Convert all key lengths to bits

- Rename API parameters to avoid confusion (key_len -> key_bits)
- Rename internal key length to key_bits
- Fix key length handling where it was done incorrectly

Change-Id: If3dcf8ad87246a144019d3fc93c6251c3529d881
Signed-off-by: Mateusz Kulikowski <m.kulikowski@samsung.com>

diff --git a/api/yaca/crypto.h b/api/yaca/crypto.h
index 526bda3..66d77e6 100644 (file)
--- a/api/yaca/crypto.h
+++ b/api/yaca/crypto.h
@@ -165,15 +165,15 @@ int yaca_get_output_length(const yaca_ctx_h ctx, size_t input_len);
 /**
  * @brief yaca_get_iv_length  Returns the recomended/default length of the IV for a given encryption configuration.
  *
- * @param[in] algo  Encryption algorithm.
- * @param[in] bcm   Chain mode.
- * @param[in] key_len   Key length (@see crypto_key_len_e).
+ * @param[in] algo      Encryption algorithm.
+ * @param[in] bcm       Chain mode.
+ * @param[in] key_bits  Key length in bits (@see crypto_key_len_e).
  *
  * @return negative on error (@see error.h) or the IV length.
  */
 int yaca_get_iv_length(yaca_enc_algo_e algo,
                       yaca_block_cipher_mode_e bcm,
-                      size_t key_len);
+                      size_t key_bits);
 
 /**@}*/
 

diff --git a/api/yaca/key.h b/api/yaca/key.h
index 7198ff3..b479867 100644 (file)
--- a/api/yaca/key.h
+++ b/api/yaca/key.h
@@ -48,7 +48,7 @@ extern "C" {
  *
  * @param[in] key  Key which length we return.
  *
- * @return negative on error (@see error.h) or key length.
+ * @return negative on error (@see error.h) or key length (in bits).
  */
 int yaca_key_get_length(const yaca_key_h key);
 
@@ -91,13 +91,13 @@ int yaca_key_export(const yaca_key_h key,
  *
  * @param[out] sym_key   Newly generated key (must be freed with @see yaca_key_free).
  * @param[in]  key_type  Type of the key to be generated.
- * @param[in]  key_len   Length of the key to be generated.
+ * @param[in]  key_bits  Length of the key (in bits) to be generated.
  *
  * @return 0 on success, negative on error (@see error.h).
  */
 int yaca_key_gen(yaca_key_h *sym_key,
                 yaca_key_type_e key_type,
-                size_t key_len);
+                size_t key_bits);
 
 /**
  * @brief yaca_key_gen_pair  Generates a new key pair.
@@ -105,18 +105,18 @@ int yaca_key_gen(yaca_key_h *sym_key,
  * @param[out] prv_key   Newly generated private key (must be freed with @see yaca_key_free).
  * @param[out] pub_key   Newly generated public key (must be freed with @see yaca_key_free).
  * @param[in]  key_type  Type of the key to be generated (must be YACA_KEY_TYPE_PAIR*).
- * @param[in]  key_len   Length of the key to be generated.
+ * @param[in]  key_bits  Length of the key (in bits) to be generated.
  *
  * @return 0 on success, negative on error (@see error.h).
  */
 int yaca_key_gen_pair(yaca_key_h *prv_key,
                      yaca_key_h *pub_key,
                      yaca_key_type_e key_type,
-                     size_t key_len);
+                     size_t key_bits);
 
 /**
  * @brief yaca_key_free  Frees the key created by the library.
- *                         Passing YACA_KEY_NULL is allowed.
+ *                       Passing YACA_KEY_NULL is allowed.
  *
  * @param key  Key to be freed.
  *
@@ -174,7 +174,7 @@ int yaca_key_derive_kea(const yaca_key_h prv_key,
  * @param[in]  salt_len  Length of the salt.
  * @param[in]  iter      Number of iterations. (TODO: add enum to proposed number of iterations, pick sane defaults).
  * @param[in]  algo      Digest algorithm that should be used in key generation. (TODO: sane defaults).
- * @param[in]  key_len   Length of a key to be generated.
+ * @param[in]  key_bits  Length of a key (in bits) to be generated.
  * @param[out] key       Newly generated key (must be freed with @see yaca_key_free).
  *
  * @return 0 on success, negative on error (@see error.h).
@@ -184,7 +184,7 @@ int yaca_key_derive_pbkdf2(const char *password,
                           size_t salt_len,
                           int iter,
                           yaca_digest_algo_e algo,
-                          size_t key_len,
+                          size_t key_bits,
                           yaca_key_h *key);
 
 // TODO: specify

diff --git a/api/yaca/types.h b/api/yaca/types.h
index 020af4d..c4e52b8 100644 (file)
--- a/api/yaca/types.h
+++ b/api/yaca/types.h
@@ -105,7 +105,7 @@ typedef enum {
        YACA_KEY_2048BIT = 2048,
        YACA_KEY_3072BIT = 3072,
        YACA_KEY_4096BIT = 4096
-} yaca_key_len_e;
+} yaca_key_bits_e;
 
 /**
  * @brief Message digest algorithms. CMAC is included to simplify API

diff --git a/src/crypto.c b/src/crypto.c
index 74c3f12..b77e9a2 100644 (file)
--- a/src/crypto.c
+++ b/src/crypto.c
@@ -108,7 +108,7 @@ API int yaca_get_output_length(const yaca_ctx_h ctx, size_t input_len)
 
 API int yaca_get_iv_length(yaca_enc_algo_e algo,
                           yaca_block_cipher_mode_e bcm,
-                          size_t key_len)
+                          size_t key_bits)
 {
        return YACA_ERROR_NOT_IMPLEMENTED;
 }

diff --git a/src/key.c b/src/key.c
index 41000d2..b169bc3 100644 (file)
--- a/src/key.c
+++ b/src/key.c
@@ -44,7 +44,7 @@ struct yaca_key_simple_s
 {
        struct yaca_key_s key;
 
-       size_t length;
+       size_t bits;
        char d[0];
 };
 
@@ -99,8 +99,8 @@ static struct yaca_key_evp_s *get_evp_key(const yaca_key_h key)
 
 static inline void simple_key_sanity_check(const struct yaca_key_simple_s *key)
 {
-       assert(key->length);
-       assert(key->length % 8 == 0);
+       assert(key->bits);
+       assert(key->bits % 8 == 0);
 }
 
 // TODO: do we need a sanity check sanity for Evp keys?
@@ -128,7 +128,7 @@ API int yaca_key_get_length(const yaca_key_h key)
 
        if (simple_key != NULL) {
                simple_key_sanity_check(simple_key);
-               return simple_key->length;
+               return simple_key->bits;
        }
 
        if (evp_key != NULL) {
@@ -162,7 +162,7 @@ API int yaca_key_import(yaca_key_h *key,
                        return YACA_ERROR_OUT_OF_MEMORY;
 
                memcpy(nk->d, data, data_len); /* TODO: CRYPTO_/EVP_... */
-               nk->length = data_len * 8;
+               nk->bits = data_len * 8;
                nk->key.type = key_type;
 
                *key = (yaca_key_h)nk;
@@ -198,7 +198,7 @@ API int yaca_key_export(const yaca_key_h key,
        if (simple_key != NULL) {
                simple_key_sanity_check(simple_key);
 
-               byte_len = simple_key->length / 8;
+               byte_len = simple_key->bits / 8;
                *data = yaca_malloc(byte_len);
                memcpy(*data, simple_key->d, byte_len);
                *data_len = byte_len;
@@ -217,10 +217,11 @@ API int yaca_key_export(const yaca_key_h key,
 
 API int yaca_key_gen(yaca_key_h *sym_key,
                     yaca_key_type_e key_type,
-                    size_t key_len)
+                    size_t key_bits)
 {
        int ret;
        struct yaca_key_simple_s *nk = NULL;
+       size_t key_byte_len = key_bits / 8;
 
        if (sym_key == NULL)
                return YACA_ERROR_INVALID_ARGUMENT;
@@ -248,17 +249,17 @@ API int yaca_key_gen(yaca_key_h *sym_key,
                return YACA_ERROR_INVALID_ARGUMENT;
        }
 
-       if (key_len > SIZE_MAX - sizeof(struct yaca_key_simple_s))
+       if (key_byte_len > SIZE_MAX - sizeof(struct yaca_key_simple_s))
                return YACA_ERROR_TOO_BIG_ARGUMENT;
 
-       nk = yaca_malloc(sizeof(struct yaca_key_simple_s) + key_len);
+       nk = yaca_malloc(sizeof(struct yaca_key_simple_s) + key_byte_len);
        if (nk == NULL)
                return YACA_ERROR_OUT_OF_MEMORY;
 
-       nk->length = key_len;
+       nk->bits = key_bits;
        nk->key.type = key_type;
 
-       ret = yaca_rand_bytes(nk->d, key_len);
+       ret = yaca_rand_bytes(nk->d, key_byte_len);
        if (ret != 0)
                goto err;
 
@@ -274,7 +275,7 @@ err:
 API int yaca_key_gen_pair(yaca_key_h *prv_key,
                          yaca_key_h *pub_key,
                          yaca_key_type_e key_type,
-                         size_t key_len)
+                         size_t key_bits)
 {
        int ret;
        struct yaca_key_evp_s *nk_prv = NULL;
@@ -319,7 +320,7 @@ API int yaca_key_gen_pair(yaca_key_h *prv_key,
                goto free_bne;
        }
 
-       ret = RSA_generate_key_ex(rsa, key_len, bne, NULL);
+       ret = RSA_generate_key_ex(rsa, key_bits, bne, NULL);
        if (ret != 1) {
                ret = YACA_ERROR_OPENSSL_FAILURE;
                goto free_rsa;
@@ -411,36 +412,37 @@ API int yaca_key_derive_pbkdf2(const char *password,
                               size_t salt_len,
                               int iter,
                               yaca_digest_algo_e algo,
-                              size_t key_len,
+                              size_t key_bits,
                               yaca_key_h *key)
 {
        const EVP_MD *md;
        struct yaca_key_simple_s *nk;
+       size_t key_byte_len = key_bits / 8;
        int ret;
 
        if (password == NULL || salt == NULL || salt_len == 0 ||
-           iter == 0 || key_len == 0 || key == NULL)
+           iter == 0 || key_bits == 0 || key == NULL)
                return YACA_ERROR_INVALID_ARGUMENT;
 
        ret = get_digest_algorithm(algo, &md);
        if (ret < 0)
                return ret;
 
-       if (key_len % 8) /* Key length must be multiple of 8-bits */
+       if (key_bits % 8) /* Key length must be multiple of 8-bits */
                return YACA_ERROR_INVALID_ARGUMENT;
 
-       if (key_len > SIZE_MAX - sizeof(struct yaca_key_simple_s))
+       if (key_byte_len > SIZE_MAX - sizeof(struct yaca_key_simple_s))
                return YACA_ERROR_TOO_BIG_ARGUMENT;
 
-       nk = yaca_malloc(sizeof(struct yaca_key_simple_s) + key_len);
+       nk = yaca_malloc(sizeof(struct yaca_key_simple_s) + key_byte_len);
        if (nk == NULL)
                return YACA_ERROR_OUT_OF_MEMORY;
 
-       nk->length = key_len;
+       nk->bits = key_bits;
        nk->key.type = YACA_KEY_TYPE_SYMMETRIC; // TODO: how to handle other keys?
 
        ret = PKCS5_PBKDF2_HMAC(password, -1, (const unsigned char*)salt,
-                               salt_len, iter, md, key_len / 8,
+                               salt_len, iter, md, key_byte_len,
                                (unsigned char*)nk->d);
        if (ret != 1) {
                ret = YACA_ERROR_OPENSSL_FAILURE; // TODO: yaca_get_error_code_from_openssl(ret);