From: mdw Date: Sat, 17 Jun 2000 10:56:00 +0000 (+0000) Subject: New key size interface. X-Git-Url: https://git.distorted.org.uk/u/mdw/catacomb/commitdiff_plain/b7e9df9cae301938fde97061ef73a3ea37a6ad40 New key size interface. --- diff --git a/gcipher.h b/gcipher.h index 4831913..b8c34bf 100644 --- a/gcipher.h +++ b/gcipher.h @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: gcipher.h,v 1.1 1999/12/10 23:16:01 mdw Exp $ + * $Id: gcipher.h,v 1.2 2000/06/17 10:56:00 mdw Exp $ * * Generic symmetric cipher interface * @@ -30,6 +30,9 @@ /*----- Revision history --------------------------------------------------* * * $Log: gcipher.h,v $ + * Revision 1.2 2000/06/17 10:56:00 mdw + * New key size interface. + * * Revision 1.1 1999/12/10 23:16:01 mdw * Generic interface. * @@ -46,20 +49,16 @@ #include -/*----- Generic symmetric cipher interface --------------------------------*/ +#include -typedef struct gccipher_base { - const char *name; /* Cipher name */ - size_t keysz; /* Preferred key size in bytes */ - size_t blksz; /* Block size or zero if none */ -} gccipher_base; +/*----- Generic symmetric cipher interface --------------------------------*/ typedef struct gcipher { const struct gcipher_ops *ops; /* Pointer to cipher operations */ } gcipher; typedef struct gcipher_ops { - const struct gccipher_base *b; /* Pointer to basic information */ + const struct gccipher *c; /* Pointer to cipher class */ void (*encrypt)(gcipher */*c*/, const void */*s*/, void */*t*/, size_t /*sz*/); void (*decrypt)(gcipher */*c*/, const void */*s*/, @@ -70,10 +69,57 @@ typedef struct gcipher_ops { } gcipher_ops; typedef struct gccipher { - gccipher_base b; + const char *name; /* Cipher name */ + const octet *keysz; /* Preferred key size table */ + size_t blksz; /* Block size or zero if none */ gcipher *(*init)(const void */*k*/, size_t /*sz*/); } gccipher; +/*----- Key size management -----------------------------------------------*/ + +/* --- Key size type constants --- * + * + * A key size limitation is an array of bytes. The first byte describes the + * kind of limitation on the key size %$k$%; the rest are argument bytes + * %$a_i$%, for %$i \ge 0$%. In all cases, %$a_0$% is the `recommended' key + * size. + * + * * @KSZ_ANY@ means there is no restriction. + * + * * @KSZ_RANGE@ requires that %$k \ge a_1$%, %$k \equiv 0 \pmod{a_3}$%, + * and, if %$a_2 \ne 0$%, %$k \le a_2$%. + * + * * @KSZ_SET@ requires that %$k \in {\,a_i\,}$%. + */ + +enum { + KSZ_ANY, /* Allows any key at all */ + KSZ_RANGE, /* Allows keys within a range */ + KSZ_SET /* Allows specific sizes of keys */ +}; + +/* --- @keysz@ --- * + * + * Arguments: @size_t sz@ = a proposed key size, or zero + * @const octet *ksz@ = pointer to key size table + * + * Returns: See below. + * + * Use: Returns a sensible key size. If @sz@ is nonzero, it is + * interpreted as an amount (in bytes) of key material which the + * caller has available, and the return value is either the + * largest allowable key size less than or equal to the caller's + * size, or zero if there is no valid key length small enough. + * If @sz@ is zero, the function returns a `recommended' key + * size. + */ + +extern size_t keysz(size_t /*sz*/, const octet */*ksz*/); + +#define KSZ_CHECK(pre, sz) (keysz((sz), pre##_keysz) == (sz)) +#define KSZ_ASSERT(pre, sz) \ + assert(((void)"Bad key size for " #pre, KSZ_CHECK(pre, sz))) + /*----- That's all, folks -------------------------------------------------*/ #ifdef __cplusplus