diff options
| author | Dimitri Staessens <dimitri@ouroboros.rocks> | 2025-06-28 11:27:50 +0200 |
|---|---|---|
| committer | Sander Vrijders <sander@ouroboros.rocks> | 2025-07-04 10:12:15 +0200 |
| commit | 84134b93c1fc1c670f52ab199dcda6fc9c42626f (patch) | |
| tree | 92375d0d9d656b7ccfb003ba7cf30c54171cd847 /include/ouroboros/crypt.h | |
| parent | d2295c1c228f05beaf3ec8abe44a4ae114742076 (diff) | |
| download | ouroboros-84134b93c1fc1c670f52ab199dcda6fc9c42626f.tar.gz ouroboros-84134b93c1fc1c670f52ab199dcda6fc9c42626f.zip | |
lib: Add authentication functions
Adds functions needed for authentication using X509 certificates,
implemented using OpenSSL.
Refactors some library internals, and adds some unit tests for them.
Signed-off-by: Dimitri Staessens <dimitri@ouroboros.rocks>
Signed-off-by: Sander Vrijders <sander@ouroboros.rocks>
Diffstat (limited to 'include/ouroboros/crypt.h')
| -rw-r--r-- | include/ouroboros/crypt.h | 87 |
1 files changed, 70 insertions, 17 deletions
diff --git a/include/ouroboros/crypt.h b/include/ouroboros/crypt.h index 28fe63b2..b510a3b2 100644 --- a/include/ouroboros/crypt.h +++ b/include/ouroboros/crypt.h @@ -26,31 +26,84 @@ #include <ouroboros/shm_du_buff.h> #include <ouroboros/utils.h> +#define IVSZ 16 #define SYMMKEYSZ 32 +#define MSGBUFSZ 2048 -struct crypt_info { - uint16_t flags; - void * ctx; - uint8_t key[SYMMKEYSZ]; -}; +struct auth_ctx; +struct crypt_ctx; -int crypt_dh_pkp_create(void ** pkp, - uint8_t * pk); +struct crypt_ctx * crypt_create_ctx(uint16_t flags, + const uint8_t * key); -void crypt_dh_pkp_destroy(void * pkp); +void crypt_destroy_ctx(struct crypt_ctx * ctx); -int crypt_dh_derive(void * pkp, - buffer_t pk, - uint8_t * s); +int crypt_dh_pkp_create(void ** pkp, + uint8_t * pk); -int crypt_encrypt(struct crypt_info * info, - struct shm_du_buff * sdb); +void crypt_dh_pkp_destroy(void * pkp); -int crypt_decrypt(struct crypt_info * info, - struct shm_du_buff * sdb); +int crypt_dh_derive(void * pkp, + buffer_t pk, + uint8_t * s); -int crypt_init(struct crypt_info * info); +int crypt_encrypt(struct crypt_ctx * ctx, + buffer_t in, + buffer_t * out); -void crypt_fini(struct crypt_info * info); +int crypt_decrypt(struct crypt_ctx * ctx, + buffer_t in, + buffer_t * out); + +int crypt_load_crt_file(const char * path, + void ** crt); + +int crypt_load_crt_str(const char * str, + void ** crt); + +int crypt_get_pubkey_crt(void * crt, + void ** pk); + +void crypt_free_crt(void * crt); + +int crypt_load_privkey_file(const char * path, + void ** key); + +int crypt_load_privkey_str(const char * str, + void ** key); + +int crypt_load_pubkey_str(const char * str, + void ** key); + +int crypt_cmp_key(const void * key1, + const void * key2); + +void crypt_free_key(void * key); + +int crypt_crt_str(void * crt, + char * buf); + +int crypt_check_crt_name(void * crt, + const char * name); + +struct auth_ctx * auth_create_ctx(void); + +void auth_destroy_ctx(struct auth_ctx * ctx); + +int auth_add_crt_to_store(struct auth_ctx * ctx, + void * crt); + +void auth_destroy_ctx(struct auth_ctx * ctx); + +int auth_verify_crt(struct auth_ctx * ctx, + void * crt); + +int auth_sign(void * pkp, + buffer_t msg, + buffer_t * sig); + +int auth_verify_sig(void * pk, + buffer_t msg, + buffer_t sig); #endif /* OUROBOROS_LIB_CRYPT_H */ |