le_iks_ecc_interface.h

Go to the documentation of this file.
1 
2 
3 /*
4  * ====================== WARNING ======================
5  *
6  * THE CONTENTS OF THIS FILE HAVE BEEN AUTO-GENERATED.
7  * DO NOT MODIFY IN ANY WAY.
8  *
9  * ====================== WARNING ======================
10  */
11 
12 /**
13  * @page c_iks_ecc IoT Keystore ECC API
14  *
15  * @ref le_iks_ecc_interface.h "API Reference"
16  *
17  * <HR>
18  *
19  * Legato IoT Keystore APIs for performing generation/verification of signatures with ECDSA,
20  * encryption/decryption of messages using ECIES and shared secret generation with ECDH.
21  *
22  * <HR>
23  *
24  * Copyright (C) Sierra Wireless Inc.
25  */
26 /**
27  * @file le_iks_ecc_interface.h
28  *
29  * Legato @ref c_iks_ecc API
30  *
31  * Copyright (C) Sierra Wireless Inc.
32  */
33 
34 #ifndef LE_IKS_ECC_INTERFACE_H_INCLUDE_GUARD
35 #define LE_IKS_ECC_INTERFACE_H_INCLUDE_GUARD
36 
37 
38 #include "legato.h"
39 
40 // Interface specific includes
41 #include "le_iks_interface.h"
42 
43 // Internal includes for this interface
44 #include "le_iks_ecc_common.h"
45 /** @addtogroup le_iks_ecc le_iks_ecc API Reference
46  * @{
47  * @file le_iks_ecc_common.h
48  * @file le_iks_ecc_interface.h **/
49 //--------------------------------------------------------------------------------------------------
50 /**
51  * Type for handler called when a server disconnects.
52  */
53 //--------------------------------------------------------------------------------------------------
54 typedef void (*le_iks_ecc_DisconnectHandler_t)(void *);
55 
56 //--------------------------------------------------------------------------------------------------
57 /**
58  *
59  * Connect the current client thread to the service providing this API. Block until the service is
60  * available.
61  *
62  * For each thread that wants to use this API, either ConnectService or TryConnectService must be
63  * called before any other functions in this API. Normally, ConnectService is automatically called
64  * for the main thread, but not for any other thread. For details, see @ref apiFilesC_client.
65  *
66  * This function is created automatically.
67  */
68 //--------------------------------------------------------------------------------------------------
70 (
71  void
72 );
73 
74 //--------------------------------------------------------------------------------------------------
75 /**
76  *
77  * Try to connect the current client thread to the service providing this API. Return with an error
78  * if the service is not available.
79  *
80  * For each thread that wants to use this API, either ConnectService or TryConnectService must be
81  * called before any other functions in this API. Normally, ConnectService is automatically called
82  * for the main thread, but not for any other thread. For details, see @ref apiFilesC_client.
83  *
84  * This function is created automatically.
85  *
86  * @return
87  * - LE_OK if the client connected successfully to the service.
88  * - LE_UNAVAILABLE if the server is not currently offering the service to which the client is
89  * bound.
90  * - LE_NOT_PERMITTED if the client interface is not bound to any service (doesn't have a binding).
91  * - LE_COMM_ERROR if the Service Directory cannot be reached.
92  */
93 //--------------------------------------------------------------------------------------------------
95 (
96  void
97 );
98 
99 //--------------------------------------------------------------------------------------------------
100 /**
101  * Set handler called when server disconnection is detected.
102  *
103  * When a server connection is lost, call this handler then exit with LE_FATAL. If a program wants
104  * to continue without exiting, it should call longjmp() from inside the handler.
105  */
106 //--------------------------------------------------------------------------------------------------
108 (
109  le_iks_ecc_DisconnectHandler_t disconnectHandler,
110  void *contextPtr
111 );
112 
113 //--------------------------------------------------------------------------------------------------
114 /**
115  *
116  * Disconnect the current client thread from the service providing this API.
117  *
118  * Normally, this function doesn't need to be called. After this function is called, there's no
119  * longer a connection to the service, and the functions in this API can't be used. For details, see
120  * @ref apiFilesC_client.
121  *
122  * This function is created automatically.
123  */
124 //--------------------------------------------------------------------------------------------------
126 (
127  void
128 );
129 
130 
131 //--------------------------------------------------------------------------------------------------
132 /**
133  * Generate a shared secret between an ECC private key and an ECC public key.
134  *
135  * The private key must be of type LE_IKS_KEY_TYPE_PRIV_ECDH and the public must be of type
136  * LE_IKS_KEY_TYPE_PUB_ECDH or LE_IKS_KEY_TYPE_PRIV_ECDH.
137  *
138  * This function may be used as part of a key exchange protocol. The shared secret is unpredictable
139  * (assuming the private portions of both keys are kept secret) but not uniformly distributed and
140  * should not be used directly as a cryptographic key.
141  *
142  * The shared secret is in the format specified by SEC 1, that is the x component of the shared
143  * point converted to an octet string.
144  *
145  * If the buffer is too small to hold the shared secret the shared secret will be truncated to fit.
146  *
147  * @return
148  * LE_OK if successful.
149  * LE_BAD_PARAMETER if either key reference is invalid
150  * or if either key type is invalid
151  * or if two key sizes do not match
152  * or if the secretPtr or secretSizePtr is NULL.
153  * LE_FAULT if there was an internal error.
154  */
155 //--------------------------------------------------------------------------------------------------
157 (
158  uint64_t privKeyRef,
159  ///< [IN] Private key reference.
160  uint64_t pubKeyRef,
161  ///< [IN] Publid Key reference.
162  uint8_t* secretPtr,
163  ///< [OUT] Buffer to hold the shared secret.
164  size_t* secretSizePtr
165  ///< [INOUT]
166 );
167 
168 //--------------------------------------------------------------------------------------------------
169 /**
170  * Generate an ECDSA signature on the hash digest of a message.
171  *
172  * The key must be a LE_IKS_KEY_TYPE_PRIV_ECDSA key.
173  *
174  * The signature is the concatenation of the r and s values (r||s). The size of the signature is
175  * twice the key size. For example if the key is 256 bits in size then the signature will be 64
176  * bytes. Note that when the key size is 521 bits, zero-valued high-order padding bits are added to
177  * the signature values r and s resulting in a signature of 132 bytes.
178  *
179  * The hash function used to generate the message digest should be chosen to match the security
180  * strength of the signing key. For example, if the key size is 256 bits then SHA256 (or its
181  * equivalent) should be used.
182  *
183  * @return
184  * LE_OK if successful.
185  * LE_BAD_PARAMETER if the key reference is invalid
186  * or if the key type is invalid
187  * or if digestPtr, signaturePtr or signatureSizePtr are NULL
188  * LE_OVERFLOW if the signature buffer is too small.
189  * LE_FAULT if there was an internal error.
190  */
191 //--------------------------------------------------------------------------------------------------
193 (
194  uint64_t keyRef,
195  ///< [IN] Key reference.
196  const uint8_t* digestPtr,
197  ///< [IN] Digest to sign.
198  size_t digestSize,
199  ///< [IN]
200  uint8_t* signaturePtr,
201  ///< [OUT] Buffer to hold the signature.
202  size_t* signatureSizePtr
203  ///< [INOUT]
204 );
205 
206 //--------------------------------------------------------------------------------------------------
207 /**
208  * Verifies a signature of the hash digest of a message with ECDSA.
209  *
210  * The key must be either a LE_IKS_KEY_TYPE_PUB_ECDSA or LE_IKS_KEY_TYPE_PRIV_ECDSA key.
211  *
212  * The signature is the concatenation of the r and s values (r||s). The size of the signature is
213  * twice the key size. For example if the key is 256 bits in size then the signature will be 64
214  * bytes. Note that when the key size is 521 bits, zero-valued high-order padding bits are added to
215  * the signature values r and s resulting in a signature of 132 bytes.
216  *
217  * @return
218  * LE_OK if successful.
219  * LE_BAD_PARAMETER if the key reference is invalid
220  * or if the key type is invalid
221  * or if either digestPtr or signaturePtr are NULL.
222  * LE_FORMAT_ERROR if signatureSize is incorrect.
223  * LE_FAULT if the signature is not valid.
224  */
225 //--------------------------------------------------------------------------------------------------
227 (
228  uint64_t keyRef,
229  ///< [IN] Key reference.
230  const uint8_t* digestPtr,
231  ///< [IN] Digest of the message.
232  size_t digestSize,
233  ///< [IN]
234  const uint8_t* signaturePtr,
235  ///< [IN] Signature of the message.
236  size_t signatureSize
237  ///< [IN]
238 );
239 
240 //--------------------------------------------------------------------------------------------------
241 /**
242  * Encrypts and integrity protects a short message with ECIES (Elliptic Curve Integrated
243  * Encryption System).
244  *
245  * Hybrid encryption combines an asymmetric encryption system with a symmetric encryption system to
246  * encrypt messages that can only be decrypted with the holder of the private key. Hybrid
247  * encryption is usually accomplished by using a symmetric encryption system to bulk encrypt
248  * the message and then using the asymmetric encryption system to encrypt the symmetric key.
249  *
250  * ECIES provides hybrid encryption through a method that is more efficient than manually performing
251  * the two step process described above. Broadly speaking, ECIES performs a key agreement to
252  * generate a shared secret, the shared secret is then used to generate a symmetric key using a KDF
253  * (Key Derivation Function). The symmetric key is then used to bulk encrypt the message.
254  *
255  * This implementation of ECIES generally follows the SEC 1 standard but supports modernized
256  * algorithms for the KDF and bulk encryption.
257  *
258  * @return
259  * LE_OK if successful.
260  * LE_BAD_PARAMETER if the key reference is invalid
261  * or if the key type is invalid.
262  * or if either labelPtr, plaintextPtr, ciphertextPtr, ephemKeyPtr,
263  * ephemKeySizePtr, tagPtr is NULL when they shouldn't be.
264  * LE_OUT_OF_RANGE if the labelSize, textSize, tagSize is invalid.
265  * LE_OVERFLOW if the ephemKeyPtr buffer is too small.
266  * LE_FAULT if there was an internal error.
267  */
268 //--------------------------------------------------------------------------------------------------
270 (
271  uint64_t keyRef,
272  ///< [IN] Key reference.
273  const uint8_t* labelPtr,
274  ///< [IN] Label. NULL if not used.
275  size_t labelSize,
276  ///< [IN]
277  const uint8_t* plaintextPtr,
278  ///< [IN] Plaintext chunk. NULL if not used.
279  size_t plaintextSize,
280  ///< [IN]
281  uint8_t* ciphertextPtr,
282  ///< [OUT] Buffer to hold the ciphertext chunk.
283  size_t* ciphertextSizePtr,
284  ///< [INOUT]
285  uint8_t* ephemKeyPtr,
286  ///< [OUT] Serialized ephemeral public key.
287  size_t* ephemKeySizePtr,
288  ///< [INOUT]
289  uint8_t* tagPtr,
290  ///< [OUT] Buffer to hold the authentication tag.
291  size_t* tagSizePtr
292  ///< [INOUT]
293 );
294 
295 //--------------------------------------------------------------------------------------------------
296 /**
297  * Decrypts and checks the integrity of a short message with ECIES (Elliptic Curve Integrated
298  * Encryption System).
299  *
300  * Hybrid encryption combines an asymmetric encryption system with a symmetric encryption system to
301  * encrypt messages that can only be decrypted with the holder of the private key. Hybrid
302  * encryption is usually accomplished by using a symmetric encryption system to bulk encrypt
303  * the message and then using the asymmetric encryption system to encrypt the symmetric key.
304  *
305  * ECIES provides hybrid encryption through a method that is more efficient than manually performing
306  * the two step process described above. Broadly speaking, ECIES performs a key agreement to
307  * generate a shared secret, the shared secret is then used to generate a symmetric key using a KDF
308  * (Key Derivation Function). The symmetric key is then used to bulk encrypt the message.
309  *
310  * This implementation of ECIES generally follows the SEC 1 standard but supports modernized
311  * algorithms for the KDF and bulk encryption.
312  *
313  * @return
314  * LE_OK if successful.
315  * LE_BAD_PARAMETER if the key reference is invalid
316  * or if the key reference is invalid
317  * or if either the ephemKeyPtr, plaintextPtr,
318  * ciphertextPtr, tagPtr is NULL.
319  * LE_OUT_OF_RANGE if the labelSize, textSize, tagSize is invalid.
320  * LE_OVERFLOW if plaintextPtr buffer is too small.
321  * LE_FAULT if there was an internal error.
322  */
323 //--------------------------------------------------------------------------------------------------
325 (
326  uint64_t keyRef,
327  ///< [IN] Key reference.
328  const uint8_t* labelPtr,
329  ///< [IN] Label. NULL if not used.
330  size_t labelSize,
331  ///< [IN]
332  const uint8_t* ephemKeyPtr,
333  ///< [IN] Serialized ephemeral public key.
334  size_t ephemKeySize,
335  ///< [IN]
336  const uint8_t* ciphertextPtr,
337  ///< [IN] Ciphertext chunk.
338  size_t ciphertextSize,
339  ///< [IN]
340  uint8_t* plaintextPtr,
341  ///< [OUT] Buffer to hold the plaintext chunk.
342  size_t* plaintextSizePtr,
343  ///< [INOUT]
344  const uint8_t* tagPtr,
345  ///< [IN] Authentication tag.
346  size_t tagSize
347  ///< [IN]
348 );
349 
350 //--------------------------------------------------------------------------------------------------
351 /**
352  * Starts a process to encrypt and integrity protect a message with ECIES (Elliptic Curve Integrated
353  * Encryption System).
354  *
355  * Hybrid encryption combines an asymmetric encryption system with a symmetric encryption system to
356  * encrypt messages that can only be decrypted with the holder of the private key. Hybrid
357  * encryption is usually accomplished by using a symmetric encryption system to bulk encrypt
358  * the message and then using the asymmetric encryption system to encrypt the symmetric key.
359  *
360  * This implementation of ECIES generally follows the SEC 1 standard but supports modernized
361  * algorithms for the KDF and bulk encryption.
362  *
363  * To encrypt a long packet the following sequence should be used:
364  *
365  * Ecies_StartEncrypt() // Start the encryption process.
366  * Ecies_Encrypt() // Call zero or more times until all plaintext is encrypted.
367  * Ecies_DoneEncrypt() // Complete the process and obtain the authentication tag.
368  *
369  * Calling this function will cancel any previously started process using the same session.
370  *
371  * The session must have been created with the public key used for encryption.
372  *
373  * An optional label associated with the message can be added.
374  *
375  * The public portion of the ephemeral key used during the encrytion process is stored in the
376  * ephemKeyPtr buffer. It is encoded as an ECPoint as described in RFC5480.
377  *
378  * @return
379  * LE_OK if successful.
380  * LE_BAD_PARAMETER if the session reference is invalid
381  * or if the key type is invalid
382  * or if either labelPtr, ephemKeyPtr, ephemKeySizePtr is NULL
383  * when they shouldn't be.
384  * LE_OUT_OF_RANGE if the labelSize is invalid.
385  * LE_OVERFLOW if any of the output buffers are too small.
386  * LE_FAULT if there was an internal error.
387  */
388 //--------------------------------------------------------------------------------------------------
390 (
391  uint64_t session,
392  ///< [IN] Session reference.
393  const uint8_t* labelPtr,
394  ///< [IN] Label. NULL if not used.
395  size_t labelSize,
396  ///< [IN]
397  uint8_t* ephemKeyPtr,
398  ///< [OUT] Serialized ephemeral public key.
399  size_t* ephemKeySizePtr
400  ///< [INOUT]
401 );
402 
403 //--------------------------------------------------------------------------------------------------
404 /**
405  * Encrypt a chunk of plaintext. Ecies_StartEncrypt() must have been previously called to
406  * start an encryption process.
407  *
408  * @return
409  * LE_OK if successful.
410  * LE_BAD_PARAMETER if the session reference is invalid
411  * or if the key type is invalid
412  * or if plaintextChunkPtr or ciphertextChunkPtr is NULL.
413  * LE_OUT_OF_RANGE if textSize is too big.
414  * LE_FAULT if an encryption process has not started.
415  */
416 //--------------------------------------------------------------------------------------------------
418 (
419  uint64_t session,
420  ///< [IN] Session reference.
421  const uint8_t* plaintextChunkPtr,
422  ///< [IN] Plaintext chunk. NULL if not used.
423  size_t plaintextChunkSize,
424  ///< [IN]
425  uint8_t* ciphertextChunkPtr,
426  ///< [OUT] Buffer to hold the ciphertext chunk.
427  size_t* ciphertextChunkSizePtr
428  ///< [INOUT]
429 );
430 
431 //--------------------------------------------------------------------------------------------------
432 /**
433  * Complete encryption and calculate the authentication tag.
434  *
435  * The maximum tag size depends on the symmetric algorithm used. If the supplied buffer is
436  * larger than or equal to the maximum authentication tag size then the full authentication tag is
437  * copied to the buffer and the rest of the buffer is left unmodified. If the supplied buffer is
438  * smaller than the maximum tag size then the tag will be truncated. However, all tags produced
439  * using the same key must use the same tag size. It is up to the caller to ensure this.
440  *
441  * @return
442  * LE_OK if successful.
443  * LE_BAD_PARAMETER if the session reference is invalid
444  * or if the key type is invalid
445  * or if tagPtr is NULL.
446  * LE_OUT_OF_RANGE if tagSize if invalud.
447  * LE_OVERFLOW if the tagPtr buffer is too small.
448  * LE_FAULT if an encryption process has not started or no data has been processed.
449  */
450 //--------------------------------------------------------------------------------------------------
452 (
453  uint64_t session,
454  ///< [IN] Session reference.
455  uint8_t* tagPtr,
456  ///< [OUT] Buffer to hold the authentication tag.
457  size_t* tagSizePtr
458  ///< [INOUT]
459 );
460 
461 //--------------------------------------------------------------------------------------------------
462 /**
463  * Starts a process to decrypt and check the integrity of a message with ECIES (Elliptic Curve
464  * Integrated Encryption System).
465  *
466  * Hybrid encryption combines an asymmetric encryption system with a symmetric encryption system to
467  * encrypt (possibly long) messages that can only be decrypted with the holder of the private key.
468  * Hybrid encryption is usually accomplished by using a symmetric encryption system to bulk encrypt
469  * the message and then using the asymmetric encryption system to encrypt the symmetric key.
470  *
471  * ECIES provides hybrid encryption through a method that is more efficient than manually performing
472  * the two step process described above. Broadly speaking, ECIES performs a key agreement to
473  * generate a shared secret, the shared secret is then used to generate a symmetric key using a KDF
474  * (Key Derivation Function). The symmetric key is then used to bulk encrypt the message.
475  *
476  * This implementation of ECIES generally follows the SEC 1 standard but supports modernized
477  * algorithms for the KDF and bulk encryption.
478  *
479  * To decrypt a long packet the following sequence should be used:
480  *
481  * Ecies_StartDecrypt() // Start the decryption process.
482  * Ecies_Decrypt() // Call zero or more times until all ciphertext is decrypted.
483  * Ecies_DoneDecrypt() // Complete the process and check the authentication tag.
484  *
485  * Calling this function will cancel any previously started process using the same session.
486  *
487  * The same label and ephemeral public key used for encryption must be provided.
488  *
489  * @warning
490  * While decrypting long packets in this 'streaming' fashion plaintext chunks are released to
491  * the caller before they are verified for integrity. Ie. the caller will not know the
492  * plaintext is correct until DoneDecrypt() is called. The caller therefore must
493  * not release or make use of any plaintext chunks until after DoneDecrypt() returns
494  * with LE_OK.
495  *
496  * @return
497  * LE_OK if successful.
498  * LE_BAD_PARAMETER if the session reference is invalid
499  * or if the session key type or ephemeral key is invalid
500  * or if the ephemKeyPtr is NULL.
501  * LE_OUT_OF_RANGE if either the labelSize or ephemKeySize is invalid.
502  * LE_FAULT if there was an internal error.
503  */
504 //--------------------------------------------------------------------------------------------------
506 (
507  uint64_t session,
508  ///< [IN] Session reference.
509  const uint8_t* labelPtr,
510  ///< [IN] Label. NULL if not used.
511  size_t labelSize,
512  ///< [IN]
513  const uint8_t* ephemKeyPtr,
514  ///< [IN] Serialized ephemeral public key.
515  size_t ephemKeySize
516  ///< [IN]
517 );
518 
519 //--------------------------------------------------------------------------------------------------
520 /**
521  * Decrypt a chunk of ciphertext. Ecies_StartDecrypt() must have been previously called to
522  * start a decryption process.
523  *
524  * @return
525  * LE_OK if successful.
526  * LE_BAD_PARAMETER if the session reference is invalid
527  * or if the key type is invalid
528  * or if plaintextChunkPtr or ciphertextChunkPtr is NULL.
529  * LE_OUT_OF_RANGE if textSize is invalid.
530  * LE_FAULT if a decryption process has not started.
531  */
532 //--------------------------------------------------------------------------------------------------
534 (
535  uint64_t session,
536  ///< [IN] Session reference.
537  const uint8_t* ciphertextChunkPtr,
538  ///< [IN] Ciphertext chunk.
539  size_t ciphertextChunkSize,
540  ///< [IN]
541  uint8_t* plaintextChunkPtr,
542  ///< [OUT] Buffer to hold the plaintext chunk.
543  size_t* plaintextChunkSizePtr
544  ///< [INOUT]
545 );
546 
547 //--------------------------------------------------------------------------------------------------
548 /**
549  * Complete decryption and verify the integrity.
550  *
551  * @return
552  * LE_OK if successful.
553  * LE_BAD_PARAMETER if the session reference is invalid
554  * or if the key type is invalid
555  * or if tagPtr is NULL.
556  * LE_OUT_OF_RANGE if tagSize is invalid.
557  * LE_FAULT if a decryption process has not started or no data has been processed
558  * or the integrity check failed.
559  */
560 //--------------------------------------------------------------------------------------------------
562 (
563  uint64_t session,
564  ///< [IN] Session reference.
565  const uint8_t* tagPtr,
566  ///< [IN] Authentication tag.
567  size_t tagSize
568  ///< [IN]
569 );
570 
571 /** @} **/
572 
573 #endif // LE_IKS_ECC_INTERFACE_H_INCLUDE_GUARD
void le_iks_ecc_DisconnectService(void)
le_result_t
Definition: le_basics.h:46
le_result_t le_iks_ecc_Ecdsa_GenSig(uint64_t keyRef, const uint8_t *digestPtr, size_t digestSize, uint8_t *signaturePtr, size_t *signatureSizePtr)
void le_iks_ecc_ConnectService(void)
le_result_t le_iks_ecc_Ecies_Encrypt(uint64_t session, const uint8_t *plaintextChunkPtr, size_t plaintextChunkSize, uint8_t *ciphertextChunkPtr, size_t *ciphertextChunkSizePtr)
le_result_t le_iks_ecc_Ecies_DoneEncrypt(uint64_t session, uint8_t *tagPtr, size_t *tagSizePtr)
le_result_t le_iks_ecc_Ecies_StartDecrypt(uint64_t session, const uint8_t *labelPtr, size_t labelSize, const uint8_t *ephemKeyPtr, size_t ephemKeySize)
le_result_t le_iks_ecc_Ecies_DoneDecrypt(uint64_t session, const uint8_t *tagPtr, size_t tagSize)
le_result_t le_iks_ecc_Ecdh_GetSharedSecret(uint64_t privKeyRef, uint64_t pubKeyRef, uint8_t *secretPtr, size_t *secretSizePtr)
#define LE_FULL_API
Definition: le_apiFeatures.h:40
le_result_t le_iks_ecc_Ecies_Decrypt(uint64_t session, const uint8_t *ciphertextChunkPtr, size_t ciphertextChunkSize, uint8_t *plaintextChunkPtr, size_t *plaintextChunkSizePtr)
le_result_t le_iks_ecc_Ecies_StartEncrypt(uint64_t session, const uint8_t *labelPtr, size_t labelSize, uint8_t *ephemKeyPtr, size_t *ephemKeySizePtr)
le_result_t le_iks_ecc_Ecies_EncryptPacket(uint64_t keyRef, const uint8_t *labelPtr, size_t labelSize, const uint8_t *plaintextPtr, size_t plaintextSize, uint8_t *ciphertextPtr, size_t *ciphertextSizePtr, uint8_t *ephemKeyPtr, size_t *ephemKeySizePtr, uint8_t *tagPtr, size_t *tagSizePtr)
void(* le_iks_ecc_DisconnectHandler_t)(void *)
Definition: le_iks_ecc_interface.h:54
le_result_t le_iks_ecc_Ecies_DecryptPacket(uint64_t keyRef, const uint8_t *labelPtr, size_t labelSize, const uint8_t *ephemKeyPtr, size_t ephemKeySize, const uint8_t *ciphertextPtr, size_t ciphertextSize, uint8_t *plaintextPtr, size_t *plaintextSizePtr, const uint8_t *tagPtr, size_t tagSize)
LE_FULL_API void le_iks_ecc_SetServerDisconnectHandler(le_iks_ecc_DisconnectHandler_t disconnectHandler, void *contextPtr)
le_result_t le_iks_ecc_Ecdsa_VerifySig(uint64_t keyRef, const uint8_t *digestPtr, size_t digestSize, const uint8_t *signaturePtr, size_t signatureSize)
le_result_t le_iks_ecc_TryConnectService(void)