le_iks_ecc_common.h

Go to the documentation of this file.
    1 
    2 /*
    3  * ====================== WARNING ======================
    4  *
    5  * THE CONTENTS OF THIS FILE HAVE BEEN AUTO-GENERATED.
    6  * DO NOT MODIFY IN ANY WAY.
    7  *
    8  * ====================== WARNING ======================
    9  */
   10 /**
   11  * @file le_iks_ecc_common.h
   12  *
   13  * Type definitions for le_iks_ecc.
   14  *
   15  */
   16 #ifndef LE_IKS_ECC_COMMON_H_INCLUDE_GUARD
   17 #define LE_IKS_ECC_COMMON_H_INCLUDE_GUARD
   18 
   19 
   20 #include "legato.h"
   21 
   22 // Interface specific includes
   23 #include "le_iks_common.h"
   24 
   25 #define IFGEN_LE_IKS_ECC_PROTOCOL_ID "7c0f5acf8a563b2779bb29c3295b14d8"
   26 #define IFGEN_LE_IKS_ECC_MSG_SIZE 13485
   27 /** @addtogroup le_iks_ecc
   28  *  @{ **/
   29 
   30 
   31 //--------------------------------------------------------------------------------------------------
   32 /**
   33  * Maximum serialized ECC key size.
   34  */
   35 //--------------------------------------------------------------------------------------------------
   36 #define LE_IKS_ECC_MAX_SERIAL_KEY_SIZE 1025
   37 
   38 //--------------------------------------------------------------------------------------------------
   39 /**
   40  * Maximum signature size.
   41  */
   42 //--------------------------------------------------------------------------------------------------
   43 #define LE_IKS_ECC_MAX_SIGNATURE_SIZE 1024
   44 
   45 //--------------------------------------------------------------------------------------------------
   46 /**
   47  * Maximum tag size.
   48  */
   49 //--------------------------------------------------------------------------------------------------
   50 #define LE_IKS_ECC_MAX_TAG_SIZE 64
   51 
   52 
   53 //--------------------------------------------------------------------------------------------------
   54 /**
   55  * Get if this client bound locally.
   56  */
   57 //--------------------------------------------------------------------------------------------------
   58 LE_SHARED bool ifgen_le_iks_ecc_HasLocalBinding
   59 (
   60     void
   61 );
   62 
   63 
   64 //--------------------------------------------------------------------------------------------------
   65 /**
   66  * Init data that is common across all threads
   67  */
   68 //--------------------------------------------------------------------------------------------------
   69 LE_SHARED void ifgen_le_iks_ecc_InitCommonData
   70 (
   71     void
   72 );
   73 
   74 
   75 //--------------------------------------------------------------------------------------------------
   76 /**
   77  * Perform common initialization and open a session
   78  */
   79 //--------------------------------------------------------------------------------------------------
   80 LE_SHARED le_result_t ifgen_le_iks_ecc_OpenSession
   81 (
   82     le_msg_SessionRef_t _ifgen_sessionRef,
   83     bool isBlocking
   84 );
   85 
   86 //--------------------------------------------------------------------------------------------------
   87 /**
   88  * Generate a shared secret between an ECC private key and an ECC public key.
   89  *
   90  * The private key must be of type LE_IKS_KEY_TYPE_PRIV_ECDH and the public must be of type
   91  * LE_IKS_KEY_TYPE_PUB_ECDH or LE_IKS_KEY_TYPE_PRIV_ECDH.
   92  *
   93  * This function may be used as part of a key exchange protocol.  The shared secret is unpredictable
   94  * (assuming the private portions of both keys are kept secret) but not uniformly distributed and
   95  * should not be used directly as a cryptographic key.
   96  *
   97  * The shared secret is in the format specified by SEC 1, that is the x component of the shared
   98  * point converted to an octet string.
   99  *
  100  * If the buffer is too small to hold the shared secret the shared secret will be truncated to fit.
  101  *
  102  * @return
  103  *      LE_OK if successful.
  104  *      LE_BAD_PARAMETER if either key reference is invalid
  105  *                       or if either key type is invalid
  106  *                       or if two key sizes do not match
  107  *                       or if the secretPtr or secretSizePtr is NULL.
  108  *      LE_FAULT if there was an internal error.
  109  */
  110 //--------------------------------------------------------------------------------------------------
  111 LE_SHARED le_result_t ifgen_le_iks_ecc_Ecdh_GetSharedSecret
  112 (
  113     le_msg_SessionRef_t _ifgen_sessionRef,
  114         uint64_t privKeyRef,
  115         ///< [IN] Private key reference.
  116         uint64_t pubKeyRef,
  117         ///< [IN] Publid Key reference.
  118         uint8_t* secretPtr,
  119         ///< [OUT] Buffer to hold the shared secret.
  120         size_t* secretSizePtr
  121         ///< [INOUT]
  122 );
  123 
  124 //--------------------------------------------------------------------------------------------------
  125 /**
  126  * Generate an ECDSA signature on the hash digest of a message.
  127  *
  128  * The key must be a LE_IKS_KEY_TYPE_PRIV_ECDSA key.
  129  *
  130  * The signature is the concatenation of the r and s values (r||s).  The size of the signature is
  131  * twice the key size.  For example if the key is 256 bits in size then the signature will be 64
  132  * bytes.  Note that when the key size is 521 bits, zero-valued high-order padding bits are added to
  133  * the signature values r and s resulting in a signature of 132 bytes.
  134  *
  135  * The hash function used to generate the message digest should be chosen to match the security
  136  * strength of the signing key.  For example, if the key size is 256 bits then SHA256 (or its
  137  * equivalent) should be used.
  138  *
  139  * @return
  140  *      LE_OK if successful.
  141  *      LE_BAD_PARAMETER if the key reference is invalid
  142  *                       or if the key type is invalid
  143  *                       or if digestPtr, signaturePtr or signatureSizePtr are NULL
  144  *      LE_OVERFLOW if the signature buffer is too small.
  145  *      LE_FAULT if there was an internal error.
  146  */
  147 //--------------------------------------------------------------------------------------------------
  148 LE_SHARED le_result_t ifgen_le_iks_ecc_Ecdsa_GenSig
  149 (
  150     le_msg_SessionRef_t _ifgen_sessionRef,
  151         uint64_t keyRef,
  152         ///< [IN] Key reference.
  153         const uint8_t* digestPtr,
  154         ///< [IN] Digest to sign.
  155         size_t digestSize,
  156         ///< [IN]
  157         uint8_t* signaturePtr,
  158         ///< [OUT] Buffer to hold the signature.
  159         size_t* signatureSizePtr
  160         ///< [INOUT]
  161 );
  162 
  163 //--------------------------------------------------------------------------------------------------
  164 /**
  165  * Verifies a signature of the hash digest of a message with ECDSA.
  166  *
  167  * The key must be either a LE_IKS_KEY_TYPE_PUB_ECDSA or LE_IKS_KEY_TYPE_PRIV_ECDSA key.
  168  *
  169  * The signature is the concatenation of the r and s values (r||s).  The size of the signature is
  170  * twice the key size.  For example if the key is 256 bits in size then the signature will be 64
  171  * bytes.  Note that when the key size is 521 bits, zero-valued high-order padding bits are added to
  172  * the signature values r and s resulting in a signature of 132 bytes.
  173  *
  174  * @return
  175  *      LE_OK if successful.
  176  *      LE_BAD_PARAMETER if the key reference is invalid
  177  *                       or if the key type is invalid
  178  *                       or if either digestPtr or signaturePtr are NULL.
  179  *      LE_FORMAT_ERROR if signatureSize is incorrect.
  180  *      LE_FAULT if the signature is not valid.
  181  */
  182 //--------------------------------------------------------------------------------------------------
  183 LE_SHARED le_result_t ifgen_le_iks_ecc_Ecdsa_VerifySig
  184 (
  185     le_msg_SessionRef_t _ifgen_sessionRef,
  186         uint64_t keyRef,
  187         ///< [IN] Key reference.
  188         const uint8_t* digestPtr,
  189         ///< [IN] Digest of the message.
  190         size_t digestSize,
  191         ///< [IN]
  192         const uint8_t* signaturePtr,
  193         ///< [IN] Signature of the message.
  194         size_t signatureSize
  195         ///< [IN]
  196 );
  197 
  198 //--------------------------------------------------------------------------------------------------
  199 /**
  200  * Encrypts and integrity protects of a short message with ECIES (Elliptic Curve Integrated
  201  * Encryption System).
  202  *
  203  * Hybrid encryption combines an asymmetric encryption system with a symmetric encryption system to
  204  * encrypt messages that can only be decrypted with the holder of the private key.  Hybrid
  205  * encryption is usually accomplished by using a symmetric encryption system to bulk encrypt
  206  * the message and then using the asymmetric encryption system to encrypt the symmetric key.
  207  *
  208  * ECIES provides hybrid encryption through a method that is more efficient than manually performing
  209  * the two step process described above.  Broadly speaking, ECIES performs a key agreement to
  210  * generate a shared secret, the shared secret is then used to generate a symmetric key using a KDF
  211  * (Key Derivation Function).  The symmetric key is then used to bulk encrypt the message.
  212  *
  213  * This implementation of ECIES generally follows the SEC 1 standard but supports modernized
  214  * algorithms for the KDF and bulk encryption.
  215  *
  216  * Either plaintextPtr or aadPtr can be NULL but not both.
  217  *
  218  * @return
  219  *      LE_OK if successful.
  220  *      LE_BAD_PARAMETER if the key reference is invalid
  221  *                       or if the key type is invalid.
  222  *                       or if either labelPtr, aadPtr, plaintextPtr, ciphertextPtr, ephemKeyPtr,
  223  *                         ephemKeySizePtr, saltPtr, saltSizePtr, tagPtr is NULL when they
  224  *                         shouldn't be.
  225  *      LE_OUT_OF_RANGE if the labelSize, aadSize, textSize is invalid.
  226  *      LE_OVERFLOW if either the ciphertextPtr, ephemKeyPtr, saltSizePtr buffer is too small.
  227  *      LE_FAULT if there was an internal error.
  228  */
  229 //--------------------------------------------------------------------------------------------------
  230 LE_SHARED le_result_t ifgen_le_iks_ecc_Ecies_EncryptPacket
  231 (
  232     le_msg_SessionRef_t _ifgen_sessionRef,
  233         uint64_t keyRef,
  234         ///< [IN] Key reference.
  235         const uint8_t* labelPtr,
  236         ///< [IN] Label. NULL if not used.
  237         size_t labelSize,
  238         ///< [IN]
  239         const uint8_t* aadPtr,
  240         ///< [IN] AAD chunk. NULL if not used.
  241         size_t aadSize,
  242         ///< [IN]
  243         const uint8_t* plaintextPtr,
  244         ///< [IN] Plaintext chunk. NULL if not used.
  245         size_t plaintextSize,
  246         ///< [IN]
  247         uint8_t* ciphertextPtr,
  248         ///< [OUT] Buffer to hold the ciphertext chunk.
  249         size_t* ciphertextSizePtr,
  250         ///< [INOUT]
  251         uint8_t* ephemKeyPtr,
  252         ///< [OUT] Serialized ephemeral public key.
  253         size_t* ephemKeySizePtr,
  254         ///< [INOUT]
  255         uint8_t* saltPtr,
  256         ///< [OUT] Buffer to hold the salt.
  257         size_t* saltSizePtr,
  258         ///< [INOUT]
  259         uint8_t* tagPtr,
  260         ///< [OUT] Buffer to hold the authentication tag.
  261         size_t* tagSizePtr
  262         ///< [INOUT]
  263 );
  264 
  265 //--------------------------------------------------------------------------------------------------
  266 /**
  267  * Decrypts and checks the integrity of a short message with ECIES (Elliptic Curve Integrated
  268  * Encryption System).
  269  *
  270  * Hybrid encryption combines an asymmetric encryption system with a symmetric encryption system to
  271  * encrypt messages that can only be decrypted with the holder of the private key.  Hybrid
  272  * encryption is usually accomplished by using a symmetric encryption system to bulk encrypt
  273  * the message and then using the asymmetric encryption system to encrypt the symmetric key.
  274  *
  275  * ECIES provides hybrid encryption through a method that is more efficient than manually performing
  276  * the two step process described above.  Broadly speaking, ECIES performs a key agreement to
  277  * generate a shared secret, the shared secret is then used to generate a symmetric key using a KDF
  278  * (Key Derivation Function).  The symmetric key is then used to bulk encrypt the message.
  279  *
  280  * This implementation of ECIES generally follows the SEC 1 standard but supports modernized
  281  * algorithms for the KDF and bulk encryption.
  282  *
  283  * @return
  284  *      LE_OK if successful.
  285  *      LE_BAD_PARAMETER if the key reference is invalid
  286  *                       or if the key reference is invalid
  287  *                       or if either the ephemKeyPtr, saltPtr, aadPtr, plaintextPtr,
  288  *                         ciphertextChunkPtr, tagPtr is NULL when they shouldn't be.
  289  *      LE_OUT_OF_RANGE if the labelSize, aadSize, textSize, tagSize is invalid.
  290  *      LE_OVERFLOW if plaintextPtr buffer is too small.
  291  *      LE_FAULT if there was an internal error.
  292  */
  293 //--------------------------------------------------------------------------------------------------
  294 LE_SHARED le_result_t ifgen_le_iks_ecc_Ecies_DecryptPacket
  295 (
  296     le_msg_SessionRef_t _ifgen_sessionRef,
  297         uint64_t keyRef,
  298         ///< [IN] Key reference.
  299         const uint8_t* labelPtr,
  300         ///< [IN] Label. NULL if not used.
  301         size_t labelSize,
  302         ///< [IN]
  303         const uint8_t* aadPtr,
  304         ///< [IN] AAD chunk. NULL if not used.
  305         size_t aadSize,
  306         ///< [IN]
  307         const uint8_t* ephemKeyPtr,
  308         ///< [IN] Serialized ephemeral public key.
  309         size_t ephemKeySize,
  310         ///< [IN]
  311         const uint8_t* saltPtr,
  312         ///< [IN] Salt.
  313         size_t saltSize,
  314         ///< [IN]
  315         const uint8_t* ciphertextPtr,
  316         ///< [IN] Ciphertext chunk.
  317         size_t ciphertextSize,
  318         ///< [IN]
  319         uint8_t* plaintextPtr,
  320         ///< [OUT] Buffer to hold the plaintext chunk.
  321         size_t* plaintextSizePtr,
  322         ///< [INOUT]
  323         const uint8_t* tagPtr,
  324         ///< [IN] Authentication tag.
  325         size_t tagSize
  326         ///< [IN]
  327 );
  328 
  329 //--------------------------------------------------------------------------------------------------
  330 /**
  331  * Starts a process to encrypt and integrity protect a message with ECIES (Elliptic Curve Integrated
  332  * Encryption System).
  333  *
  334  * Hybrid encryption combines an asymmetric encryption system with a symmetric encryption system to
  335  * encrypt messages that can only be decrypted with the holder of the private key.  Hybrid
  336  * encryption is usually accomplished by using a symmetric encryption system to bulk encrypt
  337  * the message and then using the asymmetric encryption system to encrypt the symmetric key.
  338  *
  339  * This implementation of ECIES generally follows the SEC 1 standard but supports modernized
  340  * algorithms for the KDF and bulk encryption.
  341  *
  342  * To encrypt a long packet the following sequence should be used:
  343  *
  344  * Ecies_StartEncrypt()  // Start the encryption process.
  345  * Ecies_ProcessAad()    // Call zero or more times until all AAD data is processed.
  346  * Ecies_Encrypt()       // Call zero or more times until all plaintext is encrypted.
  347  * Ecies_DoneEncrypt()   // Complete the process and obtain the authentication tag.
  348  *
  349  * Calling this function will cancel any previously started process using the same session.
  350  *
  351  * The session must have been created with the public key used for encryption.
  352  *
  353  * The AAD and plaintext are optional but they cannot both be omitted.  All AAD must be processed
  354  * before plaintext processing begins.
  355  *
  356  * An optional label associated with the message can be added.
  357  *
  358  * The public portion of the ephemeral key used during the encrytion process is stored in the
  359  * ephemKeyPtr buffer.  It is encoded as an ECPoint as described in RFC5480.
  360  *
  361  * A random salt is used during the encryption process only if the KDF requires it.  Currently,
  362  * only HKDF requires a salt.  If present the salt will be the same size as the hash function output
  363  * size.  If no salt is used saltPtr is set to NULL.
  364  *
  365  * @return
  366  *      LE_OK if successful.
  367  *      LE_BAD_PARAMETER if the session reference is invalid
  368  *                       or if the key type is invalid
  369  *                       or if either the ephemKeyPtr, ephemKeySizePtr, saltPtr or saltSizePtr
  370  *                         is NULL.
  371  *      LE_OUT_OF_RANGE if the labelSize is too big.
  372  *      LE_OVERFLOW if any of the output buffers are too small.
  373  *      LE_FAULT if there was an internal error.
  374  */
  375 //--------------------------------------------------------------------------------------------------
  376 LE_SHARED le_result_t ifgen_le_iks_ecc_Ecies_StartEncrypt
  377 (
  378     le_msg_SessionRef_t _ifgen_sessionRef,
  379         uint64_t session,
  380         ///< [IN] Session reference.
  381         const uint8_t* labelPtr,
  382         ///< [IN] Label. NULL if not used.
  383         size_t labelSize,
  384         ///< [IN]
  385         uint8_t* ephemKeyPtr,
  386         ///< [OUT] Serialized ephemeral public key.
  387         size_t* ephemKeySizePtr,
  388         ///< [INOUT]
  389         uint8_t* saltPtr,
  390         ///< [OUT] Buffer to hold the salt.
  391         size_t* saltSizePtr
  392         ///< [INOUT]
  393 );
  394 
  395 //--------------------------------------------------------------------------------------------------
  396 /**
  397  * Process a chunk of AAD (Additional Authenticated Data).  Either Ecies_StartEncrypt() or
  398  * Ecies_StartDecrypt() must have been previously called to start either an encryption or
  399  * decryption process.
  400  *
  401  * @return
  402  *      LE_OK if successful.
  403  *      LE_BAD_PARAMETER if the session reference is invalid
  404  *                       or if the key type is invalid
  405  *                       or if aadChunkPtr is NULL.
  406  *      LE_OUT_OF_RANGE if aadChunkSize is too big.
  407  *      LE_FAULT if an encryption or decryption process was not started or
  408  *                            plaintext/ciphertext processing has already started.
  409  */
  410 //--------------------------------------------------------------------------------------------------
  411 LE_SHARED le_result_t ifgen_le_iks_ecc_Ecies_ProcessAad
  412 (
  413     le_msg_SessionRef_t _ifgen_sessionRef,
  414         uint64_t session,
  415         ///< [IN] Session reference.
  416         const uint8_t* aadChunkPtr,
  417         ///< [IN] AAD chunk.
  418         size_t aadChunkSize
  419         ///< [IN]
  420 );
  421 
  422 //--------------------------------------------------------------------------------------------------
  423 /**
  424  * Encrypt a chunk of plaintext.  Ecies_StartEncrypt() must have been previously called to
  425  * start an encryption process.
  426  *
  427  * @return
  428  *      LE_OK if successful.
  429  *      LE_BAD_PARAMETER if the session reference is invalid
  430  *                       or if the key type is invalid
  431  *                       or if plaintextChunkPtr or ciphertextChunkPtr is NULL.
  432  *      LE_OUT_OF_RANGE if textSize is too big.
  433  *      LE_FAULT if an encryption process has not started.
  434  */
  435 //--------------------------------------------------------------------------------------------------
  436 LE_SHARED le_result_t ifgen_le_iks_ecc_Ecies_Encrypt
  437 (
  438     le_msg_SessionRef_t _ifgen_sessionRef,
  439         uint64_t session,
  440         ///< [IN] Session reference.
  441         const uint8_t* plaintextChunkPtr,
  442         ///< [IN] Plaintext chunk. NULL if not used.
  443         size_t plaintextChunkSize,
  444         ///< [IN]
  445         uint8_t* ciphertextChunkPtr,
  446         ///< [OUT] Buffer to hold the ciphertext chunk.
  447         size_t* ciphertextChunkSizePtr
  448         ///< [INOUT]
  449 );
  450 
  451 //--------------------------------------------------------------------------------------------------
  452 /**
  453  * Complete encryption and calculate the authentication tag.
  454  *
  455  * The maximum tag size depends on the symmetric algorithm used.  If the supplied buffer is
  456  * larger than or equal to the maximum authentication tag size then the full authentication tag is
  457  * copied to the buffer and the rest of the buffer is left unmodified.  If the supplied buffer is
  458  * smaller than the maximum tag size then the tag will be truncated.  However, all tags produced
  459  * using the same key must use the same tag size.  It is up to the caller to ensure this.
  460  *
  461  * @return
  462  *      LE_OK if successful.
  463  *      LE_BAD_PARAMETER if the session reference is invalid
  464  *                       or if the key type is invalid
  465  *                       or if tagPtr is NULL.
  466  *      LE_OVERFLOW if the tagPtr buffer is too small.
  467  *      LE_FAULT if an encryption process has not started or no data
  468  *                            (AAD and plaintext) has been processed.
  469  */
  470 //--------------------------------------------------------------------------------------------------
  471 LE_SHARED le_result_t ifgen_le_iks_ecc_Ecies_DoneEncrypt
  472 (
  473     le_msg_SessionRef_t _ifgen_sessionRef,
  474         uint64_t session,
  475         ///< [IN] Session reference.
  476         uint8_t* tagPtr,
  477         ///< [OUT] Buffer to hold the authentication tag.
  478         size_t* tagSizePtr
  479         ///< [INOUT]
  480 );
  481 
  482 //--------------------------------------------------------------------------------------------------
  483 /**
  484  * Starts a process to decrypt and check the integrity of a message with ECIES (Elliptic Curve
  485  * Integrated Encryption System).
  486  *
  487  * Hybrid encryption combines an asymmetric encryption system with a symmetric encryption system to
  488  * encrypt (possibly long) messages that can only be decrypted with the holder of the private key.
  489  * Hybrid encryption is usually accomplished by using a symmetric encryption system to bulk encrypt
  490  * the message and then using the asymmetric encryption system to encrypt the symmetric key.
  491  *
  492  * ECIES provides hybrid encryption through a method that is more efficient than manually performing
  493  * the two step process described above.  Broadly speaking, ECIES performs a key agreement to
  494  * generate a shared secret, the shared secret is then used to generate a symmetric key using a KDF
  495  * (Key Derivation Function).  The symmetric key is then used to bulk encrypt the message.
  496  *
  497  * This implementation of ECIES generally follows the SEC 1 standard but supports modernized
  498  * algorithms for the KDF and bulk encryption.
  499  *
  500  * To decrypt a long packet the following sequence should be used:
  501  *
  502  * Ecies_StartDecrypt()  // Start the decryption process.
  503  * Ecies_ProcessAad()    // Call zero or more times until all AAD data is processed.
  504  * Ecies_Decrypt()       // Call zero or more times until all ciphertext is decrypted.
  505  * Ecies_DoneDecrypt()   // Complete the process and check the authentication tag.
  506  *
  507  * Calling this function will cancel any previously started process using the same session.
  508  *
  509  * The same label, ephemeral public key and salt used for encryption must be provided.
  510  *
  511  * @warning
  512  *      While decrypting long packets in this 'streaming' fashion plaintext chunks are released to
  513  *      the caller before they are verified for integrity.  Ie. the caller will not know the
  514  *      plaintext is correct until DoneDecrypt() is called.  The caller therefore must
  515  *      not release or make use of any plaintext chunks until after DoneDecrypt() returns
  516  *      with LE_OK.
  517  *
  518  * @return
  519  *      LE_OK if successful.
  520  *      LE_BAD_PARAMETER if the session reference is invalid
  521  *                       or if the session key type or ephemeral key is invalid
  522  *                       or if either the ephemKeyPtr or saltPtr is NULL.
  523  *      LE_OUT_OF_RANGE if either the labelSize is too big or the saltSize or ephemKeySize is
  524  *                       incorrect.
  525  *      LE_FAULT if there was an internal error.
  526  */
  527 //--------------------------------------------------------------------------------------------------
  528 LE_SHARED le_result_t ifgen_le_iks_ecc_Ecies_StartDecrypt
  529 (
  530     le_msg_SessionRef_t _ifgen_sessionRef,
  531         uint64_t session,
  532         ///< [IN] Session reference.
  533         const uint8_t* labelPtr,
  534         ///< [IN] Label. NULL if not used.
  535         size_t labelSize,
  536         ///< [IN]
  537         const uint8_t* ephemKeyPtr,
  538         ///< [IN] Serialized ephemeral public key.
  539         size_t ephemKeySize,
  540         ///< [IN]
  541         const uint8_t* saltPtr,
  542         ///< [IN] Salt.
  543         size_t saltSize
  544         ///< [IN]
  545 );
  546 
  547 //--------------------------------------------------------------------------------------------------
  548 /**
  549  * Decrypt a chunk of ciphertext.  Ecies_StartDecrypt() must have been previously called to
  550  * start a decryption process.
  551  *
  552  * @return
  553  *      LE_OK if successful.
  554  *      LE_BAD_PARAMETER if the session reference is invalid
  555  *                       or if the key type is invalid
  556  *                       or if plaintextChunkPtr or ciphertextChunkPtr is NULL.
  557  *      LE_OUT_OF_RANGE if textSize is too big.
  558  *      LE_FAULT if a decryption process has not started.
  559  */
  560 //--------------------------------------------------------------------------------------------------
  561 LE_SHARED le_result_t ifgen_le_iks_ecc_Ecies_Decrypt
  562 (
  563     le_msg_SessionRef_t _ifgen_sessionRef,
  564         uint64_t session,
  565         ///< [IN] Session reference.
  566         const uint8_t* ciphertextChunkPtr,
  567         ///< [IN] Ciphertext chunk.
  568         size_t ciphertextChunkSize,
  569         ///< [IN]
  570         uint8_t* plaintextChunkPtr,
  571         ///< [OUT] Buffer to hold the plaintext chunk.
  572         size_t* plaintextChunkSizePtr
  573         ///< [INOUT]
  574 );
  575 
  576 //--------------------------------------------------------------------------------------------------
  577 /**
  578  * Complete decryption and verify the integrity.
  579  *
  580  * @return
  581  *      LE_OK if successful.
  582  *      LE_BAD_PARAMETER if the session reference is invalid
  583  *                       or if the key type is invalid
  584  *                       or if tagPtr is NULL.
  585  *      LE_FAULT if a decryption process has not started or no data (AAD and
  586  *                 ciphertext) has been processed
  587  *               or the integrity check failed.
  588  */
  589 //--------------------------------------------------------------------------------------------------
  590 LE_SHARED le_result_t ifgen_le_iks_ecc_Ecies_DoneDecrypt
  591 (
  592     le_msg_SessionRef_t _ifgen_sessionRef,
  593         uint64_t session,
  594         ///< [IN] Session reference.
  595         const uint8_t* tagPtr,
  596         ///< [IN] Authentication tag.
  597         size_t tagSize
  598         ///< [IN]
  599 );
  600 /** @} **/
  601 #endif // LE_IKS_ECC_COMMON_H_INCLUDE_GUARD
LE_SHARED
#define LE_SHARED
Definition: le_basics.h:300


le_result_t
le_result_t
Definition: le_basics.h:46


le_msg_SessionRef_t
struct le_msg_Session * le_msg_SessionRef_t
Definition: le_messaging.h:860



le_iks_common.h