From cbd593de08b1b87a0055fc89365a13ce97a1f2d2 Mon Sep 17 00:00:00 2001 From: Kyungwook Tak Date: Mon, 12 Sep 2016 10:30:53 +0900 Subject: [PATCH 01/16] Revert "Fix svace defects" This reverts commit 60428c2b10ccec13afe901d21b87ac949ffafa4c. 2 Svace defects (141053, 142079) is handled as `won't fix`, defended by assert() checking and logically Change-Id: I4d29b8e0c430929a57767293ec9c0d442e2f44e4 Signed-off-by: Kyungwook Tak --- src/encrypt.c | 3 +-- src/rsa.c | 3 +-- 2 files changed, 2 insertions(+), 4 deletions(-) diff --git a/src/encrypt.c b/src/encrypt.c index d343efe..9bf4e74 100644 --- a/src/encrypt.c +++ b/src/encrypt.c @@ -556,8 +556,7 @@ static int encrypt_ctx_restore(struct yaca_encrypt_context_s *c) } key = key_get_simple(c->backup_ctx->sym_key); - if (key == NULL) - return YACA_ERROR_INVALID_PARAMETER; + assert(key != NULL); ret = encrypt_ctx_init(c, c->backup_ctx->cipher, key->bit_len); assert(ret != YACA_ERROR_INVALID_PARAMETER); diff --git a/src/rsa.c b/src/rsa.c index 334a383..436c3b9 100644 --- a/src/rsa.c +++ b/src/rsa.c @@ -78,8 +78,7 @@ static int encrypt_decrypt(yaca_padding_e padding, assert(lpadding != -1); lasym_key = key_get_evp(key); - if (lasym_key == NULL) - return YACA_ERROR_INVALID_PARAMETER; + assert(lasym_key != NULL); ret = EVP_PKEY_size(lasym_key->evp); if (ret <= 0) { -- 2.7.4 From 0dd2d096bce922d2b7fba3fb7ba08c103e8ca715 Mon Sep 17 00:00:00 2001 From: Lukasz Pawelczyk Date: Tue, 13 Sep 2016 13:03:16 +0200 Subject: [PATCH 02/16] Describe padding usage for sign/verify operations Change-Id: I4efa09f2a57c7fcd5f81124fc57bcbf890b484d4 --- api/yaca/yaca_sign.h | 11 +++++++++++ api/yaca/yaca_simple.h | 3 ++- 2 files changed, 13 insertions(+), 1 deletion(-) diff --git a/api/yaca/yaca_sign.h b/api/yaca/yaca_sign.h index 84aae2c..16bcfd1 100755 --- a/api/yaca/yaca_sign.h +++ b/api/yaca/yaca_sign.h @@ -44,6 +44,9 @@ extern "C" { * @remarks For verification use yaca_verify_initialize(), yaca_verify_update() and * yaca_verify_finalize() functions with matching public key. * + * @remarks For RSA operations the default padding used is #YACA_PADDING_PKCS1. It can be + * changed using yaca_context_set_property() with #YACA_PROPERTY_PADDING. + * * @remarks The @a ctx should be released using yaca_context_destroy() * * @param[out] ctx Newly created context @@ -63,6 +66,8 @@ extern "C" { * * @see #yaca_key_type_e * @see #yaca_digest_algorithm_e + * @see #yaca_padding_e + * @see yaca_context_set_property() * @see yaca_sign_update() * @see yaca_sign_finalize() * @see yaca_verify_initialize() @@ -202,6 +207,10 @@ int yaca_sign_finalize(yaca_context_h ctx, * * @since_tizen 3.0 * + * @remarks For RSA operations the default padding used is #YACA_PADDING_PKCS1. It can be + * changed using yaca_context_set_property() with #YACA_PROPERTY_PADDING. + * For verify to succeed it has to be set to the same value it was signed with. + * * @remarks The @a ctx should be released using yaca_context_destroy() * * @param[out] ctx Newly created context @@ -221,6 +230,8 @@ int yaca_sign_finalize(yaca_context_h ctx, * * @see #yaca_key_type_e * @see #yaca_digest_algorithm_e + * @see #yaca_padding_e + * @see yaca_context_set_property() * @see yaca_verify_update() * @see yaca_verify_finalize() * @see yaca_context_destroy() diff --git a/api/yaca/yaca_simple.h b/api/yaca/yaca_simple.h index a6d00ce..9adb8ca 100755 --- a/api/yaca/yaca_simple.h +++ b/api/yaca/yaca_simple.h @@ -25,7 +25,8 @@ * - All operations are single-shot (no streaming possible) * - Context is not used * - Only digest, signatures and symmetric ciphers are supported - * - Disabling PKCS#5 padding for ECB and CBC chaining is not supported + * - Disabling PKCS#7 padding for ECB and CBC chaining is not supported + * - Changing the default PKCS#1 padding for sign/verify is not supported * - GCM and CCM chaining is not supported * - RC2 effective key bits property is not supported * - All outputs are allocated by the library -- 2.7.4 From b3a6beafac3b820e16efedc3d029981b74cd078a Mon Sep 17 00:00:00 2001 From: Dariusz Michaluk Date: Tue, 13 Sep 2016 10:14:31 +0200 Subject: [PATCH 03/16] Remove get_sign_property() functionality Change-Id: Iadecd8f919eff7a3aa6efe6f4cdc096b5539ace5 --- src/sign.c | 74 ++------------------------------------------------------------ 1 file changed, 2 insertions(+), 72 deletions(-) diff --git a/src/sign.c b/src/sign.c index ea9ce6f..4aba130 100644 --- a/src/sign.c +++ b/src/sign.c @@ -168,76 +168,6 @@ int set_sign_property(yaca_context_h ctx, return YACA_ERROR_NONE; } -int get_sign_property(const yaca_context_h ctx, - yaca_property_e property, - void **value, - size_t *value_len) -{ - int ret; - struct yaca_sign_context_s *c = get_sign_context(ctx); - EVP_PKEY *pkey; - EVP_PKEY_CTX *pctx; - int pad; - yaca_padding_e padding; - - if (c == NULL || value == NULL) - return YACA_ERROR_INVALID_PARAMETER; - - assert(c->md_ctx != NULL); - - pctx = EVP_MD_CTX_pkey_ctx(c->md_ctx); - if (pctx == NULL) - return YACA_ERROR_INTERNAL; - - /* this function only supports padding */ - if (property != YACA_PROPERTY_PADDING) - return YACA_ERROR_INVALID_PARAMETER; - - pkey = EVP_PKEY_CTX_get0_pkey(pctx); - if (pkey == NULL) { - ret = YACA_ERROR_INTERNAL; - ERROR_DUMP(ret); - return ret; - } - - /* padding only works for RSA */ - if (EVP_PKEY_id(pkey) != EVP_PKEY_RSA) - return YACA_ERROR_INVALID_PARAMETER; - - ret = EVP_PKEY_CTX_get_rsa_padding(pctx, &pad); - if (ret <= 0) { - ret = YACA_ERROR_INTERNAL; - ERROR_DUMP(ret); - return ret; - } - - switch (pad) { - case RSA_X931_PADDING: - padding = YACA_PADDING_X931; - break; - case RSA_PKCS1_PADDING: - padding = YACA_PADDING_PKCS1; - break; - case RSA_PKCS1_PSS_PADDING: - padding = YACA_PADDING_PKCS1_PSS; - break; - default: - ret = YACA_ERROR_INTERNAL; - ERROR_DUMP(YACA_ERROR_INTERNAL); - return ret; - } - - ret = yaca_malloc(sizeof(yaca_padding_e), value); - if (ret != YACA_ERROR_NONE) - return ret; - - memcpy(*value, &padding, sizeof(yaca_padding_e)); - if (value_len != NULL) - *value_len = sizeof(yaca_padding_e); - - return YACA_ERROR_NONE; -} - API int yaca_sign_initialize(yaca_context_h *ctx, yaca_digest_algorithm_e algo, const yaca_key_h prv_key) @@ -268,7 +198,7 @@ API int yaca_sign_initialize(yaca_context_h *ctx, nc->ctx.context_destroy = destroy_sign_context; nc->ctx.get_output_length = get_sign_output_length; nc->ctx.set_property = set_sign_property; - nc->ctx.get_property = get_sign_property; + nc->ctx.get_property = NULL; ret = digest_get_algorithm(algo, &md); if (ret != YACA_ERROR_NONE) @@ -515,7 +445,7 @@ API int yaca_verify_initialize(yaca_context_h *ctx, nc->ctx.context_destroy = destroy_sign_context; nc->ctx.get_output_length = NULL; nc->ctx.set_property = set_sign_property; - nc->ctx.get_property = get_sign_property; + nc->ctx.get_property = NULL; ret = digest_get_algorithm(algo, &md); if (ret != YACA_ERROR_NONE) -- 2.7.4 From efad90f650cd388ee7ba2c2ac2cfc1934b9b1c03 Mon Sep 17 00:00:00 2001 From: Dongsun Lee Date: Fri, 23 Sep 2016 10:12:47 +0900 Subject: [PATCH 04/16] Fix TYPO for removing warning during doxygen generation Change-Id: I1a971b00b321a56e6ea59d03f3c51056494f16ab Signed-off-by: Dongsun Lee --- api/yaca/yaca_types.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/api/yaca/yaca_types.h b/api/yaca/yaca_types.h index 0f0ae33..59674bc 100755 --- a/api/yaca/yaca_types.h +++ b/api/yaca/yaca_types.h @@ -676,7 +676,7 @@ typedef enum { /** * PKCS #1 v1.5 padding with an SSL-specific modification that denotes that the party * is SSL3 capable. It is used for rollback attack detection in SSLv3. If during decryption it - * turns out that both parties are using #YACA_PADDING_PKCS1_SSL23 (both are communicating + * turns out that both parties are using #YACA_PADDING_PKCS1_SSLV23 (both are communicating * using SSL2 and both are SSL3 capable) it is treated as a rollback attack and an error is * returned. Suitable for low-level RSA public_encrypt/private_decrypt operations. For * low-level operations the input must be at least 11 bytes shorter than the key length. -- 2.7.4 From 262feae6c533f27d65fe72ca7147262dcf79b5a9 Mon Sep 17 00:00:00 2001 From: Dariusz Michaluk Date: Thu, 15 Sep 2016 11:09:46 +0200 Subject: [PATCH 05/16] Fix: ECB and CBC with padding always needs yaca_decrypt_update() In case of empty message encryption we can skip yaca_encrypt_update(), then yaca_encrypt_finalize() returns encrypted block at the output. During decryption, we can't skip yaca_decrypt_update(). Change-Id: Ib4a5d06f03560ea8b26f6bec674721a62fe1f72b --- src/debug.c | 1 + 1 file changed, 1 insertion(+) diff --git a/src/debug.c b/src/debug.c index b6a113d..13a3fd4 100644 --- a/src/debug.c +++ b/src/debug.c @@ -137,6 +137,7 @@ int error_handle(const char *file, int line, const char *function) case ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_D2I_READ_BIO, ASN1_R_NOT_ENOUGH_DATA): case ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_ENCRYPTFINAL_EX, EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH): case ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_DECRYPTFINAL_EX, EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH): + case ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_DECRYPTFINAL_EX, EVP_R_WRONG_FINAL_BLOCK_LENGTH): case ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_PKEY_DERIVE_SET_PEER, EVP_R_DIFFERENT_PARAMETERS): ret = YACA_ERROR_INVALID_PARAMETER; break; -- 2.7.4 From e2c04b5a3878d85fda7e4bdd2f4b8911e71e826d Mon Sep 17 00:00:00 2001 From: Dariusz Michaluk Date: Wed, 14 Sep 2016 13:16:32 +0200 Subject: [PATCH 06/16] Handle sign/digest API call order Change-Id: Idf64e1b9c3d6dbbe319dbce54786407c941db90a --- src/digest.c | 26 ++++++++++++++++++++++++++ src/encrypt.c | 52 ++++++++++++++++++++++++++-------------------------- src/internal.h | 26 +++++++++++++++++--------- src/sign.c | 44 ++++++++++++++++++++++++++++++++++++++++++-- 4 files changed, 111 insertions(+), 37 deletions(-) diff --git a/src/digest.c b/src/digest.c index 361b9f8..5b4b2f4 100644 --- a/src/digest.c +++ b/src/digest.c @@ -49,8 +49,23 @@ struct yaca_digest_context_s { struct yaca_context_s ctx; EVP_MD_CTX *md_ctx; + enum context_state_e state; }; +static bool CTX_DEFAULT_STATES[CTX_COUNT][CTX_COUNT] = { +/* from \ to INIT, MSG, FIN */ +/* INIT */ { 0, 1, 1 }, +/* MSG */ { 0, 1, 1 }, +/* FIN */ { 0, 0, 0 }, +}; + +static bool verify_state_change(struct yaca_digest_context_s *c, enum context_state_e to) +{ + int from = c->state; + + return CTX_DEFAULT_STATES[from][to]; +} + static struct yaca_digest_context_s *get_digest_context(const yaca_context_h ctx) { if (ctx == YACA_CONTEXT_NULL) @@ -136,6 +151,8 @@ API int yaca_digest_initialize(yaca_context_h *ctx, yaca_digest_algorithm_e algo nc->ctx.type = YACA_CONTEXT_DIGEST; nc->ctx.context_destroy = destroy_digest_context; nc->ctx.get_output_length = get_digest_output_length; + nc->ctx.set_property = NULL; + nc->ctx.get_property = NULL; ret = digest_get_algorithm(algo, &md); if (ret != YACA_ERROR_NONE) @@ -155,6 +172,7 @@ API int yaca_digest_initialize(yaca_context_h *ctx, yaca_digest_algorithm_e algo goto exit; } + nc->state = CTX_INITIALIZED; *ctx = (yaca_context_h)nc; nc = NULL; ret = YACA_ERROR_NONE; @@ -173,6 +191,9 @@ API int yaca_digest_update(yaca_context_h ctx, const char *message, size_t messa if (c == NULL || message == NULL || message_len == 0) return YACA_ERROR_INVALID_PARAMETER; + if (!verify_state_change(c, CTX_MSG_UPDATED)) + return YACA_ERROR_INVALID_PARAMETER; + ret = EVP_DigestUpdate(c->md_ctx, message, message_len); if (ret != 1) { ret = YACA_ERROR_INTERNAL; @@ -180,6 +201,7 @@ API int yaca_digest_update(yaca_context_h ctx, const char *message, size_t messa return ret; } + c->state = CTX_MSG_UPDATED; return YACA_ERROR_NONE; } @@ -192,6 +214,9 @@ API int yaca_digest_finalize(yaca_context_h ctx, char *digest, size_t *digest_le if (c == NULL || digest == NULL || digest_len == NULL) return YACA_ERROR_INVALID_PARAMETER; + if (!verify_state_change(c, CTX_FINALIZED)) + return YACA_ERROR_INVALID_PARAMETER; + if (*digest_len == 0 || *digest_len > UINT_MAX) /* DigestFinal accepts UINT */ return YACA_ERROR_INVALID_PARAMETER; @@ -202,6 +227,7 @@ API int yaca_digest_finalize(yaca_context_h ctx, char *digest, size_t *digest_le return ret; } + c->state = CTX_FINALIZED; *digest_len = len; return YACA_ERROR_NONE; diff --git a/src/encrypt.c b/src/encrypt.c index 9bf4e74..1c3bcf5 100644 --- a/src/encrypt.c +++ b/src/encrypt.c @@ -117,7 +117,7 @@ static bool is_encryption_op(enum encrypt_op_type_e op_type) return (op_type == OP_ENCRYPT || op_type == OP_SEAL); } -static bool DEFAULT_STATES[STATE_COUNT][STATE_COUNT] = { +static bool DEFAULT_STATES[ENC_CTX_COUNT][ENC_CTX_COUNT] = { /* from \ to INIT, MLEN, AAD, MSG, TAG, TLEN, FIN */ /* INIT */ { 0, 0, 0, 1, 0, 0, 1 }, /* MLEN */ { 0, 0, 0, 0, 0, 0, 0 }, @@ -128,7 +128,7 @@ static bool DEFAULT_STATES[STATE_COUNT][STATE_COUNT] = { /* FIN */ { 0, 0, 0, 0, 0, 0, 0 }, }; -static bool GCM_STATES[2][STATE_COUNT][STATE_COUNT] = { { +static bool GCM_STATES[2][ENC_CTX_COUNT][ENC_CTX_COUNT] = { { /* ENCRYPTION */ /* from \ to INIT, MLEN, AAD, MSG, TAG, TLEN, FIN */ /* INIT */ { 0, 0, 1, 1, 0, 0, 1 }, @@ -150,7 +150,7 @@ static bool GCM_STATES[2][STATE_COUNT][STATE_COUNT] = { { /* FIN */ { 0, 0, 0, 0, 0, 0, 0 }, } }; -static bool CCM_STATES[2][STATE_COUNT][STATE_COUNT] = { { +static bool CCM_STATES[2][ENC_CTX_COUNT][ENC_CTX_COUNT] = { { /* ENCRYPTION */ /* from \ to INIT, MLEN, AAD, MSG, TAG, TLEN, FIN */ /* INIT */ { 0, 1, 0, 1, 0, 1, 0 }, @@ -172,7 +172,7 @@ static bool CCM_STATES[2][STATE_COUNT][STATE_COUNT] = { { /* FIN */ { 0, 0, 0, 0, 0, 0, 0 }, } }; -static bool WRAP_STATES[STATE_COUNT][STATE_COUNT] = { +static bool WRAP_STATES[ENC_CTX_COUNT][ENC_CTX_COUNT] = { /* from \ to INIT, MLEN, AAD, MSG, TAG, TLEN, FIN */ /* INIT */ { 0, 0, 0, 1, 0, 0, 0 }, /* MLEN */ { 0, 0, 0, 0, 0, 0, 0 }, @@ -668,79 +668,79 @@ int set_encrypt_property(yaca_context_h ctx, switch (property) { case YACA_PROPERTY_GCM_AAD: if (mode != EVP_CIPH_GCM_MODE || - !verify_state_change(c, STATE_AAD_UPDATED)) + !verify_state_change(c, ENC_CTX_AAD_UPDATED)) return YACA_ERROR_INVALID_PARAMETER; if (EVP_CipherUpdate(c->cipher_ctx, NULL, &len, value, value_len) != 1) { ERROR_DUMP(YACA_ERROR_INTERNAL); return YACA_ERROR_INTERNAL; } - c->state = STATE_AAD_UPDATED; + c->state = ENC_CTX_AAD_UPDATED; break; case YACA_PROPERTY_CCM_AAD: if (mode != EVP_CIPH_CCM_MODE || - !verify_state_change(c, STATE_AAD_UPDATED)) + !verify_state_change(c, ENC_CTX_AAD_UPDATED)) return YACA_ERROR_INVALID_PARAMETER; if (EVP_CipherUpdate(c->cipher_ctx, NULL, &len, value, value_len) != 1) { ERROR_DUMP(YACA_ERROR_INTERNAL); return YACA_ERROR_INTERNAL; } - c->state = STATE_AAD_UPDATED; + c->state = ENC_CTX_AAD_UPDATED; break; case YACA_PROPERTY_GCM_TAG: if (mode != EVP_CIPH_GCM_MODE || is_encryption_op(c->op_type) || !is_valid_tag_len(mode, value_len) || - !verify_state_change(c, STATE_TAG_SET)) + !verify_state_change(c, ENC_CTX_TAG_SET)) return YACA_ERROR_INVALID_PARAMETER; if (EVP_CIPHER_CTX_ctrl(c->cipher_ctx, EVP_CTRL_GCM_SET_TAG, value_len, (void*)value) != 1) { ERROR_DUMP(YACA_ERROR_INTERNAL); return YACA_ERROR_INTERNAL; } - c->state = STATE_TAG_SET; + c->state = ENC_CTX_TAG_SET; break; case YACA_PROPERTY_GCM_TAG_LEN: if (value_len != sizeof(size_t) || mode != EVP_CIPH_GCM_MODE || !is_encryption_op(c->op_type) || !is_valid_tag_len(mode, *(size_t*)value) || - !verify_state_change(c, STATE_TAG_LENGTH_SET)) + !verify_state_change(c, ENC_CTX_TAG_LENGTH_SET)) return YACA_ERROR_INVALID_PARAMETER; c->tag_len = *(size_t*)value; - c->state = STATE_TAG_LENGTH_SET; + c->state = ENC_CTX_TAG_LENGTH_SET; break; case YACA_PROPERTY_CCM_TAG: if (mode != EVP_CIPH_CCM_MODE || is_encryption_op(c->op_type) || !is_valid_tag_len(mode, value_len) || - !verify_state_change(c, STATE_TAG_SET)) + !verify_state_change(c, ENC_CTX_TAG_SET)) return YACA_ERROR_INVALID_PARAMETER; ret = encrypt_ctx_set_ccm_tag(c, (char*)value, value_len); if (ret != YACA_ERROR_NONE) return ret; - c->state = STATE_TAG_SET; + c->state = ENC_CTX_TAG_SET; break; case YACA_PROPERTY_CCM_TAG_LEN: if (value_len != sizeof(size_t) || mode != EVP_CIPH_CCM_MODE || !is_encryption_op(c->op_type) || !is_valid_tag_len(mode, *(size_t*)value) || - !verify_state_change(c, STATE_TAG_LENGTH_SET)) + !verify_state_change(c, ENC_CTX_TAG_LENGTH_SET)) return YACA_ERROR_INVALID_PARAMETER; ret = encrypt_ctx_set_ccm_tag_len(c, *(size_t*)value); if (ret != YACA_ERROR_NONE) return ret; - c->state = STATE_TAG_LENGTH_SET; + c->state = ENC_CTX_TAG_LENGTH_SET; break; case YACA_PROPERTY_PADDING: if ((mode != EVP_CIPH_ECB_MODE && mode != EVP_CIPH_CBC_MODE) || value_len != sizeof(yaca_padding_e) || (*(yaca_padding_e*)value != YACA_PADDING_NONE && *(yaca_padding_e*)value != YACA_PADDING_PKCS7) || - c->state == STATE_FINALIZED) + c->state == ENC_CTX_FINALIZED) return YACA_ERROR_INVALID_PARAMETER; int padding = *(yaca_padding_e*)value == YACA_PADDING_NONE ? 0 : 1; @@ -754,7 +754,7 @@ int set_encrypt_property(yaca_context_h ctx, case YACA_PROPERTY_RC2_EFFECTIVE_KEY_BITS: if (value_len != sizeof(size_t) || (nid != NID_rc2_cbc && nid != NID_rc2_ecb && nid != NID_rc2_cfb64 && nid != NID_rc2_ofb64) || - c->state != STATE_INITIALIZED) + c->state != ENC_CTX_INITIALIZED) return YACA_ERROR_INVALID_PARAMETER; ret = encrypt_ctx_set_rc2_effective_key_bits(c, *(size_t*)value); @@ -783,7 +783,7 @@ int get_encrypt_property(const yaca_context_h ctx, yaca_property_e property, if (value_len == NULL || !is_encryption_op(c->op_type) || mode != EVP_CIPH_GCM_MODE || - (c->state != STATE_TAG_LENGTH_SET && c->state != STATE_FINALIZED)) + (c->state != ENC_CTX_TAG_LENGTH_SET && c->state != ENC_CTX_FINALIZED)) return YACA_ERROR_INVALID_PARAMETER; assert(c->tag_len <= INT_MAX); @@ -801,7 +801,7 @@ int get_encrypt_property(const yaca_context_h ctx, yaca_property_e property, if (value_len == NULL || !is_encryption_op(c->op_type) || mode != EVP_CIPH_CCM_MODE || - c->state != STATE_FINALIZED) + c->state != ENC_CTX_FINALIZED) return YACA_ERROR_INVALID_PARAMETER; assert(c->tag_len <= INT_MAX); @@ -946,7 +946,7 @@ int encrypt_initialize(yaca_context_h *ctx, goto exit; } - nc->state = STATE_INITIALIZED; + nc->state = ENC_CTX_INITIALIZED; *ctx = (yaca_context_h)nc; nc = NULL; @@ -977,13 +977,13 @@ int encrypt_update(yaca_context_h ctx, enum encrypt_context_state_e target_state; if (output == NULL && input == NULL) - target_state = STATE_MSG_LENGTH_UPDATED; + target_state = ENC_CTX_MSG_LENGTH_UPDATED; else if (output == NULL) - target_state = STATE_AAD_UPDATED; + target_state = ENC_CTX_AAD_UPDATED; else if (input == NULL) return YACA_ERROR_INVALID_PARAMETER; else - target_state = STATE_MSG_UPDATED; + target_state = ENC_CTX_MSG_UPDATED; if (!verify_state_change(c, target_state)) return YACA_ERROR_INVALID_PARAMETER; @@ -1065,7 +1065,7 @@ int encrypt_finalize(yaca_context_h ctx, if (c == NULL || output == NULL || output_len == NULL || op_type != c->op_type) return YACA_ERROR_INVALID_PARAMETER; - if (!verify_state_change(c, STATE_FINALIZED)) + if (!verify_state_change(c, ENC_CTX_FINALIZED)) return YACA_ERROR_INVALID_PARAMETER; mode = EVP_CIPHER_CTX_mode(c->cipher_ctx); @@ -1089,7 +1089,7 @@ int encrypt_finalize(yaca_context_h ctx, if (EVP_CIPHER_CTX_test_flags(c->cipher_ctx, EVP_CIPH_FLAG_LENGTH_BITS) != 0) *output_len /= 8; - c->state = STATE_FINALIZED; + c->state = ENC_CTX_FINALIZED; return YACA_ERROR_NONE; } diff --git a/src/internal.h b/src/internal.h index 20da604..4bae2aa 100644 --- a/src/internal.h +++ b/src/internal.h @@ -98,15 +98,23 @@ struct yaca_backup_context_s { }; enum encrypt_context_state_e { - STATE_INITIALIZED = 0, - STATE_MSG_LENGTH_UPDATED, - STATE_AAD_UPDATED, - STATE_MSG_UPDATED, - STATE_TAG_SET, - STATE_TAG_LENGTH_SET, - STATE_FINALIZED, - - STATE_COUNT, + ENC_CTX_INITIALIZED = 0, + ENC_CTX_MSG_LENGTH_UPDATED, + ENC_CTX_AAD_UPDATED, + ENC_CTX_MSG_UPDATED, + ENC_CTX_TAG_SET, + ENC_CTX_TAG_LENGTH_SET, + ENC_CTX_FINALIZED, + + ENC_CTX_COUNT, +}; + +enum context_state_e { + CTX_INITIALIZED = 0, + CTX_MSG_UPDATED, + CTX_FINALIZED, + + CTX_COUNT, }; struct yaca_encrypt_context_s { diff --git a/src/sign.c b/src/sign.c index 4aba130..15f0ba9 100644 --- a/src/sign.c +++ b/src/sign.c @@ -48,8 +48,23 @@ struct yaca_sign_context_s { EVP_MD_CTX *md_ctx; enum sign_op_type op_type; + enum context_state_e state; }; +static bool CTX_DEFAULT_STATES[CTX_COUNT][CTX_COUNT] = { +/* from \ to INIT, MSG, FIN */ +/* INIT */ { 0, 1, 1 }, +/* MSG */ { 0, 1, 1 }, +/* FIN */ { 0, 0, 0 }, +}; + +static bool verify_state_change(struct yaca_sign_context_s *c, enum context_state_e to) +{ + int from = c->state; + + return CTX_DEFAULT_STATES[from][to]; +} + static struct yaca_sign_context_s *get_sign_context(const yaca_context_h ctx) { if (ctx == YACA_CONTEXT_NULL) @@ -120,7 +135,7 @@ int set_sign_property(yaca_context_h ctx, EVP_PKEY *pkey; EVP_PKEY_CTX *pctx; - if (c == NULL || value == NULL) + if (c == NULL || value == NULL || c->state == CTX_FINALIZED) return YACA_ERROR_INVALID_PARAMETER; assert(c->md_ctx != NULL); @@ -218,6 +233,7 @@ API int yaca_sign_initialize(yaca_context_h *ctx, goto exit; } + nc->state = CTX_INITIALIZED; *ctx = (yaca_context_h)nc; nc = NULL; ret = YACA_ERROR_NONE; @@ -250,6 +266,8 @@ API int yaca_sign_initialize_hmac(yaca_context_h *ctx, nc->ctx.type = YACA_CONTEXT_SIGN; nc->ctx.context_destroy = destroy_sign_context; nc->ctx.get_output_length = get_sign_output_length; + nc->ctx.set_property = NULL; + nc->ctx.get_property = NULL; pkey = EVP_PKEY_new_mac_key(EVP_PKEY_HMAC, NULL, @@ -279,6 +297,7 @@ API int yaca_sign_initialize_hmac(yaca_context_h *ctx, goto exit; } + nc->state = CTX_INITIALIZED; *ctx = (yaca_context_h)nc; nc = NULL; ret = YACA_ERROR_NONE; @@ -313,6 +332,8 @@ API int yaca_sign_initialize_cmac(yaca_context_h *ctx, nc->ctx.type = YACA_CONTEXT_SIGN; nc->ctx.context_destroy = destroy_sign_context; nc->ctx.get_output_length = get_sign_output_length; + nc->ctx.set_property = NULL; + nc->ctx.get_property = NULL; ret = encrypt_get_algorithm(algo, YACA_BCM_CBC, simple_key->bit_len, &cipher); if (ret != YACA_ERROR_NONE) @@ -361,6 +382,7 @@ API int yaca_sign_initialize_cmac(yaca_context_h *ctx, goto exit; } + nc->state = CTX_INITIALIZED; *ctx = (yaca_context_h)nc; nc = NULL; ret = YACA_ERROR_NONE; @@ -384,6 +406,9 @@ API int yaca_sign_update(yaca_context_h ctx, message == NULL || message_len == 0) return YACA_ERROR_INVALID_PARAMETER; + if (!verify_state_change(c, CTX_MSG_UPDATED)) + return YACA_ERROR_INVALID_PARAMETER; + ret = EVP_DigestSignUpdate(c->md_ctx, message, message_len); if (ret != 1) { ret = YACA_ERROR_INTERNAL; @@ -391,6 +416,7 @@ API int yaca_sign_update(yaca_context_h ctx, return ret; } + c->state = CTX_MSG_UPDATED; return YACA_ERROR_NONE; } @@ -405,6 +431,9 @@ API int yaca_sign_finalize(yaca_context_h ctx, signature == NULL || signature_len == NULL || *signature_len == 0) return YACA_ERROR_INVALID_PARAMETER; + if (!verify_state_change(c, CTX_FINALIZED)) + return YACA_ERROR_INVALID_PARAMETER; + ret = EVP_DigestSignFinal(c->md_ctx, (unsigned char *)signature, signature_len); if (ret != 1) { ret = YACA_ERROR_INTERNAL; @@ -412,6 +441,7 @@ API int yaca_sign_finalize(yaca_context_h ctx, return ret; } + c->state = CTX_FINALIZED; return YACA_ERROR_NONE; } @@ -465,6 +495,7 @@ API int yaca_verify_initialize(yaca_context_h *ctx, goto exit; } + nc->state = CTX_INITIALIZED; *ctx = (yaca_context_h)nc; nc = NULL; ret = YACA_ERROR_NONE; @@ -485,6 +516,9 @@ API int yaca_verify_update(yaca_context_h ctx, if (c == NULL || message == NULL || message_len == 0 || c->op_type != OP_VERIFY) return YACA_ERROR_INVALID_PARAMETER; + if (!verify_state_change(c, CTX_MSG_UPDATED)) + return YACA_ERROR_INVALID_PARAMETER; + ret = EVP_DigestVerifyUpdate(c->md_ctx, message, message_len); if (ret != 1) { ret = YACA_ERROR_INTERNAL; @@ -492,6 +526,7 @@ API int yaca_verify_update(yaca_context_h ctx, return ret; } + c->state = CTX_MSG_UPDATED; return YACA_ERROR_NONE; } @@ -505,12 +540,17 @@ API int yaca_verify_finalize(yaca_context_h ctx, if (c == NULL || signature == NULL || signature_len == 0 || c->op_type != OP_VERIFY) return YACA_ERROR_INVALID_PARAMETER; + if (!verify_state_change(c, CTX_FINALIZED)) + return YACA_ERROR_INVALID_PARAMETER; + ret = EVP_DigestVerifyFinal(c->md_ctx, (unsigned char *)signature, signature_len); - if (ret == 1) + if (ret == 1) { + c->state = CTX_FINALIZED; return YACA_ERROR_NONE; + } if (ret == 0) { ERROR_CLEAR(); -- 2.7.4 From 323eda7f0675a46f26a3aa605851bff2d50d8c5a Mon Sep 17 00:00:00 2001 From: Dariusz Michaluk Date: Wed, 21 Sep 2016 11:40:19 +0200 Subject: [PATCH 07/16] Increase minimal RSA keysize from 256 to 512 bits Change-Id: I87fd19881867c560ae8684341e182fe85f14304f --- api/yaca/yaca_key.h | 2 +- src/key.c | 8 +++++++- 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/api/yaca/yaca_key.h b/api/yaca/yaca_key.h index 82ef7b9..e4783e3 100755 --- a/api/yaca/yaca_key.h +++ b/api/yaca/yaca_key.h @@ -216,7 +216,7 @@ int yaca_key_export(const yaca_key_h key, * or key generation parameters for key types that support them (DSA, DH and EC). * * @remarks Supported key lengths: - * - RSA: length >= 256bits + * - RSA: length >= 512bits * - DSA: length >= 512bits, multiple of 64 * - DH: a value taken from #yaca_key_bit_length_dh_rfc_e or * (YACA_KEY_LENGTH_DH_GENERATOR_* | prime_length_in_bits), diff --git a/src/key.c b/src/key.c index 264d5ae..0c04179 100644 --- a/src/key.c +++ b/src/key.c @@ -593,6 +593,12 @@ static int import_evp(yaca_key_h *key, goto exit; } + if ((key_type == YACA_KEY_TYPE_RSA_PRIV || key_type == YACA_KEY_TYPE_RSA_PUB) && + (EVP_PKEY_size(pkey) < YACA_KEY_LENGTH_512BIT / 8)) { + ret = YACA_ERROR_INVALID_PARAMETER; + goto exit; + } + ret = yaca_zalloc(sizeof(struct yaca_key_evp_s), (void**)&nk); if (ret != YACA_ERROR_NONE) goto exit; @@ -1185,7 +1191,7 @@ static int generate_evp_pkey_key(int evp_id, size_t key_bit_len, EVP_PKEY *param if (evp_id == EVP_PKEY_RSA) { if ((key_bit_len & YACA_KEYLEN_COMPONENT_TYPE_MASK) != YACA_KEYLEN_COMPONENT_TYPE_BITS || - key_bit_len > INT_MAX || key_bit_len % 8 != 0) { + key_bit_len > INT_MAX || key_bit_len < 512 || key_bit_len % 8 != 0) { ret = YACA_ERROR_INVALID_PARAMETER; goto exit; } -- 2.7.4 From a5e0d6c3be4dfe474aceb1c1b6b9770bd5cd0942 Mon Sep 17 00:00:00 2001 From: Krzysztof Jackiewicz Date: Wed, 28 Sep 2016 14:31:35 +0200 Subject: [PATCH 08/16] Don't check *digest_len in yaca_digest_finalize() It's an [out] argument and value pointed by it shouldn't be checked. Change-Id: I15e9b7c1e5e7e3de5cbaa4a4492b41b3929a0f28 --- src/digest.c | 3 --- 1 file changed, 3 deletions(-) diff --git a/src/digest.c b/src/digest.c index 5b4b2f4..7b14ad2 100644 --- a/src/digest.c +++ b/src/digest.c @@ -217,9 +217,6 @@ API int yaca_digest_finalize(yaca_context_h ctx, char *digest, size_t *digest_le if (!verify_state_change(c, CTX_FINALIZED)) return YACA_ERROR_INVALID_PARAMETER; - if (*digest_len == 0 || *digest_len > UINT_MAX) /* DigestFinal accepts UINT */ - return YACA_ERROR_INVALID_PARAMETER; - ret = EVP_DigestFinal_ex(c->md_ctx, (unsigned char*)digest, &len); if (ret != 1) { ret = YACA_ERROR_INTERNAL; -- 2.7.4 From 308c5274e1f57cb22cd1ba35d61e71490ee30a1d Mon Sep 17 00:00:00 2001 From: Dariusz Michaluk Date: Wed, 14 Sep 2016 13:11:38 +0200 Subject: [PATCH 09/16] Fix minor sign API errors. Fix documentation. OpenSSL errors: - dsa routines:PKEY_DSA_CTRL:invalid digest type - elliptic curve routines:PKEY_EC_CTRL:invalid digest type - rsa routines:RSA_sign:digest too big for rsa key - rsa routines:CHECK_PADDING_MD:invalid x931 digest - rsa routines:PKEY_RSA_SIGN:key size too small Change-Id: I87a51e39168885600a4ab68b754bea650411a903 --- api/yaca/yaca_sign.h | 7 +++++++ api/yaca/yaca_simple.h | 5 +++++ src/debug.c | 3 +++ src/sign.c | 33 +++++++++++++++++++-------------- 4 files changed, 34 insertions(+), 14 deletions(-) diff --git a/api/yaca/yaca_sign.h b/api/yaca/yaca_sign.h index 16bcfd1..c4b0dff 100755 --- a/api/yaca/yaca_sign.h +++ b/api/yaca/yaca_sign.h @@ -47,6 +47,13 @@ extern "C" { * @remarks For RSA operations the default padding used is #YACA_PADDING_PKCS1. It can be * changed using yaca_context_set_property() with #YACA_PROPERTY_PADDING. * + * @remarks For #YACA_DIGEST_SHA384 and #YACA_DIGEST_SHA512 the RSA key size must be bigger than + * #YACA_KEY_LENGTH_512BIT. + * + * @remarks Using of #YACA_DIGEST_MD5 algorithm for DSA and ECDSA operations is prohibited. + * + * @remarks Using of #YACA_DIGEST_MD5 or #YACA_DIGEST_SHA224 with #YACA_PADDING_X931 is prohibited. + * * @remarks The @a ctx should be released using yaca_context_destroy() * * @param[out] ctx Newly created context diff --git a/api/yaca/yaca_simple.h b/api/yaca/yaca_simple.h index 9adb8ca..2944f76 100755 --- a/api/yaca/yaca_simple.h +++ b/api/yaca/yaca_simple.h @@ -165,6 +165,11 @@ int yaca_simple_calculate_digest(yaca_digest_algorithm_e algo, * * @since_tizen 3.0 * + * @remarks For #YACA_DIGEST_SHA384 and #YACA_DIGEST_SHA512 the RSA key size must be bigger than + * #YACA_KEY_LENGTH_512BIT. + * + * @remarks Using of #YACA_DIGEST_MD5 algorithm for DSA and ECDSA operations is prohibited. + * * @remarks The @a signature should be freed using yaca_free() * * @remarks The @a message can be NULL but then @a message_len must be 0 diff --git a/src/debug.c b/src/debug.c index 13a3fd4..80edb1d 100644 --- a/src/debug.c +++ b/src/debug.c @@ -139,6 +139,8 @@ int error_handle(const char *file, int line, const char *function) case ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_DECRYPTFINAL_EX, EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH): case ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_DECRYPTFINAL_EX, EVP_R_WRONG_FINAL_BLOCK_LENGTH): case ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_PKEY_DERIVE_SET_PEER, EVP_R_DIFFERENT_PARAMETERS): + case ERR_PACK(ERR_LIB_EC, EC_F_PKEY_EC_CTRL, EC_R_INVALID_DIGEST_TYPE): + case ERR_PACK(ERR_LIB_DSA, DSA_F_PKEY_DSA_CTRL, DSA_R_INVALID_DIGEST_TYPE): ret = YACA_ERROR_INVALID_PARAMETER; break; case ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_GET_OBJECT, ASN1_R_TOO_LONG): @@ -175,6 +177,7 @@ int error_handle(const char *file, int line, const char *function) /* known rsa padding errors */ if (ret == YACA_ERROR_NONE && ERR_GET_LIB(err) == ERR_LIB_RSA) { switch (ERR_GET_FUNC(err)) { + case RSA_F_CHECK_PADDING_MD: case RSA_F_RSA_PADDING_CHECK_NONE: case RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP: case RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP_MGF1: diff --git a/src/sign.c b/src/sign.c index 15f0ba9..6ef23df 100644 --- a/src/sign.c +++ b/src/sign.c @@ -175,8 +175,7 @@ int set_sign_property(yaca_context_h ctx, ret = EVP_PKEY_CTX_set_rsa_padding(pctx, pad); if (ret <= 0) { - ret = YACA_ERROR_INTERNAL; - ERROR_DUMP(ret); + ret = ERROR_HANDLE(); return ret; } @@ -195,8 +194,16 @@ API int yaca_sign_initialize(yaca_context_h *ctx, if (ctx == NULL || evp_key == NULL) return YACA_ERROR_INVALID_PARAMETER; + ret = digest_get_algorithm(algo, &md); + if (ret != YACA_ERROR_NONE) + return ret; + switch (prv_key->type) { case YACA_KEY_TYPE_RSA_PRIV: + if (EVP_MD_size(md) >= EVP_PKEY_size(evp_key->evp) || + (algo == YACA_DIGEST_SHA384 && (EVP_PKEY_size(evp_key->evp) <= YACA_KEY_LENGTH_512BIT / 8))) + return YACA_ERROR_INVALID_PARAMETER; + break; case YACA_KEY_TYPE_DSA_PRIV: case YACA_KEY_TYPE_EC_PRIV: break; @@ -215,10 +222,6 @@ API int yaca_sign_initialize(yaca_context_h *ctx, nc->ctx.set_property = set_sign_property; nc->ctx.get_property = NULL; - ret = digest_get_algorithm(algo, &md); - if (ret != YACA_ERROR_NONE) - goto exit; - nc->md_ctx = EVP_MD_CTX_create(); if (nc->md_ctx == NULL) { ret = YACA_ERROR_INTERNAL; @@ -228,8 +231,7 @@ API int yaca_sign_initialize(yaca_context_h *ctx, ret = EVP_DigestSignInit(nc->md_ctx, NULL, md, NULL, evp_key->evp); if (ret != 1) { - ret = YACA_ERROR_INTERNAL; - ERROR_DUMP(ret); + ret = ERROR_HANDLE(); goto exit; } @@ -457,8 +459,16 @@ API int yaca_verify_initialize(yaca_context_h *ctx, if (ctx == NULL || evp_key == NULL) return YACA_ERROR_INVALID_PARAMETER; + ret = digest_get_algorithm(algo, &md); + if (ret != YACA_ERROR_NONE) + return ret; + switch (pub_key->type) { case YACA_KEY_TYPE_RSA_PUB: + if (EVP_MD_size(md) >= EVP_PKEY_size(evp_key->evp) || + (algo == YACA_DIGEST_SHA384 && (EVP_PKEY_size(evp_key->evp) <= YACA_KEY_LENGTH_512BIT / 8))) + return YACA_ERROR_INVALID_PARAMETER; + break; case YACA_KEY_TYPE_DSA_PUB: case YACA_KEY_TYPE_EC_PUB: break; @@ -477,10 +487,6 @@ API int yaca_verify_initialize(yaca_context_h *ctx, nc->ctx.set_property = set_sign_property; nc->ctx.get_property = NULL; - ret = digest_get_algorithm(algo, &md); - if (ret != YACA_ERROR_NONE) - goto exit; - nc->md_ctx = EVP_MD_CTX_create(); if (nc->md_ctx == NULL) { ret = YACA_ERROR_INTERNAL; @@ -490,8 +496,7 @@ API int yaca_verify_initialize(yaca_context_h *ctx, ret = EVP_DigestVerifyInit(nc->md_ctx, NULL, md, NULL, evp_key->evp); if (ret != 1) { - ret = YACA_ERROR_INTERNAL; - ERROR_DUMP(ret); + ret = ERROR_HANDLE(); goto exit; } -- 2.7.4 From abe62ad12fffe2b9c1857b512886a6a57392f387 Mon Sep 17 00:00:00 2001 From: Dariusz Michaluk Date: Thu, 22 Sep 2016 13:25:57 +0200 Subject: [PATCH 10/16] Replace EVP_CIPHER_CTX_type() with EVP_CIPHER_CTX_nid(). Both functions returns NID, so always use only one of them. Change-Id: I8471b45b7b26af0f7c29f86a4fe29f10eec57b60 --- src/encrypt.c | 32 +++++++++++++------------------- 1 file changed, 13 insertions(+), 19 deletions(-) diff --git a/src/encrypt.c b/src/encrypt.c index 1c3bcf5..5b0e9f5 100644 --- a/src/encrypt.c +++ b/src/encrypt.c @@ -301,12 +301,12 @@ int get_wrap_output_length(const yaca_context_h ctx, size_t input_len, size_t *o assert(c->cipher_ctx != NULL); bool encryption = is_encryption_op(c->op_type); - int type = EVP_CIPHER_CTX_type(c->cipher_ctx); + int nid = EVP_CIPHER_CTX_nid(c->cipher_ctx); if (input_len > 0) { - if (type == NID_id_aes128_wrap || type == NID_id_aes192_wrap || type == NID_id_aes256_wrap) { + if (nid == NID_id_aes128_wrap || nid == NID_id_aes192_wrap || nid == NID_id_aes256_wrap) { *output_len = encryption ? input_len + 8 : input_len - 8; - } else if (type == NID_id_smime_alg_CMS3DESwrap) { + } else if (nid == NID_id_smime_alg_CMS3DESwrap) { *output_len = encryption ? input_len + 16 : input_len - 16; } else { assert(false); @@ -655,15 +655,13 @@ int set_encrypt_property(yaca_context_h ctx, struct yaca_encrypt_context_s *c = get_encrypt_context(ctx); int len; int ret = YACA_ERROR_NONE; - int mode; - int nid; if (c == NULL || value == NULL || value_len == 0) return YACA_ERROR_INVALID_PARAMETER; assert(c->cipher_ctx != NULL); - mode = EVP_CIPHER_CTX_mode(c->cipher_ctx); - nid = EVP_CIPHER_CTX_nid(c->cipher_ctx); + int mode = EVP_CIPHER_CTX_mode(c->cipher_ctx); + int nid = EVP_CIPHER_CTX_nid(c->cipher_ctx); switch (property) { case YACA_PROPERTY_GCM_AAD: @@ -911,8 +909,6 @@ int encrypt_initialize(yaca_context_h *ctx, struct yaca_encrypt_context_s *nc; struct yaca_key_simple_s *lsym_key; int ret; - int mode; - int nid; if (ctx == NULL || sym_key == YACA_KEY_NULL) return YACA_ERROR_INVALID_PARAMETER; @@ -937,8 +933,8 @@ int encrypt_initialize(yaca_context_h *ctx, if (ret != YACA_ERROR_NONE) goto exit; - mode = EVP_CIPHER_CTX_mode(nc->cipher_ctx); - nid = EVP_CIPHER_CTX_nid(nc->cipher_ctx); + int mode = EVP_CIPHER_CTX_mode(nc->cipher_ctx); + int nid = EVP_CIPHER_CTX_nid(nc->cipher_ctx); if (mode == EVP_CIPH_CCM_MODE || nid == NID_rc2_cbc || nid == NID_rc2_ecb || nid == NID_rc2_cfb64 || nid == NID_rc2_ofb64) { ret = encrypt_ctx_backup(nc, cipher, sym_key, iv); @@ -966,14 +962,12 @@ int encrypt_update(yaca_context_h ctx, struct yaca_encrypt_context_s *c = get_encrypt_context(ctx); int ret; int loutput_len; - int mode; - int type; if (c == NULL || input_len == 0 || output_len == NULL || op_type != c->op_type) return YACA_ERROR_INVALID_PARAMETER; - mode = EVP_CIPHER_CTX_mode(c->cipher_ctx); - type = EVP_CIPHER_CTX_type(c->cipher_ctx); + int mode = EVP_CIPHER_CTX_mode(c->cipher_ctx); + int nid = EVP_CIPHER_CTX_nid(c->cipher_ctx); enum encrypt_context_state_e target_state; if (output == NULL && input == NULL) @@ -990,10 +984,10 @@ int encrypt_update(yaca_context_h ctx, if (mode == EVP_CIPH_WRAP_MODE) { if (op_type == OP_ENCRYPT) { - if (type == NID_id_aes128_wrap || type == NID_id_aes192_wrap || type == NID_id_aes256_wrap) { + if (nid == NID_id_aes128_wrap || nid == NID_id_aes192_wrap || nid == NID_id_aes256_wrap) { if (input_len % 8 != 0 || input_len < (YACA_KEY_LENGTH_UNSAFE_128BIT / 8)) return YACA_ERROR_INVALID_PARAMETER; - } else if (type == NID_id_smime_alg_CMS3DESwrap) { + } else if (nid == NID_id_smime_alg_CMS3DESwrap) { if (input_len != (YACA_KEY_LENGTH_UNSAFE_128BIT / 8) && input_len != (YACA_KEY_LENGTH_192BIT / 8)) return YACA_ERROR_INVALID_PARAMETER; @@ -1002,10 +996,10 @@ int encrypt_update(yaca_context_h ctx, return YACA_ERROR_INTERNAL; } } else if (op_type == OP_DECRYPT) { - if (type == NID_id_aes128_wrap || type == NID_id_aes192_wrap || type == NID_id_aes256_wrap) { + if (nid == NID_id_aes128_wrap || nid == NID_id_aes192_wrap || nid == NID_id_aes256_wrap) { if (input_len % 8 != 0 || input_len < (YACA_KEY_LENGTH_UNSAFE_128BIT / 8 + 8)) return YACA_ERROR_INVALID_PARAMETER; - } else if (type == NID_id_smime_alg_CMS3DESwrap) { + } else if (nid == NID_id_smime_alg_CMS3DESwrap) { if (input_len != (YACA_KEY_LENGTH_UNSAFE_128BIT / 8 + 16) && input_len != (YACA_KEY_LENGTH_192BIT / 8 + 16)) return YACA_ERROR_INVALID_PARAMETER; -- 2.7.4 From 5eedde49c9b2d39c2dc08eb7753738d44b247239 Mon Sep 17 00:00:00 2001 From: Dariusz Michaluk Date: Fri, 23 Sep 2016 11:40:43 +0200 Subject: [PATCH 11/16] Properly address function arguments in documentation Change-Id: Icb8e9928cf38b88b1697f3c676007a2fa117e354 --- api/yaca/yaca_crypto.h | 22 +++++++++++----------- api/yaca/yaca_digest.h | 12 ++++++------ api/yaca/yaca_encrypt.h | 24 ++++++++++++------------ api/yaca/yaca_error.h | 4 ++-- api/yaca/yaca_key.h | 47 ++++++++++++++++++++++++----------------------- api/yaca/yaca_rsa.h | 38 +++++++++++++++++++------------------- api/yaca/yaca_seal.h | 35 ++++++++++++++++++----------------- api/yaca/yaca_sign.h | 30 +++++++++++++++--------------- api/yaca/yaca_simple.h | 48 ++++++++++++++++++++++++------------------------ api/yaca/yaca_types.h | 8 +++++--- 10 files changed, 136 insertions(+), 132 deletions(-) diff --git a/api/yaca/yaca_crypto.h b/api/yaca/yaca_crypto.h index 58c421d..e2b2d5a 100755 --- a/api/yaca/yaca_crypto.h +++ b/api/yaca/yaca_crypto.h @@ -73,7 +73,7 @@ void yaca_cleanup(void); * * @since_tizen 3.0 * - * @remarks The @a memory should be freed using yaca_free() + * @remarks The @a memory should be freed using yaca_free(). * * @param[in] size Size of the allocation (bytes) * @param[out] memory Allocated memory @@ -94,7 +94,7 @@ int yaca_malloc(size_t size, void **memory); * * @since_tizen 3.0 * - * @remarks The @a memory should be freed using yaca_free() + * @remarks The @a memory should be freed using yaca_free(). * * @param[in] size Size of the allocation (bytes) * @param[out] memory Allocated memory @@ -121,7 +121,7 @@ int yaca_zalloc(size_t size, void **memory); * * @remarks If the function fails the contents of @a memory will be left unchanged. * - * @remarks The @a memory should be freed using yaca_free() + * @remarks The @a memory should be freed using yaca_free(). * * @param[in] size Size of the new allocation (bytes) * @param[in,out] memory Memory to be reallocated @@ -199,7 +199,7 @@ int yaca_randomize_bytes(char *data, size_t data_len); * @return #YACA_ERROR_NONE on success, negative on error * @retval #YACA_ERROR_NONE Successful * @retval #YACA_ERROR_INVALID_PARAMETER Required parameters have incorrect values (NULL, 0, - * invalid ctx or property) + * invalid @a ctx or @a property) * @retval #YACA_ERROR_INTERNAL Internal error * * @see #yaca_property_e @@ -216,13 +216,13 @@ int yaca_context_set_property(yaca_context_h ctx, * * @since_tizen 3.0 * - * @remarks The @a value should be freed using yaca_free() + * @remarks The @a value should be freed using yaca_free(). * * @remarks The @a value has to be of type appropriate for given property. See #yaca_property_e * for details on corresponding types. * - * @remarks @a value_len can be NULL if returned @a value is a single object - * (i.e. not an array/buffer) + * @remarks The @a value_len can be NULL if returned @a value is a single object + * (i.e. not an array/buffer). * * @param[in] ctx Previously initialized crypto context * @param[in] property Property to be read @@ -232,7 +232,7 @@ int yaca_context_set_property(yaca_context_h ctx, * @return #YACA_ERROR_NONE on success, negative on error * @retval #YACA_ERROR_NONE Successful * @retval #YACA_ERROR_INVALID_PARAMETER Required parameters have incorrect values (NULL, - * invalid ctx or property) + * invalid @a ctx or @a property) * @retval #YACA_ERROR_OUT_OF_MEMORY Out of memory error * @retval #YACA_ERROR_INTERNAL Internal error * @@ -267,7 +267,7 @@ int yaca_context_get_property(const yaca_context_h ctx, * @return #YACA_ERROR_NONE on success, negative on error * @retval #YACA_ERROR_NONE Successful * @retval #YACA_ERROR_INVALID_PARAMETER Required parameters have incorrect values (NULL, - * invalid context or too big input_len) + * invalid @a ctx or too big @a input_len) * @retval #YACA_ERROR_INTERNAL Internal error */ int yaca_context_get_output_length(const yaca_context_h ctx, @@ -288,8 +288,8 @@ int yaca_context_get_output_length(const yaca_context_h ctx, void yaca_context_destroy(yaca_context_h ctx); /** - * @} - */ + * @} + */ #ifdef __cplusplus } /* extern */ diff --git a/api/yaca/yaca_digest.h b/api/yaca/yaca_digest.h index d9d25cb..8d3bd02 100755 --- a/api/yaca/yaca_digest.h +++ b/api/yaca/yaca_digest.h @@ -41,7 +41,7 @@ extern "C" { * * @since_tizen 3.0 * - * @remarks The @a ctx should be released using yaca_context_destroy() + * @remarks The @a ctx should be released using yaca_context_destroy(). * * @param[out] ctx Newly created context * @param[in] algo Digest algorithm that will be used @@ -49,7 +49,7 @@ extern "C" { * @return #YACA_ERROR_NONE on success, negative on error * @retval #YACA_ERROR_NONE Successful * @retval #YACA_ERROR_INVALID_PARAMETER Required parameters have incorrect values (NULL, - * invalid algo) + * invalid @a algo) * @retval #YACA_ERROR_OUT_OF_MEMORY Out of memory error * @retval #YACA_ERROR_INTERNAL Internal error * @@ -72,7 +72,7 @@ int yaca_digest_initialize(yaca_context_h *ctx, yaca_digest_algorithm_e algo); * @return #YACA_ERROR_NONE on success, negative on error * @retval #YACA_ERROR_NONE Successful * @retval #YACA_ERROR_INVALID_PARAMETER Required parameters have incorrect values (NULL, 0, - * invalid context) + * invalid @a ctx) * @retval #YACA_ERROR_INTERNAL Internal error * * @see yaca_digest_initialize() @@ -97,7 +97,7 @@ int yaca_digest_update(yaca_context_h ctx, const char *message, size_t message_l * @return #YACA_ERROR_NONE on success, negative on error * @retval #YACA_ERROR_NONE Successful * @retval #YACA_ERROR_INVALID_PARAMETER Required parameters have incorrect values (NULL, - * invalid context) + * invalid @a ctx) * @retval #YACA_ERROR_INTERNAL Internal error * * @see yaca_digest_initialize() @@ -107,8 +107,8 @@ int yaca_digest_update(yaca_context_h ctx, const char *message, size_t message_l int yaca_digest_finalize(yaca_context_h ctx, char *digest, size_t *digest_len); /** - * @} - */ + * @} + */ #ifdef __cplusplus } /* extern */ diff --git a/api/yaca/yaca_encrypt.h b/api/yaca/yaca_encrypt.h index 72b2236..3395013 100755 --- a/api/yaca/yaca_encrypt.h +++ b/api/yaca/yaca_encrypt.h @@ -42,7 +42,7 @@ extern "C" { * * @since_tizen 3.0 * - * @remarks If returned iv_bit_len equals 0 that means that for this + * @remarks If returned @a iv_bit_len equals 0 that means that for this * specific algorithm and its parameters Initialization Vector is not used. * * @param[in] algo Encryption algorithm @@ -53,7 +53,7 @@ extern "C" { * @return #YACA_ERROR_NONE on success, negative on error * @retval #YACA_ERROR_NONE Successful * @retval #YACA_ERROR_INVALID_PARAMETER Required parameters have incorrect values (NULL, - * invalid algo, bcm or key_bit_len) + * invalid @a algo, @a bcm or @a key_bit_len) * @retval #YACA_ERROR_INTERNAL Internal error * */ @@ -67,7 +67,7 @@ int yaca_encrypt_get_iv_bit_length(yaca_encrypt_algorithm_e algo, * * @since_tizen 3.0 * - * @remarks The @a ctx should be released using yaca_context_destroy() + * @remarks The @a ctx should be released using yaca_context_destroy(). * * @param[out] ctx Newly created context * @param[in] algo Encryption algorithm that will be used @@ -78,7 +78,7 @@ int yaca_encrypt_get_iv_bit_length(yaca_encrypt_algorithm_e algo, * @return #YACA_ERROR_NONE on success, negative on error * @retval #YACA_ERROR_NONE Successful * @retval #YACA_ERROR_INVALID_PARAMETER Required parameters have incorrect values (NULL, - * invalid algo, bcm, sym_key or iv) + * invalid @a algo, @a bcm, @a sym_key or @a iv) * @retval #YACA_ERROR_OUT_OF_MEMORY Out of memory error * @retval #YACA_ERROR_INTERNAL Internal error * @@ -110,7 +110,7 @@ int yaca_encrypt_initialize(yaca_context_h *ctx, * @return #YACA_ERROR_NONE on success, negative on error * @retval #YACA_ERROR_NONE Successful * @retval #YACA_ERROR_INVALID_PARAMETER Required parameters have incorrect values (NULL, 0, - * invalid context) + * invalid @a ctx) * @retval #YACA_ERROR_INTERNAL Internal error * * @see yaca_encrypt_initialize() @@ -140,7 +140,7 @@ int yaca_encrypt_update(yaca_context_h ctx, * @return #YACA_ERROR_NONE on success, negative on error * @retval #YACA_ERROR_NONE Successful * @retval #YACA_ERROR_INVALID_PARAMETER Required parameters have incorrect values (NULL, - * invalid context) + * invalid @a ctx) * @retval #YACA_ERROR_INTERNAL Internal error * * @see yaca_encrypt_initialize() @@ -156,7 +156,7 @@ int yaca_encrypt_finalize(yaca_context_h ctx, * * @since_tizen 3.0 * - * @remarks The @a ctx should be released using yaca_context_destroy() + * @remarks The @a ctx should be released using yaca_context_destroy(). * * @param[out] ctx Newly created context * @param[in] algo Encryption algorithm that was used to encrypt the data @@ -167,7 +167,7 @@ int yaca_encrypt_finalize(yaca_context_h ctx, * @return #YACA_ERROR_NONE on success, negative on error * @retval #YACA_ERROR_NONE Successful * @retval #YACA_ERROR_INVALID_PARAMETER Required parameters have incorrect values (NULL, - * invalid algo, bcm, sym_key or iv) + * invalid @a algo, @a bcm, @a sym_key or @a iv) * @retval #YACA_ERROR_OUT_OF_MEMORY Out of memory error * @retval #YACA_ERROR_INTERNAL Internal error * @@ -199,7 +199,7 @@ int yaca_decrypt_initialize(yaca_context_h *ctx, * @return #YACA_ERROR_NONE on success, negative on error * @retval #YACA_ERROR_NONE Successful * @retval #YACA_ERROR_INVALID_PARAMETER Required parameters have incorrect values (NULL, 0, - * invalid context), wrong #YACA_PROPERTY_CCM_AAD or + * invalid @a ctx), wrong #YACA_PROPERTY_CCM_AAD or * wrong #YACA_PROPERTY_CCM_TAG was used * @retval #YACA_ERROR_INTERNAL Internal error * @@ -230,7 +230,7 @@ int yaca_decrypt_update(yaca_context_h ctx, * @return #YACA_ERROR_NONE on success, negative on error * @retval #YACA_ERROR_NONE Successful * @retval #YACA_ERROR_INVALID_PARAMETER Required parameters have incorrect values (NULL, - * invalid context), wrong #YACA_PROPERTY_GCM_AAD or + * invalid @a ctx), wrong #YACA_PROPERTY_GCM_AAD or * wrong #YACA_PROPERTY_GCM_TAG was used * @retval #YACA_ERROR_INTERNAL Internal error * @@ -243,8 +243,8 @@ int yaca_decrypt_finalize(yaca_context_h ctx, size_t *plaintext_len); /** - * @} - */ + * @} + */ #ifdef __cplusplus } /* extern */ diff --git a/api/yaca/yaca_error.h b/api/yaca/yaca_error.h index 03d6a57..f062812 100755 --- a/api/yaca/yaca_error.h +++ b/api/yaca/yaca_error.h @@ -63,8 +63,8 @@ typedef enum { } yaca_error_e; /** - * @} - */ + * @} + */ #ifdef __cplusplus } /* extern */ diff --git a/api/yaca/yaca_key.h b/api/yaca/yaca_key.h index e4783e3..4f50550 100755 --- a/api/yaca/yaca_key.h +++ b/api/yaca/yaca_key.h @@ -64,7 +64,7 @@ int yaca_key_get_type(const yaca_key_h key, yaca_key_type_e *key_type); * * @since_tizen 3.0 * - * @remarks @a key can be any symmetric (including an Initialization Vector) or + * @remarks The @a key can be any symmetric (including an Initialization Vector) or * asymmetric key (including key generation parameters). * * @remarks For Diffie-Helmann @a key_bit_len returns prime length in bits. Values @@ -116,10 +116,10 @@ int yaca_key_get_bit_length(const yaca_key_h key, size_t *key_bit_len); * be returned. For a list of keys and formats that do support encryption * see yaca_key_export() documentation. * - * @remarks The @a key should be released using yaca_key_destroy() + * @remarks The @a key should be released using yaca_key_destroy(). * * @param[in] key_type Type of the key - * @param[in] password null terminated password for the key (can be NULL) + * @param[in] password Null-terminated password for the key (can be NULL) * @param[in] data Blob containing the key * @param[in] data_len Size of the blob * @param[out] key Returned key @@ -130,7 +130,7 @@ int yaca_key_get_bit_length(const yaca_key_h key, size_t *key_bit_len); * invalid @a key_type or @a data_len too big) * @retval #YACA_ERROR_OUT_OF_MEMORY Out of memory error * @retval #YACA_ERROR_INTERNAL Internal error - * @retval #YACA_ERROR_INVALID_PASSWORD Invalid password given or password was required + * @retval #YACA_ERROR_INVALID_PASSWORD Invalid @a password given or @a password was required * and none was given * * @see #yaca_key_type_e @@ -191,7 +191,7 @@ int yaca_key_import(yaca_key_type_e key_type, * @return #YACA_ERROR_NONE on success, negative on error * @retval #YACA_ERROR_NONE Successful * @retval #YACA_ERROR_INVALID_PARAMETER Required parameters have incorrect values (NULL, 0, - * invalid key/file format or @ data_len too big) + * invalid @a key_fmt, @a key_file_fmt or @a data_len too big) * @retval #YACA_ERROR_OUT_OF_MEMORY Out of memory error * @retval #YACA_ERROR_INTERNAL Internal error * @@ -223,7 +223,7 @@ int yaca_key_export(const yaca_key_h key, * where prime_length_in_bits can be any positive number * - EC: a value taken from #yaca_key_bit_length_ec_e * - * @remarks The @a key should be released using yaca_key_destroy() + * @remarks The @a key should be released using yaca_key_destroy(). * * @param[in] key_type Type of the key to be generated * @param[in] key_bit_len Length of the key (in bits) to be generated @@ -231,7 +231,7 @@ int yaca_key_export(const yaca_key_h key, * * @return #YACA_ERROR_NONE on success, negative on error * @retval #YACA_ERROR_NONE Successful - * @retval #YACA_ERROR_INVALID_PARAMETER key is NULL, incorrect @a key_type or + * @retval #YACA_ERROR_INVALID_PARAMETER @a key is NULL, incorrect @a key_type or * @a key_bit_len is not dividable by 8 * @retval #YACA_ERROR_OUT_OF_MEMORY Out of memory error * @retval #YACA_ERROR_INTERNAL Internal error @@ -256,14 +256,14 @@ int yaca_key_generate(yaca_key_type_e key_type, * @remarks This function is used to generate private asymmetric keys * based on pre-generated parameters. * - * @remarks The @a key should be released using yaca_key_destroy() + * @remarks The @a key should be released using yaca_key_destroy(). * * @param[in] params Pre-generated parameters * @param[out] prv_key Newly generated private key * * @return #YACA_ERROR_NONE on success, negative on error * @retval #YACA_ERROR_NONE Successful - * @retval #YACA_ERROR_INVALID_PARAMETER key is NULL or incorrect @a params + * @retval #YACA_ERROR_INVALID_PARAMETER @a prv_key is NULL or incorrect @a params * @retval #YACA_ERROR_OUT_OF_MEMORY Out of memory error * @retval #YACA_ERROR_INTERNAL Internal error * @@ -278,7 +278,7 @@ int yaca_key_generate_from_parameters(const yaca_key_h params, yaca_key_h *prv_k * * @since_tizen 3.0 * - * @remarks The @a pub_key should be released using yaca_key_destroy() + * @remarks The @a pub_key should be released using yaca_key_destroy(). * * @param[in] prv_key Private key to extract the public one from * @param[out] pub_key Extracted public key @@ -300,7 +300,7 @@ int yaca_key_extract_public(const yaca_key_h prv_key, yaca_key_h *pub_key); * * @since_tizen 3.0 * - * @remarks The @a params_key should be released using yaca_key_destroy() + * @remarks The @a params should be released using yaca_key_destroy(). * * @param[in] key A key to extract the parameters from * @param[out] params Extracted parameters @@ -325,9 +325,9 @@ int yaca_key_extract_parameters(const yaca_key_h key, yaca_key_h *params); * * @remarks The @a secret should not be used as a symmetric key, * to produce a symmetric key pass the secret to a key derivation function (KDF) - * or a message digest function + * or a message digest function. * - * @remarks The @a secret should be freed with yaca_free() + * @remarks The @a secret should be freed with yaca_free(). * * @param[in] prv_key Our private key * @param[in] pub_key Peer public key @@ -336,7 +336,8 @@ int yaca_key_extract_parameters(const yaca_key_h key, yaca_key_h *params); * * @return #YACA_ERROR_NONE on success, negative on error * @retval #YACA_ERROR_NONE Successful - * @retval #YACA_ERROR_INVALID_PARAMETER Required parameters have incorrect values (invalid key) + * @retval #YACA_ERROR_INVALID_PARAMETER Required parameters have incorrect values + * (invalid @a prv_key or @a pub_key) * @retval #YACA_ERROR_OUT_OF_MEMORY Out of memory error * @retval #YACA_ERROR_INTERNAL Internal error * @@ -355,12 +356,12 @@ int yaca_key_derive_dh(const yaca_key_h prv_key, * @since_tizen 3.0 * * @remarks The @a info parameter is ANSI X9.42 OtherInfo or ANSI X9.62 SharedInfo structure, - * more information can be found in ANSI X9.42/62 standard specification + * more information can be found in ANSI X9.42/62 standard specification. * * @remarks The @a key_material or separate parts of it can be used to import a symmetric key - * with yaca_key_import() + * with yaca_key_import(). * - * @remarks The @a key_material should be freed using yaca_free() + * @remarks The @a key_material should be freed using yaca_free(). * * @param[in] kdf Key derivation function * @param[in] algo Digest algorithm that should be used in key derivation @@ -374,7 +375,7 @@ int yaca_key_derive_dh(const yaca_key_h prv_key, * @return #YACA_ERROR_NONE on success, negative on error * @retval #YACA_ERROR_NONE Successful * @retval #YACA_ERROR_INVALID_PARAMETER Required parameters have incorrect values (NULL, 0, - * invalid algo or kdf) + * invalid @a algo or @a kdf) * @retval #YACA_ERROR_OUT_OF_MEMORY Out of memory error * @retval #YACA_ERROR_INTERNAL Internal error * @@ -398,9 +399,9 @@ int yaca_key_derive_kdf(yaca_kdf_e kdf, * * @since_tizen 3.0 * - * @remarks The @a key should be released using yaca_key_destroy() + * @remarks The @a key should be released using yaca_key_destroy(). * - * @param[in] password User password as a NULL-terminated string + * @param[in] password User password as a null-terminated string * @param[in] salt Salt, should be a non-empty string * @param[in] salt_len Length of the salt * @param[in] iterations Number of iterations @@ -411,7 +412,7 @@ int yaca_key_derive_kdf(yaca_kdf_e kdf, * @return #YACA_ERROR_NONE on success, negative on error * @retval #YACA_ERROR_NONE Successful * @retval #YACA_ERROR_INVALID_PARAMETER Required parameters have incorrect values (NULL, 0, - * invalid algo or key_bit_len not dividable by 8) + * invalid @a algo or @a key_bit_len not dividable by 8) * @retval #YACA_ERROR_OUT_OF_MEMORY Out of memory error * @retval #YACA_ERROR_INTERNAL Internal error * @@ -440,8 +441,8 @@ int yaca_key_derive_pbkdf2(const char *password, void yaca_key_destroy(yaca_key_h key); /** - * @} - */ + * @} + */ #ifdef __cplusplus } /* extern */ diff --git a/api/yaca/yaca_rsa.h b/api/yaca/yaca_rsa.h index 621cdff..20b1b4d 100755 --- a/api/yaca/yaca_rsa.h +++ b/api/yaca/yaca_rsa.h @@ -41,14 +41,14 @@ extern "C" { * * @since_tizen 3.0 * - * @remarks The @a ciphertext should be freed using yaca_free() + * @remarks The @a ciphertext should be freed using yaca_free(). * - * @remarks The key used has to be of a #YACA_KEY_TYPE_RSA_PUB type + * @remarks The @a pub_key used has to be of a #YACA_KEY_TYPE_RSA_PUB type. * - * @remarks The maximum length of plaintext depends on the key length and padding method, - * see #yaca_padding_e for details + * @remarks The maximum length of plaintext depends on the key length and padding method. + * See #yaca_padding_e for details. * - * @remarks The @a plaintext can be NULL but then the @a plaintext_len must be 0 + * @remarks The @a plaintext can be NULL but then the @a plaintext_len must be 0. * * @param[in] padding Padding method * @param[in] pub_key Public RSA key (see yaca_key.h for key generation functions) @@ -60,7 +60,7 @@ extern "C" { * @return #YACA_ERROR_NONE on success, negative on error * @retval #YACA_ERROR_NONE Successful * @retval #YACA_ERROR_INVALID_PARAMETER Required parameters have incorrect values (NULL, 0 - * invalid padding, pub_key or plaintext_len) + * invalid @a padding, @a pub_key or @a plaintext_len) * @retval #YACA_ERROR_OUT_OF_MEMORY Out of memory error * @retval #YACA_ERROR_INTERNAL Internal error * @@ -81,9 +81,9 @@ int yaca_rsa_public_encrypt(yaca_padding_e padding, * * @since_tizen 3.0 * - * @remarks The @a plaintext should be freed using yaca_free() + * @remarks The @a plaintext should be freed using yaca_free(). * - * @remarks The key used has to be of a #YACA_KEY_TYPE_RSA_PRIV type + * @remarks The @a prv_key used has to be of a #YACA_KEY_TYPE_RSA_PRIV type. * * @param[in] padding Padding method * @param[in] prv_key Private RSA key matching the public one used to encrypt the data @@ -95,7 +95,7 @@ int yaca_rsa_public_encrypt(yaca_padding_e padding, * @return #YACA_ERROR_NONE on success, negative on error * @retval #YACA_ERROR_NONE Successful * @retval #YACA_ERROR_INVALID_PARAMETER Required parameters have incorrect values (NULL, 0 - * invalid padding or prv_key), padding check failed + * invalid @a padding or @a prv_key), padding check failed * @retval #YACA_ERROR_OUT_OF_MEMORY Out of memory error * @retval #YACA_ERROR_INTERNAL Internal error * @@ -116,14 +116,14 @@ int yaca_rsa_private_decrypt(yaca_padding_e padding, * * @since_tizen 3.0 * - * @remarks The @a ciphertext should be freed using yaca_free() + * @remarks The @a ciphertext should be freed using yaca_free(). * - * @remarks The key used has to be of a #YACA_KEY_TYPE_RSA_PRIV type + * @remarks The @a prv_key used has to be of a #YACA_KEY_TYPE_RSA_PRIV type. * * @remarks The maximum length of plaintext depends on the key length and padding method, - * see #yaca_padding_e for details + * see #yaca_padding_e for details. * - * @remarks The @a plaintext can be NULL but then the @a plaintext_len must be 0 + * @remarks The @a plaintext can be NULL but then the @a plaintext_len must be 0. * * @param[in] padding Padding method * @param[in] prv_key Private RSA key (see yaca_key.h for key generation functions) @@ -135,7 +135,7 @@ int yaca_rsa_private_decrypt(yaca_padding_e padding, * @return #YACA_ERROR_NONE on success, negative on error * @retval #YACA_ERROR_NONE Successful * @retval #YACA_ERROR_INVALID_PARAMETER Required parameters have incorrect values (NULL, 0 - * invalid padding, prv_key or message_len) + * invalid @a padding, @a prv_key or @a plaintext_len) * @retval #YACA_ERROR_OUT_OF_MEMORY Out of memory error * @retval #YACA_ERROR_INTERNAL Internal error * @@ -156,9 +156,9 @@ int yaca_rsa_private_encrypt(yaca_padding_e padding, * * @since_tizen 3.0 * - * @remarks The @a plaintext should be freed using yaca_free() + * @remarks The @a plaintext should be freed using yaca_free(). * - * @remarks The key used has to be of a #YACA_KEY_TYPE_RSA_PUB type + * @remarks The @a pub_key used has to be of a #YACA_KEY_TYPE_RSA_PUB type. * * @param[in] padding Padding method * @param[in] pub_key Public RSA key matching the private one used to encrypt the data @@ -170,7 +170,7 @@ int yaca_rsa_private_encrypt(yaca_padding_e padding, * @return #YACA_ERROR_NONE on success, negative on error * @retval #YACA_ERROR_NONE Successful * @retval #YACA_ERROR_INVALID_PARAMETER Required parameters have incorrect values (NULL, 0 - * invalid padding or pub_key), padding check failed + * invalid @a padding or @a pub_key), padding check failed * @retval #YACA_ERROR_OUT_OF_MEMORY Out of memory error * @retval #YACA_ERROR_INTERNAL Internal error * @@ -187,8 +187,8 @@ int yaca_rsa_public_decrypt(yaca_padding_e padding, size_t *plaintext_len); /** - * @} - */ + * @} + */ #ifdef __cplusplus } /* extern */ diff --git a/api/yaca/yaca_seal.h b/api/yaca/yaca_seal.h index c06a8b7..7fab958 100755 --- a/api/yaca/yaca_seal.h +++ b/api/yaca/yaca_seal.h @@ -46,18 +46,18 @@ extern "C" { * symmetric key and Initialization Vector. * * @remarks Generated symmetric key is encrypted with public key, - * so can be ONLY used with yaca_open_initialize(). It can be exported, - * but after import it can be ONLY used with yaca_open_initialize() as well. + * so can be only used with yaca_open_initialize(). It can be exported, + * but after import it can be only used with yaca_open_initialize() as well. * - * @remarks The @a ctx should be released using yaca_context_destroy() + * @remarks The @a ctx should be released using yaca_context_destroy(). * - * @remarks The @a pub_key must be #YACA_KEY_TYPE_RSA_PUB + * @remarks The @a pub_key must be #YACA_KEY_TYPE_RSA_PUB. * - * @remarks The @a sym_key_bit_len must be at least 88 bits shorter than the @a pub_key bit length + * @remarks The @a sym_key_bit_len must be at least 88 bits shorter than the @a pub_key bit length. * - * @remarks The @a sym_key should be released using yaca_key_destroy() + * @remarks The @a sym_key should be released using yaca_key_destroy(). * - * @remarks The @a iv should be released using yaca_key_destroy() + * @remarks The @a iv should be released using yaca_key_destroy(). * * @since_tizen 3.0 * @@ -73,7 +73,7 @@ extern "C" { * @return #YACA_ERROR_NONE on success, negative on error * @retval #YACA_ERROR_NONE Successful * @retval #YACA_ERROR_INVALID_PARAMETER Required parameters have incorrect values (NULL, - * invalid algo, bcm, sym_key_bit_len or pub_key) + * invalid @a algo, @a bcm, @a sym_key_bit_len or @a pub_key) * @retval #YACA_ERROR_OUT_OF_MEMORY Out of memory error * @retval #YACA_ERROR_INTERNAL Internal error * @@ -110,7 +110,7 @@ int yaca_seal_initialize(yaca_context_h *ctx, * @return #YACA_ERROR_NONE on success, negative on error * @retval #YACA_ERROR_NONE Successful * @retval #YACA_ERROR_INVALID_PARAMETER Required parameters have incorrect values (NULL, 0, - * invalid context) + * invalid @a ctx) * @retval #YACA_ERROR_INTERNAL Internal error * * @see yaca_seal_initialize() @@ -140,7 +140,7 @@ int yaca_seal_update(yaca_context_h ctx, * @return #YACA_ERROR_NONE on success, negative on error * @retval #YACA_ERROR_NONE Successful * @retval #YACA_ERROR_INVALID_PARAMETER Required parameters have incorrect values (NULL, - * invalid context) + * invalid @a ctx) * @retval #YACA_ERROR_INTERNAL Internal error * * @see yaca_seal_initialize() @@ -156,9 +156,9 @@ int yaca_seal_finalize(yaca_context_h ctx, * * @since_tizen 3.0 * - * @remarks The @a ctx should be released using yaca_context_destroy() + * @remarks The @a ctx should be released using yaca_context_destroy(). * - * @remarks The @a prv_key must be #YACA_KEY_TYPE_RSA_PRIV + * @remarks The @a prv_key must be #YACA_KEY_TYPE_RSA_PRIV. * * @param[out] ctx Newly created context * @param[in] prv_key Private key, part of the pair that was used for the encryption @@ -172,7 +172,8 @@ int yaca_seal_finalize(yaca_context_h ctx, * @return #YACA_ERROR_NONE on success, negative on error * @retval #YACA_ERROR_NONE Successful * @retval #YACA_ERROR_INVALID_PARAMETER Required parameters have incorrect values (NULL, invalid - * algo, bcm, sym_key_bit_len, prv_key, sym_key or iv) + * @a algo, @a bcm, @a sym_key_bit_len, @a prv_key, + * @a sym_key or @a iv) * @retval #YACA_ERROR_OUT_OF_MEMORY Out of memory error * @retval #YACA_ERROR_INTERNAL Internal error * @@ -207,7 +208,7 @@ int yaca_open_initialize(yaca_context_h *ctx, * @return #YACA_ERROR_NONE on success, negative on error * @retval #YACA_ERROR_NONE Successful * @retval #YACA_ERROR_INVALID_PARAMETER Required parameters have incorrect values (NULL, 0, - * invalid context), wrong #YACA_PROPERTY_CCM_AAD or + * invalid @a ctx), wrong #YACA_PROPERTY_CCM_AAD or * wrong #YACA_PROPERTY_CCM_TAG was used * @retval #YACA_ERROR_INTERNAL Internal error * @@ -238,7 +239,7 @@ int yaca_open_update(yaca_context_h ctx, * @return #YACA_ERROR_NONE on success, negative on error * @retval #YACA_ERROR_NONE Successful * @retval #YACA_ERROR_INVALID_PARAMETER Required parameters have incorrect values (NULL, - * invalid context), wrong #YACA_PROPERTY_GCM_AAD or + * invalid @a ctx), wrong #YACA_PROPERTY_GCM_AAD or * wrong #YACA_PROPERTY_GCM_TAG was used * @retval #YACA_ERROR_INTERNAL Internal error * @@ -251,8 +252,8 @@ int yaca_open_finalize(yaca_context_h ctx, size_t *plaintext_len); /** - * @} - */ + * @} + */ #ifdef __cplusplus } /* extern */ diff --git a/api/yaca/yaca_sign.h b/api/yaca/yaca_sign.h index c4b0dff..e627262 100755 --- a/api/yaca/yaca_sign.h +++ b/api/yaca/yaca_sign.h @@ -54,7 +54,7 @@ extern "C" { * * @remarks Using of #YACA_DIGEST_MD5 or #YACA_DIGEST_SHA224 with #YACA_PADDING_X931 is prohibited. * - * @remarks The @a ctx should be released using yaca_context_destroy() + * @remarks The @a ctx should be released using yaca_context_destroy(). * * @param[out] ctx Newly created context * @param[in] algo Digest algorithm that will be used @@ -67,7 +67,7 @@ extern "C" { * @return #YACA_ERROR_NONE on success, negative on error * @retval #YACA_ERROR_NONE Successful * @retval #YACA_ERROR_INVALID_PARAMETER Required parameters have incorrect values (NULL, - * invalid algo or key) + * invalid @a algo or @a prv_key) * @retval #YACA_ERROR_OUT_OF_MEMORY Out of memory error * @retval #YACA_ERROR_INTERNAL Internal error * @@ -94,7 +94,7 @@ int yaca_sign_initialize(yaca_context_h *ctx, * @remarks For verification, calculate message HMAC and compare with received MAC using * yaca_memcmp(). * - * @remarks The @a ctx should be released using yaca_context_destroy() + * @remarks The @a ctx should be released using yaca_context_destroy(). * * @param[out] ctx Newly created context * @param[in] algo Digest algorithm that will be used @@ -105,7 +105,7 @@ int yaca_sign_initialize(yaca_context_h *ctx, * @return #YACA_ERROR_NONE on success, negative on error * @retval #YACA_ERROR_NONE Successful * @retval #YACA_ERROR_INVALID_PARAMETER Required parameters have incorrect values (NULL, - * invalid algo or key) + * invalid @a algo or @a sym_key) * @retval #YACA_ERROR_OUT_OF_MEMORY Out of memory error * @retval #YACA_ERROR_INTERNAL Internal error * @@ -128,7 +128,7 @@ int yaca_sign_initialize_hmac(yaca_context_h *ctx, * @remarks For verification, calculate message CMAC and compare with received MAC using * yaca_memcmp(). * - * @remarks The @a ctx should be released using yaca_context_destroy() + * @remarks The @a ctx should be released using yaca_context_destroy(). * * @param[out] ctx Newly created context * @param[in] algo Encryption algorithm that will be used @@ -139,7 +139,7 @@ int yaca_sign_initialize_hmac(yaca_context_h *ctx, * @return #YACA_ERROR_NONE on success, negative on error * @retval #YACA_ERROR_NONE Successful * @retval #YACA_ERROR_INVALID_PARAMETER Required parameters have incorrect values (NULL, - * invalid algo or key) + * invalid @a algo or @a sym_key) * @retval #YACA_ERROR_OUT_OF_MEMORY Out of memory error * @retval #YACA_ERROR_INTERNAL Internal error * @@ -167,7 +167,7 @@ int yaca_sign_initialize_cmac(yaca_context_h *ctx, * @return #YACA_ERROR_NONE on success, negative on error * @retval #YACA_ERROR_NONE Successful * @retval #YACA_ERROR_INVALID_PARAMETER Required parameters have incorrect values (NULL, 0, - * invalid context) + * invalid @a ctx) * @retval #YACA_ERROR_INTERNAL Internal error * * @see yaca_sign_initialize() @@ -196,7 +196,7 @@ int yaca_sign_update(yaca_context_h ctx, * @return #YACA_ERROR_NONE on success, negative on error * @retval #YACA_ERROR_NONE Successful * @retval #YACA_ERROR_INVALID_PARAMETER Required parameters have incorrect values (NULL, - * invalid context) + * invalid @a ctx) * @retval #YACA_ERROR_INTERNAL Internal error * * @see yaca_sign_initialize() @@ -210,7 +210,7 @@ int yaca_sign_finalize(yaca_context_h ctx, size_t *signature_len); /** - * @brief Initializes a signature verification context for asymmetric signatures + * @brief Initializes a signature verification context for asymmetric signatures. * * @since_tizen 3.0 * @@ -218,7 +218,7 @@ int yaca_sign_finalize(yaca_context_h ctx, * changed using yaca_context_set_property() with #YACA_PROPERTY_PADDING. * For verify to succeed it has to be set to the same value it was signed with. * - * @remarks The @a ctx should be released using yaca_context_destroy() + * @remarks The @a ctx should be released using yaca_context_destroy(). * * @param[out] ctx Newly created context * @param[in] algo Digest algorithm that will be used @@ -231,7 +231,7 @@ int yaca_sign_finalize(yaca_context_h ctx, * @return #YACA_ERROR_NONE on success, negative on error * @retval #YACA_ERROR_NONE Successful * @retval #YACA_ERROR_INVALID_PARAMETER Required parameters have incorrect values (NULL, - * invalid algo or key) + * invalid @a algo or @a pub_key) * @retval #YACA_ERROR_OUT_OF_MEMORY Out of memory error * @retval #YACA_ERROR_INTERNAL Internal error * @@ -259,7 +259,7 @@ int yaca_verify_initialize(yaca_context_h *ctx, * @return #YACA_ERROR_NONE on success, negative on error * @retval #YACA_ERROR_NONE Successful * @retval #YACA_ERROR_INVALID_PARAMETER Required parameters have incorrect values (NULL, 0, - * invalid context) + * invalid @a ctx) * @retval #YACA_ERROR_INTERNAL Internal error * * @see yaca_verify_initialize() @@ -284,7 +284,7 @@ int yaca_verify_update(yaca_context_h ctx, * @return #YACA_ERROR_NONE on success, negative on error * @retval #YACA_ERROR_NONE Successful * @retval #YACA_ERROR_INVALID_PARAMETER Required parameters have incorrect values (NULL, - * invalid context) + * invalid @a ctx) * @retval #YACA_ERROR_INTERNAL Internal error * @retval #YACA_ERROR_DATA_MISMATCH The verification failed * @@ -297,8 +297,8 @@ int yaca_verify_finalize(yaca_context_h ctx, size_t signature_len); /** - * @} - */ + * @} + */ #ifdef __cplusplus } /* extern */ diff --git a/api/yaca/yaca_simple.h b/api/yaca/yaca_simple.h index 2944f76..b77e9bc 100755 --- a/api/yaca/yaca_simple.h +++ b/api/yaca/yaca_simple.h @@ -52,11 +52,11 @@ extern "C" { * * @since_tizen 3.0 * - * @remarks yaca_simple_encrypt() doesn't support #YACA_BCM_GCM and #YACA_BCM_CCM + * @remarks yaca_simple_encrypt() doesn't support #YACA_BCM_GCM and #YACA_BCM_CCM. * - * @remarks The @a ciphertext should be freed using yaca_free() + * @remarks The @a ciphertext should be freed using yaca_free(). * - * @remarks The @a plaintext can be NULL but then @a plaintext_len must be 0 + * @remarks The @a plaintext can be NULL but then @a plaintext_len must be 0. * * @param[in] algo Encryption algorithm (select #YACA_ENCRYPT_AES if unsure) * @param[in] bcm Chaining mode (select #YACA_BCM_CBC if unsure) @@ -70,7 +70,7 @@ extern "C" { * @return #YACA_ERROR_NONE on success, negative on error * @retval #YACA_ERROR_NONE Successful * @retval #YACA_ERROR_INVALID_PARAMETER Required parameters have incorrect values (NULL, 0 - * invalid algo, bcm, sym_key or iv) + * invalid @a algo, @a bcm, @a sym_key or @a iv) * @retval #YACA_ERROR_OUT_OF_MEMORY Out of memory error * @retval #YACA_ERROR_INTERNAL Internal error * @@ -93,11 +93,11 @@ int yaca_simple_encrypt(yaca_encrypt_algorithm_e algo, * * @since_tizen 3.0 * - * @remarks yaca_simple_decrypt() doesn't support #YACA_BCM_GCM and #YACA_BCM_CCM + * @remarks yaca_simple_decrypt() doesn't support #YACA_BCM_GCM and #YACA_BCM_CCM. * - * @remarks The @a plaintext should be freed using yaca_free() + * @remarks The @a plaintext should be freed using yaca_free(). * - * @remarks The @a ciphertext can be NULL but then @a ciphertext_len must be 0 + * @remarks The @a ciphertext can be NULL but then @a ciphertext_len must be 0. * * @param[in] algo Decryption algorithm that was used to encrypt the data * @param[in] bcm Chaining mode that was used to encrypt the data @@ -111,7 +111,7 @@ int yaca_simple_encrypt(yaca_encrypt_algorithm_e algo, * @return #YACA_ERROR_NONE on success, negative on error * @retval #YACA_ERROR_NONE Successful * @retval #YACA_ERROR_INVALID_PARAMETER Required parameters have incorrect values (NULL, 0 - * invalid algo, bcm, sym_key or iv) + * invalid @a algo, @a bcm, @a sym_key or @a iv) * @retval #YACA_ERROR_OUT_OF_MEMORY Out of memory error * @retval #YACA_ERROR_INTERNAL Internal error * @@ -134,9 +134,9 @@ int yaca_simple_decrypt(yaca_encrypt_algorithm_e algo, * * @since_tizen 3.0 * - * @remarks The @a digest should be freed using yaca_free() + * @remarks The @a digest should be freed using yaca_free(). * - * @remarks The @a message can be NULL but then @a message_len must be 0 + * @remarks The @a message can be NULL but then @a message_len must be 0. * * @param[in] algo Digest algorithm (select #YACA_DIGEST_SHA256 if unsure) * @param[in] message Message from which the digest is to be calculated @@ -147,7 +147,7 @@ int yaca_simple_decrypt(yaca_encrypt_algorithm_e algo, * @return #YACA_ERROR_NONE on success, negative on error * @retval #YACA_ERROR_NONE Successful * @retval #YACA_ERROR_INVALID_PARAMETER Required parameters have incorrect values (NULL, - * invalid algo) + * invalid @a algo) * @retval #YACA_ERROR_OUT_OF_MEMORY Out of memory error * @retval #YACA_ERROR_INTERNAL Internal error * @@ -170,9 +170,9 @@ int yaca_simple_calculate_digest(yaca_digest_algorithm_e algo, * * @remarks Using of #YACA_DIGEST_MD5 algorithm for DSA and ECDSA operations is prohibited. * - * @remarks The @a signature should be freed using yaca_free() + * @remarks The @a signature should be freed using yaca_free(). * - * @remarks The @a message can be NULL but then @a message_len must be 0 + * @remarks The @a message can be NULL but then @a message_len must be 0. * * @param[in] algo Digest algorithm that will be used * @param[in] prv_key Private key that will be used, algorithm is @@ -188,7 +188,7 @@ int yaca_simple_calculate_digest(yaca_digest_algorithm_e algo, * @return #YACA_ERROR_NONE on success, negative on error * @retval #YACA_ERROR_NONE Successful * @retval #YACA_ERROR_INVALID_PARAMETER Required parameters have incorrect values (NULL, 0 - * invalid algo or key) + * invalid @a algo or @a prv_key) * @retval #YACA_ERROR_OUT_OF_MEMORY Out of memory error * @retval #YACA_ERROR_INTERNAL Internal error * @@ -209,7 +209,7 @@ int yaca_simple_calculate_signature(yaca_digest_algorithm_e algo, * * @since_tizen 3.0 * - * @remarks The @a message can be NULL but then @a message_len must be 0 + * @remarks The @a message can be NULL but then @a message_len must be 0. * * @param[in] algo Digest algorithm that will be used * @param[in] pub_key Public key that will be used, algorithm is @@ -225,7 +225,7 @@ int yaca_simple_calculate_signature(yaca_digest_algorithm_e algo, * @return #YACA_ERROR_NONE on success, negative on error * @retval #YACA_ERROR_NONE Successful * @retval #YACA_ERROR_INVALID_PARAMETER Required parameters have incorrect values (NULL, 0 - * invalid algo or key) + * invalid @a algo or @a pub_key) * @retval #YACA_ERROR_OUT_OF_MEMORY Out of memory error * @retval #YACA_ERROR_INTERNAL Internal error * @retval #YACA_ERROR_DATA_MISMATCH The verification failed @@ -249,9 +249,9 @@ int yaca_simple_verify_signature(yaca_digest_algorithm_e algo, * @remarks For verification, calculate message HMAC and compare with received MAC using * yaca_memcmp(). * - * @remarks The @a mac should be freed using yaca_free() + * @remarks The @a mac should be freed using yaca_free(). * - * @remarks The @a message can be NULL but then @a message_len must be 0 + * @remarks The @a message can be NULL but then @a message_len must be 0. * * @param[in] algo Digest algorithm that will be used * @param[in] sym_key Key that will be used, supported key types: @@ -265,7 +265,7 @@ int yaca_simple_verify_signature(yaca_digest_algorithm_e algo, * @return #YACA_ERROR_NONE on success, negative on error * @retval #YACA_ERROR_NONE Successful * @retval #YACA_ERROR_INVALID_PARAMETER Required parameters have incorrect values (NULL, 0 - * invalid algo or key) + * invalid @a algo or @a sym_key) * @retval #YACA_ERROR_OUT_OF_MEMORY Out of memory error * @retval #YACA_ERROR_INTERNAL Internal error * @@ -289,9 +289,9 @@ int yaca_simple_calculate_hmac(yaca_digest_algorithm_e algo, * @remarks For verification, calculate message CMAC and compare with received MAC using * yaca_memcmp(). * - * @remarks The @a mac should be freed using yaca_free() + * @remarks The @a mac should be freed using yaca_free(). * - * @remarks The @a message can be NULL but then @a message_len must be 0 + * @remarks The @a message can be NULL but then @a message_len must be 0. * * @param[in] algo Encryption algorithm that will be used * @param[in] sym_key Key that will be used, supported key types: @@ -305,7 +305,7 @@ int yaca_simple_calculate_hmac(yaca_digest_algorithm_e algo, * @return #YACA_ERROR_NONE on success, negative on error * @retval #YACA_ERROR_NONE Successful * @retval #YACA_ERROR_INVALID_PARAMETER Required parameters have incorrect values (NULL, 0 - * invalid algo or key) + * invalid @a algo or @a sym_key) * @retval #YACA_ERROR_OUT_OF_MEMORY Out of memory error * @retval #YACA_ERROR_INTERNAL Internal error * @@ -322,8 +322,8 @@ int yaca_simple_calculate_cmac(yaca_encrypt_algorithm_e algo, size_t *mac_len); /** - * @} - */ + * @} + */ #ifdef __cplusplus } /* extern */ diff --git a/api/yaca/yaca_types.h b/api/yaca/yaca_types.h index 59674bc..c6b1cb3 100755 --- a/api/yaca/yaca_types.h +++ b/api/yaca/yaca_types.h @@ -683,7 +683,9 @@ typedef enum { */ YACA_PADDING_PKCS1_SSLV23, - /** PKCS #7 padding. Suitable for symmetric encrypt/decrypt operation. */ + /** + * PKCS #7 padding. Suitable for symmetric encrypt/decrypt operation. + */ YACA_PADDING_PKCS7 } yaca_padding_e; @@ -707,8 +709,8 @@ typedef enum { } yaca_kdf_e; /** - * @} - */ + * @} + */ #ifdef __cplusplus } /* extern */ -- 2.7.4 From b1d8262b9bfccf75c48c3d8984d58ad72619e9a9 Mon Sep 17 00:00:00 2001 From: Dariusz Michaluk Date: Mon, 3 Oct 2016 18:04:57 +0200 Subject: [PATCH 12/16] Simplify and unify examples. Change-Id: I6f6f7997c3c04af686b4ec0202cde3027d630e9f --- examples/CMakeLists.txt | 25 ++- examples/digest.c | 53 ++--- examples/digest_simple.c | 61 ++++++ examples/encrypt.c | 211 +++++++----------- examples/encrypt_aes_gcm_ccm.c | 335 ----------------------------- examples/encrypt_ccm.c | 225 ++++++++++++++++++++ examples/encrypt_gcm.c | 214 +++++++++++++++++++ examples/encrypt_simple.c | 102 +++++++++ examples/key_exchange.c | 167 ++++----------- examples/key_gen.c | 80 ++----- examples/key_import_export.c | 321 ---------------------------- examples/key_import_export_asym.c | 114 ++++++++++ examples/key_import_export_sym.c | 108 ++++++++++ examples/key_password.c | 103 +++++---- examples/key_wrap.c | 164 ++++---------- examples/lorem.c | 37 ---- examples/lorem.h | 45 ---- examples/misc.c | 102 ++------- examples/misc.h | 9 +- examples/rsa.c | 150 ------------- examples/rsa_private.c | 94 ++++++++ examples/rsa_public.c | 100 +++++++++ examples/seal.c | 437 +++++++------------------------------- examples/sign.c | 408 ++++++++--------------------------- examples/sign_hmac.c | 132 ++++++++++++ examples/sign_simple.c | 90 ++++++++ examples/sign_simple_cmac.c | 90 ++++++++ examples/x509.crt | 21 -- examples/x509.key | 28 --- 29 files changed, 1764 insertions(+), 2262 deletions(-) create mode 100644 examples/digest_simple.c delete mode 100644 examples/encrypt_aes_gcm_ccm.c create mode 100644 examples/encrypt_ccm.c create mode 100644 examples/encrypt_gcm.c create mode 100644 examples/encrypt_simple.c delete mode 100644 examples/key_import_export.c create mode 100644 examples/key_import_export_asym.c create mode 100644 examples/key_import_export_sym.c delete mode 100644 examples/lorem.c delete mode 100644 examples/lorem.h delete mode 100644 examples/rsa.c create mode 100644 examples/rsa_private.c create mode 100644 examples/rsa_public.c create mode 100644 examples/sign_hmac.c create mode 100644 examples/sign_simple.c create mode 100644 examples/sign_simple_cmac.c delete mode 100644 examples/x509.crt delete mode 100644 examples/x509.key diff --git a/examples/CMakeLists.txt b/examples/CMakeLists.txt index bfb7a09..a71dc0c 100644 --- a/examples/CMakeLists.txt +++ b/examples/CMakeLists.txt @@ -22,8 +22,7 @@ INCLUDE_DIRECTORIES(${API_FOLDER}) -SET(COMMON_SOURCES ${CMAKE_CURRENT_SOURCE_DIR}/lorem.c - ${CMAKE_CURRENT_SOURCE_DIR}/misc.c) +SET(COMMON_SOURCES ${CMAKE_CURRENT_SOURCE_DIR}/misc.c) FUNCTION(BUILD_EXAMPLE EXAMPLE_NAME SOURCE_FILE) ADD_EXECUTABLE(${EXAMPLE_NAME} @@ -44,16 +43,24 @@ FUNCTION(BUILD_EXAMPLE EXAMPLE_NAME SOURCE_FILE) ENDFUNCTION(BUILD_EXAMPLE) BUILD_EXAMPLE("yaca-example-digest" digest.c) +BUILD_EXAMPLE("yaca-example-digest-simple" digest_simple.c) BUILD_EXAMPLE("yaca-example-encrypt" encrypt.c) -BUILD_EXAMPLE("yaca-example-seal" seal.c) -BUILD_EXAMPLE("yaca-example-encrypt-gcm-ccm" encrypt_aes_gcm_ccm.c) -BUILD_EXAMPLE("yaca-example-sign" sign.c) +BUILD_EXAMPLE("yaca-example-encrypt-gcm" encrypt_gcm.c) +BUILD_EXAMPLE("yaca-example-encrypt-ccm" encrypt_ccm.c) +BUILD_EXAMPLE("yaca-example-encrypt-simple" encrypt_simple.c) +BUILD_EXAMPLE("yaca-example-key-wrap" key_wrap.c) BUILD_EXAMPLE("yaca-example-key-gen" key_gen.c) -BUILD_EXAMPLE("yaca-example-key-exchange" key_exchange.c) -BUILD_EXAMPLE("yaca-example-key-impexp" key_import_export.c) BUILD_EXAMPLE("yaca-example-key-password" key_password.c) -BUILD_EXAMPLE("yaca-example-key-wrap" key_wrap.c) -BUILD_EXAMPLE("yaca-example-rsa" rsa.c) +BUILD_EXAMPLE("yaca-example-key-exchange" key_exchange.c) +BUILD_EXAMPLE("yaca-example-key-impexp-sym" key_import_export_sym.c) +BUILD_EXAMPLE("yaca-example-key-impexp-asym" key_import_export_asym.c) +BUILD_EXAMPLE("yaca-example-rsa-private" rsa_private.c) +BUILD_EXAMPLE("yaca-example-rsa-public" rsa_public.c) +BUILD_EXAMPLE("yaca-example-seal" seal.c) +BUILD_EXAMPLE("yaca-example-sign" sign.c) +BUILD_EXAMPLE("yaca-example-sign-hmac" sign_hmac.c) +BUILD_EXAMPLE("yaca-example-sign-simple" sign_simple.c) +BUILD_EXAMPLE("yaca-example-sign-simple-cmac" sign_simple_cmac.c) INSTALL(FILES ${COMMON_SOURCES} DESTINATION ${EXAMPLES_DIR}) diff --git a/examples/digest.c b/examples/digest.c index 582323e..f37f128 100644 --- a/examples/digest.c +++ b/examples/digest.c @@ -18,76 +18,61 @@ /** * @file digest.c - * @brief + * @brief Message Digest API example. */ +//! [Message Digest API example] +#include + #include #include -#include #include -#include "lorem.h" +/* include helpers functions and definitions */ #include "misc.h" -void digest_simple(void) +int main() { - int ret = YACA_ERROR_NONE; - char *digest; - size_t digest_len; + int ret; + yaca_context_h ctx = YACA_CONTEXT_NULL; - ret = yaca_simple_calculate_digest(YACA_DIGEST_SHA256, - lorem1024, - 1024, &digest, &digest_len); + ret = yaca_initialize(); if (ret != YACA_ERROR_NONE) - return; - - dump_hex(digest, digest_len, "Message digest: "); - - yaca_free(digest); -} + goto exit; -void digest_advanced(void) -{ - int ret = YACA_ERROR_NONE; - yaca_context_h ctx; + printf("Plain data (16 of %zu bytes): %.16s\n", INPUT_DATA_SIZE, INPUT_DATA); + /* Initialize digest context */ ret = yaca_digest_initialize(&ctx, YACA_DIGEST_SHA256); if (ret != YACA_ERROR_NONE) - return; + goto exit; - ret = yaca_digest_update(ctx, lorem1024, 1024); + /* Feeds the message */ + ret = yaca_digest_update(ctx, INPUT_DATA, INPUT_DATA_SIZE); if (ret != YACA_ERROR_NONE) goto exit; + /* Get digest length */ size_t digest_len; ret = yaca_context_get_output_length(ctx, 0, &digest_len); if (ret != YACA_ERROR_NONE) goto exit; + /* Calculate digest */ { char digest[digest_len]; - ret = yaca_digest_finalize(ctx, digest, &digest_len); if (ret != YACA_ERROR_NONE) goto exit; + /* display digest in hexadecimal format */ dump_hex(digest, digest_len, "Message digest: "); } exit: yaca_context_destroy(ctx); -} - -int main() -{ - int ret = yaca_initialize(); - if (ret != YACA_ERROR_NONE) - return ret; - - digest_simple(); - - digest_advanced(); yaca_cleanup(); return ret; } +//! [Message Digest API example] diff --git a/examples/digest_simple.c b/examples/digest_simple.c new file mode 100644 index 0000000..083d537 --- /dev/null +++ b/examples/digest_simple.c @@ -0,0 +1,61 @@ +/* + * Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved + * + * Contact: Krzysztof Jackiewicz + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License + */ + +/** + * @file digest_simple.c + * @brief Simple Message Digest API example. + */ + +//! [Simple Message Digest API example] +#include + +#include +#include +#include + +/* include helpers functions and definitions */ +#include "misc.h" + +int main() +{ + int ret; + char *digest = NULL; + size_t digest_len; + + ret = yaca_initialize(); + if (ret != YACA_ERROR_NONE) + goto exit; + + printf("Plain data (16 of %zu bytes): %.16s\n", INPUT_DATA_SIZE, INPUT_DATA); + + /* Calculate digest */ + ret = yaca_simple_calculate_digest(YACA_DIGEST_SHA256, INPUT_DATA, INPUT_DATA_SIZE, + &digest, &digest_len); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* display digest in hexadecimal format */ + dump_hex(digest, digest_len, "Message digest: "); + +exit: + yaca_free(digest); + + yaca_cleanup(); + return ret; +} +//! [Simple Message Digest API example] diff --git a/examples/encrypt.c b/examples/encrypt.c index f152588..a72c3b0 100644 --- a/examples/encrypt.c +++ b/examples/encrypt.c @@ -18,123 +18,95 @@ /** * @file encrypt.c - * @brief + * @brief Encrypt API example. */ +//! [Encrypt API example] #include #include -#include #include #include #include -#include "lorem.h" +/* include helpers functions and definitions */ #include "misc.h" -void encrypt_simple(const yaca_encrypt_algorithm_e algo, - const yaca_block_cipher_mode_e bcm, - const size_t key_bit_len) -{ - yaca_key_h key = YACA_KEY_NULL; - yaca_key_h iv = YACA_KEY_NULL; - - char *enc = NULL; - char *dec = NULL; - size_t enc_len; - size_t dec_len; - size_t iv_bit_len; - - printf("Plain data (16 of %zu bytes): %.16s\n", LOREM4096_SIZE, lorem4096); - - /* Key generation */ - if (yaca_key_derive_pbkdf2("foo bar", "123456789", 10, 1000, - YACA_DIGEST_SHA256, key_bit_len, &key) != YACA_ERROR_NONE) - return; - - if (yaca_encrypt_get_iv_bit_length(algo, bcm, key_bit_len, &iv_bit_len) != YACA_ERROR_NONE) - goto exit; - - if (iv_bit_len > 0 && yaca_key_generate(YACA_KEY_TYPE_IV, iv_bit_len, &iv) != YACA_ERROR_NONE) - goto exit; - - if (yaca_simple_encrypt(algo, bcm, key, iv, lorem4096, LOREM4096_SIZE, &enc, &enc_len) != YACA_ERROR_NONE) - goto exit; - - dump_hex(enc, 16, "Encrypted data (16 of %zu bytes): ", enc_len); - - if (yaca_simple_decrypt(algo, bcm, key, iv, enc, enc_len, &dec, &dec_len) != YACA_ERROR_NONE) - goto exit; - - printf("Decrypted data (16 of %zu bytes): %.16s\n\n", dec_len, dec); - -exit: - yaca_free(enc); - yaca_free(dec); - yaca_key_destroy(iv); - yaca_key_destroy(key); -} - -void encrypt_advanced(const yaca_encrypt_algorithm_e algo, - const yaca_block_cipher_mode_e bcm, - const yaca_key_type_e key_type, - const size_t key_bit_len) +int main() { + int ret; yaca_context_h ctx = YACA_CONTEXT_NULL; yaca_key_h key = YACA_KEY_NULL; yaca_key_h iv = YACA_KEY_NULL; - size_t iv_bit_len; - char *enc = NULL; - char *dec = NULL; - size_t enc_len; - size_t dec_len; + char *encrypted = NULL; + char *decrypted = NULL; + size_t encrypted_len; + size_t decrypted_len; size_t block_len; size_t output_len; size_t written_len; - printf("Plain data (16 of %zu bytes): %.16s\n", LOREM4096_SIZE, lorem4096); + ret = yaca_initialize(); + if (ret != YACA_ERROR_NONE) + goto exit; + + printf("Plain data (16 of %zu bytes): %.16s\n", INPUT_DATA_SIZE, INPUT_DATA); /* Key generation */ - if (yaca_key_generate(key_type, key_bit_len, &key) != YACA_ERROR_NONE) - return; - - if (yaca_encrypt_get_iv_bit_length(algo, bcm, key_bit_len, &iv_bit_len) != YACA_ERROR_NONE) + ret = yaca_key_generate(YACA_KEY_TYPE_SYMMETRIC, YACA_KEY_LENGTH_256BIT, &key); + if (ret != YACA_ERROR_NONE) goto exit; - if (iv_bit_len > 0 && yaca_key_generate(YACA_KEY_TYPE_IV, iv_bit_len, &iv) != YACA_ERROR_NONE) + /* IV generation */ + ret = yaca_key_generate(YACA_KEY_TYPE_IV, YACA_KEY_LENGTH_IV_128BIT, &iv); + if (ret != YACA_ERROR_NONE) goto exit; /* Encryption */ { - if (yaca_encrypt_initialize(&ctx, algo, bcm, key, iv) != YACA_ERROR_NONE) + /* Initialize encryption context */ + ret = yaca_encrypt_initialize(&ctx, YACA_ENCRYPT_AES, YACA_BCM_CBC, key, iv); + if (ret != YACA_ERROR_NONE) goto exit; - /* For the update */ - if (yaca_context_get_output_length(ctx, LOREM4096_SIZE, &output_len) != YACA_ERROR_NONE) + /* Get output length for the update */ + ret = yaca_context_get_output_length(ctx, INPUT_DATA_SIZE, &output_len); + if (ret != YACA_ERROR_NONE) goto exit; - /* For the finalize */ - if (yaca_context_get_output_length(ctx, 0, &block_len) != YACA_ERROR_NONE) + /* Get output length for the finalize */ + ret = yaca_context_get_output_length(ctx, 0, &block_len); + if (ret != YACA_ERROR_NONE) goto exit; - /* Calculate max output: size of update + final chunks */ - enc_len = output_len + block_len; - if (yaca_malloc(enc_len, (void**)&enc) != YACA_ERROR_NONE) + /* Calculate max output length and allocate memory */ + encrypted_len = output_len + block_len; + ret = yaca_zalloc(encrypted_len, (void**)&encrypted); + if (ret != YACA_ERROR_NONE) goto exit; - if (yaca_encrypt_update(ctx, lorem4096, LOREM4096_SIZE, enc, &written_len) != YACA_ERROR_NONE) + /* Encrypt data */ + ret = yaca_encrypt_update(ctx, INPUT_DATA, INPUT_DATA_SIZE, encrypted, &written_len); + if (ret != YACA_ERROR_NONE) goto exit; - enc_len = written_len; + encrypted_len = written_len; - if (yaca_encrypt_finalize(ctx, enc + written_len, &written_len) != YACA_ERROR_NONE) + ret = yaca_encrypt_finalize(ctx, encrypted + encrypted_len, &written_len); + if (ret != YACA_ERROR_NONE) goto exit; - enc_len += written_len; + encrypted_len += written_len; + + /* Resize output buffer */ + ret = yaca_realloc(encrypted_len, (void**)&encrypted); + if (ret != YACA_ERROR_NONE) + goto exit; - dump_hex(enc, 16, "Encrypted data (16 of %zu bytes): ", enc_len); + /* display encrypted data in hexadecimal format */ + dump_hex(encrypted, 16, "Encrypted data (16 of %zu bytes): ", encrypted_len); yaca_context_destroy(ctx); ctx = YACA_CONTEXT_NULL; @@ -142,89 +114,56 @@ void encrypt_advanced(const yaca_encrypt_algorithm_e algo, /* Decryption */ { - if (yaca_decrypt_initialize(&ctx, algo, bcm, key, iv) != YACA_ERROR_NONE) + /* Initialize decryption context */ + ret = yaca_decrypt_initialize(&ctx, YACA_ENCRYPT_AES, YACA_BCM_CBC, key, iv); + if (ret != YACA_ERROR_NONE) goto exit; - /* For the update */ - if (yaca_context_get_output_length(ctx, enc_len, &output_len) != YACA_ERROR_NONE) + /* Get output length for the update */ + ret = yaca_context_get_output_length(ctx, encrypted_len, &output_len); + if (ret != YACA_ERROR_NONE) goto exit; - /* For the finalize */ - if (yaca_context_get_output_length(ctx, 0, &block_len) != YACA_ERROR_NONE) + /* Get output length for the finalize */ + ret = yaca_context_get_output_length(ctx, 0, &block_len); + if (ret != YACA_ERROR_NONE) goto exit; - /* Calculate max output: size of update + final chunks */ - dec_len = output_len + block_len; - if (yaca_malloc(dec_len, (void**)&dec) != YACA_ERROR_NONE) + /* Calculate max output length and allocate memory */ + decrypted_len = output_len + block_len; + ret = yaca_zalloc(decrypted_len, (void**)&decrypted); + if (ret != YACA_ERROR_NONE) goto exit; - if (yaca_decrypt_update(ctx, enc, enc_len, dec, &written_len) != YACA_ERROR_NONE) + /* Decrypt data */ + ret = yaca_decrypt_update(ctx, encrypted, encrypted_len, decrypted, &written_len); + if (ret != YACA_ERROR_NONE) goto exit; - dec_len = written_len; + decrypted_len = written_len; - if (yaca_decrypt_finalize(ctx, dec + written_len, &written_len) != YACA_ERROR_NONE) + ret = yaca_decrypt_finalize(ctx, decrypted + decrypted_len, &written_len); + if (ret != YACA_ERROR_NONE) goto exit; - dec_len += written_len; + decrypted_len += written_len; - printf("Decrypted data (16 of %zu bytes): %.16s\n\n", dec_len, dec); + /* Resize output buffer */ + ret = yaca_realloc(decrypted_len, (void**)&decrypted); + if (ret != YACA_ERROR_NONE) + goto exit; + + printf("Decrypted data (16 of %zu bytes): %.16s\n\n", decrypted_len, decrypted); } exit: - yaca_free(dec); - yaca_free(enc); + yaca_free(decrypted); + yaca_free(encrypted); yaca_context_destroy(ctx); yaca_key_destroy(iv); yaca_key_destroy(key); -} - -int main() -{ - int ret = yaca_initialize(); - if (ret != YACA_ERROR_NONE) - return ret; - - yaca_encrypt_algorithm_e algo = YACA_ENCRYPT_AES; - yaca_block_cipher_mode_e bcm = YACA_BCM_ECB; - yaca_key_type_e key_type = YACA_KEY_TYPE_SYMMETRIC; - size_t key_bit_len = YACA_KEY_LENGTH_256BIT; - - encrypt_simple(algo, bcm, key_bit_len); - encrypt_advanced(algo, bcm, key_type, key_bit_len); - - algo = YACA_ENCRYPT_3DES_3TDEA; - bcm = YACA_BCM_OFB; - key_type = YACA_KEY_TYPE_DES; - key_bit_len = YACA_KEY_LENGTH_192BIT; - - encrypt_advanced(algo, bcm, key_type, key_bit_len); - - algo = YACA_ENCRYPT_CAST5; - bcm = YACA_BCM_CFB; - key_type = YACA_KEY_TYPE_SYMMETRIC; - key_bit_len = YACA_KEY_LENGTH_UNSAFE_40BIT; - - encrypt_simple(algo, bcm, key_bit_len); - encrypt_advanced(algo, bcm, key_type, key_bit_len); - - algo = YACA_ENCRYPT_UNSAFE_RC2; - bcm = YACA_BCM_CBC; - key_type = YACA_KEY_TYPE_SYMMETRIC; - key_bit_len = YACA_KEY_LENGTH_UNSAFE_8BIT; - - encrypt_simple(algo, bcm, key_bit_len); - encrypt_advanced(algo, bcm, key_type, key_bit_len); - - algo = YACA_ENCRYPT_UNSAFE_RC4; - bcm = YACA_BCM_NONE; - key_type = YACA_KEY_TYPE_SYMMETRIC; - key_bit_len = YACA_KEY_LENGTH_2048BIT; - - encrypt_simple(algo, bcm, key_bit_len); - encrypt_advanced(algo, bcm, key_type, key_bit_len); yaca_cleanup(); - return ret; } +//! [Encrypt API example] diff --git a/examples/encrypt_aes_gcm_ccm.c b/examples/encrypt_aes_gcm_ccm.c deleted file mode 100644 index 05f2cfd..0000000 --- a/examples/encrypt_aes_gcm_ccm.c +++ /dev/null @@ -1,335 +0,0 @@ -/* - * Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved - * - * Contact: Krzysztof Jackiewicz - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License - */ - -/** - * @file encrypt_aes_gcm_ccm.c - * @brief - */ - -#include - -#include -#include -#include -#include - -#include "lorem.h" -#include "misc.h" - -void encrypt_decrypt_aes_gcm(void) -{ - yaca_encrypt_algorithm_e algo = YACA_ENCRYPT_AES; - yaca_block_cipher_mode_e bcm = YACA_BCM_GCM; - yaca_key_type_e key_type = YACA_KEY_TYPE_SYMMETRIC; - size_t key_bit_len = YACA_KEY_LENGTH_256BIT; - size_t iv_bit_len = YACA_KEY_LENGTH_IV_128BIT; - - yaca_context_h ctx = YACA_CONTEXT_NULL; - yaca_key_h key = YACA_KEY_NULL; - yaca_key_h iv = YACA_KEY_NULL; - - char *enc = NULL; - char *dec = NULL; - size_t enc_len; - size_t dec_len; - - char *aad = NULL; - char *tag = NULL; - size_t aad_len = 16; - size_t tag_len = 16; - - size_t block_len; - size_t output_len; - size_t written_len; - - printf("AES GCM 256bit key encryption/decryption\n"); - printf("Plain data (16 of %zu bytes): %.16s\n", LOREM4096_SIZE, lorem4096); - - /* Key generation */ - if (yaca_key_generate(key_type, key_bit_len, &key) != YACA_ERROR_NONE) - return; - - /* IV generation */ - if (yaca_key_generate(YACA_KEY_TYPE_IV, iv_bit_len, &iv) != YACA_ERROR_NONE) - goto exit; - - if (yaca_zalloc(aad_len, (void**)&aad) != YACA_ERROR_NONE) - goto exit; - - if (yaca_randomize_bytes(aad, aad_len) != YACA_ERROR_NONE) - goto exit; - - if (yaca_zalloc(tag_len, (void**)&tag) != YACA_ERROR_NONE) - goto exit; - - /* Encryption */ - { - if (yaca_encrypt_initialize(&ctx, algo, bcm, key, iv) != YACA_ERROR_NONE) - goto exit; - - /* Provide any AAD data */ - if (yaca_context_set_property(ctx, YACA_PROPERTY_GCM_AAD, aad, aad_len) != YACA_ERROR_NONE) - goto exit; - - /* For the update */ - if (yaca_context_get_output_length(ctx, LOREM4096_SIZE, &output_len) != YACA_ERROR_NONE) - goto exit; - - /* For the finalize */ - if (yaca_context_get_output_length(ctx, 0, &block_len) != YACA_ERROR_NONE) - goto exit; - - /* Calculate max output: size of update + final chunks */ - enc_len = output_len + block_len; - if (yaca_malloc(enc_len, (void**)&enc) != YACA_ERROR_NONE) - goto exit; - - if (yaca_encrypt_update(ctx, lorem4096, LOREM4096_SIZE, enc, &written_len) != YACA_ERROR_NONE) - goto exit; - - enc_len = written_len; - - if (yaca_encrypt_finalize(ctx, enc + written_len, &written_len) != YACA_ERROR_NONE) - goto exit; - - enc_len += written_len; - - /* Set the tag length and get the tag after final encryption */ - if (yaca_context_set_property(ctx, YACA_PROPERTY_GCM_TAG_LEN, - (void*)&tag_len, sizeof(tag_len)) != YACA_ERROR_NONE) - goto exit; - - if (yaca_context_get_property(ctx, YACA_PROPERTY_GCM_TAG, (void**)tag, &tag_len) != YACA_ERROR_NONE) - goto exit; - - dump_hex(enc, 16, "Encrypted data (16 of %zu bytes): ", enc_len); - - yaca_context_destroy(ctx); - ctx = YACA_CONTEXT_NULL; - } - - /* Decryption */ - { - if (yaca_decrypt_initialize(&ctx, algo, bcm, key, iv) != YACA_ERROR_NONE) - goto exit; - - /* Provide any AAD data */ - if (yaca_context_set_property(ctx, YACA_PROPERTY_GCM_AAD, aad, aad_len) != YACA_ERROR_NONE) - goto exit; - - /* For the update */ - if (yaca_context_get_output_length(ctx, enc_len, &output_len) != YACA_ERROR_NONE) - goto exit; - - /* For the finalize */ - if (yaca_context_get_output_length(ctx, 0, &block_len) != YACA_ERROR_NONE) - goto exit; - - /* Calculate max output: size of update + final chunks */ - dec_len = output_len + block_len; - if (yaca_malloc(dec_len, (void**)&dec) != YACA_ERROR_NONE) - goto exit; - - if (yaca_decrypt_update(ctx, enc, enc_len, dec, &written_len) != YACA_ERROR_NONE) - goto exit; - - dec_len = written_len; - - /* Set expected tag value before final decryption */ - if (yaca_context_set_property(ctx, YACA_PROPERTY_GCM_TAG, tag, tag_len) != YACA_ERROR_NONE) - goto exit; - - if (yaca_decrypt_finalize(ctx, dec + written_len, &written_len) != YACA_ERROR_NONE) - goto exit; - - dec_len += written_len; - - printf("Decrypted data (16 of %zu bytes): %.16s\n\n", dec_len, dec); - } - -exit: - yaca_free(enc); - yaca_free(dec); - yaca_free(tag); - yaca_free(aad); - yaca_context_destroy(ctx); - yaca_key_destroy(iv); - yaca_key_destroy(key); -} - -void encrypt_decrypt_aes_ccm(void) -{ - yaca_encrypt_algorithm_e algo = YACA_ENCRYPT_AES; - yaca_block_cipher_mode_e bcm = YACA_BCM_CCM; - yaca_key_type_e key_type = YACA_KEY_TYPE_SYMMETRIC; - size_t key_bit_len = YACA_KEY_LENGTH_256BIT; - size_t iv_bit_len = YACA_KEY_LENGTH_IV_64BIT; - - yaca_context_h ctx = YACA_CONTEXT_NULL; - yaca_key_h key = YACA_KEY_NULL; - yaca_key_h iv = YACA_KEY_NULL; - - char *enc = NULL; - char *dec = NULL; - size_t enc_len; - size_t dec_len; - - char *aad = NULL; - char *tag = NULL; - size_t aad_len = 16; - size_t tag_len = 14; - - size_t block_len; - size_t output_len; - size_t written_len; - size_t len; - - printf("AES CCM 256bit key encryption/decryption\n"); - printf("Plain data (16 of %zu bytes): %.16s\n", LOREM4096_SIZE, lorem4096); - - /* Key generation */ - if (yaca_key_generate(key_type, key_bit_len, &key) != YACA_ERROR_NONE) - return; - - /* IV generation */ - if (yaca_key_generate(YACA_KEY_TYPE_IV, iv_bit_len, &iv) != YACA_ERROR_NONE) - goto exit; - - if (yaca_zalloc(aad_len, (void**)&aad) != YACA_ERROR_NONE) - goto exit; - - if (yaca_randomize_bytes(aad, aad_len) != YACA_ERROR_NONE) - goto exit; - - if (yaca_zalloc(tag_len, (void**)&tag) != YACA_ERROR_NONE) - goto exit; - - /* Encryption */ - { - if (yaca_encrypt_initialize(&ctx, algo, bcm, key, iv) != YACA_ERROR_NONE) - goto exit; - - /* Set tag length (optionally) */ - if (yaca_context_set_property(ctx, YACA_PROPERTY_CCM_TAG_LEN, - (void*)&tag_len, sizeof(tag_len)) != YACA_ERROR_NONE) - goto exit; - - /* The total plain text length must be passed (only needed if AAD is passed) */ - if (yaca_encrypt_update(ctx, NULL, LOREM4096_SIZE , NULL, &len) != YACA_ERROR_NONE) - goto exit; - - if (yaca_context_set_property(ctx, YACA_PROPERTY_CCM_AAD, aad, aad_len) != YACA_ERROR_NONE) - goto exit; - - /* For the update */ - if (yaca_context_get_output_length(ctx, LOREM4096_SIZE, &output_len) != YACA_ERROR_NONE) - goto exit; - - /* For the finalize */ - if (yaca_context_get_output_length(ctx, 0, &block_len) != YACA_ERROR_NONE) - goto exit; - - /* Calculate max output: size of update + final chunks */ - enc_len = output_len + block_len; - if (yaca_malloc(enc_len, (void**)&enc) != YACA_ERROR_NONE) - goto exit; - - if (yaca_encrypt_update(ctx, lorem4096, LOREM4096_SIZE, enc, &written_len) != YACA_ERROR_NONE) - goto exit; - - enc_len = written_len; - - if (yaca_encrypt_finalize(ctx, enc + written_len, &written_len) != YACA_ERROR_NONE) - goto exit; - - enc_len += written_len; - - /* Get the tag after final encryption */ - if (yaca_context_get_property(ctx, YACA_PROPERTY_CCM_TAG, (void**)tag, &tag_len) != YACA_ERROR_NONE) - goto exit; - - dump_hex(enc, 16, "Encrypted data (16 of %zu bytes): ", enc_len); - - yaca_context_destroy(ctx); - ctx = YACA_CONTEXT_NULL; - } - - /* Decryption */ - { - if (yaca_decrypt_initialize(&ctx, algo, bcm, key, iv) != YACA_ERROR_NONE) - goto exit; - - /* Set expected tag value */ - if (yaca_context_set_property(ctx, YACA_PROPERTY_CCM_TAG, tag, tag_len) != YACA_ERROR_NONE) - goto exit; - - /* The total encrypted text length must be passed (only needed if AAD is passed) */ - if (yaca_decrypt_update(ctx, NULL, enc_len , NULL, &len) != YACA_ERROR_NONE) - goto exit; - - if (yaca_context_set_property(ctx, YACA_PROPERTY_CCM_AAD, aad, aad_len) != YACA_ERROR_NONE) - goto exit; - - /* For the update */ - if (yaca_context_get_output_length(ctx, enc_len, &output_len) != YACA_ERROR_NONE) - goto exit; - - /* For the finalize */ - if (yaca_context_get_output_length(ctx, 0, &block_len) != YACA_ERROR_NONE) - goto exit; - - /* Calculate max output: size of update + final chunks */ - dec_len = output_len + block_len; - if (yaca_malloc(dec_len, (void**)&dec) != YACA_ERROR_NONE) - goto exit; - - if (yaca_decrypt_update(ctx, enc, enc_len, dec, &written_len) != YACA_ERROR_NONE) - goto exit; - - dec_len = written_len; - - if (yaca_decrypt_finalize(ctx, dec + written_len, &written_len) != YACA_ERROR_NONE) - goto exit; - - dec_len += written_len; - - printf("Decrypted data (16 of %zu bytes): %.16s\n\n", dec_len, dec); - } - -exit: - yaca_free(enc); - yaca_free(dec); - yaca_free(tag); - yaca_free(aad); - yaca_context_destroy(ctx); - yaca_key_destroy(iv); - yaca_key_destroy(key); -} - -int main() -{ - int ret = yaca_initialize(); - if (ret != YACA_ERROR_NONE) - return ret; - - encrypt_decrypt_aes_gcm(); - encrypt_decrypt_aes_ccm(); - - yaca_cleanup(); - return ret; -} diff --git a/examples/encrypt_ccm.c b/examples/encrypt_ccm.c new file mode 100644 index 0000000..3bc11f8 --- /dev/null +++ b/examples/encrypt_ccm.c @@ -0,0 +1,225 @@ +/* + * Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved + * + * Contact: Krzysztof Jackiewicz + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License + */ + +/** + * @file encrypt_ccm.c + * @brief AES CCM encrypt API example. + */ + +//! [AES CCM encrypt API example] +#include + +#include +#include +#include +#include + +/* include helpers functions and definitions */ +#include "misc.h" + +int main() +{ + int ret; + yaca_context_h ctx = YACA_CONTEXT_NULL; + yaca_key_h key = YACA_KEY_NULL; + yaca_key_h iv = YACA_KEY_NULL; + + char *encrypted = NULL; + char *decrypted = NULL; + size_t encrypted_len; + size_t decrypted_len; + + char *aad = NULL; + char *tag = NULL; + size_t aad_len = 16; + size_t tag_len = 12; + + size_t block_len; + size_t output_len; + size_t written_len; + + ret = yaca_initialize(); + if (ret != YACA_ERROR_NONE) + goto exit; + + printf("Plain data (16 of %zu bytes): %.16s\n", INPUT_DATA_SIZE, INPUT_DATA); + + /* Key generation */ + ret = yaca_key_generate(YACA_KEY_TYPE_SYMMETRIC, YACA_KEY_LENGTH_256BIT, &key); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* IV generation */ + ret = yaca_key_generate(YACA_KEY_TYPE_IV, YACA_KEY_LENGTH_IV_64BIT, &iv); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Additional Authentication Data generation */ + ret = yaca_zalloc(aad_len, (void**)&aad); + if (ret != YACA_ERROR_NONE) + goto exit; + + ret = yaca_randomize_bytes(aad, aad_len); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Allocate memory for tag */ + ret = yaca_zalloc(tag_len, (void**)&tag); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Encryption */ + { + /* Initialize encryption context */ + ret = yaca_encrypt_initialize(&ctx, YACA_ENCRYPT_AES, YACA_BCM_CCM, key, iv); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Get output length for the update */ + ret = yaca_context_get_output_length(ctx, INPUT_DATA_SIZE, &output_len); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Get output length for the finalize */ + ret = yaca_context_get_output_length(ctx, 0, &block_len); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Calculate max output length and allocate memory */ + encrypted_len = output_len + block_len; + ret = yaca_zalloc(encrypted_len, (void**)&encrypted); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Set tag length */ + ret = yaca_context_set_property(ctx, YACA_PROPERTY_CCM_TAG_LEN, &tag_len, sizeof(tag_len)); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* The total plain text length must be passed (only needed if AAD is passed) */ + ret = yaca_encrypt_update(ctx, NULL, INPUT_DATA_SIZE , NULL, &written_len); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Provide Additional Authentication Data */ + ret = yaca_context_set_property(ctx, YACA_PROPERTY_CCM_AAD, aad, aad_len); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Encrypt data */ + ret = yaca_encrypt_update(ctx, INPUT_DATA, INPUT_DATA_SIZE, encrypted, &written_len); + if (ret != YACA_ERROR_NONE) + goto exit; + + encrypted_len = written_len; + + ret = yaca_encrypt_finalize(ctx, encrypted + encrypted_len, &written_len); + if (ret != YACA_ERROR_NONE) + goto exit; + + encrypted_len += written_len; + + /* Resize output buffer */ + ret = yaca_realloc(encrypted_len, (void**)&encrypted); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Get the tag after final encryption */ + ret = yaca_context_get_property(ctx, YACA_PROPERTY_CCM_TAG, (void**)tag, &tag_len); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* display encrypted data in hexadecimal format */ + dump_hex(encrypted, 16, "Encrypted data (16 of %zu bytes): ", encrypted_len); + + yaca_context_destroy(ctx); + ctx = YACA_CONTEXT_NULL; + } + + /* Decryption */ + { + /* Initialize decryption context */ + ret = yaca_decrypt_initialize(&ctx, YACA_ENCRYPT_AES, YACA_BCM_CCM, key, iv); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Get output length for the update */ + ret = yaca_context_get_output_length(ctx, encrypted_len, &output_len); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Get output length for the finalize */ + ret = yaca_context_get_output_length(ctx, 0, &block_len); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Calculate max output length and allocate memory */ + decrypted_len = output_len + block_len; + ret = yaca_zalloc(decrypted_len, (void**)&decrypted); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Set expected tag value */ + ret = yaca_context_set_property(ctx, YACA_PROPERTY_CCM_TAG, tag, tag_len); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* The total encrypted text length must be passed (only needed if AAD is passed) */ + ret = yaca_decrypt_update(ctx, NULL, encrypted_len , NULL, &written_len); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Provide Additional Authentication Data */ + ret = yaca_context_set_property(ctx, YACA_PROPERTY_CCM_AAD, aad, aad_len); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Decrypt data */ + ret = yaca_decrypt_update(ctx, encrypted, encrypted_len, decrypted, &written_len); + if (ret != YACA_ERROR_NONE) + goto exit; + + decrypted_len = written_len; + + ret = yaca_decrypt_finalize(ctx, decrypted + decrypted_len, &written_len); + if (ret != YACA_ERROR_NONE) + goto exit; + + decrypted_len += written_len; + + /* Resize output buffer */ + ret = yaca_realloc(decrypted_len, (void**)&decrypted); + if (ret != YACA_ERROR_NONE) + goto exit; + + printf("Decrypted data (16 of %zu bytes): %.16s\n\n", decrypted_len, decrypted); + } + +exit: + yaca_free(decrypted); + yaca_free(encrypted); + yaca_free(tag); + yaca_free(aad); + yaca_context_destroy(ctx); + yaca_key_destroy(iv); + yaca_key_destroy(key); + + yaca_cleanup(); + return ret; +} +//! [AES CCM encrypt API example] diff --git a/examples/encrypt_gcm.c b/examples/encrypt_gcm.c new file mode 100644 index 0000000..9778acb --- /dev/null +++ b/examples/encrypt_gcm.c @@ -0,0 +1,214 @@ +/* + * Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved + * + * Contact: Krzysztof Jackiewicz + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License + */ + +/** + * @file encrypt_gcm.c + * @brief AES GCM encrypt API example. + */ + +//! [AES GCM encrypt API example] +#include + +#include +#include +#include +#include + +/* include helpers functions and definitions */ +#include "misc.h" + +int main() +{ + int ret; + yaca_context_h ctx = YACA_CONTEXT_NULL; + yaca_key_h key = YACA_KEY_NULL; + yaca_key_h iv = YACA_KEY_NULL; + + char *encrypted = NULL; + char *decrypted = NULL; + size_t encrypted_len; + size_t decrypted_len; + + char *aad = NULL; + char *tag = NULL; + size_t aad_len = 16; + size_t tag_len = 16; + + size_t block_len; + size_t output_len; + size_t written_len; + + ret = yaca_initialize(); + if (ret != YACA_ERROR_NONE) + goto exit; + + printf("Plain data (16 of %zu bytes): %.16s\n", INPUT_DATA_SIZE, INPUT_DATA); + + /* Key generation */ + ret = yaca_key_generate(YACA_KEY_TYPE_SYMMETRIC, YACA_KEY_LENGTH_256BIT, &key); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* IV generation */ + ret = yaca_key_generate(YACA_KEY_TYPE_IV, YACA_KEY_LENGTH_IV_128BIT, &iv); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Additional Authentication Data generation */ + ret = yaca_zalloc(aad_len, (void**)&aad); + if (ret != YACA_ERROR_NONE) + goto exit; + + ret = yaca_randomize_bytes(aad, aad_len); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Allocate memory for tag */ + ret = yaca_zalloc(tag_len, (void**)&tag); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Encryption */ + { + /* Initialize encryption context */ + ret = yaca_encrypt_initialize(&ctx, YACA_ENCRYPT_AES, YACA_BCM_GCM, key, iv); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Get output length for the update */ + ret = yaca_context_get_output_length(ctx, INPUT_DATA_SIZE, &output_len); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Get output length for the finalize */ + ret = yaca_context_get_output_length(ctx, 0, &block_len); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Calculate max output length and allocate memory */ + encrypted_len = output_len + block_len; + ret = yaca_zalloc(encrypted_len, (void**)&encrypted); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Provide Additional Authentication Data */ + ret = yaca_context_set_property(ctx, YACA_PROPERTY_GCM_AAD, aad, aad_len); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Encrypt data */ + ret = yaca_encrypt_update(ctx, INPUT_DATA, INPUT_DATA_SIZE, encrypted, &written_len); + if (ret != YACA_ERROR_NONE) + goto exit; + + encrypted_len = written_len; + + ret = yaca_encrypt_finalize(ctx, encrypted + encrypted_len, &written_len); + if (ret != YACA_ERROR_NONE) + goto exit; + + encrypted_len += written_len; + + /* Resize output buffer */ + ret = yaca_realloc(encrypted_len, (void**)&encrypted); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Set the tag length and get the tag */ + ret = yaca_context_set_property(ctx, YACA_PROPERTY_GCM_TAG_LEN, &tag_len, sizeof(tag_len)); + if (ret != YACA_ERROR_NONE) + goto exit; + + ret = yaca_context_get_property(ctx, YACA_PROPERTY_GCM_TAG, (void**)tag, &tag_len); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* display encrypted data in hexadecimal format */ + dump_hex(encrypted, 16, "Encrypted data (16 of %zu bytes): ", encrypted_len); + + yaca_context_destroy(ctx); + ctx = YACA_CONTEXT_NULL; + } + + /* Decryption */ + { + /* Initialize decryption context */ + ret = yaca_decrypt_initialize(&ctx, YACA_ENCRYPT_AES, YACA_BCM_GCM, key, iv); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Get output length for the update */ + ret = yaca_context_get_output_length(ctx, encrypted_len, &output_len); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Get output length for the finalize */ + ret = yaca_context_get_output_length(ctx, 0, &block_len); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Calculate max output length and allocate memory */ + decrypted_len = output_len + block_len; + ret = yaca_zalloc(decrypted_len, (void**)&decrypted); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Provide Additional Authentication Data */ + ret = yaca_context_set_property(ctx, YACA_PROPERTY_GCM_AAD, aad, aad_len); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Decrypt data */ + ret = yaca_decrypt_update(ctx, encrypted, encrypted_len, decrypted, &written_len); + if (ret != YACA_ERROR_NONE) + goto exit; + + decrypted_len = written_len; + + /* Set expected tag value before final decryption */ + ret = yaca_context_set_property(ctx, YACA_PROPERTY_GCM_TAG, tag, tag_len); + if (ret != YACA_ERROR_NONE) + goto exit; + + ret = yaca_decrypt_finalize(ctx, decrypted + decrypted_len, &written_len); + if (ret != YACA_ERROR_NONE) + goto exit; + + decrypted_len += written_len; + + /* Resize output buffer */ + ret = yaca_realloc(decrypted_len, (void**)&decrypted); + if (ret != YACA_ERROR_NONE) + goto exit; + + printf("Decrypted data (16 of %zu bytes): %.16s\n\n", decrypted_len, decrypted); + } + +exit: + yaca_free(decrypted); + yaca_free(encrypted); + yaca_free(tag); + yaca_free(aad); + yaca_context_destroy(ctx); + yaca_key_destroy(iv); + yaca_key_destroy(key); + + yaca_cleanup(); + return ret; +} +//! [AES GCM encrypt API example] diff --git a/examples/encrypt_simple.c b/examples/encrypt_simple.c new file mode 100644 index 0000000..dadab7c --- /dev/null +++ b/examples/encrypt_simple.c @@ -0,0 +1,102 @@ +/* + * Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved + * + * Contact: Krzysztof Jackiewicz + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License + */ + +/** + * @file encrypt_simple.c + * @brief Simple Encrypt API example. + */ + +//! [Simple Encrypt API example] +#include + +#include +#include +#include +#include +#include + +/* include helpers functions and definitions */ +#include "misc.h" + +int main() +{ + int ret; + yaca_key_h key = YACA_KEY_NULL; + yaca_key_h iv = YACA_KEY_NULL; + size_t iv_bit_len; + + char *encrypted = NULL; + char *decrypted = NULL; + size_t encrypted_len; + size_t decrypted_len; + + ret = yaca_initialize(); + if (ret != YACA_ERROR_NONE) + goto exit; + + printf("Plain data (16 of %zu bytes): %.16s\n", INPUT_DATA_SIZE, INPUT_DATA); + + /* Key generation */ + ret = yaca_key_derive_pbkdf2("foo bar", "123456789", 10, 1000, + YACA_DIGEST_SHA256, YACA_KEY_LENGTH_256BIT, &key); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* IV generation */ + ret = yaca_encrypt_get_iv_bit_length(YACA_ENCRYPT_AES, YACA_BCM_CTR, YACA_KEY_LENGTH_256BIT, + &iv_bit_len); + if (ret != YACA_ERROR_NONE) + goto exit; + + if (iv_bit_len > 0) { + ret = yaca_key_generate(YACA_KEY_TYPE_IV, iv_bit_len, &iv); + if (ret != YACA_ERROR_NONE) + goto exit; + } + + /* Encryption */ + { + ret = yaca_simple_encrypt(YACA_ENCRYPT_AES, YACA_BCM_CTR, key, iv, + INPUT_DATA, INPUT_DATA_SIZE, &encrypted, &encrypted_len); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* display encrypted data in hexadecimal format */ + dump_hex(encrypted, 16, "Encrypted data (16 of %zu bytes): ", encrypted_len); + } + + /* Decryption */ + { + ret = yaca_simple_decrypt(YACA_ENCRYPT_AES, YACA_BCM_CTR, key, iv, + encrypted, encrypted_len, &decrypted, &decrypted_len); + if (ret != YACA_ERROR_NONE) + goto exit; + + printf("Decrypted data (16 of %zu bytes): %.16s\n\n", decrypted_len, decrypted); + } + +exit: + yaca_free(encrypted); + yaca_free(decrypted); + yaca_key_destroy(iv); + yaca_key_destroy(key); + + yaca_cleanup(); + return ret; +} +//! [Simple Encrypt API example] diff --git a/examples/key_exchange.c b/examples/key_exchange.c index ee75eac..1520a4c 100644 --- a/examples/key_exchange.c +++ b/examples/key_exchange.c @@ -18,125 +18,90 @@ /** * @file key_exchange.c - * @brief + * @brief Diffie-Helmann key exchange API example. */ -#include - +//! [Diffie-Helmann key exchange API example] #include #include #include +/* include helpers functions and definitions */ #include "misc.h" -/* send own public key and get peer public key */ -static yaca_key_h exchange_keys(const yaca_key_h pkey) +static yaca_key_h exchange_public_keys(const yaca_key_h peer_key) { int ret; - char *secret = NULL; - size_t secret_len; - char *temp_material = NULL; - size_t temp_material_len; - char *key_material = NULL; - size_t key_material_len; - char *iv_material = NULL; - size_t iv_material_len; - - yaca_key_h private_key = YACA_KEY_NULL; - yaca_key_h public_key = YACA_KEY_NULL; yaca_key_h params = YACA_KEY_NULL; - yaca_key_h aes_key = YACA_KEY_NULL; - yaca_key_h iv = YACA_KEY_NULL; - - ret = yaca_key_extract_parameters(pkey, ¶ms); - if (ret != YACA_ERROR_NONE) - goto exit; - - ret = yaca_key_generate_from_parameters(params, &private_key); - if (ret != YACA_ERROR_NONE) - goto exit; + yaca_key_h priv_key = YACA_KEY_NULL; + yaca_key_h pub_key = YACA_KEY_NULL; - ret = yaca_key_extract_public(private_key, &public_key); + ret = yaca_key_extract_parameters(peer_key, ¶ms); if (ret != YACA_ERROR_NONE) goto exit; - /* derive secret */ - ret = yaca_key_derive_dh(private_key, pkey, &secret, &secret_len); + ret = yaca_key_generate_from_parameters(params, &priv_key); if (ret != YACA_ERROR_NONE) goto exit; - key_material_len = YACA_KEY_LENGTH_192BIT / 8; - iv_material_len = YACA_KEY_LENGTH_IV_128BIT / 8; - temp_material_len = key_material_len + iv_material_len; - ret = yaca_key_derive_kdf(YACA_KDF_X962, YACA_DIGEST_SHA512, secret, secret_len, - NULL, 0, temp_material_len, &temp_material); - - if (ret != YACA_ERROR_NONE) - goto exit; - - key_material = temp_material; - iv_material = temp_material + key_material_len; - - ret = yaca_key_import(YACA_KEY_TYPE_SYMMETRIC, NULL, key_material, key_material_len, &aes_key); + ret = yaca_key_extract_public(priv_key, &pub_key); if (ret != YACA_ERROR_NONE) goto exit; - ret = yaca_key_import(YACA_KEY_TYPE_IV, NULL, iv_material, iv_material_len, &iv); - if (ret != YACA_ERROR_NONE) - goto exit; - - dump_hex(secret, secret_len, "\n***** Peer Secret: *****"); - dump_hex(key_material, key_material_len, "\n***** Peer AES key: *****"); - dump_hex(iv_material, iv_material_len, "\n***** Peer IV: *****"); - exit: - yaca_key_destroy(private_key); + yaca_key_destroy(priv_key); yaca_key_destroy(params); - yaca_key_destroy(aes_key); - yaca_key_destroy(iv); - yaca_free(secret); - yaca_free(temp_material); - return public_key; + return pub_key; } -void key_derivation(const yaca_key_h private_key) +int main() { int ret; + yaca_key_h priv_key = YACA_KEY_NULL; + yaca_key_h pub_key = YACA_KEY_NULL; + yaca_key_h peer_key = YACA_KEY_NULL; + yaca_key_h aes_key = YACA_KEY_NULL; + yaca_key_h iv = YACA_KEY_NULL; + char *secret = NULL; size_t secret_len; - char *temp_material = NULL; - size_t temp_material_len; char *key_material = NULL; size_t key_material_len; char *iv_material = NULL; size_t iv_material_len; + char *temp_material = NULL; + size_t temp_material_len; - yaca_key_h public_key = YACA_KEY_NULL; - yaca_key_h peer_key = YACA_KEY_NULL; - yaca_key_h aes_key = YACA_KEY_NULL; - yaca_key_h iv = YACA_KEY_NULL; + ret = yaca_initialize(); + if (ret != YACA_ERROR_NONE) + goto exit; - ret = yaca_key_extract_public(private_key, &public_key); + /* Key generation */ + ret = yaca_key_generate(YACA_KEY_TYPE_DH_PRIV, YACA_KEY_LENGTH_DH_RFC_2048_256, &priv_key); if (ret != YACA_ERROR_NONE) goto exit; - /* get peer public key */ - peer_key = exchange_keys(public_key); + ret = yaca_key_extract_public(priv_key, &pub_key); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Send own public key and get peer public key */ + peer_key = exchange_public_keys(pub_key); if (peer_key == YACA_KEY_NULL) goto exit; - /* derive secret */ - ret = yaca_key_derive_dh(private_key, peer_key, &secret, &secret_len); + /* Derive shared secret */ + ret = yaca_key_derive_dh(priv_key, peer_key, &secret, &secret_len); if (ret != YACA_ERROR_NONE) goto exit; - key_material_len = YACA_KEY_LENGTH_192BIT / 8; + /* Derive AES key and IV */ + key_material_len = YACA_KEY_LENGTH_256BIT / 8; iv_material_len = YACA_KEY_LENGTH_IV_128BIT / 8; temp_material_len = key_material_len + iv_material_len; - ret = yaca_key_derive_kdf(YACA_KDF_X962, YACA_DIGEST_SHA512, secret, secret_len, + ret = yaca_key_derive_kdf(YACA_KDF_X942, YACA_DIGEST_SHA512, secret, secret_len, NULL, 0, temp_material_len, &temp_material); - if (ret != YACA_ERROR_NONE) goto exit; @@ -151,68 +116,20 @@ void key_derivation(const yaca_key_h private_key) if (ret != YACA_ERROR_NONE) goto exit; - dump_hex(secret, secret_len, "\n***** My Secret: *****"); - dump_hex(key_material, key_material_len, "\n***** My AES key: *****"); - dump_hex(iv_material, iv_material_len, "\n***** My IV: *****"); + /* display key and IV in hexadecimal format */ + dump_hex(key_material, key_material_len, "***** Derived AES key: *****"); + dump_hex(iv_material, iv_material_len, "\n***** Derived IV: *****"); exit: - yaca_key_destroy(public_key); + yaca_key_destroy(priv_key); + yaca_key_destroy(pub_key); yaca_key_destroy(peer_key); yaca_key_destroy(aes_key); yaca_key_destroy(iv); yaca_free(secret); yaca_free(temp_material); -} - -int main() -{ - yaca_key_h ecdh_key = YACA_KEY_NULL; - yaca_key_h dh_params = YACA_KEY_NULL; - yaca_key_h dh_key_from_params = YACA_KEY_NULL; - yaca_key_h dh_key = YACA_KEY_NULL; - - int ret = yaca_initialize(); - if (ret != YACA_ERROR_NONE) - return ret; - - printf("\n***** Elliptic Curve Diffie Hellman key exchange and key/iv derivation *****"); - { - ret = yaca_key_generate(YACA_KEY_TYPE_EC_PRIV, YACA_KEY_LENGTH_EC_PRIME256V1, &ecdh_key); - if (ret != YACA_ERROR_NONE) - goto exit; - key_derivation(ecdh_key); - } - - printf("\n***** Diffie Hellman Diffie Hellman key exchange and key/iv derivation *****"); - { - ret = yaca_key_generate(YACA_KEY_TYPE_DH_PARAMS, - YACA_KEY_LENGTH_DH_GENERATOR_2 | 1024, &dh_params); - if (ret != YACA_ERROR_NONE) - goto exit; - - ret = yaca_key_generate_from_parameters(dh_params, &dh_key_from_params); - if (ret != YACA_ERROR_NONE) - goto exit; - - key_derivation(dh_key_from_params); - } - - printf("\n***** Diffie Hellman Diffie Hellman key exchange and key/iv derivation *****"); - { - ret = yaca_key_generate(YACA_KEY_TYPE_DH_PRIV, YACA_KEY_LENGTH_DH_RFC_2048_256, &dh_key); - if (ret != YACA_ERROR_NONE) - goto exit; - - key_derivation(dh_key); - } - -exit: - yaca_key_destroy(ecdh_key); - yaca_key_destroy(dh_params); - yaca_key_destroy(dh_key_from_params); - yaca_key_destroy(dh_key); yaca_cleanup(); - return ret; } +//! [Diffie-Helmann key exchange API example] diff --git a/examples/key_gen.c b/examples/key_gen.c index a771d81..43ab6c3 100644 --- a/examples/key_gen.c +++ b/examples/key_gen.c @@ -16,15 +16,16 @@ * limitations under the License */ -#include +/** + * @file key_gen.c + * @brief Key generation API example. + */ +//! [Key generation API example] #include #include -#include #include -#include "misc.h" - int main() { int ret; @@ -33,94 +34,51 @@ int main() ret = yaca_initialize(); if (ret != YACA_ERROR_NONE) - goto error; - - printf("This example doesn't print anything useful unless an error occured.\n" - "It is intended to be looked at only as a code example.\n" - "It might take a long time to execute though due to several keys being generated.\n"); + goto exit; /* Regular generation */ - ret = yaca_key_generate(YACA_KEY_TYPE_SYMMETRIC, YACA_KEY_LENGTH_256BIT, &key); if (ret != YACA_ERROR_NONE) - goto error; + goto exit; yaca_key_destroy(key); - ret = yaca_key_generate(YACA_KEY_TYPE_DES, YACA_KEY_LENGTH_192BIT, &key); + ret = yaca_key_generate(YACA_KEY_TYPE_RSA_PRIV, YACA_KEY_LENGTH_2048BIT, &key); if (ret != YACA_ERROR_NONE) - goto error; - yaca_key_destroy(key); - - ret = yaca_key_generate(YACA_KEY_TYPE_RSA_PRIV, YACA_KEY_LENGTH_1024BIT, &key); - if (ret != YACA_ERROR_NONE) - goto error; - yaca_key_destroy(key); - - ret = yaca_key_generate(YACA_KEY_TYPE_DSA_PRIV, YACA_KEY_LENGTH_512BIT, &key); - if (ret != YACA_ERROR_NONE) - goto error; - yaca_key_destroy(key); - - ret = yaca_key_generate(YACA_KEY_TYPE_DH_PRIV, YACA_KEY_LENGTH_DH_GENERATOR_2 | 333, &key); - if (ret != YACA_ERROR_NONE) - goto error; + goto exit; yaca_key_destroy(key); ret = yaca_key_generate(YACA_KEY_TYPE_DH_PRIV, YACA_KEY_LENGTH_DH_RFC_2048_224, &key); if (ret != YACA_ERROR_NONE) - goto error; + goto exit; yaca_key_destroy(key); ret = yaca_key_generate(YACA_KEY_TYPE_EC_PRIV, YACA_KEY_LENGTH_EC_SECP384R1, &key); if (ret != YACA_ERROR_NONE) - goto error; + goto exit; yaca_key_destroy(key); /* Params + key generation */ - - ret = yaca_key_generate(YACA_KEY_TYPE_DSA_PARAMS, YACA_KEY_LENGTH_512BIT, &key_params); - if (ret != YACA_ERROR_NONE) - goto error; - ret = yaca_key_generate_from_parameters(key_params, &key); - if (ret != YACA_ERROR_NONE) - goto error; - yaca_key_destroy(key); - yaca_key_destroy(key_params); - - ret = yaca_key_generate(YACA_KEY_TYPE_DH_PARAMS, - YACA_KEY_LENGTH_DH_GENERATOR_5 | YACA_KEY_LENGTH_2048BIT, &key_params); - if (ret != YACA_ERROR_NONE) - goto error; - ret = yaca_key_generate_from_parameters(key_params, &key); - if (ret != YACA_ERROR_NONE) - goto error; - yaca_key_destroy(key); - yaca_key_destroy(key_params); - ret = yaca_key_generate(YACA_KEY_TYPE_DH_PARAMS, YACA_KEY_LENGTH_DH_RFC_2048_256, &key_params); if (ret != YACA_ERROR_NONE) - goto error; + goto exit; ret = yaca_key_generate_from_parameters(key_params, &key); if (ret != YACA_ERROR_NONE) - goto error; + goto exit; yaca_key_destroy(key); yaca_key_destroy(key_params); ret = yaca_key_generate(YACA_KEY_TYPE_EC_PARAMS, YACA_KEY_LENGTH_EC_PRIME256V1, &key_params); if (ret != YACA_ERROR_NONE) - goto error; + goto exit; ret = yaca_key_generate_from_parameters(key_params, &key); if (ret != YACA_ERROR_NONE) - goto error; + goto exit; + +exit: yaca_key_destroy(key); yaca_key_destroy(key_params); yaca_cleanup(); - return 0; - -error: - printf("Error occured.\n"); - yaca_cleanup(); - - return 1; + return ret; } +//! [Key generation API example] diff --git a/examples/key_import_export.c b/examples/key_import_export.c deleted file mode 100644 index 4a50cb7..0000000 --- a/examples/key_import_export.c +++ /dev/null @@ -1,321 +0,0 @@ -/* - * Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved - * - * Contact: Krzysztof Jackiewicz - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License - */ - -/** - * @file key_import_export.c - * @brief - */ - -#include - -#include -#include -#include - -#include "misc.h" - -int key_import_export_sym(yaca_key_h sym) -{ - int ret; - - char *raw = NULL; - size_t raw_len; - char *b64 = NULL; - size_t b64_len; - - yaca_key_h raw_imported = YACA_KEY_NULL; - yaca_key_h b64_imported = YACA_KEY_NULL; - - - /* BASE64 */ - - ret = yaca_key_export(sym, YACA_KEY_FORMAT_DEFAULT, YACA_KEY_FILE_FORMAT_BASE64, NULL, &b64, &b64_len); - if (ret != YACA_ERROR_NONE) - return ret; - ret = yaca_key_import(YACA_KEY_TYPE_SYMMETRIC, NULL, b64, b64_len, &b64_imported); - if (ret != YACA_ERROR_NONE) - goto exit; - - printf("\n\t***** BASE64 exported key: *****\n%.*s\n", (int)b64_len, b64); - yaca_free(b64); - b64 = NULL; - - ret = yaca_key_export(b64_imported, YACA_KEY_FORMAT_DEFAULT, YACA_KEY_FILE_FORMAT_BASE64, NULL, &b64, &b64_len); - if (ret != YACA_ERROR_NONE) - goto exit; - - printf("\t***** BASE64 imported key: *****\n%.*s\n", (int)b64_len, b64); - - - /* RAW */ - - ret = yaca_key_export(sym, YACA_KEY_FORMAT_DEFAULT, YACA_KEY_FILE_FORMAT_RAW, NULL, &raw, &raw_len); - if (ret != YACA_ERROR_NONE) - goto exit; - ret = yaca_key_import(YACA_KEY_TYPE_SYMMETRIC, NULL, raw, raw_len, &raw_imported); - if (ret != YACA_ERROR_NONE) - goto exit; - - dump_hex(raw, raw_len, "\n\t***** RAW exported key: *****"); - yaca_free(raw); - raw = NULL; - - ret = yaca_key_export(raw_imported, YACA_KEY_FORMAT_DEFAULT, YACA_KEY_FILE_FORMAT_RAW, NULL, &raw, &raw_len); - if (ret != YACA_ERROR_NONE) - goto exit; - - dump_hex(raw, raw_len, "\t***** RAW imported key: *****"); - -exit: - yaca_key_destroy(raw_imported); - yaca_key_destroy(b64_imported); - yaca_free(raw); - yaca_free(b64); - - return ret; -} - -int key_import_export_asym(yaca_key_h priv, yaca_key_h pub, - yaca_key_type_e priv_type, yaca_key_type_e pub_type, - const char *algo) -{ - int ret; - - char *pem_prv = NULL; - size_t pem_prv_len; - char *der_prv = NULL; - size_t der_prv_len; - - char *pem_pub = NULL; - size_t pem_pub_len; - char *der_pub = NULL; - size_t der_pub_len; - - yaca_key_h pem_prv_imported = YACA_KEY_NULL; - yaca_key_h der_prv_imported = YACA_KEY_NULL; - yaca_key_h pem_pub_imported = YACA_KEY_NULL; - yaca_key_h der_pub_imported = YACA_KEY_NULL; - - - /* PEM private */ - - ret = yaca_key_export(priv, YACA_KEY_FORMAT_DEFAULT, YACA_KEY_FILE_FORMAT_PEM, NULL, &pem_prv, &pem_prv_len); - if (ret != YACA_ERROR_NONE) - return ret; - ret = yaca_key_import(priv_type, NULL, pem_prv, pem_prv_len, &pem_prv_imported); - if (ret != YACA_ERROR_NONE) - goto exit; - - printf("\n\t***** %s PEM exported private key: *****\n%.*s", algo, (int)pem_prv_len, pem_prv); - yaca_free(pem_prv); - pem_prv = NULL; - - ret = yaca_key_export(pem_prv_imported, YACA_KEY_FORMAT_DEFAULT, YACA_KEY_FILE_FORMAT_PEM, NULL, &pem_prv, &pem_prv_len); - if (ret != YACA_ERROR_NONE) - goto exit; - - printf("\t***** %s PEM imported private key: *****\n%.*s", algo, (int)pem_prv_len, pem_prv); - - - /* DER private */ - - ret = yaca_key_export(priv, YACA_KEY_FORMAT_DEFAULT, YACA_KEY_FILE_FORMAT_DER, NULL, &der_prv, &der_prv_len); - if (ret != YACA_ERROR_NONE) - goto exit; - ret = yaca_key_import(priv_type, NULL, der_prv, der_prv_len, &der_prv_imported); - if (ret != YACA_ERROR_NONE) - goto exit; - - dump_hex(der_prv, der_prv_len, "\n\t***** %s DER exported private key: *****", algo); - yaca_free(der_prv); - der_prv = NULL; - - ret = yaca_key_export(der_prv_imported, YACA_KEY_FORMAT_DEFAULT, YACA_KEY_FILE_FORMAT_DER, NULL, &der_prv, &der_prv_len); - if (ret != YACA_ERROR_NONE) - goto exit; - - dump_hex(der_prv, der_prv_len, "\t***** %s DER imported private key: *****", algo); - - - /* PEM public */ - - ret = yaca_key_export(pub, YACA_KEY_FORMAT_DEFAULT, YACA_KEY_FILE_FORMAT_PEM, NULL, &pem_pub, &pem_pub_len); - if (ret != YACA_ERROR_NONE) - goto exit; - ret = yaca_key_import(pub_type, NULL, pem_pub, pem_pub_len, &pem_pub_imported); - if (ret != YACA_ERROR_NONE) - goto exit; - - printf("\n\t***** %s PEM exported public key: *****\n%.*s", algo, (int)pem_pub_len, pem_pub); - yaca_free(pem_pub); - pem_pub = NULL; - - ret = yaca_key_export(pem_pub_imported, YACA_KEY_FORMAT_DEFAULT, YACA_KEY_FILE_FORMAT_PEM, NULL, &pem_pub, &pem_pub_len); - if (ret != YACA_ERROR_NONE) - goto exit; - - printf("\t***** %s PEM imported public key: *****\n%.*s", algo, (int)pem_pub_len, pem_pub); - - - /* DER public */ - - ret = yaca_key_export(pub, YACA_KEY_FORMAT_DEFAULT, YACA_KEY_FILE_FORMAT_DER, NULL, &der_pub, &der_pub_len); - if (ret != YACA_ERROR_NONE) - goto exit; - ret = yaca_key_import(pub_type, NULL, der_pub, der_pub_len, &der_pub_imported); - if (ret != YACA_ERROR_NONE) - goto exit; - - dump_hex(der_pub, der_pub_len, "\n\t***** %s DER exported public key: *****", algo); - yaca_free(der_pub); - der_pub = NULL; - - ret = yaca_key_export(der_pub_imported, YACA_KEY_FORMAT_DEFAULT, YACA_KEY_FILE_FORMAT_DER, NULL, &der_pub, &der_pub_len); - if (ret != YACA_ERROR_NONE) - goto exit; - - dump_hex(der_pub, der_pub_len, "\t***** %s DER imported public key: *****", algo); - -exit: - yaca_key_destroy(der_pub_imported); - yaca_key_destroy(pem_pub_imported); - yaca_key_destroy(der_prv_imported); - yaca_key_destroy(pem_prv_imported); - yaca_free(der_pub); - yaca_free(pem_pub); - yaca_free(der_prv); - yaca_free(pem_prv); - - return ret; -} - -int key_import_x509(void) -{ - int ret; - char *pub = NULL; - size_t pub_len; - yaca_key_h rsa_pub_from_cert = YACA_KEY_NULL; - - ret = read_file("x509.crt", &pub, &pub_len); - if (ret != YACA_ERROR_NONE) { - printf("Make sure you copied a x509.crt from yaca_root/examples to your current directory\n"); - printf("You can also generate one with:\n"); - printf("openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout x509.key -out x509.crt\n"); - return ret; - } - - ret = yaca_key_import(YACA_KEY_TYPE_RSA_PUB, NULL, pub, pub_len, &rsa_pub_from_cert); - if (ret != YACA_ERROR_NONE) - goto exit; - - yaca_free(pub); - pub = NULL; - - ret = yaca_key_export(rsa_pub_from_cert, YACA_KEY_FORMAT_DEFAULT, YACA_KEY_FILE_FORMAT_PEM, NULL, &pub, &pub_len); - if (ret != YACA_ERROR_NONE) - goto exit; - - printf("\n\t***** RSA X509 imported public key: *****\n%.*s", (int)pub_len, pub); - -exit: - yaca_key_destroy(rsa_pub_from_cert); - yaca_free(pub); - - return ret; -} - -int main() -{ - yaca_key_h sym = YACA_KEY_NULL; - yaca_key_h rsa_priv = YACA_KEY_NULL; - yaca_key_h rsa_pub = YACA_KEY_NULL; - yaca_key_h dsa_priv = YACA_KEY_NULL; - yaca_key_h dsa_pub = YACA_KEY_NULL; - int ret; - - ret = yaca_initialize(); - if (ret != YACA_ERROR_NONE) - return ret; - - ret = yaca_key_generate(YACA_KEY_TYPE_SYMMETRIC, YACA_KEY_LENGTH_1024BIT, &sym); - if (ret != YACA_ERROR_NONE) - goto exit; - - ret = yaca_key_generate(YACA_KEY_TYPE_RSA_PRIV, YACA_KEY_LENGTH_1024BIT, &rsa_priv); - if (ret != YACA_ERROR_NONE) - goto exit; - - ret = yaca_key_extract_public(rsa_priv, &rsa_pub); - if (ret != YACA_ERROR_NONE) - goto exit; - - ret = yaca_key_generate(YACA_KEY_TYPE_DSA_PRIV, YACA_KEY_LENGTH_1024BIT, &dsa_priv); - if (ret != YACA_ERROR_NONE) - goto exit; - - ret = yaca_key_extract_public(dsa_priv, &dsa_pub); - if (ret != YACA_ERROR_NONE) - goto exit; - - printf("\t***************************************\n"); - printf("\t************** SYMMETRIC **************\n"); - printf("\t***************************************\n"); - ret = key_import_export_sym(sym); - if (ret == YACA_ERROR_NONE) - printf("\n\t********* SYMMETRIC - success *********\n\n"); - else - printf("\n\t********* SYMMETRIC - failure *********\n\n"); - - printf("\t***************************************\n"); - printf("\t***************** RSA *****************\n"); - printf("\t***************************************\n"); - ret = key_import_export_asym(rsa_priv, rsa_pub, YACA_KEY_TYPE_RSA_PRIV, YACA_KEY_TYPE_RSA_PUB, "RSA"); - if (ret == YACA_ERROR_NONE) - printf("\n\t************ RSA - success ************\n\n"); - else - printf("\n\t************ RSA - failure ************\n\n"); - - printf("\t***************************************\n"); - printf("\t***************** DSA *****************\n"); - printf("\t***************************************\n"); - ret = key_import_export_asym(dsa_priv, dsa_pub, YACA_KEY_TYPE_DSA_PRIV, YACA_KEY_TYPE_DSA_PUB, "DSA"); - if (ret == YACA_ERROR_NONE) - printf("\n\t************ DSA - success ************\n\n"); - else - printf("\n\t************ DSA - failure ************\n\n"); - - printf("\t***************************************\n"); - printf("\t**************** X509 *****************\n"); - printf("\t***************************************\n"); - ret = key_import_x509(); - if (ret == YACA_ERROR_NONE) - printf("\n\t*********** X509 - success ************\n\n"); - else - printf("\n\t*********** X509 - failure ************\n\n"); - -exit: - yaca_key_destroy(dsa_pub); - yaca_key_destroy(dsa_priv); - yaca_key_destroy(rsa_pub); - yaca_key_destroy(rsa_priv); - yaca_key_destroy(sym); - - yaca_cleanup(); - - return ret; -} diff --git a/examples/key_import_export_asym.c b/examples/key_import_export_asym.c new file mode 100644 index 0000000..7d97532 --- /dev/null +++ b/examples/key_import_export_asym.c @@ -0,0 +1,114 @@ +/* + * Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved + * + * Contact: Krzysztof Jackiewicz + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License + */ + +/** + * @file key_import_export_asym.c + * @brief Asymmetric key import/export API example. + */ + +//! [Asymmetric key import/export API example] +#include + +#include +#include +#include + +/* include helpers functions and definitions */ +#include "misc.h" + +int main() +{ + int ret; + yaca_key_h rsa_priv = YACA_KEY_NULL; + yaca_key_h rsa_pub = YACA_KEY_NULL; + yaca_key_h pem_priv_imported = YACA_KEY_NULL; + yaca_key_h der_pub_imported = YACA_KEY_NULL; + + char *pem_priv = NULL; + size_t pem_priv_len; + char *der_pub = NULL; + size_t der_pub_len; + + ret = yaca_initialize(); + if (ret != YACA_ERROR_NONE) + goto exit; + + ret = yaca_key_generate(YACA_KEY_TYPE_RSA_PRIV, YACA_KEY_LENGTH_2048BIT, &rsa_priv); + if (ret != YACA_ERROR_NONE) + goto exit; + + ret = yaca_key_extract_public(rsa_priv, &rsa_pub); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* PEM private */ + ret = yaca_key_export(rsa_priv, YACA_KEY_FORMAT_DEFAULT, YACA_KEY_FILE_FORMAT_PEM, NULL, + &pem_priv, &pem_priv_len); + if (ret != YACA_ERROR_NONE) + goto exit; + + ret = yaca_key_import(YACA_KEY_TYPE_RSA_PRIV, NULL, pem_priv, pem_priv_len, &pem_priv_imported); + if (ret != YACA_ERROR_NONE) + goto exit; + + printf("\t***** PEM exported private key: *****\n%.*s", (int)pem_priv_len, pem_priv); + yaca_free(pem_priv); + pem_priv = NULL; + + ret = yaca_key_export(pem_priv_imported, YACA_KEY_FORMAT_DEFAULT, YACA_KEY_FILE_FORMAT_PEM, + NULL, &pem_priv, &pem_priv_len); + if (ret != YACA_ERROR_NONE) + goto exit; + + printf("\t***** PEM imported private key: *****\n%.*s", (int)pem_priv_len, pem_priv); + + /* DER public */ + ret = yaca_key_export(rsa_pub, YACA_KEY_FORMAT_DEFAULT, YACA_KEY_FILE_FORMAT_DER, NULL, + &der_pub, &der_pub_len); + if (ret != YACA_ERROR_NONE) + goto exit; + + ret = yaca_key_import(YACA_KEY_TYPE_RSA_PUB, NULL, der_pub, der_pub_len, &der_pub_imported); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* display key in hexadecimal format */ + dump_hex(der_pub, der_pub_len, "\n\t***** DER exported public key: *****"); + yaca_free(der_pub); + der_pub = NULL; + + ret = yaca_key_export(der_pub_imported, YACA_KEY_FORMAT_DEFAULT, YACA_KEY_FILE_FORMAT_DER, + NULL, &der_pub, &der_pub_len); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* display key in hexadecimal format */ + dump_hex(der_pub, der_pub_len, "\t***** DER imported public key: *****"); + +exit: + yaca_key_destroy(rsa_pub); + yaca_key_destroy(rsa_priv); + yaca_key_destroy(pem_priv_imported); + yaca_key_destroy(der_pub_imported); + yaca_free(pem_priv); + yaca_free(der_pub); + + yaca_cleanup(); + return ret; +} +//! [Asymmetric key import/export API example] diff --git a/examples/key_import_export_sym.c b/examples/key_import_export_sym.c new file mode 100644 index 0000000..3dafd9f --- /dev/null +++ b/examples/key_import_export_sym.c @@ -0,0 +1,108 @@ +/* + * Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved + * + * Contact: Krzysztof Jackiewicz + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License + */ + +/** + * @file key_import_export_sym.c + * @brief Symmetric key import/export API example. + */ + +//! [Symmetric key import/export API example] +#include + +#include +#include +#include + +/* include helpers functions and definitions */ +#include "misc.h" + +int main() +{ + int ret; + yaca_key_h sym_key = YACA_KEY_NULL; + yaca_key_h raw_imported = YACA_KEY_NULL; + yaca_key_h b64_imported = YACA_KEY_NULL; + + char *raw = NULL; + size_t raw_len; + char *b64 = NULL; + size_t b64_len; + + ret = yaca_initialize(); + if (ret != YACA_ERROR_NONE) + goto exit; + + ret = yaca_key_generate(YACA_KEY_TYPE_SYMMETRIC, YACA_KEY_LENGTH_256BIT, &sym_key); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* BASE64 */ + ret = yaca_key_export(sym_key, YACA_KEY_FORMAT_DEFAULT, YACA_KEY_FILE_FORMAT_BASE64, NULL, + &b64, &b64_len); + if (ret != YACA_ERROR_NONE) + goto exit; + + ret = yaca_key_import(YACA_KEY_TYPE_SYMMETRIC, NULL, b64, b64_len, &b64_imported); + if (ret != YACA_ERROR_NONE) + goto exit; + + printf("\t***** BASE64 exported key: *****\n%.*s\n", (int)b64_len, b64); + yaca_free(b64); + b64 = NULL; + + ret = yaca_key_export(b64_imported, YACA_KEY_FORMAT_DEFAULT, YACA_KEY_FILE_FORMAT_BASE64, NULL, + &b64, &b64_len); + if (ret != YACA_ERROR_NONE) + goto exit; + + printf("\t***** BASE64 imported key: *****\n%.*s\n", (int)b64_len, b64); + + /* RAW */ + ret = yaca_key_export(sym_key, YACA_KEY_FORMAT_DEFAULT, YACA_KEY_FILE_FORMAT_RAW, NULL, + &raw, &raw_len); + if (ret != YACA_ERROR_NONE) + goto exit; + + ret = yaca_key_import(YACA_KEY_TYPE_SYMMETRIC, NULL, raw, raw_len, &raw_imported); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* display key in hexadecimal format */ + dump_hex(raw, raw_len, "\n\t***** RAW exported key: *****"); + yaca_free(raw); + raw = NULL; + + ret = yaca_key_export(raw_imported, YACA_KEY_FORMAT_DEFAULT, YACA_KEY_FILE_FORMAT_RAW, NULL, + &raw, &raw_len); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* display key in hexadecimal format */ + dump_hex(raw, raw_len, "\t***** RAW imported key: *****"); + +exit: + yaca_key_destroy(sym_key); + yaca_key_destroy(raw_imported); + yaca_key_destroy(b64_imported); + yaca_free(raw); + yaca_free(b64); + + yaca_cleanup(); + return ret; +} +//! [Symmetric key import/export API example] diff --git a/examples/key_password.c b/examples/key_password.c index 7eb46b4..9c9df78 100644 --- a/examples/key_password.c +++ b/examples/key_password.c @@ -16,90 +16,85 @@ * limitations under the License */ +/** + * @file key_password.c + * @brief Key import/export with password API example. + */ + +//! [Key import/export with password API example] #include -#include #include #include -#include #include -#include "misc.h" +/* include helpers functions and definitions */ +#include "misc.h" -void example_password(const yaca_key_h key, yaca_key_format_e key_fmt, - yaca_key_file_format_e key_file_fmt) +int main() { - char *k = NULL; - size_t kl; int ret; + yaca_key_h key = YACA_KEY_NULL; char *password = NULL; - yaca_key_h lkey = YACA_KEY_NULL; + char *key_data = NULL; + size_t key_data_len; - ret = read_stdin_line("encryption pass: ", &password); + ret = yaca_initialize(); if (ret != YACA_ERROR_NONE) goto exit; - ret = yaca_key_export(key, key_fmt, key_file_fmt, password, &k, &kl); - if (ret == YACA_ERROR_INVALID_PARAMETER) - printf("invalid parameter, probably a missing password for PKCS8\n"); + ret = yaca_key_generate(YACA_KEY_TYPE_RSA_PRIV, YACA_KEY_LENGTH_2048BIT, &key); if (ret != YACA_ERROR_NONE) goto exit; - yaca_free(password); - password = NULL; + /* Export key */ + { + ret = read_stdin_line("encryption pass: ", &password); + if (ret != YACA_ERROR_NONE) + goto exit; + + ret = yaca_key_export(key, YACA_KEY_FORMAT_PKCS8, YACA_KEY_FILE_FORMAT_PEM, password, + &key_data, &key_data_len); + if (ret == YACA_ERROR_INVALID_PARAMETER) + printf("invalid parameter, probably a missing password for PKCS8\n"); + if (ret != YACA_ERROR_NONE) + goto exit; - ret = yaca_key_import(YACA_KEY_TYPE_RSA_PRIV, NULL, k, kl, &lkey); - if (ret == YACA_ERROR_INVALID_PASSWORD) { + yaca_key_destroy(key); + key = YACA_KEY_NULL; + yaca_free(password); + password = NULL; + } + + /* Import key */ + { ret = read_stdin_line("decryption pass: ", &password); if (ret != YACA_ERROR_NONE) goto exit; - ret = yaca_key_import(YACA_KEY_TYPE_RSA_PRIV, password, k, kl, &lkey); + ret = yaca_key_import(YACA_KEY_TYPE_RSA_PRIV, password, key_data, key_data_len, &key); if (ret == YACA_ERROR_INVALID_PASSWORD) printf("invalid password\n"); - } - - if (ret != YACA_ERROR_NONE) - goto exit; + if (ret != YACA_ERROR_NONE) + goto exit; - yaca_free(k); - k = NULL; + yaca_free(key_data); + key_data = NULL; - ret = yaca_key_export(lkey, key_fmt, YACA_KEY_FILE_FORMAT_PEM, password, &k, &kl); - if (ret != YACA_ERROR_NONE) - goto exit; + ret = yaca_key_export(key, YACA_KEY_FORMAT_PKCS8, YACA_KEY_FILE_FORMAT_PEM, password, + &key_data, &key_data_len); + if (ret != YACA_ERROR_NONE) + goto exit; - printf("%.*s", (int)kl, k); + printf("%.*s", (int)key_data_len, key_data); + } exit: - yaca_free(k); + yaca_free(key_data); yaca_free(password); - yaca_key_destroy(lkey); -} - -int main() -{ - int ret; - yaca_key_h key = YACA_KEY_NULL; - - ret = yaca_initialize(); - if (ret != YACA_ERROR_NONE) - goto exit; - - ret = yaca_key_generate(YACA_KEY_TYPE_RSA_PRIV, YACA_KEY_LENGTH_1024BIT, &key); - if (ret != YACA_ERROR_NONE) - goto exit; - - printf("Default format with PEM:\n"); - example_password(key, YACA_KEY_FORMAT_DEFAULT, YACA_KEY_FILE_FORMAT_PEM); - printf("\nPKCS8 format with PEM:\n"); - example_password(key, YACA_KEY_FORMAT_PKCS8, YACA_KEY_FILE_FORMAT_PEM); - printf("\nPKCS8 format with DER:\n"); - example_password(key, YACA_KEY_FORMAT_PKCS8, YACA_KEY_FILE_FORMAT_DER); - -exit: yaca_key_destroy(key); - yaca_cleanup(); - return 0; + yaca_cleanup(); + return ret; } +//! [Key import/export with password API example] diff --git a/examples/key_wrap.c b/examples/key_wrap.c index 6162397..5363268 100644 --- a/examples/key_wrap.c +++ b/examples/key_wrap.c @@ -18,46 +18,48 @@ /** * @file key_wrap.c - * @brief + * @brief Key wrapping API example. */ -#include -#include - +//! [Key wrapping API example] #include #include #include #include #include +/* include helpers functions and definitions */ #include "misc.h" -void key_wrap_aes(void) +int main() { int ret; - yaca_key_h sym_key = YACA_KEY_NULL; - yaca_key_h iv = YACA_KEY_NULL; yaca_key_h aes_key = YACA_KEY_NULL; - + yaca_key_h key = YACA_KEY_NULL; + yaca_key_h iv = YACA_KEY_NULL; size_t iv_bit_len; - char *key_data = NULL; - size_t key_data_len; - char *wrapped_key = NULL; - size_t wrapped_key_len; - printf("\n***** AES key wrapping ******\n"); + char *aes_key_data = NULL; + size_t aes_key_data_len; + char *wrapped_key_data = NULL; + size_t wrapped_key_data_len; + + ret = yaca_initialize(); + if (ret != YACA_ERROR_NONE) + goto exit; + /* Generate key to wrap */ ret = yaca_key_generate(YACA_KEY_TYPE_SYMMETRIC, YACA_KEY_LENGTH_256BIT, &aes_key); if (ret != YACA_ERROR_NONE) goto exit; - ret = yaca_key_generate(YACA_KEY_TYPE_SYMMETRIC, YACA_KEY_LENGTH_192BIT, &sym_key); + /* Key generation */ + ret = yaca_key_generate(YACA_KEY_TYPE_SYMMETRIC, YACA_KEY_LENGTH_256BIT, &key); if (ret != YACA_ERROR_NONE) goto exit; - ret = yaca_encrypt_get_iv_bit_length(YACA_ENCRYPT_AES, - YACA_BCM_WRAP, - YACA_KEY_LENGTH_192BIT, + /* IV generation */ + ret = yaca_encrypt_get_iv_bit_length(YACA_ENCRYPT_AES, YACA_BCM_WRAP, YACA_KEY_LENGTH_256BIT, &iv_bit_len); if (ret != YACA_ERROR_NONE) goto exit; @@ -71,139 +73,51 @@ void key_wrap_aes(void) /* Key wrapping */ { ret = yaca_key_export(aes_key, YACA_KEY_FORMAT_DEFAULT, YACA_KEY_FILE_FORMAT_RAW, NULL, - &key_data, &key_data_len); + &aes_key_data, &aes_key_data_len); if (ret != YACA_ERROR_NONE) goto exit; - ret = yaca_simple_encrypt(YACA_ENCRYPT_AES, YACA_BCM_WRAP, sym_key, iv, - key_data, key_data_len, - &wrapped_key, &wrapped_key_len); + ret = yaca_simple_encrypt(YACA_ENCRYPT_AES, YACA_BCM_WRAP, key, iv, + aes_key_data, aes_key_data_len, + &wrapped_key_data, &wrapped_key_data_len); if (ret != YACA_ERROR_NONE) goto exit; - dump_hex(key_data, key_data_len, "***** Unwrapped key:*****"); - dump_hex(wrapped_key, wrapped_key_len, "***** Wrapped key:*****"); + /* display key in hexadecimal format */ + dump_hex(aes_key_data, aes_key_data_len, "***** Unwrapped key:*****"); + dump_hex(wrapped_key_data, wrapped_key_data_len, "***** Wrapped key:*****"); } - yaca_free(key_data); - key_data = NULL; + yaca_free(aes_key_data); + aes_key_data = NULL; yaca_key_destroy(aes_key); aes_key = YACA_KEY_NULL; /* Key unwrapping */ { - ret = yaca_simple_decrypt(YACA_ENCRYPT_AES, YACA_BCM_WRAP, sym_key, iv, - wrapped_key, wrapped_key_len, - &key_data, &key_data_len); + ret = yaca_simple_decrypt(YACA_ENCRYPT_AES, YACA_BCM_WRAP, key, iv, + wrapped_key_data, wrapped_key_data_len, + &aes_key_data, &aes_key_data_len); if (ret != YACA_ERROR_NONE) goto exit; - ret = yaca_key_import(YACA_KEY_TYPE_SYMMETRIC, NULL, key_data, key_data_len, &aes_key); + ret = yaca_key_import(YACA_KEY_TYPE_SYMMETRIC, NULL, aes_key_data, aes_key_data_len, + &aes_key); if (ret != YACA_ERROR_NONE) goto exit; - dump_hex(key_data, key_data_len, "***** Unwrapped key:*****"); + /* display key in hexadecimal format */ + dump_hex(aes_key_data, aes_key_data_len, "***** Unwrapped key:*****"); } exit: yaca_key_destroy(aes_key); - yaca_key_destroy(sym_key); + yaca_key_destroy(key); yaca_key_destroy(iv); - yaca_free(key_data); - yaca_free(wrapped_key); -} - -void key_wrap_des(void) -{ - int ret; - yaca_key_h sym_key = YACA_KEY_NULL; - yaca_key_h iv = YACA_KEY_NULL; - yaca_key_h des_key = YACA_KEY_NULL; - - size_t iv_bit_len; - char *key_data = NULL; - size_t key_data_len; - char *wrapped_key = NULL; - size_t wrapped_key_len; - - printf("\n***** 3DES key wrapping ******\n"); - - ret = yaca_key_generate(YACA_KEY_TYPE_DES, YACA_KEY_LENGTH_192BIT, &des_key); - if (ret != YACA_ERROR_NONE) - goto exit; - - ret = yaca_key_generate(YACA_KEY_TYPE_DES, YACA_KEY_LENGTH_192BIT, &sym_key); - if (ret != YACA_ERROR_NONE) - goto exit; - - ret = yaca_encrypt_get_iv_bit_length(YACA_ENCRYPT_3DES_3TDEA, - YACA_BCM_WRAP, - YACA_KEY_LENGTH_192BIT, - &iv_bit_len); - if (ret != YACA_ERROR_NONE) - goto exit; - - if (iv_bit_len > 0) { - ret = yaca_key_generate(YACA_KEY_TYPE_IV, iv_bit_len, &iv); - if (ret != YACA_ERROR_NONE) - goto exit; - } - - /* Key wrapping */ - { - ret = yaca_key_export(des_key, YACA_KEY_FORMAT_DEFAULT, YACA_KEY_FILE_FORMAT_RAW, NULL, - &key_data, &key_data_len); - if (ret != YACA_ERROR_NONE) - goto exit; - - ret = yaca_simple_encrypt(YACA_ENCRYPT_3DES_3TDEA, YACA_BCM_WRAP, sym_key, iv, - key_data, key_data_len, - &wrapped_key, &wrapped_key_len); - if (ret != YACA_ERROR_NONE) - goto exit; - - dump_hex(key_data, key_data_len, "***** Unwrapped key:*****"); - dump_hex(wrapped_key, wrapped_key_len, "***** Wrapped key:*****"); - } - - yaca_free(key_data); - key_data = NULL; - yaca_key_destroy(des_key); - des_key = YACA_KEY_NULL; - - /* Key unwrapping */ - { - ret = yaca_simple_decrypt(YACA_ENCRYPT_3DES_3TDEA, YACA_BCM_WRAP, sym_key, iv, - wrapped_key, wrapped_key_len, - &key_data, &key_data_len); - if (ret != YACA_ERROR_NONE) - goto exit; - - ret = yaca_key_import(YACA_KEY_TYPE_DES, NULL, key_data, key_data_len, &des_key); - if (ret != YACA_ERROR_NONE) - goto exit; - - dump_hex(key_data, key_data_len, "***** Unwrapped key:*****"); - } - -exit: - yaca_key_destroy(des_key); - yaca_key_destroy(sym_key); - yaca_key_destroy(iv); - yaca_free(key_data); - yaca_free(wrapped_key); -} - -int main() -{ - int ret = yaca_initialize(); - if (ret != YACA_ERROR_NONE) - return ret; - - key_wrap_aes(); - key_wrap_des(); + yaca_free(aes_key_data); + yaca_free(wrapped_key_data); yaca_cleanup(); return ret; } - +//! [Key wrapping API example] diff --git a/examples/lorem.c b/examples/lorem.c deleted file mode 100644 index d6f9f42..0000000 --- a/examples/lorem.c +++ /dev/null @@ -1,37 +0,0 @@ -/* - * Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved - * - * Contact: Krzysztof Jackiewicz - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License - */ - -/** - * @file lorem.c - * @brief Lorem Ipsum - */ - -#include "lorem.h" - -const char lorem8[LOREM8_SIZE] = "Lorem i"; -const char lorem16[LOREM16_SIZE] = "Lorem ipsum dol"; -const char lorem1024[LOREM1024_SIZE] = "Lorem ipsum dolor sit amet, consectetur adipiscing elit. Donec non dolor tincidunt, vehicula erat non, pulvinar nisl. Suspendisse gravida commodo hendrerit. Sed ex magna, aliquet malesuada lectus ut, porttitor tincidunt ante. Nulla facilisi. Morbi nec scelerisque risus. Sed a gravida sapien. Cras sed neque bibendum, dapibus lectus sed, porta nulla. Morbi tristique velit lacus, at luctus turpis mollis sed. Nam quis sapien eu magna cursus venenatis. Phasellus et vestibulum urna, non pellentesque ex. Class aptent taciti sociosqu ad litora torquent per conubia nostra, per inceptos himenaeos. Etiam pretium aliquam porta.\ -Morbi magna metus, commodo in fermentum id, mattis pretium mauris. Donec sed rhoncus justo. Duis fringilla sem quis velit dignissim bibendum. Sed porta efficitur ipsum, in dignissim magna molestie eu. Sed elementum maximus risus. Quisque cursus urna lectus, sit amet fringilla purus tempor eu. Praesent tincidunt dolor sit amet dolor vulputate, et molestie tellus euismod. Proin suscipit dictum amet."; - -const char lorem4096[LOREM4096_SIZE] = "Lorem ipsum dolor sit amet, consectetur adipiscing elit. Vivamus congue semper ipsum, ac convallis magna rhoncus sit amet. Donec pellentesque maximus convallis. Mauris ut egestas sem. Maecenas efficitur suscipit auctor. Nunc malesuada laoreet porttitor. Donec gravida tortor nisi, in mattis lectus porta ut. Integer vehicula eros et tellus placerat, nec fermentum justo aliquet.\ -Maecenas metus massa, ultrices et ultricies sed, imperdiet nec dolor. Nam eget massa eros. Proin vitae laoreet metus, at scelerisque massa. Nullam convallis dolor id nisl iaculis, a gravida risus pretium. Proin non nunc eget nibh fermentum dignissim. Nullam tristique, odio eget rutrum sagittis, tortor purus cursus nunc, nec iaculis quam nunc ac metus. Cras ut tortor a eros porta vehicula non at lectus. Aliquam volutpat quis nisi ut mattis. Curabitur semper vehicula ultrices. Aenean cursus laoreet venenatis. Aenean vulputate, nisl id facilisis fringilla, neque velit posuere libero, et viverra tortor felis vitae urna. Sed in congue nunc. Fusce molestie tempor pharetra. Cras sodales pulvinar nunc non sollicitudin.\ -Maecenas vehicula metus ac tristique ultricies. Suspendisse potenti. Pellentesque suscipit egestas augue, sed dictum orci. Pellentesque eu lorem ultricies, vestibulum est in, bibendum turpis. Proin placerat tincidunt metus, eget volutpat dolor. Pellentesque varius leo eget velit lobortis, sit amet congue orci bibendum. Aliquam vitae posuere lorem. Donec sed convallis diam. Quisque aliquam interdum purus, eu ornare ex ullamcorper iaculis. In sit amet nisl eu nisl ultricies dapibus. Aenean finibus efficitur elit ut sodales. Nam sit amet auctor sem, eu iaculis nunc. Vivamus mattis arcu a viverra faucibus. In dignissim, nisi sit amet consectetur tempus, lorem dui fringilla augue, sit amet lacinia lectus sapien efficitur odio.\ -Nullam et egestas enim. Nam sit amet mi malesuada, dapibus felis quis, viverra mauris. Ut quis enim eu neque porta vehicula. Etiam ullamcorper vitae turpis vehicula blandit. Maecenas blandit tristique semper. Aliquam at sagittis enim. Donec quis molestie urna. Duis ut urna blandit, pellentesque magna ultrices, dignissim mi. Morbi fermentum ex massa, ut facilisis est tincidunt vel. Nam sed erat in lacus molestie mattis quis ut leo. Phasellus tempus elit urna, eget sagittis purus volutpat sed. Suspendisse aliquam, sem vel gravida lobortis, tortor orci ornare nisi, sed mollis ligula sem nec risus. In a ex nibh. Praesent odio est, molestie sed vestibulum id, varius sit amet lectus. Donec vel diam efficitur, tristique ligula a, aliquet felis. Nullam sit amet neque tellus.\ -Phasellus aliquet non libero non aliquet. Aliquam efficitur ultrices tortor vitae lobortis. Pellentesque sed dolor quis nisl faucibus eleifend vitae ultrices est. Integer et libero quis nisl sollicitudin volutpat sit amet a quam. Vivamus commodo dolor augue, volutpat dapibus odio dapibus et. Nulla sed congue nisl. Duis nunc sem, condimentum nec neque ac, blandit blandit quam. Integer tincidunt ipsum nec risus viverra mollis. In porta porttitor mattis. Nulla ac eleifend nibh. Vivamus suscipit at nunc ac interdum. In fermentum fringilla odio.\ -Sed nec erat eget mauris varius pulvinar. Ut fermentum ante non erat elementum, vitae tempor velit blandit. Curabitur turpis tellus, sodales sit amet mattis nec, volutpat ac magna. Nulla quam orci, rutrum sit amet imperdiet ut, iaculis in nisl. Donec semper vitae tellus nec bibendum. Nam pharetra hendrerit sapien quis rutrum. Morbi tincidunt justo ut sodales ullamcorper. Suspendisse eget pellentesque nulla, non placerat purus. Donec placerat id turpis in interdum. Curabitur lobortis risus et placerat commodo. Morbi pulvinar eros leo, scelerisque rutrum arcu pretium at. Quisque eget diam dui. Quisque bibendum luctus arcu quis semper. Nullam erat lacus, lacinia sit amet neque aliquam, lacinia maximus lorem.\ -Nunc ac purus vel sem laoreet interdum quis eget ligula. Aenean id nisl ut quam vehicula pretium sed sit amet urna. Aenean diam lorem, vehicula et sapien nec, pellentesque consectetur libero. Cras fringilla nibh eu libero nullam."; diff --git a/examples/lorem.h b/examples/lorem.h deleted file mode 100644 index 8d1ad45..0000000 --- a/examples/lorem.h +++ /dev/null @@ -1,45 +0,0 @@ -/* - * Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved - * - * Contact: Krzysztof Jackiewicz - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License - */ - -/** - * @file lorem.h - * @brief - */ - -#ifndef LOREM_H -#define LOREM_H - -#include - -/** - * Test strings, sizes include null-termination - */ -extern const char lorem8[]; -extern const char lorem16[]; -extern const char lorem1024[]; -extern const char lorem4096[]; - -/** - * Sizes of test strings - */ -#define LOREM8_SIZE ((size_t)8) -#define LOREM16_SIZE ((size_t)16) -#define LOREM1024_SIZE ((size_t)1024) -#define LOREM4096_SIZE ((size_t)4096) - -#endif diff --git a/examples/misc.c b/examples/misc.c index 07784d7..6478fc5 100644 --- a/examples/misc.c +++ b/examples/misc.c @@ -20,12 +20,7 @@ * @file misc.c * @brief */ - -#define _POSIX_C_SOURCE 200809L - -#include -#include -#include +#define _GNU_SOURCE #include @@ -45,81 +40,6 @@ void dump_hex(const char *buf, size_t dump_len, const char *fmt, ...) BIO_dump_fp(stdout, buf, dump_len); } -void debug_func(const char *buf) -{ - puts(buf); -} - -int write_file(const char *path, const char *data, size_t data_len) -{ - size_t written = 0; - FILE *f; - - f = fopen(path, "w"); - if (f == NULL) - return -1; - - while (written != data_len) { - int ret = fwrite(data + written, 1, data_len - written, f); - - if (ferror(f) != 0) { - fclose(f); - return -1; - } - - written += ret; - } - - fclose(f); - return 0; -} - -#define BUF_SIZE 512 - -int read_file(const char *path, char **data, size_t *data_len) -{ - int ret; - char tmp[BUF_SIZE]; - char *buf = NULL; - size_t buf_len = 0; - FILE *f; - - f = fopen(path, "r"); - if (f == NULL) - return -1; - - for (;;) { - size_t read = fread(tmp, 1, BUF_SIZE, f); - - if (read > 0) { - if (yaca_realloc(buf_len + read, (void**)&buf) != YACA_ERROR_NONE) { - ret = -1; - break; - } - - memcpy(buf + buf_len, tmp, read); - buf_len += read; - } - - if (ferror(f) != 0) { - ret = -1; - break; - } - - if (feof(f)) { - *data = buf; - *data_len = buf_len; - buf = NULL; - ret = 0; - break; - } - } - - fclose(f); - free(buf); - return ret; -} - int read_stdin_line(const char *prompt, char **string) { char *buf = NULL; @@ -132,15 +52,25 @@ int read_stdin_line(const char *prompt, char **string) read = getline(&buf, &size, stdin); if (read <= 0) { free(buf); - return -1; + return YACA_ERROR_INVALID_PARAMETER; } - if (yaca_realloc(read, (void**)&buf) != YACA_ERROR_NONE) { - free(buf); - return -1; + int ret = yaca_realloc(read, (void**)&buf); + if (ret != YACA_ERROR_NONE) { + yaca_free(buf); + return ret; } buf[read - 1] = '\0'; *string = buf; - return 0; + return YACA_ERROR_NONE; } + +const char INPUT_DATA[INPUT_DATA_SIZE] = "Lorem ipsum dolor sit amet, consectetur adipiscing elit. Vivamus congue semper ipsum, ac convallis magna rhoncus sit amet. Donec pellentesque maximus convallis. Mauris ut egestas sem. Maecenas efficitur suscipit auctor. Nunc malesuada laoreet porttitor. Donec gravida tortor nisi, in mattis lectus porta ut. Integer vehicula eros et tellus placerat, nec fermentum justo aliquet.\ +Maecenas metus massa, ultrices et ultricies sed, imperdiet nec dolor. Nam eget massa eros. Proin vitae laoreet metus, at scelerisque massa. Nullam convallis dolor id nisl iaculis, a gravida risus pretium. Proin non nunc eget nibh fermentum dignissim. Nullam tristique, odio eget rutrum sagittis, tortor purus cursus nunc, nec iaculis quam nunc ac metus. Cras ut tortor a eros porta vehicula non at lectus. Aliquam volutpat quis nisi ut mattis. Curabitur semper vehicula ultrices. Aenean cursus laoreet venenatis. Aenean vulputate, nisl id facilisis fringilla, neque velit posuere libero, et viverra tortor felis vitae urna. Sed in congue nunc. Fusce molestie tempor pharetra. Cras sodales pulvinar nunc non sollicitudin.\ +Maecenas vehicula metus ac tristique ultricies. Suspendisse potenti. Pellentesque suscipit egestas augue, sed dictum orci. Pellentesque eu lorem ultricies, vestibulum est in, bibendum turpis. Proin placerat tincidunt metus, eget volutpat dolor. Pellentesque varius leo eget velit lobortis, sit amet congue orci bibendum. Aliquam vitae posuere lorem. Donec sed convallis diam. Quisque aliquam interdum purus, eu ornare ex ullamcorper iaculis. In sit amet nisl eu nisl ultricies dapibus. Aenean finibus efficitur elit ut sodales. Nam sit amet auctor sem, eu iaculis nunc. Vivamus mattis arcu a viverra faucibus. In dignissim, nisi sit amet consectetur tempus, lorem dui fringilla augue, sit amet lacinia lectus sapien efficitur odio.\ +Nullam et egestas enim. Nam sit amet mi malesuada, dapibus felis quis, viverra mauris. Ut quis enim eu neque porta vehicula. Etiam ullamcorper vitae turpis vehicula blandit. Maecenas blandit tristique semper. Aliquam at sagittis enim. Donec quis molestie urna. Duis ut urna blandit, pellentesque magna ultrices, dignissim mi. Morbi fermentum ex massa, ut facilisis est tincidunt vel. Nam sed erat in lacus molestie mattis quis ut leo. Phasellus tempus elit urna, eget sagittis purus volutpat sed. Suspendisse aliquam, sem vel gravida lobortis, tortor orci ornare nisi, sed mollis ligula sem nec risus. In a ex nibh. Praesent odio est, molestie sed vestibulum id, varius sit amet lectus. Donec vel diam efficitur, tristique ligula a, aliquet felis. Nullam sit amet neque tellus.\ +Phasellus aliquet non libero non aliquet. Aliquam efficitur ultrices tortor vitae lobortis. Pellentesque sed dolor quis nisl faucibus eleifend vitae ultrices est. Integer et libero quis nisl sollicitudin volutpat sit amet a quam. Vivamus commodo dolor augue, volutpat dapibus odio dapibus et. Nulla sed congue nisl. Duis nunc sem, condimentum nec neque ac, blandit blandit quam. Integer tincidunt ipsum nec risus viverra mollis. In porta porttitor mattis. Nulla ac eleifend nibh. Vivamus suscipit at nunc ac interdum. In fermentum fringilla odio.\ +Sed nec erat eget mauris varius pulvinar. Ut fermentum ante non erat elementum, vitae tempor velit blandit. Curabitur turpis tellus, sodales sit amet mattis nec, volutpat ac magna. Nulla quam orci, rutrum sit amet imperdiet ut, iaculis in nisl. Donec semper vitae tellus nec bibendum. Nam pharetra hendrerit sapien quis rutrum. Morbi tincidunt justo ut sodales ullamcorper. Suspendisse eget pellentesque nulla, non placerat purus. Donec placerat id turpis in interdum. Curabitur lobortis risus et placerat commodo. Morbi pulvinar eros leo, scelerisque rutrum arcu pretium at. Quisque eget diam dui. Quisque bibendum luctus arcu quis semper. Nullam erat lacus, lacinia sit amet neque aliquam, lacinia maximus lorem.\ +Nunc ac purus vel sem laoreet interdum quis eget ligula. Aenean id nisl ut quam vehicula pretium sed sit amet urna. Aenean diam lorem, vehicula et sapien nec, pellentesque consectetur libero. Cras fringilla nibh eu libero nullam."; + diff --git a/examples/misc.h b/examples/misc.h index 33c50bb..70f3454 100644 --- a/examples/misc.h +++ b/examples/misc.h @@ -24,16 +24,11 @@ #ifndef MISC_H #define MISC_H -#include +extern const char INPUT_DATA[]; +#define INPUT_DATA_SIZE ((size_t)4096) void dump_hex(const char *buf, size_t dump_len, const char *fmt, ...); -void debug_func(const char *buf); - -int write_file(const char *path, const char *data, size_t data_len); - -int read_file(const char *path, char **data, size_t *data_len); - int read_stdin_line(const char *prompt, char **string); #endif /* MISC_H */ diff --git a/examples/rsa.c b/examples/rsa.c deleted file mode 100644 index 1c0487b..0000000 --- a/examples/rsa.c +++ /dev/null @@ -1,150 +0,0 @@ -/* - * Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved - * - * Contact: Krzysztof Jackiewicz - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License - */ - -/** - * @file rsa.c - * @brief - */ - -#include - -#include -#include -#include -#include -#include - -#include "lorem.h" -#include "misc.h" - -static int public_encrypt() -{ - yaca_key_h prv_key = YACA_KEY_NULL; - yaca_key_h pub_key = YACA_KEY_NULL; - char *ciphertext = NULL; - size_t ciphertext_len; - char *plaintext = NULL; - size_t plaintext_len; - const size_t key_bit_len = YACA_KEY_LENGTH_1024BIT; - const size_t input_len = key_bit_len / 8 - 12; - int ret; - - printf("Plain data (16 of %zu bytes): %.16s\n", input_len, lorem1024); - - /* Key generation */ - ret = yaca_key_generate(YACA_KEY_TYPE_RSA_PRIV, key_bit_len, &prv_key); - if (ret != YACA_ERROR_NONE) - return ret; - - ret = yaca_key_extract_public(prv_key, &pub_key); - if (ret != YACA_ERROR_NONE) - goto exit; - - /* encrypt with PKCS1 padding */ - ret = yaca_rsa_public_encrypt(YACA_PADDING_PKCS1, pub_key, - lorem1024, input_len, - &ciphertext, &ciphertext_len); - if (ret != YACA_ERROR_NONE) - goto exit; - - dump_hex(ciphertext, 16, "Encrypted data (16 of %zu bytes): ", ciphertext_len); - - /* - * YACA_PADDING_PKCS1_SSLV23 is compatible with YACA_PADDING_PKCS1. It is used to detect if - * both the encrypting and decrypting side used YACA_PADDING_PKCS1_SSLV23, that is, both are - * SSL3 capable but use the SSL2 (rollback attack detection). - */ - ret = yaca_rsa_private_decrypt(YACA_PADDING_PKCS1_SSLV23, prv_key, - ciphertext, ciphertext_len, - &plaintext, &plaintext_len); - if (ret != YACA_ERROR_NONE) - goto exit; - - printf("Decrypted data (16 of %zu bytes): %.16s\n\n", plaintext_len, plaintext); - -exit: - yaca_free(ciphertext); - yaca_free(plaintext); - yaca_key_destroy(prv_key); - yaca_key_destroy(pub_key); - return ret; -} - -static int private_encrypt() -{ - yaca_key_h prv_key = YACA_KEY_NULL; - yaca_key_h pub_key = YACA_KEY_NULL; - char *ciphertext = NULL; - size_t ciphertext_len; - char *plaintext = NULL; - size_t plaintext_len; - const size_t key_bit_len = YACA_KEY_LENGTH_1024BIT; - const size_t input_len = key_bit_len / 8 - 12; - int ret; - - printf("Plain data (16 of %zu bytes): %.16s\n", input_len, lorem1024); - - /* Key generation */ - ret = yaca_key_generate(YACA_KEY_TYPE_RSA_PRIV, key_bit_len, &prv_key); - if (ret != YACA_ERROR_NONE) - return ret; - - ret = yaca_key_extract_public(prv_key, &pub_key); - if (ret != YACA_ERROR_NONE) - goto exit; - - ret = yaca_rsa_private_encrypt(YACA_PADDING_PKCS1, prv_key, - lorem1024, input_len, - &ciphertext, &ciphertext_len); - if (ret != YACA_ERROR_NONE) - goto exit; - - dump_hex(ciphertext, 16, "Encrypted data (16 of %zu bytes): ", ciphertext_len); - - ret = yaca_rsa_public_decrypt(YACA_PADDING_PKCS1, pub_key, - ciphertext, ciphertext_len, - &plaintext, &plaintext_len); - if (ret != YACA_ERROR_NONE) - goto exit; - - printf("Decrypted data (16 of %zu bytes): %.16s\n\n", plaintext_len, plaintext); - -exit: - yaca_free(ciphertext); - yaca_free(plaintext); - yaca_key_destroy(prv_key); - yaca_key_destroy(pub_key); - return ret; -} - -int main() -{ - int ret = yaca_initialize(); - if (ret != YACA_ERROR_NONE) - return ret; - - ret = public_encrypt(); - if (ret != YACA_ERROR_NONE) - goto exit; - - ret = private_encrypt(); - -exit: - yaca_cleanup(); - return ret; -} diff --git a/examples/rsa_private.c b/examples/rsa_private.c new file mode 100644 index 0000000..d8b9818 --- /dev/null +++ b/examples/rsa_private.c @@ -0,0 +1,94 @@ +/* + * Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved + * + * Contact: Krzysztof Jackiewicz + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License + */ + +/** + * @file rsa_private.c + * @brief Private RSA Encrypt API example. + */ + +//! [Private RSA Encrypt API example] +#include + +#include +#include +#include +#include + +/* include helpers functions and definitions */ +#include "misc.h" + +int main() +{ + int ret; + yaca_key_h rsa_priv = YACA_KEY_NULL; + yaca_key_h rsa_pub = YACA_KEY_NULL; + + char *encrypted = NULL; + char *decrypted = NULL; + size_t encrypted_len; + size_t decrypted_len; + + const size_t key_bit_len = YACA_KEY_LENGTH_1024BIT; + const size_t input_len = key_bit_len / 8 - 12; + + printf("Plain data (16 of %zu bytes): %.16s\n", input_len, INPUT_DATA); + + ret = yaca_initialize(); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Key generation */ + ret = yaca_key_generate(YACA_KEY_TYPE_RSA_PRIV, key_bit_len, &rsa_priv); + if (ret != YACA_ERROR_NONE) + goto exit; + + ret = yaca_key_extract_public(rsa_priv, &rsa_pub); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Encryption */ + { + ret = yaca_rsa_private_encrypt(YACA_PADDING_PKCS1, rsa_priv, INPUT_DATA, input_len, + &encrypted, &encrypted_len); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* display encrypted data in hexadecimal format */ + dump_hex(encrypted, 16, "Encrypted data (16 of %zu bytes): ", encrypted_len); + } + + /* Decryption */ + { + ret = yaca_rsa_public_decrypt(YACA_PADDING_PKCS1, rsa_pub, encrypted, encrypted_len, + &decrypted, &decrypted_len); + if (ret != YACA_ERROR_NONE) + goto exit; + + printf("Decrypted data (16 of %zu bytes): %.16s\n\n", decrypted_len, decrypted); + } + +exit: + yaca_free(encrypted); + yaca_free(decrypted); + yaca_key_destroy(rsa_priv); + yaca_key_destroy(rsa_pub); + + yaca_cleanup(); + return ret; +} +//! [Private RSA Encrypt API example] diff --git a/examples/rsa_public.c b/examples/rsa_public.c new file mode 100644 index 0000000..08c788a --- /dev/null +++ b/examples/rsa_public.c @@ -0,0 +1,100 @@ +/* + * Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved + * + * Contact: Krzysztof Jackiewicz + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License + */ + +/** + * @file rsa_public.c + * @brief Public RSA Encrypt API example. + */ + +//! [Public RSA Encrypt API example] +#include + +#include +#include +#include +#include + +/* include helpers functions and definitions */ +#include "misc.h" + +int main() +{ + int ret; + yaca_key_h rsa_priv = YACA_KEY_NULL; + yaca_key_h rsa_pub = YACA_KEY_NULL; + + char *encrypted = NULL; + char *decrypted = NULL; + size_t encrypted_len; + size_t decrypted_len; + + const size_t key_bit_len = YACA_KEY_LENGTH_1024BIT; + const size_t input_len = key_bit_len / 8 - 12; + + printf("Plain data (16 of %zu bytes): %.16s\n", input_len, INPUT_DATA); + + ret = yaca_initialize(); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Key generation */ + ret = yaca_key_generate(YACA_KEY_TYPE_RSA_PRIV, key_bit_len, &rsa_priv); + if (ret != YACA_ERROR_NONE) + goto exit; + + ret = yaca_key_extract_public(rsa_priv, &rsa_pub); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Encryption */ + { + ret = yaca_rsa_public_encrypt(YACA_PADDING_PKCS1, rsa_pub, INPUT_DATA, input_len, + &encrypted, &encrypted_len); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* display encrypted data in hexadecimal format */ + dump_hex(encrypted, 16, "Encrypted data (16 of %zu bytes): ", encrypted_len); + } + + /* + * YACA_PADDING_PKCS1_SSLV23 is compatible with YACA_PADDING_PKCS1. It is used to detect if + * both the encrypting and decrypting side used YACA_PADDING_PKCS1_SSLV23, that is, both are + * SSL3 capable but use the SSL2 (rollback attack detection). + */ + + /* Decryption */ + { + ret = yaca_rsa_private_decrypt(YACA_PADDING_PKCS1, rsa_priv, encrypted, encrypted_len, + &decrypted, &decrypted_len); + if (ret != YACA_ERROR_NONE) + goto exit; + + printf("Decrypted data (16 of %zu bytes): %.16s\n\n", decrypted_len, decrypted); + } + +exit: + yaca_free(encrypted); + yaca_free(decrypted); + yaca_key_destroy(rsa_priv); + yaca_key_destroy(rsa_pub); + + yaca_cleanup(); + return ret; +} +//! [Public RSA Encrypt API example] diff --git a/examples/seal.c b/examples/seal.c index 494c416..821df48 100644 --- a/examples/seal.c +++ b/examples/seal.c @@ -18,9 +18,10 @@ /** * @file seal.c - * @brief + * @brief Asymmetric Encryption API example. */ +//! [Asymmetric Encryption API example] #include #include @@ -28,346 +29,86 @@ #include #include -#include "lorem.h" +/* include helpers functions and definitions */ #include "misc.h" -void encrypt_seal(const yaca_encrypt_algorithm_e algo, - const yaca_block_cipher_mode_e bcm, - const size_t key_bit_len) +int main() { + int ret; yaca_context_h ctx = YACA_CONTEXT_NULL; - yaca_key_h key_pub = YACA_KEY_NULL; - yaca_key_h key_priv = YACA_KEY_NULL; + yaca_key_h rsa_pub = YACA_KEY_NULL; + yaca_key_h rsa_priv = YACA_KEY_NULL; yaca_key_h sym_key = YACA_KEY_NULL; yaca_key_h iv = YACA_KEY_NULL; - char *enc = NULL; - char *dec = NULL; - size_t enc_len; - size_t dec_len; + char *encrypted = NULL; + char *decrypted = NULL; + size_t encrypted_len; + size_t decrypted_len; size_t block_len; size_t output_len; size_t written_len; - printf("Plain data (16 of %zu bytes): %.16s\n", LOREM4096_SIZE, lorem4096); - - /* Generate key pair */ - if (yaca_key_generate(YACA_KEY_TYPE_RSA_PRIV, YACA_KEY_LENGTH_4096BIT, &key_priv) != YACA_ERROR_NONE) - return; - - if (yaca_key_extract_public(key_priv, &key_pub) != YACA_ERROR_NONE) + ret = yaca_initialize(); + if (ret != YACA_ERROR_NONE) goto exit; - /* Encrypt a.k.a. seal */ - { - if (yaca_seal_initialize(&ctx, key_pub, algo, bcm, key_bit_len, &sym_key, &iv) != YACA_ERROR_NONE) - goto exit; - - /* For the update */ - if (yaca_context_get_output_length(ctx, LOREM4096_SIZE, &output_len) != YACA_ERROR_NONE) - goto exit; - - /* For the finalize */ - if (yaca_context_get_output_length(ctx, 0, &block_len) != YACA_ERROR_NONE) - goto exit; - - /* Calculate max output: size of update + final chunks */ - enc_len = output_len + block_len; - if (yaca_malloc(enc_len, (void**)&enc) != YACA_ERROR_NONE) - goto exit; - - /* Seal and finalize */ - if (yaca_seal_update(ctx, lorem4096, LOREM4096_SIZE, enc, &written_len) != YACA_ERROR_NONE) - goto exit; - - enc_len = written_len; - - if (yaca_seal_finalize(ctx, enc + written_len, &written_len) != YACA_ERROR_NONE) - goto exit; - - enc_len += written_len; - - dump_hex(enc, 16, "Encrypted data (16 of %zu bytes): ", enc_len); - - yaca_context_destroy(ctx); - ctx = YACA_CONTEXT_NULL; - } - - /* Decrypt a.k.a. open */ - { - if (yaca_open_initialize(&ctx, key_priv, algo, bcm, key_bit_len, sym_key, iv) != YACA_ERROR_NONE) - goto exit; - - /* For the update */ - if (yaca_context_get_output_length(ctx, enc_len, &output_len) != YACA_ERROR_NONE) - goto exit; - - /* For the finalize */ - if (yaca_context_get_output_length(ctx, 0, &block_len) != YACA_ERROR_NONE) - goto exit; - - /* Calculate max output: size of update + final chunks */ - dec_len = output_len + block_len; - if (yaca_malloc(dec_len, (void**)&dec) != YACA_ERROR_NONE) - goto exit; - - /* Open and finalize */ - if (yaca_open_update(ctx, enc, enc_len, dec, &written_len) != YACA_ERROR_NONE) - goto exit; - - dec_len = written_len; - - if (yaca_open_finalize(ctx, dec + written_len, &written_len) != YACA_ERROR_NONE) - goto exit; - - dec_len += written_len; - - printf("Decrypted data (16 of %zu bytes): %.16s\n\n", dec_len, dec); - } - -exit: - yaca_free(dec); - yaca_free(enc); - yaca_context_destroy(ctx); - yaca_key_destroy(sym_key); - yaca_key_destroy(iv); - yaca_key_destroy(key_pub); - yaca_key_destroy(key_priv); -} - -void encrypt_seal_aes_gcm(void) -{ - yaca_encrypt_algorithm_e algo = YACA_ENCRYPT_AES; - yaca_block_cipher_mode_e bcm = YACA_BCM_GCM; - size_t key_bit_len = YACA_KEY_LENGTH_256BIT; - - yaca_context_h ctx = YACA_CONTEXT_NULL; - yaca_key_h key_pub = YACA_KEY_NULL; - yaca_key_h key_priv = YACA_KEY_NULL; - yaca_key_h sym_key = YACA_KEY_NULL; - yaca_key_h iv = YACA_KEY_NULL; - - char *enc = NULL; - char *dec = NULL; - size_t enc_len; - size_t dec_len; - - char *aad = NULL; - char *tag = NULL; - size_t aad_len = 16; - size_t tag_len = 13; - - size_t block_len; - size_t output_len; - size_t written_len; - - printf("Plain data (16 of %zu bytes): %.16s\n", LOREM4096_SIZE, lorem4096); + printf("Plain data (16 of %zu bytes): %.16s\n", INPUT_DATA_SIZE, INPUT_DATA); /* Generate key pair */ - if (yaca_key_generate(YACA_KEY_TYPE_RSA_PRIV, YACA_KEY_LENGTH_4096BIT, &key_priv) != YACA_ERROR_NONE) - return; - - if (yaca_key_extract_public(key_priv, &key_pub) != YACA_ERROR_NONE) - goto exit; - - if (yaca_zalloc(aad_len, (void**)&aad) != YACA_ERROR_NONE) - goto exit; - - if (yaca_randomize_bytes(aad, aad_len) != YACA_ERROR_NONE) - goto exit; - - if (yaca_zalloc(tag_len, (void**)&tag) != YACA_ERROR_NONE) - goto exit; - - /* Encryption */ - { - if (yaca_seal_initialize(&ctx, key_pub, algo, bcm, key_bit_len, &sym_key, &iv) != YACA_ERROR_NONE) - goto exit; - - /* Provide any AAD data */ - if (yaca_context_set_property(ctx, YACA_PROPERTY_GCM_AAD, aad, aad_len) != YACA_ERROR_NONE) - goto exit; - - /* For the update */ - if (yaca_context_get_output_length(ctx, LOREM4096_SIZE, &output_len) != YACA_ERROR_NONE) - goto exit; - - /* For the finalize */ - if (yaca_context_get_output_length(ctx, 0, &block_len) != YACA_ERROR_NONE) - goto exit; - - /* Calculate max output: size of update + final chunks */ - enc_len = output_len + block_len; - if (yaca_malloc(enc_len, (void**)&enc) != YACA_ERROR_NONE) - goto exit; - - if (yaca_seal_update(ctx, lorem4096, LOREM4096_SIZE, enc, &written_len) != YACA_ERROR_NONE) - goto exit; - - enc_len = written_len; - - if (yaca_seal_finalize(ctx, enc + written_len, &written_len) != YACA_ERROR_NONE) - goto exit; - - enc_len += written_len; - - /* Set the tag length and get the tag after final encryption */ - if (yaca_context_set_property(ctx, YACA_PROPERTY_GCM_TAG_LEN, - (void*)&tag_len, sizeof(tag_len)) != YACA_ERROR_NONE) - goto exit; - - if (yaca_context_get_property(ctx, YACA_PROPERTY_GCM_TAG, (void**)tag, &tag_len) != YACA_ERROR_NONE) - goto exit; - - dump_hex(enc, 16, "Encrypted data (16 of %zu bytes): ", enc_len); - - yaca_context_destroy(ctx); - ctx = YACA_CONTEXT_NULL; - } - - /* Decryption */ - { - if (yaca_open_initialize(&ctx, key_priv, algo, bcm, key_bit_len, sym_key, iv) != YACA_ERROR_NONE) - goto exit; - - /* Provide any AAD data */ - if (yaca_context_set_property(ctx, YACA_PROPERTY_GCM_AAD, aad, aad_len) != YACA_ERROR_NONE) - goto exit; - - /* For the update */ - if (yaca_context_get_output_length(ctx, enc_len, &output_len) != YACA_ERROR_NONE) - goto exit; - - /* For the finalize */ - if (yaca_context_get_output_length(ctx, 0, &block_len) != YACA_ERROR_NONE) - goto exit; - - /* Calculate max output: size of update + final chunks */ - dec_len = output_len + block_len; - if (yaca_malloc(dec_len, (void**)&dec) != YACA_ERROR_NONE) - goto exit; - - if (yaca_open_update(ctx, enc, enc_len, dec, &written_len) != YACA_ERROR_NONE) - goto exit; - - /* Set expected tag value before final decryption */ - if (yaca_context_set_property(ctx, YACA_PROPERTY_GCM_TAG, tag, tag_len) != YACA_ERROR_NONE) - goto exit; - - dec_len = written_len; - - if (yaca_open_finalize(ctx, dec + written_len, &written_len) != YACA_ERROR_NONE) - goto exit; - - dec_len += written_len; - - printf("Decrypted data (16 of %zu bytes): %.16s\n\n", dec_len, dec); - } - -exit: - yaca_free(dec); - yaca_free(enc); - yaca_context_destroy(ctx); - yaca_key_destroy(sym_key); - yaca_key_destroy(iv); - yaca_free(aad); - yaca_free(tag); - yaca_key_destroy(key_pub); - yaca_key_destroy(key_priv); -} - -void encrypt_seal_aes_ccm(void) -{ - yaca_encrypt_algorithm_e algo = YACA_ENCRYPT_AES; - yaca_block_cipher_mode_e bcm = YACA_BCM_CCM; - size_t key_bit_len = YACA_KEY_LENGTH_192BIT; - - yaca_context_h ctx = YACA_CONTEXT_NULL; - yaca_key_h key_pub = YACA_KEY_NULL; - yaca_key_h key_priv = YACA_KEY_NULL; - yaca_key_h sym_key = YACA_KEY_NULL; - yaca_key_h iv = YACA_KEY_NULL; - - char *enc = NULL; - char *dec = NULL; - size_t enc_len; - size_t dec_len; - - char *aad = NULL; - char *tag = NULL; - size_t aad_len = 16; - size_t tag_len = 8; - - size_t block_len; - size_t output_len; - size_t written_len; - size_t len; - - printf("Plain data (16 of %zu bytes): %.16s\n", LOREM4096_SIZE, lorem4096); - - /* Generate key pair */ - if (yaca_key_generate(YACA_KEY_TYPE_RSA_PRIV, YACA_KEY_LENGTH_3072BIT, &key_priv) != YACA_ERROR_NONE) - return; - - if (yaca_key_extract_public(key_priv, &key_pub) != YACA_ERROR_NONE) - goto exit; - - if (yaca_zalloc(aad_len, (void**)&aad) != YACA_ERROR_NONE) - goto exit; - - if (yaca_randomize_bytes(aad, aad_len) != YACA_ERROR_NONE) + ret = yaca_key_generate(YACA_KEY_TYPE_RSA_PRIV, YACA_KEY_LENGTH_4096BIT, &rsa_priv); + if (ret != YACA_ERROR_NONE) goto exit; - if (yaca_zalloc(tag_len, (void**)&tag) != YACA_ERROR_NONE) + ret = yaca_key_extract_public(rsa_priv, &rsa_pub); + if (ret != YACA_ERROR_NONE) goto exit; /* Encryption */ { - if (yaca_seal_initialize(&ctx, key_pub, algo, bcm, key_bit_len, &sym_key, &iv) != YACA_ERROR_NONE) + /* Initialize encryption context */ + ret = yaca_seal_initialize(&ctx, rsa_pub, YACA_ENCRYPT_AES, YACA_BCM_CBC, + YACA_KEY_LENGTH_256BIT, &sym_key, &iv); + if (ret != YACA_ERROR_NONE) goto exit; - /* Set tag length (optionally) */ - if (yaca_context_set_property(ctx, YACA_PROPERTY_CCM_TAG_LEN, - (void*)&tag_len, sizeof(tag_len)) != YACA_ERROR_NONE) + /* Get output length for the update */ + ret = yaca_context_get_output_length(ctx, INPUT_DATA_SIZE, &output_len); + if (ret != YACA_ERROR_NONE) goto exit; - /* The total plain text length must be passed (only needed if AAD is passed) */ - if (yaca_seal_update(ctx, NULL, LOREM4096_SIZE , NULL, &len) != YACA_ERROR_NONE) + /* Get output length for the finalize */ + ret = yaca_context_get_output_length(ctx, 0, &block_len); + if (ret != YACA_ERROR_NONE) goto exit; - /* Provide any AAD data */ - if (yaca_context_set_property(ctx, YACA_PROPERTY_CCM_AAD, aad, aad_len) != YACA_ERROR_NONE) + /* Calculate max output length and allocate memory */ + encrypted_len = output_len + block_len; + ret = yaca_zalloc(encrypted_len, (void**)&encrypted); + if (ret != YACA_ERROR_NONE) goto exit; - /* For the update */ - if (yaca_context_get_output_length(ctx, LOREM4096_SIZE, &output_len) != YACA_ERROR_NONE) + /* Encrypt data */ + ret = yaca_seal_update(ctx, INPUT_DATA, INPUT_DATA_SIZE, encrypted, &written_len); + if (ret != YACA_ERROR_NONE) goto exit; - /* For the finalize */ - if (yaca_context_get_output_length(ctx, 0, &block_len) != YACA_ERROR_NONE) - goto exit; - - /* Calculate max output: size of update + final chunks */ - enc_len = output_len + block_len; - if (yaca_malloc(enc_len, (void**)&enc) != YACA_ERROR_NONE) - goto exit; - - if (yaca_seal_update(ctx, lorem4096, LOREM4096_SIZE, enc, &written_len) != YACA_ERROR_NONE) - goto exit; + encrypted_len = written_len; - enc_len = written_len; - - if (yaca_seal_finalize(ctx, enc + written_len, &written_len) != YACA_ERROR_NONE) + ret = yaca_seal_finalize(ctx, encrypted + encrypted_len, &written_len); + if (ret != YACA_ERROR_NONE) goto exit; - enc_len += written_len; + encrypted_len += written_len; - /* Get the tag after final encryption */ - if (yaca_context_get_property(ctx, YACA_PROPERTY_CCM_TAG, (void**)tag, &tag_len) != YACA_ERROR_NONE) + /* Resize output buffer */ + ret = yaca_realloc(encrypted_len, (void**)&encrypted); + if (ret != YACA_ERROR_NONE) goto exit; - dump_hex(enc, 16, "Encrypted data (16 of %zu bytes): ", enc_len); + /* display encrypted data in hexadecimal format */ + dump_hex(encrypted, 16, "Encrypted data (16 of %zu bytes): ", encrypted_len); yaca_context_destroy(ctx); ctx = YACA_CONTEXT_NULL; @@ -375,89 +116,59 @@ void encrypt_seal_aes_ccm(void) /* Decryption */ { - if (yaca_open_initialize(&ctx, key_priv, algo, bcm, key_bit_len, sym_key, iv) != YACA_ERROR_NONE) + /* Initialize decryption context */ + ret = yaca_open_initialize(&ctx, rsa_priv, YACA_ENCRYPT_AES, YACA_BCM_CBC, + YACA_KEY_LENGTH_256BIT, sym_key, iv); + if (ret != YACA_ERROR_NONE) goto exit; - /* Set expected tag value */ - if (yaca_context_set_property(ctx, YACA_PROPERTY_CCM_TAG, tag, tag_len) != YACA_ERROR_NONE) + /* Get output length for the update */ + ret = yaca_context_get_output_length(ctx, encrypted_len, &output_len); + if (ret != YACA_ERROR_NONE) goto exit; - /* The total encrypted text length must be passed (only needed if AAD is passed) */ - if (yaca_open_update(ctx, NULL, enc_len , NULL, &len) != YACA_ERROR_NONE) + /* Get output length for the finalize */ + ret = yaca_context_get_output_length(ctx, 0, &block_len); + if (ret != YACA_ERROR_NONE) goto exit; - /* Provide any AAD data */ - if (yaca_context_set_property(ctx, YACA_PROPERTY_CCM_AAD, aad, aad_len) != YACA_ERROR_NONE) + /* Calculate max output length and allocate memory */ + decrypted_len = output_len + block_len; + ret = yaca_zalloc(decrypted_len, (void**)&decrypted); + if (ret != YACA_ERROR_NONE) goto exit; - /* For the update */ - if (yaca_context_get_output_length(ctx, enc_len, &output_len) != YACA_ERROR_NONE) + /* Decrypt data */ + ret = yaca_open_update(ctx, encrypted, encrypted_len, decrypted, &written_len); + if (ret != YACA_ERROR_NONE) goto exit; - /* For the finalize */ - if (yaca_context_get_output_length(ctx, 0, &block_len) != YACA_ERROR_NONE) - goto exit; + decrypted_len = written_len; - /* Calculate max output: size of update + final chunks */ - dec_len = output_len + block_len; - if (yaca_malloc(dec_len, (void**)&dec) != YACA_ERROR_NONE) + ret = yaca_open_finalize(ctx, decrypted + decrypted_len, &written_len); + if (ret != YACA_ERROR_NONE) goto exit; - if (yaca_open_update(ctx, enc, enc_len, dec, &written_len) != YACA_ERROR_NONE) - goto exit; + decrypted_len += written_len; - dec_len = written_len; - - if (yaca_open_finalize(ctx, dec + written_len, &written_len) != YACA_ERROR_NONE) + /* Resize output buffer */ + ret = yaca_realloc(decrypted_len, (void**)&decrypted); + if (ret != YACA_ERROR_NONE) goto exit; - dec_len += written_len; - - printf("Decrypted data (16 of %zu bytes): %.16s\n\n", dec_len, dec); + printf("Decrypted data (16 of %zu bytes): %.16s\n\n", decrypted_len, decrypted); } exit: - yaca_free(dec); - yaca_free(enc); + yaca_free(decrypted); + yaca_free(encrypted); yaca_context_destroy(ctx); yaca_key_destroy(sym_key); yaca_key_destroy(iv); - yaca_free(aad); - yaca_free(tag); - yaca_key_destroy(key_pub); - yaca_key_destroy(key_priv); -} - -int main() -{ - int ret = yaca_initialize(); - if (ret != YACA_ERROR_NONE) - return ret; - - printf("AES CBC 256bit key seal/open\n"); - yaca_encrypt_algorithm_e algo = YACA_ENCRYPT_AES; - yaca_block_cipher_mode_e bcm = YACA_BCM_CBC; - size_t key_bit_len = YACA_KEY_LENGTH_256BIT; - encrypt_seal(algo, bcm, key_bit_len); - - printf("3DES 192bit key seal/open\n"); - algo = YACA_ENCRYPT_3DES_3TDEA; - bcm = YACA_BCM_CFB; - key_bit_len = YACA_KEY_LENGTH_192BIT; - encrypt_seal(algo, bcm, key_bit_len); - - printf("RC2 40bit key seal/open\n"); - algo = YACA_ENCRYPT_UNSAFE_RC2; - bcm = YACA_BCM_OFB; - key_bit_len = YACA_KEY_LENGTH_UNSAFE_40BIT; - encrypt_seal(algo, bcm, key_bit_len); - - printf("AES GCM 256bit key seal/open\n"); - encrypt_seal_aes_gcm(); - - printf("AES CCM 192bit key seal/open\n"); - encrypt_seal_aes_ccm(); + yaca_key_destroy(rsa_pub); + yaca_key_destroy(rsa_priv); yaca_cleanup(); return ret; } +//! [Asymmetric Encryption API example] diff --git a/examples/sign.c b/examples/sign.c index db6f39a..6a8710d 100644 --- a/examples/sign.c +++ b/examples/sign.c @@ -18,358 +18,116 @@ /** * @file sign.c - * @brief + * @brief Signature API example. */ +//! [Signature API example] #include #include #include #include #include -#include -#include "lorem.h" +/* include helpers functions and definitions */ #include "misc.h" -/* Signature creation and verification using simple API */ -void simple_sign_verify_asym(yaca_key_type_e type, const char *algo) -{ - char *signature = NULL; - size_t signature_len; - - yaca_key_h prv = YACA_KEY_NULL; - yaca_key_h pub = YACA_KEY_NULL; - - /* GENERATE */ - if (yaca_key_generate(type, YACA_KEY_LENGTH_1024BIT, &prv) != YACA_ERROR_NONE) - return; - - if (yaca_key_extract_public(prv, &pub) != YACA_ERROR_NONE) - goto exit; - - /* SIGN */ - if (yaca_simple_calculate_signature(YACA_DIGEST_SHA512, - prv, - lorem4096, - LOREM4096_SIZE, - &signature, - &signature_len) != YACA_ERROR_NONE) - goto exit; - - dump_hex(signature, signature_len, "[Simple API] %s Signature of lorem4096:", algo); - - /* VERIFY */ - if (yaca_simple_verify_signature(YACA_DIGEST_SHA512, - pub, - lorem4096, - LOREM4096_SIZE, - signature, - signature_len) != YACA_ERROR_NONE) - printf("[Simple API] %s verification failed\n", algo); - else - printf("[Simple API] %s verification successful\n", algo); - -exit: - yaca_free(signature); - yaca_key_destroy(prv); - yaca_key_destroy(pub); -} - -void simple_sign_verify_hmac(void) -{ - char *signature1 = NULL; - char *signature2 = NULL; - size_t signature_len; - - yaca_key_h key = YACA_KEY_NULL; - - /* GENERATE */ - if (yaca_key_generate(YACA_KEY_TYPE_SYMMETRIC, YACA_KEY_LENGTH_256BIT, &key) != YACA_ERROR_NONE) - return; - - /* SIGN */ - if (yaca_simple_calculate_hmac(YACA_DIGEST_SHA512, - key, - lorem4096, - LOREM4096_SIZE, - &signature1, - &signature_len) != YACA_ERROR_NONE) - goto exit; - - dump_hex(signature1, signature_len, "[Simple API] HMAC Signature of lorem4096:"); - - /* VERIFY */ - if (yaca_simple_calculate_hmac(YACA_DIGEST_SHA512, - key, - lorem4096, - LOREM4096_SIZE, - &signature2, - &signature_len) != YACA_ERROR_NONE) - goto exit; - - if (yaca_memcmp(signature1, signature2, signature_len) != YACA_ERROR_NONE) - printf("[Simple API] HMAC verification failed\n"); - else - printf("[Simple API] HMAC verification successful\n"); - -exit: - yaca_free(signature1); - yaca_free(signature2); - yaca_key_destroy(key); -} - -void simple_sign_verify_cmac(void) -{ - char *signature1 = NULL; - char *signature2 = NULL; - size_t signature_len; - - yaca_key_h key = YACA_KEY_NULL; - - /* GENERATE */ - if (yaca_key_generate(YACA_KEY_TYPE_SYMMETRIC, YACA_KEY_LENGTH_256BIT, &key)) - return; - - /* SIGN */ - if (yaca_simple_calculate_cmac(YACA_ENCRYPT_AES, - key, - lorem4096, - LOREM4096_SIZE, - &signature1, - &signature_len) != YACA_ERROR_NONE) - goto exit; - - dump_hex(signature1, signature_len, "[Simple API] CMAC Signature of lorem4096:"); - - - /* VERIFY */ - if (yaca_simple_calculate_cmac(YACA_ENCRYPT_AES, - key, - lorem4096, - LOREM4096_SIZE, - &signature2, - &signature_len) != YACA_ERROR_NONE) - goto exit; - - if (yaca_memcmp(signature1, signature2, signature_len) != YACA_ERROR_NONE) - printf("[Simple API] CMAC verification failed\n"); - else - printf("[Simple API] CMAC verification successful\n"); - -exit: - yaca_free(signature1); - yaca_free(signature2); - yaca_key_destroy(key); -} - -/* Signature creation and verification using advanced API */ -void sign_verify_asym(yaca_key_type_e type, const char *algo) +int main() { - char *signature = NULL; - size_t signature_len; - + int ret; yaca_context_h ctx = YACA_CONTEXT_NULL; - yaca_key_h prv = YACA_KEY_NULL; - yaca_key_h pub = YACA_KEY_NULL; + yaca_key_h priv_key = YACA_KEY_NULL; + yaca_key_h pub_key = YACA_KEY_NULL; yaca_padding_e padding = YACA_PADDING_PKCS1_PSS; - /* GENERATE */ - if (yaca_key_generate(type, YACA_KEY_LENGTH_1024BIT, &prv) != YACA_ERROR_NONE) - return; - - if (yaca_key_extract_public(prv, &pub) != YACA_ERROR_NONE) - goto exit; - - /* SIGN */ - if (yaca_sign_initialize(&ctx, YACA_DIGEST_SHA512, prv) != YACA_ERROR_NONE) - goto exit; - - if (yaca_context_set_property(ctx, YACA_PROPERTY_PADDING, (char*)(&padding), sizeof(padding)) != YACA_ERROR_NONE) - goto exit; - - if (yaca_sign_update(ctx, lorem4096, LOREM4096_SIZE) != YACA_ERROR_NONE) - goto exit; - - if (yaca_context_get_output_length(ctx, 0, &signature_len) != YACA_ERROR_NONE) - goto exit; - - if (yaca_malloc(signature_len, (void**)&signature) != YACA_ERROR_NONE) - goto exit; - - if (yaca_sign_finalize(ctx, signature, &signature_len) != YACA_ERROR_NONE) - goto exit; - - dump_hex(signature, signature_len, "[Advanced API] %s Signature of lorem4096:", algo); - - /* CLEANUP */ - yaca_context_destroy(ctx); - ctx = YACA_CONTEXT_NULL; - - /* VERIFY */ - if (yaca_verify_initialize(&ctx, YACA_DIGEST_SHA512, pub) != YACA_ERROR_NONE) - goto exit; - - if (yaca_context_set_property(ctx, YACA_PROPERTY_PADDING, (char*)(&padding), sizeof(padding)) != YACA_ERROR_NONE) - goto exit; - - if (yaca_verify_update(ctx, lorem4096, LOREM4096_SIZE) != YACA_ERROR_NONE) - goto exit; - - if (yaca_verify_finalize(ctx, signature, signature_len) != YACA_ERROR_NONE) - printf("[Advanced API] %s verification failed\n", algo); - else - printf("[Advanced API] %s verification successful\n", algo); - -exit: - yaca_free(signature); - yaca_key_destroy(prv); - yaca_key_destroy(pub); - yaca_context_destroy(ctx); -} - -void sign_verify_hmac(void) -{ - char *signature1 = NULL; - char *signature2 = NULL; - size_t signature_len; - - yaca_context_h ctx = YACA_CONTEXT_NULL; - yaca_key_h key = YACA_KEY_NULL; - - /* GENERATE */ - if (yaca_key_generate(YACA_KEY_TYPE_SYMMETRIC, YACA_KEY_LENGTH_256BIT, &key) != YACA_ERROR_NONE) - return; - - /* SIGN */ - if (yaca_sign_initialize_hmac(&ctx, YACA_DIGEST_SHA512, key) != YACA_ERROR_NONE) - goto exit; - - if (yaca_sign_update(ctx, lorem4096, LOREM4096_SIZE) != YACA_ERROR_NONE) - goto exit; - - if (yaca_context_get_output_length(ctx, 0, &signature_len) != YACA_ERROR_NONE) - goto exit; - - if (yaca_malloc(signature_len, (void**)&signature1) != YACA_ERROR_NONE) - goto exit; - - if (yaca_sign_finalize(ctx, signature1, &signature_len) != YACA_ERROR_NONE) - goto exit; - - dump_hex(signature1, signature_len, "[Advanced API] HMAC Signature of lorem4096:"); - - /* CLEANUP */ - yaca_context_destroy(ctx); - ctx = YACA_CONTEXT_NULL; - - /* VERIFY */ - if (yaca_sign_initialize_hmac(&ctx, YACA_DIGEST_SHA512, key) != YACA_ERROR_NONE) - goto exit; - - if (yaca_sign_update(ctx, lorem4096, LOREM4096_SIZE) != YACA_ERROR_NONE) - goto exit; - - if (yaca_context_get_output_length(ctx, 0, &signature_len) != YACA_ERROR_NONE) - goto exit; - - if (yaca_malloc(signature_len, (void**)&signature2) != YACA_ERROR_NONE) - goto exit; - - if (yaca_sign_finalize(ctx, signature2, &signature_len) != YACA_ERROR_NONE) - goto exit; - - if (yaca_memcmp(signature1, signature2, signature_len) != YACA_ERROR_NONE) - printf("[Advanced API] HMAC verification failed\n"); - else - printf("[Advanced API] HMAC verification successful\n"); - -exit: - yaca_free(signature1); - yaca_free(signature2); - yaca_key_destroy(key); - yaca_context_destroy(ctx); -} - -void sign_verify_cmac(void) -{ - char *signature1 = NULL; - char *signature2 = NULL; + char *signature = NULL; size_t signature_len; - yaca_context_h ctx = YACA_CONTEXT_NULL; - yaca_key_h key = YACA_KEY_NULL; - - /* GENERATE */ - if (yaca_key_generate(YACA_KEY_TYPE_SYMMETRIC, YACA_KEY_LENGTH_256BIT, &key)) - return; - - /* SIGN */ - if (yaca_sign_initialize_cmac(&ctx, YACA_ENCRYPT_AES, key) != YACA_ERROR_NONE) - goto exit; - - if (yaca_sign_update(ctx, lorem4096, LOREM4096_SIZE)) - goto exit; - - if (yaca_context_get_output_length(ctx, 0, &signature_len) != YACA_ERROR_NONE) - goto exit; - - if (yaca_malloc(signature_len, (void**)&signature1) != YACA_ERROR_NONE) - goto exit; - - if (yaca_sign_finalize(ctx, signature1, &signature_len)) - goto exit; - - dump_hex(signature1, signature_len, "[Advanced API] CMAC Signature of lorem4096:"); - - /* CLEANUP */ - yaca_context_destroy(ctx); - ctx = YACA_CONTEXT_NULL; - - /* VERIFY */ - if (yaca_sign_initialize_cmac(&ctx, YACA_ENCRYPT_AES, key) != YACA_ERROR_NONE) - goto exit; - - if (yaca_sign_update(ctx, lorem4096, LOREM4096_SIZE)) - goto exit; - - if (yaca_context_get_output_length(ctx, 0, &signature_len) != YACA_ERROR_NONE) + ret = yaca_initialize(); + if (ret != YACA_ERROR_NONE) goto exit; - if (yaca_malloc(signature_len, (void**)&signature2) != YACA_ERROR_NONE) + /* Generate key pair */ + ret = yaca_key_generate(YACA_KEY_TYPE_RSA_PRIV, YACA_KEY_LENGTH_2048BIT, &priv_key); + if (ret != YACA_ERROR_NONE) goto exit; - if (yaca_sign_finalize(ctx, signature2, &signature_len)) + ret = yaca_key_extract_public(priv_key, &pub_key); + if (ret != YACA_ERROR_NONE) goto exit; - if (yaca_memcmp(signature1, signature2, signature_len) != YACA_ERROR_NONE) - printf("[Advanced API] CMAC verification failed\n"); - else - printf("[Advanced API] CMAC verification successful\n"); + /* Sign */ + { + /* Initialize sign context */ + ret = yaca_sign_initialize(&ctx, YACA_DIGEST_SHA256, priv_key); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Set padding method */ + ret = yaca_context_set_property(ctx, YACA_PROPERTY_PADDING, &padding, sizeof(padding)); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Feeds the message */ + ret = yaca_sign_update(ctx, INPUT_DATA, INPUT_DATA_SIZE); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Get signature length and allocate memory */ + ret = yaca_context_get_output_length(ctx, 0, &signature_len); + if (ret != YACA_ERROR_NONE) + goto exit; + + ret = yaca_malloc(signature_len, (void**)&signature); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Calculate signature */ + ret = yaca_sign_finalize(ctx, signature, &signature_len); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* display signature in hexadecimal format */ + dump_hex(signature, signature_len, "Signature of INPUT_DATA:"); + + yaca_context_destroy(ctx); + ctx = YACA_CONTEXT_NULL; + } + + /* Verify */ + { + /* Initialize verify context */ + ret = yaca_verify_initialize(&ctx, YACA_DIGEST_SHA256, pub_key); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Set padding method */ + ret = yaca_context_set_property(ctx, YACA_PROPERTY_PADDING, &padding, sizeof(padding)); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Feeds the message */ + ret = yaca_verify_update(ctx, INPUT_DATA, INPUT_DATA_SIZE); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Verify signature */ + ret = yaca_verify_finalize(ctx, signature, signature_len); + if (ret != YACA_ERROR_NONE) { + printf("Verification failed\n"); + goto exit; + } else { + printf("Verification successful\n"); + } + } exit: - yaca_free(signature1); - yaca_free(signature2); - yaca_key_destroy(key); + yaca_free(signature); + yaca_key_destroy(priv_key); + yaca_key_destroy(pub_key); yaca_context_destroy(ctx); -} - -int main() -{ - int ret = yaca_initialize(); - if (ret != YACA_ERROR_NONE) - return ret; - - simple_sign_verify_asym(YACA_KEY_TYPE_RSA_PRIV, "RSA"); - simple_sign_verify_asym(YACA_KEY_TYPE_DSA_PRIV, "DSA"); - simple_sign_verify_cmac(); - simple_sign_verify_hmac(); - - sign_verify_asym(YACA_KEY_TYPE_RSA_PRIV, "RSA"); - sign_verify_asym(YACA_KEY_TYPE_DSA_PRIV, "DSA"); - sign_verify_hmac(); - sign_verify_cmac(); yaca_cleanup(); return ret; } +//! [Signature API example] diff --git a/examples/sign_hmac.c b/examples/sign_hmac.c new file mode 100644 index 0000000..0fdc28d --- /dev/null +++ b/examples/sign_hmac.c @@ -0,0 +1,132 @@ +/* + * Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved + * + * Contact: Krzysztof Jackiewicz + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License + */ + +/** + * @file sign_hmac.c + * @brief HMAC Signature API example. + */ + +//! [HMAC Signature API example] +#include + +#include +#include +#include +#include + +/* include helpers functions and definitions */ +#include "misc.h" + +int main() +{ + int ret; + yaca_context_h ctx = YACA_CONTEXT_NULL; + yaca_key_h sym_key = YACA_KEY_NULL; + + char *signature1 = NULL; + char *signature2 = NULL; + size_t signature_len; + + ret = yaca_initialize(); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Key generation */ + ret = yaca_key_generate(YACA_KEY_TYPE_SYMMETRIC, YACA_KEY_LENGTH_256BIT, &sym_key); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Sign */ + { + /* Initialize sign context */ + ret = yaca_sign_initialize_hmac(&ctx, YACA_DIGEST_SHA512, sym_key); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Feeds the message */ + ret = yaca_sign_update(ctx, INPUT_DATA, INPUT_DATA_SIZE); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Get signature length and allocate memory */ + ret = yaca_context_get_output_length(ctx, 0, &signature_len); + if (ret != YACA_ERROR_NONE) + goto exit; + + ret = yaca_malloc(signature_len, (void**)&signature1); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Calculate signature */ + ret = yaca_sign_finalize(ctx, signature1, &signature_len); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* display signature in hexadecimal format */ + dump_hex(signature1, signature_len, "HMAC Signature of INPUT_DATA:"); + + yaca_context_destroy(ctx); + ctx = YACA_CONTEXT_NULL; + } + + /* Verify */ + { + /* Initialize sign context */ + ret = yaca_sign_initialize_hmac(&ctx, YACA_DIGEST_SHA512, sym_key); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Feeds the message */ + ret = yaca_sign_update(ctx, INPUT_DATA, INPUT_DATA_SIZE); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Get signature length and allocate memory */ + ret = yaca_context_get_output_length(ctx, 0, &signature_len); + if (ret != YACA_ERROR_NONE) + goto exit; + + ret = yaca_malloc(signature_len, (void**)&signature2); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Calculate signature */ + ret = yaca_sign_finalize(ctx, signature2, &signature_len); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Verify signature */ + ret = yaca_memcmp(signature1, signature2, signature_len); + if (ret != YACA_ERROR_NONE) { + printf("Verification failed\n"); + goto exit; + } else { + printf("Verification successful\n"); + } + } + +exit: + yaca_free(signature1); + yaca_free(signature2); + yaca_key_destroy(sym_key); + yaca_context_destroy(ctx); + + yaca_cleanup(); + return ret; +} +//! [HMAC Signature API example] diff --git a/examples/sign_simple.c b/examples/sign_simple.c new file mode 100644 index 0000000..04e1ff3 --- /dev/null +++ b/examples/sign_simple.c @@ -0,0 +1,90 @@ +/* + * Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved + * + * Contact: Krzysztof Jackiewicz + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License + */ + +/** + * @file sign_simple.c + * @brief Simple Signature API example. + */ + +//! [Simple Signature API example] +#include + +#include +#include +#include +#include + +/* include helpers functions and definitions */ +#include "misc.h" + +int main() +{ + int ret; + yaca_key_h priv_key = YACA_KEY_NULL; + yaca_key_h pub_key = YACA_KEY_NULL; + + char *signature = NULL; + size_t signature_len; + + ret = yaca_initialize(); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Generate key pair */ + ret = yaca_key_generate(YACA_KEY_TYPE_DSA_PRIV, YACA_KEY_LENGTH_2048BIT, &priv_key); + if (ret != YACA_ERROR_NONE) + goto exit; + + ret = yaca_key_extract_public(priv_key, &pub_key); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Sign */ + { + ret = yaca_simple_calculate_signature(YACA_DIGEST_SHA384, priv_key, + INPUT_DATA, INPUT_DATA_SIZE, + &signature, &signature_len); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* display signature in hexadecimal format */ + dump_hex(signature, signature_len, "Signature of INPUT_DATA:"); + } + + /* Verify */ + { + ret = yaca_simple_verify_signature(YACA_DIGEST_SHA384, pub_key, + INPUT_DATA, INPUT_DATA_SIZE, + signature, signature_len); + if (ret != YACA_ERROR_NONE) { + printf("Verification failed\n"); + goto exit; + } else { + printf("Verification successful\n"); + } + } + +exit: + yaca_free(signature); + yaca_key_destroy(priv_key); + yaca_key_destroy(pub_key); + + yaca_cleanup(); + return ret; +} +//! [Simple Signature API example] diff --git a/examples/sign_simple_cmac.c b/examples/sign_simple_cmac.c new file mode 100644 index 0000000..882c0bc --- /dev/null +++ b/examples/sign_simple_cmac.c @@ -0,0 +1,90 @@ +/* + * Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved + * + * Contact: Krzysztof Jackiewicz + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License + */ + +/** + * @file sign_simple_cmac.c + * @brief Simple CMAC Signature API example. + */ + +//! [Simple CMAC Signature API example] +#include + +#include +#include +#include +#include + +/* include helpers functions and definitions */ +#include "misc.h" + +int main() +{ + int ret; + yaca_key_h sym_key = YACA_KEY_NULL; + + char *signature1 = NULL; + char *signature2 = NULL; + size_t signature_len; + + ret = yaca_initialize(); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Key generation */ + ret = yaca_key_generate(YACA_KEY_TYPE_SYMMETRIC, YACA_KEY_LENGTH_256BIT, &sym_key); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Sign */ + { + ret = yaca_simple_calculate_cmac(YACA_ENCRYPT_AES, sym_key, + INPUT_DATA, INPUT_DATA_SIZE, + &signature1, &signature_len); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* display signature in hexadecimal format */ + dump_hex(signature1, signature_len, "CMAC Signature of INPUT_DATA:"); + } + + /* Verify */ + { + ret = yaca_simple_calculate_cmac(YACA_ENCRYPT_AES, sym_key, + INPUT_DATA, INPUT_DATA_SIZE, + &signature2, &signature_len); + if (ret != YACA_ERROR_NONE) + goto exit; + + ret = yaca_memcmp(signature1, signature2, signature_len); + if (ret != YACA_ERROR_NONE) { + printf("Verification failed\n"); + goto exit; + } else { + printf("Verification successful\n"); + } + } + +exit: + yaca_free(signature1); + yaca_free(signature2); + yaca_key_destroy(sym_key); + + yaca_cleanup(); + return ret; +} +//! [Simple CMAC Signature API example] diff --git a/examples/x509.crt b/examples/x509.crt deleted file mode 100644 index f421e11..0000000 --- a/examples/x509.crt +++ /dev/null @@ -1,21 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDiTCCAnGgAwIBAgIJAMmTp8b7IBZ4MA0GCSqGSIb3DQEBCwUAMFsxCzAJBgNV -BAYTAlBMMRUwEwYDVQQHDAxEZWZhdWx0IENpdHkxEDAOBgNVBAoMB1NhbXN1bmcx -CzAJBgNVBAsMAlJEMRYwFAYDVQQDDA15YWNhLnRlc3Qua2V5MB4XDTE2MDUwOTE0 -MDUwM1oXDTE3MDUwOTE0MDUwM1owWzELMAkGA1UEBhMCUEwxFTATBgNVBAcMDERl -ZmF1bHQgQ2l0eTEQMA4GA1UECgwHU2Ftc3VuZzELMAkGA1UECwwCUkQxFjAUBgNV -BAMMDXlhY2EudGVzdC5rZXkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB -AQC7729iOIdGcnuTba8nq1G4HF8isCR/8K/vtclsoCjAxQph5ANa+/9gbIFdQmmn -MBhSOckl9Tl/a9g/2b/vbezo2qXAuaeOPNr/ZF6Z+h7yPJids7WmBAPphzHeIKQf -kr2KLRbFYIIGF4mC/JfNOBzh8ChcklxnUJu4W8bJPrPkr3zlcMqxpRCCXAqIUxh7 -lCDta7Uoip+VcibRqh8g7+eZmTu3GwWtZQCB9kq5BijfguxxDHAXyQ6g7gxOZpwA -BP9AXdB7K1KAoeBf0e/lUjC1eXkhvno9TJSp2Q7LEIJqEe/Khyj4FG4KrOu/ifpS -wpGP1ztzdMcY5UGwSbtEwMqvAgMBAAGjUDBOMB0GA1UdDgQWBBTtvbhve2aaeNIL -0eYjakjeEGMCsDAfBgNVHSMEGDAWgBTtvbhve2aaeNIL0eYjakjeEGMCsDAMBgNV -HRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBj9LtBvK6P65J/1jEfSajvoIip -ZtpW38KbRkgencq9bFeNONMHGv5M7tEnWNdytCPunlh5DLEXMUORcWfXU73GCNHO -9So74rri+q8NKrllJWxWmbYoAo+zJ3xSJ0PKhU8SW6J+dfPvsg140bUXI+MbOGrr -ski88TRVnBOb3HBU1Vd+A2W7YKy9j2ykQH4NiIUPV01h3hguvMLcLzHZ6LN/BHnA -NQx/K/EVIHZxy1ez8vbbIuWW5MRj6SPeofyZC0QoxQGIT6sGDZSNDP6xIGVuKw4D -UpzPNfCvsWgNIaIFTTzLBZJYCwoexJYIO+NiaJxCV9l3swj2iUA3yeyNQZhI ------END CERTIFICATE----- diff --git a/examples/x509.key b/examples/x509.key deleted file mode 100644 index e2d8ae1..0000000 --- a/examples/x509.key +++ /dev/null @@ -1,28 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQC7729iOIdGcnuT -ba8nq1G4HF8isCR/8K/vtclsoCjAxQph5ANa+/9gbIFdQmmnMBhSOckl9Tl/a9g/ -2b/vbezo2qXAuaeOPNr/ZF6Z+h7yPJids7WmBAPphzHeIKQfkr2KLRbFYIIGF4mC -/JfNOBzh8ChcklxnUJu4W8bJPrPkr3zlcMqxpRCCXAqIUxh7lCDta7Uoip+VcibR -qh8g7+eZmTu3GwWtZQCB9kq5BijfguxxDHAXyQ6g7gxOZpwABP9AXdB7K1KAoeBf -0e/lUjC1eXkhvno9TJSp2Q7LEIJqEe/Khyj4FG4KrOu/ifpSwpGP1ztzdMcY5UGw -SbtEwMqvAgMBAAECggEBAJhdhZM/O0U9Gb0sJt5lggpfTi4kWmMzsqAIZPZhXsjy -tvkoUCQavC/jqHoAlwHJ913qpY7VorkQqTETDA5Es9cRNWLr4dFquy5lpGD3rNE9 -mYn5oeKnzLgvOJnbItTKNkrpRVXeaWwg9wawXS4vORNgjoiGzM2iR62PEroj0Nss -mwua2xs92ZHTAMNH6PdJC9U4gqjmlAMofV7ZgpxJLzKsI4rbxcGk9NWrie5bmMu+ -SECwtFDqxHe7YJRjSOvz/HErbXg9qWsglU6PFCVUjQ2dLM4k78ORkR5hvpGYGc83 -DucbEGqOnQ37RACvgNX4/RGFMvVnJDx3FVoDMcz2NFECgYEA6jEiY5RZuUy7jIBR -t1RFTem0KUFco7YLxwHacrT66vEntc1REXeBYSMPeKav1R319jxVVD7iiF4w49Ol -4VxxgPBUhfHou/ZU5S5xLbWRrJG0jvUPUKNVebNCqbv1YXhzf6kRn1vE5j+MR9ge -YMMFG1Si3VXoUm5+IInj1b2mC5kCgYEAzW+YiRJpEbl0+2gNCcHTAhr2cA1t6mdL -9/JGkUhHqwGhMAByZr1QFJeOTLKR9cSNS1FYOJu6wUetnkYDvNgx7gnsiJ50TEof -poTZgtnFCxgGwcEFL23L0PPim5CEUMHRti4j+Wlb8FzTQvz5WvyOw79II4i6DRaL -JA4KN/5aNYcCgYEA4EAqYNY2UGR0lqZtGTKdpmyp8nM/JRh2EJrqtbotJvnC/6hZ -/3LCteQftXVPm7AzzRSa1K/etZwUDqSlC7Y8ja4UEarCI/JN+qLNB2r80hU3o0hv -4NR2TbHknKl531q6pjybvk/erGefiVAeTqOP6UrTJURU0VIyfi/rtckDDckCgYBQ -Lm0/mrLtmw/gjCUCmObtnG5xH5y172lENgh67dYjFXi/Dn2YQe1+jASbRNsZLITl -T7N6LLYAeCR4cOVGkK80NCVg0U+c8xVVXeazXqG8ib0hZF/MujLhtD7O7uHlzzA1 -xd5+mzOqJeDC9Y+xhn+GQSM700Kilxjpkp1Ea370AwKBgGQzCY1tbO48s8RKd/Nz -oKG6ctp9S9vYtinXwuCdw0iL2i671bUgMONoXDNGcVBsYsuXb2324BKpw/bQK+BP -8p3TlBB1szA/W0EeueJkTHCkQninGc9vzvc6VbfacqJnuz7Pv/v1CkMa/E+ILamd -0aJoZHwNLuCkrzbVG+t+5yAS ------END PRIVATE KEY----- -- 2.7.4 From 9302e79f439eae32c47bec06f418d99795b3e643 Mon Sep 17 00:00:00 2001 From: Dariusz Michaluk Date: Wed, 5 Oct 2016 14:37:49 +0200 Subject: [PATCH 13/16] Include examples in documentation. Change-Id: Ifeb8ae0e322eae37bc9642dbc166c3ee68c694cc --- doc/doxygen.cfg | 4 ++-- doc/yaca_encryption_doc.h | 9 +++++++++ doc/yaca_integrity_doc.h | 7 +++++++ doc/yaca_key_doc.h | 13 +++++++++++++ doc/yaca_rsa_doc.h | 5 +++++ doc/yaca_simple_doc.h | 9 +++++++++ 6 files changed, 45 insertions(+), 2 deletions(-) diff --git a/doc/doxygen.cfg b/doc/doxygen.cfg index d034006..af86cf4 100644 --- a/doc/doxygen.cfg +++ b/doc/doxygen.cfg @@ -839,7 +839,7 @@ EXCLUDE_SYMBOLS = # that contain example code fragments that are included (see the \include # command). -EXAMPLE_PATH = +EXAMPLE_PATH = ../examples/ # If the value of the EXAMPLE_PATH tag contains directories, you can use the # EXAMPLE_PATTERNS tag to specify one or more wildcard pattern (like *.cpp and @@ -1394,7 +1394,7 @@ GENERATE_TREEVIEW = YES # Minimum value: 0, maximum value: 20, default value: 4. # This tag requires that the tag GENERATE_HTML is set to YES. -ENUM_VALUES_PER_LINE = 4 +ENUM_VALUES_PER_LINE = 1 # If the treeview is enabled (see GENERATE_TREEVIEW) then this tag can be used # to set the initial width (in pixels) of the frame in which the tree is shown. diff --git a/doc/yaca_encryption_doc.h b/doc/yaca_encryption_doc.h index 7ab66fb..95dcdef 100755 --- a/doc/yaca_encryption_doc.h +++ b/doc/yaca_encryption_doc.h @@ -30,6 +30,15 @@ * @section CAPI_YACA_ENCRYPTION_MODULE_OVERVIEW Overview * It provides advanced APIs for encryption/decryption operations with symmetric keys and sealing/opening operations with asymmetric keys. * + * @section CAPI_YACA_ENCRYPTION_MODULE_EXAMPLES Examples + * Encrypt API example + * @snippet examples/encrypt.c Encrypt API example + * AES GCM encrypt API example + * @snippet examples/encrypt_gcm.c AES GCM encrypt API example + * AES CCM encrypt API example + * @snippet examples/encrypt_ccm.c AES CCM encrypt API example + * Asymmetric Encryption API example + * @snippet examples/seal.c Asymmetric Encryption API example */ #endif /* __TIZEN_CORE_YACA_ENCRYPTION_DOC_H__ */ diff --git a/doc/yaca_integrity_doc.h b/doc/yaca_integrity_doc.h index 049043f..c5b61f3 100755 --- a/doc/yaca_integrity_doc.h +++ b/doc/yaca_integrity_doc.h @@ -27,6 +27,13 @@ * @section CAPI_YACA_INTEGRITY_MODULE_OVERVIEW Overview * It provides advanced APIs for creating a signature using asymmetric private key, verifying a signature using asymmetric public key, calculating a HMAC/CMAC of given message using symmetric key and calculating message digests of given message without key. * + * @section CAPI_YACA_INTEGRITY_MODULE_EXAMPLES Examples + * Message Digest API example + * @snippet examples/digest.c Message Digest API example + * Signature API example + * @snippet examples/sign.c Signature API example + * HMAC Signature API example + * @snippet examples/sign_hmac.c HMAC Signature API example */ #endif /* __TIZEN_CORE_YACA_INTEGRITY_DOC_H__ */ diff --git a/doc/yaca_key_doc.h b/doc/yaca_key_doc.h index a28c57c..6bd69d6 100755 --- a/doc/yaca_key_doc.h +++ b/doc/yaca_key_doc.h @@ -26,6 +26,19 @@ * @section CAPI_YACA_KEY_MODULE_OVERVIEW Overview * It provides APIs for generating key using random number or password, importing a key trying to match it to the key_type specified and exporting a key to arbitrary format. * + * @section CAPI_YACA_KEY_MODULE_EXAMPLES Examples + * Key generation API example + * @snippet examples/key_gen.c Key generation API example + * Symmetric key import/export API example + * @snippet examples/key_import_export_sym.c Symmetric key import/export API example + * Asymmetric key import/export API example + * @snippet examples/key_import_export_asym.c Asymmetric key import/export API example + * Key import/export with password API example + * @snippet examples/key_password.c Key import/export with password API example + * Diffie-Helmann key exchange API example + * @snippet examples/key_exchange.c Diffie-Helmann key exchange API example + * Key wrapping API example + * @snippet examples/key_wrap.c Key wrapping API example */ #endif /* __TIZEN_CORE_YACA_KEY_DOC_H__ */ diff --git a/doc/yaca_rsa_doc.h b/doc/yaca_rsa_doc.h index 4012e68..5645188 100755 --- a/doc/yaca_rsa_doc.h +++ b/doc/yaca_rsa_doc.h @@ -27,6 +27,11 @@ * It provides advanced APIs for low-level encryption/decryption operations * with asymmetric RSA keys. * + * @section CAPI_YACA_RSA_MODULE_EXAMPLES Examples + * Public RSA Encrypt API example + * @snippet examples/rsa_public.c Public RSA Encrypt API example + * Private RSA Encrypt API example + * @snippet examples/rsa_private.c Private RSA Encrypt API example */ #endif /* __TIZEN_CORE_YACA_RSA_DOC_H__ */ diff --git a/doc/yaca_simple_doc.h b/doc/yaca_simple_doc.h index bc29b5d..ae2fcd1 100755 --- a/doc/yaca_simple_doc.h +++ b/doc/yaca_simple_doc.h @@ -26,6 +26,15 @@ * @section CAPI_YACA_SIMPLE_MODULE_OVERVIEW Overview * It provides simple APIs for encryption/decryption, signing/verification, and message digestion. * + * @section CAPI_YACA_SIMPLE_MODULE_EXAMPLES Examples + * Simple Encrypt API example + * @snippet examples/encrypt_simple.c Simple Encrypt API example + * Simple Message Digest API example + * @snippet examples/digest_simple.c Simple Message Digest API example + * Simple Signature API example + * @snippet examples/sign_simple.c Simple Signature API example + * Simple CMAC Signature API example + * @snippet examples/sign_simple_cmac.c Simple CMAC Signature API example */ #endif /* __TIZEN_CORE_YACA_SIMPLE_DOC_H__ */ -- 2.7.4 From c095a7929efba8f737180d0e8987f34b461df5fd Mon Sep 17 00:00:00 2001 From: Dariusz Michaluk Date: Tue, 11 Oct 2016 13:02:21 +0200 Subject: [PATCH 14/16] Remove outdated TODO's Change-Id: I2a0d00923ffa4f105461a7ee2bc6bb025c6bdb82 --- src/key.c | 2 +- todo.txt | 7 ------- 2 files changed, 1 insertion(+), 8 deletions(-) delete mode 100644 todo.txt diff --git a/src/key.c b/src/key.c index 0c04179..404840a 100644 --- a/src/key.c +++ b/src/key.c @@ -1926,7 +1926,7 @@ API int yaca_key_derive_pbkdf2(const char *password, return ret; nk->bit_len = key_bit_len; - nk->key.type = YACA_KEY_TYPE_SYMMETRIC; // TODO: how to handle other keys? + nk->key.type = YACA_KEY_TYPE_SYMMETRIC; ret = PKCS5_PBKDF2_HMAC(password, -1, (const unsigned char*)salt, salt_len, iterations, md, key_byte_len, diff --git a/todo.txt b/todo.txt deleted file mode 100644 index 78272ad..0000000 --- a/todo.txt +++ /dev/null @@ -1,7 +0,0 @@ -Global: -- Rethink and possibly add verification of output buffer lengths. - In other words check whether the user won't cause a buffer overflow. -- Support for OCB mode was added in OpenSSL 1.1.0 -- We need a way to import keys encrypted with hw (or other) keys. New - function like yaca_key_load or sth? -- Add extended description and examples in documentation. -- 2.7.4 From a2b610b035f732233e5fbdc8ed55ea134d9f007c Mon Sep 17 00:00:00 2001 From: Dariusz Michaluk Date: Tue, 18 Oct 2016 09:24:32 +0200 Subject: [PATCH 15/16] Release 0.0.2 Change-Id: I62a0ff6fff1b3a3b4cdfa611c59a310555b9e001 --- CMakeLists.txt | 2 +- packaging/yaca.spec | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index 606c9fc..653daef 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -23,7 +23,7 @@ CMAKE_MINIMUM_REQUIRED (VERSION 2.6.2) PROJECT(yaca) -SET(VERSION "0.0.1") +SET(VERSION "0.0.2") ## pkgconfig ################################################################### INCLUDE(FindPkgConfig) diff --git a/packaging/yaca.spec b/packaging/yaca.spec index 8e81aa4..2b43c19 100644 --- a/packaging/yaca.spec +++ b/packaging/yaca.spec @@ -1,5 +1,5 @@ Name: yaca -Version: 0.0.1 +Version: 0.0.2 Release: 0 Source0: %{name}-%{version}.tar.gz License: Apache-2.0 -- 2.7.4 From 52d9fac96f1db8eb862f2622bb2abfb01b92312b Mon Sep 17 00:00:00 2001 From: Krzysztof Jackiewicz Date: Mon, 7 Nov 2016 09:21:36 +0100 Subject: [PATCH 16/16] Replace spaces with tabs Tab policy [IDT_M_TAB] have changed from optional to mandatory and whole code has to be adjusted. doc/coding_rules.txt updated. File access rights fixed Change-Id: I7b855be9560e9b4f134294a1f97a70a50af578c1 --- api/yaca/yaca_crypto.h | 16 +-- api/yaca/yaca_digest.h | 0 api/yaca/yaca_encrypt.h | 46 ++++----- api/yaca/yaca_error.h | 0 api/yaca/yaca_key.h | 54 +++++----- api/yaca/yaca_rsa.h | 40 +++---- api/yaca/yaca_seal.h | 48 ++++----- api/yaca/yaca_sign.h | 32 +++--- api/yaca/yaca_simple.h | 76 +++++++------- api/yaca/yaca_types.h | 0 doc/coding-rules.txt | 64 ++++++------ doc/yaca_doc.h | 0 doc/yaca_encryption_doc.h | 0 doc/yaca_integrity_doc.h | 0 doc/yaca_key_doc.h | 0 doc/yaca_rsa_doc.h | 0 doc/yaca_simple_doc.h | 0 examples/digest_simple.c | 2 +- examples/encrypt_simple.c | 8 +- examples/key_exchange.c | 2 +- examples/key_import_export_asym.c | 8 +- examples/key_import_export_sym.c | 8 +- examples/key_password.c | 4 +- examples/key_wrap.c | 14 +-- examples/rsa_private.c | 4 +- examples/rsa_public.c | 4 +- examples/seal.c | 4 +- examples/sign_simple.c | 8 +- examples/sign_simple_cmac.c | 8 +- src/crypto.c | 10 +- src/debug.c | 8 +- src/digest.c | 4 +- src/encrypt.c | 212 +++++++++++++++++++------------------- src/internal.h | 32 +++--- src/key.c | 162 ++++++++++++++--------------- src/rsa.c | 110 ++++++++++---------- src/seal.c | 80 +++++++------- src/sign.c | 64 ++++++------ src/simple.c | 104 +++++++++---------- 39 files changed, 618 insertions(+), 618 deletions(-) mode change 100755 => 100644 api/yaca/yaca_crypto.h mode change 100755 => 100644 api/yaca/yaca_digest.h mode change 100755 => 100644 api/yaca/yaca_encrypt.h mode change 100755 => 100644 api/yaca/yaca_error.h mode change 100755 => 100644 api/yaca/yaca_key.h mode change 100755 => 100644 api/yaca/yaca_rsa.h mode change 100755 => 100644 api/yaca/yaca_seal.h mode change 100755 => 100644 api/yaca/yaca_sign.h mode change 100755 => 100644 api/yaca/yaca_simple.h mode change 100755 => 100644 api/yaca/yaca_types.h mode change 100755 => 100644 doc/yaca_doc.h mode change 100755 => 100644 doc/yaca_encryption_doc.h mode change 100755 => 100644 doc/yaca_integrity_doc.h mode change 100755 => 100644 doc/yaca_key_doc.h mode change 100755 => 100644 doc/yaca_rsa_doc.h mode change 100755 => 100644 doc/yaca_simple_doc.h diff --git a/api/yaca/yaca_crypto.h b/api/yaca/yaca_crypto.h old mode 100755 new mode 100644 index e2b2d5a..56425eb --- a/api/yaca/yaca_crypto.h +++ b/api/yaca/yaca_crypto.h @@ -206,9 +206,9 @@ int yaca_randomize_bytes(char *data, size_t data_len); * @see yaca_context_get_property() */ int yaca_context_set_property(yaca_context_h ctx, - yaca_property_e property, - const void *value, - size_t value_len); + yaca_property_e property, + const void *value, + size_t value_len); /** * @brief Returns the non-standard context properties. Can only be called on an @@ -241,9 +241,9 @@ int yaca_context_set_property(yaca_context_h ctx, * @see yaca_free() */ int yaca_context_get_property(const yaca_context_h ctx, - yaca_property_e property, - void **value, - size_t *value_len); + yaca_property_e property, + void **value, + size_t *value_len); /** * @brief Returns the minimum required size of the output buffer for a single crypto function call. @@ -271,8 +271,8 @@ int yaca_context_get_property(const yaca_context_h ctx, * @retval #YACA_ERROR_INTERNAL Internal error */ int yaca_context_get_output_length(const yaca_context_h ctx, - size_t input_len, - size_t *output_len); + size_t input_len, + size_t *output_len); /** * @brief Destroys the crypto context. Must be called on all contexts that are diff --git a/api/yaca/yaca_digest.h b/api/yaca/yaca_digest.h old mode 100755 new mode 100644 diff --git a/api/yaca/yaca_encrypt.h b/api/yaca/yaca_encrypt.h old mode 100755 new mode 100644 index 3395013..4031f2c --- a/api/yaca/yaca_encrypt.h +++ b/api/yaca/yaca_encrypt.h @@ -58,9 +58,9 @@ extern "C" { * */ int yaca_encrypt_get_iv_bit_length(yaca_encrypt_algorithm_e algo, - yaca_block_cipher_mode_e bcm, - size_t key_bit_len, - size_t *iv_bit_len); + yaca_block_cipher_mode_e bcm, + size_t key_bit_len, + size_t *iv_bit_len); /** * @brief Initializes an encryption context. @@ -89,10 +89,10 @@ int yaca_encrypt_get_iv_bit_length(yaca_encrypt_algorithm_e algo, * @see yaca_context_destroy() */ int yaca_encrypt_initialize(yaca_context_h *ctx, - yaca_encrypt_algorithm_e algo, - yaca_block_cipher_mode_e bcm, - const yaca_key_h sym_key, - const yaca_key_h iv); + yaca_encrypt_algorithm_e algo, + yaca_block_cipher_mode_e bcm, + const yaca_key_h sym_key, + const yaca_key_h iv); /** * @brief Encrypts chunk of the data. @@ -118,10 +118,10 @@ int yaca_encrypt_initialize(yaca_context_h *ctx, * @see yaca_context_get_output_length() */ int yaca_encrypt_update(yaca_context_h ctx, - const char *plaintext, - size_t plaintext_len, - char *ciphertext, - size_t *ciphertext_len); + const char *plaintext, + size_t plaintext_len, + char *ciphertext, + size_t *ciphertext_len); /** * @brief Encrypts the final chunk of the data. @@ -148,8 +148,8 @@ int yaca_encrypt_update(yaca_context_h ctx, * @see yaca_context_get_output_length() */ int yaca_encrypt_finalize(yaca_context_h ctx, - char *ciphertext, - size_t *ciphertext_len); + char *ciphertext, + size_t *ciphertext_len); /** * @brief Initializes an decryption context. @@ -178,10 +178,10 @@ int yaca_encrypt_finalize(yaca_context_h ctx, * @see yaca_context_destroy() */ int yaca_decrypt_initialize(yaca_context_h *ctx, - yaca_encrypt_algorithm_e algo, - yaca_block_cipher_mode_e bcm, - const yaca_key_h sym_key, - const yaca_key_h iv); + yaca_encrypt_algorithm_e algo, + yaca_block_cipher_mode_e bcm, + const yaca_key_h sym_key, + const yaca_key_h iv); /** * @brief Decrypts chunk of the data. @@ -208,10 +208,10 @@ int yaca_decrypt_initialize(yaca_context_h *ctx, * @see yaca_context_get_output_length() */ int yaca_decrypt_update(yaca_context_h ctx, - const char *ciphertext, - size_t ciphertext_len, - char *plaintext, - size_t *plaintext_len); + const char *ciphertext, + size_t ciphertext_len, + char *plaintext, + size_t *plaintext_len); /** * @brief Decrypts the final chunk of the data. @@ -239,8 +239,8 @@ int yaca_decrypt_update(yaca_context_h ctx, * @see yaca_context_get_output_length() */ int yaca_decrypt_finalize(yaca_context_h ctx, - char *plaintext, - size_t *plaintext_len); + char *plaintext, + size_t *plaintext_len); /** * @} diff --git a/api/yaca/yaca_error.h b/api/yaca/yaca_error.h old mode 100755 new mode 100644 diff --git a/api/yaca/yaca_key.h b/api/yaca/yaca_key.h old mode 100755 new mode 100644 index 4f50550..5c87944 --- a/api/yaca/yaca_key.h +++ b/api/yaca/yaca_key.h @@ -138,10 +138,10 @@ int yaca_key_get_bit_length(const yaca_key_h key, size_t *key_bit_len); * @see yaca_key_destroy() */ int yaca_key_import(yaca_key_type_e key_type, - const char *password, - const char *data, - size_t data_len, - yaca_key_h *key); + const char *password, + const char *data, + size_t data_len, + yaca_key_h *key); /** * @brief Exports a key or key generation parameters to arbitrary format. @@ -201,11 +201,11 @@ int yaca_key_import(yaca_key_type_e key_type, * @see yaca_key_destroy() */ int yaca_key_export(const yaca_key_h key, - yaca_key_format_e key_fmt, - yaca_key_file_format_e key_file_fmt, - const char *password, - char **data, - size_t *data_len); + yaca_key_format_e key_fmt, + yaca_key_file_format_e key_file_fmt, + const char *password, + char **data, + size_t *data_len); /** * @brief Generates a secure key or key generation parameters (or an Initialization Vector). @@ -245,8 +245,8 @@ int yaca_key_export(const yaca_key_h key, * @see yaca_key_destroy() */ int yaca_key_generate(yaca_key_type_e key_type, - size_t key_bit_len, - yaca_key_h *key); + size_t key_bit_len, + yaca_key_h *key); /** * @brief Generates a secure private asymmetric key from parameters. @@ -346,9 +346,9 @@ int yaca_key_extract_parameters(const yaca_key_h key, yaca_key_h *params); * @see yaca_free() */ int yaca_key_derive_dh(const yaca_key_h prv_key, - const yaca_key_h pub_key, - char **secret, - size_t *secret_len); + const yaca_key_h pub_key, + char **secret, + size_t *secret_len); /** * @brief Derives a key material from shared secret. @@ -386,13 +386,13 @@ int yaca_key_derive_dh(const yaca_key_h prv_key, * @see yaca_free() */ int yaca_key_derive_kdf(yaca_kdf_e kdf, - yaca_digest_algorithm_e algo, - const char *secret, - size_t secret_len, - const char *info, - size_t info_len, - size_t key_material_len, - char **key_material); + yaca_digest_algorithm_e algo, + const char *secret, + size_t secret_len, + const char *info, + size_t info_len, + size_t key_material_len, + char **key_material); /** * @brief Derives a key from user password (PKCS #5 a.k.a. pbkdf2 algorithm). @@ -420,12 +420,12 @@ int yaca_key_derive_kdf(yaca_kdf_e kdf, * @see yaca_key_destroy() */ int yaca_key_derive_pbkdf2(const char *password, - const char *salt, - size_t salt_len, - size_t iterations, - yaca_digest_algorithm_e algo, - size_t key_bit_len, - yaca_key_h *key); + const char *salt, + size_t salt_len, + size_t iterations, + yaca_digest_algorithm_e algo, + size_t key_bit_len, + yaca_key_h *key); /** * @brief Release the key created by the library. Passing YACA_KEY_NULL is allowed. diff --git a/api/yaca/yaca_rsa.h b/api/yaca/yaca_rsa.h old mode 100755 new mode 100644 index 20b1b4d..a57bfd7 --- a/api/yaca/yaca_rsa.h +++ b/api/yaca/yaca_rsa.h @@ -70,11 +70,11 @@ extern "C" { * @see yaca_free() */ int yaca_rsa_public_encrypt(yaca_padding_e padding, - const yaca_key_h pub_key, - const char *plaintext, - size_t plaintext_len, - char **ciphertext, - size_t *ciphertext_len); + const yaca_key_h pub_key, + const char *plaintext, + size_t plaintext_len, + char **ciphertext, + size_t *ciphertext_len); /** * @brief Decrypts data using a RSA private key (low-level decrypt equivalent). @@ -105,11 +105,11 @@ int yaca_rsa_public_encrypt(yaca_padding_e padding, * @see yaca_free() */ int yaca_rsa_private_decrypt(yaca_padding_e padding, - const yaca_key_h prv_key, - const char *ciphertext, - size_t ciphertext_len, - char **plaintext, - size_t *plaintext_len); + const yaca_key_h prv_key, + const char *ciphertext, + size_t ciphertext_len, + char **plaintext, + size_t *plaintext_len); /** * @brief Encrypts data using a RSA private key (low-level sign equivalent). @@ -145,11 +145,11 @@ int yaca_rsa_private_decrypt(yaca_padding_e padding, * @see yaca_free() */ int yaca_rsa_private_encrypt(yaca_padding_e padding, - const yaca_key_h prv_key, - const char *plaintext, - size_t plaintext_len, - char **ciphertext, - size_t *ciphertext_len); + const yaca_key_h prv_key, + const char *plaintext, + size_t plaintext_len, + char **ciphertext, + size_t *ciphertext_len); /** * @brief Decrypts data using a RSA public key (low-level verify equivalent). @@ -180,11 +180,11 @@ int yaca_rsa_private_encrypt(yaca_padding_e padding, * @see yaca_free() */ int yaca_rsa_public_decrypt(yaca_padding_e padding, - const yaca_key_h pub_key, - const char *ciphertext, - size_t ciphertext_len, - char **plaintext, - size_t *plaintext_len); + const yaca_key_h pub_key, + const char *ciphertext, + size_t ciphertext_len, + char **plaintext, + size_t *plaintext_len); /** * @} diff --git a/api/yaca/yaca_seal.h b/api/yaca/yaca_seal.h old mode 100755 new mode 100644 index 7fab958..5db810e --- a/api/yaca/yaca_seal.h +++ b/api/yaca/yaca_seal.h @@ -87,12 +87,12 @@ extern "C" { * @see yaca_context_destroy() */ int yaca_seal_initialize(yaca_context_h *ctx, - const yaca_key_h pub_key, - yaca_encrypt_algorithm_e algo, - yaca_block_cipher_mode_e bcm, - size_t sym_key_bit_len, - yaca_key_h *sym_key, - yaca_key_h *iv); + const yaca_key_h pub_key, + yaca_encrypt_algorithm_e algo, + yaca_block_cipher_mode_e bcm, + size_t sym_key_bit_len, + yaca_key_h *sym_key, + yaca_key_h *iv); /** * @brief Encrypts piece of the data. @@ -118,10 +118,10 @@ int yaca_seal_initialize(yaca_context_h *ctx, * @see yaca_context_get_output_length() */ int yaca_seal_update(yaca_context_h ctx, - const char *plaintext, - size_t plaintext_len, - char *ciphertext, - size_t *ciphertext_len); + const char *plaintext, + size_t plaintext_len, + char *ciphertext, + size_t *ciphertext_len); /** * @brief Encrypts the final piece of the data. @@ -148,8 +148,8 @@ int yaca_seal_update(yaca_context_h ctx, * @see yaca_context_get_output_length() */ int yaca_seal_finalize(yaca_context_h ctx, - char *ciphertext, - size_t *ciphertext_len); + char *ciphertext, + size_t *ciphertext_len); /** * @brief Initializes an asymmetric decryption context. @@ -185,12 +185,12 @@ int yaca_seal_finalize(yaca_context_h ctx, * @see yaca_context_destroy() */ int yaca_open_initialize(yaca_context_h *ctx, - const yaca_key_h prv_key, - yaca_encrypt_algorithm_e algo, - yaca_block_cipher_mode_e bcm, - size_t sym_key_bit_len, - const yaca_key_h sym_key, - const yaca_key_h iv); + const yaca_key_h prv_key, + yaca_encrypt_algorithm_e algo, + yaca_block_cipher_mode_e bcm, + size_t sym_key_bit_len, + const yaca_key_h sym_key, + const yaca_key_h iv); /** * @brief Decrypts piece of the data. @@ -217,10 +217,10 @@ int yaca_open_initialize(yaca_context_h *ctx, * @see yaca_context_get_output_length() */ int yaca_open_update(yaca_context_h ctx, - const char *ciphertext, - size_t ciphertext_len, - char *plaintext, - size_t *plaintext_len); + const char *ciphertext, + size_t ciphertext_len, + char *plaintext, + size_t *plaintext_len); /** * @brief Decrypts last chunk of sealed message. @@ -248,8 +248,8 @@ int yaca_open_update(yaca_context_h ctx, * @see yaca_context_get_output_length() */ int yaca_open_finalize(yaca_context_h ctx, - char *plaintext, - size_t *plaintext_len); + char *plaintext, + size_t *plaintext_len); /** * @} diff --git a/api/yaca/yaca_sign.h b/api/yaca/yaca_sign.h old mode 100755 new mode 100644 index e627262..0fcbec3 --- a/api/yaca/yaca_sign.h +++ b/api/yaca/yaca_sign.h @@ -83,8 +83,8 @@ extern "C" { * @see yaca_context_destroy() */ int yaca_sign_initialize(yaca_context_h *ctx, - yaca_digest_algorithm_e algo, - const yaca_key_h prv_key); + yaca_digest_algorithm_e algo, + const yaca_key_h prv_key); /** * @brief Initializes a signature context for HMAC. @@ -117,8 +117,8 @@ int yaca_sign_initialize(yaca_context_h *ctx, * @see yaca_context_destroy() */ int yaca_sign_initialize_hmac(yaca_context_h *ctx, - yaca_digest_algorithm_e algo, - const yaca_key_h sym_key); + yaca_digest_algorithm_e algo, + const yaca_key_h sym_key); /** * @brief Initializes a signature context for CMAC. @@ -151,8 +151,8 @@ int yaca_sign_initialize_hmac(yaca_context_h *ctx, * @see yaca_context_destroy() */ int yaca_sign_initialize_cmac(yaca_context_h *ctx, - yaca_encrypt_algorithm_e algo, - const yaca_key_h sym_key); + yaca_encrypt_algorithm_e algo, + const yaca_key_h sym_key); /** * @brief Feeds the message into the digital signature or MAC algorithm. @@ -176,8 +176,8 @@ int yaca_sign_initialize_cmac(yaca_context_h *ctx, * @see yaca_sign_initialize_cmac() */ int yaca_sign_update(yaca_context_h ctx, - const char *message, - size_t message_len); + const char *message, + size_t message_len); /** * @brief Calculates the final signature or MAC. @@ -206,8 +206,8 @@ int yaca_sign_update(yaca_context_h ctx, * @see yaca_context_get_output_length() */ int yaca_sign_finalize(yaca_context_h ctx, - char *signature, - size_t *signature_len); + char *signature, + size_t *signature_len); /** * @brief Initializes a signature verification context for asymmetric signatures. @@ -244,8 +244,8 @@ int yaca_sign_finalize(yaca_context_h ctx, * @see yaca_context_destroy() */ int yaca_verify_initialize(yaca_context_h *ctx, - yaca_digest_algorithm_e algo, - const yaca_key_h pub_key); + yaca_digest_algorithm_e algo, + const yaca_key_h pub_key); /** * @brief Feeds the message into the digital signature verification algorithm. @@ -266,8 +266,8 @@ int yaca_verify_initialize(yaca_context_h *ctx, * @see yaca_verify_finalize() */ int yaca_verify_update(yaca_context_h ctx, - const char *message, - size_t message_len); + const char *message, + size_t message_len); /** * @brief Performs the verification. @@ -293,8 +293,8 @@ int yaca_verify_update(yaca_context_h ctx, * @see yaca_sign_finalize() */ int yaca_verify_finalize(yaca_context_h ctx, - const char *signature, - size_t signature_len); + const char *signature, + size_t signature_len); /** * @} diff --git a/api/yaca/yaca_simple.h b/api/yaca/yaca_simple.h old mode 100755 new mode 100644 index b77e9bc..97a9826 --- a/api/yaca/yaca_simple.h +++ b/api/yaca/yaca_simple.h @@ -80,13 +80,13 @@ extern "C" { * @see yaca_free() */ int yaca_simple_encrypt(yaca_encrypt_algorithm_e algo, - yaca_block_cipher_mode_e bcm, - const yaca_key_h sym_key, - const yaca_key_h iv, - const char *plaintext, - size_t plaintext_len, - char **ciphertext, - size_t *ciphertext_len); + yaca_block_cipher_mode_e bcm, + const yaca_key_h sym_key, + const yaca_key_h iv, + const char *plaintext, + size_t plaintext_len, + char **ciphertext, + size_t *ciphertext_len); /** * @brief Decrypts data using a symmetric cipher. @@ -121,13 +121,13 @@ int yaca_simple_encrypt(yaca_encrypt_algorithm_e algo, * @see yaca_free() */ int yaca_simple_decrypt(yaca_encrypt_algorithm_e algo, - yaca_block_cipher_mode_e bcm, - const yaca_key_h sym_key, - const yaca_key_h iv, - const char *ciphertext, - size_t ciphertext_len, - char **plaintext, - size_t *plaintext_len); + yaca_block_cipher_mode_e bcm, + const yaca_key_h sym_key, + const yaca_key_h iv, + const char *ciphertext, + size_t ciphertext_len, + char **plaintext, + size_t *plaintext_len); /** * @brief Calculates a digest of a message. @@ -155,10 +155,10 @@ int yaca_simple_decrypt(yaca_encrypt_algorithm_e algo, * @see yaca_free() */ int yaca_simple_calculate_digest(yaca_digest_algorithm_e algo, - const char *message, - size_t message_len, - char **digest, - size_t *digest_len); + const char *message, + size_t message_len, + char **digest, + size_t *digest_len); /** * @brief Creates a signature using asymmetric private key. @@ -198,11 +198,11 @@ int yaca_simple_calculate_digest(yaca_digest_algorithm_e algo, * @see yaca_free() */ int yaca_simple_calculate_signature(yaca_digest_algorithm_e algo, - const yaca_key_h prv_key, - const char *message, - size_t message_len, - char **signature, - size_t *signature_len); + const yaca_key_h prv_key, + const char *message, + size_t message_len, + char **signature, + size_t *signature_len); /** * @brief Verifies a signature using asymmetric public key. @@ -235,11 +235,11 @@ int yaca_simple_calculate_signature(yaca_digest_algorithm_e algo, * @see yaca_simple_calculate_signature() */ int yaca_simple_verify_signature(yaca_digest_algorithm_e algo, - const yaca_key_h pub_key, - const char *message, - size_t message_len, - const char *signature, - size_t signature_len); + const yaca_key_h pub_key, + const char *message, + size_t message_len, + const char *signature, + size_t signature_len); /** * @brief Calculates a HMAC of given message using symmetric key. @@ -275,11 +275,11 @@ int yaca_simple_verify_signature(yaca_digest_algorithm_e algo, * @see yaca_free() */ int yaca_simple_calculate_hmac(yaca_digest_algorithm_e algo, - const yaca_key_h sym_key, - const char *message, - size_t message_len, - char **mac, - size_t *mac_len); + const yaca_key_h sym_key, + const char *message, + size_t message_len, + char **mac, + size_t *mac_len); /** * @brief Calculates a CMAC of given message using symmetric key. @@ -315,11 +315,11 @@ int yaca_simple_calculate_hmac(yaca_digest_algorithm_e algo, * @see yaca_free() */ int yaca_simple_calculate_cmac(yaca_encrypt_algorithm_e algo, - const yaca_key_h sym_key, - const char *message, - size_t message_len, - char **mac, - size_t *mac_len); + const yaca_key_h sym_key, + const char *message, + size_t message_len, + char **mac, + size_t *mac_len); /** * @} diff --git a/api/yaca/yaca_types.h b/api/yaca/yaca_types.h old mode 100755 new mode 100644 diff --git a/doc/coding-rules.txt b/doc/coding-rules.txt index 4f55843..9f8b70e 100644 --- a/doc/coding-rules.txt +++ b/doc/coding-rules.txt @@ -4,24 +4,24 @@ Differences from Tizen rules are included as "Notes". For full description of each rule - please refer to Tizen documentation. -[R01] [CMT_M_C89] Style for comment is the C89 "/* … */" style. +[R01] [CMT_M_C89] Both comment styles are allowed : C89 "/* ... */" style & C99 "//" style Note: Temporary comments may use C99 style (TODO, FIXME etc.) [R02] [DEC_R_INL] inline keyword should sit between storage class and type. -[R03] [IDT_R_TAB] Use tabs. All tabs are 4 characters. Indentation use only tab (No space key). -Note: If possible use Smart Tabs, if not - 4-character tabs + alignment spaces +[M01] [IDT_M_TAB] Use tabs. All tabs are 4 characters. Indentation use only tab (No space key). +Note: If necessary use 4-character tabs + alignment spaces -[R04] [IDT_R_SCH] Switch and case should be at the same indent. +[M02] [IDT_M_SCH] Switch and case should be at the same indent. -[R05] [IDT_R_LBL] goto labels aren't indented, allow a single space however. +[R03] [IDT_R_LBL] goto labels aren't indented, allow a single space however. Note: No single space allowed -[M01] [SPC_M_KWD] Keywords have following space rules +[M03] [SPC_M_KWD] Keywords have following space rules -Put a space after (most) keywords (ex: if, switch, case, for, do, while). -Exception: Do not put a space after function like keywords, such as sizeof, typeof, alignof, __attribute__. - -[M02] [SPC_M_OPR] Operators have following space rules +[M04] [SPC_M_OPR] Operators have following space rules -Put a space around(on each side of) most binary and ternary operators -Example: = + -< > * / % | & ^ <= >= == != ? : -Do not put a space after unary operators @@ -30,7 +30,7 @@ Note: No single space allowed -Do not put a space after cast operator -Do not put a space around the "." and "->" structure member operators. -[M03] [SPC_M_SEP] Seperators have following space rules +[M05] [SPC_M_SEP] Seperators have following space rules -Put a space after closing brace when it has anything on the line. -Exception : comma after closing brace '},' -Put a space after comma @@ -38,50 +38,50 @@ Note: No single space allowed -Do not put a space after the function name in function calls. -Do not put space before open square bracket '['; and inside square bracket '[', ']'. -[M04] [BRC_M_FTN] functions have the opening brace at the beginning of the next line. +[M06] [BRC_M_FTN] functions have the opening brace at the beginning of the next line. -[M05] [BRC_M_SMT] Statement brace: Open brace last on the line. The closing brace is empty on a line of its own. +[M07] [BRC_M_SMT] Statement brace: Open brace last on the line. The closing brace is empty on a line of its own. -Exception: Where the closing race is followed by a continuation of the same statement, else should follow close brace '}', while should follow close brace '}' -[M06] [BRC_M_EUS] Open braces for enum, union and struct go on the same line. +[M08] [BRC_M_EUS] Open braces for enum, union and struct go on the same line. -[R06] [BRC_R_SST] Do not unnecessarily use braces where a single statement will do. +[R04] [BRC_R_SST] Do not unnecessarily use braces where a single statement will do. -Exception: if one branch of a conditional statement is a single statement, use braces in both branches. -[R07] [LNE_R_TWS] No trailing whitespaces at the ends of lines. +[R05] [LNE_R_TWS] No trailing whitespaces at the ends of lines. -[R08] [LNE_R_EOF] Check for adding lines without a newline at end of file. -Notes: File should end with '\n' (single newline at the end of file) +[R06] [LNE_R_EOF] Check for adding lines without a newline at end of file. +Note: File should end with '\n' (single newline at the end of file) -[R09] In source file, the sequence of the code organization : Copyright File comments Header files Define constant and macros Declare static (private) functions Define exported (public) functions Define static (private) functions Define protected functions. -Notes: Static (private) function code first, then functions used by other objects in library; API (public) functions at the end +[R07] In source file, the sequence of the code organization : Copyright, File comments, Header files, Define constant and macros, Declare static (private) functions, Define exported (public) functions, Define static (private) functions, Define protected functions. +Note: Static (private) function code first, then functions used by other objects in library; API (public) functions at the end ******** Public API should use 'API' macro - other functions are not visible outside of library -[M07] Separate external public header(API) and internal header(declare protected functions that are not exported but use for many files) +[M09] Separate external public header(API) and internal header(declare protected functions that are not exported but use for many files) -[M08] External public headers include the Doxygen style for comment. ex) Variable, Function, Struct. +[M10] External public headers include the Doxygen style for comment. ex) Variable, Function, Struct. -[M09] In function prototypes, include parameter names with their data types and return type. +[M11] In function prototypes, include parameter names with their data types and return type. -[R10] Macros with multiple statements should be enclosed in a "do -while" block. +[R08] Macros with multiple statements should be enclosed in a "do -while" block. -[R11] ''#' symbol for macro shall be located at the first column. +[R09] ''#' symbol for macro shall be located at the first column. -[R12] In macro definition, every expression and the arguments in the expressions shall be enclosed by '(' and ')' for each. +[R10] In macro definition, every expression and the arguments in the expressions shall be enclosed by '(' and ')' for each. -[R13] Don’t declare both a structure tag and variables or typedefs in the same declaration. +[R11] Don’t declare both a structure tag and variables or typedefs in the same declaration. Note: Avoid use of typedefs for structures/enums unless it's needed (for handles in API etc.) -[R14] Each variable shall be declared in the new line. +[R12] Each variable shall be declared in the new line. Notes: except for counters (like i, j, k, etc.). -[M10] No mixed-case, Use underscores('_') to separate words in a name. +[M12] No mixed-case, Use underscores('_') to separate words in a name. -[R15] Names of macros defining constants and labels in enums are composed of capital letters, numbers and '_' character. +[R13] Names of macros defining constants and labels in enums are composed of capital letters, numbers and '_' character. -[R16] Name of functions are Verb + Noun to have a good representation of features. +[R14] Name of functions are Verb + Noun to have a good representation of features. Note: this is rule of thumb except for Public API. Public API has prefix (__fcn). -------------------------------------------------------------------------------- @@ -98,8 +98,8 @@ Note: this is rule of thumb except for Public API. Public API has prefix ( 0) { ret = yaca_malloc(CRYPTO_num_locks() * sizeof(pthread_mutex_t), - (void**)&mutexes); + (void**)&mutexes); if (ret != YACA_ERROR_NONE) goto exit; @@ -393,7 +393,7 @@ API int yaca_randomize_bytes(char *data, size_t data_len) } API int yaca_context_set_property(yaca_context_h ctx, yaca_property_e property, - const void *value, size_t value_len) + const void *value, size_t value_len) { if (ctx == YACA_CONTEXT_NULL || ctx->set_property == NULL) return YACA_ERROR_INVALID_PARAMETER; @@ -402,7 +402,7 @@ API int yaca_context_set_property(yaca_context_h ctx, yaca_property_e property, } API int yaca_context_get_property(const yaca_context_h ctx, yaca_property_e property, - void **value, size_t *value_len) + void **value, size_t *value_len) { if (ctx == YACA_CONTEXT_NULL || ctx->get_property == NULL) return YACA_ERROR_INVALID_PARAMETER; @@ -420,10 +420,10 @@ API void yaca_context_destroy(yaca_context_h ctx) } API int yaca_context_get_output_length(const yaca_context_h ctx, - size_t input_len, size_t *output_len) + size_t input_len, size_t *output_len) { if (ctx == YACA_CONTEXT_NULL || output_len == NULL || - ctx->get_output_length == NULL) + ctx->get_output_length == NULL) return YACA_ERROR_INVALID_PARAMETER; return ctx->get_output_length(ctx, input_len, output_len); diff --git a/src/debug.c b/src/debug.c index 80edb1d..e49a4ca 100644 --- a/src/debug.c +++ b/src/debug.c @@ -81,7 +81,7 @@ void error_dump(const char *file, int line, const char *function, int code) } written = snprintf(buf, BUF_SIZE, "%s:%d %s() API error: %s0x%02X (%s)\n", file, - line, function, sign, code, err_str); + line, function, sign, code, err_str); while ((err = ERR_get_error()) != 0 && written < BUF_SIZE - 1) { if (!error_strings_loaded) { @@ -151,9 +151,9 @@ int error_handle(const char *file, int line, const char *function) while ((err = ERR_get_error()) != 0) if (err == ERR_PACK(ERR_LIB_PKCS12, PKCS12_F_PKCS12_ITEM_DECRYPT_D2I, PKCS12_R_DECODE_ERROR) || - err == ERR_PACK(ERR_LIB_PKCS12, PKCS12_F_PKCS12_PBE_CRYPT, PKCS12_R_PKCS12_CIPHERFINAL_ERROR) || - err == ERR_PACK(ERR_LIB_DSA, DSA_F_OLD_DSA_PRIV_DECODE, ERR_R_DSA_LIB) || - err == ERR_PACK(ERR_LIB_RSA, RSA_F_OLD_RSA_PRIV_DECODE, ERR_R_RSA_LIB)) { + err == ERR_PACK(ERR_LIB_PKCS12, PKCS12_F_PKCS12_PBE_CRYPT, PKCS12_R_PKCS12_CIPHERFINAL_ERROR) || + err == ERR_PACK(ERR_LIB_DSA, DSA_F_OLD_DSA_PRIV_DECODE, ERR_R_DSA_LIB) || + err == ERR_PACK(ERR_LIB_RSA, RSA_F_OLD_RSA_PRIV_DECODE, ERR_R_RSA_LIB)) { found_crypto_error = true; break; } diff --git a/src/digest.c b/src/digest.c index 7b14ad2..1d7cbad 100644 --- a/src/digest.c +++ b/src/digest.c @@ -80,8 +80,8 @@ static struct yaca_digest_context_s *get_digest_context(const yaca_context_h ctx } static int get_digest_output_length(const yaca_context_h ctx, - size_t input_len, - size_t *output_len) + size_t input_len, + size_t *output_len) { assert(output_len != NULL); diff --git a/src/encrypt.c b/src/encrypt.c index 5b0e9f5..f4a21f3 100644 --- a/src/encrypt.c +++ b/src/encrypt.c @@ -320,8 +320,8 @@ int get_wrap_output_length(const yaca_context_h ctx, size_t input_len, size_t *o } static int encrypt_ctx_create(struct yaca_encrypt_context_s **c, - enum encrypt_op_type_e op_type, - const EVP_CIPHER *cipher) + enum encrypt_op_type_e op_type, + const EVP_CIPHER *cipher) { int ret; int mode; @@ -340,8 +340,8 @@ static int encrypt_ctx_create(struct yaca_encrypt_context_s **c, nc->backup_ctx = NULL; nc->ctx.context_destroy = destroy_encrypt_context; nc->ctx.get_output_length = (mode == EVP_CIPH_WRAP_MODE) ? - get_wrap_output_length : - get_encrypt_output_length; + get_wrap_output_length : + get_encrypt_output_length; nc->ctx.set_property = set_encrypt_property; nc->ctx.get_property = get_encrypt_property; nc->op_type = op_type; @@ -374,8 +374,8 @@ exit: } static int encrypt_ctx_init(struct yaca_encrypt_context_s *c, - const EVP_CIPHER *cipher, - size_t key_bit_len) + const EVP_CIPHER *cipher, + size_t key_bit_len) { int ret; @@ -386,11 +386,11 @@ static int encrypt_ctx_init(struct yaca_encrypt_context_s *c, return YACA_ERROR_INVALID_PARAMETER; ret = EVP_CipherInit_ex(c->cipher_ctx, - cipher, - NULL, - NULL, - NULL, - is_encryption_op(c->op_type) ? 1 : 0); + cipher, + NULL, + NULL, + NULL, + is_encryption_op(c->op_type) ? 1 : 0); if (ret != 1) { ret = YACA_ERROR_INTERNAL; ERROR_DUMP(ret); @@ -409,8 +409,8 @@ static int encrypt_ctx_init(struct yaca_encrypt_context_s *c, } static int encrypt_ctx_setup_iv(struct yaca_encrypt_context_s *c, - const EVP_CIPHER *cipher, - const struct yaca_key_simple_s *iv) + const EVP_CIPHER *cipher, + const struct yaca_key_simple_s *iv) { int ret; size_t default_iv_bit_len; @@ -445,10 +445,10 @@ static int encrypt_ctx_setup_iv(struct yaca_encrypt_context_s *c, if (mode == EVP_CIPH_GCM_MODE) { ret = EVP_CIPHER_CTX_ctrl(c->cipher_ctx, EVP_CTRL_GCM_SET_IVLEN, - iv->bit_len / 8, NULL); + iv->bit_len / 8, NULL); } else if (mode == EVP_CIPH_CCM_MODE) { ret = EVP_CIPHER_CTX_ctrl(c->cipher_ctx, EVP_CTRL_CCM_SET_IVLEN, - iv->bit_len / 8, NULL); + iv->bit_len / 8, NULL); } else { return YACA_ERROR_INVALID_PARAMETER; } @@ -462,8 +462,8 @@ static int encrypt_ctx_setup_iv(struct yaca_encrypt_context_s *c, } static int encrypt_ctx_setup(struct yaca_encrypt_context_s *c, - const yaca_key_h key, - const yaca_key_h iv) + const yaca_key_h key, + const yaca_key_h iv) { int ret; unsigned char *iv_data = NULL; @@ -499,11 +499,11 @@ static int encrypt_ctx_setup(struct yaca_encrypt_context_s *c, iv_data = (unsigned char*)liv->d; ret = EVP_CipherInit_ex(c->cipher_ctx, - NULL, - NULL, - (unsigned char*)lkey->d, - iv_data, - is_encryption_op(c->op_type) ? 1 : 0); + NULL, + NULL, + (unsigned char*)lkey->d, + iv_data, + is_encryption_op(c->op_type) ? 1 : 0); if (ret != 1) { ret = YACA_ERROR_INTERNAL; ERROR_DUMP(ret); @@ -514,9 +514,9 @@ static int encrypt_ctx_setup(struct yaca_encrypt_context_s *c, } static int encrypt_ctx_backup(struct yaca_encrypt_context_s *c, - const EVP_CIPHER *cipher, - const yaca_key_h sym_key, - const yaca_key_h iv) + const EVP_CIPHER *cipher, + const yaca_key_h sym_key, + const yaca_key_h iv) { int ret; struct yaca_backup_context_s *bc; @@ -562,7 +562,7 @@ static int encrypt_ctx_restore(struct yaca_encrypt_context_s *c) assert(ret != YACA_ERROR_INVALID_PARAMETER); if (c->backup_ctx->padding == YACA_PADDING_NONE && - EVP_CIPHER_CTX_set_padding(c->cipher_ctx, 0) != 1) { + EVP_CIPHER_CTX_set_padding(c->cipher_ctx, 0) != 1) { ret = YACA_ERROR_INTERNAL; ERROR_DUMP(ret); return ret; @@ -648,9 +648,9 @@ static int encrypt_ctx_set_rc2_effective_key_bits(struct yaca_encrypt_context_s } int set_encrypt_property(yaca_context_h ctx, - yaca_property_e property, - const void *value, - size_t value_len) + yaca_property_e property, + const void *value, + size_t value_len) { struct yaca_encrypt_context_s *c = get_encrypt_context(ctx); int len; @@ -666,7 +666,7 @@ int set_encrypt_property(yaca_context_h ctx, switch (property) { case YACA_PROPERTY_GCM_AAD: if (mode != EVP_CIPH_GCM_MODE || - !verify_state_change(c, ENC_CTX_AAD_UPDATED)) + !verify_state_change(c, ENC_CTX_AAD_UPDATED)) return YACA_ERROR_INVALID_PARAMETER; if (EVP_CipherUpdate(c->cipher_ctx, NULL, &len, value, value_len) != 1) { @@ -677,7 +677,7 @@ int set_encrypt_property(yaca_context_h ctx, break; case YACA_PROPERTY_CCM_AAD: if (mode != EVP_CIPH_CCM_MODE || - !verify_state_change(c, ENC_CTX_AAD_UPDATED)) + !verify_state_change(c, ENC_CTX_AAD_UPDATED)) return YACA_ERROR_INVALID_PARAMETER; if (EVP_CipherUpdate(c->cipher_ctx, NULL, &len, value, value_len) != 1) { @@ -688,8 +688,8 @@ int set_encrypt_property(yaca_context_h ctx, break; case YACA_PROPERTY_GCM_TAG: if (mode != EVP_CIPH_GCM_MODE || is_encryption_op(c->op_type) || - !is_valid_tag_len(mode, value_len) || - !verify_state_change(c, ENC_CTX_TAG_SET)) + !is_valid_tag_len(mode, value_len) || + !verify_state_change(c, ENC_CTX_TAG_SET)) return YACA_ERROR_INVALID_PARAMETER; if (EVP_CIPHER_CTX_ctrl(c->cipher_ctx, EVP_CTRL_GCM_SET_TAG, value_len, (void*)value) != 1) { @@ -700,9 +700,9 @@ int set_encrypt_property(yaca_context_h ctx, break; case YACA_PROPERTY_GCM_TAG_LEN: if (value_len != sizeof(size_t) || mode != EVP_CIPH_GCM_MODE || - !is_encryption_op(c->op_type) || - !is_valid_tag_len(mode, *(size_t*)value) || - !verify_state_change(c, ENC_CTX_TAG_LENGTH_SET)) + !is_encryption_op(c->op_type) || + !is_valid_tag_len(mode, *(size_t*)value) || + !verify_state_change(c, ENC_CTX_TAG_LENGTH_SET)) return YACA_ERROR_INVALID_PARAMETER; c->tag_len = *(size_t*)value; @@ -710,8 +710,8 @@ int set_encrypt_property(yaca_context_h ctx, break; case YACA_PROPERTY_CCM_TAG: if (mode != EVP_CIPH_CCM_MODE || is_encryption_op(c->op_type) || - !is_valid_tag_len(mode, value_len) || - !verify_state_change(c, ENC_CTX_TAG_SET)) + !is_valid_tag_len(mode, value_len) || + !verify_state_change(c, ENC_CTX_TAG_SET)) return YACA_ERROR_INVALID_PARAMETER; ret = encrypt_ctx_set_ccm_tag(c, (char*)value, value_len); @@ -722,9 +722,9 @@ int set_encrypt_property(yaca_context_h ctx, break; case YACA_PROPERTY_CCM_TAG_LEN: if (value_len != sizeof(size_t) || mode != EVP_CIPH_CCM_MODE || - !is_encryption_op(c->op_type) || - !is_valid_tag_len(mode, *(size_t*)value) || - !verify_state_change(c, ENC_CTX_TAG_LENGTH_SET)) + !is_encryption_op(c->op_type) || + !is_valid_tag_len(mode, *(size_t*)value) || + !verify_state_change(c, ENC_CTX_TAG_LENGTH_SET)) return YACA_ERROR_INVALID_PARAMETER; ret = encrypt_ctx_set_ccm_tag_len(c, *(size_t*)value); @@ -735,10 +735,10 @@ int set_encrypt_property(yaca_context_h ctx, break; case YACA_PROPERTY_PADDING: if ((mode != EVP_CIPH_ECB_MODE && mode != EVP_CIPH_CBC_MODE) || - value_len != sizeof(yaca_padding_e) || - (*(yaca_padding_e*)value != YACA_PADDING_NONE && - *(yaca_padding_e*)value != YACA_PADDING_PKCS7) || - c->state == ENC_CTX_FINALIZED) + value_len != sizeof(yaca_padding_e) || + (*(yaca_padding_e*)value != YACA_PADDING_NONE && + *(yaca_padding_e*)value != YACA_PADDING_PKCS7) || + c->state == ENC_CTX_FINALIZED) return YACA_ERROR_INVALID_PARAMETER; int padding = *(yaca_padding_e*)value == YACA_PADDING_NONE ? 0 : 1; @@ -751,8 +751,8 @@ int set_encrypt_property(yaca_context_h ctx, break; case YACA_PROPERTY_RC2_EFFECTIVE_KEY_BITS: if (value_len != sizeof(size_t) || - (nid != NID_rc2_cbc && nid != NID_rc2_ecb && nid != NID_rc2_cfb64 && nid != NID_rc2_ofb64) || - c->state != ENC_CTX_INITIALIZED) + (nid != NID_rc2_cbc && nid != NID_rc2_ecb && nid != NID_rc2_cfb64 && nid != NID_rc2_ofb64) || + c->state != ENC_CTX_INITIALIZED) return YACA_ERROR_INVALID_PARAMETER; ret = encrypt_ctx_set_rc2_effective_key_bits(c, *(size_t*)value); @@ -765,7 +765,7 @@ int set_encrypt_property(yaca_context_h ctx, } int get_encrypt_property(const yaca_context_h ctx, yaca_property_e property, - void **value, size_t *value_len) + void **value, size_t *value_len) { struct yaca_encrypt_context_s *c = get_encrypt_context(ctx); int mode; @@ -779,17 +779,17 @@ int get_encrypt_property(const yaca_context_h ctx, yaca_property_e property, switch (property) { case YACA_PROPERTY_GCM_TAG: if (value_len == NULL || - !is_encryption_op(c->op_type) || - mode != EVP_CIPH_GCM_MODE || - (c->state != ENC_CTX_TAG_LENGTH_SET && c->state != ENC_CTX_FINALIZED)) + !is_encryption_op(c->op_type) || + mode != EVP_CIPH_GCM_MODE || + (c->state != ENC_CTX_TAG_LENGTH_SET && c->state != ENC_CTX_FINALIZED)) return YACA_ERROR_INVALID_PARAMETER; assert(c->tag_len <= INT_MAX); if (EVP_CIPHER_CTX_ctrl(c->cipher_ctx, - EVP_CTRL_GCM_GET_TAG, - c->tag_len, - value) != 1) { + EVP_CTRL_GCM_GET_TAG, + c->tag_len, + value) != 1) { ERROR_DUMP(YACA_ERROR_INTERNAL); return YACA_ERROR_INTERNAL; } @@ -797,17 +797,17 @@ int get_encrypt_property(const yaca_context_h ctx, yaca_property_e property, break; case YACA_PROPERTY_CCM_TAG: if (value_len == NULL || - !is_encryption_op(c->op_type) || - mode != EVP_CIPH_CCM_MODE || - c->state != ENC_CTX_FINALIZED) + !is_encryption_op(c->op_type) || + mode != EVP_CIPH_CCM_MODE || + c->state != ENC_CTX_FINALIZED) return YACA_ERROR_INVALID_PARAMETER; assert(c->tag_len <= INT_MAX); if (EVP_CIPHER_CTX_ctrl(c->cipher_ctx, - EVP_CTRL_CCM_GET_TAG, - c->tag_len, - value) != 1) { + EVP_CTRL_CCM_GET_TAG, + c->tag_len, + value) != 1) { ERROR_DUMP(YACA_ERROR_INTERNAL); return YACA_ERROR_INTERNAL; } @@ -829,8 +829,8 @@ static int check_key_bit_length_for_algo(yaca_encrypt_algorithm_e algo, size_t k switch (algo) { case YACA_ENCRYPT_AES: if (key_bit_len != YACA_KEY_LENGTH_UNSAFE_128BIT && - key_bit_len != YACA_KEY_LENGTH_192BIT && - key_bit_len != YACA_KEY_LENGTH_256BIT) + key_bit_len != YACA_KEY_LENGTH_192BIT && + key_bit_len != YACA_KEY_LENGTH_256BIT) ret = YACA_ERROR_INVALID_PARAMETER; break; case YACA_ENCRYPT_UNSAFE_DES: @@ -866,9 +866,9 @@ static int check_key_bit_length_for_algo(yaca_encrypt_algorithm_e algo, size_t k } int encrypt_get_algorithm(yaca_encrypt_algorithm_e algo, - yaca_block_cipher_mode_e bcm, - size_t key_bit_len, - const EVP_CIPHER **cipher) + yaca_block_cipher_mode_e bcm, + size_t key_bit_len, + const EVP_CIPHER **cipher) { int ret; size_t i; @@ -884,9 +884,9 @@ int encrypt_get_algorithm(yaca_encrypt_algorithm_e algo, for (i = 0; i < ENCRYPTION_CIPHERS_SIZE; ++i) if (ENCRYPTION_CIPHERS[i].algo == algo && - ENCRYPTION_CIPHERS[i].bcm == bcm && - (ENCRYPTION_CIPHERS[i].key_bit_len == key_bit_len || - ENCRYPTION_CIPHERS[i].key_bit_len == (size_t)-1)) { + ENCRYPTION_CIPHERS[i].bcm == bcm && + (ENCRYPTION_CIPHERS[i].key_bit_len == key_bit_len || + ENCRYPTION_CIPHERS[i].key_bit_len == (size_t)-1)) { *cipher = ENCRYPTION_CIPHERS[i].cipher(); ret = YACA_ERROR_NONE; break; @@ -901,10 +901,10 @@ int encrypt_get_algorithm(yaca_encrypt_algorithm_e algo, } int encrypt_initialize(yaca_context_h *ctx, - const EVP_CIPHER *cipher, - const yaca_key_h sym_key, - const yaca_key_h iv, - enum encrypt_op_type_e op_type) + const EVP_CIPHER *cipher, + const yaca_key_h sym_key, + const yaca_key_h iv, + enum encrypt_op_type_e op_type) { struct yaca_encrypt_context_s *nc; struct yaca_key_simple_s *lsym_key; @@ -918,7 +918,7 @@ int encrypt_initialize(yaca_context_h *ctx, return YACA_ERROR_INVALID_PARAMETER; if (lsym_key->key.type != YACA_KEY_TYPE_DES && - lsym_key->key.type != YACA_KEY_TYPE_SYMMETRIC) + lsym_key->key.type != YACA_KEY_TYPE_SYMMETRIC) return YACA_ERROR_INVALID_PARAMETER; ret = encrypt_ctx_create(&nc, op_type, cipher); @@ -936,7 +936,7 @@ int encrypt_initialize(yaca_context_h *ctx, int mode = EVP_CIPHER_CTX_mode(nc->cipher_ctx); int nid = EVP_CIPHER_CTX_nid(nc->cipher_ctx); if (mode == EVP_CIPH_CCM_MODE || - nid == NID_rc2_cbc || nid == NID_rc2_ecb || nid == NID_rc2_cfb64 || nid == NID_rc2_ofb64) { + nid == NID_rc2_cbc || nid == NID_rc2_ecb || nid == NID_rc2_cfb64 || nid == NID_rc2_ofb64) { ret = encrypt_ctx_backup(nc, cipher, sym_key, iv); if (ret != YACA_ERROR_NONE) goto exit; @@ -955,9 +955,9 @@ exit: } int encrypt_update(yaca_context_h ctx, - const unsigned char *input, size_t input_len, - unsigned char *output, size_t *output_len, - enum encrypt_op_type_e op_type) + const unsigned char *input, size_t input_len, + unsigned char *output, size_t *output_len, + enum encrypt_op_type_e op_type) { struct yaca_encrypt_context_s *c = get_encrypt_context(ctx); int ret; @@ -989,7 +989,7 @@ int encrypt_update(yaca_context_h ctx, return YACA_ERROR_INVALID_PARAMETER; } else if (nid == NID_id_smime_alg_CMS3DESwrap) { if (input_len != (YACA_KEY_LENGTH_UNSAFE_128BIT / 8) && - input_len != (YACA_KEY_LENGTH_192BIT / 8)) + input_len != (YACA_KEY_LENGTH_192BIT / 8)) return YACA_ERROR_INVALID_PARAMETER; } else { assert(false); @@ -1001,7 +1001,7 @@ int encrypt_update(yaca_context_h ctx, return YACA_ERROR_INVALID_PARAMETER; } else if (nid == NID_id_smime_alg_CMS3DESwrap) { if (input_len != (YACA_KEY_LENGTH_UNSAFE_128BIT / 8 + 16) && - input_len != (YACA_KEY_LENGTH_192BIT / 8 + 16)) + input_len != (YACA_KEY_LENGTH_192BIT / 8 + 16)) return YACA_ERROR_INVALID_PARAMETER; } else { assert(false); @@ -1048,8 +1048,8 @@ int encrypt_update(yaca_context_h ctx, } int encrypt_finalize(yaca_context_h ctx, - unsigned char *output, size_t *output_len, - enum encrypt_op_type_e op_type) + unsigned char *output, size_t *output_len, + enum encrypt_op_type_e op_type) { struct yaca_encrypt_context_s *c = get_encrypt_context(ctx); int ret; @@ -1088,9 +1088,9 @@ int encrypt_finalize(yaca_context_h ctx, } API int yaca_encrypt_get_iv_bit_length(yaca_encrypt_algorithm_e algo, - yaca_block_cipher_mode_e bcm, - size_t key_bit_len, - size_t *iv_bit_len) + yaca_block_cipher_mode_e bcm, + size_t key_bit_len, + size_t *iv_bit_len) { const EVP_CIPHER *cipher; int ret; @@ -1113,10 +1113,10 @@ API int yaca_encrypt_get_iv_bit_length(yaca_encrypt_algorithm_e algo, } API int yaca_encrypt_initialize(yaca_context_h *ctx, - yaca_encrypt_algorithm_e algo, - yaca_block_cipher_mode_e bcm, - const yaca_key_h sym_key, - const yaca_key_h iv) + yaca_encrypt_algorithm_e algo, + yaca_block_cipher_mode_e bcm, + const yaca_key_h sym_key, + const yaca_key_h iv) { int ret; const EVP_CIPHER *cipher; @@ -1133,27 +1133,27 @@ API int yaca_encrypt_initialize(yaca_context_h *ctx, } API int yaca_encrypt_update(yaca_context_h ctx, - const char *plaintext, - size_t plaintext_len, - char *ciphertext, - size_t *ciphertext_len) + const char *plaintext, + size_t plaintext_len, + char *ciphertext, + size_t *ciphertext_len) { return encrypt_update(ctx, (const unsigned char*)plaintext, plaintext_len, - (unsigned char*)ciphertext, ciphertext_len, OP_ENCRYPT); + (unsigned char*)ciphertext, ciphertext_len, OP_ENCRYPT); } API int yaca_encrypt_finalize(yaca_context_h ctx, - char *ciphertext, - size_t *ciphertext_len) + char *ciphertext, + size_t *ciphertext_len) { return encrypt_finalize(ctx, (unsigned char*)ciphertext, ciphertext_len, OP_ENCRYPT); } API int yaca_decrypt_initialize(yaca_context_h *ctx, - yaca_encrypt_algorithm_e algo, - yaca_block_cipher_mode_e bcm, - const yaca_key_h sym_key, - const yaca_key_h iv) + yaca_encrypt_algorithm_e algo, + yaca_block_cipher_mode_e bcm, + const yaca_key_h sym_key, + const yaca_key_h iv) { int ret; const EVP_CIPHER *cipher; @@ -1170,18 +1170,18 @@ API int yaca_decrypt_initialize(yaca_context_h *ctx, } API int yaca_decrypt_update(yaca_context_h ctx, - const char *ciphertext, - size_t ciphertext_len, - char *plaintext, - size_t *plaintext_len) + const char *ciphertext, + size_t ciphertext_len, + char *plaintext, + size_t *plaintext_len) { return encrypt_update(ctx, (const unsigned char*)ciphertext, ciphertext_len, - (unsigned char*)plaintext, plaintext_len, OP_DECRYPT); + (unsigned char*)plaintext, plaintext_len, OP_DECRYPT); } API int yaca_decrypt_finalize(yaca_context_h ctx, - char *plaintext, - size_t *plaintext_len) + char *plaintext, + size_t *plaintext_len) { return encrypt_finalize(ctx, (unsigned char*)plaintext, plaintext_len, OP_DECRYPT); } diff --git a/src/internal.h b/src/internal.h index 4bae2aa..ac8062b 100644 --- a/src/internal.h +++ b/src/internal.h @@ -85,9 +85,9 @@ struct yaca_context_s { void (*context_destroy)(const yaca_context_h ctx); int (*get_output_length)(const yaca_context_h ctx, size_t input_len, size_t *output_len); int (*set_property)(yaca_context_h ctx, yaca_property_e property, - const void *value, size_t value_len); + const void *value, size_t value_len); int (*get_property)(const yaca_context_h ctx, yaca_property_e property, - void **value, size_t *value_len); + void **value, size_t *value_len); }; struct yaca_backup_context_s { @@ -172,30 +172,30 @@ void destroy_encrypt_context(const yaca_context_h ctx); int get_encrypt_output_length(const yaca_context_h ctx, size_t input_len, size_t *output_len); int set_encrypt_property(yaca_context_h ctx, yaca_property_e property, - const void *value, size_t value_len); + const void *value, size_t value_len); int get_encrypt_property(const yaca_context_h ctx, yaca_property_e property, - void **value, size_t *value_len); + void **value, size_t *value_len); int encrypt_get_algorithm(yaca_encrypt_algorithm_e algo, - yaca_block_cipher_mode_e bcm, - size_t key_bit_len, - const EVP_CIPHER **cipher); + yaca_block_cipher_mode_e bcm, + size_t key_bit_len, + const EVP_CIPHER **cipher); int encrypt_initialize(yaca_context_h *ctx, - const EVP_CIPHER *cipher, - const yaca_key_h sym_key, - const yaca_key_h iv, - enum encrypt_op_type_e op_type); + const EVP_CIPHER *cipher, + const yaca_key_h sym_key, + const yaca_key_h iv, + enum encrypt_op_type_e op_type); int encrypt_update(yaca_context_h ctx, - const unsigned char *input, size_t input_len, - unsigned char *output, size_t *output_len, - enum encrypt_op_type_e op_type); + const unsigned char *input, size_t input_len, + unsigned char *output, size_t *output_len, + enum encrypt_op_type_e op_type); int encrypt_finalize(yaca_context_h ctx, - unsigned char *output, size_t *output_len, - enum encrypt_op_type_e op_type); + unsigned char *output, size_t *output_len, + enum encrypt_op_type_e op_type); struct yaca_key_simple_s *key_get_simple(const yaca_key_h key); struct yaca_key_evp_s *key_get_evp(const yaca_key_h key); diff --git a/src/key.c b/src/key.c index 404840a..a9fdfef 100644 --- a/src/key.c +++ b/src/key.c @@ -246,9 +246,9 @@ exit: } static int import_simple(yaca_key_h *key, - yaca_key_type_e key_type, - const char *data, - size_t data_len) + yaca_key_type_e key_type, + const char *data, + size_t data_len) { assert(key != NULL); assert(data != NULL); @@ -289,8 +289,8 @@ static int import_simple(yaca_key_h *key, if (key_type == YACA_KEY_TYPE_DES) { size_t key_bit_len = key_data_len * 8; if (key_bit_len != YACA_KEY_LENGTH_UNSAFE_64BIT && - key_bit_len != YACA_KEY_LENGTH_UNSAFE_128BIT && - key_bit_len != YACA_KEY_LENGTH_192BIT) { + key_bit_len != YACA_KEY_LENGTH_UNSAFE_128BIT && + key_bit_len != YACA_KEY_LENGTH_192BIT) { ret = YACA_ERROR_INVALID_PARAMETER; goto exit; } @@ -405,10 +405,10 @@ exit: } static int import_evp(yaca_key_h *key, - yaca_key_type_e key_type, - const char *password, - const char *data, - size_t data_len) + yaca_key_type_e key_type, + const char *password, + const char *data, + size_t data_len) { assert(key != NULL); assert(password == NULL || password[0] != '\0'); @@ -594,7 +594,7 @@ static int import_evp(yaca_key_h *key, } if ((key_type == YACA_KEY_TYPE_RSA_PRIV || key_type == YACA_KEY_TYPE_RSA_PUB) && - (EVP_PKEY_size(pkey) < YACA_KEY_LENGTH_512BIT / 8)) { + (EVP_PKEY_size(pkey) < YACA_KEY_LENGTH_512BIT / 8)) { ret = YACA_ERROR_INVALID_PARAMETER; goto exit; } @@ -617,8 +617,8 @@ exit: } static int export_simple_raw(struct yaca_key_simple_s *simple_key, - char **data, - size_t *data_len) + char **data, + size_t *data_len) { int ret; assert(simple_key != NULL); @@ -640,8 +640,8 @@ static int export_simple_raw(struct yaca_key_simple_s *simple_key, } static int export_simple_base64(struct yaca_key_simple_s *simple_key, - char **data, - size_t *data_len) + char **data, + size_t *data_len) { assert(simple_key != NULL); assert(data != NULL); @@ -707,9 +707,9 @@ exit: } static int export_evp_default_bio(struct yaca_key_evp_s *evp_key, - yaca_key_file_format_e key_file_fmt, - const char *password, - BIO *mem) + yaca_key_file_format_e key_file_fmt, + const char *password, + BIO *mem) { assert(evp_key != NULL); assert(password == NULL || password[0] != '\0'); @@ -731,7 +731,7 @@ static int export_evp_default_bio(struct yaca_key_evp_s *evp_key, case YACA_KEY_TYPE_DH_PRIV: case YACA_KEY_TYPE_EC_PRIV: ret = PEM_write_bio_PrivateKey(mem, evp_key->evp, enc, - NULL, 0, NULL, (void*)password); + NULL, 0, NULL, (void*)password); break; case YACA_KEY_TYPE_RSA_PUB: @@ -811,9 +811,9 @@ static int export_evp_default_bio(struct yaca_key_evp_s *evp_key, } static int export_evp_pkcs8_bio(struct yaca_key_evp_s *evp_key, - yaca_key_file_format_e key_file_fmt, - const char *password, - BIO *mem) + yaca_key_file_format_e key_file_fmt, + const char *password, + BIO *mem) { assert(evp_key != NULL); assert(password == NULL || password[0] != '\0'); @@ -836,7 +836,7 @@ static int export_evp_pkcs8_bio(struct yaca_key_evp_s *evp_key, case YACA_KEY_TYPE_DH_PRIV: case YACA_KEY_TYPE_EC_PRIV: ret = PEM_write_bio_PKCS8PrivateKey(mem, evp_key->evp, enc, - NULL, 0, NULL, (void*)password); + NULL, 0, NULL, (void*)password); break; default: @@ -853,7 +853,7 @@ static int export_evp_pkcs8_bio(struct yaca_key_evp_s *evp_key, case YACA_KEY_TYPE_DH_PRIV: case YACA_KEY_TYPE_EC_PRIV: ret = i2d_PKCS8PrivateKey_bio(mem, evp_key->evp, enc, - NULL, 0, NULL, (void*)password); + NULL, 0, NULL, (void*)password); break; default: @@ -876,11 +876,11 @@ static int export_evp_pkcs8_bio(struct yaca_key_evp_s *evp_key, } static int export_evp(struct yaca_key_evp_s *evp_key, - yaca_key_format_e key_fmt, - yaca_key_file_format_e key_file_fmt, - const char *password, - char **data, - size_t *data_len) + yaca_key_format_e key_fmt, + yaca_key_file_format_e key_file_fmt, + const char *password, + char **data, + size_t *data_len) { assert(evp_key != NULL); assert(password == NULL || password[0] != '\0'); @@ -972,8 +972,8 @@ static int generate_simple_des(struct yaca_key_simple_s **out, size_t key_bit_le assert(out != NULL); if (key_bit_len != YACA_KEY_LENGTH_UNSAFE_64BIT && - key_bit_len != YACA_KEY_LENGTH_UNSAFE_128BIT && - key_bit_len != YACA_KEY_LENGTH_192BIT) + key_bit_len != YACA_KEY_LENGTH_UNSAFE_128BIT && + key_bit_len != YACA_KEY_LENGTH_192BIT) return YACA_ERROR_INVALID_PARAMETER; int ret; @@ -1037,7 +1037,7 @@ static int generate_evp_pkey_params(int evp_id, size_t key_bit_len, EVP_PKEY **p switch (evp_id) { case EVP_PKEY_DSA: if ((key_bit_len & YACA_KEYLEN_COMPONENT_TYPE_MASK) != YACA_KEYLEN_COMPONENT_TYPE_BITS || - key_bit_len > INT_MAX || key_bit_len < 512 || key_bit_len % 64 != 0) + key_bit_len > INT_MAX || key_bit_len < 512 || key_bit_len % 64 != 0) return YACA_ERROR_INVALID_PARAMETER; bit_len = key_bit_len; @@ -1113,7 +1113,7 @@ static int generate_evp_pkey_params(int evp_id, size_t key_bit_len, EVP_PKEY **p * fact that the _set_dh_ variant actually passes EVP_PKEY_DHX: * ret = EVP_PKEY_CTX_set_dh_rfc5114(pctx, dh_rfc5114); */ ret = EVP_PKEY_CTX_ctrl(pctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN, - EVP_PKEY_CTRL_DH_RFC5114, dh_rfc5114, NULL); + EVP_PKEY_CTRL_DH_RFC5114, dh_rfc5114, NULL); } else { ret = EVP_PKEY_CTX_set_dh_paramgen_prime_len(pctx, dh_prime_len); if (ret == 1) @@ -1191,7 +1191,7 @@ static int generate_evp_pkey_key(int evp_id, size_t key_bit_len, EVP_PKEY *param if (evp_id == EVP_PKEY_RSA) { if ((key_bit_len & YACA_KEYLEN_COMPONENT_TYPE_MASK) != YACA_KEYLEN_COMPONENT_TYPE_BITS || - key_bit_len > INT_MAX || key_bit_len < 512 || key_bit_len % 8 != 0) { + key_bit_len > INT_MAX || key_bit_len < 512 || key_bit_len % 8 != 0) { ret = YACA_ERROR_INVALID_PARAMETER; goto exit; } @@ -1219,7 +1219,7 @@ exit: } static int generate_evp(yaca_key_type_e out_type, size_t key_bit_len, - struct yaca_key_evp_s *params, struct yaca_key_evp_s **out) + struct yaca_key_evp_s *params, struct yaca_key_evp_s **out) { assert(out != NULL); assert(key_bit_len > 0 || params != NULL); @@ -1459,10 +1459,10 @@ API int yaca_key_get_bit_length(const yaca_key_h key, size_t *key_bit_len) } API int yaca_key_import(yaca_key_type_e key_type, - const char *password, - const char *data, - size_t data_len, - yaca_key_h *key) + const char *password, + const char *data, + size_t data_len, + yaca_key_h *key) { if (key == NULL || data == NULL || data_len == 0) return YACA_ERROR_INVALID_PARAMETER; @@ -1496,11 +1496,11 @@ API int yaca_key_import(yaca_key_type_e key_type, } API int yaca_key_export(const yaca_key_h key, - yaca_key_format_e key_fmt, - yaca_key_file_format_e key_file_fmt, - const char *password, - char **data, - size_t *data_len) + yaca_key_format_e key_fmt, + yaca_key_file_format_e key_file_fmt, + const char *password, + char **data, + size_t *data_len) { struct yaca_key_simple_s *simple_key = key_get_simple(key); struct yaca_key_evp_s *evp_key = key_get_evp(key); @@ -1516,25 +1516,25 @@ API int yaca_key_export(const yaca_key_h key, return YACA_ERROR_INVALID_PARAMETER; if (key_fmt == YACA_KEY_FORMAT_DEFAULT && - key_file_fmt == YACA_KEY_FILE_FORMAT_RAW && - simple_key != NULL) + key_file_fmt == YACA_KEY_FILE_FORMAT_RAW && + simple_key != NULL) return export_simple_raw(simple_key, data, data_len); if (key_fmt == YACA_KEY_FORMAT_DEFAULT && - key_file_fmt == YACA_KEY_FILE_FORMAT_BASE64 && - simple_key != NULL) + key_file_fmt == YACA_KEY_FILE_FORMAT_BASE64 && + simple_key != NULL) return export_simple_base64(simple_key, data, data_len); if (evp_key != NULL) return export_evp(evp_key, key_fmt, key_file_fmt, - password, data, data_len); + password, data, data_len); return YACA_ERROR_INVALID_PARAMETER; } API int yaca_key_generate(yaca_key_type_e key_type, - size_t key_bit_len, - yaca_key_h *key) + size_t key_bit_len, + yaca_key_h *key) { int ret; struct yaca_key_simple_s *nk_simple = NULL; @@ -1758,9 +1758,9 @@ API void yaca_key_destroy(yaca_key_h key) } API int yaca_key_derive_dh(const yaca_key_h prv_key, - const yaca_key_h pub_key, - char **secret, - size_t *secret_len) + const yaca_key_h pub_key, + char **secret, + size_t *secret_len) { int ret; struct yaca_key_evp_s *lprv_key = key_get_evp(prv_key); @@ -1770,11 +1770,11 @@ API int yaca_key_derive_dh(const yaca_key_h prv_key, size_t data_len; if (lprv_key == NULL || lpub_key == NULL || secret == NULL || secret_len == NULL || - (!(lprv_key->key.type == YACA_KEY_TYPE_DH_PRIV && - lpub_key->key.type == YACA_KEY_TYPE_DH_PUB) - && - !(lprv_key->key.type == YACA_KEY_TYPE_EC_PRIV && - lpub_key->key.type == YACA_KEY_TYPE_EC_PUB))) + (!(lprv_key->key.type == YACA_KEY_TYPE_DH_PRIV && + lpub_key->key.type == YACA_KEY_TYPE_DH_PUB) + && + !(lprv_key->key.type == YACA_KEY_TYPE_EC_PRIV && + lpub_key->key.type == YACA_KEY_TYPE_EC_PUB))) return YACA_ERROR_INVALID_PARAMETER; ctx = EVP_PKEY_CTX_new(lprv_key->evp, NULL); @@ -1833,21 +1833,21 @@ exit: } API int yaca_key_derive_kdf(yaca_kdf_e kdf, - yaca_digest_algorithm_e algo, - const char *secret, - size_t secret_len, - const char *info, - size_t info_len, - size_t key_material_len, - char **key_material) + yaca_digest_algorithm_e algo, + const char *secret, + size_t secret_len, + const char *info, + size_t info_len, + size_t key_material_len, + char **key_material) { int ret; char *out = NULL; const EVP_MD *md; if (secret == NULL || secret_len == 0 || - (info == NULL && info_len > 0) || (info != NULL && info_len == 0) || - key_material_len == 0 || key_material == NULL) + (info == NULL && info_len > 0) || (info != NULL && info_len == 0) || + key_material_len == 0 || key_material == NULL) return YACA_ERROR_INVALID_PARAMETER; ret = yaca_zalloc(key_material_len, (void**)&out); @@ -1861,8 +1861,8 @@ API int yaca_key_derive_kdf(yaca_kdf_e kdf, switch (kdf) { case YACA_KDF_X942: ret = DH_KDF_X9_42((unsigned char*)out, key_material_len, - (unsigned char*)secret, secret_len, - OBJ_nid2obj(NID_id_smime_alg_ESDH), (unsigned char*)info, info_len, md); + (unsigned char*)secret, secret_len, + OBJ_nid2obj(NID_id_smime_alg_ESDH), (unsigned char*)info, info_len, md); if (ret != 1 || out == NULL) { ret = YACA_ERROR_INTERNAL; ERROR_DUMP(ret); @@ -1871,8 +1871,8 @@ API int yaca_key_derive_kdf(yaca_kdf_e kdf, break; case YACA_KDF_X962: ret = ECDH_KDF_X9_62((unsigned char*)out, key_material_len, - (unsigned char*)secret, secret_len, - (unsigned char*)info, info_len, md); + (unsigned char*)secret, secret_len, + (unsigned char*)info, info_len, md); if (ret != 1 || out == NULL) { ret = YACA_ERROR_INTERNAL; ERROR_DUMP(ret); @@ -1894,12 +1894,12 @@ exit: } API int yaca_key_derive_pbkdf2(const char *password, - const char *salt, - size_t salt_len, - size_t iterations, - yaca_digest_algorithm_e algo, - size_t key_bit_len, - yaca_key_h *key) + const char *salt, + size_t salt_len, + size_t iterations, + yaca_digest_algorithm_e algo, + size_t key_bit_len, + yaca_key_h *key) { const EVP_MD *md; struct yaca_key_simple_s *nk; @@ -1907,8 +1907,8 @@ API int yaca_key_derive_pbkdf2(const char *password, int ret; if (password == NULL || - (salt == NULL && salt_len > 0) || (salt != NULL && salt_len == 0) || - iterations == 0 || key_bit_len == 0 || key == NULL) + (salt == NULL && salt_len > 0) || (salt != NULL && salt_len == 0) || + iterations == 0 || key_bit_len == 0 || key == NULL) return YACA_ERROR_INVALID_PARAMETER; if (key_bit_len % 8) /* Key length must be multiple of 8-bit_len */ @@ -1929,8 +1929,8 @@ API int yaca_key_derive_pbkdf2(const char *password, nk->key.type = YACA_KEY_TYPE_SYMMETRIC; ret = PKCS5_PBKDF2_HMAC(password, -1, (const unsigned char*)salt, - salt_len, iterations, md, key_byte_len, - (unsigned char*)nk->d); + salt_len, iterations, md, key_byte_len, + (unsigned char*)nk->d); if (ret != 1) { ret = YACA_ERROR_INTERNAL; ERROR_DUMP(ret); diff --git a/src/rsa.c b/src/rsa.c index 436c3b9..7fbb6e4 100644 --- a/src/rsa.c +++ b/src/rsa.c @@ -57,12 +57,12 @@ int rsa_padding2openssl(yaca_padding_e padding) typedef int (*encrypt_decrypt_fn)(int, const unsigned char*, unsigned char*, RSA*, int); static int encrypt_decrypt(yaca_padding_e padding, - const yaca_key_h key, - const char *input, - size_t input_len, - char **output, - size_t *output_len, - encrypt_decrypt_fn fn) + const yaca_key_h key, + const char *input, + size_t input_len, + char **output, + size_t *output_len, + encrypt_decrypt_fn fn) { int ret; size_t max_len; @@ -71,7 +71,7 @@ static int encrypt_decrypt(yaca_padding_e padding, int lpadding; if ((input == NULL && input_len > 0) || (input != NULL && input_len == 0) || - output == NULL || output_len == NULL) + output == NULL || output_len == NULL) return YACA_ERROR_INVALID_PARAMETER; lpadding = rsa_padding2openssl(padding); @@ -94,10 +94,10 @@ static int encrypt_decrypt(yaca_padding_e padding, return ret; ret = fn(input_len, - (const unsigned char*)input, - (unsigned char*)loutput, - EVP_PKEY_get0_RSA(lasym_key->evp), - lpadding); + (const unsigned char*)input, + (unsigned char*)loutput, + EVP_PKEY_get0_RSA(lasym_key->evp), + lpadding); if (ret < 0) { ret = ERROR_HANDLE(); @@ -121,11 +121,11 @@ exit: API int yaca_rsa_public_encrypt(yaca_padding_e padding, - const yaca_key_h pub_key, - const char *plaintext, - size_t plaintext_len, - char **ciphertext, - size_t *ciphertext_len) + const yaca_key_h pub_key, + const char *plaintext, + size_t plaintext_len, + char **ciphertext, + size_t *ciphertext_len) { if (pub_key == YACA_KEY_NULL || pub_key->type != YACA_KEY_TYPE_RSA_PUB) return YACA_ERROR_INVALID_PARAMETER; @@ -141,20 +141,20 @@ API int yaca_rsa_public_encrypt(yaca_padding_e padding, } return encrypt_decrypt(padding, - pub_key, - plaintext, - plaintext_len, - ciphertext, - ciphertext_len, - RSA_public_encrypt); + pub_key, + plaintext, + plaintext_len, + ciphertext, + ciphertext_len, + RSA_public_encrypt); } API int yaca_rsa_private_decrypt(yaca_padding_e padding, - const yaca_key_h prv_key, - const char *ciphertext, - size_t ciphertext_len, - char **plaintext, - size_t *plaintext_len) + const yaca_key_h prv_key, + const char *ciphertext, + size_t ciphertext_len, + char **plaintext, + size_t *plaintext_len) { if (prv_key == YACA_KEY_NULL || prv_key->type != YACA_KEY_TYPE_RSA_PRIV) return YACA_ERROR_INVALID_PARAMETER; @@ -170,20 +170,20 @@ API int yaca_rsa_private_decrypt(yaca_padding_e padding, } return encrypt_decrypt(padding, - prv_key, - ciphertext, - ciphertext_len, - plaintext, - plaintext_len, - RSA_private_decrypt); + prv_key, + ciphertext, + ciphertext_len, + plaintext, + plaintext_len, + RSA_private_decrypt); } API int yaca_rsa_private_encrypt(yaca_padding_e padding, - const yaca_key_h prv_key, - const char *plaintext, - size_t plaintext_len, - char **ciphertext, - size_t *ciphertext_len) + const yaca_key_h prv_key, + const char *plaintext, + size_t plaintext_len, + char **ciphertext, + size_t *ciphertext_len) { if (prv_key == YACA_KEY_NULL || prv_key->type != YACA_KEY_TYPE_RSA_PRIV) return YACA_ERROR_INVALID_PARAMETER; @@ -197,20 +197,20 @@ API int yaca_rsa_private_encrypt(yaca_padding_e padding, } return encrypt_decrypt(padding, - prv_key, - plaintext, - plaintext_len, - ciphertext, - ciphertext_len, - RSA_private_encrypt); + prv_key, + plaintext, + plaintext_len, + ciphertext, + ciphertext_len, + RSA_private_encrypt); } API int yaca_rsa_public_decrypt(yaca_padding_e padding, - const yaca_key_h pub_key, - const char *ciphertext, - size_t ciphertext_len, - char **plaintext, - size_t *plaintext_len) + const yaca_key_h pub_key, + const char *ciphertext, + size_t ciphertext_len, + char **plaintext, + size_t *plaintext_len) { if (pub_key == YACA_KEY_NULL || pub_key->type != YACA_KEY_TYPE_RSA_PUB) return YACA_ERROR_INVALID_PARAMETER; @@ -224,10 +224,10 @@ API int yaca_rsa_public_decrypt(yaca_padding_e padding, } return encrypt_decrypt(padding, - pub_key, - ciphertext, - ciphertext_len, - plaintext, - plaintext_len, - RSA_public_decrypt); + pub_key, + ciphertext, + ciphertext_len, + plaintext, + plaintext_len, + RSA_public_decrypt); } diff --git a/src/seal.c b/src/seal.c index f9b16a4..a7c3b50 100644 --- a/src/seal.c +++ b/src/seal.c @@ -35,14 +35,14 @@ #include "internal.h" static int seal_generate_sym_key(yaca_encrypt_algorithm_e algo, - size_t sym_key_bit_len, - yaca_key_h *sym_key) + size_t sym_key_bit_len, + yaca_key_h *sym_key) { assert(sym_key != NULL); if (algo == YACA_ENCRYPT_3DES_3TDEA || - algo == YACA_ENCRYPT_UNSAFE_3DES_2TDEA || - algo == YACA_ENCRYPT_UNSAFE_DES) + algo == YACA_ENCRYPT_UNSAFE_3DES_2TDEA || + algo == YACA_ENCRYPT_UNSAFE_DES) return yaca_key_generate(YACA_KEY_TYPE_DES, sym_key_bit_len, sym_key); else return yaca_key_generate(YACA_KEY_TYPE_SYMMETRIC, sym_key_bit_len, sym_key); @@ -74,8 +74,8 @@ static int seal_generate_iv(const EVP_CIPHER *cipher, yaca_key_h *iv) /* used for asymmetric encryption and decryption */ static int seal_encrypt_decrypt_key(const yaca_key_h asym_key, - const yaca_key_h in_key, - yaca_key_h *out_key) + const yaca_key_h in_key, + yaca_key_h *out_key) { int ret; const struct yaca_key_evp_s *lasym_key; @@ -112,14 +112,14 @@ static int seal_encrypt_decrypt_key(const yaca_key_h asym_key, if (asym_key->type == YACA_KEY_TYPE_RSA_PRIV) ret = EVP_PKEY_decrypt_old((unsigned char*)lout_key->d, - (unsigned char*)lin_key->d, - lin_key->bit_len / 8, - lasym_key->evp); + (unsigned char*)lin_key->d, + lin_key->bit_len / 8, + lasym_key->evp); else ret = EVP_PKEY_encrypt_old((unsigned char*)lout_key->d, - (unsigned char*)lin_key->d, - lin_key->bit_len / 8, - lasym_key->evp); + (unsigned char*)lin_key->d, + lin_key->bit_len / 8, + lasym_key->evp); if (ret <= 0) { ret = ERROR_HANDLE(); @@ -143,12 +143,12 @@ exit: } API int yaca_seal_initialize(yaca_context_h *ctx, - const yaca_key_h pub_key, - yaca_encrypt_algorithm_e algo, - yaca_block_cipher_mode_e bcm, - size_t sym_key_bit_len, - yaca_key_h *sym_key, - yaca_key_h *iv) + const yaca_key_h pub_key, + yaca_encrypt_algorithm_e algo, + yaca_block_cipher_mode_e bcm, + size_t sym_key_bit_len, + yaca_key_h *sym_key, + yaca_key_h *iv) { int ret; const EVP_CIPHER *cipher; @@ -157,7 +157,7 @@ API int yaca_seal_initialize(yaca_context_h *ctx, yaca_key_h lenc_sym_key = YACA_KEY_NULL; if (pub_key == YACA_KEY_NULL || pub_key->type != YACA_KEY_TYPE_RSA_PUB || - sym_key == NULL || bcm == YACA_BCM_WRAP || sym_key_bit_len % 8 != 0) + sym_key == NULL || bcm == YACA_BCM_WRAP || sym_key_bit_len % 8 != 0) return YACA_ERROR_INVALID_PARAMETER; ret = encrypt_get_algorithm(algo, bcm, sym_key_bit_len, &cipher); @@ -201,36 +201,36 @@ exit: } API int yaca_seal_update(yaca_context_h ctx, - const char *plaintext, - size_t plaintext_len, - char *ciphertext, - size_t *ciphertext_len) + const char *plaintext, + size_t plaintext_len, + char *ciphertext, + size_t *ciphertext_len) { return encrypt_update(ctx, (const unsigned char*)plaintext, plaintext_len, - (unsigned char*)ciphertext, ciphertext_len, OP_SEAL); + (unsigned char*)ciphertext, ciphertext_len, OP_SEAL); } API int yaca_seal_finalize(yaca_context_h ctx, - char *ciphertext, - size_t *ciphertext_len) + char *ciphertext, + size_t *ciphertext_len) { return encrypt_finalize(ctx, (unsigned char*)ciphertext, ciphertext_len, OP_SEAL); } API int yaca_open_initialize(yaca_context_h *ctx, - const yaca_key_h prv_key, - yaca_encrypt_algorithm_e algo, - yaca_block_cipher_mode_e bcm, - size_t sym_key_bit_len, - const yaca_key_h sym_key, - const yaca_key_h iv) + const yaca_key_h prv_key, + yaca_encrypt_algorithm_e algo, + yaca_block_cipher_mode_e bcm, + size_t sym_key_bit_len, + const yaca_key_h sym_key, + const yaca_key_h iv) { int ret; const EVP_CIPHER *cipher; yaca_key_h lsym_key = YACA_KEY_NULL; if (prv_key == YACA_KEY_NULL || prv_key->type != YACA_KEY_TYPE_RSA_PRIV || - sym_key == YACA_KEY_NULL || bcm == YACA_BCM_WRAP || sym_key_bit_len % 8 != 0) + sym_key == YACA_KEY_NULL || bcm == YACA_BCM_WRAP || sym_key_bit_len % 8 != 0) return YACA_ERROR_INVALID_PARAMETER; ret = encrypt_get_algorithm(algo, bcm, sym_key_bit_len, &cipher); @@ -254,18 +254,18 @@ exit: } API int yaca_open_update(yaca_context_h ctx, - const char *ciphertext, - size_t ciphertext_len, - char *plaintext, - size_t *plaintext_len) + const char *ciphertext, + size_t ciphertext_len, + char *plaintext, + size_t *plaintext_len) { return encrypt_update(ctx, (const unsigned char*)ciphertext, ciphertext_len, - (unsigned char*)plaintext, plaintext_len, OP_OPEN); + (unsigned char*)plaintext, plaintext_len, OP_OPEN); } API int yaca_open_finalize(yaca_context_h ctx, - char *plaintext, - size_t *plaintext_len) + char *plaintext, + size_t *plaintext_len) { return encrypt_finalize(ctx, (unsigned char*)plaintext, plaintext_len, OP_OPEN); } diff --git a/src/sign.c b/src/sign.c index 6ef23df..23c9fa0 100644 --- a/src/sign.c +++ b/src/sign.c @@ -79,8 +79,8 @@ static struct yaca_sign_context_s *get_sign_context(const yaca_context_h ctx) } static int get_sign_output_length(const yaca_context_h ctx, - size_t input_len, - size_t *output_len) + size_t input_len, + size_t *output_len) { assert(output_len != NULL); @@ -124,9 +124,9 @@ static void destroy_sign_context(yaca_context_h ctx) } int set_sign_property(yaca_context_h ctx, - yaca_property_e property, - const void *value, - size_t value_len) + yaca_property_e property, + const void *value, + size_t value_len) { int ret; struct yaca_sign_context_s *c = get_sign_context(ctx); @@ -183,8 +183,8 @@ int set_sign_property(yaca_context_h ctx, } API int yaca_sign_initialize(yaca_context_h *ctx, - yaca_digest_algorithm_e algo, - const yaca_key_h prv_key) + yaca_digest_algorithm_e algo, + const yaca_key_h prv_key) { struct yaca_sign_context_s *nc = NULL; const EVP_MD *md = NULL; @@ -201,7 +201,7 @@ API int yaca_sign_initialize(yaca_context_h *ctx, switch (prv_key->type) { case YACA_KEY_TYPE_RSA_PRIV: if (EVP_MD_size(md) >= EVP_PKEY_size(evp_key->evp) || - (algo == YACA_DIGEST_SHA384 && (EVP_PKEY_size(evp_key->evp) <= YACA_KEY_LENGTH_512BIT / 8))) + (algo == YACA_DIGEST_SHA384 && (EVP_PKEY_size(evp_key->evp) <= YACA_KEY_LENGTH_512BIT / 8))) return YACA_ERROR_INVALID_PARAMETER; break; case YACA_KEY_TYPE_DSA_PRIV: @@ -247,8 +247,8 @@ exit: } API int yaca_sign_initialize_hmac(yaca_context_h *ctx, - yaca_digest_algorithm_e algo, - const yaca_key_h sym_key) + yaca_digest_algorithm_e algo, + const yaca_key_h sym_key) { struct yaca_sign_context_s *nc = NULL; EVP_PKEY *pkey = NULL; @@ -257,7 +257,7 @@ API int yaca_sign_initialize_hmac(yaca_context_h *ctx, const struct yaca_key_simple_s *simple_key = key_get_simple(sym_key); if (ctx == NULL || simple_key == NULL || - (sym_key->type != YACA_KEY_TYPE_SYMMETRIC && sym_key->type != YACA_KEY_TYPE_DES)) + (sym_key->type != YACA_KEY_TYPE_SYMMETRIC && sym_key->type != YACA_KEY_TYPE_DES)) return YACA_ERROR_INVALID_PARAMETER; ret = yaca_zalloc(sizeof(struct yaca_sign_context_s), (void**)&nc); @@ -272,9 +272,9 @@ API int yaca_sign_initialize_hmac(yaca_context_h *ctx, nc->ctx.get_property = NULL; pkey = EVP_PKEY_new_mac_key(EVP_PKEY_HMAC, - NULL, - (unsigned char *)simple_key->d, - simple_key->bit_len / 8); + NULL, + (unsigned char *)simple_key->d, + simple_key->bit_len / 8); if (pkey == NULL) { ret = YACA_ERROR_INTERNAL; ERROR_DUMP(ret); @@ -312,8 +312,8 @@ exit: } API int yaca_sign_initialize_cmac(yaca_context_h *ctx, - yaca_encrypt_algorithm_e algo, - const yaca_key_h sym_key) + yaca_encrypt_algorithm_e algo, + const yaca_key_h sym_key) { struct yaca_sign_context_s *nc = NULL; CMAC_CTX* cmac_ctx = NULL; @@ -323,7 +323,7 @@ API int yaca_sign_initialize_cmac(yaca_context_h *ctx, const struct yaca_key_simple_s *simple_key = key_get_simple(sym_key); if (ctx == NULL || simple_key == NULL || - (sym_key->type != YACA_KEY_TYPE_SYMMETRIC && sym_key->type != YACA_KEY_TYPE_DES)) + (sym_key->type != YACA_KEY_TYPE_SYMMETRIC && sym_key->type != YACA_KEY_TYPE_DES)) return YACA_ERROR_INVALID_PARAMETER; ret = yaca_zalloc(sizeof(struct yaca_sign_context_s), (void**)&nc); @@ -398,14 +398,14 @@ exit: } API int yaca_sign_update(yaca_context_h ctx, - const char *message, - size_t message_len) + const char *message, + size_t message_len) { struct yaca_sign_context_s *c = get_sign_context(ctx); int ret; if (c == NULL || c->op_type != OP_SIGN || - message == NULL || message_len == 0) + message == NULL || message_len == 0) return YACA_ERROR_INVALID_PARAMETER; if (!verify_state_change(c, CTX_MSG_UPDATED)) @@ -423,14 +423,14 @@ API int yaca_sign_update(yaca_context_h ctx, } API int yaca_sign_finalize(yaca_context_h ctx, - char *signature, - size_t *signature_len) + char *signature, + size_t *signature_len) { struct yaca_sign_context_s *c = get_sign_context(ctx); int ret; if (c == NULL || c->op_type != OP_SIGN || - signature == NULL || signature_len == NULL || *signature_len == 0) + signature == NULL || signature_len == NULL || *signature_len == 0) return YACA_ERROR_INVALID_PARAMETER; if (!verify_state_change(c, CTX_FINALIZED)) @@ -448,8 +448,8 @@ API int yaca_sign_finalize(yaca_context_h ctx, } API int yaca_verify_initialize(yaca_context_h *ctx, - yaca_digest_algorithm_e algo, - const yaca_key_h pub_key) + yaca_digest_algorithm_e algo, + const yaca_key_h pub_key) { struct yaca_sign_context_s *nc = NULL; const EVP_MD *md = NULL; @@ -466,7 +466,7 @@ API int yaca_verify_initialize(yaca_context_h *ctx, switch (pub_key->type) { case YACA_KEY_TYPE_RSA_PUB: if (EVP_MD_size(md) >= EVP_PKEY_size(evp_key->evp) || - (algo == YACA_DIGEST_SHA384 && (EVP_PKEY_size(evp_key->evp) <= YACA_KEY_LENGTH_512BIT / 8))) + (algo == YACA_DIGEST_SHA384 && (EVP_PKEY_size(evp_key->evp) <= YACA_KEY_LENGTH_512BIT / 8))) return YACA_ERROR_INVALID_PARAMETER; break; case YACA_KEY_TYPE_DSA_PUB: @@ -512,8 +512,8 @@ exit: } API int yaca_verify_update(yaca_context_h ctx, - const char *message, - size_t message_len) + const char *message, + size_t message_len) { struct yaca_sign_context_s *c = get_sign_context(ctx); int ret; @@ -536,8 +536,8 @@ API int yaca_verify_update(yaca_context_h ctx, } API int yaca_verify_finalize(yaca_context_h ctx, - const char *signature, - size_t signature_len) + const char *signature, + size_t signature_len) { struct yaca_sign_context_s *c = get_sign_context(ctx); int ret; @@ -549,8 +549,8 @@ API int yaca_verify_finalize(yaca_context_h ctx, return YACA_ERROR_INVALID_PARAMETER; ret = EVP_DigestVerifyFinal(c->md_ctx, - (unsigned char *)signature, - signature_len); + (unsigned char *)signature, + signature_len); if (ret == 1) { c->state = CTX_FINALIZED; diff --git a/src/simple.c b/src/simple.c index 00d9b3c..e4c7a38 100644 --- a/src/simple.c +++ b/src/simple.c @@ -34,10 +34,10 @@ #include "internal.h" API int yaca_simple_calculate_digest(yaca_digest_algorithm_e algo, - const char *data, - size_t data_len, - char **digest, - size_t *digest_len) + const char *data, + size_t data_len, + char **digest, + size_t *digest_len) { yaca_context_h ctx; int ret; @@ -45,7 +45,7 @@ API int yaca_simple_calculate_digest(yaca_digest_algorithm_e algo, size_t ldigest_len; if ((data == NULL && data_len > 0) || (data != NULL && data_len == 0) || - digest == NULL || digest_len == NULL) + digest == NULL || digest_len == NULL) return YACA_ERROR_INVALID_PARAMETER; ret = yaca_digest_initialize(&ctx, algo); @@ -84,13 +84,13 @@ exit: } API int yaca_simple_encrypt(yaca_encrypt_algorithm_e algo, - yaca_block_cipher_mode_e bcm, - const yaca_key_h sym_key, - const yaca_key_h iv, - const char *plaintext, - size_t plaintext_len, - char **ciphertext, - size_t *ciphertext_len) + yaca_block_cipher_mode_e bcm, + const yaca_key_h sym_key, + const yaca_key_h iv, + const char *plaintext, + size_t plaintext_len, + char **ciphertext, + size_t *ciphertext_len) { yaca_context_h ctx; int ret; @@ -100,9 +100,9 @@ API int yaca_simple_encrypt(yaca_encrypt_algorithm_e algo, size_t written = 0; if ((plaintext == NULL && plaintext_len > 0) || (plaintext != NULL && plaintext_len == 0) || - ciphertext == NULL || ciphertext_len == NULL || - sym_key == YACA_KEY_NULL || - bcm == YACA_BCM_CCM || bcm == YACA_BCM_GCM) + ciphertext == NULL || ciphertext_len == NULL || + sym_key == YACA_KEY_NULL || + bcm == YACA_BCM_CCM || bcm == YACA_BCM_GCM) return YACA_ERROR_INVALID_PARAMETER; ret = yaca_encrypt_initialize(&ctx, algo, bcm, sym_key, iv); @@ -148,7 +148,7 @@ API int yaca_simple_encrypt(yaca_encrypt_algorithm_e algo, assert(written <= lciphertext_len); if (((bcm == YACA_BCM_CBC || bcm == YACA_BCM_ECB) && written == 0) || - (bcm != YACA_BCM_CBC && bcm != YACA_BCM_ECB && plaintext_len == 0 && written > 0)) { + (bcm != YACA_BCM_CBC && bcm != YACA_BCM_ECB && plaintext_len == 0 && written > 0)) { ret = YACA_ERROR_INTERNAL; goto exit; } @@ -175,13 +175,13 @@ exit: } API int yaca_simple_decrypt(yaca_encrypt_algorithm_e algo, - yaca_block_cipher_mode_e bcm, - const yaca_key_h sym_key, - const yaca_key_h iv, - const char *ciphertext, - size_t ciphertext_len, - char **plaintext, - size_t *plaintext_len) + yaca_block_cipher_mode_e bcm, + const yaca_key_h sym_key, + const yaca_key_h iv, + const char *ciphertext, + size_t ciphertext_len, + char **plaintext, + size_t *plaintext_len) { yaca_context_h ctx; int ret; @@ -191,10 +191,10 @@ API int yaca_simple_decrypt(yaca_encrypt_algorithm_e algo, size_t written = 0; if ((ciphertext == NULL && ciphertext_len > 0) || (ciphertext != NULL && ciphertext_len == 0) || - ((bcm == YACA_BCM_ECB || bcm == YACA_BCM_CBC) && ciphertext == NULL && ciphertext_len == 0) || - plaintext == NULL || plaintext_len == NULL || - sym_key == YACA_KEY_NULL || - bcm == YACA_BCM_CCM || bcm == YACA_BCM_GCM) + ((bcm == YACA_BCM_ECB || bcm == YACA_BCM_CBC) && ciphertext == NULL && ciphertext_len == 0) || + plaintext == NULL || plaintext_len == NULL || + sym_key == YACA_KEY_NULL || + bcm == YACA_BCM_CCM || bcm == YACA_BCM_GCM) return YACA_ERROR_INVALID_PARAMETER; ret = yaca_decrypt_initialize(&ctx, algo, bcm, sym_key, iv); @@ -266,7 +266,7 @@ exit: } static int sign(const yaca_context_h ctx, const char *data, size_t data_len, - char **signature, size_t *signature_len) + char **signature, size_t *signature_len) { int ret; @@ -299,17 +299,17 @@ static int sign(const yaca_context_h ctx, const char *data, size_t data_len, } API int yaca_simple_calculate_signature(yaca_digest_algorithm_e algo, - const yaca_key_h prv_key, - const char *data, - size_t data_len, - char **signature, - size_t *signature_len) + const yaca_key_h prv_key, + const char *data, + size_t data_len, + char **signature, + size_t *signature_len) { int ret; yaca_context_h ctx = YACA_CONTEXT_NULL; if ((data == NULL && data_len > 0) || (data != NULL && data_len == 0) || - signature == NULL || signature_len == NULL) + signature == NULL || signature_len == NULL) return YACA_ERROR_INVALID_PARAMETER; ret = yaca_sign_initialize(&ctx, algo, prv_key); @@ -324,17 +324,17 @@ API int yaca_simple_calculate_signature(yaca_digest_algorithm_e algo, } API int yaca_simple_verify_signature(yaca_digest_algorithm_e algo, - const yaca_key_h pub_key, - const char *data, - size_t data_len, - const char *signature, - size_t signature_len) + const yaca_key_h pub_key, + const char *data, + size_t data_len, + const char *signature, + size_t signature_len) { int ret; yaca_context_h ctx = YACA_CONTEXT_NULL; if ((data == NULL && data_len > 0) || (data != NULL && data_len == 0) || - signature == NULL || signature_len == 0) + signature == NULL || signature_len == 0) return YACA_ERROR_INVALID_PARAMETER; ret = yaca_verify_initialize(&ctx, algo, pub_key); @@ -356,17 +356,17 @@ exit: } API int yaca_simple_calculate_hmac(yaca_digest_algorithm_e algo, - const yaca_key_h sym_key, - const char *data, - size_t data_len, - char **mac, - size_t *mac_len) + const yaca_key_h sym_key, + const char *data, + size_t data_len, + char **mac, + size_t *mac_len) { int ret; yaca_context_h ctx = YACA_CONTEXT_NULL; if ((data == NULL && data_len > 0) || (data != NULL && data_len == 0) || - mac == NULL || mac_len == NULL) + mac == NULL || mac_len == NULL) return YACA_ERROR_INVALID_PARAMETER; ret = yaca_sign_initialize_hmac(&ctx, algo, sym_key); @@ -381,17 +381,17 @@ API int yaca_simple_calculate_hmac(yaca_digest_algorithm_e algo, } API int yaca_simple_calculate_cmac(yaca_encrypt_algorithm_e algo, - const yaca_key_h sym_key, - const char *data, - size_t data_len, - char **mac, - size_t *mac_len) + const yaca_key_h sym_key, + const char *data, + size_t data_len, + char **mac, + size_t *mac_len) { int ret; yaca_context_h ctx = YACA_CONTEXT_NULL; if ((data == NULL && data_len > 0) || (data != NULL && data_len == 0) || - mac == NULL || mac_len == NULL) + mac == NULL || mac_len == NULL) return YACA_ERROR_INVALID_PARAMETER; ret = yaca_sign_initialize_cmac(&ctx, algo, sym_key); -- 2.7.4