zh/auth__pake_8h_source.html

/*

 * This file is part of the openHiTLS project.

 *

 * openHiTLS is licensed under the Mulan PSL v2.

 * You can use this software according to the terms and conditions of the Mulan PSL v2.

 * You may obtain a copy of Mulan PSL v2 at:

 *

 *     http://license.coscl.org.cn/MulanPSL2

 *

 * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND,

 * EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT,

 * MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE.

 * See the Mulan PSL v2 for more details.

 */


#ifndef AUTH_PAKE_H

#define AUTH_PAKE_H


#include <stdint.h>

#include "crypt_algid.h"

#include "bsl_types.h"

#include "crypt_eal_provider.h"

#include "bsl_obj.h"

#include "crypt_eal_kdf.h"


#ifdef __cplusplus

extern "C" {

#endif


typedef struct HITLS_AUTH_PakeCtx HITLS_AUTH_PakeCtx;


typedef enum {

    HITLS_AUTH_PAKE_INVALID = 0,

    HITLS_AUTH_PAKE_SPAKE2PLUS = 1,

} HITLS_AUTH_PAKE_Type;


typedef enum {

    HITLS_AUTH_PAKE_REQ = 0,

    HITLS_AUTH_PAKE_RESP = 1,

} HITLS_AUTH_PAKE_Role;


typedef struct {

    HITLS_AUTH_PAKE_Type type;

    union {

        struct {

            CRYPT_PKEY_ParaId curve;

            CRYPT_MD_AlgId hash;

            CRYPT_KDF_HKDF_AlgId kdf;

            CRYPT_MAC_AlgId mac;

        } spake2plus;

    } params;

} HITLS_AUTH_PAKE_CipherSuite;


typedef struct {

    CRYPT_KDF_AlgId algId;

    union {

        struct {

            CRYPT_MAC_AlgId mac;

            int32_t iteration;

            BSL_Buffer salt;

        } pbkdf2;

    }param;

} HITLS_AUTH_PAKE_KDF;


typedef enum {

    HITLS_AUTH_PAKE_REQ_REGISTER = 0x1001,

    HITLS_AUTH_PAKE_RESP_REGISTER = 0x1002,

} HITLS_AUTH_PAKE_CtrlCmd;


HITLS_AUTH_PakeCtx *HITLS_AUTH_PakeNewCtx(CRYPT_EAL_LibCtx *libCtx, const char *attrName,

    HITLS_AUTH_PAKE_Type type, HITLS_AUTH_PAKE_Role role,

    HITLS_AUTH_PAKE_CipherSuite cipherSuite, BSL_Buffer password, BSL_Buffer prover,

    BSL_Buffer verifier, BSL_Buffer context);


void HITLS_AUTH_PakeFreeCtx(HITLS_AUTH_PakeCtx *ctx);


int32_t HITLS_AUTH_Pake_Ctrl(HITLS_AUTH_PakeCtx *ctx, HITLS_AUTH_PAKE_CtrlCmd cmd, CRYPT_EAL_KdfCtx *kdfctx,

    BSL_Buffer in0, BSL_Buffer in1, BSL_Buffer in2);


int32_t HITLS_AUTH_PakeReqSetup(HITLS_AUTH_PakeCtx *ctx, BSL_Buffer in, BSL_Buffer *out);


int32_t HITLS_AUTH_PakeRespSetup(HITLS_AUTH_PakeCtx *ctx, BSL_Buffer in0, BSL_Buffer in1,

    BSL_Buffer *out0, BSL_Buffer *out1);


int32_t HITLS_AUTH_PakeReqDerive(HITLS_AUTH_PakeCtx *ctx, BSL_Buffer in0, BSL_Buffer in1,

    BSL_Buffer *out0, BSL_Buffer *out1);


int32_t HITLS_AUTH_PakeRespDerive(HITLS_AUTH_PakeCtx *ctx, BSL_Buffer in0, BSL_Buffer *out0);


CRYPT_EAL_KdfCtx* HITLS_AUTH_PakeGetKdfCtx(HITLS_AUTH_PakeCtx* ctx, HITLS_AUTH_PAKE_KDF kdf);

#ifdef __cplusplus

}

#endif // __cplusplus


#endif // AUTH_PAKE_H

HITLS_AUTH_PakeRespSetup
int32_t HITLS_AUTH_PakeRespSetup(HITLS_AUTH_PakeCtx *ctx, BSL_Buffer in0, BSL_Buffer in1, BSL_Buffer *out0, BSL_Buffer *out1)
Perform PAKE responder setup phase
定义 pake.c:233

HITLS_AUTH_PakeRespDerive
int32_t HITLS_AUTH_PakeRespDerive(HITLS_AUTH_PakeCtx *ctx, BSL_Buffer in0, BSL_Buffer *out0)
Derive session keys for PAKE responder
定义 pake.c:285

HITLS_AUTH_PakeReqDerive
int32_t HITLS_AUTH_PakeReqDerive(HITLS_AUTH_PakeCtx *ctx, BSL_Buffer in0, BSL_Buffer in1, BSL_Buffer *out0, BSL_Buffer *out1)
Derive session keys for PAKE requester
定义 pake.c:259

HITLS_AUTH_PakeReqSetup
int32_t HITLS_AUTH_PakeReqSetup(HITLS_AUTH_PakeCtx *ctx, BSL_Buffer in, BSL_Buffer *out)
Perform PAKE requester setup phase
定义 pake.c:209

HITLS_AUTH_PakeNewCtx
HITLS_AUTH_PakeCtx * HITLS_AUTH_PakeNewCtx(CRYPT_EAL_LibCtx *libCtx, const char *attrName, HITLS_AUTH_PAKE_Type type, HITLS_AUTH_PAKE_Role role, HITLS_AUTH_PAKE_CipherSuite cipherSuite, BSL_Buffer password, BSL_Buffer prover, BSL_Buffer verifier, BSL_Buffer context)
Create a new PAKE context
定义 pake.c:66

HITLS_AUTH_Pake_Ctrl
int32_t HITLS_AUTH_Pake_Ctrl(HITLS_AUTH_PakeCtx *ctx, HITLS_AUTH_PAKE_CtrlCmd cmd, CRYPT_EAL_KdfCtx *kdfctx, BSL_Buffer in0, BSL_Buffer in1, BSL_Buffer in2)
Register pre-computed parameters for PAKE requester
定义 pake.c:178

HITLS_AUTH_PakeGetKdfCtx
CRYPT_EAL_KdfCtx * HITLS_AUTH_PakeGetKdfCtx(HITLS_AUTH_PakeCtx *ctx, HITLS_AUTH_PAKE_KDF kdf)
Get KDF context for PAKE key derivation
定义 pake.c:310

HITLS_AUTH_PakeFreeCtx
void HITLS_AUTH_PakeFreeCtx(HITLS_AUTH_PakeCtx *ctx)
Free PAKE context and associated resources
定义 pake.c:42

CRYPT_PKEY_ParaId
CRYPT_PKEY_ParaId
定义 crypt_algid.h:208

CRYPT_MD_AlgId
CRYPT_MD_AlgId
定义 crypt_algid.h:68

CRYPT_MAC_AlgId
CRYPT_MAC_AlgId
定义 crypt_algid.h:91

CRYPT_KDF_AlgId
CRYPT_KDF_AlgId
定义 crypt_algid.h:382

BSL_Buffer
定义 bsl_types.h:40

HITLS_AUTH_PAKE_CipherSuite
定义 auth_pake.h:48

HITLS_AUTH_PAKE_KDF
定义 auth_pake.h:60

HITLS_AUTH_PakeCtx
定义 pake.c:29