/* -*-c-*-
*
- * $Id: gcipher.h,v 1.1 1999/12/10 23:16:01 mdw Exp $
+ * $Id: gcipher.h,v 1.2 2000/06/17 10:56:00 mdw Exp $
*
* Generic symmetric cipher interface
*
/*----- Revision history --------------------------------------------------*
*
* $Log: gcipher.h,v $
+ * Revision 1.2 2000/06/17 10:56:00 mdw
+ * New key size interface.
+ *
* Revision 1.1 1999/12/10 23:16:01 mdw
* Generic interface.
*
#include <stddef.h>
-/*----- Generic symmetric cipher interface --------------------------------*/
+#include <mLib/bits.h>
-typedef struct gccipher_base {
- const char *name; /* Cipher name */
- size_t keysz; /* Preferred key size in bytes */
- size_t blksz; /* Block size or zero if none */
-} gccipher_base;
+/*----- Generic symmetric cipher interface --------------------------------*/
typedef struct gcipher {
const struct gcipher_ops *ops; /* Pointer to cipher operations */
} gcipher;
typedef struct gcipher_ops {
- const struct gccipher_base *b; /* Pointer to basic information */
+ const struct gccipher *c; /* Pointer to cipher class */
void (*encrypt)(gcipher */*c*/, const void */*s*/,
void */*t*/, size_t /*sz*/);
void (*decrypt)(gcipher */*c*/, const void */*s*/,
} gcipher_ops;
typedef struct gccipher {
- gccipher_base b;
+ const char *name; /* Cipher name */
+ const octet *keysz; /* Preferred key size table */
+ size_t blksz; /* Block size or zero if none */
gcipher *(*init)(const void */*k*/, size_t /*sz*/);
} gccipher;
+/*----- Key size management -----------------------------------------------*/
+
+/* --- Key size type constants --- *
+ *
+ * A key size limitation is an array of bytes. The first byte describes the
+ * kind of limitation on the key size %$k$%; the rest are argument bytes
+ * %$a_i$%, for %$i \ge 0$%. In all cases, %$a_0$% is the `recommended' key
+ * size.
+ *
+ * * @KSZ_ANY@ means there is no restriction.
+ *
+ * * @KSZ_RANGE@ requires that %$k \ge a_1$%, %$k \equiv 0 \pmod{a_3}$%,
+ * and, if %$a_2 \ne 0$%, %$k \le a_2$%.
+ *
+ * * @KSZ_SET@ requires that %$k \in {\,a_i\,}$%.
+ */
+
+enum {
+ KSZ_ANY, /* Allows any key at all */
+ KSZ_RANGE, /* Allows keys within a range */
+ KSZ_SET /* Allows specific sizes of keys */
+};
+
+/* --- @keysz@ --- *
+ *
+ * Arguments: @size_t sz@ = a proposed key size, or zero
+ * @const octet *ksz@ = pointer to key size table
+ *
+ * Returns: See below.
+ *
+ * Use: Returns a sensible key size. If @sz@ is nonzero, it is
+ * interpreted as an amount (in bytes) of key material which the
+ * caller has available, and the return value is either the
+ * largest allowable key size less than or equal to the caller's
+ * size, or zero if there is no valid key length small enough.
+ * If @sz@ is zero, the function returns a `recommended' key
+ * size.
+ */
+
+extern size_t keysz(size_t /*sz*/, const octet */*ksz*/);
+
+#define KSZ_CHECK(pre, sz) (keysz((sz), pre##_keysz) == (sz))
+#define KSZ_ASSERT(pre, sz) \
+ assert(((void)"Bad key size for " #pre, KSZ_CHECK(pre, sz)))
+
/*----- That's all, folks -------------------------------------------------*/
#ifdef __cplusplus