249 lines
7.4 KiB
C
249 lines
7.4 KiB
C
/*
|
|
* crypto_types.h
|
|
*
|
|
* constants for cipher types and auth func types
|
|
*
|
|
* David A. McGrew
|
|
* Cisco Systems, Inc.
|
|
*/
|
|
/*
|
|
*
|
|
* Copyright(c) 2001-2006,2013 Cisco Systems, Inc.
|
|
* All rights reserved.
|
|
*
|
|
* Redistribution and use in source and binary forms, with or without
|
|
* modification, are permitted provided that the following conditions
|
|
* are met:
|
|
*
|
|
* Redistributions of source code must retain the above copyright
|
|
* notice, this list of conditions and the following disclaimer.
|
|
*
|
|
* Redistributions in binary form must reproduce the above
|
|
* copyright notice, this list of conditions and the following
|
|
* disclaimer in the documentation and/or other materials provided
|
|
* with the distribution.
|
|
*
|
|
* Neither the name of the Cisco Systems, Inc. nor the names of its
|
|
* contributors may be used to endorse or promote products derived
|
|
* from this software without specific prior written permission.
|
|
*
|
|
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
|
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
|
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
|
|
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
|
|
* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
|
|
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
|
|
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
|
|
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
|
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
|
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
|
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
*
|
|
*/
|
|
|
|
#ifndef CRYPTO_TYPES_H
|
|
#define CRYPTO_TYPES_H
|
|
|
|
/**
|
|
* @defgroup Algos Cryptographic Algorithms
|
|
*
|
|
*
|
|
* This library provides several different cryptographic algorithms,
|
|
* each of which can be selected by using the cipher_type_id_t and
|
|
* auth_type_id_t. These algorithms are documented below.
|
|
*
|
|
* Authentication functions that use the Universal Security Transform
|
|
* (UST) must be used in conjunction with a cipher other than the null
|
|
* cipher. These functions require a per-message pseudorandom input
|
|
* that is generated by the cipher.
|
|
*
|
|
* The identifiers STRONGHOLD_AUTH and STRONGHOLD_CIPHER identify the
|
|
* strongest available authentication function and cipher,
|
|
* respectively. They are resolved at compile time to the strongest
|
|
* available algorithm. The stronghold algorithms can serve as did
|
|
* the keep of a medieval fortification; they provide the strongest
|
|
* defense (or the last refuge).
|
|
*
|
|
* @{
|
|
*/
|
|
|
|
/**
|
|
* @defgroup Ciphers Cipher Types
|
|
*
|
|
* @brief Each cipher type is identified by an unsigned integer. The
|
|
* cipher types available in this edition of libSRTP are given
|
|
* by the #defines below.
|
|
*
|
|
* A cipher_type_id_t is an identifier for a cipher_type; only values
|
|
* given by the #defines above (or those present in the file
|
|
* crypto_types.h) should be used.
|
|
*
|
|
* The identifier STRONGHOLD_CIPHER indicates the strongest available
|
|
* cipher, allowing an application to choose the strongest available
|
|
* algorithm without any advance knowledge about the avaliable
|
|
* algorithms.
|
|
*
|
|
* @{
|
|
*/
|
|
|
|
/**
|
|
* @brief The null cipher performs no encryption.
|
|
*
|
|
* The NULL_CIPHER leaves its inputs unaltered, during both the
|
|
* encryption and decryption operations. This cipher can be chosen
|
|
* to indicate that no encryption is to be performed.
|
|
*/
|
|
#define NULL_CIPHER 0
|
|
|
|
/**
|
|
* @brief AES Integer Counter Mode (AES ICM)
|
|
*
|
|
* AES ICM is the variant of counter mode that is used by Secure RTP.
|
|
* This cipher uses a 16-, 24-, or 32-octet key concatenated with a
|
|
* 14-octet offset (or salt) value.
|
|
*/
|
|
#define AES_ICM 1
|
|
|
|
/**
|
|
* @brief AES-128 Integer Counter Mode (AES ICM)
|
|
* AES-128 ICM is a deprecated alternate name for AES ICM.
|
|
*/
|
|
#define AES_128_ICM AES_ICM
|
|
|
|
/**
|
|
* @brief SEAL 3.0
|
|
*
|
|
* SEAL is the Software-Optimized Encryption Algorithm of Coppersmith
|
|
* and Rogaway. Nota bene: this cipher is IBM proprietary.
|
|
*/
|
|
#define SEAL 2
|
|
|
|
/**
|
|
* @brief AES Cipher Block Chaining mode (AES CBC)
|
|
*
|
|
* AES CBC is the AES Cipher Block Chaining mode.
|
|
* This cipher uses a 16-, 24-, or 32-octet key.
|
|
*/
|
|
#define AES_CBC 3
|
|
|
|
/**
|
|
* @brief AES-128 Cipher Block Chaining mode (AES CBC)
|
|
*
|
|
* AES-128 CBC is a deprecated alternate name for AES CBC.
|
|
*/
|
|
#define AES_128_CBC AES_CBC
|
|
|
|
/**
|
|
* @brief Strongest available cipher.
|
|
*
|
|
* This identifier resolves to the strongest cipher type available.
|
|
*/
|
|
#define STRONGHOLD_CIPHER AES_ICM
|
|
|
|
/**
|
|
* @brief AES-192 Integer Counter Mode (AES ICM)
|
|
* AES-192 ICM is a deprecated alternate name for AES ICM.
|
|
*/
|
|
#define AES_192_ICM 4
|
|
|
|
/**
|
|
* @brief AES-256 Integer Counter Mode (AES ICM)
|
|
* AES-256 ICM is a deprecated alternate name for AES ICM.
|
|
*/
|
|
#define AES_256_ICM 5
|
|
|
|
/**
|
|
* @brief AES-128_GCM Galois Counter Mode (AES GCM)
|
|
*
|
|
* AES-128 GCM is the variant of galois counter mode that is used by
|
|
* Secure RTP. This cipher uses a 16-octet key.
|
|
*/
|
|
#define AES_128_GCM 6
|
|
|
|
/**
|
|
* @brief AES-256_GCM Galois Counter Mode (AES GCM)
|
|
*
|
|
* AES-256 GCM is the variant of galois counter mode that is used by
|
|
* Secure RTP. This cipher uses a 32-octet key.
|
|
*/
|
|
#define AES_256_GCM 7
|
|
|
|
/**
|
|
* @}
|
|
*/
|
|
|
|
|
|
|
|
/**
|
|
* @defgroup Authentication Authentication Function Types
|
|
*
|
|
* @brief Each authentication function type is identified by an
|
|
* unsigned integer. The authentication function types available in
|
|
* this edition of libSRTP are given by the #defines below.
|
|
*
|
|
* An auth_type_id_t is an identifier for an authentication function type;
|
|
* only values given by the #defines above (or those present in the
|
|
* file crypto_types.h) should be used.
|
|
*
|
|
* The identifier STRONGHOLD_AUTH indicates the strongest available
|
|
* authentication function, allowing an application to choose the
|
|
* strongest available algorithm without any advance knowledge about
|
|
* the avaliable algorithms. The stronghold algorithms can serve as
|
|
* did the keep of a medieval fortification; they provide the
|
|
* strongest defense (or the last refuge).
|
|
*
|
|
* @{
|
|
*/
|
|
|
|
/**
|
|
* @brief The null authentication function performs no authentication.
|
|
*
|
|
* The NULL_AUTH function does nothing, and can be selected to indicate
|
|
* that authentication should not be performed.
|
|
*/
|
|
#define NULL_AUTH 0
|
|
|
|
/**
|
|
* @brief UST with TMMH Version 2
|
|
*
|
|
* UST_TMMHv2 implements the Truncated Multi-Modular Hash using
|
|
* UST. This function must be used in conjunction with a cipher other
|
|
* than the null cipher.
|
|
* with a cipher.
|
|
*/
|
|
#define UST_TMMHv2 1
|
|
|
|
/**
|
|
* @brief (UST) AES-128 XORMAC
|
|
*
|
|
* UST_AES_128_XMAC implements AES-128 XORMAC, using UST. Nota bene:
|
|
* the XORMAC algorithm is IBM proprietary.
|
|
*/
|
|
#define UST_AES_128_XMAC 2
|
|
|
|
/**
|
|
* @brief HMAC-SHA1
|
|
*
|
|
* HMAC_SHA1 implements the Hash-based MAC using the NIST Secure
|
|
* Hash Algorithm version 1 (SHA1).
|
|
*/
|
|
#define HMAC_SHA1 3
|
|
|
|
/**
|
|
* @brief Strongest available authentication function.
|
|
*
|
|
* This identifier resolves to the strongest available authentication
|
|
* function.
|
|
*/
|
|
#define STRONGHOLD_AUTH HMAC_SHA1
|
|
|
|
/**
|
|
* @}
|
|
*/
|
|
/**
|
|
* @}
|
|
*/
|
|
|
|
#endif /* CRYPTO_TYPES_H */
|