1 /* Copyright (C) 2000-2018 Peter Selinger.
2    This file is part of ccrypt. It is free software and it is covered
3    by the GNU general public license. See the file COPYING for details. */
4 
5 /* ccryptlib.h: library for encrypting/decrypting a character stream */
6 
7 #ifndef _CCRYPTLIB_H
8 #define _CCRYPTLIB_H
9 
10 #ifdef __cplusplus
11 extern "C" {
12 #endif
13 
14 struct ccrypt_stream_s {
15   char          *next_in;  /* next input byte */
16   unsigned int  avail_in;  /* number of bytes available at next_in */
17 
18   char          *next_out; /* next output byte should be put there */
19   unsigned int  avail_out; /* remaining free space at next_out */
20 
21   void *state;             /* internal state, not visible by applications */
22 };
23 typedef struct ccrypt_stream_s ccrypt_stream_t;
24 
25 /*
26    The application may update next_in and avail_in when avail_in has
27    dropped to zero. It must update next_out and avail_out when
28    avail_out has dropped to zero. All other fields are set by the
29    compression library and must not be updated by the application.
30 */
31 
32 int ccencrypt_init(ccrypt_stream_t *b, const char *key);
33 int ccencrypt     (ccrypt_stream_t *b);
34 int ccencrypt_end (ccrypt_stream_t *b);
35 
36 int ccdecrypt_init(ccrypt_stream_t *b, const char *key, int flags);
37 int ccdecrypt     (ccrypt_stream_t *b);
38 int ccdecrypt_end (ccrypt_stream_t *b);
39 
40 /* The interface for encryption and decryption is the same. The
41    application must first call the respective init function to
42    initialize the internal state. Then it calls the encrypt/decrypt
43    function repeatedly, as follows: next_in and next_out must point to
44    valid, non-overlapping regions of memory of size at least avail_in
45    and avail_out, respectively. Avail_out must be non-zero. Avail_in
46    may be zero to retrieve some pending output when no input is
47    available, for instance, in an interactive application or at the
48    end of stream. Otherwise, avail_in should be non-zero.
49 
50    The encryption/decryption function will read and process as many
51    input bytes as possible as long as there is room in the output
52    buffer. It will update next_in, avail_in, next_out, and avail_out
53    accordingly. It will always flush as much output as possible.
54    However, it is possible that some input bytes produce no output,
55    because some part of the input may be used for internal purposes.
56    Conversely, it is possible that output is produced without reading
57    any input. When the encryption/decryption function returns, at
58    least one of avail_in or avail_out is 0. If avail_out is non-zero
59    after a call, the application may conclude that no more output is
60    pending.
61 
62    Finally, the internal state must be freed by calling the respective
63    end function. This function will discard any unprocessed input
64    and/or output, so it should only be called after the application
65    has retrieved any pending output. Note: the call to the end
66    function should be checked for errors, because this is the only
67    place where certain format errors (like a file that is too short)
68    are detected.
69 
70    All functions return 0 on success, or -1 on error with errno set,
71    or -2 on error with ccrypt_errno set. The _end functions do not
72    return -1 or set errno. Callers must check for errors. If an error
73    occurs, the stream is invalid and its resources are freed (and the
74    state field set to NULL). The stream may not be used again. It is
75    then safe, but not required, to call the corresponding *_end
76    function.
77 
78    The flags argument to ccdecrypt_init should be 0 by default, or
79    CCRYPT_MISMATCH if non-matching keys should be ignored. All other
80    values are undefined and reserved for future use.
81 */
82 
83 /* ccdecrypt_multi_init this is a variant of ccdecrypt_init that
84    allows a list of n>=1 keys to be defined. During decryption, the
85    first matching key is used. This is useful when batch decrypting a
86    set of files that have non-uniform keys. If flags includes
87    CCRYPT_MISMATCH, then the first key is always used regardless of
88    whether it matches or not. */
89 int ccdecrypt_multi_init(ccrypt_stream_t *b, int n, const char **keylist, int flags);
90 
91 /* errors */
92 
93 #define CCRYPT_EFORMAT   1          /* bad file format */
94 #define CCRYPT_EMISMATCH 2          /* key does not match */
95 #define CCRYPT_EBUFFER   3          /* buffer overflow */
96 
97 /* flags */
98 
99 #define CCRYPT_MISMATCH  1          /* ignore non-matching key */
100 
101 extern int ccrypt_errno;
102 
103 #ifdef  __cplusplus
104 } // end of extern "C"
105 #endif
106 
107 #endif /* _CCRYPTLIB_H */
108