/* -*-c-*-
*
- * $Id: key-data.h,v 1.2 2000/06/17 11:26:18 mdw Exp $
+ * $Id$
*
* Manipulating key data
*
* MA 02111-1307, USA.
*/
-/*----- Revision history --------------------------------------------------*
- *
- * $Log: key-data.h,v $
- * Revision 1.2 2000/06/17 11:26:18 mdw
- * Add the key packing interface.
- *
- * Revision 1.1 2000/02/12 18:21:23 mdw
- * Overhaul of key management (again).
- *
- */
-
#ifndef CATACOMB_KEY_DATA_H
#define CATACOMB_KEY_DATA_H
#include <mLib/dstr.h>
#include <mLib/sym.h>
+#ifndef CATACOMB_KEY_ERROR_H
+# include "key-error.h"
+#endif
+
#ifndef CATACOMB_MP_H
# include "mp.h"
#endif
+#ifndef CATACOMB_EC_H
+# include "ec.h"
+#endif
+
/*----- Data structures ---------------------------------------------------*/
/* --- Key binary data --- */
key_bin k; /* Binary key data */
mp *m; /* Multiprecision integer */
sym_table s; /* Structured key data */
+ char *p; /* String pointer */
+ ec e; /* Elliptic curve point */
} u;
} key_data;
/* --- Bottom two bits are the encoding type --- */
- KF_ENCMASK = 0x03, /* Encoding mask */
+ KF_ENCMASK = 0x83, /* Encoding mask */
KENC_BINARY = 0x00, /* Plain binary key (@k@) */
KENC_MP = 0x01, /* Multiprecision integer (@i@) */
KENC_STRUCT = 0x02, /* Structured key data (@s@) */
KENC_ENCRYPT = 0x03, /* Encrypted key type (@k@) */
+ KENC_STRING = 0x80, /* ASCII string (@p@) */
+ KENC_EC = 0x81, /* Elliptic curve point (@e@) */
/* --- Key category bits --- */
KENC_MAX /* Dummy limit constant */
};
+/* --- Key locking return codes --- */
+
+#define KL_OK 0 /* All good */
+#define KL_IOERR -1 /* I/O problem (e.g., getting pp) */
+#define KL_KEYERR -2 /* Wrong key supplied */
+#define KL_DATAERR -3 /* Data format error */
+
/* --- Key flag filtering --- */
typedef struct key_filter {
extern void key_mp(key_data */*k*/, mp */*m*/);
+/* --- @key_string@ --- *
+ *
+ * Arguments: @key_data *k@ = pointer to key data block
+ * @const char *p@ = pointer to the value to set
+ *
+ * Returns: ---
+ *
+ * Use: Sets a plain string in a key block.
+ */
+
+extern void key_string(key_data */*k*/, const char */*p*/);
+
+/* --- @key_ec@ --- *
+ *
+ * Arguments: @key_data *k@ = pointer to key data block
+ * @const ec *e@ = pointer to the value to set
+ *
+ * Returns: ---
+ *
+ * Use: Sets an elliptic curve point in a key block.
+ */
+
+extern void key_ec(key_data */*k*/, const ec */*e*/);
+
/* --- @key_structure@ --- *
*
* Arguments: @key_data *k@ = pointer to key data block
*/
extern int key_write(key_data */*k*/, dstr */*d*/,
- const key_filter */*kf*/);
+ const key_filter */*kf*/);
/*----- Key binary encoding -----------------------------------------------*/
extern void key_unpackdone(key_packdef */*kp*/);
-/*----- Passphrase encryption ---------------------------------------------*/
+/*----- Key encryption ----------------------------------------------------*/
+
+/* --- @key_lock@ --- *
+ *
+ * Arguments: @key_data *kt@ = destination block
+ * @key_data *k@ = source key data block
+ * @const void *e@ = secret to encrypt key with
+ * @size_t esz@ = size of the secret
+ *
+ * Returns: ---
+ *
+ * Use: Encrypts a key data block using a secret.
+ */
+
+extern void key_lock(key_data */*kt*/, key_data */*k*/,
+ const void */*e*/, size_t /*esz*/);
+
+/* --- @key_unlock@ --- *
+ *
+ * Arguments: @key_data *kt@ = target block
+ * @key_data *k@ = source key data block
+ * @const void *e@ = secret to decrypt the block with
+ * @size_t esz@ = size of the secret
+ *
+ * Returns: Zero for success, or a @KERR_@ error code.
+ *
+ * Use: Unlocks a key using a secret.
+ */
+
+extern int key_unlock(key_data */*kt*/, key_data */*k*/,
+ const void */*e*/, size_t /*esz*/);
/* --- @key_plock@ --- *
*
* @key_data *k@ = source key data block
* @key_data *kt@ = target key data block
*
- * Returns: Zero if successful, nonzero if there was a problem.
+ * Returns: Zero if successful, a @KERR@ error code on failure.
*
* Use: Locks a key by encrypting it with a passphrase.
*/
* @key_data *k@ = source key data block
* @key_data *kt@ = target key data block
*
- * Returns: Zero if it worked, nonzero if it didn't.
+ * Returns: Zero if successful, a @KERR@ error code on failure.
*
* Use: Unlocks a passphrase-locked key.
*/