen_t length) \
252 | { return pth_connect (s, addr, length); }
253 | #endif /*!_WIN32*/
254 |
255 |
256 |
257 | #define GCRY_THREAD_OPTION_PTH_IMPL \
258 | static int gcry_pth_init (void) \
259 | { return (pth_init () == FALSE) ? errno : 0; } \
260 | static int gcry_pth_mutex_init (void **priv) \
261 | { \
262 | int err = 0; \
263 | pth_mutex_t *lock = malloc (sizeof (pth_mutex_t)); \
264 | \
265 | if (!lock) \
266 | err = ENOMEM; \
267 | if (!err) \
268 | { \
269 | err = pth_mutex_init (lock); \
270 | if (err == FALSE) \
271 | err = errno; \
272 | else \
273 | err = 0; \
274 | if (err) \
275 | free (lock); \
276 | else \
277 | *priv = lock; \
278 | } \
279 | return err; \
280 | } \
281 | static int gcry_pth_mutex_destroy (void **lock) \
282 | { /* GNU Pth has no destructor function. */ free (*lock); return 0; } \
283 | static int gcry_pth_mutex_lock (void **lock) \
284 | { return ((pth_mutex_acquire (*lock, 0, NULL)) == FALSE) \
285 | ? errno : 0; } \
286 | static int gcry_pth_mutex_unlock (void **lock) \
287 | { return ((pth_mutex_release (*lock)) == FALSE) \
288 | ? errno : 0; } \
289 | static ssize_t gcry_pth_read (int fd, void *buf, size_t nbytes) \
290 | { return pth_read (fd, buf, nbytes); } \
291 | static ssize_t gcry_pth_write (int fd, const void *buf, size_t nbytes) \
292 | { return pth_write (fd, buf, nbytes); } \
293 | _GCRY_THREAD_OPTION_PTH_IMPL_NET \
294 | \
295 | /* Note: GNU Pth is missing pth_sendmsg and pth_recvmsg. */ \
296 | static struct gcry_thread_cbs gcry_threads_pth = { \
297 | (GCRY_THREAD_OPTION_PTH | (GCRY_THREAD_OPTION_VERSION << 8)), \
298 | gcry_pth_init, gcry_pth_mutex_init, gcry_pth_mutex_destroy, \
299 | gcry_pth_mutex_lock, gcry_pth_mutex_unlock, gcry_pth_read, gcry_pth_write, \
300 | gcry_pth_select, gcry_pth_waitpid, gcry_pth_accept, gcry_pth_connect, \
301 | NULL, NULL }
302 |
303 |
304 | #define GCRY_THREAD_OPTION_PTHREAD_IMPL \
305 | static int gcry_pthread_mutex_init (void **priv) \
306 | { \
307 | int err = 0; \
308 | pthread_mutex_t *lock = (pthread_mutex_t*)malloc (sizeof (pthread_mutex_t));\
309 | \
310 | if (!lock) \
311 | err = ENOMEM; \
312 | if (!err) \
313 | { \
314 | err = pthread_mutex_init (lock, NULL); \
315 | if (err) \
316 | free (lock); \
317 | else \
318 | *priv = lock; \
319 | } \
320 | return err; \
321 | } \
322 | static int gcry_pthread_mutex_destroy (void **lock) \
323 | { int err = pthread_mutex_destroy ((pthread_mutex_t*)*lock); \
324 | free (*lock); return err; } \
325 | static int gcry_pthread_mutex_lock (void **lock) \
326 | { return pthread_mutex_lock ((pthread_mutex_t*)*lock); } \
327 | static int gcry_pthread_mutex_unlock (void **lock) \
328 | { return pthread_mutex_unlock ((pthread_mutex_t*)*lock); } \
329 | \
330 | static struct gcry_thread_cbs gcry_threads_pthread = { \
331 | (GCRY_THREAD_OPTION_PTHREAD | (GCRY_THREAD_OPTION_VERSION << 8)), \
332 | NULL, gcry_pthread_mutex_init, gcry_pthread_mutex_destroy, \
333 | gcry_pthread_mutex_lock, gcry_pthread_mutex_unlock, \
334 | NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL }
335 |
336 |
337 | /* The data object used to hold a multi precision integer. */
338 | struct gcry_mpi;
339 | typedef struct gcry_mpi *gcry_mpi_t;
340 |
341 | #ifndef GCRYPT_NO_DEPRECATED
342 | typedef struct gcry_mpi *GCRY_MPI _GCRY_GCC_ATTR_DEPRECATED;
343 | typedef struct gcry_mpi *GcryMPI _GCRY_GCC_ATTR_DEPRECATED;
344 | #endif
345 |
346 |
347 |
348 | /* Check that the library fulfills the version requirement. */
349 | const char *gcry_check_version (const char *req_version);
350 |
351 | /* Codes for function dispatchers. */
352 |
353 | /* Codes used with the gcry_control function. */
354 | enum gcry_ctl_cmds
355 | {
356 | GCRYCTL_SET_KEY = 1,
357 | GCRYCTL_SET_IV = 2,
358 | GCRYCTL_CFB_SYNC = 3,
359 | GCRYCTL_RESET = 4, /* e.g. for MDs */
360 | GCRYCTL_FINALIZE = 5,
361 | GCRYCTL_GET_KEYLEN = 6,
362 | GCRYCTL_GET_BLKLEN = 7,
363 | GCRYCTL_TEST_ALGO = 8,
364 | GCRYCTL_IS_SECURE = 9,
365 | GCRYCTL_GET_ASNOID = 10,
366 | GCRYCTL_ENABLE_ALGO = 11,
367 | GCRYCTL_DISABLE_ALGO = 12,
368 | GCRYCTL_DUMP_RANDOM_STATS = 13,
369 | GCRYCTL_DUMP_SECMEM_STATS = 14,
370 | GCRYCTL_GET_ALGO_NPKEY = 15,
371 | GCRYCTL_GET_ALGO_NSKEY = 16,
372 | GCRYCTL_GET_ALGO_NSIGN = 17,
373 | GCRYCTL_GET_ALGO_NENCR = 18,
374 | GCRYCTL_SET_VERBOSITY = 19,
375 | GCRYCTL_SET_DEBUG_FLAGS = 20,
376 | GCRYCTL_CLEAR_DEBUG_FLAGS = 21,
377 | GCRYCTL_USE_SECURE_RNDPOOL= 22,
378 | GCRYCTL_DUMP_MEMORY_STATS = 23,
379 | GCRYCTL_INIT_SECMEM = 24,
380 | GCRYCTL_TERM_SECMEM = 25,
381 | GCRYCTL_DISABLE_SECMEM_WARN = 27,
382 | GCRYCTL_SUSPEND_SECMEM_WARN = 28,
383 | GCRYCTL_RESUME_SECMEM_WARN = 29,
384 | GCRYCTL_DROP_PRIVS = 30,
385 | GCRYCTL_ENABLE_M_GUARD = 31,
386 | GCRYCTL_START_DUMP = 32,
387 | GCRYCTL_STOP_DUMP = 33,
388 | GCRYCTL_GET_ALGO_USAGE = 34,
389 | GCRYCTL_IS_ALGO_ENABLED = 35,
390 | GCRYCTL_DISABLE_INTERNAL_LOCKING = 36,
391 | GCRYCTL_DISABLE_SECMEM = 37,
392 | GCRYCTL_INITIALIZATION_FINISHED = 38,
393 | GCRYCTL_INITIALIZATION_FINISHED_P = 39,
394 | GCRYCTL_ANY_INITIALIZATION_P = 40,
395 | GCRYCTL_SET_CBC_CTS = 41,
396 | GCRYCTL_SET_CBC_MAC = 42,
397 | GCRYCTL_SET_CTR = 43,
398 | GCRYCTL_ENABLE_QUICK_RANDOM = 44,
399 | GCRYCTL_SET_RANDOM_SEED_FILE = 45,
400 | GCRYCTL_UPDATE_RANDOM_SEED_FILE = 46,
401 | GCRYCTL_SET_THREAD_CBS = 47,
402 | GCRYCTL_FAST_POLL = 48,
403 | GCRYCTL_SET_RANDOM_DAEMON_SOCKET = 49,
404 | GCRYCTL_USE_RANDOM_DAEMON = 50,
405 | GCRYCTL_FAKED_RANDOM_P = 51,
406 | GCRYCTL_SET_RNDEGD_SOCKET = 52,
407 | GCRYCTL_PRINT_CONFIG = 53,
408 | GCRYCTL_OPERATIONAL_P = 54,
409 | GCRYCTL_FIPS_MODE_P = 55,
410 | GCRYCTL_FORCE_FIPS_MODE = 56,
411 | GCRYCTL_SELFTEST = 57
412 | /* Note: 58 .. 62 are used internally. */
413 | };
414 |
415 | /* Perform various operations defined by CMD. */
416 | gcry_error_t gcry_control (enum gcry_ctl_cmds CMD, ...);
417 |
418 |
419 | /* S-expression management. */
420 |
421 | /* The object to represent an S-expression as used with the public key
422 | functions. */
423 | struct gcry_sexp;
424 | typedef struct gcry_sexp *gcry_sexp_t;
425 |
426 | #ifndef GCRYPT_NO_DEPRECATED
427 | typedef struct gcry_sexp *GCRY_SEXP _GCRY_GCC_ATTR_DEPRECATED;
428 | typedef struct gcry_sexp *GcrySexp _GCRY_GCC_ATTR_DEPRECATED;
429 | #endif
430 |
431 | /* The possible values for the S-expression format. */
432 | enum gcry_sexp_format
433 | {
434 | GCRYSEXP_FMT_DEFAULT = 0,
435 | GCRYSEXP_FMT_CANON = 1,
436 | GCRYSEXP_FMT_BASE64 = 2,
437 | GCRYSEXP_FMT_ADVANCED = 3
438 | };
439 |
440 | /* Create an new S-expression object from BUFFER of size LENGTH and
441 | return it in RETSEXP. With AUTODETECT set to 0 the data in BUFFER
442 | is expected to be in canonized format. */
443 | gcry_error_t gcry_sexp_new (gcry_sexp_t *retsexp,
444 | const void *buffer, size_t length,
445 | int autodetect);
446 |
447 | /* Same as gcry_sexp_new but allows to pass a FREEFNC which has the
448 | effect to transfer ownership of BUFFER to the created object. */
449 | gcry_error_t gcry_sexp_create (gcry_sexp_t *retsexp,
450 | void *buffer, size_t length,
451 | int autodetect, void (*freefnc) (void *));
452 |
453 | /* Scan BUFFER and return a new S-expression object in RETSEXP. This
454 | function expects a printf like string in BUFFER. */
455 | gcry_error_t gcry_sexp_sscan (gcry_sexp_t *retsexp, size_t *erroff,
456 | const char *buffer, size_t length);
457 |
458 | /* Same as gcry_sexp_sscan but expects a string in FORMAT and can thus
459 | only be used for certain encodings. */
460 | gcry_error_t gcry_sexp_build (gcry_sexp_t *retsexp, size_t *erroff,
461 | const char *format, ...);
462 |
463 | /* Like gcry_sexp_build, but uses an array instead of variable
464 | function arguments. */
465 | gcry_error_t gcry_sexp_build_array (gcry_sexp_t *retsexp, size_t *erroff,
466 | const char *format, void **arg_list);
467 |
468 | /* Release the S-expression object SEXP */
469 | void gcry_sexp_release (gcry_sexp_t sexp);
470 |
471 | /* Calculate the length of an canonized S-expresion in BUFFER and
472 | check for a valid encoding. */
473 | size_t gcry_sexp_canon_len (const unsigned char *buffer, size_t length,
474 | size_t *erroff, gcry_error_t *errcode);
475 |
476 | /* Copies the S-expression object SEXP into BUFFER using the format
477 | specified in MODE. */
478 | size_t gcry_sexp_sprint (gcry_sexp_t sexp, int mode, void *buffer,
479 | size_t maxlength);
480 |
481 | /* Dumps the S-expression object A in a format suitable for debugging
482 | to Libgcrypt's logging stream. */
483 | void gcry_sexp_dump (const gcry_sexp_t a);
484 |
485 | gcry_sexp_t gcry_sexp_cons (const gcry_sexp_t a, const gcry_sexp_t b);
486 | gcry_sexp_t gcry_sexp_alist (const gcry_sexp_t *array);
487 | gcry_sexp_t gcry_sexp_vlist (const gcry_sexp_t a, ...);
488 | gcry_sexp_t gcry_sexp_append (const gcry_sexp_t a, const gcry_sexp_t n);
489 | gcry_sexp_t gcry_sexp_prepend (const gcry_sexp_t a, const gcry_sexp_t n);
490 |
491 | /* Scan the S-expression for a sublist with a type (the car of the
492 | list) matching the string TOKEN. If TOKLEN is not 0, the token is
493 | assumed to be raw memory of this length. The function returns a
494 | newly allocated S-expression consisting of the found sublist or
495 | `NULL' when not found. */
496 | gcry_sexp_t gcry_sexp_find_token (gcry_sexp_t list,
497 | const char *tok, size_t toklen);
498 | /* Return the length of the LIST. For a valid S-expression this
499 | should be at least 1. */
500 | int gcry_sexp_length (const gcry_sexp_t list);
501 |
502 | /* Create and return a new S-expression from the element with index
503 | NUMBER in LIST. Note that the first element has the index 0. If
504 | there is no such element, `NULL' is returned. */
505 | gcry_sexp_t gcry_sexp_nth (const gcry_sexp_t list, int number);
506 |
507 | /* Create and return a new S-expression from the first element in
508 | LIST; this called the "type" and should always exist and be a
509 | string. `NULL' is returned in case of a problem. */
510 | gcry_sexp_t gcry_sexp_car (const gcry_sexp_t list);
511 |
512 | /* Create and return a new list form all elements except for the first
513 | one. Note, that this function may return an invalid S-expression
514 | because it is not guaranteed, that the type exists and is a string.
515 | However, for parsing a complex S-expression it might be useful for
516 | intermediate lists. Returns `NULL' on error. */
517 | gcry_sexp_t gcry_sexp_cdr (const gcry_sexp_t list);
518 |
519 | gcry_sexp_t gcry_sexp_cadr (const gcry_sexp_t list);
520 |
521 |
522 | /* This function is used to get data from a LIST. A pointer to the
523 | actual data with index NUMBER is returned and the length of this
524 | data will be stored to DATALEN. If there is no data at the given
525 | index or the index represents another list, `NULL' is returned.
526 | *Note:* The returned pointer is valid as long as LIST is not
527 | modified or released. */
528 | const char *gcry_sexp_nth_data (const gcry_sexp_t list, int number,
529 | size_t *datalen);
530 |
531 | /* This function is used to get and convert data from a LIST. The
532 | data is assumed to be a Nul terminated string. The caller must
533 | release the returned value using `gcry_free'. If there is no data
534 | at the given index, the index represents a list or the value can't
535 | be converted to a string, `NULL' is returned. */
536 | char *gcry_sexp_nth_string (gcry_sexp_t list, int number);
537 |
538 | /* This function is used to get and convert data from a LIST. This
539 | data is assumed to be an MPI stored in the format described by
540 | MPIFMT and returned as a standard Libgcrypt MPI. The caller must
541 | release this returned value using `gcry_mpi_release'. If there is
542 | no data at the given index, the index represents a list or the
543 | value can't be converted to an MPI, `NULL' is returned. */
544 | gcry_mpi_t gcry_sexp_nth_mpi (gcry_sexp_t list, int number, int mpifmt);
545 |
546 |
547 |
548 | /*******************************************
549 | * *
550 | * Multi Precision Integer Functions *
551 | * *
552 | *******************************************/
553 |
554 | /* Different formats of external big integer representation. */
555 | enum gcry_mpi_format
556 | {
557 | GCRYMPI_FMT_NONE= 0,
558 | GCRYMPI_FMT_STD = 1, /* Twos complement stored without length. */
559 | GCRYMPI_FMT_PGP = 2, /* As used by OpenPGP (unsigned only). */
560 | GCRYMPI_FMT_SSH = 3, /* As used by SSH (like STD but with length). */
561 | GCRYMPI_FMT_HEX = 4, /* Hex format. */
562 | GCRYMPI_FMT_USG = 5 /* Like STD but unsigned. */
563 | };
564 |
565 | /* Flags used for creating big integers. */
566 | enum gcry_mpi_flag
567 | {
568 | GCRYMPI_FLAG_SECURE = 1, /* Allocate the number in "secure" memory. */
569 | GCRYMPI_FLAG_OPAQUE = 2 /* The number is not a real one but just
570 | a way to store some bytes. This is
571 | useful for encrypted big integers. */
572 | };
573 |
574 |
575 | /* Allocate a new big integer object, initialize it with 0 and
576 | initially allocate memory for a number of at least NBITS. */
577 | gcry_mpi_t gcry_mpi_new (unsigned int nbits);
578 |
579 | /* Same as gcry_mpi_new() but allocate in "secure" memory. */
580 | gcry_mpi_t gcry_mpi_snew (unsigned int nbits);
581 |
582 | /* Release the number A and free all associated resources. */
583 | void gcry_mpi_release (gcry_mpi_t a);
584 |
585 | /* Create a new number with the same value as A. */
586 | gcry_mpi_t gcry_mpi_copy (const gcry_mpi_t a);
587 |
588 | /* Store the big integer value U in W. */
589 | gcry_mpi_t gcry_mpi_set (gcry_mpi_t w, const gcry_mpi_t u);
590 |
591 | /* Store the unsigned integer value U in W. */
592 | gcry_mpi_t gcry_mpi_set_ui (gcry_mpi_t w, unsigned long u);
593 |
594 | /* Swap the values of A and B. */
595 | void gcry_mpi_swap (gcry_mpi_t a, gcry_mpi_t b);
596 |
597 | /* Compare the big integer number U and V returning 0 for equality, a
598 | positive value for U > V and a negative for U < V. */
599 | int gcry_mpi_cmp (const gcry_mpi_t u, const gcry_mpi_t v);
600 |
601 | /* Compare the big integer number U with the unsigned integer V
602 | returning 0 for equality, a positive value for U > V and a negative
603 | for U < V. */
604 | int gcry_mpi_cmp_ui (const gcry_mpi_t u, unsigned long v);
605 |
606 | /* Convert the external representation of an integer stored in BUFFER
607 | with a length of BUFLEN into a newly create MPI returned in
608 | RET_MPI. If NSCANNED is not NULL, it will receive the number of
609 | bytes actually scanned after a successful operation. */
610 | gcry_error_t gcry_mpi_scan (gcry_mpi_t *ret_mpi, enum gcry_mpi_format format,
611 | const void *buffer, size_t buflen,
612 | size_t *nscanned);
613 |
614 | /* Convert the big integer A into the external representation
615 | described by FORMAT and store it in the provided BUFFER which has
616 | been allocated by the user with a size of BUFLEN bytes. NWRITTEN
617 | receives the actual length of the external representation unless it
618 | has been passed as NULL. */
619 | gcry_error_t gcry_mpi_print (enum gcry_mpi_format format,
620 | unsigned char *buffer, size_t buflen,
621 | size_t *nwritten,
622 | const gcry_mpi_t a);
623 |
624 | /* Convert the big integer A int the external representation described
625 | by FORMAT and store it in a newly allocated buffer which address
626 | will be put into BUFFER. NWRITTEN receives the actual lengths of the
627 | external representation. */
628 | gcry_error_t gcry_mpi_aprint (enum gcry_mpi_format format,
629 | unsigned char **buffer, size_t *nwritten,
630 | const gcry_mpi_t a);
631 |
632 | /* Dump the value of A in a format suitable for debugging to
633 | Libgcrypt's logging stream. Note that one leading space but no
634 | trailing space or linefeed will be printed. It is okay to pass
635 | NULL for A. */
636 | void gcry_mpi_dump (const gcry_mpi_t a);
637 |
638 |
639 | /* W = U + V. */
640 | void gcry_mpi_add (gcry_mpi_t w, gcry_mpi_t u, gcry_mpi_t v);
641 |
642 | /* W = U + V. V is an unsigned integer. */
643 | void gcry_mpi_add_ui (gcry_mpi_t w, gcry_mpi_t u, unsigned long v);
644 |
645 | /* W = U + V mod M. */
646 | void gcry_mpi_addm (gcry_mpi_t w, gcry_mpi_t u, gcry_mpi_t v, gcry_mpi_t m);
647 |
648 | /* W = U - V. */
649 | void gcry_mpi_sub (gcry_mpi_t w, gcry_mpi_t u, gcry_mpi_t v);
650 |
651 | /* W = U - V. V is an unsigned integer. */
652 | void gcry_mpi_sub_ui (gcry_mpi_t w, gcry_mpi_t u, unsigned long v );
653 |
654 | /* W = U - V mod M */
655 | void gcry_mpi_subm (gcry_mpi_t w, gcry_mpi_t u, gcry_mpi_t v, gcry_mpi_t m);
656 |
657 | /* W = U * V. */
658 | void gcry_mpi_mul (gcry_mpi_t w, gcry_mpi_t u, gcry_mpi_t v);
659 |
660 | /* W = U * V. V is an unsigned integer. */
661 | void gcry_mpi_mul_ui (gcry_mpi_t w, gcry_mpi_t u, unsigned long v );
662 |
663 | /* W = U * V mod M. */
664 | void gcry_mpi_mulm (gcry_mpi_t w, gcry_mpi_t u, gcry_mpi_t v, gcry_mpi_t m);
665 |
666 | /* W = U * (2 ^ CNT). */
667 | void gcry_mpi_mul_2exp (gcry_mpi_t w, gcry_mpi_t u, unsigned long cnt);
668 |
669 | /* Q = DIVIDEND / DIVISOR, R = DIVIDEND % DIVISOR,
670 | Q or R may be passed as NULL. ROUND should be negative or 0. */
671 | void gcry_mpi_div (gcry_mpi_t q, gcry_mpi_t r,
672 | gcry_mpi_t dividend, gcry_mpi_t divisor, int round);
673 |
674 | /* R = DIVIDEND % DIVISOR */
675 | void gcry_mpi_mod (gcry_mpi_t r, gcry_mpi_t dividend, gcry_mpi_t divisor);
676 |
677 | /* W = B ^ E mod M. */
678 | void gcry_mpi_powm (gcry_mpi_t w,
679 | const gcry_mpi_t b, const gcry_mpi_t e,
680 | const gcry_mpi_t m);
681 |
682 | /* Set G to the greatest common divisor of A and B.
683 | Return true if the G is 1. */
684 | int gcry_mpi_gcd (gcry_mpi_t g, gcry_mpi_t a, gcry_mpi_t b);
685 |
686 | /* Set X to the multiplicative inverse of A mod M.
687 | Return true if the value exists. */
688 | int gcry_mpi_invm (gcry_mpi_t x, gcry_mpi_t a, gcry_mpi_t m);
689 |
690 |
691 | /* Return the number of bits required to represent A. */
692 | unsigned int gcry_mpi_get_nbits (gcry_mpi_t a);
693 |
694 | /* Return true when bit number N (counting from 0) is set in A. */
695 | int gcry_mpi_test_bit (gcry_mpi_t a, unsigned int n);
696 |
697 | /* Set bit number N in A. */
698 | void gcry_mpi_set_bit (gcry_mpi_t a, unsigned int n);
699 |
700 | /* Clear bit number N in A. */
701 | void gcry_mpi_clear_bit (gcry_mpi_t a, unsigned int n);
702 |
703 | /* Set bit number N in A and clear all bits greater than N. */
704 | void gcry_mpi_set_highbit (gcry_mpi_t a, unsigned int n);
705 |
706 | /* Clear bit number N in A and all bits greater than N. */
707 | void gcry_mpi_clear_highbit (gcry_mpi_t a, unsigned int n);
708 |
709 | /* Shift the value of A by N bits to the right and store the result in X. */
710 | void gcry_mpi_rshift (gcry_mpi_t x, gcry_mpi_t a, unsigned int n);
711 |
712 | /* Shift the value of A by N bits to the left and store the result in X. */
713 | void gcry_mpi_lshift (gcry_mpi_t x, gcry_mpi_t a, unsigned int n);
714 |
715 | /* Store NBITS of the value P points to in A and mark A as an opaque
716 | value. WARNING: Never use an opaque MPI for anything thing else then
717 | gcry_mpi_release, gcry_mpi_get_opaque. */
718 | gcry_mpi_t gcry_mpi_set_opaque (gcry_mpi_t a, void *p, unsigned int nbits);
719 |
720 | /* Return a pointer to an opaque value stored in A and return its size
721 | in NBITS. Note that the returned pointer is still owned by A and
722 | that the function should never be used for an non-opaque MPI. */
723 | void *gcry_mpi_get_opaque (gcry_mpi_t a, unsigned int *nbits);
724 |
725 | /* Set the FLAG for the big integer A. Currently only the flag
726 | GCRYMPI_FLAG_SECURE is allowed to convert A into an big intger
727 | stored in "secure" memory. */
728 | void gcry_mpi_set_flag (gcry_mpi_t a, enum gcry_mpi_flag flag);
729 |
730 | /* Clear FLAG for the big integer A. Note that this function is
731 | currently useless as no flags are allowed. */
732 | void gcry_mpi_clear_flag (gcry_mpi_t a, enum gcry_mpi_flag flag);
733 |
734 | /* Return true when the FLAG is set for A. */
735 | int gcry_mpi_get_flag (gcry_mpi_t a, enum gcry_mpi_flag flag);
736 |
737 | /* Unless the GCRYPT_NO_MPI_MACROS is used, provide a couple of
738 | convenience macros for the big integer functions. */
739 | #ifndef GCRYPT_NO_MPI_MACROS
740 | #define mpi_new(n) gcry_mpi_new( (n) )
741 | #define mpi_secure_new( n ) gcry_mpi_snew( (n) )
742 | #define mpi_release(a) \
743 | do \
744 | { \
745 | gcry_mpi_release ((a)); \
746 | (a) = NULL; \
747 | } \
748 | while (0)
749 |
750 | #define mpi_copy( a ) gcry_mpi_copy( (a) )
751 | #define mpi_set( w, u) gcry_mpi_set( (w), (u) )
752 | #define mpi_set_ui( w, u) gcry_mpi_set_ui( (w), (u) )
753 | #define mpi_cmp( u, v ) gcry_mpi_cmp( (u), (v) )
754 | #define mpi_cmp_ui( u, v ) gcry_mpi_cmp_ui( (u), (v) )
755 |
756 | #define mpi_add_ui(w,u,v) gcry_mpi_add_ui((w),(u),(v))
757 | #define mpi_add(w,u,v) gcry_mpi_add ((w),(u),(v))
758 | #define mpi_addm(w,u,v,m) gcry_mpi_addm ((w),(u),(v),(m))
759 | #define mpi_sub_ui(w,u,v) gcry_mpi_sub_ui ((w),(u),(v))
760 | #define mpi_sub(w,u,v) gcry_mpi_sub ((w),(u),(v))
761 | #define mpi_subm(w,u,v,m) gcry_mpi_subm ((w),(u),(v),(m))
762 | #define mpi_mul_ui(w,u,v) gcry_mpi_mul_ui ((w),(u),(v))
763 | #define mpi_mul_2exp(w,u,v) gcry_mpi_mul_2exp ((w),(u),(v))
764 | #define mpi_mul(w,u,v) gcry_mpi_mul ((w),(u),(v))
765 | #define mpi_mulm(w,u,v,m) gcry_mpi_mulm ((w),(u),(v),(m))
766 | #define mpi_powm(w,b,e,m) gcry_mpi_powm ( (w), (b), (e), (m) )
767 | #define mpi_tdiv(q,r,a,m) gcry_mpi_div ( (q), (r), (a), (m), 0)
768 | #define mpi_fdiv(q,r,a,m) gcry_mpi_div ( (q), (r), (a), (m), -1)
769 | #define mpi_mod(r,a,m) gcry_mpi_mod ((r), (a), (m))
770 | #define mpi_gcd(g,a,b) gcry_mpi_gcd ( (g), (a), (b) )
771 | #define mpi_invm(g,a,b) gcry_mpi_invm ( (g), (a), (b) )
772 |
773 | #define mpi_get_nbits(a) gcry_mpi_get_nbits ((a))
774 | #define mpi_test_bit(a,b) gcry_mpi_test_bit ((a),(b))
775 | #define mpi_set_bit(a,b) gcry_mpi_set_bit ((a),(b))
776 | #define mpi_set_highbit(a,b) gcry_mpi_set_highbit ((a),(b))
777 | #define mpi_clear_bit(a,b) gcry_mpi_clear_bit ((a),(b))
778 | #define mpi_clear_highbit(a,b) gcry_mpi_clear_highbit ((a),(b))
779 | #define mpi_rshift(a,b,c) gcry_mpi_rshift ((a),(b),(c))
780 | #define mpi_lshift(a,b,c) gcry_mpi_lshift ((a),(b),(c))
781 |
782 | #define mpi_set_opaque(a,b,c) gcry_mpi_set_opaque( (a), (b), (c) )
783 | #define mpi_get_opaque(a,b) gcry_mpi_get_opaque( (a), (b) )
784 | #endif /* GCRYPT_NO_MPI_MACROS */
785 |
786 |
787 |
788 | /************************************
789 | * *
790 | * Symmetric Cipher Functions *
791 | * *
792 | ************************************/
793 |
794 | /* The data object used to hold a handle to an encryption object. */
795 | struct gcry_cipher_handle;
796 | typedef struct gcry_cipher_handle *gcry_cipher_hd_t;
797 |
798 | #ifndef GCRYPT_NO_DEPRECATED
799 | typedef struct gcry_cipher_handle *GCRY_CIPHER_HD _GCRY_GCC_ATTR_DEPRECATED;
800 | typedef struct gcry_cipher_handle *GcryCipherHd _GCRY_GCC_ATTR_DEPRECATED;
801 | #endif
802 |
803 | /* All symmetric encryption algorithms are identified by their IDs.
804 | More IDs may be registered at runtime. */
805 | enum gcry_cipher_algos
806 | {
807 | GCRY_CIPHER_NONE = 0,
808 | GCRY_CIPHER_IDEA = 1,
809 | GCRY_CIPHER_3DES = 2,
810 | GCRY_CIPHER_CAST5 = 3,
811 | GCRY_CIPHER_BLOWFISH = 4,
812 | GCRY_CIPHER_SAFER_SK128 = 5,
813 | GCRY_CIPHER_DES_SK = 6,
814 | GCRY_CIPHER_AES = 7,
815 | GCRY_CIPHER_AES192 = 8,
816 | GCRY_CIPHER_AES256 = 9,
817 | GCRY_CIPHER_TWOFISH = 10,
818 |
819 | /* Other cipher numbers are above 300 for OpenPGP reasons. */
820 | GCRY_CIPHER_ARCFOUR = 301, /* Fully compatible with RSA's RC4 (tm). */
821 | GCRY_CIPHER_DES = 302, /* Yes, this is single key 56 bit DES. */
822 | GCRY_CIPHER_TWOFISH128 = 303,
823 | GCRY_CIPHER_SERPENT128 = 304,
824 | GCRY_CIPHER_SERPENT192 = 305,
825 | GCRY_CIPHER_SERPENT256 = 306,
826 | GCRY_CIPHER_RFC2268_40 = 307, /* Ron's Cipher 2 (40 bit). */
827 | GCRY_CIPHER_RFC2268_128 = 308, /* Ron's Cipher 2 (128 bit). */
828 | GCRY_CIPHER_SEED = 309, /* 128 bit cipher described in RFC4269. */
829 | GCRY_CIPHER_CAMELLIA128 = 310,
830 | GCRY_CIPHER_CAMELLIA192 = 311,
831 | GCRY_CIPHER_CAMELLIA256 = 312
832 | };
833 |
834 | /* The Rijndael algorithm is basically AES, so provide some macros. */
835 | #define GCRY_CIPHER_AES128 GCRY_CIPHER_AES
836 | #define GCRY_CIPHER_RIJNDAEL GCRY_CIPHER_AES
837 | #define GCRY_CIPHER_RIJNDAEL128 GCRY_CIPHER_AES128
838 | #define GCRY_CIPHER_RIJNDAEL192 GCRY_CIPHER_AES192
839 | #define GCRY_CIPHER_RIJNDAEL256 GCRY_CIPHER_AES256
840 |
841 | /* The supported encryption modes. Note that not all of them are
842 | supported for each algorithm. */
843 | enum gcry_cipher_modes
844 | {
845 | GCRY_CIPHER_MODE_NONE = 0, /* Not yet specified. */
846 | GCRY_CIPHER_MODE_ECB = 1, /* Electronic codebook. */
847 | GCRY_CIPHER_MODE_CFB = 2, /* Cipher feedback. */
848 | GCRY_CIPHER_MODE_CBC = 3, /* Cipher block chaining. */
849 | GCRY_CIPHER_MODE_STREAM = 4, /* Used with stream ciphers. */
850 | GCRY_CIPHER_MODE_OFB = 5, /* Outer feedback. */
851 | GCRY_CIPHER_MODE_CTR = 6 /* Counter. */
852 | };
853 |
854 | /* Flags used with the open function. */
855 | enum gcry_cipher_flags
856 | {
857 | GCRY_CIPHER_SECURE = 1, /* Allocate in secure memory. */
858 | GCRY_CIPHER_ENABLE_SYNC = 2, /* Enable CFB sync mode. */
859 | GCRY_CIPHER_CBC_CTS = 4, /* Enable CBC cipher text stealing (CTS). */
860 | GCRY_CIPHER_CBC_MAC = 8 /* Enable CBC message auth. code (MAC). */
861 | };
862 |
863 |
864 | /* Create a handle for algorithm ALGO to be used in MODE. FLAGS may
865 | be given as an bitwise OR of the gcry_cipher_flags values. */
866 | gcry_error_t gcry_cipher_open (gcry_cipher_hd_t *handle,
867 | int algo, int mode, unsigned int flags);
868 |
869 | /* Close the cioher handle H and release all resource. */
870 | void gcry_cipher_close (gcry_cipher_hd_t h);
871 |
872 | /* Perform various operations on the cipher object H. */
873 | gcry_error_t gcry_cipher_ctl (gcry_cipher_hd_t h, int cmd, void *buffer,
874 | size_t buflen);
875 |
876 | /* Retrieve various information about the cipher object H. */
877 | gcry_error_t gcry_cipher_info (gcry_cipher_hd_t h, int what, void *buffer,
878 | size_t *nbytes);
879 |
880 | /* Retrieve various information about the cipher algorithm ALGO. */
881 | gcry_error_t gcry_cipher_algo_info (int algo, int what, void *buffer,
882 | size_t *nbytes);
883 |
884 | /* Map the cipher algorithm whose ID is contained in ALGORITHM to a
885 | string representation of the algorithm name. For unknown algorithm
886 | IDs this function returns "?". */
887 | const char *gcry_cipher_algo_name (int algorithm) _GCRY_GCC_ATTR_PURE;
888 |
889 | /* Map the algorithm name NAME to an cipher algorithm ID. Return 0 if
890 | the algorithm name is not known. */
891 | int gcry_cipher_map_name (const char *name) _GCRY_GCC_ATTR_PURE;
892 |
893 | /* Given an ASN.1 object identifier in standard IETF dotted decimal
894 | format in STRING, return the encryption mode associated with that
895 | OID or 0 if not known or applicable. */
896 | int gcry_cipher_mode_from_oid (const char *string) _GCRY_GCC_ATTR_PURE;
897 |
898 | /* Encrypt the plaintext of size INLEN in IN using the cipher handle H
899 | into the buffer OUT which has an allocated length of OUTSIZE. For
900 | most algorithms it is possible to pass NULL for in and 0 for INLEN
901 | and do a in-place decryption of the data provided in OUT. */
902 | gcry_error_t gcry_cipher_encrypt (gcry_cipher_hd_t h,
903 | void *out, size_t outsize,
904 | const void *in, size_t inlen);
905 |
906 | /* The counterpart to gcry_cipher_encrypt. */
907 | gcry_error_t gcry_cipher_decrypt (gcry_cipher_hd_t h,
908 | void *out, size_t outsize,
909 | const void *in, size_t inlen);
910 |
911 | /* Set KEY of length KEYLEN for the cipher handle HD. */
912 | gcry_error_t gcry_cipher_setkey (gcry_cipher_hd_t hd,
913 | const void *key, size_t keylen);
914 |
915 |
916 | /* Set initialization vector IV of length IVLEN for the cipher handle HD. */
917 | gcry_error_t gcry_cipher_setiv (gcry_cipher_hd_t hd,
918 | const void *iv, size_t ivlen);
919 |
920 |
921 | /* Reset the handle to the state after open. */
922 | #define gcry_cipher_reset(h) gcry_cipher_ctl ((h), GCRYCTL_RESET, NULL, 0)
923 |
924 | /* Perform the OpenPGP sync operation if this is enabled for the
925 | cipher handle H. */
926 | #define gcry_cipher_sync(h) gcry_cipher_ctl( (h), GCRYCTL_CFB_SYNC, NULL, 0)
927 |
928 | /* Enable or disable CTS in future calls to gcry_encrypt(). CBC mode only. */
929 | #define gcry_cipher_cts(h,on) gcry_cipher_ctl( (h), GCRYCTL_SET_CBC_CTS, \
930 | NULL, on )
931 |
932 | /* Set counter for CTR mode. (CTR,CTRLEN) must denote a buffer of
933 | block size length, or (NULL,0) to set the CTR to the all-zero block. */
934 | gpg_error_t gcry_cipher_setctr (gcry_cipher_hd_t hd,
935 | const void *ctr, size_t ctrlen);
936 |
937 | /* Retrieved the key length used with algorithm A. */
938 | size_t gcry_cipher_get_algo_keylen (int algo);
939 |
940 | /* Retrieve the block length used with algorithm A. */
941 | size_t gcry_cipher_get_algo_blklen (int algo);
942 |
943 | /* Return 0 if the algorithm A is available for use. */
944 | #define gcry_cipher_test_algo(a) \
945 | gcry_cipher_algo_info( (a), GCRYCTL_TEST_ALGO, NULL, NULL )
946 |
947 | /* Get a list consisting of the IDs of the loaded cipher modules. If
948 | LIST is zero, write the number of loaded cipher modules to
949 | LIST_LENGTH and return. If LIST is non-zero, the first
950 | *LIST_LENGTH algorithm IDs are stored in LIST, which must be of
951 | according size. In case there are less cipher modules than
952 | *LIST_LENGTH, *LIST_LENGTH is updated to the correct number. */
953 | gcry_error_t gcry_cipher_list (int *list, int *list_length);
954 |
955 |
956 | /************************************
957 | * *
958 | * Asymmetric Cipher Functions *
959 | * *
960 | ************************************/
961 |
962 | /* The algorithms and their IDs we support. */
963 | enum gcry_pk_algos
964 | {
965 | GCRY_PK_RSA = 1,
966 | GCRY_PK_RSA_E = 2, /* (deprecated) */
967 | GCRY_PK_RSA_S = 3, /* (deprecated) */
968 | GCRY_PK_ELG_E = 16,
969 | GCRY_PK_DSA = 17,
970 | GCRY_PK_ELG = 20,
971 | GCRY_PK_ECDSA = 301
972 | };
973 |
974 | /* Flags describing usage capabilities of a PK algorithm. */
975 | #define GCRY_PK_USAGE_SIGN 1 /* Good for signatures. */
976 | #define GCRY_PK_USAGE_ENCR 2 /* Good for encryption. */
977 | #define GCRY_PK_USAGE_CERT 4 /* Good to certify other keys. */
978 | #define GCRY_PK_USAGE_AUTH 8 /* Good for authentication. */
979 | #define GCRY_PK_USAGE_UNKN 128 /* Unknown usage flag. */
980 |
981 | /* Encrypt the DATA using the public key PKEY and store the result as
982 | a newly created S-expression at RESULT. */
983 | gcry_error_t gcry_pk_encrypt (gcry_sexp_t *result,
984 | gcry_sexp_t data, gcry_sexp_t pkey);
985 |
986 | /* Decrypt the DATA using the private key SKEY and store the result as
987 | a newly created S-expression at RESULT. */
988 | gcry_error_t gcry_pk_decrypt (gcry_sexp_t *result,
989 | gcry_sexp_t data, gcry_sexp_t skey);
990 |
991 | /* Sign the DATA using the private key SKEY and store the result as
992 | a newly created S-expression at RESULT. */
993 | gcry_error_t gcry_pk_sign (gcry_sexp_t *result,
994 | gcry_sexp_t data, gcry_sexp_t skey);
995 |
996 | /* Check the signature SIGVAL on DATA using the public key PKEY. */
997 | gcry_error_t gcry_pk_verify (gcry_sexp_t sigval,
998 | gcry_sexp_t data, gcry_sexp_t pkey);
999 |
1000 | /* Check that private KEY is sane. */
1001 | gcry_error_t gcry_pk_testkey (gcry_sexp_t key);
1002 |
1003 | /* Generate a new key pair according to the parameters given in
1004 | S_PARMS. The new key pair is returned in as an S-expression in
1005 | R_KEY. */
1006 | gcry_error_t gcry_pk_genkey (gcry_sexp_t *r_key, gcry_sexp_t s_parms);
1007 |
1008 | /* Catch all function for miscellaneous operations. */
1009 | gcry_error_t gcry_pk_ctl (int cmd, void *buffer, size_t buflen);
1010 |
1011 | /* Retrieve information about the public key algorithm ALGO. */
1012 | gcry_error_t gcry_pk_algo_info (int algo, int what,
1013 | void *buffer, size_t *nbytes);
1014 |
1015 | /* Map the public key algorithm whose ID is contained in ALGORITHM to
1016 | a string representation of the algorithm name. For unknown
1017 | algorithm IDs this functions returns "?". */
1018 | const char *gcry_pk_algo_name (int algorithm) _GCRY_GCC_ATTR_PURE;
1019 |
1020 | /* Map the algorithm NAME to a public key algorithm Id. Return 0 if
1021 | the algorithm name is not known. */
1022 | int gcry_pk_map_name (const char* name) _GCRY_GCC_ATTR_PURE;
1023 |
1024 | /* Return what is commonly referred as the key length for the given
1025 | public or private KEY. */
1026 | unsigned int gcry_pk_get_nbits (gcry_sexp_t key) _GCRY_GCC_ATTR_PURE;
1027 |
1028 | /* Please note that keygrip is still experimental and should not be
1029 | used without contacting the author. */
1030 | unsigned char *gcry_pk_get_keygrip (gcry_sexp_t key, unsigned char *array);
1031 |
1032 | /* Return 0 if the public key algorithm A is available for use. */
1033 | #define gcry_pk_test_algo(a) \
1034 | gcry_pk_algo_info( (a), GCRYCTL_TEST_ALGO, NULL, NULL )
1035 |
1036 | /* Get a list consisting of the IDs of the loaded pubkey modules. If
1037 | LIST is zero, write the number of loaded pubkey modules to
1038 | LIST_LENGTH and return. If LIST is non-zero, the first
1039 | *LIST_LENGTH algorithm IDs are stored in LIST, which must be of
1040 | according size. In case there are less pubkey modules than
1041 | *LIST_LENGTH, *LIST_LENGTH is updated to the correct number. */
1042 | gcry_error_t gcry_pk_list (int *list, int *list_length);
1043 |
1044 |
1045 |
1046 | /************************************
1047 | * *
1048 | * Cryptograhic Hash Functions *
1049 | * *
1050 | ************************************/
1051 |
1052 | /* Algorithm IDs for the hash functions we know about. Not all of them
1053 | are implemnted. */
1054 | enum gcry_md_algos
1055 | {
1056 | GCRY_MD_NONE = 0,
1057 | GCRY_MD_MD5 = 1,
1058 | GCRY_MD_SHA1 = 2,
1059 | GCRY_MD_RMD160 = 3,
1060 | GCRY_MD_MD2 = 5,
1061 | GCRY_MD_TIGER = 6, /* TIGER/192. */
1062 | GCRY_MD_HAVAL = 7, /* HAVAL, 5 pass, 160 bit. */
1063 | GCRY_MD_SHA256 = 8,
1064 | GCRY_MD_SHA384 = 9,
1065 | GCRY_MD_SHA512 = 10,
1066 | GCRY_MD_SHA224 = 11,
1067 | GCRY_MD_MD4 = 301,
1068 | GCRY_MD_CRC32 = 302,
1069 | GCRY_MD_CRC32_RFC1510 = 303,
1070 | GCRY_MD_CRC24_RFC2440 = 304,
1071 | GCRY_MD_WHIRLPOOL = 305
1072 | };
1073 |
1074 | /* Flags used with the open function. */
1075 | enum gcry_md_flags
1076 | {
1077 | GCRY_MD_FLAG_SECURE = 1, /* Allocate all buffers in "secure" memory. */
1078 | GCRY_MD_FLAG_HMAC = 2 /* Make an HMAC out of this algorithm. */
1079 | };
1080 |
1081 | /* (Forward declaration.) */
1082 | struct gcry_md_context;
1083 |
1084 | /* This object is used to hold a handle to a message digest object.
1085 | This structure is private - only to be used by the public gcry_md_*
1086 | macros. */
1087 | typedef struct gcry_md_handle
1088 | {
1089 | /* Actual context. */
1090 | struct gcry_md_context *ctx;
1091 |
1092 | /* Buffer management. */
1093 | int bufpos;
1094 | int bufsize;
1095 | unsigned char buf[1];
1096 | } *gcry_md_hd_t;
1097 |
1098 | /* Compatibility types, do not use them. */
1099 | #ifndef GCRYPT_NO_DEPRECATED
1100 | typedef struct gcry_md_handle *GCRY_MD_HD _GCRY_GCC_ATTR_DEPRECATED;
1101 | typedef struct gcry_md_handle *GcryMDHd _GCRY_GCC_ATTR_DEPRECATED;
1102 | #endif
1103 |
1104 | /* Create a message digest object for algorithm ALGO. FLAGS may be
1105 | given as an bitwise OR of the gcry_md_flags values. ALGO may be
1106 | given as 0 if the algorithms to be used are later set using
1107 | gcry_md_enable. */
1108 | gcry_error_t gcry_md_open (gcry_md_hd_t *h, int algo, unsigned int flags);
1109 |
1110 | /* Release the message digest object HD. */
1111 | void gcry_md_close (gcry_md_hd_t hd);
1112 |
1113 | /* Add the message digest algorithm ALGO to the digest object HD. */
1114 | gcry_error_t gcry_md_enable (gcry_md_hd_t hd, int algo);
1115 |
1116 | /* Create a new digest object as an exact copy of the object HD. */
1117 | gcry_error_t gcry_md_copy (gcry_md_hd_t *bhd, gcry_md_hd_t ahd);
1118 |
1119 | /* Reset the digest object HD to its initial state. */
1120 | void gcry_md_reset (gcry_md_hd_t hd);
1121 |
1122 | /* Perform various operations on the digest object HD. */
1123 | gcry_error_t gcry_md_ctl (gcry_md_hd_t hd, int cmd,
1124 | void *buffer, size_t buflen);
1125 |
1126 | /* Pass LENGTH bytes of data in BUFFER to the digest object HD so that
1127 | it can update the digest values. This is the actual hash
1128 | function. */
1129 | void gcry_md_write (gcry_md_hd_t hd, const void *buffer, size_t length);
1130 |
1131 | /* Read out the final digest from HD return the digest value for
1132 | algorithm ALGO. */
1133 | unsigned char *gcry_md_read (gcry_md_hd_t hd, int algo);
1134 |
1135 | /* Convenience function to calculate the hash from the data in BUFFER
1136 | of size LENGTH using the algorithm ALGO avoiding the creating of a
1137 | hash object. The hash is returned in the caller provided buffer
1138 | DIGEST which must be large enough to hold the digest of the given
1139 | algorithm. */
1140 | void gcry_md_hash_buffer (int algo, void *digest,
1141 | const void *buffer, size_t length);
1142 |
1143 | /* Retrieve the algorithm used with HD. This does not work reliable
1144 | if more than one algorithm is enabled in HD. */
1145 | int gcry_md_get_algo (gcry_md_hd_t hd);
1146 |
1147 | /* Retrieve the length in bytes of the digest yielded by algorithm
1148 | ALGO. */
1149 | unsigned int gcry_md_get_algo_dlen (int algo);
1150 |
1151 | /* Return true if the the algorithm ALGO is enabled in the digest
1152 | object A. */
1153 | int gcry_md_is_enabled (gcry_md_hd_t a, int algo);
1154 |
1155 | /* Return true if the digest object A is allocated in "secure" memory. */
1156 | int gcry_md_is_secure (gcry_md_hd_t a);
1157 |
1158 | /* Retrieve various information about the object H. */
1159 | gcry_error_t gcry_md_info (gcry_md_hd_t h, int what, void *buffer,
1160 | size_t *nbytes);
1161 |
1162 | /* Retrieve various information about the algorithm ALGO. */
1163 | gcry_error_t gcry_md_algo_info (int algo, int what, void *buffer,
1164 | size_t *nbytes);
1165 |
1166 | /* Map the digest algorithm id ALGO to a string representation of the
1167 | algorithm name. For unknown algorithms this function returns
1168 | "?". */
1169 | const char *gcry_md_algo_name (int algo) _GCRY_GCC_ATTR_PURE;
1170 |
1171 | /* Map the algorithm NAME to a digest algorithm Id. Return 0 if
1172 | the algorithm name is not known. */
1173 | int gcry_md_map_name (const char* name) _GCRY_GCC_ATTR_PURE;
1174 |
1175 | /* For use with the HMAC feature, the set MAC key to the KEY of
1176 | KEYLEN. */
1177 | gcry_error_t gcry_md_setkey (gcry_md_hd_t hd, const void *key, size_t keylen);
1178 |
1179 | /* Start or stop debugging for digest handle HD; i.e. create a file
1180 | named dbgmd-. while hashing. If SUFFIX is NULL,
1181 | debugging stops and the file will be closed. */
1182 | void gcry_md_debug (gcry_md_hd_t hd, const char *suffix);
1183 |
1184 |
1185 | /* Update the hash(s) of H with the character C. This is a buffered
1186 | version of the gcry_md_write function. */
1187 | #define gcry_md_putc(h,c) \
1188 | do { \
1189 | gcry_md_hd_t h__ = (h); \
1190 | if( (h__)->bufpos == (h__)->bufsize ) \
1191 | gcry_md_write( (h__), NULL, 0 ); \
1192 | (h__)->buf[(h__)->bufpos++] = (c) & 0xff; \
1193 | } while(0)
1194 |
1195 | /* Finalize the digest calculation. This is not really needed because
1196 | gcry_md_read() does this implicitly. */
1197 | #define gcry_md_final(a) \
1198 | gcry_md_ctl ((a), GCRYCTL_FINALIZE, NULL, 0)
1199 |
1200 | /* Return 0 if the algorithm A is available for use. */
1201 | #define gcry_md_test_algo(a) \
1202 | gcry_md_algo_info( (a), GCRYCTL_TEST_ALGO, NULL, NULL )
1203 |
1204 | /* Return an DER encoded ASN.1 OID for the algorithm A in buffer B. N
1205 | must point to size_t variable with the available size of buffer B.
1206 | After return it will receive the actual size of the returned
1207 | OID. */
1208 | #define gcry_md_get_asnoid(a,b,n) \
1209 | gcry_md_algo_info((a), GCRYCTL_GET_ASNOID, (b), (n))
1210 |
1211 | /* Enable debugging for digest object A; i.e. create files named
1212 | dbgmd-. while hashing. B is a string used as the suffix
1213 | for the filename. This macro is deprecated, use gcry_md_debug. */
1214 | #ifndef GCRYPT_NO_DEPRECATED
1215 | #define gcry_md_start_debug(a,b) \
1216 | gcry_md_ctl( (a), GCRYCTL_START_DUMP, (b), 0 )
1217 |
1218 | /* Disable the debugging of A. This macro is deprecated, use
1219 | gcry_md_debug. */
1220 | #define gcry_md_stop_debug(a,b) \
1221 | gcry_md_ctl( (a), GCRYCTL_STOP_DUMP, (b), 0 )
1222 | #endif
1223 |
1224 | /* Get a list consisting of the IDs of the loaded message digest
1225 | modules. If LIST is zero, write the number of loaded message
1226 | digest modules to LIST_LENGTH and return. If LIST is non-zero, the
1227 | first *LIST_LENGTH algorithm IDs are stored in LIST, which must be
1228 | of according size. In case there are less message digest modules
1229 | than *LIST_LENGTH, *LIST_LENGTH is updated to the correct
1230 | number. */
1231 | gcry_error_t gcry_md_list (int *list, int *list_length);
1232 |
1233 |
1234 |
1235 | /* Alternative interface for asymmetric cryptography. This interface
1236 | is deprecated. */
1237 |
1238 | /* The algorithm IDs. */
1239 | typedef enum gcry_ac_id
1240 | {
1241 | GCRY_AC_RSA = 1,
1242 | GCRY_AC_DSA = 17,
1243 | GCRY_AC_ELG = 20,
1244 | GCRY_AC_ELG_E = 16
1245 | }
1246 | gcry_ac_id_t;
1247 |
1248 | /* Key types. */
1249 | typedef enum gcry_ac_key_type
1250 | {
1251 | GCRY_AC_KEY_SECRET,
1252 | GCRY_AC_KEY_PUBLIC
1253 | }
1254 | gcry_ac_key_type_t;
1255 |
1256 | /* Encoding methods. */
1257 | typedef enum gcry_ac_em
1258 | {
1259 | GCRY_AC_EME_PKCS_V1_5,
1260 | GCRY_AC_EMSA_PKCS_V1_5
1261 | }
1262 | gcry_ac_em_t;
1263 |
1264 | /* Encryption and Signature schemes. */
1265 | typedef enum gcry_ac_scheme
1266 | {
1267 | GCRY_AC_ES_PKCS_V1_5,
1268 | GCRY_AC_SSA_PKCS_V1_5
1269 | }
1270 | gcry_ac_scheme_t;
1271 |
1272 | /* AC data. */
1273 | #define GCRY_AC_FLAG_DEALLOC (1 << 0)
1274 | #define GCRY_AC_FLAG_COPY (1 << 1)
1275 | #define GCRY_AC_FLAG_NO_BLINDING (1 << 2)
1276 |
1277 | /* This type represents a `data set'. */
1278 | typedef struct gcry_ac_data *gcry_ac_data_t;
1279 |
1280 | /* This type represents a single `key', either a secret one or a
1281 | public one. */
1282 | typedef struct gcry_ac_key *gcry_ac_key_t;
1283 |
1284 | /* This type represents a `key pair' containing a secret and a public
1285 | key. */
1286 | typedef struct gcry_ac_key_pair *gcry_ac_key_pair_t;
1287 |
1288 | /* This type represents a `handle' that is needed by functions
1289 | performing cryptographic operations. */
1290 | typedef struct gcry_ac_handle *gcry_ac_handle_t;
1291 |
1292 | typedef gpg_error_t (*gcry_ac_data_read_cb_t) (void *opaque,
1293 | unsigned char *buffer,
1294 | size_t *buffer_n);
1295 |
1296 | typedef gpg_error_t (*gcry_ac_data_write_cb_t) (void *opaque,
1297 | unsigned char *buffer,
1298 | size_t buffer_n);
1299 |
1300 | typedef enum
1301 | {
1302 | GCRY_AC_IO_READABLE,
1303 | GCRY_AC_IO_WRITABLE
1304 | }
1305 | gcry_ac_io_mode_t;
1306 |
1307 | typedef enum
1308 | {
1309 | GCRY_AC_IO_STRING,
1310 | GCRY_AC_IO_CALLBACK
1311 | }
1312 | gcry_ac_io_type_t;
1313 |
1314 | typedef struct gcry_ac_io
1315 | {
1316 | /* This is an INTERNAL structure, do NOT use manually. */
1317 | gcry_ac_io_mode_t mode _GCRY_ATTR_INTERNAL;
1318 | gcry_ac_io_type_t type _GCRY_ATTR_INTERNAL;
1319 | union
1320 | {
1321 | union
1322 | {
1323 | struct
1324 | {
1325 | gcry_ac_data_read_cb_t cb;
1326 | void *opaque;
1327 | } callback;
1328 | struct
1329 | {
1330 | unsigned char *data;
1331 | size_t data_n;
1332 | } string;
1333 | void *opaque;
1334 | } readable;
1335 | union
1336 | {
1337 | struct
1338 | {
1339 | gcry_ac_data_write_cb_t cb;
1340 | void *opaque;
1341 | } callback;
1342 | struct
1343 | {
1344 | unsigned char **data;
1345 | size_t *data_n;
1346 | } string;
1347 | void *opaque;
1348 | } writable;
1349 | } io _GCRY_ATTR_INTERNAL;
1350 | }
1351 | gcry_ac_io_t;
1352 |
1353 | /* The caller of gcry_ac_key_pair_generate can provide one of these
1354 | structures in order to influence the key generation process in an
1355 | algorithm-specific way. */
1356 | typedef struct gcry_ac_key_spec_rsa
1357 | {
1358 | gcry_mpi_t e; /* E to use. */
1359 | } gcry_ac_key_spec_rsa_t;
1360 |
1361 | /* Structure used for passing data to the implementation of the
1362 | `EME-PKCS-V1_5' encoding method. */
1363 | typedef struct gcry_ac_eme_pkcs_v1_5
1364 | {
1365 | size_t key_size;
1366 | } gcry_ac_eme_pkcs_v1_5_t;
1367 |
1368 | typedef enum gcry_md_algos gcry_md_algo_t;
1369 |
1370 | /* Structure used for passing data to the implementation of the
1371 | `EMSA-PKCS-V1_5' encoding method. */
1372 | typedef struct gcry_ac_emsa_pkcs_v1_5
1373 | {
1374 | gcry_md_algo_t md;
1375 | size_t em_n;
1376 | } gcry_ac_emsa_pkcs_v1_5_t;
1377 |
1378 | /* Structure used for passing data to the implementation of the
1379 | `SSA-PKCS-V1_5' signature scheme. */
1380 | typedef struct gcry_ac_ssa_pkcs_v1_5
1381 | {
1382 | gcry_md_algo_t md;
1383 | } gcry_ac_ssa_pkcs_v1_5_t;
1384 |
1385 | /* Returns a new, empty data set in DATA. */
1386 | gcry_error_t gcry_ac_data_new (gcry_ac_data_t *data);
1387 |
1388 | /* Destroy the data set DATA. */
1389 | void gcry_ac_data_destroy (gcry_ac_data_t data);
1390 |
1391 | /* Create a copy of the data set DATA and store it in DATA_CP. */
1392 | gcry_error_t gcry_ac_data_copy (gcry_ac_data_t *data_cp,
1393 | gcry_ac_data_t data);
1394 |
1395 | /* Return the number of named MPI values inside of the data set
1396 | DATA. */
1397 | unsigned int gcry_ac_data_length (gcry_ac_data_t data);
1398 |
1399 | /* Destroy any values contained in the data set DATA. */
1400 | void gcry_ac_data_clear (gcry_ac_data_t data);
1401 |
1402 | /* Add the value MPI to DATA with the label NAME. If FLAGS contains
1403 | GCRY_AC_FLAG_DATA_COPY, the data set will contain copies of NAME
1404 | and MPI. If FLAGS contains GCRY_AC_FLAG_DATA_DEALLOC or
1405 | GCRY_AC_FLAG_DATA_COPY, the values contained in the data set will
1406 | be deallocated when they are to be removed from the data set. */
1407 | gcry_error_t gcry_ac_data_set (gcry_ac_data_t data, unsigned int flags,
1408 | const char *name, gcry_mpi_t mpi);
1409 |
1410 | /* Store the value labelled with NAME found in DATA in MPI. If FLAGS
1411 | contains GCRY_AC_FLAG_COPY, store a copy of the MPI value contained
1412 | in the data set. MPI may be NULL. */
1413 | gcry_error_t gcry_ac_data_get_name (gcry_ac_data_t data, unsigned int flags,
1414 | const char *name, gcry_mpi_t *mpi);
1415 |
1416 | /* Stores in NAME and MPI the named MPI value contained in the data
1417 | set DATA with the index IDX. If FLAGS contains GCRY_AC_FLAG_COPY,
1418 | store copies of the values contained in the data set. NAME or MPI
1419 | may be NULL. */
1420 | gcry_error_t gcry_ac_data_get_index (gcry_ac_data_t data, unsigned int flags,
1421 | unsigned int idx,
1422 | const char **name, gcry_mpi_t *mpi);
1423 |
1424 | /* Convert the data set DATA into a new S-Expression, which is to be
1425 | stored in SEXP, according to the identifiers contained in
1426 | IDENTIFIERS. */
1427 | gcry_error_t gcry_ac_data_to_sexp (gcry_ac_data_t data, gcry_sexp_t *sexp,
1428 | const char **identifiers);
1429 |
1430 | /* Create a new data set, which is to be stored in DATA_SET, from the
1431 | S-Expression SEXP, according to the identifiers contained in
1432 | IDENTIFIERS. */
1433 | gcry_error_t gcry_ac_data_from_sexp (gcry_ac_data_t *data, gcry_sexp_t sexp,
1434 | const char **identifiers);
1435 |
1436 | /* Initialize AC_IO according to MODE, TYPE and the variable list of
1437 | arguments. The list of variable arguments to specify depends on
1438 | the given TYPE. */
1439 | void gcry_ac_io_init (gcry_ac_io_t *ac_io, gcry_ac_io_mode_t mode,
1440 | gcry_ac_io_type_t type, ...);
1441 |
1442 | /* Initialize AC_IO according to MODE, TYPE and the variable list of
1443 | arguments AP. The list of variable arguments to specify depends on
1444 | the given TYPE. */
1445 | void gcry_ac_io_init_va (gcry_ac_io_t *ac_io, gcry_ac_io_mode_t mode,
1446 | gcry_ac_io_type_t type, va_list ap);
1447 |
1448 | /* Create a new ac handle. */
1449 | gcry_error_t gcry_ac_open (gcry_ac_handle_t *handle,
1450 | gcry_ac_id_t algorithm, unsigned int flags);
1451 |
1452 | /* Destroy an ac handle. */
1453 | void gcry_ac_close (gcry_ac_handle_t handle);
1454 |
1455 | /* Initialize a key from a given data set. */
1456 | gcry_error_t gcry_ac_key_init (gcry_ac_key_t *key, gcry_ac_handle_t handle,
1457 | gcry_ac_key_type_t type, gcry_ac_data_t data);
1458 |
1459 | /* Generates a new key pair via the handle HANDLE of NBITS bits and
1460 | stores it in KEY_PAIR. In case non-standard settings are wanted, a
1461 | pointer to a structure of type gcry_ac_key_spec__t,
1462 | matching the selected algorithm, can be given as KEY_SPEC.
1463 | MISC_DATA is not used yet. */
1464 | gcry_error_t gcry_ac_key_pair_generate (gcry_ac_handle_t handle,
1465 | unsigned int nbits, void *spec,
1466 | gcry_ac_key_pair_t *key_pair,
1467 | gcry_mpi_t **misc_data);
1468 |
1469 | /* Returns the key of type WHICH out of the key pair KEY_PAIR. */
1470 | gcry_ac_key_t gcry_ac_key_pair_extract (gcry_ac_key_pair_t key_pair,
1471 | gcry_ac_key_type_t which);
1472 |
1473 | /* Returns the data set contained in the key KEY. */
1474 | gcry_ac_data_t gcry_ac_key_data_get (gcry_ac_key_t key);
1475 |
1476 | /* Verifies that the key KEY is sane via HANDLE. */
1477 | gcry_error_t gcry_ac_key_test (gcry_ac_handle_t handle, gcry_ac_key_t key);
1478 |
1479 | /* Stores the number of bits of the key KEY in NBITS via HANDLE. */
1480 | gcry_error_t gcry_ac_key_get_nbits (gcry_ac_handle_t handle,
1481 | gcry_ac_key_t key, unsigned int *nbits);
1482 |
1483 | /* Writes the 20 byte long key grip of the key KEY to KEY_GRIP via
1484 | HANDLE. */
1485 | gcry_error_t gcry_ac_key_get_grip (gcry_ac_handle_t handle, gcry_ac_key_t key,
1486 | unsigned char *key_grip);
1487 |
1488 | /* Destroy a key. */
1489 | void gcry_ac_key_destroy (gcry_ac_key_t key);
1490 |
1491 | /* Destroy a key pair. */
1492 | void gcry_ac_key_pair_destroy (gcry_ac_key_pair_t key_pair);
1493 |
1494 | /* Encodes a message according to the encoding method METHOD. OPTIONS
1495 | must be a pointer to a method-specific structure
1496 | (gcry_ac_em*_t). */
1497 | gcry_error_t gcry_ac_data_encode (gcry_ac_em_t method,
1498 | unsigned int flags, void *options,
1499 | gcry_ac_io_t *io_read,
1500 | gcry_ac_io_t *io_write);
1501 |
1502 | /* Decodes a message according to the encoding method METHOD. OPTIONS
1503 | must be a pointer to a method-specific structure
1504 | (gcry_ac_em*_t). */
1505 | gcry_error_t gcry_ac_data_decode (gcry_ac_em_t method,
1506 | unsigned int flags, void *options,
1507 | gcry_ac_io_t *io_read,
1508 | gcry_ac_io_t *io_write);
1509 |
1510 | /* Encrypt the plain text MPI value DATA_PLAIN with the key KEY under
1511 | the control of the flags FLAGS and store the resulting data set
1512 | into DATA_ENCRYPTED. */
1513 | gcry_error_t gcry_ac_data_encrypt (gcry_ac_handle_t handle,
1514 | unsigned int flags,
1515 | gcry_ac_key_t key,
1516 | gcry_mpi_t data_plain,
1517 | gcry_ac_data_t *data_encrypted);
1518 |
1519 | /* Decrypt the decrypted data contained in the data set DATA_ENCRYPTED
1520 | with the key KEY under the control of the flags FLAGS and store the
1521 | resulting plain text MPI value in DATA_PLAIN. */
1522 | gcry_error_t gcry_ac_data_decrypt (gcry_ac_handle_t handle,
1523 | unsigned int flags,
1524 | gcry_ac_key_t key,
1525 | gcry_mpi_t *data_plain,
1526 | gcry_ac_data_t data_encrypted);
1527 |
1528 | /* Sign the data contained in DATA with the key KEY and store the
1529 | resulting signature in the data set DATA_SIGNATURE. */
1530 | gcry_error_t gcry_ac_data_sign (gcry_ac_handle_t handle,
1531 | gcry_ac_key_t key,
1532 | gcry_mpi_t data,
1533 | gcry_ac_data_t *data_signature);
1534 |
1535 | /* Verify that the signature contained in the data set DATA_SIGNATURE
1536 | is indeed the result of signing the data contained in DATA with the
1537 | secret key belonging to the public key KEY. */
1538 | gcry_error_t gcry_ac_data_verify (gcry_ac_handle_t handle,
1539 | gcry_ac_key_t key,
1540 | gcry_mpi_t data,
1541 | gcry_ac_data_t data_signature);
1542 |
1543 | /* Encrypts the plain text readable from IO_MESSAGE through HANDLE
1544 | with the public key KEY according to SCHEME, FLAGS and OPTS. If
1545 | OPTS is not NULL, it has to be a pointer to a structure specific to
1546 | the chosen scheme (gcry_ac_es_*_t). The encrypted message is
1547 | written to IO_CIPHER. */
1548 | gcry_error_t gcry_ac_data_encrypt_scheme (gcry_ac_handle_t handle,
1549 | gcry_ac_scheme_t scheme,
1550 | unsigned int flags, void *opts,
1551 | gcry_ac_key_t key,
1552 | gcry_ac_io_t *io_message,
1553 | gcry_ac_io_t *io_cipher);
1554 |
1555 | /* Decrypts the cipher text readable from IO_CIPHER through HANDLE
1556 | with the secret key KEY according to SCHEME, @var{flags} and OPTS.
1557 | If OPTS is not NULL, it has to be a pointer to a structure specific
1558 | to the chosen scheme (gcry_ac_es_*_t). The decrypted message is
1559 | written to IO_MESSAGE. */
1560 | gcry_error_t gcry_ac_data_decrypt_scheme (gcry_ac_handle_t handle,
1561 | gcry_ac_scheme_t scheme,
1562 | unsigned int flags, void *opts,
1563 | gcry_ac_key_t key,
1564 | gcry_ac_io_t *io_cipher,
1565 | gcry_ac_io_t *io_message);
1566 |
1567 | /* Signs the message readable from IO_MESSAGE through HANDLE with the
1568 | secret key KEY according to SCHEME, FLAGS and OPTS. If OPTS is not
1569 | NULL, it has to be a pointer to a structure specific to the chosen
1570 | scheme (gcry_ac_ssa_*_t). The signature is written to
1571 | IO_SIGNATURE. */
1572 | gcry_error_t gcry_ac_data_sign_scheme (gcry_ac_handle_t handle,
1573 | gcry_ac_scheme_t scheme,
1574 | unsigned int flags, void *opts,
1575 | gcry_ac_key_t key,
1576 | gcry_ac_io_t *io_message,
1577 | gcry_ac_io_t *io_signature);
1578 |
1579 | /* Verifies through HANDLE that the signature readable from
1580 | IO_SIGNATURE is indeed the result of signing the message readable
1581 | from IO_MESSAGE with the secret key belonging to the public key KEY
1582 | according to SCHEME and OPTS. If OPTS is not NULL, it has to be an
1583 | anonymous structure (gcry_ac_ssa_*_t) specific to the chosen
1584 | scheme. */
1585 | gcry_error_t gcry_ac_data_verify_scheme (gcry_ac_handle_t handle,
1586 | gcry_ac_scheme_t scheme,
1587 | unsigned int flags, void *opts,
1588 | gcry_ac_key_t key,
1589 | gcry_ac_io_t *io_message,
1590 | gcry_ac_io_t *io_signature);
1591 |
1592 | /* Store the textual representation of the algorithm whose id is given
1593 | in ALGORITHM in NAME. This function is deprecated; use
1594 | gcry_pk_algo_name. */
1595 | #ifndef GCRYPT_NO_DEPRECATED
1596 | gcry_error_t gcry_ac_id_to_name (gcry_ac_id_t algorithm,
1597 | const char **name)
1598 | /* */ _GCRY_GCC_ATTR_DEPRECATED;
1599 | /* Store the numeric ID of the algorithm whose textual representation
1600 | is contained in NAME in ALGORITHM. This function is deprecated;
1601 | use gcry_pk_map_name. */
1602 | gcry_error_t gcry_ac_name_to_id (const char *name,
1603 | gcry_ac_id_t *algorithm)
1604 | /* */ _GCRY_GCC_ATTR_DEPRECATED;
1605 | #endif
1606 |
1607 |
1608 | /************************************
1609 | * *
1610 | * Random Generating Functions *
1611 | * *
1612 | ************************************/
1613 |
1614 | /* The possible values for the random quality. The rule of thumb is
1615 | to use STRONG for session keys and VERY_STRONG for key material.
1616 | WEAK is usually an alias for STRONG and should not be used anymore
1617 | (except with gcry_mpi_randomize); use gcry_create_nonce instead. */
1618 | typedef enum gcry_random_level
1619 | {
1620 | GCRY_WEAK_RANDOM = 0,
1621 | GCRY_STRONG_RANDOM = 1,
1622 | GCRY_VERY_STRONG_RANDOM = 2
1623 | }
1624 | gcry_random_level_t;
1625 |
1626 | /* Fill BUFFER with LENGTH bytes of random, using random numbers of
1627 | quality LEVEL. */
1628 | void gcry_randomize (void *buffer, size_t length,
1629 | enum gcry_random_level level);
1630 |
1631 | /* Add the external random from BUFFER with LENGTH bytes into the
1632 | pool. QUALITY should either be -1 for unknown or in the range of 0
1633 | to 100 */
1634 | gcry_error_t gcry_random_add_bytes (const void *buffer, size_t length,
1635 | int quality);
1636 |
1637 | /* If random numbers are used in an application, this macro should be
1638 | called from time to time so that new stuff gets added to the
1639 | internal pool of the RNG. */
1640 | #define gcry_fast_random_poll() gcry_control (GCRYCTL_FAST_POLL, NULL)
1641 |
1642 |
1643 | /* Return NBYTES of allocated random using a random numbers of quality
1644 | LEVEL. */
1645 | void *gcry_random_bytes (size_t nbytes, enum gcry_random_level level)
1646 | _GCRY_GCC_ATTR_MALLOC;
1647 |
1648 | /* Return NBYTES of allocated random using a random numbers of quality
1649 | LEVEL. The random numbers are created returned in "secure"
1650 | memory. */
1651 | void *gcry_random_bytes_secure (size_t nbytes, enum gcry_random_level level)
1652 | _GCRY_GCC_ATTR_MALLOC;
1653 |
1654 |
1655 | /* Set the big integer W to a random value of NBITS using a random
1656 | generator with quality LEVEL. Note that by using a level of
1657 | GCRY_WEAK_RANDOM gcry_create_nonce is used internally. */
1658 | void gcry_mpi_randomize (gcry_mpi_t w,
1659 | unsigned int nbits, enum gcry_random_level level);
1660 |
1661 |
1662 | /* Create an unpredicable nonce of LENGTH bytes in BUFFER. */
1663 | void gcry_create_nonce (void *buffer, size_t length);
1664 |
1665 |
1666 |
1667 |
1668 |
1669 | /*******************************/
1670 | /* */
1671 | /* Prime Number Functions */
1672 | /* */
1673 | /*******************************/
1674 |
1675 | /* Mode values passed to a gcry_prime_check_func_t. */
1676 | #define GCRY_PRIME_CHECK_AT_FINISH 0
1677 | #define GCRY_PRIME_CHECK_AT_GOT_PRIME 1
1678 | #define GCRY_PRIME_CHECK_AT_MAYBE_PRIME 2
1679 |
1680 | /* The function should return 1 if the operation shall continue, 0 to
1681 | reject the prime candidate. */
1682 | typedef int (*gcry_prime_check_func_t) (void *arg, int mode,
1683 | gcry_mpi_t candidate);
1684 |
1685 | /* Flags for gcry_prime_generate(): */
1686 |
1687 | /* Allocate prime numbers and factors in secure memory. */
1688 | #define GCRY_PRIME_FLAG_SECRET (1 << 0)
1689 |
1690 | /* Make sure that at least one prime factor is of size
1691 | `FACTOR_BITS'. */
1692 | #define GCRY_PRIME_FLAG_SPECIAL_FACTOR (1 << 1)
1693 |
1694 | /* Generate a new prime number of PRIME_BITS bits and store it in
1695 | PRIME. If FACTOR_BITS is non-zero, one of the prime factors of
1696 | (prime - 1) / 2 must be FACTOR_BITS bits long. If FACTORS is
1697 | non-zero, allocate a new, NULL-terminated array holding the prime
1698 | factors and store it in FACTORS. FLAGS might be used to influence
1699 | the prime number generation process. */
1700 | gcry_error_t gcry_prime_generate (gcry_mpi_t *prime,
1701 | unsigned int prime_bits,
1702 | unsigned int factor_bits,
1703 | gcry_mpi_t **factors,
1704 | gcry_prime_check_func_t cb_func,
1705 | void *cb_arg,
1706 | gcry_random_level_t random_level,
1707 | unsigned int flags);
1708 |
1709 | /* Find a generator for PRIME where the factorization of (prime-1) is
1710 | in the NULL terminated array FACTORS. Return the generator as a
1711 | newly allocated MPI in R_G. If START_G is not NULL, use this as
1712 | teh start for the search. */
1713 | gcry_error_t gcry_prime_group_generator (gcry_mpi_t *r_g,
1714 | gcry_mpi_t prime,
1715 | gcry_mpi_t *factors,
1716 | gcry_mpi_t start_g);
1717 |
1718 |
1719 | /* Convenience function to release the FACTORS array. */
1720 | void gcry_prime_release_factors (gcry_mpi_t *factors);
1721 |
1722 |
1723 | /* Check wether the number X is prime. */
1724 | gcry_error_t gcry_prime_check (gcry_mpi_t x, unsigned int flags);
1725 |
1726 |
1727 |
1728 | /************************************
1729 | * *
1730 | * Miscellaneous Stuff *
1731 | * *
1732 | ************************************/
1733 |
1734 | /* Log levels used by the internal logging facility. */
1735 | enum gcry_log_levels
1736 | {
1737 | GCRY_LOG_CONT = 0, /* (Continue the last log line.) */
1738 | GCRY_LOG_INFO = 10,
1739 | GCRY_LOG_WARN = 20,
1740 | GCRY_LOG_ERROR = 30,
1741 | GCRY_LOG_FATAL = 40,
1742 | GCRY_LOG_BUG = 50,
1743 | GCRY_LOG_DEBUG = 100
1744 | };
1745 |
1746 | /* Type for progress handlers. */
1747 | typedef void (*gcry_handler_progress_t) (void *, const char *, int, int, int);
1748 |
1749 | /* Type for memory allocation handlers. */
1750 | typedef void *(*gcry_handler_alloc_t) (size_t n);
1751 |
1752 | /* Type for secure memory check handlers. */
1753 | typedef int (*gcry_handler_secure_check_t) (const void *);
1754 |
1755 | /* Type for memory reallocation handlers. */
1756 | typedef void *(*gcry_handler_realloc_t) (void *p, size_t n);
1757 |
1758 | /* Type for memory free handlers. */
1759 | typedef void (*gcry_handler_free_t) (void *);
1760 |
1761 | /* Type for out-of-memory handlers. */
1762 | typedef int (*gcry_handler_no_mem_t) (void *, size_t, unsigned int);
1763 |
1764 | /* Type for fatal error handlers. */
1765 | typedef void (*gcry_handler_error_t) (void *, int, const char *);
1766 |
1767 | /* Type for logging handlers. */
1768 | typedef void (*gcry_handler_log_t) (void *, int, const char *, va_list);
1769 |
1770 | /* Certain operations can provide progress information. This function
1771 | is used to register a handler for retrieving these information. */
1772 | void gcry_set_progress_handler (gcry_handler_progress_t cb, void *cb_data);
1773 |
1774 |
1775 | /* Register a custom memory allocation functions. */
1776 | void gcry_set_allocation_handler (
1777 | gcry_handler_alloc_t func_alloc,
1778 | gcry_handler_alloc_t func_alloc_secure,
1779 | gcry_handler_secure_check_t func_secure_check,
1780 | gcry_handler_realloc_t func_realloc,
1781 | gcry_handler_free_t func_free);
1782 |
1783 | /* Register a function used instead of the internal out of memory
1784 | handler. */
1785 | void gcry_set_outofcore_handler (gcry_handler_no_mem_t h, void *opaque);
1786 |
1787 | /* Register a function used instead of the internal fatal error
1788 | handler. */
1789 | void gcry_set_fatalerror_handler (gcry_handler_error_t fnc, void *opaque);
1790 |
1791 | /* Register a function used instead of the internal logging
1792 | facility. */
1793 | void gcry_set_log_handler (gcry_handler_log_t f, void *opaque);
1794 |
1795 | /* Reserved for future use. */
1796 | void gcry_set_gettext_handler (const char *(*f)(const char*));
1797 |
1798 | /* Libgcrypt uses its own memory allocation. It is important to use
1799 | gcry_free () to release memory allocated by libgcrypt. */
1800 | void *gcry_malloc (size_t n) _GCRY_GCC_ATTR_MALLOC;
1801 | void *gcry_calloc (size_t n, size_t m) _GCRY_GCC_ATTR_MALLOC;
1802 | void *gcry_malloc_secure (size_t n) _GCRY_GCC_ATTR_MALLOC;
1803 | void *gcry_calloc_secure (size_t n, size_t m) _GCRY_GCC_ATTR_MALLOC;
1804 | void *gcry_realloc (void *a, size_t n);
1805 | char *gcry_strdup (const char *string) _GCRY_GCC_ATTR_MALLOC;
1806 | void *gcry_xmalloc (size_t n) _GCRY_GCC_ATTR_MALLOC;
1807 | void *gcry_xcalloc (size_t n, size_t m) _GCRY_GCC_ATTR_MALLOC;
1808 | void *gcry_xmalloc_secure (size_t n) _GCRY_GCC_ATTR_MALLOC;
1809 | void *gcry_xcalloc_secure (size_t n, size_t m) _GCRY_GCC_ATTR_MALLOC;
1810 | void *gcry_xrealloc (void *a, size_t n);
1811 | char *gcry_xstrdup (const char * a) _GCRY_GCC_ATTR_MALLOC;
1812 | void gcry_free (void *a);
1813 |
1814 | /* Return true if A is allocated in "secure" memory. */
1815 | int gcry_is_secure (const void *a) _GCRY_GCC_ATTR_PURE;
1816 |
1817 | /* Return true if Libgcrypt is in FIPS mode. */
1818 | #define gcry_fips_mode_active() !!gcry_control (GCRYCTL_FIPS_MODE_P, 0)
1819 |
1820 |
1821 | /* Include support for Libgcrypt modules. */
1822 | #include
1823 |
1824 | #if 0 /* (Keep Emacsens' auto-indent happy.) */
1825 | {
1826 | #endif
1827 | #ifdef __cplusplus
1828 | }
1829 | #endif
1830 | #endif /* _GCRYPT_H */
--------------------------------------------------------------------------------