1 /* 2 * QEMU Crypto asymmetric algorithms 3 * 4 * Copyright (c) 2022 Bytedance 5 * Author: zhenwei pi <pizhenwei@bytedance.com> 6 * 7 * This library is free software; you can redistribute it and/or 8 * modify it under the terms of the GNU Lesser General Public 9 * License as published by the Free Software Foundation; either 10 * version 2.1 of the License, or (at your option) any later version. 11 * 12 * This library is distributed in the hope that it will be useful, 13 * but WITHOUT ANY WARRANTY; without even the implied warranty of 14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 15 * Lesser General Public License for more details. 16 * 17 * You should have received a copy of the GNU Lesser General Public 18 * License along with this library; if not, see <http://www.gnu.org/licenses/>. 19 * 20 */ 21 22 #ifndef QCRYPTO_AKCIPHER_H 23 #define QCRYPTO_AKCIPHER_H 24 25 #include "qapi/qapi-types-crypto.h" 26 27 typedef struct QCryptoAkCipher QCryptoAkCipher; 28 29 /** 30 * qcrypto_akcipher_supports: 31 * @opts: the asymmetric key algorithm and related options 32 * 33 * Determine if asymmetric key cipher decribed with @opts is 34 * supported by the current configured build 35 * 36 * Returns: true if it is supported, false otherwise. 37 */ 38 bool qcrypto_akcipher_supports(QCryptoAkCipherOptions *opts); 39 40 /** 41 * qcrypto_akcipher_new: 42 * @opts: specify the algorithm and the related arguments 43 * @type: private or public key type 44 * @key: buffer to store the key 45 * @key_len: the length of key buffer 46 * @errp: error pointer 47 * 48 * Create akcipher context 49 * 50 * Returns: On success, a new QCryptoAkCipher initialized with @opt 51 * is created and returned, otherwise NULL is returned. 52 */ 53 54 QCryptoAkCipher *qcrypto_akcipher_new(const QCryptoAkCipherOptions *opts, 55 QCryptoAkCipherKeyType type, 56 const uint8_t *key, size_t key_len, 57 Error **errp); 58 59 /** 60 * qcrypto_akcipher_encrypt: 61 * @akcipher: akcipher context 62 * @in: plaintext pending to be encrypted 63 * @in_len: length of plaintext, less or equal to the size reported 64 * by a call to qcrypto_akcipher_max_plaintext_len() 65 * @out: buffer to store the ciphertext 66 * @out_len: length of ciphertext, less or equal to the size reported 67 * by a call to qcrypto_akcipher_max_ciphertext_len() 68 * @errp: error pointer 69 * 70 * Encrypt @in and write ciphertext into @out 71 * 72 * Returns: length of ciphertext if encrypt succeed, 73 * otherwise -1 is returned 74 */ 75 int qcrypto_akcipher_encrypt(QCryptoAkCipher *akcipher, 76 const void *in, size_t in_len, 77 void *out, size_t out_len, Error **errp); 78 79 /** 80 * qcrypto_akcipher_decrypt: 81 * @akcipher: akcipher context 82 * @in: ciphertext to be decrypted 83 * @in_len: the length of ciphertext, less or equal to the size reported 84 * by a call to qcrypto_akcipher_max_ciphertext_len() 85 * @out: buffer to store the plaintext 86 * @out_len: length of the plaintext buffer, less or equal to the size 87 * reported by a call to qcrypto_akcipher_max_plaintext_len() 88 * @errp: error pointer 89 * 90 * Decrypt @in and write plaintext into @out 91 * 92 * Returns: length of plaintext if decrypt succeed, 93 * otherwise -1 is returned 94 */ 95 int qcrypto_akcipher_decrypt(QCryptoAkCipher *akcipher, 96 const void *in, size_t in_len, 97 void *out, size_t out_len, Error **errp); 98 99 /** 100 * qcrypto_akcipher_sign: 101 * @akcipher: akcipher context 102 * @in: data to be signed 103 * @in_len: the length of data, less or equal to the size reported 104 * by a call to qcrypto_akcipher_max_dgst_len() 105 * @out: buffer to store the signature 106 * @out_len: length of the signature buffer, less or equal to the size 107 * by a call to qcrypto_akcipher_max_signature_len() 108 * @errp: error pointer 109 * 110 * Generate signature for @in, write into @out 111 * 112 * Returns: length of signature if succeed, 113 * otherwise -1 is returned 114 */ 115 int qcrypto_akcipher_sign(QCryptoAkCipher *akcipher, 116 const void *in, size_t in_len, 117 void *out, size_t out_len, Error **errp); 118 119 /** 120 * qcrypto_akcipher_verify: 121 * @akcipher: akcipher context 122 * @in: pointer to the signature 123 * @in_len: length of signature, ess or equal to the size reported 124 * by a call to qcrypto_akcipher_max_signature_len() 125 * @in2: pointer to original data 126 * @in2_len: the length of original data, less or equal to the size 127 * by a call to qcrypto_akcipher_max_dgst_len() 128 * @errp: error pointer 129 * 130 * Verify @in and @in2 match or not 131 * 132 * Returns: 0 for succeed, 133 * otherwise -1 is returned 134 */ 135 int qcrypto_akcipher_verify(QCryptoAkCipher *akcipher, 136 const void *in, size_t in_len, 137 const void *in2, size_t in2_len, Error **errp); 138 139 int qcrypto_akcipher_max_plaintext_len(QCryptoAkCipher *akcipher); 140 141 int qcrypto_akcipher_max_ciphertext_len(QCryptoAkCipher *akcipher); 142 143 int qcrypto_akcipher_max_signature_len(QCryptoAkCipher *akcipher); 144 145 int qcrypto_akcipher_max_dgst_len(QCryptoAkCipher *akcipher); 146 147 /** 148 * qcrypto_akcipher_free: 149 * @akcipher: akcipher context 150 * 151 * Free the akcipher context 152 * 153 */ 154 void qcrypto_akcipher_free(QCryptoAkCipher *akcipher); 155 156 /** 157 * qcrypto_akcipher_export_p8info: 158 * @opts: the options of the akcipher to be exported. 159 * @key: the original key of the akcipher to be exported. 160 * @keylen: length of the 'key' 161 * @dst: output parameter, if export succeed, *dst is set to the 162 * PKCS#8 encoded private key, caller MUST free this key with 163 * g_free after use. 164 * @dst_len: output parameter, indicates the length of PKCS#8 encoded 165 * key. 166 * 167 * Export the akcipher into DER encoded pkcs#8 private key info, expects 168 * |key| stores a valid asymmetric PRIVATE key. 169 * 170 * Returns: 0 for succeed, otherwise -1 is returned. 171 */ 172 int qcrypto_akcipher_export_p8info(const QCryptoAkCipherOptions *opts, 173 uint8_t *key, size_t keylen, 174 uint8_t **dst, size_t *dst_len, 175 Error **errp); 176 177 G_DEFINE_AUTOPTR_CLEANUP_FUNC(QCryptoAkCipher, qcrypto_akcipher_free) 178 179 #endif /* QCRYPTO_AKCIPHER_H */ 180