+#ifndef TINC_CIPHER_H
+#define TINC_CIPHER_H
+
/*
cipher.h -- header file cipher.c
- Copyright (C) 2007 Guus Sliepen <guus@tinc-vpn.org>
+ Copyright (C) 2007-2022 Guus Sliepen <guus@tinc-vpn.org>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
-
- $Id$
+ You should have received a copy of the GNU General Public License along
+ with this program; if not, write to the Free Software Foundation, Inc.,
+ 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
-#ifndef __TINC_CIPHER_H__
-#define __TINC_CIPHER_H__
-
-#include <gcrypt.h>
-
-typedef struct cipher {
- gcry_cipher_hd_t handle;
- char *key;
- int nid;
- uint16_t keylen;
- uint16_t blklen;
-} cipher_t;
-
-extern bool cipher_open_by_name(struct cipher *, const char *);
-extern bool cipher_open_by_nid(struct cipher *, int);
-extern bool cipher_open_blowfish_ofb(struct cipher *);
-extern void cipher_close(struct cipher *);
-extern size_t cipher_keylength(const struct cipher *);
-extern void cipher_get_key(const struct cipher *, void *);
-extern bool cipher_set_key(struct cipher *, void *);
-extern bool cipher_regenerate_key(struct cipher *);
-extern void cipher_reset(struct cipher *);
-extern bool cipher_encrypt(struct cipher *, void *indata, size_t inlen, void *outdata, size_t *outlen);
-extern bool cipher_decrypt(struct cipher *, void *indata, size_t inlen, void *outdata, size_t *outlen);
-extern int cipher_get_nid(const struct cipher *);
-extern bool cipher_active(const struct cipher *);
+#include "system.h"
+
+#define CIPHER_MAX_BLOCK_SIZE 32
+#define CIPHER_MAX_IV_SIZE 16
+#define CIPHER_MAX_KEY_SIZE 32
+#ifndef DISABLE_LEGACY
+
+#ifdef HAVE_OPENSSL
+#include "openssl/cipher.h"
+#elif HAVE_LIBGCRYPT
+#include "gcrypt/cipher.h"
+#else
+#error Incorrect cryptographic library, please reconfigure.
#endif
+
+extern void cipher_free(cipher_t *cipher);
+extern cipher_t *cipher_alloc(void) ATTR_MALLOC ATTR_DEALLOCATOR(cipher_free);
+extern bool cipher_open_by_name(cipher_t *cipher, const char *name);
+extern bool cipher_open_by_nid(cipher_t *cipher, nid_t nid);
+extern void cipher_close(cipher_t *cipher);
+extern size_t cipher_keylength(const cipher_t *cipher);
+extern size_t cipher_blocksize(const cipher_t *cipher);
+extern uint64_t cipher_budget(const cipher_t *cipher);
+extern bool cipher_set_key(cipher_t *cipher, void *key, bool encrypt) ATTR_WARN_UNUSED;
+extern bool cipher_set_key_from_rsa(cipher_t *cipher, void *rsa, size_t len, bool encrypt) ATTR_WARN_UNUSED;
+extern bool cipher_encrypt(cipher_t *cipher, const void *indata, size_t inlen, void *outdata, size_t *outlen, bool oneshot) ATTR_WARN_UNUSED;
+extern bool cipher_decrypt(cipher_t *cipher, const void *indata, size_t inlen, void *outdata, size_t *outlen, bool oneshot) ATTR_WARN_UNUSED;
+extern nid_t cipher_get_nid(const cipher_t *cipher);
+extern bool cipher_active(const cipher_t *cipher);
+
+#endif // DISABLE_LEGACY
+
+#endif // TINC_CIPHER_H