+/*
+ Bacula® - The Network Backup Solution
+
+ Copyright (C) 2005-2007 Free Software Foundation Europe e.V.
+
+ The main author of Bacula is Kern Sibbald, with contributions from
+ many others, a complete list can be found in the file AUTHORS.
+ This program is Free Software; you can redistribute it and/or
+ modify it under the terms of version three of the GNU Affero General Public
+ License as published by the Free Software Foundation and included
+ in the file LICENSE.
+
+ This program is distributed in the hope that it will be useful, but
+ WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ General Public License for more details.
+
+ You should have received a copy of the GNU Affero General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ 02110-1301, USA.
+
+ Bacula® is a registered trademark of Kern Sibbald.
+ The licensor of Bacula is the Free Software Foundation Europe
+ (FSFE), Fiduciary Program, Sumatrastrasse 25, 8006 Zürich,
+ Switzerland, email:ftf@fsfeurope.org.
+*/
/*
* crypto.h Encryption support functions
*
*
* Version $Id$
*
- * Copyright (C) 2005 Kern Sibbald
- *
* This file was contributed to the Bacula project by Landon Fuller.
*
* Landon Fuller has been granted a perpetual, worldwide, non-exclusive,
* If you wish to license these contributions under an alternate open source
* license please contact Landon Fuller <landonf@opendarwin.org>.
*/
-/*
- Copyright (C) 2005 Kern Sibbald
-
- This program is free software; you can redistribute it and/or
- modify it under the terms of the GNU General Public License
- version 2 as amended with additional clauses defined in the
- file LICENSE in the main source directory.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- the file LICENSE for additional details.
-
- */
#ifndef __CRYPTO_H_
#define __CRYPTO_H_
typedef struct X509_Keypair X509_KEYPAIR;
/* Opaque Message Digest Structure */
+/* Digest is defined (twice) in crypto.c */
typedef struct Digest DIGEST;
/* Opaque Message Signature Structure */
typedef struct Signature SIGNATURE;
+/* Opaque PKI Symmetric Key Data Structure */
+typedef struct Crypto_Session CRYPTO_SESSION;
+
+/* Opaque Encryption/Decryption Context Structure */
+typedef struct Cipher_Context CIPHER_CONTEXT;
+
/* PEM Decryption Passphrase Callback */
typedef int (CRYPTO_PEM_PASSWD_CB) (char *buf, int size, const void *userdata);
CRYPTO_DIGEST_SHA512 = 4
} crypto_digest_t;
+/* Cipher Types */
+typedef enum {
+ /* These are not stored on disk */
+ CRYPTO_CIPHER_AES_128_CBC,
+ CRYPTO_CIPHER_AES_192_CBC,
+ CRYPTO_CIPHER_AES_256_CBC,
+ CRYPTO_CIPHER_BLOWFISH_CBC
+} crypto_cipher_t;
+
/* Crypto API Errors */
typedef enum {
CRYPTO_ERROR_NONE = 0, /* No error */
CRYPTO_ERROR_NOSIGNER = 1, /* Signer not found */
- CRYPTO_ERROR_INVALID_DIGEST = 2, /* Unsupported digest algorithm */
- CRYPTO_ERROR_BAD_SIGNATURE = 3, /* Signature is invalid */
- CRYPTO_ERROR_INTERNAL = 4 /* Internal Error */
+ CRYPTO_ERROR_NORECIPIENT = 2, /* Recipient not found */
+ CRYPTO_ERROR_INVALID_DIGEST = 3, /* Unsupported digest algorithm */
+ CRYPTO_ERROR_INVALID_CRYPTO = 4, /* Unsupported encryption algorithm */
+ CRYPTO_ERROR_BAD_SIGNATURE = 5, /* Signature is invalid */
+ CRYPTO_ERROR_DECRYPTION = 6, /* Decryption error */
+ CRYPTO_ERROR_INTERNAL = 7 /* Internal Error */
} crypto_error_t;
/* Message Digest Sizes */
/* Maximum Message Digest Size */
#ifdef HAVE_OPENSSL
-/* Let OpenSSL define it */
-#define CRYPTO_DIGEST_MAX_SIZE EVP_MAX_MD_SIZE
+/* Let OpenSSL define a few things */
+#define CRYPTO_DIGEST_MAX_SIZE EVP_MAX_MD_SIZE
+#define CRYPTO_CIPHER_MAX_BLOCK_SIZE EVP_MAX_BLOCK_LENGTH
#else /* HAVE_OPENSSL */
* This must be kept in sync with the available message digest algorithms.
* Just in case someone forgets, I've added assertions
* to crypto_digest_finalize().
- * MD5: 128 bits
- * SHA-1: 160 bits
+ * MD5: 128 bits
+ * SHA-1: 160 bits
*/
#ifndef HAVE_SHA2
#define CRYPTO_DIGEST_MAX_SIZE CRYPTO_DIGEST_SHA1_SIZE
#define CRYPTO_DIGEST_MAX_SIZE CRYPTO_DIGEST_SHA512_SIZE
#endif
+/* Dummy Value */
+#define CRYPTO_CIPHER_MAX_BLOCK_SIZE 0
+
#endif /* HAVE_OPENSSL */
#endif /* __CRYPTO_H_ */