OLD | NEW |
| (Empty) |
1 /* | |
2 * crypto_types.h | |
3 * | |
4 * constants for cipher types and auth func types | |
5 * | |
6 * David A. McGrew | |
7 * Cisco Systems, Inc. | |
8 */ | |
9 /* | |
10 * | |
11 * Copyright(c) 2001-2006,2013 Cisco Systems, Inc. | |
12 * All rights reserved. | |
13 * | |
14 * Redistribution and use in source and binary forms, with or without | |
15 * modification, are permitted provided that the following conditions | |
16 * are met: | |
17 * | |
18 * Redistributions of source code must retain the above copyright | |
19 * notice, this list of conditions and the following disclaimer. | |
20 * | |
21 * Redistributions in binary form must reproduce the above | |
22 * copyright notice, this list of conditions and the following | |
23 * disclaimer in the documentation and/or other materials provided | |
24 * with the distribution. | |
25 * | |
26 * Neither the name of the Cisco Systems, Inc. nor the names of its | |
27 * contributors may be used to endorse or promote products derived | |
28 * from this software without specific prior written permission. | |
29 * | |
30 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS | |
31 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT | |
32 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS | |
33 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE | |
34 * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, | |
35 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES | |
36 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR | |
37 * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | |
38 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, | |
39 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | |
40 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | |
41 * OF THE POSSIBILITY OF SUCH DAMAGE. | |
42 * | |
43 */ | |
44 | |
45 #ifndef CRYPTO_TYPES_H | |
46 #define CRYPTO_TYPES_H | |
47 | |
48 /** | |
49 * @defgroup Algos Cryptographic Algorithms | |
50 * | |
51 * | |
52 * This library provides several different cryptographic algorithms, | |
53 * each of which can be selected by using the cipher_type_id_t and | |
54 * auth_type_id_t. These algorithms are documented below. | |
55 * | |
56 * Authentication functions that use the Universal Security Transform | |
57 * (UST) must be used in conjunction with a cipher other than the null | |
58 * cipher. These functions require a per-message pseudorandom input | |
59 * that is generated by the cipher. | |
60 * | |
61 * The identifiers STRONGHOLD_AUTH and STRONGHOLD_CIPHER identify the | |
62 * strongest available authentication function and cipher, | |
63 * respectively. They are resolved at compile time to the strongest | |
64 * available algorithm. The stronghold algorithms can serve as did | |
65 * the keep of a medieval fortification; they provide the strongest | |
66 * defense (or the last refuge). | |
67 * | |
68 * @{ | |
69 */ | |
70 | |
71 /** | |
72 * @defgroup Ciphers Cipher Types | |
73 * | |
74 * @brief Each cipher type is identified by an unsigned integer. The | |
75 * cipher types available in this edition of libSRTP are given | |
76 * by the #defines below. | |
77 * | |
78 * A cipher_type_id_t is an identifier for a cipher_type; only values | |
79 * given by the #defines above (or those present in the file | |
80 * crypto_types.h) should be used. | |
81 * | |
82 * The identifier STRONGHOLD_CIPHER indicates the strongest available | |
83 * cipher, allowing an application to choose the strongest available | |
84 * algorithm without any advance knowledge about the avaliable | |
85 * algorithms. | |
86 * | |
87 * @{ | |
88 */ | |
89 | |
90 /** | |
91 * @brief The null cipher performs no encryption. | |
92 * | |
93 * The NULL_CIPHER leaves its inputs unaltered, during both the | |
94 * encryption and decryption operations. This cipher can be chosen | |
95 * to indicate that no encryption is to be performed. | |
96 */ | |
97 #define NULL_CIPHER 0 | |
98 | |
99 /** | |
100 * @brief AES Integer Counter Mode (AES ICM) | |
101 * | |
102 * AES ICM is the variant of counter mode that is used by Secure RTP. | |
103 * This cipher uses a 16-, 24-, or 32-octet key concatenated with a | |
104 * 14-octet offset (or salt) value. | |
105 */ | |
106 #define AES_ICM 1 | |
107 | |
108 /** | |
109 * @brief AES-128 Integer Counter Mode (AES ICM) | |
110 * AES-128 ICM is a deprecated alternate name for AES ICM. | |
111 */ | |
112 #define AES_128_ICM AES_ICM | |
113 | |
114 /** | |
115 * @brief SEAL 3.0 | |
116 * | |
117 * SEAL is the Software-Optimized Encryption Algorithm of Coppersmith | |
118 * and Rogaway. Nota bene: this cipher is IBM proprietary. | |
119 */ | |
120 #define SEAL 2 | |
121 | |
122 /** | |
123 * @brief AES Cipher Block Chaining mode (AES CBC) | |
124 * | |
125 * AES CBC is the AES Cipher Block Chaining mode. | |
126 * This cipher uses a 16-, 24-, or 32-octet key. | |
127 */ | |
128 #define AES_CBC 3 | |
129 | |
130 /** | |
131 * @brief AES-128 Cipher Block Chaining mode (AES CBC) | |
132 * | |
133 * AES-128 CBC is a deprecated alternate name for AES CBC. | |
134 */ | |
135 #define AES_128_CBC AES_CBC | |
136 | |
137 /** | |
138 * @brief Strongest available cipher. | |
139 * | |
140 * This identifier resolves to the strongest cipher type available. | |
141 */ | |
142 #define STRONGHOLD_CIPHER AES_ICM | |
143 | |
144 /** | |
145 * @brief AES-192 Integer Counter Mode (AES ICM) | |
146 * AES-192 ICM is a deprecated alternate name for AES ICM. | |
147 */ | |
148 #define AES_192_ICM 4 | |
149 | |
150 /** | |
151 * @brief AES-256 Integer Counter Mode (AES ICM) | |
152 * AES-256 ICM is a deprecated alternate name for AES ICM. | |
153 */ | |
154 #define AES_256_ICM 5 | |
155 | |
156 /** | |
157 * @brief AES-128_GCM Galois Counter Mode (AES GCM) | |
158 * | |
159 * AES-128 GCM is the variant of galois counter mode that is used by | |
160 * Secure RTP. This cipher uses a 16-octet key. | |
161 */ | |
162 #define AES_128_GCM 6 | |
163 | |
164 /** | |
165 * @brief AES-256_GCM Galois Counter Mode (AES GCM) | |
166 * | |
167 * AES-256 GCM is the variant of galois counter mode that is used by | |
168 * Secure RTP. This cipher uses a 32-octet key. | |
169 */ | |
170 #define AES_256_GCM 7 | |
171 | |
172 /** | |
173 * @} | |
174 */ | |
175 | |
176 | |
177 | |
178 /** | |
179 * @defgroup Authentication Authentication Function Types | |
180 * | |
181 * @brief Each authentication function type is identified by an | |
182 * unsigned integer. The authentication function types available in | |
183 * this edition of libSRTP are given by the #defines below. | |
184 * | |
185 * An auth_type_id_t is an identifier for an authentication function type; | |
186 * only values given by the #defines above (or those present in the | |
187 * file crypto_types.h) should be used. | |
188 * | |
189 * The identifier STRONGHOLD_AUTH indicates the strongest available | |
190 * authentication function, allowing an application to choose the | |
191 * strongest available algorithm without any advance knowledge about | |
192 * the avaliable algorithms. The stronghold algorithms can serve as | |
193 * did the keep of a medieval fortification; they provide the | |
194 * strongest defense (or the last refuge). | |
195 * | |
196 * @{ | |
197 */ | |
198 | |
199 /** | |
200 * @brief The null authentication function performs no authentication. | |
201 * | |
202 * The NULL_AUTH function does nothing, and can be selected to indicate | |
203 * that authentication should not be performed. | |
204 */ | |
205 #define NULL_AUTH 0 | |
206 | |
207 /** | |
208 * @brief UST with TMMH Version 2 | |
209 * | |
210 * UST_TMMHv2 implements the Truncated Multi-Modular Hash using | |
211 * UST. This function must be used in conjunction with a cipher other | |
212 * than the null cipher. | |
213 * with a cipher. | |
214 */ | |
215 #define UST_TMMHv2 1 | |
216 | |
217 /** | |
218 * @brief (UST) AES-128 XORMAC | |
219 * | |
220 * UST_AES_128_XMAC implements AES-128 XORMAC, using UST. Nota bene: | |
221 * the XORMAC algorithm is IBM proprietary. | |
222 */ | |
223 #define UST_AES_128_XMAC 2 | |
224 | |
225 /** | |
226 * @brief HMAC-SHA1 | |
227 * | |
228 * HMAC_SHA1 implements the Hash-based MAC using the NIST Secure | |
229 * Hash Algorithm version 1 (SHA1). | |
230 */ | |
231 #define HMAC_SHA1 3 | |
232 | |
233 /** | |
234 * @brief Strongest available authentication function. | |
235 * | |
236 * This identifier resolves to the strongest available authentication | |
237 * function. | |
238 */ | |
239 #define STRONGHOLD_AUTH HMAC_SHA1 | |
240 | |
241 /** | |
242 * @} | |
243 */ | |
244 /** | |
245 * @} | |
246 */ | |
247 | |
248 #endif /* CRYPTO_TYPES_H */ | |
OLD | NEW |