zh/crypt__eal__hpke_8h_source.html

/*

 * This file is part of the openHiTLS project.

 *

 * openHiTLS is licensed under the Mulan PSL v2.

 * You can use this software according to the terms and conditions of the Mulan PSL v2.

 * You may obtain a copy of Mulan PSL v2 at:

 *

 *     http://license.coscl.org.cn/MulanPSL2

 *

 * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND,

 * EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT,

 * MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE.

 * See the Mulan PSL v2 for more details.

 */


#ifndef CRYPT_EAL_HPKE_H

#define CRYPT_EAL_HPKE_H


#include <stdint.h>

#include "crypt_errno.h"

#include "crypt_types.h"

#include "crypt_eal_pkey.h"


#ifdef __cplusplus

extern "C" {

#endif // __cplusplus


typedef enum {

    CRYPT_HPKE_MODE_BASE = 0x00,

    CRYPT_HPKE_MODE_PSK = 0x01,

    CRYPT_HPKE_MODE_AUTH = 0x02,

    CRYPT_HPKE_MODE_AUTH_PSK = 0x03

} CRYPT_HPKE_Mode;


typedef enum {

    CRYPT_KEM_DHKEM_P256_HKDF_SHA256 = 0x0010,

    CRYPT_KEM_DHKEM_P384_HKDF_SHA384 = 0x0011,

    CRYPT_KEM_DHKEM_P521_HKDF_SHA512 = 0x0012,

    CRYPT_KEM_DHKEM_X25519_HKDF_SHA256 = 0x0020,

} CRYPT_HPKE_KEM_AlgId;


typedef enum {

    CRYPT_KDF_HKDF_SHA256 = 0x0001,

    CRYPT_KDF_HKDF_SHA384 = 0x0002,

    CRYPT_KDF_HKDF_SHA512 = 0x0003

} CRYPT_HPKE_KDF_AlgId;


typedef enum {

    CRYPT_AEAD_AES_128_GCM = 0x0001,

    CRYPT_AEAD_AES_256_GCM = 0x0002,

    CRYPT_AEAD_CHACHA20_POLY1305 = 0x0003,

    CRYPT_AEAD_EXPORT_ONLY = 0xffff

} CRYPT_HPKE_AEAD_AlgId;


typedef struct {

    CRYPT_HPKE_KEM_AlgId kemId;

    CRYPT_HPKE_KDF_AlgId kdfId;

    CRYPT_HPKE_AEAD_AlgId aeadId;

} CRYPT_HPKE_CipherSuite;


typedef enum {

    CRYPT_HPKE_SENDER = 0,

    CRYPT_HPKE_RECIPIENT = 1,

} CRYPT_HPKE_Role;


typedef struct CRYPT_EAL_HpkeCtx CRYPT_EAL_HpkeCtx;


int32_t CRYPT_EAL_HpkeGenerateKeyPair(CRYPT_EAL_LibCtx *libCtx, const char *attrName,

    CRYPT_HPKE_CipherSuite cipherSuite, uint8_t *ikm, uint32_t ikmLen, CRYPT_EAL_PkeyCtx **pkey);


CRYPT_EAL_HpkeCtx *CRYPT_EAL_HpkeNewCtx(CRYPT_EAL_LibCtx *libCtx, const char *attrName, CRYPT_HPKE_Role role,

    CRYPT_HPKE_Mode mode, CRYPT_HPKE_CipherSuite cipherSuite);


int32_t CRYPT_EAL_HpkeGetEncapKeyLen(CRYPT_HPKE_CipherSuite cipherSuite, uint32_t *encapKeyLen);


int32_t CRYPT_EAL_HpkeSetupSender(CRYPT_EAL_HpkeCtx *ctx, CRYPT_EAL_PkeyCtx *pkey, uint8_t *info, uint32_t infoLen,

    uint8_t *pkR, uint32_t pkRLen, uint8_t *encapKey, uint32_t *encapKeyLen);


int32_t CRYPT_EAL_HpkeSeal(CRYPT_EAL_HpkeCtx *ctx, uint8_t *aad, uint32_t aadLen, const uint8_t *plainText,

    uint32_t plainTextLen, uint8_t *cipherText, uint32_t *cipherTextLen);


int32_t CRYPT_EAL_HpkeSetupRecipient(CRYPT_EAL_HpkeCtx *ctx, CRYPT_EAL_PkeyCtx *pkey, uint8_t *info, uint32_t infoLen,

    uint8_t *encapKey, uint32_t encapKeyLen);


int32_t CRYPT_EAL_HpkeOpen(CRYPT_EAL_HpkeCtx *ctx, uint8_t *aad, uint32_t aadLen, const uint8_t *cipherText,

    uint32_t cipherTextLen, uint8_t *plainText, uint32_t *plainTextLen);


int32_t CRYPT_EAL_HpkeExportSecret(CRYPT_EAL_HpkeCtx *ctx, uint8_t *info, uint32_t infoLen, uint8_t *key,

    uint32_t keyLen);


int32_t CRYPT_EAL_HpkeSetSeq(CRYPT_EAL_HpkeCtx *ctx, uint64_t seq);


int32_t CRYPT_EAL_HpkeGetSeq(CRYPT_EAL_HpkeCtx *ctx, uint64_t *seq);


int32_t CRYPT_EAL_HpkeGetSharedSecret(CRYPT_EAL_HpkeCtx *ctx, uint8_t *buff, uint32_t *buffLen);


int32_t CRYPT_EAL_HpkeSetSharedSecret(CRYPT_EAL_HpkeCtx *ctx, uint8_t *info, uint32_t infoLen, uint8_t *buff,

    uint32_t buffLen);


void CRYPT_EAL_HpkeFreeCtx(CRYPT_EAL_HpkeCtx *ctx);


int32_t CRYPT_EAL_HpkeSetPsk(CRYPT_EAL_HpkeCtx *ctx,uint8_t* psk,uint32_t pskLen,uint8_t* pskId,uint32_t pskIdLen);


int32_t CRYPT_EAL_HpkeSetAuthPriKey(CRYPT_EAL_HpkeCtx *ctx, CRYPT_EAL_PkeyCtx *pkey);


int32_t CRYPT_EAL_HpkeSetAuthPubKey(CRYPT_EAL_HpkeCtx *ctx, uint8_t *pub, uint32_t pubLen);


#ifdef __cplusplus

}

#endif // __cplusplus


#endif // CRYPT_EAL_HPKE_H

CRYPT_EAL_HpkeSetAuthPubKey
int32_t CRYPT_EAL_HpkeSetAuthPubKey(CRYPT_EAL_HpkeCtx *ctx, uint8_t *pub, uint32_t pubLen)
Set the authentication public key in the HPKE context

CRYPT_EAL_HpkeGetEncapKeyLen
int32_t CRYPT_EAL_HpkeGetEncapKeyLen(CRYPT_HPKE_CipherSuite cipherSuite, uint32_t *encapKeyLen)
Get the length of the encapsulated key for the specified cipher suite

CRYPT_EAL_HpkeOpen
int32_t CRYPT_EAL_HpkeOpen(CRYPT_EAL_HpkeCtx *ctx, uint8_t *aad, uint32_t aadLen, const uint8_t *cipherText, uint32_t cipherTextLen, uint8_t *plainText, uint32_t *plainTextLen)
Open an HPKE-encrypted message

CRYPT_EAL_HpkeSetupRecipient
int32_t CRYPT_EAL_HpkeSetupRecipient(CRYPT_EAL_HpkeCtx *ctx, CRYPT_EAL_PkeyCtx *pkey, uint8_t *info, uint32_t infoLen, uint8_t *encapKey, uint32_t encapKeyLen)
Setup HPKE for the recipient

CRYPT_EAL_HpkeFreeCtx
void CRYPT_EAL_HpkeFreeCtx(CRYPT_EAL_HpkeCtx *ctx)
Free HPKE context and associated resources

CRYPT_EAL_HpkeSeal
int32_t CRYPT_EAL_HpkeSeal(CRYPT_EAL_HpkeCtx *ctx, uint8_t *aad, uint32_t aadLen, const uint8_t *plainText, uint32_t plainTextLen, uint8_t *cipherText, uint32_t *cipherTextLen)
Seal (encrypt) data using HPKE context

CRYPT_EAL_HpkeSetPsk
int32_t CRYPT_EAL_HpkeSetPsk(CRYPT_EAL_HpkeCtx *ctx, uint8_t *psk, uint32_t pskLen, uint8_t *pskId, uint32_t pskIdLen)
Setup psk and pskId for mode_psk and mode_auth_psk

CRYPT_EAL_HpkeGetSharedSecret
int32_t CRYPT_EAL_HpkeGetSharedSecret(CRYPT_EAL_HpkeCtx *ctx, uint8_t *buff, uint32_t *buffLen)
Retrieve the shared secret from the HPKE context

CRYPT_EAL_HpkeGetSeq
int32_t CRYPT_EAL_HpkeGetSeq(CRYPT_EAL_HpkeCtx *ctx, uint64_t *seq)
Retrieve the sequence number from the HPKE context

CRYPT_EAL_HpkeNewCtx
CRYPT_EAL_HpkeCtx * CRYPT_EAL_HpkeNewCtx(CRYPT_EAL_LibCtx *libCtx, const char *attrName, CRYPT_HPKE_Role role, CRYPT_HPKE_Mode mode, CRYPT_HPKE_CipherSuite cipherSuite)
Create a new HPKE context

CRYPT_EAL_HpkeSetupSender
int32_t CRYPT_EAL_HpkeSetupSender(CRYPT_EAL_HpkeCtx *ctx, CRYPT_EAL_PkeyCtx *pkey, uint8_t *info, uint32_t infoLen, uint8_t *pkR, uint32_t pkRLen, uint8_t *encapKey, uint32_t *encapKeyLen)
Setup HPKE base mode for sender

CRYPT_EAL_HpkeSetSeq
int32_t CRYPT_EAL_HpkeSetSeq(CRYPT_EAL_HpkeCtx *ctx, uint64_t seq)
Set the sequence number for the HPKE context

CRYPT_EAL_HpkeGenerateKeyPair
int32_t CRYPT_EAL_HpkeGenerateKeyPair(CRYPT_EAL_LibCtx *libCtx, const char *attrName, CRYPT_HPKE_CipherSuite cipherSuite, uint8_t *ikm, uint32_t ikmLen, CRYPT_EAL_PkeyCtx **pkey)
Generate a key pair for HPKE using the specified cipher suite and input key material

CRYPT_EAL_HpkeSetAuthPriKey
int32_t CRYPT_EAL_HpkeSetAuthPriKey(CRYPT_EAL_HpkeCtx *ctx, CRYPT_EAL_PkeyCtx *pkey)
Set the authentication private key in the HPKE context

CRYPT_EAL_HpkeExportSecret
int32_t CRYPT_EAL_HpkeExportSecret(CRYPT_EAL_HpkeCtx *ctx, uint8_t *info, uint32_t infoLen, uint8_t *key, uint32_t keyLen)
Export a secret from the HPKE context

CRYPT_EAL_HpkeSetSharedSecret
int32_t CRYPT_EAL_HpkeSetSharedSecret(CRYPT_EAL_HpkeCtx *ctx, uint8_t *info, uint32_t infoLen, uint8_t *buff, uint32_t buffLen)
Set the shared secret in the HPKE context

CRYPT_EAL_PkeyCtx
struct EAL_PkeyCtx CRYPT_EAL_PkeyCtx
定义 crypt_eal_pkey.h:108

CRYPT_HPKE_CipherSuite
定义 crypt_eal_hpke.h:61