New blockcipher mac stuff. New hbytes clockincrement.

[chiark-tcl.git] / hbytes / hbytes.h

diff --git a/hbytes/hbytes.h b/hbytes/hbytes.h
index 23cad209c11840758e99052d62198efd632bca04..ac19c8f9cd941f2ac1aa95fcd2a7daee442e601a 100644 (file)
--- a/hbytes/hbytes.h
+++ b/hbytes/hbytes.h
@@ -15,8 +15,14 @@
  *
  *  hbytes range VALUE START SIZE                => substring (or error)
  *  hbytes overwrite VAR START VALUE
  *
  *  hbytes range VALUE START SIZE                => substring (or error)
  *  hbytes overwrite VAR START VALUE

+ *  hbytes trimleft VALUE                        removes any leading 0 octets

  *  hbytes repeat VALUE COUNT                    => COUNT copies of VALUE
  *
  *  hbytes repeat VALUE COUNT                    => COUNT copies of VALUE
  *

+ *  hbytes clockincrement VAR INTEGER      adds INTEGER to VAR mod 256^|VAR|
+ *                                         INTEGER must be -255 .. 255
+ *                                               => carry (-255 to 255,
+ *                                               and -1,0,1 if VAR not empty)
+ *

  *  hbytes h2ulong HEX                           => ulong  (HEX len must be 4)
  *  hbytes ulong2h UL                            => hex
  *
  *  hbytes h2ulong HEX                           => ulong  (HEX len must be 4)
  *  hbytes ulong2h UL                            => hex
  *


@@ -47,6 +53,7 @@
  *  hbytes pkcs5 pa|ua VAR ALG                   => worked?  (always 1 for p)
  *  hbytes pkcs5 pn|un VAR BLOCKSIZE             => worked?  (always 1 for p)
  *  hbytes blockcipher d|e VAR ALG KEY MODE [IV] => IV
  *  hbytes pkcs5 pa|ua VAR ALG                   => worked?  (always 1 for p)
  *  hbytes pkcs5 pn|un VAR BLOCKSIZE             => worked?  (always 1 for p)
  *  hbytes blockcipher d|e VAR ALG KEY MODE [IV] => IV

+ *  hbytes blockcipher mac MSG ALG KEY MODE IV   => final block

  *
  *  hbytes hash ALG MESSAGE                      => hash
  *  hbytes hmac ALG MESSAGE KEY [MACLENGTH]      => mac
  *
  *  hbytes hash ALG MESSAGE                      => hash
  *  hbytes hmac ALG MESSAGE KEY [MACLENGTH]      => mac


@@ -219,25 +226,25 @@ typedef struct {
   const char *name;
   int hashsize, blocksize, statesize;
   void (*init)(void *state);
   const char *name;
   int hashsize, blocksize, statesize;
   void (*init)(void *state);

-  void (*update)(void *state, const Byte *data, int len);
-  void (*final)(void *state, Byte *digest);
-  void (*oneshot)(Byte *digest, const Byte *data, int len);
+  void (*update)(void *state, const void *data, int len);
+  void (*final)(void *state, void *digest);
+  void (*oneshot)(void *digest, const void *data, int len);

 } HashAlgInfo;
 
 extern const HashAlgInfo hashalginfos[];
 
 typedef struct {
 } HashAlgInfo;
 
 extern const HashAlgInfo hashalginfos[];
 
 typedef struct {

-  void (*make_schedule)(void *schedule, const Byte *key, int keylen);
+  void (*make_schedule)(void *schedule, const void *key, int keylen);

   void (*crypt)(const void *schedule, const void *in, void *out);
      /* in and out may be the same, but if they aren't they may not overlap */
      /* in and out for crypt will have been through block_byteswap */
   void (*crypt)(const void *schedule, const void *in, void *out);
      /* in and out may be the same, but if they aren't they may not overlap */
      /* in and out for crypt will have been through block_byteswap */

-} BlockCipherDirectionInfo;
+} BlockCipherPerDirectionInfo;

 
 typedef struct {
   const char *name;
   int blocksize, schedule_size, key_min, key_max;
 
 typedef struct {
   const char *name;
   int blocksize, schedule_size, key_min, key_max;

-  void (*byteswap)(Byte *block);
-  BlockCipherDirectionInfo encrypt, decrypt;
+  void (*byteswap)(void *block);
+  BlockCipherPerDirectionInfo encrypt, decrypt;

 } BlockCipherAlgInfo;
 
 extern const BlockCipherAlgInfo blockcipheralginfos[];
 } BlockCipherAlgInfo;
 
 extern const BlockCipherAlgInfo blockcipheralginfos[];


@@ -246,16 +253,31 @@ extern const BlockCipherAlgInfo blockcipheralginfos[];
 
 typedef struct {
   const char *name;
 
 typedef struct {
   const char *name;

-  int iv_blocks, buf_blocks;
-  const char *(*encrypt)(Byte *data, int blocks,
+  int iv_blocks, buf_blocks, mac_blocks;
+
+  /* Each function is allowed to use up to buf_blocks * blocksize
+   * bytes of space in buf.  data is blocks * blocksize bytes
+   * long.  data should be modified in place by encrypt and decrypt;
+   * modes may not change the size of data.  iv is always provided and
+   * is always of length iv_blocks * blocksize; encrypt and
+   * decrypt may modify the iv value (in which case the Tcl caller
+   * will get the modified IV) but this is not recommended.  mac
+   * should leave the mac, which must be mac_blocks * blocksize
+   * bytes, in buf.  (Therefore mac_blocks must be at least
+   * buf_blocks.)
+   */
+  const char *(*encrypt)(Byte *data, int nblocks,

                         const Byte *iv, Byte *buf,
                         const BlockCipherAlgInfo *alg, int encr,
                         const Byte *iv, Byte *buf,
                         const BlockCipherAlgInfo *alg, int encr,

-                        int blocksize, const void *sch);
-  const char *(*decrypt)(Byte *data, int blocks,
+                        const void *sch);
+  const char *(*decrypt)(Byte *data, int nblocks,

                         const Byte *iv, Byte *buf,
                         const BlockCipherAlgInfo *alg, int encr,
                         const Byte *iv, Byte *buf,
                         const BlockCipherAlgInfo *alg, int encr,

-                        int blocksize, const void *sch);
-    /* in each case, *iv is provided, but may be modified */
+                        const void *sch);
+  const char *(*mac)(const Byte *data, int nblocks,
+                    const Byte *iv, Byte *buf,
+                    const BlockCipherAlgInfo *alg,
+                    const void *sch);

 } BlockCipherModeInfo;
 
 extern const BlockCipherModeInfo blockciphermodeinfos[];
 } BlockCipherModeInfo;
 
 extern const BlockCipherModeInfo blockciphermodeinfos[];