ctap__crypto_8h_source.html

/*

 * Copyright (C) 2021 Freie Universität Berlin

 *

 * This file is subject to the terms and conditions of the GNU Lesser

 * General Public License v2.1. See the file LICENSE in the top level

 * directory for more details.

 */


#pragma once


#include <stdint.h>


#include "hashes/sha256.h"

#include "fido2/ctap.h"


#ifdef __cplusplus

extern "C" {

#endif


#define CTAP_CRYPTO_KEY_SIZE 32


#define CTAP_CRYPTO_ES256_DER_MAX_SIZE 72


typedef struct {

    uint8_t x[CTAP_CRYPTO_KEY_SIZE];

    uint8_t y[CTAP_CRYPTO_KEY_SIZE];

} ctap_crypto_pub_key_t;


typedef struct {

    ctap_crypto_pub_key_t pub;

    uint8_t priv[CTAP_CRYPTO_KEY_SIZE];

} ctap_crypto_key_agreement_key_t;


ctap_status_code_t fido2_ctap_crypto_init(void);


ctap_status_code_t fido2_ctap_crypto_prng(uint8_t *buf, size_t len);


ctap_status_code_t fido2_ctap_crypto_sha256_init(sha256_context_t *ctx);


ctap_status_code_t fido2_ctap_crypto_sha256_update(sha256_context_t *ctx, const void *data, size_t len);


ctap_status_code_t fido2_ctap_crypto_sha256_final(sha256_context_t *ctx, void *digest);


ctap_status_code_t fido2_ctap_crypto_sha256(const void *data, size_t len,

                             void *digest);


ctap_status_code_t fido2_ctap_crypto_hmac_sha256_init(hmac_context_t *ctx, const void *key,

                                       size_t key_length);


ctap_status_code_t fido2_ctap_crypto_hmac_sha256_update(hmac_context_t *ctx, const void *data, size_t len);


ctap_status_code_t fido2_ctap_crypto_hmac_sha256_final(hmac_context_t *ctx, void *digest);


ctap_status_code_t fido2_ctap_crypto_hmac_sha256(const void *key,

                                  size_t key_length, const void *data, size_t len,

                                  void *digest);


ctap_status_code_t fido2_ctap_crypto_gen_keypair(ctap_crypto_pub_key_t *pub_key, uint8_t *priv_key, size_t len);


ctap_status_code_t fido2_ctap_crypto_ecdh(uint8_t *out, size_t len,

                           ctap_crypto_pub_key_t *pub_key, uint8_t *priv_key, size_t key_len);


ctap_status_code_t fido2_ctap_crypto_get_sig(uint8_t *hash, size_t hash_len, uint8_t *sig,

                              size_t *sig_len, const uint8_t *key, size_t key_len);


ctap_status_code_t fido2_ctap_crypto_aes_enc(uint8_t * out, size_t *out_len, uint8_t * in,

                              size_t in_len, const uint8_t * key, size_t key_len);


ctap_status_code_t fido2_ctap_crypto_aes_dec(uint8_t * out, size_t *out_len, uint8_t * in,

                              size_t in_len, const uint8_t * key, size_t key_len);


ctap_status_code_t fido2_ctap_crypto_aes_ccm_enc(uint8_t *out, size_t out_len,

                                  const uint8_t *in, size_t in_len,

                                  uint8_t *auth_data, size_t auth_data_len,

                                  uint8_t mac_len, uint8_t length_encoding,

                                  const uint8_t *nonce, size_t nonce_len,

                                  const uint8_t *key, size_t key_len);


ctap_status_code_t fido2_ctap_crypto_aes_ccm_dec(uint8_t *out, size_t out_len,

                                  const uint8_t *in, size_t in_len,

                                  uint8_t *auth_data, size_t auth_data_len,

                                  uint8_t mac_len, uint8_t length_encoding,

                                  const uint8_t *nonce, size_t nonce_len,

                                  const uint8_t *key, size_t key_len);

#ifdef __cplusplus

}

#endif

ctap.h
Public FIDO2 CTAP defines, structures and function declarations.

fido2_ctap_crypto_prng
ctap_status_code_t fido2_ctap_crypto_prng(uint8_t *buf, size_t len)
Wrapper function for random_bytes.

fido2_ctap_crypto_init
ctap_status_code_t fido2_ctap_crypto_init(void)
Initialize crypto helper.

fido2_ctap_crypto_hmac_sha256_init
ctap_status_code_t fido2_ctap_crypto_hmac_sha256_init(hmac_context_t *ctx, const void *key, size_t key_length)
Wrapper function for hmac_sha256_init.

fido2_ctap_crypto_sha256_update
ctap_status_code_t fido2_ctap_crypto_sha256_update(sha256_context_t *ctx, const void *data, size_t len)
Wrapper function for sha256_update.

fido2_ctap_crypto_hmac_sha256_final
ctap_status_code_t fido2_ctap_crypto_hmac_sha256_final(hmac_context_t *ctx, void *digest)
Wrapper function for hmac_sha256_final.

fido2_ctap_crypto_aes_ccm_enc
ctap_status_code_t fido2_ctap_crypto_aes_ccm_enc(uint8_t *out, size_t out_len, const uint8_t *in, size_t in_len, uint8_t *auth_data, size_t auth_data_len, uint8_t mac_len, uint8_t length_encoding, const uint8_t *nonce, size_t nonce_len, const uint8_t *key, size_t key_len)
Encrypt data using AES-128-CCM.

fido2_ctap_crypto_sha256
ctap_status_code_t fido2_ctap_crypto_sha256(const void *data, size_t len, void *digest)
Wrapper function for sha256.

fido2_ctap_crypto_gen_keypair
ctap_status_code_t fido2_ctap_crypto_gen_keypair(ctap_crypto_pub_key_t *pub_key, uint8_t *priv_key, size_t len)
Generate cryptographic key pair.

fido2_ctap_crypto_aes_enc
ctap_status_code_t fido2_ctap_crypto_aes_enc(uint8_t *out, size_t *out_len, uint8_t *in, size_t in_len, const uint8_t *key, size_t key_len)
Encrypt data using AES-256-CBC.

fido2_ctap_crypto_hmac_sha256
ctap_status_code_t fido2_ctap_crypto_hmac_sha256(const void *key, size_t key_length, const void *data, size_t len, void *digest)
Wrapper function for hmac_sha256.

CTAP_CRYPTO_KEY_SIZE
#define CTAP_CRYPTO_KEY_SIZE
Size in bytes of cryptographic keys used.
Definition ctap_crypto.h:37

fido2_ctap_crypto_aes_dec
ctap_status_code_t fido2_ctap_crypto_aes_dec(uint8_t *out, size_t *out_len, uint8_t *in, size_t in_len, const uint8_t *key, size_t key_len)
Decrypt data using AES-256-CBC.

fido2_ctap_crypto_sha256_final
ctap_status_code_t fido2_ctap_crypto_sha256_final(sha256_context_t *ctx, void *digest)
Wrapper for sha256_final.

fido2_ctap_crypto_aes_ccm_dec
ctap_status_code_t fido2_ctap_crypto_aes_ccm_dec(uint8_t *out, size_t out_len, const uint8_t *in, size_t in_len, uint8_t *auth_data, size_t auth_data_len, uint8_t mac_len, uint8_t length_encoding, const uint8_t *nonce, size_t nonce_len, const uint8_t *key, size_t key_len)
Encrypt data using AES-128-CCM.

fido2_ctap_crypto_hmac_sha256_update
ctap_status_code_t fido2_ctap_crypto_hmac_sha256_update(hmac_context_t *ctx, const void *data, size_t len)
Wrapper function for hmac_sha256_update.

fido2_ctap_crypto_ecdh
ctap_status_code_t fido2_ctap_crypto_ecdh(uint8_t *out, size_t len, ctap_crypto_pub_key_t *pub_key, uint8_t *priv_key, size_t key_len)
Elliptic-curve Diffie-Hellmann.

fido2_ctap_crypto_get_sig
ctap_status_code_t fido2_ctap_crypto_get_sig(uint8_t *hash, size_t hash_len, uint8_t *sig, size_t *sig_len, const uint8_t *key, size_t key_len)
Create cryptographic signature.

fido2_ctap_crypto_sha256_init
ctap_status_code_t fido2_ctap_crypto_sha256_init(sha256_context_t *ctx)
Wrapper function for sha256_init.

ctap_status_code_t
ctap_status_code_t
CTAP status codes.
Definition ctap.h:46

sha256_context_t
sha2xx_context_t sha256_context_t
Context for cipher operations based on sha256.
Definition sha256.h:71

sha256.h
Header definitions for the SHA256 hash function.

ctap_crypto_key_agreement_key_t
Key agreement key.
Definition ctap_crypto.h:57

ctap_crypto_key_agreement_key_t::pub
ctap_crypto_pub_key_t pub
public key
Definition ctap_crypto.h:58

ctap_crypto_key_agreement_key_t::priv
uint8_t priv[CTAP_CRYPTO_KEY_SIZE]
private key
Definition ctap_crypto.h:59

ctap_crypto_pub_key_t
Elliptic curve public key.
Definition ctap_crypto.h:47

ctap_crypto_pub_key_t::y
uint8_t y[CTAP_CRYPTO_KEY_SIZE]
y coordinate of curve point
Definition ctap_crypto.h:49

ctap_crypto_pub_key_t::x
uint8_t x[CTAP_CRYPTO_KEY_SIZE]
x coordinate of curve point
Definition ctap_crypto.h:48

hmac_context_t
Context for HMAC operations based on sha256.
Definition sha256.h:76