Cipher, Identity and Protection Mechanisms

---

Eet allows one to protect entries of an Eet_File individually. This may be used to ensure data was not tampered or that third party does not read your data.

See also:

Eet File Ciphered Main Functions

Image Store and Load using a Cipher

Functions
Eet_Key *	eet_identity_open (const char *certificate_file, const char *private_key_file, Eet_Key_Password_Callback cb)
	Creates an Eet_Key needed for signing an eet file.
void	eet_identity_close (Eet_Key *key)
	Close and release all resource used by an Eet_Key. A reference counter prevent it from being freed until all file using it are also closed.
Eet_Error	eet_identity_set (Eet_File *ef, Eet_Key *key)
	Sets a key to sign a file.
void	eet_identity_print (Eet_Key *key, FILE *out)
	Displays both private and public key of an Eet_Key.
Eina_Bool	eet_identity_verify (Eet_File *ef, const char *certificate_file)
	Compares the identify certificate of an eet file against a stored one.
const void *	eet_identity_x509 (Eet_File *ef, int *der_length)
	Gets the x509 der certificate associated with an Eet_File. Will return NULL if the file is not signed.
const void *	eet_identity_signature (Eet_File *ef, int *signature_length)
	Gets the raw signature associated with an Eet_File. Will return NULL if the file is not signed.
const void *	eet_identity_sha1 (Eet_File *ef, int *sha1_length)
	Gets the SHA1 associated with a file. Could be the one used to sign the data or if the data where not signed, it will be the SHA1 of the file.
void	eet_identity_certificate_print (const unsigned char *certificate, int der_length, FILE *out)
	Displays the x509 der certificate to out.
Typedefs
typedef struct _Eet_Key	Eet_Key
typedef int(*	Eet_Key_Password_Callback )(char *buffer, int size, int rwflag, void *data)
	Callback used to request if needed the password of a private key.

---

Typedef Documentation

Eet_Key

Opaque handle that defines an identity (also known as key) in Eet's cipher system.

typedef int(* Eet_Key_Password_Callback)(char *buffer, int size, int rwflag, void *data)

Callback used to request if needed the password of a private key.

Parameters:

buffer	the buffer where to store the password.
size	the maximum password size (size of buffer, including '\0').
rwflag	if the buffer is also readable or just writable.
data	currently unused, may contain some context in future.

Returns:

1 on success and password was set to buffer, 0 on failure.

Since (EFL) :

1.2.0

---

Function Documentation

void eet_identity_certificate_print	(	const unsigned char *	certificate,
		int	der_length,
		FILE *	out
	)

Displays the x509 der certificate to out.

Deprecated:

Deprecated since 10.0.

Parameters:

certificate	the x509 certificate to print
der_length	The length the certificate.
out	where to print.

Warning:

You need to compile signature support in EET.

Since (EFL) :

1.2.0

Since :

3.0

void eet_identity_close

(

Eet_Key *

key

)

Close and release all resource used by an Eet_Key. A reference counter prevent it from being freed until all file using it are also closed.

Deprecated:

Deprecated since 10.0.

Parameters:

key	the key handle to close and free resources.

Since (EFL) :

1.2.0

Since :

3.0

Eet_Key* eet_identity_open	(	const char *	certificate_file,
		const char *	private_key_file,
		Eet_Key_Password_Callback	cb
	)

Creates an Eet_Key needed for signing an eet file.

Deprecated:

Deprecated since 10.0.

The certificate should provide the public that match the private key. No verification is done to ensure that.

Parameters:

certificate_file	The file where to find the certificate.
private_key_file	The file that contains the private key.
cb	Function to callback if password is required to unlock private key.

Returns:

A key handle to use, or NULL on failure.

See also:

eet_identity_close()

Warning:

You need to compile signature support in EET.

Since (EFL) :

1.2.0

Since :

3.0

void eet_identity_print	(	Eet_Key *	key,
		FILE *	out
	)

Displays both private and public key of an Eet_Key.

Deprecated:

Deprecated since 10.0.

Parameters:

key	the handle to print.
out	where to print.

Warning:

You need to compile signature support in EET.

Since (EFL) :

1.2.0

Since :

3.0

Eet_Error eet_identity_set	(	Eet_File *	ef,
		Eet_Key *	key
	)

Sets a key to sign a file.

Deprecated:

Deprecated since 10.0.

Parameters:

ef	the file to set the identity.
key	the key handle to set as identity.

Returns:

EET_ERROR_BAD_OBJECT if ef is invalid or EET_ERROR_NONE on success.

Since (EFL) :

1.2.0

Since :

3.0

const void* eet_identity_sha1	(	Eet_File *	ef,
		int *	sha1_length
	)

Gets the SHA1 associated with a file. Could be the one used to sign the data or if the data where not signed, it will be the SHA1 of the file.

Deprecated:

Deprecated since 10.0.

Parameters:

ef	The file handle to query.
sha1_length	The length of returned data, may be NULL.

Returns:

the associated SHA1 or NULL on error.

Since (EFL) :

1.2.0

Since :

3.0

const void* eet_identity_signature	(	Eet_File *	ef,
		int *	signature_length
	)

Gets the raw signature associated with an Eet_File. Will return NULL if the file is not signed.

Parameters:

ef	The file handle to query.
signature_length	The length of returned data, may be NULL.

Returns:

The raw signature or NULL on error.

Since :

3.0

Eina_Bool eet_identity_verify	(	Eet_File *	ef,
		const char *	certificate_file
	)

Compares the identify certificate of an eet file against a stored one.

Deprecated:

Deprecated since 10.0.

Parameters:

ef	The file handle to check the identify of
certificate_file	The path to the certificate file

Returns:

EINA_TRUE if the certificates match, otherwise EINA_FALSE

The ef file handle mus be valid, and a signed file, otherwise checking will fail. The path to the certificate file must be a valid file path to a 'pem' format file (the same used for siging with eet_identity_open() as a certificate file).

Note:

This function can not be used to provide any security mechanism. You need to check your x509 certificate against a chain of trust to have a proper security. This is just a convenience test function.

Warning:

You need to compile signature support in EET.

Since (EFL) :

1.13

Since :

3.0

const void* eet_identity_x509	(	Eet_File *	ef,
		int *	der_length
	)

Gets the x509 der certificate associated with an Eet_File. Will return NULL if the file is not signed.

Deprecated:

Deprecated since 10.0.

Parameters:

ef	The file handle to query.
der_length	The length of returned data, may be NULL.

Returns:

the x509 certificate or NULL on error.

Since (EFL) :

1.2.0

Since :

3.0