.\"                                      Hey, EMACS: -*- nroff -*-
.\" First parameter, NAME, should be all caps
.\" Second parameter, SECTION, should be 1-8, maybe w/ subsection
.\" other parameters are allowed: see man(7), man(1)
.TH LIBTOMCRYPT 3 "June 2009"
.\" Please adjust this date whenever revising the manpage.
.\"
.\" Some roff macros, for reference:
.\" .nh        disable hyphenation
.\" .hy        enable hyphenation
.\" .ad l      left justify
.\" .ad b      justify to both left and right margins
.\" .nf        disable filling
.\" .fi        enable filling
.\" .br        insert line break
.\" .sp <n>    insert n+1 empty lines
.\" for manpage-specific macros, see man(7)
.SH NAME
libtomcrypt \- public domain open source crypthographic toolkit
.SH SYNOPSIS
#include <tomcrypt.h>

Link with \-ltomcrypt (use pkg-config --libs libtomcrypt)

.SH DESCRIPTION
.B libtomcrypt
is documented in /usr/share/doc/libtomcrypt-dev/crypt.pdf. To give you a very
brief introduction, the following example is provided.

.SH EXAMPLE
.nf
  /* AES-XTS example for libtomcrypt. (c) 2008 Michael Stapelberg, Public Domain */
  #include <stdint.h>
  #include <string.h>
  #include <tomcrypt.h>

  static symmetric_xts xts;

  /*
   * Initializes AES-XTS for use with encrypt(). Key must be at least 32 bytes long, only
   * the first 32 bytes will be used.
   *
   */
  void initialize_xts(unsigned char *key) {
    int idx, err;
    unsigned char aeskey1[16], aeskey2[16];

    /* You can use 32 different ciphers simultaneously. Before using a cipher, you must register it. */
    register_cipher(&aes_desc);

    /* Get the index of the cipher registered before */
    if ((idx = find_cipher("aes")) == \-1) {
            fprintf(stderr, "ERROR: AES not available in libtomcrypt. Please upgrade/fix libtomcrypt.\\n");
            exit(EXIT_FAILURE);
    }
   
    /* Set up the two private keys required by AES-XTS (see 3.4.10 of crypt.pdf) */
    strncpy((char*)aeskey1, key, 16);
    strncpy((char*)aeskey2, key+16, 16);
    
    printf("Initializing with keys \\"%.16s\\" and \\"%.16s\\" (AES-XTS)\\n", aeskey1, aeskey2);
   
    /* Initialize AES-XTS */
    if ((err = xts_start(idx, aeskey1, aeskey2, 16, 0, &xts)) != CRYPT_OK) {
            fprintf(stderr, "ERROR starting XTS: %s\\n", error_to_string(err));
            exit(EXIT_FAILURE);
    }
  }
 
  /*
   * Encrypts the input (of input_size) and stores the result in output. The piece index
   * is required because XTS wants a tweak for each block so that it doesn't generate
   * patterns which would be visible in the encrypted output.
   *
   */
  void encrypt(const uint8_t *input, uint8_t *output, int input_size, int piece_idx) {
    unsigned char tweak[256];
    int err;

    memset(tweak, '\\0', 256);
    snprintf((char*)tweak, 256, "%d", piece_idx);
    
    if ((err = xts_encrypt(input, input_size, output, tweak, &xts)) != CRYPT_OK) {
            fprintf(stderr, "ERROR in AES encryption: %d: %s\\n", err, error_to_string(err));
            exit(EXIT_FAILURE);
    }
  }
.fi

.SH SEE ALSO
.BR pkg-config (1)
.SH AUTHOR
libtomcrypt was written by Tom St Denis.
.PP
This manual page was written by Michael Stapelberg <michael@stapelberg.de>,
for the Debian project (and may be used by others).