• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * crypto_types.h
3  *
4  * constants for cipher types and auth func types
5  *
6  * David A. McGrew
7  * Cisco Systems, Inc.
8  */
9 /*
10  *
11  * Copyright(c) 2001-2006 Cisco Systems, Inc.
12  * All rights reserved.
13  *
14  * Redistribution and use in source and binary forms, with or without
15  * modification, are permitted provided that the following conditions
16  * are met:
17  *
18  *   Redistributions of source code must retain the above copyright
19  *   notice, this list of conditions and the following disclaimer.
20  *
21  *   Redistributions in binary form must reproduce the above
22  *   copyright notice, this list of conditions and the following
23  *   disclaimer in the documentation and/or other materials provided
24  *   with the distribution.
25  *
26  *   Neither the name of the Cisco Systems, Inc. nor the names of its
27  *   contributors may be used to endorse or promote products derived
28  *   from this software without specific prior written permission.
29  *
30  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
31  * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
32  * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
33  * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
34  * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
35  * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
36  * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
37  * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
38  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
39  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
40  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
41  * OF THE POSSIBILITY OF SUCH DAMAGE.
42  *
43  */
44 
45 #ifndef CRYPTO_TYPES_H
46 #define CRYPTO_TYPES_H
47 
48 /**
49  * @defgroup Algos Cryptographic Algorithms
50  *
51  *
52  * This library provides several different cryptographic algorithms,
53  * each of which can be selected by using the cipher_type_id_t and
54  * auth_type_id_t.  These algorithms are documented below.
55  *
56  * Authentication functions that use the Universal Security Transform
57  * (UST) must be used in conjunction with a cipher other than the null
58  * cipher.  These functions require a per-message pseudorandom input
59  * that is generated by the cipher.
60  *
61  * The identifiers STRONGHOLD_AUTH and STRONGHOLD_CIPHER identify the
62  * strongest available authentication function and cipher,
63  * respectively.  They are resolved at compile time to the strongest
64  * available algorithm.  The stronghold algorithms can serve as did
65  * the keep of a medieval fortification; they provide the strongest
66  * defense (or the last refuge).
67  *
68  * @{
69  */
70 
71 /**
72  * @defgroup Ciphers Cipher Types
73  *
74  * @brief    Each cipher type is identified by an unsigned integer.  The
75  *           cipher types available in this edition of libSRTP are given
76  *           by the #defines below.
77  *
78  * A cipher_type_id_t is an identifier for a cipher_type; only values
79  * given by the #defines above (or those present in the file
80  * crypto_types.h) should be used.
81  *
82  * The identifier STRONGHOLD_CIPHER indicates the strongest available
83  * cipher, allowing an application to choose the strongest available
84  * algorithm without any advance knowledge about the avaliable
85  * algorithms.
86  *
87  * @{
88  */
89 
90 /**
91  * @brief The null cipher performs no encryption.
92  *
93  * The NULL_CIPHER leaves its inputs unaltered, during both the
94  * encryption and decryption operations.  This cipher can be chosen
95  * to indicate that no encryption is to be performed.
96  */
97 #define NULL_CIPHER        0
98 
99 /**
100  * @brief AES-128 Integer Counter Mode (AES ICM)
101  *
102  * AES-128 ICM is the variant of counter mode that is used by Secure RTP.
103  * This cipher uses a 16-octet key and a 30-octet offset (or salt) value.
104  */
105 #define AES_128_ICM        1
106 
107 /**
108  * @brief SEAL 3.0
109  *
110  * SEAL is the Software-Optimized Encryption Algorithm of Coppersmith
111  * and Rogaway.  Nota bene: this cipher is IBM proprietary.
112  */
113 #define SEAL               2
114 
115 /**
116  * @brief AES-128 Integer Counter Mode (AES ICM)
117  *
118  * AES-128 ICM is the variant of counter mode that is used by Secure RTP.
119  * This cipher uses a 16-octet key and a 30-octet offset (or salt) value.
120  */
121 #define AES_128_CBC        3
122 
123 /**
124  * @brief Strongest available cipher.
125  *
126  * This identifier resolves to the strongest cipher type available.
127  */
128 #define STRONGHOLD_CIPHER  AES_128_ICM
129 
130 /**
131  * @}
132  */
133 
134 
135 
136 /**
137  * @defgroup Authentication Authentication Function Types
138  *
139  * @brief Each authentication function type is identified by an
140  * unsigned integer.  The authentication function types available in
141  * this edition of libSRTP are given by the #defines below.
142  *
143  * An auth_type_id_t is an identifier for an authentication function type;
144  * only values given by the #defines above (or those present in the
145  * file crypto_types.h) should be used.
146  *
147  * The identifier STRONGHOLD_AUTH indicates the strongest available
148  * authentication function, allowing an application to choose the
149  * strongest available algorithm without any advance knowledge about
150  * the avaliable algorithms.  The stronghold algorithms can serve as
151  * did the keep of a medieval fortification; they provide the
152  * strongest defense (or the last refuge).
153  *
154  * @{
155  */
156 
157 /**
158  * @brief The null authentication function performs no authentication.
159  *
160  * The NULL_AUTH function does nothing, and can be selected to indicate
161  * that authentication should not be performed.
162  */
163 #define NULL_AUTH          0
164 
165 /**
166  * @brief UST with TMMH Version 2
167  *
168  * UST_TMMHv2 implements the Truncated Multi-Modular Hash using
169  * UST.  This function must be used in conjunction with a cipher other
170  * than the null cipher.
171  * with a cipher.
172  */
173 #define UST_TMMHv2         1
174 
175 /**
176  * @brief (UST) AES-128 XORMAC
177  *
178  * UST_AES_128_XMAC implements AES-128 XORMAC, using UST. Nota bene:
179  * the XORMAC algorithm is IBM proprietary.
180  */
181 #define UST_AES_128_XMAC   2
182 
183 /**
184  * @brief HMAC-SHA1
185  *
186  * HMAC_SHA1 implements the Hash-based MAC using the NIST Secure
187  * Hash Algorithm version 1 (SHA1).
188  */
189 #define HMAC_SHA1          3
190 
191 /**
192  * @brief Strongest available authentication function.
193  *
194  * This identifier resolves to the strongest available authentication
195  * function.
196  */
197 #define STRONGHOLD_AUTH    HMAC_SHA1
198 
199 /**
200  * @}
201  */
202 /**
203  * @}
204  */
205 
206 #endif  /* CRYPTO_TYPES_H */
207