diff options
| author | Dariusz Michaluk <d.michaluk@samsung.com> | 2016-10-03 18:04:57 +0200 |
|---|---|---|
| committer | Dariusz Michaluk <d.michaluk@samsung.com> | 2016-10-07 15:30:34 +0200 |
| commit | b1d8262b9bfccf75c48c3d8984d58ad72619e9a9 (patch) | |
| tree | 17f3ec6003055c286bccd0af7aa481a061a8c178 | |
| parent | 5eedde49c9b2d39c2dc08eb7753738d44b247239 (diff) | |
| download | yaca-b1d8262b9bfccf75c48c3d8984d58ad72619e9a9.tar.gz yaca-b1d8262b9bfccf75c48c3d8984d58ad72619e9a9.tar.bz2 yaca-b1d8262b9bfccf75c48c3d8984d58ad72619e9a9.zip | |
Simplify and unify examples.
Change-Id: I6f6f7997c3c04af686b4ec0202cde3027d630e9f
29 files changed, 1764 insertions, 2262 deletions
diff --git a/examples/CMakeLists.txt b/examples/CMakeLists.txt index bfb7a09..a71dc0c 100644 --- a/examples/CMakeLists.txt +++ b/examples/CMakeLists.txt @@ -22,8 +22,7 @@ INCLUDE_DIRECTORIES(${API_FOLDER}) -SET(COMMON_SOURCES ${CMAKE_CURRENT_SOURCE_DIR}/lorem.c - ${CMAKE_CURRENT_SOURCE_DIR}/misc.c) +SET(COMMON_SOURCES ${CMAKE_CURRENT_SOURCE_DIR}/misc.c) FUNCTION(BUILD_EXAMPLE EXAMPLE_NAME SOURCE_FILE) ADD_EXECUTABLE(${EXAMPLE_NAME} @@ -44,16 +43,24 @@ FUNCTION(BUILD_EXAMPLE EXAMPLE_NAME SOURCE_FILE) ENDFUNCTION(BUILD_EXAMPLE) BUILD_EXAMPLE("yaca-example-digest" digest.c) +BUILD_EXAMPLE("yaca-example-digest-simple" digest_simple.c) BUILD_EXAMPLE("yaca-example-encrypt" encrypt.c) -BUILD_EXAMPLE("yaca-example-seal" seal.c) -BUILD_EXAMPLE("yaca-example-encrypt-gcm-ccm" encrypt_aes_gcm_ccm.c) -BUILD_EXAMPLE("yaca-example-sign" sign.c) +BUILD_EXAMPLE("yaca-example-encrypt-gcm" encrypt_gcm.c) +BUILD_EXAMPLE("yaca-example-encrypt-ccm" encrypt_ccm.c) +BUILD_EXAMPLE("yaca-example-encrypt-simple" encrypt_simple.c) +BUILD_EXAMPLE("yaca-example-key-wrap" key_wrap.c) BUILD_EXAMPLE("yaca-example-key-gen" key_gen.c) -BUILD_EXAMPLE("yaca-example-key-exchange" key_exchange.c) -BUILD_EXAMPLE("yaca-example-key-impexp" key_import_export.c) BUILD_EXAMPLE("yaca-example-key-password" key_password.c) -BUILD_EXAMPLE("yaca-example-key-wrap" key_wrap.c) -BUILD_EXAMPLE("yaca-example-rsa" rsa.c) +BUILD_EXAMPLE("yaca-example-key-exchange" key_exchange.c) +BUILD_EXAMPLE("yaca-example-key-impexp-sym" key_import_export_sym.c) +BUILD_EXAMPLE("yaca-example-key-impexp-asym" key_import_export_asym.c) +BUILD_EXAMPLE("yaca-example-rsa-private" rsa_private.c) +BUILD_EXAMPLE("yaca-example-rsa-public" rsa_public.c) +BUILD_EXAMPLE("yaca-example-seal" seal.c) +BUILD_EXAMPLE("yaca-example-sign" sign.c) +BUILD_EXAMPLE("yaca-example-sign-hmac" sign_hmac.c) +BUILD_EXAMPLE("yaca-example-sign-simple" sign_simple.c) +BUILD_EXAMPLE("yaca-example-sign-simple-cmac" sign_simple_cmac.c) INSTALL(FILES ${COMMON_SOURCES} DESTINATION ${EXAMPLES_DIR}) diff --git a/examples/digest.c b/examples/digest.c index 582323e..f37f128 100644 --- a/examples/digest.c +++ b/examples/digest.c @@ -18,76 +18,61 @@ /** * @file digest.c - * @brief + * @brief Message Digest API example. */ +//! [Message Digest API example] +#include <stdio.h> + #include <yaca_crypto.h> #include <yaca_digest.h> -#include <yaca_simple.h> #include <yaca_error.h> -#include "lorem.h" +/* include helpers functions and definitions */ #include "misc.h" -void digest_simple(void) +int main() { - int ret = YACA_ERROR_NONE; - char *digest; - size_t digest_len; + int ret; + yaca_context_h ctx = YACA_CONTEXT_NULL; - ret = yaca_simple_calculate_digest(YACA_DIGEST_SHA256, - lorem1024, - 1024, &digest, &digest_len); + ret = yaca_initialize(); if (ret != YACA_ERROR_NONE) - return; - - dump_hex(digest, digest_len, "Message digest: "); - - yaca_free(digest); -} + goto exit; -void digest_advanced(void) -{ - int ret = YACA_ERROR_NONE; - yaca_context_h ctx; + printf("Plain data (16 of %zu bytes): %.16s\n", INPUT_DATA_SIZE, INPUT_DATA); + /* Initialize digest context */ ret = yaca_digest_initialize(&ctx, YACA_DIGEST_SHA256); if (ret != YACA_ERROR_NONE) - return; + goto exit; - ret = yaca_digest_update(ctx, lorem1024, 1024); + /* Feeds the message */ + ret = yaca_digest_update(ctx, INPUT_DATA, INPUT_DATA_SIZE); if (ret != YACA_ERROR_NONE) goto exit; + /* Get digest length */ size_t digest_len; ret = yaca_context_get_output_length(ctx, 0, &digest_len); if (ret != YACA_ERROR_NONE) goto exit; + /* Calculate digest */ { char digest[digest_len]; - ret = yaca_digest_finalize(ctx, digest, &digest_len); if (ret != YACA_ERROR_NONE) goto exit; + /* display digest in hexadecimal format */ dump_hex(digest, digest_len, "Message digest: "); } exit: yaca_context_destroy(ctx); -} - -int main() -{ - int ret = yaca_initialize(); - if (ret != YACA_ERROR_NONE) - return ret; - - digest_simple(); - - digest_advanced(); yaca_cleanup(); return ret; } +//! [Message Digest API example] diff --git a/examples/digest_simple.c b/examples/digest_simple.c new file mode 100644 index 0000000..083d537 --- /dev/null +++ b/examples/digest_simple.c @@ -0,0 +1,61 @@ +/* + * Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved + * + * Contact: Krzysztof Jackiewicz <k.jackiewicz@samsung.com> + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License + */ + +/** + * @file digest_simple.c + * @brief Simple Message Digest API example. + */ + +//! [Simple Message Digest API example] +#include <stdio.h> + +#include <yaca_crypto.h> +#include <yaca_simple.h> +#include <yaca_error.h> + +/* include helpers functions and definitions */ +#include "misc.h" + +int main() +{ + int ret; + char *digest = NULL; + size_t digest_len; + + ret = yaca_initialize(); + if (ret != YACA_ERROR_NONE) + goto exit; + + printf("Plain data (16 of %zu bytes): %.16s\n", INPUT_DATA_SIZE, INPUT_DATA); + + /* Calculate digest */ + ret = yaca_simple_calculate_digest(YACA_DIGEST_SHA256, INPUT_DATA, INPUT_DATA_SIZE, + &digest, &digest_len); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* display digest in hexadecimal format */ + dump_hex(digest, digest_len, "Message digest: "); + +exit: + yaca_free(digest); + + yaca_cleanup(); + return ret; +} +//! [Simple Message Digest API example] diff --git a/examples/encrypt.c b/examples/encrypt.c index f152588..a72c3b0 100644 --- a/examples/encrypt.c +++ b/examples/encrypt.c @@ -18,123 +18,95 @@ /** * @file encrypt.c - * @brief + * @brief Encrypt API example. */ +//! [Encrypt API example] #include <stdio.h> #include <yaca_crypto.h> -#include <yaca_simple.h> #include <yaca_encrypt.h> #include <yaca_key.h> #include <yaca_error.h> -#include "lorem.h" +/* include helpers functions and definitions */ #include "misc.h" -void encrypt_simple(const yaca_encrypt_algorithm_e algo, - const yaca_block_cipher_mode_e bcm, - const size_t key_bit_len) -{ - yaca_key_h key = YACA_KEY_NULL; - yaca_key_h iv = YACA_KEY_NULL; - - char *enc = NULL; - char *dec = NULL; - size_t enc_len; - size_t dec_len; - size_t iv_bit_len; - - printf("Plain data (16 of %zu bytes): %.16s\n", LOREM4096_SIZE, lorem4096); - - /* Key generation */ - if (yaca_key_derive_pbkdf2("foo bar", "123456789", 10, 1000, - YACA_DIGEST_SHA256, key_bit_len, &key) != YACA_ERROR_NONE) - return; - - if (yaca_encrypt_get_iv_bit_length(algo, bcm, key_bit_len, &iv_bit_len) != YACA_ERROR_NONE) - goto exit; - - if (iv_bit_len > 0 && yaca_key_generate(YACA_KEY_TYPE_IV, iv_bit_len, &iv) != YACA_ERROR_NONE) - goto exit; - - if (yaca_simple_encrypt(algo, bcm, key, iv, lorem4096, LOREM4096_SIZE, &enc, &enc_len) != YACA_ERROR_NONE) - goto exit; - - dump_hex(enc, 16, "Encrypted data (16 of %zu bytes): ", enc_len); - - if (yaca_simple_decrypt(algo, bcm, key, iv, enc, enc_len, &dec, &dec_len) != YACA_ERROR_NONE) - goto exit; - - printf("Decrypted data (16 of %zu bytes): %.16s\n\n", dec_len, dec); - -exit: - yaca_free(enc); - yaca_free(dec); - yaca_key_destroy(iv); - yaca_key_destroy(key); -} - -void encrypt_advanced(const yaca_encrypt_algorithm_e algo, - const yaca_block_cipher_mode_e bcm, - const yaca_key_type_e key_type, - const size_t key_bit_len) +int main() { + int ret; yaca_context_h ctx = YACA_CONTEXT_NULL; yaca_key_h key = YACA_KEY_NULL; yaca_key_h iv = YACA_KEY_NULL; - size_t iv_bit_len; - char *enc = NULL; - char *dec = NULL; - size_t enc_len; - size_t dec_len; + char *encrypted = NULL; + char *decrypted = NULL; + size_t encrypted_len; + size_t decrypted_len; size_t block_len; size_t output_len; size_t written_len; - printf("Plain data (16 of %zu bytes): %.16s\n", LOREM4096_SIZE, lorem4096); + ret = yaca_initialize(); + if (ret != YACA_ERROR_NONE) + goto exit; + + printf("Plain data (16 of %zu bytes): %.16s\n", INPUT_DATA_SIZE, INPUT_DATA); /* Key generation */ - if (yaca_key_generate(key_type, key_bit_len, &key) != YACA_ERROR_NONE) - return; - - if (yaca_encrypt_get_iv_bit_length(algo, bcm, key_bit_len, &iv_bit_len) != YACA_ERROR_NONE) + ret = yaca_key_generate(YACA_KEY_TYPE_SYMMETRIC, YACA_KEY_LENGTH_256BIT, &key); + if (ret != YACA_ERROR_NONE) goto exit; - if (iv_bit_len > 0 && yaca_key_generate(YACA_KEY_TYPE_IV, iv_bit_len, &iv) != YACA_ERROR_NONE) + /* IV generation */ + ret = yaca_key_generate(YACA_KEY_TYPE_IV, YACA_KEY_LENGTH_IV_128BIT, &iv); + if (ret != YACA_ERROR_NONE) goto exit; /* Encryption */ { - if (yaca_encrypt_initialize(&ctx, algo, bcm, key, iv) != YACA_ERROR_NONE) + /* Initialize encryption context */ + ret = yaca_encrypt_initialize(&ctx, YACA_ENCRYPT_AES, YACA_BCM_CBC, key, iv); + if (ret != YACA_ERROR_NONE) goto exit; - /* For the update */ - if (yaca_context_get_output_length(ctx, LOREM4096_SIZE, &output_len) != YACA_ERROR_NONE) + /* Get output length for the update */ + ret = yaca_context_get_output_length(ctx, INPUT_DATA_SIZE, &output_len); + if (ret != YACA_ERROR_NONE) goto exit; - /* For the finalize */ - if (yaca_context_get_output_length(ctx, 0, &block_len) != YACA_ERROR_NONE) + /* Get output length for the finalize */ + ret = yaca_context_get_output_length(ctx, 0, &block_len); + if (ret != YACA_ERROR_NONE) goto exit; - /* Calculate max output: size of update + final chunks */ - enc_len = output_len + block_len; - if (yaca_malloc(enc_len, (void**)&enc) != YACA_ERROR_NONE) + /* Calculate max output length and allocate memory */ + encrypted_len = output_len + block_len; + ret = yaca_zalloc(encrypted_len, (void**)&encrypted); + if (ret != YACA_ERROR_NONE) goto exit; - if (yaca_encrypt_update(ctx, lorem4096, LOREM4096_SIZE, enc, &written_len) != YACA_ERROR_NONE) + /* Encrypt data */ + ret = yaca_encrypt_update(ctx, INPUT_DATA, INPUT_DATA_SIZE, encrypted, &written_len); + if (ret != YACA_ERROR_NONE) goto exit; - enc_len = written_len; + encrypted_len = written_len; - if (yaca_encrypt_finalize(ctx, enc + written_len, &written_len) != YACA_ERROR_NONE) + ret = yaca_encrypt_finalize(ctx, encrypted + encrypted_len, &written_len); + if (ret != YACA_ERROR_NONE) goto exit; - enc_len += written_len; + encrypted_len += written_len; + + /* Resize output buffer */ + ret = yaca_realloc(encrypted_len, (void**)&encrypted); + if (ret != YACA_ERROR_NONE) + goto exit; - dump_hex(enc, 16, "Encrypted data (16 of %zu bytes): ", enc_len); + /* display encrypted data in hexadecimal format */ + dump_hex(encrypted, 16, "Encrypted data (16 of %zu bytes): ", encrypted_len); yaca_context_destroy(ctx); ctx = YACA_CONTEXT_NULL; @@ -142,89 +114,56 @@ void encrypt_advanced(const yaca_encrypt_algorithm_e algo, /* Decryption */ { - if (yaca_decrypt_initialize(&ctx, algo, bcm, key, iv) != YACA_ERROR_NONE) + /* Initialize decryption context */ + ret = yaca_decrypt_initialize(&ctx, YACA_ENCRYPT_AES, YACA_BCM_CBC, key, iv); + if (ret != YACA_ERROR_NONE) goto exit; - /* For the update */ - if (yaca_context_get_output_length(ctx, enc_len, &output_len) != YACA_ERROR_NONE) + /* Get output length for the update */ + ret = yaca_context_get_output_length(ctx, encrypted_len, &output_len); + if (ret != YACA_ERROR_NONE) goto exit; - /* For the finalize */ - if (yaca_context_get_output_length(ctx, 0, &block_len) != YACA_ERROR_NONE) + /* Get output length for the finalize */ + ret = yaca_context_get_output_length(ctx, 0, &block_len); + if (ret != YACA_ERROR_NONE) goto exit; - /* Calculate max output: size of update + final chunks */ - dec_len = output_len + block_len; - if (yaca_malloc(dec_len, (void**)&dec) != YACA_ERROR_NONE) + /* Calculate max output length and allocate memory */ + decrypted_len = output_len + block_len; + ret = yaca_zalloc(decrypted_len, (void**)&decrypted); + if (ret != YACA_ERROR_NONE) goto exit; - if (yaca_decrypt_update(ctx, enc, enc_len, dec, &written_len) != YACA_ERROR_NONE) + /* Decrypt data */ + ret = yaca_decrypt_update(ctx, encrypted, encrypted_len, decrypted, &written_len); + if (ret != YACA_ERROR_NONE) goto exit; - dec_len = written_len; + decrypted_len = written_len; - if (yaca_decrypt_finalize(ctx, dec + written_len, &written_len) != YACA_ERROR_NONE) + ret = yaca_decrypt_finalize(ctx, decrypted + decrypted_len, &written_len); + if (ret != YACA_ERROR_NONE) goto exit; - dec_len += written_len; + decrypted_len += written_len; - printf("Decrypted data (16 of %zu bytes): %.16s\n\n", dec_len, dec); + /* Resize output buffer */ + ret = yaca_realloc(decrypted_len, (void**)&decrypted); + if (ret != YACA_ERROR_NONE) + goto exit; + + printf("Decrypted data (16 of %zu bytes): %.16s\n\n", decrypted_len, decrypted); } exit: - yaca_free(dec); - yaca_free(enc); + yaca_free(decrypted); + yaca_free(encrypted); yaca_context_destroy(ctx); yaca_key_destroy(iv); yaca_key_destroy(key); -} - -int main() -{ - int ret = yaca_initialize(); - if (ret != YACA_ERROR_NONE) - return ret; - - yaca_encrypt_algorithm_e algo = YACA_ENCRYPT_AES; - yaca_block_cipher_mode_e bcm = YACA_BCM_ECB; - yaca_key_type_e key_type = YACA_KEY_TYPE_SYMMETRIC; - size_t key_bit_len = YACA_KEY_LENGTH_256BIT; - - encrypt_simple(algo, bcm, key_bit_len); - encrypt_advanced(algo, bcm, key_type, key_bit_len); - - algo = YACA_ENCRYPT_3DES_3TDEA; - bcm = YACA_BCM_OFB; - key_type = YACA_KEY_TYPE_DES; - key_bit_len = YACA_KEY_LENGTH_192BIT; - - encrypt_advanced(algo, bcm, key_type, key_bit_len); - - algo = YACA_ENCRYPT_CAST5; - bcm = YACA_BCM_CFB; - key_type = YACA_KEY_TYPE_SYMMETRIC; - key_bit_len = YACA_KEY_LENGTH_UNSAFE_40BIT; - - encrypt_simple(algo, bcm, key_bit_len); - encrypt_advanced(algo, bcm, key_type, key_bit_len); - - algo = YACA_ENCRYPT_UNSAFE_RC2; - bcm = YACA_BCM_CBC; - key_type = YACA_KEY_TYPE_SYMMETRIC; - key_bit_len = YACA_KEY_LENGTH_UNSAFE_8BIT; - - encrypt_simple(algo, bcm, key_bit_len); - encrypt_advanced(algo, bcm, key_type, key_bit_len); - - algo = YACA_ENCRYPT_UNSAFE_RC4; - bcm = YACA_BCM_NONE; - key_type = YACA_KEY_TYPE_SYMMETRIC; - key_bit_len = YACA_KEY_LENGTH_2048BIT; - - encrypt_simple(algo, bcm, key_bit_len); - encrypt_advanced(algo, bcm, key_type, key_bit_len); yaca_cleanup(); - return ret; } +//! [Encrypt API example] diff --git a/examples/encrypt_aes_gcm_ccm.c b/examples/encrypt_aes_gcm_ccm.c deleted file mode 100644 index 05f2cfd..0000000 --- a/examples/encrypt_aes_gcm_ccm.c +++ /dev/null @@ -1,335 +0,0 @@ -/* - * Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved - * - * Contact: Krzysztof Jackiewicz <k.jackiewicz@samsung.com> - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License - */ - -/** - * @file encrypt_aes_gcm_ccm.c - * @brief - */ - -#include <stdio.h> - -#include <yaca_crypto.h> -#include <yaca_encrypt.h> -#include <yaca_key.h> -#include <yaca_error.h> - -#include "lorem.h" -#include "misc.h" - -void encrypt_decrypt_aes_gcm(void) -{ - yaca_encrypt_algorithm_e algo = YACA_ENCRYPT_AES; - yaca_block_cipher_mode_e bcm = YACA_BCM_GCM; - yaca_key_type_e key_type = YACA_KEY_TYPE_SYMMETRIC; - size_t key_bit_len = YACA_KEY_LENGTH_256BIT; - size_t iv_bit_len = YACA_KEY_LENGTH_IV_128BIT; - - yaca_context_h ctx = YACA_CONTEXT_NULL; - yaca_key_h key = YACA_KEY_NULL; - yaca_key_h iv = YACA_KEY_NULL; - - char *enc = NULL; - char *dec = NULL; - size_t enc_len; - size_t dec_len; - - char *aad = NULL; - char *tag = NULL; - size_t aad_len = 16; - size_t tag_len = 16; - - size_t block_len; - size_t output_len; - size_t written_len; - - printf("AES GCM 256bit key encryption/decryption\n"); - printf("Plain data (16 of %zu bytes): %.16s\n", LOREM4096_SIZE, lorem4096); - - /* Key generation */ - if (yaca_key_generate(key_type, key_bit_len, &key) != YACA_ERROR_NONE) - return; - - /* IV generation */ - if (yaca_key_generate(YACA_KEY_TYPE_IV, iv_bit_len, &iv) != YACA_ERROR_NONE) - goto exit; - - if (yaca_zalloc(aad_len, (void**)&aad) != YACA_ERROR_NONE) - goto exit; - - if (yaca_randomize_bytes(aad, aad_len) != YACA_ERROR_NONE) - goto exit; - - if (yaca_zalloc(tag_len, (void**)&tag) != YACA_ERROR_NONE) - goto exit; - - /* Encryption */ - { - if (yaca_encrypt_initialize(&ctx, algo, bcm, key, iv) != YACA_ERROR_NONE) - goto exit; - - /* Provide any AAD data */ - if (yaca_context_set_property(ctx, YACA_PROPERTY_GCM_AAD, aad, aad_len) != YACA_ERROR_NONE) - goto exit; - - /* For the update */ - if (yaca_context_get_output_length(ctx, LOREM4096_SIZE, &output_len) != YACA_ERROR_NONE) - goto exit; - - /* For the finalize */ - if (yaca_context_get_output_length(ctx, 0, &block_len) != YACA_ERROR_NONE) - goto exit; - - /* Calculate max output: size of update + final chunks */ - enc_len = output_len + block_len; - if (yaca_malloc(enc_len, (void**)&enc) != YACA_ERROR_NONE) - goto exit; - - if (yaca_encrypt_update(ctx, lorem4096, LOREM4096_SIZE, enc, &written_len) != YACA_ERROR_NONE) - goto exit; - - enc_len = written_len; - - if (yaca_encrypt_finalize(ctx, enc + written_len, &written_len) != YACA_ERROR_NONE) - goto exit; - - enc_len += written_len; - - /* Set the tag length and get the tag after final encryption */ - if (yaca_context_set_property(ctx, YACA_PROPERTY_GCM_TAG_LEN, - (void*)&tag_len, sizeof(tag_len)) != YACA_ERROR_NONE) - goto exit; - - if (yaca_context_get_property(ctx, YACA_PROPERTY_GCM_TAG, (void**)tag, &tag_len) != YACA_ERROR_NONE) - goto exit; - - dump_hex(enc, 16, "Encrypted data (16 of %zu bytes): ", enc_len); - - yaca_context_destroy(ctx); - ctx = YACA_CONTEXT_NULL; - } - - /* Decryption */ - { - if (yaca_decrypt_initialize(&ctx, algo, bcm, key, iv) != YACA_ERROR_NONE) - goto exit; - - /* Provide any AAD data */ - if (yaca_context_set_property(ctx, YACA_PROPERTY_GCM_AAD, aad, aad_len) != YACA_ERROR_NONE) - goto exit; - - /* For the update */ - if (yaca_context_get_output_length(ctx, enc_len, &output_len) != YACA_ERROR_NONE) - goto exit; - - /* For the finalize */ - if (yaca_context_get_output_length(ctx, 0, &block_len) != YACA_ERROR_NONE) - goto exit; - - /* Calculate max output: size of update + final chunks */ - dec_len = output_len + block_len; - if (yaca_malloc(dec_len, (void**)&dec) != YACA_ERROR_NONE) - goto exit; - - if (yaca_decrypt_update(ctx, enc, enc_len, dec, &written_len) != YACA_ERROR_NONE) - goto exit; - - dec_len = written_len; - - /* Set expected tag value before final decryption */ - if (yaca_context_set_property(ctx, YACA_PROPERTY_GCM_TAG, tag, tag_len) != YACA_ERROR_NONE) - goto exit; - - if (yaca_decrypt_finalize(ctx, dec + written_len, &written_len) != YACA_ERROR_NONE) - goto exit; - - dec_len += written_len; - - printf("Decrypted data (16 of %zu bytes): %.16s\n\n", dec_len, dec); - } - -exit: - yaca_free(enc); - yaca_free(dec); - yaca_free(tag); - yaca_free(aad); - yaca_context_destroy(ctx); - yaca_key_destroy(iv); - yaca_key_destroy(key); -} - -void encrypt_decrypt_aes_ccm(void) -{ - yaca_encrypt_algorithm_e algo = YACA_ENCRYPT_AES; - yaca_block_cipher_mode_e bcm = YACA_BCM_CCM; - yaca_key_type_e key_type = YACA_KEY_TYPE_SYMMETRIC; - size_t key_bit_len = YACA_KEY_LENGTH_256BIT; - size_t iv_bit_len = YACA_KEY_LENGTH_IV_64BIT; - - yaca_context_h ctx = YACA_CONTEXT_NULL; - yaca_key_h key = YACA_KEY_NULL; - yaca_key_h iv = YACA_KEY_NULL; - - char *enc = NULL; - char *dec = NULL; - size_t enc_len; - size_t dec_len; - - char *aad = NULL; - char *tag = NULL; - size_t aad_len = 16; - size_t tag_len = 14; - - size_t block_len; - size_t output_len; - size_t written_len; - size_t len; - - printf("AES CCM 256bit key encryption/decryption\n"); - printf("Plain data (16 of %zu bytes): %.16s\n", LOREM4096_SIZE, lorem4096); - - /* Key generation */ - if (yaca_key_generate(key_type, key_bit_len, &key) != YACA_ERROR_NONE) - return; - - /* IV generation */ - if (yaca_key_generate(YACA_KEY_TYPE_IV, iv_bit_len, &iv) != YACA_ERROR_NONE) - goto exit; - - if (yaca_zalloc(aad_len, (void**)&aad) != YACA_ERROR_NONE) - goto exit; - - if (yaca_randomize_bytes(aad, aad_len) != YACA_ERROR_NONE) - goto exit; - - if (yaca_zalloc(tag_len, (void**)&tag) != YACA_ERROR_NONE) - goto exit; - - /* Encryption */ - { - if (yaca_encrypt_initialize(&ctx, algo, bcm, key, iv) != YACA_ERROR_NONE) - goto exit; - - /* Set tag length (optionally) */ - if (yaca_context_set_property(ctx, YACA_PROPERTY_CCM_TAG_LEN, - (void*)&tag_len, sizeof(tag_len)) != YACA_ERROR_NONE) - goto exit; - - /* The total plain text length must be passed (only needed if AAD is passed) */ - if (yaca_encrypt_update(ctx, NULL, LOREM4096_SIZE , NULL, &len) != YACA_ERROR_NONE) - goto exit; - - if (yaca_context_set_property(ctx, YACA_PROPERTY_CCM_AAD, aad, aad_len) != YACA_ERROR_NONE) - goto exit; - - /* For the update */ - if (yaca_context_get_output_length(ctx, LOREM4096_SIZE, &output_len) != YACA_ERROR_NONE) - goto exit; - - /* For the finalize */ - if (yaca_context_get_output_length(ctx, 0, &block_len) != YACA_ERROR_NONE) - goto exit; - - /* Calculate max output: size of update + final chunks */ - enc_len = output_len + block_len; - if (yaca_malloc(enc_len, (void**)&enc) != YACA_ERROR_NONE) - goto exit; - - if (yaca_encrypt_update(ctx, lorem4096, LOREM4096_SIZE, enc, &written_len) != YACA_ERROR_NONE) - goto exit; - - enc_len = written_len; - - if (yaca_encrypt_finalize(ctx, enc + written_len, &written_len) != YACA_ERROR_NONE) - goto exit; - - enc_len += written_len; - - /* Get the tag after final encryption */ - if (yaca_context_get_property(ctx, YACA_PROPERTY_CCM_TAG, (void**)tag, &tag_len) != YACA_ERROR_NONE) - goto exit; - - dump_hex(enc, 16, "Encrypted data (16 of %zu bytes): ", enc_len); - - yaca_context_destroy(ctx); - ctx = YACA_CONTEXT_NULL; - } - - /* Decryption */ - { - if (yaca_decrypt_initialize(&ctx, algo, bcm, key, iv) != YACA_ERROR_NONE) - goto exit; - - /* Set expected tag value */ - if (yaca_context_set_property(ctx, YACA_PROPERTY_CCM_TAG, tag, tag_len) != YACA_ERROR_NONE) - goto exit; - - /* The total encrypted text length must be passed (only needed if AAD is passed) */ - if (yaca_decrypt_update(ctx, NULL, enc_len , NULL, &len) != YACA_ERROR_NONE) - goto exit; - - if (yaca_context_set_property(ctx, YACA_PROPERTY_CCM_AAD, aad, aad_len) != YACA_ERROR_NONE) - goto exit; - - /* For the update */ - if (yaca_context_get_output_length(ctx, enc_len, &output_len) != YACA_ERROR_NONE) - goto exit; - - /* For the finalize */ - if (yaca_context_get_output_length(ctx, 0, &block_len) != YACA_ERROR_NONE) - goto exit; - - /* Calculate max output: size of update + final chunks */ - dec_len = output_len + block_len; - if (yaca_malloc(dec_len, (void**)&dec) != YACA_ERROR_NONE) - goto exit; - - if (yaca_decrypt_update(ctx, enc, enc_len, dec, &written_len) != YACA_ERROR_NONE) - goto exit; - - dec_len = written_len; - - if (yaca_decrypt_finalize(ctx, dec + written_len, &written_len) != YACA_ERROR_NONE) - goto exit; - - dec_len += written_len; - - printf("Decrypted data (16 of %zu bytes): %.16s\n\n", dec_len, dec); - } - -exit: - yaca_free(enc); - yaca_free(dec); - yaca_free(tag); - yaca_free(aad); - yaca_context_destroy(ctx); - yaca_key_destroy(iv); - yaca_key_destroy(key); -} - -int main() -{ - int ret = yaca_initialize(); - if (ret != YACA_ERROR_NONE) - return ret; - - encrypt_decrypt_aes_gcm(); - encrypt_decrypt_aes_ccm(); - - yaca_cleanup(); - return ret; -} diff --git a/examples/encrypt_ccm.c b/examples/encrypt_ccm.c new file mode 100644 index 0000000..3bc11f8 --- /dev/null +++ b/examples/encrypt_ccm.c @@ -0,0 +1,225 @@ +/* + * Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved + * + * Contact: Krzysztof Jackiewicz <k.jackiewicz@samsung.com> + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License + */ + +/** + * @file encrypt_ccm.c + * @brief AES CCM encrypt API example. + */ + +//! [AES CCM encrypt API example] +#include <stdio.h> + +#include <yaca_crypto.h> +#include <yaca_encrypt.h> +#include <yaca_key.h> +#include <yaca_error.h> + +/* include helpers functions and definitions */ +#include "misc.h" + +int main() +{ + int ret; + yaca_context_h ctx = YACA_CONTEXT_NULL; + yaca_key_h key = YACA_KEY_NULL; + yaca_key_h iv = YACA_KEY_NULL; + + char *encrypted = NULL; + char *decrypted = NULL; + size_t encrypted_len; + size_t decrypted_len; + + char *aad = NULL; + char *tag = NULL; + size_t aad_len = 16; + size_t tag_len = 12; + + size_t block_len; + size_t output_len; + size_t written_len; + + ret = yaca_initialize(); + if (ret != YACA_ERROR_NONE) + goto exit; + + printf("Plain data (16 of %zu bytes): %.16s\n", INPUT_DATA_SIZE, INPUT_DATA); + + /* Key generation */ + ret = yaca_key_generate(YACA_KEY_TYPE_SYMMETRIC, YACA_KEY_LENGTH_256BIT, &key); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* IV generation */ + ret = yaca_key_generate(YACA_KEY_TYPE_IV, YACA_KEY_LENGTH_IV_64BIT, &iv); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Additional Authentication Data generation */ + ret = yaca_zalloc(aad_len, (void**)&aad); + if (ret != YACA_ERROR_NONE) + goto exit; + + ret = yaca_randomize_bytes(aad, aad_len); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Allocate memory for tag */ + ret = yaca_zalloc(tag_len, (void**)&tag); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Encryption */ + { + /* Initialize encryption context */ + ret = yaca_encrypt_initialize(&ctx, YACA_ENCRYPT_AES, YACA_BCM_CCM, key, iv); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Get output length for the update */ + ret = yaca_context_get_output_length(ctx, INPUT_DATA_SIZE, &output_len); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Get output length for the finalize */ + ret = yaca_context_get_output_length(ctx, 0, &block_len); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Calculate max output length and allocate memory */ + encrypted_len = output_len + block_len; + ret = yaca_zalloc(encrypted_len, (void**)&encrypted); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Set tag length */ + ret = yaca_context_set_property(ctx, YACA_PROPERTY_CCM_TAG_LEN, &tag_len, sizeof(tag_len)); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* The total plain text length must be passed (only needed if AAD is passed) */ + ret = yaca_encrypt_update(ctx, NULL, INPUT_DATA_SIZE , NULL, &written_len); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Provide Additional Authentication Data */ + ret = yaca_context_set_property(ctx, YACA_PROPERTY_CCM_AAD, aad, aad_len); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Encrypt data */ + ret = yaca_encrypt_update(ctx, INPUT_DATA, INPUT_DATA_SIZE, encrypted, &written_len); + if (ret != YACA_ERROR_NONE) + goto exit; + + encrypted_len = written_len; + + ret = yaca_encrypt_finalize(ctx, encrypted + encrypted_len, &written_len); + if (ret != YACA_ERROR_NONE) + goto exit; + + encrypted_len += written_len; + + /* Resize output buffer */ + ret = yaca_realloc(encrypted_len, (void**)&encrypted); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Get the tag after final encryption */ + ret = yaca_context_get_property(ctx, YACA_PROPERTY_CCM_TAG, (void**)tag, &tag_len); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* display encrypted data in hexadecimal format */ + dump_hex(encrypted, 16, "Encrypted data (16 of %zu bytes): ", encrypted_len); + + yaca_context_destroy(ctx); + ctx = YACA_CONTEXT_NULL; + } + + /* Decryption */ + { + /* Initialize decryption context */ + ret = yaca_decrypt_initialize(&ctx, YACA_ENCRYPT_AES, YACA_BCM_CCM, key, iv); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Get output length for the update */ + ret = yaca_context_get_output_length(ctx, encrypted_len, &output_len); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Get output length for the finalize */ + ret = yaca_context_get_output_length(ctx, 0, &block_len); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Calculate max output length and allocate memory */ + decrypted_len = output_len + block_len; + ret = yaca_zalloc(decrypted_len, (void**)&decrypted); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Set expected tag value */ + ret = yaca_context_set_property(ctx, YACA_PROPERTY_CCM_TAG, tag, tag_len); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* The total encrypted text length must be passed (only needed if AAD is passed) */ + ret = yaca_decrypt_update(ctx, NULL, encrypted_len , NULL, &written_len); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Provide Additional Authentication Data */ + ret = yaca_context_set_property(ctx, YACA_PROPERTY_CCM_AAD, aad, aad_len); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Decrypt data */ + ret = yaca_decrypt_update(ctx, encrypted, encrypted_len, decrypted, &written_len); + if (ret != YACA_ERROR_NONE) + goto exit; + + decrypted_len = written_len; + + ret = yaca_decrypt_finalize(ctx, decrypted + decrypted_len, &written_len); + if (ret != YACA_ERROR_NONE) + goto exit; + + decrypted_len += written_len; + + /* Resize output buffer */ + ret = yaca_realloc(decrypted_len, (void**)&decrypted); + if (ret != YACA_ERROR_NONE) + goto exit; + + printf("Decrypted data (16 of %zu bytes): %.16s\n\n", decrypted_len, decrypted); + } + +exit: + yaca_free(decrypted); + yaca_free(encrypted); + yaca_free(tag); + yaca_free(aad); + yaca_context_destroy(ctx); + yaca_key_destroy(iv); + yaca_key_destroy(key); + + yaca_cleanup(); + return ret; +} +//! [AES CCM encrypt API example] diff --git a/examples/encrypt_gcm.c b/examples/encrypt_gcm.c new file mode 100644 index 0000000..9778acb --- /dev/null +++ b/examples/encrypt_gcm.c @@ -0,0 +1,214 @@ +/* + * Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved + * + * Contact: Krzysztof Jackiewicz <k.jackiewicz@samsung.com> + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License + */ + +/** + * @file encrypt_gcm.c + * @brief AES GCM encrypt API example. + */ + +//! [AES GCM encrypt API example] +#include <stdio.h> + +#include <yaca_crypto.h> +#include <yaca_encrypt.h> +#include <yaca_key.h> +#include <yaca_error.h> + +/* include helpers functions and definitions */ +#include "misc.h" + +int main() +{ + int ret; + yaca_context_h ctx = YACA_CONTEXT_NULL; + yaca_key_h key = YACA_KEY_NULL; + yaca_key_h iv = YACA_KEY_NULL; + + char *encrypted = NULL; + char *decrypted = NULL; + size_t encrypted_len; + size_t decrypted_len; + + char *aad = NULL; + char *tag = NULL; + size_t aad_len = 16; + size_t tag_len = 16; + + size_t block_len; + size_t output_len; + size_t written_len; + + ret = yaca_initialize(); + if (ret != YACA_ERROR_NONE) + goto exit; + + printf("Plain data (16 of %zu bytes): %.16s\n", INPUT_DATA_SIZE, INPUT_DATA); + + /* Key generation */ + ret = yaca_key_generate(YACA_KEY_TYPE_SYMMETRIC, YACA_KEY_LENGTH_256BIT, &key); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* IV generation */ + ret = yaca_key_generate(YACA_KEY_TYPE_IV, YACA_KEY_LENGTH_IV_128BIT, &iv); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Additional Authentication Data generation */ + ret = yaca_zalloc(aad_len, (void**)&aad); + if (ret != YACA_ERROR_NONE) + goto exit; + + ret = yaca_randomize_bytes(aad, aad_len); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Allocate memory for tag */ + ret = yaca_zalloc(tag_len, (void**)&tag); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Encryption */ + { + /* Initialize encryption context */ + ret = yaca_encrypt_initialize(&ctx, YACA_ENCRYPT_AES, YACA_BCM_GCM, key, iv); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Get output length for the update */ + ret = yaca_context_get_output_length(ctx, INPUT_DATA_SIZE, &output_len); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Get output length for the finalize */ + ret = yaca_context_get_output_length(ctx, 0, &block_len); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Calculate max output length and allocate memory */ + encrypted_len = output_len + block_len; + ret = yaca_zalloc(encrypted_len, (void**)&encrypted); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Provide Additional Authentication Data */ + ret = yaca_context_set_property(ctx, YACA_PROPERTY_GCM_AAD, aad, aad_len); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Encrypt data */ + ret = yaca_encrypt_update(ctx, INPUT_DATA, INPUT_DATA_SIZE, encrypted, &written_len); + if (ret != YACA_ERROR_NONE) + goto exit; + + encrypted_len = written_len; + + ret = yaca_encrypt_finalize(ctx, encrypted + encrypted_len, &written_len); + if (ret != YACA_ERROR_NONE) + goto exit; + + encrypted_len += written_len; + + /* Resize output buffer */ + ret = yaca_realloc(encrypted_len, (void**)&encrypted); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Set the tag length and get the tag */ + ret = yaca_context_set_property(ctx, YACA_PROPERTY_GCM_TAG_LEN, &tag_len, sizeof(tag_len)); + if (ret != YACA_ERROR_NONE) + goto exit; + + ret = yaca_context_get_property(ctx, YACA_PROPERTY_GCM_TAG, (void**)tag, &tag_len); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* display encrypted data in hexadecimal format */ + dump_hex(encrypted, 16, "Encrypted data (16 of %zu bytes): ", encrypted_len); + + yaca_context_destroy(ctx); + ctx = YACA_CONTEXT_NULL; + } + + /* Decryption */ + { + /* Initialize decryption context */ + ret = yaca_decrypt_initialize(&ctx, YACA_ENCRYPT_AES, YACA_BCM_GCM, key, iv); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Get output length for the update */ + ret = yaca_context_get_output_length(ctx, encrypted_len, &output_len); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Get output length for the finalize */ + ret = yaca_context_get_output_length(ctx, 0, &block_len); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Calculate max output length and allocate memory */ + decrypted_len = output_len + block_len; + ret = yaca_zalloc(decrypted_len, (void**)&decrypted); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Provide Additional Authentication Data */ + ret = yaca_context_set_property(ctx, YACA_PROPERTY_GCM_AAD, aad, aad_len); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Decrypt data */ + ret = yaca_decrypt_update(ctx, encrypted, encrypted_len, decrypted, &written_len); + if (ret != YACA_ERROR_NONE) + goto exit; + + decrypted_len = written_len; + + /* Set expected tag value before final decryption */ + ret = yaca_context_set_property(ctx, YACA_PROPERTY_GCM_TAG, tag, tag_len); + if (ret != YACA_ERROR_NONE) + goto exit; + + ret = yaca_decrypt_finalize(ctx, decrypted + decrypted_len, &written_len); + if (ret != YACA_ERROR_NONE) + goto exit; + + decrypted_len += written_len; + + /* Resize output buffer */ + ret = yaca_realloc(decrypted_len, (void**)&decrypted); + if (ret != YACA_ERROR_NONE) + goto exit; + + printf("Decrypted data (16 of %zu bytes): %.16s\n\n", decrypted_len, decrypted); + } + +exit: + yaca_free(decrypted); + yaca_free(encrypted); + yaca_free(tag); + yaca_free(aad); + yaca_context_destroy(ctx); + yaca_key_destroy(iv); + yaca_key_destroy(key); + + yaca_cleanup(); + return ret; +} +//! [AES GCM encrypt API example] diff --git a/examples/encrypt_simple.c b/examples/encrypt_simple.c new file mode 100644 index 0000000..dadab7c --- /dev/null +++ b/examples/encrypt_simple.c @@ -0,0 +1,102 @@ +/* + * Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved + * + * Contact: Krzysztof Jackiewicz <k.jackiewicz@samsung.com> + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License + */ + +/** + * @file encrypt_simple.c + * @brief Simple Encrypt API example. + */ + +//! [Simple Encrypt API example] +#include <stdio.h> + +#include <yaca_crypto.h> +#include <yaca_simple.h> +#include <yaca_encrypt.h> +#include <yaca_key.h> +#include <yaca_error.h> + +/* include helpers functions and definitions */ +#include "misc.h" + +int main() +{ + int ret; + yaca_key_h key = YACA_KEY_NULL; + yaca_key_h iv = YACA_KEY_NULL; + size_t iv_bit_len; + + char *encrypted = NULL; + char *decrypted = NULL; + size_t encrypted_len; + size_t decrypted_len; + + ret = yaca_initialize(); + if (ret != YACA_ERROR_NONE) + goto exit; + + printf("Plain data (16 of %zu bytes): %.16s\n", INPUT_DATA_SIZE, INPUT_DATA); + + /* Key generation */ + ret = yaca_key_derive_pbkdf2("foo bar", "123456789", 10, 1000, + YACA_DIGEST_SHA256, YACA_KEY_LENGTH_256BIT, &key); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* IV generation */ + ret = yaca_encrypt_get_iv_bit_length(YACA_ENCRYPT_AES, YACA_BCM_CTR, YACA_KEY_LENGTH_256BIT, + &iv_bit_len); + if (ret != YACA_ERROR_NONE) + goto exit; + + if (iv_bit_len > 0) { + ret = yaca_key_generate(YACA_KEY_TYPE_IV, iv_bit_len, &iv); + if (ret != YACA_ERROR_NONE) + goto exit; + } + + /* Encryption */ + { + ret = yaca_simple_encrypt(YACA_ENCRYPT_AES, YACA_BCM_CTR, key, iv, + INPUT_DATA, INPUT_DATA_SIZE, &encrypted, &encrypted_len); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* display encrypted data in hexadecimal format */ + dump_hex(encrypted, 16, "Encrypted data (16 of %zu bytes): ", encrypted_len); + } + + /* Decryption */ + { + ret = yaca_simple_decrypt(YACA_ENCRYPT_AES, YACA_BCM_CTR, key, iv, + encrypted, encrypted_len, &decrypted, &decrypted_len); + if (ret != YACA_ERROR_NONE) + goto exit; + + printf("Decrypted data (16 of %zu bytes): %.16s\n\n", decrypted_len, decrypted); + } + +exit: + yaca_free(encrypted); + yaca_free(decrypted); + yaca_key_destroy(iv); + yaca_key_destroy(key); + + yaca_cleanup(); + return ret; +} +//! [Simple Encrypt API example] diff --git a/examples/key_exchange.c b/examples/key_exchange.c index ee75eac..1520a4c 100644 --- a/examples/key_exchange.c +++ b/examples/key_exchange.c @@ -18,125 +18,90 @@ /** * @file key_exchange.c - * @brief + * @brief Diffie-Helmann key exchange API example. */ -#include <stdio.h> - +//! [Diffie-Helmann key exchange API example] #include <yaca_crypto.h> #include <yaca_key.h> #include <yaca_error.h> +/* include helpers functions and definitions */ #include "misc.h" -/* send own public key and get peer public key */ -static yaca_key_h exchange_keys(const yaca_key_h pkey) +static yaca_key_h exchange_public_keys(const yaca_key_h peer_key) { int ret; - char *secret = NULL; - size_t secret_len; - char *temp_material = NULL; - size_t temp_material_len; - char *key_material = NULL; - size_t key_material_len; - char *iv_material = NULL; - size_t iv_material_len; - - yaca_key_h private_key = YACA_KEY_NULL; - yaca_key_h public_key = YACA_KEY_NULL; yaca_key_h params = YACA_KEY_NULL; - yaca_key_h aes_key = YACA_KEY_NULL; - yaca_key_h iv = YACA_KEY_NULL; - - ret = yaca_key_extract_parameters(pkey, ¶ms); - if (ret != YACA_ERROR_NONE) - goto exit; - - ret = yaca_key_generate_from_parameters(params, &private_key); - if (ret != YACA_ERROR_NONE) - goto exit; + yaca_key_h priv_key = YACA_KEY_NULL; + yaca_key_h pub_key = YACA_KEY_NULL; - ret = yaca_key_extract_public(private_key, &public_key); + ret = yaca_key_extract_parameters(peer_key, ¶ms); if (ret != YACA_ERROR_NONE) goto exit; - /* derive secret */ - ret = yaca_key_derive_dh(private_key, pkey, &secret, &secret_len); + ret = yaca_key_generate_from_parameters(params, &priv_key); if (ret != YACA_ERROR_NONE) goto exit; - key_material_len = YACA_KEY_LENGTH_192BIT / 8; - iv_material_len = YACA_KEY_LENGTH_IV_128BIT / 8; - temp_material_len = key_material_len + iv_material_len; - ret = yaca_key_derive_kdf(YACA_KDF_X962, YACA_DIGEST_SHA512, secret, secret_len, - NULL, 0, temp_material_len, &temp_material); - - if (ret != YACA_ERROR_NONE) - goto exit; - - key_material = temp_material; - iv_material = temp_material + key_material_len; - - ret = yaca_key_import(YACA_KEY_TYPE_SYMMETRIC, NULL, key_material, key_material_len, &aes_key); + ret = yaca_key_extract_public(priv_key, &pub_key); if (ret != YACA_ERROR_NONE) goto exit; - ret = yaca_key_import(YACA_KEY_TYPE_IV, NULL, iv_material, iv_material_len, &iv); - if (ret != YACA_ERROR_NONE) - goto exit; - - dump_hex(secret, secret_len, "\n***** Peer Secret: *****"); - dump_hex(key_material, key_material_len, "\n***** Peer AES key: *****"); - dump_hex(iv_material, iv_material_len, "\n***** Peer IV: *****"); - exit: - yaca_key_destroy(private_key); + yaca_key_destroy(priv_key); yaca_key_destroy(params); - yaca_key_destroy(aes_key); - yaca_key_destroy(iv); - yaca_free(secret); - yaca_free(temp_material); - return public_key; + return pub_key; } -void key_derivation(const yaca_key_h private_key) +int main() { int ret; + yaca_key_h priv_key = YACA_KEY_NULL; + yaca_key_h pub_key = YACA_KEY_NULL; + yaca_key_h peer_key = YACA_KEY_NULL; + yaca_key_h aes_key = YACA_KEY_NULL; + yaca_key_h iv = YACA_KEY_NULL; + char *secret = NULL; size_t secret_len; - char *temp_material = NULL; - size_t temp_material_len; char *key_material = NULL; size_t key_material_len; char *iv_material = NULL; size_t iv_material_len; + char *temp_material = NULL; + size_t temp_material_len; - yaca_key_h public_key = YACA_KEY_NULL; - yaca_key_h peer_key = YACA_KEY_NULL; - yaca_key_h aes_key = YACA_KEY_NULL; - yaca_key_h iv = YACA_KEY_NULL; + ret = yaca_initialize(); + if (ret != YACA_ERROR_NONE) + goto exit; - ret = yaca_key_extract_public(private_key, &public_key); + /* Key generation */ + ret = yaca_key_generate(YACA_KEY_TYPE_DH_PRIV, YACA_KEY_LENGTH_DH_RFC_2048_256, &priv_key); if (ret != YACA_ERROR_NONE) goto exit; - /* get peer public key */ - peer_key = exchange_keys(public_key); + ret = yaca_key_extract_public(priv_key, &pub_key); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Send own public key and get peer public key */ + peer_key = exchange_public_keys(pub_key); if (peer_key == YACA_KEY_NULL) goto exit; - /* derive secret */ - ret = yaca_key_derive_dh(private_key, peer_key, &secret, &secret_len); + /* Derive shared secret */ + ret = yaca_key_derive_dh(priv_key, peer_key, &secret, &secret_len); if (ret != YACA_ERROR_NONE) goto exit; - key_material_len = YACA_KEY_LENGTH_192BIT / 8; + /* Derive AES key and IV */ + key_material_len = YACA_KEY_LENGTH_256BIT / 8; iv_material_len = YACA_KEY_LENGTH_IV_128BIT / 8; temp_material_len = key_material_len + iv_material_len; - ret = yaca_key_derive_kdf(YACA_KDF_X962, YACA_DIGEST_SHA512, secret, secret_len, + ret = yaca_key_derive_kdf(YACA_KDF_X942, YACA_DIGEST_SHA512, secret, secret_len, NULL, 0, temp_material_len, &temp_material); - if (ret != YACA_ERROR_NONE) goto exit; @@ -151,68 +116,20 @@ void key_derivation(const yaca_key_h private_key) if (ret != YACA_ERROR_NONE) goto exit; - dump_hex(secret, secret_len, "\n***** My Secret: *****"); - dump_hex(key_material, key_material_len, "\n***** My AES key: *****"); - dump_hex(iv_material, iv_material_len, "\n***** My IV: *****"); + /* display key and IV in hexadecimal format */ + dump_hex(key_material, key_material_len, "***** Derived AES key: *****"); + dump_hex(iv_material, iv_material_len, "\n***** Derived IV: *****"); exit: - yaca_key_destroy(public_key); + yaca_key_destroy(priv_key); + yaca_key_destroy(pub_key); yaca_key_destroy(peer_key); yaca_key_destroy(aes_key); yaca_key_destroy(iv); yaca_free(secret); yaca_free(temp_material); -} - -int main() -{ - yaca_key_h ecdh_key = YACA_KEY_NULL; - yaca_key_h dh_params = YACA_KEY_NULL; - yaca_key_h dh_key_from_params = YACA_KEY_NULL; - yaca_key_h dh_key = YACA_KEY_NULL; - - int ret = yaca_initialize(); - if (ret != YACA_ERROR_NONE) - return ret; - - printf("\n***** Elliptic Curve Diffie Hellman key exchange and key/iv derivation *****"); - { - ret = yaca_key_generate(YACA_KEY_TYPE_EC_PRIV, YACA_KEY_LENGTH_EC_PRIME256V1, &ecdh_key); - if (ret != YACA_ERROR_NONE) - goto exit; - key_derivation(ecdh_key); - } - - printf("\n***** Diffie Hellman Diffie Hellman key exchange and key/iv derivation *****"); - { - ret = yaca_key_generate(YACA_KEY_TYPE_DH_PARAMS, - YACA_KEY_LENGTH_DH_GENERATOR_2 | 1024, &dh_params); - if (ret != YACA_ERROR_NONE) - goto exit; - - ret = yaca_key_generate_from_parameters(dh_params, &dh_key_from_params); - if (ret != YACA_ERROR_NONE) - goto exit; - - key_derivation(dh_key_from_params); - } - - printf("\n***** Diffie Hellman Diffie Hellman key exchange and key/iv derivation *****"); - { - ret = yaca_key_generate(YACA_KEY_TYPE_DH_PRIV, YACA_KEY_LENGTH_DH_RFC_2048_256, &dh_key); - if (ret != YACA_ERROR_NONE) - goto exit; - - key_derivation(dh_key); - } - -exit: - yaca_key_destroy(ecdh_key); - yaca_key_destroy(dh_params); - yaca_key_destroy(dh_key_from_params); - yaca_key_destroy(dh_key); yaca_cleanup(); - return ret; } +//! [Diffie-Helmann key exchange API example] diff --git a/examples/key_gen.c b/examples/key_gen.c index a771d81..43ab6c3 100644 --- a/examples/key_gen.c +++ b/examples/key_gen.c @@ -16,15 +16,16 @@ * limitations under the License */ -#include <stdio.h> +/** + * @file key_gen.c + * @brief Key generation API example. + */ +//! [Key generation API example] #include <yaca_crypto.h> #include <yaca_key.h> -#include <yaca_types.h> #include <yaca_error.h> -#include "misc.h" - int main() { int ret; @@ -33,94 +34,51 @@ int main() ret = yaca_initialize(); if (ret != YACA_ERROR_NONE) - goto error; - - printf("This example doesn't print anything useful unless an error occured.\n" - "It is intended to be looked at only as a code example.\n" - "It might take a long time to execute though due to several keys being generated.\n"); + goto exit; /* Regular generation */ - ret = yaca_key_generate(YACA_KEY_TYPE_SYMMETRIC, YACA_KEY_LENGTH_256BIT, &key); if (ret != YACA_ERROR_NONE) - goto error; + goto exit; yaca_key_destroy(key); - ret = yaca_key_generate(YACA_KEY_TYPE_DES, YACA_KEY_LENGTH_192BIT, &key); + ret = yaca_key_generate(YACA_KEY_TYPE_RSA_PRIV, YACA_KEY_LENGTH_2048BIT, &key); if (ret != YACA_ERROR_NONE) - goto error; - yaca_key_destroy(key); - - ret = yaca_key_generate(YACA_KEY_TYPE_RSA_PRIV, YACA_KEY_LENGTH_1024BIT, &key); - if (ret != YACA_ERROR_NONE) - goto error; - yaca_key_destroy(key); - - ret = yaca_key_generate(YACA_KEY_TYPE_DSA_PRIV, YACA_KEY_LENGTH_512BIT, &key); - if (ret != YACA_ERROR_NONE) - goto error; - yaca_key_destroy(key); - - ret = yaca_key_generate(YACA_KEY_TYPE_DH_PRIV, YACA_KEY_LENGTH_DH_GENERATOR_2 | 333, &key); - if (ret != YACA_ERROR_NONE) - goto error; + goto exit; yaca_key_destroy(key); ret = yaca_key_generate(YACA_KEY_TYPE_DH_PRIV, YACA_KEY_LENGTH_DH_RFC_2048_224, &key); if (ret != YACA_ERROR_NONE) - goto error; + goto exit; yaca_key_destroy(key); ret = yaca_key_generate(YACA_KEY_TYPE_EC_PRIV, YACA_KEY_LENGTH_EC_SECP384R1, &key); if (ret != YACA_ERROR_NONE) - goto error; + goto exit; yaca_key_destroy(key); /* Params + key generation */ - - ret = yaca_key_generate(YACA_KEY_TYPE_DSA_PARAMS, YACA_KEY_LENGTH_512BIT, &key_params); - if (ret != YACA_ERROR_NONE) - goto error; - ret = yaca_key_generate_from_parameters(key_params, &key); - if (ret != YACA_ERROR_NONE) - goto error; - yaca_key_destroy(key); - yaca_key_destroy(key_params); - - ret = yaca_key_generate(YACA_KEY_TYPE_DH_PARAMS, - YACA_KEY_LENGTH_DH_GENERATOR_5 | YACA_KEY_LENGTH_2048BIT, &key_params); - if (ret != YACA_ERROR_NONE) - goto error; - ret = yaca_key_generate_from_parameters(key_params, &key); - if (ret != YACA_ERROR_NONE) - goto error; - yaca_key_destroy(key); - yaca_key_destroy(key_params); - ret = yaca_key_generate(YACA_KEY_TYPE_DH_PARAMS, YACA_KEY_LENGTH_DH_RFC_2048_256, &key_params); if (ret != YACA_ERROR_NONE) - goto error; + goto exit; ret = yaca_key_generate_from_parameters(key_params, &key); if (ret != YACA_ERROR_NONE) - goto error; + goto exit; yaca_key_destroy(key); yaca_key_destroy(key_params); ret = yaca_key_generate(YACA_KEY_TYPE_EC_PARAMS, YACA_KEY_LENGTH_EC_PRIME256V1, &key_params); if (ret != YACA_ERROR_NONE) - goto error; + goto exit; ret = yaca_key_generate_from_parameters(key_params, &key); if (ret != YACA_ERROR_NONE) - goto error; + goto exit; + +exit: yaca_key_destroy(key); yaca_key_destroy(key_params); yaca_cleanup(); - return 0; - -error: - printf("Error occured.\n"); - yaca_cleanup(); - - return 1; + return ret; } +//! [Key generation API example] diff --git a/examples/key_import_export.c b/examples/key_import_export.c deleted file mode 100644 index 4a50cb7..0000000 --- a/examples/key_import_export.c +++ /dev/null @@ -1,321 +0,0 @@ -/* - * Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved - * - * Contact: Krzysztof Jackiewicz <k.jackiewicz@samsung.com> - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License - */ - -/** - * @file key_import_export.c - * @brief - */ - -#include <stdio.h> - -#include <yaca_crypto.h> -#include <yaca_key.h> -#include <yaca_error.h> - -#include "misc.h" - -int key_import_export_sym(yaca_key_h sym) -{ - int ret; - - char *raw = NULL; - size_t raw_len; - char *b64 = NULL; - size_t b64_len; - - yaca_key_h raw_imported = YACA_KEY_NULL; - yaca_key_h b64_imported = YACA_KEY_NULL; - - - /* BASE64 */ - - ret = yaca_key_export(sym, YACA_KEY_FORMAT_DEFAULT, YACA_KEY_FILE_FORMAT_BASE64, NULL, &b64, &b64_len); - if (ret != YACA_ERROR_NONE) - return ret; - ret = yaca_key_import(YACA_KEY_TYPE_SYMMETRIC, NULL, b64, b64_len, &b64_imported); - if (ret != YACA_ERROR_NONE) - goto exit; - - printf("\n\t***** BASE64 exported key: *****\n%.*s\n", (int)b64_len, b64); - yaca_free(b64); - b64 = NULL; - - ret = yaca_key_export(b64_imported, YACA_KEY_FORMAT_DEFAULT, YACA_KEY_FILE_FORMAT_BASE64, NULL, &b64, &b64_len); - if (ret != YACA_ERROR_NONE) - goto exit; - - printf("\t***** BASE64 imported key: *****\n%.*s\n", (int)b64_len, b64); - - - /* RAW */ - - ret = yaca_key_export(sym, YACA_KEY_FORMAT_DEFAULT, YACA_KEY_FILE_FORMAT_RAW, NULL, &raw, &raw_len); - if (ret != YACA_ERROR_NONE) - goto exit; - ret = yaca_key_import(YACA_KEY_TYPE_SYMMETRIC, NULL, raw, raw_len, &raw_imported); - if (ret != YACA_ERROR_NONE) - goto exit; - - dump_hex(raw, raw_len, "\n\t***** RAW exported key: *****"); - yaca_free(raw); - raw = NULL; - - ret = yaca_key_export(raw_imported, YACA_KEY_FORMAT_DEFAULT, YACA_KEY_FILE_FORMAT_RAW, NULL, &raw, &raw_len); - if (ret != YACA_ERROR_NONE) - goto exit; - - dump_hex(raw, raw_len, "\t***** RAW imported key: *****"); - -exit: - yaca_key_destroy(raw_imported); - yaca_key_destroy(b64_imported); - yaca_free(raw); - yaca_free(b64); - - return ret; -} - -int key_import_export_asym(yaca_key_h priv, yaca_key_h pub, - yaca_key_type_e priv_type, yaca_key_type_e pub_type, - const char *algo) -{ - int ret; - - char *pem_prv = NULL; - size_t pem_prv_len; - char *der_prv = NULL; - size_t der_prv_len; - - char *pem_pub = NULL; - size_t pem_pub_len; - char *der_pub = NULL; - size_t der_pub_len; - - yaca_key_h pem_prv_imported = YACA_KEY_NULL; - yaca_key_h der_prv_imported = YACA_KEY_NULL; - yaca_key_h pem_pub_imported = YACA_KEY_NULL; - yaca_key_h der_pub_imported = YACA_KEY_NULL; - - - /* PEM private */ - - ret = yaca_key_export(priv, YACA_KEY_FORMAT_DEFAULT, YACA_KEY_FILE_FORMAT_PEM, NULL, &pem_prv, &pem_prv_len); - if (ret != YACA_ERROR_NONE) - return ret; - ret = yaca_key_import(priv_type, NULL, pem_prv, pem_prv_len, &pem_prv_imported); - if (ret != YACA_ERROR_NONE) - goto exit; - - printf("\n\t***** %s PEM exported private key: *****\n%.*s", algo, (int)pem_prv_len, pem_prv); - yaca_free(pem_prv); - pem_prv = NULL; - - ret = yaca_key_export(pem_prv_imported, YACA_KEY_FORMAT_DEFAULT, YACA_KEY_FILE_FORMAT_PEM, NULL, &pem_prv, &pem_prv_len); - if (ret != YACA_ERROR_NONE) - goto exit; - - printf("\t***** %s PEM imported private key: *****\n%.*s", algo, (int)pem_prv_len, pem_prv); - - - /* DER private */ - - ret = yaca_key_export(priv, YACA_KEY_FORMAT_DEFAULT, YACA_KEY_FILE_FORMAT_DER, NULL, &der_prv, &der_prv_len); - if (ret != YACA_ERROR_NONE) - goto exit; - ret = yaca_key_import(priv_type, NULL, der_prv, der_prv_len, &der_prv_imported); - if (ret != YACA_ERROR_NONE) - goto exit; - - dump_hex(der_prv, der_prv_len, "\n\t***** %s DER exported private key: *****", algo); - yaca_free(der_prv); - der_prv = NULL; - - ret = yaca_key_export(der_prv_imported, YACA_KEY_FORMAT_DEFAULT, YACA_KEY_FILE_FORMAT_DER, NULL, &der_prv, &der_prv_len); - if (ret != YACA_ERROR_NONE) - goto exit; - - dump_hex(der_prv, der_prv_len, "\t***** %s DER imported private key: *****", algo); - - - /* PEM public */ - - ret = yaca_key_export(pub, YACA_KEY_FORMAT_DEFAULT, YACA_KEY_FILE_FORMAT_PEM, NULL, &pem_pub, &pem_pub_len); - if (ret != YACA_ERROR_NONE) - goto exit; - ret = yaca_key_import(pub_type, NULL, pem_pub, pem_pub_len, &pem_pub_imported); - if (ret != YACA_ERROR_NONE) - goto exit; - - printf("\n\t***** %s PEM exported public key: *****\n%.*s", algo, (int)pem_pub_len, pem_pub); - yaca_free(pem_pub); - pem_pub = NULL; - - ret = yaca_key_export(pem_pub_imported, YACA_KEY_FORMAT_DEFAULT, YACA_KEY_FILE_FORMAT_PEM, NULL, &pem_pub, &pem_pub_len); - if (ret != YACA_ERROR_NONE) - goto exit; - - printf("\t***** %s PEM imported public key: *****\n%.*s", algo, (int)pem_pub_len, pem_pub); - - - /* DER public */ - - ret = yaca_key_export(pub, YACA_KEY_FORMAT_DEFAULT, YACA_KEY_FILE_FORMAT_DER, NULL, &der_pub, &der_pub_len); - if (ret != YACA_ERROR_NONE) - goto exit; - ret = yaca_key_import(pub_type, NULL, der_pub, der_pub_len, &der_pub_imported); - if (ret != YACA_ERROR_NONE) - goto exit; - - dump_hex(der_pub, der_pub_len, "\n\t***** %s DER exported public key: *****", algo); - yaca_free(der_pub); - der_pub = NULL; - - ret = yaca_key_export(der_pub_imported, YACA_KEY_FORMAT_DEFAULT, YACA_KEY_FILE_FORMAT_DER, NULL, &der_pub, &der_pub_len); - if (ret != YACA_ERROR_NONE) - goto exit; - - dump_hex(der_pub, der_pub_len, "\t***** %s DER imported public key: *****", algo); - -exit: - yaca_key_destroy(der_pub_imported); - yaca_key_destroy(pem_pub_imported); - yaca_key_destroy(der_prv_imported); - yaca_key_destroy(pem_prv_imported); - yaca_free(der_pub); - yaca_free(pem_pub); - yaca_free(der_prv); - yaca_free(pem_prv); - - return ret; -} - -int key_import_x509(void) -{ - int ret; - char *pub = NULL; - size_t pub_len; - yaca_key_h rsa_pub_from_cert = YACA_KEY_NULL; - - ret = read_file("x509.crt", &pub, &pub_len); - if (ret != YACA_ERROR_NONE) { - printf("Make sure you copied a x509.crt from yaca_root/examples to your current directory\n"); - printf("You can also generate one with:\n"); - printf("openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout x509.key -out x509.crt\n"); - return ret; - } - - ret = yaca_key_import(YACA_KEY_TYPE_RSA_PUB, NULL, pub, pub_len, &rsa_pub_from_cert); - if (ret != YACA_ERROR_NONE) - goto exit; - - yaca_free(pub); - pub = NULL; - - ret = yaca_key_export(rsa_pub_from_cert, YACA_KEY_FORMAT_DEFAULT, YACA_KEY_FILE_FORMAT_PEM, NULL, &pub, &pub_len); - if (ret != YACA_ERROR_NONE) - goto exit; - - printf("\n\t***** RSA X509 imported public key: *****\n%.*s", (int)pub_len, pub); - -exit: - yaca_key_destroy(rsa_pub_from_cert); - yaca_free(pub); - - return ret; -} - -int main() -{ - yaca_key_h sym = YACA_KEY_NULL; - yaca_key_h rsa_priv = YACA_KEY_NULL; - yaca_key_h rsa_pub = YACA_KEY_NULL; - yaca_key_h dsa_priv = YACA_KEY_NULL; - yaca_key_h dsa_pub = YACA_KEY_NULL; - int ret; - - ret = yaca_initialize(); - if (ret != YACA_ERROR_NONE) - return ret; - - ret = yaca_key_generate(YACA_KEY_TYPE_SYMMETRIC, YACA_KEY_LENGTH_1024BIT, &sym); - if (ret != YACA_ERROR_NONE) - goto exit; - - ret = yaca_key_generate(YACA_KEY_TYPE_RSA_PRIV, YACA_KEY_LENGTH_1024BIT, &rsa_priv); - if (ret != YACA_ERROR_NONE) - goto exit; - - ret = yaca_key_extract_public(rsa_priv, &rsa_pub); - if (ret != YACA_ERROR_NONE) - goto exit; - - ret = yaca_key_generate(YACA_KEY_TYPE_DSA_PRIV, YACA_KEY_LENGTH_1024BIT, &dsa_priv); - if (ret != YACA_ERROR_NONE) - goto exit; - - ret = yaca_key_extract_public(dsa_priv, &dsa_pub); - if (ret != YACA_ERROR_NONE) - goto exit; - - printf("\t***************************************\n"); - printf("\t************** SYMMETRIC **************\n"); - printf("\t***************************************\n"); - ret = key_import_export_sym(sym); - if (ret == YACA_ERROR_NONE) - printf("\n\t********* SYMMETRIC - success *********\n\n"); - else - printf("\n\t********* SYMMETRIC - failure *********\n\n"); - - printf("\t***************************************\n"); - printf("\t***************** RSA *****************\n"); - printf("\t***************************************\n"); - ret = key_import_export_asym(rsa_priv, rsa_pub, YACA_KEY_TYPE_RSA_PRIV, YACA_KEY_TYPE_RSA_PUB, "RSA"); - if (ret == YACA_ERROR_NONE) - printf("\n\t************ RSA - success ************\n\n"); - else - printf("\n\t************ RSA - failure ************\n\n"); - - printf("\t***************************************\n"); - printf("\t***************** DSA *****************\n"); - printf("\t***************************************\n"); - ret = key_import_export_asym(dsa_priv, dsa_pub, YACA_KEY_TYPE_DSA_PRIV, YACA_KEY_TYPE_DSA_PUB, "DSA"); - if (ret == YACA_ERROR_NONE) - printf("\n\t************ DSA - success ************\n\n"); - else - printf("\n\t************ DSA - failure ************\n\n"); - - printf("\t***************************************\n"); - printf("\t**************** X509 *****************\n"); - printf("\t***************************************\n"); - ret = key_import_x509(); - if (ret == YACA_ERROR_NONE) - printf("\n\t*********** X509 - success ************\n\n"); - else - printf("\n\t*********** X509 - failure ************\n\n"); - -exit: - yaca_key_destroy(dsa_pub); - yaca_key_destroy(dsa_priv); - yaca_key_destroy(rsa_pub); - yaca_key_destroy(rsa_priv); - yaca_key_destroy(sym); - - yaca_cleanup(); - - return ret; -} diff --git a/examples/key_import_export_asym.c b/examples/key_import_export_asym.c new file mode 100644 index 0000000..7d97532 --- /dev/null +++ b/examples/key_import_export_asym.c @@ -0,0 +1,114 @@ +/* + * Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved + * + * Contact: Krzysztof Jackiewicz <k.jackiewicz@samsung.com> + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License + */ + +/** + * @file key_import_export_asym.c + * @brief Asymmetric key import/export API example. + */ + +//! [Asymmetric key import/export API example] +#include <stdio.h> + +#include <yaca_crypto.h> +#include <yaca_key.h> +#include <yaca_error.h> + +/* include helpers functions and definitions */ +#include "misc.h" + +int main() +{ + int ret; + yaca_key_h rsa_priv = YACA_KEY_NULL; + yaca_key_h rsa_pub = YACA_KEY_NULL; + yaca_key_h pem_priv_imported = YACA_KEY_NULL; + yaca_key_h der_pub_imported = YACA_KEY_NULL; + + char *pem_priv = NULL; + size_t pem_priv_len; + char *der_pub = NULL; + size_t der_pub_len; + + ret = yaca_initialize(); + if (ret != YACA_ERROR_NONE) + goto exit; + + ret = yaca_key_generate(YACA_KEY_TYPE_RSA_PRIV, YACA_KEY_LENGTH_2048BIT, &rsa_priv); + if (ret != YACA_ERROR_NONE) + goto exit; + + ret = yaca_key_extract_public(rsa_priv, &rsa_pub); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* PEM private */ + ret = yaca_key_export(rsa_priv, YACA_KEY_FORMAT_DEFAULT, YACA_KEY_FILE_FORMAT_PEM, NULL, + &pem_priv, &pem_priv_len); + if (ret != YACA_ERROR_NONE) + goto exit; + + ret = yaca_key_import(YACA_KEY_TYPE_RSA_PRIV, NULL, pem_priv, pem_priv_len, &pem_priv_imported); + if (ret != YACA_ERROR_NONE) + goto exit; + + printf("\t***** PEM exported private key: *****\n%.*s", (int)pem_priv_len, pem_priv); + yaca_free(pem_priv); + pem_priv = NULL; + + ret = yaca_key_export(pem_priv_imported, YACA_KEY_FORMAT_DEFAULT, YACA_KEY_FILE_FORMAT_PEM, + NULL, &pem_priv, &pem_priv_len); + if (ret != YACA_ERROR_NONE) + goto exit; + + printf("\t***** PEM imported private key: *****\n%.*s", (int)pem_priv_len, pem_priv); + + /* DER public */ + ret = yaca_key_export(rsa_pub, YACA_KEY_FORMAT_DEFAULT, YACA_KEY_FILE_FORMAT_DER, NULL, + &der_pub, &der_pub_len); + if (ret != YACA_ERROR_NONE) + goto exit; + + ret = yaca_key_import(YACA_KEY_TYPE_RSA_PUB, NULL, der_pub, der_pub_len, &der_pub_imported); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* display key in hexadecimal format */ + dump_hex(der_pub, der_pub_len, "\n\t***** DER exported public key: *****"); + yaca_free(der_pub); + der_pub = NULL; + + ret = yaca_key_export(der_pub_imported, YACA_KEY_FORMAT_DEFAULT, YACA_KEY_FILE_FORMAT_DER, + NULL, &der_pub, &der_pub_len); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* display key in hexadecimal format */ + dump_hex(der_pub, der_pub_len, "\t***** DER imported public key: *****"); + +exit: + yaca_key_destroy(rsa_pub); + yaca_key_destroy(rsa_priv); + yaca_key_destroy(pem_priv_imported); + yaca_key_destroy(der_pub_imported); + yaca_free(pem_priv); + yaca_free(der_pub); + + yaca_cleanup(); + return ret; +} +//! [Asymmetric key import/export API example] diff --git a/examples/key_import_export_sym.c b/examples/key_import_export_sym.c new file mode 100644 index 0000000..3dafd9f --- /dev/null +++ b/examples/key_import_export_sym.c @@ -0,0 +1,108 @@ +/* + * Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved + * + * Contact: Krzysztof Jackiewicz <k.jackiewicz@samsung.com> + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License + */ + +/** + * @file key_import_export_sym.c + * @brief Symmetric key import/export API example. + */ + +//! [Symmetric key import/export API example] +#include <stdio.h> + +#include <yaca_crypto.h> +#include <yaca_key.h> +#include <yaca_error.h> + +/* include helpers functions and definitions */ +#include "misc.h" + +int main() +{ + int ret; + yaca_key_h sym_key = YACA_KEY_NULL; + yaca_key_h raw_imported = YACA_KEY_NULL; + yaca_key_h b64_imported = YACA_KEY_NULL; + + char *raw = NULL; + size_t raw_len; + char *b64 = NULL; + size_t b64_len; + + ret = yaca_initialize(); + if (ret != YACA_ERROR_NONE) + goto exit; + + ret = yaca_key_generate(YACA_KEY_TYPE_SYMMETRIC, YACA_KEY_LENGTH_256BIT, &sym_key); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* BASE64 */ + ret = yaca_key_export(sym_key, YACA_KEY_FORMAT_DEFAULT, YACA_KEY_FILE_FORMAT_BASE64, NULL, + &b64, &b64_len); + if (ret != YACA_ERROR_NONE) + goto exit; + + ret = yaca_key_import(YACA_KEY_TYPE_SYMMETRIC, NULL, b64, b64_len, &b64_imported); + if (ret != YACA_ERROR_NONE) + goto exit; + + printf("\t***** BASE64 exported key: *****\n%.*s\n", (int)b64_len, b64); + yaca_free(b64); + b64 = NULL; + + ret = yaca_key_export(b64_imported, YACA_KEY_FORMAT_DEFAULT, YACA_KEY_FILE_FORMAT_BASE64, NULL, + &b64, &b64_len); + if (ret != YACA_ERROR_NONE) + goto exit; + + printf("\t***** BASE64 imported key: *****\n%.*s\n", (int)b64_len, b64); + + /* RAW */ + ret = yaca_key_export(sym_key, YACA_KEY_FORMAT_DEFAULT, YACA_KEY_FILE_FORMAT_RAW, NULL, + &raw, &raw_len); + if (ret != YACA_ERROR_NONE) + goto exit; + + ret = yaca_key_import(YACA_KEY_TYPE_SYMMETRIC, NULL, raw, raw_len, &raw_imported); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* display key in hexadecimal format */ + dump_hex(raw, raw_len, "\n\t***** RAW exported key: *****"); + yaca_free(raw); + raw = NULL; + + ret = yaca_key_export(raw_imported, YACA_KEY_FORMAT_DEFAULT, YACA_KEY_FILE_FORMAT_RAW, NULL, + &raw, &raw_len); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* display key in hexadecimal format */ + dump_hex(raw, raw_len, "\t***** RAW imported key: *****"); + +exit: + yaca_key_destroy(sym_key); + yaca_key_destroy(raw_imported); + yaca_key_destroy(b64_imported); + yaca_free(raw); + yaca_free(b64); + + yaca_cleanup(); + return ret; +} +//! [Symmetric key import/export API example] diff --git a/examples/key_password.c b/examples/key_password.c index 7eb46b4..9c9df78 100644 --- a/examples/key_password.c +++ b/examples/key_password.c @@ -16,90 +16,85 @@ * limitations under the License */ +/** + * @file key_password.c + * @brief Key import/export with password API example. + */ + +//! [Key import/export with password API example] #include <stdio.h> -#include <string.h> #include <yaca_crypto.h> #include <yaca_key.h> -#include <yaca_types.h> #include <yaca_error.h> -#include "misc.h" +/* include helpers functions and definitions */ +#include "misc.h" -void example_password(const yaca_key_h key, yaca_key_format_e key_fmt, - yaca_key_file_format_e key_file_fmt) +int main() { - char *k = NULL; - size_t kl; int ret; + yaca_key_h key = YACA_KEY_NULL; char *password = NULL; - yaca_key_h lkey = YACA_KEY_NULL; + char *key_data = NULL; + size_t key_data_len; - ret = read_stdin_line("encryption pass: ", &password); + ret = yaca_initialize(); if (ret != YACA_ERROR_NONE) goto exit; - ret = yaca_key_export(key, key_fmt, key_file_fmt, password, &k, &kl); - if (ret == YACA_ERROR_INVALID_PARAMETER) - printf("invalid parameter, probably a missing password for PKCS8\n"); + ret = yaca_key_generate(YACA_KEY_TYPE_RSA_PRIV, YACA_KEY_LENGTH_2048BIT, &key); if (ret != YACA_ERROR_NONE) goto exit; - yaca_free(password); - password = NULL; + /* Export key */ + { + ret = read_stdin_line("encryption pass: ", &password); + if (ret != YACA_ERROR_NONE) + goto exit; + + ret = yaca_key_export(key, YACA_KEY_FORMAT_PKCS8, YACA_KEY_FILE_FORMAT_PEM, password, + &key_data, &key_data_len); + if (ret == YACA_ERROR_INVALID_PARAMETER) + printf("invalid parameter, probably a missing password for PKCS8\n"); + if (ret != YACA_ERROR_NONE) + goto exit; - ret = yaca_key_import(YACA_KEY_TYPE_RSA_PRIV, NULL, k, kl, &lkey); - if (ret == YACA_ERROR_INVALID_PASSWORD) { + yaca_key_destroy(key); + key = YACA_KEY_NULL; + yaca_free(password); + password = NULL; + } + + /* Import key */ + { ret = read_stdin_line("decryption pass: ", &password); if (ret != YACA_ERROR_NONE) goto exit; - ret = yaca_key_import(YACA_KEY_TYPE_RSA_PRIV, password, k, kl, &lkey); + ret = yaca_key_import(YACA_KEY_TYPE_RSA_PRIV, password, key_data, key_data_len, &key); if (ret == YACA_ERROR_INVALID_PASSWORD) printf("invalid password\n"); - } - - if (ret != YACA_ERROR_NONE) - goto exit; + if (ret != YACA_ERROR_NONE) + goto exit; - yaca_free(k); - k = NULL; + yaca_free(key_data); + key_data = NULL; - ret = yaca_key_export(lkey, key_fmt, YACA_KEY_FILE_FORMAT_PEM, password, &k, &kl); - if (ret != YACA_ERROR_NONE) - goto exit; + ret = yaca_key_export(key, YACA_KEY_FORMAT_PKCS8, YACA_KEY_FILE_FORMAT_PEM, password, + &key_data, &key_data_len); + if (ret != YACA_ERROR_NONE) + goto exit; - printf("%.*s", (int)kl, k); + printf("%.*s", (int)key_data_len, key_data); + } exit: - yaca_free(k); + yaca_free(key_data); yaca_free(password); - yaca_key_destroy(lkey); -} - -int main() -{ - int ret; - yaca_key_h key = YACA_KEY_NULL; - - ret = yaca_initialize(); - if (ret != YACA_ERROR_NONE) - goto exit; - - ret = yaca_key_generate(YACA_KEY_TYPE_RSA_PRIV, YACA_KEY_LENGTH_1024BIT, &key); - if (ret != YACA_ERROR_NONE) - goto exit; - - printf("Default format with PEM:\n"); - example_password(key, YACA_KEY_FORMAT_DEFAULT, YACA_KEY_FILE_FORMAT_PEM); - printf("\nPKCS8 format with PEM:\n"); - example_password(key, YACA_KEY_FORMAT_PKCS8, YACA_KEY_FILE_FORMAT_PEM); - printf("\nPKCS8 format with DER:\n"); - example_password(key, YACA_KEY_FORMAT_PKCS8, YACA_KEY_FILE_FORMAT_DER); - -exit: yaca_key_destroy(key); - yaca_cleanup(); - return 0; + yaca_cleanup(); + return ret; } +//! [Key import/export with password API example] diff --git a/examples/key_wrap.c b/examples/key_wrap.c index 6162397..5363268 100644 --- a/examples/key_wrap.c +++ b/examples/key_wrap.c @@ -18,46 +18,48 @@ /** * @file key_wrap.c - * @brief + * @brief Key wrapping API example. */ -#include <stdio.h> -#include <stdlib.h> - +//! [Key wrapping API example] #include <yaca_crypto.h> #include <yaca_simple.h> #include <yaca_encrypt.h> #include <yaca_key.h> #include <yaca_error.h> +/* include helpers functions and definitions */ #include "misc.h" -void key_wrap_aes(void) +int main() { int ret; - yaca_key_h sym_key = YACA_KEY_NULL; - yaca_key_h iv = YACA_KEY_NULL; yaca_key_h aes_key = YACA_KEY_NULL; - + yaca_key_h key = YACA_KEY_NULL; + yaca_key_h iv = YACA_KEY_NULL; size_t iv_bit_len; - char *key_data = NULL; - size_t key_data_len; - char *wrapped_key = NULL; - size_t wrapped_key_len; - printf("\n***** AES key wrapping ******\n"); + char *aes_key_data = NULL; + size_t aes_key_data_len; + char *wrapped_key_data = NULL; + size_t wrapped_key_data_len; + + ret = yaca_initialize(); + if (ret != YACA_ERROR_NONE) + goto exit; + /* Generate key to wrap */ ret = yaca_key_generate(YACA_KEY_TYPE_SYMMETRIC, YACA_KEY_LENGTH_256BIT, &aes_key); if (ret != YACA_ERROR_NONE) goto exit; - ret = yaca_key_generate(YACA_KEY_TYPE_SYMMETRIC, YACA_KEY_LENGTH_192BIT, &sym_key); + /* Key generation */ + ret = yaca_key_generate(YACA_KEY_TYPE_SYMMETRIC, YACA_KEY_LENGTH_256BIT, &key); if (ret != YACA_ERROR_NONE) goto exit; - ret = yaca_encrypt_get_iv_bit_length(YACA_ENCRYPT_AES, - YACA_BCM_WRAP, - YACA_KEY_LENGTH_192BIT, + /* IV generation */ + ret = yaca_encrypt_get_iv_bit_length(YACA_ENCRYPT_AES, YACA_BCM_WRAP, YACA_KEY_LENGTH_256BIT, &iv_bit_len); if (ret != YACA_ERROR_NONE) goto exit; @@ -71,139 +73,51 @@ void key_wrap_aes(void) /* Key wrapping */ { ret = yaca_key_export(aes_key, YACA_KEY_FORMAT_DEFAULT, YACA_KEY_FILE_FORMAT_RAW, NULL, - &key_data, &key_data_len); + &aes_key_data, &aes_key_data_len); if (ret != YACA_ERROR_NONE) goto exit; - ret = yaca_simple_encrypt(YACA_ENCRYPT_AES, YACA_BCM_WRAP, sym_key, iv, - key_data, key_data_len, - &wrapped_key, &wrapped_key_len); + ret = yaca_simple_encrypt(YACA_ENCRYPT_AES, YACA_BCM_WRAP, key, iv, + aes_key_data, aes_key_data_len, + &wrapped_key_data, &wrapped_key_data_len); if (ret != YACA_ERROR_NONE) goto exit; - dump_hex(key_data, key_data_len, "***** Unwrapped key:*****"); - dump_hex(wrapped_key, wrapped_key_len, "***** Wrapped key:*****"); + /* display key in hexadecimal format */ + dump_hex(aes_key_data, aes_key_data_len, "***** Unwrapped key:*****"); + dump_hex(wrapped_key_data, wrapped_key_data_len, "***** Wrapped key:*****"); } - yaca_free(key_data); - key_data = NULL; + yaca_free(aes_key_data); + aes_key_data = NULL; yaca_key_destroy(aes_key); aes_key = YACA_KEY_NULL; /* Key unwrapping */ { - ret = yaca_simple_decrypt(YACA_ENCRYPT_AES, YACA_BCM_WRAP, sym_key, iv, - wrapped_key, wrapped_key_len, - &key_data, &key_data_len); + ret = yaca_simple_decrypt(YACA_ENCRYPT_AES, YACA_BCM_WRAP, key, iv, + wrapped_key_data, wrapped_key_data_len, + &aes_key_data, &aes_key_data_len); if (ret != YACA_ERROR_NONE) goto exit; - ret = yaca_key_import(YACA_KEY_TYPE_SYMMETRIC, NULL, key_data, key_data_len, &aes_key); + ret = yaca_key_import(YACA_KEY_TYPE_SYMMETRIC, NULL, aes_key_data, aes_key_data_len, + &aes_key); if (ret != YACA_ERROR_NONE) goto exit; - dump_hex(key_data, key_data_len, "***** Unwrapped key:*****"); + /* display key in hexadecimal format */ + dump_hex(aes_key_data, aes_key_data_len, "***** Unwrapped key:*****"); } exit: yaca_key_destroy(aes_key); - yaca_key_destroy(sym_key); + yaca_key_destroy(key); yaca_key_destroy(iv); - yaca_free(key_data); - yaca_free(wrapped_key); -} - -void key_wrap_des(void) -{ - int ret; - yaca_key_h sym_key = YACA_KEY_NULL; - yaca_key_h iv = YACA_KEY_NULL; - yaca_key_h des_key = YACA_KEY_NULL; - - size_t iv_bit_len; - char *key_data = NULL; - size_t key_data_len; - char *wrapped_key = NULL; - size_t wrapped_key_len; - - printf("\n***** 3DES key wrapping ******\n"); - - ret = yaca_key_generate(YACA_KEY_TYPE_DES, YACA_KEY_LENGTH_192BIT, &des_key); - if (ret != YACA_ERROR_NONE) - goto exit; - - ret = yaca_key_generate(YACA_KEY_TYPE_DES, YACA_KEY_LENGTH_192BIT, &sym_key); - if (ret != YACA_ERROR_NONE) - goto exit; - - ret = yaca_encrypt_get_iv_bit_length(YACA_ENCRYPT_3DES_3TDEA, - YACA_BCM_WRAP, - YACA_KEY_LENGTH_192BIT, - &iv_bit_len); - if (ret != YACA_ERROR_NONE) - goto exit; - - if (iv_bit_len > 0) { - ret = yaca_key_generate(YACA_KEY_TYPE_IV, iv_bit_len, &iv); - if (ret != YACA_ERROR_NONE) - goto exit; - } - - /* Key wrapping */ - { - ret = yaca_key_export(des_key, YACA_KEY_FORMAT_DEFAULT, YACA_KEY_FILE_FORMAT_RAW, NULL, - &key_data, &key_data_len); - if (ret != YACA_ERROR_NONE) - goto exit; - - ret = yaca_simple_encrypt(YACA_ENCRYPT_3DES_3TDEA, YACA_BCM_WRAP, sym_key, iv, - key_data, key_data_len, - &wrapped_key, &wrapped_key_len); - if (ret != YACA_ERROR_NONE) - goto exit; - - dump_hex(key_data, key_data_len, "***** Unwrapped key:*****"); - dump_hex(wrapped_key, wrapped_key_len, "***** Wrapped key:*****"); - } - - yaca_free(key_data); - key_data = NULL; - yaca_key_destroy(des_key); - des_key = YACA_KEY_NULL; - - /* Key unwrapping */ - { - ret = yaca_simple_decrypt(YACA_ENCRYPT_3DES_3TDEA, YACA_BCM_WRAP, sym_key, iv, - wrapped_key, wrapped_key_len, - &key_data, &key_data_len); - if (ret != YACA_ERROR_NONE) - goto exit; - - ret = yaca_key_import(YACA_KEY_TYPE_DES, NULL, key_data, key_data_len, &des_key); - if (ret != YACA_ERROR_NONE) - goto exit; - - dump_hex(key_data, key_data_len, "***** Unwrapped key:*****"); - } - -exit: - yaca_key_destroy(des_key); - yaca_key_destroy(sym_key); - yaca_key_destroy(iv); - yaca_free(key_data); - yaca_free(wrapped_key); -} - -int main() -{ - int ret = yaca_initialize(); - if (ret != YACA_ERROR_NONE) - return ret; - - key_wrap_aes(); - key_wrap_des(); + yaca_free(aes_key_data); + yaca_free(wrapped_key_data); yaca_cleanup(); return ret; } - +//! [Key wrapping API example] diff --git a/examples/lorem.c b/examples/lorem.c deleted file mode 100644 index d6f9f42..0000000 --- a/examples/lorem.c +++ /dev/null @@ -1,37 +0,0 @@ -/* - * Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved - * - * Contact: Krzysztof Jackiewicz <k.jackiewicz@samsung.com> - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License - */ - -/** - * @file lorem.c - * @brief Lorem Ipsum - */ - -#include "lorem.h" - -const char lorem8[LOREM8_SIZE] = "Lorem i"; -const char lorem16[LOREM16_SIZE] = "Lorem ipsum dol"; -const char lorem1024[LOREM1024_SIZE] = "Lorem ipsum dolor sit amet, consectetur adipiscing elit. Donec non dolor tincidunt, vehicula erat non, pulvinar nisl. Suspendisse gravida commodo hendrerit. Sed ex magna, aliquet malesuada lectus ut, porttitor tincidunt ante. Nulla facilisi. Morbi nec scelerisque risus. Sed a gravida sapien. Cras sed neque bibendum, dapibus lectus sed, porta nulla. Morbi tristique velit lacus, at luctus turpis mollis sed. Nam quis sapien eu magna cursus venenatis. Phasellus et vestibulum urna, non pellentesque ex. Class aptent taciti sociosqu ad litora torquent per conubia nostra, per inceptos himenaeos. Etiam pretium aliquam porta.\ -Morbi magna metus, commodo in fermentum id, mattis pretium mauris. Donec sed rhoncus justo. Duis fringilla sem quis velit dignissim bibendum. Sed porta efficitur ipsum, in dignissim magna molestie eu. Sed elementum maximus risus. Quisque cursus urna lectus, sit amet fringilla purus tempor eu. Praesent tincidunt dolor sit amet dolor vulputate, et molestie tellus euismod. Proin suscipit dictum amet."; - -const char lorem4096[LOREM4096_SIZE] = "Lorem ipsum dolor sit amet, consectetur adipiscing elit. Vivamus congue semper ipsum, ac convallis magna rhoncus sit amet. Donec pellentesque maximus convallis. Mauris ut egestas sem. Maecenas efficitur suscipit auctor. Nunc malesuada laoreet porttitor. Donec gravida tortor nisi, in mattis lectus porta ut. Integer vehicula eros et tellus placerat, nec fermentum justo aliquet.\ -Maecenas metus massa, ultrices et ultricies sed, imperdiet nec dolor. Nam eget massa eros. Proin vitae laoreet metus, at scelerisque massa. Nullam convallis dolor id nisl iaculis, a gravida risus pretium. Proin non nunc eget nibh fermentum dignissim. Nullam tristique, odio eget rutrum sagittis, tortor purus cursus nunc, nec iaculis quam nunc ac metus. Cras ut tortor a eros porta vehicula non at lectus. Aliquam volutpat quis nisi ut mattis. Curabitur semper vehicula ultrices. Aenean cursus laoreet venenatis. Aenean vulputate, nisl id facilisis fringilla, neque velit posuere libero, et viverra tortor felis vitae urna. Sed in congue nunc. Fusce molestie tempor pharetra. Cras sodales pulvinar nunc non sollicitudin.\ -Maecenas vehicula metus ac tristique ultricies. Suspendisse potenti. Pellentesque suscipit egestas augue, sed dictum orci. Pellentesque eu lorem ultricies, vestibulum est in, bibendum turpis. Proin placerat tincidunt metus, eget volutpat dolor. Pellentesque varius leo eget velit lobortis, sit amet congue orci bibendum. Aliquam vitae posuere lorem. Donec sed convallis diam. Quisque aliquam interdum purus, eu ornare ex ullamcorper iaculis. In sit amet nisl eu nisl ultricies dapibus. Aenean finibus efficitur elit ut sodales. Nam sit amet auctor sem, eu iaculis nunc. Vivamus mattis arcu a viverra faucibus. In dignissim, nisi sit amet consectetur tempus, lorem dui fringilla augue, sit amet lacinia lectus sapien efficitur odio.\ -Nullam et egestas enim. Nam sit amet mi malesuada, dapibus felis quis, viverra mauris. Ut quis enim eu neque porta vehicula. Etiam ullamcorper vitae turpis vehicula blandit. Maecenas blandit tristique semper. Aliquam at sagittis enim. Donec quis molestie urna. Duis ut urna blandit, pellentesque magna ultrices, dignissim mi. Morbi fermentum ex massa, ut facilisis est tincidunt vel. Nam sed erat in lacus molestie mattis quis ut leo. Phasellus tempus elit urna, eget sagittis purus volutpat sed. Suspendisse aliquam, sem vel gravida lobortis, tortor orci ornare nisi, sed mollis ligula sem nec risus. In a ex nibh. Praesent odio est, molestie sed vestibulum id, varius sit amet lectus. Donec vel diam efficitur, tristique ligula a, aliquet felis. Nullam sit amet neque tellus.\ -Phasellus aliquet non libero non aliquet. Aliquam efficitur ultrices tortor vitae lobortis. Pellentesque sed dolor quis nisl faucibus eleifend vitae ultrices est. Integer et libero quis nisl sollicitudin volutpat sit amet a quam. Vivamus commodo dolor augue, volutpat dapibus odio dapibus et. Nulla sed congue nisl. Duis nunc sem, condimentum nec neque ac, blandit blandit quam. Integer tincidunt ipsum nec risus viverra mollis. In porta porttitor mattis. Nulla ac eleifend nibh. Vivamus suscipit at nunc ac interdum. In fermentum fringilla odio.\ -Sed nec erat eget mauris varius pulvinar. Ut fermentum ante non erat elementum, vitae tempor velit blandit. Curabitur turpis tellus, sodales sit amet mattis nec, volutpat ac magna. Nulla quam orci, rutrum sit amet imperdiet ut, iaculis in nisl. Donec semper vitae tellus nec bibendum. Nam pharetra hendrerit sapien quis rutrum. Morbi tincidunt justo ut sodales ullamcorper. Suspendisse eget pellentesque nulla, non placerat purus. Donec placerat id turpis in interdum. Curabitur lobortis risus et placerat commodo. Morbi pulvinar eros leo, scelerisque rutrum arcu pretium at. Quisque eget diam dui. Quisque bibendum luctus arcu quis semper. Nullam erat lacus, lacinia sit amet neque aliquam, lacinia maximus lorem.\ -Nunc ac purus vel sem laoreet interdum quis eget ligula. Aenean id nisl ut quam vehicula pretium sed sit amet urna. Aenean diam lorem, vehicula et sapien nec, pellentesque consectetur libero. Cras fringilla nibh eu libero nullam."; diff --git a/examples/lorem.h b/examples/lorem.h deleted file mode 100644 index 8d1ad45..0000000 --- a/examples/lorem.h +++ /dev/null @@ -1,45 +0,0 @@ -/* - * Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved - * - * Contact: Krzysztof Jackiewicz <k.jackiewicz@samsung.com> - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License - */ - -/** - * @file lorem.h - * @brief - */ - -#ifndef LOREM_H -#define LOREM_H - -#include <stddef.h> - -/** - * Test strings, sizes include null-termination - */ -extern const char lorem8[]; -extern const char lorem16[]; -extern const char lorem1024[]; -extern const char lorem4096[]; - -/** - * Sizes of test strings - */ -#define LOREM8_SIZE ((size_t)8) -#define LOREM16_SIZE ((size_t)16) -#define LOREM1024_SIZE ((size_t)1024) -#define LOREM4096_SIZE ((size_t)4096) - -#endif diff --git a/examples/misc.c b/examples/misc.c index 07784d7..6478fc5 100644 --- a/examples/misc.c +++ b/examples/misc.c @@ -20,12 +20,7 @@ * @file misc.c * @brief */ - -#define _POSIX_C_SOURCE 200809L - -#include <stdio.h> -#include <stdarg.h> -#include <string.h> +#define _GNU_SOURCE #include <openssl/bio.h> @@ -45,81 +40,6 @@ void dump_hex(const char *buf, size_t dump_len, const char *fmt, ...) BIO_dump_fp(stdout, buf, dump_len); } -void debug_func(const char *buf) -{ - puts(buf); -} - -int write_file(const char *path, const char *data, size_t data_len) -{ - size_t written = 0; - FILE *f; - - f = fopen(path, "w"); - if (f == NULL) - return -1; - - while (written != data_len) { - int ret = fwrite(data + written, 1, data_len - written, f); - - if (ferror(f) != 0) { - fclose(f); - return -1; - } - - written += ret; - } - - fclose(f); - return 0; -} - -#define BUF_SIZE 512 - -int read_file(const char *path, char **data, size_t *data_len) -{ - int ret; - char tmp[BUF_SIZE]; - char *buf = NULL; - size_t buf_len = 0; - FILE *f; - - f = fopen(path, "r"); - if (f == NULL) - return -1; - - for (;;) { - size_t read = fread(tmp, 1, BUF_SIZE, f); - - if (read > 0) { - if (yaca_realloc(buf_len + read, (void**)&buf) != YACA_ERROR_NONE) { - ret = -1; - break; - } - - memcpy(buf + buf_len, tmp, read); - buf_len += read; - } - - if (ferror(f) != 0) { - ret = -1; - break; - } - - if (feof(f)) { - *data = buf; - *data_len = buf_len; - buf = NULL; - ret = 0; - break; - } - } - - fclose(f); - free(buf); - return ret; -} - int read_stdin_line(const char *prompt, char **string) { char *buf = NULL; @@ -132,15 +52,25 @@ int read_stdin_line(const char *prompt, char **string) read = getline(&buf, &size, stdin); if (read <= 0) { free(buf); - return -1; + return YACA_ERROR_INVALID_PARAMETER; } - if (yaca_realloc(read, (void**)&buf) != YACA_ERROR_NONE) { - free(buf); - return -1; + int ret = yaca_realloc(read, (void**)&buf); + if (ret != YACA_ERROR_NONE) { + yaca_free(buf); + return ret; } buf[read - 1] = '\0'; *string = buf; - return 0; + return YACA_ERROR_NONE; } + +const char INPUT_DATA[INPUT_DATA_SIZE] = "Lorem ipsum dolor sit amet, consectetur adipiscing elit. Vivamus congue semper ipsum, ac convallis magna rhoncus sit amet. Donec pellentesque maximus convallis. Mauris ut egestas sem. Maecenas efficitur suscipit auctor. Nunc malesuada laoreet porttitor. Donec gravida tortor nisi, in mattis lectus porta ut. Integer vehicula eros et tellus placerat, nec fermentum justo aliquet.\ +Maecenas metus massa, ultrices et ultricies sed, imperdiet nec dolor. Nam eget massa eros. Proin vitae laoreet metus, at scelerisque massa. Nullam convallis dolor id nisl iaculis, a gravida risus pretium. Proin non nunc eget nibh fermentum dignissim. Nullam tristique, odio eget rutrum sagittis, tortor purus cursus nunc, nec iaculis quam nunc ac metus. Cras ut tortor a eros porta vehicula non at lectus. Aliquam volutpat quis nisi ut mattis. Curabitur semper vehicula ultrices. Aenean cursus laoreet venenatis. Aenean vulputate, nisl id facilisis fringilla, neque velit posuere libero, et viverra tortor felis vitae urna. Sed in congue nunc. Fusce molestie tempor pharetra. Cras sodales pulvinar nunc non sollicitudin.\ +Maecenas vehicula metus ac tristique ultricies. Suspendisse potenti. Pellentesque suscipit egestas augue, sed dictum orci. Pellentesque eu lorem ultricies, vestibulum est in, bibendum turpis. Proin placerat tincidunt metus, eget volutpat dolor. Pellentesque varius leo eget velit lobortis, sit amet congue orci bibendum. Aliquam vitae posuere lorem. Donec sed convallis diam. Quisque aliquam interdum purus, eu ornare ex ullamcorper iaculis. In sit amet nisl eu nisl ultricies dapibus. Aenean finibus efficitur elit ut sodales. Nam sit amet auctor sem, eu iaculis nunc. Vivamus mattis arcu a viverra faucibus. In dignissim, nisi sit amet consectetur tempus, lorem dui fringilla augue, sit amet lacinia lectus sapien efficitur odio.\ +Nullam et egestas enim. Nam sit amet mi malesuada, dapibus felis quis, viverra mauris. Ut quis enim eu neque porta vehicula. Etiam ullamcorper vitae turpis vehicula blandit. Maecenas blandit tristique semper. Aliquam at sagittis enim. Donec quis molestie urna. Duis ut urna blandit, pellentesque magna ultrices, dignissim mi. Morbi fermentum ex massa, ut facilisis est tincidunt vel. Nam sed erat in lacus molestie mattis quis ut leo. Phasellus tempus elit urna, eget sagittis purus volutpat sed. Suspendisse aliquam, sem vel gravida lobortis, tortor orci ornare nisi, sed mollis ligula sem nec risus. In a ex nibh. Praesent odio est, molestie sed vestibulum id, varius sit amet lectus. Donec vel diam efficitur, tristique ligula a, aliquet felis. Nullam sit amet neque tellus.\ +Phasellus aliquet non libero non aliquet. Aliquam efficitur ultrices tortor vitae lobortis. Pellentesque sed dolor quis nisl faucibus eleifend vitae ultrices est. Integer et libero quis nisl sollicitudin volutpat sit amet a quam. Vivamus commodo dolor augue, volutpat dapibus odio dapibus et. Nulla sed congue nisl. Duis nunc sem, condimentum nec neque ac, blandit blandit quam. Integer tincidunt ipsum nec risus viverra mollis. In porta porttitor mattis. Nulla ac eleifend nibh. Vivamus suscipit at nunc ac interdum. In fermentum fringilla odio.\ +Sed nec erat eget mauris varius pulvinar. Ut fermentum ante non erat elementum, vitae tempor velit blandit. Curabitur turpis tellus, sodales sit amet mattis nec, volutpat ac magna. Nulla quam orci, rutrum sit amet imperdiet ut, iaculis in nisl. Donec semper vitae tellus nec bibendum. Nam pharetra hendrerit sapien quis rutrum. Morbi tincidunt justo ut sodales ullamcorper. Suspendisse eget pellentesque nulla, non placerat purus. Donec placerat id turpis in interdum. Curabitur lobortis risus et placerat commodo. Morbi pulvinar eros leo, scelerisque rutrum arcu pretium at. Quisque eget diam dui. Quisque bibendum luctus arcu quis semper. Nullam erat lacus, lacinia sit amet neque aliquam, lacinia maximus lorem.\ +Nunc ac purus vel sem laoreet interdum quis eget ligula. Aenean id nisl ut quam vehicula pretium sed sit amet urna. Aenean diam lorem, vehicula et sapien nec, pellentesque consectetur libero. Cras fringilla nibh eu libero nullam."; + diff --git a/examples/misc.h b/examples/misc.h index 33c50bb..70f3454 100644 --- a/examples/misc.h +++ b/examples/misc.h @@ -24,16 +24,11 @@ #ifndef MISC_H #define MISC_H -#include <stddef.h> +extern const char INPUT_DATA[]; +#define INPUT_DATA_SIZE ((size_t)4096) void dump_hex(const char *buf, size_t dump_len, const char *fmt, ...); -void debug_func(const char *buf); - -int write_file(const char *path, const char *data, size_t data_len); - -int read_file(const char *path, char **data, size_t *data_len); - int read_stdin_line(const char *prompt, char **string); #endif /* MISC_H */ diff --git a/examples/rsa.c b/examples/rsa.c deleted file mode 100644 index 1c0487b..0000000 --- a/examples/rsa.c +++ /dev/null @@ -1,150 +0,0 @@ -/* - * Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved - * - * Contact: Krzysztof Jackiewicz <k.jackiewicz@samsung.com> - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License - */ - -/** - * @file rsa.c - * @brief - */ - -#include <stdio.h> - -#include <yaca_crypto.h> -#include <yaca_rsa.h> -#include <yaca_types.h> -#include <yaca_key.h> -#include <yaca_error.h> - -#include "lorem.h" -#include "misc.h" - -static int public_encrypt() -{ - yaca_key_h prv_key = YACA_KEY_NULL; - yaca_key_h pub_key = YACA_KEY_NULL; - char *ciphertext = NULL; - size_t ciphertext_len; - char *plaintext = NULL; - size_t plaintext_len; - const size_t key_bit_len = YACA_KEY_LENGTH_1024BIT; - const size_t input_len = key_bit_len / 8 - 12; - int ret; - - printf("Plain data (16 of %zu bytes): %.16s\n", input_len, lorem1024); - - /* Key generation */ - ret = yaca_key_generate(YACA_KEY_TYPE_RSA_PRIV, key_bit_len, &prv_key); - if (ret != YACA_ERROR_NONE) - return ret; - - ret = yaca_key_extract_public(prv_key, &pub_key); - if (ret != YACA_ERROR_NONE) - goto exit; - - /* encrypt with PKCS1 padding */ - ret = yaca_rsa_public_encrypt(YACA_PADDING_PKCS1, pub_key, - lorem1024, input_len, - &ciphertext, &ciphertext_len); - if (ret != YACA_ERROR_NONE) - goto exit; - - dump_hex(ciphertext, 16, "Encrypted data (16 of %zu bytes): ", ciphertext_len); - - /* - * YACA_PADDING_PKCS1_SSLV23 is compatible with YACA_PADDING_PKCS1. It is used to detect if - * both the encrypting and decrypting side used YACA_PADDING_PKCS1_SSLV23, that is, both are - * SSL3 capable but use the SSL2 (rollback attack detection). - */ - ret = yaca_rsa_private_decrypt(YACA_PADDING_PKCS1_SSLV23, prv_key, - ciphertext, ciphertext_len, - &plaintext, &plaintext_len); - if (ret != YACA_ERROR_NONE) - goto exit; - - printf("Decrypted data (16 of %zu bytes): %.16s\n\n", plaintext_len, plaintext); - -exit: - yaca_free(ciphertext); - yaca_free(plaintext); - yaca_key_destroy(prv_key); - yaca_key_destroy(pub_key); - return ret; -} - -static int private_encrypt() -{ - yaca_key_h prv_key = YACA_KEY_NULL; - yaca_key_h pub_key = YACA_KEY_NULL; - char *ciphertext = NULL; - size_t ciphertext_len; - char *plaintext = NULL; - size_t plaintext_len; - const size_t key_bit_len = YACA_KEY_LENGTH_1024BIT; - const size_t input_len = key_bit_len / 8 - 12; - int ret; - - printf("Plain data (16 of %zu bytes): %.16s\n", input_len, lorem1024); - - /* Key generation */ - ret = yaca_key_generate(YACA_KEY_TYPE_RSA_PRIV, key_bit_len, &prv_key); - if (ret != YACA_ERROR_NONE) - return ret; - - ret = yaca_key_extract_public(prv_key, &pub_key); - if (ret != YACA_ERROR_NONE) - goto exit; - - ret = yaca_rsa_private_encrypt(YACA_PADDING_PKCS1, prv_key, - lorem1024, input_len, - &ciphertext, &ciphertext_len); - if (ret != YACA_ERROR_NONE) - goto exit; - - dump_hex(ciphertext, 16, "Encrypted data (16 of %zu bytes): ", ciphertext_len); - - ret = yaca_rsa_public_decrypt(YACA_PADDING_PKCS1, pub_key, - ciphertext, ciphertext_len, - &plaintext, &plaintext_len); - if (ret != YACA_ERROR_NONE) - goto exit; - - printf("Decrypted data (16 of %zu bytes): %.16s\n\n", plaintext_len, plaintext); - -exit: - yaca_free(ciphertext); - yaca_free(plaintext); - yaca_key_destroy(prv_key); - yaca_key_destroy(pub_key); - return ret; -} - -int main() -{ - int ret = yaca_initialize(); - if (ret != YACA_ERROR_NONE) - return ret; - - ret = public_encrypt(); - if (ret != YACA_ERROR_NONE) - goto exit; - - ret = private_encrypt(); - -exit: - yaca_cleanup(); - return ret; -} diff --git a/examples/rsa_private.c b/examples/rsa_private.c new file mode 100644 index 0000000..d8b9818 --- /dev/null +++ b/examples/rsa_private.c @@ -0,0 +1,94 @@ +/* + * Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved + * + * Contact: Krzysztof Jackiewicz <k.jackiewicz@samsung.com> + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License + */ + +/** + * @file rsa_private.c + * @brief Private RSA Encrypt API example. + */ + +//! [Private RSA Encrypt API example] +#include <stdio.h> + +#include <yaca_crypto.h> +#include <yaca_rsa.h> +#include <yaca_key.h> +#include <yaca_error.h> + +/* include helpers functions and definitions */ +#include "misc.h" + +int main() +{ + int ret; + yaca_key_h rsa_priv = YACA_KEY_NULL; + yaca_key_h rsa_pub = YACA_KEY_NULL; + + char *encrypted = NULL; + char *decrypted = NULL; + size_t encrypted_len; + size_t decrypted_len; + + const size_t key_bit_len = YACA_KEY_LENGTH_1024BIT; + const size_t input_len = key_bit_len / 8 - 12; + + printf("Plain data (16 of %zu bytes): %.16s\n", input_len, INPUT_DATA); + + ret = yaca_initialize(); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Key generation */ + ret = yaca_key_generate(YACA_KEY_TYPE_RSA_PRIV, key_bit_len, &rsa_priv); + if (ret != YACA_ERROR_NONE) + goto exit; + + ret = yaca_key_extract_public(rsa_priv, &rsa_pub); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Encryption */ + { + ret = yaca_rsa_private_encrypt(YACA_PADDING_PKCS1, rsa_priv, INPUT_DATA, input_len, + &encrypted, &encrypted_len); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* display encrypted data in hexadecimal format */ + dump_hex(encrypted, 16, "Encrypted data (16 of %zu bytes): ", encrypted_len); + } + + /* Decryption */ + { + ret = yaca_rsa_public_decrypt(YACA_PADDING_PKCS1, rsa_pub, encrypted, encrypted_len, + &decrypted, &decrypted_len); + if (ret != YACA_ERROR_NONE) + goto exit; + + printf("Decrypted data (16 of %zu bytes): %.16s\n\n", decrypted_len, decrypted); + } + +exit: + yaca_free(encrypted); + yaca_free(decrypted); + yaca_key_destroy(rsa_priv); + yaca_key_destroy(rsa_pub); + + yaca_cleanup(); + return ret; +} +//! [Private RSA Encrypt API example] diff --git a/examples/rsa_public.c b/examples/rsa_public.c new file mode 100644 index 0000000..08c788a --- /dev/null +++ b/examples/rsa_public.c @@ -0,0 +1,100 @@ +/* + * Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved + * + * Contact: Krzysztof Jackiewicz <k.jackiewicz@samsung.com> + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License + */ + +/** + * @file rsa_public.c + * @brief Public RSA Encrypt API example. + */ + +//! [Public RSA Encrypt API example] +#include <stdio.h> + +#include <yaca_crypto.h> +#include <yaca_rsa.h> +#include <yaca_key.h> +#include <yaca_error.h> + +/* include helpers functions and definitions */ +#include "misc.h" + +int main() +{ + int ret; + yaca_key_h rsa_priv = YACA_KEY_NULL; + yaca_key_h rsa_pub = YACA_KEY_NULL; + + char *encrypted = NULL; + char *decrypted = NULL; + size_t encrypted_len; + size_t decrypted_len; + + const size_t key_bit_len = YACA_KEY_LENGTH_1024BIT; + const size_t input_len = key_bit_len / 8 - 12; + + printf("Plain data (16 of %zu bytes): %.16s\n", input_len, INPUT_DATA); + + ret = yaca_initialize(); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Key generation */ + ret = yaca_key_generate(YACA_KEY_TYPE_RSA_PRIV, key_bit_len, &rsa_priv); + if (ret != YACA_ERROR_NONE) + goto exit; + + ret = yaca_key_extract_public(rsa_priv, &rsa_pub); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Encryption */ + { + ret = yaca_rsa_public_encrypt(YACA_PADDING_PKCS1, rsa_pub, INPUT_DATA, input_len, + &encrypted, &encrypted_len); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* display encrypted data in hexadecimal format */ + dump_hex(encrypted, 16, "Encrypted data (16 of %zu bytes): ", encrypted_len); + } + + /* + * YACA_PADDING_PKCS1_SSLV23 is compatible with YACA_PADDING_PKCS1. It is used to detect if + * both the encrypting and decrypting side used YACA_PADDING_PKCS1_SSLV23, that is, both are + * SSL3 capable but use the SSL2 (rollback attack detection). + */ + + /* Decryption */ + { + ret = yaca_rsa_private_decrypt(YACA_PADDING_PKCS1, rsa_priv, encrypted, encrypted_len, + &decrypted, &decrypted_len); + if (ret != YACA_ERROR_NONE) + goto exit; + + printf("Decrypted data (16 of %zu bytes): %.16s\n\n", decrypted_len, decrypted); + } + +exit: + yaca_free(encrypted); + yaca_free(decrypted); + yaca_key_destroy(rsa_priv); + yaca_key_destroy(rsa_pub); + + yaca_cleanup(); + return ret; +} +//! [Public RSA Encrypt API example] diff --git a/examples/seal.c b/examples/seal.c index 494c416..821df48 100644 --- a/examples/seal.c +++ b/examples/seal.c @@ -18,9 +18,10 @@ /** * @file seal.c - * @brief + * @brief Asymmetric Encryption API example. */ +//! [Asymmetric Encryption API example] #include <stdio.h> #include <yaca_crypto.h> @@ -28,346 +29,86 @@ #include <yaca_key.h> #include <yaca_error.h> -#include "lorem.h" +/* include helpers functions and definitions */ #include "misc.h" -void encrypt_seal(const yaca_encrypt_algorithm_e algo, - const yaca_block_cipher_mode_e bcm, - const size_t key_bit_len) +int main() { + int ret; yaca_context_h ctx = YACA_CONTEXT_NULL; - yaca_key_h key_pub = YACA_KEY_NULL; - yaca_key_h key_priv = YACA_KEY_NULL; + yaca_key_h rsa_pub = YACA_KEY_NULL; + yaca_key_h rsa_priv = YACA_KEY_NULL; yaca_key_h sym_key = YACA_KEY_NULL; yaca_key_h iv = YACA_KEY_NULL; - char *enc = NULL; - char *dec = NULL; - size_t enc_len; - size_t dec_len; + char *encrypted = NULL; + char *decrypted = NULL; + size_t encrypted_len; + size_t decrypted_len; size_t block_len; size_t output_len; size_t written_len; - printf("Plain data (16 of %zu bytes): %.16s\n", LOREM4096_SIZE, lorem4096); - - /* Generate key pair */ - if (yaca_key_generate(YACA_KEY_TYPE_RSA_PRIV, YACA_KEY_LENGTH_4096BIT, &key_priv) != YACA_ERROR_NONE) - return; - - if (yaca_key_extract_public(key_priv, &key_pub) != YACA_ERROR_NONE) + ret = yaca_initialize(); + if (ret != YACA_ERROR_NONE) goto exit; - /* Encrypt a.k.a. seal */ - { - if (yaca_seal_initialize(&ctx, key_pub, algo, bcm, key_bit_len, &sym_key, &iv) != YACA_ERROR_NONE) - goto exit; - - /* For the update */ - if (yaca_context_get_output_length(ctx, LOREM4096_SIZE, &output_len) != YACA_ERROR_NONE) - goto exit; - - /* For the finalize */ - if (yaca_context_get_output_length(ctx, 0, &block_len) != YACA_ERROR_NONE) - goto exit; - - /* Calculate max output: size of update + final chunks */ - enc_len = output_len + block_len; - if (yaca_malloc(enc_len, (void**)&enc) != YACA_ERROR_NONE) - goto exit; - - /* Seal and finalize */ - if (yaca_seal_update(ctx, lorem4096, LOREM4096_SIZE, enc, &written_len) != YACA_ERROR_NONE) - goto exit; - - enc_len = written_len; - - if (yaca_seal_finalize(ctx, enc + written_len, &written_len) != YACA_ERROR_NONE) - goto exit; - - enc_len += written_len; - - dump_hex(enc, 16, "Encrypted data (16 of %zu bytes): ", enc_len); - - yaca_context_destroy(ctx); - ctx = YACA_CONTEXT_NULL; - } - - /* Decrypt a.k.a. open */ - { - if (yaca_open_initialize(&ctx, key_priv, algo, bcm, key_bit_len, sym_key, iv) != YACA_ERROR_NONE) - goto exit; - - /* For the update */ - if (yaca_context_get_output_length(ctx, enc_len, &output_len) != YACA_ERROR_NONE) - goto exit; - - /* For the finalize */ - if (yaca_context_get_output_length(ctx, 0, &block_len) != YACA_ERROR_NONE) - goto exit; - - /* Calculate max output: size of update + final chunks */ - dec_len = output_len + block_len; - if (yaca_malloc(dec_len, (void**)&dec) != YACA_ERROR_NONE) - goto exit; - - /* Open and finalize */ - if (yaca_open_update(ctx, enc, enc_len, dec, &written_len) != YACA_ERROR_NONE) - goto exit; - - dec_len = written_len; - - if (yaca_open_finalize(ctx, dec + written_len, &written_len) != YACA_ERROR_NONE) - goto exit; - - dec_len += written_len; - - printf("Decrypted data (16 of %zu bytes): %.16s\n\n", dec_len, dec); - } - -exit: - yaca_free(dec); - yaca_free(enc); - yaca_context_destroy(ctx); - yaca_key_destroy(sym_key); - yaca_key_destroy(iv); - yaca_key_destroy(key_pub); - yaca_key_destroy(key_priv); -} - -void encrypt_seal_aes_gcm(void) -{ - yaca_encrypt_algorithm_e algo = YACA_ENCRYPT_AES; - yaca_block_cipher_mode_e bcm = YACA_BCM_GCM; - size_t key_bit_len = YACA_KEY_LENGTH_256BIT; - - yaca_context_h ctx = YACA_CONTEXT_NULL; - yaca_key_h key_pub = YACA_KEY_NULL; - yaca_key_h key_priv = YACA_KEY_NULL; - yaca_key_h sym_key = YACA_KEY_NULL; - yaca_key_h iv = YACA_KEY_NULL; - - char *enc = NULL; - char *dec = NULL; - size_t enc_len; - size_t dec_len; - - char *aad = NULL; - char *tag = NULL; - size_t aad_len = 16; - size_t tag_len = 13; - - size_t block_len; - size_t output_len; - size_t written_len; - - printf("Plain data (16 of %zu bytes): %.16s\n", LOREM4096_SIZE, lorem4096); + printf("Plain data (16 of %zu bytes): %.16s\n", INPUT_DATA_SIZE, INPUT_DATA); /* Generate key pair */ - if (yaca_key_generate(YACA_KEY_TYPE_RSA_PRIV, YACA_KEY_LENGTH_4096BIT, &key_priv) != YACA_ERROR_NONE) - return; - - if (yaca_key_extract_public(key_priv, &key_pub) != YACA_ERROR_NONE) - goto exit; - - if (yaca_zalloc(aad_len, (void**)&aad) != YACA_ERROR_NONE) - goto exit; - - if (yaca_randomize_bytes(aad, aad_len) != YACA_ERROR_NONE) - goto exit; - - if (yaca_zalloc(tag_len, (void**)&tag) != YACA_ERROR_NONE) - goto exit; - - /* Encryption */ - { - if (yaca_seal_initialize(&ctx, key_pub, algo, bcm, key_bit_len, &sym_key, &iv) != YACA_ERROR_NONE) - goto exit; - - /* Provide any AAD data */ - if (yaca_context_set_property(ctx, YACA_PROPERTY_GCM_AAD, aad, aad_len) != YACA_ERROR_NONE) - goto exit; - - /* For the update */ - if (yaca_context_get_output_length(ctx, LOREM4096_SIZE, &output_len) != YACA_ERROR_NONE) - goto exit; - - /* For the finalize */ - if (yaca_context_get_output_length(ctx, 0, &block_len) != YACA_ERROR_NONE) - goto exit; - - /* Calculate max output: size of update + final chunks */ - enc_len = output_len + block_len; - if (yaca_malloc(enc_len, (void**)&enc) != YACA_ERROR_NONE) - goto exit; - - if (yaca_seal_update(ctx, lorem4096, LOREM4096_SIZE, enc, &written_len) != YACA_ERROR_NONE) - goto exit; - - enc_len = written_len; - - if (yaca_seal_finalize(ctx, enc + written_len, &written_len) != YACA_ERROR_NONE) - goto exit; - - enc_len += written_len; - - /* Set the tag length and get the tag after final encryption */ - if (yaca_context_set_property(ctx, YACA_PROPERTY_GCM_TAG_LEN, - (void*)&tag_len, sizeof(tag_len)) != YACA_ERROR_NONE) - goto exit; - - if (yaca_context_get_property(ctx, YACA_PROPERTY_GCM_TAG, (void**)tag, &tag_len) != YACA_ERROR_NONE) - goto exit; - - dump_hex(enc, 16, "Encrypted data (16 of %zu bytes): ", enc_len); - - yaca_context_destroy(ctx); - ctx = YACA_CONTEXT_NULL; - } - - /* Decryption */ - { - if (yaca_open_initialize(&ctx, key_priv, algo, bcm, key_bit_len, sym_key, iv) != YACA_ERROR_NONE) - goto exit; - - /* Provide any AAD data */ - if (yaca_context_set_property(ctx, YACA_PROPERTY_GCM_AAD, aad, aad_len) != YACA_ERROR_NONE) - goto exit; - - /* For the update */ - if (yaca_context_get_output_length(ctx, enc_len, &output_len) != YACA_ERROR_NONE) - goto exit; - - /* For the finalize */ - if (yaca_context_get_output_length(ctx, 0, &block_len) != YACA_ERROR_NONE) - goto exit; - - /* Calculate max output: size of update + final chunks */ - dec_len = output_len + block_len; - if (yaca_malloc(dec_len, (void**)&dec) != YACA_ERROR_NONE) - goto exit; - - if (yaca_open_update(ctx, enc, enc_len, dec, &written_len) != YACA_ERROR_NONE) - goto exit; - - /* Set expected tag value before final decryption */ - if (yaca_context_set_property(ctx, YACA_PROPERTY_GCM_TAG, tag, tag_len) != YACA_ERROR_NONE) - goto exit; - - dec_len = written_len; - - if (yaca_open_finalize(ctx, dec + written_len, &written_len) != YACA_ERROR_NONE) - goto exit; - - dec_len += written_len; - - printf("Decrypted data (16 of %zu bytes): %.16s\n\n", dec_len, dec); - } - -exit: - yaca_free(dec); - yaca_free(enc); - yaca_context_destroy(ctx); - yaca_key_destroy(sym_key); - yaca_key_destroy(iv); - yaca_free(aad); - yaca_free(tag); - yaca_key_destroy(key_pub); - yaca_key_destroy(key_priv); -} - -void encrypt_seal_aes_ccm(void) -{ - yaca_encrypt_algorithm_e algo = YACA_ENCRYPT_AES; - yaca_block_cipher_mode_e bcm = YACA_BCM_CCM; - size_t key_bit_len = YACA_KEY_LENGTH_192BIT; - - yaca_context_h ctx = YACA_CONTEXT_NULL; - yaca_key_h key_pub = YACA_KEY_NULL; - yaca_key_h key_priv = YACA_KEY_NULL; - yaca_key_h sym_key = YACA_KEY_NULL; - yaca_key_h iv = YACA_KEY_NULL; - - char *enc = NULL; - char *dec = NULL; - size_t enc_len; - size_t dec_len; - - char *aad = NULL; - char *tag = NULL; - size_t aad_len = 16; - size_t tag_len = 8; - - size_t block_len; - size_t output_len; - size_t written_len; - size_t len; - - printf("Plain data (16 of %zu bytes): %.16s\n", LOREM4096_SIZE, lorem4096); - - /* Generate key pair */ - if (yaca_key_generate(YACA_KEY_TYPE_RSA_PRIV, YACA_KEY_LENGTH_3072BIT, &key_priv) != YACA_ERROR_NONE) - return; - - if (yaca_key_extract_public(key_priv, &key_pub) != YACA_ERROR_NONE) - goto exit; - - if (yaca_zalloc(aad_len, (void**)&aad) != YACA_ERROR_NONE) - goto exit; - - if (yaca_randomize_bytes(aad, aad_len) != YACA_ERROR_NONE) + ret = yaca_key_generate(YACA_KEY_TYPE_RSA_PRIV, YACA_KEY_LENGTH_4096BIT, &rsa_priv); + if (ret != YACA_ERROR_NONE) goto exit; - if (yaca_zalloc(tag_len, (void**)&tag) != YACA_ERROR_NONE) + ret = yaca_key_extract_public(rsa_priv, &rsa_pub); + if (ret != YACA_ERROR_NONE) goto exit; /* Encryption */ { - if (yaca_seal_initialize(&ctx, key_pub, algo, bcm, key_bit_len, &sym_key, &iv) != YACA_ERROR_NONE) + /* Initialize encryption context */ + ret = yaca_seal_initialize(&ctx, rsa_pub, YACA_ENCRYPT_AES, YACA_BCM_CBC, + YACA_KEY_LENGTH_256BIT, &sym_key, &iv); + if (ret != YACA_ERROR_NONE) goto exit; - /* Set tag length (optionally) */ - if (yaca_context_set_property(ctx, YACA_PROPERTY_CCM_TAG_LEN, - (void*)&tag_len, sizeof(tag_len)) != YACA_ERROR_NONE) + /* Get output length for the update */ + ret = yaca_context_get_output_length(ctx, INPUT_DATA_SIZE, &output_len); + if (ret != YACA_ERROR_NONE) goto exit; - /* The total plain text length must be passed (only needed if AAD is passed) */ - if (yaca_seal_update(ctx, NULL, LOREM4096_SIZE , NULL, &len) != YACA_ERROR_NONE) + /* Get output length for the finalize */ + ret = yaca_context_get_output_length(ctx, 0, &block_len); + if (ret != YACA_ERROR_NONE) goto exit; - /* Provide any AAD data */ - if (yaca_context_set_property(ctx, YACA_PROPERTY_CCM_AAD, aad, aad_len) != YACA_ERROR_NONE) + /* Calculate max output length and allocate memory */ + encrypted_len = output_len + block_len; + ret = yaca_zalloc(encrypted_len, (void**)&encrypted); + if (ret != YACA_ERROR_NONE) goto exit; - /* For the update */ - if (yaca_context_get_output_length(ctx, LOREM4096_SIZE, &output_len) != YACA_ERROR_NONE) + /* Encrypt data */ + ret = yaca_seal_update(ctx, INPUT_DATA, INPUT_DATA_SIZE, encrypted, &written_len); + if (ret != YACA_ERROR_NONE) goto exit; - /* For the finalize */ - if (yaca_context_get_output_length(ctx, 0, &block_len) != YACA_ERROR_NONE) - goto exit; - - /* Calculate max output: size of update + final chunks */ - enc_len = output_len + block_len; - if (yaca_malloc(enc_len, (void**)&enc) != YACA_ERROR_NONE) - goto exit; - - if (yaca_seal_update(ctx, lorem4096, LOREM4096_SIZE, enc, &written_len) != YACA_ERROR_NONE) - goto exit; + encrypted_len = written_len; - enc_len = written_len; - - if (yaca_seal_finalize(ctx, enc + written_len, &written_len) != YACA_ERROR_NONE) + ret = yaca_seal_finalize(ctx, encrypted + encrypted_len, &written_len); + if (ret != YACA_ERROR_NONE) goto exit; - enc_len += written_len; + encrypted_len += written_len; - /* Get the tag after final encryption */ - if (yaca_context_get_property(ctx, YACA_PROPERTY_CCM_TAG, (void**)tag, &tag_len) != YACA_ERROR_NONE) + /* Resize output buffer */ + ret = yaca_realloc(encrypted_len, (void**)&encrypted); + if (ret != YACA_ERROR_NONE) goto exit; - dump_hex(enc, 16, "Encrypted data (16 of %zu bytes): ", enc_len); + /* display encrypted data in hexadecimal format */ + dump_hex(encrypted, 16, "Encrypted data (16 of %zu bytes): ", encrypted_len); yaca_context_destroy(ctx); ctx = YACA_CONTEXT_NULL; @@ -375,89 +116,59 @@ void encrypt_seal_aes_ccm(void) /* Decryption */ { - if (yaca_open_initialize(&ctx, key_priv, algo, bcm, key_bit_len, sym_key, iv) != YACA_ERROR_NONE) + /* Initialize decryption context */ + ret = yaca_open_initialize(&ctx, rsa_priv, YACA_ENCRYPT_AES, YACA_BCM_CBC, + YACA_KEY_LENGTH_256BIT, sym_key, iv); + if (ret != YACA_ERROR_NONE) goto exit; - /* Set expected tag value */ - if (yaca_context_set_property(ctx, YACA_PROPERTY_CCM_TAG, tag, tag_len) != YACA_ERROR_NONE) + /* Get output length for the update */ + ret = yaca_context_get_output_length(ctx, encrypted_len, &output_len); + if (ret != YACA_ERROR_NONE) goto exit; - /* The total encrypted text length must be passed (only needed if AAD is passed) */ - if (yaca_open_update(ctx, NULL, enc_len , NULL, &len) != YACA_ERROR_NONE) + /* Get output length for the finalize */ + ret = yaca_context_get_output_length(ctx, 0, &block_len); + if (ret != YACA_ERROR_NONE) goto exit; - /* Provide any AAD data */ - if (yaca_context_set_property(ctx, YACA_PROPERTY_CCM_AAD, aad, aad_len) != YACA_ERROR_NONE) + /* Calculate max output length and allocate memory */ + decrypted_len = output_len + block_len; + ret = yaca_zalloc(decrypted_len, (void**)&decrypted); + if (ret != YACA_ERROR_NONE) goto exit; - /* For the update */ - if (yaca_context_get_output_length(ctx, enc_len, &output_len) != YACA_ERROR_NONE) + /* Decrypt data */ + ret = yaca_open_update(ctx, encrypted, encrypted_len, decrypted, &written_len); + if (ret != YACA_ERROR_NONE) goto exit; - /* For the finalize */ - if (yaca_context_get_output_length(ctx, 0, &block_len) != YACA_ERROR_NONE) - goto exit; + decrypted_len = written_len; - /* Calculate max output: size of update + final chunks */ - dec_len = output_len + block_len; - if (yaca_malloc(dec_len, (void**)&dec) != YACA_ERROR_NONE) + ret = yaca_open_finalize(ctx, decrypted + decrypted_len, &written_len); + if (ret != YACA_ERROR_NONE) goto exit; - if (yaca_open_update(ctx, enc, enc_len, dec, &written_len) != YACA_ERROR_NONE) - goto exit; + decrypted_len += written_len; - dec_len = written_len; - - if (yaca_open_finalize(ctx, dec + written_len, &written_len) != YACA_ERROR_NONE) + /* Resize output buffer */ + ret = yaca_realloc(decrypted_len, (void**)&decrypted); + if (ret != YACA_ERROR_NONE) goto exit; - dec_len += written_len; - - printf("Decrypted data (16 of %zu bytes): %.16s\n\n", dec_len, dec); + printf("Decrypted data (16 of %zu bytes): %.16s\n\n", decrypted_len, decrypted); } exit: - yaca_free(dec); - yaca_free(enc); + yaca_free(decrypted); + yaca_free(encrypted); yaca_context_destroy(ctx); yaca_key_destroy(sym_key); yaca_key_destroy(iv); - yaca_free(aad); - yaca_free(tag); - yaca_key_destroy(key_pub); - yaca_key_destroy(key_priv); -} - -int main() -{ - int ret = yaca_initialize(); - if (ret != YACA_ERROR_NONE) - return ret; - - printf("AES CBC 256bit key seal/open\n"); - yaca_encrypt_algorithm_e algo = YACA_ENCRYPT_AES; - yaca_block_cipher_mode_e bcm = YACA_BCM_CBC; - size_t key_bit_len = YACA_KEY_LENGTH_256BIT; - encrypt_seal(algo, bcm, key_bit_len); - - printf("3DES 192bit key seal/open\n"); - algo = YACA_ENCRYPT_3DES_3TDEA; - bcm = YACA_BCM_CFB; - key_bit_len = YACA_KEY_LENGTH_192BIT; - encrypt_seal(algo, bcm, key_bit_len); - - printf("RC2 40bit key seal/open\n"); - algo = YACA_ENCRYPT_UNSAFE_RC2; - bcm = YACA_BCM_OFB; - key_bit_len = YACA_KEY_LENGTH_UNSAFE_40BIT; - encrypt_seal(algo, bcm, key_bit_len); - - printf("AES GCM 256bit key seal/open\n"); - encrypt_seal_aes_gcm(); - - printf("AES CCM 192bit key seal/open\n"); - encrypt_seal_aes_ccm(); + yaca_key_destroy(rsa_pub); + yaca_key_destroy(rsa_priv); yaca_cleanup(); return ret; } +//! [Asymmetric Encryption API example] diff --git a/examples/sign.c b/examples/sign.c index db6f39a..6a8710d 100644 --- a/examples/sign.c +++ b/examples/sign.c @@ -18,358 +18,116 @@ /** * @file sign.c - * @brief + * @brief Signature API example. */ +//! [Signature API example] #include <stdio.h> #include <yaca_crypto.h> #include <yaca_sign.h> #include <yaca_key.h> #include <yaca_error.h> -#include <yaca_simple.h> -#include "lorem.h" +/* include helpers functions and definitions */ #include "misc.h" -/* Signature creation and verification using simple API */ -void simple_sign_verify_asym(yaca_key_type_e type, const char *algo) -{ - char *signature = NULL; - size_t signature_len; - - yaca_key_h prv = YACA_KEY_NULL; - yaca_key_h pub = YACA_KEY_NULL; - - /* GENERATE */ - if (yaca_key_generate(type, YACA_KEY_LENGTH_1024BIT, &prv) != YACA_ERROR_NONE) - return; - - if (yaca_key_extract_public(prv, &pub) != YACA_ERROR_NONE) - goto exit; - - /* SIGN */ - if (yaca_simple_calculate_signature(YACA_DIGEST_SHA512, - prv, - lorem4096, - LOREM4096_SIZE, - &signature, - &signature_len) != YACA_ERROR_NONE) - goto exit; - - dump_hex(signature, signature_len, "[Simple API] %s Signature of lorem4096:", algo); - - /* VERIFY */ - if (yaca_simple_verify_signature(YACA_DIGEST_SHA512, - pub, - lorem4096, - LOREM4096_SIZE, - signature, - signature_len) != YACA_ERROR_NONE) - printf("[Simple API] %s verification failed\n", algo); - else - printf("[Simple API] %s verification successful\n", algo); - -exit: - yaca_free(signature); - yaca_key_destroy(prv); - yaca_key_destroy(pub); -} - -void simple_sign_verify_hmac(void) -{ - char *signature1 = NULL; - char *signature2 = NULL; - size_t signature_len; - - yaca_key_h key = YACA_KEY_NULL; - - /* GENERATE */ - if (yaca_key_generate(YACA_KEY_TYPE_SYMMETRIC, YACA_KEY_LENGTH_256BIT, &key) != YACA_ERROR_NONE) - return; - - /* SIGN */ - if (yaca_simple_calculate_hmac(YACA_DIGEST_SHA512, - key, - lorem4096, - LOREM4096_SIZE, - &signature1, - &signature_len) != YACA_ERROR_NONE) - goto exit; - - dump_hex(signature1, signature_len, "[Simple API] HMAC Signature of lorem4096:"); - - /* VERIFY */ - if (yaca_simple_calculate_hmac(YACA_DIGEST_SHA512, - key, - lorem4096, - LOREM4096_SIZE, - &signature2, - &signature_len) != YACA_ERROR_NONE) - goto exit; - - if (yaca_memcmp(signature1, signature2, signature_len) != YACA_ERROR_NONE) - printf("[Simple API] HMAC verification failed\n"); - else - printf("[Simple API] HMAC verification successful\n"); - -exit: - yaca_free(signature1); - yaca_free(signature2); - yaca_key_destroy(key); -} - -void simple_sign_verify_cmac(void) -{ - char *signature1 = NULL; - char *signature2 = NULL; - size_t signature_len; - - yaca_key_h key = YACA_KEY_NULL; - - /* GENERATE */ - if (yaca_key_generate(YACA_KEY_TYPE_SYMMETRIC, YACA_KEY_LENGTH_256BIT, &key)) - return; - - /* SIGN */ - if (yaca_simple_calculate_cmac(YACA_ENCRYPT_AES, - key, - lorem4096, - LOREM4096_SIZE, - &signature1, - &signature_len) != YACA_ERROR_NONE) - goto exit; - - dump_hex(signature1, signature_len, "[Simple API] CMAC Signature of lorem4096:"); - - - /* VERIFY */ - if (yaca_simple_calculate_cmac(YACA_ENCRYPT_AES, - key, - lorem4096, - LOREM4096_SIZE, - &signature2, - &signature_len) != YACA_ERROR_NONE) - goto exit; - - if (yaca_memcmp(signature1, signature2, signature_len) != YACA_ERROR_NONE) - printf("[Simple API] CMAC verification failed\n"); - else - printf("[Simple API] CMAC verification successful\n"); - -exit: - yaca_free(signature1); - yaca_free(signature2); - yaca_key_destroy(key); -} - -/* Signature creation and verification using advanced API */ -void sign_verify_asym(yaca_key_type_e type, const char *algo) +int main() { - char *signature = NULL; - size_t signature_len; - + int ret; yaca_context_h ctx = YACA_CONTEXT_NULL; - yaca_key_h prv = YACA_KEY_NULL; - yaca_key_h pub = YACA_KEY_NULL; + yaca_key_h priv_key = YACA_KEY_NULL; + yaca_key_h pub_key = YACA_KEY_NULL; yaca_padding_e padding = YACA_PADDING_PKCS1_PSS; - /* GENERATE */ - if (yaca_key_generate(type, YACA_KEY_LENGTH_1024BIT, &prv) != YACA_ERROR_NONE) - return; - - if (yaca_key_extract_public(prv, &pub) != YACA_ERROR_NONE) - goto exit; - - /* SIGN */ - if (yaca_sign_initialize(&ctx, YACA_DIGEST_SHA512, prv) != YACA_ERROR_NONE) - goto exit; - - if (yaca_context_set_property(ctx, YACA_PROPERTY_PADDING, (char*)(&padding), sizeof(padding)) != YACA_ERROR_NONE) - goto exit; - - if (yaca_sign_update(ctx, lorem4096, LOREM4096_SIZE) != YACA_ERROR_NONE) - goto exit; - - if (yaca_context_get_output_length(ctx, 0, &signature_len) != YACA_ERROR_NONE) - goto exit; - - if (yaca_malloc(signature_len, (void**)&signature) != YACA_ERROR_NONE) - goto exit; - - if (yaca_sign_finalize(ctx, signature, &signature_len) != YACA_ERROR_NONE) - goto exit; - - dump_hex(signature, signature_len, "[Advanced API] %s Signature of lorem4096:", algo); - - /* CLEANUP */ - yaca_context_destroy(ctx); - ctx = YACA_CONTEXT_NULL; - - /* VERIFY */ - if (yaca_verify_initialize(&ctx, YACA_DIGEST_SHA512, pub) != YACA_ERROR_NONE) - goto exit; - - if (yaca_context_set_property(ctx, YACA_PROPERTY_PADDING, (char*)(&padding), sizeof(padding)) != YACA_ERROR_NONE) - goto exit; - - if (yaca_verify_update(ctx, lorem4096, LOREM4096_SIZE) != YACA_ERROR_NONE) - goto exit; - - if (yaca_verify_finalize(ctx, signature, signature_len) != YACA_ERROR_NONE) - printf("[Advanced API] %s verification failed\n", algo); - else - printf("[Advanced API] %s verification successful\n", algo); - -exit: - yaca_free(signature); - yaca_key_destroy(prv); - yaca_key_destroy(pub); - yaca_context_destroy(ctx); -} - -void sign_verify_hmac(void) -{ - char *signature1 = NULL; - char *signature2 = NULL; - size_t signature_len; - - yaca_context_h ctx = YACA_CONTEXT_NULL; - yaca_key_h key = YACA_KEY_NULL; - - /* GENERATE */ - if (yaca_key_generate(YACA_KEY_TYPE_SYMMETRIC, YACA_KEY_LENGTH_256BIT, &key) != YACA_ERROR_NONE) - return; - - /* SIGN */ - if (yaca_sign_initialize_hmac(&ctx, YACA_DIGEST_SHA512, key) != YACA_ERROR_NONE) - goto exit; - - if (yaca_sign_update(ctx, lorem4096, LOREM4096_SIZE) != YACA_ERROR_NONE) - goto exit; - - if (yaca_context_get_output_length(ctx, 0, &signature_len) != YACA_ERROR_NONE) - goto exit; - - if (yaca_malloc(signature_len, (void**)&signature1) != YACA_ERROR_NONE) - goto exit; - - if (yaca_sign_finalize(ctx, signature1, &signature_len) != YACA_ERROR_NONE) - goto exit; - - dump_hex(signature1, signature_len, "[Advanced API] HMAC Signature of lorem4096:"); - - /* CLEANUP */ - yaca_context_destroy(ctx); - ctx = YACA_CONTEXT_NULL; - - /* VERIFY */ - if (yaca_sign_initialize_hmac(&ctx, YACA_DIGEST_SHA512, key) != YACA_ERROR_NONE) - goto exit; - - if (yaca_sign_update(ctx, lorem4096, LOREM4096_SIZE) != YACA_ERROR_NONE) - goto exit; - - if (yaca_context_get_output_length(ctx, 0, &signature_len) != YACA_ERROR_NONE) - goto exit; - - if (yaca_malloc(signature_len, (void**)&signature2) != YACA_ERROR_NONE) - goto exit; - - if (yaca_sign_finalize(ctx, signature2, &signature_len) != YACA_ERROR_NONE) - goto exit; - - if (yaca_memcmp(signature1, signature2, signature_len) != YACA_ERROR_NONE) - printf("[Advanced API] HMAC verification failed\n"); - else - printf("[Advanced API] HMAC verification successful\n"); - -exit: - yaca_free(signature1); - yaca_free(signature2); - yaca_key_destroy(key); - yaca_context_destroy(ctx); -} - -void sign_verify_cmac(void) -{ - char *signature1 = NULL; - char *signature2 = NULL; + char *signature = NULL; size_t signature_len; - yaca_context_h ctx = YACA_CONTEXT_NULL; - yaca_key_h key = YACA_KEY_NULL; - - /* GENERATE */ - if (yaca_key_generate(YACA_KEY_TYPE_SYMMETRIC, YACA_KEY_LENGTH_256BIT, &key)) - return; - - /* SIGN */ - if (yaca_sign_initialize_cmac(&ctx, YACA_ENCRYPT_AES, key) != YACA_ERROR_NONE) - goto exit; - - if (yaca_sign_update(ctx, lorem4096, LOREM4096_SIZE)) - goto exit; - - if (yaca_context_get_output_length(ctx, 0, &signature_len) != YACA_ERROR_NONE) - goto exit; - - if (yaca_malloc(signature_len, (void**)&signature1) != YACA_ERROR_NONE) - goto exit; - - if (yaca_sign_finalize(ctx, signature1, &signature_len)) - goto exit; - - dump_hex(signature1, signature_len, "[Advanced API] CMAC Signature of lorem4096:"); - - /* CLEANUP */ - yaca_context_destroy(ctx); - ctx = YACA_CONTEXT_NULL; - - /* VERIFY */ - if (yaca_sign_initialize_cmac(&ctx, YACA_ENCRYPT_AES, key) != YACA_ERROR_NONE) - goto exit; - - if (yaca_sign_update(ctx, lorem4096, LOREM4096_SIZE)) - goto exit; - - if (yaca_context_get_output_length(ctx, 0, &signature_len) != YACA_ERROR_NONE) + ret = yaca_initialize(); + if (ret != YACA_ERROR_NONE) goto exit; - if (yaca_malloc(signature_len, (void**)&signature2) != YACA_ERROR_NONE) + /* Generate key pair */ + ret = yaca_key_generate(YACA_KEY_TYPE_RSA_PRIV, YACA_KEY_LENGTH_2048BIT, &priv_key); + if (ret != YACA_ERROR_NONE) goto exit; - if (yaca_sign_finalize(ctx, signature2, &signature_len)) + ret = yaca_key_extract_public(priv_key, &pub_key); + if (ret != YACA_ERROR_NONE) goto exit; - if (yaca_memcmp(signature1, signature2, signature_len) != YACA_ERROR_NONE) - printf("[Advanced API] CMAC verification failed\n"); - else - printf("[Advanced API] CMAC verification successful\n"); + /* Sign */ + { + /* Initialize sign context */ + ret = yaca_sign_initialize(&ctx, YACA_DIGEST_SHA256, priv_key); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Set padding method */ + ret = yaca_context_set_property(ctx, YACA_PROPERTY_PADDING, &padding, sizeof(padding)); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Feeds the message */ + ret = yaca_sign_update(ctx, INPUT_DATA, INPUT_DATA_SIZE); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Get signature length and allocate memory */ + ret = yaca_context_get_output_length(ctx, 0, &signature_len); + if (ret != YACA_ERROR_NONE) + goto exit; + + ret = yaca_malloc(signature_len, (void**)&signature); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Calculate signature */ + ret = yaca_sign_finalize(ctx, signature, &signature_len); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* display signature in hexadecimal format */ + dump_hex(signature, signature_len, "Signature of INPUT_DATA:"); + + yaca_context_destroy(ctx); + ctx = YACA_CONTEXT_NULL; + } + + /* Verify */ + { + /* Initialize verify context */ + ret = yaca_verify_initialize(&ctx, YACA_DIGEST_SHA256, pub_key); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Set padding method */ + ret = yaca_context_set_property(ctx, YACA_PROPERTY_PADDING, &padding, sizeof(padding)); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Feeds the message */ + ret = yaca_verify_update(ctx, INPUT_DATA, INPUT_DATA_SIZE); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Verify signature */ + ret = yaca_verify_finalize(ctx, signature, signature_len); + if (ret != YACA_ERROR_NONE) { + printf("Verification failed\n"); + goto exit; + } else { + printf("Verification successful\n"); + } + } exit: - yaca_free(signature1); - yaca_free(signature2); - yaca_key_destroy(key); + yaca_free(signature); + yaca_key_destroy(priv_key); + yaca_key_destroy(pub_key); yaca_context_destroy(ctx); -} - -int main() -{ - int ret = yaca_initialize(); - if (ret != YACA_ERROR_NONE) - return ret; - - simple_sign_verify_asym(YACA_KEY_TYPE_RSA_PRIV, "RSA"); - simple_sign_verify_asym(YACA_KEY_TYPE_DSA_PRIV, "DSA"); - simple_sign_verify_cmac(); - simple_sign_verify_hmac(); - - sign_verify_asym(YACA_KEY_TYPE_RSA_PRIV, "RSA"); - sign_verify_asym(YACA_KEY_TYPE_DSA_PRIV, "DSA"); - sign_verify_hmac(); - sign_verify_cmac(); yaca_cleanup(); return ret; } +//! [Signature API example] diff --git a/examples/sign_hmac.c b/examples/sign_hmac.c new file mode 100644 index 0000000..0fdc28d --- /dev/null +++ b/examples/sign_hmac.c @@ -0,0 +1,132 @@ +/* + * Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved + * + * Contact: Krzysztof Jackiewicz <k.jackiewicz@samsung.com> + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License + */ + +/** + * @file sign_hmac.c + * @brief HMAC Signature API example. + */ + +//! [HMAC Signature API example] +#include <stdio.h> + +#include <yaca_crypto.h> +#include <yaca_sign.h> +#include <yaca_key.h> +#include <yaca_error.h> + +/* include helpers functions and definitions */ +#include "misc.h" + +int main() +{ + int ret; + yaca_context_h ctx = YACA_CONTEXT_NULL; + yaca_key_h sym_key = YACA_KEY_NULL; + + char *signature1 = NULL; + char *signature2 = NULL; + size_t signature_len; + + ret = yaca_initialize(); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Key generation */ + ret = yaca_key_generate(YACA_KEY_TYPE_SYMMETRIC, YACA_KEY_LENGTH_256BIT, &sym_key); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Sign */ + { + /* Initialize sign context */ + ret = yaca_sign_initialize_hmac(&ctx, YACA_DIGEST_SHA512, sym_key); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Feeds the message */ + ret = yaca_sign_update(ctx, INPUT_DATA, INPUT_DATA_SIZE); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Get signature length and allocate memory */ + ret = yaca_context_get_output_length(ctx, 0, &signature_len); + if (ret != YACA_ERROR_NONE) + goto exit; + + ret = yaca_malloc(signature_len, (void**)&signature1); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Calculate signature */ + ret = yaca_sign_finalize(ctx, signature1, &signature_len); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* display signature in hexadecimal format */ + dump_hex(signature1, signature_len, "HMAC Signature of INPUT_DATA:"); + + yaca_context_destroy(ctx); + ctx = YACA_CONTEXT_NULL; + } + + /* Verify */ + { + /* Initialize sign context */ + ret = yaca_sign_initialize_hmac(&ctx, YACA_DIGEST_SHA512, sym_key); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Feeds the message */ + ret = yaca_sign_update(ctx, INPUT_DATA, INPUT_DATA_SIZE); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Get signature length and allocate memory */ + ret = yaca_context_get_output_length(ctx, 0, &signature_len); + if (ret != YACA_ERROR_NONE) + goto exit; + + ret = yaca_malloc(signature_len, (void**)&signature2); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Calculate signature */ + ret = yaca_sign_finalize(ctx, signature2, &signature_len); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Verify signature */ + ret = yaca_memcmp(signature1, signature2, signature_len); + if (ret != YACA_ERROR_NONE) { + printf("Verification failed\n"); + goto exit; + } else { + printf("Verification successful\n"); + } + } + +exit: + yaca_free(signature1); + yaca_free(signature2); + yaca_key_destroy(sym_key); + yaca_context_destroy(ctx); + + yaca_cleanup(); + return ret; +} +//! [HMAC Signature API example] diff --git a/examples/sign_simple.c b/examples/sign_simple.c new file mode 100644 index 0000000..04e1ff3 --- /dev/null +++ b/examples/sign_simple.c @@ -0,0 +1,90 @@ +/* + * Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved + * + * Contact: Krzysztof Jackiewicz <k.jackiewicz@samsung.com> + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License + */ + +/** + * @file sign_simple.c + * @brief Simple Signature API example. + */ + +//! [Simple Signature API example] +#include <stdio.h> + +#include <yaca_crypto.h> +#include <yaca_key.h> +#include <yaca_error.h> +#include <yaca_simple.h> + +/* include helpers functions and definitions */ +#include "misc.h" + +int main() +{ + int ret; + yaca_key_h priv_key = YACA_KEY_NULL; + yaca_key_h pub_key = YACA_KEY_NULL; + + char *signature = NULL; + size_t signature_len; + + ret = yaca_initialize(); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Generate key pair */ + ret = yaca_key_generate(YACA_KEY_TYPE_DSA_PRIV, YACA_KEY_LENGTH_2048BIT, &priv_key); + if (ret != YACA_ERROR_NONE) + goto exit; + + ret = yaca_key_extract_public(priv_key, &pub_key); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Sign */ + { + ret = yaca_simple_calculate_signature(YACA_DIGEST_SHA384, priv_key, + INPUT_DATA, INPUT_DATA_SIZE, + &signature, &signature_len); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* display signature in hexadecimal format */ + dump_hex(signature, signature_len, "Signature of INPUT_DATA:"); + } + + /* Verify */ + { + ret = yaca_simple_verify_signature(YACA_DIGEST_SHA384, pub_key, + INPUT_DATA, INPUT_DATA_SIZE, + signature, signature_len); + if (ret != YACA_ERROR_NONE) { + printf("Verification failed\n"); + goto exit; + } else { + printf("Verification successful\n"); + } + } + +exit: + yaca_free(signature); + yaca_key_destroy(priv_key); + yaca_key_destroy(pub_key); + + yaca_cleanup(); + return ret; +} +//! [Simple Signature API example] diff --git a/examples/sign_simple_cmac.c b/examples/sign_simple_cmac.c new file mode 100644 index 0000000..882c0bc --- /dev/null +++ b/examples/sign_simple_cmac.c @@ -0,0 +1,90 @@ +/* + * Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved + * + * Contact: Krzysztof Jackiewicz <k.jackiewicz@samsung.com> + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License + */ + +/** + * @file sign_simple_cmac.c + * @brief Simple CMAC Signature API example. + */ + +//! [Simple CMAC Signature API example] +#include <stdio.h> + +#include <yaca_crypto.h> +#include <yaca_key.h> +#include <yaca_error.h> +#include <yaca_simple.h> + +/* include helpers functions and definitions */ +#include "misc.h" + +int main() +{ + int ret; + yaca_key_h sym_key = YACA_KEY_NULL; + + char *signature1 = NULL; + char *signature2 = NULL; + size_t signature_len; + + ret = yaca_initialize(); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Key generation */ + ret = yaca_key_generate(YACA_KEY_TYPE_SYMMETRIC, YACA_KEY_LENGTH_256BIT, &sym_key); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* Sign */ + { + ret = yaca_simple_calculate_cmac(YACA_ENCRYPT_AES, sym_key, + INPUT_DATA, INPUT_DATA_SIZE, + &signature1, &signature_len); + if (ret != YACA_ERROR_NONE) + goto exit; + + /* display signature in hexadecimal format */ + dump_hex(signature1, signature_len, "CMAC Signature of INPUT_DATA:"); + } + + /* Verify */ + { + ret = yaca_simple_calculate_cmac(YACA_ENCRYPT_AES, sym_key, + INPUT_DATA, INPUT_DATA_SIZE, + &signature2, &signature_len); + if (ret != YACA_ERROR_NONE) + goto exit; + + ret = yaca_memcmp(signature1, signature2, signature_len); + if (ret != YACA_ERROR_NONE) { + printf("Verification failed\n"); + goto exit; + } else { + printf("Verification successful\n"); + } + } + +exit: + yaca_free(signature1); + yaca_free(signature2); + yaca_key_destroy(sym_key); + + yaca_cleanup(); + return ret; +} +//! [Simple CMAC Signature API example] diff --git a/examples/x509.crt b/examples/x509.crt deleted file mode 100644 index f421e11..0000000 --- a/examples/x509.crt +++ /dev/null @@ -1,21 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDiTCCAnGgAwIBAgIJAMmTp8b7IBZ4MA0GCSqGSIb3DQEBCwUAMFsxCzAJBgNV -BAYTAlBMMRUwEwYDVQQHDAxEZWZhdWx0IENpdHkxEDAOBgNVBAoMB1NhbXN1bmcx -CzAJBgNVBAsMAlJEMRYwFAYDVQQDDA15YWNhLnRlc3Qua2V5MB4XDTE2MDUwOTE0 -MDUwM1oXDTE3MDUwOTE0MDUwM1owWzELMAkGA1UEBhMCUEwxFTATBgNVBAcMDERl -ZmF1bHQgQ2l0eTEQMA4GA1UECgwHU2Ftc3VuZzELMAkGA1UECwwCUkQxFjAUBgNV -BAMMDXlhY2EudGVzdC5rZXkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB -AQC7729iOIdGcnuTba8nq1G4HF8isCR/8K/vtclsoCjAxQph5ANa+/9gbIFdQmmn -MBhSOckl9Tl/a9g/2b/vbezo2qXAuaeOPNr/ZF6Z+h7yPJids7WmBAPphzHeIKQf -kr2KLRbFYIIGF4mC/JfNOBzh8ChcklxnUJu4W8bJPrPkr3zlcMqxpRCCXAqIUxh7 -lCDta7Uoip+VcibRqh8g7+eZmTu3GwWtZQCB9kq5BijfguxxDHAXyQ6g7gxOZpwA -BP9AXdB7K1KAoeBf0e/lUjC1eXkhvno9TJSp2Q7LEIJqEe/Khyj4FG4KrOu/ifpS -wpGP1ztzdMcY5UGwSbtEwMqvAgMBAAGjUDBOMB0GA1UdDgQWBBTtvbhve2aaeNIL -0eYjakjeEGMCsDAfBgNVHSMEGDAWgBTtvbhve2aaeNIL0eYjakjeEGMCsDAMBgNV -HRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBj9LtBvK6P65J/1jEfSajvoIip -ZtpW38KbRkgencq9bFeNONMHGv5M7tEnWNdytCPunlh5DLEXMUORcWfXU73GCNHO -9So74rri+q8NKrllJWxWmbYoAo+zJ3xSJ0PKhU8SW6J+dfPvsg140bUXI+MbOGrr -ski88TRVnBOb3HBU1Vd+A2W7YKy9j2ykQH4NiIUPV01h3hguvMLcLzHZ6LN/BHnA -NQx/K/EVIHZxy1ez8vbbIuWW5MRj6SPeofyZC0QoxQGIT6sGDZSNDP6xIGVuKw4D -UpzPNfCvsWgNIaIFTTzLBZJYCwoexJYIO+NiaJxCV9l3swj2iUA3yeyNQZhI ------END CERTIFICATE----- diff --git a/examples/x509.key b/examples/x509.key deleted file mode 100644 index e2d8ae1..0000000 --- a/examples/x509.key +++ /dev/null @@ -1,28 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQC7729iOIdGcnuT -ba8nq1G4HF8isCR/8K/vtclsoCjAxQph5ANa+/9gbIFdQmmnMBhSOckl9Tl/a9g/ -2b/vbezo2qXAuaeOPNr/ZF6Z+h7yPJids7WmBAPphzHeIKQfkr2KLRbFYIIGF4mC -/JfNOBzh8ChcklxnUJu4W8bJPrPkr3zlcMqxpRCCXAqIUxh7lCDta7Uoip+VcibR -qh8g7+eZmTu3GwWtZQCB9kq5BijfguxxDHAXyQ6g7gxOZpwABP9AXdB7K1KAoeBf -0e/lUjC1eXkhvno9TJSp2Q7LEIJqEe/Khyj4FG4KrOu/ifpSwpGP1ztzdMcY5UGw -SbtEwMqvAgMBAAECggEBAJhdhZM/O0U9Gb0sJt5lggpfTi4kWmMzsqAIZPZhXsjy -tvkoUCQavC/jqHoAlwHJ913qpY7VorkQqTETDA5Es9cRNWLr4dFquy5lpGD3rNE9 -mYn5oeKnzLgvOJnbItTKNkrpRVXeaWwg9wawXS4vORNgjoiGzM2iR62PEroj0Nss -mwua2xs92ZHTAMNH6PdJC9U4gqjmlAMofV7ZgpxJLzKsI4rbxcGk9NWrie5bmMu+ -SECwtFDqxHe7YJRjSOvz/HErbXg9qWsglU6PFCVUjQ2dLM4k78ORkR5hvpGYGc83 -DucbEGqOnQ37RACvgNX4/RGFMvVnJDx3FVoDMcz2NFECgYEA6jEiY5RZuUy7jIBR -t1RFTem0KUFco7YLxwHacrT66vEntc1REXeBYSMPeKav1R319jxVVD7iiF4w49Ol -4VxxgPBUhfHou/ZU5S5xLbWRrJG0jvUPUKNVebNCqbv1YXhzf6kRn1vE5j+MR9ge -YMMFG1Si3VXoUm5+IInj1b2mC5kCgYEAzW+YiRJpEbl0+2gNCcHTAhr2cA1t6mdL -9/JGkUhHqwGhMAByZr1QFJeOTLKR9cSNS1FYOJu6wUetnkYDvNgx7gnsiJ50TEof -poTZgtnFCxgGwcEFL23L0PPim5CEUMHRti4j+Wlb8FzTQvz5WvyOw79II4i6DRaL -JA4KN/5aNYcCgYEA4EAqYNY2UGR0lqZtGTKdpmyp8nM/JRh2EJrqtbotJvnC/6hZ -/3LCteQftXVPm7AzzRSa1K/etZwUDqSlC7Y8ja4UEarCI/JN+qLNB2r80hU3o0hv -4NR2TbHknKl531q6pjybvk/erGefiVAeTqOP6UrTJURU0VIyfi/rtckDDckCgYBQ -Lm0/mrLtmw/gjCUCmObtnG5xH5y172lENgh67dYjFXi/Dn2YQe1+jASbRNsZLITl -T7N6LLYAeCR4cOVGkK80NCVg0U+c8xVVXeazXqG8ib0hZF/MujLhtD7O7uHlzzA1 -xd5+mzOqJeDC9Y+xhn+GQSM700Kilxjpkp1Ea370AwKBgGQzCY1tbO48s8RKd/Nz -oKG6ctp9S9vYtinXwuCdw0iL2i671bUgMONoXDNGcVBsYsuXb2324BKpw/bQK+BP -8p3TlBB1szA/W0EeueJkTHCkQninGc9vzvc6VbfacqJnuz7Pv/v1CkMa/E+ILamd -0aJoZHwNLuCkrzbVG+t+5yAS ------END PRIVATE KEY----- |