1 /*
2  *  Copyright (c) 2016, The OpenThread Authors.
3  *  All rights reserved.
4  *
5  *  Redistribution and use in source and binary forms, with or without
6  *  modification, are permitted provided that the following conditions are met:
7  *  1. Redistributions of source code must retain the above copyright
8  *     notice, this list of conditions and the following disclaimer.
9  *  2. Redistributions in binary form must reproduce the above copyright
10  *     notice, this list of conditions and the following disclaimer in the
11  *     documentation and/or other materials provided with the distribution.
12  *  3. Neither the name of the copyright holder nor the
13  *     names of its contributors may be used to endorse or promote products
14  *     derived from this software without specific prior written permission.
15  *
16  *  THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
17  *  AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18  *  IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19  *  ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
20  *  LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
21  *  CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
22  *  SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
23  *  INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
24  *  CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
25  *  ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
26  *  POSSIBILITY OF SUCH DAMAGE.
27  */
28 
29 /**
30  * @file
31  * @brief
32  *  This file defines the OpenThread crypto C APIs.
33  */
34 
35 #ifndef OPENTHREAD_CRYPTO_H_
36 #define OPENTHREAD_CRYPTO_H_
37 
38 #include <stdbool.h>
39 #include <stdint.h>
40 
41 #include <openthread/error.h>
42 
43 #ifdef __cplusplus
44 extern "C" {
45 #endif
46 
47 /**
48  * @addtogroup api-crypto
49  *
50  * @brief
51  *   This module includes cryptographic functions.
52  *
53  * @{
54  *
55  */
56 
57 #define OT_CRYPTO_SHA256_HASH_SIZE 32 ///< Length of SHA256 hash (in bytes).
58 
59 /**
60  * @struct otCryptoSha256Hash
61  *
62  * This structure represents a SHA-256 hash.
63  *
64  */
65 OT_TOOL_PACKED_BEGIN
66 struct otCryptoSha256Hash
67 {
68     uint8_t m8[OT_CRYPTO_SHA256_HASH_SIZE]; ///< Hash bytes.
69 } OT_TOOL_PACKED_END;
70 
71 /**
72  * This structure represents a SHA-256 hash.
73  *
74  */
75 typedef struct otCryptoSha256Hash otCryptoSha256Hash;
76 
77 /**
78  * This function performs HMAC computation.
79  *
80  * @param[in]     aKey           A pointer to the key.
81  * @param[in]     aKeyLength     The key length in bytes.
82  * @param[in]     aBuf           A pointer to the input buffer.
83  * @param[in]     aBufLength     The length of @p aBuf in bytes.
84  * @param[out]    aHash          A pointer to a `otCryptoSha256Hash` structure to output the hash value.
85  *
86  */
87 void otCryptoHmacSha256(const uint8_t *     aKey,
88                         uint16_t            aKeyLength,
89                         const uint8_t *     aBuf,
90                         uint16_t            aBufLength,
91                         otCryptoSha256Hash *aHash);
92 
93 /**
94  * This method performs AES CCM computation.
95  *
96  * @param[in]     aKey           A pointer to the key.
97  * @param[in]     aKeyLength     Length of the key in bytes.
98  * @param[in]     aTagLength     Length of tag in bytes.
99  * @param[in]     aNonce         A pointer to the nonce.
100  * @param[in]     aNonceLength   Length of nonce in bytes.
101  *
102  * @param[in]     aHeader        A pointer to the header.
103  * @param[in]     aHeaderLength  Length of header in bytes.
104  *
105  * @param[inout]  aPlainText     A pointer to the plaintext.
106  * @param[inout]  aCipherText    A pointer to the ciphertext.
107  * @param[in]     aLength        Plaintext length in bytes.
108  * @param[in]     aEncrypt       `true` on encrypt and `false` on decrypt.
109  *
110  * @param[out]    aTag           A pointer to the tag.
111  *
112  */
113 void otCryptoAesCcm(const uint8_t *aKey,
114                     uint16_t       aKeyLength,
115                     uint8_t        aTagLength,
116                     const void *   aNonce,
117                     uint8_t        aNonceLength,
118                     const void *   aHeader,
119                     uint32_t       aHeaderLength,
120                     void *         aPlainText,
121                     void *         aCipherText,
122                     uint32_t       aLength,
123                     bool           aEncrypt,
124                     void *         aTag);
125 
126 /**
127  * This method creates ECDSA sign.
128  *
129  * @param[out]    aOutput            An output buffer where ECDSA sign should be stored.
130  * @param[inout]  aOutputLength      The length of the @p aOutput buffer.
131  * @param[in]     aInputHash         An input hash.
132  * @param[in]     aInputHashLength   The length of the @p aInputHash buffer.
133  * @param[in]     aPrivateKey        A private key in PEM format.
134  * @param[in]     aPrivateKeyLength  The length of the @p aPrivateKey buffer.
135  *
136  * @retval  OT_ERROR_NONE         ECDSA sign has been created successfully.
137  * @retval  OT_ERROR_NO_BUFS      Output buffer is too small.
138  * @retval  OT_ERROR_INVALID_ARGS Private key is not valid EC Private Key.
139  * @retval  OT_ERROR_FAILED       Error during signing.
140  */
141 otError otCryptoEcdsaSign(uint8_t *      aOutput,
142                           uint16_t *     aOutputLength,
143                           const uint8_t *aInputHash,
144                           uint16_t       aInputHashLength,
145                           const uint8_t *aPrivateKey,
146                           uint16_t       aPrivateKeyLength);
147 
148 /**
149  * @}
150  *
151  */
152 
153 #ifdef __cplusplus
154 } // extern "C"
155 #endif
156 
157 #endif // OPENTHREAD_CRYPTO_H_
158