diff options
Diffstat (limited to 'toxencryptsave/toxencryptsave.api.h')
-rw-r--r-- | toxencryptsave/toxencryptsave.api.h | 322 |
1 files changed, 322 insertions, 0 deletions
diff --git a/toxencryptsave/toxencryptsave.api.h b/toxencryptsave/toxencryptsave.api.h new file mode 100644 index 00000000..20b8da06 --- /dev/null +++ b/toxencryptsave/toxencryptsave.api.h | |||
@@ -0,0 +1,322 @@ | |||
1 | %{ | ||
2 | /* toxencryptsave.h | ||
3 | * | ||
4 | * Batch encryption functions. | ||
5 | * | ||
6 | * Copyright (C) 2013-2016 Tox Developers. All Rights Reserved. | ||
7 | * | ||
8 | * This file is part of Tox. | ||
9 | * | ||
10 | * Tox is free software: you can redistribute it and/or modify | ||
11 | * it under the terms of the GNU General Public License as published by | ||
12 | * the Free Software Foundation, either version 3 of the License, or | ||
13 | * (at your option) any later version. | ||
14 | * | ||
15 | * Tox is distributed in the hope that it will be useful, | ||
16 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
17 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||
18 | * GNU General Public License for more details. | ||
19 | * | ||
20 | * You should have received a copy of the GNU General Public License | ||
21 | * along with Tox. If not, see <http://www.gnu.org/licenses/>. | ||
22 | * | ||
23 | */ | ||
24 | |||
25 | #ifndef TOXENCRYPTSAVE_H | ||
26 | #define TOXENCRYPTSAVE_H | ||
27 | |||
28 | #ifdef __cplusplus | ||
29 | extern "C" { | ||
30 | #endif | ||
31 | |||
32 | #include <stdbool.h> | ||
33 | #include <stddef.h> | ||
34 | #include <stdint.h> | ||
35 | %} | ||
36 | |||
37 | /******************************************************************************* | ||
38 | * | ||
39 | * This module is organized into two parts. | ||
40 | * | ||
41 | * 1. A simple API operating on plain text/cipher text data and a password to | ||
42 | * encrypt or decrypt it. | ||
43 | * 2. A more advanced API that splits key derivation and encryption into two | ||
44 | * separate function calls. | ||
45 | * | ||
46 | * The first part is implemented in terms of the second part and simply calls | ||
47 | * the separate functions in sequence. Since key derivation is very expensive | ||
48 | * compared to the actual encryption, clients that do a lot of crypto should | ||
49 | * prefer the advanced API and reuse pass-key objects. | ||
50 | * | ||
51 | * To use the second part, first derive an encryption key from a password with | ||
52 | * ${pass_Key.derive}, then use the derived key to encrypt the data. | ||
53 | * | ||
54 | * The encrypted data is prepended with a magic number, to aid validity | ||
55 | * checking (no guarantees are made of course). Any data to be decrypted must | ||
56 | * start with the magic number. | ||
57 | * | ||
58 | * Clients should consider alerting their users that, unlike plain data, if | ||
59 | * even one bit becomes corrupted, the data will be entirely unrecoverable. | ||
60 | * Ditto if they forget their password, there is no way to recover the data. | ||
61 | * | ||
62 | *******************************************************************************/ | ||
63 | |||
64 | class tox { | ||
65 | |||
66 | /** | ||
67 | * The size of the salt part of a pass-key. | ||
68 | */ | ||
69 | const PASS_SALT_LENGTH = 32; | ||
70 | /** | ||
71 | * The size of the key part of a pass-key. | ||
72 | */ | ||
73 | const PASS_KEY_LENGTH = 32; | ||
74 | /** | ||
75 | * The amount of additional data required to store any encrypted byte array. | ||
76 | * Encrypting an array of N bytes requires N + $PASS_ENCRYPTION_EXTRA_LENGTH | ||
77 | * bytes in the encrypted byte array. | ||
78 | */ | ||
79 | const PASS_ENCRYPTION_EXTRA_LENGTH = 80; | ||
80 | |||
81 | error for key_derivation { | ||
82 | NULL, | ||
83 | /** | ||
84 | * The crypto lib was unable to derive a key from the given passphrase, | ||
85 | * which is usually a lack of memory issue. The functions accepting keys | ||
86 | * do not produce this error. | ||
87 | */ | ||
88 | FAILED, | ||
89 | } | ||
90 | |||
91 | error for encryption { | ||
92 | NULL, | ||
93 | /** | ||
94 | * The crypto lib was unable to derive a key from the given passphrase, | ||
95 | * which is usually a lack of memory issue. The functions accepting keys | ||
96 | * do not produce this error. | ||
97 | */ | ||
98 | KEY_DERIVATION_FAILED, | ||
99 | /** | ||
100 | * The encryption itself failed. | ||
101 | */ | ||
102 | FAILED, | ||
103 | } | ||
104 | |||
105 | error for decryption { | ||
106 | NULL, | ||
107 | /** | ||
108 | * The input data was shorter than $PASS_ENCRYPTION_EXTRA_LENGTH bytes | ||
109 | */ | ||
110 | INVALID_LENGTH, | ||
111 | /** | ||
112 | * The input data is missing the magic number (i.e. wasn't created by this | ||
113 | * module, or is corrupted). | ||
114 | */ | ||
115 | BAD_FORMAT, | ||
116 | /** | ||
117 | * The crypto lib was unable to derive a key from the given passphrase, | ||
118 | * which is usually a lack of memory issue. The functions accepting keys | ||
119 | * do not produce this error. | ||
120 | */ | ||
121 | KEY_DERIVATION_FAILED, | ||
122 | /** | ||
123 | * The encrypted byte array could not be decrypted. Either the data was | ||
124 | * corrupted or the password/key was incorrect. | ||
125 | */ | ||
126 | FAILED, | ||
127 | } | ||
128 | |||
129 | |||
130 | /******************************************************************************* | ||
131 | * | ||
132 | * BEGIN PART 1 | ||
133 | * | ||
134 | * The simple API is presented first. If your code spends too much time using | ||
135 | * these functions, consider using the advanced functions instead and caching | ||
136 | * the generated pass-key. | ||
137 | * | ||
138 | *******************************************************************************/ | ||
139 | |||
140 | /** | ||
141 | * Encrypts the given data with the given passphrase. | ||
142 | * | ||
143 | * The output array must be at least `plaintext_len + $PASS_ENCRYPTION_EXTRA_LENGTH` | ||
144 | * bytes long. This delegates to ${pass_Key.derive} and | ||
145 | * ${pass_Key.encrypt}. | ||
146 | * | ||
147 | * @param plaintext A byte array of length `plaintext_len`. | ||
148 | * @param plaintext_len The length of the plain text array. May be 0. | ||
149 | * @param passphrase The user-provided password. | ||
150 | * @param passphrase_len The length of the password. | ||
151 | * @param ciphertext The cipher text array to write the encrypted data to. | ||
152 | * | ||
153 | * @return true on success. | ||
154 | */ | ||
155 | static bool pass_encrypt(const uint8_t[plaintext_len] plaintext, const uint8_t[passphrase_len] passphrase, uint8_t *ciphertext) | ||
156 | with error for encryption; | ||
157 | |||
158 | |||
159 | /** | ||
160 | * Decrypts the given data with the given passphrase. | ||
161 | * | ||
162 | * The output array must be at least `ciphertext_len - $PASS_ENCRYPTION_EXTRA_LENGTH` | ||
163 | * bytes long. This delegates to ${pass_Key.decrypt}. | ||
164 | * | ||
165 | * @param ciphertext A byte array of length `ciphertext_len`. | ||
166 | * @param ciphertext_len The length of the cipher text array. May be 0. | ||
167 | * @param passphrase The user-provided password. | ||
168 | * @param passphrase_len The length of the password. | ||
169 | * @param plaintext The plain text array to write the decrypted data to. | ||
170 | * | ||
171 | * @return true on success. | ||
172 | */ | ||
173 | static bool pass_decrypt(const uint8_t[ciphertext_len] ciphertext, const uint8_t[passphrase_len] passphrase, uint8_t *plaintext) | ||
174 | with error for decryption; | ||
175 | |||
176 | |||
177 | /******************************************************************************* | ||
178 | * | ||
179 | * BEGIN PART 2 | ||
180 | * | ||
181 | * And now part 2, which does the actual encryption, and can be used to write | ||
182 | * less CPU intensive client code than part one. | ||
183 | * | ||
184 | *******************************************************************************/ | ||
185 | |||
186 | class pass_Key { | ||
187 | /** | ||
188 | * This type represents a pass-key. | ||
189 | * | ||
190 | * A pass-key and a password are two different concepts: a password is given | ||
191 | * by the user in plain text. A pass-key is the generated symmetric key used | ||
192 | * for encryption and decryption. It is derived from a salt and the user- | ||
193 | * provided password. | ||
194 | * | ||
195 | * The $this structure is hidden in the implementation. It can be allocated | ||
196 | * using $new and must be deallocated using $free. | ||
197 | */ | ||
198 | struct this; | ||
199 | |||
200 | /** | ||
201 | * Create a new $this. The initial value of it is indeterminate. To | ||
202 | * initialise it, use one of the derive_* functions below. | ||
203 | */ | ||
204 | static this new(); | ||
205 | |||
206 | /** | ||
207 | * Deallocate a $this. This function behaves like free(), so NULL is an | ||
208 | * acceptable argument value. | ||
209 | */ | ||
210 | void free(); | ||
211 | |||
212 | /** | ||
213 | * Generates a secret symmetric key from the given passphrase. | ||
214 | * | ||
215 | * Be sure to not compromise the key! Only keep it in memory, do not write | ||
216 | * it to disk. | ||
217 | * | ||
218 | * Note that this function is not deterministic; to derive the same key from | ||
219 | * a password, you also must know the random salt that was used. A | ||
220 | * deterministic version of this function is $derive_with_salt. | ||
221 | * | ||
222 | * @param passphrase The user-provided password. | ||
223 | * @param passphrase_len The length of the password. | ||
224 | * | ||
225 | * @return true on success. | ||
226 | */ | ||
227 | bool derive(const uint8_t[passphrase_len] passphrase) | ||
228 | with error for key_derivation; | ||
229 | |||
230 | /** | ||
231 | * Same as above, except use the given salt for deterministic key derivation. | ||
232 | * | ||
233 | * @param passphrase The user-provided password. | ||
234 | * @param passphrase_len The length of the password. | ||
235 | * @param salt An array of at least $PASS_SALT_LENGTH bytes. | ||
236 | * | ||
237 | * @return true on success. | ||
238 | */ | ||
239 | bool derive_with_salt(const uint8_t[passphrase_len] passphrase, const uint8_t[PASS_SALT_LENGTH] salt) | ||
240 | with error for key_derivation; | ||
241 | |||
242 | /** | ||
243 | * Encrypt a plain text with a key produced by $derive or $derive_with_salt. | ||
244 | * | ||
245 | * The output array must be at least `plaintext_len + $PASS_ENCRYPTION_EXTRA_LENGTH` | ||
246 | * bytes long. | ||
247 | * | ||
248 | * @param plaintext A byte array of length `plaintext_len`. | ||
249 | * @param plaintext_len The length of the plain text array. May be 0. | ||
250 | * @param ciphertext The cipher text array to write the encrypted data to. | ||
251 | * | ||
252 | * @return true on success. | ||
253 | */ | ||
254 | const bool encrypt(const uint8_t[plaintext_len] plaintext, uint8_t *ciphertext) | ||
255 | with error for encryption; | ||
256 | |||
257 | /** | ||
258 | * This is the inverse of $encrypt, also using only keys produced by | ||
259 | * $derive or $derive_with_salt. | ||
260 | * | ||
261 | * @param ciphertext A byte array of length `ciphertext_len`. | ||
262 | * @param ciphertext_len The length of the cipher text array. May be 0. | ||
263 | * @param plaintext The plain text array to write the decrypted data to. | ||
264 | * | ||
265 | * @return true on success. | ||
266 | */ | ||
267 | const bool decrypt(const uint8_t[ciphertext_len] ciphertext, uint8_t *plaintext) | ||
268 | with error for decryption; | ||
269 | } | ||
270 | |||
271 | /** | ||
272 | * Retrieves the salt used to encrypt the given data. | ||
273 | * | ||
274 | * The retrieved salt can then be passed to ${pass_Key.derive_with_salt} to | ||
275 | * produce the same key as was previously used. Any data encrypted with this | ||
276 | * module can be used as input. | ||
277 | * | ||
278 | * The cipher text must be at least $PASS_ENCRYPTION_EXTRA_LENGTH bytes in length. | ||
279 | * The salt must be $PASS_SALT_LENGTH bytes in length. | ||
280 | * If the passed byte arrays are smaller than required, the behaviour is | ||
281 | * undefined. | ||
282 | * | ||
283 | * Success does not say anything about the validity of the data, only that | ||
284 | * data of the appropriate size was copied. | ||
285 | * | ||
286 | * @return true on success. | ||
287 | */ | ||
288 | static bool get_salt(const uint8_t *ciphertext, uint8_t[PASS_SALT_LENGTH] salt) { | ||
289 | NULL, | ||
290 | /** | ||
291 | * The input data is missing the magic number (i.e. wasn't created by this | ||
292 | * module, or is corrupted). | ||
293 | */ | ||
294 | BAD_FORMAT, | ||
295 | } | ||
296 | |||
297 | /** | ||
298 | * Determines whether or not the given data is encrypted by this module. | ||
299 | * | ||
300 | * It does this check by verifying that the magic number is the one put in | ||
301 | * place by the encryption functions. | ||
302 | * | ||
303 | * The data must be at least $PASS_ENCRYPTION_EXTRA_LENGTH bytes in length. | ||
304 | * If the passed byte array is smaller than required, the behaviour is | ||
305 | * undefined. | ||
306 | * | ||
307 | * If the cipher text pointer is NULL, this function returns false. | ||
308 | * | ||
309 | * @return true if the data is encrypted by this module. | ||
310 | */ | ||
311 | static bool is_data_encrypted(const uint8_t *data); | ||
312 | |||
313 | } | ||
314 | |||
315 | %{ | ||
316 | |||
317 | #ifdef __cplusplus | ||
318 | } | ||
319 | #endif | ||
320 | |||
321 | #endif | ||
322 | %} | ||