1 /* 2 * This file is part of the openHiTLS project. 3 * 4 * openHiTLS is licensed under the Mulan PSL v2. 5 * You can use this software according to the terms and conditions of the Mulan PSL v2. 6 * You may obtain a copy of Mulan PSL v2 at: 7 * 8 * http://license.coscl.org.cn/MulanPSL2 9 * 10 * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, 11 * EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, 12 * MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE. 13 * See the Mulan PSL v2 for more details. 14 */ 15 16 /** 17 * @defgroup crypt_eal_pkey 18 * @ingroup crypt 19 * @brief the asym key module 20 */ 21 22 #ifndef CRYPT_EAL_PKEY_H 23 #define CRYPT_EAL_PKEY_H 24 25 #include <stdbool.h> 26 #include <stdint.h> 27 #include "crypt_algid.h" 28 #include "crypt_types.h" 29 #include "bsl_params.h" 30 31 #ifdef __cplusplus 32 extern "C" { 33 #endif // __cplusplus 34 35 /** 36 * @ingroup crypt_eal_pkey 37 * 38 * EAL public key structure 39 */ 40 typedef struct { 41 CRYPT_PKEY_AlgId id; /**< Public Key Algorithm ID */ 42 union { 43 CRYPT_RsaPub rsaPub; /**< RSA public key structure */ 44 CRYPT_DsaPub dsaPub; /**< DSA public key structure */ 45 CRYPT_DhPub dhPub; /**< DH public key structure */ 46 CRYPT_EccPub eccPub; /**< ECC public key structure */ 47 CRYPT_Curve25519Pub curve25519Pub; /**< ed25519/x25519 public key structure */ 48 CRYPT_PaillierPub paillierPub; /**< Paillier public key structure */ 49 CRYPT_KemEncapsKey kemEk; /**< kem encaps key structure */ 50 CRYPT_ElGamalPub elgamalPub; /**< Elgamal public key structure */ 51 CRYPT_MlDsaPub mldsaPub; /**< MLDSA public key structure */ 52 CRYPT_SlhDsaPub slhDsaPub; /**< SLH-DSA public key structure */ 53 } key; /**< Public key union of all algorithms */ 54 } CRYPT_EAL_PkeyPub; 55 56 #define CRYPT_EAL_PKEY_UNKNOWN_OPERATE 0 57 #define CRYPT_EAL_PKEY_CIPHER_OPERATE 1 58 #define CRYPT_EAL_PKEY_EXCH_OPERATE 2 59 #define CRYPT_EAL_PKEY_SIGN_OPERATE 4 60 #define CRYPT_EAL_PKEY_KEM_OPERATE 8 61 62 /** 63 * @ingroup crypt_eal_pkey 64 * 65 * EAL private key structure 66 */ 67 typedef struct { 68 CRYPT_PKEY_AlgId id; /**< private key algorithm ID */ 69 union { 70 CRYPT_RsaPrv rsaPrv; /**< RSA private key structure */ 71 CRYPT_DsaPrv dsaPrv; /**< DSA private key structure */ 72 CRYPT_DhPrv dhPrv; /**< DH private key structure */ 73 CRYPT_EccPrv eccPrv; /**< ECC private key structure */ 74 CRYPT_Curve25519Prv curve25519Prv; /**< ed25519/x25519 private key structure */ 75 CRYPT_PaillierPrv paillierPrv; /**< Paillier private key structure */ 76 CRYPT_KemDecapsKey kemDk; /**< kem decaps key structure */ 77 CRYPT_ElGamalPrv elgamalPrv; /**< ElGamal private key structure */ 78 CRYPT_MlDsaPrv mldsaPrv; /**< MLDSA private key structure */ 79 CRYPT_SlhDsaPrv slhDsaPrv; /**< SLH-DSA private key structure */ 80 } key; /**<Private key union of all algorithms */ 81 } CRYPT_EAL_PkeyPrv; 82 83 /** 84 * @ingroup crypt_eal_pkey 85 * 86 * Structure used by the Para parameter of the asymmetric algorithm, including the algorithm ID and the 87 * para combination of the corresponding algorithm. 88 */ 89 typedef struct { 90 CRYPT_PKEY_AlgId id; /**< asymmetric algorithm ID */ 91 union { 92 CRYPT_RsaPara rsaPara; /**< RSA Para structure */ 93 CRYPT_DsaPara dsaPara; /**< DSA Para structure */ 94 CRYPT_DhPara dhPara; /**< DH Para structure */ 95 CRYPT_EccPara eccPara; /**< ECC Para structure */ 96 CRYPT_PaillierPara paillierPara; /**< Paillier Para structure */ 97 CRYPT_ElGamalPara elgamalPara; /**< ElGamal Para structure */ 98 } para; /**<Para union of all algorithms */ 99 } CRYPT_EAL_PkeyPara; 100 101 /** 102 * @ingroup crypt_eal_pkey 103 * 104 * Pkey session structure. 105 */ 106 typedef struct EAL_PkeyCtx CRYPT_EAL_PkeyCtx; 107 108 /** 109 * @ingroup crypt_eal_pkey 110 * @brief Check whether the id is valid asymmetric algorithm ID. 111 * 112 * @param id [IN] Asymmetric algorithm ID 113 * 114 * @retval true, if the value is valid. 115 * false, if the value is invalid. 116 */ 117 bool CRYPT_EAL_PkeyIsValidAlgId(CRYPT_PKEY_AlgId id); 118 119 /* Pkey external interface */ 120 121 /** 122 * @ingroup crypt_eal_pkey 123 * @brief Create an asymmetric key pair structure. 124 * 125 * @param id [IN] Algorithm ID 126 * 127 * @retval CRYPT_EAL_PkeyCtx pointer. 128 * NULL, if the operation fails. 129 */ 130 CRYPT_EAL_PkeyCtx *CRYPT_EAL_PkeyNewCtx(CRYPT_PKEY_AlgId id); 131 132 /** 133 * @ingroup crypt_eal_pkey 134 * @brief Create an asymmetric key pair structure in the providers. 135 * 136 * @param libCtx [IN] Library context 137 * @param algId [IN] Asymmetric algorithm ID. 138 * @param pkeyOperType [IN] Specify operation type. 139 * @param attrName [IN] Specify expected attribute values 140 * 141 * @retval CRYPT_EAL_PkeyCtx pointer. 142 * NULL, if the operation fails. 143 */ 144 CRYPT_EAL_PkeyCtx *CRYPT_EAL_ProviderPkeyNewCtx(CRYPT_EAL_LibCtx *libCtx, int32_t algId, uint32_t pkeyOperType, 145 const char *attrName); 146 147 /** 148 * @ingroup crypt_eal_pkey 149 * @brief Copy the pkey context. 150 * 151 * @param to [IN/OUT] Target pkey context 152 * @param from [IN] Source pkey context 153 * 154 * @retval #CRYPT_SUCCESS. 155 * For other error codes, see crypt_errno.h. 156 */ 157 int32_t CRYPT_EAL_PkeyCopyCtx(CRYPT_EAL_PkeyCtx *to, const CRYPT_EAL_PkeyCtx *from); 158 159 /** 160 * @ingroup crypt_eal_pkey 161 * @brief Copy the Pkey context. 162 * After the duplication is complete, call the CRYPT_EAL_PkeyFreeCtx interface to release the memory. 163 * 164 * @param ctx [IN] Source Pkey context 165 * 166 * @retval CRYPT_EAL_PkeyCtx, Pkey context pointer. 167 * NULL, if the operation fails. 168 */ 169 CRYPT_EAL_PkeyCtx *CRYPT_EAL_PkeyDupCtx(const CRYPT_EAL_PkeyCtx *pkey); 170 171 /** 172 * @ingroup crypt_eal_pkey 173 * @brief Release the asymmetric key pair structure. 174 * 175 * @param pkey [IN] Pkey context, which need to be set NULL by the caller. 176 */ 177 void CRYPT_EAL_PkeyFreeCtx(CRYPT_EAL_PkeyCtx *pkey); 178 179 /** 180 * @ingroup crypt_eal_pkey 181 * @brief Set the key parameters, the key parameter marked as "para" is applied for and released by the caller. 182 * 183 * @param pkey [IN/OUT] Structure of the key pair to be set 184 * @param para [IN] Parameter 185 * 186 * @retval #CRYPT_SUCCESS. 187 * For other error codes, see crypt_errno.h. 188 */ 189 int32_t CRYPT_EAL_PkeySetPara(CRYPT_EAL_PkeyCtx *pkey, const CRYPT_EAL_PkeyPara *para); 190 191 /** 192 * @ingroup crypt_eal_pkey 193 * @brief Obtain the key parameter, the key parameter marked as "para" is applied for and released by the caller. 194 * 195 * @param pkey [IN] Key pair structure 196 * @param para [OUT] Parameter to be received 197 * 198 * @retval #CRYPT_SUCCESS. 199 * For other error codes, see crypt_errno.h. 200 */ 201 int32_t CRYPT_EAL_PkeyGetPara(const CRYPT_EAL_PkeyCtx *pkey, CRYPT_EAL_PkeyPara *para); 202 203 /** 204 * @ingroup crypt_eal_pkey 205 * @brief Set key parameters. 206 * 207 * @param pkey [IN/OUT] Structure of the key pair to be set. 208 * @param id [IN] Parameter ID. 209 * 210 * @retval #CRYPT_SUCCESS. 211 * For other error codes, see crypt_errno.h. 212 */ 213 int32_t CRYPT_EAL_PkeySetParaById(CRYPT_EAL_PkeyCtx *pkey, CRYPT_PKEY_ParaId id); 214 215 /** 216 * @ingroup crypt_eal_pkey 217 * @brief Generate the key data. 218 * 219 * @param pkey [IN/OUT] Key pair structure for receiving key data. 220 * 221 * @retval #CRYPT_SUCCESS. 222 * For other error codes, see crypt_errno.h. 223 */ 224 int32_t CRYPT_EAL_PkeyGen(CRYPT_EAL_PkeyCtx *pkey); 225 226 /** 227 * @ingroup crypt_eal_pkey 228 * @brief Set the public key. The caller applies for and releases memory for the public key marked as "key". 229 * 230 * @param pkey [OUT] Key pair structure for receiving key data 231 * @param key [IN] Public key data 232 * 233 * @retval #CRYPT_SUCCESS. 234 * For other error codes, see crypt_errno.h. 235 */ 236 int32_t CRYPT_EAL_PkeySetPub(CRYPT_EAL_PkeyCtx *pkey, const CRYPT_EAL_PkeyPub *key); 237 238 /** 239 * @ingroup crypt_eal_pkey 240 * @brief Extended interface to set the public key. 241 * 242 * This function is an extended version of CRYPT_EAL_PkeySetPub, which allows passing additional parameters 243 * to meet more complex public key setting requirements. 244 * 245 * @param pkey [OUT] Key pair structure for receiving key data 246 * @param param [IN] Public key data 247 * 248 * @retval #CRYPT_SUCCESS. 249 * For other error codes, see crypt_errno.h. 250 */ 251 int32_t CRYPT_EAL_PkeySetPubEx(CRYPT_EAL_PkeyCtx *pkey, const BSL_Param *param); 252 253 /** 254 * @ingroup crypt_eal_pkey 255 * @brief Set the private key. The caller applies for and releases memory for the private key marked as "key". 256 * 257 * @param pkey [OUT] Key pair structure for receiving key data 258 * @param key [IN] Private key data 259 * 260 * @retval #CRYPT_SUCCESS. 261 * For other error codes, see crypt_errno.h. 262 */ 263 int32_t CRYPT_EAL_PkeySetPrv(CRYPT_EAL_PkeyCtx *pkey, const CRYPT_EAL_PkeyPrv *key); 264 265 /** 266 * @ingroup crypt_eal_pkey 267 * @brief Extended interface to set the private key. 268 * 269 * This function is an extended version of CRYPT_EAL_PkeySetPrv, which allows passing additional parameters 270 * to meet more complex public key setting requirements. 271 * 272 * @param pkey [OUT] Key pair structure for receiving key data 273 * @param param [IN] Private key data 274 * 275 * @retval #CRYPT_SUCCESS. 276 * For other error codes, see crypt_errno.h. 277 */ 278 int32_t CRYPT_EAL_PkeySetPrvEx(CRYPT_EAL_PkeyCtx *pkey, const BSL_Param *param); 279 280 /** 281 * @ingroup crypt_eal_pkey 282 * @brief Obtain the public key. The caller applies for and releases memory for the public key marked as "key". 283 * 284 * @param pkey [IN] Key session 285 * @param key [OUT] Public key data 286 * 287 * @retval #CRYPT_SUCCESS. 288 * For other error codes, see crypt_errno.h. 289 */ 290 int32_t CRYPT_EAL_PkeyGetPub(const CRYPT_EAL_PkeyCtx *pkey, CRYPT_EAL_PkeyPub *key); 291 292 /** 293 * @ingroup crypt_eal_pkey 294 * @brief Extended interface to obtain the public key. 295 * 296 * This function is an extended version of CRYPT_EAL_PkeyGetPub, which allows passing parameters 297 * through the BSL_Param structure to meet more complex public key acquisition requirements. 298 * 299 * @param pkey [IN] Key session 300 * @param param [IN] parameters 301 * 302 * @retval #CRYPT_SUCCESS. 303 * For other error codes, see crypt_errno.h. 304 */ 305 int32_t CRYPT_EAL_PkeyGetPubEx(const CRYPT_EAL_PkeyCtx *pkey, BSL_Param *param); 306 307 /** 308 * @ingroup crypt_eal_pkey 309 * @brief Obtain the private key. The caller applies for and releases memory for the private key marked as "key". 310 * 311 * @param pkey [IN] Key session 312 * @param key [OUT] Private key data 313 * 314 * @retval #CRYPT_SUCCESS. 315 * For other error codes, see crypt_errno.h. 316 */ 317 int32_t CRYPT_EAL_PkeyGetPrv(const CRYPT_EAL_PkeyCtx *pkey, CRYPT_EAL_PkeyPrv *key); 318 319 /** 320 * @ingroup crypt_eal_pkey 321 * @brief Extended interface to obtain the private key. 322 * 323 * This function is an extended version of CRYPT_EAL_PkeyGetPrv, which allows passing parameters 324 * through the BSL_Param structure to meet more complex public key acquisition requirements. 325 * 326 * @param pkey [IN] Key session 327 * @param param [OUT] Private key data 328 * 329 * @retval #CRYPT_SUCCESS. 330 * For other error codes, see crypt_errno.h. 331 */ 332 int32_t CRYPT_EAL_PkeyGetPrvEx(const CRYPT_EAL_PkeyCtx *pkey, BSL_Param *param); 333 334 /** 335 * @ingroup crypt_eal_pkey 336 * @brief Signature interface 337 * 338 * @param pkey [IN] Key session 339 * @param id [IN] Hash algorithm ID. 340 * @param data [IN] Plaintext data 341 * @param dataLen [IN] Plaintext length. The maximum length is [0, 0xffffffff]. 342 * @param sign [OUT] Signature data. The length of the memory buff used to save the signature must be 343 * greater than or equal to the key modulo length. 344 * @param signLen [OUT/IN] Length of the signature data, You can obtain the value by calling 345 * CRYPT_EAL_PkeyGetSignLen. 346 * 347 * @retval #CRYPT_SUCCESS. 348 * For other error codes, see crypt_errno.h. 349 */ 350 int32_t CRYPT_EAL_PkeySign(const CRYPT_EAL_PkeyCtx *pkey, CRYPT_MD_AlgId id, const uint8_t *data, 351 uint32_t dataLen, uint8_t *sign, uint32_t *signLen); 352 353 /** 354 * @ingroup crypt_eal_pkey 355 * @brief Signature verification interface 356 * 357 * @param pkey [IN] Key session 358 * @param id [IN] Hash algorithm ID. 359 * @param data [IN] Plaintext data 360 * @param dataLen [IN] Plaintext length. The maximum length is [0,0xffffffff]. 361 * @param sign [IN] Signature data 362 * @param signLen [IN] Length of the signature data 363 * 364 * @retval #CRYPT_SUCCESS. 365 * For other error codes, see crypt_errno.h. 366 */ 367 int32_t CRYPT_EAL_PkeyVerify(const CRYPT_EAL_PkeyCtx *pkey, CRYPT_MD_AlgId id, const uint8_t *data, 368 uint32_t dataLen, const uint8_t *sign, uint32_t signLen); 369 370 /** 371 * @ingroup crypt_eal_pkey 372 * @brief Sign hash data 373 * 374 * @param pkey [IN] Key session 375 * @param hash [IN] Hash data 376 * @param hashLen [IN] Hash length. 377 * When RSA is used for signature, the hash length should correspond to the 378 * digest length of the hash algorithm on which the padding method depends. 379 * @param sign [OUT] Signature data. The length of the memory buff used to save the signature 380 * must be greater than or equal to the key module length. 381 * @param signLen [OUT/IN] Length of the signature data. 382 * The value can be obtained by calling CRYPT_EAL_PkeyGetSignLen. 383 * 384 * @retval #CRYPT_SUCCESS, if successful. 385 * For other error codes see crypt_errno.h 386 */ 387 int32_t CRYPT_EAL_PkeySignData(const CRYPT_EAL_PkeyCtx *pkey, const uint8_t *hash, uint32_t hashLen, 388 uint8_t *sign, uint32_t *signLen); 389 390 /** 391 * @ingroup crypt_eal_pkey 392 * @brief Verify the signature of the hash data 393 * 394 * @param pkey [IN] Key session 395 * @param hash [IN] Hash data 396 * @param hashLen [IN] Hash length. 397 * When RSA is used for signature, the hash length should correspond to the digest 398 * length of the hash algorithm on which the padding method depends. 399 * @param sign [IN] Signature data 400 * @param signLen [IN] Length of the signature data 401 * 402 * @retval #CRYPT_SUCCESS, if successful. 403 * For other error codes, see crypt_errno.h. 404 */ 405 int32_t CRYPT_EAL_PkeyVerifyData(const CRYPT_EAL_PkeyCtx *pkey, const uint8_t *hash, uint32_t hashLen, 406 const uint8_t *sign, uint32_t signLen); 407 408 /** 409 * @ingroup crypt_eal_pkey 410 * @brief Encrypt data. 411 * 412 * @param pkey [IN] Key session 413 * @param data [IN] Input plaintext data. 414 * @param dataLen [IN] Input plaintext data length. 415 * @param out [OUT] Encrypted data. The buff length of the memory used to store the encrypted data 416 * must be greater than or equal to the key modulus length. 417 * @param outLen [OUT/IN] Encrypted data length. 418 * 419 * @retval #CRYPT_SUCCESS, if successful. 420 * For other error codes, see crypt_errno.h. 421 */ 422 int32_t CRYPT_EAL_PkeyEncrypt(const CRYPT_EAL_PkeyCtx *pkey, const uint8_t *data, uint32_t dataLen, 423 uint8_t *out, uint32_t *outLen); 424 425 /** 426 * @ingroup crypt_eal_pkey 427 * @brief Decrypt the data. 428 * 429 * @param pkey [IN] Key session 430 * @param data [IN] Input ciphertext data. 431 * @param dataLen [IN] Input ciphertext data length. 432 * @param out [OUT] Decrypted data 433 * @param outLen [OUT/IN] Length of the decrypted data. 434 * 435 * @retval #CRYPT_SUCCESS, if successful. 436 * For other error codes, see crypt_errno.h. 437 */ 438 int32_t CRYPT_EAL_PkeyDecrypt(const CRYPT_EAL_PkeyCtx *pkey, const uint8_t *data, uint32_t dataLen, 439 uint8_t *out, uint32_t *outLen); 440 441 /** 442 * @ingroup crypt_eal_pkey 443 * @brief Check whether the public and private keys match. 444 * Currently not supported in the provider, supported in the future 445 * 446 * @param pubKey [IN] Public key 447 * @param prvKey [IN] private key 448 * 449 * @retval #CRYPT_SUCCESS, if successful. 450 * For other error codes, see crypt_errno.h. 451 */ 452 int32_t CRYPT_EAL_PkeyPairCheck(CRYPT_EAL_PkeyCtx *pubKey, CRYPT_EAL_PkeyCtx *prvKey); 453 454 /** 455 * @ingroup crypt_eal_pkey 456 * @brief Compute the shared key. 457 * 458 * @param pkey [IN] Key session 459 * @param pubKey [IN] Public key session 460 * @param share [OUT] Shared key 461 * @param shareLen [IN/OUT] The input parameter is the share space length, and the output parameter is the 462 * valid share space length, the required space can be obtained by calling the CRYPT_EAL_PkeyGetKeyLen interface. 463 * 464 * @retval #CRYPT_SUCCESS, if successful. 465 * For other error codes, see crypt_errno.h. 466 */ 467 int32_t CRYPT_EAL_PkeyComputeShareKey(const CRYPT_EAL_PkeyCtx *pkey, const CRYPT_EAL_PkeyCtx *pubKey, 468 uint8_t *share, uint32_t *shareLen); 469 470 /** 471 * @ingroup crypt_eal_pkey 472 * @brief Obtain the number of bytes in the key length. 473 * 474 * @param pkey [IN] Key session 475 * 476 * @retval Key length, if successful. 477 * 0, if failed. 478 */ 479 uint32_t CRYPT_EAL_PkeyGetKeyLen(const CRYPT_EAL_PkeyCtx *pkey); 480 481 /** 482 * @ingroup crypt_eal_pkey 483 * @brief Obtain the key security strength. Only supports CRYPT_PKEY_RSA and CRYPT_PKEY_ECDSA. 484 * 485 * @param pkey [IN] Key session 486 * 487 * @retval Key security strength, if successful. 488 * 0, if failed. 489 */ 490 uint32_t CRYPT_EAL_PkeyGetSecurityBits(const CRYPT_EAL_PkeyCtx *pkey); 491 492 /** 493 * @ingroup crypt_eal_pkey 494 * @brief Obtain the number of bits in the key length. 495 * 496 * @param pkey [IN] Key session 497 * 498 * @retval Number of key bits, if successful. 499 * 0, if failed. 500 */ 501 uint32_t CRYPT_EAL_PkeyGetKeyBits(const CRYPT_EAL_PkeyCtx *pkey); 502 503 /** 504 * @ingroup crypt_eal_pkey 505 * @brief Obtains the signature length of the key for signature, only support algorithm that can be signed. 506 * 507 * @param pkey [IN] Key session 508 * 509 * @retval Signature length, if successful. 510 * 0, if failed. 511 */ 512 uint32_t CRYPT_EAL_PkeyGetSignLen(const CRYPT_EAL_PkeyCtx *pkey); 513 514 /** 515 * @ingroup crypt_eal_pkey 516 * @brief Make specific option for setting/obtain, supported option can see the structure of CRYPT_PkeyCtrl. 517 * 518 * @param pkey [IN] Key session 519 * @param opt [IN] Option information 520 * @param val [IN/OUT] Data to be set/obtained 521 * @param len [IN] Length of the data marked as "val" 522 * 523 * @retval #CRYPT_SUCCESS, if successful. 524 * For other error codes, see crypt_errno.h. 525 */ 526 int32_t CRYPT_EAL_PkeyCtrl(CRYPT_EAL_PkeyCtx *pkey, int32_t opt, void *val, uint32_t len); 527 528 /** 529 * @ingroup crypt_eal_pkey 530 * @brief Perform blind operation on input data using the specified algorithm. 531 * For RSA BSSA, users need to ensure sufficient entropy in the message if the input has low entropy. 532 * @param pkey [IN] Key session 533 * @param id [IN] md Id for input. 534 * @param input [IN] Data to be blinded 535 * @param inputLen [IN] Length of input data 536 * @param out [OUT] Blinded output data 537 * @param outLen [OUT] Length of blinded data 538 * 539 * @retval #CRYPT_SUCCESS, if successful. 540 * For other error codes, see crypt_errno.h. 541 */ 542 int32_t CRYPT_EAL_PkeyBlind(CRYPT_EAL_PkeyCtx *pkey, CRYPT_MD_AlgId id, const uint8_t *input, uint32_t inputLen, 543 uint8_t *out, uint32_t *outLen); 544 545 /** 546 * @ingroup crypt_eal_pkey 547 * @brief Perform unblind operation on blinded data. 548 * 549 * @param pkey [IN] Key session 550 * @param input [IN] Blinded data to be unblinded 551 * @param inputLen [IN] Length of blinded data 552 * @param out [OUT] Unblinded output data 553 * @param outLen [OUT] Length of unblinded data 554 * 555 * @retval #CRYPT_SUCCESS, if successful. 556 * For other error codes, see crypt_errno.h. 557 */ 558 int32_t CRYPT_EAL_PkeyUnBlind(CRYPT_EAL_PkeyCtx *pkey, const uint8_t *input, uint32_t inputLen, 559 uint8_t *out, uint32_t *outLen); 560 561 /** 562 * @ingroup crypt_eal_pkey 563 * @brief Obtain the key algorithm type. 564 * 565 * @param pkey [IN] Key session 566 * 567 * @retval Key algorithm type 568 */ 569 CRYPT_PKEY_AlgId CRYPT_EAL_PkeyGetId(const CRYPT_EAL_PkeyCtx *pkey); 570 571 /** 572 * @ingroup crypt_eal_pkey 573 * @brief Obtain the key algorithm parameter ID. 574 * 575 * @param pkey [IN] Key session 576 * 577 * @retval Algorithm parameter ID 578 */ 579 CRYPT_PKEY_ParaId CRYPT_EAL_PkeyGetParaId(const CRYPT_EAL_PkeyCtx *pkey); 580 581 582 /** 583 * @ingroup crypt_eal_pkey 584 * @brief Compare keys or parameters 585 * 586 * @param a [IN] Key session 587 * @param b [IN] Key session 588 * 589 * @retval #CRYPT_SUCCESS, a and b are the same(include both a and b are null) 590 * @retval #CRYPT_NULL_INPUT, incorrect null pointer input. 591 * @retval For other error codes, see crypt_errno.h. 592 */ 593 int32_t CRYPT_EAL_PkeyCmp(const CRYPT_EAL_PkeyCtx *a, const CRYPT_EAL_PkeyCtx *b); 594 595 /** 596 * @ingroup crypt_eal_pkey 597 * @brief Set the user's personal data. 598 * 599 * @param pkey [IN] Key session 600 * @param data [IN] Pointer to the user's personal data 601 * 602 * @retval #CRYPT_SUCCESS, if successful. 603 * @retval #CRYPT_NULL_INPUT, if pkey is NULL. 604 */ 605 int32_t CRYPT_EAL_PkeySetExtData(CRYPT_EAL_PkeyCtx *pkey, void *data); 606 607 /** 608 * @ingroup crypt_eal_pkey 609 * @brief Obtain the user's personal data. 610 * 611 * @param pkey [IN] Key session 612 * 613 * @retval void*(user personal data pointer), which indicates successful. 614 * NULL, which indicates failed. 615 */ 616 void *CRYPT_EAL_PkeyGetExtData(const CRYPT_EAL_PkeyCtx *pkey); 617 618 /** 619 * @ingroup crypt_eal_pkey 620 * @brief EAL layer reference counting auto-increment 621 * 622 * @param pkey [IN] Key session 623 * 624 * @retval #CRYPT_SUCCESS. 625 * For other error codes see crypt_errno.h. 626 */ 627 int32_t CRYPT_EAL_PkeyUpRef(CRYPT_EAL_PkeyCtx *pkey); 628 629 /** 630 * @ingroup crypt_eal_pkey 631 * @brief Initialize asymmetric key encapsulation context 632 * 633 * @param pkey [in] Pointer to the key context 634 * @param params [in] Algorithm parameters 635 * 636 * @retval #CRYPT_SUCCESS. 637 * For other error codes see crypt_errno.h. 638 */ 639 int32_t CRYPT_EAL_PkeyEncapsInit(CRYPT_EAL_PkeyCtx *pkey, BSL_Param *params); 640 641 /** 642 * @ingroup crypt_eal_pkey 643 * @brief Initialize asymmetric key decapsulation context 644 * 645 * @param pkey [in] Pointer to the key context 646 * @param params [in] Algorithm parameters 647 * 648 * @retval #CRYPT_SUCCESS. 649 * For other error codes see crypt_errno.h. 650 */ 651 int32_t CRYPT_EAL_PkeyDecapsInit(CRYPT_EAL_PkeyCtx *pkey, BSL_Param *params); 652 653 /** 654 * @ingroup crypt_eal_pkey 655 * @brief Perform key encapsulation operation 656 * 657 * @param pkey [in] Initialized key context 658 * @param cipher [out] Output buffer for encapsulated ciphertext 659 * @param cipherLen [in,out] Input: buffer capacity, Output: actual ciphertext length 660 * @param sharekey [out] Output buffer for shared secret 661 * @param shareKeyLen [in,out] Input: buffer capacity, Output: actual secret length 662 * 663 * @retval #CRYPT_SUCCESS. 664 * For other error codes see crypt_errno.h. 665 */ 666 int32_t CRYPT_EAL_PkeyEncaps(const CRYPT_EAL_PkeyCtx *pkey, uint8_t *cipher, uint32_t *cipherLen, uint8_t *sharekey, 667 uint32_t *shareKeyLen); 668 669 /** 670 * @ingroup crypt_eal_pkey 671 * @brief Perform key decapsulation operation 672 * 673 * @param pkey [in] Initialized key context 674 * @param cipher [in] Input encapsulated ciphertext 675 * @param cipherLen [in] Length of the input ciphertext 676 * @param sharekey [out] Output buffer for shared secret 677 * @param shareKeyLen [in,out] Input: buffer capacity, Output: actual secret length 678 * 679 * @retval #CRYPT_SUCCESS. 680 * For other error codes see crypt_errno.h. 681 */ 682 int32_t CRYPT_EAL_PkeyDecaps(const CRYPT_EAL_PkeyCtx *pkey, uint8_t *cipher, uint32_t cipherLen, uint8_t *sharekey, 683 uint32_t *shareKeyLen); 684 685 #ifdef __cplusplus 686 } 687 #endif // __cplusplus 688 689 #endif // CRYPT_EAL_PKEY_H 690