server/servutil.c: Add utilities for plain asymmetric encryption.

[tripe] / server / tripe.h

diff --git a/server/tripe.h b/server/tripe.h
index 5550c1f..940e3d6 100644 (file)
--- a/server/tripe.h
+++ b/server/tripe.h
@@ -1801,6 +1801,42 @@ extern void ratelim_init(ratelim */*r*/,
 
 extern int ratelim_withdraw(ratelim */*r*/, unsigned /*n*/);
 
+/* --- @ies_encrypt@ --- *
+ *
+ * Arguments:  @kdata *kpub@ = recipient's public key
+ *             @unsigned ty@ = message type octet
+ *             @buf *b@ = input message buffer
+ *             @buf *bb@ = output buffer for the ciphertext
+ *
+ * Returns:    On error, returns a @KSERR_...@ code or breaks the buffer;
+ *             on success, returns zero and the buffer is good.
+ *
+ * Use:                Encrypts a message for a recipient, given their public key.
+ *             This does not (by itself) provide forward secrecy or sender
+ *             authenticity.  The ciphertext is self-delimiting (unlike
+ *             @ks_encrypt@).
+ */
+
+extern int ies_encrypt(kdata */*kpub*/, unsigned /*ty*/,
+                      buf */*b*/, buf */*bb*/);
+
+/* --- @ies_decrypt@ --- *
+ *
+ * Arguments:  @kdata *kpub@ = private key key
+ *             @unsigned ty@ = message type octet
+ *             @buf *b@ = input ciphertext buffer
+ *             @buf *bb@ = output buffer for the message
+ *
+ * Returns:    On error, returns a @KSERR_...@ code; on success, returns
+ *             zero and the buffer is good.
+ *
+ * Use:                Decrypts a message encrypted using @ies_encrypt@, given our
+ *             private key.
+ */
+
+extern int ies_decrypt(kdata */*kpriv*/, unsigned /*ty*/,
+                      buf */*b*/, buf */*bb*/);
+
 /*----- That's all, folks -------------------------------------------------*/
 
 #ifdef __cplusplus