Auth_pake

pake of crypto module 更多...

Auth_pake 的协作图:

函数
HITLS_AUTH_PakeCtx *	HITLS_AUTH_PakeNewCtx (CRYPT_EAL_LibCtx *libCtx, const char *attrName, HITLS_AUTH_PAKE_Type type, HITLS_AUTH_PAKE_Role role, HITLS_AUTH_PAKE_CipherSuite cipherSuite, BSL_Buffer password, BSL_Buffer prover, BSL_Buffer verifier, BSL_Buffer context)
	Create a new PAKE context
void	HITLS_AUTH_PakeFreeCtx (HITLS_AUTH_PakeCtx *ctx)
	Free PAKE context and associated resources
int32_t	HITLS_AUTH_Pake_Ctrl (HITLS_AUTH_PakeCtx *ctx, HITLS_AUTH_PAKE_CtrlCmd cmd, CRYPT_EAL_KdfCtx *kdfctx, BSL_Buffer in0, BSL_Buffer in1, BSL_Buffer in2)
	Register pre-computed parameters for PAKE requester
int32_t	HITLS_AUTH_PakeReqSetup (HITLS_AUTH_PakeCtx *ctx, BSL_Buffer in, BSL_Buffer *out)
	Perform PAKE requester setup phase
int32_t	HITLS_AUTH_PakeRespSetup (HITLS_AUTH_PakeCtx *ctx, BSL_Buffer in0, BSL_Buffer in1, BSL_Buffer *out0, BSL_Buffer *out1)
	Perform PAKE responder setup phase
int32_t	HITLS_AUTH_PakeReqDerive (HITLS_AUTH_PakeCtx *ctx, BSL_Buffer in0, BSL_Buffer in1, BSL_Buffer *out0, BSL_Buffer *out1)
	Derive session keys for PAKE requester
int32_t	HITLS_AUTH_PakeRespDerive (HITLS_AUTH_PakeCtx *ctx, BSL_Buffer in0, BSL_Buffer *out0)
	Derive session keys for PAKE responder
CRYPT_EAL_KdfCtx *	HITLS_AUTH_PakeGetKdfCtx (HITLS_AUTH_PakeCtx *ctx, HITLS_AUTH_PAKE_KDF kdf)
	Get KDF context for PAKE key derivation

详细描述

pake of crypto module

函数说明

HITLS_AUTH_Pake_Ctrl()

int32_t HITLS_AUTH_Pake_Ctrl	(	HITLS_AUTH_PakeCtx *	ctx,
		HITLS_AUTH_PAKE_CtrlCmd	cmd,
		CRYPT_EAL_KdfCtx *	kdfctx,
		BSL_Buffer	in0,
		BSL_Buffer	in1,
		BSL_Buffer	in2 )

Register pre-computed parameters for PAKE requester

参数

ctx	[IN] PAKE context
cmd	[IN] Control command
kdfctx	[IN] KDF context if needed(for sapke2+ verifier, can be null)
in0	[IN] First pre-computed parameter which can be null(for spake2+, w0)
in1	[IN] Second pre-computed parameter which can be null(for spake2+ w1)
in2	[IN] Third pre-computed parameter which can be null(for spake2+ L)

返回值

#HITLS_AUTH_SUCCESS

if successful Other error codes defined in hitls_errno.h if an error occurs

HITLS_AUTH_PakeFreeCtx()

void HITLS_AUTH_PakeFreeCtx

(

HITLS_AUTH_PakeCtx *

ctx

)

Free PAKE context and associated resources

参数

ctx	[IN] PAKE context to free

HITLS_AUTH_PakeGetKdfCtx()

CRYPT_EAL_KdfCtx * HITLS_AUTH_PakeGetKdfCtx	(	HITLS_AUTH_PakeCtx *	ctx,
		HITLS_AUTH_PAKE_KDF	kdf )

Get KDF context for PAKE key derivation

参数

ctx	[IN] PAKE context
kdf	[IN] KDF algorithm configuration

返回值

CRYPT_EAL_KdfCtx

pointer if successful, NULL if failed

HITLS_AUTH_PakeNewCtx()

HITLS_AUTH_PakeCtx * HITLS_AUTH_PakeNewCtx	(	CRYPT_EAL_LibCtx *	libCtx,
		const char *	attrName,
		HITLS_AUTH_PAKE_Type	type,
		HITLS_AUTH_PAKE_Role	role,
		HITLS_AUTH_PAKE_CipherSuite	cipherSuite,
		BSL_Buffer	password,
		BSL_Buffer	prover,
		BSL_Buffer	verifier,
		BSL_Buffer	context )

Create a new PAKE context

参数

libCtx	[IN] Library context
attrName	[IN] Provider attribute name
type	[IN] PAKE protocol type
role	[IN] Protocol role (requester or responder)
cipherSuite	[IN] Cryptographic algorithms configuration
password	[IN] User password for authentication
prover	[IN] Prover identity information
verifier	[IN] Verifier identity information
context	[IN] Additional protocol context data

返回值

HITLS_AUTH_PakeCtx

pointer if successful, NULL if failed

HITLS_AUTH_PakeReqDerive()

int32_t HITLS_AUTH_PakeReqDerive	(	HITLS_AUTH_PakeCtx *	ctx,
		BSL_Buffer	in0,
		BSL_Buffer	in1,
		BSL_Buffer *	out0,
		BSL_Buffer *	out1 )

Derive session keys for PAKE requester

参数

ctx	[IN] PAKE context
in0	[IN] First input message from responder(for spake2+,shareV)
in1	[IN] Second input message from responder(for spake2+,confirmV)
out0	[OUT] First output response message(for spake2+,confirmP)
out1	[OUT] Derived key material(for spake2+,kShared)

返回值

#HITLS_AUTH_SUCCESS

Key derivation successful Other error codes defined in hitls_errno.h if an error occurs

HITLS_AUTH_PakeReqSetup()

int32_t HITLS_AUTH_PakeReqSetup	(	HITLS_AUTH_PakeCtx *	ctx,
		BSL_Buffer	in,
		BSL_Buffer *	out )

Perform PAKE requester setup phase

参数

ctx	[IN] PAKE context
in	[IN] Input data for setup computation(for spake2+,x which can be null)
out	[OUT] Output buffer for generated protocol message(for spake2+,shareP)

返回值

#HITLS_AUTH_SUCCESS

Setup successful Other error codes defined in hitls_errno.h if an error occurs

HITLS_AUTH_PakeRespDerive()

int32_t HITLS_AUTH_PakeRespDerive	(	HITLS_AUTH_PakeCtx *	ctx,
		BSL_Buffer	in0,
		BSL_Buffer *	out0 )

Derive session keys for PAKE responder

参数

ctx	[IN] PAKE context
in0	[IN] Input message from requester(for spake2+,confirmP)
out0	[OUT] Derived key material(for spake2+,kShared)

返回值

#HITLS_AUTH_SUCCESS

Key derivation successful Other error codes defined in hitls_errno.h if an error occurs

HITLS_AUTH_PakeRespSetup()

int32_t HITLS_AUTH_PakeRespSetup	(	HITLS_AUTH_PakeCtx *	ctx,
		BSL_Buffer	in0,
		BSL_Buffer	in1,
		BSL_Buffer *	out0,
		BSL_Buffer *	out1 )

Perform PAKE responder setup phase

参数

ctx	[IN] PAKE context
in0	[IN] First input message (for spake2+,y which can be null)
in1	[IN] Second input message (for spake2+,shareP)
out0	[OUT] First output response message(for spake2+,shareV)
out1	[OUT] Second output response message (for spake2+,confirmV)

返回值

#HITLS_AUTH_SUCCESS

Setup successful Other error codes defined in hitls_errno.h if an error occurs