*/
/**
- * @brief CRYPTO_CTX_NULL NULL value for the crypto context.
+ * @brief OWL_CTX_NULL NULL value for the crypto context.
*/
-#define CRYPTO_CTX_NULL ((crypto_ctx_h) NULL)
+#define OWL_CTX_NULL ((owl_ctx_h) NULL)
/**
- * @brief crypto_init Initializes the library. Must be called before any other crypto function.
+ * @brief owl_init Initializes the library. Must be called before any other crypto function.
*
* @return 0 on success, negative on error (@see error.h).
*/
-int crypto_init(void);
+int owl_init(void);
/**
- * @brief crypto_exit Closes the library. Must be called before exiting the application.
+ * @brief owl_exit Closes the library. Must be called before exiting the application.
*
*/
-void crypto_exit(void);
+void owl_exit(void);
/**
- * @brief crypto_alloc Allocates memory.
+ * @brief owl_alloc Allocates memory.
*
* @param[in] size Size of the allocation (bytes).
*
* @return NULL on failure, pointer to allocated memory otherwise.
*/
-void *crypto_alloc(size_t size);
+void *owl_alloc(size_t size);
/**
- * @brief crypto_free Frees the memory allocated by @see crypto_alloc
- * or one of the cryptographics operations.
+ * @brief owl_free Frees the memory allocated by @see owl_alloc
+ * or one of the cryptographics operations.
*
* @param[in] ptr Pointer to the memory to be freed.
*
*/
-void crypto_free(void *ptr);
+void owl_free(void *ptr);
/**
- * @brief crypto_rand_bytes Generates random data.
+ * @brief owl_rand_bytes Generates random data.
*
* @param[in,out] data Pointer to the memory to be randomized.
* @param[in] data_len Length of the memory to be randomized.
*
* @return 0 on success, negative on error (@see error.h).
*/
-int crypto_rand_bytes(char *data, size_t data_len);
+int owl_rand_bytes(char *data, size_t data_len);
/**
- * @brief crypto_ctx_set_param Sets the extended context parameters.
- * Can only be called on an initialized context.
+ * @brief owl_ctx_set_param Sets the extended context parameters.
+ * Can only be called on an initialized context.
*
* @param[in,out] ctx Previously initialized crypto context.
* @param[in] param Parameter to be set.
*
* @return 0 on success, negative on error (@see error.h).
*/
-int crypto_ctx_set_param(crypto_ctx_h ctx, crypto_ex_param_e param,
- const void *value, size_t value_len);
+int owl_ctx_set_param(owl_ctx_h ctx, owl_ex_param_e param,
+ const void *value, size_t value_len);
/**
- * @brief crypto_ctx_get_param Returns the extended context parameters.
- * Can only be called on an initialized context.
+ * @brief owl_ctx_get_param Returns the extended context parameters.
+ * Can only be called on an initialized context.
*
* @param[in] ctx Previously initialized crypto context.
* @param[in] param Parameter to be read.
- * @param[out] value Copy of the parameter value (must be freed with @see crypto_free).
+ * @param[out] value Copy of the parameter value (must be freed with @see owl_free).
* @param[out] value_len Length of the parameter value will be returned here.
*
* @return 0 on success, negative on error (@see error.h).
*/
-int crypto_ctx_get_param(const crypto_ctx_h ctx, crypto_ex_param_e param,
- void **value, size_t *value_len);
+int owl_ctx_get_param(const owl_ctx_h ctx, owl_ex_param_e param,
+ void **value, size_t *value_len);
/**
- * @brief crypto_ctx_free Destroys the crypto context. Must be called
- * on all contexts that are no longer used.
- * Passing CRYPTO_CTX_NULL is allowed.
+ * @brief owl_ctx_free Destroys the crypto context. Must be called
+ * on all contexts that are no longer used.
+ * Passing OWL_CTX_NULL is allowed.
*
* @param[in,out] ctx Crypto context.
*
*/
-void crypto_ctx_free(crypto_ctx_h ctx);
+void owl_ctx_free(owl_ctx_h ctx);
/**
- * @brief crypto_get_output_length Returns the output length for a given algorithm.
- * Can only be called on an initialized context.
+ * @brief owl_get_output_length Returns the output length for a given algorithm.
+ * Can only be called on an initialized context.
*
* @param[in] ctx Previously initialized crypto context.
* @param[in] input_len Length of the input data to be processed.
*
* @return negative on error (@see error.h) or length of output.
*/
-int crypto_get_output_length(const crypto_ctx_h ctx, size_t input_len);
+int owl_get_output_length(const owl_ctx_h ctx, size_t input_len);
/**
- * @brief crypto_get_digest_length Wrapper - returns the length of the digest (for a given context).
+ * @brief owl_get_digest_length Wrapper - returns the length of the digest (for a given context).
*/
-#define crypto_get_digest_length(ctxa) crypto_get_output_length((ctxa), 0)
+#define owl_get_digest_length(ctxa) owl_get_output_length((ctxa), 0)
/**
- * @brief crypto_get_sign_length Wrapper - returns the length of the signature (for a given context).
+ * @brief owl_get_sign_length Wrapper - returns the length of the signature (for a given context).
*/
-#define crypto_get_sign_length(ctxa) crypto_get_output_length((ctxa), 0)
+#define owl_get_sign_length(ctxa) owl_get_output_length((ctxa), 0)
/**
- * @brief crypto_get_block_length Wrapper - returns the length of the block (for a given context).
+ * @brief owl_get_block_length Wrapper - returns the length of the block (for a given context).
*/
-#define crypto_get_block_length(ctxa) crypto_get_output_length((ctxa), 0)
+#define owl_get_block_length(ctxa) owl_get_output_length((ctxa), 0)
/**
- * @brief crypto_get_iv_length Returns the recomended/default length of the IV for a given encryption configuration.
+ * @brief owl_get_iv_length Returns the recomended/default length of the IV for a given encryption configuration.
*
* @param[in] algo Encryption algorithm.
* @param[in] bcm Chain mode.
- * @param[in] len Key length (@see crypto_key_len_e).
+ * @param[in] len Key length (@see owl_key_len_e).
*
* @return negative on error (@see error.h) or the IV length.
*/
-int crypto_get_iv_length(crypto_enc_algo_e algo,
- crypto_block_cipher_mode_e bcm,
- size_t key_len);
+int owl_get_iv_length(owl_enc_algo_e algo,
+ owl_block_cipher_mode_e bcm,
+ size_t key_len);
/**@}*/
+
#ifdef __cplusplus
} /* extern */
#endif
*/
/**
- * @brief crypto_digest_init Initializes a digest context.
+ * @brief owl_digest_init Initializes a digest context.
*
- * @param[out] ctx Newly created context (must be freed with @see crypto_ctx_free).
+ * @param[out] ctx Newly created context (must be freed with @see owl_ctx_free).
* @param[in] algo Digest algorithm that will be used.
*
* @return 0 on success, negative on error (@see error.h).
*/
-int crypto_digest_init(crypto_ctx_h *ctx, crypto_digest_algo_e algo);
+int owl_digest_init(owl_ctx_h *ctx, owl_digest_algo_e algo);
/**
- * @brief crypto_digest_update Feeds the data into the message digest algorithm.
+ * @brief owl_digest_update Feeds the data into the message digest algorithm.
*
- * @param[in,out] ctx Context created by @see crypto_digest_init.
+ * @param[in,out] ctx Context created by @see owl_digest_init.
* @param[in] data Data from which the digest is to be calculated.
* @param[in] data_len Length of the data.
*
* @return 0 on success, negative on error (@see error.h).
*/
-int crypto_digest_update(crypto_ctx_h ctx, const char *data, size_t data_len);
+int owl_digest_update(owl_ctx_h ctx, const char *data, size_t data_len);
/**
- * @brief crypto_digest_final Calculates the final digest.
+ * @brief owl_digest_final Calculates the final digest.
*
* @param[in,out] ctx A valid digest context.
- * @param[out] digest Buffer for the message digest (must be allocated by client, @see crypto_get_digest_length).
+ * @param[out] digest Buffer for the message digest (must be allocated by client, @see owl_get_digest_length).
* @param[out] digest_len Length of the digest, actual number of bytes written will be returned here.
*
* @return 0 on success, negative on error (@see error.h).
*/
-int crypto_digest_final(crypto_ctx_h ctx, char *digest, size_t *digest_len);
+int owl_digest_final(owl_ctx_h ctx, char *digest, size_t *digest_len);
/**@}*/
+
#ifdef __cplusplus
} /* extern */
#endif
*/
/**
- * @brief crypto_encrypt_init Initializes an encryption context.
+ * @brief owl_encrypt_init Initializes an encryption context.
*
- * @param[out] ctx Newly created context (must be freed with @see crypto_ctx_free).
+ * @param[out] ctx Newly created context (must be freed with @see owl_ctx_free).
* @param[in] algo Encryption algorithm that will be used.
* @param[in] bcm Chaining mode that will be used.
* @param[in] sym_key Symmetric key that will be used.
*
* @return 0 on success, negative on error (@see error.h).
*/
-int crypto_encrypt_init(crypto_ctx_h *ctx,
- crypto_enc_algo_e algo,
- crypto_block_cipher_mode_e bcm,
- const crypto_key_h sym_key,
- const crypto_key_h iv);
+int owl_encrypt_init(owl_ctx_h *ctx,
+ owl_enc_algo_e algo,
+ owl_block_cipher_mode_e bcm,
+ const owl_key_h sym_key,
+ const owl_key_h iv);
/**
- * @brief crypto_encrypt_update Encrypts chunk of the data.
+ * @brief owl_encrypt_update Encrypts chunk of the data.
*
- * @param[in,out] ctx Context created by @see crypto_encrypt_init.
+ * @param[in,out] ctx Context created by @see owl_encrypt_init.
* @param[in] plain Plain text to be encrypted.
* @param[in] plain_len Length of the plain text.
- * @param[out] cipher Buffer for the encrypted data (must be allocated by client, @see crypto_get_output_length).
+ * @param[out] cipher Buffer for the encrypted data (must be allocated by client, @see owl_get_output_length).
* @param[out] cipher_len Length of the encrypted data, actual number of bytes written will be returned here.
*
* @return 0 on success, negative on error (@see error.h).
*/
-int crypto_encrypt_update(crypto_ctx_h ctx,
- const char *plain,
- size_t plain_len,
- char *cipher,
- size_t *cipher_len);
+int owl_encrypt_update(owl_ctx_h ctx,
+ const char *plain,
+ size_t plain_len,
+ char *cipher,
+ size_t *cipher_len);
/**
- * @brief crypto_encrypt_final Encrypts the final chunk of the data.
+ * @brief owl_encrypt_final Encrypts the final chunk of the data.
*
* @param[in,out] ctx A valid encrypt context.
- * @param[out] cipher Final piece of the encrypted data (must be allocated by client, @see crypto_get_block_length).
+ * @param[out] cipher Final piece of the encrypted data (must be allocated by client, @see owl_get_block_length).
* @param[out] cipher_len Length of the final piece, actual number of bytes written will be returned here.
*
* @return 0 on success, negative on error (@see error.h).
*/
-int crypto_encrypt_final(crypto_ctx_h ctx,
- char *cipher,
- size_t *cipher_len);
+int owl_encrypt_final(owl_ctx_h ctx,
+ char *cipher,
+ size_t *cipher_len);
/**
- * @brief crypto_decrypt_init Initializes an decryption context.
+ * @brief owl_decrypt_init Initializes an decryption context.
*
- * @param[out] ctx Newly created context (must be freed with @see crypto_ctx_free).
+ * @param[out] ctx Newly created context (must be freed with @see owl_ctx_free).
* @param[in] algo Encryption algorithm that was used to encrypt the data.
* @param[in] bcm Chaining mode that was used to encrypt the data.
* @param[in] sym_key Symmetric key that was used to encrypt the data.
*
* @return 0 on success, negative on error (@see error.h).
*/
-int crypto_decrypt_init(crypto_ctx_h *ctx,
- crypto_enc_algo_e algo,
- crypto_block_cipher_mode_e bcm,
- const crypto_key_h sym_key,
- const crypto_key_h iv);
+int owl_decrypt_init(owl_ctx_h *ctx,
+ owl_enc_algo_e algo,
+ owl_block_cipher_mode_e bcm,
+ const owl_key_h sym_key,
+ const owl_key_h iv);
/**
- * @brief crypto_decrypt_update Decrypts chunk of the data.
+ * @brief owl_decrypt_update Decrypts chunk of the data.
*
- * @param[in,out] ctx Context created by @see crypto_decrypt_init.
+ * @param[in,out] ctx Context created by @see owl_decrypt_init.
* @param[in] cipher Cipher text to be decrypted.
* @param[in] cipher_len Length of the cipher text.
- * @param[out] plain Buffer for the decrypted data (must be allocated by client, @see crypto_get_output_length).
+ * @param[out] plain Buffer for the decrypted data (must be allocated by client, @see owl_get_output_length).
* @param[out] plain_len Length of the decrypted data, actual number of bytes written will be returned here.
*
* @return 0 on success, negative on error (@see error.h).
*/
-int crypto_decrypt_update(crypto_ctx_h ctx,
- const char *cipher,
- size_t cipher_len,
- char *plain,
- size_t *plain_len);
+int owl_decrypt_update(owl_ctx_h ctx,
+ const char *cipher,
+ size_t cipher_len,
+ char *plain,
+ size_t *plain_len);
/**
- * @brief crypto_decrypt_final Decrypts the final chunk of the data.
+ * @brief owl_decrypt_final Decrypts the final chunk of the data.
*
* @param[in,out] ctx A valid decrypt context.
- * @param[out] plain Final piece of the decrypted data (must be allocated by client, @see crypto_get_block_length).
+ * @param[out] plain Final piece of the decrypted data (must be allocated by client, @see owl_get_block_length).
* @param[out] plain_len Length of the final piece, actual number of bytes written will be returned here.
*
* @return 0 on success, negative on error (@see error.h).
*/
-int crypto_decrypt_final(crypto_ctx_h ctx,
- char *plain,
- size_t *plain_len);
+int owl_decrypt_final(owl_ctx_h ctx,
+ char *plain,
+ size_t *plain_len);
/**@}*/
*/
/**
- * @brief crypto_seal_init Initializes an asymmetric encryption context.
+ * @brief owl_seal_init Initializes an asymmetric encryption context.
*
- * @param[out] ctx Newly created context (must be freed with @see crypto_ctx_free).
+ * @param[out] ctx Newly created context (must be freed with @see owl_ctx_free).
* @param[in] pub_key Public key of the peer that will receive the encrypted data.
* @param[in] algo Symmetric algorithm that will be used.
* @param[in] bcm Block chaining mode for the symmetric algorithm.
*
* @return 0 on success, negative on error (@see error.h).
*/
-int crypto_seal_init(crypto_ctx_h *ctx,
- const crypto_key_h pub_key,
- crypto_enc_algo_e algo,
- crypto_block_cipher_mode_e bcm,
- crypto_key_h *sym_key,
- crypto_key_h *iv);
+int owl_seal_init(owl_ctx_h *ctx,
+ const owl_key_h pub_key,
+ owl_enc_algo_e algo,
+ owl_block_cipher_mode_e bcm,
+ owl_key_h *sym_key,
+ owl_key_h *iv);
/**
- * @brief crypto_seal_update Encrypts piece of the data.
+ * @brief owl_seal_update Encrypts piece of the data.
*
- * @param[in,out] ctx Context created by @see crypto_seal_init.
+ * @param[in,out] ctx Context created by @see owl_seal_init.
* @param[in] plain Plain text to be encrypted.
* @param[in] plain_len Length of the plain text.
- * @param[out] cipher Buffer for the encrypted data (must be allocated by client, @see crypto_get_output_length).
+ * @param[out] cipher Buffer for the encrypted data (must be allocated by client, @see owl_get_output_length).
* @param[out] cipher_len Length of the encrypted data, actual number of bytes written will be returned here.
*
* @return 0 on success, negative on error (@see error.h).
*/
-int crypto_seal_update(crypto_ctx_h ctx,
- const char *plain,
- size_t plain_len,
- char *cipher,
- size_t *cipher_len);
+int owl_seal_update(owl_ctx_h ctx,
+ const char *plain,
+ size_t plain_len,
+ char *cipher,
+ size_t *cipher_len);
/**
- * @brief crypto_seal_final Encrypts the final piece of the data.
+ * @brief owl_seal_final Encrypts the final piece of the data.
*
* @param[in,out] ctx A valid seal context.
- * @param[out] cipher Final piece of the encrypted data (must be allocated by client, @see crypto_get_block_length).
+ * @param[out] cipher Final piece of the encrypted data (must be allocated by client, @see owl_get_block_length).
* @param[out] cipher_len Length of the final piece, actual number of bytes written will be returned here.
*
* @return 0 on success, negative on error (@see error.h).
*/
-int crypto_seal_final(crypto_ctx_h ctx,
- char *cipher,
- size_t *cipher_len);
+int owl_seal_final(owl_ctx_h ctx,
+ char *cipher,
+ size_t *cipher_len);
/**
- * @brief crypto_open_init Initializes an asymmetric decryption context.
+ * @brief owl_open_init Initializes an asymmetric decryption context.
*
- * @param[out] ctx Newly created context. Must be freed by @see crypto_ctx_free.
+ * @param[out] ctx Newly created context. Must be freed by @see owl_ctx_free.
* @param[in] prv_key Private key, part of the pair that was used for the encryption.
* @param[in] algo Symmetric algorithm that was used for the encryption.
* @param[in] bcm Block chaining mode for the symmetric algorithm.
*
* @return 0 on success, negative on error (@see error.h).
*/
-int crypto_open_init(crypto_ctx_h *ctx,
- const crypto_key_h prv_key,
- crypto_enc_algo_e algo,
- crypto_block_cipher_mode_e bcm,
- const crypto_key_h sym_key,
- const crypto_key_h iv);
+int owl_open_init(owl_ctx_h *ctx,
+ const owl_key_h prv_key,
+ owl_enc_algo_e algo,
+ owl_block_cipher_mode_e bcm,
+ const owl_key_h sym_key,
+ const owl_key_h iv);
/**
- * @brief crypto_open_update Decrypts piece of the data.
+ * @brief owl_open_update Decrypts piece of the data.
*
- * @param[in,out] ctx Context created by @see crypto_open_init.
+ * @param[in,out] ctx Context created by @see owl_open_init.
* @param[in] cipher Cipher text to be decrypted.
* @param[in] cipher_len Length of the cipher text.
- * @param[out] plain Buffer for the decrypted data (must be allocated by client, @see crypto_get_output_length).
+ * @param[out] plain Buffer for the decrypted data (must be allocated by client, @see owl_get_output_length).
* @param[out] plain_len Length of the decrypted data, actual number of bytes written will be returned here.
*
* @return 0 on success, negative on error (@see error.h).
*/
-int crypto_open_update(crypto_ctx_h ctx,
- const char *cipher,
- size_t cipher_len,
- char *plain,
- size_t *plain_len);
+int owl_open_update(owl_ctx_h ctx,
+ const char *cipher,
+ size_t cipher_len,
+ char *plain,
+ size_t *plain_len);
/**
- * @brief crypto_open_final Decrypts last chunk of sealed message.
+ * @brief owl_open_final Decrypts last chunk of sealed message.
*
* @param[in,out] ctx A valid open context.
- * @param[out] plain Final piece of the decrypted data (must be allocated by client, @see crypto_get_block_length).
+ * @param[out] plain Final piece of the decrypted data (must be allocated by client, @see owl_get_block_length).
* @param[out] plain_len Length of the final piece, actual number of bytes written will be returned here.
*
* @return 0 on success, negative on error (@see error.h).
*/
-int crypto_open_final(crypto_ctx_h ctx,
- char *plain,
- size_t *plain_len);
+int owl_open_final(owl_ctx_h ctx,
+ char *plain,
+ size_t *plain_len);
/**@}*/
+
#ifdef __cplusplus
} /* extern */
#endif
extern "C" {
#endif
-enum __crypto_error_code {
- CRYPTO_ERROR_INVALID_ARGUMENT = -1,
- CRYPTO_ERROR_NOT_IMPLEMENTED= -2,
- CRYPTO_ERROR_OPENSSL_FAILURE = -3,
- CRYPTO_ERROR_NOT_SUPPORTED = -4,
- CRYPTO_ERROR_TOO_BIG_ARGUMENT = -5,
- CRYPTO_ERROR_OUT_OF_MEMORY = -6
+enum __owl_error_code {
+ OWL_ERROR_INVALID_ARGUMENT = -1,
+ OWL_ERROR_NOT_IMPLEMENTED= -2,
+ OWL_ERROR_OPENSSL_FAILURE = -3,
+ OWL_ERROR_NOT_SUPPORTED = -4,
+ OWL_ERROR_TOO_BIG_ARGUMENT = -5,
+ OWL_ERROR_OUT_OF_MEMORY = -6
};
#ifdef __cplusplus
* @{
*/
-#define CRYPTO_KEY_NULL ((crypto_key_h) NULL)
+#define OWL_KEY_NULL ((owl_key_h) NULL)
-// TODO: We need a way to import keys encrypted with hw (or other) keys. New function like crypto_key_load or sth??
+// TODO: We need a way to import keys encrypted with hw (or other) keys. New function like owl_key_load or sth??
/**
- * @brief crypto_key_get_length Get key's length.
+ * @brief owl_key_get_length Get key's length.
*
* @param[in] key Key which length we return.
*
* @return negative on error (@see error.h) or key length.
*/
-int crypto_key_get_length(const crypto_key_h key);
+int owl_key_get_length(const owl_key_h key);
/**
- * @brief crypto_key_import Imports a key from the arbitrary format.
+ * @brief owl_key_import Imports a key from the arbitrary format.
*
- * @param[out] key Returned key (must be freed with @see crypto_key_free).
+ * @param[out] key Returned key (must be freed with @see owl_key_free).
* @param[in] key_fmt Format of the key.
* @param[in] key_type Type of the key.
* @param[in] data Blob containing the key.
*
* @return 0 on success, negative on error (@see error.h).
*/
-int crypto_key_import(crypto_key_h *key,
- crypto_key_fmt_e key_fmt,
- crypto_key_type_e key_type,
- const char *data,
- size_t data_len);
+int owl_key_import(owl_key_h *key,
+ owl_key_fmt_e key_fmt,
+ owl_key_type_e key_type,
+ const char *data,
+ size_t data_len);
/**
- * @brief crypto_key_export Exports a key to arbitrary format. Export may fail if key is HW-based.
+ * @brief owl_key_export Exports a key to arbitrary format. Export may fail if key is HW-based.
*
* @param[in] key Key to be exported.
* @param[in] key_fmt Format of the key.
- * @param[out] data Data, allocated by the library, containing exported key (must be freed with @see crypto_free).
+ * @param[out] data Data, allocated by the library, containing exported key (must be freed with @see owl_free).
* @param[out] data_len Size of the output data.
*
* @return 0 on success, negative on error (@see error.h).
*/
-int crypto_key_export(const crypto_key_h key,
- crypto_key_fmt_e key_fmt,
- char **data,
- size_t *data_len);
+int owl_key_export(const owl_key_h key,
+ owl_key_fmt_e key_fmt,
+ char **data,
+ size_t *data_len);
// TODO: still a matter of ordering, should the key in key_gen functions be first or last?
/**
- * @brief crypto_key_gen Generates a secure symmetric key (or an initialization vector).
+ * @brief owl_key_gen Generates a secure symmetric key (or an initialization vector).
*
- * @param[out] sym_key Newly generated key (must be freed with @see crypto_key_free).
+ * @param[out] sym_key Newly generated key (must be freed with @see owl_key_free).
* @param[in] key_type Type of the key to be generated.
* @param[in] key_len Length of the key to be generated.
*
* @return 0 on success, negative on error (@see error.h).
*/
-int crypto_key_gen(crypto_key_h *sym_key,
- crypto_key_type_e key_type,
- size_t key_len);
+int owl_key_gen(owl_key_h *sym_key,
+ owl_key_type_e key_type,
+ size_t key_len);
/**
- * @brief crypto_key_gen_pair Generates a new key pair.
+ * @brief owl_key_gen_pair Generates a new key pair.
*
- * @param[out] prv_key Newly generated private key (must be freed with @see crypto_key_free).
- * @param[out] pub_key Newly generated public key (must be freed with @see crypto_key_free).
- * @param[in] key_type Type of the key to be generated (must be CRYPTO_KEY_TYPE_PAIR*).
+ * @param[out] prv_key Newly generated private key (must be freed with @see owl_key_free).
+ * @param[out] pub_key Newly generated public key (must be freed with @see owl_key_free).
+ * @param[in] key_type Type of the key to be generated (must be OWL_KEY_TYPE_PAIR*).
* @param[in] key_len Length of the key to be generated.
*
* @return 0 on success, negative on error (@see error.h).
*/
-int crypto_key_gen_pair(crypto_key_h *prv_key,
- crypto_key_h *pub_key,
- crypto_key_type_e key_type,
- size_t key_len);
+int owl_key_gen_pair(owl_key_h *prv_key,
+ owl_key_h *pub_key,
+ owl_key_type_e key_type,
+ size_t key_len);
/**
- * @brief crypto_key_free Frees the key created by the library.
- * Passing CRYPTO_KEY_NULL is allowed.
+ * @brief owl_key_free Frees the key created by the library.
+ * Passing OWL_KEY_NULL is allowed.
*
* @param key Key to be freed.
*
*/
-void crypto_key_free(crypto_key_h key);
+void owl_key_free(owl_key_h key);
/**@}*/
*/
/**
- * @brief crypto_key_derive_dh Derives a key using Diffie-Helmann or EC Diffie-Helmann key exchange protocol.
+ * @brief owl_key_derive_dh Derives a key using Diffie-Helmann or EC Diffie-Helmann key exchange protocol.
*
* @param[in] prv_key Our private key.
* @param[in] pub_key Peer public key.
- * @param[out] sym_key Shared secret, that can be used as a symmetric key (must be freed with @see crypto_key_free).
+ * @param[out] sym_key Shared secret, that can be used as a symmetric key (must be freed with @see owl_key_free).
*
* @return 0 on success, negative on error (@see error.h).
*/
-int crypto_key_derive_dh(const crypto_key_h prv_key,
- const crypto_key_h pub_key,
- crypto_key_h *sym_key);
+int owl_key_derive_dh(const owl_key_h prv_key,
+ const owl_key_h pub_key,
+ owl_key_h *sym_key);
/**
- * @brief crypto_key_derive_kea Derives a key using KEA key exchange protocol.
+ * @brief owl_key_derive_kea Derives a key using KEA key exchange protocol.
*
* @param[in] prv_key Our DH private component.
* @param[in] pub_key Peers' DH public component.
* DH public component sent to peer to verify our identity.
* @param[in] pub_key_auth Peers' public key used for signature verification
* of pub_key from peer (peer authentication).
- * @param[out] sym_key Shared secret, that can be used as a symmetric key (must be freed with @see crypto_key_free).
+ * @param[out] sym_key Shared secret, that can be used as a symmetric key (must be freed with @see owl_key_free).
*
* @return 0 on success, negative on error (@see error.h).
*/
-int crypto_key_derive_kea(const crypto_key_h prv_key,
- const crypto_key_h pub_key,
- const crypto_key_h prv_key_auth,
- const crypto_key_h pub_key_auth,
- crypto_key_h *sym_key);
+int owl_key_derive_kea(const owl_key_h prv_key,
+ const owl_key_h pub_key,
+ const owl_key_h prv_key_auth,
+ const owl_key_h pub_key_auth,
+ owl_key_h *sym_key);
/**
- * @brief crypto_key_derive_pbkdf2 Derives a key from user password (PKCS #5 a.k.a. pbkdf2 algorithm).
+ * @brief owl_key_derive_pbkdf2 Derives a key from user password (PKCS #5 a.k.a. pbkdf2 algorithm).
*
* @param[in] password User password as a NULL-terminated string.
* @param[in] salt Salt, should be non-zero.
* @param[in] iter Number of iterations. (TODO: add enum to proposed number of iterations, pick sane defaults).
* @param[in] algo Digest algorithm that should be used in key generation. (TODO: sane defaults).
* @param[in] key_len Length of a key to be generated.
- * @param[out] key Newly generated key (must be freed with @see crypto_key_free).
+ * @param[out] key Newly generated key (must be freed with @see owl_key_free).
*
* @return 0 on success, negative on error (@see error.h).
*/
-int crypto_key_derive_pbkdf2(const char *password,
- const char *salt,
- size_t salt_len,
- int iter,
- crypto_digest_algo_e algo,
- crypto_key_len_e key_len,
- crypto_key_h *key);
+int owl_key_derive_pbkdf2(const char *password,
+ const char *salt,
+ size_t salt_len,
+ int iter,
+ owl_digest_algo_e algo,
+ owl_key_len_e key_len,
+ owl_key_h *key);
// TODO: specify
-//int crypto_key_wrap(crypto_key_h key, ??);
-//int crypto_key_unwrap(crypto_key_h key, ??);
+//int owl_key_wrap(owl_key_h key, ??);
+//int owl_key_unwrap(owl_key_h key, ??);
/**@}*/
+
#ifdef __cplusplus
} /* extern */
#endif
*/
/**
- * @brief crypto_sign_init Initializes a signature context.
+ * @brief owl_sign_init Initializes a signature context.
*
- * @param[out] ctx Newly created context (must be freed with @see crypto_ctx_free).
+ * @param[out] ctx Newly created context (must be freed with @see owl_ctx_free).
* @param[in] algo Digest algorithm that will be used.
* @param[in] key Private or symmetric key that will be used (algorithm is deduced based on key type).
*
* @return 0 on success, negative on error (@see error.h).
*/
-int crypto_sign_init(crypto_ctx_h *ctx,
- crypto_digest_algo_e algo,
- const crypto_key_h key);
+int owl_sign_init(owl_ctx_h *ctx,
+ owl_digest_algo_e algo,
+ const owl_key_h key);
/**
- * @brief crypto_sign_update Feeds the data into the digital signature algorithm.
+ * @brief owl_sign_update Feeds the data into the digital signature algorithm.
*
- * @param[in,out] ctx Context created by @see crypto_sign_init.
+ * @param[in,out] ctx Context created by @see owl_sign_init.
* @param[in] data Data to be signed.
* @param[in] data_len Length of the data.
*
* @return 0 on success, negative on error (@see error.h).
*/
-int crypto_sign_update(crypto_ctx_h ctx,
- const char *data,
- size_t data_len);
+int owl_sign_update(owl_ctx_h ctx,
+ const char *data,
+ size_t data_len);
/**
- * @brief crypto_sign_final Calculates the final signature.
+ * @brief owl_sign_final Calculates the final signature.
*
* @param[in,out] ctx A valid sign context.
- * @param[out] mac Buffer for the MAC or the signature (must be allocated by client, @see crypto_get_sign_length).
+ * @param[out] mac Buffer for the MAC or the signature (must be allocated by client, @see owl_get_sign_length).
* @param[out] mac_len Length of the MAC or the signature, actual number of bytes written will be returned here.
*
* @return 0 on success, negative on error (@see error.h).
*/
-int crypto_sign_final(crypto_ctx_h ctx,
- char *mac,
- size_t *mac_len);
+int owl_sign_final(owl_ctx_h ctx,
+ char *mac,
+ size_t *mac_len);
/**
- * @brief crypto_verify_init Initializes a signature verification context.
+ * @brief owl_verify_init Initializes a signature verification context.
*
- * @param[out] ctx Newly created context (must be freed with @see crypto_ctx_free).
+ * @param[out] ctx Newly created context (must be freed with @see owl_ctx_free).
* @param[in] algo Digest algorithm that will be used.
* @param[in] key Private or symmetric key that will be used (algorithm is deduced based on key type).
*
* @return 0 on success, negative on error (@see error.h).
*/
-int crypto_verify_init(crypto_ctx_h *ctx,
- crypto_digest_algo_e algo,
- const crypto_key_h key);
+int owl_verify_init(owl_ctx_h *ctx,
+ owl_digest_algo_e algo,
+ const owl_key_h key);
/**
- * @brief crypto_verify_update Feeds the data into the digital signature verification algorithm.
+ * @brief owl_verify_update Feeds the data into the digital signature verification algorithm.
*
- * @param[in,out] ctx Context created by @see crypto_verify_init.
+ * @param[in,out] ctx Context created by @see owl_verify_init.
* @param[in] data Data to be verified.
* @param[in] data_len Length of the data.
*
* @return 0 on success, negative on error (@see error.h).
*/
-int crypto_verify_update(crypto_ctx_h ctx,
- const char *data,
- size_t data_len);
+int owl_verify_update(owl_ctx_h ctx,
+ const char *data,
+ size_t data_len);
/**
- * @brief crypto_verify_final Performs the verification.
+ * @brief owl_verify_final Performs the verification.
*
* @param[in,out] ctx A valid verify context.
- * @param[in] mac Input MAC or signature (returned by @see crypto_sign_final).
+ * @param[in] mac Input MAC or signature (returned by @see owl_sign_final).
* @param[in] mac_len Size of the MAC or the signature.
*
* @return 0 on success, negative on error (@see error.h).
* TODO: CRYTPO_ERROR_SIGNATURE_INVALID when verification fails.
*/
-int crypto_verify_final(crypto_ctx_h ctx,
- const char *mac,
- size_t mac_len);
+int owl_verify_final(owl_ctx_h ctx,
+ const char *mac,
+ size_t mac_len);
/**@}*/
+
#ifdef __cplusplus
} /* extern */
#endif
*/
/**
- * @brief crypto_digest_calc Calculate a digest of a buffer.
+ * @brief owl_digest_calc Calculate a digest of a buffer.
*
- * @param[in] algo Digest algorithm (select @see CRYPTO_DIGEST_SHA256 if unsure).
+ * @param[in] algo Digest algorithm (select @see OWL_DIGEST_SHA256 if unsure).
* @param[in] data Data from which the digest is to be calculated.
* @param[in] data_len Length of the data.
- * @param[out] digest Message digest, will be allocated by the library (should be freed with @see crypto_free).
+ * @param[out] digest Message digest, will be allocated by the library (should be freed with @see owl_free).
* @param[out] digest_len Length of message digest (depends on algorithm).
*
* @return 0 on success, negative on error (@see error.h).
*/
-int crypto_digest_calc(crypto_digest_algo_e algo,
- const char *data,
- size_t data_len,
- char **digest,
- size_t *digest_len);
+int owl_digest_calc(owl_digest_algo_e algo,
+ const char *data,
+ size_t data_len,
+ char **digest,
+ size_t *digest_len);
/**
- * @brief crypto_encrypt Encrypt data using a symmetric cipher.
+ * @brief owl_encrypt Encrypt data using a symmetric cipher.
*
- * @param[in] algo Encryption algorithm (select @see CRYPTO_ENC_AES if unsure).
- * @param[in] bcm Chaining mode (select @see CRYPTO_BCM_CBC if unsure).
+ * @param[in] algo Encryption algorithm (select @see OWL_ENC_AES if unsure).
+ * @param[in] bcm Chaining mode (select @see OWL_BCM_CBC if unsure).
* @param[in] sym_key Symmetric encryption key (@see key.h for key generation functions).
* @param[in] iv Initialization vector.
* @param[in] plain Plain text to be encrypted.
* @param[in] plain_len Length of the plain text.
- * @param[out] cipher Encrypted data, will be allocated by the library (should be freed with @see crypto_free).
+ * @param[out] cipher Encrypted data, will be allocated by the library (should be freed with @see owl_free).
* @param[out] cipher_len Length of the encrypted data (may be larger than decrypted).
*
* @return 0 on success, negative on error (@see error.h).
*/
-int crypto_encrypt(crypto_enc_algo_e algo,
- crypto_block_cipher_mode_e bcm,
- const crypto_key_h sym_key,
- const crypto_key_h iv,
- const char *plain,
- size_t plain_len,
- char **cipher,
- size_t *cipher_len);
+int owl_encrypt(owl_enc_algo_e algo,
+ owl_block_cipher_mode_e bcm,
+ const owl_key_h sym_key,
+ const owl_key_h iv,
+ const char *plain,
+ size_t plain_len,
+ char **cipher,
+ size_t *cipher_len);
/**
- * @brief crypto_decrypt Decrypta data using a symmetric cipher.
+ * @brief owl_decrypt Decrypta data using a symmetric cipher.
*
* @param[in] algo Decryption algorithm that was used to encrypt the data.
* @param[in] bcm Chaining mode that was used to encrypt the data.
* @param[in] iv Initialization vector that was used to encrypt the data.
* @param[in] cipher Cipher text to be decrypted.
* @param[in] cipher_len Length of cipher text.
- * @param[out] plain Decrypted data, will be allocated by the library (should be freed with @see crypto_free).
+ * @param[out] plain Decrypted data, will be allocated by the library (should be freed with @see owl_free).
* @param[out] plain_len Length of the decrypted data.
*
* @return 0 on success, negative on error (@see error.h).
*/
-int crypto_decrypt(crypto_enc_algo_e algo,
- crypto_block_cipher_mode_e bcm,
- const crypto_key_h sym_key,
- const crypto_key_h iv,
- const char *cipher,
- size_t cipher_len,
- char **plain,
- size_t * plain_len);
+int owl_decrypt(owl_enc_algo_e algo,
+ owl_block_cipher_mode_e bcm,
+ const owl_key_h sym_key,
+ const owl_key_h iv,
+ const char *cipher,
+ size_t cipher_len,
+ char **plain,
+ size_t * plain_len);
// TODO: sign/verify
/**@}*/
+
#ifdef __cplusplus
} /* extern */
#endif
/**
* @brief Context
*/
-typedef struct __crypto_ctx_s *crypto_ctx_h;
+typedef struct __owl_ctx_s *owl_ctx_h;
/**
* @brief Key
*/
-typedef struct __crypto_key_s *crypto_key_h;
+typedef struct __owl_key_s *owl_key_h;
/**
* @brief Key formats
*/
typedef enum {
- CRYPTO_KEY_FORMAT_RAW, /**< key is in clear format */
- CRYPTO_KEY_FORMAT_BASE64, /**< key is encoded in ASCII-base64 */
- CRYPTO_KEY_FORMAT_PEM, /**< key is in PEM file format */
- CRYPTO_KEY_FORMAT_DER /**< key is in DER file format */
-} crypto_key_fmt_e;
+ OWL_KEY_FORMAT_RAW, /**< key is in clear format */
+ OWL_KEY_FORMAT_BASE64, /**< key is encoded in ASCII-base64 */
+ OWL_KEY_FORMAT_PEM, /**< key is in PEM file format */
+ OWL_KEY_FORMAT_DER /**< key is in DER file format */
+} owl_key_fmt_e;
/**
* @brief Key types, IV is considered as key
*/
typedef enum {
- CRYPTO_KEY_TYPE_SYMMETRIC, /**< Generic symmetric cipher KEY */
- CRYPTO_KEY_TYPE_DES, /**< DES* key - must be handled differently because of parity bits */
- CRYPTO_KEY_TYPE_IV, /**< IV for symmetric algorithms */
+ OWL_KEY_TYPE_SYMMETRIC, /**< Generic symmetric cipher KEY */
+ OWL_KEY_TYPE_DES, /**< DES* key - must be handled differently because of parity bits */
+ OWL_KEY_TYPE_IV, /**< IV for symmetric algorithms */
- CRYPTO_KEY_TYPE_RSA_PUB, /**< RSA public key */
- CRYPTO_KEY_TYPE_RSA_PRIV, /**< RSA private key */
+ OWL_KEY_TYPE_RSA_PUB, /**< RSA public key */
+ OWL_KEY_TYPE_RSA_PRIV, /**< RSA private key */
- CRYPTO_KEY_TYPE_DSA_PUB, /**< DSA public key */
- CRYPTO_KEY_TYPE_DSA_PRIV, /**< DSA private key */
+ OWL_KEY_TYPE_DSA_PUB, /**< DSA public key */
+ OWL_KEY_TYPE_DSA_PRIV, /**< DSA private key */
- CRYPTO_KEY_TYPE_DH_PUB, /**< Diffie-Hellman public key */
- CRYPTO_KEY_TYPE_DH_PRIV, /**< Diffie-Hellman private key */
+ OWL_KEY_TYPE_DH_PUB, /**< Diffie-Hellman public key */
+ OWL_KEY_TYPE_DH_PRIV, /**< Diffie-Hellman private key */
- CRYPTO_KEY_TYPE_ECC_PUB, /**< ECC public key */
- CRYPTO_KEY_TYPE_ECC_PRIV, /**< ECC private key */
+ OWL_KEY_TYPE_ECC_PUB, /**< ECC public key */
+ OWL_KEY_TYPE_ECC_PRIV, /**< ECC private key */
- CRYPTO_KEY_TYPE_PAIR_RSA, /**< Pair of RSA keys */
- CRYPTO_KEY_TYPE_PAIR_DSA, /**< Pair of DSA keys */
- CRYPTO_KEY_TYPE_PAIR_DH, /**< Pair of Diffie-Hellman keys */
- CRYPTO_KEY_TYPE_PAIR_ECC /**< Pair of ECC keys */
-} crypto_key_type_e;
+ OWL_KEY_TYPE_PAIR_RSA, /**< Pair of RSA keys */
+ OWL_KEY_TYPE_PAIR_DSA, /**< Pair of DSA keys */
+ OWL_KEY_TYPE_PAIR_DH, /**< Pair of Diffie-Hellman keys */
+ OWL_KEY_TYPE_PAIR_ECC /**< Pair of ECC keys */
+} owl_key_type_e;
/**
* @brief Key length, It is possible to use arbitrary integer instead, this enums are placed here to avoid magic numbers.
*/
typedef enum {
- CRYPTO_KEY_IV_UNSAFE_24BIT = 24, /**< 24-bit IV */
- CRYPTO_KEY_IV_64BIT = 64, /**< 64-bit IV */
- CRYPTO_KEY_IV_128BIT = 128, /**< 128-bit IV */
- CRYPTO_KEY_IV_256BIT = 256, /**< 256-bit IV */
- CRYPTO_KEY_CURVE_P192 = 192, /**< ECC: P192 curve */
- CRYPTO_KEY_CURVE_P256 = 256, /**< ECC: P-256 curve */
- CRYPTO_KEY_CURVE_P384 = 384, /**< ECC: SECP-384 curve */
- CRYPTO_KEY_UNSAFE_40BIT = 40,
- CRYPTO_KEY_UNSAFE_56BIT = 56,
- CRYPTO_KEY_UNSAFE_80BIT = 80,
- CRYPTO_KEY_UNSAFE_112BIT = 112,
- CRYPTO_KEY_UNSAFE_128BIT = 128,
- CRYPTO_KEY_192BIT = 192,
- CRYPTO_KEY_256BIT = 256,
- CRYPTO_KEY_512BIT = 512,
- CRYPTO_KEY_1024BIT = 1024,
- CRYPTO_KEY_2048BIT = 2048,
- CRYPTO_KEY_3072BIT = 3072,
- CRYPTO_KEY_4096BIT = 4096
-} crypto_key_len_e;
+ OWL_KEY_IV_UNSAFE_24BIT = 24, /**< 24-bit IV */
+ OWL_KEY_IV_64BIT = 64, /**< 64-bit IV */
+ OWL_KEY_IV_128BIT = 128, /**< 128-bit IV */
+ OWL_KEY_IV_256BIT = 256, /**< 256-bit IV */
+ OWL_KEY_CURVE_P192 = 192, /**< ECC: P192 curve */
+ OWL_KEY_CURVE_P256 = 256, /**< ECC: P-256 curve */
+ OWL_KEY_CURVE_P384 = 384, /**< ECC: SECP-384 curve */
+ OWL_KEY_UNSAFE_40BIT = 40,
+ OWL_KEY_UNSAFE_56BIT = 56,
+ OWL_KEY_UNSAFE_80BIT = 80,
+ OWL_KEY_UNSAFE_112BIT = 112,
+ OWL_KEY_UNSAFE_128BIT = 128,
+ OWL_KEY_192BIT = 192,
+ OWL_KEY_256BIT = 256,
+ OWL_KEY_512BIT = 512,
+ OWL_KEY_1024BIT = 1024,
+ OWL_KEY_2048BIT = 2048,
+ OWL_KEY_3072BIT = 3072,
+ OWL_KEY_4096BIT = 4096
+} owl_key_len_e;
/**
* @brief Message digest algorithms. CMAC is included to simplify API
*/
typedef enum {
- CRYPTO_DIGEST_MD5, /**< Message digest algorithm MD5 */
- CRYPTO_DIGEST_SHA1, /**< Message digest algorithm SHA1 */
- CRYPTO_DIGEST_SHA224, /**< Message digest algorithm SHA2, 224bit */
- CRYPTO_DIGEST_SHA256, /**< Message digest algorithm SHA2, 256bit */
- CRYPTO_DIGEST_SHA384, /**< Message digest algorithm SHA2, 384bit */
- CRYPTO_DIGEST_SHA512, /**< Message digest algorithm SHA2, 512bit */
- CRYPTO_DIGEST_CMAC /**< TODO: perhaps CMAC should be handled differently */
-} crypto_digest_algo_e;
+ OWL_DIGEST_MD5, /**< Message digest algorithm MD5 */
+ OWL_DIGEST_SHA1, /**< Message digest algorithm SHA1 */
+ OWL_DIGEST_SHA224, /**< Message digest algorithm SHA2, 224bit */
+ OWL_DIGEST_SHA256, /**< Message digest algorithm SHA2, 256bit */
+ OWL_DIGEST_SHA384, /**< Message digest algorithm SHA2, 384bit */
+ OWL_DIGEST_SHA512, /**< Message digest algorithm SHA2, 512bit */
+ OWL_DIGEST_CMAC /**< TODO: perhaps CMAC should be handled differently */
+} owl_digest_algo_e;
/**
* @brief Symmetric encryption algorithms
*/
typedef enum {
- CRYPTO_ENC_AES = 0, /**< AES encryption.
- - see #crypto_block_cipher_mode_e for details on additional parameters (mandatory)
+ OWL_ENC_AES = 0, /**< AES encryption.
+ - see #owl_block_cipher_mode_e for details on additional parameters (mandatory)
Supported key lengths: @c 128, @c 192 and @c 256 */
- CRYPTO_ENC_UNSAFE_DES, /**< DES encryption.
- - see #crypto_block_cipher_mode_e for details on additional parameters (mandatory)
+ OWL_ENC_UNSAFE_DES, /**< DES encryption.
+ - see #owl_block_cipher_mode_e for details on additional parameters (mandatory)
Supported key lengths: @c 56 */
- CRYPTO_ENC_UNSAFE_3DES_2TDEA, /**< 3DES 2-key encryption.
- - see #crypto_block_cipher_mode_e for details on additional parameters (mandatory)
+ OWL_ENC_UNSAFE_3DES_2TDEA, /**< 3DES 2-key encryption.
+ - see #owl_block_cipher_mode_e for details on additional parameters (mandatory)
Use double DES keys to perform corresponding 2-key 3DES encryption. Supported key lengths: @c 112 */
- CRYPTO_ENC_3DES_3TDEA, /**< 3DES 3-key encryption.
- - see #crypto_block_cipher_mode_e for details on additional parameters (mandatory)
+ OWL_ENC_3DES_3TDEA, /**< 3DES 3-key encryption.
+ - see #owl_block_cipher_mode_e for details on additional parameters (mandatory)
Use triple DES keys to perform corresponding 3-key 3DES encryption. Supported key lengths: @c 168 */
- CRYPTO_ENC_UNSAFE_RC2, /**< RC2 encryption.
- - see #crypto_block_cipher_mode_e for details on additional parameters (mandatory)
+ OWL_ENC_UNSAFE_RC2, /**< RC2 encryption.
+ - see #owl_block_cipher_mode_e for details on additional parameters (mandatory)
The key length is extracted from the key buffer. Supported key lengths: 8-1024 bits in steps of 8 bits. */
- CRYPTO_ENC_UNSAFE_RC4, /**< RC4 encryption.
+ OWL_ENC_UNSAFE_RC4, /**< RC4 encryption.
The key length is extracted from the key buffer. Supported key lengths: 40–2048 bits in steps of 8 bits */
- CRYPTO_ENC_CAST5, /**< CAST5 encryption.
- - see #crypto_block_cipher_mode_e for details on additional parameters (mandatory)
+ OWL_ENC_CAST5, /**< CAST5 encryption.
+ - see #owl_block_cipher_mode_e for details on additional parameters (mandatory)
The key length is extracted from the key buffer. Supported key lengths: 40-128 bits in steps of 8 bits */
- CRYPTO_ENC_UNSAFE_SKIPJACK /**< SKIPJACK algorithm
- - see #crypto_block_cipher_mode_e for details on additional parameters (mandatory)
+ OWL_ENC_UNSAFE_SKIPJACK /**< SKIPJACK algorithm
+ - see #owl_block_cipher_mode_e for details on additional parameters (mandatory)
Supported key length: 80 bits */
-} crypto_enc_algo_e;
+} owl_enc_algo_e;
/**
* @brief Chaining modes for block ciphers
*/
typedef enum {
- CRYPTO_BCM_ECB, /**< ECB block cipher mode. Encrypts 64 bit at a time. No IV is used. */
+ OWL_BCM_ECB, /**< ECB block cipher mode. Encrypts 64 bit at a time. No IV is used. */
- CRYPTO_BCM_CTR, /**< CTR block cipher mode. 16-byte initialization vector is mandatory.
+ OWL_BCM_CTR, /**< CTR block cipher mode. 16-byte initialization vector is mandatory.
Supported parameters:
- - CRYPTO_PARAM_CTR_CNT = length of counter block in bits
+ - OWL_PARAM_CTR_CNT = length of counter block in bits
(optional, only 128b is supported at the moment) */
- CRYPTO_BCM_CBC, /**< CBC block cipher mode. 16-byte initialization vector is mandatory. */
+ OWL_BCM_CBC, /**< CBC block cipher mode. 16-byte initialization vector is mandatory. */
- CRYPTO_BCM_GCM, /**< GCM block cipher mode. IV is needed.
+ OWL_BCM_GCM, /**< GCM block cipher mode. IV is needed.
Supported parameters:
- - CRYPTO_PARAM_TAG = GCM tag
- - CRYPTO_PARAM_AAD = additional authentication data(optional) */
+ - OWL_PARAM_TAG = GCM tag
+ - OWL_PARAM_AAD = additional authentication data(optional) */
- CRYPTO_BCM_CFB, /**< CFB block cipher mode. 16-byte initialization vector is mandatory. */
+ OWL_BCM_CFB, /**< CFB block cipher mode. 16-byte initialization vector is mandatory. */
- CRYPTO_BCM_OFB, /**< OFB block cipher mode. 16-byte initialization vector is mandatory. */
+ OWL_BCM_OFB, /**< OFB block cipher mode. 16-byte initialization vector is mandatory. */
- CRYPTO_BCM_OCB, /**< Offest Codebook Mode (AES) */
+ OWL_BCM_OCB, /**< Offest Codebook Mode (AES) */
- CRYPTO_BCM_CCM /**< CBC-MAC Mode (AES) */
+ OWL_BCM_CCM /**< CBC-MAC Mode (AES) */
-} crypto_block_cipher_mode_e;
+} owl_block_cipher_mode_e;
/**
* @brief Non-standard parameters for algorithms
*/
typedef enum {
- CRYPTO_PARAM_PADDING, /**< Padding */
+ OWL_PARAM_PADDING, /**< Padding */
- CRYPTO_PARAM_CTR_CNT, /**< CTR Counter bits */
+ OWL_PARAM_CTR_CNT, /**< CTR Counter bits */
- CRYPTO_PARAM_GCM_AAD, /**< GCM Additional Authentication Data */
- CRYPTO_PARAM_GCM_TAG, /**< GCM Tag bits */
- CRYPTO_PARAM_GCM_TAG_LEN, /**< GCM Tag length */
+ OWL_PARAM_GCM_AAD, /**< GCM Additional Authentication Data */
+ OWL_PARAM_GCM_TAG, /**< GCM Tag bits */
+ OWL_PARAM_GCM_TAG_LEN, /**< GCM Tag length */
- CRYPTO_PARAM_CCM_AAD, /**< CCM Additional Authentication Data */
- CRYPTO_PARAM_CCM_TAG, /**< CCM Tag bits */
- CRYPTO_PARAM_CCM_TAG_LEN, /**< CCM Tag length */
-} crypto_ex_param_e;
+ OWL_PARAM_CCM_AAD, /**< CCM Additional Authentication Data */
+ OWL_PARAM_CCM_TAG, /**< CCM Tag bits */
+ OWL_PARAM_CCM_TAG_LEN, /**< CCM Tag length */
+} owl_ex_param_e;
/**
* @brief Paddings supported by CryptoAPI
*/
typedef enum {
- CRYPTO_PADDING_NONE = 0, /**< total number of data MUST multiple of block size, Default */
- CRYPTO_PADDING_ZEROS, /**< pad with zeros */
- CRYPTO_PADDING_ISO10126, /**< ISO 10126 */
- CRYPTO_PADDING_ANSIX923, /**< ANSI X.923 padding*/
- CRYPTO_PADDING_ANSIX931, /**< ANSI X.931 padding*/
- CRYPTO_PADDING_PKCS1, /**< RSA signature creation */
- CRYPTO_PADDING_PKCS7 /**< Byte padding for symetric algos (RFC 5652), (PKCS5 padding is the same) */
-} crypto_padding_e;
+ OWL_PADDING_NONE = 0, /**< total number of data MUST multiple of block size, Default */
+ OWL_PADDING_ZEROS, /**< pad with zeros */
+ OWL_PADDING_ISO10126, /**< ISO 10126 */
+ OWL_PADDING_ANSIX923, /**< ANSI X.923 padding*/
+ OWL_PADDING_ANSIX931, /**< ANSI X.931 padding*/
+ OWL_PADDING_PKCS1, /**< RSA signature creation */
+ OWL_PADDING_PKCS7 /**< Byte padding for symetric algos (RFC 5652), (PKCS5 padding is the same) */
+} owl_padding_e;
/**@}*/
+
#ifdef __cplusplus
} /* extern */
#endif
char *digest;
size_t digest_len;
- ret = crypto_digest_calc(CRYPTO_DIGEST_SHA256,
+ ret = owl_digest_calc(OWL_DIGEST_SHA256,
lorem1024,
1024, &digest, &digest_len);
if (ret < 0)
dump_hex(digest, digest_len, "Message digest: ");
- crypto_free(digest);
+ owl_free(digest);
}
void digest_advanced(void)
{
int ret = 0;
- crypto_ctx_h ctx;
- ret = crypto_digest_init(&ctx, CRYPTO_DIGEST_SHA256);
+ owl_ctx_h ctx;
+ ret = owl_digest_init(&ctx, OWL_DIGEST_SHA256);
if (ret) return;
- ret = crypto_digest_update(ctx, lorem1024, 1024);
+ ret = owl_digest_update(ctx, lorem1024, 1024);
if (ret) goto exit_ctx;
- // TODO: rename to crypto_digest_get_length??
+ // TODO: rename to owl_digest_get_length??
size_t digest_len;
- digest_len = crypto_get_digest_length(ctx);
+ digest_len = owl_get_digest_length(ctx);
if (digest_len <= 0) goto exit_ctx;
{
char digest[digest_len];
- ret = crypto_digest_final(ctx, digest, &digest_len);
+ ret = owl_digest_final(ctx, digest, &digest_len);
if (ret < 0) goto exit_ctx;
dump_hex(digest, digest_len, "Message digest: ");
}
exit_ctx:
- crypto_ctx_free(ctx);
+ owl_ctx_free(ctx);
}
int main()
{
int ret = 0;
- if ((ret = crypto_init()))
+ if ((ret = owl_init()))
return ret;
digest_simple();
digest_advanced();
- crypto_exit(); // TODO: what about handing of return value from exit??
+ owl_exit(); // TODO: what about handing of return value from exit??
return ret;
}
void encrypt_simple(void)
{
int ret;
- crypto_key_h key = CRYPTO_KEY_NULL, iv = CRYPTO_KEY_NULL;
+ owl_key_h key = OWL_KEY_NULL, iv = OWL_KEY_NULL;
char *enc_data = NULL, *dec_data = NULL;
size_t enc_len, dec_len;
printf("Plain data (16 of %zu bytes): %.16s\n", (size_t)1024, lorem1024);
- ret = crypto_key_derive_pbkdf2("foo bar", "123456789", 10,
- 1000, CRYPTO_DIGEST_SHA256,
- CRYPTO_KEY_256BIT, &key);
+ ret = owl_key_derive_pbkdf2("foo bar", "123456789", 10,
+ 1000, OWL_DIGEST_SHA256,
+ OWL_KEY_256BIT, &key);
if (ret) return;
- ret = crypto_key_gen(&iv, CRYPTO_KEY_TYPE_IV, CRYPTO_KEY_IV_256BIT);
+ ret = owl_key_gen(&iv, OWL_KEY_TYPE_IV, OWL_KEY_IV_256BIT);
if (ret) goto exit;
- ret = crypto_encrypt(CRYPTO_ENC_AES, CRYPTO_BCM_CBC,
+ ret = owl_encrypt(OWL_ENC_AES, OWL_BCM_CBC,
key, iv, lorem1024, 1024, &enc_data, &enc_len);
if (ret) goto exit;
dump_hex(enc_data, 16, "Encrypted data (16 of %zu bytes): ", enc_len);
- ret = crypto_decrypt(CRYPTO_ENC_AES, CRYPTO_BCM_CBC,
+ ret = owl_decrypt(OWL_ENC_AES, OWL_BCM_CBC,
key, iv,
enc_data, enc_len,
&dec_data, &dec_len);
printf("Decrypted data (16 of %zu bytes): %.16s\n", dec_len, dec_data);
exit:
if (enc_data)
- crypto_free(enc_data);
+ owl_free(enc_data);
if (dec_data)
- crypto_free(dec_data);
- if (iv != CRYPTO_KEY_NULL)
- crypto_key_free(iv);
- crypto_key_free(key);
+ owl_free(dec_data);
+ if (iv != OWL_KEY_NULL)
+ owl_key_free(iv);
+ owl_key_free(key);
}
// Symmetric encryption using advanced API
void encrypt_advanced(void)
{
int ret;
- crypto_ctx_h ctx;
- crypto_key_h key = CRYPTO_KEY_NULL, iv = CRYPTO_KEY_NULL;
+ owl_ctx_h ctx;
+ owl_key_h key = OWL_KEY_NULL, iv = OWL_KEY_NULL;
char *enc = NULL, *dec = NULL;
size_t enc_size, dec_size;
/// Key generation
- ret = crypto_key_derive_pbkdf2("foo bar", "123456789", 10,
- 1000, CRYPTO_DIGEST_SHA256,
- CRYPTO_KEY_256BIT, &key);
+ ret = owl_key_derive_pbkdf2("foo bar", "123456789", 10,
+ 1000, OWL_DIGEST_SHA256,
+ OWL_KEY_256BIT, &key);
if (ret) return;
- ret = crypto_key_gen(&iv, CRYPTO_KEY_IV_256BIT, CRYPTO_KEY_TYPE_SYMMETRIC);
+ ret = owl_key_gen(&iv, OWL_KEY_IV_256BIT, OWL_KEY_TYPE_SYMMETRIC);
if (ret) goto ex_key;
/// Encryption
{
- ret = crypto_encrypt_init(&ctx, CRYPTO_ENC_AES, CRYPTO_BCM_CBC,
+ ret = owl_encrypt_init(&ctx, OWL_ENC_AES, OWL_BCM_CBC,
key, iv);
if (ret) goto ex_iv;
- ret = crypto_encrypt_update(ctx, lorem4096, 4096, NULL, &enc_size);
+ ret = owl_encrypt_update(ctx, lorem4096, 4096, NULL, &enc_size);
if (ret != 42) goto ex_ctx;// TODO: what error code?
- ret = crypto_get_block_length(ctx);
+ ret = owl_get_block_length(ctx);
if (ret < 0) goto ex_ctx;
enc_size += ret ; // Add block size for finalize
- enc = crypto_alloc(enc_size);
+ enc = owl_alloc(enc_size);
if (!enc) goto ex_ctx;
size_t out_size = enc_size;
- ret = crypto_encrypt_update(ctx, lorem4096, 4096, enc, &out_size);
+ ret = owl_encrypt_update(ctx, lorem4096, 4096, enc, &out_size);
if (ret < 0) goto ex_of;
size_t rem = enc_size - out_size;
- ret = crypto_encrypt_final(ctx, enc + out_size, &rem);
+ ret = owl_encrypt_final(ctx, enc + out_size, &rem);
if (ret < 0) goto ex_of;
enc_size = rem + out_size;
dump_hex(enc, 16, "Encrypted data (16 of %zu bytes): ", enc_size);
- crypto_ctx_free(ctx); // TODO: perhaps it should not return value
+ owl_ctx_free(ctx); // TODO: perhaps it should not return value
}
/// Decryption
{
- ret = crypto_decrypt_init(&ctx, CRYPTO_ENC_AES, CRYPTO_BCM_CBC,
+ ret = owl_decrypt_init(&ctx, OWL_ENC_AES, OWL_BCM_CBC,
key, iv);
if (ret < 0) {
- crypto_free(enc);
+ owl_free(enc);
goto ex_iv;
}
- ret = crypto_decrypt_update(ctx, enc, enc_size, NULL, &dec_size);
+ ret = owl_decrypt_update(ctx, enc, enc_size, NULL, &dec_size);
if (ret != 42) goto ex_of; // TODO: what error code?
- ret = crypto_get_block_length(ctx);
+ ret = owl_get_block_length(ctx);
if (ret < 0) goto ex_of;
dec_size += ret; // Add block size for finalize
- dec = crypto_alloc(dec_size);
+ dec = owl_alloc(dec_size);
if (!dec) goto ex_of;
size_t out_size = dec_size;
- ret = crypto_decrypt_update(ctx, enc, enc_size, dec, &out_size);
+ ret = owl_decrypt_update(ctx, enc, enc_size, dec, &out_size);
if (ret < 0) goto ex_in;
size_t rem = dec_size - out_size;
- ret = crypto_encrypt_final(ctx, dec + out_size, &rem);
+ ret = owl_encrypt_final(ctx, dec + out_size, &rem);
if (ret < 0) goto ex_in;
dec_size = rem + out_size;
}
ex_in:
- crypto_free(dec);
+ owl_free(dec);
ex_of:
- crypto_free(enc);
+ owl_free(enc);
ex_ctx:
- crypto_ctx_free(ctx);
+ owl_ctx_free(ctx);
ex_iv:
- crypto_key_free(iv);
+ owl_key_free(iv);
ex_key:
- crypto_key_free(key);
+ owl_key_free(key);
}
void encrypt_seal(void)
{
int ret;
- crypto_ctx_h ctx;
- crypto_key_h key_pub = CRYPTO_KEY_NULL, key_priv = CRYPTO_KEY_NULL;
- crypto_key_h aes_key, iv = CRYPTO_KEY_NULL;
+ owl_ctx_h ctx;
+ owl_key_h key_pub = OWL_KEY_NULL, key_priv = OWL_KEY_NULL;
+ owl_key_h aes_key, iv = OWL_KEY_NULL;
char *enc = NULL, *dec = NULL;
size_t enc_size, dec_size;
printf("Plain data (16 of %zu bytes): %.16s\n", (size_t)4096, lorem1024);
/// Generate key pair
- ret = crypto_key_gen_pair(&key_priv, &key_pub,
- CRYPTO_KEY_2048BIT, CRYPTO_KEY_TYPE_PAIR_RSA);
+ ret = owl_key_gen_pair(&key_priv, &key_pub,
+ OWL_KEY_2048BIT, OWL_KEY_TYPE_PAIR_RSA);
if (ret) return;
/// Encrypt a.k.a. seal
{
- ret = crypto_seal_init(&ctx, key_pub,
- CRYPTO_ENC_AES, CRYPTO_BCM_CBC,
+ ret = owl_seal_init(&ctx, key_pub,
+ OWL_ENC_AES, OWL_BCM_CBC,
&aes_key, &iv);
if (ret) goto ex_pk;
- ret = crypto_seal_update(ctx, lorem4096, 4096, NULL, &enc_size);
+ ret = owl_seal_update(ctx, lorem4096, 4096, NULL, &enc_size);
if (ret) goto ex_ak;
- ret = crypto_get_block_length(ctx);
+ ret = owl_get_block_length(ctx);
if (ret < 0) goto ex_ak;
enc_size = enc_size + ret;
- enc = crypto_alloc(enc_size);
+ enc = owl_alloc(enc_size);
if (!enc) goto ex_ak;
// Seal and finalize
size_t out_size = enc_size;
- ret = crypto_seal_update(ctx, lorem4096, 4096, enc, &out_size);
+ ret = owl_seal_update(ctx, lorem4096, 4096, enc, &out_size);
if (ret < 0) goto ex_of;
size_t rem = enc_size - out_size;
- ret = crypto_seal_final(ctx, enc + out_size, &rem);
+ ret = owl_seal_final(ctx, enc + out_size, &rem);
if (ret < 0) goto ex_of;
enc_size = rem + out_size;
dump_hex(enc, 16, "Encrypted data (16 of %zu bytes): ", enc_size);
- crypto_ctx_free(ctx); // TODO: perhaps it should not return value
+ owl_ctx_free(ctx); // TODO: perhaps it should not return value
}
/// Decrypt a.k.a. open
{
- ret = crypto_open_init(&ctx, key_priv,
- CRYPTO_ENC_AES, CRYPTO_BCM_CBC,
+ ret = owl_open_init(&ctx, key_priv,
+ OWL_ENC_AES, OWL_BCM_CBC,
aes_key, iv);
if (ret) {
- crypto_free(enc);
+ owl_free(enc);
goto ex_ak;
}
- ret = crypto_open_update(ctx, enc, enc_size, NULL, &dec_size);
+ ret = owl_open_update(ctx, enc, enc_size, NULL, &dec_size);
if (ret) goto ex_of;
- ret = crypto_get_block_length(ctx);
+ ret = owl_get_block_length(ctx);
if (ret < 0) goto ex_of;
dec_size = dec_size + ret;
- dec = crypto_alloc(dec_size);
+ dec = owl_alloc(dec_size);
if (!dec) goto ex_of;
// Seal and finalize
size_t out_size = enc_size;
- ret = crypto_open_update(ctx, enc, enc_size, dec, &out_size);
+ ret = owl_open_update(ctx, enc, enc_size, dec, &out_size);
if (ret < 0) goto ex_in;
size_t rem = dec_size - out_size;
- ret = crypto_open_final(ctx, dec + out_size, &rem);
+ ret = owl_open_final(ctx, dec + out_size, &rem);
if (ret < 0) goto ex_in;
dec_size = rem + out_size;
printf("Decrypted data (16 of %zu bytes): %.16s\n", (size_t)dec_size, dec);
- crypto_ctx_free(ctx); // TODO: perhaps it should not return value
+ owl_ctx_free(ctx); // TODO: perhaps it should not return value
}
ex_in:
- crypto_free(dec);
+ owl_free(dec);
ex_of:
- crypto_free(enc);
+ owl_free(enc);
ex_ak:
- crypto_key_free(aes_key);
- crypto_key_free(iv);
+ owl_key_free(aes_key);
+ owl_key_free(iv);
ex_pk:
- crypto_key_free(key_pub);
- crypto_key_free(key_priv);
+ owl_key_free(key_pub);
+ owl_key_free(key_priv);
}
int main()
{
int ret = 0;
- if ((ret = crypto_init()))
+ if ((ret = owl_init()))
return ret;
encrypt_simple();
encrypt_seal();
- crypto_exit(); // TODO: what about handing of return value from exit??
+ owl_exit(); // TODO: what about handing of return value from exit??
return ret;
}
{
int ret;
- crypto_ctx_h ctx;
+ owl_ctx_h ctx;
- crypto_key_h key = CRYPTO_KEY_NULL;
- crypto_key_h iv = CRYPTO_KEY_NULL;
- crypto_key_h aad_key = CRYPTO_KEY_NULL; // add CRYPTO_CRYPTO_KEY_TYPE_AAD ?
+ owl_key_h key = OWL_KEY_NULL;
+ owl_key_h iv = OWL_KEY_NULL;
+ owl_key_h aad_key = OWL_KEY_NULL; // add OWL_OWL_KEY_TYPE_AAD ?
char *plaintext = NULL, *ciphertext = NULL, *aad = NULL, *tag = NULL;
size_t plaintext_len, ciphertext_len, aad_len, tag_len;
/// Key generation
- ret = crypto_key_gen(&key, CRYPTO_KEY_256BIT, CRYPTO_KEY_TYPE_SYMMETRIC); // key_type, key_len, *key ? looks imo much better
+ ret = owl_key_gen(&key, OWL_KEY_256BIT, OWL_KEY_TYPE_SYMMETRIC); // key_type, key_len, *key ? looks imo much better
if (ret) goto clean;
- // use CRYPTO_KEY_IV_128BIT & CRYPTO_KEY_TYPE_IV or maybe CRYPTO_KEY_128BIT & CRYPTO_KEY_TYPE_SYMMETRIC ?
- ret = crypto_key_gen(&iv, CRYPTO_KEY_IV_128BIT, CRYPTO_KEY_TYPE_IV);
+ // use OWL_KEY_IV_128BIT & OWL_KEY_TYPE_IV or maybe OWL_KEY_128BIT & OWL_KEY_TYPE_SYMMETRIC ?
+ ret = owl_key_gen(&iv, OWL_KEY_IV_128BIT, OWL_KEY_TYPE_IV);
if (ret) goto clean;
- // use CRYPTO_KEY_128BIT & CRYPTO_KEY_TYPE_SYMMETRIC or maybe add CRYPTO_KEY_AAD_128BIT & CRYPTO_KEY_TYPE_AAD ?
- ret = crypto_key_gen(&aad_key, CRYPTO_KEY_UNSAFE_128BIT, CRYPTO_KEY_TYPE_SYMMETRIC);
+ // use OWL_KEY_128BIT & OWL_KEY_TYPE_SYMMETRIC or maybe add OWL_KEY_AAD_128BIT & OWL_KEY_TYPE_AAD ?
+ ret = owl_key_gen(&aad_key, OWL_KEY_UNSAFE_128BIT, OWL_KEY_TYPE_SYMMETRIC);
if (ret) goto clean;
// generate and export aad?
- ret = crypto_key_export(aad_key, CRYPTO_KEY_FORMAT_RAW, &aad, &aad_len);
+ ret = owl_key_export(aad_key, OWL_KEY_FORMAT_RAW, &aad, &aad_len);
if (ret) goto clean;
/// Encryption
{
- ret = crypto_encrypt_init(&ctx, CRYPTO_ENC_AES, CRYPTO_BCM_GCM, key, iv);
+ ret = owl_encrypt_init(&ctx, OWL_ENC_AES, OWL_BCM_GCM, key, iv);
if (ret) goto clean;
- ret = crypto_ctx_set_param(ctx, CRYPTO_PARAM_GCM_AAD, aad, aad_len);
+ ret = owl_ctx_set_param(ctx, OWL_PARAM_GCM_AAD, aad, aad_len);
if (ret) goto clean;
- ret = crypto_encrypt_update(ctx, lorem4096, 4096, NULL, &ciphertext_len);
+ ret = owl_encrypt_update(ctx, lorem4096, 4096, NULL, &ciphertext_len);
if (ret != 42) goto clean;// TODO: what error code?
- ret = crypto_get_block_length(ctx);
+ ret = owl_get_block_length(ctx);
if (ret) goto clean;
ciphertext_len += ret ; // Add block size for finalize
- ciphertext = crypto_alloc(ciphertext_len);
+ ciphertext = owl_alloc(ciphertext_len);
if (!ciphertext) goto clean;
size_t len;
- ret = crypto_encrypt_update(ctx, lorem4096, 4096, ciphertext, &len);
+ ret = owl_encrypt_update(ctx, lorem4096, 4096, ciphertext, &len);
if (ret) goto clean;
ciphertext_len = len;
- ret = crypto_encrypt_final(ctx, ciphertext + len, &len);
+ ret = owl_encrypt_final(ctx, ciphertext + len, &len);
if (ret) goto clean;
ciphertext_len += len;
- ret = crypto_ctx_get_param(ctx, CRYPTO_PARAM_GCM_TAG, (void*)&tag, &tag_len);
+ ret = owl_ctx_get_param(ctx, OWL_PARAM_GCM_TAG, (void*)&tag, &tag_len);
if (ret) goto clean;
dump_hex(ciphertext, 16, "Encrypted data (16 of %zu bytes): ", ciphertext_len);
- crypto_ctx_free(ctx); // TODO: perhaps it should not return value
+ owl_ctx_free(ctx); // TODO: perhaps it should not return value
}
/// Decryption
{
- ret = crypto_decrypt_init(&ctx, CRYPTO_ENC_AES, CRYPTO_BCM_GCM, key, iv);
+ ret = owl_decrypt_init(&ctx, OWL_ENC_AES, OWL_BCM_GCM, key, iv);
if (ret) goto clean;
- ret = crypto_ctx_set_param(ctx, CRYPTO_PARAM_GCM_AAD, aad, aad_len);
+ ret = owl_ctx_set_param(ctx, OWL_PARAM_GCM_AAD, aad, aad_len);
if (ret) goto clean;
- ret = crypto_decrypt_update(ctx, ciphertext, ciphertext_len, NULL, &plaintext_len);
+ ret = owl_decrypt_update(ctx, ciphertext, ciphertext_len, NULL, &plaintext_len);
if (ret != 42) goto clean; // TODO: what error code?
- ret = crypto_get_block_length(ctx);
+ ret = owl_get_block_length(ctx);
if (ret) goto clean;
plaintext_len += ret; // Add block size for finalize
- plaintext = crypto_alloc(plaintext_len);
+ plaintext = owl_alloc(plaintext_len);
if (!plaintext) goto clean;
size_t len;
- ret = crypto_decrypt_update(ctx, ciphertext, ciphertext_len, plaintext, &len);
+ ret = owl_decrypt_update(ctx, ciphertext, ciphertext_len, plaintext, &len);
if (ret) goto clean;
plaintext_len = len;
- ret = crypto_ctx_set_param(ctx, CRYPTO_PARAM_GCM_TAG, tag, tag_len);
+ ret = owl_ctx_set_param(ctx, OWL_PARAM_GCM_TAG, tag, tag_len);
if (ret) goto clean;
- ret = crypto_encrypt_final(ctx, plaintext + len, &len);
+ ret = owl_encrypt_final(ctx, plaintext + len, &len);
if (ret) goto clean;
plaintext_len += len;
printf("Decrypted data (16 of %zu bytes): %.16s\n", plaintext_len, plaintext);
- crypto_ctx_free(ctx);
+ owl_ctx_free(ctx);
}
clean:
- crypto_free(plaintext);
- crypto_free(ciphertext);
- crypto_free(tag);
- crypto_free(aad);
- crypto_ctx_free(ctx);
- crypto_key_free(aad_key);
- crypto_key_free(iv);
- crypto_key_free(key);
+ owl_free(plaintext);
+ owl_free(ciphertext);
+ owl_free(tag);
+ owl_free(aad);
+ owl_ctx_free(ctx);
+ owl_key_free(aad_key);
+ owl_key_free(iv);
+ owl_key_free(key);
}
int main()
{
int ret = 0;
- if ((ret = crypto_init()))
+ if ((ret = owl_init()))
return ret;
encrypt_decrypt_aes_gcm();
- crypto_exit(); // TODO: what about handing of return value from exit??
+ owl_exit(); // TODO: what about handing of return value from exit??
return ret;
}
{
int ret;
- crypto_key_h private_key = CRYPTO_KEY_NULL;
- crypto_key_h public_key = CRYPTO_KEY_NULL;
- crypto_key_h peer_key = CRYPTO_KEY_NULL;
- crypto_key_h secret = CRYPTO_KEY_NULL;
+ owl_key_h private_key = OWL_KEY_NULL;
+ owl_key_h public_key = OWL_KEY_NULL;
+ owl_key_h peer_key = OWL_KEY_NULL;
+ owl_key_h secret = OWL_KEY_NULL;
// generate private, public key
// add KEY_TYPE_PAIR_DH or use KEY_TYPE_PAIR_ECC and proper len?
// imo add KEY_TYPE_PAIR_DH
- ret = crypto_key_gen_pair(&private_key, &public_key, CRYPTO_KEY_2048BIT, CRYPTO_KEY_TYPE_PAIR_DH);
+ ret = owl_key_gen_pair(&private_key, &public_key, OWL_KEY_2048BIT, OWL_KEY_TYPE_PAIR_DH);
if (ret) goto clean;
// get peer public key from file
rewind(fp);
/* allocate memory for entire content */
- buffer = crypto_alloc(size+1);
+ buffer = owl_alloc(size+1);
if(!buffer) goto clean;
/* copy the file into the buffer */
if(1!=fread(buffer, size, 1, fp)) goto clean;
- ret = crypto_key_import(&peer_key,
- CRYPTO_KEY_FORMAT_RAW, CRYPTO_KEY_TYPE_DH_PUB,
+ ret = owl_key_import(&peer_key,
+ OWL_KEY_FORMAT_RAW, OWL_KEY_TYPE_DH_PUB,
buffer, size);
if (ret) goto clean;
// derive secret
- ret = crypto_key_derive_dh(private_key, peer_key, &secret);
+ ret = owl_key_derive_dh(private_key, peer_key, &secret);
if (ret) goto clean;
clean:
- crypto_key_free(private_key);
- crypto_key_free(public_key);
- crypto_key_free(peer_key);
- crypto_key_free(secret);
+ owl_key_free(private_key);
+ owl_key_free(public_key);
+ owl_key_free(peer_key);
+ owl_key_free(secret);
fclose(fp);
- crypto_free(buffer);
+ owl_free(buffer);
}
void key_exchange_ecdh(void)
int ret;
- crypto_key_h private_key = CRYPTO_KEY_NULL;
- crypto_key_h public_key = CRYPTO_KEY_NULL;
- crypto_key_h peer_key = CRYPTO_KEY_NULL;
- crypto_key_h secret = CRYPTO_KEY_NULL;
+ owl_key_h private_key = OWL_KEY_NULL;
+ owl_key_h public_key = OWL_KEY_NULL;
+ owl_key_h peer_key = OWL_KEY_NULL;
+ owl_key_h secret = OWL_KEY_NULL;
// generate private, public key
- ret = crypto_key_gen_pair(&private_key, &public_key, CRYPTO_KEY_CURVE_P256, CRYPTO_KEY_TYPE_PAIR_ECC);
+ ret = owl_key_gen_pair(&private_key, &public_key, OWL_KEY_CURVE_P256, OWL_KEY_TYPE_PAIR_ECC);
if (ret) goto clean;
// get peer public key from file
rewind(fp);
/* allocate memory for entire content */
- buffer = crypto_alloc(size+1);
+ buffer = owl_alloc(size+1);
if(!buffer) goto clean;
/* copy the file into the buffer */
if(1!=fread(buffer, size, 1, fp)) goto clean;
- ret = crypto_key_import(&peer_key, CRYPTO_KEY_FORMAT_RAW, CRYPTO_KEY_TYPE_ECC_PUB, buffer, size);
+ ret = owl_key_import(&peer_key, OWL_KEY_FORMAT_RAW, OWL_KEY_TYPE_ECC_PUB, buffer, size);
if (ret) goto clean;
// derive secret
- ret = crypto_key_derive_dh(private_key, peer_key, &secret);
+ ret = owl_key_derive_dh(private_key, peer_key, &secret);
if (ret) goto clean;
clean:
- crypto_key_free(private_key);
- crypto_key_free(public_key);
- crypto_key_free(peer_key);
- crypto_key_free(secret);
+ owl_key_free(private_key);
+ owl_key_free(public_key);
+ owl_key_free(peer_key);
+ owl_key_free(secret);
fclose(fp);
- crypto_free(buffer);
+ owl_free(buffer);
}
int main()
{
int ret = 0;
- if ((ret = crypto_init()))
+ if ((ret = owl_init()))
return ret;
key_exchange_dh();
key_exchange_ecdh();
- crypto_exit();
+ owl_exit();
return ret;
}
return i;
}
-int sign(crypto_ctx_h ctx, char** signature, size_t* signature_len)
+int sign(owl_ctx_h ctx, char** signature, size_t* signature_len)
{
char buffer[SIZE];
if(read == 0)
break;
- if(crypto_sign_update(ctx, buffer, read))
+ if(owl_sign_update(ctx, buffer, read))
return -1;
}
// TODO: is it a size in bytes or length in characters?
- *signature_len = crypto_get_digest_length(ctx);
- *signature = (char*)crypto_alloc(*signature_len);
+ *signature_len = owl_get_digest_length(ctx);
+ *signature = (char*)owl_alloc(*signature_len);
- // TODO: crypto_get_digest_length() returns int but crypto_sign_final accepts size_t. Use common type.
- if(crypto_sign_final(ctx, *signature, signature_len))
+ // TODO: owl_get_digest_length() returns int but owl_sign_final accepts size_t. Use common type.
+ if(owl_sign_final(ctx, *signature, signature_len))
return -1;
dump_hex(*signature, *signature_len, "Message signature: ");
return 0;
}
-int verify(crypto_ctx_h ctx, const char* signature, size_t signature_len)
+int verify(owl_ctx_h ctx, const char* signature, size_t signature_len)
{
char buffer[SIZE];
if(read == 0)
break;
- if(crypto_verify_update(ctx, buffer, read))
+ if(owl_verify_update(ctx, buffer, read))
return -1;
}
// TODO: use int or size_t for output sizes
- if(crypto_verify_final(ctx, signature, (size_t)signature_len))
+ if(owl_verify_final(ctx, signature, (size_t)signature_len))
return -1;
printf("Verification succeeded\n");
char* signature = NULL;
size_t signature_len;
- crypto_ctx_h ctx = NULL;
- crypto_key_h prv = NULL, pub = NULL;
- crypto_padding_e padding = CRYPTO_PADDING_PKCS1;
+ owl_ctx_h ctx = NULL;
+ owl_key_h prv = NULL, pub = NULL;
+ owl_padding_e padding = OWL_PADDING_PKCS1;
// GENERATE
- if(crypto_key_gen_pair(&prv, &pub, CRYPTO_KEY_4096BIT, CRYPTO_KEY_TYPE_PAIR_RSA))
+ if(owl_key_gen_pair(&prv, &pub, OWL_KEY_4096BIT, OWL_KEY_TYPE_PAIR_RSA))
return;
// SIGN
- if(crypto_sign_init(&ctx, CRYPTO_DIGEST_SHA512, prv))
+ if(owl_sign_init(&ctx, OWL_DIGEST_SHA512, prv))
goto finish;
- // TODO: crypto_ctx_set_param should take void* not char*
- if(crypto_ctx_set_param(ctx, CRYPTO_PARAM_PADDING, (char*)(&padding), sizeof(padding)))
+ // TODO: owl_ctx_set_param should take void* not char*
+ if(owl_ctx_set_param(ctx, OWL_PARAM_PADDING, (char*)(&padding), sizeof(padding)))
goto finish;
if(sign(ctx, &signature, &signature_len))
goto finish;
// TODO: is this necessary or will next ctx init handle it?
- crypto_ctx_free(ctx);
+ owl_ctx_free(ctx);
ctx = NULL;
// VERIFY
- if(crypto_verify_init(&ctx, CRYPTO_DIGEST_SHA512, pub))
+ if(owl_verify_init(&ctx, OWL_DIGEST_SHA512, pub))
goto finish;
- if(crypto_ctx_set_param(ctx, CRYPTO_PARAM_PADDING, (char*)(&padding), sizeof(padding)))
+ if(owl_ctx_set_param(ctx, OWL_PARAM_PADDING, (char*)(&padding), sizeof(padding)))
goto finish;
if(verify(ctx, signature, signature_len))
goto finish;
finish:
- crypto_free(signature);
- crypto_key_free(prv);
- crypto_key_free(pub);
- crypto_ctx_free(ctx);
+ owl_free(signature);
+ owl_key_free(prv);
+ owl_key_free(pub);
+ owl_ctx_free(ctx);
}
void sign_verify_hmac(void)
char* signature = NULL;
size_t signature_len;
- crypto_ctx_h ctx = NULL;
- crypto_key_h key = NULL;
+ owl_ctx_h ctx = NULL;
+ owl_key_h key = NULL;
// GENERATE
- if(crypto_key_gen(&key, CRYPTO_KEY_256BIT, CRYPTO_KEY_TYPE_SYMMETRIC))
+ if(owl_key_gen(&key, OWL_KEY_256BIT, OWL_KEY_TYPE_SYMMETRIC))
return;
// SIGN
- if(crypto_sign_init(&ctx, CRYPTO_DIGEST_SHA512, key))
+ if(owl_sign_init(&ctx, OWL_DIGEST_SHA512, key))
goto finish;
if(sign(ctx, &signature, &signature_len))
// VERIFY
- if(crypto_verify_init(&ctx, CRYPTO_DIGEST_SHA512, key))
+ if(owl_verify_init(&ctx, OWL_DIGEST_SHA512, key))
goto finish;
if(verify(ctx, signature, signature_len))
goto finish;
finish:
- crypto_free(signature);
- crypto_key_free(key);
- crypto_ctx_free(ctx);
+ owl_free(signature);
+ owl_key_free(key);
+ owl_ctx_free(ctx);
}
void sign_verify_cmac(void)
char* signature = NULL;
size_t signature_len;
- crypto_ctx_h ctx = NULL;
- crypto_key_h key = NULL;
+ owl_ctx_h ctx = NULL;
+ owl_key_h key = NULL;
// GENERATE
- if(crypto_key_gen(&key, CRYPTO_KEY_256BIT, CRYPTO_KEY_TYPE_SYMMETRIC))
+ if(owl_key_gen(&key, OWL_KEY_256BIT, OWL_KEY_TYPE_SYMMETRIC))
return;
// SIGN
// TODO: CMAC must extract the key length to select the proper evp (EVP_aes_XXX_cbc()) it should be documented
- if(crypto_sign_init(&ctx, CRYPTO_DIGEST_CMAC, key))
+ if(owl_sign_init(&ctx, OWL_DIGEST_CMAC, key))
goto finish;
if(sign(ctx, &signature, &signature_len))
// VERIFY
- if(crypto_verify_init(&ctx, CRYPTO_DIGEST_CMAC, key))
+ if(owl_verify_init(&ctx, OWL_DIGEST_CMAC, key))
goto finish;
if(verify(ctx, signature, signature_len))
goto finish;
finish:
- crypto_free(signature);
- crypto_key_free(key);
- crypto_ctx_free(ctx);
+ owl_free(signature);
+ owl_key_free(key);
+ owl_ctx_free(ctx);
}
int main()
{
int ret = 0;
- if ((ret = crypto_init()))
+ if ((ret = owl_init()))
return ret;
// TODO simple?
sign_verify_hmac();
sign_verify_cmac();
- crypto_exit(); // TODO: what about handing of return value from exit??
+ owl_exit(); // TODO: what about handing of return value from exit??
return ret;
}
int main(int argc, char* argv[])
{
- crypto_key_h key;
+ owl_key_h key;
char *k;
size_t kl;
int ret;
printf("Generating key using CryptoAPI.. ");
- ret = crypto_key_gen(&key, CRYPTO_KEY_TYPE_SYMMETRIC, CRYPTO_KEY_UNSAFE_128BIT);
+ ret = owl_key_gen(&key, OWL_KEY_TYPE_SYMMETRIC, OWL_KEY_UNSAFE_128BIT);
printf("done (%d)\n", ret);
printf("Exporting key using CryptoAPI.. ");
- ret = crypto_key_export(key, CRYPTO_KEY_FORMAT_RAW, &k, &kl);
+ ret = owl_key_export(key, OWL_KEY_FORMAT_RAW, &k, &kl);
printf("done (%d)\n", ret);
dump_hex(k, kl, "%zu-bit key: \n", kl);
return 0;
-CryptoAPI
+OWL - OpenSSL Wrapper Layer
Basic information:
test/ - tests
General design:
- - All memory allocated by API should be freed with crypto_free()
- - Contexts and keys should be freed with crypto_ctx_free()/crypto_key_free()
- - Function names: crypto_<operation/object>_<function>; Ex: crypto_verify_init()
+ - All memory allocated by API should be freed with owl_free()
+ - Contexts and keys should be freed with owl_ctx_free()/owl_key_free()
+ - Function names: owl_<operation/object>_<function>; Ex: owl_verify_init()
- Simplified/Simple functions don't have <operation/object> part
- - Enums: CRYPTO_<concept>_<value>; Ex: CRYPTO_KEY_256BIT
+ - Enums: OWL_<concept>_<value>; Ex: OWL_KEY_256BIT
- Objects (context, key) end with _h
- Most functions return 0 on success, negative values on error
#include "ctx_p.h"
-int crypto_init(void)
+int owl_init(void)
{
OPENSSL_init();
OpenSSL_add_all_digests();
return 0;
}
-void crypto_exit(void)
+void owl_exit(void)
{
}
-void *crypto_alloc(size_t size)
+void *owl_alloc(size_t size)
{
return OPENSSL_malloc(size);
}
-void crypto_free(void *ptr)
+void owl_free(void *ptr)
{
OPENSSL_free(ptr);
}
-int crypto_rand_bytes(char *data, size_t data_len)
+int owl_rand_bytes(char *data, size_t data_len)
{
int ret;
if (!data || data_len == 0)
- return CRYPTO_ERROR_INVALID_ARGUMENT;
+ return OWL_ERROR_INVALID_ARGUMENT;
ret = RAND_bytes((unsigned char *)data, data_len);
if (ret == -1)
- return CRYPTO_ERROR_NOT_SUPPORTED;
+ return OWL_ERROR_NOT_SUPPORTED;
if (ret == 1)
return 0;
- return CRYPTO_ERROR_OPENSSL_FAILURE;
+ return OWL_ERROR_OPENSSL_FAILURE;
}
-int crypto_ctx_set_param(crypto_ctx_h ctx, crypto_ex_param_e param,
- const void *value, size_t value_len)
+int owl_ctx_set_param(owl_ctx_h ctx, owl_ex_param_e param,
+ const void *value, size_t value_len)
{
- return CRYPTO_ERROR_NOT_IMPLEMENTED;
+ return OWL_ERROR_NOT_IMPLEMENTED;
}
-int crypto_ctx_get_param(const crypto_ctx_h ctx, crypto_ex_param_e param,
- void **value, size_t *value_len)
+int owl_ctx_get_param(const owl_ctx_h ctx, owl_ex_param_e param,
+ void **value, size_t *value_len)
{
- return CRYPTO_ERROR_NOT_IMPLEMENTED;
+ return OWL_ERROR_NOT_IMPLEMENTED;
}
-void crypto_ctx_free(crypto_ctx_h ctx)
+void owl_ctx_free(owl_ctx_h ctx)
{
- crypto_free(ctx);
+ owl_free(ctx);
}
-int crypto_get_output_length(const crypto_ctx_h ctx, size_t input_len)
+int owl_get_output_length(const owl_ctx_h ctx, size_t input_len)
{
if (!ctx)
- return CRYPTO_ERROR_INVALID_ARGUMENT;
+ return OWL_ERROR_INVALID_ARGUMENT;
return ctx->get_output_length(ctx, input_len);
}
-int crypto_get_iv_length(crypto_enc_algo_e algo,
- crypto_block_cipher_mode_e bcm,
- size_t key_len)
+int owl_get_iv_length(owl_enc_algo_e algo,
+ owl_block_cipher_mode_e bcm,
+ size_t key_len)
{
- return CRYPTO_ERROR_NOT_IMPLEMENTED;
+ return OWL_ERROR_NOT_IMPLEMENTED;
}
#include <stddef.h>
#include <crypto/types.h>
-enum __crypto_ctx_type {
- CRYPTO_CTX_INVALID = 0,
- CRYPTO_CTX_DIGEST
+enum __owl_ctx_type {
+ OWL_CTX_INVALID = 0,
+ OWL_CTX_DIGEST
};
/* Base structure for crypto contexts - to be inherited */
-struct __crypto_ctx_s
-{
- enum __crypto_ctx_type type;
+struct __owl_ctx_s {
+ enum __owl_ctx_type type;
- int (*get_output_length)(const crypto_ctx_h ctx, size_t input_len);
+ int (*get_output_length)(const owl_ctx_h ctx, size_t input_len);
};
#endif // CTX_P_H
-
#include "ctx_p.h"
-typedef struct __crypto_digest_ctx {
- struct __crypto_ctx_s ctx;
+typedef struct __owl_digest_ctx {
+ struct __owl_ctx_s ctx;
const EVP_MD *md;
EVP_MD_CTX *mdctx;
-} crypto_digest_ctx;
+} owl_digest_ctx;
-static crypto_digest_ctx *get_ctx(crypto_ctx_h ctx)
+static owl_digest_ctx *get_ctx(owl_ctx_h ctx)
{
if (!ctx)
return NULL;
- if (ctx->type != CRYPTO_CTX_DIGEST)
+ if (ctx->type != OWL_CTX_DIGEST)
return NULL;
- return (crypto_digest_ctx *)ctx;
+ return (owl_digest_ctx *)ctx;
}
-static int get_digest_output_length(const crypto_ctx_h ctx, size_t input_len)
+static int get_digest_output_length(const owl_ctx_h ctx, size_t input_len)
{
- crypto_digest_ctx *c = get_ctx(ctx);
+ owl_digest_ctx *c = get_ctx(ctx);
if (!c)
- return CRYPTO_ERROR_INVALID_ARGUMENT;
+ return OWL_ERROR_INVALID_ARGUMENT;
return EVP_MD_size(c->md);
}
-
-int crypto_digest_init(crypto_ctx_h *ctx, crypto_digest_algo_e algo)
+int owl_digest_init(owl_ctx_h *ctx, owl_digest_algo_e algo)
{
- crypto_digest_ctx *nc;
+ owl_digest_ctx *nc;
int ret;
if (!ctx)
- return CRYPTO_ERROR_INVALID_ARGUMENT;
+ return OWL_ERROR_INVALID_ARGUMENT;
- nc = crypto_alloc(sizeof(struct __crypto_digest_ctx));
+ nc = owl_alloc(sizeof(struct __owl_digest_ctx));
if (!nc)
- return CRYPTO_ERROR_OUT_OF_MEMORY;
+ return OWL_ERROR_OUT_OF_MEMORY;
- nc->ctx.type = CRYPTO_CTX_DIGEST;
+ nc->ctx.type = OWL_CTX_DIGEST;
nc->ctx.get_output_length = get_digest_output_length;
switch (algo)
{
- case CRYPTO_DIGEST_MD5:
+ case OWL_DIGEST_MD5:
nc->md = EVP_md5();
break;
- case CRYPTO_DIGEST_SHA1:
+ case OWL_DIGEST_SHA1:
nc->md = EVP_sha1();
break;
- case CRYPTO_DIGEST_SHA224:
+ case OWL_DIGEST_SHA224:
nc->md = EVP_sha224();
break;
- case CRYPTO_DIGEST_SHA256:
+ case OWL_DIGEST_SHA256:
nc->md = EVP_sha256();
break;
- case CRYPTO_DIGEST_SHA384:
+ case OWL_DIGEST_SHA384:
nc->md = EVP_sha384();
break;
- case CRYPTO_DIGEST_SHA512:
+ case OWL_DIGEST_SHA512:
nc->md = EVP_sha512();
break;
default:
- crypto_free(nc);
- return CRYPTO_ERROR_INVALID_ARGUMENT;
+ owl_free(nc);
+ return OWL_ERROR_INVALID_ARGUMENT;
}
if (!nc->md) {
- crypto_free(nc);
- return CRYPTO_ERROR_OPENSSL_FAILURE;
+ owl_free(nc);
+ return OWL_ERROR_OPENSSL_FAILURE;
}
nc->mdctx = EVP_MD_CTX_create();
if (!nc->mdctx) {
- crypto_free(nc);
- return CRYPTO_ERROR_OPENSSL_FAILURE;
+ owl_free(nc);
+ return OWL_ERROR_OPENSSL_FAILURE;
}
ret = EVP_DigestInit(nc->mdctx, nc->md);
}
EVP_MD_CTX_destroy(nc->mdctx);
- crypto_free(nc);
+ owl_free(nc);
- return CRYPTO_ERROR_OPENSSL_FAILURE;
+ return OWL_ERROR_OPENSSL_FAILURE;
}
-int crypto_digest_update(crypto_ctx_h ctx, const char *data, size_t data_len)
+int owl_digest_update(owl_ctx_h ctx, const char *data, size_t data_len)
{
- crypto_digest_ctx *c = get_ctx(ctx);
+ owl_digest_ctx *c = get_ctx(ctx);
int ret;
if (!c || !data || !data_len)
- return CRYPTO_ERROR_INVALID_ARGUMENT;
+ return OWL_ERROR_INVALID_ARGUMENT;
ret = EVP_DigestUpdate(c->mdctx, data, data_len);
if (ret == 1)
return 0;
- return CRYPTO_ERROR_OPENSSL_FAILURE;
+ return OWL_ERROR_OPENSSL_FAILURE;
}
-int crypto_digest_final(crypto_ctx_h ctx, char *digest, size_t *digest_len)
+int owl_digest_final(owl_ctx_h ctx, char *digest, size_t *digest_len)
{
- crypto_digest_ctx *c = get_ctx(ctx);
+ owl_digest_ctx *c = get_ctx(ctx);
int ret;
unsigned len = 0;
if (!c || !digest || !digest_len)
- return CRYPTO_ERROR_INVALID_ARGUMENT;
+ return OWL_ERROR_INVALID_ARGUMENT;
if (*digest_len == 0 || *digest_len > UINT_MAX) // DigestFinal accepts uint
- return CRYPTO_ERROR_INVALID_ARGUMENT;
+ return OWL_ERROR_INVALID_ARGUMENT;
ret = EVP_DigestFinal_ex(c->mdctx, (unsigned char*)digest, &len);
*digest_len = len;
if (ret == 1)
return 0;
- return CRYPTO_ERROR_OPENSSL_FAILURE;
+ return OWL_ERROR_OPENSSL_FAILURE;
}
#include <crypto/crypto.h>
#include <crypto/error.h>
-int crypto_encrypt_init(crypto_ctx_h *ctx,
- crypto_enc_algo_e algo,
- crypto_block_cipher_mode_e bcm,
- const crypto_key_h sym_key,
- const crypto_key_h iv)
+int owl_encrypt_init(owl_ctx_h *ctx,
+ owl_enc_algo_e algo,
+ owl_block_cipher_mode_e bcm,
+ const owl_key_h sym_key,
+ const owl_key_h iv)
{
- return CRYPTO_ERROR_NOT_IMPLEMENTED;
+ return OWL_ERROR_NOT_IMPLEMENTED;
}
-int crypto_encrypt_update(crypto_ctx_h ctx,
- const char *plain,
- size_t plain_len,
- char *cipher,
- size_t *cipher_len)
+int owl_encrypt_update(owl_ctx_h ctx,
+ const char *plain,
+ size_t plain_len,
+ char *cipher,
+ size_t *cipher_len)
{
- return CRYPTO_ERROR_NOT_IMPLEMENTED;
+ return OWL_ERROR_NOT_IMPLEMENTED;
}
-int crypto_encrypt_final(crypto_ctx_h ctx,
- char *cipher,
- size_t *cipher_len)
+int owl_encrypt_final(owl_ctx_h ctx,
+ char *cipher,
+ size_t *cipher_len)
{
- return CRYPTO_ERROR_NOT_IMPLEMENTED;
+ return OWL_ERROR_NOT_IMPLEMENTED;
}
-int crypto_decrypt_init(crypto_ctx_h *ctx,
- crypto_enc_algo_e algo,
- crypto_block_cipher_mode_e bcm,
- const crypto_key_h sym_key,
- const crypto_key_h iv)
+int owl_decrypt_init(owl_ctx_h *ctx,
+ owl_enc_algo_e algo,
+ owl_block_cipher_mode_e bcm,
+ const owl_key_h sym_key,
+ const owl_key_h iv)
{
- return CRYPTO_ERROR_NOT_IMPLEMENTED;
+ return OWL_ERROR_NOT_IMPLEMENTED;
}
-int crypto_decrypt_update(crypto_ctx_h ctx,
- const char *cipher,
- size_t cipher_len,
- char *plain,
- size_t *plain_len)
+int owl_decrypt_update(owl_ctx_h ctx,
+ const char *cipher,
+ size_t cipher_len,
+ char *plain,
+ size_t *plain_len)
{
- return CRYPTO_ERROR_NOT_IMPLEMENTED;
+ return OWL_ERROR_NOT_IMPLEMENTED;
}
-int crypto_decrypt_final(crypto_ctx_h ctx,
- char *plain,
- size_t *plain_len)
+int owl_decrypt_final(owl_ctx_h ctx,
+ char *plain,
+ size_t *plain_len)
{
- return CRYPTO_ERROR_NOT_IMPLEMENTED;
+ return OWL_ERROR_NOT_IMPLEMENTED;
}
-int crypto_seal_init(crypto_ctx_h *ctx,
- const crypto_key_h pub_key,
- crypto_enc_algo_e algo,
- crypto_block_cipher_mode_e bcm,
- crypto_key_h *sym_key,
- crypto_key_h *iv)
+int owl_seal_init(owl_ctx_h *ctx,
+ const owl_key_h pub_key,
+ owl_enc_algo_e algo,
+ owl_block_cipher_mode_e bcm,
+ owl_key_h *sym_key,
+ owl_key_h *iv)
{
- return CRYPTO_ERROR_NOT_IMPLEMENTED;
+ return OWL_ERROR_NOT_IMPLEMENTED;
}
-int crypto_seal_update(crypto_ctx_h ctx,
- const char *plain,
- size_t plain_len,
- char *cipher,
- size_t *cipher_len)
+int owl_seal_update(owl_ctx_h ctx,
+ const char *plain,
+ size_t plain_len,
+ char *cipher,
+ size_t *cipher_len)
{
- return CRYPTO_ERROR_NOT_IMPLEMENTED;
+ return OWL_ERROR_NOT_IMPLEMENTED;
}
-int crypto_seal_final(crypto_ctx_h ctx,
- char *cipher,
- size_t *cipher_len)
+int owl_seal_final(owl_ctx_h ctx,
+ char *cipher,
+ size_t *cipher_len)
{
- return CRYPTO_ERROR_NOT_IMPLEMENTED;
+ return OWL_ERROR_NOT_IMPLEMENTED;
}
-int crypto_open_init(crypto_ctx_h *ctx,
- const crypto_key_h prv_key,
- crypto_enc_algo_e algo,
- crypto_block_cipher_mode_e bcm,
- const crypto_key_h sym_key,
- const crypto_key_h iv)
+int owl_open_init(owl_ctx_h *ctx,
+ const owl_key_h prv_key,
+ owl_enc_algo_e algo,
+ owl_block_cipher_mode_e bcm,
+ const owl_key_h sym_key,
+ const owl_key_h iv)
{
- return CRYPTO_ERROR_NOT_IMPLEMENTED;
+ return OWL_ERROR_NOT_IMPLEMENTED;
}
-int crypto_open_update(crypto_ctx_h ctx,
- const char *cipher,
- size_t cipher_len,
- char *plain,
- size_t *plain_len)
+int owl_open_update(owl_ctx_h ctx,
+ const char *cipher,
+ size_t cipher_len,
+ char *plain,
+ size_t *plain_len)
{
- return CRYPTO_ERROR_NOT_IMPLEMENTED;
+ return OWL_ERROR_NOT_IMPLEMENTED;
}
-int crypto_open_final(crypto_ctx_h ctx,
- char *plain,
- size_t *plain_len)
+int owl_open_final(owl_ctx_h ctx,
+ char *plain,
+ size_t *plain_len)
{
- return CRYPTO_ERROR_NOT_IMPLEMENTED;
+ return OWL_ERROR_NOT_IMPLEMENTED;
}
#include "key_p.h"
// Sanity check on key
-inline void key_sanity_check(const crypto_key_h key)
+static inline void key_sanity_check(const owl_key_h key)
{
assert(key->length);
assert(key->length % 8 == 0);
}
-int crypto_key_get_length(const crypto_key_h key)
+int owl_key_get_length(const owl_key_h key)
{
if (!key)
- return CRYPTO_ERROR_INVALID_ARGUMENT;
+ return OWL_ERROR_INVALID_ARGUMENT;
key_sanity_check(key);
return key->length;
}
-int crypto_key_import(crypto_key_h *key,
- crypto_key_fmt_e key_fmt,
- crypto_key_type_e key_type,
- const char *data,
- size_t data_len)
+int owl_key_import(owl_key_h *key,
+ owl_key_fmt_e key_fmt,
+ owl_key_type_e key_type,
+ const char *data,
+ size_t data_len)
{
- crypto_key_h nk = NULL;
+ owl_key_h nk = NULL;
if (!key || !data || !data_len)
- return CRYPTO_ERROR_INVALID_ARGUMENT;
+ return OWL_ERROR_INVALID_ARGUMENT;
- if (key_type != CRYPTO_KEY_TYPE_SYMMETRIC)
- return CRYPTO_ERROR_NOT_IMPLEMENTED;
+ if (key_type != OWL_KEY_TYPE_SYMMETRIC)
+ return OWL_ERROR_NOT_IMPLEMENTED;
- if (key_fmt != CRYPTO_KEY_FORMAT_RAW)
- return CRYPTO_ERROR_NOT_IMPLEMENTED;
+ if (key_fmt != OWL_KEY_FORMAT_RAW)
+ return OWL_ERROR_NOT_IMPLEMENTED;
- if (sizeof(struct __crypto_key_s) + data_len < data_len)
- return CRYPTO_ERROR_TOO_BIG_ARGUMENT;
+ if (sizeof(struct __owl_key_s) + data_len < data_len)
+ return OWL_ERROR_TOO_BIG_ARGUMENT;
- nk = crypto_alloc(sizeof(struct __crypto_key_s) + data_len);
+ nk = owl_alloc(sizeof(struct __owl_key_s) + data_len);
if (!nk)
- return CRYPTO_ERROR_OUT_OF_MEMORY;
+ return OWL_ERROR_OUT_OF_MEMORY;
memcpy(nk->d, data, data_len);
nk->length = data_len * 8;
return 0;
}
-int crypto_key_export(const crypto_key_h key,
- crypto_key_fmt_e key_fmt,
- char **data,
- size_t *data_len)
+int owl_key_export(const owl_key_h key,
+ owl_key_fmt_e key_fmt,
+ char **data,
+ size_t *data_len)
{
int byte_len;
if (!key || !data || !data_len)
- return CRYPTO_ERROR_INVALID_ARGUMENT;
+ return OWL_ERROR_INVALID_ARGUMENT;
- if (key->type != CRYPTO_KEY_TYPE_SYMMETRIC)
- return CRYPTO_ERROR_NOT_IMPLEMENTED;
+ if (key->type != OWL_KEY_TYPE_SYMMETRIC)
+ return OWL_ERROR_NOT_IMPLEMENTED;
- if (key_fmt != CRYPTO_KEY_FORMAT_RAW)
- return CRYPTO_ERROR_NOT_IMPLEMENTED;
+ if (key_fmt != OWL_KEY_FORMAT_RAW)
+ return OWL_ERROR_NOT_IMPLEMENTED;
key_sanity_check(key);
byte_len = key->length / 8;
- *data = crypto_alloc(byte_len);
+ *data = owl_alloc(byte_len);
memcpy(*data, key->d, byte_len);
*data_len = byte_len;
return 0;
}
-int crypto_key_gen(crypto_key_h *sym_key,
- crypto_key_type_e key_type,
- size_t key_len)
+int owl_key_gen(owl_key_h *sym_key,
+ owl_key_type_e key_type,
+ size_t key_len)
{
- if (!sym_key || key_type != CRYPTO_KEY_TYPE_SYMMETRIC)
+ if (!sym_key || key_type != OWL_KEY_TYPE_SYMMETRIC)
return -1;
- *sym_key = crypto_alloc(sizeof(struct __crypto_key_s) + key_len);
+ *sym_key = owl_alloc(sizeof(struct __owl_key_s) + key_len);
if (!*sym_key)
return -1;
(*sym_key)->length = key_len;
(*sym_key)->type = key_type;
- return crypto_rand_bytes((*sym_key)->d, key_len);
+ return owl_rand_bytes((*sym_key)->d, key_len);
}
-int crypto_key_gen_pair(crypto_key_h *prv_key,
- crypto_key_h *pub_key,
- crypto_key_type_e key_type,
- size_t key_len)
+int owl_key_gen_pair(owl_key_h *prv_key,
+ owl_key_h *pub_key,
+ owl_key_type_e key_type,
+ size_t key_len)
{
- return CRYPTO_ERROR_NOT_IMPLEMENTED;
+ return OWL_ERROR_NOT_IMPLEMENTED;
}
-void crypto_key_free(crypto_key_h key)
+void owl_key_free(owl_key_h key)
{
if (!key)
return;
- crypto_free(key);
+ owl_free(key);
}
-int crypto_key_derive_dh(const crypto_key_h prv_key,
- const crypto_key_h pub_key,
- crypto_key_h *sym_key)
+int owl_key_derive_dh(const owl_key_h prv_key,
+ const owl_key_h pub_key,
+ owl_key_h *sym_key)
{
- return CRYPTO_ERROR_NOT_IMPLEMENTED;
+ return OWL_ERROR_NOT_IMPLEMENTED;
}
-int crypto_key_derive_kea(const crypto_key_h prv_key,
- const crypto_key_h pub_key,
- const crypto_key_h prv_key_auth,
- const crypto_key_h pub_key_auth,
- crypto_key_h *sym_key)
+int owl_key_derive_kea(const owl_key_h prv_key,
+ const owl_key_h pub_key,
+ const owl_key_h prv_key_auth,
+ const owl_key_h pub_key_auth,
+ owl_key_h *sym_key)
{
- return CRYPTO_ERROR_NOT_IMPLEMENTED;
+ return OWL_ERROR_NOT_IMPLEMENTED;
}
-int crypto_key_derive_pbkdf2(const char *password,
- const char *salt,
- size_t salt_len,
- int iter,
- crypto_digest_algo_e algo,
- crypto_key_len_e key_len,
- crypto_key_h *key)
+int owl_key_derive_pbkdf2(const char *password,
+ const char *salt,
+ size_t salt_len,
+ int iter,
+ owl_digest_algo_e algo,
+ owl_key_len_e key_len,
+ owl_key_h *key)
{
- return CRYPTO_ERROR_NOT_IMPLEMENTED;
+ return OWL_ERROR_NOT_IMPLEMENTED;
}
* @brief Private header for key.c
*/
-struct __crypto_key_s {
- crypto_key_type_e type;
+struct __owl_key_s {
+ owl_key_type_e type;
size_t length;
char d[0];
};
#include <crypto/crypto.h>
#include <crypto/error.h>
-int crypto_sign_init(crypto_ctx_h *ctx,
- crypto_digest_algo_e algo,
- const crypto_key_h key)
+int owl_sign_init(owl_ctx_h *ctx,
+ owl_digest_algo_e algo,
+ const owl_key_h key)
{
- return CRYPTO_ERROR_NOT_IMPLEMENTED;
+ return OWL_ERROR_NOT_IMPLEMENTED;
}
-int crypto_sign_update(crypto_ctx_h ctx,
- const char *data,
- size_t data_len)
+int owl_sign_update(owl_ctx_h ctx,
+ const char *data,
+ size_t data_len)
{
- return CRYPTO_ERROR_NOT_IMPLEMENTED;
+ return OWL_ERROR_NOT_IMPLEMENTED;
}
-int crypto_sign_final(crypto_ctx_h ctx,
- char *mac,
- size_t *mac_len)
+int owl_sign_final(owl_ctx_h ctx,
+ char *mac,
+ size_t *mac_len)
{
- return CRYPTO_ERROR_NOT_IMPLEMENTED;
+ return OWL_ERROR_NOT_IMPLEMENTED;
}
-int crypto_verify_init(crypto_ctx_h *ctx,
- crypto_digest_algo_e algo,
- const crypto_key_h key)
+int owl_verify_init(owl_ctx_h *ctx,
+ owl_digest_algo_e algo,
+ const owl_key_h key)
{
- return CRYPTO_ERROR_NOT_IMPLEMENTED;
+ return OWL_ERROR_NOT_IMPLEMENTED;
}
-int crypto_verify_update(crypto_ctx_h ctx,
- const char *data,
- size_t data_len)
+int owl_verify_update(owl_ctx_h ctx,
+ const char *data,
+ size_t data_len)
{
- return CRYPTO_ERROR_NOT_IMPLEMENTED;
+ return OWL_ERROR_NOT_IMPLEMENTED;
}
-int crypto_verify_final(crypto_ctx_h ctx,
- const char *mac,
- size_t mac_len)
+int owl_verify_final(owl_ctx_h ctx,
+ const char *mac,
+ size_t mac_len)
{
- return CRYPTO_ERROR_NOT_IMPLEMENTED;
+ return OWL_ERROR_NOT_IMPLEMENTED;
}
#include <crypto/digest.h>
#include <crypto/key.h>
-int crypto_digest_calc(crypto_digest_algo_e algo,
- const char *data,
- size_t data_len,
- char **digest,
- size_t *digest_len)
+int owl_digest_calc(owl_digest_algo_e algo,
+ const char *data,
+ size_t data_len,
+ char **digest,
+ size_t *digest_len)
{
- crypto_ctx_h ctx;
+ owl_ctx_h ctx;
int ret;
char *ldigest;
size_t ldigest_len;
if (!data || !data_len || !digest || !digest_len)
- return CRYPTO_ERROR_INVALID_ARGUMENT;
+ return OWL_ERROR_INVALID_ARGUMENT;
- ret = crypto_digest_init(&ctx, algo);
+ ret = owl_digest_init(&ctx, algo);
if (ret < 0)
return ret;
- ret = crypto_digest_update(ctx, data, data_len);
+ ret = owl_digest_update(ctx, data, data_len);
if (ret < 0)
goto err;
- ret = crypto_get_digest_length(ctx);
+ ret = owl_get_digest_length(ctx);
if (ret < 0)
goto err;
ldigest_len = ret;
- ldigest = crypto_alloc(ldigest_len);
+ ldigest = owl_alloc(ldigest_len);
if (!ldigest)
goto err;
- ret = crypto_digest_final(ctx, ldigest, &ldigest_len);
+ ret = owl_digest_final(ctx, ldigest, &ldigest_len);
if (ret < 0)
goto err_free;
- crypto_ctx_free(ctx);
+ owl_ctx_free(ctx);
*digest_len = ldigest_len;
*digest = ldigest;
return 0;
err_free:
- crypto_free(ldigest);
+ owl_free(ldigest);
err:
- crypto_ctx_free(ctx);
+ owl_ctx_free(ctx);
return ret;
}
-int crypto_encrypt(crypto_enc_algo_e algo,
- crypto_block_cipher_mode_e bcm,
- const crypto_key_h sym_key,
- const crypto_key_h iv,
- const char *plain,
- size_t plain_len,
- char **cipher,
- size_t *cipher_len)
+int owl_encrypt(owl_enc_algo_e algo,
+ owl_block_cipher_mode_e bcm,
+ const owl_key_h sym_key,
+ const owl_key_h iv,
+ const char *plain,
+ size_t plain_len,
+ char **cipher,
+ size_t *cipher_len)
{
- crypto_ctx_h ctx;
+ owl_ctx_h ctx;
int ret;
char *lcipher;
size_t out_len, lcipher_len, written;
if (!plain || !plain_len || !cipher || !cipher_len | !sym_key | !iv)
- return CRYPTO_ERROR_INVALID_ARGUMENT;
+ return OWL_ERROR_INVALID_ARGUMENT;
if (plain_len > INT_MAX) /* TODO: this is because get_output_length returns signed int - perhaps we should change that */
- return CRYPTO_ERROR_TOO_BIG_ARGUMENT;
+ return OWL_ERROR_TOO_BIG_ARGUMENT;
- ret = crypto_encrypt_init(&ctx, algo, bcm, sym_key, iv);
+ ret = owl_encrypt_init(&ctx, algo, bcm, sym_key, iv);
if (ret < 0)
return ret;
- ret = crypto_get_output_length(ctx, plain_len);
+ ret = owl_get_output_length(ctx, plain_len);
if (ret < 0)
goto err;
lcipher_len = ret;
- lcipher = crypto_alloc(lcipher_len);
+ lcipher = owl_alloc(lcipher_len);
if (!lcipher)
goto err;
out_len = lcipher_len;
- ret = crypto_encrypt_update(ctx, plain, plain_len, lcipher, &out_len);
+ ret = owl_encrypt_update(ctx, plain, plain_len, lcipher, &out_len);
if (ret < 0)
goto err_free;
written = out_len;
out_len = lcipher_len - written;
- ret = crypto_encrypt_final(ctx, lcipher + written, &out_len);
+ ret = owl_encrypt_final(ctx, lcipher + written, &out_len);
if (ret < 0)
goto err_free;
assert (out_len + written == lcipher_len);
- crypto_ctx_free(ctx);
+ owl_ctx_free(ctx);
*cipher = lcipher;
*cipher_len = lcipher_len;
return 0;
err_free:
- crypto_free(lcipher);
+ owl_free(lcipher);
err:
- crypto_ctx_free(ctx);
+ owl_ctx_free(ctx);
return ret;
}
-int crypto_decrypt(crypto_enc_algo_e algo,
- crypto_block_cipher_mode_e bcm,
- const crypto_key_h sym_key,
- const crypto_key_h iv,
- const char *cipher,
- size_t cipher_len,
- char **plain,
- size_t *plain_len)
+int owl_decrypt(owl_enc_algo_e algo,
+ owl_block_cipher_mode_e bcm,
+ const owl_key_h sym_key,
+ const owl_key_h iv,
+ const char *cipher,
+ size_t cipher_len,
+ char **plain,
+ size_t *plain_len)
{
- crypto_ctx_h ctx;
+ owl_ctx_h ctx;
int ret;
char *lplain;
size_t out_len, lplain_len, written;
if (!cipher || !cipher_len || !plain || !plain_len || !sym_key || !iv)
- return CRYPTO_ERROR_INVALID_ARGUMENT;
+ return OWL_ERROR_INVALID_ARGUMENT;
if (cipher_len > INT_MAX) /* TODO: this is because get_output_length returns signed int - perhaps we should change that */
- return CRYPTO_ERROR_TOO_BIG_ARGUMENT;
+ return OWL_ERROR_TOO_BIG_ARGUMENT;
- ret = crypto_decrypt_init(&ctx, algo, bcm, sym_key, iv);
+ ret = owl_decrypt_init(&ctx, algo, bcm, sym_key, iv);
if (ret < 0)
return ret;
- ret = crypto_get_output_length(ctx, cipher_len);
+ ret = owl_get_output_length(ctx, cipher_len);
if (ret < 0)
goto err;
lplain_len = ret;
- lplain = crypto_alloc(lplain_len);
+ lplain = owl_alloc(lplain_len);
if (!lplain)
goto err;
out_len = lplain_len;
- ret = crypto_decrypt_update(ctx, cipher, cipher_len, lplain, &out_len);
+ ret = owl_decrypt_update(ctx, cipher, cipher_len, lplain, &out_len);
if (ret < 0)
goto err_free;
written = out_len;
out_len = lplain_len - written;
- ret = crypto_decrypt_final(ctx, lplain + written, &out_len);
+ ret = owl_decrypt_final(ctx, lplain + written, &out_len);
if (ret < 0)
goto err_free;
assert (out_len + written == lplain_len);
- crypto_ctx_free(ctx);
+ owl_ctx_free(ctx);
*plain = lplain;
*plain_len = lplain_len;
return 0;
err_free:
- crypto_free(lplain);
+ owl_free(lplain);
err:
- crypto_ctx_free(ctx);
+ owl_ctx_free(ctx);
return ret;
}
projects / platform / core / security / yaca.git / commitdiff