Tizen Native API
6.5
|
Provides simple APIs for cryptographic operations.
Required Header
#include <yaca/yaca_simple.h>
Overview
It provides simple APIs for encryption/decryption, signing/verification, and message digestion.
Examples
Simple Encrypt API example
#include <stdio.h> #include <yaca_crypto.h> #include <yaca_simple.h> #include <yaca_encrypt.h> #include <yaca_key.h> #include <yaca_error.h> /* include helpers functions and definitions */ #include "misc.h" int main() { int ret; yaca_key_h key = YACA_KEY_NULL; yaca_key_h iv = YACA_KEY_NULL; size_t iv_bit_len; char *encrypted = NULL; char *decrypted = NULL; size_t encrypted_len; size_t decrypted_len; ret = yaca_initialize(); if (ret != YACA_ERROR_NONE) goto exit; printf("Plain data (16 of %zu bytes): %.16s\n", INPUT_DATA_SIZE, INPUT_DATA); /* Key generation */ ret = yaca_key_derive_pbkdf2("foo bar", "123456789", 10, 1000, YACA_DIGEST_SHA256, YACA_KEY_LENGTH_256BIT, &key); if (ret != YACA_ERROR_NONE) goto exit; /* IV generation */ ret = yaca_encrypt_get_iv_bit_length(YACA_ENCRYPT_AES, YACA_BCM_CTR, YACA_KEY_LENGTH_256BIT, &iv_bit_len); if (ret != YACA_ERROR_NONE) goto exit; if (iv_bit_len > 0) { ret = yaca_key_generate(YACA_KEY_TYPE_IV, iv_bit_len, &iv); if (ret != YACA_ERROR_NONE) goto exit; } /* Encryption */ { ret = yaca_simple_encrypt(YACA_ENCRYPT_AES, YACA_BCM_CTR, key, iv, INPUT_DATA, INPUT_DATA_SIZE, &encrypted, &encrypted_len); if (ret != YACA_ERROR_NONE) goto exit; /* display encrypted data in hexadecimal format */ dump_hex(encrypted, 16, "Encrypted data (16 of %zu bytes): ", encrypted_len); } /* Decryption */ { ret = yaca_simple_decrypt(YACA_ENCRYPT_AES, YACA_BCM_CTR, key, iv, encrypted, encrypted_len, &decrypted, &decrypted_len); if (ret != YACA_ERROR_NONE) goto exit; printf("Decrypted data (16 of %zu bytes): %.16s\n\n", decrypted_len, decrypted); } exit: yaca_free(encrypted); yaca_free(decrypted); yaca_key_destroy(iv); yaca_key_destroy(key); yaca_cleanup(); return ret; }
Simple Message Digest API example
#include <stdio.h> #include <yaca_crypto.h> #include <yaca_simple.h> #include <yaca_error.h> /* include helpers functions and definitions */ #include "misc.h" int main() { int ret; char *digest = NULL; size_t digest_len; ret = yaca_initialize(); if (ret != YACA_ERROR_NONE) goto exit; printf("Plain data (16 of %zu bytes): %.16s\n", INPUT_DATA_SIZE, INPUT_DATA); /* Calculate digest */ ret = yaca_simple_calculate_digest(YACA_DIGEST_SHA256, INPUT_DATA, INPUT_DATA_SIZE, &digest, &digest_len); if (ret != YACA_ERROR_NONE) goto exit; /* display digest in hexadecimal format */ dump_hex(digest, digest_len, "Message digest: "); exit: yaca_free(digest); yaca_cleanup(); return ret; }
Simple Signature API example
#include <stdio.h> #include <yaca_crypto.h> #include <yaca_key.h> #include <yaca_error.h> #include <yaca_simple.h> /* include helpers functions and definitions */ #include "misc.h" int main() { int ret; yaca_key_h priv_key = YACA_KEY_NULL; yaca_key_h pub_key = YACA_KEY_NULL; char *signature = NULL; size_t signature_len; ret = yaca_initialize(); if (ret != YACA_ERROR_NONE) goto exit; /* Generate key pair */ ret = yaca_key_generate(YACA_KEY_TYPE_DSA_PRIV, YACA_KEY_LENGTH_2048BIT, &priv_key); if (ret != YACA_ERROR_NONE) goto exit; ret = yaca_key_extract_public(priv_key, &pub_key); if (ret != YACA_ERROR_NONE) goto exit; /* Sign */ { ret = yaca_simple_calculate_signature(YACA_DIGEST_SHA384, priv_key, INPUT_DATA, INPUT_DATA_SIZE, &signature, &signature_len); if (ret != YACA_ERROR_NONE) goto exit; /* display signature in hexadecimal format */ dump_hex(signature, signature_len, "Signature of INPUT_DATA:"); } /* Verify */ { ret = yaca_simple_verify_signature(YACA_DIGEST_SHA384, pub_key, INPUT_DATA, INPUT_DATA_SIZE, signature, signature_len); if (ret != YACA_ERROR_NONE) { printf("Verification failed\n"); goto exit; } else { printf("Verification successful\n"); } } exit: yaca_free(signature); yaca_key_destroy(priv_key); yaca_key_destroy(pub_key); yaca_cleanup(); return ret; }
Simple CMAC Signature API example
#include <stdio.h> #include <yaca_crypto.h> #include <yaca_key.h> #include <yaca_error.h> #include <yaca_simple.h> /* include helpers functions and definitions */ #include "misc.h" int main() { int ret; yaca_key_h sym_key = YACA_KEY_NULL; char *signature1 = NULL; char *signature2 = NULL; size_t signature_len; ret = yaca_initialize(); if (ret != YACA_ERROR_NONE) goto exit; /* Key generation */ ret = yaca_key_generate(YACA_KEY_TYPE_SYMMETRIC, YACA_KEY_LENGTH_256BIT, &sym_key); if (ret != YACA_ERROR_NONE) goto exit; /* Sign */ { ret = yaca_simple_calculate_cmac(YACA_ENCRYPT_AES, sym_key, INPUT_DATA, INPUT_DATA_SIZE, &signature1, &signature_len); if (ret != YACA_ERROR_NONE) goto exit; /* display signature in hexadecimal format */ dump_hex(signature1, signature_len, "CMAC Signature of INPUT_DATA:"); } /* Verify */ { ret = yaca_simple_calculate_cmac(YACA_ENCRYPT_AES, sym_key, INPUT_DATA, INPUT_DATA_SIZE, &signature2, &signature_len); if (ret != YACA_ERROR_NONE) goto exit; ret = yaca_memcmp(signature1, signature2, signature_len); if (ret != YACA_ERROR_NONE) { printf("Verification failed\n"); goto exit; } else { printf("Verification successful\n"); } } exit: yaca_free(signature1); yaca_free(signature2); yaca_key_destroy(sym_key); yaca_cleanup(); return ret; }
Functions | |
int | yaca_simple_encrypt (yaca_encrypt_algorithm_e algo, yaca_block_cipher_mode_e bcm, const yaca_key_h sym_key, const yaca_key_h iv, const char *plaintext, size_t plaintext_len, char **ciphertext, size_t *ciphertext_len) |
Encrypts data using a symmetric cipher. | |
int | yaca_simple_decrypt (yaca_encrypt_algorithm_e algo, yaca_block_cipher_mode_e bcm, const yaca_key_h sym_key, const yaca_key_h iv, const char *ciphertext, size_t ciphertext_len, char **plaintext, size_t *plaintext_len) |
Decrypts data using a symmetric cipher. | |
int | yaca_simple_calculate_digest (yaca_digest_algorithm_e algo, const char *message, size_t message_len, char **digest, size_t *digest_len) |
Calculates a digest of a message. | |
int | yaca_simple_calculate_signature (yaca_digest_algorithm_e algo, const yaca_key_h prv_key, const char *message, size_t message_len, char **signature, size_t *signature_len) |
Creates a signature using asymmetric private key. | |
int | yaca_simple_verify_signature (yaca_digest_algorithm_e algo, const yaca_key_h pub_key, const char *message, size_t message_len, const char *signature, size_t signature_len) |
Verifies a signature using asymmetric public key. | |
int | yaca_simple_calculate_hmac (yaca_digest_algorithm_e algo, const yaca_key_h sym_key, const char *message, size_t message_len, char **mac, size_t *mac_len) |
Calculates a HMAC of given message using symmetric key. | |
int | yaca_simple_calculate_cmac (yaca_encrypt_algorithm_e algo, const yaca_key_h sym_key, const char *message, size_t message_len, char **mac, size_t *mac_len) |
Calculates a CMAC of given message using symmetric key. |
Function Documentation
int yaca_simple_calculate_cmac | ( | yaca_encrypt_algorithm_e | algo, |
const yaca_key_h | sym_key, | ||
const char * | message, | ||
size_t | message_len, | ||
char ** | mac, | ||
size_t * | mac_len | ||
) |
Calculates a CMAC of given message using symmetric key.
- Since :
- 3.0
- Remarks:
- For verification, calculate message CMAC and compare with received MAC using yaca_memcmp().
- The mac should be freed using yaca_free().
- The message can be NULL but then message_len must be 0.
- Parameters:
-
[in] algo Encryption algorithm that will be used [in] sym_key Key that will be used, supported key types: [in] message Message to calculate CMAC from [in] message_len Length of the message [out] mac MAC, will be allocated by the library [out] mac_len Length of the MAC
- Returns:
- YACA_ERROR_NONE on success, negative on error
- Return values:
-
YACA_ERROR_NONE Successful YACA_ERROR_INVALID_PARAMETER Required parameters have incorrect values (NULL, 0 invalid algo or sym_key) YACA_ERROR_OUT_OF_MEMORY Out of memory error YACA_ERROR_INTERNAL Internal error
int yaca_simple_calculate_digest | ( | yaca_digest_algorithm_e | algo, |
const char * | message, | ||
size_t | message_len, | ||
char ** | digest, | ||
size_t * | digest_len | ||
) |
Calculates a digest of a message.
- Since :
- 3.0
- Remarks:
- The digest should be freed using yaca_free().
- The message can be NULL but then message_len must be 0.
- Parameters:
-
[in] algo Digest algorithm (select YACA_DIGEST_SHA256 if unsure) [in] message Message from which the digest is to be calculated [in] message_len Length of the message [out] digest Message digest, will be allocated by the library [out] digest_len Length of message digest (depends on algorithm)
- Returns:
- YACA_ERROR_NONE on success, negative on error
- Return values:
-
YACA_ERROR_NONE Successful YACA_ERROR_INVALID_PARAMETER Required parameters have incorrect values (NULL, invalid algo) YACA_ERROR_OUT_OF_MEMORY Out of memory error YACA_ERROR_INTERNAL Internal error
- See also:
- yaca_digest_algorithm_e
- yaca_free()
int yaca_simple_calculate_hmac | ( | yaca_digest_algorithm_e | algo, |
const yaca_key_h | sym_key, | ||
const char * | message, | ||
size_t | message_len, | ||
char ** | mac, | ||
size_t * | mac_len | ||
) |
Calculates a HMAC of given message using symmetric key.
- Since :
- 3.0
- Remarks:
- For verification, calculate message HMAC and compare with received MAC using yaca_memcmp().
- The mac should be freed using yaca_free().
- The message can be NULL but then message_len must be 0.
- Parameters:
-
[in] algo Digest algorithm that will be used [in] sym_key Key that will be used, supported key types: [in] message Message to calculate HMAC from [in] message_len Length of the message [out] mac MAC, will be allocated by the library [out] mac_len Length of the MAC
- Returns:
- YACA_ERROR_NONE on success, negative on error
- Return values:
-
YACA_ERROR_NONE Successful YACA_ERROR_INVALID_PARAMETER Required parameters have incorrect values (NULL, 0 invalid algo or sym_key) YACA_ERROR_OUT_OF_MEMORY Out of memory error YACA_ERROR_INTERNAL Internal error
int yaca_simple_calculate_signature | ( | yaca_digest_algorithm_e | algo, |
const yaca_key_h | prv_key, | ||
const char * | message, | ||
size_t | message_len, | ||
char ** | signature, | ||
size_t * | signature_len | ||
) |
Creates a signature using asymmetric private key.
- Since :
- 3.0
- Remarks:
- For YACA_DIGEST_SHA384 and YACA_DIGEST_SHA512 the RSA key size must be bigger than YACA_KEY_LENGTH_512BIT.
- Using of YACA_DIGEST_MD5 algorithm for DSA and ECDSA operations is prohibited.
- The signature should be freed using yaca_free().
- The message can be NULL but then message_len must be 0.
- Parameters:
-
[in] algo Digest algorithm that will be used [in] prv_key Private key that will be used, algorithm is deduced based on key type, supported key types: [in] message Message to be signed [in] message_len Length of the message [out] signature Message signature, will be allocated by the library [out] signature_len Length of the signature
- Returns:
- YACA_ERROR_NONE on success, negative on error
- Return values:
-
YACA_ERROR_NONE Successful YACA_ERROR_INVALID_PARAMETER Required parameters have incorrect values (NULL, 0 invalid algo or prv_key) YACA_ERROR_OUT_OF_MEMORY Out of memory error YACA_ERROR_INTERNAL Internal error
int yaca_simple_decrypt | ( | yaca_encrypt_algorithm_e | algo, |
yaca_block_cipher_mode_e | bcm, | ||
const yaca_key_h | sym_key, | ||
const yaca_key_h | iv, | ||
const char * | ciphertext, | ||
size_t | ciphertext_len, | ||
char ** | plaintext, | ||
size_t * | plaintext_len | ||
) |
Decrypts data using a symmetric cipher.
- Since :
- 3.0
- Remarks:
- yaca_simple_decrypt() doesn't support YACA_BCM_GCM and YACA_BCM_CCM.
- The plaintext should be freed using yaca_free().
- The ciphertext can be NULL but then ciphertext_len must be 0.
- Parameters:
-
[in] algo Decryption algorithm that was used to encrypt the data [in] bcm Chaining mode that was used to encrypt the data [in] sym_key Symmetric encryption key that was used to encrypt the data [in] iv Initialization Vector that was used to encrypt the data [in] ciphertext Ciphertext to be decrypted [in] ciphertext_len Length of ciphertext [out] plaintext Decrypted data, will be allocated by the library [out] plaintext_len Length of the decrypted data
- Returns:
- YACA_ERROR_NONE on success, negative on error
- Return values:
-
YACA_ERROR_NONE Successful YACA_ERROR_INVALID_PARAMETER Required parameters have incorrect values (NULL, 0 invalid algo, bcm, sym_key or iv) YACA_ERROR_OUT_OF_MEMORY Out of memory error YACA_ERROR_INTERNAL Internal error
int yaca_simple_encrypt | ( | yaca_encrypt_algorithm_e | algo, |
yaca_block_cipher_mode_e | bcm, | ||
const yaca_key_h | sym_key, | ||
const yaca_key_h | iv, | ||
const char * | plaintext, | ||
size_t | plaintext_len, | ||
char ** | ciphertext, | ||
size_t * | ciphertext_len | ||
) |
Encrypts data using a symmetric cipher.
- Since :
- 3.0
- Remarks:
- yaca_simple_encrypt() doesn't support YACA_BCM_GCM and YACA_BCM_CCM.
- The ciphertext should be freed using yaca_free().
- The plaintext can be NULL but then plaintext_len must be 0.
- Parameters:
-
[in] algo Encryption algorithm (select YACA_ENCRYPT_AES if unsure) [in] bcm Chaining mode (select YACA_BCM_CBC if unsure) [in] sym_key Symmetric encryption key (see yaca_key.h for key generation functions) [in] iv Initialization Vector [in] plaintext Plaintext to be encrypted [in] plaintext_len Length of the plaintext [out] ciphertext Encrypted data, will be allocated by the library [out] ciphertext_len Length of the encrypted data (may be larger than decrypted)
- Returns:
- YACA_ERROR_NONE on success, negative on error
- Return values:
-
YACA_ERROR_NONE Successful YACA_ERROR_INVALID_PARAMETER Required parameters have incorrect values (NULL, 0 invalid algo, bcm, sym_key or iv) YACA_ERROR_OUT_OF_MEMORY Out of memory error YACA_ERROR_INTERNAL Internal error
int yaca_simple_verify_signature | ( | yaca_digest_algorithm_e | algo, |
const yaca_key_h | pub_key, | ||
const char * | message, | ||
size_t | message_len, | ||
const char * | signature, | ||
size_t | signature_len | ||
) |
Verifies a signature using asymmetric public key.
- Since :
- 3.0
- Remarks:
- The message can be NULL but then message_len must be 0.
- Parameters:
-
[in] algo Digest algorithm that will be used [in] pub_key Public key that will be used, algorithm is deduced based on key type, supported key types: [in] message Message [in] message_len Length of the message [in] signature Message signature to be verified [in] signature_len Length of the signature
- Returns:
- YACA_ERROR_NONE on success, negative on error
- Return values:
-
YACA_ERROR_NONE Successful YACA_ERROR_INVALID_PARAMETER Required parameters have incorrect values (NULL, 0 invalid algo or pub_key) YACA_ERROR_OUT_OF_MEMORY Out of memory error YACA_ERROR_INTERNAL Internal error YACA_ERROR_DATA_MISMATCH The verification failed