1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
|
/*
* Embedded Linux library
* Copyright (C) 2016 Intel Corporation
*
* SPDX-License-Identifier: LGPL-2.1-or-later
*/
#ifndef __ELL_KEY_H
#define __ELL_KEY_H
#include <stddef.h>
#include <stdbool.h>
#include <ell/cleanup.h>
#include <ell/checksum.h>
#ifdef __cplusplus
extern "C" {
#endif
struct l_key;
struct l_keyring;
enum l_key_feature {
L_KEY_FEATURE_DH = 1 << 0,
L_KEY_FEATURE_RESTRICT = 1 << 1,
L_KEY_FEATURE_CRYPTO = 1 << 2,
};
enum l_key_type {
L_KEY_RAW = 0,
L_KEY_RSA,
L_KEY_ECC,
};
enum l_keyring_restriction {
L_KEYRING_RESTRICT_ASYM = 0,
L_KEYRING_RESTRICT_ASYM_CHAIN,
};
enum l_key_cipher_type {
L_KEY_RSA_PKCS1_V1_5,
L_KEY_RSA_RAW,
L_KEY_ECDSA_X962,
};
struct l_key *l_key_new(enum l_key_type type, const void *payload,
size_t payload_length);
void l_key_free(struct l_key *key);
void l_key_free_norevoke(struct l_key *key);
bool l_key_update(struct l_key *key, const void *payload, size_t len);
bool l_key_extract(struct l_key *key, void *payload, size_t *len);
ssize_t l_key_get_payload_size(struct l_key *key);
bool l_key_get_info(struct l_key *key, enum l_key_cipher_type cipher,
enum l_checksum_type checksum, size_t *bits,
bool *out_public);
struct l_key *l_key_generate_dh_private(const void *prime_buf,
size_t prime_len);
bool l_key_compute_dh_public(struct l_key *generator, struct l_key *private_key,
struct l_key *prime,
void *payload, size_t *len);
bool l_key_compute_dh_secret(struct l_key *other_public, struct l_key *private_key,
struct l_key *prime,
void *payload, size_t *len);
bool l_key_validate_dh_payload(const void *payload, size_t len,
const void *prime_buf, size_t prime_len);
ssize_t l_key_encrypt(struct l_key *key, enum l_key_cipher_type cipher,
enum l_checksum_type checksum, const void *in,
void *out, size_t len_in, size_t len_out);
ssize_t l_key_decrypt(struct l_key *key, enum l_key_cipher_type cipher,
enum l_checksum_type checksum, const void *in,
void *out, size_t len_in, size_t len_out);
ssize_t l_key_sign(struct l_key *key, enum l_key_cipher_type cipher,
enum l_checksum_type checksum, const void *in,
void *out, size_t len_in, size_t len_out);
bool l_key_verify(struct l_key *key, enum l_key_cipher_type cipher,
enum l_checksum_type checksum, const void *data,
const void *sig, size_t len_data, size_t len_sig);
struct l_keyring *l_keyring_new(void);
bool l_keyring_restrict(struct l_keyring *keyring, enum l_keyring_restriction res,
const struct l_keyring *trust);
void l_keyring_free(struct l_keyring *keyring);
DEFINE_CLEANUP_FUNC(l_keyring_free);
void l_keyring_free_norevoke(struct l_keyring *keyring);
DEFINE_CLEANUP_FUNC(l_keyring_free_norevoke);
bool l_keyring_link(struct l_keyring *keyring, const struct l_key *key);
bool l_keyring_unlink(struct l_keyring *keyring, const struct l_key *key);
bool l_keyring_link_nested(struct l_keyring *keyring,
const struct l_keyring *nested);
bool l_keyring_unlink_nested(struct l_keyring *keyring,
const struct l_keyring *nested);
bool l_key_is_supported(uint32_t features);
#ifdef __cplusplus
}
#endif
#endif /* __ELL_KEY_H */
|
