From bb6ffe776a45090a6540e8e64aba923f9e3f9cde Mon Sep 17 00:00:00 2001 From: Lukasz Pawelczyk Date: Tue, 5 Jul 2016 18:49:22 +0200 Subject: [PATCH 01/16] Add a comment describing padding usage Change-Id: I915d829086b10a1718f5499f56dfc604a8e5e525 --- api/yaca/yaca_types.h | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/api/yaca/yaca_types.h b/api/yaca/yaca_types.h index 4508c8d..655879e 100644 --- a/api/yaca/yaca_types.h +++ b/api/yaca/yaca_types.h @@ -389,7 +389,11 @@ typedef enum { * @see #yaca_padding_e */ typedef enum { - /** Padding. Property type is #yaca_padding_e. */ + /** + * Padding for the sign/verify operation. Property type is #yaca_padding_e. + * + * This property can be set at the latest before the *_finalize() call. + */ YACA_PROPERTY_PADDING, /** GCM Additional Authentication Data. Property type is a buffer (e.g. char*) */ -- 2.7.4 From aa4e575aaff9fb9db341223b499f6a430ea70eff Mon Sep 17 00:00:00 2001 From: Lukasz Pawelczyk Date: Thu, 7 Jul 2016 14:33:25 +0200 Subject: [PATCH 02/16] Change ERROR_NONE to 0 where we don't check yaca function Change-Id: Id1e4a26365610e1e26d1f95b67834e2ad1d0e4df --- src/sign.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/sign.c b/src/sign.c index acb0392..6d39a13 100644 --- a/src/sign.c +++ b/src/sign.c @@ -586,7 +586,7 @@ API int yaca_verify_finalize(yaca_context_h ctx, if (ret == 1) return YACA_ERROR_NONE; - if (ret == YACA_ERROR_NONE) { + if (ret == 0) { ERROR_CLEAR(); return YACA_ERROR_DATA_MISMATCH; } -- 2.7.4 From 11bdbcbf460fc5067e4eb8d244ef84654bc5fc63 Mon Sep 17 00:00:00 2001 From: Krzysztof Jackiewicz Date: Tue, 5 Jul 2016 09:20:41 +0200 Subject: [PATCH 03/16] Adjust naming convention to API. Change-Id: I096c1df2007832e52bc797de88df3dd8c46e67aa --- api/yaca/yaca_key.h | 4 +- examples/encrypt.c | 98 +++++++++++++-------------- examples/encrypt_aes_gcm_ccm.c | 130 +++++++++++++++++------------------ examples/misc.c | 4 +- examples/misc.h | 2 +- examples/seal.c | 100 +++++++++++++-------------- readme.txt | 2 +- src/crypto.c | 16 ++--- src/digest.c | 42 ++++++------ src/encrypt.c | 51 +++++++------- src/internal.h | 34 +++++----- src/key.c | 75 ++++++++++----------- src/seal.c | 34 +++++----- src/sign.c | 150 ++++++++++++++++++++--------------------- src/simple.c | 68 +++++++++---------- 15 files changed, 404 insertions(+), 406 deletions(-) diff --git a/api/yaca/yaca_key.h b/api/yaca/yaca_key.h index b6294ad..288e6ce 100644 --- a/api/yaca/yaca_key.h +++ b/api/yaca/yaca_key.h @@ -241,11 +241,11 @@ int yaca_key_generate(yaca_key_type_e key_type, int yaca_key_extract_public(const yaca_key_h prv_key, yaca_key_h *pub_key); /** - * @brief Frees the key created by the library. Passing YACA_KEY_NULL is allowed. + * @brief Release the key created by the library. Passing YACA_KEY_NULL is allowed. * * @since_tizen 3.0 * - * @param[in,out] key Key to be freed + * @param[in,out] key Key to be released * * @see yaca_key_import() * @see yaca_key_export() diff --git a/examples/encrypt.c b/examples/encrypt.c index 426c391..31c8806 100644 --- a/examples/encrypt.c +++ b/examples/encrypt.c @@ -35,39 +35,39 @@ void encrypt_simple(const yaca_encrypt_algorithm_e algo, const yaca_block_cipher_mode_e bcm, - const size_t key_bits) + const size_t key_bit_len) { yaca_key_h key = YACA_KEY_NULL; yaca_key_h iv = YACA_KEY_NULL; char *enc = NULL; char *dec = NULL; - size_t enc_size; - size_t dec_size; - size_t iv_bits; + size_t enc_len; + size_t dec_len; + size_t iv_bit_len; printf("Plain data (16 of %zu bytes): %.16s\n", LOREM4096_SIZE, lorem4096); /* Key generation */ if (yaca_key_derive_pbkdf2("foo bar", "123456789", 10, 1000, - YACA_DIGEST_SHA256, key_bits, &key) != YACA_ERROR_NONE) + YACA_DIGEST_SHA256, key_bit_len, &key) != YACA_ERROR_NONE) return; - if (yaca_encrypt_get_iv_bit_length(algo, bcm, key_bits, &iv_bits) != YACA_ERROR_NONE) + if (yaca_encrypt_get_iv_bit_length(algo, bcm, key_bit_len, &iv_bit_len) != YACA_ERROR_NONE) goto exit; - if (iv_bits > 0 && yaca_key_generate(YACA_KEY_TYPE_IV, iv_bits, &iv) != YACA_ERROR_NONE) + if (iv_bit_len > 0 && yaca_key_generate(YACA_KEY_TYPE_IV, iv_bit_len, &iv) != YACA_ERROR_NONE) goto exit; - if (yaca_simple_encrypt(algo, bcm, key, iv, lorem4096, LOREM4096_SIZE, &enc, &enc_size) != YACA_ERROR_NONE) + if (yaca_simple_encrypt(algo, bcm, key, iv, lorem4096, LOREM4096_SIZE, &enc, &enc_len) != YACA_ERROR_NONE) goto exit; - dump_hex(enc, 16, "Encrypted data (16 of %zu bytes): ", enc_size); + dump_hex(enc, 16, "Encrypted data (16 of %zu bytes): ", enc_len); - if (yaca_simple_decrypt(algo, bcm, key, iv, enc, enc_size, &dec, &dec_size) != YACA_ERROR_NONE) + if (yaca_simple_decrypt(algo, bcm, key, iv, enc, enc_len, &dec, &dec_len) != YACA_ERROR_NONE) goto exit; - printf("Decrypted data (16 of %zu bytes): %.16s\n\n", dec_size, dec); + printf("Decrypted data (16 of %zu bytes): %.16s\n\n", dec_len, dec); exit: yaca_free(enc); @@ -79,33 +79,33 @@ exit: void encrypt_advanced(const yaca_encrypt_algorithm_e algo, const yaca_block_cipher_mode_e bcm, const yaca_key_type_e key_type, - const size_t key_bits) + const size_t key_bit_len) { yaca_context_h ctx = YACA_CONTEXT_NULL; yaca_key_h key = YACA_KEY_NULL; yaca_key_h iv = YACA_KEY_NULL; - size_t iv_bits; + size_t iv_bit_len; char *enc = NULL; char *dec = NULL; - size_t enc_size; - size_t dec_size; + size_t enc_len; + size_t dec_len; size_t block_len; size_t output_len; - size_t out_size; + size_t written_len; size_t rem; printf("Plain data (16 of %zu bytes): %.16s\n", LOREM4096_SIZE, lorem4096); /* Key generation */ - if (yaca_key_generate(key_type, key_bits, &key) != YACA_ERROR_NONE) + if (yaca_key_generate(key_type, key_bit_len, &key) != YACA_ERROR_NONE) return; - if (yaca_encrypt_get_iv_bit_length(algo, bcm, key_bits, &iv_bits) != YACA_ERROR_NONE) + if (yaca_encrypt_get_iv_bit_length(algo, bcm, key_bit_len, &iv_bit_len) != YACA_ERROR_NONE) goto exit; - if (iv_bits > 0 && yaca_key_generate(YACA_KEY_TYPE_IV, iv_bits, &iv) != YACA_ERROR_NONE) + if (iv_bit_len > 0 && yaca_key_generate(YACA_KEY_TYPE_IV, iv_bit_len, &iv) != YACA_ERROR_NONE) goto exit; /* Encryption */ @@ -122,21 +122,21 @@ void encrypt_advanced(const yaca_encrypt_algorithm_e algo, goto exit; /* Calculate max output: size of update + final chunks */ - enc_size = output_len + block_len; - if (yaca_malloc(enc_size, (void**)&enc) != YACA_ERROR_NONE) + enc_len = output_len + block_len; + if (yaca_malloc(enc_len, (void**)&enc) != YACA_ERROR_NONE) goto exit; - out_size = enc_size; - if (yaca_encrypt_update(ctx, lorem4096, LOREM4096_SIZE, enc, &out_size) != YACA_ERROR_NONE) + written_len = enc_len; + if (yaca_encrypt_update(ctx, lorem4096, LOREM4096_SIZE, enc, &written_len) != YACA_ERROR_NONE) goto exit; - rem = enc_size - out_size; - if (yaca_encrypt_finalize(ctx, enc + out_size, &rem) != YACA_ERROR_NONE) + rem = enc_len - written_len; + if (yaca_encrypt_finalize(ctx, enc + written_len, &rem) != YACA_ERROR_NONE) goto exit; - enc_size = rem + out_size; + enc_len = rem + written_len; - dump_hex(enc, 16, "Encrypted data (16 of %zu bytes): ", enc_size); + dump_hex(enc, 16, "Encrypted data (16 of %zu bytes): ", enc_len); yaca_context_destroy(ctx); ctx = YACA_CONTEXT_NULL; @@ -156,21 +156,21 @@ void encrypt_advanced(const yaca_encrypt_algorithm_e algo, goto exit; /* Calculate max output: size of update + final chunks */ - dec_size = output_len + block_len; - if (yaca_malloc(dec_size, (void**)&dec) != YACA_ERROR_NONE) + dec_len = output_len + block_len; + if (yaca_malloc(dec_len, (void**)&dec) != YACA_ERROR_NONE) goto exit; - out_size = dec_size; - if (yaca_decrypt_update(ctx, enc, enc_size, dec, &out_size) != YACA_ERROR_NONE) + written_len = dec_len; + if (yaca_decrypt_update(ctx, enc, enc_len, dec, &written_len) != YACA_ERROR_NONE) goto exit; - rem = dec_size - out_size; - if (yaca_decrypt_finalize(ctx, dec + out_size, &rem) != YACA_ERROR_NONE) + rem = dec_len - written_len; + if (yaca_decrypt_finalize(ctx, dec + written_len, &rem) != YACA_ERROR_NONE) goto exit; - dec_size = rem + out_size; + dec_len = rem + written_len; - printf("Decrypted data (16 of %zu bytes): %.16s\n\n", dec_size, dec); + printf("Decrypted data (16 of %zu bytes): %.16s\n\n", dec_len, dec); } exit: @@ -192,41 +192,41 @@ int main() yaca_encrypt_algorithm_e algo = YACA_ENCRYPT_AES; yaca_block_cipher_mode_e bcm = YACA_BCM_ECB; yaca_key_type_e key_type = YACA_KEY_TYPE_SYMMETRIC; - size_t key_bits = YACA_KEY_LENGTH_256BIT; + size_t key_bit_len = YACA_KEY_LENGTH_256BIT; - encrypt_simple(algo, bcm, key_bits); - encrypt_advanced(algo, bcm, key_type, key_bits); + encrypt_simple(algo, bcm, key_bit_len); + encrypt_advanced(algo, bcm, key_type, key_bit_len); algo = YACA_ENCRYPT_3DES_3TDEA; bcm = YACA_BCM_OFB; key_type = YACA_KEY_TYPE_DES; - key_bits = YACA_KEY_LENGTH_192BIT; + key_bit_len = YACA_KEY_LENGTH_192BIT; - encrypt_advanced(algo, bcm, key_type, key_bits); + encrypt_advanced(algo, bcm, key_type, key_bit_len); algo = YACA_ENCRYPT_CAST5; bcm = YACA_BCM_CFB; key_type = YACA_KEY_TYPE_SYMMETRIC; - key_bits = YACA_KEY_LENGTH_UNSAFE_40BIT; + key_bit_len = YACA_KEY_LENGTH_UNSAFE_40BIT; - encrypt_simple(algo, bcm, key_bits); - encrypt_advanced(algo, bcm, key_type, key_bits); + encrypt_simple(algo, bcm, key_bit_len); + encrypt_advanced(algo, bcm, key_type, key_bit_len); algo = YACA_ENCRYPT_UNSAFE_RC2; bcm = YACA_BCM_CBC; key_type = YACA_KEY_TYPE_SYMMETRIC; - key_bits = YACA_KEY_LENGTH_UNSAFE_8BIT; + key_bit_len = YACA_KEY_LENGTH_UNSAFE_8BIT; - encrypt_simple(algo, bcm, key_bits); - encrypt_advanced(algo, bcm, key_type, key_bits); + encrypt_simple(algo, bcm, key_bit_len); + encrypt_advanced(algo, bcm, key_type, key_bit_len); algo = YACA_ENCRYPT_UNSAFE_RC4; bcm = YACA_BCM_NONE; key_type = YACA_KEY_TYPE_SYMMETRIC; - key_bits = YACA_KEY_LENGTH_2048BIT; + key_bit_len = YACA_KEY_LENGTH_2048BIT; - encrypt_simple(algo, bcm, key_bits); - encrypt_advanced(algo, bcm, key_type, key_bits); + encrypt_simple(algo, bcm, key_bit_len); + encrypt_advanced(algo, bcm, key_type, key_bit_len); yaca_cleanup(); diff --git a/examples/encrypt_aes_gcm_ccm.c b/examples/encrypt_aes_gcm_ccm.c index d635ded..7ac3534 100644 --- a/examples/encrypt_aes_gcm_ccm.c +++ b/examples/encrypt_aes_gcm_ccm.c @@ -37,8 +37,8 @@ void encrypt_decrypt_aes_gcm(void) yaca_encrypt_algorithm_e algo = YACA_ENCRYPT_AES; yaca_block_cipher_mode_e bcm = YACA_BCM_GCM; yaca_key_type_e key_type = YACA_KEY_TYPE_SYMMETRIC; - size_t key_bits = YACA_KEY_LENGTH_256BIT; - size_t iv_bits = YACA_KEY_LENGTH_IV_128BIT; + size_t key_bit_len = YACA_KEY_LENGTH_256BIT; + size_t iv_bit_len = YACA_KEY_LENGTH_IV_128BIT; yaca_context_h ctx = YACA_CONTEXT_NULL; yaca_key_h key = YACA_KEY_NULL; @@ -46,37 +46,37 @@ void encrypt_decrypt_aes_gcm(void) char *enc = NULL; char *dec = NULL; - size_t enc_size; - size_t dec_size; + size_t enc_len; + size_t dec_len; char *aad = NULL; char *tag = NULL; - size_t aad_size = 16; - size_t tag_size = 16; + size_t aad_len = 16; + size_t tag_len = 16; size_t block_len; size_t output_len; - size_t out_size; + size_t written_len; size_t rem; printf("AES GCM 256bit key encryption/decryption\n"); printf("Plain data (16 of %zu bytes): %.16s\n", LOREM4096_SIZE, lorem4096); /* Key generation */ - if (yaca_key_generate(key_type, key_bits, &key) != YACA_ERROR_NONE) + if (yaca_key_generate(key_type, key_bit_len, &key) != YACA_ERROR_NONE) return; /* IV generation */ - if (yaca_key_generate(YACA_KEY_TYPE_IV, iv_bits, &iv) != YACA_ERROR_NONE) + if (yaca_key_generate(YACA_KEY_TYPE_IV, iv_bit_len, &iv) != YACA_ERROR_NONE) goto exit; - if (yaca_zalloc(aad_size, (void**)&aad) != YACA_ERROR_NONE) + if (yaca_zalloc(aad_len, (void**)&aad) != YACA_ERROR_NONE) goto exit; - if (yaca_randomize_bytes(aad, aad_size) != YACA_ERROR_NONE) + if (yaca_randomize_bytes(aad, aad_len) != YACA_ERROR_NONE) goto exit; - if (yaca_zalloc(tag_size, (void**)&tag) != YACA_ERROR_NONE) + if (yaca_zalloc(tag_len, (void**)&tag) != YACA_ERROR_NONE) goto exit; /* Encryption */ @@ -85,7 +85,7 @@ void encrypt_decrypt_aes_gcm(void) goto exit; /* Provide any AAD data */ - if (yaca_context_set_property(ctx, YACA_PROPERTY_GCM_AAD, aad, aad_size) != YACA_ERROR_NONE) + if (yaca_context_set_property(ctx, YACA_PROPERTY_GCM_AAD, aad, aad_len) != YACA_ERROR_NONE) goto exit; /* For the update */ @@ -97,29 +97,29 @@ void encrypt_decrypt_aes_gcm(void) goto exit; /* Calculate max output: size of update + final chunks */ - enc_size = output_len + block_len; - if (yaca_malloc(enc_size, (void**)&enc) != YACA_ERROR_NONE) + enc_len = output_len + block_len; + if (yaca_malloc(enc_len, (void**)&enc) != YACA_ERROR_NONE) goto exit; - out_size = enc_size; - if (yaca_encrypt_update(ctx, lorem4096, LOREM4096_SIZE, enc, &out_size) != YACA_ERROR_NONE) + written_len = enc_len; + if (yaca_encrypt_update(ctx, lorem4096, LOREM4096_SIZE, enc, &written_len) != YACA_ERROR_NONE) goto exit; - rem = enc_size - out_size; - if (yaca_encrypt_finalize(ctx, enc + out_size, &rem) != YACA_ERROR_NONE) + rem = enc_len - written_len; + if (yaca_encrypt_finalize(ctx, enc + written_len, &rem) != YACA_ERROR_NONE) goto exit; - enc_size = rem + out_size; + enc_len = rem + written_len; /* Set the tag length and get the tag after final encryption */ if (yaca_context_set_property(ctx, YACA_PROPERTY_GCM_TAG_LEN, - (void*)&tag_size, sizeof(tag_size)) != YACA_ERROR_NONE) + (void*)&tag_len, sizeof(tag_len)) != YACA_ERROR_NONE) goto exit; - if (yaca_context_get_property(ctx, YACA_PROPERTY_GCM_TAG, (void**)tag, &tag_size) != YACA_ERROR_NONE) + if (yaca_context_get_property(ctx, YACA_PROPERTY_GCM_TAG, (void**)tag, &tag_len) != YACA_ERROR_NONE) goto exit; - dump_hex(enc, 16, "Encrypted data (16 of %zu bytes): ", enc_size); + dump_hex(enc, 16, "Encrypted data (16 of %zu bytes): ", enc_len); yaca_context_destroy(ctx); ctx = YACA_CONTEXT_NULL; @@ -131,7 +131,7 @@ void encrypt_decrypt_aes_gcm(void) goto exit; /* Provide any AAD data */ - if (yaca_context_set_property(ctx, YACA_PROPERTY_GCM_AAD, aad, aad_size) != YACA_ERROR_NONE) + if (yaca_context_set_property(ctx, YACA_PROPERTY_GCM_AAD, aad, aad_len) != YACA_ERROR_NONE) goto exit; /* For the update */ @@ -143,26 +143,26 @@ void encrypt_decrypt_aes_gcm(void) goto exit; /* Calculate max output: size of update + final chunks */ - dec_size = output_len + block_len; - if (yaca_malloc(dec_size, (void**)&dec) != YACA_ERROR_NONE) + dec_len = output_len + block_len; + if (yaca_malloc(dec_len, (void**)&dec) != YACA_ERROR_NONE) goto exit; - out_size = dec_size; - if (yaca_decrypt_update(ctx, enc, enc_size, dec, &out_size) != YACA_ERROR_NONE) + written_len = dec_len; + if (yaca_decrypt_update(ctx, enc, enc_len, dec, &written_len) != YACA_ERROR_NONE) goto exit; - rem = dec_size - out_size; + rem = dec_len - written_len; /* Set expected tag value before final decryption */ - if (yaca_context_set_property(ctx, YACA_PROPERTY_GCM_TAG, tag, tag_size) != YACA_ERROR_NONE) + if (yaca_context_set_property(ctx, YACA_PROPERTY_GCM_TAG, tag, tag_len) != YACA_ERROR_NONE) goto exit; - if (yaca_decrypt_finalize(ctx, dec + out_size, &rem) != YACA_ERROR_NONE) + if (yaca_decrypt_finalize(ctx, dec + written_len, &rem) != YACA_ERROR_NONE) goto exit; - dec_size = rem + out_size; + dec_len = rem + written_len; - printf("Decrypted data (16 of %zu bytes): %.16s\n\n", dec_size, dec); + printf("Decrypted data (16 of %zu bytes): %.16s\n\n", dec_len, dec); } exit: @@ -180,8 +180,8 @@ void encrypt_decrypt_aes_ccm(void) yaca_encrypt_algorithm_e algo = YACA_ENCRYPT_AES; yaca_block_cipher_mode_e bcm = YACA_BCM_CCM; yaca_key_type_e key_type = YACA_KEY_TYPE_SYMMETRIC; - size_t key_bits = YACA_KEY_LENGTH_256BIT; - size_t iv_bits = YACA_KEY_LENGTH_IV_64BIT; + size_t key_bit_len = YACA_KEY_LENGTH_256BIT; + size_t iv_bit_len = YACA_KEY_LENGTH_IV_64BIT; yaca_context_h ctx = YACA_CONTEXT_NULL; yaca_key_h key = YACA_KEY_NULL; @@ -189,17 +189,17 @@ void encrypt_decrypt_aes_ccm(void) char *enc = NULL; char *dec = NULL; - size_t enc_size; - size_t dec_size; + size_t enc_len; + size_t dec_len; char *aad = NULL; char *tag = NULL; - size_t aad_size = 16; - size_t tag_size = 12; + size_t aad_len = 16; + size_t tag_len = 12; size_t block_len; size_t output_len; - size_t out_size; + size_t written_len; size_t rem; size_t len; @@ -207,20 +207,20 @@ void encrypt_decrypt_aes_ccm(void) printf("Plain data (16 of %zu bytes): %.16s\n", LOREM4096_SIZE, lorem4096); /* Key generation */ - if (yaca_key_generate(key_type, key_bits, &key) != YACA_ERROR_NONE) + if (yaca_key_generate(key_type, key_bit_len, &key) != YACA_ERROR_NONE) return; /* IV generation */ - if (yaca_key_generate(YACA_KEY_TYPE_IV, iv_bits, &iv) != YACA_ERROR_NONE) + if (yaca_key_generate(YACA_KEY_TYPE_IV, iv_bit_len, &iv) != YACA_ERROR_NONE) goto exit; - if (yaca_zalloc(aad_size, (void**)&aad) != YACA_ERROR_NONE) + if (yaca_zalloc(aad_len, (void**)&aad) != YACA_ERROR_NONE) goto exit; - if (yaca_randomize_bytes(aad, aad_size) != YACA_ERROR_NONE) + if (yaca_randomize_bytes(aad, aad_len) != YACA_ERROR_NONE) goto exit; - if (yaca_zalloc(tag_size, (void**)&tag) != YACA_ERROR_NONE) + if (yaca_zalloc(tag_len, (void**)&tag) != YACA_ERROR_NONE) goto exit; /* Encryption */ @@ -230,14 +230,14 @@ void encrypt_decrypt_aes_ccm(void) /* Set tag length (optionally) */ if (yaca_context_set_property(ctx, YACA_PROPERTY_CCM_TAG_LEN, - (void*)&tag_size, sizeof(tag_size)) != YACA_ERROR_NONE) + (void*)&tag_len, sizeof(tag_len)) != YACA_ERROR_NONE) goto exit; /* The total plain text length must be passed (only needed if AAD is passed) */ if (yaca_encrypt_update(ctx, NULL, LOREM4096_SIZE , NULL, &len) != YACA_ERROR_NONE) goto exit; - if (yaca_context_set_property(ctx, YACA_PROPERTY_CCM_AAD, aad, aad_size) != YACA_ERROR_NONE) + if (yaca_context_set_property(ctx, YACA_PROPERTY_CCM_AAD, aad, aad_len) != YACA_ERROR_NONE) goto exit; /* For the update */ @@ -249,25 +249,25 @@ void encrypt_decrypt_aes_ccm(void) goto exit; /* Calculate max output: size of update + final chunks */ - enc_size = output_len + block_len; - if (yaca_malloc(enc_size, (void**)&enc) != YACA_ERROR_NONE) + enc_len = output_len + block_len; + if (yaca_malloc(enc_len, (void**)&enc) != YACA_ERROR_NONE) goto exit; - out_size = enc_size; - if (yaca_encrypt_update(ctx, lorem4096, LOREM4096_SIZE, enc, &out_size) != YACA_ERROR_NONE) + written_len = enc_len; + if (yaca_encrypt_update(ctx, lorem4096, LOREM4096_SIZE, enc, &written_len) != YACA_ERROR_NONE) goto exit; - rem = enc_size - out_size; - if (yaca_encrypt_finalize(ctx, enc + out_size, &rem) != YACA_ERROR_NONE) + rem = enc_len - written_len; + if (yaca_encrypt_finalize(ctx, enc + written_len, &rem) != YACA_ERROR_NONE) goto exit; - enc_size = rem + out_size; + enc_len = rem + written_len; /* Get the tag after final encryption */ - if (yaca_context_get_property(ctx, YACA_PROPERTY_CCM_TAG, (void**)tag, &tag_size) != YACA_ERROR_NONE) + if (yaca_context_get_property(ctx, YACA_PROPERTY_CCM_TAG, (void**)tag, &tag_len) != YACA_ERROR_NONE) goto exit; - dump_hex(enc, 16, "Encrypted data (16 of %zu bytes): ", enc_size); + dump_hex(enc, 16, "Encrypted data (16 of %zu bytes): ", enc_len); yaca_context_destroy(ctx); ctx = YACA_CONTEXT_NULL; @@ -279,14 +279,14 @@ void encrypt_decrypt_aes_ccm(void) goto exit; /* Set expected tag value */ - if (yaca_context_set_property(ctx, YACA_PROPERTY_CCM_TAG, tag, tag_size) != YACA_ERROR_NONE) + if (yaca_context_set_property(ctx, YACA_PROPERTY_CCM_TAG, tag, tag_len) != YACA_ERROR_NONE) goto exit; /* The total encrypted text length must be passed (only needed if AAD is passed) */ - if (yaca_decrypt_update(ctx, NULL, enc_size , NULL, &len) != YACA_ERROR_NONE) + if (yaca_decrypt_update(ctx, NULL, enc_len , NULL, &len) != YACA_ERROR_NONE) goto exit; - if (yaca_context_set_property(ctx, YACA_PROPERTY_CCM_AAD, aad, aad_size) != YACA_ERROR_NONE) + if (yaca_context_set_property(ctx, YACA_PROPERTY_CCM_AAD, aad, aad_len) != YACA_ERROR_NONE) goto exit; /* For the update */ @@ -298,19 +298,19 @@ void encrypt_decrypt_aes_ccm(void) goto exit; /* Calculate max output: size of update + final chunks */ - dec_size = output_len + block_len; - if (yaca_malloc(dec_size, (void**)&dec) != YACA_ERROR_NONE) + dec_len = output_len + block_len; + if (yaca_malloc(dec_len, (void**)&dec) != YACA_ERROR_NONE) goto exit; - out_size = dec_size; + written_len = dec_len; /* The tag verify is performed when you call the final yaca_decrypt_update(), * there is no call to yaca_decrypt_finalize() */ - if (yaca_decrypt_update(ctx, enc, enc_size, dec, &out_size) != YACA_ERROR_NONE) + if (yaca_decrypt_update(ctx, enc, enc_len, dec, &written_len) != YACA_ERROR_NONE) goto exit; - dec_size = out_size; + dec_len = written_len; - printf("Decrypted data (16 of %zu bytes): %.16s\n\n", dec_size, dec); + printf("Decrypted data (16 of %zu bytes): %.16s\n\n", dec_len, dec); } exit: diff --git a/examples/misc.c b/examples/misc.c index fe3711f..07784d7 100644 --- a/examples/misc.c +++ b/examples/misc.c @@ -34,7 +34,7 @@ #include "misc.h" -void dump_hex(const char *buf, size_t dump_size, const char *fmt, ...) +void dump_hex(const char *buf, size_t dump_len, const char *fmt, ...) { va_list ap; @@ -42,7 +42,7 @@ void dump_hex(const char *buf, size_t dump_size, const char *fmt, ...) vprintf(fmt, ap); va_end(ap); putchar('\n'); - BIO_dump_fp(stdout, buf, dump_size); + BIO_dump_fp(stdout, buf, dump_len); } void debug_func(const char *buf) diff --git a/examples/misc.h b/examples/misc.h index bf8a8e0..33c50bb 100644 --- a/examples/misc.h +++ b/examples/misc.h @@ -26,7 +26,7 @@ #include -void dump_hex(const char *buf, size_t dump_size, const char *fmt, ...); +void dump_hex(const char *buf, size_t dump_len, const char *fmt, ...); void debug_func(const char *buf); diff --git a/examples/seal.c b/examples/seal.c index 96e5888..a7774eb 100644 --- a/examples/seal.c +++ b/examples/seal.c @@ -34,7 +34,7 @@ void encrypt_seal(const yaca_encrypt_algorithm_e algo, const yaca_block_cipher_mode_e bcm, - const size_t key_bits) + const size_t key_bit_len) { yaca_context_h ctx = YACA_CONTEXT_NULL; yaca_key_h key_pub = YACA_KEY_NULL; @@ -49,7 +49,7 @@ void encrypt_seal(const yaca_encrypt_algorithm_e algo, size_t block_len; size_t output_len; - size_t out_len; + size_t written_len; size_t rem; printf("Plain data (16 of %zu bytes): %.16s\n", LOREM4096_SIZE, lorem4096); @@ -63,7 +63,7 @@ void encrypt_seal(const yaca_encrypt_algorithm_e algo, /* Encrypt a.k.a. seal */ { - if (yaca_seal_initialize(&ctx, key_pub, algo, bcm, key_bits, &sym_key, &iv) != YACA_ERROR_NONE) + if (yaca_seal_initialize(&ctx, key_pub, algo, bcm, key_bit_len, &sym_key, &iv) != YACA_ERROR_NONE) goto exit; /* For the update */ @@ -80,15 +80,15 @@ void encrypt_seal(const yaca_encrypt_algorithm_e algo, goto exit; /* Seal and finalize */ - out_len = enc_len; - if (yaca_seal_update(ctx, lorem4096, LOREM4096_SIZE, enc, &out_len) != YACA_ERROR_NONE) + written_len = enc_len; + if (yaca_seal_update(ctx, lorem4096, LOREM4096_SIZE, enc, &written_len) != YACA_ERROR_NONE) goto exit; - rem = enc_len - out_len; - if (yaca_seal_finalize(ctx, enc + out_len, &rem) != YACA_ERROR_NONE) + rem = enc_len - written_len; + if (yaca_seal_finalize(ctx, enc + written_len, &rem) != YACA_ERROR_NONE) goto exit; - enc_len = rem + out_len; + enc_len = rem + written_len; dump_hex(enc, 16, "Encrypted data (16 of %zu bytes): ", enc_len); @@ -98,7 +98,7 @@ void encrypt_seal(const yaca_encrypt_algorithm_e algo, /* Decrypt a.k.a. open */ { - if (yaca_open_initialize(&ctx, key_priv, algo, bcm, key_bits, sym_key, iv) != YACA_ERROR_NONE) + if (yaca_open_initialize(&ctx, key_priv, algo, bcm, key_bit_len, sym_key, iv) != YACA_ERROR_NONE) goto exit; /* For the update */ @@ -115,15 +115,15 @@ void encrypt_seal(const yaca_encrypt_algorithm_e algo, goto exit; /* Open and finalize */ - out_len = dec_len; - if (yaca_open_update(ctx, enc, enc_len, dec, &out_len) != YACA_ERROR_NONE) + written_len = dec_len; + if (yaca_open_update(ctx, enc, enc_len, dec, &written_len) != YACA_ERROR_NONE) goto exit; - rem = dec_len - out_len; - if (yaca_open_finalize(ctx, dec + out_len, &rem) != YACA_ERROR_NONE) + rem = dec_len - written_len; + if (yaca_open_finalize(ctx, dec + written_len, &rem) != YACA_ERROR_NONE) goto exit; - dec_len = rem + out_len; + dec_len = rem + written_len; printf("Decrypted data (16 of %zu bytes): %.16s\n\n", dec_len, dec); } @@ -142,7 +142,7 @@ void encrypt_seal_aes_gcm(void) { yaca_encrypt_algorithm_e algo = YACA_ENCRYPT_AES; yaca_block_cipher_mode_e bcm = YACA_BCM_GCM; - size_t key_bits = YACA_KEY_LENGTH_256BIT; + size_t key_bit_len = YACA_KEY_LENGTH_256BIT; yaca_context_h ctx = YACA_CONTEXT_NULL; yaca_key_h key_pub = YACA_KEY_NULL; @@ -162,7 +162,7 @@ void encrypt_seal_aes_gcm(void) size_t block_len; size_t output_len; - size_t out_len; + size_t written_len; size_t rem; printf("Plain data (16 of %zu bytes): %.16s\n", LOREM4096_SIZE, lorem4096); @@ -185,7 +185,7 @@ void encrypt_seal_aes_gcm(void) /* Encryption */ { - if (yaca_seal_initialize(&ctx, key_pub, algo, bcm, key_bits, &sym_key, &iv) != YACA_ERROR_NONE) + if (yaca_seal_initialize(&ctx, key_pub, algo, bcm, key_bit_len, &sym_key, &iv) != YACA_ERROR_NONE) goto exit; /* Provide any AAD data */ @@ -205,15 +205,15 @@ void encrypt_seal_aes_gcm(void) if (yaca_malloc(enc_len, (void**)&enc) != YACA_ERROR_NONE) goto exit; - out_len = enc_len; - if (yaca_seal_update(ctx, lorem4096, LOREM4096_SIZE, enc, &out_len) != YACA_ERROR_NONE) + written_len = enc_len; + if (yaca_seal_update(ctx, lorem4096, LOREM4096_SIZE, enc, &written_len) != YACA_ERROR_NONE) goto exit; - rem = enc_len - out_len; - if (yaca_seal_finalize(ctx, enc + out_len, &rem) != YACA_ERROR_NONE) + rem = enc_len - written_len; + if (yaca_seal_finalize(ctx, enc + written_len, &rem) != YACA_ERROR_NONE) goto exit; - enc_len = rem + out_len; + enc_len = rem + written_len; /* Set the tag length and get the tag after final encryption */ if (yaca_context_set_property(ctx, YACA_PROPERTY_GCM_TAG_LEN, @@ -231,7 +231,7 @@ void encrypt_seal_aes_gcm(void) /* Decryption */ { - if (yaca_open_initialize(&ctx, key_priv, algo, bcm, key_bits, sym_key, iv) != YACA_ERROR_NONE) + if (yaca_open_initialize(&ctx, key_priv, algo, bcm, key_bit_len, sym_key, iv) != YACA_ERROR_NONE) goto exit; /* Provide any AAD data */ @@ -251,20 +251,20 @@ void encrypt_seal_aes_gcm(void) if (yaca_malloc(dec_len, (void**)&dec) != YACA_ERROR_NONE) goto exit; - out_len = dec_len; - if (yaca_open_update(ctx, enc, enc_len, dec, &out_len) != YACA_ERROR_NONE) + written_len = dec_len; + if (yaca_open_update(ctx, enc, enc_len, dec, &written_len) != YACA_ERROR_NONE) goto exit; - rem = dec_len - out_len; + rem = dec_len - written_len; /* Set expected tag value before final decryption */ if (yaca_context_set_property(ctx, YACA_PROPERTY_GCM_TAG, tag, tag_len) != YACA_ERROR_NONE) goto exit; - if (yaca_open_finalize(ctx, dec + out_len, &rem) != YACA_ERROR_NONE) + if (yaca_open_finalize(ctx, dec + written_len, &rem) != YACA_ERROR_NONE) goto exit; - dec_len = rem + out_len; + dec_len = rem + written_len; printf("Decrypted data (16 of %zu bytes): %.16s\n\n", dec_len, dec); } @@ -283,7 +283,7 @@ void encrypt_seal_aes_ccm(void) { yaca_encrypt_algorithm_e algo = YACA_ENCRYPT_AES; yaca_block_cipher_mode_e bcm = YACA_BCM_CCM; - size_t key_bits = YACA_KEY_LENGTH_192BIT; + size_t key_bit_len = YACA_KEY_LENGTH_192BIT; yaca_context_h ctx = YACA_CONTEXT_NULL; yaca_key_h key_pub = YACA_KEY_NULL; @@ -303,7 +303,7 @@ void encrypt_seal_aes_ccm(void) size_t block_len; size_t output_len; - size_t out_len; + size_t written_len; size_t rem; size_t len; @@ -327,7 +327,7 @@ void encrypt_seal_aes_ccm(void) /* Encryption */ { - if (yaca_seal_initialize(&ctx, key_pub, algo, bcm, key_bits, &sym_key, &iv) != YACA_ERROR_NONE) + if (yaca_seal_initialize(&ctx, key_pub, algo, bcm, key_bit_len, &sym_key, &iv) != YACA_ERROR_NONE) goto exit; /* Set tag length (optionally) */ @@ -356,15 +356,15 @@ void encrypt_seal_aes_ccm(void) if (yaca_malloc(enc_len, (void**)&enc) != YACA_ERROR_NONE) goto exit; - out_len = enc_len; - if (yaca_seal_update(ctx, lorem4096, LOREM4096_SIZE, enc, &out_len) != YACA_ERROR_NONE) + written_len = enc_len; + if (yaca_seal_update(ctx, lorem4096, LOREM4096_SIZE, enc, &written_len) != YACA_ERROR_NONE) goto exit; - rem = enc_len - out_len; - if (yaca_seal_finalize(ctx, enc + out_len, &rem) != YACA_ERROR_NONE) + rem = enc_len - written_len; + if (yaca_seal_finalize(ctx, enc + written_len, &rem) != YACA_ERROR_NONE) goto exit; - enc_len = rem + out_len; + enc_len = rem + written_len; /* Get the tag after final encryption */ if (yaca_context_get_property(ctx, YACA_PROPERTY_CCM_TAG, (void**)tag, &tag_len) != YACA_ERROR_NONE) @@ -378,7 +378,7 @@ void encrypt_seal_aes_ccm(void) /* Decryption */ { - if (yaca_open_initialize(&ctx, key_priv, algo, bcm, key_bits, sym_key, iv) != YACA_ERROR_NONE) + if (yaca_open_initialize(&ctx, key_priv, algo, bcm, key_bit_len, sym_key, iv) != YACA_ERROR_NONE) goto exit; /* Set expected tag value */ @@ -406,13 +406,13 @@ void encrypt_seal_aes_ccm(void) if (yaca_malloc(dec_len, (void**)&dec) != YACA_ERROR_NONE) goto exit; - out_len = dec_len; + written_len = dec_len; /* The tag verify is performed when you call the final yaca_open_update(), * there is no call to yaca_open_finalize() */ - if (yaca_open_update(ctx, enc, enc_len, dec, &out_len) != YACA_ERROR_NONE) + if (yaca_open_update(ctx, enc, enc_len, dec, &written_len) != YACA_ERROR_NONE) goto exit; - dec_len = out_len; + dec_len = written_len; printf("Decrypted data (16 of %zu bytes): %.16s\n\n", dec_len, dec); } @@ -438,20 +438,20 @@ int main() printf("AES CBC 256bit key seal/open\n"); yaca_encrypt_algorithm_e algo = YACA_ENCRYPT_AES; yaca_block_cipher_mode_e bcm = YACA_BCM_CBC; - size_t key_bits = YACA_KEY_LENGTH_256BIT; - encrypt_seal(algo, bcm, key_bits); + size_t key_bit_len = YACA_KEY_LENGTH_256BIT; + encrypt_seal(algo, bcm, key_bit_len); printf("3DES 192bit key seal/open\n"); algo = YACA_ENCRYPT_3DES_3TDEA; bcm = YACA_BCM_CFB; - key_bits = YACA_KEY_LENGTH_192BIT; - encrypt_seal(algo, bcm, key_bits); - - printf("RC4 40bit key seal/open\n"); - algo = YACA_ENCRYPT_UNSAFE_RC4; - bcm = YACA_BCM_NONE; - key_bits = YACA_KEY_LENGTH_UNSAFE_40BIT; - encrypt_seal(algo, bcm, key_bits); + key_bit_len = YACA_KEY_LENGTH_192BIT; + encrypt_seal(algo, bcm, key_bit_len); + + printf("RC2 40bit key seal/open\n"); + algo = YACA_ENCRYPT_UNSAFE_RC2; + bcm = YACA_BCM_OFB; + key_bit_len = YACA_KEY_LENGTH_UNSAFE_40BIT; + encrypt_seal(algo, bcm, key_bit_len); printf("AES GCM 256bit key seal/open\n"); encrypt_seal_aes_gcm(); diff --git a/readme.txt b/readme.txt index 664632f..26518b2 100644 --- a/readme.txt +++ b/readme.txt @@ -14,7 +14,7 @@ Project structure: General design: - All memory allocated by API should be freed with yaca_free() - - Contexts and keys should be freed with yaca_context_destroy()/yaca_key_destroy() + - Contexts and keys should be released with yaca_context_destroy()/yaca_key_destroy() - Function names: yaca__; Ex: yaca_verify_initialize() - Simplified/Simple functions don't have part, but have prefix - Enums: YACA__; Ex: YACA_KEY_LENGTH_256BIT diff --git a/src/crypto.c b/src/crypto.c index 158bcf8..2714120 100644 --- a/src/crypto.c +++ b/src/crypto.c @@ -77,7 +77,7 @@ API int yaca_initialize(void) { int ret = YACA_ERROR_NONE; - /* no calling yaca_initalize() twice on the same thread */ + /* no calling yaca_initialize() twice on the same thread */ if (current_thread_initialized) return YACA_ERROR_INTERNAL; @@ -142,7 +142,7 @@ API int yaca_initialize(void) /* * TODO: * - We should also decide on Openssl config. - * - Here's a good tutorial for initalization and cleanup: + * - Here's a good tutorial for initialization and cleanup: * https://wiki.openssl.org/index.php/Library_Initialization * - We should also initialize the entropy for random number generator: * https://wiki.openssl.org/index.php/Random_Numbers#Initialization @@ -260,26 +260,26 @@ API int yaca_randomize_bytes(char *data, size_t data_len) API int yaca_context_set_property(yaca_context_h ctx, yaca_property_e property, const void *value, size_t value_len) { - if (ctx == YACA_CONTEXT_NULL || ctx->set_param == NULL) + if (ctx == YACA_CONTEXT_NULL || ctx->set_property == NULL) return YACA_ERROR_INVALID_PARAMETER; - return ctx->set_param(ctx, property, value, value_len); + return ctx->set_property(ctx, property, value, value_len); } API int yaca_context_get_property(const yaca_context_h ctx, yaca_property_e property, void **value, size_t *value_len) { - if (ctx == YACA_CONTEXT_NULL || ctx->get_param == NULL) + if (ctx == YACA_CONTEXT_NULL || ctx->get_property == NULL) return YACA_ERROR_INVALID_PARAMETER; - return ctx->get_param(ctx, property, value, value_len); + return ctx->get_property(ctx, property, value, value_len); } API void yaca_context_destroy(yaca_context_h ctx) { if (ctx != YACA_CONTEXT_NULL) { - assert(ctx->ctx_destroy != NULL); - ctx->ctx_destroy(ctx); + assert(ctx->context_destroy != NULL); + ctx->context_destroy(ctx); yaca_free(ctx); } } diff --git a/src/digest.c b/src/digest.c index b003e97..fa342bb 100644 --- a/src/digest.c +++ b/src/digest.c @@ -31,20 +31,20 @@ #include "internal.h" -struct yaca_digest_ctx_s { +struct yaca_digest_context_s { struct yaca_context_s ctx; - EVP_MD_CTX *mdctx; + EVP_MD_CTX *md_ctx; }; -static struct yaca_digest_ctx_s *get_digest_ctx(const yaca_context_h ctx) +static struct yaca_digest_context_s *get_digest_context(const yaca_context_h ctx) { if (ctx == YACA_CONTEXT_NULL) return NULL; switch (ctx->type) { - case YACA_CTX_DIGEST: - return (struct yaca_digest_ctx_s *)ctx; + case YACA_CONTEXT_DIGEST: + return (struct yaca_digest_context_s *)ctx; default: return NULL; } @@ -56,12 +56,12 @@ static int get_digest_output_length(const yaca_context_h ctx, { assert(output_len != NULL); - struct yaca_digest_ctx_s *c = get_digest_ctx(ctx); + struct yaca_digest_context_s *c = get_digest_context(ctx); if (c == NULL || input_len != 0) return YACA_ERROR_INVALID_PARAMETER; - int md_size = EVP_MD_CTX_size(c->mdctx); + int md_size = EVP_MD_CTX_size(c->md_ctx); if (md_size <= 0) return YACA_ERROR_INTERNAL; @@ -72,13 +72,13 @@ static int get_digest_output_length(const yaca_context_h ctx, static void destroy_digest_context(yaca_context_h ctx) { - struct yaca_digest_ctx_s *c = get_digest_ctx(ctx); + struct yaca_digest_context_s *c = get_digest_context(ctx); if (c == NULL) return; - EVP_MD_CTX_destroy(c->mdctx); - c->mdctx = NULL; + EVP_MD_CTX_destroy(c->md_ctx); + c->md_ctx = NULL; } int digest_get_algorithm(yaca_digest_algorithm_e algo, const EVP_MD **md) @@ -125,32 +125,32 @@ int digest_get_algorithm(yaca_digest_algorithm_e algo, const EVP_MD **md) API int yaca_digest_initialize(yaca_context_h *ctx, yaca_digest_algorithm_e algo) { int ret; - struct yaca_digest_ctx_s *nc = NULL; + struct yaca_digest_context_s *nc = NULL; const EVP_MD *md; if (ctx == NULL) return YACA_ERROR_INVALID_PARAMETER; - ret = yaca_zalloc(sizeof(struct yaca_digest_ctx_s), (void**)&nc); + ret = yaca_zalloc(sizeof(struct yaca_digest_context_s), (void**)&nc); if (ret != YACA_ERROR_NONE) return ret; - nc->ctx.type = YACA_CTX_DIGEST; - nc->ctx.ctx_destroy = destroy_digest_context; + nc->ctx.type = YACA_CONTEXT_DIGEST; + nc->ctx.context_destroy = destroy_digest_context; nc->ctx.get_output_length = get_digest_output_length; ret = digest_get_algorithm(algo, &md); if (ret != YACA_ERROR_NONE) goto exit; - nc->mdctx = EVP_MD_CTX_create(); - if (nc->mdctx == NULL) { + nc->md_ctx = EVP_MD_CTX_create(); + if (nc->md_ctx == NULL) { ret = YACA_ERROR_INTERNAL; ERROR_DUMP(ret); goto exit; } - ret = EVP_DigestInit(nc->mdctx, md); + ret = EVP_DigestInit(nc->md_ctx, md); if (ret != 1) { ret = YACA_ERROR_INTERNAL; ERROR_DUMP(ret); @@ -169,13 +169,13 @@ exit: API int yaca_digest_update(yaca_context_h ctx, const char *data, size_t data_len) { - struct yaca_digest_ctx_s *c = get_digest_ctx(ctx); + struct yaca_digest_context_s *c = get_digest_context(ctx); int ret; if (c == NULL || data == NULL || data_len == 0) return YACA_ERROR_INVALID_PARAMETER; - ret = EVP_DigestUpdate(c->mdctx, data, data_len); + ret = EVP_DigestUpdate(c->md_ctx, data, data_len); if (ret != 1) { ret = YACA_ERROR_INTERNAL; ERROR_DUMP(ret); @@ -187,7 +187,7 @@ API int yaca_digest_update(yaca_context_h ctx, const char *data, size_t data_len API int yaca_digest_finalize(yaca_context_h ctx, char *digest, size_t *digest_len) { - struct yaca_digest_ctx_s *c = get_digest_ctx(ctx); + struct yaca_digest_context_s *c = get_digest_context(ctx); int ret; unsigned len = 0; @@ -197,7 +197,7 @@ API int yaca_digest_finalize(yaca_context_h ctx, char *digest, size_t *digest_le if (*digest_len == 0 || *digest_len > UINT_MAX) /* DigestFinal accepts UINT */ return YACA_ERROR_INVALID_PARAMETER; - ret = EVP_DigestFinal_ex(c->mdctx, (unsigned char*)digest, &len); + ret = EVP_DigestFinal_ex(c->md_ctx, (unsigned char*)digest, &len); if (ret != 1) { ret = YACA_ERROR_INTERNAL; ERROR_DUMP(ret); diff --git a/src/encrypt.c b/src/encrypt.c index b248896..6dc4527 100644 --- a/src/encrypt.c +++ b/src/encrypt.c @@ -39,7 +39,7 @@ struct yaca_encrypt_context_s *get_encrypt_context(const yaca_context_h ctx) return NULL; switch (ctx->type) { - case YACA_CTX_ENCRYPT: + case YACA_CONTEXT_ENCRYPT: return (struct yaca_encrypt_context_s *)ctx; default: return NULL; @@ -257,7 +257,7 @@ static const char *bcm_to_str(yaca_block_cipher_mode_e bcm) int encrypt_get_algorithm(yaca_encrypt_algorithm_e algo, yaca_block_cipher_mode_e bcm, - size_t key_bits, + size_t key_bit_len, const EVP_CIPHER **cipher) { char cipher_name[32]; @@ -266,14 +266,13 @@ int encrypt_get_algorithm(yaca_encrypt_algorithm_e algo, const EVP_CIPHER *lcipher; int ret; - if (algo_name == NULL || bcm_name == NULL || key_bits == 0 || - cipher == NULL) + if (algo_name == NULL || bcm_name == NULL || key_bit_len == 0 || cipher == NULL) return YACA_ERROR_INVALID_PARAMETER; switch (algo) { case YACA_ENCRYPT_AES: ret = snprintf(cipher_name, sizeof(cipher_name), "%s-%zu-%s", - algo_name, key_bits, bcm_name); + algo_name, key_bit_len, bcm_name); break; case YACA_ENCRYPT_UNSAFE_DES: case YACA_ENCRYPT_UNSAFE_RC2: @@ -317,16 +316,16 @@ static int encrypt_initialize(yaca_context_h *ctx, yaca_block_cipher_mode_e bcm, const yaca_key_h sym_key, const yaca_key_h iv, - enum encrypt_op_type op_type) + enum encrypt_op_type_e op_type) { const struct yaca_key_simple_s *lkey; const struct yaca_key_simple_s *liv; struct yaca_encrypt_context_s *nc; const EVP_CIPHER *cipher; - size_t key_bits; + size_t key_bit_len; unsigned char *iv_data = NULL; - size_t iv_bits; - size_t iv_bits_check; + size_t iv_bit_len; + size_t iv_bit_len_check; int ret; if (ctx == NULL || sym_key == YACA_KEY_NULL) @@ -340,19 +339,19 @@ static int encrypt_initialize(yaca_context_h *ctx, if (ret != YACA_ERROR_NONE) return ret; - nc->ctx.type = YACA_CTX_ENCRYPT; - nc->ctx.ctx_destroy = destroy_encrypt_context; + nc->ctx.type = YACA_CONTEXT_ENCRYPT; + nc->ctx.context_destroy = destroy_encrypt_context; nc->ctx.get_output_length = get_encrypt_output_length; - nc->ctx.set_param = set_encrypt_property; - nc->ctx.get_param = get_encrypt_property; + nc->ctx.set_property = set_encrypt_property; + nc->ctx.get_property = get_encrypt_property; nc->op_type = op_type; nc->tag_len = 0; - ret = yaca_key_get_bit_length(sym_key, &key_bits); + ret = yaca_key_get_bit_length(sym_key, &key_bit_len); if (ret != YACA_ERROR_NONE) goto exit; - ret = encrypt_get_algorithm(algo, bcm, key_bits, &cipher); + ret = encrypt_get_algorithm(algo, bcm, key_bit_len, &cipher); if (ret != YACA_ERROR_NONE) goto exit; @@ -363,25 +362,25 @@ static int encrypt_initialize(yaca_context_h *ctx, goto exit; } - iv_bits = ret * 8; - if (iv_bits == 0 && iv != NULL) { /* 0 -> cipher doesn't use iv, but it was provided */ + iv_bit_len = ret * 8; + if (iv_bit_len == 0 && iv != NULL) { /* 0 -> cipher doesn't use iv, but it was provided */ ret = YACA_ERROR_INVALID_PARAMETER; goto exit; } - if (iv_bits != 0) { /* cipher requires iv*/ + if (iv_bit_len != 0) { /* cipher requires iv*/ liv = key_get_simple(iv); if (liv == NULL) { /* iv was not provided */ ret = YACA_ERROR_INVALID_PARAMETER; goto exit; } - ret = yaca_key_get_bit_length(iv, &iv_bits_check); + ret = yaca_key_get_bit_length(iv, &iv_bit_len_check); if (ret != YACA_ERROR_NONE) { ret = YACA_ERROR_INVALID_PARAMETER; goto exit; } /* IV length doesn't match cipher (GCM & CCM supports variable IV length) */ - if (iv_bits != iv_bits_check && + if (iv_bit_len != iv_bit_len_check && bcm != YACA_BCM_GCM && bcm != YACA_BCM_CCM) { ret = YACA_ERROR_INVALID_PARAMETER; @@ -416,7 +415,7 @@ static int encrypt_initialize(yaca_context_h *ctx, } /* Handling of algorithms with variable key length */ - ret = EVP_CIPHER_CTX_set_key_length(nc->cipher_ctx, key_bits / 8); + ret = EVP_CIPHER_CTX_set_key_length(nc->cipher_ctx, key_bit_len / 8); if (ret != 1) { ret = YACA_ERROR_INVALID_PARAMETER; ERROR_DUMP(ret); @@ -424,14 +423,14 @@ static int encrypt_initialize(yaca_context_h *ctx, } /* Handling of algorithms with variable IV length */ - if (iv_bits != iv_bits_check) { + if (iv_bit_len != iv_bit_len_check) { if (bcm == YACA_BCM_GCM) ret = EVP_CIPHER_CTX_ctrl(nc->cipher_ctx, EVP_CTRL_GCM_SET_IVLEN, - iv_bits_check / 8, NULL); + iv_bit_len_check / 8, NULL); if (bcm == YACA_BCM_CCM) ret = EVP_CIPHER_CTX_ctrl(nc->cipher_ctx, EVP_CTRL_CCM_SET_IVLEN, - iv_bits_check / 8, NULL); + iv_bit_len_check / 8, NULL); if (ret != 1) { ret = YACA_ERROR_INVALID_PARAMETER; @@ -475,7 +474,7 @@ exit: int encrypt_update(yaca_context_h ctx, const unsigned char *input, size_t input_len, unsigned char *output, size_t *output_len, - enum encrypt_op_type op_type) + enum encrypt_op_type_e op_type) { struct yaca_encrypt_context_s *c = get_encrypt_context(ctx); int ret; @@ -513,7 +512,7 @@ int encrypt_update(yaca_context_h ctx, int encrypt_finalize(yaca_context_h ctx, unsigned char *output, size_t *output_len, - enum encrypt_op_type op_type) + enum encrypt_op_type_e op_type) { struct yaca_encrypt_context_s *c = get_encrypt_context(ctx); int ret; diff --git a/src/internal.h b/src/internal.h index dce0a61..762c019 100644 --- a/src/internal.h +++ b/src/internal.h @@ -34,14 +34,14 @@ #define API __attribute__ ((visibility("default"))) #define UNUSED __attribute__((unused)) -enum yaca_ctx_type_e { - YACA_CTX_INVALID = 0, - YACA_CTX_DIGEST, - YACA_CTX_SIGN, - YACA_CTX_ENCRYPT +enum yaca_context_type_e { + YACA_CONTEXT_INVALID = 0, + YACA_CONTEXT_DIGEST, + YACA_CONTEXT_SIGN, + YACA_CONTEXT_ENCRYPT }; -enum encrypt_op_type { +enum encrypt_op_type_e { OP_ENCRYPT = 0, OP_DECRYPT = 1, OP_SEAL = 2, @@ -50,21 +50,21 @@ enum encrypt_op_type { /* Base structure for crypto contexts - to be inherited */ struct yaca_context_s { - enum yaca_ctx_type_e type; + enum yaca_context_type_e type; - void (*ctx_destroy)(const yaca_context_h ctx); + void (*context_destroy)(const yaca_context_h ctx); int (*get_output_length)(const yaca_context_h ctx, size_t input_len, size_t *output_len); - int (*set_param)(yaca_context_h ctx, yaca_property_e param, - const void *value, size_t value_len); - int (*get_param)(const yaca_context_h ctx, yaca_property_e param, - void **value, size_t *value_len); + int (*set_property)(yaca_context_h ctx, yaca_property_e property, + const void *value, size_t value_len); + int (*get_property)(const yaca_context_h ctx, yaca_property_e property, + void **value, size_t *value_len); }; struct yaca_encrypt_context_s { struct yaca_context_s ctx; EVP_CIPHER_CTX *cipher_ctx; - enum encrypt_op_type op_type; /* Operation context was created for */ + enum encrypt_op_type_e op_type; /* Operation context was created for */ size_t tag_len; }; @@ -82,7 +82,7 @@ struct yaca_key_s { struct yaca_key_simple_s { struct yaca_key_s key; - size_t bits; + size_t bit_len; char d[]; }; @@ -116,17 +116,17 @@ int get_encrypt_property(const yaca_context_h ctx, yaca_property_e property, int encrypt_get_algorithm(yaca_encrypt_algorithm_e algo, yaca_block_cipher_mode_e bcm, - size_t key_bits, + size_t key_bit_len, const EVP_CIPHER **cipher); int encrypt_update(yaca_context_h ctx, const unsigned char *input, size_t input_len, unsigned char *output, size_t *output_len, - enum encrypt_op_type op_type); + enum encrypt_op_type_e op_type); int encrypt_finalize(yaca_context_h ctx, unsigned char *output, size_t *output_len, - enum encrypt_op_type op_type); + enum encrypt_op_type_e op_type); struct yaca_key_simple_s *key_get_simple(const yaca_key_h key); struct yaca_key_evp_s *key_get_evp(const yaca_key_h key); diff --git a/src/key.c b/src/key.c index 4153434..e018d14 100644 --- a/src/key.c +++ b/src/key.c @@ -32,7 +32,6 @@ #include #include #include -#include #include #include @@ -219,7 +218,7 @@ int import_simple(yaca_key_h *key, return ret; } - /* key_bits has to fit in size_t */ + /* key_bit_len has to fit in size_t */ if (key_data_len > SIZE_MAX / 8) { ret = YACA_ERROR_INVALID_PARAMETER; goto exit; @@ -227,10 +226,10 @@ int import_simple(yaca_key_h *key, /* DES key length verification */ if (key_type == YACA_KEY_TYPE_DES) { - size_t key_bits = key_data_len * 8; - if (key_bits != YACA_KEY_LENGTH_UNSAFE_64BIT && - key_bits != YACA_KEY_LENGTH_UNSAFE_128BIT && - key_bits != YACA_KEY_LENGTH_192BIT) { + size_t key_bit_len = key_data_len * 8; + if (key_bit_len != YACA_KEY_LENGTH_UNSAFE_64BIT && + key_bit_len != YACA_KEY_LENGTH_UNSAFE_128BIT && + key_bit_len != YACA_KEY_LENGTH_192BIT) { ret = YACA_ERROR_INVALID_PARAMETER; goto exit; } @@ -241,7 +240,7 @@ int import_simple(yaca_key_h *key, goto exit; memcpy(nk->d, key_data, key_data_len); - nk->bits = key_data_len * 8; + nk->bit_len = key_data_len * 8; nk->key.type = key_type; *key = (yaca_key_h)nk; @@ -426,7 +425,7 @@ int export_simple_raw(struct yaca_key_simple_s *simple_key, assert(data != NULL); assert(data_len != NULL); - size_t key_len = simple_key->bits / 8; + size_t key_len = simple_key->bit_len / 8; assert(key_len > 0); @@ -449,7 +448,7 @@ int export_simple_base64(struct yaca_key_simple_s *simple_key, assert(data_len != NULL); int ret; - size_t key_len = simple_key->bits / 8; + size_t key_len = simple_key->bit_len / 8; BIO *b64; BIO *mem; char *bio_data; @@ -735,19 +734,19 @@ exit: return ret; } -int gen_simple(struct yaca_key_simple_s **out, size_t key_bits) +int generate_simple(struct yaca_key_simple_s **out, size_t key_bit_len) { assert(out != NULL); int ret; struct yaca_key_simple_s *nk; - size_t key_byte_len = key_bits / 8; + size_t key_byte_len = key_bit_len / 8; ret = yaca_zalloc(sizeof(struct yaca_key_simple_s) + key_byte_len, (void**)&nk); if (ret != YACA_ERROR_NONE) return ret; - nk->bits = key_bits; + nk->bit_len = key_bit_len; ret = yaca_randomize_bytes(nk->d, key_byte_len); if (ret != YACA_ERROR_NONE) @@ -757,18 +756,18 @@ int gen_simple(struct yaca_key_simple_s **out, size_t key_bits) return YACA_ERROR_NONE; } -int gen_simple_des(struct yaca_key_simple_s **out, size_t key_bits) +int generate_simple_des(struct yaca_key_simple_s **out, size_t key_bit_len) { assert(out != NULL); - if (key_bits != YACA_KEY_LENGTH_UNSAFE_64BIT && - key_bits != YACA_KEY_LENGTH_UNSAFE_128BIT && - key_bits != YACA_KEY_LENGTH_192BIT) + if (key_bit_len != YACA_KEY_LENGTH_UNSAFE_64BIT && + key_bit_len != YACA_KEY_LENGTH_UNSAFE_128BIT && + key_bit_len != YACA_KEY_LENGTH_192BIT) return YACA_ERROR_INVALID_PARAMETER; int ret; struct yaca_key_simple_s *nk; - size_t key_byte_len = key_bits / 8; + size_t key_byte_len = key_bit_len / 8; ret = yaca_zalloc(sizeof(struct yaca_key_simple_s) + key_byte_len, (void**)&nk); if (ret != YACA_ERROR_NONE) @@ -800,7 +799,7 @@ int gen_simple_des(struct yaca_key_simple_s **out, size_t key_bits) } } - nk->bits = key_bits; + nk->bit_len = key_bit_len; *out = nk; nk = NULL; ret = YACA_ERROR_NONE; @@ -811,12 +810,12 @@ exit: return ret; } -// TODO: consider merging gen_evp_*, they share awful lot of common code -int gen_evp_rsa(struct yaca_key_evp_s **out, size_t key_bits) +// TODO: consider merging generate_evp_*, they share awful lot of common code +int generate_evp_rsa(struct yaca_key_evp_s **out, size_t key_bit_len) { assert(out != NULL); - assert(key_bits > 0); - assert(key_bits % 8 == 0); + assert(key_bit_len > 0); + assert(key_bit_len % 8 == 0); int ret; struct yaca_key_evp_s *nk; @@ -841,7 +840,7 @@ int gen_evp_rsa(struct yaca_key_evp_s **out, size_t key_bits) goto exit; } - ret = EVP_PKEY_CTX_set_rsa_keygen_bits(ctx, key_bits); + ret = EVP_PKEY_CTX_set_rsa_keygen_bits(ctx, key_bit_len); if (ret != 1) { ret = ERROR_HANDLE(); goto exit; @@ -868,15 +867,15 @@ exit: return ret; } -int gen_evp_dsa(struct yaca_key_evp_s **out, size_t key_bits) +int generate_evp_dsa(struct yaca_key_evp_s **out, size_t key_bit_len) { assert(out != NULL); - assert(key_bits > 0); - assert(key_bits % 8 == 0); + assert(key_bit_len > 0); + assert(key_bit_len % 8 == 0); /* Openssl generates 512-bit key for key lengths smaller than 512. It also * rounds key size to multiplication of 64. */ - if (key_bits < 512 || key_bits % 64 != 0) + if (key_bit_len < 512 || key_bit_len % 64 != 0) return YACA_ERROR_INVALID_PARAMETER; int ret; @@ -904,7 +903,7 @@ int gen_evp_dsa(struct yaca_key_evp_s **out, size_t key_bits) goto exit; } - ret = EVP_PKEY_CTX_set_dsa_paramgen_bits(pctx, key_bits); + ret = EVP_PKEY_CTX_set_dsa_paramgen_bits(pctx, key_bit_len); if (ret != 1) { ret = ERROR_HANDLE(); goto exit; @@ -968,8 +967,8 @@ struct yaca_key_simple_s *key_get_simple(const yaca_key_h key) k = (struct yaca_key_simple_s *)key; /* sanity check */ - assert(k->bits != 0); - assert(k->bits % 8 == 0); + assert(k->bit_len != 0); + assert(k->bit_len % 8 == 0); assert(k->d != NULL); return k; @@ -1007,7 +1006,7 @@ static yaca_key_h key_copy_simple(const struct yaca_key_simple_s *key) assert(key != NULL); struct yaca_key_simple_s *copy; - size_t size = sizeof(struct yaca_key_simple_s) + key->bits / 8; + size_t size = sizeof(struct yaca_key_simple_s) + key->bit_len / 8; ret = yaca_zalloc(size, (void**)©); if (ret != YACA_ERROR_NONE) @@ -1068,7 +1067,7 @@ API int yaca_key_get_bit_length(const yaca_key_h key, size_t *key_bit_len) return YACA_ERROR_INVALID_PARAMETER; if (simple_key != NULL) { - *key_bit_len = simple_key->bits; + *key_bit_len = simple_key->bit_len; return YACA_ERROR_NONE; } @@ -1176,16 +1175,16 @@ API int yaca_key_generate(yaca_key_type_e key_type, switch (key_type) { case YACA_KEY_TYPE_SYMMETRIC: case YACA_KEY_TYPE_IV: - ret = gen_simple(&nk_simple, key_bit_len); + ret = generate_simple(&nk_simple, key_bit_len); break; case YACA_KEY_TYPE_DES: - ret = gen_simple_des(&nk_simple, key_bit_len); + ret = generate_simple_des(&nk_simple, key_bit_len); break; case YACA_KEY_TYPE_RSA_PRIV: - ret = gen_evp_rsa(&nk_evp, key_bit_len); + ret = generate_evp_rsa(&nk_evp, key_bit_len); break; case YACA_KEY_TYPE_DSA_PRIV: - ret = gen_evp_dsa(&nk_evp, key_bit_len); + ret = generate_evp_dsa(&nk_evp, key_bit_len); break; // case YACA_KEY_TYPE_DH_PRIV: // case YACA_KEY_TYPE_EC_PRIV: @@ -1309,7 +1308,7 @@ API int yaca_key_derive_pbkdf2(const char *password, iterations == 0 || key_bit_len == 0 || key == NULL) return YACA_ERROR_INVALID_PARAMETER; - if (key_bit_len % 8) /* Key length must be multiple of 8-bits */ + if (key_bit_len % 8) /* Key length must be multiple of 8-bit_len */ return YACA_ERROR_INVALID_PARAMETER; if (iterations > INT_MAX) /* OpenSSL limitation */ @@ -1323,7 +1322,7 @@ API int yaca_key_derive_pbkdf2(const char *password, if (ret != YACA_ERROR_NONE) return ret; - nk->bits = key_bit_len; + nk->bit_len = key_bit_len; nk->key.type = YACA_KEY_TYPE_SYMMETRIC; // TODO: how to handle other keys? ret = PKCS5_PBKDF2_HMAC(password, -1, (const unsigned char*)salt, diff --git a/src/seal.c b/src/seal.c index 9f30bd8..7ff74d1 100644 --- a/src/seal.c +++ b/src/seal.c @@ -65,11 +65,11 @@ API int yaca_seal_initialize(yaca_context_h *ctx, if (ret != YACA_ERROR_NONE) return ret; - nc->ctx.type = YACA_CTX_ENCRYPT; - nc->ctx.ctx_destroy = destroy_encrypt_context; + nc->ctx.type = YACA_CONTEXT_ENCRYPT; + nc->ctx.context_destroy = destroy_encrypt_context; nc->ctx.get_output_length = get_encrypt_output_length; - nc->ctx.set_param = set_encrypt_property; - nc->ctx.get_param = get_encrypt_property; + nc->ctx.set_property = set_encrypt_property; + nc->ctx.get_property = get_encrypt_property; nc->op_type = OP_SEAL; nc->tag_len = 0; @@ -126,13 +126,13 @@ API int yaca_seal_initialize(yaca_context_h *ctx, goto exit; } - lkey->bits = key_data_length * 8; + lkey->bit_len = key_data_length * 8; lkey->key.type = YACA_KEY_TYPE_SYMMETRIC; *sym_key = (yaca_key_h)lkey; lkey = NULL; if (iv_length > 0) { - liv->bits = iv_length * 8; + liv->bit_len = iv_length * 8; liv->key.type = YACA_KEY_TYPE_IV; *iv = (yaca_key_h)liv; liv = NULL; @@ -182,8 +182,8 @@ API int yaca_open_initialize(yaca_context_h *ctx, struct yaca_encrypt_context_s *nc; const EVP_CIPHER *cipher; unsigned char *iv_data = NULL; - size_t iv_bits; - size_t iv_bits_check; + size_t iv_bit_len; + size_t iv_bit_len_check; int ret; if (ctx == NULL || prv_key == YACA_KEY_NULL || sym_key == YACA_KEY_NULL) @@ -202,11 +202,11 @@ API int yaca_open_initialize(yaca_context_h *ctx, if (ret != YACA_ERROR_NONE) return ret; - nc->ctx.type = YACA_CTX_ENCRYPT; - nc->ctx.ctx_destroy = destroy_encrypt_context; + nc->ctx.type = YACA_CONTEXT_ENCRYPT; + nc->ctx.context_destroy = destroy_encrypt_context; nc->ctx.get_output_length = get_encrypt_output_length; - nc->ctx.set_param = set_encrypt_property; - nc->ctx.get_param = get_encrypt_property; + nc->ctx.set_property = set_encrypt_property; + nc->ctx.get_property = get_encrypt_property; nc->op_type = OP_OPEN; nc->tag_len = 0; @@ -221,25 +221,25 @@ API int yaca_open_initialize(yaca_context_h *ctx, goto exit; } - iv_bits = ret * 8; - if (iv_bits == 0 && iv != NULL) { /* 0 -> cipher doesn't use iv, but it was provided */ + iv_bit_len = ret * 8; + if (iv_bit_len == 0 && iv != NULL) { /* 0 -> cipher doesn't use iv, but it was provided */ ret = YACA_ERROR_INVALID_PARAMETER; goto exit; } - if (iv_bits > 0) { /* cipher requires iv*/ + if (iv_bit_len > 0) { /* cipher requires iv*/ liv = key_get_simple(iv); if (liv == NULL || liv->key.type != YACA_KEY_TYPE_IV) { /* iv was not provided */ ret = YACA_ERROR_INVALID_PARAMETER; goto exit; } - ret = yaca_key_get_bit_length(iv, &iv_bits_check); + ret = yaca_key_get_bit_length(iv, &iv_bit_len_check); if (ret != YACA_ERROR_NONE) { ret = YACA_ERROR_INVALID_PARAMETER; goto exit; } /* IV length doesn't match cipher */ - if (iv_bits != iv_bits_check) { + if (iv_bit_len != iv_bit_len_check) { ret = YACA_ERROR_INVALID_PARAMETER; goto exit; } diff --git a/src/sign.c b/src/sign.c index acb0392..a159e50 100644 --- a/src/sign.c +++ b/src/sign.c @@ -43,21 +43,21 @@ enum sign_op_type { OP_VERIFY = 1 }; -struct yaca_sign_ctx_s { +struct yaca_sign_context_s { struct yaca_context_s ctx; - EVP_MD_CTX *mdctx; + EVP_MD_CTX *md_ctx; enum sign_op_type op_type; }; -static struct yaca_sign_ctx_s *get_sign_ctx(const yaca_context_h ctx) +static struct yaca_sign_context_s *get_sign_context(const yaca_context_h ctx) { if (ctx == YACA_CONTEXT_NULL) return NULL; switch (ctx->type) { - case YACA_CTX_SIGN: - return (struct yaca_sign_ctx_s *)ctx; + case YACA_CONTEXT_SIGN: + return (struct yaca_sign_context_s *)ctx; default: return NULL; } @@ -69,17 +69,17 @@ static int get_sign_output_length(const yaca_context_h ctx, { assert(output_len != NULL); - struct yaca_sign_ctx_s *c = get_sign_ctx(ctx); + struct yaca_sign_context_s *c = get_sign_context(ctx); if (c == NULL || input_len != 0) return YACA_ERROR_INVALID_PARAMETER; - assert(c->mdctx != NULL); + assert(c->md_ctx != NULL); - if (c->mdctx->pctx == NULL) + if (c->md_ctx->pctx == NULL) return YACA_ERROR_INTERNAL; - EVP_PKEY *pkey = EVP_PKEY_CTX_get0_pkey(c->mdctx->pctx); + EVP_PKEY *pkey = EVP_PKEY_CTX_get0_pkey(c->md_ctx->pctx); if (pkey == NULL) { ERROR_DUMP(YACA_ERROR_INTERNAL); return YACA_ERROR_INTERNAL; @@ -97,22 +97,22 @@ static int get_sign_output_length(const yaca_context_h ctx, static void destroy_sign_context(yaca_context_h ctx) { - struct yaca_sign_ctx_s *c = get_sign_ctx(ctx); + struct yaca_sign_context_s *c = get_sign_context(ctx); if (c == NULL) return; - EVP_MD_CTX_destroy(c->mdctx); - c->mdctx = NULL; + EVP_MD_CTX_destroy(c->md_ctx); + c->md_ctx = NULL; } -int set_sign_param(yaca_context_h ctx, - yaca_property_e param, - const void *value, - size_t value_len) +int set_sign_property(yaca_context_h ctx, + yaca_property_e property, + const void *value, + size_t value_len) { int ret; - struct yaca_sign_ctx_s *c = get_sign_ctx(ctx); + struct yaca_sign_context_s *c = get_sign_context(ctx); yaca_padding_e padding; int pad; EVP_PKEY *pkey; @@ -120,13 +120,13 @@ int set_sign_param(yaca_context_h ctx, if (c == NULL || value == NULL) return YACA_ERROR_INVALID_PARAMETER; - assert(c->mdctx != NULL); + assert(c->md_ctx != NULL); - if (c->mdctx->pctx == NULL) + if (c->md_ctx->pctx == NULL) return YACA_ERROR_INTERNAL; /* this function only supports padding */ - if (param != YACA_PROPERTY_PADDING || value_len != sizeof(yaca_padding_e)) + if (property != YACA_PROPERTY_PADDING || value_len != sizeof(yaca_padding_e)) return YACA_ERROR_INVALID_PARAMETER; padding = *(yaca_padding_e *)(value); @@ -147,7 +147,7 @@ int set_sign_param(yaca_context_h ctx, return YACA_ERROR_INVALID_PARAMETER; } - pkey = EVP_PKEY_CTX_get0_pkey(c->mdctx->pctx); + pkey = EVP_PKEY_CTX_get0_pkey(c->md_ctx->pctx); if (pkey == NULL) { ret = YACA_ERROR_INTERNAL; ERROR_DUMP(ret); @@ -158,7 +158,7 @@ int set_sign_param(yaca_context_h ctx, if (pkey->type != EVP_PKEY_RSA) return YACA_ERROR_INVALID_PARAMETER; - ret = EVP_PKEY_CTX_set_rsa_padding(c->mdctx->pctx, pad); + ret = EVP_PKEY_CTX_set_rsa_padding(c->md_ctx->pctx, pad); if (ret <= 0) { ret = YACA_ERROR_INTERNAL; ERROR_DUMP(ret); @@ -168,13 +168,13 @@ int set_sign_param(yaca_context_h ctx, return YACA_ERROR_NONE; } -int get_sign_param(const yaca_context_h ctx, - yaca_property_e param, - void **value, - size_t *value_len) +int get_sign_property(const yaca_context_h ctx, + yaca_property_e property, + void **value, + size_t *value_len) { int ret; - struct yaca_sign_ctx_s *c = get_sign_ctx(ctx); + struct yaca_sign_context_s *c = get_sign_context(ctx); EVP_PKEY *pkey; int pad; yaca_padding_e padding; @@ -182,16 +182,16 @@ int get_sign_param(const yaca_context_h ctx, if (c == NULL || value == NULL) return YACA_ERROR_INVALID_PARAMETER; - assert(c->mdctx != NULL); + assert(c->md_ctx != NULL); - if (c->mdctx->pctx == NULL) + if (c->md_ctx->pctx == NULL) return YACA_ERROR_INTERNAL; /* this function only supports padding */ - if (param != YACA_PROPERTY_PADDING) + if (property != YACA_PROPERTY_PADDING) return YACA_ERROR_INVALID_PARAMETER; - pkey = EVP_PKEY_CTX_get0_pkey(c->mdctx->pctx); + pkey = EVP_PKEY_CTX_get0_pkey(c->md_ctx->pctx); if (pkey == NULL) { ret = YACA_ERROR_INTERNAL; ERROR_DUMP(ret); @@ -202,7 +202,7 @@ int get_sign_param(const yaca_context_h ctx, if (pkey->type != EVP_PKEY_RSA) return YACA_ERROR_INVALID_PARAMETER; - ret = EVP_PKEY_CTX_get_rsa_padding(c->mdctx->pctx, &pad); + ret = EVP_PKEY_CTX_get_rsa_padding(c->md_ctx->pctx, &pad); if (ret <= 0) { ret = YACA_ERROR_INTERNAL; ERROR_DUMP(ret); @@ -240,7 +240,7 @@ API int yaca_sign_initialize(yaca_context_h *ctx, yaca_digest_algorithm_e algo, const yaca_key_h key) { - struct yaca_sign_ctx_s *nc = NULL; + struct yaca_sign_context_s *nc = NULL; const EVP_MD *md = NULL; int ret; const struct yaca_key_evp_s *evp_key = key_get_evp(key); @@ -258,29 +258,29 @@ API int yaca_sign_initialize(yaca_context_h *ctx, return YACA_ERROR_INVALID_PARAMETER; } - ret = yaca_zalloc(sizeof(struct yaca_sign_ctx_s), (void**)&nc); + ret = yaca_zalloc(sizeof(struct yaca_sign_context_s), (void**)&nc); if (ret != YACA_ERROR_NONE) return ret; nc->op_type = OP_SIGN; - nc->ctx.type = YACA_CTX_SIGN; - nc->ctx.ctx_destroy = destroy_sign_context; + nc->ctx.type = YACA_CONTEXT_SIGN; + nc->ctx.context_destroy = destroy_sign_context; nc->ctx.get_output_length = get_sign_output_length; - nc->ctx.set_param = set_sign_param; - nc->ctx.get_param = get_sign_param; + nc->ctx.set_property = set_sign_property; + nc->ctx.get_property = get_sign_property; ret = digest_get_algorithm(algo, &md); if (ret != YACA_ERROR_NONE) goto exit; - nc->mdctx = EVP_MD_CTX_create(); - if (nc->mdctx == NULL) { + nc->md_ctx = EVP_MD_CTX_create(); + if (nc->md_ctx == NULL) { ret = YACA_ERROR_INTERNAL; ERROR_DUMP(ret); goto exit; } - ret = EVP_DigestSignInit(nc->mdctx, NULL, md, NULL, evp_key->evp); + ret = EVP_DigestSignInit(nc->md_ctx, NULL, md, NULL, evp_key->evp); if (ret != 1) { ret = YACA_ERROR_INTERNAL; ERROR_DUMP(ret); @@ -301,7 +301,7 @@ API int yaca_sign_initialize_hmac(yaca_context_h *ctx, yaca_digest_algorithm_e algo, const yaca_key_h key) { - struct yaca_sign_ctx_s *nc = NULL; + struct yaca_sign_context_s *nc = NULL; EVP_PKEY *pkey = NULL; const EVP_MD *md; int ret; @@ -311,19 +311,19 @@ API int yaca_sign_initialize_hmac(yaca_context_h *ctx, (key->type != YACA_KEY_TYPE_SYMMETRIC && key->type != YACA_KEY_TYPE_DES)) return YACA_ERROR_INVALID_PARAMETER; - ret = yaca_zalloc(sizeof(struct yaca_sign_ctx_s), (void**)&nc); + ret = yaca_zalloc(sizeof(struct yaca_sign_context_s), (void**)&nc); if (ret != YACA_ERROR_NONE) return ret; nc->op_type = OP_SIGN; - nc->ctx.type = YACA_CTX_SIGN; - nc->ctx.ctx_destroy = destroy_sign_context; + nc->ctx.type = YACA_CONTEXT_SIGN; + nc->ctx.context_destroy = destroy_sign_context; nc->ctx.get_output_length = get_sign_output_length; pkey = EVP_PKEY_new_mac_key(EVP_PKEY_HMAC, NULL, (unsigned char *)simple_key->d, - simple_key->bits / 8); + simple_key->bit_len / 8); if (pkey == NULL) { ret = YACA_ERROR_INTERNAL; ERROR_DUMP(ret); @@ -334,14 +334,14 @@ API int yaca_sign_initialize_hmac(yaca_context_h *ctx, if (ret != YACA_ERROR_NONE) goto exit; - nc->mdctx = EVP_MD_CTX_create(); - if (nc->mdctx == NULL) { + nc->md_ctx = EVP_MD_CTX_create(); + if (nc->md_ctx == NULL) { ret = YACA_ERROR_INTERNAL; ERROR_DUMP(ret); goto exit; } - ret = EVP_DigestSignInit(nc->mdctx, NULL, md, NULL, pkey); + ret = EVP_DigestSignInit(nc->md_ctx, NULL, md, NULL, pkey); if (ret != 1) { ret = YACA_ERROR_INTERNAL; ERROR_DUMP(ret); @@ -365,7 +365,7 @@ API int yaca_sign_initialize_cmac(yaca_context_h *ctx, yaca_encrypt_algorithm_e algo, const yaca_key_h key) { - struct yaca_sign_ctx_s *nc = NULL; + struct yaca_sign_context_s *nc = NULL; CMAC_CTX* cmac_ctx = NULL; const EVP_CIPHER* cipher = NULL; EVP_PKEY *pkey = NULL; @@ -376,16 +376,16 @@ API int yaca_sign_initialize_cmac(yaca_context_h *ctx, (key->type != YACA_KEY_TYPE_SYMMETRIC && key->type != YACA_KEY_TYPE_DES)) return YACA_ERROR_INVALID_PARAMETER; - ret = yaca_zalloc(sizeof(struct yaca_sign_ctx_s), (void**)&nc); + ret = yaca_zalloc(sizeof(struct yaca_sign_context_s), (void**)&nc); if (ret != YACA_ERROR_NONE) return ret; nc->op_type = OP_SIGN; - nc->ctx.type = YACA_CTX_SIGN; - nc->ctx.ctx_destroy = destroy_sign_context; + nc->ctx.type = YACA_CONTEXT_SIGN; + nc->ctx.context_destroy = destroy_sign_context; nc->ctx.get_output_length = get_sign_output_length; - ret = encrypt_get_algorithm(algo, YACA_BCM_CBC, simple_key->bits, &cipher); + ret = encrypt_get_algorithm(algo, YACA_BCM_CBC, simple_key->bit_len, &cipher); if (ret != YACA_ERROR_NONE) goto exit; @@ -397,7 +397,7 @@ API int yaca_sign_initialize_cmac(yaca_context_h *ctx, goto exit; } - if (CMAC_Init(cmac_ctx, simple_key->d, simple_key->bits / 8, cipher, NULL) != 1) { + if (CMAC_Init(cmac_ctx, simple_key->d, simple_key->bit_len / 8, cipher, NULL) != 1) { ret = YACA_ERROR_INTERNAL; ERROR_DUMP(ret); goto exit; @@ -419,14 +419,14 @@ API int yaca_sign_initialize_cmac(yaca_context_h *ctx, cmac_ctx = NULL; - nc->mdctx = EVP_MD_CTX_create(); - if (nc->mdctx == NULL) { + nc->md_ctx = EVP_MD_CTX_create(); + if (nc->md_ctx == NULL) { ret = YACA_ERROR_INTERNAL; ERROR_DUMP(ret); goto exit; } - if (EVP_DigestSignInit(nc->mdctx, NULL, NULL, NULL, pkey) != 1) { + if (EVP_DigestSignInit(nc->md_ctx, NULL, NULL, NULL, pkey) != 1) { ret = YACA_ERROR_INTERNAL; ERROR_DUMP(ret); goto exit; @@ -450,14 +450,14 @@ API int yaca_sign_update(yaca_context_h ctx, const char *data, size_t data_len) { - struct yaca_sign_ctx_s *c = get_sign_ctx(ctx); + struct yaca_sign_context_s *c = get_sign_context(ctx); int ret; if (c == NULL || c->op_type != OP_SIGN || data == NULL || data_len == 0) return YACA_ERROR_INVALID_PARAMETER; - ret = EVP_DigestSignUpdate(c->mdctx, data, data_len); + ret = EVP_DigestSignUpdate(c->md_ctx, data, data_len); if (ret != 1) { ret = YACA_ERROR_INTERNAL; ERROR_DUMP(ret); @@ -471,14 +471,14 @@ API int yaca_sign_finalize(yaca_context_h ctx, char *signature, size_t *signature_len) { - struct yaca_sign_ctx_s *c = get_sign_ctx(ctx); + struct yaca_sign_context_s *c = get_sign_context(ctx); int ret; if (c == NULL || c->op_type != OP_SIGN || signature == NULL || signature_len == NULL || *signature_len == 0) return YACA_ERROR_INVALID_PARAMETER; - ret = EVP_DigestSignFinal(c->mdctx, (unsigned char *)signature, signature_len); + ret = EVP_DigestSignFinal(c->md_ctx, (unsigned char *)signature, signature_len); if (ret != 1) { ret = YACA_ERROR_INTERNAL; ERROR_DUMP(ret); @@ -492,7 +492,7 @@ API int yaca_verify_initialize(yaca_context_h *ctx, yaca_digest_algorithm_e algo, const yaca_key_h key) { - struct yaca_sign_ctx_s *nc = NULL; + struct yaca_sign_context_s *nc = NULL; const EVP_MD *md = NULL; int ret; const struct yaca_key_evp_s *evp_key = key_get_evp(key); @@ -510,29 +510,29 @@ API int yaca_verify_initialize(yaca_context_h *ctx, return YACA_ERROR_INVALID_PARAMETER; } - ret = yaca_zalloc(sizeof(struct yaca_sign_ctx_s), (void**)&nc); + ret = yaca_zalloc(sizeof(struct yaca_sign_context_s), (void**)&nc); if (ret != YACA_ERROR_NONE) return ret; nc->op_type = OP_VERIFY; - nc->ctx.type = YACA_CTX_SIGN; - nc->ctx.ctx_destroy = destroy_sign_context; + nc->ctx.type = YACA_CONTEXT_SIGN; + nc->ctx.context_destroy = destroy_sign_context; nc->ctx.get_output_length = NULL; - nc->ctx.set_param = set_sign_param; - nc->ctx.get_param = get_sign_param; + nc->ctx.set_property = set_sign_property; + nc->ctx.get_property = get_sign_property; ret = digest_get_algorithm(algo, &md); if (ret != YACA_ERROR_NONE) goto exit; - nc->mdctx = EVP_MD_CTX_create(); - if (nc->mdctx == NULL) { + nc->md_ctx = EVP_MD_CTX_create(); + if (nc->md_ctx == NULL) { ret = YACA_ERROR_INTERNAL; ERROR_DUMP(ret); goto exit; } - ret = EVP_DigestVerifyInit(nc->mdctx, NULL, md, NULL, evp_key->evp); + ret = EVP_DigestVerifyInit(nc->md_ctx, NULL, md, NULL, evp_key->evp); if (ret != 1) { ret = YACA_ERROR_INTERNAL; ERROR_DUMP(ret); @@ -553,13 +553,13 @@ API int yaca_verify_update(yaca_context_h ctx, const char *data, size_t data_len) { - struct yaca_sign_ctx_s *c = get_sign_ctx(ctx); + struct yaca_sign_context_s *c = get_sign_context(ctx); int ret; if (c == NULL || data == NULL || data_len == 0 || c->op_type != OP_VERIFY) return YACA_ERROR_INVALID_PARAMETER; - ret = EVP_DigestVerifyUpdate(c->mdctx, data, data_len); + ret = EVP_DigestVerifyUpdate(c->md_ctx, data, data_len); if (ret != 1) { ret = YACA_ERROR_INTERNAL; ERROR_DUMP(ret); @@ -573,13 +573,13 @@ API int yaca_verify_finalize(yaca_context_h ctx, const char *signature, size_t signature_len) { - struct yaca_sign_ctx_s *c = get_sign_ctx(ctx); + struct yaca_sign_context_s *c = get_sign_context(ctx); int ret; if (c == NULL || signature == NULL || signature_len == 0 || c->op_type != OP_VERIFY) return YACA_ERROR_INVALID_PARAMETER; - ret = EVP_DigestVerifyFinal(c->mdctx, + ret = EVP_DigestVerifyFinal(c->md_ctx, (unsigned char *)signature, signature_len); diff --git a/src/simple.c b/src/simple.c index f1ee20a..101822d 100644 --- a/src/simple.c +++ b/src/simple.c @@ -94,8 +94,8 @@ API int yaca_simple_encrypt(yaca_encrypt_algorithm_e algo, { yaca_context_h ctx; int ret; - char *lcipher = NULL; - size_t out_len, lcipher_len, written; + char *lciphertext = NULL; + size_t out_len, lciphertext_len, written; if (plaintext == NULL || plaintext_len == 0 || ciphertext == NULL || ciphertext_len == NULL || @@ -110,50 +110,50 @@ API int yaca_simple_encrypt(yaca_encrypt_algorithm_e algo, if (ret != YACA_ERROR_NONE) goto exit; - ret = yaca_context_get_output_length(ctx, 0, &lcipher_len); + ret = yaca_context_get_output_length(ctx, 0, &lciphertext_len); if (ret != YACA_ERROR_NONE) goto exit; - if (out_len > SIZE_MAX - lcipher_len) { + if (out_len > SIZE_MAX - lciphertext_len) { ret = YACA_ERROR_INVALID_PARAMETER; goto exit; } - lcipher_len += out_len; + lciphertext_len += out_len; - assert(lcipher_len > 0); + assert(lciphertext_len > 0); - ret = yaca_malloc(lcipher_len, (void**)&lcipher); + ret = yaca_malloc(lciphertext_len, (void**)&lciphertext); if (ret != YACA_ERROR_NONE) goto exit; - out_len = lcipher_len; - ret = yaca_encrypt_update(ctx, plaintext, plaintext_len, lcipher, &out_len); + out_len = lciphertext_len; + ret = yaca_encrypt_update(ctx, plaintext, plaintext_len, lciphertext, &out_len); if (ret != YACA_ERROR_NONE) goto exit; - assert(out_len <= lcipher_len); + assert(out_len <= lciphertext_len); written = out_len; - out_len = lcipher_len - written; - ret = yaca_encrypt_finalize(ctx, lcipher + written, &out_len); + out_len = lciphertext_len - written; + ret = yaca_encrypt_finalize(ctx, lciphertext + written, &out_len); if (ret != YACA_ERROR_NONE) goto exit; written += out_len; - assert(written <= lcipher_len && written > 0); + assert(written <= lciphertext_len && written > 0); - ret = yaca_realloc(written, (void**)&lcipher); + ret = yaca_realloc(written, (void**)&lciphertext); if (ret != YACA_ERROR_NONE) goto exit; - *ciphertext = lcipher; + *ciphertext = lciphertext; *ciphertext_len = written; - lcipher = NULL; + lciphertext = NULL; ret = YACA_ERROR_NONE; exit: - yaca_free(lcipher); + yaca_free(lciphertext); yaca_context_destroy(ctx); return ret; @@ -170,8 +170,8 @@ API int yaca_simple_decrypt(yaca_encrypt_algorithm_e algo, { yaca_context_h ctx; int ret; - char *lplain = NULL; - size_t out_len, lplain_len, written; + char *lplaintext = NULL; + size_t out_len, lplaintext_len, written; if (ciphertext == NULL || ciphertext_len == 0 || plaintext == NULL || plaintext_len == NULL || @@ -186,49 +186,49 @@ API int yaca_simple_decrypt(yaca_encrypt_algorithm_e algo, if (ret != YACA_ERROR_NONE) goto exit; - ret = yaca_context_get_output_length(ctx, 0, &lplain_len); + ret = yaca_context_get_output_length(ctx, 0, &lplaintext_len); if (ret != YACA_ERROR_NONE) goto exit; - if (out_len > SIZE_MAX - lplain_len) { + if (out_len > SIZE_MAX - lplaintext_len) { ret = YACA_ERROR_INVALID_PARAMETER; goto exit; } - lplain_len += out_len; - assert(lplain_len > 0); + lplaintext_len += out_len; + assert(lplaintext_len > 0); - ret = yaca_malloc(lplain_len, (void**)&lplain); + ret = yaca_malloc(lplaintext_len, (void**)&lplaintext); if (ret != YACA_ERROR_NONE) goto exit; - out_len = lplain_len; - ret = yaca_decrypt_update(ctx, ciphertext, ciphertext_len, lplain, &out_len); + out_len = lplaintext_len; + ret = yaca_decrypt_update(ctx, ciphertext, ciphertext_len, lplaintext, &out_len); if (ret != YACA_ERROR_NONE) goto exit; - assert(out_len <= lplain_len); + assert(out_len <= lplaintext_len); written = out_len; - out_len = lplain_len - written; - ret = yaca_decrypt_finalize(ctx, lplain + written, &out_len); + out_len = lplaintext_len - written; + ret = yaca_decrypt_finalize(ctx, lplaintext + written, &out_len); if (ret != YACA_ERROR_NONE) goto exit; written += out_len; - assert(written <= lplain_len && written > 0); + assert(written <= lplaintext_len && written > 0); - ret = yaca_realloc(written, (void**)&lplain); + ret = yaca_realloc(written, (void**)&lplaintext); if (ret != YACA_ERROR_NONE) goto exit; - *plaintext = lplain; + *plaintext = lplaintext; *plaintext_len = written; - lplain = NULL; + lplaintext = NULL; ret = YACA_ERROR_NONE; exit: - yaca_free(lplain); + yaca_free(lplaintext); yaca_context_destroy(ctx); return ret; -- 2.7.4 From 3dc010a09c3b4e4dd63f52cc1ced23c2ae7cb610 Mon Sep 17 00:00:00 2001 From: Dariusz Michaluk Date: Thu, 7 Jul 2016 16:27:30 +0200 Subject: [PATCH 04/16] Allow NULL input/output only in CCM mode. Change-Id: I0758a1f2d8fa7accf8517aec6c93f79cf5f369d5 --- src/encrypt.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/src/encrypt.c b/src/encrypt.c index 6dc4527..5cdbeab 100644 --- a/src/encrypt.c +++ b/src/encrypt.c @@ -483,6 +483,10 @@ int encrypt_update(yaca_context_h ctx, if (c == NULL || input_len == 0 || output_len == NULL || op_type != c->op_type) return YACA_ERROR_INVALID_PARAMETER; + if (EVP_CIPHER_CTX_mode(c->cipher_ctx) != EVP_CIPH_CCM_MODE) + if (input == NULL || output == NULL) + return YACA_ERROR_INVALID_PARAMETER; + switch (op_type) { case OP_ENCRYPT: ret = EVP_EncryptUpdate(c->cipher_ctx, output, &loutput_len, input, input_len); -- 2.7.4 From 0b739952ba229c34ae72aeb83e598c15b8dc1c0c Mon Sep 17 00:00:00 2001 From: Krzysztof Jackiewicz Date: Tue, 5 Jul 2016 09:24:23 +0200 Subject: [PATCH 05/16] Specify property type for tag lengths Change-Id: I3fa756c74bd0797d070913020fd0f38588fe7403 --- api/yaca/yaca_types.h | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/api/yaca/yaca_types.h b/api/yaca/yaca_types.h index 655879e..c1a6430 100644 --- a/api/yaca/yaca_types.h +++ b/api/yaca/yaca_types.h @@ -303,7 +303,7 @@ typedef enum { * (recommended 128 bits tag).\n * Set after yaca_encrypt_finalize() / yaca_seal_finalize() and before * yaca_context_get_property(#YACA_PROPERTY_GCM_TAG) - * in encryption / seal operation.\n\n + * in encryption / seal operation. The @a value should be a size_t variable.\n\n * * - #YACA_PROPERTY_GCM_TAG = GCM tag\n * Get after yaca_encrypt_finalize() / yaca_seal_finalize() in encryption / seal operation.\n @@ -315,6 +315,7 @@ typedef enum { * Set after yaca_decrypt_initialize() / yaca_open_initialize() and before * yaca_decrypt_update() / yaca_open_update() in decryption / open operation.\n\n * + * @see yaca_context_set_property() * @see examples/encrypt_aes_gcm_ccm.c * @see examples/seal.c */ @@ -353,7 +354,8 @@ typedef enum { * - #YACA_PROPERTY_CCM_TAG_LEN = CCM tag length\n * Supported tag lengths: 32-128 bits in step of 16 bits (recommended 96 bits tag).\n * Set after yaca_encrypt_initialize() / yaca_seal_initialize() and before - * yaca_encrypt_update() / yaca_seal_update() in encryption / seal operation.\n\n + * yaca_encrypt_update() / yaca_seal_update() in encryption / seal operation. + * The @a value should be a size_t variable. \n\n * * - #YACA_PROPERTY_CCM_TAG = CCM tag\n * Get after yaca_encrypt_finalize() / yaca_seal_finalize() in encryption / seal operation.\n -- 2.7.4 From 61cd5fd6718113049e508a32b682a60606436ba0 Mon Sep 17 00:00:00 2001 From: Krzysztof Jackiewicz Date: Fri, 1 Jul 2016 15:44:57 +0200 Subject: [PATCH 06/16] Update GCM/CCM examples Use nonstandard tag. Fix formatting. Add missing cleanup. Change-Id: Iec6f358ff3d05ae17ab072a72ef95401c777eb5a --- examples/encrypt_aes_gcm_ccm.c | 6 +++--- examples/seal.c | 6 +++++- 2 files changed, 8 insertions(+), 4 deletions(-) diff --git a/examples/encrypt_aes_gcm_ccm.c b/examples/encrypt_aes_gcm_ccm.c index 7ac3534..c990d79 100644 --- a/examples/encrypt_aes_gcm_ccm.c +++ b/examples/encrypt_aes_gcm_ccm.c @@ -113,7 +113,7 @@ void encrypt_decrypt_aes_gcm(void) /* Set the tag length and get the tag after final encryption */ if (yaca_context_set_property(ctx, YACA_PROPERTY_GCM_TAG_LEN, - (void*)&tag_len, sizeof(tag_len)) != YACA_ERROR_NONE) + (void*)&tag_len, sizeof(tag_len)) != YACA_ERROR_NONE) goto exit; if (yaca_context_get_property(ctx, YACA_PROPERTY_GCM_TAG, (void**)tag, &tag_len) != YACA_ERROR_NONE) @@ -195,7 +195,7 @@ void encrypt_decrypt_aes_ccm(void) char *aad = NULL; char *tag = NULL; size_t aad_len = 16; - size_t tag_len = 12; + size_t tag_len = 14; size_t block_len; size_t output_len; @@ -230,7 +230,7 @@ void encrypt_decrypt_aes_ccm(void) /* Set tag length (optionally) */ if (yaca_context_set_property(ctx, YACA_PROPERTY_CCM_TAG_LEN, - (void*)&tag_len, sizeof(tag_len)) != YACA_ERROR_NONE) + (void*)&tag_len, sizeof(tag_len)) != YACA_ERROR_NONE) goto exit; /* The total plain text length must be passed (only needed if AAD is passed) */ diff --git a/examples/seal.c b/examples/seal.c index a7774eb..64b70f7 100644 --- a/examples/seal.c +++ b/examples/seal.c @@ -275,6 +275,8 @@ exit: yaca_context_destroy(ctx); yaca_key_destroy(sym_key); yaca_key_destroy(iv); + yaca_free(aad); + yaca_free(tag); yaca_key_destroy(key_pub); yaca_key_destroy(key_priv); } @@ -299,7 +301,7 @@ void encrypt_seal_aes_ccm(void) char *aad = NULL; char *tag = NULL; size_t aad_len = 16; - size_t tag_len = 12; + size_t tag_len = 8; size_t block_len; size_t output_len; @@ -423,6 +425,8 @@ exit: yaca_context_destroy(ctx); yaca_key_destroy(sym_key); yaca_key_destroy(iv); + yaca_free(aad); + yaca_free(tag); yaca_key_destroy(key_pub); yaca_key_destroy(key_priv); } -- 2.7.4 From b4b0b29a410b148682cf060ee17a5948a14e677f Mon Sep 17 00:00:00 2001 From: sangsu Date: Thu, 2 Jun 2016 07:21:24 +0900 Subject: [PATCH 07/16] ACR:add doc document headers Change-Id: Iafad752ca1980993c706434f34e136f44ffe3a91 Signed-off-by: sangsu --- doc/yaca_doc.h | 62 +++++++++++++++++++++++++++++++++++++++++++++++ doc/yaca_encryption_doc.h | 35 ++++++++++++++++++++++++++ doc/yaca_integrity_doc.h | 32 ++++++++++++++++++++++++ doc/yaca_key_doc.h | 31 ++++++++++++++++++++++++ doc/yaca_simple_doc.h | 31 ++++++++++++++++++++++++ 5 files changed, 191 insertions(+) create mode 100755 doc/yaca_doc.h create mode 100755 doc/yaca_encryption_doc.h create mode 100755 doc/yaca_integrity_doc.h create mode 100755 doc/yaca_key_doc.h create mode 100755 doc/yaca_simple_doc.h diff --git a/doc/yaca_doc.h b/doc/yaca_doc.h new file mode 100755 index 0000000..e63e233 --- /dev/null +++ b/doc/yaca_doc.h @@ -0,0 +1,62 @@ +/* + * Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved + * + * Licensed under the Apache License, Version 2.0 (the License); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an AS IS BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +#ifndef __TIZEN_CORE_YACA_DOC_H__ +#define __TIZEN_CORE_YACA_DOC_H__ +/** + * @ingroup CAPI_SECURITY_FRAMEWORK + * @defgroup CAPI_YACA_MODULE yaca crypto module + * @brief The yaca(yet another crypto api) provides a crypto function such as key management , Data Integrity and data en/decryption . + * Key mangement provides APIs for generating secured key,importing a key trying to match it to the key_type specified and exporting a key to arbitrary format. + * Data Integrity provides Advanced/Simpled API for the integrity handling - HMAC, CMAC, message digest and digital signature. + * Data en/decryption provides Advanced/Simpled APIs for en/decrypting and sealing/opening a data. + * + * @section CAPI_YACA_MODULE_OVERVIEW Overview + * + * + * + * + * + * + * + * + * + * + * + * + * + * + * + * + * + * + *
APIDescription
@ref CAPI_YACA_ENCRYPTION_MODULE Provides APIs for encryption/decryption operations with symmetric keys and sealing/opening operations with asymmetric keys.
@ref CAPI_YACA_INTEGRITY_MODULE Provides APIs for creating/verifying a signature, calculating HMAC/CMAC and calculating a message digest.
@ref CAPI_YACA_KEY_MODULE Provides APIs for key handling operations such as generating, importing, and exporting a key and deriving a key from password.
@ref CAPI_YACA_SIMPLE_MODULE Provides simple APIs for cryptographic operations.
+ * + * The yaca provides a crypto function such as key management, integrity handling and data en/decryption. + * Key mangement provides APIs for generating secured key, importing a key trying to match it to the key_type specified and exporting a key to arbitrary format. + * Data Integrity provides Advanced/Simpled API for the integrity handling - HMAC, CMAC, message digests and digital signature. + * Data en/decryption provides Advanced/Simpled APIs for en/decrypting and sealing/opening a data. + * + * @image html capi_yaca_overview_diagram.png + * + * The yaca provides 3 types of API. + * - key management APIs : These APIs provides generating key using random number or password, importing a key trying to match it to the key_type specified and exporting a key to arbitrary format. + * - data en/decryption APIs : These APIs provides Advanced/Simpled API for the data encryption. + * - integrity APIs : These APIs provides creating a signature using asymmetric private key, verifing a signature using asymmetric public key, calculating a HMAC/CMAC of given message using symmetric key and calculating message digests of given message without key. + * + * + */ + +#endif /* __TIZEN_CORE_YACA_DOC_H__ */ diff --git a/doc/yaca_encryption_doc.h b/doc/yaca_encryption_doc.h new file mode 100755 index 0000000..2fd3978 --- /dev/null +++ b/doc/yaca_encryption_doc.h @@ -0,0 +1,35 @@ +/* + * Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved + * + * Licensed under the Apache License, Version 2.0 (the License); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an AS IS BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +#ifndef __TIZEN_CORE_YACA_ENCRYPTION_DOC_H__ +#define __TIZEN_CORE_YACA_ENCRYPTION_DOC_H__ +/** + * @ingroup CAPI_YACA_MODULE + * @defgroup CAPI_YACA_ENCRYPTION_MODULE yaca encryption module + * @brief Provides APIs for encryption and decryption operations. + * + * @section CAPI_YACA_ENCRYPTION_MODULE_HEADER Required Header + * \#include + * \#include + * \#include + * \#include + * \#include + * + * @section CAPI_YACA_ENCRYPTION_MODULE_OVERVIEW Overview + * It provides advanced APIs for encryption/decryption operations with symmetric keys and sealing/opening operations with asymmetric keys. + * + */ + +#endif /* __TIZEN_CORE_YACA_ENCRYPTION_DOC_H__ */ diff --git a/doc/yaca_integrity_doc.h b/doc/yaca_integrity_doc.h new file mode 100755 index 0000000..4ca565c --- /dev/null +++ b/doc/yaca_integrity_doc.h @@ -0,0 +1,32 @@ +/* + * Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved + * + * Licensed under the Apache License, Version 2.0 (the License); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an AS IS BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +#ifndef __TIZEN_CORE_YACA_INTEGRITY_DOC_H__ +#define __TIZEN_CORE_YACA_INTEGRITY_DOC_H__ +/** + * @ingroup CAPI_YACA_MODULE + * @defgroup CAPI_YACA_INTEGRITY_MODULE yaca integrity module + * @brief Provides APIs for creating/verifying a signature and digesting a message. + * + * @section CAPI_YACA_INTEGRITY_MODULE_HEADER Required Header + * \#include + * \#include + * + * @section CAPI_YACA_INTEGRITY_MODULE_OVERVIEW Overview + * It provides advanced APIs for creating a signature using asymmetric private key, verifing a signature using asymmetric public key, calculating a HMAC/CMAC of given message using symmetric key and calculating message digests of given message without key. + * + */ + +#endif /* __TIZEN_CORE_YACA_INTEGRITY_DOC_H__ */ diff --git a/doc/yaca_key_doc.h b/doc/yaca_key_doc.h new file mode 100755 index 0000000..ff887f3 --- /dev/null +++ b/doc/yaca_key_doc.h @@ -0,0 +1,31 @@ +/* + * Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved + * + * Licensed under the Apache License, Version 2.0 (the License); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an AS IS BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +#ifndef __TIZEN_CORE_YACA_KEY_DOC_H__ +#define __TIZEN_CORE_YACA_KEY_DOC_H__ +/** + * @ingroup CAPI_YACA_MODULE + * @defgroup CAPI_YACA_KEY_MODULE yaca key management module + * @brief Provides APIs for key handling operations such as generating and importing a key. + * + * @section CAPI_YACA_KEY_MODULE_HEADER Required Header + * \#include + * + * @section CAPI_YACA_KEY_MODULE_OVERVIEW Overview + * It provides APIs for generating key using random number or password, importing a key trying to match it to the key_type specified and exporting a key to arbitrary format. + * + */ + +#endif /* __TIZEN_CORE_YACA_KEY_DOC_H__ */ diff --git a/doc/yaca_simple_doc.h b/doc/yaca_simple_doc.h new file mode 100755 index 0000000..a4e6982 --- /dev/null +++ b/doc/yaca_simple_doc.h @@ -0,0 +1,31 @@ +/* + * Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved + * + * Licensed under the Apache License, Version 2.0 (the License); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an AS IS BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +#ifndef __TIZEN_CORE_YACA_SIMPLE_DOC_H__ +#define __TIZEN_CORE_YACA_SIMPLE_DOC_H__ +/** + * @ingroup CAPI_YACA_MODULE + * @defgroup CAPI_YACA_SIMPLE_MODULE yaca simple crypto module + * @brief Provides simple APIs for cryptographic operations. + * + * @section CAPI_YACA_SIMPLE_MODULE_HEADER Required Header + * \#include + * + * @section CAPI_YACA_SIMPLE_MODULE_OVERVIEW Overview + * It provides simple APIs for encryption/decryption, signing/verification, and message digestion. + * + */ + +#endif /* __TIZEN_CORE_YACA_SIMPLE_DOC_H__ */ -- 2.7.4 From d3aa9ae015ab7aca2f9d7292c9c40e0afade5321 Mon Sep 17 00:00:00 2001 From: sangsu Date: Thu, 2 Jun 2016 07:27:46 +0900 Subject: [PATCH 08/16] add @addtogroup Change-Id: I7bf0f7a94540d46edf5a7953d55d6a13f385946b Signed-off-by: sangsu --- api/yaca/yaca_crypto.h | 12 +++++++++--- api/yaca/yaca_digest.h | 12 +++++++++--- api/yaca/yaca_encrypt.h | 12 +++++++++--- api/yaca/yaca_error.h | 17 +++++++++++++---- api/yaca/yaca_key.h | 16 ++++++++++------ api/yaca/yaca_seal.h | 12 +++++++++--- api/yaca/yaca_sign.h | 12 +++++++++--- api/yaca/yaca_simple.h | 12 +++++++++--- api/yaca/yaca_types.h | 12 +++++++++--- 9 files changed, 86 insertions(+), 31 deletions(-) mode change 100644 => 100755 api/yaca/yaca_crypto.h mode change 100644 => 100755 api/yaca/yaca_digest.h mode change 100644 => 100755 api/yaca/yaca_encrypt.h mode change 100644 => 100755 api/yaca/yaca_error.h mode change 100644 => 100755 api/yaca/yaca_key.h mode change 100644 => 100755 api/yaca/yaca_seal.h mode change 100644 => 100755 api/yaca/yaca_sign.h mode change 100644 => 100755 api/yaca/yaca_simple.h mode change 100644 => 100755 api/yaca/yaca_types.h diff --git a/api/yaca/yaca_crypto.h b/api/yaca/yaca_crypto.h old mode 100644 new mode 100755 index 9ee5ed7..d836013 --- a/api/yaca/yaca_crypto.h +++ b/api/yaca/yaca_crypto.h @@ -32,10 +32,14 @@ extern "C" { #endif /** - * @defgroup Non-Crypto Yet Another Crypto API - non crypto related functions. + * @addtogroup CAPI_YACA_ENCRYPTION_MODULE + * @{ + */ + +/** + * Note: Non-Crypto Yet Another Crypto API - non crypto related functions. * * - * @{ */ /** @@ -282,7 +286,9 @@ int yaca_context_get_output_length(const yaca_context_h ctx, size_t input_len, size_t *output_len); -/**@}*/ +/** + * @} + */ #ifdef __cplusplus } /* extern */ diff --git a/api/yaca/yaca_digest.h b/api/yaca/yaca_digest.h old mode 100644 new mode 100755 index 0aac56c..a303617 --- a/api/yaca/yaca_digest.h +++ b/api/yaca/yaca_digest.h @@ -32,10 +32,14 @@ extern "C" { #endif /** - * @defgroup Advanced-Digest Advanced API for the message digests. + * @addtogroup CAPI_YACA_INTEGRITY_MODULE + * @{ + */ + +/** + * Note: Advanced-Digest Advanced API for the message digests. * * - * @{ */ /** @@ -108,7 +112,9 @@ int yaca_digest_update(yaca_context_h ctx, const char *data, size_t data_len); */ int yaca_digest_finalize(yaca_context_h ctx, char *digest, size_t *digest_len); -/**@}*/ +/** + * @} + */ #ifdef __cplusplus } /* extern */ diff --git a/api/yaca/yaca_encrypt.h b/api/yaca/yaca_encrypt.h old mode 100644 new mode 100755 index d2425d4..947b392 --- a/api/yaca/yaca_encrypt.h +++ b/api/yaca/yaca_encrypt.h @@ -32,10 +32,14 @@ extern "C" { #endif /** - * @defgroup Advanced-Encryption-Symmetric Advanced API for the symmetric encryption. + * @addtogroup CAPI_YACA_ENCRYPTION_MODULE + * @{ + */ + +/** + * Note: Advanced-Encryption-Symmetric Advanced API for the symmetric encryption. * * - * @{ */ /** @@ -235,7 +239,9 @@ int yaca_decrypt_finalize(yaca_context_h ctx, char *plaintext, size_t *plaintext_len); -/**@}*/ +/** + * @} + */ #ifdef __cplusplus } /* extern */ diff --git a/api/yaca/yaca_error.h b/api/yaca/yaca_error.h old mode 100644 new mode 100755 index 3b76814..13c291a --- a/api/yaca/yaca_error.h +++ b/api/yaca/yaca_error.h @@ -31,14 +31,21 @@ extern "C" { #endif -#define TIZEN_ERROR_YACA -0x01E30000 +/** + * @addtogroup CAPI_YACA_ENCRYPTION_MODULE + * @{ + */ /** - * @defgroup Error Yet another Crypto API - error enums. + * Note: Error Yet another Crypto API - error enums. * - * @{ */ +/* define it temporary until this code goes into capi-base-common package */ +#ifndef TIZEN_ERROR_YACA +#define TIZEN_ERROR_YACA -0x01E30000 +#endif + /** * @brief Enumeration of YACA error values. * @@ -60,7 +67,9 @@ typedef enum { YACA_ERROR_INVALID_PASSWORD = TIZEN_ERROR_YACA | 0x03 } yaca_error_e; -/**@}*/ +/** + * @} + */ #ifdef __cplusplus } /* extern */ diff --git a/api/yaca/yaca_key.h b/api/yaca/yaca_key.h old mode 100644 new mode 100755 index 288e6ce..c686b2a --- a/api/yaca/yaca_key.h +++ b/api/yaca/yaca_key.h @@ -32,10 +32,14 @@ extern "C" { #endif /** - * @defgroup Key Advanced API for the key and IV handling. + * @addtogroup CAPI_YACA_KEY_MODULE + * @{ + */ + +/** + * Note: Key Advanced API for the key and IV handling. * * - * @{ */ /** @@ -253,13 +257,11 @@ int yaca_key_extract_public(const yaca_key_h prv_key, yaca_key_h *pub_key); */ void yaca_key_destroy(yaca_key_h key); -/**@}*/ /** - * @defgroup Key-Derivation Advanced API for the key derivation. + * Note: Key-Derivation Advanced API for the key derivation. * * - * @{ */ /** @@ -295,7 +297,9 @@ int yaca_key_derive_pbkdf2(const char *password, size_t key_bit_len, yaca_key_h *key); -/**@}*/ +/** + * @} + */ #ifdef __cplusplus } /* extern */ diff --git a/api/yaca/yaca_seal.h b/api/yaca/yaca_seal.h old mode 100644 new mode 100755 index 72d090e..041211c --- a/api/yaca/yaca_seal.h +++ b/api/yaca/yaca_seal.h @@ -32,14 +32,18 @@ extern "C" { #endif /** - * @defgroup Advanced-Encryption-Asymmetric Advanced API for the asymmetric encryption. + * @addtogroup CAPI_YACA_ENCRYPTION_MODULE + * @{ + */ + +/** + * Note Advanced-Encryption-Asymmetric Advanced API for the asymmetric encryption. * * * @remarks Seal does more than just encrypt. It first generates the encryption key and IV, * then encrypts whole message using this key (and selected symmetric algorithm). * Finally it encrypts symmetric key with public key. * - * @{ */ /** @@ -236,7 +240,9 @@ int yaca_open_finalize(yaca_context_h ctx, char *plaintext, size_t *plaintext_len); -/**@}*/ +/** + * @} + */ #ifdef __cplusplus } /* extern */ diff --git a/api/yaca/yaca_sign.h b/api/yaca/yaca_sign.h old mode 100644 new mode 100755 index a5267d8..ec3209a --- a/api/yaca/yaca_sign.h +++ b/api/yaca/yaca_sign.h @@ -32,10 +32,14 @@ extern "C" { #endif /** - * @defgroup Advanced-Integrity Advanced API for the integrity handling - HMAC, CMAC and digital signature. + * @addtogroup CAPI_YACA_INTEGRITY_MODULE + * @{ + */ + +/** + * Note: Advanced-Integrity Advanced API for the integrity handling - HMAC, CMAC and digital signature. * * - * @{ */ /** @@ -272,7 +276,9 @@ int yaca_verify_finalize(yaca_context_h ctx, const char *signature, size_t signature_len); -/**@}*/ +/** + * @} + */ #ifdef __cplusplus } /* extern */ diff --git a/api/yaca/yaca_simple.h b/api/yaca/yaca_simple.h old mode 100644 new mode 100755 index ecd532a..efcd3c4 --- a/api/yaca/yaca_simple.h +++ b/api/yaca/yaca_simple.h @@ -32,7 +32,12 @@ extern "C" { #endif /** - * @defgroup Simple-API Simple API. + * @addtogroup CAPI_YACA_SIMPLE_MODULE + * @{ + */ + +/** + * Note: Simple-API Simple API. * * @remarks This is simple API. * Design constraints: @@ -42,7 +47,6 @@ extern "C" { * - GCM and CCM chaining is not supported * - All outputs are allocated by the library * - * @{ */ /** @@ -294,7 +298,9 @@ int yaca_simple_calculate_cmac(yaca_encrypt_algorithm_e algo, char **mac, size_t *mac_len); -/**@}*/ +/** + * @} + */ #ifdef __cplusplus } /* extern */ diff --git a/api/yaca/yaca_types.h b/api/yaca/yaca_types.h old mode 100644 new mode 100755 index c1a6430..19bb45c --- a/api/yaca/yaca_types.h +++ b/api/yaca/yaca_types.h @@ -29,10 +29,14 @@ extern "C" { #endif /** - * @defgroup Crypto-Types Yet Another Crypto API - types. + * @addtogroup CAPI_YACA_ENCRYPTION_MODULE + * @{ + */ + +/** + * Note: Crypto-Types Yet Another Crypto API - types. * * - * @{ */ /** @@ -429,7 +433,9 @@ typedef enum { YACA_PADDING_PKCS1_PSS, } yaca_padding_e; -/**@}*/ +/** + * @} + */ #ifdef __cplusplus } /* extern */ -- 2.7.4 From 19a43a232b6eeff11a965c3879308bf80c7e9803 Mon Sep 17 00:00:00 2001 From: Dongsun Lee Date: Wed, 29 Jun 2016 11:48:06 +0900 Subject: [PATCH 09/16] error fix in API description doxygen - fix typos(mangement, createing, verifing) - too short description(Context, key) - the third person singular should be used in @brief - remove unnecessary blanks and unexpected capital - fix wrong description(If @a *memory is -> If @a memory is) Change-Id: I9185ad0aca7ea8bac460fbc7e6bf406ac66870af Signed-off-by: Dongsun Lee --- api/yaca/yaca_crypto.h | 4 ++-- api/yaca/yaca_digest.h | 1 - api/yaca/yaca_encrypt.h | 1 - api/yaca/yaca_error.h | 1 - api/yaca/yaca_key.h | 17 ++++++++--------- api/yaca/yaca_seal.h | 1 - api/yaca/yaca_sign.h | 1 - api/yaca/yaca_simple.h | 15 +++++++-------- api/yaca/yaca_types.h | 6 ++---- doc/yaca_doc.h | 16 ++++++++-------- doc/yaca_integrity_doc.h | 2 +- 11 files changed, 28 insertions(+), 37 deletions(-) diff --git a/api/yaca/yaca_crypto.h b/api/yaca/yaca_crypto.h index d836013..a02583f 100755 --- a/api/yaca/yaca_crypto.h +++ b/api/yaca/yaca_crypto.h @@ -18,7 +18,6 @@ /** * @file yaca_crypto.h - * @brief */ #ifndef YACA_CRYPTO_H @@ -123,7 +122,7 @@ int yaca_zalloc(size_t size, void **memory); * * @remarks In case of failure the function doesn't free the memory pointed by @a memory. * - * @remarks If @a *memory is NULL then the call is equivalent to yaca_malloc(). + * @remarks If @a memory is NULL then the call is equivalent to yaca_malloc(). * * @remarks If the function fails the contents of @a memory will be left unchanged. * @@ -168,6 +167,7 @@ void yaca_free(void *memory); * * @return #YACA_ERROR_NONE when buffers are equal otherwise #YACA_ERROR_DATA_MISMATCH * @retval #YACA_ERROR_NONE Successful + * @retval #YACA_ERROR_INVALID_PARAMETER Required parameters have incorrect values (NULL, 0) * @retval #YACA_ERROR_DATA_MISMATCH Buffers are different */ int yaca_memcmp(const void *first, const void *second, size_t len); diff --git a/api/yaca/yaca_digest.h b/api/yaca/yaca_digest.h index a303617..85ed809 100755 --- a/api/yaca/yaca_digest.h +++ b/api/yaca/yaca_digest.h @@ -18,7 +18,6 @@ /** * @file yaca_digest.h - * @brief */ #ifndef YACA_DIGEST_H diff --git a/api/yaca/yaca_encrypt.h b/api/yaca/yaca_encrypt.h index 947b392..16892d1 100755 --- a/api/yaca/yaca_encrypt.h +++ b/api/yaca/yaca_encrypt.h @@ -18,7 +18,6 @@ /** * @file yaca_encrypt.h - * @brief */ #ifndef YACA_ENCRYPT_H diff --git a/api/yaca/yaca_error.h b/api/yaca/yaca_error.h index 13c291a..7acb14e 100755 --- a/api/yaca/yaca_error.h +++ b/api/yaca/yaca_error.h @@ -18,7 +18,6 @@ /** * @file yaca_error.h - * @brief */ #ifndef YACA_ERROR_H diff --git a/api/yaca/yaca_key.h b/api/yaca/yaca_key.h index c686b2a..f4809b6 100755 --- a/api/yaca/yaca_key.h +++ b/api/yaca/yaca_key.h @@ -18,7 +18,6 @@ /** * @file yaca_key.h - * @brief */ #ifndef YACA_KEY_H @@ -50,7 +49,7 @@ extern "C" { #define YACA_KEY_NULL ((yaca_key_h) NULL) /** - * @brief Get key's type. + * @brief Gets key's type. * * @since_tizen 3.0 * @@ -64,7 +63,7 @@ extern "C" { int yaca_key_get_type(const yaca_key_h key, yaca_key_type_e *key_type); /** - * @brief Get key's length (in bits). + * @brief Gets key's length (in bits). * * @since_tizen 3.0 * @@ -83,7 +82,7 @@ int yaca_key_get_bit_length(const yaca_key_h key, size_t *key_bit_len); * * @since_tizen 3.0 * - * @remarks This function imports a key trying to match it to the key_type specified. + * @remarks This function imports a key trying to match it to the @a key_type specified. * It should autodetect both the key format and the file format. * * @remarks For symmetric, IV and DES keys RAW binary format and BASE64 encoded @@ -115,7 +114,7 @@ int yaca_key_get_bit_length(const yaca_key_h key, size_t *key_bit_len); * @return #YACA_ERROR_NONE on success, negative on error * @retval #YACA_ERROR_NONE Successful * @retval #YACA_ERROR_INVALID_PARAMETER Required parameters have incorrect values (NULL, 0, - * invalid key_type or data_len too big) + * invalid @a key_type or @a data_len too big) * @retval #YACA_ERROR_OUT_OF_MEMORY Out of memory error * @retval #YACA_ERROR_INTERNAL Internal error * @retval #YACA_ERROR_INVALID_PASSWORD Invalid password given or password was required @@ -174,7 +173,7 @@ int yaca_key_import(yaca_key_type_e key_type, * @return #YACA_ERROR_NONE on success, negative on error * @retval #YACA_ERROR_NONE Successful * @retval #YACA_ERROR_INVALID_PARAMETER Required parameters have incorrect values (NULL, 0, - * invalid key/file format or data_len too big) + * invalid key/file format or @ data_len too big) * @retval #YACA_ERROR_OUT_OF_MEMORY Out of memory error * @retval #YACA_ERROR_INTERNAL Internal error * @@ -209,8 +208,8 @@ int yaca_key_export(const yaca_key_h key, * * @return #YACA_ERROR_NONE on success, negative on error * @retval #YACA_ERROR_NONE Successful - * @retval #YACA_ERROR_INVALID_PARAMETER key is NULL, incorrect key_type or - * key_bit_len is not dividable by 8 + * @retval #YACA_ERROR_INVALID_PARAMETER key is NULL, incorrect @a key_type or + * @a key_bit_len is not dividable by 8 * @retval #YACA_ERROR_OUT_OF_MEMORY Out of memory error * @retval #YACA_ERROR_INTERNAL Internal error * @@ -234,7 +233,7 @@ int yaca_key_generate(yaca_key_type_e key_type, * * @return #YACA_ERROR_NONE on success, negative on error * @retval #YACA_ERROR_NONE Successful - * @retval #YACA_ERROR_INVALID_PARAMETER prv_key is of invalid type or pub_key is NULL + * @retval #YACA_ERROR_INVALID_PARAMETER @a prv_key is of invalid type or @a pub_key is NULL * @retval #YACA_ERROR_OUT_OF_MEMORY Out of memory error * @retval #YACA_ERROR_INTERNAL Internal error * diff --git a/api/yaca/yaca_seal.h b/api/yaca/yaca_seal.h index 041211c..d97a909 100755 --- a/api/yaca/yaca_seal.h +++ b/api/yaca/yaca_seal.h @@ -18,7 +18,6 @@ /** * @file yaca_seal.h - * @brief */ #ifndef YACA_SEAL_H diff --git a/api/yaca/yaca_sign.h b/api/yaca/yaca_sign.h index ec3209a..f06450d 100755 --- a/api/yaca/yaca_sign.h +++ b/api/yaca/yaca_sign.h @@ -18,7 +18,6 @@ /** * @file yaca_sign.h - * @brief */ #ifndef YACA_SIGN_H diff --git a/api/yaca/yaca_simple.h b/api/yaca/yaca_simple.h index efcd3c4..f0d958a 100755 --- a/api/yaca/yaca_simple.h +++ b/api/yaca/yaca_simple.h @@ -18,7 +18,6 @@ /** * @file yaca_simple.h - * @brief */ #ifndef YACA_SIMPLE_H @@ -50,7 +49,7 @@ extern "C" { */ /** - * @brief Calculate a digest of a buffer. + * @brief Calculates a digest of a buffer. * * @since_tizen 3.0 * @@ -79,7 +78,7 @@ int yaca_simple_calculate_digest(yaca_digest_algorithm_e algo, size_t *digest_len); /** - * @brief Encrypt data using a symmetric cipher. + * @brief Encrypts data using a symmetric cipher. * * @since_tizen 3.0 * @@ -116,7 +115,7 @@ int yaca_simple_encrypt(yaca_encrypt_algorithm_e algo, size_t *ciphertext_len); /** - * @brief Decrypt data using a symmetric cipher. + * @brief Decrypts data using a symmetric cipher. * * @since_tizen 3.0 * @@ -153,7 +152,7 @@ int yaca_simple_decrypt(yaca_encrypt_algorithm_e algo, size_t *plaintext_len); /** - * @brief Create a signature using asymmetric private key. + * @brief Creates a signature using asymmetric private key. * * @since_tizen 3.0 * @@ -189,7 +188,7 @@ int yaca_simple_calculate_signature(yaca_digest_algorithm_e algo, size_t *signature_len); /** - * @brief Verify a signature using asymmetric public key. + * @brief Verifies a signature using asymmetric public key. * * @since_tizen 3.0 * @@ -223,7 +222,7 @@ int yaca_simple_verify_signature(yaca_digest_algorithm_e algo, size_t signature_len); /** - * @brief Calculate a HMAC of given message using symmetric key. + * @brief Calculates a HMAC of given message using symmetric key. * * @since_tizen 3.0 * @@ -261,7 +260,7 @@ int yaca_simple_calculate_hmac(yaca_digest_algorithm_e algo, size_t *mac_len); /** - * @brief Calculate a CMAC of given message using symmetric key. + * @brief Calculates a CMAC of given message using symmetric key. * * @since_tizen 3.0 * diff --git a/api/yaca/yaca_types.h b/api/yaca/yaca_types.h index 19bb45c..f46ea34 100755 --- a/api/yaca/yaca_types.h +++ b/api/yaca/yaca_types.h @@ -18,7 +18,6 @@ /** * @file yaca_types.h - * @brief */ #ifndef YACA_TYPES_H @@ -40,14 +39,14 @@ extern "C" { */ /** - * @brief Context. + * @brief The context handle. * * @since_tizen 3.0 */ typedef struct yaca_context_s *yaca_context_h; /** - * @brief Key. + * @brief The key handle. * * @since_tizen 3.0 */ @@ -214,7 +213,6 @@ typedef enum { * #YACA_BCM_ECB * - see #yaca_block_cipher_mode_e for details on additional properties (mandatory). * - Use double DES keys to perform corresponding 2-key 3DES encryption. - */ YACA_ENCRYPT_UNSAFE_3DES_2TDEA, diff --git a/doc/yaca_doc.h b/doc/yaca_doc.h index e63e233..3259591 100755 --- a/doc/yaca_doc.h +++ b/doc/yaca_doc.h @@ -18,9 +18,9 @@ /** * @ingroup CAPI_SECURITY_FRAMEWORK * @defgroup CAPI_YACA_MODULE yaca crypto module - * @brief The yaca(yet another crypto api) provides a crypto function such as key management , Data Integrity and data en/decryption . - * Key mangement provides APIs for generating secured key,importing a key trying to match it to the key_type specified and exporting a key to arbitrary format. - * Data Integrity provides Advanced/Simpled API for the integrity handling - HMAC, CMAC, message digest and digital signature. + * @brief The yaca(yet another crypto api) provides a crypto function such as key management, data integrity and data en/decryption. + * Key management provides APIs for generating secured key,importing a key trying to match it to the key_type specified and exporting a key to arbitrary format. + * Data Integrity provides Advanced/Simpled API for the integrity handling - HMAC, CMAC, message digests and digital signature. * Data en/decryption provides Advanced/Simpled APIs for en/decrypting and sealing/opening a data. * * @section CAPI_YACA_MODULE_OVERVIEW Overview @@ -44,17 +44,17 @@ * * * - * The yaca provides a crypto function such as key management, integrity handling and data en/decryption. - * Key mangement provides APIs for generating secured key, importing a key trying to match it to the key_type specified and exporting a key to arbitrary format. - * Data Integrity provides Advanced/Simpled API for the integrity handling - HMAC, CMAC, message digests and digital signature. - * Data en/decryption provides Advanced/Simpled APIs for en/decrypting and sealing/opening a data. + * The yaca provides a crypto function such as key management, integrity handling and data en/decryption. + * Key management provides APIs for generating secured key, importing a key trying to match it to the key type specified and exporting a key to arbitrary format. + * Data Integrity provides Advanced/Simpled API for the integrity handling - HMAC, CMAC, message digest and digital signature. + * Data en/decryption provides Advanced/Simpled APIs for en/decrypting a data and creating a IV. * * @image html capi_yaca_overview_diagram.png * * The yaca provides 3 types of API. * - key management APIs : These APIs provides generating key using random number or password, importing a key trying to match it to the key_type specified and exporting a key to arbitrary format. * - data en/decryption APIs : These APIs provides Advanced/Simpled API for the data encryption. - * - integrity APIs : These APIs provides creating a signature using asymmetric private key, verifing a signature using asymmetric public key, calculating a HMAC/CMAC of given message using symmetric key and calculating message digests of given message without key. + * - integrity APIs : These APIs provides creating a signature using asymmetric private key, verifying a signature using asymmetric public key, calculating a HMAC/CMAC of given message using symmetric key and calculating message digests of given message without key. * * */ diff --git a/doc/yaca_integrity_doc.h b/doc/yaca_integrity_doc.h index 4ca565c..7598842 100755 --- a/doc/yaca_integrity_doc.h +++ b/doc/yaca_integrity_doc.h @@ -25,7 +25,7 @@ * \#include * * @section CAPI_YACA_INTEGRITY_MODULE_OVERVIEW Overview - * It provides advanced APIs for creating a signature using asymmetric private key, verifing a signature using asymmetric public key, calculating a HMAC/CMAC of given message using symmetric key and calculating message digests of given message without key. + * It provides advanced APIs for creating a signature using asymmetric private key, verifying a signature using asymmetric public key, calculating a HMAC/CMAC of given message using symmetric key and calculating message digests of given message without key. * */ -- 2.7.4 From 1c69850c1e0b8deb5a25542182a372dab6bb0b0e Mon Sep 17 00:00:00 2001 From: Mateusz Forc Date: Fri, 8 Jul 2016 12:38:21 +0200 Subject: [PATCH 10/16] Add nullptr check and return invalid param Add nullptr check for *iv_bit_len in yaca_encrypt_get_iv_bit_length(). Change return from YACA_ERROR_INTERNAL to YACA_INVALID_PARAMETER in encrypt_get_algorithm for invalid param case Change-Id: I804ca0af5d733aec2097566411e54b224391df5b --- src/encrypt.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/src/encrypt.c b/src/encrypt.c index 5cdbeab..a9f097a 100644 --- a/src/encrypt.c +++ b/src/encrypt.c @@ -302,8 +302,8 @@ int encrypt_get_algorithm(yaca_encrypt_algorithm_e algo, lcipher = EVP_get_cipherbyname(cipher_name); if (lcipher == NULL) { - ret = YACA_ERROR_INTERNAL; - ERROR_DUMP(ret); + ret = YACA_ERROR_INVALID_PARAMETER; + ERROR_CLEAR(); return ret; } @@ -560,6 +560,9 @@ API int yaca_encrypt_get_iv_bit_length(yaca_encrypt_algorithm_e algo, const EVP_CIPHER *cipher; int ret; + if(iv_bit_len == NULL) + return YACA_ERROR_INVALID_PARAMETER; + ret = encrypt_get_algorithm(algo, bcm, key_bit_len, &cipher); if (ret != YACA_ERROR_NONE) return ret; -- 2.7.4 From d3b861fa04beb0b1eb8777a8592b64dce90705b2 Mon Sep 17 00:00:00 2001 From: Lukasz Pawelczyk Date: Mon, 11 Jul 2016 13:09:21 +0200 Subject: [PATCH 11/16] Various fixes in Doxygen comments - don't include source/example directories, they only cause confusion. - don't add empty doxygen comment before a regular one. Move those comments to @file. - minor changes in the doc/ directory. Change-Id: Ie1e5e8b01cacc6a74c7201cd2652b0752091e455 --- api/yaca/yaca_crypto.h | 9 ++------- api/yaca/yaca_digest.h | 9 ++------- api/yaca/yaca_encrypt.h | 9 ++------- api/yaca/yaca_error.h | 12 ++++-------- api/yaca/yaca_key.h | 16 ++-------------- api/yaca/yaca_seal.h | 17 ++++++----------- api/yaca/yaca_sign.h | 9 ++------- api/yaca/yaca_simple.h | 24 ++++++++++-------------- api/yaca/yaca_types.h | 9 ++------- doc/doxygen.cfg | 3 +-- doc/yaca_doc.h | 2 +- doc/yaca_encryption_doc.h | 10 +++++----- doc/yaca_integrity_doc.h | 4 ++-- doc/yaca_key_doc.h | 2 +- doc/yaca_simple_doc.h | 2 +- 15 files changed, 43 insertions(+), 94 deletions(-) diff --git a/api/yaca/yaca_crypto.h b/api/yaca/yaca_crypto.h index a02583f..94ab45c 100755 --- a/api/yaca/yaca_crypto.h +++ b/api/yaca/yaca_crypto.h @@ -17,7 +17,8 @@ */ /** - * @file yaca_crypto.h + * @file yaca_crypto.h + * @brief Non crypto related functions. */ #ifndef YACA_CRYPTO_H @@ -36,12 +37,6 @@ extern "C" { */ /** - * Note: Non-Crypto Yet Another Crypto API - non crypto related functions. - * - * - */ - -/** * @brief NULL value for the crypto context. * * @since_tizen 3.0 diff --git a/api/yaca/yaca_digest.h b/api/yaca/yaca_digest.h index 85ed809..b5dfaf2 100755 --- a/api/yaca/yaca_digest.h +++ b/api/yaca/yaca_digest.h @@ -17,7 +17,8 @@ */ /** - * @file yaca_digest.h + * @file yaca_digest.h + * @brief Advanced API for the message digests. */ #ifndef YACA_DIGEST_H @@ -36,12 +37,6 @@ extern "C" { */ /** - * Note: Advanced-Digest Advanced API for the message digests. - * - * - */ - -/** * @brief Initializes a digest context. * * @since_tizen 3.0 diff --git a/api/yaca/yaca_encrypt.h b/api/yaca/yaca_encrypt.h index 16892d1..d2d2ff5 100755 --- a/api/yaca/yaca_encrypt.h +++ b/api/yaca/yaca_encrypt.h @@ -17,7 +17,8 @@ */ /** - * @file yaca_encrypt.h + * @file yaca_encrypt.h + * @brief Advanced API for the symmetric encryption. */ #ifndef YACA_ENCRYPT_H @@ -36,12 +37,6 @@ extern "C" { */ /** - * Note: Advanced-Encryption-Symmetric Advanced API for the symmetric encryption. - * - * - */ - -/** * @brief Returns the recommended/default length of the IV for a given encryption configuration. * * @since_tizen 3.0 diff --git a/api/yaca/yaca_error.h b/api/yaca/yaca_error.h index 7acb14e..03d6a57 100755 --- a/api/yaca/yaca_error.h +++ b/api/yaca/yaca_error.h @@ -17,7 +17,8 @@ */ /** - * @file yaca_error.h + * @file yaca_error.h + * @brief Error enums and defines. */ #ifndef YACA_ERROR_H @@ -29,21 +30,16 @@ extern "C" { #endif - /** * @addtogroup CAPI_YACA_ENCRYPTION_MODULE * @{ */ -/** - * Note: Error Yet another Crypto API - error enums. - * - */ - -/* define it temporary until this code goes into capi-base-common package */ +/* @cond Define it temporarily until this code goes into capi-base-common package */ #ifndef TIZEN_ERROR_YACA #define TIZEN_ERROR_YACA -0x01E30000 #endif +/* @endcond */ /** * @brief Enumeration of YACA error values. diff --git a/api/yaca/yaca_key.h b/api/yaca/yaca_key.h index f4809b6..2072cef 100755 --- a/api/yaca/yaca_key.h +++ b/api/yaca/yaca_key.h @@ -17,7 +17,8 @@ */ /** - * @file yaca_key.h + * @file yaca_key.h + * @brief Advanced API for the key and IV handling. */ #ifndef YACA_KEY_H @@ -36,12 +37,6 @@ extern "C" { */ /** - * Note: Key Advanced API for the key and IV handling. - * - * - */ - -/** * @brief NULL value for yaca_key_h type. * * @since_tizen 3.0 @@ -256,13 +251,6 @@ int yaca_key_extract_public(const yaca_key_h prv_key, yaca_key_h *pub_key); */ void yaca_key_destroy(yaca_key_h key); - -/** - * Note: Key-Derivation Advanced API for the key derivation. - * - * - */ - /** * @brief Derives a key from user password (PKCS #5 a.k.a. pbkdf2 algorithm). * diff --git a/api/yaca/yaca_seal.h b/api/yaca/yaca_seal.h index d97a909..a6ad219 100755 --- a/api/yaca/yaca_seal.h +++ b/api/yaca/yaca_seal.h @@ -17,7 +17,12 @@ */ /** - * @file yaca_seal.h + * @file yaca_seal.h + * @brief Advanced API for the asymmetric encryption. + * + * @details Seal does more than just encrypt. It first generates the encryption key and IV, + * then encrypts whole message using this key (and selected symmetric algorithm). + * Finally it encrypts symmetric key with public key. */ #ifndef YACA_SEAL_H @@ -36,16 +41,6 @@ extern "C" { */ /** - * Note Advanced-Encryption-Asymmetric Advanced API for the asymmetric encryption. - * - * - * @remarks Seal does more than just encrypt. It first generates the encryption key and IV, - * then encrypts whole message using this key (and selected symmetric algorithm). - * Finally it encrypts symmetric key with public key. - * - */ - -/** * @brief Initializes an asymmetric encryption context and generates symmetric key and IV. * * @remarks Generated symmetric key is encrypted with public key, diff --git a/api/yaca/yaca_sign.h b/api/yaca/yaca_sign.h index f06450d..0bf3097 100755 --- a/api/yaca/yaca_sign.h +++ b/api/yaca/yaca_sign.h @@ -17,7 +17,8 @@ */ /** - * @file yaca_sign.h + * @file yaca_sign.h + * @brief Advanced API for the integrity handling - HMAC, CMAC and digital signature. */ #ifndef YACA_SIGN_H @@ -36,12 +37,6 @@ extern "C" { */ /** - * Note: Advanced-Integrity Advanced API for the integrity handling - HMAC, CMAC and digital signature. - * - * - */ - -/** * @brief Initializes a signature context for asymmetric signatures. * * @since_tizen 3.0 diff --git a/api/yaca/yaca_simple.h b/api/yaca/yaca_simple.h index f0d958a..34a238c 100755 --- a/api/yaca/yaca_simple.h +++ b/api/yaca/yaca_simple.h @@ -17,7 +17,16 @@ */ /** - * @file yaca_simple.h + * @file yaca_simple.h + * @brief Simple API. + * + * @details This is simple API. + * Design constraints: + * - All operations are single-shot (no streaming possible) + * - Context is not used + * - For now only digest and symmetric ciphers are supported + * - GCM and CCM chaining is not supported + * - All outputs are allocated by the library */ #ifndef YACA_SIMPLE_H @@ -36,19 +45,6 @@ extern "C" { */ /** - * Note: Simple-API Simple API. - * - * @remarks This is simple API. - * Design constraints: - * - All operations are single-shot (no streaming possible) - * - Context is not used - * - For now only digest and symmetric ciphers are supported - * - GCM and CCM chaining is not supported - * - All outputs are allocated by the library - * - */ - -/** * @brief Calculates a digest of a buffer. * * @since_tizen 3.0 diff --git a/api/yaca/yaca_types.h b/api/yaca/yaca_types.h index f46ea34..bb47cdf 100755 --- a/api/yaca/yaca_types.h +++ b/api/yaca/yaca_types.h @@ -17,7 +17,8 @@ */ /** - * @file yaca_types.h + * @file yaca_types.h + * @brief Types enums and defines. */ #ifndef YACA_TYPES_H @@ -33,12 +34,6 @@ extern "C" { */ /** - * Note: Crypto-Types Yet Another Crypto API - types. - * - * - */ - -/** * @brief The context handle. * * @since_tizen 3.0 diff --git a/doc/doxygen.cfg b/doc/doxygen.cfg index 87e9f10..d034006 100644 --- a/doc/doxygen.cfg +++ b/doc/doxygen.cfg @@ -766,8 +766,7 @@ WARN_LOGFILE = # Note: If this tag is empty the current directory is searched. INPUT = ../api \ - ../examples \ - ../src + ../doc # This tag can be used to specify the character encoding of the source files # that doxygen parses. Internally doxygen uses the UTF-8 encoding. Doxygen uses diff --git a/doc/yaca_doc.h b/doc/yaca_doc.h index 3259591..41248a8 100755 --- a/doc/yaca_doc.h +++ b/doc/yaca_doc.h @@ -18,7 +18,7 @@ /** * @ingroup CAPI_SECURITY_FRAMEWORK * @defgroup CAPI_YACA_MODULE yaca crypto module - * @brief The yaca(yet another crypto api) provides a crypto function such as key management, data integrity and data en/decryption. + * @brief The YACA (Yet Another Crypto Api) provides a crypto function such as key management, data integrity and data en/decryption. * Key management provides APIs for generating secured key,importing a key trying to match it to the key_type specified and exporting a key to arbitrary format. * Data Integrity provides Advanced/Simpled API for the integrity handling - HMAC, CMAC, message digests and digital signature. * Data en/decryption provides Advanced/Simpled APIs for en/decrypting and sealing/opening a data. diff --git a/doc/yaca_encryption_doc.h b/doc/yaca_encryption_doc.h index 2fd3978..ed5403f 100755 --- a/doc/yaca_encryption_doc.h +++ b/doc/yaca_encryption_doc.h @@ -21,11 +21,11 @@ * @brief Provides APIs for encryption and decryption operations. * * @section CAPI_YACA_ENCRYPTION_MODULE_HEADER Required Header - * \#include - * \#include - * \#include - * \#include - * \#include + * \#include \n + * \#include \n + * \#include \n + * \#include \n + * \#include \n * * @section CAPI_YACA_ENCRYPTION_MODULE_OVERVIEW Overview * It provides advanced APIs for encryption/decryption operations with symmetric keys and sealing/opening operations with asymmetric keys. diff --git a/doc/yaca_integrity_doc.h b/doc/yaca_integrity_doc.h index 7598842..f10d3a4 100755 --- a/doc/yaca_integrity_doc.h +++ b/doc/yaca_integrity_doc.h @@ -21,8 +21,8 @@ * @brief Provides APIs for creating/verifying a signature and digesting a message. * * @section CAPI_YACA_INTEGRITY_MODULE_HEADER Required Header - * \#include - * \#include + * \#include \n + * \#include \n * * @section CAPI_YACA_INTEGRITY_MODULE_OVERVIEW Overview * It provides advanced APIs for creating a signature using asymmetric private key, verifying a signature using asymmetric public key, calculating a HMAC/CMAC of given message using symmetric key and calculating message digests of given message without key. diff --git a/doc/yaca_key_doc.h b/doc/yaca_key_doc.h index ff887f3..91d57e5 100755 --- a/doc/yaca_key_doc.h +++ b/doc/yaca_key_doc.h @@ -21,7 +21,7 @@ * @brief Provides APIs for key handling operations such as generating and importing a key. * * @section CAPI_YACA_KEY_MODULE_HEADER Required Header - * \#include + * \#include \n * * @section CAPI_YACA_KEY_MODULE_OVERVIEW Overview * It provides APIs for generating key using random number or password, importing a key trying to match it to the key_type specified and exporting a key to arbitrary format. diff --git a/doc/yaca_simple_doc.h b/doc/yaca_simple_doc.h index a4e6982..0e0339d 100755 --- a/doc/yaca_simple_doc.h +++ b/doc/yaca_simple_doc.h @@ -21,7 +21,7 @@ * @brief Provides simple APIs for cryptographic operations. * * @section CAPI_YACA_SIMPLE_MODULE_HEADER Required Header - * \#include + * \#include \n * * @section CAPI_YACA_SIMPLE_MODULE_OVERVIEW Overview * It provides simple APIs for encryption/decryption, signing/verification, and message digestion. -- 2.7.4 From ea84a140caeeccf26e2236875f162e6831e9fb39 Mon Sep 17 00:00:00 2001 From: Lukasz Pawelczyk Date: Mon, 11 Jul 2016 13:27:10 +0200 Subject: [PATCH 12/16] Convert CRLF to LF in doc/ directory Change-Id: I299418907c312731706a7d30e73fbbe679202ecc --- doc/yaca_doc.h | 124 +++++++++++++++++++++++----------------------- doc/yaca_encryption_doc.h | 70 +++++++++++++------------- doc/yaca_integrity_doc.h | 64 ++++++++++++------------ doc/yaca_key_doc.h | 62 +++++++++++------------ doc/yaca_simple_doc.h | 62 +++++++++++------------ 5 files changed, 191 insertions(+), 191 deletions(-) diff --git a/doc/yaca_doc.h b/doc/yaca_doc.h index 41248a8..86fed86 100755 --- a/doc/yaca_doc.h +++ b/doc/yaca_doc.h @@ -1,62 +1,62 @@ -/* - * Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the License); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an AS IS BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -#ifndef __TIZEN_CORE_YACA_DOC_H__ -#define __TIZEN_CORE_YACA_DOC_H__ -/** - * @ingroup CAPI_SECURITY_FRAMEWORK - * @defgroup CAPI_YACA_MODULE yaca crypto module - * @brief The YACA (Yet Another Crypto Api) provides a crypto function such as key management, data integrity and data en/decryption. - * Key management provides APIs for generating secured key,importing a key trying to match it to the key_type specified and exporting a key to arbitrary format. - * Data Integrity provides Advanced/Simpled API for the integrity handling - HMAC, CMAC, message digests and digital signature. - * Data en/decryption provides Advanced/Simpled APIs for en/decrypting and sealing/opening a data. - * - * @section CAPI_YACA_MODULE_OVERVIEW Overview - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - *
APIDescription
@ref CAPI_YACA_ENCRYPTION_MODULE Provides APIs for encryption/decryption operations with symmetric keys and sealing/opening operations with asymmetric keys.
@ref CAPI_YACA_INTEGRITY_MODULE Provides APIs for creating/verifying a signature, calculating HMAC/CMAC and calculating a message digest.
@ref CAPI_YACA_KEY_MODULE Provides APIs for key handling operations such as generating, importing, and exporting a key and deriving a key from password.
@ref CAPI_YACA_SIMPLE_MODULE Provides simple APIs for cryptographic operations.
- * - * The yaca provides a crypto function such as key management, integrity handling and data en/decryption. - * Key management provides APIs for generating secured key, importing a key trying to match it to the key type specified and exporting a key to arbitrary format. - * Data Integrity provides Advanced/Simpled API for the integrity handling - HMAC, CMAC, message digest and digital signature. - * Data en/decryption provides Advanced/Simpled APIs for en/decrypting a data and creating a IV. - * - * @image html capi_yaca_overview_diagram.png - * - * The yaca provides 3 types of API. - * - key management APIs : These APIs provides generating key using random number or password, importing a key trying to match it to the key_type specified and exporting a key to arbitrary format. - * - data en/decryption APIs : These APIs provides Advanced/Simpled API for the data encryption. - * - integrity APIs : These APIs provides creating a signature using asymmetric private key, verifying a signature using asymmetric public key, calculating a HMAC/CMAC of given message using symmetric key and calculating message digests of given message without key. - * - * - */ - -#endif /* __TIZEN_CORE_YACA_DOC_H__ */ +/* + * Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved + * + * Licensed under the Apache License, Version 2.0 (the License); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an AS IS BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +#ifndef __TIZEN_CORE_YACA_DOC_H__ +#define __TIZEN_CORE_YACA_DOC_H__ +/** + * @ingroup CAPI_SECURITY_FRAMEWORK + * @defgroup CAPI_YACA_MODULE yaca crypto module + * @brief The YACA (Yet Another Crypto Api) provides a crypto function such as key management, data integrity and data en/decryption. + * Key management provides APIs for generating secured key,importing a key trying to match it to the key_type specified and exporting a key to arbitrary format. + * Data Integrity provides Advanced/Simpled API for the integrity handling - HMAC, CMAC, message digests and digital signature. + * Data en/decryption provides Advanced/Simpled APIs for en/decrypting and sealing/opening a data. + * + * @section CAPI_YACA_MODULE_OVERVIEW Overview + * + * + * + * + * + * + * + * + * + * + * + * + * + * + * + * + * + * + *
APIDescription
@ref CAPI_YACA_ENCRYPTION_MODULE Provides APIs for encryption/decryption operations with symmetric keys and sealing/opening operations with asymmetric keys.
@ref CAPI_YACA_INTEGRITY_MODULE Provides APIs for creating/verifying a signature, calculating HMAC/CMAC and calculating a message digest.
@ref CAPI_YACA_KEY_MODULE Provides APIs for key handling operations such as generating, importing, and exporting a key and deriving a key from password.
@ref CAPI_YACA_SIMPLE_MODULE Provides simple APIs for cryptographic operations.
+ * + * The yaca provides a crypto function such as key management, integrity handling and data en/decryption. + * Key management provides APIs for generating secured key, importing a key trying to match it to the key type specified and exporting a key to arbitrary format. + * Data Integrity provides Advanced/Simpled API for the integrity handling - HMAC, CMAC, message digest and digital signature. + * Data en/decryption provides Advanced/Simpled APIs for en/decrypting a data and creating a IV. + * + * @image html capi_yaca_overview_diagram.png + * + * The yaca provides 3 types of API. + * - key management APIs : These APIs provides generating key using random number or password, importing a key trying to match it to the key_type specified and exporting a key to arbitrary format. + * - data en/decryption APIs : These APIs provides Advanced/Simpled API for the data encryption. + * - integrity APIs : These APIs provides creating a signature using asymmetric private key, verifying a signature using asymmetric public key, calculating a HMAC/CMAC of given message using symmetric key and calculating message digests of given message without key. + * + * + */ + +#endif /* __TIZEN_CORE_YACA_DOC_H__ */ diff --git a/doc/yaca_encryption_doc.h b/doc/yaca_encryption_doc.h index ed5403f..dff823a 100755 --- a/doc/yaca_encryption_doc.h +++ b/doc/yaca_encryption_doc.h @@ -1,35 +1,35 @@ -/* - * Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the License); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an AS IS BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -#ifndef __TIZEN_CORE_YACA_ENCRYPTION_DOC_H__ -#define __TIZEN_CORE_YACA_ENCRYPTION_DOC_H__ -/** - * @ingroup CAPI_YACA_MODULE - * @defgroup CAPI_YACA_ENCRYPTION_MODULE yaca encryption module - * @brief Provides APIs for encryption and decryption operations. - * - * @section CAPI_YACA_ENCRYPTION_MODULE_HEADER Required Header - * \#include \n - * \#include \n - * \#include \n - * \#include \n - * \#include \n - * - * @section CAPI_YACA_ENCRYPTION_MODULE_OVERVIEW Overview - * It provides advanced APIs for encryption/decryption operations with symmetric keys and sealing/opening operations with asymmetric keys. - * - */ - -#endif /* __TIZEN_CORE_YACA_ENCRYPTION_DOC_H__ */ +/* + * Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved + * + * Licensed under the Apache License, Version 2.0 (the License); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an AS IS BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +#ifndef __TIZEN_CORE_YACA_ENCRYPTION_DOC_H__ +#define __TIZEN_CORE_YACA_ENCRYPTION_DOC_H__ +/** + * @ingroup CAPI_YACA_MODULE + * @defgroup CAPI_YACA_ENCRYPTION_MODULE yaca encryption module + * @brief Provides APIs for encryption and decryption operations. + * + * @section CAPI_YACA_ENCRYPTION_MODULE_HEADER Required Header + * \#include \n + * \#include \n + * \#include \n + * \#include \n + * \#include \n + * + * @section CAPI_YACA_ENCRYPTION_MODULE_OVERVIEW Overview + * It provides advanced APIs for encryption/decryption operations with symmetric keys and sealing/opening operations with asymmetric keys. + * + */ + +#endif /* __TIZEN_CORE_YACA_ENCRYPTION_DOC_H__ */ diff --git a/doc/yaca_integrity_doc.h b/doc/yaca_integrity_doc.h index f10d3a4..023d812 100755 --- a/doc/yaca_integrity_doc.h +++ b/doc/yaca_integrity_doc.h @@ -1,32 +1,32 @@ -/* - * Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the License); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an AS IS BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -#ifndef __TIZEN_CORE_YACA_INTEGRITY_DOC_H__ -#define __TIZEN_CORE_YACA_INTEGRITY_DOC_H__ -/** - * @ingroup CAPI_YACA_MODULE - * @defgroup CAPI_YACA_INTEGRITY_MODULE yaca integrity module - * @brief Provides APIs for creating/verifying a signature and digesting a message. - * - * @section CAPI_YACA_INTEGRITY_MODULE_HEADER Required Header - * \#include \n - * \#include \n - * - * @section CAPI_YACA_INTEGRITY_MODULE_OVERVIEW Overview - * It provides advanced APIs for creating a signature using asymmetric private key, verifying a signature using asymmetric public key, calculating a HMAC/CMAC of given message using symmetric key and calculating message digests of given message without key. - * - */ - -#endif /* __TIZEN_CORE_YACA_INTEGRITY_DOC_H__ */ +/* + * Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved + * + * Licensed under the Apache License, Version 2.0 (the License); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an AS IS BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +#ifndef __TIZEN_CORE_YACA_INTEGRITY_DOC_H__ +#define __TIZEN_CORE_YACA_INTEGRITY_DOC_H__ +/** + * @ingroup CAPI_YACA_MODULE + * @defgroup CAPI_YACA_INTEGRITY_MODULE yaca integrity module + * @brief Provides APIs for creating/verifying a signature and digesting a message. + * + * @section CAPI_YACA_INTEGRITY_MODULE_HEADER Required Header + * \#include \n + * \#include \n + * + * @section CAPI_YACA_INTEGRITY_MODULE_OVERVIEW Overview + * It provides advanced APIs for creating a signature using asymmetric private key, verifying a signature using asymmetric public key, calculating a HMAC/CMAC of given message using symmetric key and calculating message digests of given message without key. + * + */ + +#endif /* __TIZEN_CORE_YACA_INTEGRITY_DOC_H__ */ diff --git a/doc/yaca_key_doc.h b/doc/yaca_key_doc.h index 91d57e5..382dfdc 100755 --- a/doc/yaca_key_doc.h +++ b/doc/yaca_key_doc.h @@ -1,31 +1,31 @@ -/* - * Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the License); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an AS IS BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -#ifndef __TIZEN_CORE_YACA_KEY_DOC_H__ -#define __TIZEN_CORE_YACA_KEY_DOC_H__ -/** - * @ingroup CAPI_YACA_MODULE - * @defgroup CAPI_YACA_KEY_MODULE yaca key management module - * @brief Provides APIs for key handling operations such as generating and importing a key. - * - * @section CAPI_YACA_KEY_MODULE_HEADER Required Header - * \#include \n - * - * @section CAPI_YACA_KEY_MODULE_OVERVIEW Overview - * It provides APIs for generating key using random number or password, importing a key trying to match it to the key_type specified and exporting a key to arbitrary format. - * - */ - -#endif /* __TIZEN_CORE_YACA_KEY_DOC_H__ */ +/* + * Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved + * + * Licensed under the Apache License, Version 2.0 (the License); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an AS IS BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +#ifndef __TIZEN_CORE_YACA_KEY_DOC_H__ +#define __TIZEN_CORE_YACA_KEY_DOC_H__ +/** + * @ingroup CAPI_YACA_MODULE + * @defgroup CAPI_YACA_KEY_MODULE yaca key management module + * @brief Provides APIs for key handling operations such as generating and importing a key. + * + * @section CAPI_YACA_KEY_MODULE_HEADER Required Header + * \#include \n + * + * @section CAPI_YACA_KEY_MODULE_OVERVIEW Overview + * It provides APIs for generating key using random number or password, importing a key trying to match it to the key_type specified and exporting a key to arbitrary format. + * + */ + +#endif /* __TIZEN_CORE_YACA_KEY_DOC_H__ */ diff --git a/doc/yaca_simple_doc.h b/doc/yaca_simple_doc.h index 0e0339d..3e1125f 100755 --- a/doc/yaca_simple_doc.h +++ b/doc/yaca_simple_doc.h @@ -1,31 +1,31 @@ -/* - * Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the License); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an AS IS BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -#ifndef __TIZEN_CORE_YACA_SIMPLE_DOC_H__ -#define __TIZEN_CORE_YACA_SIMPLE_DOC_H__ -/** - * @ingroup CAPI_YACA_MODULE - * @defgroup CAPI_YACA_SIMPLE_MODULE yaca simple crypto module - * @brief Provides simple APIs for cryptographic operations. - * - * @section CAPI_YACA_SIMPLE_MODULE_HEADER Required Header - * \#include \n - * - * @section CAPI_YACA_SIMPLE_MODULE_OVERVIEW Overview - * It provides simple APIs for encryption/decryption, signing/verification, and message digestion. - * - */ - -#endif /* __TIZEN_CORE_YACA_SIMPLE_DOC_H__ */ +/* + * Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved + * + * Licensed under the Apache License, Version 2.0 (the License); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an AS IS BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +#ifndef __TIZEN_CORE_YACA_SIMPLE_DOC_H__ +#define __TIZEN_CORE_YACA_SIMPLE_DOC_H__ +/** + * @ingroup CAPI_YACA_MODULE + * @defgroup CAPI_YACA_SIMPLE_MODULE yaca simple crypto module + * @brief Provides simple APIs for cryptographic operations. + * + * @section CAPI_YACA_SIMPLE_MODULE_HEADER Required Header + * \#include \n + * + * @section CAPI_YACA_SIMPLE_MODULE_OVERVIEW Overview + * It provides simple APIs for encryption/decryption, signing/verification, and message digestion. + * + */ + +#endif /* __TIZEN_CORE_YACA_SIMPLE_DOC_H__ */ -- 2.7.4 From 32797cd9d6badb4e8b7b4f61aebe680c2ab6ef33 Mon Sep 17 00:00:00 2001 From: Lukasz Pawelczyk Date: Wed, 13 Jul 2016 14:32:04 +0200 Subject: [PATCH 13/16] Fix formatting in yaca_debug_translate_error Change-Id: I125b51f447e74a79b0134192400bbc5af386419b --- src/debug.c | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/src/debug.c b/src/debug.c index f510ef3..9e5164b 100644 --- a/src/debug.c +++ b/src/debug.c @@ -47,15 +47,15 @@ API void yaca_debug_set_error_cb(yaca_error_cb fn) #define ERRORDESCRIBE(name) case name: return #name API const char *yaca_debug_translate_error(yaca_error_e err) { - switch(err) { - ERRORDESCRIBE(YACA_ERROR_NONE); - ERRORDESCRIBE(YACA_ERROR_INVALID_PARAMETER); - ERRORDESCRIBE(YACA_ERROR_OUT_OF_MEMORY); - ERRORDESCRIBE(YACA_ERROR_INTERNAL); - ERRORDESCRIBE(YACA_ERROR_DATA_MISMATCH); - ERRORDESCRIBE(YACA_ERROR_INVALID_PASSWORD); - default: return "Error not defined"; - } + switch (err) { + ERRORDESCRIBE(YACA_ERROR_NONE); + ERRORDESCRIBE(YACA_ERROR_INVALID_PARAMETER); + ERRORDESCRIBE(YACA_ERROR_OUT_OF_MEMORY); + ERRORDESCRIBE(YACA_ERROR_INTERNAL); + ERRORDESCRIBE(YACA_ERROR_DATA_MISMATCH); + ERRORDESCRIBE(YACA_ERROR_INVALID_PASSWORD); + default: return "Error not defined"; + } } #undef ERRORDESCRIBE -- 2.7.4 From 6061c8befac3feefdc17e1b0d7cd2ce8cd4c1782 Mon Sep 17 00:00:00 2001 From: Dariusz Michaluk Date: Thu, 14 Jul 2016 10:48:11 +0200 Subject: [PATCH 14/16] Fix: RC4 doesn't support block cipher modes Change-Id: Iab022f1791712e0670a02ab2262e03fc0b79c365 --- src/encrypt.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/src/encrypt.c b/src/encrypt.c index a9f097a..1c00abf 100644 --- a/src/encrypt.c +++ b/src/encrypt.c @@ -289,7 +289,10 @@ int encrypt_get_algorithm(yaca_encrypt_algorithm_e algo, algo_name, bcm_name); break; case YACA_ENCRYPT_UNSAFE_RC4: - ret = snprintf(cipher_name, sizeof(cipher_name), "%s", algo_name); + if (bcm != YACA_BCM_NONE) + ret = YACA_ERROR_INVALID_PARAMETER; + else + ret = snprintf(cipher_name, sizeof(cipher_name), "%s", algo_name); break; default: return YACA_ERROR_INVALID_PARAMETER; -- 2.7.4 From 033cdfef3815b34990f8506c9457935fcc909620 Mon Sep 17 00:00:00 2001 From: Mateusz Forc Date: Thu, 14 Jul 2016 12:26:40 +0200 Subject: [PATCH 15/16] FIX: Unhandled OpenSSL error, when using invalid imported key Change-Id: I5982553ae96bd9cde491bc9ccf79ff643303cb25 --- src/encrypt.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/encrypt.c b/src/encrypt.c index 1c00abf..83ec1ba 100644 --- a/src/encrypt.c +++ b/src/encrypt.c @@ -421,7 +421,7 @@ static int encrypt_initialize(yaca_context_h *ctx, ret = EVP_CIPHER_CTX_set_key_length(nc->cipher_ctx, key_bit_len / 8); if (ret != 1) { ret = YACA_ERROR_INVALID_PARAMETER; - ERROR_DUMP(ret); + ERROR_CLEAR(); goto exit; } -- 2.7.4 From c4af6cc38ef57c2a8c4aa31d7ce455fb52c37342 Mon Sep 17 00:00:00 2001 From: Dongsun Lee Date: Fri, 15 Jul 2016 20:11:48 +0900 Subject: [PATCH 16/16] Added manifest file to label library to floor - Currently, libyaca.so.0 is labelled as "System", so applications cannot access on it. Change-Id: I9c3db2708388508572c5e3d7bd920f4128a9f53f Signed-off-by: Dongsun Lee --- CMakeLists.txt | 2 ++ packaging/yaca.manifest.in | 5 +++++ packaging/yaca.spec | 1 + 3 files changed, 8 insertions(+) create mode 100644 packaging/yaca.manifest.in diff --git a/CMakeLists.txt b/CMakeLists.txt index 7b9cb1b..606c9fc 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -95,5 +95,7 @@ IF(NOT DEFINED EXAMPLES_DIR) SET(EXAMPLES_DIR "${SHARE_INSTALL_PREFIX}/${PROJECT_NAME}/examples") ENDIF(NOT DEFINED EXAMPLES_DIR) +CONFIGURE_FILE(packaging/yaca.manifest.in yaca.manifest @ONLY) + ADD_SUBDIRECTORY(${SRC_FOLDER}) ADD_SUBDIRECTORY(${EXAMPLES_FOLDER}) diff --git a/packaging/yaca.manifest.in b/packaging/yaca.manifest.in new file mode 100644 index 0000000..86dbb26 --- /dev/null +++ b/packaging/yaca.manifest.in @@ -0,0 +1,5 @@ + + + + + diff --git a/packaging/yaca.spec b/packaging/yaca.spec index 327df37..8e81aa4 100644 --- a/packaging/yaca.spec +++ b/packaging/yaca.spec @@ -19,6 +19,7 @@ The package provides Yet Another Crypto API. %postun -p /sbin/ldconfig %files +%manifest yaca.manifest %{_libdir}/libyaca.so.0 %{_libdir}/libyaca.so.%{version} -- 2.7.4