Contains functions only used internally, however, test utilities can include this to unit test them. More...

#include <stdint.h>
#include <qcbor/qcbor_encode.h>
#include <BPSecLib_Private.h>
#include <BPSecLib_Public.h>
#include <CryptoInterface.h>
#include "rfc9173.h"

Include dependency graph for DefaultSecContext_Private.h:

This graph shows which files directly or indirectly include this file:

Data Structures
struct	BSLX_BlockMetadata_t

struct	BSLX_BIB_t

struct	BSLX_BCB_t
	BCB encryption context with crypto primitives. More...

Functions
int	BSLX_BIB_InitFromSecOper (BSLX_BIB_t self, const BSL_BundleRef_t bundle, const BSL_SecOper_t *sec_oper)
	Populate the BIB parameters convenience struct from the security operation struct.

void	BSLX_BIB_Deinit (BSLX_BIB_t *self)

int	BSLX_BIB_GenIPPT (const BSLX_BIB_t self, BSL_Data_t ippt_space)
	Computes the Integrity-Protected Plaintext (IPPT) according to Section 3.7 of RFC 9173 [4].

int	BSLX_BIB_GenHMAC (BSLX_BIB_t self, const BSL_Data_t ippt_data)
	Performs the actual HMAC over the given IPPT, placing the result in `hmac_result`.

int	BSLX_BCB_GetParams (const BSL_BundleRef_t bundle, BSLX_BCB_t bcb_context, const BSL_SecOper_t *sec_oper)

int	BSLX_BCB_Init (BSLX_BCB_t bcb_context, BSL_BundleRef_t bundle, const BSL_SecOper_t *sec_oper)

void	BSLX_BCB_Deinit (BSLX_BCB_t *bcb_context)

int	BSLX_BCB_ComputeAAD (BSLX_BCB_t *bcb_context)

int	BSLX_BCB_Encrypt (BSLX_BCB_t *bcb_context)

void	BSLX_EncodeHeader (const BSL_CanonicalBlock_t block, QCBOREncodeContext encoder)

Detailed Description

Contains functions only used internally, however, test utilities can include this to unit test them.

Function Documentation

◆ BSLX_BCB_Encrypt()

int BSLX_BCB_Encrypt ( BSLX_BCB_t * bcb_context )

◆ BSLX_BIB_GenHMAC()

int BSLX_BIB_GenHMAC	(	BSLX_BIB_t *	self,
		const BSL_Data_t *	ippt_data
	)

Performs the actual HMAC over the given IPPT, placing the result in hmac_result.

Returns the number of bytes written into hmac_result. Negative indicates error. NOTE: This does NOT resize the result, the caller must do so.

wrapped key always 8 bytes greater than CEK [7] (2.2.1)

References BSL_AuthCtx_Deinit(), BSL_AuthCtx_DigestBuffer(), BSL_AuthCtx_Finalize(), BSL_AuthCtx_Init(), BSL_Crypto_ClearKeyHandle(), BSL_Crypto_GenKey(), BSL_Crypto_UnwrapKey(), BSL_Crypto_WrapKey(), BSL_Data_InitBuffer(), BSL_ERR_SECURITY_CONTEXT_AUTH_FAILED, BSL_ERR_SECURITY_CONTEXT_CRYPTO_FAILED, BSL_ERR_SECURITY_CONTEXT_FAILED, BSL_LOG_DEBUG, BSL_LOG_ERR, BSL_LOG_WARNING, BSL_SUCCESS, BSLB_Crypto_GetRegistryKey(), BSLX_BIB_t::key_id, BSL_Data_t::len, and BSL_Data_t::ptr.

◆ BSLX_BIB_GenIPPT()

int BSLX_BIB_GenIPPT	(	const BSLX_BIB_t *	self,
		BSL_Data_t *	ippt_space
	)

Computes the Integrity-Protected Plaintext (IPPT) according to Section 3.7 of RFC 9173 [4].

Parameters

[in,out] ippt_space Storage for the output, or empty to calculate the needed size.

Returns: A positive value to indicate the needed size, or negative for error.

References BSL_CanonicalBlock_t::block_num, BSL_Data_Deinit(), BSL_Data_InitBuffer(), BSL_ERR_ENCODING, BSL_LOG_ERR, BSL_SeqReader_Destroy(), BSL_SeqReader_Get(), BSL_CanonicalBlock_t::btsd_len, BSLX_BIB_t::bundle, BSL_PrimaryBlock_t::encoded, BSL_Data_t::len, and BSL_Data_t::ptr.

◆ BSLX_BIB_InitFromSecOper()

int BSLX_BIB_InitFromSecOper	(	BSLX_BIB_t *	self,
		const BSL_BundleRef_t *	bundle,
		const BSL_SecOper_t *	sec_oper
	)

Populate the BIB parameters convenience struct from the security operation struct.

TODO: move to common function.

References BSL_Data_InitView(), BSL_ERR_PROPERTY_CHECK_FAILED, BSL_LOG_DEBUG, BSL_LOG_ERR, BSL_LOG_WARNING, BSL_SecOper_CountParams(), BSL_SecOper_GetParamAt(), BSL_SecOper_IsRoleSource(), BSL_SecParam_GetAsBytestr(), BSL_SecParam_GetAsTextstr(), BSL_SecParam_GetAsUInt64(), BSL_SecParam_GetId(), BSL_SecParam_IsInt64(), BSL_SECPARAM_TYPE_KEY_ID, BSL_SECPARAM_USE_KEY_WRAP, BSL_SUCCESS, BSLX_BIB_t::bundle, BSLX_BIB_t::key_id, BSL_Data_t::len, map_rfc9173_sha_variant_to_crypto(), and BSL_Data_t::ptr.