• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /* -*- Mode: C; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
2 
3 /*
4  * Copyright (c) 2018, SICS, RISE AB
5  * All rights reserved.
6  *
7  * Redistribution and use in source and binary forms, with or without
8  * modification, are permitted provided that the following conditions
9  * are met:
10  * 1. Redistributions of source code must retain the above copyright
11  *    notice, this list of conditions and the following disclaimer.
12  * 2. Redistributions in binary form must reproduce the above copyright
13  *    notice, this list of conditions and the following disclaimer in the
14  *    documentation and/or other materials provided with the distribution.
15  * 3. Neither the name of the Institute nor the names of its contributors
16  *    may be used to endorse or promote products derived from this software
17  *    without specific prior written permission.
18  *
19  * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
20  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
21  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
22  * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
23  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
24  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
25  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
26  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
27  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
28  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
29  * SUCH DAMAGE.
30  *
31  */
32 
33 /**
34  * @file oscore_crypto.h
35  * @brief An implementation of the Hash Based Key Derivation Function (RFC) and
36  * wrappers for AES-CCM*.
37  *
38  * \author
39  *      Martin Gunnarsson  <martin.gunnarsson@ri.se>
40  *
41  * adapted to libcoap
42  *      Peter van der Stok <consultancy@vanderstok.org>
43  *      on request of Fairhair alliance
44  * adapted for libcoap integration
45  *      Jon Shallow <supjps-libcoap@jpshallow.com>
46  */
47 
48 #ifndef _OSCORE_CRYPTO_H
49 #define _OSCORE_CRYPTO_H
50 
51 #include <coap3/coap_internal.h>
52 
53 /**
54  * @ingroup internal_api
55  * @addtogroup oscore_internal
56  * @{
57  */
58 
59 #define HKDF_INFO_MAXLEN   25
60 #define HKDF_OUTPUT_MAXLEN 25
61 #define AES_CCM_TAG        8
62 
63 /* Plaintext Maxlen and Tag Maxlen is quite generous. */
64 #define AEAD_PLAINTEXT_MAXLEN COAP_MAX_CHUNK_SIZE
65 #define AEAD_TAG_MAXLEN       COAP_MAX_CHUNK_SIZE
66 
67 /**
68  * Derive the hmac hash using HMAC-HASH() function.
69  *
70  * @param hmac_alg     The HMAC algorith to use (e.g. sha256).
71  * @param key          The key to use.
72  * @param data         The data to hash.
73  * @param hmac         The result of the hash.
74  *
75  * @return @c 0 if failure, else @c 1.
76  */
77 int oscore_hmac_hash(cose_hmac_alg_t hmac_alg,
78                      coap_bin_const_t *key,
79                      coap_bin_const_t *data,
80                      coap_bin_const_t **hmac);
81 
82 /**
83  * Derive the pseudorandom key using HKDF-Extract() function.
84  * Uses HMAC-HASH() function.
85  *
86  * @param hkdf_alg     The HKDF algorith to use (e.g. ed25519).
87  * @param salt         The optional salt value to use.
88  * @param ikm          The Input Keying material.
89  * @param hkdf_extract The output pseudorandom key
90  *                     (length determined by hkdf_alg).
91  *
92  * @return @c 0 if failure, else @c 1.
93  */
94 int oscore_hkdf_extract(cose_hkdf_alg_t hkdf_alg,
95                         coap_bin_const_t *salt,
96                         coap_bin_const_t *ikm,
97                         coap_bin_const_t **hkdf_extract);
98 
99 /**
100  * Derive the key using HKDF-Expand() function.
101  * Uses HMAC-HASH() function.
102  *
103  * @param hkdf_alg The HKDF algorith to use (e.g. ed25519).
104  * @param prk      Usually ouptut from HKDF-Extract().
105  * @param info     Optional context / application specific information.
106  * @param info_len Length of info (can be 0).
107  * @param okm      Output key material.
108  * @param okm_len  Length of output key material (L).
109  *
110  * @return @c 0 if failure, else @c 1.
111  */
112 int oscore_hkdf_expand(cose_hkdf_alg_t hkdf_alg,
113                        coap_bin_const_t *prk,
114                        uint8_t *info,
115                        size_t info_len,
116                        uint8_t *okm,
117                        size_t okm_len);
118 
119 /**
120  * Derive the key using HKDF() function.
121  * Invokes the HKDF-Extract() and HKDF-Expand() functions.
122  *
123  * @param hkdf_alg The HKDF algorith to use (e.g. ed25519).
124  * @param salt     The optional salt value to use.
125  * @param ikm      The Input Keying material.
126  * @param info     Optional context / application specific information.
127  * @param info_len Length of info (can be 0).
128  * @param okm      Output key material.
129  * @param okm_len  Length of output key material (L).
130  *
131  * @return @c 0 if failure, else @c 1.
132  */
133 int oscore_hkdf(cose_hkdf_alg_t hkdf_alg,
134                 coap_bin_const_t *salt,
135                 coap_bin_const_t *ikm,
136                 uint8_t *info,
137                 size_t info_len,
138                 uint8_t *okm,
139                 size_t okm_len);
140 
141 /** @} */
142 
143 #endif /* _OSCORE_CRYPTO_H */
144