#include <stdarg.h>
#include <string.h>
+#include <gpg-error.h>
+
+/* This is required for error code compatibility. */
+#define _GCRY_ERR_SOURCE_DEFAULT GPG_ERR_SOURCE_GCRYPT
+
#ifdef __cplusplus
extern "C" {
-#if 0 /* keep Emacsens's auto-indent happy */
+#if 0 /* keep Emacsens' auto-indent happy */
}
#endif
#endif
autoconf (using the AM_PATH_GCRYPT macro) check that this header
matches the installed library. Note: Do not edit the next line as
configure may fix the string here. */
-#define GCRYPT_VERSION "1.1.13-cvs"
+#define GCRYPT_VERSION "1.1.44"
/* Internal: We can't use the convenience macros for the multi
precision integer functions when building this library. */
#ifdef _GCRYPT_IN_LIBGCRYPT
-# ifndef GCRYPT_NO_MPI_MACROS
-# define GCRYPT_NO_MPI_MACROS 1
-# endif
+#ifndef GCRYPT_NO_MPI_MACROS
+#define GCRYPT_NO_MPI_MACROS 1
+#endif
#endif
/* We want to use gcc attributes when possible. Warning: Don't use
- these macros in your progranms: As indicated by the leading
+ these macros in your programs: As indicated by the leading
underscore they are subject to change without notice. */
-#if __GNUC__ > 2 || (__GNUC__ == 2 && __GNUC_MINOR__ >= 96 )
-# define _GCRY_GCC_ATTR_PURE __attribute__ ((__pure__))
-#else
-# define _GCRY_GCC_ATTR_PURE
+#ifdef __GNUC__
+
+#define _GCRY_GCC_VERSION (__GNUC__ * 10000 \
+ + __GNUC_MINOR__ * 100 \
+ + __GNUC_PATCHLEVEL__)
+
+#if _GCRY_GCC_VERSION >= 30100
+#define _GCRY_GCC_ATTR_DEPRECATED __attribute__ ((__deprecated__))
#endif
-#if __GNUC__ > 3 || (__GNUC__ == 3 && __GNUC_MINOR__ >= 2 )
-# define _GCRY_GCC_ATTR_MALLOC __attribute__ ((__malloc__))
-#else
-# define _GCRY_GCC_ATTR_MALLOC
+
+#if _GCRY_GCC_VERSION >= 29600
+#define _GCRY_GCC_ATTR_PURE __attribute__ ((__pure__))
#endif
+#if _GCRY_GCC_VERSION >= 300200
+#define _GCRY_GCC_ATTR_MALLOC __attribute__ ((__malloc__))
+#endif
-/* The data object used to hold a multi precision integer. GcryMPI is
- the preferred one. */
-struct gcry_mpi;
-typedef struct gcry_mpi *GCRY_MPI;
-typedef struct gcry_mpi *GcryMPI;
+#endif
-\f
-/* Error handling etc. */
+#ifndef _GCRY_GCC_ATTR_DEPRECATED
+#define _GCRY_GCC_ATTR_DEPRECATED
+#endif
+#ifndef _GCRY_GCC_ATTR_PURE
+#define _GCRY_GCC_ATTR_PURE
+#endif
+#ifndef _GCRY_GCC_ATTR_MALLOC
+#define _GCRY_GCC_ATTR_MALLOC
+#endif
-/* The error numbers used by Libgcrypt. */
-/* FIXME: We should use the same values as they were used in GnuPG
- 1.0. gpg --status-fd may print some of these values. */
-enum
- {
- GCRYERR_SUCCESS = 0, /* "no error" (this is guaranteed to be 0) */
- GCRYERR_GENERAL = 1, /* catch all the other errors code */
-
- GCRYERR_INV_PK_ALGO = 4, /* invalid public key algorithm */
- GCRYERR_INV_MD_ALGO = 5, /* invalid message digest algorithm */
- GCRYERR_BAD_PUBLIC_KEY = 6, /* Bad public key */
- GCRYERR_BAD_SECRET_KEY = 7, /* Bad secret key */
- GCRYERR_BAD_SIGNATURE = 8, /* Bad signature */
-
- GCRYERR_INV_CIPHER_ALGO = 12, /* invalid cipher algorithm */
- GCRYERR_BAD_MPI = 30, /* problem with an MPI's value*/
- GCRYERR_WRONG_PK_ALGO = 41, /* wrong public key algorithm */
- GCRYERR_WEAK_KEY = 43, /* weak encryption key */
- GCRYERR_INV_KEYLEN = 44, /* invalid length of a key*/
- GCRYERR_INV_ARG = 45, /* invalid argument */
- GCRYERR_SELFTEST = 50, /* selftest failed */
-
- /* error codes not used in GnuPG 1.0 */
- GCRYERR_INV_OP = 61, /* invalid operation code or ctl command */
- GCRYERR_NO_MEM = 62, /* out of core */
- GCRYERR_INTERNAL = 63, /* internal error */
- GCRYERR_EOF = 64, /* (-1) is remapped to this value */
- GCRYERR_INV_OBJ = 65, /* an object is not valid */
- GCRYERR_TOO_SHORT = 66, /* provided buffer/object too short */
- GCRYERR_TOO_LARGE = 67, /* object is too large */
- GCRYERR_NO_OBJ = 68, /* Missing item in an object */
- GCRYERR_NOT_IMPL = 69, /* Not implemented */
- GCRYERR_CONFLICT = 70, /* conflicting use of functions/values */
- GCRYERR_INV_CIPHER_MODE = 71, /* invalid/unsupported cipher mode */
- GCRYERR_INV_FLAG = 72, /* invalid flag */
-
- /* error codes pertaining to S-expressions */
- GCRYERR_SEXP_INV_LEN_SPEC = 201,
- GCRYERR_SEXP_STRING_TOO_LONG = 202,
- GCRYERR_SEXP_UNMATCHED_PAREN = 203,
- GCRYERR_SEXP_NOT_CANONICAL = 204,
- GCRYERR_SEXP_BAD_CHARACTER = 205,
- GCRYERR_SEXP_BAD_QUOTATION = 206,/* or invalid hex or octal value */
- GCRYERR_SEXP_ZERO_PREFIX = 207,/* first character of a length is 0 */
- GCRYERR_SEXP_NESTED_DH = 208,/* nested display hints */
- GCRYERR_SEXP_UNMATCHED_DH = 209,/* unmatched display hint */
- GCRYERR_SEXP_UNEXPECTED_PUNC = 210,/* unexpected reserved punctuation */
- GCRYERR_SEXP_BAD_HEX_CHAR = 211,
- GCRYERR_SEXP_ODD_HEX_NUMBERS = 212,
- GCRYERR_SEXP_BAD_OCT_CHAR = 213
- };
+/* Wrappers for the libgpg-error library. */
-/* Check that the library fulfills the version requirement. */
-const char *gcry_check_version (const char *req_version);
+typedef gpg_error_t gcry_error_t;
+typedef gpg_err_code_t gcry_err_code_t;
+typedef gpg_err_source_t gcry_err_source_t;
-/* Return the error number for the last failed function call. */
-int gcry_errno(void) _GCRY_GCC_ATTR_PURE;
+static GPG_ERR_INLINE gcry_error_t
+gcry_err_make (gcry_err_source_t source, gcry_err_code_t code)
+{
+ return gpg_err_make (source, code);
+}
-/* Map an error number to a string. */
-const char *gcry_strerror (int ec);
+/* The user can define GPG_ERR_SOURCE_DEFAULT before including this
+ file to specify a default source for gpg_error. */
+#ifndef GCRY_ERR_SOURCE_DEFAULT
+#define GCRY_ERR_SOURCE_DEFAULT GPG_ERR_SOURCE_USER_1
+#endif
-/* Codes for function dispatchers. */
+static GPG_ERR_INLINE gcry_error_t
+gcry_error (gcry_err_code_t code)
+{
+ return gcry_err_make (GCRY_ERR_SOURCE_DEFAULT, code);
+}
-/* Codes for use with gcry_control. These commands influence certain
- general functionality of libgcrypt. */
-enum gcry_global_control_cmds
- {
- GCRYCTL_ENABLE_M_GUARD,
- GCRYCTL_ENABLE_QUICK_RANDOM,
- GCRYCTL_DUMP_RANDOM_STATS,
- GCRYCTL_DUMP_MEMORY_STATS,
- GCRYCTL_DUMP_SECMEM_STATS,
- GCRYCTL_DROP_PRIVS,
- GCRYCTL_DISABLE_SECMEM,
- GCRYCTL_INIT_SECMEM,
- GCRYCTL_TERM_SECMEM,
- GCRYCTL_DISABLE_SECMEM_WARN,
- GCRYCTL_SUSPEND_SECMEM_WARN,
- GCRYCTL_RESUME_SECMEM_WARN,
- GCRYCTL_USE_SECURE_RNDPOOL,
- GCRYCTL_SET_VERBOSITY,
- GCRYCTL_SET_DEBUG_FLAGS,
- GCRYCTL_CLEAR_DEBUG_FLAGS,
- GCRYCTL_DISABLE_INTERNAL_LOCKING,
- GCRYCTL_INITIALIZATION_FINISHED,
- GCRYCTL_INITIALIZATION_FINISHED_P,
- GCRYCTL_ANY_INITIALIZATION_P,
- };
+static GPG_ERR_INLINE gcry_err_code_t
+gcry_err_code (gcry_error_t err)
+{
+ return gpg_err_code (err);
+}
-/* Codes for use with gcry_cipher_ctl, gcry_md_ctl and
- gcry_pk_ctl. */
-enum gcry_control_cmds
- {
- GCRYCTL_SET_KEY,
- GCRYCTL_SET_IV,
- GCRYCTL_RESET,
- GCRYCTL_CFB_SYNC,
- GCRYCTL_SET_CBC_CTS,
- GCRYCTL_SET_CBC_MAC,
- GCRYCTL_ENABLE_ALGO, /* Not implemented. */
- GCRYCTL_DISABLE_ALGO,
- GCRYCTL_FINALIZE,
- GCRYCTL_START_DUMP,
- GCRYCTL_STOP_DUMP,
- GCRYCTL_SET_CTR
- };
-/* Codes for use with gcry_cipher_info and gcry_md_info. */
-enum gcry_info_cmds
- {
- GCRYCTL_IS_SECURE,
- GCRYCTL_IS_ALGO_ENABLED,
- };
+static GPG_ERR_INLINE gcry_err_source_t
+gcry_err_source (gcry_error_t err)
+{
+ return gpg_err_source (err);
+}
+
+/* Return a pointer to a string containing a description of the error
+ code in the error value ERR. */
+const char * gcry_strerror (gcry_error_t err);
+
+/* Return a pointer to a string containing a description of the error
+ source in the error value ERR. */
+const char *gcry_strsource (gcry_error_t err);
+
+/* Retrieve the error code for the system error ERR. This returns
+ GPG_ERR_UNKNOWN_ERRNO if the system error is not mapped (report
+ this). */
+gcry_err_code_t gcry_err_code_from_errno (int err);
+
+/* Retrieve the system error for the error code CODE. This returns 0
+ if CODE is not a system error code. */
+int gcry_err_code_to_errno (gcry_err_code_t code);
+
+/* Return an error value with the error source SOURCE and the system
+ error ERR. */
+gcry_error_t gcry_err_make_from_errno (gcry_err_source_t source, int err);
+
+/* Return an error value with the system error ERR. */
+gcry_err_code_t gcry_error_from_errno (int err);
+
+/* The data object used to hold a multi precision integer. */
+struct gcry_mpi;
+typedef struct gcry_mpi *gcry_mpi_t;
+
+typedef struct gcry_mpi *GCRY_MPI _GCRY_GCC_ATTR_DEPRECATED;
+typedef struct gcry_mpi *GcryMPI _GCRY_GCC_ATTR_DEPRECATED;
-/* Codes for use with gcry_cipher_algo_info, gcry_cipher_md_info and
- gcry_cipher_pk_info. */
-enum gcry_algo_info_cmds
+\f
+
+/* Check that the library fulfills the version requirement. */
+const char *gcry_check_version (const char *req_version);
+
+/* Codes for function dispatchers. */
+
+/* Codes used with the gcry_control function. */
+enum gcry_ctl_cmds
{
- GCRYCTL_GET_KEYLEN,
- GCRYCTL_GET_BLKLEN,
- GCRYCTL_TEST_ALGO,
- GCRYCTL_GET_ASNOID,
- GCRYCTL_GET_ALGO_USAGE,
- GCRYCTL_GET_ALGO_NPKEY,
- GCRYCTL_GET_ALGO_NSKEY,
- GCRYCTL_GET_ALGO_NSIGN,
- GCRYCTL_GET_ALGO_NENCR,
+ GCRYCTL_SET_KEY = 1,
+ GCRYCTL_SET_IV = 2,
+ GCRYCTL_CFB_SYNC = 3,
+ GCRYCTL_RESET = 4, /* e.g. for MDs */
+ GCRYCTL_FINALIZE = 5,
+ GCRYCTL_GET_KEYLEN = 6,
+ GCRYCTL_GET_BLKLEN = 7,
+ GCRYCTL_TEST_ALGO = 8,
+ GCRYCTL_IS_SECURE = 9,
+ GCRYCTL_GET_ASNOID = 10,
+ GCRYCTL_ENABLE_ALGO = 11,
+ GCRYCTL_DISABLE_ALGO = 12,
+ GCRYCTL_DUMP_RANDOM_STATS = 13,
+ GCRYCTL_DUMP_SECMEM_STATS = 14,
+ GCRYCTL_GET_ALGO_NPKEY = 15,
+ GCRYCTL_GET_ALGO_NSKEY = 16,
+ GCRYCTL_GET_ALGO_NSIGN = 17,
+ GCRYCTL_GET_ALGO_NENCR = 18,
+ GCRYCTL_SET_VERBOSITY = 19,
+ GCRYCTL_SET_DEBUG_FLAGS = 20,
+ GCRYCTL_CLEAR_DEBUG_FLAGS = 21,
+ GCRYCTL_USE_SECURE_RNDPOOL= 22,
+ GCRYCTL_DUMP_MEMORY_STATS = 23,
+ GCRYCTL_INIT_SECMEM = 24,
+ GCRYCTL_TERM_SECMEM = 25,
+ GCRYCTL_DISABLE_SECMEM_WARN = 27,
+ GCRYCTL_SUSPEND_SECMEM_WARN = 28,
+ GCRYCTL_RESUME_SECMEM_WARN = 29,
+ GCRYCTL_DROP_PRIVS = 30,
+ GCRYCTL_ENABLE_M_GUARD = 31,
+ GCRYCTL_START_DUMP = 32,
+ GCRYCTL_STOP_DUMP = 33,
+ GCRYCTL_GET_ALGO_USAGE = 34,
+ GCRYCTL_IS_ALGO_ENABLED = 35,
+ GCRYCTL_DISABLE_INTERNAL_LOCKING = 36,
+ GCRYCTL_DISABLE_SECMEM = 37,
+ GCRYCTL_INITIALIZATION_FINISHED = 38,
+ GCRYCTL_INITIALIZATION_FINISHED_P = 39,
+ GCRYCTL_ANY_INITIALIZATION_P = 40,
+ GCRYCTL_SET_CBC_CTS = 41,
+ GCRYCTL_SET_CBC_MAC = 42,
+ GCRYCTL_SET_CTR = 43,
+ GCRYCTL_ENABLE_QUICK_RANDOM = 44,
+ GCRYCTL_SET_RANDOM_SEED_FILE = 45,
+ GCRYCTL_UPDATE_RANDOM_SEED_FILE = 46
};
/* Perform various operations defined by CMD. */
-int gcry_control (enum gcry_global_control_cmds CMD, ...);
-
+gcry_error_t gcry_control (enum gcry_ctl_cmds CMD, ...);
\f
/* S-expression management. */
/* The object to represent an S-expression as used with the public key
- functions. GcrySexp is the preferred form. */
+ functions. */
struct gcry_sexp;
-typedef struct gcry_sexp *GCRY_SEXP;
-typedef struct gcry_sexp *GcrySexp;
+typedef struct gcry_sexp *gcry_sexp_t;
+
+typedef struct gcry_sexp *GCRY_SEXP _GCRY_GCC_ATTR_DEPRECATED;
+typedef struct gcry_sexp *GcrySexp _GCRY_GCC_ATTR_DEPRECATED;
/* The possible values for the S-expression format. */
-enum gcry_sexp_format {
+enum gcry_sexp_format
+ {
GCRYSEXP_FMT_DEFAULT = 0,
GCRYSEXP_FMT_CANON = 1,
GCRYSEXP_FMT_BASE64 = 2,
GCRYSEXP_FMT_ADVANCED = 3
-};
+ };
/* Create an new S-expression object from BUFFER of size LENGTH and
return it in RETSEXP. With AUTODETECT set to 0 the data in BUFFER
- is expected to be in canonized format */
-int gcry_sexp_new (GcrySexp *retsexp, const void *buffer, size_t length,
- int autodetect);
+ is expected to be in canonized format. */
+gcry_error_t gcry_sexp_new (gcry_sexp_t *retsexp, const void *buffer, size_t length,
+ int autodetect);
-/* Same as gcry_sexp_new but allows to pass a FREEFNC which has the
- effect to transfer ownership of BUFFER to the created object. */
-int gcry_sexp_create (GcrySexp *retsexp, void *buffer, size_t length,
- int autodetect, void (*freefnc)(void*) );
+ /* Same as gcry_sexp_new but allows to pass a FREEFNC which has the
+ effect to transfer ownership of BUFFER to the created object. */
+gcry_error_t gcry_sexp_create (gcry_sexp_t *retsexp, void *buffer, size_t length,
+ int autodetect, void (*freefnc) (void *));
/* Scan BUFFER and return a new S-expression object in RETSEXP. This
- function expects a printf like string in BUFFER. */
-int gcry_sexp_sscan (GcrySexp *retsexp, size_t *erroff,
- const char *buffer, size_t length );
+ function expects a printf like string in BUFFER. */
+gcry_error_t gcry_sexp_sscan (gcry_sexp_t *retsexp, size_t *erroff,
+ const char *buffer, size_t length);
/* Same as gcry_sexp_sscan but expects a string in FORMAT and can thus
- only be used for certain encodings. */
-int gcry_sexp_build (GcrySexp *retsexp, size_t *erroff,
- const char *format, ... );
+ only be used for certain encodings. */
+gcry_error_t gcry_sexp_build (gcry_sexp_t *retsexp, size_t *erroff,
+ const char *format, ...);
+
+/* Like gcry_sexp_build, but uses an array instead of variable
+ function arguments. */
+gcry_error_t gcry_sexp_build_array (gcry_sexp_t *retsexp, size_t *erroff,
+ const char *format, void **arg_list);
/* Release the S-expression object SEXP */
-void gcry_sexp_release (GcrySexp sexp);
+void gcry_sexp_release (gcry_sexp_t sexp);
/* Calculate the length of an canonized S-expresion in BUFFER and
check for a valid encoding. */
size_t gcry_sexp_canon_len (const unsigned char *buffer, size_t length,
- size_t *erroff, int *errcode);
+ size_t *erroff, gcry_error_t *errcode);
/* Copies the S-expression object SEXP into BUFFER using the format
- specified in MODE. */
-size_t gcry_sexp_sprint (GCRY_SEXP sexp, int mode, char *buffer,
- size_t maxlength );
-
-void gcry_sexp_dump( const GCRY_SEXP a );
-GCRY_SEXP gcry_sexp_cons( const GCRY_SEXP a, const GCRY_SEXP b );
-GCRY_SEXP gcry_sexp_alist( const GCRY_SEXP *array );
-GCRY_SEXP gcry_sexp_vlist( const GCRY_SEXP a, ... );
-GCRY_SEXP gcry_sexp_append( const GCRY_SEXP a, const GCRY_SEXP n );
-GCRY_SEXP gcry_sexp_prepend( const GCRY_SEXP a, const GCRY_SEXP n );
-GCRY_SEXP gcry_sexp_find_token( GCRY_SEXP list,
- const char *tok, size_t toklen );
-int gcry_sexp_length( const GCRY_SEXP list );
-GCRY_SEXP gcry_sexp_nth( const GCRY_SEXP list, int number );
-GCRY_SEXP gcry_sexp_car( const GCRY_SEXP list );
-GCRY_SEXP gcry_sexp_cdr( const GCRY_SEXP list );
-GCRY_SEXP gcry_sexp_cadr( const GCRY_SEXP list );
-const char *gcry_sexp_nth_data( const GCRY_SEXP list, int number,
- size_t *datalen );
-GCRY_MPI gcry_sexp_nth_mpi( GCRY_SEXP list, int number, int mpifmt );
+ specified in MODE. */
+size_t gcry_sexp_sprint (gcry_sexp_t sexp, int mode, char *buffer,
+ size_t maxlength);
+
+/* Dumps the S-expression object A in a aformat suitable for debugging
+ to Libgcrypt's logging stream. */
+void gcry_sexp_dump (const gcry_sexp_t a);
+
+gcry_sexp_t gcry_sexp_cons (const gcry_sexp_t a, const gcry_sexp_t b);
+gcry_sexp_t gcry_sexp_alist (const gcry_sexp_t *array);
+gcry_sexp_t gcry_sexp_vlist (const gcry_sexp_t a, ...);
+gcry_sexp_t gcry_sexp_append (const gcry_sexp_t a, const gcry_sexp_t n);
+gcry_sexp_t gcry_sexp_prepend (const gcry_sexp_t a, const gcry_sexp_t n);
+
+/* Scan the S-expression for a sublist with a type (the car of the
+ list) matching the string TOKEN. If TOKLEN is not 0, the token is
+ assumed to be raw memory of this length. The function returns a
+ newly allocated S-expression consisting of the found sublist or
+ `NULL' when not found. */
+gcry_sexp_t gcry_sexp_find_token (gcry_sexp_t list,
+ const char *tok, size_t toklen);
+/* Return the length of the LIST. For a valid S-expression this
+ should be at least 1. */
+int gcry_sexp_length (const gcry_sexp_t list);
+
+/* Create and return a new S-expression from the element with index
+ NUMBER in LIST. Note that the first element has the index 0. If
+ there is no such element, `NULL' is returned. */
+gcry_sexp_t gcry_sexp_nth (const gcry_sexp_t list, int number);
+
+/* Create and return a new S-expression from the first element in
+ LIST; this called the "type" and should always exist and be a
+ string. `NULL' is returned in case of a problem. */
+gcry_sexp_t gcry_sexp_car (const gcry_sexp_t list);
+
+/* Create and return a new list form all elements except for the first
+ one. Note, that this function may return an invalid S-expression
+ because it is not guaranteed, that the type exists and is a string.
+ However, for parsing a complex S-expression it might be useful for
+ intermediate lists. Returns `NULL' on error. */
+gcry_sexp_t gcry_sexp_cdr (const gcry_sexp_t list);
+
+gcry_sexp_t gcry_sexp_cadr (const gcry_sexp_t list);
+
+
+/* This function is used to get data from a LIST. A pointer to the
+ actual data with index NUMBER is returned and the length of this
+ data will be stored to DATALEN. If there is no data at the given
+ index or the index represents another list, `NULL' is returned.
+ *Note:* The returned pointer is valid as long as LIST is not
+ modified or released. */
+const char *gcry_sexp_nth_data (const gcry_sexp_t list, int number,
+ size_t *datalen);
+
+/* This function is used to get and convert data from a LIST. This
+ data is assumed to be an MPI stored in the format described by
+ MPIFMT and returned as a standard Libgcrypt MPI. The caller must
+ release this returned value using `gcry_mpi_release'. If there is
+ no data at the given index, the index represents a list or the
+ value can't be converted to an MPI, `NULL' is returned. */
+gcry_mpi_t gcry_sexp_nth_mpi (gcry_sexp_t list, int number, int mpifmt);
\f
/* Allocate a new big integer object, initialize it with 0 and
initially allocate memory for a number of at least NBITS. */
-GcryMPI gcry_mpi_new (unsigned int nbits);
+gcry_mpi_t gcry_mpi_new (unsigned int nbits);
/* Same as gcry_mpi_new() but allocate in "secure" memory. */
-GcryMPI gcry_mpi_snew (unsigned int nbits);
+gcry_mpi_t gcry_mpi_snew (unsigned int nbits);
/* Release the number A and free all associated resources. */
-void gcry_mpi_release (GcryMPI a);
+void gcry_mpi_release (gcry_mpi_t a);
/* Create a new number with the same value as A. */
-GcryMPI gcry_mpi_copy (const GcryMPI a);
+gcry_mpi_t gcry_mpi_copy (const gcry_mpi_t a);
/* Store the big integer value U in W. */
-GcryMPI gcry_mpi_set (GcryMPI w, const GcryMPI u);
+gcry_mpi_t gcry_mpi_set (gcry_mpi_t w, const gcry_mpi_t u);
/* Store the unsigned integer value U in W. */
-GcryMPI gcry_mpi_set_ui (GcryMPI w, unsigned long u);
+gcry_mpi_t gcry_mpi_set_ui (gcry_mpi_t w, unsigned long u);
/* Swap the values of A and B. */
-void gcry_mpi_swap (GcryMPI a, GcryMPI b);
+void gcry_mpi_swap (gcry_mpi_t a, gcry_mpi_t b);
/* Compare the big integer number U and V returning 0 for equality, a
positive value for U > V and a negative for U < V. */
-int gcry_mpi_cmp (const GcryMPI u, const GcryMPI v);
+int gcry_mpi_cmp (const gcry_mpi_t u, const gcry_mpi_t v);
/* Compare the big integer number U with the unsigned integer V
returning 0 for equality, a positive value for U > V and a negative
for U < V. */
-int gcry_mpi_cmp_ui (const GcryMPI u, unsigned long v);
+int gcry_mpi_cmp_ui (const gcry_mpi_t u, unsigned long v);
/* Convert the external representation of an integer stored in BUFFER
- with a size of (*NBYTES) in a newly create MPI returned in RET_MPI.
- For certain formats a length is not required and may be passed as
- NULL. After a successful operation NBYTES received the number of
- bytes actually scanned. */
-int gcry_mpi_scan (GcryMPI *ret_mpi, enum gcry_mpi_format format,
- const char *buffer, size_t *nbytes);
+ with a length of BUFLEN into a newly create MPI returned in
+ RET_MPI. If NSCANNED is not NULL, it will receive the number of
+ bytes actually scanned after a successful operation. */
+gcry_error_t gcry_mpi_scan (gcry_mpi_t *ret_mpi, enum gcry_mpi_format format,
+ const unsigned char *buffer, size_t buflen,
+ size_t *nscanned);
/* Convert the big integer A into the external representation
described by FORMAT and store it in the provided BUFFER which has
- the size (*NBYTES). NBYTES receives the actual length of the
- external representation. */
-int gcry_mpi_print (enum gcry_mpi_format format,
- char *buffer, size_t *nbytes, const GcryMPI a);
-
-/* Convert the big integer A int the external representation desribed
+ been allocated by the user with a size of BUFLEN bytes. NWRITTEN
+ receives the actual length of the external representation unless it
+ has been passed as NULL. */
+gcry_error_t gcry_mpi_print (enum gcry_mpi_format format,
+ unsigned char *buffer, size_t buflen,
+ size_t *nwritten,
+ const gcry_mpi_t a);
+
+/* Convert the big integer A int the external representation described
by FORMAT and store it in a newly allocated buffer which address
- will be put into BUFFER. NBYTES receives the actual lengths of the
+ will be put into BUFFER. NWRITTEN receives the actual lengths of the
external representation. */
-int gcry_mpi_aprint (enum gcry_mpi_format format,
- void **buffer, size_t *nbytes, const GcryMPI a);
+gcry_error_t gcry_mpi_aprint (enum gcry_mpi_format format,
+ unsigned char **buffer, size_t *nwritten,
+ const gcry_mpi_t a);
+
+/* Dump the value of A in a format suitable for debugging to
+ Libgcrypt's logging stream. Note that one leading space but no
+ trailing space or linefeed will be printed. It is okay to pass
+ NULL for A. */
+void gcry_mpi_dump (const gcry_mpi_t a);
+
/* W = U + V. */
-void gcry_mpi_add (GcryMPI w, GcryMPI u, GcryMPI v);
+void gcry_mpi_add (gcry_mpi_t w, gcry_mpi_t u, gcry_mpi_t v);
/* W = U + V. V is an unsigned integer. */
-void gcry_mpi_add_ui (GcryMPI w, GcryMPI u, unsigned long v);
+void gcry_mpi_add_ui (gcry_mpi_t w, gcry_mpi_t u, unsigned long v);
/* W = U + V mod M. */
-void gcry_mpi_addm (GcryMPI w, GcryMPI u, GcryMPI v, GcryMPI m);
+void gcry_mpi_addm (gcry_mpi_t w, gcry_mpi_t u, gcry_mpi_t v, gcry_mpi_t m);
/* W = U - V. */
-void gcry_mpi_sub (GcryMPI w, GcryMPI u, GcryMPI v);
+void gcry_mpi_sub (gcry_mpi_t w, gcry_mpi_t u, gcry_mpi_t v);
/* W = U - V. V is an unsigned integer. */
-void gcry_mpi_sub_ui (GcryMPI w, GcryMPI u, unsigned long v );
+void gcry_mpi_sub_ui (gcry_mpi_t w, gcry_mpi_t u, unsigned long v );
/* W = U - V mod M */
-void gcry_mpi_subm (GcryMPI w, GcryMPI u, GcryMPI v, GcryMPI m);
+void gcry_mpi_subm (gcry_mpi_t w, gcry_mpi_t u, gcry_mpi_t v, gcry_mpi_t m);
/* W = U * V. */
-void gcry_mpi_mul (GcryMPI w, GcryMPI u, GcryMPI v);
+void gcry_mpi_mul (gcry_mpi_t w, gcry_mpi_t u, gcry_mpi_t v);
/* W = U * V. V is an unsigned integer. */
-void gcry_mpi_mul_ui (GcryMPI w, GcryMPI u, unsigned long v );
+void gcry_mpi_mul_ui (gcry_mpi_t w, gcry_mpi_t u, unsigned long v );
/* W = U * V mod M. */
-void gcry_mpi_mulm (GcryMPI w, GcryMPI u, GcryMPI v, GcryMPI m);
+void gcry_mpi_mulm (gcry_mpi_t w, gcry_mpi_t u, gcry_mpi_t v, gcry_mpi_t m);
/* W = U * (2 ^ CNT). */
-void gcry_mpi_mul_2exp (GcryMPI w, GcryMPI u, unsigned long cnt);
+void gcry_mpi_mul_2exp (gcry_mpi_t w, gcry_mpi_t u, unsigned long cnt);
/* Q = DIVIDEND / DIVISOR, R = DIVIDEND % DIVISOR,
Q or R may be passed as NULL. ROUND should be negative or 0. */
-void gcry_mpi_div (GcryMPI q, GcryMPI r,
- GcryMPI dividend, GcryMPI divisor, int round);
+void gcry_mpi_div (gcry_mpi_t q, gcry_mpi_t r,
+ gcry_mpi_t dividend, gcry_mpi_t divisor, int round);
/* R = DIVIDEND % DIVISOR */
-void gcry_mpi_mod (GcryMPI r, GcryMPI dividend, GcryMPI divisor);
+void gcry_mpi_mod (gcry_mpi_t r, gcry_mpi_t dividend, gcry_mpi_t divisor);
/* W = B ^ E mod M. */
-void gcry_mpi_powm (GcryMPI w,
- const GcryMPI b, const GcryMPI e, const GcryMPI m);
+void gcry_mpi_powm (gcry_mpi_t w,
+ const gcry_mpi_t b, const gcry_mpi_t e, const gcry_mpi_t m);
/* Set G to the greatest common divisor of A and B.
Return true if the G is 1. */
-int gcry_mpi_gcd (GcryMPI g, GcryMPI a, GcryMPI b);
+int gcry_mpi_gcd (gcry_mpi_t g, gcry_mpi_t a, gcry_mpi_t b);
/* Set X to the multiplicative inverse of A mod M.
Return true if the value exists. */
-int gcry_mpi_invm (GcryMPI x, GcryMPI a, GcryMPI m);
+int gcry_mpi_invm (gcry_mpi_t x, gcry_mpi_t a, gcry_mpi_t m);
/* Return the number of bits required to represent A. */
-unsigned int gcry_mpi_get_nbits (GcryMPI a);
+unsigned int gcry_mpi_get_nbits (gcry_mpi_t a);
/* Return true when bit number N (counting from 0) is set in A. */
-int gcry_mpi_test_bit (GcryMPI a, unsigned int n);
+int gcry_mpi_test_bit (gcry_mpi_t a, unsigned int n);
/* Set bit number N in A. */
-void gcry_mpi_set_bit (GcryMPI a, unsigned int n);
+void gcry_mpi_set_bit (gcry_mpi_t a, unsigned int n);
/* Clear bit number N in A. */
-void gcry_mpi_clear_bit (GcryMPI a, unsigned int n);
+void gcry_mpi_clear_bit (gcry_mpi_t a, unsigned int n);
/* Set bit number N in A and clear all bits greater than N. */
-void gcry_mpi_set_highbit (GcryMPI a, unsigned int n);
+void gcry_mpi_set_highbit (gcry_mpi_t a, unsigned int n);
/* Clear bit number N in A and all bits greater than N. */
-void gcry_mpi_clear_highbit (GcryMPI a, unsigned int n);
+void gcry_mpi_clear_highbit (gcry_mpi_t a, unsigned int n);
/* Shift the value of A by N bits to the right and store the result in X. */
-void gcry_mpi_rshift (GcryMPI x, GcryMPI a, unsigned int n);
+void gcry_mpi_rshift (gcry_mpi_t x, gcry_mpi_t a, unsigned int n);
/* Store NBITS of the value P points to in A and mark A as an opaque
- value. */
-GcryMPI gcry_mpi_set_opaque (GcryMPI a, void *p, unsigned int nbits);
+ value. WARNING: Never use an opaque MPI for anything thing else then
+ gcry_mpi_release, gcry_mpi_get_opaque. */
+gcry_mpi_t gcry_mpi_set_opaque (gcry_mpi_t a, void *p, unsigned int nbits);
/* Return a pointer to an opaque value stored in A and return its size
in NBITS. Note that the returned pointer is still owned by A and
that the function should never be used for an non-opaque MPI. */
-void *gcry_mpi_get_opaque (GcryMPI a, unsigned int *nbits);
+void *gcry_mpi_get_opaque (gcry_mpi_t a, unsigned int *nbits);
/* Set the FLAG for the big integer A. Currently only the flag
GCRYMPI_FLAG_SECURE is allowed to convert A into an big intger
stored in "secure" memory. */
-void gcry_mpi_set_flag (GcryMPI a, enum gcry_mpi_flag flag);
+void gcry_mpi_set_flag (gcry_mpi_t a, enum gcry_mpi_flag flag);
/* Clear FLAG for the big integer A. Note that this function is
currently useless as no flags are allowed. */
-void gcry_mpi_clear_flag (GcryMPI a, enum gcry_mpi_flag flag);
+void gcry_mpi_clear_flag (gcry_mpi_t a, enum gcry_mpi_flag flag);
/* Return true when the FLAG is set for A. */
-int gcry_mpi_get_flag (GcryMPI a, enum gcry_mpi_flag flag);
+int gcry_mpi_get_flag (gcry_mpi_t a, enum gcry_mpi_flag flag);
/* Unless the GCRYPT_NO_MPI_MACROS is used, provide a couple of
convenience macors for the big integer functions. */
#ifndef GCRYPT_NO_MPI_MACROS
#define mpi_new(n) gcry_mpi_new( (n) )
#define mpi_secure_new( n ) gcry_mpi_snew( (n) )
-#define mpi_release( a ) do { gcry_mpi_release( (a) ); \
- (a) = NULL; } while(0)
+#define mpi_release(a) \
+ do \
+ { \
+ gcry_mpi_release ((a)); \
+ (a) = NULL; \
+ } \
+ while (0)
+
#define mpi_copy( a ) gcry_mpi_copy( (a) )
#define mpi_set( w, u) gcry_mpi_set( (w), (u) )
#define mpi_set_ui( w, u) gcry_mpi_set_ui( (w), (u) )
* *
************************************/
-/* The data object used to hold a handle to an encryption object.
- GcryCipherHd is the preferred one. */
+/* The data object used to hold a handle to an encryption object. */
struct gcry_cipher_handle;
-typedef struct gcry_cipher_handle *GCRY_CIPHER_HD;
-typedef struct gcry_cipher_handle *GcryCipherHd;
+typedef struct gcry_cipher_handle *gcry_cipher_hd_t;
-/* Forward declaration. */
-typedef struct gcry_module GcryModule;
+typedef struct gcry_cipher_handle *GCRY_CIPHER_HD _GCRY_GCC_ATTR_DEPRECATED;
+typedef struct gcry_cipher_handle *GcryCipherHd _GCRY_GCC_ATTR_DEPRECATED;
/* All symmetric encryption algorithms are identified by their IDs.
More IDs may be registered at runtime. */
GCRY_CIPHER_AES192 = 8,
GCRY_CIPHER_AES256 = 9,
GCRY_CIPHER_TWOFISH = 10,
+
/* other cipher numbers are above 300 for OpenPGP reasons. */
GCRY_CIPHER_ARCFOUR = 301, /* fully compatible with RSA's RC4 (tm). */
- GCRY_CIPHER_DES = 302 /* Yes, this is single key 56 bit DES. */
+ GCRY_CIPHER_DES = 302, /* Yes, this is single key 56 bit DES. */
+ GCRY_CIPHER_TWOFISH128 = 303,
+ GCRY_CIPHER_SERPENT128 = 304,
+ GCRY_CIPHER_SERPENT192 = 305,
+ GCRY_CIPHER_SERPENT256 = 306,
+
};
/* The Rijndael algorithm is basically AES, so provide some macros. */
/* Create a handle for algorithm ALGO to be used in MODE. FLAGS may
be given as an bitwise OR of the gcry_cipher_flags values. */
-GcryCipherHd gcry_cipher_open (int algo, int mode, unsigned int flags);
+gcry_error_t gcry_cipher_open (gcry_cipher_hd_t *handle,
+ int algo, int mode, unsigned int flags);
/* Close the cioher handle H and release all resource. */
-void gcry_cipher_close (GcryCipherHd h);
+void gcry_cipher_close (gcry_cipher_hd_t h);
/* Perform various operations on the cipher object H. */
-int gcry_cipher_ctl( GcryCipherHd h, int cmd, void *buffer, size_t buflen);
+gcry_error_t gcry_cipher_ctl (gcry_cipher_hd_t h, int cmd, void *buffer,
+ size_t buflen);
/* Retrieve various information about the cipher object H. */
-int gcry_cipher_info( GcryCipherHd h, int what, void *buffer, size_t *nbytes);
+gcry_error_t gcry_cipher_info (gcry_cipher_hd_t h, int what, void *buffer,
+ size_t *nbytes);
/* Retrieve various information about the cipher algorithm ALGO. */
-int gcry_cipher_algo_info (int algo, int what, void *buffer, size_t *nbytes);
+gcry_error_t gcry_cipher_algo_info (int algo, int what, void *buffer,
+ size_t *nbytes);
/* Map the cipher algorithm id ALGO to a string representation of that
algorithm name. For unknown algorithms this functions returns an
int gcry_cipher_map_name (const char *name) _GCRY_GCC_ATTR_PURE;
/* Given an ASN.1 object identifier in standard IETF dotted decimal
- format in STING, return the encryption mode associated with that
+ format in STRING, return the encryption mode associated with that
OID or 0 if not known or applicable. */
int gcry_cipher_mode_from_oid (const char *string) _GCRY_GCC_ATTR_PURE;
/* Encrypt the plaintext of size INLEN in IN using the cipher handle H
into the buffer OUT which has an allocated length of OUTSIZE. For
most algorithms it is possible to pass NULL for in and 0 for INLEN
- and do a in-place decryption of the data provided in OUT. */
-int gcry_cipher_encrypt (GcryCipherHd h,
- unsigned char *out, size_t outsize,
- const unsigned char *in, size_t inlen);
+ and do a in-place decryption of the data provided in OUT. */
+gcry_error_t gcry_cipher_encrypt (gcry_cipher_hd_t h,
+ unsigned char *out, size_t outsize,
+ const unsigned char *in, size_t inlen);
-/* The counterpart to gcry_cipher_encrypt. */
-int gcry_cipher_decrypt (GcryCipherHd h,
- unsigned char *out, size_t outsize,
- const unsigned char *in, size_t inlen);
+/* The counterpart to gcry_cipher_encrypt. */
+gcry_error_t gcry_cipher_decrypt (gcry_cipher_hd_t h,
+ unsigned char *out, size_t outsize,
+ const unsigned char *in, size_t inlen);
/* Set key K of length L for the cipher handle H. (We have to cast
away a const char* here - this catch-all ctl function was probably
(char*)(k), (l) )
/* Retrieved the key length used with algorithm A. */
-#define gcry_cipher_get_algo_keylen(a) \
- gcry_cipher_algo_info( (a), GCRYCTL_GET_KEYLEN, NULL, NULL )
+size_t gcry_cipher_get_algo_keylen (int algo);
/* Retrieve the block length used with algorithm A. */
-#define gcry_cipher_get_algo_blklen(a) \
- gcry_cipher_algo_info( (a), GCRYCTL_GET_BLKLEN, NULL, NULL )
+size_t gcry_cipher_get_algo_blklen (int algo);
/* Return 0 if the algorithm A is available for use. */
#define gcry_cipher_test_algo(a) \
gcry_cipher_algo_info( (a), GCRYCTL_TEST_ALGO, NULL, NULL )
+/* Get a list consisting of the IDs of the loaded cipher modules. If
+ LIST is zero, write the number of loaded cipher modules to
+ LIST_LENGTH and return. If LIST is non-zero, the first
+ *LIST_LENGTH algorithm IDs are stored in LIST, which must be of
+ according size. In case there are less cipher modules than
+ *LIST_LENGTH, *LIST_LENGTH is updated to the correct number. */
+gcry_error_t gcry_cipher_list (int *list, int *list_length);
\f
/************************************
/* Encrypt the DATA using the public key PKEY and store the result as
a newly created S-expression at RESULT. */
-int gcry_pk_encrypt (GcrySexp *result, GcrySexp data, GcrySexp pkey);
+gcry_error_t gcry_pk_encrypt (gcry_sexp_t *result, gcry_sexp_t data, gcry_sexp_t pkey);
/* Decrypt the DATA using the private key SKEY and store the result as
a newly created S-expression at RESULT. */
-int gcry_pk_decrypt (GcrySexp *result, GcrySexp data, GcrySexp skey);
+gcry_error_t gcry_pk_decrypt (gcry_sexp_t *result, gcry_sexp_t data, gcry_sexp_t skey);
/* Sign the DATA using the private key SKEY and store the result as
a newly created S-expression at RESULT. */
-int gcry_pk_sign (GcrySexp *result, GcrySexp data, GcrySexp skey);
+gcry_error_t gcry_pk_sign (gcry_sexp_t *result, gcry_sexp_t data, gcry_sexp_t skey);
/* Check the signature SIGVAL on DATA using the public key PKEY. */
-int gcry_pk_verify (GcrySexp sigval, GcrySexp data, GcrySexp pkey);
+gcry_error_t gcry_pk_verify (gcry_sexp_t sigval, gcry_sexp_t data, gcry_sexp_t pkey);
-/* Check that KEY (either private or public) is sane. */
-int gcry_pk_testkey (GcrySexp key);
+/* Check that private KEY is sane. */
+gcry_error_t gcry_pk_testkey (gcry_sexp_t key);
/* Generate a new key pair according to the parameters given in
S_PARMS. The new key pair is returned in as an S-expression in
R_KEY. */
-int gcry_pk_genkey (GcrySexp *r_key, GcrySexp s_parms);
+gcry_error_t gcry_pk_genkey (gcry_sexp_t *r_key, gcry_sexp_t s_parms);
/* Catch all function for miscellaneous operations. */
-int gcry_pk_ctl (int cmd, void *buffer, size_t buflen);
+gcry_error_t gcry_pk_ctl (int cmd, void *buffer, size_t buflen);
/* Retrieve information about the public key algorithm ALGO. */
-int gcry_pk_algo_info (int algo, int what, void *buffer, size_t *nbytes);
+gcry_error_t gcry_pk_algo_info (int algo, int what, void *buffer, size_t *nbytes);
/* Map the public key algorithm id ALGO to a string representation of the
algorithm name. For unknown algorithms this functions returns an
/* Return what is commonly referred as the key length for the given
public or private KEY. */
-unsigned int gcry_pk_get_nbits (GcrySexp key) _GCRY_GCC_ATTR_PURE;
+unsigned int gcry_pk_get_nbits (gcry_sexp_t key) _GCRY_GCC_ATTR_PURE;
/* Please note that keygrip is still experimental and should not be
used without contacting the author. */
-unsigned char *gcry_pk_get_keygrip (GcrySexp key, unsigned char *array);
+unsigned char *gcry_pk_get_keygrip (gcry_sexp_t key, unsigned char *array);
/* Return 0 if the public key algorithm A is available for use. */
#define gcry_pk_test_algo(a) \
gcry_pk_algo_info( (a), GCRYCTL_TEST_ALGO, NULL, NULL )
+/* Get a list consisting of the IDs of the loaded pubkey modules. If
+ LIST is zero, write the number of loaded pubkey modules to
+ LIST_LENGTH and return. If LIST is non-zero, the first
+ *LIST_LENGTH algorithm IDs are stored in LIST, which must be of
+ according size. In case there are less pubkey modules than
+ *LIST_LENGTH, *LIST_LENGTH is updated to the correct number. */
+gcry_error_t gcry_pk_list (int *list, int *list_length);
+
+/* Alternative interface for asymetric cryptography. */
+
+/* The algorithm IDs. */
+typedef enum gcry_ac_id
+ {
+ GCRY_AC_RSA = 1,
+ GCRY_AC_DSA = 17,
+ GCRY_AC_ELG = 20,
+ GCRY_AC_ELG_E = 16,
+ }
+gcry_ac_id_t;
+
+/* Key types. */
+typedef enum gcry_ac_key_type
+ {
+ GCRY_AC_KEY_SECRET,
+ GCRY_AC_KEY_PUBLIC,
+ }
+gcry_ac_key_type_t;
+
+/* Flags for data. */
+#define GCRY_AC_FLAG_DATA_NO_BLINDING 1 << 0
+
+/* This type represents a `data set'. */
+typedef struct gcry_ac_data *gcry_ac_data_t;
+
+/* This type represents a single `key', either a secret one or a
+ public one. */
+typedef struct gcry_ac_key *gcry_ac_key_t;
+
+/* This type represents a `key pair' containing a secret and a public
+ key. */
+typedef struct gcry_ac_key_pair *gcry_ac_key_pair_t;
+
+/* This type represents a `handle' that is needed by functions
+ performing cryptographic operations. */
+typedef struct gcry_ac_handle *gcry_ac_handle_t;
+
+/* The caller of gcry_ac_key_pair_generate can provide one of these
+ structures in order to influence the key generation process in an
+ algorithm-specific way. */
+typedef struct gcry_ac_key_spec_rsa
+{
+ gcry_mpi_t e; /* E to use. */
+} gcry_ac_key_spec_rsa_t;
+
+/* Returns a new, empty data set in DATA. */
+gcry_error_t gcry_ac_data_new (gcry_ac_data_t *data);
+
+/* Destroy the data set DATA. */
+void gcry_ac_data_destroy (gcry_ac_data_t data);
+
+/* Add the value MPI to DATA with the label NAME. If there is already
+ a value with that label, replace it, otherwise add it. */
+gcry_error_t gcry_ac_data_set (gcry_ac_data_t data,
+ const char *name,
+ gcry_mpi_t mpi);
+
+/* Create a copy of the data set DATA and store it in DATA_CP. */
+gcry_error_t gcry_ac_data_copy (gcry_ac_data_t *data_cp,
+ gcry_ac_data_t data);
+
+/* Return the number of named MPI values inside of the data set
+ DATA. */
+unsigned int gcry_ac_data_length (gcry_ac_data_t data);
+
+/* Store the value labelled with NAME found in DATA in MPI or NULL if
+ a value with that label was not found. */
+gcry_error_t gcry_ac_data_get_name (gcry_ac_data_t data, const char *name,
+ gcry_mpi_t *mpi);
+
+/* Return the MPI value with index IDX contained in the data set
+ DATA. */
+gcry_error_t gcry_ac_data_get_index (gcry_ac_data_t data, unsigned int idx,
+ const char **name, gcry_mpi_t *mpi);
+
+/* Destroy any values contained in the data set DATA. */
+void gcry_ac_data_clear (gcry_ac_data_t data);
+
+/* Create a new ac handle. */
+gcry_error_t gcry_ac_open (gcry_ac_handle_t *handle,
+ gcry_ac_id_t algorithm,
+ unsigned int flags);
+
+/* Destroy an ac handle. */
+void gcry_ac_close (gcry_ac_handle_t handle);
+
+/* Initialize a key from a given data set. */
+gcry_error_t gcry_ac_key_init (gcry_ac_key_t *key,
+ gcry_ac_handle_t handle,
+ gcry_ac_key_type_t type,
+ gcry_ac_data_t data);
+
+/* Generate a new key pair. */
+gcry_error_t gcry_ac_key_pair_generate (gcry_ac_handle_t handle,
+ gcry_ac_key_pair_t *key_pair,
+ unsigned int nbits,
+ void *spec);
+
+/* Returns a specified key from a key pair. */
+gcry_ac_key_t gcry_ac_key_pair_extract (gcry_ac_key_pair_t key_pair,
+ gcry_ac_key_type_t which);
+
+/* Returns the data set contained in the key KEY. */
+gcry_ac_data_t gcry_ac_key_data_get (gcry_ac_key_t key);
+
+/* Verify that the key KEY is sane. */
+gcry_error_t gcry_ac_key_test (gcry_ac_key_t key);
+
+/* Return the number of bits of the key KEY in NBITS. */
+gcry_error_t gcry_ac_key_get_nbits (gcry_ac_key_t key,
+ unsigned int *nbits);
+
+/* Write the 20 byte long key grip of the key KEY to KEY_GRIP. */
+gcry_error_t gcry_ac_key_get_grip (gcry_ac_key_t key,
+ unsigned char *key_grip);
+
+/* Destroy a key. */
+void gcry_ac_key_destroy (gcry_ac_key_t key);
+
+/* Destroy a key pair. */
+void gcry_ac_key_pair_destroy (gcry_ac_key_pair_t key_pair);
+
+/* Encrypt the plain text MPI value DATA_PLAIN with the key KEY under
+ the control of the flags FLAGS and store the resulting data set
+ into DATA_ENCRYPTED. */
+gcry_error_t gcry_ac_data_encrypt (gcry_ac_handle_t handle,
+ unsigned int flags,
+ gcry_ac_key_t key,
+ gcry_mpi_t data_plain,
+ gcry_ac_data_t *data_encrypted);
+
+/* Decrypt the decrypted data contained in the data set DATA_ENCRYPTED
+ with the key KEY under the control of the flags FLAGS and store the
+ resulting plain text MPI value in DATA_PLAIN. */
+gcry_error_t gcry_ac_data_decrypt (gcry_ac_handle_t handle,
+ unsigned int flags,
+ gcry_ac_key_t key,
+ gcry_mpi_t *data_plain,
+ gcry_ac_data_t data_encrypted);
+
+/* Sign the data contained in DATA with the key KEY and store the
+ resulting signature in the data set DATA_SIGNATURE. */
+gcry_error_t gcry_ac_data_sign (gcry_ac_handle_t handle,
+ gcry_ac_key_t key,
+ gcry_mpi_t data,
+ gcry_ac_data_t *data_signature);
+
+/* Verify that the signature contained in the data set DATA_SIGNATURE
+ is indeed the result of signing the data contained in DATA with the
+ secret key belonging to the public key KEY. */
+gcry_error_t gcry_ac_data_verify (gcry_ac_handle_t handle,
+ gcry_ac_key_t key,
+ gcry_mpi_t data,
+ gcry_ac_data_t data_signature);
+
+/* Store the textual representation of the algorithm whose id is given
+ in ALGORITHM in NAME. */
+gcry_error_t gcry_ac_id_to_name (gcry_ac_id_t algorithm,
+ const char **name);
+
+/* Store the numeric ID of the algorithm whose textual representation
+ is contained in NAME in ALGORITHM. */
+gcry_error_t gcry_ac_name_to_id (const char *name,
+ gcry_ac_id_t *algorithm);
\f
+
/************************************
* *
* cryptograhic hash functions *
GCRY_MD_CRC24_RFC2440 = 304
};
-/* Flags used with the open function. */
+/* Flags used with the open function. */
enum gcry_md_flags
{
- GCRY_MD_FLAG_SECURE = 1, /* Allocate all buffers in "secure" memory */
- GCRY_MD_FLAG_HMAC = 2 /* Make an HMAC out of this algorithm. */
+ GCRY_MD_FLAG_SECURE = 1, /* Allocate all buffers in "secure"
+ memory. */
+ GCRY_MD_FLAG_HMAC = 2 /* Make an HMAC out of this
+ algorithm. */
};
-
-/* This object is used to hold a handle to an message digest object.
- GcryCipherHd is the preferred type. */
+/* Forward declaration. */
struct gcry_md_context;
-struct gcry_md_handle
- { /* This structure is private - only to be used by the gcry_md_ macros. */
- struct gcry_md_context *ctx;
- int bufpos;
- int bufsize;
- unsigned char buf[1];
- };
-typedef struct gcry_md_handle *GCRY_MD_HD;
-typedef struct gcry_md_handle *GcryMDHd;
+/* This object is used to hold a handle to a message digest object.
+ This structure is private - only to be used by the public gcry_md_*
+ macros. */
+typedef struct gcry_md_handle
+{
+ /* Actual context. */
+ struct gcry_md_context *ctx;
+
+ /* Buffer management. */
+ int bufpos;
+ int bufsize;
+ unsigned char buf[1];
+} *gcry_md_hd_t;
+
+/* Compatibility types, do not use them. */
+typedef struct gcry_md_handle *GCRY_MD_HD _GCRY_GCC_ATTR_DEPRECATED;
+typedef struct gcry_md_handle *GcryMDHd _GCRY_GCC_ATTR_DEPRECATED;
/* Create a message digest object for algorithm ALGO. FLAGS may be
given as an bitwise OR of the gcry_md_flags values. ALGO may be
given as 0 if the algorithms to be used are later set using
- gcry_md_enable. */
-GcryMDHd gcry_md_open (int algo, unsigned int flags);
+ gcry_md_enable. */
+gcry_error_t gcry_md_open (gcry_md_hd_t *h, int algo, unsigned int flags);
-/* Release the message digest object HD. */
-void gcry_md_close (GcryMDHd hd);
+/* Release the message digest object HD. */
+void gcry_md_close (gcry_md_hd_t hd);
-/* Add the message digest algorithm ALGO to the digest object HD. */
-int gcry_md_enable( GcryMDHd hd, int algo );
+/* Add the message digest algorithm ALGO to the digest object HD. */
+gcry_error_t gcry_md_enable (gcry_md_hd_t hd, int algo);
-/* Create a new digest object as an exact copy of the object HD. */
-GcryMDHd gcry_md_copy (GcryMDHd hd);
+/* Create a new digest object as an exact copy of the object HD. */
+gcry_error_t gcry_md_copy (gcry_md_hd_t *bhd, gcry_md_hd_t ahd);
-/* Reset the digest object HD to its initial state. */
-void gcry_md_reset (GcryMDHd hd);
+/* Reset the digest object HD to its initial state. */
+void gcry_md_reset (gcry_md_hd_t hd);
/* Perform various operations on the digets object HD. */
-int gcry_md_ctl (GcryMDHd hd, int cmd, unsigned char *buffer, size_t buflen);
+gcry_error_t gcry_md_ctl (gcry_md_hd_t hd, int cmd, unsigned char *buffer,
+ size_t buflen);
/* Pass LENGTH bytes of data in BUFFER to the digest object HD so that
it can update the digest values. This is the actual hash
function. */
-void gcry_md_write (GcryMDHd hd, const void *buffer, size_t length);
+void gcry_md_write (gcry_md_hd_t hd, const void *buffer, size_t length);
/* Read out the final digest from HD return the digest value for
algorithm ALGO. */
-unsigned char *gcry_md_read (GcryMDHd hd, int algo);
+unsigned char *gcry_md_read (gcry_md_hd_t hd, int algo);
/* Convenience function to calculate the hash from the data in BUFFER
of size LENGTH using the algorithm ALGO avoiding the creating of a
/* Retrieve the algorithm used with HD. This does not work reliable
if more than one algorithm is enabled in HD. */
-int gcry_md_get_algo (GcryMDHd hd);
+int gcry_md_get_algo (gcry_md_hd_t hd);
/* Retrieve the length in bytes of the digest yielded by algorithm
ALGO. */
unsigned int gcry_md_get_algo_dlen (int algo);
-/* Retrieve various information about the object H. */
-int gcry_md_info (GcryMDHd h, int what, void *buffer, size_t *nbytes);
+/* Return true if the the algorithm ALGO is enabled in the digest
+ object A. */
+int gcry_md_is_enabled (gcry_md_hd_t a, int algo);
-/* Retrieve various information about the algorithm ALGO. */
-int gcry_md_algo_info( int algo, int what, void *buffer, size_t *nbytes);
+/* Return true if the digest object A is allocated in "secure" memory. */
+int gcry_md_is_secure (gcry_md_hd_t a);
+
+/* Retrieve various information about the object H. */
+gcry_error_t gcry_md_info (gcry_md_hd_t h, int what, void *buffer,
+ size_t *nbytes);
+
+/* Retrieve various information about the algorithm ALGO. */
+gcry_error_t gcry_md_algo_info (int algo, int what, void *buffer,
+ size_t *nbytes);
/* Map the digest algorithm id ALGO to a string representation of the
algorithm name. For unknown algorithms this functions returns an
/* For use with the HMAC feature, the set MAC key to the KEY of
KEYLEN. */
-int gcry_md_setkey (GcryMDHd hd, const void *key, size_t keylen);
+gcry_error_t gcry_md_setkey (gcry_md_hd_t hd, const void *key, size_t keylen);
/* Update the hash(s) of H with the character C. This is a buffered
version of the gcry_md_write function. */
#define gcry_md_putc(h,c) \
do { \
- GcryMDHd h__ = (h); \
+ gcry_md_hd_t h__ = (h); \
if( (h__)->bufpos == (h__)->bufsize ) \
gcry_md_write( (h__), NULL, 0 ); \
(h__)->buf[(h__)->bufpos++] = (c) & 0xff; \
#define gcry_md_final(a) \
gcry_md_ctl ((a), GCRYCTL_FINALIZE, NULL, 0)
-/* Return true when the digest object is allocated in "secure" memory. */
-#define gcry_md_is_secure(a) \
- gcry_md_info( (a), GCRYCTL_IS_SECURE, NULL, NULL )
-
/* Return 0 if the algorithm A is available for use. */
#define gcry_md_test_algo(a) \
gcry_md_algo_info( (a), GCRYCTL_TEST_ALGO, NULL, NULL )
#define gcry_md_stop_debug(a,b) \
gcry_md_ctl( (a), GCRYCTL_STOP_DUMP, (b), 0 )
+/* Get a list consisting of the IDs of the loaded message digest
+ modules. If LIST is zero, write the number of loaded message
+ digest modules to LIST_LENGTH and return. If LIST is non-zero, the
+ first *LIST_LENGTH algorithm IDs are stored in LIST, which must be
+ of according size. In case there are less message digest modules
+ than *LIST_LENGTH, *LIST_LENGTH is updated to the correct
+ number. */
+gcry_error_t gcry_md_list (int *list, int *list_length);
\f
/************************************
to use WEAK for random number which don't need to be
cryptographically strong, STRONG for session keys and VERY_STRONG
for key material. */
-enum gcry_random_level
+typedef enum gcry_random_level
{
GCRY_WEAK_RANDOM = 0,
GCRY_STRONG_RANDOM = 1,
GCRY_VERY_STRONG_RANDOM = 2
- };
-
+ }
+gcry_random_level_t;
/* Fill BUFFER with LENGTH bytes of random, using random numbers of
quality LEVEL. */
/* Add the external random from BUFFER with LENGTH bytes into the
pool. QUALITY should either be -1 for unknown or in the range of 0
to 100 */
-int gcry_random_add_bytes (const void *buffer, size_t length, int quality);
+gcry_error_t gcry_random_add_bytes (const void *buffer, size_t length,
+ int quality);
/* Return NBYTES of allocated random using a random numbers of quality
LEVEL. */
/* Set the big inetger W to a random value of NBITS using a random
generator with quality LEVEL. */
-void gcry_mpi_randomize (GcryMPI w,
+void gcry_mpi_randomize (gcry_mpi_t w,
unsigned int nbits, enum gcry_random_level level);
+/* Prime interface. */
+
+typedef int (*gcry_prime_check_func_t) (void *arg, int mode,
+ gcry_mpi_t candidate);
+
+/* Flags for gcry_prime_generate(): */
+
+/* Allocate prime numbers and factors in secure memory. */
+#define GCRY_PRIME_FLAG_SECRET (1 << 0)
+
+/* Make sure that at least one prime factor is of size
+ `FACTOR_BITS'. */
+#define GCRY_PRIME_FLAG_SPECIAL_FACTOR (1 << 1)
+
+/* Generate a new prime number of PRIME_BITS bits and store it in
+ PRIME. If FACTOR_BITS is non-zero, one of the prime factors of
+ (prime - 1) / 2 must be FACTOR_BITS bits long. If FACTORS is
+ non-zero, allocate a new, NULL-terminated array holding the prime
+ factors and store it in FACTORS. FLAGS might be used to influence
+ the prime number generation process. */
+gcry_error_t gcry_prime_generate (gcry_mpi_t *prime,
+ unsigned int prime_bits,
+ unsigned int factor_bits,
+ gcry_mpi_t **factors,
+ gcry_prime_check_func_t cb_func,
+ void *cb_arg,
+ gcry_random_level_t random_level,
+ unsigned int flags);
+
+/* Find a generator for PRIME where the factorization of (prime-1) is
+ in the NULL terminated array FACTORS. Return the generator as a
+ newly allocated MPI in R_G. If START_G is not NULL, use this as
+ teh start for the search. */
+gcry_error_t gcry_prime_group_generator (gcry_mpi_t *r_g,
+ gcry_mpi_t prime, gcry_mpi_t *factors,
+ gcry_mpi_t start_g);
+
+
+/* Convenience function to release the FACTORS array. */
+void gcry_prime_release_factors (gcry_mpi_t *factors);
+
+
+/* Check wether the number X is prime. */
+gcry_error_t gcry_prime_check (gcry_mpi_t x, unsigned int flags);
+
\f
/************************************
GCRY_LOG_DEBUG = 100
};
+/* Type for progress handlers. */
+typedef void (*gcry_handler_progress_t) (void *, const char *, int, int, int);
+
+/* Type for memory allocation handlers. */
+typedef void *(*gcry_handler_alloc_t) (size_t n);
+
+/* Type for secure memory check handlers. */
+typedef int (*gcry_handler_secure_check_t) (const void *);
+
+/* Type for memory reallocation handlers. */
+typedef void *(*gcry_handler_realloc_t) (void *p, size_t n);
+
+/* Type for memory free handlers. */
+typedef void (*gcry_handler_free_t) (void *);
+
+/* Type for out-of-memory handlers. */
+typedef int (*gcry_handler_no_mem_t) (void *, size_t, unsigned int);
+
+/* Type for fatal error handlers. */
+typedef void (*gcry_handler_error_t) (void *, int, const char *);
+
+/* Type for logging handlers. */
+typedef void (*gcry_handler_log_t) (void *, int, const char *, va_list);
/* Certain operations can provide progress information. This function
is used to register a handler for retrieving these information. */
-void gcry_set_progress_handler (void (*cb)(void *,const char*,int, int, int),
- void *cb_data);
-
+void gcry_set_progress_handler (gcry_handler_progress_t cb, void *cb_data);
/* Register a custom memory allocation functions. */
-void gcry_set_allocation_handler (void *(*new_alloc_func)(size_t n),
- void *(*new_alloc_secure_func)(size_t n),
- int (*new_is_secure_func)(const void*),
- void *(*new_realloc_func)(void *p, size_t n),
- void (*new_free_func)(void*));
+void gcry_set_allocation_handler (gcry_handler_alloc_t func_alloc,
+ gcry_handler_alloc_t func_alloc_secure,
+ gcry_handler_secure_check_t func_secure_check,
+ gcry_handler_realloc_t func_realloc,
+ gcry_handler_free_t func_free);
/* Register a function used instead of the internal out of memory
handler. */
-void gcry_set_outofcore_handler (int (*h)(void*, size_t, unsigned int),
- void *opaque );
+void gcry_set_outofcore_handler (gcry_handler_no_mem_t h, void *opaque);
/* Register a function used instead of the internal fatal error
handler. */
-void gcry_set_fatalerror_handler (void (*fnc)(void*,int, const char*),
- void *opaque);
+void gcry_set_fatalerror_handler (gcry_handler_error_t fnc, void *opaque);
-/* Reserved for future use. */
-void gcry_set_gettext_handler (const char *(*f)(const char*));
-
-/* Regstier a function used instead of the internal logging
+/* Register a function used instead of the internal logging
facility. */
-void gcry_set_log_handler (void (*f)(void*,int, const char*, va_list),
- void *opaque);
+void gcry_set_log_handler (gcry_handler_log_t f, void *opaque);
+/* Reserved for future use. */
+void gcry_set_gettext_handler (const char *(*f)(const char*));
/* Libgcrypt uses its own memory allocation. It is important to use
gcry_free () to release memory allocated by libgcrypt. */
/* Return true if A is allocated in "secure" memory. */
int gcry_is_secure (const void *a) _GCRY_GCC_ATTR_PURE;
-#ifndef GCRYPT_NO_MPI_MACROS
-# ifndef DID_MPI_TYPEDEF
- typedef struct gcry_mpi *MPI;
-# define DID_MPI_TYPEDEF
-# endif
-#endif /* GCRYPT_NO_MPI_MACROS */
+/* Include support for Libgcrypt modules. */
+#include <gcrypt-module.h>
-typedef struct gcry_pubkey_spec
-{
- const char *name;
- int id;
- int npkey;
- int nskey;
- int nenc;
- int nsig;
- int use;
- int (*generate) (int algo, unsigned int nbits, unsigned long use_e,
- GcryMPI *skey, GcryMPI **retfactors);
- int (*check_secret_key) (int algo, GcryMPI *skey);
- int (*encrypt) (int algo, GcryMPI *resarr, GcryMPI data, GcryMPI *pkey, int flags);
- int (*decrypt) (int algo, GcryMPI *result, GcryMPI *data, GcryMPI *skey, int flags);
- int (*sign) (int algo, GcryMPI *resarr, GcryMPI data, GcryMPI *skey);
- int (*verify) (int algo, GcryMPI hash, GcryMPI *data, GcryMPI *pkey,
- int (*cmp)(void *, GcryMPI), void *opaquev);
- unsigned (*get_nbits) (int algo, GcryMPI *pkey);
-} GcryPubkeySpec;
-
-typedef struct gcry_digest_spec
-{
- const char *name;
- int id;
- unsigned char *asnoid;
- int asnlen;
- int mdlen;
- void (*init) (void *c);
- void (*write) (void *c, unsigned char *buf, size_t nbytes);
- void (*final) (void *c);
- unsigned char *(*read) (void *c);
- size_t contextsize; /* allocate this amount of context */
-} GcryDigestSpec;
-
-typedef struct gcry_cipher_spec
+#if 0 /* keep Emacsens' auto-indent happy */
{
- const char *name;
- int id;
- size_t blocksize;
- size_t keylen;
- size_t contextsize;
- int (*setkey) (void *c, const unsigned char *key, unsigned keylen);
- void (*encrypt) (void *c, unsigned char *outbuf, const unsigned char *inbuf);
- void (*decrypt) (void *c, unsigned char *outbuf, const unsigned char *inbuf);
- void (*stencrypt) (void *c, unsigned char *outbuf, const unsigned char *inbuf,
- unsigned int n);
- void (*stdecrypt) (void *c, unsigned char *outbuf, const unsigned char *inbuf,
- unsigned int n);
-} GcryCipherSpec;
-
-
-/* Public function. Register a provided CIPHER. Returns zero on
- success, in which case the chosen cipher ID has been stored in
- CIPHER, or an error code. */
-int gcry_cipher_register (GcryCipherSpec *cipher, GcryModule **module);
-
-/* Public function. Unregister the cipher identified by ID, which must have been
- registered with gcry_cipher_register. */
-void gcry_cipher_unregister (GcryModule *module);
-
-/* Public function. Register a provided CIPHER. Returns zero on
- success, in which case the chosen cipher ID has been stored in
- CIPHER, or an error code. */
-int gcry_digest_register (GcryDigestSpec *digest, GcryModule **module);
-
-/* Public function. Unregister the digest identified by ID, which must have been
- registered with gcry_digest_register. */
-void gcry_digest_unregister (GcryModule *module);
-
-/* Public function. Register a provided PUBKEY. Returns zero on
- success, in which case the chosen pubkey ID has been stored in
- PUBKEY, or an error code. */
-int gcry_pubkey_register (GcryPubkeySpec *pubkey, GcryModule **module);
-
-/* Public function. Unregister the pubkey identified by ID, which must have been
- registered with gcry_pubkey_register. */
-void gcry_pubkey_unregister (GcryModule *module);
-
-
+#endif
#ifdef __cplusplus
}
#endif
projects / libgcrypt.git / blobdiff