// TODO: We need a way to import keys encrypted with hw (or other) keys. New function like yaca_key_load or sth??
/**
+ * @brief Get key's type.
+ *
+ * @param[in] key Key which type we return.
+ * @param[out] key_type Key type.
+ *
+ * @return 0 on success, negative on error.
+ */
+int yaca_key_get_type(const yaca_key_h key, yaca_key_type_e *key_type);
+
+/**
* @brief Get key's length (in bits).
*
- * @param[in] key Key which length we return.
+ * @param[in] key Key which length we return.
+ * @param[out] key_bits Key length in bits.
*
- * @return negative on error or key length (in bits).
+ * @return 0 on success, negative on error.
*/
-int yaca_key_get_bits(const yaca_key_h key);
+int yaca_key_get_bits(const yaca_key_h key, size_t *key_bits);
/**
* @brief Imports a key.
const struct yaca_key_simple_s *liv;
struct yaca_encrypt_ctx_s *nc;
const EVP_CIPHER *cipher;
- int key_bits;
+ size_t key_bits;
unsigned char *iv_data = NULL;
- int iv_bits;
+ size_t iv_bits;
+ size_t iv_bits_check;
int ret;
if (ctx == NULL || sym_key == YACA_KEY_NULL)
nc->ctx.get_output_length = get_encrypt_output_length;
nc->op_type = op_type;
- ret = yaca_key_get_bits(sym_key);
- if (ret < 0)
+ ret = yaca_key_get_bits(sym_key, &key_bits);
+ if (ret != 0)
goto err_free;
- key_bits = ret;
ret = encrypt_get_algorithm(algo, bcm, key_bits, &cipher);
if (ret != 0)
ret = YACA_ERROR_INVALID_ARGUMENT;
goto err_free;
}
- if (iv_bits != yaca_key_get_bits(iv)) { /* IV length doesn't match cipher */
+ ret = yaca_key_get_bits(iv, &iv_bits_check);
+ if (ret != 0) {
+ ret = YACA_ERROR_INVALID_ARGUMENT;
+ goto err_free;
+ }
+ if (iv_bits != iv_bits_check) { /* IV length doesn't match cipher */
ret = YACA_ERROR_INVALID_ARGUMENT;
goto err_free;
}
}
}
-API int yaca_key_get_bits(const yaca_key_h key)
+API int yaca_key_get_type(const yaca_key_h key, yaca_key_type_e *key_type)
+{
+ const struct yaca_key_s *lkey = (const struct yaca_key_s *)key;
+
+ if (lkey == NULL || key_type == NULL)
+ return YACA_ERROR_INVALID_ARGUMENT;
+
+ *key_type = lkey->type;
+ return 0;
+}
+
+API int yaca_key_get_bits(const yaca_key_h key, size_t *key_bits)
{
const struct yaca_key_simple_s *simple_key = key_get_simple(key);
const struct yaca_key_evp_s *evp_key = key_get_evp(key);
- if (simple_key != NULL)
- return simple_key->bits;
+ if (key_bits == NULL)
+ return YACA_ERROR_INVALID_ARGUMENT;
+
+ if (simple_key != NULL) {
+ *key_bits = simple_key->bits;
+ return 0;
+ }
if (evp_key != NULL) {
int ret;
return ret;
}
- return ret;
+ *key_bits = ret;
+ return 0;
}
return YACA_ERROR_INVALID_ARGUMENT;
const struct yaca_key_simple_s *liv;
struct yaca_seal_ctx_s *nc;
const EVP_CIPHER *cipher;
- int iv_bits;
+ size_t iv_bits;
+ size_t iv_bits_check;
int ret;
if (ctx == NULL || prv_key == YACA_KEY_NULL || sym_key == YACA_KEY_NULL)
}
// TODO: handling of algorithms with variable IV length
- if (iv_bits != yaca_key_get_bits(iv)) { /* IV length doesn't match cipher */
+ ret = yaca_key_get_bits(iv, &iv_bits_check);
+ if (ret != 0) {
+ ret = YACA_ERROR_INVALID_ARGUMENT;
+ goto err_free;
+ }
+ if (iv_bits != iv_bits_check) { /* IV length doesn't match cipher */
ret = YACA_ERROR_INVALID_ARGUMENT;
goto err_free;
}
projects / platform / core / security / yaca.git / commitdiff