 |
API参考
|
|
API参考
|
Private Pass token interfaces. 更多...
类型定义 | |
| typedef struct PrivPass_Ctx | HITLS_AUTH_PrivPassCtx |
| typedef struct PrivPass_Token | HITLS_AUTH_PrivPassToken |
| typedef void *(* | HITLS_AUTH_PrivPassNewPkeyCtx) (void *libCtx, const char *attrName, int32_t algId) |
| Creates a new public/private key context for the specified algorithm. | |
| typedef void(* | HITLS_AUTH_PrivPassFreePkeyCtx) (void *pkeyCtx) |
| Frees a previously allocated key context. | |
| typedef int32_t(* | HITLS_AUTH_PrivPassDigest) (void *libCtx, const char *attrName, int32_t algId, const uint8_t *input, uint32_t inputLen, uint8_t *digest, uint32_t *digestLen) |
| Computes a cryptographic digest of the input data. | |
| typedef int32_t(* | HITLS_AUTH_PrivPassBlind) (void *pkeyCtx, int32_t algId, const uint8_t *data, uint32_t dataLen, uint8_t *blindedData, uint32_t *blindedDataLen) |
| Blinds data using the key context and hash algorithm for blind signature protocol. The default algorithm callback implementation is supported only from RSASSA-PSS. | |
| typedef int32_t(* | HITLS_AUTH_PrivPassUnblind) (void *pkeyCtx, const uint8_t *blindedData, uint32_t blindedDataLen, uint8_t *data, uint32_t *dataLen) |
| Unblinds previously blinded data to reveal the actual signature. The default algorithm callback implementation is supported only from RSASSA-PSS. | |
| typedef int32_t(* | HITLS_AUTH_PrivPassSignData) (void *pkeyCtx, const uint8_t *data, uint32_t dataLen, uint8_t *sign, uint32_t *signLen) |
| Signs data using the private key context. | |
| typedef int32_t(* | HITLS_AUTH_PrivPassVerify) (void *pkeyCtx, int32_t algId, const uint8_t *data, uint32_t dataLen, const uint8_t *sign, uint32_t signLen) |
| Verifies a signature using the public key context. | |
| typedef int32_t(* | HITLS_AUTH_PrivPassDecodePubKey) (void *libCtx, const char *attrName, uint8_t *pubKey, uint32_t pubKeyLen, void **pkeyCtx) |
| Decodes a public key and gen a key ctx. The default algorithm callback implementation is supported only from a DER-encoded SubjectPublicKeyInfo (SPKI) object using the RSASSA-PSS OID. | |
| typedef int32_t(* | HITLS_AUTH_PrivPassDecodePrvKey) (void *libCtx, const char *attrName, void *param, uint8_t *prvKey, uint32_t prvKeyLen, void **pkeyCtx) |
| Decodes a private key and gen a key ctx. The default algorithm callback implementation is supported only from PEM-encoded PKCS #8 unencrypted RSA issuer private key. | |
| typedef int32_t(* | HITLS_AUTH_PrivPassCheckKeyPair) (void *pubKeyCtx, void *prvKeyCtx) |
| Verifies that a public/private key pair matches. | |
| typedef int32_t(* | HITLS_AUTH_PrivPassRandom) (uint8_t *buffer, uint32_t bufferLen) |
| Generates random bytes. | |
函数 | |
| HITLS_AUTH_PrivPassCtx * | HITLS_AUTH_PrivPassNewCtx (int32_t protocolType) |
| Create a new PrivPass context object, all library callbacks by default are setted when created. | |
| void | HITLS_AUTH_PrivPassFreeCtx (HITLS_AUTH_PrivPassCtx *ctx) |
| Free a PrivPass context object. | |
| HITLS_AUTH_PrivPassToken * | HITLS_AUTH_PrivPassNewToken (int32_t tokenType) |
| Create a new PrivPass token object. | |
| void | HITLS_AUTH_PrivPassFreeToken (HITLS_AUTH_PrivPassToken *object) |
| Free a PrivPass token object. | |
| int32_t | HITLS_AUTH_PrivPassSetCryptCb (HITLS_AUTH_PrivPassCtx *ctx, int32_t cbType, void *cryptCb) |
| Set cryptographic callback functions for the context. When setting callbacks, the input callbacks will be checked. Non-NULL callbacks will override the default callbacks. | |
| int32_t | HITLS_AUTH_PrivPassSerialization (HITLS_AUTH_PrivPassCtx *ctx, const HITLS_AUTH_PrivPassToken *object, uint8_t *buffer, uint32_t *outBuffLen) |
| Serialize a PrivPass token object to binary format, If the object == NULL, outbufferlen returns the length required for serialization | |
| int32_t | HITLS_AUTH_PrivPassDeserialization (HITLS_AUTH_PrivPassCtx *ctx, int32_t tokenType, const uint8_t *buffer, uint32_t buffLen, HITLS_AUTH_PrivPassToken **object) |
| Deserialize binary data into a PrivPass token object. The object needs to be freed by the caller using HITLS_AUTH_PrivPassFreeToken | |
| int32_t | HITLS_AUTH_PrivPassGenTokenChallenge (HITLS_AUTH_PrivPassCtx *ctx, const BSL_Param *param, HITLS_AUTH_PrivPassToken **challenge) |
| Generate a token challenge. The challenge token is generated based on the input param. The construct of param refer to auth_params.h. | |
| int32_t | HITLS_AUTH_PrivPassGenTokenReq (HITLS_AUTH_PrivPassCtx *ctx, const HITLS_AUTH_PrivPassToken *tokenChallenge, HITLS_AUTH_PrivPassToken **tokenRequest) |
| Generate a token request. | |
| int32_t | HITLS_AUTH_PrivPassGenTokenResponse (HITLS_AUTH_PrivPassCtx *ctx, const HITLS_AUTH_PrivPassToken *tokenRequest, HITLS_AUTH_PrivPassToken **tokenResponse) |
| Generate a token response. | |
| int32_t | HITLS_AUTH_PrivPassGenToken (HITLS_AUTH_PrivPassCtx *ctx, const HITLS_AUTH_PrivPassToken *tokenChallenge, const HITLS_AUTH_PrivPassToken *tokenResponse, HITLS_AUTH_PrivPassToken **token) |
| Generate final token. | |
| int32_t | HITLS_AUTH_PrivPassVerifyToken (HITLS_AUTH_PrivPassCtx *ctx, const HITLS_AUTH_PrivPassToken *tokenChallenge, const HITLS_AUTH_PrivPassToken *token) |
| Verify the validity of a token. | |
| int32_t | HITLS_AUTH_PrivPassSetPubkey (HITLS_AUTH_PrivPassCtx *ctx, uint8_t *pki, uint32_t pkiLen) |
| Set the public key for the ctx. We support the repeated setting of the public key. If the ctx contains the private key when the public key is set, we will check whether the public key matches the private key. If its not match, an exception is returned. | |
| int32_t | HITLS_AUTH_PrivPassSetPrvkey (HITLS_AUTH_PrivPassCtx *ctx, void *param, uint8_t *ski, uint32_t skiLen) |
| Set the private key for the ctx. We support the repeated setting of the private key. If the ctx contains the public key when the private key is set, we will check whether the private key matches the public key. If its not match, an exception is returned. | |
| int32_t | HITLS_AUTH_PrivPassTokenCtrl (HITLS_AUTH_PrivPassToken *object, int32_t cmd, void *param, uint32_t paramLen) |
| Control interface for getting/setting various parameters in token object. | |
| int32_t | HITLS_AUTH_PrivPassCtxCtrl (HITLS_AUTH_PrivPassCtx *ctx, int32_t cmd, void *param, uint32_t paramLen) |
| Control interface for getting/setting various parameters in Priv-Pass Ctx. | |
Private Pass token interfaces.
| typedef int32_t(* HITLS_AUTH_PrivPassBlind) (void *pkeyCtx, int32_t algId, const uint8_t *data, uint32_t dataLen, uint8_t *blindedData, uint32_t *blindedDataLen) |
Blinds data using the key context and hash algorithm for blind signature protocol. The default algorithm callback implementation is supported only from RSASSA-PSS.
| pkeyCtx | [IN] Key context |
| algId | [IN] hash algorithm identifier |
| data | [IN] Data to be blinded |
| dataLen | [IN] Length of input data |
| blindedData | [OUT] Buffer to store blinded data |
| blindedDataLen | [IN/OUT] Size of buffer/Length of blinded data |
| 0,if | successful. other error codes, failed. |
| typedef int32_t(* HITLS_AUTH_PrivPassCheckKeyPair) (void *pubKeyCtx, void *prvKeyCtx) |
Verifies that a public/private key pair matches.
| pubKeyCtx | [IN] Public key context |
| prvKeyCtx | [IN] Private key context |
| 0,if | successful. other error codes, failed. |
| typedef struct PrivPass_Ctx HITLS_AUTH_PrivPassCtx |
priv pass context structure.
| typedef int32_t(* HITLS_AUTH_PrivPassDecodePrvKey) (void *libCtx, const char *attrName, void *param, uint8_t *prvKey, uint32_t prvKeyLen, void **pkeyCtx) |
Decodes a private key and gen a key ctx. The default algorithm callback implementation is supported only from PEM-encoded PKCS #8 unencrypted RSA issuer private key.
| libCtx | [IN] Library context |
| attrName | [IN] Specify expected attribute values |
| param | [IN] Parameters may need by private key decoding. |
| prvKey | [IN] A PEM-encoded PKCS #8 RSA unencrypted issuer private Key |
| prvKeyLen | [IN] Length of private key data |
| pkeyCtx | [OUT] Pointer to store created key context |
| 0,if | successful. other error codes, failed. |
| typedef int32_t(* HITLS_AUTH_PrivPassDecodePubKey) (void *libCtx, const char *attrName, uint8_t *pubKey, uint32_t pubKeyLen, void **pkeyCtx) |
Decodes a public key and gen a key ctx. The default algorithm callback implementation is supported only from a DER-encoded SubjectPublicKeyInfo (SPKI) object using the RSASSA-PSS OID.
| libCtx | [IN] Library context |
| attrName | [IN] Specify expected attribute values |
| pubKey | [IN] A DER-encoded SubjectPublicKeyInfo (SPKI) object using the RSASSA-PSS OID |
| pubKeyLen | [IN] Length of public key data |
| pkeyCtx | [OUT] Pointer to store created key context |
| 0,if | successful. other error codes, failed. |
| typedef int32_t(* HITLS_AUTH_PrivPassDigest) (void *libCtx, const char *attrName, int32_t algId, const uint8_t *input, uint32_t inputLen, uint8_t *digest, uint32_t *digestLen) |
Computes a cryptographic digest of the input data.
| libCtx | [IN] Library context |
| attrName | [IN] Specify expected attribute values |
| algId | [IN] Algorithm identifier, defined in HITLS_AUTH_PrivPassCryptAlgId. |
| input | [IN] Input data to be hashed |
| inputLen | [IN] Length of input data |
| digest | [OUT] Buffer to store the computed digest |
| digestLen | [IN/OUT] Size of digest buffer/Length of computed digest |
| 0,if | successful. other error codes, failed. |
| typedef void(* HITLS_AUTH_PrivPassFreePkeyCtx) (void *pkeyCtx) |
Frees a previously allocated key context.
| pkeyCtx | [IN] Key context to be freed |
| typedef void *(* HITLS_AUTH_PrivPassNewPkeyCtx) (void *libCtx, const char *attrName, int32_t algId) |
Creates a new public/private key context for the specified algorithm.
| libCtx | [IN] Library context |
| attrName | [IN] Specify expected attribute values |
| algId | [IN] Algorithm identifier, defined in HITLS_AUTH_PrivPassCryptAlgId. |
| Pointer | to the created key context. NULL, if the operation fails. |
| typedef int32_t(* HITLS_AUTH_PrivPassRandom) (uint8_t *buffer, uint32_t bufferLen) |
Generates random bytes.
| buffer | [IN] Buffer to store random bytes |
| bufferLen | [IN] Length of buffer |
| 0,if | successful. other error codes, failed. |
| typedef int32_t(* HITLS_AUTH_PrivPassSignData) (void *pkeyCtx, const uint8_t *data, uint32_t dataLen, uint8_t *sign, uint32_t *signLen) |
Signs data using the private key context.
| pkeyCtx | [IN] Private key context |
| data | [IN] Data to be signed |
| dataLen | [IN] Length of input data |
| sign | [OUT] Buffer to store signature |
| signLen | [IN/OUT] Size of buffer/Length of signature |
| 0,if | successful. other error codes, failed. |
| typedef struct PrivPass_Token HITLS_AUTH_PrivPassToken |
priv pass token structure.
| typedef int32_t(* HITLS_AUTH_PrivPassUnblind) (void *pkeyCtx, const uint8_t *blindedData, uint32_t blindedDataLen, uint8_t *data, uint32_t *dataLen) |
Unblinds previously blinded data to reveal the actual signature. The default algorithm callback implementation is supported only from RSASSA-PSS.
| pkeyCtx | [IN] Key context |
| blindedData | [IN] Blinded data to be unblinded |
| blindedDataLen | [IN] Length of blinded data |
| data | [OUT] Buffer to store unblinded data |
| dataLen | [IN/OUT] Size of buffer/Length of unblinded data |
| 0,if | successful. other error codes, failed. |
| typedef int32_t(* HITLS_AUTH_PrivPassVerify) (void *pkeyCtx, int32_t algId, const uint8_t *data, uint32_t dataLen, const uint8_t *sign, uint32_t signLen) |
Verifies a signature using the public key context.
| pkeyCtx | [IN] Public key context |
| algId | [IN] hash algorithm identifier |
| data | [IN] Original data |
| dataLen | [IN] Length of data |
| sign | [IN] Signature to verify |
| signLen | [IN] Length of signature |
| 0,if | successful. other error codes, failed. |
| int32_t HITLS_AUTH_PrivPassCtxCtrl | ( | HITLS_AUTH_PrivPassCtx * | ctx, |
| int32_t | cmd, | ||
| void * | param, | ||
| uint32_t | paramLen ) |
Control interface for getting/setting various parameters in Priv-Pass Ctx.
| ctx | [IN] PrivPass context |
| cmd | [IN] Command to execute, defined in HITLS_AUTH_PrivPassCmd |
| param | [IN/OUT] Command parameters |
| paramLen | [IN] Length of parameters |
| #HITLS_AUTH_SUCCESS,if | successful. For other error codes, see auth_errno.h. |
| int32_t HITLS_AUTH_PrivPassDeserialization | ( | HITLS_AUTH_PrivPassCtx * | ctx, |
| int32_t | tokenType, | ||
| const uint8_t * | buffer, | ||
| uint32_t | buffLen, | ||
| HITLS_AUTH_PrivPassToken ** | object ) |
Deserialize binary data into a PrivPass token object. The object needs to be freed by the caller using HITLS_AUTH_PrivPassFreeToken
| ctx | [IN] PrivPass context |
| tokenType | [IN] Expected token type |
| buffer | [IN] Serialized data buffer |
| buffLen | [IN] Length of serialized data |
| object | [OUT] Pointer to store deserialized token |
| #HITLS_AUTH_SUCCESS,if | successful. For other error codes, see auth_errno.h. |
| void HITLS_AUTH_PrivPassFreeCtx | ( | HITLS_AUTH_PrivPassCtx * | ctx | ) |
Free a PrivPass context object.
| ctx | [IN] Context to be freed |
| void HITLS_AUTH_PrivPassFreeToken | ( | HITLS_AUTH_PrivPassToken * | object | ) |
Free a PrivPass token object.
| object | [IN] Token to be freed |
| int32_t HITLS_AUTH_PrivPassGenToken | ( | HITLS_AUTH_PrivPassCtx * | ctx, |
| const HITLS_AUTH_PrivPassToken * | tokenChallenge, | ||
| const HITLS_AUTH_PrivPassToken * | tokenResponse, | ||
| HITLS_AUTH_PrivPassToken ** | token ) |
Generate final token.
| ctx | [IN] PrivPass context |
| tokenChallenge | [IN] Challenge token |
| tokenResponse | [IN] Response token |
| token | [OUT] Generated final token |
| #HITLS_AUTH_SUCCESS,if | successful. For other error codes, see auth_errno.h. |
| int32_t HITLS_AUTH_PrivPassGenTokenChallenge | ( | HITLS_AUTH_PrivPassCtx * | ctx, |
| const BSL_Param * | param, | ||
| HITLS_AUTH_PrivPassToken ** | challenge ) |
Generate a token challenge. The challenge token is generated based on the input param. The construct of param refer to auth_params.h.
| ctx | [IN] PrivPass context |
| param | [IN] Parameters for challenge generation, the param is limited to the library specification, the argument passed by the caller should ensure that the serialized length cannot exceed the upper limit. The tokenType, issuerName, redemption must be contained in the param, and originalInfo can be NULL. |
| challenge | [OUT] Generated challenge token |
| #HITLS_AUTH_SUCCESS,if | successful. For other error codes, see auth_errno.h. |
| int32_t HITLS_AUTH_PrivPassGenTokenReq | ( | HITLS_AUTH_PrivPassCtx * | ctx, |
| const HITLS_AUTH_PrivPassToken * | tokenChallenge, | ||
| HITLS_AUTH_PrivPassToken ** | tokenRequest ) |
Generate a token request.
| ctx | [IN] PrivPass context |
| tokenChallenge | [IN] Challenge token |
| tokenRequest | [OUT] Generated request token |
| #HITLS_AUTH_SUCCESS,if | successful. For other error codes, see auth_errno.h. |
| int32_t HITLS_AUTH_PrivPassGenTokenResponse | ( | HITLS_AUTH_PrivPassCtx * | ctx, |
| const HITLS_AUTH_PrivPassToken * | tokenRequest, | ||
| HITLS_AUTH_PrivPassToken ** | tokenResponse ) |
Generate a token response.
| ctx | [IN] PrivPass context |
| tokenRequest | [IN] Request token |
| tokenResponse | [OUT] Generated response token |
| #HITLS_AUTH_SUCCESS,if | successful. For other error codes, see auth_errno.h. |
| HITLS_AUTH_PrivPassCtx * HITLS_AUTH_PrivPassNewCtx | ( | int32_t | protocolType | ) |
Create a new PrivPass context object, all library callbacks by default are setted when created.
| tokenType | [IN] Type of token to create, defined in HITLS_AUTH_PrivPassTokenType. |
| HITLS_AUTH_PrivPassCtx | pointer. NULL, if the operation fails. |
| HITLS_AUTH_PrivPassToken * HITLS_AUTH_PrivPassNewToken | ( | int32_t | tokenType | ) |
Create a new PrivPass token object.
| tokenType | [IN] Type of token to create, defined in HITLS_AUTH_PrivPassTokenType. |
| HITLS_AUTH_PrivPassToken | pointer. NULL, if the operation fails. |
| int32_t HITLS_AUTH_PrivPassSerialization | ( | HITLS_AUTH_PrivPassCtx * | ctx, |
| const HITLS_AUTH_PrivPassToken * | object, | ||
| uint8_t * | buffer, | ||
| uint32_t * | outBuffLen ) |
Serialize a PrivPass token object to binary format, If the object == NULL, outbufferlen returns the length required for serialization
| ctx | [IN] PrivPass context |
| object | [IN] Token to serialize |
| buffer | [OUT] Buffer to store serialized data |
| outBuffLen | [IN/OUT] Length of the serialized data |
| #HITLS_AUTH_SUCCESS,if | successful. For other error codes, see auth_errno.h. |
| int32_t HITLS_AUTH_PrivPassSetCryptCb | ( | HITLS_AUTH_PrivPassCtx * | ctx, |
| int32_t | cbType, | ||
| void * | cryptCb ) |
Set cryptographic callback functions for the context. When setting callbacks, the input callbacks will be checked. Non-NULL callbacks will override the default callbacks.
| ctx | [IN/OUT] PrivPass context |
| cbType | [IN] Callback type, defined in PrivPassCryptCbType |
| cryptCb | [IN] Callback functions to be set |
| #HITLS_AUTH_SUCCESS,if | successful. For other error codes, see auth_errno.h. |
| int32_t HITLS_AUTH_PrivPassSetPrvkey | ( | HITLS_AUTH_PrivPassCtx * | ctx, |
| void * | param, | ||
| uint8_t * | ski, | ||
| uint32_t | skiLen ) |
Set the private key for the ctx. We support the repeated setting of the private key. If the ctx contains the public key when the private key is set, we will check whether the private key matches the public key. If its not match, an exception is returned.
| ctx | [IN] PrivPass context |
| param | [IN] Parameters may need by private key decoding. |
| ski | [IN] A PEM-encoded PKCS #8 RSA unencrypted issuer private key |
| skiLen | [IN] Length of private key data |
| #HITLS_AUTH_SUCCESS,if | successful. For other error codes, see auth_errno.h. |
| int32_t HITLS_AUTH_PrivPassSetPubkey | ( | HITLS_AUTH_PrivPassCtx * | ctx, |
| uint8_t * | pki, | ||
| uint32_t | pkiLen ) |
Set the public key for the ctx. We support the repeated setting of the public key. If the ctx contains the private key when the public key is set, we will check whether the public key matches the private key. If its not match, an exception is returned.
| ctx | [IN] PrivPass context |
| pki | [IN] A DER-encoded SubjectPublicKeyInfo (SPKI) object using the RSASSA-PSS OID |
| pkiLen | [IN] Length of public key data |
| #HITLS_AUTH_SUCCESS,if | successful. For other error codes, see auth_errno.h. |
| int32_t HITLS_AUTH_PrivPassTokenCtrl | ( | HITLS_AUTH_PrivPassToken * | object, |
| int32_t | cmd, | ||
| void * | param, | ||
| uint32_t | paramLen ) |
Control interface for getting/setting various parameters in token object.
| object | [IN] token object |
| cmd | [IN] Command to execute, defined in HITLS_AUTH_PrivPassCmd |
| param | [IN/OUT] Command parameters |
| paramLen | [IN] Length of parameters |
| #HITLS_AUTH_SUCCESS,if | successful. For other error codes, see auth_errno.h. |
| int32_t HITLS_AUTH_PrivPassVerifyToken | ( | HITLS_AUTH_PrivPassCtx * | ctx, |
| const HITLS_AUTH_PrivPassToken * | tokenChallenge, | ||
| const HITLS_AUTH_PrivPassToken * | token ) |
Verify the validity of a token.
| ctx | [IN] PrivPass context |
| tokenChallenge | [IN] Challenge token |
| token | [IN] Token to verify |
| #HITLS_AUTH_SUCCESS,if | successful. For other error codes, see auth_errno.h. |
1.15.0