|
BOLOS TEE
|
Generic Cryptographic API. More...
Go to the source code of this file.
Functions | |
| uint8_t | bls_rng_u8 (void) |
| generate a random byte More... | |
| int | bls_rng (uint8_t *buffer, size_t len) |
| generate a random buffer More... | |
| int | bls_ripemd160_init (bls_ripemd160_t *hash) |
| Initialize a ripmd160 context. More... | |
| int | bls_sha1_init (bls_sha1_t *hash) |
| Initialize a sha1 context. More... | |
| int | bls_sha256_init (bls_sha256_t *hash) |
| Initialize a sha256 context. More... | |
| int | bls_sha512_init (bls_sha512_t *hash) |
| Initialize a sha512 context. More... | |
| int | bls_hash (bls_hash_t *hash, int mode, const uint8_t WIDE *in, size_t len, uint8_t *out) |
| Add more data to hash. More... | |
| int | bls_hmac_ripemd160_init (bls_hmac_ripemd160_t *hmac, const uint8_t WIDE *key, size_t key_len) |
| Initialize a HMAC sha512 context. More... | |
| int | bls_hmac_sha256_init (bls_hmac_sha256_t *hmac, const uint8_t WIDE *key, size_t key_len) |
| Initialize a HMAC sha256 context. More... | |
| int | bls_hmac_sha512_init (bls_hmac_sha512_t *hmac, const uint8_t WIDE *key, size_t key_len) |
| Initialize a HMAC sha512 context. More... | |
| int | bls_hmac (bls_hmac_t *hmac, int mode, const uint8_t WIDE *in, size_t len, uint8_t *mac) |
| Add more data to HMAC. More... | |
| int | bls_pbkdf2 (bls_md_t hash, const bls_area_t *password, const bls_area_t *salt, int iterations, uint8_t *out) |
| Stretch a password using PBKDF2. More... | |
| int | bls_des_init_key (const uint8_t WIDE *rawkey, size_t key_len, bls_des_key_t *key) |
| Initialize a DES Key. More... | |
| int | bls_des (bls_des_key_t WIDE *key, int mode, const bls_area_t *in, bls_area_t *out) |
| Add data to a DES operation. More... | |
| int | bls_des_iv (bls_des_key_t WIDE *key, int mode, const bls_area_t *iv, const bls_area_t *in, bls_area_t *out) |
| Add data to a DES operation using an Initialization Vector. More... | |
| int | bls_aes_init_key (const uint8_t WIDE *rawkey, size_t key_len, bls_aes_key_t *key) |
| Initialize an AES Key. More... | |
| int | bls_aes (bls_aes_key_t WIDE *key, int mode, const bls_area_t *in, bls_area_t *out) |
| Add data to an AES operation. More... | |
| int | bls_aes_iv (bls_aes_key_t WIDE *key, int mode, const bls_area_t *iv, const bls_area_t *in, bls_area_t *out) |
| Add data to an AES operation using an Initialization Vector. More... | |
| int | bls_aes_iv_gcm (bls_aes_key_t WIDE *key, int mode, const bls_area_t *in, const bls_area_t *iv, const bls_area_t WIDE *aadTag, bls_area_t *out) |
| Add data to an AES GCM operation. More... | |
| int | bls_rsa_init_public_key (const bls_rsa_keypair_data_t WIDE *keyData, bls_rsa_abstract_public_key_t *key) |
| Initialize a public RSA Key. More... | |
| int | bls_rsa_init_private_key (const bls_rsa_keypair_data_t WIDE *keyData, bls_rsa_abstract_private_key_t *key) |
| Initialize a private RSA Key. More... | |
| int | bls_rsa_init_private_key_crt (const bls_rsa_crt_t WIDE *crtParameters, bls_rsa_abstract_private_key_t *key) |
| Initialize a private RSA Key with CRT parameters. More... | |
| int | bls_rsa_generate_keypair (int modulus_len, bls_rsa_abstract_private_key_t *privateKey, bls_rsa_abstract_public_key_t *publicKey, bls_rsa_keypair_data_t *generatedKeypairInfo) |
| Generate a RSA keypair. More... | |
| int | bls_rsa_get_public_key_data (bls_rsa_abstract_public_key_t *publicKey, bls_rsa_keypair_data_t *keyInfo) |
| Retrieve a RSA public key information. More... | |
| int | bls_rsa_pub (bls_rsa_abstract_public_key_t WIDE *key, int mode, bls_md_t hashID, const bls_area_t *src, const bls_area_t *dest) |
| Perform a RSA public operation. More... | |
| int | bls_rsa_priv (bls_rsa_abstract_private_key_t WIDE *key, int mode, bls_md_t hashID, const bls_area_t *src, const bls_area_t *dest) |
| Perform a RSA private operation. More... | |
| bls_curve_domain_t WIDE * | bls_ecfp_get_domain (bls_curve_t curve) |
| Retrieve the domain of the curve. More... | |
| int | bls_ecfp_is_valid_point (const bls_curve_domain_t WIDE *domain, const uint8_t WIDE *point) |
| Verify that a given point is really on the specified curve. More... | |
| int | bls_ecfp_add_point (const bls_curve_domain_t WIDE *domain, uint8_t *R, const uint8_t WIDE *P, const uint8_t WIDE *Q) |
| Add two affine point. More... | |
| int | bls_ecdsa_init_public_key (bls_curve_t curve, const uint8_t WIDE *rawkey, size_t key_len, bls_ecfp_public_key_t *key) |
| Initialize a public ECFP Key. More... | |
| int | bls_ecdsa_init_private_key (bls_curve_t curve, const uint8_t WIDE *rawkey, size_t key_len, bls_ecfp_private_key_t *key) |
| Initialize a private ECFP Key. More... | |
| int | bls_ecfp_generate_pair (bls_curve_t curve, bls_ecfp_public_key_t *public_key, bls_ecfp_private_key_t *private_key, uint8_t *d) |
| Generate a ecfp key pair. More... | |
| int | bls_ecfp_get_public_component (const bls_ecfp_public_key_t *public_key, uint8_t *W) |
| Return the uncompressed point of a public ECFP Key. More... | |
| int | bls_ecdsa_sign (bls_ecfp_private_key_t WIDE *key, int mode, bls_md_t hashID, const uint8_t WIDE *hash, size_t hash_len, uint8_t *sig) |
| Sign a hash message according to ECDSA scheme. More... | |
| int | bls_ecdsa_verify (bls_ecfp_public_key_t WIDE *key, int mode, bls_md_t hashID, const uint8_t WIDE *hash, size_t hash_len, uint8_t *sig) |
| Verify a hash message signature according to ECDSA scheme. More... | |
| int | bls_schnorr_sign (bls_ecfp_private_key_t WIDE *key, int mode, bls_md_t hashID, const uint8_t WIDE *hash, size_t hash_len, uint8_t *sig) |
| Sign a hash message according to Schnorr scheme. More... | |
| int | bls_schnorr_verify (bls_ecfp_public_key_t WIDE *key, int mode, bls_md_t hashID, const uint8_t WIDE *hash, size_t hash_len, uint8_t *sig) |
| Verify a hash message signature according to Schnorr scheme. More... | |
| int | bls_ecdh (bls_ecfp_private_key_t WIDE *key, int mode, const uint8_t WIDE *public_point, uint8_t *secret) |
| Compute a shared secret according to ECDH specifiaction. More... | |
| uint16_t | bls_crc16 (const void WIDE *buffer, size_t len) |
| Compute a 16 bits checksum value. More... | |
| uint16_t | bls_crc16_update (unsigned short crc, const void WIDE *buffer, size_t len) |
| Update a 16 bits checksum value. More... | |
| void | bls_math_addm (uint8_t *r, const uint8_t WIDE *a, const uint8_t WIDE *b, const uint8_t WIDE *m, size_t len) |
| Modular addition of tow big integer of the size: r = a+b mod m. More... | |
| int | bls_math_cmp (const uint8_t WIDE *a, const uint8_t WIDE *b, size_t len) |
| Compare to unsigned long big-endian integer. More... | |
| int | bls_math_is_zero (const uint8_t WIDE *a, size_t len) |
| Compare to unsigned long big-endian integer to zero. More... | |
| void | bls_math_modm (uint8_t *v, size_t len_v, const uint8_t WIDE *m, size_t len_m) |
| Reduce in place (left zero padded) the given value : v = v mod m. More... | |
Generic Cryptographic API.
Perform general purpose cryptographic operations
In this release, the API doesn't implement exceptions
| int bls_aes | ( | bls_aes_key_t WIDE * | key, |
| int | mode, | ||
| const bls_area_t * | in, | ||
| bls_area_t * | out | ||
| ) |
Add data to an AES operation.
| [in] | key | A aes key fully inited with 'bls_aes_init_key' |
| [in] | mode | 16bits crypto mode flags. See above. Supported flags:
|
| [in] | in | Input data to encrypt/decrypt and associated length If BLS_LAST is set, padding is automtically done according to 'mode'. Else 'len' shall be a multiple of AES_BLOCK_SIZE. |
| [out] | out | Either:
|
| INVALID_PARAMETER |
| int bls_aes_init_key | ( | const uint8_t WIDE * | rawkey, |
| size_t | key_len, | ||
| bls_aes_key_t * | key | ||
| ) |
Initialize an AES Key.
Once initialized, the key may be stored in non-volatile memory an reused 'as-is' for any AES processing
| [in] | rawkey | raw key value |
| [in] | key_len | key bytes length: 16 or 32 |
| [out] | key | AES key to init |
| key | ready to use key to init |
| int bls_aes_iv | ( | bls_aes_key_t WIDE * | key, |
| int | mode, | ||
| const bls_area_t * | iv, | ||
| const bls_area_t * | in, | ||
| bls_area_t * | out | ||
| ) |
Add data to an AES operation using an Initialization Vector.
| [in] | key | A aes key fully inited with 'bls_aes_init_key' |
| [in] | mode | 16bits crypto mode flags. See above. Supported flags:
|
| [in] | iv | Initialization Vector and associated length Only meaningful for the first block of a BLS_CHAIN_CBC, BLS_AES_PAD_CTR, BLS_AES_PAD_CFB, BLS_AES_PAD_OFB chaining. 'len' shall be a multiple of DES_BLOCK_SIZE. |
| [in] | in | Input data to encrypt/decrypt and associated length If BLS_LAST is set, padding is automtically done according to 'mode'. Else 'len' shall be a multiple of AES_BLOCK_SIZE. |
| [out] | out | Either:
|
| INVALID_PARAMETER |
| int bls_aes_iv_gcm | ( | bls_aes_key_t WIDE * | key, |
| int | mode, | ||
| const bls_area_t * | in, | ||
| const bls_area_t * | iv, | ||
| const bls_area_t WIDE * | aadTag, | ||
| bls_area_t * | out | ||
| ) |
Add data to an AES GCM operation.
| [in] | key | A aes key fully inited with 'bls_aes_init_key' |
| [in] | mode | 16bits crypto mode flags. See above. Supported flags:
|
| [in] | in | Input data to encrypt/decrypt and associated length If BLS_LAST is set, padding is automtically done according to 'mode'. Else 'len' shall be a multiple of AES_BLOCK_SIZE. |
| [in] | iv | Initialization Vector and associated length 'len' shall be a multiple of DES_BLOCK_SIZE. |
| [in,out] | aadTag |
|
| [out] | out | Either:
|
| INVALID_PARAMETER |
| uint16_t bls_crc16 | ( | const void WIDE * | buffer, |
| size_t | len | ||
| ) |
Compute a 16 bits checksum value.
The 16 bits value is computed according to the CRC16 CCITT definition.
| [in] | buffer | The buffer to compute the crc over. |
| [in] | Bytes | Length of the 'buffer' |
| uint16_t bls_crc16_update | ( | unsigned short | crc, |
| const void WIDE * | buffer, | ||
| size_t | len | ||
| ) |
Update a 16 bits checksum value.
The 16 bits value is computed according to the CRC16 CCITT definition.
| [in] | crc | Initial CRC value |
| [in] | buffer | The buffer to compute the crc over. |
| [in] | Bytes | Length of the 'buffer' |
| int bls_des | ( | bls_des_key_t WIDE * | key, |
| int | mode, | ||
| const bls_area_t * | in, | ||
| bls_area_t * | out | ||
| ) |
Add data to a DES operation.
| [in] | key | A des key fully inited with 'bls_des_init_key' |
| [in] | mode | 16bits crypto mode flags. See above. Supported flags:
|
| [in] | in | Input data to encrypt/decrypt and associated length If BLS_LAST is set, padding is automatically done according to 'mode'. Else 'len' shall be a multiple of DES_BLOCK_SIZE. |
| [out] | out | Either:
|
| INVALID_PARAMETER |
| int bls_des_init_key | ( | const uint8_t WIDE * | rawkey, |
| size_t | key_len, | ||
| bls_des_key_t * | key | ||
| ) |
Initialize a DES Key.
Once initialized, the key may be stored in non-volatile memory an reused 'as-is' for any DES processing
| [in] | rawkey | raw key value |
| [in] | key_len | key bytes length: 8,16 or 24 |
| [out] | key | DES key to init |
| key | ready to use key to init |
| int bls_des_iv | ( | bls_des_key_t WIDE * | key, |
| int | mode, | ||
| const bls_area_t * | iv, | ||
| const bls_area_t * | in, | ||
| bls_area_t * | out | ||
| ) |
Add data to a DES operation using an Initialization Vector.
| [in] | key | A des key fully inited with 'bls_des_init_key' |
| [in] | mode | 16bits crypto mode flags. See above. Supported flags:
|
| [in] | iv | Initialization Vector and associated length Only meaningful for the first block of a BLS_CHAIN_CBC chaining. 'len' shall be a multiple of DES_BLOCK_SIZE. |
| [in] | in | Input data to encrypt/decrypt and associated length If BLS_LAST is set, padding is automatically done according to 'mode'. Else 'len' shall be a multiple of DES_BLOCK_SIZE. |
| [out] | out | Either:
|
| INVALID_PARAMETER |
| int bls_ecdh | ( | bls_ecfp_private_key_t WIDE * | key, |
| int | mode, | ||
| const uint8_t WIDE * | public_point, | ||
| uint8_t * | secret | ||
| ) |
Compute a shared secret according to ECDH specifiaction.
Depending on the mode, the shared secret is either the full point, a hash of the x coordinate or only the x coordinate
| [in] | key | A private ecfp key fully inited with 'bls_ecdsa_init_private_key' |
| [in] | mode | 16bits crypto mode flags. See above. Supported flags:
|
| [in] | public_point | Other party public point encoded as: 04 x y, where x and y are encoded as big endian raw value and have bits length equals to the curve size. |
| [out] | secret | Generated shared secret. |
| INVALID_PARAMETER |
| int bls_ecdsa_init_private_key | ( | bls_curve_t | curve, |
| const uint8_t WIDE * | rawkey, | ||
| size_t | key_len, | ||
| bls_ecfp_private_key_t * | key | ||
| ) |
Initialize a private ECFP Key.
Once initialized, the key may be stored in non-volatile memory and reused 'as-is' for any ECDSA processing Passing NULL as raw key initializes the key without value. The key may be used as parameter for bls_ecfp_generate_pair.
| [in] | curve | The curve domain parameters to work with. |
| [in] | rawkey | Raw key value or NULL. The value shall be the private key big endian raw value. |
| [in] | key_len | Key bytes length |
| [out] | key | Private ecfp key to init. |
| INVALID_PARAMETER |
| int bls_ecdsa_init_public_key | ( | bls_curve_t | curve, |
| const uint8_t WIDE * | rawkey, | ||
| size_t | key_len, | ||
| bls_ecfp_public_key_t * | key | ||
| ) |
Initialize a public ECFP Key.
Once initialized, the key may be stored in non-volatile memory an reused 'as-is' for any ECDSA processing Passing NULL as raw key initializes the key without value. The key may be used as parameter for bls_ecfp_generate_pair.
| [in] | curve | The curve domain parameters to work with. |
| [in] | rawkey | Raw key value or NULL. The value shall be the public point encoded as: 04 x y, where x and y are encoded as big endian raw value and have bits length equals to the curve size. |
| [in] | key_len | Key bytes length |
| [out] | key | Public ecfp key to init. |
| INVALID_PARAMETER |
| int bls_ecdsa_sign | ( | bls_ecfp_private_key_t WIDE * | key, |
| int | mode, | ||
| bls_md_t | hashID, | ||
| const uint8_t WIDE * | hash, | ||
| size_t | hash_len, | ||
| uint8_t * | sig | ||
| ) |
Sign a hash message according to ECDSA scheme.
| [in] | key | A private ecfp key fully inited with 'bls_ecdsa_init_private_key' |
| [in] | mode | 16bits crypto mode flags. See above. Supported flags:
|
| [in] | hashID | Hash to use for nonce generation when using BLS_RND_RFC6979 (shall be BLS_SHA256) |
| [in] | hash | Input data to sign. The data should be the hash of the original message. The data length must be lesser than the curve size. |
| [in] | hash_len | Length of the hash |
| [out] | sig | ECDSA signature encoded as TLV: 30 L 02 Lr r 02 Ls s |
| INVALID_PARAMETER |
| int bls_ecdsa_verify | ( | bls_ecfp_public_key_t WIDE * | key, |
| int | mode, | ||
| bls_md_t | hashID, | ||
| const uint8_t WIDE * | hash, | ||
| size_t | hash_len, | ||
| uint8_t * | sig | ||
| ) |
Verify a hash message signature according to ECDSA scheme.
| [in] | key | A public ecfp key fully inited with 'bls_ecdsa_init_public_key' |
| [in] | mode | 16bits crypto mode flags. See above. Supported flags:
|
| [in] | hashID | Ignored |
| [in] | hash | Signed input data to verify the signature. The data should be the hash of the original message. The data length must be lesser than the curve size. |
| [in] | hash_len | Length of the hash |
| [in] | sig | ECDSA signature to verify encoded as TLV: 30 L 02 Lr r 02 Ls s |
| INVALID_PARAMETER |
| int bls_ecfp_add_point | ( | const bls_curve_domain_t WIDE * | domain, |
| uint8_t * | R, | ||
| const uint8_t WIDE * | P, | ||
| const uint8_t WIDE * | Q | ||
| ) |
Add two affine point.
| [in] | domain | The curve domain parameters to work with. |
| [out] | R | P+Q encoded as: 04 x y, where x and y are encoded as big endian raw value and have bits length equals to the curve size. |
| [in] | P | First point to add * The value shall be a point encoded as: 04 x y, where x and y are encoded as big endian raw value and have bits length equals to the curve size. |
| [in] | Q | Second point to add |
| [in] | public_point | The point to test encoded as: 04 x y |
| INVALID_PARAMETER |
| int bls_ecfp_generate_pair | ( | bls_curve_t | curve, |
| bls_ecfp_public_key_t * | public_key, | ||
| bls_ecfp_private_key_t * | private_key, | ||
| uint8_t * | d | ||
| ) |
Generate a ecfp key pair.
| [in] | curve | The curve domain parameters to work with. |
| [out] | public_key | A public ecfp key to generate. |
| [out] | private_key | A private ecfp key to initialize. |
| [out] | d | If set to non NULL, return the generated private key value |
| INVALID_PARAMETER |
| bls_curve_domain_t WIDE* bls_ecfp_get_domain | ( | bls_curve_t | curve | ) |
Retrieve the domain of the curve.
| [in] | curve | The curve reference |
| INVALID_PARAMETER |
| int bls_ecfp_get_public_component | ( | const bls_ecfp_public_key_t * | public_key, |
| uint8_t * | W | ||
| ) |
Return the uncompressed point of a public ECFP Key.
| [out] | public_key | A public ecfp key |
| [out] | W | Buffer to store uncompressed point |
| INVALID_PARAMETER |
| int bls_ecfp_is_valid_point | ( | const bls_curve_domain_t WIDE * | domain, |
| const uint8_t WIDE * | point | ||
| ) |
Verify that a given point is really on the specified curve.
| [in] | domain | The curve domain parameters to work with. |
| [in] | point | The point to test encoded as: 04 x y |
| INVALID_PARAMETER |
| int bls_hash | ( | bls_hash_t * | hash, |
| int | mode, | ||
| const uint8_t WIDE * | in, | ||
| size_t | len, | ||
| uint8_t * | out | ||
| ) |
Add more data to hash.
| [in,out] | hash | Hash context The hash context pointer shall point to either a bls_ripemd160_t, either a bls_sha256_t or bls_sha512_t . The hash context shall be inited with 'bls_xxx_init' The hash context shall be in RAM The function should be called with a nice cast. |
| [in] | mode | 16bits flags. See Above If BLS_LAST is set, context is automatically re-inited. Supported flags:
|
| [in] | in | Input data to add to current hash |
| [in] | len | Length of input to data. |
| [out] | out | Either:
|
| int bls_hmac | ( | bls_hmac_t * | hmac, |
| int | mode, | ||
| const uint8_t WIDE * | in, | ||
| size_t | len, | ||
| uint8_t * | mac | ||
| ) |
Add more data to HMAC.
| [in,out] | hmac | Hmac context The hmac context pointer shall point to either a bls_ripemd160_t, either a bls_sha256_t or bls_sha512_t . The hmac context shall be inited with 'bls_xxx_init' The hmac context shall be in RAM The function should be called with a nice cast. |
| [in] | mode | 16bits flags. See Above If BLS_LAST is set and BLS_DISCARD is not set, context is automatically re-inited. Supported flags:
|
| [in] | in | Input data to add to current hmac |
| [in] | len | Length of input to data. |
| [out] | mac | Either:
|
| int bls_hmac_ripemd160_init | ( | bls_hmac_ripemd160_t * | hmac, |
| const uint8_t WIDE * | key, | ||
| size_t | key_len | ||
| ) |
Initialize a HMAC sha512 context.
| [out] | hmac | the context to init. The context shall be in RAM |
| [in] | key | hmac key value Passing a NULL pointeur, will reinit the context with the previously set key. If no key has already been set, passing NULL will lead into an undefined behavior. |
| [in] | key_len | hmac key length The key length shall be less than 64 bytes |
| int bls_hmac_sha256_init | ( | bls_hmac_sha256_t * | hmac, |
| const uint8_t WIDE * | key, | ||
| size_t | key_len | ||
| ) |
Initialize a HMAC sha256 context.
| [out] | hmac | the context to init. The context shall be in RAM |
| [in] | key | hmac key value Passing a NULL pointeur, will reinit the context with the previously set key. If no key has already been set, passing NULL will lead into an undefined behavior. |
| [in] | key_len | hmac key length The key length shall be less than 64 bytes |
| int bls_hmac_sha512_init | ( | bls_hmac_sha512_t * | hmac, |
| const uint8_t WIDE * | key, | ||
| size_t | key_len | ||
| ) |
Initialize a HMAC sha512 context.
| [out] | hmac | the context to init. The context shall be in RAM |
| [in] | key | hmac key value Passing a NULL pointeur, will reinit the context with the previously set key. If no key has already been set, passing NULL will lead into an undefined behavior. |
| [in] | key_len | hmac key length The key length shall be less than 128 bytes |
| void bls_math_addm | ( | uint8_t * | r, |
| const uint8_t WIDE * | a, | ||
| const uint8_t WIDE * | b, | ||
| const uint8_t WIDE * | m, | ||
| size_t | len | ||
| ) |
Modular addition of tow big integer of the size: r = a+b mod m.
The maximum length supported is 64.
| r | where to put result |
| a | first operand |
| b | second operand |
| m | modulo |
| len | byte length of r, a, b, m |
| int bls_math_cmp | ( | const uint8_t WIDE * | a, |
| const uint8_t WIDE * | b, | ||
| size_t | len | ||
| ) |
Compare to unsigned long big-endian integer.
The maximum length supported is 64.
| a | first operand |
| b | second operand |
| len | byte length of a, b |
| int bls_math_is_zero | ( | const uint8_t WIDE * | a, |
| size_t | len | ||
| ) |
Compare to unsigned long big-endian integer to zero.
| a | value to compare to zero |
| len | byte length of a |
| void bls_math_modm | ( | uint8_t * | v, |
| size_t | len_v, | ||
| const uint8_t WIDE * | m, | ||
| size_t | len_m | ||
| ) |
Reduce in place (left zero padded) the given value : v = v mod m.
| v | value to reduce |
| len_v | shall be >= len_m |
| m | modulus |
| len_m | length of modulus |
| int bls_pbkdf2 | ( | bls_md_t | hash, |
| const bls_area_t * | password, | ||
| const bls_area_t * | salt, | ||
| int | iterations, | ||
| uint8_t * | out | ||
| ) |
Stretch a password using PBKDF2.
| [in] | hash | Hash Algorithm Supported algorithms : BLS_SHA512 |
| [in] | password | Password buffer and length |
| [in] | salt | Salt buffer and length The salt buffer shall include 4 extra pdding bytes |
| [in] | iterations | Number of PBKDF2 iterations to perform |
| [out] | out | Output buffer containing the PBKDF2 streched password The output buffer shall be as long as the hash output |
| int bls_ripemd160_init | ( | bls_ripemd160_t * | hash | ) |
Initialize a ripmd160 context.
| [out] | hash | the context to init. The context shall be in RAM |
| int bls_rng | ( | uint8_t * | buffer, |
| size_t | len | ||
| ) |
generate a random buffer
| [out] | buffer | the buffer containing the random data |
| [in] | len | length of the random buffer to generate |
| uint8_t bls_rng_u8 | ( | void | ) |
generate a random byte
| int bls_rsa_generate_keypair | ( | int | modulus_len, |
| bls_rsa_abstract_private_key_t * | privateKey, | ||
| bls_rsa_abstract_public_key_t * | publicKey, | ||
| bls_rsa_keypair_data_t * | generatedKeypairInfo | ||
| ) |
Generate a RSA keypair.
| [in] | modulus_len | Length of the modulus to generate, in bits |
| [out] | privateKey | Pointer to a previously initialized RSA private key |
| [out] | publicKey | Pointer to a previously initialized RSA public key |
| [out] | generatedKeypairInfo | Pointer to a structure that will contain the generated key information including the private key value or NULL |
| INVALID_PARAMETER |
| int bls_rsa_get_public_key_data | ( | bls_rsa_abstract_public_key_t * | publicKey, |
| bls_rsa_keypair_data_t * | keyInfo | ||
| ) |
Retrieve a RSA public key information.
| [in] | publicKey | Pointer to a previously initialized RSA public key |
| [out] | keyInfo | Pointer to a structure that will contain the public key information |
| INVALID_PARAMETER |
| int bls_rsa_init_private_key | ( | const bls_rsa_keypair_data_t WIDE * | keyData, |
| bls_rsa_abstract_private_key_t * | key | ||
| ) |
Initialize a private RSA Key.
Once initialized, the key may be stored in non-volatile memory an reused 'as-is' for any RSA processing Passing NULL as raw key initializes the key without value. The key can not be used
| [in] | keyData | Key parameters value or NULL. Key parameters shall include the modulus and private exponent encoded as big endian raw value |
| [out] | key | Private RSA key to initialize. |
| INVALID_PARAMETER |
| int bls_rsa_init_private_key_crt | ( | const bls_rsa_crt_t WIDE * | crtParameters, |
| bls_rsa_abstract_private_key_t * | key | ||
| ) |
Initialize a private RSA Key with CRT parameters.
Once initialized, the key may be stored in non-volatile memory an reused 'as-is' for any RSA processing Passing NULL as raw key initializes the key without value. The key can not be used
| [in] | keyData | Key parameters value or NULL. Key parameters shall include Q, P, DP, DQ, QInv encoded as big endian raw value |
| [out] | key | Public RSA key to initialize. |
| INVALID_PARAMETER |
| int bls_rsa_init_public_key | ( | const bls_rsa_keypair_data_t WIDE * | keyData, |
| bls_rsa_abstract_public_key_t * | key | ||
| ) |
Initialize a public RSA Key.
Once initialized, the key may be stored in non-volatile memory an reused 'as-is' for any RSA processing Passing NULL as raw key initializes the key without value. The key can not be used
| [in] | keyData | Key parameters value or NULL. Key parameters shall include the modulus and public exponent encoded as big endian raw value |
| [out] | key | Public RSA key to initialize. |
| INVALID_PARAMETER |
| int bls_rsa_priv | ( | bls_rsa_abstract_private_key_t WIDE * | key, |
| int | mode, | ||
| bls_md_t | hashID, | ||
| const bls_area_t * | src, | ||
| const bls_area_t * | dest | ||
| ) |
Perform a RSA private operation.
| [in] | key | Pointer to a previously initialized RSA private key |
| [in] | mode | 16bits crypto mode flags. See above. Supported flags:
|
| [in] | hashID | Hash identifier used to compute the input data. |
| [in] | src | Input buffer and length to process |
| [in,out] | dest | Destination buffer and length. Length is modified by ENCRYPT, DECRYPT, SIGN operations |
| INVALID_PARAMETER |
| int bls_rsa_pub | ( | bls_rsa_abstract_public_key_t WIDE * | key, |
| int | mode, | ||
| bls_md_t | hashID, | ||
| const bls_area_t * | src, | ||
| const bls_area_t * | dest | ||
| ) |
Perform a RSA public operation.
| [in] | key | Pointer to a previously initialized RSA public key |
| [in] | mode | 16bits crypto mode flags. See above. Supported flags:
|
| [in] | hashID | Hash identifier used to compute the input data. |
| [in] | src | Input buffer and length to process |
| [in,out] | dest | Destination buffer and length. Length is modified by ENCRYPT, DECRYPT, SIGN operations |
| INVALID_PARAMETER |
| int bls_schnorr_sign | ( | bls_ecfp_private_key_t WIDE * | key, |
| int | mode, | ||
| bls_md_t | hashID, | ||
| const uint8_t WIDE * | hash, | ||
| size_t | hash_len, | ||
| uint8_t * | sig | ||
| ) |
Sign a hash message according to Schnorr scheme.
| [in] | key | A private ecfp key fully inited with 'bls_ecdsa_init_private_key' |
| [in] | mode | 16bits crypto mode flags. See above. Supported flags:
|
| [in] | hashID | Ignored |
| [in] | hash | Input data to sign. The data should be the hash of the original message. The data length must be lesser than the curve size. |
| [in] | hash_len | Length of the hash |
| [out] | sig | Schnorr signature |
| INVALID_PARAMETER |
| int bls_schnorr_verify | ( | bls_ecfp_public_key_t WIDE * | key, |
| int | mode, | ||
| bls_md_t | hashID, | ||
| const uint8_t WIDE * | hash, | ||
| size_t | hash_len, | ||
| uint8_t * | sig | ||
| ) |
Verify a hash message signature according to Schnorr scheme.
| [in] | key | A public ecfp key fully inited with 'bls_ecdsa_init_public_key' |
| [in] | mode | 16bits crypto mode flags. See above. Supported flags:
|
| [in] | hashID | Ignored |
| [in] | hash | Signed input data to verify the signature. The data should be the hash of the original message. The data length must be lesser than the curve size. |
| [in] | hash_len | Length of the hash |
| [in] | sig | Schnorr signature |
| INVALID_PARAMETER |
| int bls_sha1_init | ( | bls_sha1_t * | hash | ) |
Initialize a sha1 context.
| [out] | hash | the context to init. The context shall be in RAM |
| int bls_sha256_init | ( | bls_sha256_t * | hash | ) |
Initialize a sha256 context.
| [out] | hash | the context to init. The context shall be in RAM |
| int bls_sha512_init | ( | bls_sha512_t * | hash | ) |
Initialize a sha512 context.
| [out] | hash | the context to init. The context shall be in RAM |
1.8.9.1
