head	1.3;
access;
symbols
	REL7_4_29:1.2
	REL8_0_25:1.2
	REL7_4_28:1.2
	REL8_0_24:1.2
	REL7_4_27:1.2
	REL8_0_23:1.2
	REL7_4_26:1.2
	REL8_0_22:1.2
	REL7_4_25:1.2
	REL8_0_21:1.2
	REL7_4_24:1.2
	REL8_0_20:1.2
	REL7_4_23:1.2
	REL8_0_19:1.2
	REL7_4_22:1.2
	REL8_0_18:1.2
	REL7_4_21:1.2
	REL8_0_17:1.2
	REL7_4_20:1.2
	REL8_0_16:1.2
	REL7_3_21:1.2
	REL7_4_19:1.2
	REL8_0_15:1.2
	REL7_3_20:1.2
	REL7_4_18:1.2
	REL8_0_14:1.2
	REL7_3_19:1.2
	REL7_4_17:1.2
	REL8_0_13:1.2
	REL8_0_12:1.2
	REL7_3_18:1.2
	REL7_4_16:1.2
	REL8_0_11:1.2
	REL8_0_10:1.2
	REL7_4_15:1.2
	REL7_3_17:1.2
	REL8_0_9:1.2
	REL7_4_14:1.2
	REL7_3_16:1.2
	REL7_3_15:1.2
	REL7_4_13:1.2
	REL8_0_8:1.2
	REL7_3_14:1.2
	REL7_4_12:1.2
	REL8_0_7:1.2
	REL7_3_13:1.2
	REL7_4_11:1.2
	REL8_0_6:1.2
	REL7_3_12:1.2
	REL7_4_10:1.2
	REL8_0_5:1.2
	REL7_3_11:1.2
	REL7_4_9:1.2
	REL8_0_4:1.2
	REL7_2_8:1.2
	REL7_3_10:1.2
	REL7_4_8:1.2
	REL8_0_3:1.2
	REL8_0_2:1.2
	REL7_2_7:1.2
	REL7_3_9:1.2
	REL7_4_7:1.2
	REL8_0_1:1.2
	REL8_0_STABLE:1.2.0.12
	REL8_0_0:1.2.0.10
	REL8_0_0RC5:1.2
	REL8_0_0RC4:1.2
	REL8_0_0RC3:1.2
	REL8_0_0RC2:1.2
	REL8_0_0RC1:1.2
	REL8_0_0BETA5:1.2
	REL8_0_0BETA4:1.2
	REL7_4_6:1.2
	REL7_3_8:1.2
	REL7_2_6:1.2
	REL8_0_0BETA3:1.2
	REL8_0_0BETA2:1.2
	REL7_2_5:1.2
	REL7_4_5:1.2
	REL7_3_7:1.2
	REL7_4_4:1.2
	REL8_0_0BETA1:1.2
	REL7_4_3:1.2
	REL7_4_2:1.2
	REL7_3_6:1.2
	REL7_4_1:1.2
	REL7_3_5:1.2
	REL7_4:1.2
	REL7_4_RC2:1.2
	REL7_4_STABLE:1.2.0.8
	REL7_4_RC1:1.2
	REL7_4_BETA5:1.2
	REL7_4_BETA4:1.2
	REL7_4_BETA3:1.2
	REL7_4_BETA2:1.2
	WIN32_DEV:1.2.0.6
	REL7_4_BETA1:1.2
	REL7_3_4:1.2
	REL7_3_2:1.2
	REL7_2_4:1.2
	REL7_3_STABLE:1.2.0.4
	REL7_2_3:1.2
	REL7_2_STABLE:1.2.0.2
	REL7_2:1.2
	REL7_2_RC2:1.2
	REL7_2_RC1:1.2
	REL7_2_BETA5:1.2
	REL7_2_BETA4:1.2
	REL7_2_BETA3:1.2
	REL7_2_BETA2:1.2
	REL7_2_BETA1:1.2;
locks; strict;
comment	@# @;


1.3
date	2005.08.13.15.27.41;	author momjian;	state dead;
branches;
next	1.2;

1.2
date	2001.09.30.22.18.29;	author momjian;	state Exp;
branches;
next	1.1;

1.1
date	2001.09.23.04.12.44;	author momjian;	state Exp;
branches;
next	;


desc
@@


1.3
log
@Remove API file.

Marko Kreen
@
text
@
C API for pgcrypto
==================


UN*X crypt()
============

#include <px-crypt.h>

char *
px_crypt(const char *psw, const char *salt, char *buf, unsigned buflen);

	returns buf or NULL for error.

unsigned px_gen_salt(const char *salt_type, char *dst, int rounds);

	returns salt size.  dst should be PX_MAX_SALT_LEN bytes.
	'rounds' is algorithm specific.  0 means default for
	that algorithm.

Random
======

int px_get_random_bytes(uint8 *dst, int num)


Crypto "objects"
================

PX_MD      - Message digest
PX_HMAC    - HMAC (Hash MAC)
PX_Cipher  - cipher+mode: provided by libs
PX_Combo   - higher-level encryption -> padding, [MD]

Objects are activated with following functions:

int px_find_digest(const char *name, PX_MD **res);
int px_find_hmac(const char *name, PX_HMAC **res);
int px_find_cipher(const char *name, PX_Cipher **res);
int px_find_combo(const char *name, PX_Combo **res);

	returns 0 on success, < 0 on error.  If successful,
	*res contains pointer to new object.

Message Digest
==============

uint px_md_result_size(PX_MD *md)

	returns final result size in bytes

void px_md_reset(PX_MD *md)

	resets md to clean state

uint px_md_block_size(PX_MD *md)

	return algorithm block size in bytes

void px_md_update(PX_MD *md, const uint8 *data, uint dlen)

	updates hash state with new data

void px_md_finish(PX_MD *md, uint8 *buf)

	puts final hash state into buf.  buf should have room
	for px_md_result_size() bytes.

void px_md_free(PX_MD *md)

	frees resources.

HMAC (Hash Message Authentication Code)
=======================================

int px_hmac_init(PX_HMAC *hmac, const uint8 *key, uint klen)

	initalized hmac state with key.

uint px_hmac_result_size(PX_HMAC *md)

	returns final result size in bytes

void px_hmac_reset(PX_HMAC *md)

	resets md to state after _init()

uint px_hmac_block_size(PX_HMAC *md)

	return algorithm block size in bytes

void px_hmac_update(PX_HMAC *md, const uint8 *data, uint dlen)

	updates hash state with new data

void px_hmac_finish(PX_HMAC *md, uint8 *buf)

	puts final hash state into buf.  buf should have room
	for px_hmac_result_size() bytes.

void px_hmac_free(PX_HMAC *md)

	frees resources.


Cipher
======

uint px_cipher_key_size(PX_Cipher *c)

	returns max key size in bytes

uint px_cipher_block_size(PX_Cipher *c)

	returns cipher+mode block size in bytes.  So blowfish
	in CFB mode should return 1.

uint px_cipher_iv_size(PX_Cipher *c)

	returns IV size in bytes.

int px_cipher_init(PX_Cipher *c, uint8 *key, uint klen, uint8 *iv)

	initializes cipher with supplied key and iv.

int px_cipher_encrypt(PX_Cipher *c, uint8 *data, uint dlen, uint8 *res)

	encrypts data.  res must have room for dlen bytes.
	data must be multiple of px_cipher_block_size().

int px_cipher_decrypt(PX_Cipher *c, uint8 *data, uint dlen, uint8 *res)

	decrypts data.  res must have room for dlen bytes.

void px_cipher_free(PX_Cipher *c)

	frees resources assiocated.

PX_Combo
========

uint px_combo_encrypt_len(PX_Combo *c, uint dlen)

	calculates max result length for dlen of data.

uint px_combo_decrypt_len(PX_Combo *c, uint dlen)

	calculates result length for dlen of data.

int px_combo_init(PX_Combo *c, uint8 *key, uint klen, uint8 *iv, uint ivlen)

	initializes c with key and iv.  If cipher uses fixed length keys,
	key will be padded with zeroes to needed length.

int px_combo_encrypt(PX_Combo *c, uint8 *data, uint dlen, uint8 *res, uint rlen)

int px_combo_decrypt(PX_Combo *c, uint8 *data, uint dlen, uint8 *res, uint rlen)

void px_combo_free(PX_Combo *c)

	frees resources assiocated.

@


1.2
log
@* regression tests
* minor doc updates

Marko Kreen
@
text
@@


1.1
log
@Big thanks to Solar Designer who pointed out a bug in bcrypt
salt generation code.  He also urged using better random source
and making possible to choose using bcrypt and xdes rounds more
easily.  So, here's patch:

* For all salt generation, use Solar Designer's own code.  This
  is mostly due fact that his code is more fit for get_random_bytes()
  style interface.
* New function: gen_salt(type, rounds).  This lets specify iteration
  count for algorithm.
* random.c: px_get_random_bytes() function.
  Supported randomness soure: /dev/urandom, OpenSSL PRNG, libc random()
  Default: /dev/urandom.
* Draft description of C API for pgcrypto functions.

New files: API, crypt-gensalt.c, random.c

Marko Kreen
@
text
@d25 1
a25 1
int px_rand_get_bytes(uint8 *dst, int num)
@
