scip/pcp
1
0
Fork 0
mirror of https://codeberg.org/scip/pcp.git synced 2025-12-17 20:00:58 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
254c4cd39b73578051438fc66d22537403be1176
pcp/man/html/group__CRYPTO.html
TLINDEN 2e4657bb08 added api docs
2014-02-20 20:09:24 +01:00

596 lines
33 KiB
HTML
Raw Blame History

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/xhtml;charset=UTF-8"/>
<meta http-equiv="X-UA-Compatible" content="IE=9"/>
<title>libpcp: CRYPTO</title>
<link href="tabs.css" rel="stylesheet" type="text/css"/>
<script type="text/javascript" src="jquery.js"></script>
<script type="text/javascript" src="dynsections.js"></script>
<link href="doxygen.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div id="top"><!-- do not remove this div, it is closed by doxygen! -->
<div id="titlearea">
<table cellspacing="0" cellpadding="0">
<tbody>
<tr style="height: 56px;">
<td style="padding-left: 0.5em;">
<div id="projectname">libpcp
&#160;<span id="projectnumber">0.2.1</span>
</div>
</td>
</tr>
</tbody>
</table>
</div>
<!-- end header part -->
<!-- Generated by Doxygen 1.8.2 -->
<div id="navrow1" class="tabs">
<ul class="tablist">
<li><a href="index.html"><span>Main&#160;Page</span></a></li>
<li><a href="modules.html"><span>Modules</span></a></li>
<li><a href="annotated.html"><span>Classes</span></a></li>
<li><a href="files.html"><span>Files</span></a></li>
</ul>
</div>
</div><!-- top -->
<div class="header">
<div class="summary">
<a href="#func-members">Functions</a> </div>
<div class="headertitle">
<div class="title">CRYPTO</div> </div>
</div><!--header-->
<div class="contents">
<p>Functions for symmetrical or asymmetrical encryption using NaCL.
<a href="#details">More...</a></p>
<table class="memberdecls">
<tr class="heading"><td colspan="2"><h2 class="groupheader"><a name="func-members"></a>
Functions</h2></td></tr>
<tr class="memitem:ga65c6dc4a24eb0844f9a82e5a02306c14"><td class="memItemLeft" align="right" valign="top">unsigned char *&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="group__CRYPTO.html#ga65c6dc4a24eb0844f9a82e5a02306c14">pcp_box_encrypt</a> (<a class="el" href="group__KEYS.html#gae88eb39995125f3b68b4ce9175b41732">pcp_key_t</a> *secret, <a class="el" href="group__KEYS.html#ga859c793ca80717fdfc8ebef3e7224746">pcp_pubkey_t</a> *pub, unsigned char *message, size_t messagesize, size_t *csize)</td></tr>
<tr class="memdesc:ga65c6dc4a24eb0844f9a82e5a02306c14"><td class="mdescLeft">&#160;</td><td class="mdescRight">Asymmetrically encrypt a message. <a href="#ga65c6dc4a24eb0844f9a82e5a02306c14"></a><br/></td></tr>
<tr class="separator:ga65c6dc4a24eb0844f9a82e5a02306c14"><td class="memSeparator" colspan="2">&#160;</td></tr>
<tr class="memitem:ga73788bf0c6828922f98e57f1568dd845"><td class="memItemLeft" align="right" valign="top">unsigned char *&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="group__CRYPTO.html#ga73788bf0c6828922f98e57f1568dd845">pcp_box_decrypt</a> (<a class="el" href="group__KEYS.html#gae88eb39995125f3b68b4ce9175b41732">pcp_key_t</a> *secret, <a class="el" href="group__KEYS.html#ga859c793ca80717fdfc8ebef3e7224746">pcp_pubkey_t</a> *pub, unsigned char *cipher, size_t ciphersize, size_t *dsize)</td></tr>
<tr class="memdesc:ga73788bf0c6828922f98e57f1568dd845"><td class="mdescLeft">&#160;</td><td class="mdescRight">Asymmetrically decrypt a message. <a href="#ga73788bf0c6828922f98e57f1568dd845"></a><br/></td></tr>
<tr class="separator:ga73788bf0c6828922f98e57f1568dd845"><td class="memSeparator" colspan="2">&#160;</td></tr>
<tr class="memitem:gadbdb839246cac65ff20ef63902041597"><td class="memItemLeft" align="right" valign="top">size_t&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="group__CRYPTO.html#gadbdb839246cac65ff20ef63902041597">pcp_encrypt_stream</a> (<a class="el" href="group__Pcpstream.html#gaec72241f86d5391d5cae7477c66cdd73">Pcpstream</a> *in, <a class="el" href="group__Pcpstream.html#gaec72241f86d5391d5cae7477c66cdd73">Pcpstream</a> *out, <a class="el" href="group__KEYS.html#gae88eb39995125f3b68b4ce9175b41732">pcp_key_t</a> *s, <a class="el" href="group__KEYS.html#ga859c793ca80717fdfc8ebef3e7224746">pcp_pubkey_t</a> *p, int signcrypt)</td></tr>
<tr class="memdesc:gadbdb839246cac65ff20ef63902041597"><td class="mdescLeft">&#160;</td><td class="mdescRight">Asymmetrically encrypt a file or a buffer stream. <a href="#gadbdb839246cac65ff20ef63902041597"></a><br/></td></tr>
<tr class="separator:gadbdb839246cac65ff20ef63902041597"><td class="memSeparator" colspan="2">&#160;</td></tr>
<tr class="memitem:ga949053e8f2a9ddfa2421d578951f7cf5"><td class="memItemLeft" align="right" valign="top">size_t&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="group__CRYPTO.html#ga949053e8f2a9ddfa2421d578951f7cf5">pcp_encrypt_stream_sym</a> (<a class="el" href="group__Pcpstream.html#gaec72241f86d5391d5cae7477c66cdd73">Pcpstream</a> *in, <a class="el" href="group__Pcpstream.html#gaec72241f86d5391d5cae7477c66cdd73">Pcpstream</a> *out, unsigned char *symkey, int havehead, <a class="el" href="group__KEYS.html#gab69d94a862952b046c6f340d3c701dd0">pcp_rec_t</a> *recsign)</td></tr>
<tr class="memdesc:ga949053e8f2a9ddfa2421d578951f7cf5"><td class="mdescLeft">&#160;</td><td class="mdescRight">Symmetrically encrypt a file or a buffer stream. <a href="#ga949053e8f2a9ddfa2421d578951f7cf5"></a><br/></td></tr>
<tr class="separator:ga949053e8f2a9ddfa2421d578951f7cf5"><td class="memSeparator" colspan="2">&#160;</td></tr>
<tr class="memitem:gaeb1196ed4a3edc911e77d1d15612c539"><td class="memItemLeft" align="right" valign="top">size_t&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="group__CRYPTO.html#gaeb1196ed4a3edc911e77d1d15612c539">pcp_decrypt_stream</a> (<a class="el" href="group__Pcpstream.html#gaec72241f86d5391d5cae7477c66cdd73">Pcpstream</a> *in, <a class="el" href="group__Pcpstream.html#gaec72241f86d5391d5cae7477c66cdd73">Pcpstream</a> *out, <a class="el" href="group__KEYS.html#gae88eb39995125f3b68b4ce9175b41732">pcp_key_t</a> *s, unsigned char *symkey, int verify)</td></tr>
<tr class="memdesc:gaeb1196ed4a3edc911e77d1d15612c539"><td class="mdescLeft">&#160;</td><td class="mdescRight">Asymmetrically decrypt a file or a buffer stream. <a href="#gaeb1196ed4a3edc911e77d1d15612c539"></a><br/></td></tr>
<tr class="separator:gaeb1196ed4a3edc911e77d1d15612c539"><td class="memSeparator" colspan="2">&#160;</td></tr>
<tr class="memitem:ga98322a73045d7d3e069e1afeb7fe2918"><td class="memItemLeft" align="right" valign="top">size_t&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="group__CRYPTO.html#ga98322a73045d7d3e069e1afeb7fe2918">pcp_decrypt_stream_sym</a> (<a class="el" href="group__Pcpstream.html#gaec72241f86d5391d5cae7477c66cdd73">Pcpstream</a> *in, <a class="el" href="group__Pcpstream.html#gaec72241f86d5391d5cae7477c66cdd73">Pcpstream</a> *out, unsigned char *symkey, <a class="el" href="group__KEYS.html#gab69d94a862952b046c6f340d3c701dd0">pcp_rec_t</a> *recverify)</td></tr>
<tr class="memdesc:ga98322a73045d7d3e069e1afeb7fe2918"><td class="mdescLeft">&#160;</td><td class="mdescRight">Symmetrically decrypt a file or a buffer stream. <a href="#ga98322a73045d7d3e069e1afeb7fe2918"></a><br/></td></tr>
<tr class="separator:ga98322a73045d7d3e069e1afeb7fe2918"><td class="memSeparator" colspan="2">&#160;</td></tr>
<tr class="memitem:gaf9ec9f99af7315fa9f1a5f9649f27347"><td class="memItemLeft" align="right" valign="top">size_t&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="group__CRYPTO.html#gaf9ec9f99af7315fa9f1a5f9649f27347">pcp_sodium_mac</a> (unsigned char **cipher, unsigned char *cleartext, size_t clearsize, unsigned char *nonce, unsigned char *key)</td></tr>
<tr class="memdesc:gaf9ec9f99af7315fa9f1a5f9649f27347"><td class="mdescLeft">&#160;</td><td class="mdescRight">Symmetrically encrypt a message. <a href="#gaf9ec9f99af7315fa9f1a5f9649f27347"></a><br/></td></tr>
<tr class="separator:gaf9ec9f99af7315fa9f1a5f9649f27347"><td class="memSeparator" colspan="2">&#160;</td></tr>
<tr class="memitem:ga6475f85713c66641097d26bc9121bf70"><td class="memItemLeft" align="right" valign="top">int&#160;</td><td class="memItemRight" valign="bottom"><a class="el" href="group__CRYPTO.html#ga6475f85713c66641097d26bc9121bf70">pcp_sodium_verify_mac</a> (unsigned char **cleartext, unsigned char *message, size_t messagesize, unsigned char *nonce, unsigned char *key)</td></tr>
<tr class="memdesc:ga6475f85713c66641097d26bc9121bf70"><td class="mdescLeft">&#160;</td><td class="mdescRight">Decrypt a symmetrically encrypted message. <a href="#ga6475f85713c66641097d26bc9121bf70"></a><br/></td></tr>
<tr class="separator:ga6475f85713c66641097d26bc9121bf70"><td class="memSeparator" colspan="2">&#160;</td></tr>
</table>
<a name="details" id="details"></a><h2 class="groupheader">Detailed Description</h2>
<p>Functions for symmetrical or asymmetrical encryption using NaCL. </p>
<h1><a class="anchor" id="intro"></a>
Introduction</h1>
<p>Encryption is done 32k blockwise using an ephemeral key.</p>
<p>If using asymmetrical encryption the ephemeral key is encrypted asymmetrically using Curve25519 for all recipients and added to the output.</p>
<p>If sign+crypt is requested, a hash of the clear content plus the recipient list will be made and signed. That signature will be encrypted using the ephemeral key as well and appended to the output.</p>
<p>For each encryption cycle (per block) a unique nonce will be used.</p>
<h1><a class="anchor" id="format"></a>
Encrypted Output Format</h1>
<p>Encrypted output will always written as binary files. No armoring supported yet. The encryption process works as this:</p>
<ul>
<li>generate a random symetric 32 byte key B&lt;S&gt;</li>
<li>encrypt it asymetrically for each recipient using a unique nonce (B&lt;R&gt;)</li>
<li>encrypt the input file 32k blockwise using the symetric key</li>
</ul>
<p>Symmetric encryption works the very same with the recipient stuff left out.</p>
<p>Formal format description, asymmetric encrypted files: </p>
<pre class="fragment"> +---------------------------------------------------------+
| Field Size Description |
+-------------+--------+----------------------------------+
| Type | 1 | Filetype, 5=ASYM, 23=SYM |
+-------------|--------|----------------------------------+
| Len R | 4 | Number of recipients (*) |
+-------------|--------|----------------------------------+
| Recipients | R*72 | C(recipient)|C(recipient)... (*) |
+-------------|--------|----------------------------------+
| Encrypted | ~ | The actual encrypted data |
+-------------|--------|----------------------------------+
</pre><p>The following will be Left out when doing symetric encryption.</p>
<p>Recipient field format: </p>
<pre class="fragment"> +---------------------------------------------------------+
| Field Size Description |
+-------------+--------+----------------------------------+
| Nonce | 24 | Random Nonce, one per R |
+-------------|--------|----------------------------------+
| Cipher | 48 | S encrypted with PK or R |
+-------------|--------|----------------------------------+
</pre><p>R is calculated using public key encryption using the senders secret key, the recipients public key and a random nonce.</p>
<p>Pseudocode:</p>
<div class="fragment"><div class="line">R = <span class="keywordflow">foreach</span> P: N | crypto_box(S, N, P, SK)</div>
<div class="line">L = len(R)</div>
<div class="line">T = 5</div>
<div class="line">write (T | L | R)</div>
<div class="line">foreach I: write (N | crypto_secret_box(I, N, S))</div>
</div><!-- fragment --><p>where P is the public key of a recipient, SK is the senders secret key, R is the recipient list, L is the number of recipients, T is the filetype header, I is a block of input with a size of 32k, N is a nonce (new per block) and S the symmetric key. </p>
<h2 class="groupheader">Function Documentation</h2>
<a class="anchor" id="ga73788bf0c6828922f98e57f1568dd845"></a>
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname">unsigned char* pcp_box_decrypt </td>
<td>(</td>
<td class="paramtype"><a class="el" href="group__KEYS.html#gae88eb39995125f3b68b4ce9175b41732">pcp_key_t</a> *&#160;</td>
<td class="paramname"><em>secret</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype"><a class="el" href="group__KEYS.html#ga859c793ca80717fdfc8ebef3e7224746">pcp_pubkey_t</a> *&#160;</td>
<td class="paramname"><em>pub</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">unsigned char *&#160;</td>
<td class="paramname"><em>cipher</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">size_t&#160;</td>
<td class="paramname"><em>ciphersize</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">size_t *&#160;</td>
<td class="paramname"><em>dsize</em>&#160;</td>
</tr>
<tr>
<td></td>
<td>)</td>
<td></td><td></td>
</tr>
</table>
</div><div class="memdoc">
<p>Asymmetrically decrypt a message. </p>
<p>This function is used internally and normally a user doesn't need to use it. However, from time to time there maybe the requirement to work with raw NaCL crypto_box() output. This function adds the neccessary padding and it uses PCP key structures.</p>
<dl class="params"><dt>Parameters</dt><dd>
<table class="params">
<tr><td class="paramdir">[in]</td><td class="paramname">secret</td><td>The secret key structure from the sender.</td></tr>
<tr><td class="paramdir">[in]</td><td class="paramname">pub</td><td>The public key structure from the recipient.</td></tr>
<tr><td class="paramdir">[in]</td><td class="paramname">cipher</td><td>The encrypted message.</td></tr>
<tr><td class="paramdir">[in]</td><td class="paramname">ciphersize</td><td>The size in bytes of the encrypted message.</td></tr>
<tr><td class="paramdir">[out]</td><td class="paramname">dsize</td><td>A pointer which will be set to the size of the decrypted result if successful.</td></tr>
</table>
</dd>
</dl>
<dl class="section return"><dt>Returns</dt><dd>Returns an allocated unsigned char array of the size csize which contains the encrypted result. In case of an error, it returns NULL sets csize to 0. Use <a class="el" href="group__FATALS.html#ga0ea01da59af8a06c55258d78da6cb0cb" title="Prints error messages to STDERR, if there are some.">fatals_ifany()</a> to check for errors. </dd></dl>
</div>
</div>
<a class="anchor" id="ga65c6dc4a24eb0844f9a82e5a02306c14"></a>
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname">unsigned char* pcp_box_encrypt </td>
<td>(</td>
<td class="paramtype"><a class="el" href="group__KEYS.html#gae88eb39995125f3b68b4ce9175b41732">pcp_key_t</a> *&#160;</td>
<td class="paramname"><em>secret</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype"><a class="el" href="group__KEYS.html#ga859c793ca80717fdfc8ebef3e7224746">pcp_pubkey_t</a> *&#160;</td>
<td class="paramname"><em>pub</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">unsigned char *&#160;</td>
<td class="paramname"><em>message</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">size_t&#160;</td>
<td class="paramname"><em>messagesize</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">size_t *&#160;</td>
<td class="paramname"><em>csize</em>&#160;</td>
</tr>
<tr>
<td></td>
<td>)</td>
<td></td><td></td>
</tr>
</table>
</div><div class="memdoc">
<p>Asymmetrically encrypt a message. </p>
<p>This function is used internally and normally a user doesn't need to use it. However, from time to time there maybe the requirement to work with raw NaCL crypto_box() output. This function adds the neccessary padding and it uses PCP key structures.</p>
<dl class="params"><dt>Parameters</dt><dd>
<table class="params">
<tr><td class="paramdir">[in]</td><td class="paramname">secret</td><td>The secret key structure from the sender.</td></tr>
<tr><td class="paramdir">[in]</td><td class="paramname">pub</td><td>The public key structure from the recipient.</td></tr>
<tr><td class="paramdir">[in]</td><td class="paramname">message</td><td>The clear unencrypted message.</td></tr>
<tr><td class="paramdir">[in]</td><td class="paramname">messagesize</td><td>The size in bytes of the message.</td></tr>
<tr><td class="paramdir">[out]</td><td class="paramname">csize</td><td>A pointer which will be set to the size of the encrypted result if successful.</td></tr>
</table>
</dd>
</dl>
<dl class="section return"><dt>Returns</dt><dd>Returns an allocated unsigned char array of the size csize which contains the encrypted result. In case of an error, it returns NULL sets csize to 0. Use <a class="el" href="group__FATALS.html#ga0ea01da59af8a06c55258d78da6cb0cb" title="Prints error messages to STDERR, if there are some.">fatals_ifany()</a> to check for errors. </dd></dl>
</div>
</div>
<a class="anchor" id="gaeb1196ed4a3edc911e77d1d15612c539"></a>
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname">size_t pcp_decrypt_stream </td>
<td>(</td>
<td class="paramtype"><a class="el" href="group__Pcpstream.html#gaec72241f86d5391d5cae7477c66cdd73">Pcpstream</a> *&#160;</td>
<td class="paramname"><em>in</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype"><a class="el" href="group__Pcpstream.html#gaec72241f86d5391d5cae7477c66cdd73">Pcpstream</a> *&#160;</td>
<td class="paramname"><em>out</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype"><a class="el" href="group__KEYS.html#gae88eb39995125f3b68b4ce9175b41732">pcp_key_t</a> *&#160;</td>
<td class="paramname"><em>s</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">unsigned char *&#160;</td>
<td class="paramname"><em>symkey</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">int&#160;</td>
<td class="paramname"><em>verify</em>&#160;</td>
</tr>
<tr>
<td></td>
<td>)</td>
<td></td><td></td>
</tr>
</table>
</div><div class="memdoc">
<p>Asymmetrically decrypt a file or a buffer stream. </p>
<p>This function decrypts a stream 32k+16-blockwise for a number of recipients.</p>
<p>Calls <a class="el" href="group__CRYPTO.html#ga98322a73045d7d3e069e1afeb7fe2918" title="Symmetrically decrypt a file or a buffer stream.">pcp_decrypt_stream_sym()</a> after assembling the encrypted recipient list.</p>
<p>FIXME: should return the pcp_rec_t structure upon successfull verification somehow.</p>
<dl class="params"><dt>Parameters</dt><dd>
<table class="params">
<tr><td class="paramdir">[in]</td><td class="paramname">in</td><td>Stream to read the data to decrypt from.</td></tr>
<tr><td class="paramdir">[out]</td><td class="paramname">out</td><td>Stream to write decrypted result to.</td></tr>
<tr><td class="paramdir">[in]</td><td class="paramname">s</td><td>Secret key structure of the recipient.</td></tr>
<tr><td class="paramdir">[in]</td><td class="paramname">symkey</td><td>Ephemeral key for symmetric decryption. Set to NULL if you call this function directly.</td></tr>
<tr><td class="paramdir"></td><td class="paramname">verify</td><td>Flag to indicate sign+crypt. If 1 it tries to verify a signature, otherwise not.</td></tr>
</table>
</dd>
</dl>
<dl class="section return"><dt>Returns</dt><dd>Returns the size of the output written to the output stream or 0 in case of errors. </dd></dl>
</div>
</div>
<a class="anchor" id="ga98322a73045d7d3e069e1afeb7fe2918"></a>
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname">size_t pcp_decrypt_stream_sym </td>
<td>(</td>
<td class="paramtype"><a class="el" href="group__Pcpstream.html#gaec72241f86d5391d5cae7477c66cdd73">Pcpstream</a> *&#160;</td>
<td class="paramname"><em>in</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype"><a class="el" href="group__Pcpstream.html#gaec72241f86d5391d5cae7477c66cdd73">Pcpstream</a> *&#160;</td>
<td class="paramname"><em>out</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">unsigned char *&#160;</td>
<td class="paramname"><em>symkey</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype"><a class="el" href="group__KEYS.html#gab69d94a862952b046c6f340d3c701dd0">pcp_rec_t</a> *&#160;</td>
<td class="paramname"><em>recverify</em>&#160;</td>
</tr>
<tr>
<td></td>
<td>)</td>
<td></td><td></td>
</tr>
</table>
</div><div class="memdoc">
<p>Symmetrically decrypt a file or a buffer stream. </p>
<p>This function decrypts a stream 32k+16-blockwise using a given ephemeral key. Usually compute this key using the pcp_scrypt() function. If not called directly, the key have been extracted from the recipient list.</p>
<p>Uses crypto_secret_box_open() for each 32k+16-block with a random nonce for each.</p>
<dl class="params"><dt>Parameters</dt><dd>
<table class="params">
<tr><td class="paramdir">[in]</td><td class="paramname">in</td><td>Stream to read the data to decrypt from.</td></tr>
<tr><td class="paramdir">[out]</td><td class="paramname">out</td><td>Stream to write decrypted result to.</td></tr>
<tr><td class="paramdir">[in]</td><td class="paramname">symkey</td><td>Ephemeral key to use for decryption.</td></tr>
<tr><td class="paramdir"></td><td class="paramname">recverify</td><td>Flag to indicate sign+crypt. If 1 it tries to verify a signature, otherwise not.</td></tr>
</table>
</dd>
</dl>
<dl class="section return"><dt>Returns</dt><dd>Returns the size of the output written to the output stream or 0 in case of errors. </dd></dl>
</div>
</div>
<a class="anchor" id="gadbdb839246cac65ff20ef63902041597"></a>
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname">size_t pcp_encrypt_stream </td>
<td>(</td>
<td class="paramtype"><a class="el" href="group__Pcpstream.html#gaec72241f86d5391d5cae7477c66cdd73">Pcpstream</a> *&#160;</td>
<td class="paramname"><em>in</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype"><a class="el" href="group__Pcpstream.html#gaec72241f86d5391d5cae7477c66cdd73">Pcpstream</a> *&#160;</td>
<td class="paramname"><em>out</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype"><a class="el" href="group__KEYS.html#gae88eb39995125f3b68b4ce9175b41732">pcp_key_t</a> *&#160;</td>
<td class="paramname"><em>s</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype"><a class="el" href="group__KEYS.html#ga859c793ca80717fdfc8ebef3e7224746">pcp_pubkey_t</a> *&#160;</td>
<td class="paramname"><em>p</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">int&#160;</td>
<td class="paramname"><em>signcrypt</em>&#160;</td>
</tr>
<tr>
<td></td>
<td>)</td>
<td></td><td></td>
</tr>
</table>
</div><div class="memdoc">
<p>Asymmetrically encrypt a file or a buffer stream. </p>
<p>This function encrypts a stream 32k-blockwise for a number of recipients.</p>
<p>Calls <a class="el" href="group__CRYPTO.html#ga949053e8f2a9ddfa2421d578951f7cf5" title="Symmetrically encrypt a file or a buffer stream.">pcp_encrypt_stream_sym()</a> after assembling the encrypted recipient list.</p>
<dl class="params"><dt>Parameters</dt><dd>
<table class="params">
<tr><td class="paramdir">[in]</td><td class="paramname">in</td><td>Stream to read the data to encrypt from.</td></tr>
<tr><td class="paramdir">[out]</td><td class="paramname">out</td><td>Stream to write encrypted result to.</td></tr>
<tr><td class="paramdir">[in]</td><td class="paramname">s</td><td>Secret key structure of the sender.</td></tr>
<tr><td class="paramdir">[in]</td><td class="paramname">p</td><td>Public key hash containing a list of the recipients.</td></tr>
<tr><td class="paramdir"></td><td class="paramname">signcrypt</td><td>Flag to indicate sign+crypt. If 1 it adds a signature, otherwise not.</td></tr>
</table>
</dd>
</dl>
<dl class="section return"><dt>Returns</dt><dd>Returns the size of the output written to the output stream or 0 in case of errors. </dd></dl>
</div>
</div>
<a class="anchor" id="ga949053e8f2a9ddfa2421d578951f7cf5"></a>
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname">size_t pcp_encrypt_stream_sym </td>
<td>(</td>
<td class="paramtype"><a class="el" href="group__Pcpstream.html#gaec72241f86d5391d5cae7477c66cdd73">Pcpstream</a> *&#160;</td>
<td class="paramname"><em>in</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype"><a class="el" href="group__Pcpstream.html#gaec72241f86d5391d5cae7477c66cdd73">Pcpstream</a> *&#160;</td>
<td class="paramname"><em>out</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">unsigned char *&#160;</td>
<td class="paramname"><em>symkey</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">int&#160;</td>
<td class="paramname"><em>havehead</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype"><a class="el" href="group__KEYS.html#gab69d94a862952b046c6f340d3c701dd0">pcp_rec_t</a> *&#160;</td>
<td class="paramname"><em>recsign</em>&#160;</td>
</tr>
<tr>
<td></td>
<td>)</td>
<td></td><td></td>
</tr>
</table>
</div><div class="memdoc">
<p>Symmetrically encrypt a file or a buffer stream. </p>
<p>This function encrypts a stream 32k-blockwise using a given ephemeral key. Usually compute this key using the pcp_scrypt() function.</p>
<p>Uses crypto_secret_box() for each 32k-block with a random nonce for each.</p>
<dl class="params"><dt>Parameters</dt><dd>
<table class="params">
<tr><td class="paramdir">[in]</td><td class="paramname">in</td><td>Stream to read the data to encrypt from.</td></tr>
<tr><td class="paramdir">[out]</td><td class="paramname">out</td><td>Stream to write encrypted result to.</td></tr>
<tr><td class="paramdir">[in]</td><td class="paramname">symkey</td><td>Ephemeral key to use for encryption.</td></tr>
<tr><td class="paramdir">[in]</td><td class="paramname">havehead</td><td>Flag to indicate if the file header has already been written. Set to 0 if you call this function directly in order to do symmetrical encryption.</td></tr>
<tr><td class="paramdir"></td><td class="paramname">recsign</td><td>Recipient list, set this to NULL if you call this function directly.</td></tr>
</table>
</dd>
</dl>
<dl class="section return"><dt>Returns</dt><dd>Returns the size of the output written to the output stream or 0 in case of errors. </dd></dl>
</div>
</div>
<a class="anchor" id="gaf9ec9f99af7315fa9f1a5f9649f27347"></a>
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname">size_t pcp_sodium_mac </td>
<td>(</td>
<td class="paramtype">unsigned char **&#160;</td>
<td class="paramname"><em>cipher</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">unsigned char *&#160;</td>
<td class="paramname"><em>cleartext</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">size_t&#160;</td>
<td class="paramname"><em>clearsize</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">unsigned char *&#160;</td>
<td class="paramname"><em>nonce</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">unsigned char *&#160;</td>
<td class="paramname"><em>key</em>&#160;</td>
</tr>
<tr>
<td></td>
<td>)</td>
<td></td><td></td>
</tr>
</table>
</div><div class="memdoc">
<p>Symmetrically encrypt a message. </p>
<p>This function encrypts a message symmetrically using crypto_secretbox() using the given Curve25519 raw secret key and the nonce.</p>
<p>It allocates apropriate memory for the result, which will be stored in <em>cipher</em>.</p>
<dl class="params"><dt>Parameters</dt><dd>
<table class="params">
<tr><td class="paramdir">[out]</td><td class="paramname">cipher</td><td>Encrypted result. </td></tr>
<tr><td class="paramdir">[in]</td><td class="paramname">cleartext</td><td>Clear message. </td></tr>
<tr><td class="paramdir">[in]</td><td class="paramname">clearsize</td><td>Size of message. </td></tr>
<tr><td class="paramdir">[in]</td><td class="paramname">nonce</td><td>A random nonce (24 Bytes). </td></tr>
<tr><td class="paramdir">[in]</td><td class="paramname">key</td><td>A Curve25519 key (32 Bytes).</td></tr>
</table>
</dd>
</dl>
<dl class="section return"><dt>Returns</dt><dd>Returns the size of <em>cipher</em>. </dd></dl>
</div>
</div>
<a class="anchor" id="ga6475f85713c66641097d26bc9121bf70"></a>
<div class="memitem">
<div class="memproto">
<table class="memname">
<tr>
<td class="memname">int pcp_sodium_verify_mac </td>
<td>(</td>
<td class="paramtype">unsigned char **&#160;</td>
<td class="paramname"><em>cleartext</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">unsigned char *&#160;</td>
<td class="paramname"><em>message</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">size_t&#160;</td>
<td class="paramname"><em>messagesize</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">unsigned char *&#160;</td>
<td class="paramname"><em>nonce</em>, </td>
</tr>
<tr>
<td class="paramkey"></td>
<td></td>
<td class="paramtype">unsigned char *&#160;</td>
<td class="paramname"><em>key</em>&#160;</td>
</tr>
<tr>
<td></td>
<td>)</td>
<td></td><td></td>
</tr>
</table>
</div><div class="memdoc">
<p>Decrypt a symmetrically encrypted message. </p>
<p>This function decrypts a symmetrically encrypted message using crypto_secretbox_open() using the given Curve25519 raw secret key and the nonce.</p>
<p>It allocates apropriate memory for the result, which will be stored in <em>cleartext</em>.</p>
<dl class="params"><dt>Parameters</dt><dd>
<table class="params">
<tr><td class="paramdir">[out]</td><td class="paramname">cleartext</td><td>The decrypted result. </td></tr>
<tr><td class="paramdir">[in]</td><td class="paramname">message</td><td>The encrypted message. </td></tr>
<tr><td class="paramdir">[in]</td><td class="paramname">messagesize</td><td>Size of message. </td></tr>
<tr><td class="paramdir">[in]</td><td class="paramname">nonce</td><td>A random nonce (24 Bytes). </td></tr>
<tr><td class="paramdir">[in]</td><td class="paramname">key</td><td>A Curve25519 key (32 Bytes).</td></tr>
</table>
</dd>
</dl>
<dl class="section return"><dt>Returns</dt><dd>Returns 0 in case of success of -1 in case of an error. Check fatals_if_any(). </dd></dl>
</div>
</div>
</div><!-- contents -->
<!-- start footer part -->
<hr class="footer"/><address class="footer"><small>
Generated on Thu Feb 20 2014 19:59:14 for libpcp by &#160;<a href="http://www.doxygen.org/index.html">
<img class="footer" src="doxygen.png" alt="doxygen"/>
</a> 1.8.2
</small></address>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink