CryptoInterface.h

Go to the documentation of this file.

/*
 * Copyright (c) 2025 The Johns Hopkins University Applied Physics
 * Laboratory LLC.
 *
 * This file is part of the Bundle Protocol Security Library (BSL).
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *     http://www.apache.org/licenses/LICENSE-2.0
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 *
 * This work was performed for the Jet Propulsion Laboratory, California
 * Institute of Technology, sponsored by the United States Government under
 * the prime contract 80NM0018D0004 between the Caltech and NASA under
 * subcontract 1700763.
 */
#ifndef BSL_FRONTEND_CRYPTO_INTERFACE_H_
#define BSL_FRONTEND_CRYPTO_INTERFACE_H_
 
#include <stdint.h>
 
#include "BPSecLib_Private.h"
#include "BPSecLib_Public.h"
 
#ifdef __cplusplus
extern "C" {
#endif
 
#define BSL_CRYPTO_AESGCM_AUTH_TAG_LEN (16)
 
typedef enum
{
    // BSL_CRYPTO_UNDEFINED = 0,
    BSL_CRYPTO_ENCRYPT,
    BSL_CRYPTO_DECRYPT
} BSL_CipherMode_e;
 
typedef enum
{
    BSL_CRYPTO_SHA_256,
    BSL_CRYPTO_SHA_384,
    BSL_CRYPTO_SHA_512
} BSL_CryptoCipherSHAVariant_e;
 
typedef enum
{
    BSL_CRYPTO_AES_128,
    BSL_CRYPTO_AES_256
} BSL_CryptoCipherAESVariant_e;
 
typedef struct BSL_AuthCtx_s
{
    void *libhandle;
    BSL_CryptoCipherSHAVariant_e SHA_variant;
    size_t block_size;
} BSL_AuthCtx_t;
 
typedef struct BSL_Cipher_s
{
    void *libhandle;
    BSL_CipherMode_e enc;
    BSL_CryptoCipherAESVariant_e AES_variant;
    size_t block_size;
} BSL_Cipher_t;
 
void BSL_CryptoInit(void);
 
void BSL_CryptoDeinit(void);
 
BSL_REQUIRE_CHECK
int BSL_AuthCtx_Init(BSL_AuthCtx_t *hmac_ctx, uint64_t keyid, BSL_CryptoCipherSHAVariant_e sha_var);
 
BSL_REQUIRE_CHECK
int BSL_AuthCtx_DigestBuffer(BSL_AuthCtx_t *hmac_ctx, const void *data, size_t data_len);
 
int BSL_AuthCtx_DigestSeq(BSL_AuthCtx_t *hmac_ctx, BSL_SeqReader_t *reader);
 
int BSL_AuthCtx_Finalize(BSL_AuthCtx_t *hmac_ctx, void **hmac, size_t *hmac_len);
 
int BSL_AuthCtx_Deinit(BSL_AuthCtx_t *hmac_ctx);
 
int BSL_Crypto_UnwrapKey(BSL_Data_t *unwrapped_key_output, BSL_Data_t wrapped_key_plaintext, size_t key_id,
                         size_t aes_variant);
 
int BSL_Crypto_WrapKey(BSL_Data_t *wrapped_key, BSL_Data_t cek, size_t content_key_id, size_t aes_variant);
 
int BSL_Cipher_Init(BSL_Cipher_t *cipher_ctx, BSL_CipherMode_e enc, BSL_CryptoCipherAESVariant_e aes_var,
                    const void *init_vec, int iv_len, BSL_Data_t content_enc_key);
 
int BSLB_Crypto_GetRegistryKey(uint64_t keyid, const uint8_t **secret, size_t *secret_len);
 
int BSL_Cipher_AddAAD(BSL_Cipher_t *cipher_ctx, const void *aad, int aad_len);
 
int BSL_Cipher_AddData(BSL_Cipher_t *cipher_ctx, BSL_Data_t plaintext, BSL_Data_t ciphertext);
 
int BSL_Cipher_AddSeq(BSL_Cipher_t *cipher_ctx, BSL_SeqReader_t *reader, BSL_SeqWriter_t *writer);
 
int BSL_Cipher_GetTag(BSL_Cipher_t *cipher_ctx, void **tag);
 
int BSL_Cipher_SetTag(BSL_Cipher_t *cipher_ctx, const void *tag);
 
int BSL_Cipher_FinalizeSeq(BSL_Cipher_t *cipher_ctx, BSL_SeqWriter_t *writer);
int BSL_Cipher_FinalizeData(BSL_Cipher_t *cipher_ctx, BSL_Data_t *extra);
 
int BSL_Cipher_Deinit(BSL_Cipher_t *cipher_ctx);
 
int BSL_Crypto_GenKey(uint8_t *key_buffer, size_t key_length);
 
int BSL_Crypto_GenIV(void *buf, int size);
 
int BSL_Crypto_AddRegistryKey(uint64_t keyid, const uint8_t *secret, size_t secret_len);
 
#ifdef __cplusplus
} // extern C
#endif
 
#endif