1 /* 2 * This file is part of the openHiTLS project. 3 * 4 * openHiTLS is licensed under the Mulan PSL v2. 5 * You can use this software according to the terms and conditions of the Mulan PSL v2. 6 * You may obtain a copy of Mulan PSL v2 at: 7 * 8 * http://license.coscl.org.cn/MulanPSL2 9 * 10 * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, 11 * EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, 12 * MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE. 13 * See the Mulan PSL v2 for more details. 14 */ 15 16 /** 17 * @defgroup crypt_eal_hpke 18 * @ingroup crypt 19 * @brief hpke of crypto module 20 */ 21 22 #ifndef CRYPT_EAL_HPKE_H 23 #define CRYPT_EAL_HPKE_H 24 25 #include <stdint.h> 26 #include "crypt_errno.h" 27 #include "crypt_eal_pkey.h" 28 29 #ifdef __cplusplus 30 extern "C" { 31 #endif // __cplusplus 32 33 typedef enum { 34 CRYPT_HPKE_MODE_BASE = 0x00, 35 CRYPT_HPKE_MODE_PSK = 0x01, 36 CRYPT_HPKE_MODE_AUTH = 0x02, 37 CRYPT_HPKE_MODE_AUTH_PSK = 0x03 38 } CRYPT_HPKE_Mode; 39 40 typedef enum { 41 CRYPT_KEM_DHKEM_P256_HKDF_SHA256 = 0x0010, 42 CRYPT_KEM_DHKEM_P384_HKDF_SHA384 = 0x0011, 43 CRYPT_KEM_DHKEM_P521_HKDF_SHA512 = 0x0012, 44 CRYPT_KEM_DHKEM_X25519_HKDF_SHA256 = 0x0020, 45 } CRYPT_HPKE_KEM_AlgId; 46 47 typedef enum { 48 CRYPT_KDF_HKDF_SHA256 = 0x0001, 49 CRYPT_KDF_HKDF_SHA384 = 0x0002, 50 CRYPT_KDF_HKDF_SHA512 = 0x0003 51 } CRYPT_HPKE_KDF_AlgId; 52 53 typedef enum { 54 CRYPT_AEAD_AES_128_GCM = 0x0001, 55 CRYPT_AEAD_AES_256_GCM = 0x0002, 56 CRYPT_AEAD_CHACHA20_POLY1305 = 0x0003, 57 CRYPT_AEAD_EXPORT_ONLY = 0xffff 58 } CRYPT_HPKE_AEAD_AlgId; 59 60 typedef struct { 61 CRYPT_HPKE_KEM_AlgId kemId; 62 CRYPT_HPKE_KDF_AlgId kdfId; 63 CRYPT_HPKE_AEAD_AlgId aeadId; 64 } CRYPT_HPKE_CipherSuite; 65 66 typedef enum { 67 CRYPT_HPKE_SENDER = 0, 68 CRYPT_HPKE_RECIPIENT = 1, 69 } CRYPT_HPKE_Role; 70 71 typedef struct CRYPT_EAL_HpkeCtx CRYPT_EAL_HpkeCtx; 72 73 /** 74 * @ingroup crypt_eal_hpke 75 * @brief Generate a key pair for HPKE using the specified cipher suite and input key material 76 * 77 * This function generates a key pair for HPKE using the provided cipher suite and input key material. 78 * The generated key pair is returned in a CRYPT_EAL_PkeyCtx structure. 79 * 80 * @param libCtx [IN] The library context 81 * @param attrName [IN] Specify expected attribute values 82 * @param cipherSuite [IN] The HPKE cipher suite to be used for key generation 83 * @param ikm [IN] The input key material for key generation 84 * @param ikmLen [IN] The length of the input key material 85 * @param pkey [OUT] A pointer to a pointer to the generated CRYPT_EAL_PkeyCtx structure 86 * 87 * @retval #CRYPT_SUCCESS if the key pair is generated successfully 88 * Other error codes defined in crypt_errno.h if an error occurs 89 */ 90 int32_t CRYPT_EAL_HpkeGenerateKeyPair(CRYPT_EAL_LibCtx *libCtx, const char *attrName, 91 CRYPT_HPKE_CipherSuite cipherSuite, uint8_t *ikm, uint32_t ikmLen, CRYPT_EAL_PkeyCtx **pkey); 92 93 /** 94 * @ingroup crypt_eal_hpke 95 * @brief Create a new HPKE context 96 * 97 * @param libCtx [IN] Library context 98 * @param attrName [IN] Specify expected attribute values 99 * @param role [IN] HPKE role (sender or recipient) 100 * @param mode [IN] HPKE mode 101 * @param cipherSuite [IN] HPKE cipher suite containing KEM, KDF and AEAD algorithms 102 * 103 * @retval CRYPT_EAL_HpkeCtx pointer if successful, NULL if failed 104 */ 105 CRYPT_EAL_HpkeCtx *CRYPT_EAL_HpkeNewCtx(CRYPT_EAL_LibCtx *libCtx, const char *attrName, CRYPT_HPKE_Role role, 106 CRYPT_HPKE_Mode mode, CRYPT_HPKE_CipherSuite cipherSuite); 107 108 /** 109 * @ingroup crypt_eal_hpke 110 * @brief Get the length of the encapsulated key for the specified cipher suite 111 * 112 * @param cipherSuite [IN] HPKE cipher suite 113 * @param encapKeyLen [OUT] Length of the encapsulated key 114 * 115 * @retval #CRYPT_SUCCESS if successful 116 * Other error codes defined in crypt_errno.h if an error occurs 117 */ 118 int32_t CRYPT_EAL_HpkeGetEncapKeyLen(CRYPT_HPKE_CipherSuite cipherSuite, uint32_t *encapKeyLen); 119 120 /** 121 * @ingroup crypt_eal_hpke 122 * @brief Setup HPKE base mode for sender 123 * 124 * This function only sets up the HPKE context for the sender in the base mode and psk mode. 125 * It takes the sender's private key, the recipient's public key, and additional 126 * information to generate an encapsulated key. 127 * 128 * @param ctx [IN] HPKE context for the sender 129 * @param pkey [IN] Private key context for the sender, if set to NULL, will generate a keypair randomly 130 * @param info [IN] Additional information for the key setup 131 * @param infoLen [IN] Length of the additional information 132 * @param pkR [IN] Recipient's public key. For ec key, the format is 04 || X || Y, for X25519 key, the format is X. 133 * @param pkRLen [IN] Length of the recipient's public key 134 * @param encapKey [OUT] Buffer to store the encapsulated key 135 * @param encapKeyLen [IN/OUT] On input, the length of the buffer; on output, the length of the encapsulated key 136 * 137 * @retval #CRYPT_SUCCESS if the setup is successful 138 * Other error codes defined in crypt_errno.h if an error occurs 139 */ 140 int32_t CRYPT_EAL_HpkeSetupSender(CRYPT_EAL_HpkeCtx *ctx, CRYPT_EAL_PkeyCtx *pkey, uint8_t *info, uint32_t infoLen, 141 uint8_t *pkR, uint32_t pkRLen, uint8_t *encapKey, uint32_t *encapKeyLen); 142 143 /** 144 * @ingroup crypt_eal_hpke 145 * @brief Seal (encrypt) data using HPKE context 146 * 147 * @param ctx [IN] HPKE context 148 * @param aad [IN] Additional authenticated data 149 * @param aadLen [IN] Length of additional authenticated data 150 * @param plainText [IN] Plaintext to encrypt 151 * @param plainTextLen [IN] Length of plaintext 152 * @param cipherText [OUT] Ciphertext output buffer, if set to NULL, only return the ciphertext length 153 * @param cipherTextLen [IN/OUT] On input, the length of the buffer; on output, the length of the ciphertext 154 * 155 * @retval #CRYPT_SUCCESS if successful 156 * Other error codes see crypt_errno.h 157 */ 158 int32_t CRYPT_EAL_HpkeSeal(CRYPT_EAL_HpkeCtx *ctx, uint8_t *aad, uint32_t aadLen, const uint8_t *plainText, 159 uint32_t plainTextLen, uint8_t *cipherText, uint32_t *cipherTextLen); 160 161 /** 162 * @ingroup crypt_eal_hpke 163 * @brief Setup HPKE for the recipient 164 * 165 * This function sets up the HPKE context for the recipient only in the base mode and psk mode. 166 * It takes the recipient's private key, additional information, and the encapsulated key to generate the shared secret. 167 * 168 * @param ctx [IN] HPKE context for the recipient 169 * @param pkey [IN] Private key context for the recipient 170 * @param info [IN] Additional information for the key setup 171 * @param infoLen [IN] Length of the additional information 172 * @param encapKey [IN] Encapsulated key input buffer 173 * @param encapKeyLen [IN] Length of the encapsulated key 174 * 175 * @retval #CRYPT_SUCCESS if the setup is successful 176 * Other error codes defined in crypt_errno.h if an error occurs 177 */ 178 int32_t CRYPT_EAL_HpkeSetupRecipient(CRYPT_EAL_HpkeCtx *ctx, CRYPT_EAL_PkeyCtx *pkey, uint8_t *info, uint32_t infoLen, 179 uint8_t *encapKey, uint32_t encapKeyLen); 180 181 /** 182 * @ingroup crypt_eal_hpke 183 * @brief Open an HPKE-encrypted message 184 * 185 * @param ctx [IN] HPKE context for decryption 186 * @param aad [IN] Additional authenticated data 187 * @param aadLen [IN] Length of the additional authenticated data 188 * @param cipherText [IN] The encrypted message to be decrypted 189 * @param cipherTextLen [IN] Length of the encrypted message 190 * @param plainText [OUT] Buffer to store the decrypted message 191 * @param plainTextLen [IN/OUT] On input, the length of the buffer; on output, the length of the decrypted message 192 * 193 * @retval #CRYPT_SUCCESS if successful 194 * Other error codes see crypt_errno.h 195 */ 196 int32_t CRYPT_EAL_HpkeOpen(CRYPT_EAL_HpkeCtx *ctx, uint8_t *aad, uint32_t aadLen, const uint8_t *cipherText, 197 uint32_t cipherTextLen, uint8_t *plainText, uint32_t *plainTextLen); 198 199 /** 200 * @ingroup crypt_eal_hpke 201 * @brief Export a secret from the HPKE context 202 * 203 * @param ctx [IN] HPKE context 204 * @param info [IN] Additional information for the export 205 * @param infoLen [IN] Length of the additional information 206 * @param key [OUT] Buffer to store the exported secret 207 * @param keyLen [IN] Length of the buffer for the exported secret 208 * 209 * @retval #CRYPT_SUCCESS if successful 210 * Other error codes see crypt_errno.h 211 */ 212 int32_t CRYPT_EAL_HpkeExportSecret(CRYPT_EAL_HpkeCtx *ctx, uint8_t *info, uint32_t infoLen, uint8_t *key, 213 uint32_t keyLen); 214 215 /** 216 * @ingroup crypt_eal_hpke 217 * @brief Set the sequence number for the HPKE context 218 * 219 * @param ctx [IN] HPKE context 220 * @param seq [IN] Sequence number to be set 221 * 222 * @retval #CRYPT_SUCCESS if successful 223 * Other error codes see crypt_errno.h 224 */ 225 int32_t CRYPT_EAL_HpkeSetSeq(CRYPT_EAL_HpkeCtx *ctx, uint64_t seq); 226 227 /** 228 * @ingroup crypt_eal_hpke 229 * @brief Retrieve the sequence number from the HPKE context 230 * 231 * @param ctx [IN] HPKE context 232 * @param seq [OUT] Buffer to store the retrieved sequence number 233 * 234 * @retval #CRYPT_SUCCESS if successful 235 * Other error codes see crypt_errno.h 236 */ 237 int32_t CRYPT_EAL_HpkeGetSeq(CRYPT_EAL_HpkeCtx *ctx, uint64_t *seq); 238 239 /** 240 * @ingroup crypt_eal_hpke 241 * @brief Retrieve the shared secret from the HPKE context 242 * 243 * @param ctx [IN] HPKE context 244 * @param buff [OUT] Buffer to store the shared secret 245 * @param buffLen [IN/OUT] On input, the length of the buffer; on output, the length of the shared secret 246 * 247 * @retval #CRYPT_SUCCESS if successful 248 * Other error codes see crypt_errno.h 249 */ 250 int32_t CRYPT_EAL_HpkeGetSharedSecret(CRYPT_EAL_HpkeCtx *ctx, uint8_t *buff, uint32_t *buffLen); 251 252 /** 253 * @ingroup crypt_eal_hpke 254 * @brief Set the shared secret in the HPKE context 255 * 256 * This function set the shared secret and generate the hpke key info. 257 * 258 * @param ctx [IN] HPKE context 259 * @param info [IN] Additional information for the shared secret 260 * @param infoLen [IN] Length of the additional information 261 * @param buff [IN] Buffer containing the shared secret 262 * @param buffLen [IN] Length of the shared secret 263 * 264 * @retval #CRYPT_SUCCESS if successful 265 * Other error codes see crypt_errno.h 266 */ 267 int32_t CRYPT_EAL_HpkeSetSharedSecret(CRYPT_EAL_HpkeCtx *ctx, uint8_t *info, uint32_t infoLen, uint8_t *buff, 268 uint32_t buffLen); 269 270 /** 271 * @ingroup crypt_eal_hpke 272 * @brief Free HPKE context and associated resources 273 * 274 * @param ctx [IN] HPKE context to free 275 */ 276 void CRYPT_EAL_HpkeFreeCtx(CRYPT_EAL_HpkeCtx *ctx); 277 278 /** 279 * @ingroup crypt_eal_hpke 280 * @brief Setup psk and pskId for mode_psk and mode_auth_psk 281 * 282 * @param ctx [IN] HPKE context 283 * @param psk [IN] Pre-shared key (PSK) used for the key exchange 284 * @param pskLen [IN] Length of the pre-shared key (PSK) in bytes 285 * @param pskId [IN] Identifier for the pre-shared key (PSK) 286 * @param pskIdLen [IN] Length of the PSK identifier in bytes 287 * 288 * @retval #CRYPT_SUCCESS if the setup is successful 289 * Other error codes defined in crypt_errno.h if an error occurs 290 */ 291 int32_t CRYPT_EAL_HpkeSetPsk(CRYPT_EAL_HpkeCtx *ctx,uint8_t* psk,uint32_t pskLen,uint8_t* pskId,uint32_t pskIdLen); 292 293 /** 294 * @ingroup crypt_eal_hpke 295 * @brief Set the authentication private key in the HPKE context 296 * 297 * @param ctx [IN] HPKE context 298 * @param pkey [IN] Private key context for authentication 299 * 300 * @retval #CRYPT_SUCCESS if successful 301 * Other error codes see crypt_errno.h 302 */ 303 int32_t CRYPT_EAL_HpkeSetAuthPriKey(CRYPT_EAL_HpkeCtx *ctx, CRYPT_EAL_PkeyCtx *pkey); 304 305 /** 306 * @ingroup crypt_eal_hpke 307 * @brief Set the authentication public key in the HPKE context 308 * 309 * @param ctx [IN] HPKE context 310 * @param pub [IN] Public key buffer 311 * @param pubLen [IN] Length of the public key buffer 312 * 313 * @retval #CRYPT_SUCCESS if successful 314 * Other error codes see crypt_errno.h 315 */ 316 int32_t CRYPT_EAL_HpkeSetAuthPubKey(CRYPT_EAL_HpkeCtx *ctx, uint8_t *pub, uint32_t pubLen); 317 318 #ifdef __cplusplus 319 } 320 #endif // __cplusplus 321 322 #endif // CRYPT_EAL_HPKE_H 323