*
* @param[in] key Key which length we return.
*
- * @return negative on error (@see error.h) or key length.
+ * @return negative on error (@see error.h) or key length (in bits).
*/
int yaca_key_get_length(const yaca_key_h key);
*
* @param[out] sym_key Newly generated key (must be freed with @see yaca_key_free).
* @param[in] key_type Type of the key to be generated.
- * @param[in] key_len Length of the key to be generated.
+ * @param[in] key_bits Length of the key (in bits) to be generated.
*
* @return 0 on success, negative on error (@see error.h).
*/
int yaca_key_gen(yaca_key_h *sym_key,
yaca_key_type_e key_type,
- size_t key_len);
+ size_t key_bits);
/**
* @brief yaca_key_gen_pair Generates a new key pair.
* @param[out] prv_key Newly generated private key (must be freed with @see yaca_key_free).
* @param[out] pub_key Newly generated public key (must be freed with @see yaca_key_free).
* @param[in] key_type Type of the key to be generated (must be YACA_KEY_TYPE_PAIR*).
- * @param[in] key_len Length of the key to be generated.
+ * @param[in] key_bits Length of the key (in bits) to be generated.
*
* @return 0 on success, negative on error (@see error.h).
*/
int yaca_key_gen_pair(yaca_key_h *prv_key,
yaca_key_h *pub_key,
yaca_key_type_e key_type,
- size_t key_len);
+ size_t key_bits);
/**
* @brief yaca_key_free Frees the key created by the library.
- * Passing YACA_KEY_NULL is allowed.
+ * Passing YACA_KEY_NULL is allowed.
*
* @param key Key to be freed.
*
* @param[in] salt_len Length of the salt.
* @param[in] iter Number of iterations. (TODO: add enum to proposed number of iterations, pick sane defaults).
* @param[in] algo Digest algorithm that should be used in key generation. (TODO: sane defaults).
- * @param[in] key_len Length of a key to be generated.
+ * @param[in] key_bits Length of a key (in bits) to be generated.
* @param[out] key Newly generated key (must be freed with @see yaca_key_free).
*
* @return 0 on success, negative on error (@see error.h).
size_t salt_len,
int iter,
yaca_digest_algo_e algo,
- size_t key_len,
+ size_t key_bits,
yaca_key_h *key);
// TODO: specify
{
struct yaca_key_s key;
- size_t length;
+ size_t bits;
char d[0];
};
static inline void simple_key_sanity_check(const struct yaca_key_simple_s *key)
{
- assert(key->length);
- assert(key->length % 8 == 0);
+ assert(key->bits);
+ assert(key->bits % 8 == 0);
}
// TODO: do we need a sanity check sanity for Evp keys?
if (simple_key != NULL) {
simple_key_sanity_check(simple_key);
- return simple_key->length;
+ return simple_key->bits;
}
if (evp_key != NULL) {
return YACA_ERROR_OUT_OF_MEMORY;
memcpy(nk->d, data, data_len); /* TODO: CRYPTO_/EVP_... */
- nk->length = data_len * 8;
+ nk->bits = data_len * 8;
nk->key.type = key_type;
*key = (yaca_key_h)nk;
if (simple_key != NULL) {
simple_key_sanity_check(simple_key);
- byte_len = simple_key->length / 8;
+ byte_len = simple_key->bits / 8;
*data = yaca_malloc(byte_len);
memcpy(*data, simple_key->d, byte_len);
*data_len = byte_len;
API int yaca_key_gen(yaca_key_h *sym_key,
yaca_key_type_e key_type,
- size_t key_len)
+ size_t key_bits)
{
int ret;
struct yaca_key_simple_s *nk = NULL;
+ size_t key_byte_len = key_bits / 8;
if (sym_key == NULL)
return YACA_ERROR_INVALID_ARGUMENT;
return YACA_ERROR_INVALID_ARGUMENT;
}
- if (key_len > SIZE_MAX - sizeof(struct yaca_key_simple_s))
+ if (key_byte_len > SIZE_MAX - sizeof(struct yaca_key_simple_s))
return YACA_ERROR_TOO_BIG_ARGUMENT;
- nk = yaca_malloc(sizeof(struct yaca_key_simple_s) + key_len);
+ nk = yaca_malloc(sizeof(struct yaca_key_simple_s) + key_byte_len);
if (nk == NULL)
return YACA_ERROR_OUT_OF_MEMORY;
- nk->length = key_len;
+ nk->bits = key_bits;
nk->key.type = key_type;
- ret = yaca_rand_bytes(nk->d, key_len);
+ ret = yaca_rand_bytes(nk->d, key_byte_len);
if (ret != 0)
goto err;
API int yaca_key_gen_pair(yaca_key_h *prv_key,
yaca_key_h *pub_key,
yaca_key_type_e key_type,
- size_t key_len)
+ size_t key_bits)
{
int ret;
struct yaca_key_evp_s *nk_prv = NULL;
goto free_bne;
}
- ret = RSA_generate_key_ex(rsa, key_len, bne, NULL);
+ ret = RSA_generate_key_ex(rsa, key_bits, bne, NULL);
if (ret != 1) {
ret = YACA_ERROR_OPENSSL_FAILURE;
goto free_rsa;
size_t salt_len,
int iter,
yaca_digest_algo_e algo,
- size_t key_len,
+ size_t key_bits,
yaca_key_h *key)
{
const EVP_MD *md;
struct yaca_key_simple_s *nk;
+ size_t key_byte_len = key_bits / 8;
int ret;
if (password == NULL || salt == NULL || salt_len == 0 ||
- iter == 0 || key_len == 0 || key == NULL)
+ iter == 0 || key_bits == 0 || key == NULL)
return YACA_ERROR_INVALID_ARGUMENT;
ret = get_digest_algorithm(algo, &md);
if (ret < 0)
return ret;
- if (key_len % 8) /* Key length must be multiple of 8-bits */
+ if (key_bits % 8) /* Key length must be multiple of 8-bits */
return YACA_ERROR_INVALID_ARGUMENT;
- if (key_len > SIZE_MAX - sizeof(struct yaca_key_simple_s))
+ if (key_byte_len > SIZE_MAX - sizeof(struct yaca_key_simple_s))
return YACA_ERROR_TOO_BIG_ARGUMENT;
- nk = yaca_malloc(sizeof(struct yaca_key_simple_s) + key_len);
+ nk = yaca_malloc(sizeof(struct yaca_key_simple_s) + key_byte_len);
if (nk == NULL)
return YACA_ERROR_OUT_OF_MEMORY;
- nk->length = key_len;
+ nk->bits = key_bits;
nk->key.type = YACA_KEY_TYPE_SYMMETRIC; // TODO: how to handle other keys?
ret = PKCS5_PBKDF2_HMAC(password, -1, (const unsigned char*)salt,
- salt_len, iter, md, key_len / 8,
+ salt_len, iter, md, key_byte_len,
(unsigned char*)nk->d);
if (ret != 1) {
ret = YACA_ERROR_OPENSSL_FAILURE; // TODO: yaca_get_error_code_from_openssl(ret);