1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
|
C API for pgcrypto
==================
UN*X crypt()
============
#include <px-crypt.h>
char *
px_crypt(const char *psw, const char *salt, char *buf, unsigned buflen);
returns buf or NULL for error.
unsigned px_gen_salt(const char *salt_type, char *dst, int rounds);
returns salt size. dst should be PX_MAX_SALT_LEN bytes.
'rounds' is algorithm specific. 0 means default for
that algorithm.
Random
======
int px_get_random_bytes(uint8 *dst, int num)
Crypto "objects"
================
PX_MD - Message digest
PX_HMAC - HMAC (Hash MAC)
PX_Cipher - cipher+mode: provided by libs
PX_Combo - higher-level encryption -> padding, [MD]
Objects are activated with following functions:
int px_find_digest(const char *name, PX_MD **res);
int px_find_hmac(const char *name, PX_HMAC **res);
int px_find_cipher(const char *name, PX_Cipher **res);
int px_find_combo(const char *name, PX_Combo **res);
returns 0 on success, < 0 on error. If successful,
*res contains pointer to new object.
Message Digest
==============
uint px_md_result_size(PX_MD *md)
returns final result size in bytes
void px_md_reset(PX_MD *md)
resets md to clean state
uint px_md_block_size(PX_MD *md)
return algorithm block size in bytes
void px_md_update(PX_MD *md, const uint8 *data, uint dlen)
updates hash state with new data
void px_md_finish(PX_MD *md, uint8 *buf)
puts final hash state into buf. buf should have room
for px_md_result_size() bytes.
void px_md_free(PX_MD *md)
frees resources.
HMAC (Hash Message Authentication Code)
=======================================
int px_hmac_init(PX_HMAC *hmac, const uint8 *key, uint klen)
initalized hmac state with key.
uint px_hmac_result_size(PX_HMAC *md)
returns final result size in bytes
void px_hmac_reset(PX_HMAC *md)
resets md to state after _init()
uint px_hmac_block_size(PX_HMAC *md)
return algorithm block size in bytes
void px_hmac_update(PX_HMAC *md, const uint8 *data, uint dlen)
updates hash state with new data
void px_hmac_finish(PX_HMAC *md, uint8 *buf)
puts final hash state into buf. buf should have room
for px_hmac_result_size() bytes.
void px_hmac_free(PX_HMAC *md)
frees resources.
Cipher
======
uint px_cipher_key_size(PX_Cipher *c)
returns max key size in bytes
uint px_cipher_block_size(PX_Cipher *c)
returns cipher+mode block size in bytes. So blowfish
in CFB mode should return 1.
uint px_cipher_iv_size(PX_Cipher *c)
returns IV size in bytes.
int px_cipher_init(PX_Cipher *c, uint8 *key, uint klen, uint8 *iv)
initializes cipher with supplied key and iv.
int px_cipher_encrypt(PX_Cipher *c, uint8 *data, uint dlen, uint8 *res)
encrypts data. res must have room for dlen bytes.
data must be multiple of px_cipher_block_size().
int px_cipher_decrypt(PX_Cipher *c, uint8 *data, uint dlen, uint8 *res)
decrypts data. res must have room for dlen bytes.
void px_cipher_free(PX_Cipher *c)
frees resources assiocated.
PX_Combo
========
uint px_combo_encrypt_len(PX_Combo *c, uint dlen)
calculates max result length for dlen of data.
uint px_combo_decrypt_len(PX_Combo *c, uint dlen)
calculates result length for dlen of data.
int px_combo_init(PX_Combo *c, uint8 *key, uint klen, uint8 *iv, uint ivlen)
initializes c with key and iv. If cipher uses fixed length keys,
key will be padded with zeroes to needed length.
int px_combo_encrypt(PX_Combo *c, uint8 *data, uint dlen, uint8 *res, uint rlen)
int px_combo_decrypt(PX_Combo *c, uint8 *data, uint dlen, uint8 *res, uint rlen)
void px_combo_free(PX_Combo *c)
frees resources assiocated.
|