Tizen Native API  6.5
YACA Simple Crypto

Provides simple APIs for cryptographic operations.

Required Header

#include <yaca/yaca_simple.h>

Overview

It provides simple APIs for encryption/decryption, signing/verification, and message digestion.

Examples

Simple Encrypt API example

#include <stdio.h>

#include <yaca_crypto.h>
#include <yaca_simple.h>
#include <yaca_encrypt.h>
#include <yaca_key.h>
#include <yaca_error.h>

/* include helpers functions and definitions */
#include "misc.h"

int main()
{
    int ret;
    yaca_key_h key = YACA_KEY_NULL;
    yaca_key_h iv = YACA_KEY_NULL;
    size_t iv_bit_len;

    char *encrypted = NULL;
    char *decrypted = NULL;
    size_t encrypted_len;
    size_t decrypted_len;

    ret = yaca_initialize();
    if (ret != YACA_ERROR_NONE)
        goto exit;

    printf("Plain data (16 of %zu bytes): %.16s\n", INPUT_DATA_SIZE, INPUT_DATA);

    /* Key generation */
    ret = yaca_key_derive_pbkdf2("foo bar", "123456789", 10, 1000,
                                 YACA_DIGEST_SHA256, YACA_KEY_LENGTH_256BIT, &key);
    if (ret != YACA_ERROR_NONE)
        goto exit;

    /* IV generation */
    ret = yaca_encrypt_get_iv_bit_length(YACA_ENCRYPT_AES, YACA_BCM_CTR, YACA_KEY_LENGTH_256BIT,
                                         &iv_bit_len);
    if (ret != YACA_ERROR_NONE)
        goto exit;

    if (iv_bit_len > 0) {
        ret = yaca_key_generate(YACA_KEY_TYPE_IV, iv_bit_len, &iv);
        if (ret != YACA_ERROR_NONE)
            goto exit;
    }

    /* Encryption */
    {
        ret = yaca_simple_encrypt(YACA_ENCRYPT_AES, YACA_BCM_CTR, key, iv,
                                  INPUT_DATA, INPUT_DATA_SIZE, &encrypted, &encrypted_len);
        if (ret != YACA_ERROR_NONE)
            goto exit;

        /* display encrypted data in hexadecimal format */
        dump_hex(encrypted, 16, "Encrypted data (16 of %zu bytes): ", encrypted_len);
    }

    /* Decryption */
    {
        ret = yaca_simple_decrypt(YACA_ENCRYPT_AES, YACA_BCM_CTR, key, iv,
                                  encrypted, encrypted_len, &decrypted, &decrypted_len);
        if (ret != YACA_ERROR_NONE)
            goto exit;

        printf("Decrypted data (16 of %zu bytes): %.16s\n\n", decrypted_len, decrypted);
    }

exit:
    yaca_free(encrypted);
    yaca_free(decrypted);
    yaca_key_destroy(iv);
    yaca_key_destroy(key);

    yaca_cleanup();
    return ret;
}

Simple Message Digest API example

#include <stdio.h>

#include <yaca_crypto.h>
#include <yaca_simple.h>
#include <yaca_error.h>

/* include helpers functions and definitions */
#include "misc.h"

int main()
{
    int ret;
    char *digest = NULL;
    size_t digest_len;

    ret = yaca_initialize();
    if (ret != YACA_ERROR_NONE)
        goto exit;

    printf("Plain data (16 of %zu bytes): %.16s\n", INPUT_DATA_SIZE, INPUT_DATA);

    /* Calculate digest */
    ret = yaca_simple_calculate_digest(YACA_DIGEST_SHA256, INPUT_DATA, INPUT_DATA_SIZE,
                                       &digest, &digest_len);
    if (ret != YACA_ERROR_NONE)
        goto exit;

    /* display digest in hexadecimal format */
    dump_hex(digest, digest_len, "Message digest: ");

exit:
    yaca_free(digest);

    yaca_cleanup();
    return ret;
}

Simple Signature API example

#include <stdio.h>

#include <yaca_crypto.h>
#include <yaca_key.h>
#include <yaca_error.h>
#include <yaca_simple.h>

/* include helpers functions and definitions */
#include "misc.h"

int main()
{
    int ret;
    yaca_key_h priv_key = YACA_KEY_NULL;
    yaca_key_h pub_key = YACA_KEY_NULL;

    char *signature = NULL;
    size_t signature_len;

    ret = yaca_initialize();
    if (ret != YACA_ERROR_NONE)
        goto exit;

    /* Generate key pair */
    ret = yaca_key_generate(YACA_KEY_TYPE_DSA_PRIV, YACA_KEY_LENGTH_2048BIT, &priv_key);
    if (ret != YACA_ERROR_NONE)
        goto exit;

    ret = yaca_key_extract_public(priv_key, &pub_key);
    if (ret != YACA_ERROR_NONE)
        goto exit;

    /* Sign */
    {
        ret = yaca_simple_calculate_signature(YACA_DIGEST_SHA384, priv_key,
                                              INPUT_DATA, INPUT_DATA_SIZE,
                                              &signature, &signature_len);
        if (ret != YACA_ERROR_NONE)
            goto exit;

        /* display signature in hexadecimal format */
        dump_hex(signature, signature_len, "Signature of INPUT_DATA:");
    }

    /* Verify */
    {
        ret = yaca_simple_verify_signature(YACA_DIGEST_SHA384, pub_key,
                                           INPUT_DATA, INPUT_DATA_SIZE,
                                           signature, signature_len);
        if (ret != YACA_ERROR_NONE) {
            printf("Verification failed\n");
            goto exit;
        } else {
            printf("Verification successful\n");
        }
    }

exit:
    yaca_free(signature);
    yaca_key_destroy(priv_key);
    yaca_key_destroy(pub_key);

    yaca_cleanup();
    return ret;
}

Simple CMAC Signature API example

#include <stdio.h>

#include <yaca_crypto.h>
#include <yaca_key.h>
#include <yaca_error.h>
#include <yaca_simple.h>

/* include helpers functions and definitions */
#include "misc.h"

int main()
{
    int ret;
    yaca_key_h sym_key = YACA_KEY_NULL;

    char *signature1 = NULL;
    char *signature2 = NULL;
    size_t signature_len;

    ret = yaca_initialize();
    if (ret != YACA_ERROR_NONE)
        goto exit;

    /* Key generation */
    ret = yaca_key_generate(YACA_KEY_TYPE_SYMMETRIC, YACA_KEY_LENGTH_256BIT, &sym_key);
    if (ret != YACA_ERROR_NONE)
        goto exit;

    /* Sign */
    {
        ret = yaca_simple_calculate_cmac(YACA_ENCRYPT_AES, sym_key,
                                         INPUT_DATA, INPUT_DATA_SIZE,
                                         &signature1, &signature_len);
        if (ret != YACA_ERROR_NONE)
            goto exit;

        /* display signature in hexadecimal format */
        dump_hex(signature1, signature_len, "CMAC Signature of INPUT_DATA:");
    }

    /* Verify */
    {
        ret = yaca_simple_calculate_cmac(YACA_ENCRYPT_AES, sym_key,
                                         INPUT_DATA, INPUT_DATA_SIZE,
                                         &signature2, &signature_len);
        if (ret != YACA_ERROR_NONE)
            goto exit;

        ret = yaca_memcmp(signature1, signature2, signature_len);
        if (ret != YACA_ERROR_NONE) {
            printf("Verification failed\n");
            goto exit;
        } else {
            printf("Verification successful\n");
        }
    }

exit:
    yaca_free(signature1);
    yaca_free(signature2);
    yaca_key_destroy(sym_key);

    yaca_cleanup();
    return ret;
}

Functions

int yaca_simple_encrypt (yaca_encrypt_algorithm_e algo, yaca_block_cipher_mode_e bcm, const yaca_key_h sym_key, const yaca_key_h iv, const char *plaintext, size_t plaintext_len, char **ciphertext, size_t *ciphertext_len)
 Encrypts data using a symmetric cipher.
int yaca_simple_decrypt (yaca_encrypt_algorithm_e algo, yaca_block_cipher_mode_e bcm, const yaca_key_h sym_key, const yaca_key_h iv, const char *ciphertext, size_t ciphertext_len, char **plaintext, size_t *plaintext_len)
 Decrypts data using a symmetric cipher.
int yaca_simple_calculate_digest (yaca_digest_algorithm_e algo, const char *message, size_t message_len, char **digest, size_t *digest_len)
 Calculates a digest of a message.
int yaca_simple_calculate_signature (yaca_digest_algorithm_e algo, const yaca_key_h prv_key, const char *message, size_t message_len, char **signature, size_t *signature_len)
 Creates a signature using asymmetric private key.
int yaca_simple_verify_signature (yaca_digest_algorithm_e algo, const yaca_key_h pub_key, const char *message, size_t message_len, const char *signature, size_t signature_len)
 Verifies a signature using asymmetric public key.
int yaca_simple_calculate_hmac (yaca_digest_algorithm_e algo, const yaca_key_h sym_key, const char *message, size_t message_len, char **mac, size_t *mac_len)
 Calculates a HMAC of given message using symmetric key.
int yaca_simple_calculate_cmac (yaca_encrypt_algorithm_e algo, const yaca_key_h sym_key, const char *message, size_t message_len, char **mac, size_t *mac_len)
 Calculates a CMAC of given message using symmetric key.

Function Documentation

int yaca_simple_calculate_cmac ( yaca_encrypt_algorithm_e  algo,
const yaca_key_h  sym_key,
const char *  message,
size_t  message_len,
char **  mac,
size_t *  mac_len 
)

Calculates a CMAC of given message using symmetric key.

Since :
3.0
Remarks:
For verification, calculate message CMAC and compare with received MAC using yaca_memcmp().
The mac should be freed using yaca_free().
The message can be NULL but then message_len must be 0.
Parameters:
[in]algoEncryption algorithm that will be used
[in]sym_keyKey that will be used, supported key types:
[in]messageMessage to calculate CMAC from
[in]message_lenLength of the message
[out]macMAC, will be allocated by the library
[out]mac_lenLength of the MAC
Returns:
YACA_ERROR_NONE on success, negative on error
Return values:
YACA_ERROR_NONESuccessful
YACA_ERROR_INVALID_PARAMETERRequired parameters have incorrect values (NULL, 0 invalid algo or sym_key)
YACA_ERROR_OUT_OF_MEMORYOut of memory error
YACA_ERROR_INTERNALInternal error
See also:
yaca_key_type_e
yaca_encrypt_algorithm_e
yaca_memcmp()
yaca_free()
int yaca_simple_calculate_digest ( yaca_digest_algorithm_e  algo,
const char *  message,
size_t  message_len,
char **  digest,
size_t *  digest_len 
)

Calculates a digest of a message.

Since :
3.0
Remarks:
The digest should be freed using yaca_free().
The message can be NULL but then message_len must be 0.
Parameters:
[in]algoDigest algorithm (select YACA_DIGEST_SHA256 if unsure)
[in]messageMessage from which the digest is to be calculated
[in]message_lenLength of the message
[out]digestMessage digest, will be allocated by the library
[out]digest_lenLength of message digest (depends on algorithm)
Returns:
YACA_ERROR_NONE on success, negative on error
Return values:
YACA_ERROR_NONESuccessful
YACA_ERROR_INVALID_PARAMETERRequired parameters have incorrect values (NULL, invalid algo)
YACA_ERROR_OUT_OF_MEMORYOut of memory error
YACA_ERROR_INTERNALInternal error
See also:
yaca_digest_algorithm_e
yaca_free()
int yaca_simple_calculate_hmac ( yaca_digest_algorithm_e  algo,
const yaca_key_h  sym_key,
const char *  message,
size_t  message_len,
char **  mac,
size_t *  mac_len 
)

Calculates a HMAC of given message using symmetric key.

Since :
3.0
Remarks:
For verification, calculate message HMAC and compare with received MAC using yaca_memcmp().
The mac should be freed using yaca_free().
The message can be NULL but then message_len must be 0.
Parameters:
[in]algoDigest algorithm that will be used
[in]sym_keyKey that will be used, supported key types:
[in]messageMessage to calculate HMAC from
[in]message_lenLength of the message
[out]macMAC, will be allocated by the library
[out]mac_lenLength of the MAC
Returns:
YACA_ERROR_NONE on success, negative on error
Return values:
YACA_ERROR_NONESuccessful
YACA_ERROR_INVALID_PARAMETERRequired parameters have incorrect values (NULL, 0 invalid algo or sym_key)
YACA_ERROR_OUT_OF_MEMORYOut of memory error
YACA_ERROR_INTERNALInternal error
See also:
yaca_key_type_e
yaca_digest_algorithm_e
yaca_memcmp()
yaca_free()
int yaca_simple_calculate_signature ( yaca_digest_algorithm_e  algo,
const yaca_key_h  prv_key,
const char *  message,
size_t  message_len,
char **  signature,
size_t *  signature_len 
)

Creates a signature using asymmetric private key.

Since :
3.0
Remarks:
For YACA_DIGEST_SHA384 and YACA_DIGEST_SHA512 the RSA key size must be bigger than YACA_KEY_LENGTH_512BIT.
Using of YACA_DIGEST_MD5 algorithm for DSA and ECDSA operations is prohibited.
The signature should be freed using yaca_free().
The message can be NULL but then message_len must be 0.
Parameters:
[in]algoDigest algorithm that will be used
[in]prv_keyPrivate key that will be used, algorithm is deduced based on key type, supported key types:
[in]messageMessage to be signed
[in]message_lenLength of the message
[out]signatureMessage signature, will be allocated by the library
[out]signature_lenLength of the signature
Returns:
YACA_ERROR_NONE on success, negative on error
Return values:
YACA_ERROR_NONESuccessful
YACA_ERROR_INVALID_PARAMETERRequired parameters have incorrect values (NULL, 0 invalid algo or prv_key)
YACA_ERROR_OUT_OF_MEMORYOut of memory error
YACA_ERROR_INTERNALInternal error
See also:
yaca_key_type_e
yaca_digest_algorithm_e
yaca_simple_verify_signature()
yaca_free()
int yaca_simple_decrypt ( yaca_encrypt_algorithm_e  algo,
yaca_block_cipher_mode_e  bcm,
const yaca_key_h  sym_key,
const yaca_key_h  iv,
const char *  ciphertext,
size_t  ciphertext_len,
char **  plaintext,
size_t *  plaintext_len 
)

Decrypts data using a symmetric cipher.

Since :
3.0
Remarks:
yaca_simple_decrypt() doesn't support YACA_BCM_GCM and YACA_BCM_CCM.
The plaintext should be freed using yaca_free().
The ciphertext can be NULL but then ciphertext_len must be 0.
Parameters:
[in]algoDecryption algorithm that was used to encrypt the data
[in]bcmChaining mode that was used to encrypt the data
[in]sym_keySymmetric encryption key that was used to encrypt the data
[in]ivInitialization Vector that was used to encrypt the data
[in]ciphertextCiphertext to be decrypted
[in]ciphertext_lenLength of ciphertext
[out]plaintextDecrypted data, will be allocated by the library
[out]plaintext_lenLength of the decrypted data
Returns:
YACA_ERROR_NONE on success, negative on error
Return values:
YACA_ERROR_NONESuccessful
YACA_ERROR_INVALID_PARAMETERRequired parameters have incorrect values (NULL, 0 invalid algo, bcm, sym_key or iv)
YACA_ERROR_OUT_OF_MEMORYOut of memory error
YACA_ERROR_INTERNALInternal error
See also:
yaca_encrypt_algorithm_e
yaca_block_cipher_mode_e
yaca_simple_encrypt()
yaca_free()
int yaca_simple_encrypt ( yaca_encrypt_algorithm_e  algo,
yaca_block_cipher_mode_e  bcm,
const yaca_key_h  sym_key,
const yaca_key_h  iv,
const char *  plaintext,
size_t  plaintext_len,
char **  ciphertext,
size_t *  ciphertext_len 
)

Encrypts data using a symmetric cipher.

Since :
3.0
Remarks:
yaca_simple_encrypt() doesn't support YACA_BCM_GCM and YACA_BCM_CCM.
The ciphertext should be freed using yaca_free().
The plaintext can be NULL but then plaintext_len must be 0.
Parameters:
[in]algoEncryption algorithm (select YACA_ENCRYPT_AES if unsure)
[in]bcmChaining mode (select YACA_BCM_CBC if unsure)
[in]sym_keySymmetric encryption key (see yaca_key.h for key generation functions)
[in]ivInitialization Vector
[in]plaintextPlaintext to be encrypted
[in]plaintext_lenLength of the plaintext
[out]ciphertextEncrypted data, will be allocated by the library
[out]ciphertext_lenLength of the encrypted data (may be larger than decrypted)
Returns:
YACA_ERROR_NONE on success, negative on error
Return values:
YACA_ERROR_NONESuccessful
YACA_ERROR_INVALID_PARAMETERRequired parameters have incorrect values (NULL, 0 invalid algo, bcm, sym_key or iv)
YACA_ERROR_OUT_OF_MEMORYOut of memory error
YACA_ERROR_INTERNALInternal error
See also:
yaca_encrypt_algorithm_e
yaca_block_cipher_mode_e
yaca_simple_decrypt()
yaca_free()
int yaca_simple_verify_signature ( yaca_digest_algorithm_e  algo,
const yaca_key_h  pub_key,
const char *  message,
size_t  message_len,
const char *  signature,
size_t  signature_len 
)

Verifies a signature using asymmetric public key.

Since :
3.0
Remarks:
The message can be NULL but then message_len must be 0.
Parameters:
[in]algoDigest algorithm that will be used
[in]pub_keyPublic key that will be used, algorithm is deduced based on key type, supported key types:
[in]messageMessage
[in]message_lenLength of the message
[in]signatureMessage signature to be verified
[in]signature_lenLength of the signature
Returns:
YACA_ERROR_NONE on success, negative on error
Return values:
YACA_ERROR_NONESuccessful
YACA_ERROR_INVALID_PARAMETERRequired parameters have incorrect values (NULL, 0 invalid algo or pub_key)
YACA_ERROR_OUT_OF_MEMORYOut of memory error
YACA_ERROR_INTERNALInternal error
YACA_ERROR_DATA_MISMATCHThe verification failed
See also:
yaca_key_type_e
yaca_digest_algorithm_e
yaca_simple_calculate_signature()