// Symmetric encryption using simple API
void encrypt_simple(void)
{
+ const yaca_enc_algo_e algo = YACA_ENC_AES;
+ const yaca_block_cipher_mode_e bcm = YACA_BCM_CBC;
+ const size_t key_bits = YACA_KEY_256BIT;
int ret;
yaca_key_h key = YACA_KEY_NULL;
yaca_key_h iv = YACA_KEY_NULL;
char *dec_data = NULL;
size_t enc_len;
size_t dec_len;
+ int iv_bits;
- printf("Plain data (16 of %zu bytes): %.16s\n", (size_t)1024, lorem1024);
+ printf("Simple Encrypt\nPlain data (16 of %zu bytes): %.16s\n",
+ LOREM1024_SIZE, lorem1024);
- ret = yaca_key_derive_pbkdf2("foo bar", "123456789", 10,
- 1000, YACA_DIGEST_SHA256,
- YACA_KEY_256BIT, &key);
+ ret = yaca_key_derive_pbkdf2("foo bar", "123456789", 10, 1000,
+ YACA_DIGEST_SHA256, key_bits, &key);
if (ret)
return;
- ret = yaca_key_gen(&iv, YACA_KEY_TYPE_IV, YACA_KEY_IV_256BIT);
- if (ret)
- goto exit;
+ iv_bits = yaca_get_iv_bits(algo, bcm, key_bits);
+ if (iv_bits < 0)
+ return;
+
+ if (iv_bits > 0) {
+ ret = yaca_key_gen(&iv, YACA_KEY_TYPE_IV, iv_bits);
+ if (ret)
+ goto exit;
+ }
- ret = yaca_encrypt(YACA_ENC_AES, YACA_BCM_CBC,
- key, iv, lorem1024, 1024, &enc_data, &enc_len);
+ ret = yaca_encrypt(algo, bcm, key, iv, lorem1024, LOREM1024_SIZE,
+ &enc_data, &enc_len);
if (ret)
goto exit;
dump_hex(enc_data, 16, "Encrypted data (16 of %zu bytes): ", enc_len);
- ret = yaca_decrypt(YACA_ENC_AES, YACA_BCM_CBC,
- key, iv,
- enc_data, enc_len,
- &dec_data, &dec_len);
+ ret = yaca_decrypt(algo, bcm, key, iv, enc_data, enc_len, &dec_data,
+ &dec_len);
if (ret < 0)
goto exit;
// Symmetric encryption using advanced API
void encrypt_advanced(void)
{
+ const yaca_enc_algo_e algo = YACA_ENC_AES;
+ const yaca_block_cipher_mode_e bcm = YACA_BCM_CBC;
+ const size_t key_bits = YACA_KEY_256BIT;
int ret;
yaca_ctx_h ctx;
yaca_key_h key = YACA_KEY_NULL;
char *dec = NULL;
size_t enc_size;
size_t dec_size;
+ int iv_bits;
- printf("Plain data (16 of %zu bytes): %.16s\n", (size_t)4096, lorem1024);
+ printf("Advanced Encrypt\nPlain data (16 of %zu bytes): %.16s\n",
+ LOREM4096_SIZE, lorem4096);
/// Key generation
- ret = yaca_key_derive_pbkdf2("foo bar", "123456789", 10,
- 1000, YACA_DIGEST_SHA256,
- YACA_KEY_256BIT, &key);
+ ret = yaca_key_derive_pbkdf2("foo bar", "123456789", 10, 1000,
+ YACA_DIGEST_SHA256, key_bits, &key);
if (ret)
return;
- ret = yaca_key_gen(&iv, YACA_KEY_TYPE_SYMMETRIC, YACA_KEY_IV_256BIT);
- if (ret)
+ iv_bits = yaca_get_iv_bits(algo, bcm, key_bits);
+ if (iv_bits < 0)
goto ex_key;
+ if (iv_bits > 0) {
+ ret = yaca_key_gen(&iv, YACA_KEY_TYPE_IV, iv_bits);
+ if (ret)
+ goto ex_key;
+ }
+
/// Encryption
{
- ret = yaca_encrypt_init(&ctx, YACA_ENC_AES, YACA_BCM_CBC,
- key, iv);
+ size_t block_len;
+ size_t output_len;
+ size_t out_size;
+ size_t rem;
+
+ ret = yaca_encrypt_init(&ctx, algo, bcm, key, iv);
if (ret)
goto ex_iv;
- ret = yaca_encrypt_update(ctx, lorem4096, 4096, NULL, &enc_size);
- if (ret != 42)
- goto ex_ctx;// TODO: what error code?
-
ret = yaca_get_block_length(ctx);
if (ret < 0)
goto ex_ctx;
- enc_size += ret ; // Add block size for finalize
+ block_len = ret;
+
+ ret = yaca_get_output_length(ctx, LOREM4096_SIZE);
+ if (ret < 0)
+ goto ex_ctx;
+
+ output_len = ret;
+
+ /* Calculate max output: size of update + final chunks */
+ enc_size = output_len + block_len;
enc = yaca_malloc(enc_size);
if (enc == NULL)
goto ex_ctx;
- size_t out_size = enc_size;
- ret = yaca_encrypt_update(ctx, lorem4096, 4096, enc, &out_size);
+ out_size = enc_size;
+ ret = yaca_encrypt_update(ctx, lorem4096, LOREM4096_SIZE, enc,
+ &out_size);
if (ret < 0)
goto ex_of;
- size_t rem = enc_size - out_size;
+ rem = enc_size - out_size;
ret = yaca_encrypt_final(ctx, enc + out_size, &rem);
if (ret < 0)
goto ex_of;
enc_size = rem + out_size;
- dump_hex(enc, 16, "Encrypted data (16 of %zu bytes): ", enc_size);
+ dump_hex(enc, 16, "Encrypted data (16 of %zu bytes): ",
+ enc_size);
yaca_ctx_free(ctx); // TODO: perhaps it should not return value
}
/// Decryption
{
- ret = yaca_decrypt_init(&ctx, YACA_ENC_AES, YACA_BCM_CBC,
- key, iv);
+ size_t block_len;
+ size_t output_len;
+ size_t out_size;
+ size_t rem;
+
+ ret = yaca_decrypt_init(&ctx, algo, bcm, key, iv);
if (ret < 0) {
- yaca_free(enc);
- goto ex_iv;
+ ctx = YACA_CTX_NULL;
+ goto ex_of;
}
- ret = yaca_decrypt_update(ctx, enc, enc_size, NULL, &dec_size);
- if (ret != 42)
- goto ex_of; // TODO: what error code?
-
ret = yaca_get_block_length(ctx);
if (ret < 0)
goto ex_of;
- dec_size += ret; // Add block size for finalize
+ block_len = ret;
+
+ ret = yaca_get_output_length(ctx, LOREM4096_SIZE);
+ if (ret < 0)
+ goto ex_ctx;
+
+ output_len = ret;
+
+ /* Calculate max output: size of update + final chunks */
+ dec_size = output_len + block_len;
dec = yaca_malloc(dec_size);
if (dec == NULL)
goto ex_of;
- size_t out_size = dec_size;
+ out_size = dec_size;
ret = yaca_decrypt_update(ctx, enc, enc_size, dec, &out_size);
if (ret < 0)
goto ex_in;
- size_t rem = dec_size - out_size;
+ rem = dec_size - out_size;
ret = yaca_encrypt_final(ctx, dec + out_size, &rem);
if (ret < 0)
goto ex_in;
/// Encrypt a.k.a. seal
{
+ size_t out_size;
+ size_t rem;
+
ret = yaca_seal_init(&ctx, key_pub,
YACA_ENC_AES, YACA_BCM_CBC,
&aes_key, &iv);
goto ex_ak;
// Seal and finalize
- size_t out_size = enc_size;
+ out_size = enc_size;
ret = yaca_seal_update(ctx, lorem4096, 4096, enc, &out_size);
if (ret < 0)
goto ex_of;
- size_t rem = enc_size - out_size;
+ rem = enc_size - out_size;
ret = yaca_seal_final(ctx, enc + out_size, &rem);
if (ret < 0)
goto ex_of;
/// Decrypt a.k.a. open
{
+ size_t out_size;
+ size_t rem;
+
ret = yaca_open_init(&ctx, key_priv,
YACA_ENC_AES, YACA_BCM_CBC,
aes_key, iv);
goto ex_of;
// Seal and finalize
- size_t out_size = enc_size;
+ out_size = enc_size;
ret = yaca_open_update(ctx, enc, enc_size, dec, &out_size);
if (ret < 0)
goto ex_in;
- size_t rem = dec_size - out_size;
+ rem = dec_size - out_size;
ret = yaca_open_final(ctx, dec + out_size, &rem);
if (ret < 0)
goto ex_in;
projects / platform / core / security / yaca.git / commitdiff