type
ECrypt = class(Exception);
TCryptIDClass = class of TCryptID;
// abstract class implemented e.g. by TCryptRandom/TCryptSymmetric
TCryptID = class(TObject)
protected
fName: string;
// case-insensitive quick lookup of the algorithms
class function InternalFind(const aName: string): TCryptID; virtual; abstract;
public
// internal constructor: use Find() instead
constructor Create(const aName: string); virtual; abstract;
/// register this class to override one or several identifiers implementation
class procedure Implements(const aName: array of string); virtual; abstract;
// typical values may follow OpenSSL naming, e.g. 'MD5', 'AES-128-GCM' or
// 'prime256v1'
property Name: string read fName;
end;
// abstract class implemented e.g. by TCryptHash/TCryptCipher/TCryptKey
TCryptInstance = class(TObject)
protected
fCryptID: TCryptID;
public
constructor Create(aCryptID: TCryptID); overload; virtual; abstract;
constructor Create(const aName: string); overload; virtual; abstract;
/// register this class to override one or several identifiers implementation
class procedure Implements(const aName: array of string); virtual; abstract;
function Clone: TCryptInstance; virtual; abstract;
property CryptID: TCryptID read fCryptID;
end;
TCryptRandom = class(TCryptID)
public
// case-insensitive quick lookup of the algorithms
// use TCryptRandom.Find('rnd-entropy').GetRandom() gather OS entropy
class function Find(const aName: string = 'rnd-default'): TCryptRandom; virtual; abstract;
procedure GetRandom(dst: pointer; dstlen: PtrInt); virtual; abstract;
end;
TCryptHash = class(TCryptInstance)
public
// hashing methods
procedure Update(buf: pointer; buflen: PtrInt); virtual; abstract;
procedure Final(digest: pointer; digestlen: PtrInt); virtual; abstract;
end;
TCryptCipher = class(TCryptInstance)
public
// dst=nil for AEAD
function Process(src, dst: pointer; srclen, dstlen: PtrInt): PtrInt; virtual; abstract;
function Final(dst, tag: pointer; dstlen, taglen: PtrInt): PtrInt; virtual; abstract;
end;
TCryptKey = class(TCryptInstance)
public
function Retrieve(buf: pointer; buflen: PtrInt): boolean; virtual; abstract;
{ TODO: other persistence methods, and overloaded Create }
end;
{ NOTE: as alternative, we may just use TCryptKey = TBytes }
TCryptSymmetric = class(TCryptID)
public
// case-insensitive quick lookup of the algorithms
class function Find(const aName: string): TCryptSymmetric; virtual; abstract;
// public key cryptography methods
function MakeKeyPair(pub, priv: pointer; publen, privlen: PtrInt): boolean; virtual; abstract;
function NewKey(key: pointer; keylen: PtrInt; pub: boolean): TCryptKey; virtual; abstract;
procedure Sign(priv: TCryptKey; hash, sign: pointer; hashlen, signlen: PtrInt); virtual; abstract;
function Verify(pub: TCryptKey; hash, sign: pointer; hashlen, signlen: PtrInt): boolean; virtual; abstract;
procedure SharedSecret(priv, pub: TCryptKey; secret: pointer; secretlen: PtrInt); virtual; abstract;
end;
{ TODO: abstract PKI manager? }