| | |
|---|
| | | /* |
|---|
| | | crypto.h |
|---|
| | | Copyright (C) 2017 Belledonne Communications SARL |
|---|
| | | |
|---|
| | | This program is free software; you can redistribute it and/or |
|---|
| | | modify it under the terms of the GNU General Public License |
|---|
| | | as published by the Free Software Foundation; either version 2 |
|---|
| | | of the License, or (at your option) any later version. |
|---|
| | | |
|---|
| | | This program is distributed in the hope that it will be useful, |
|---|
| | | but WITHOUT ANY WARRANTY; without even the implied warranty of |
|---|
| | | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|---|
| | | GNU General Public License for more details. |
|---|
| | | |
|---|
| | | You should have received a copy of the GNU General Public License |
|---|
| | | along with this program; if not, write to the Free Software |
|---|
| | | Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. |
|---|
| | | */ |
|---|
| | | * Copyright (c) 2016-2020 Belledonne Communications SARL. |
|---|
| | | * |
|---|
| | | * This file is part of bctoolbox. |
|---|
| | | * |
|---|
| | | * This program is free software: you can redistribute it and/or modify |
|---|
| | | * it under the terms of the GNU General Public License as published by |
|---|
| | | * the Free Software Foundation, either version 3 of the License, or |
|---|
| | | * (at your option) any later version. |
|---|
| | | * |
|---|
| | | * This program is distributed in the hope that it will be useful, |
|---|
| | | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
|---|
| | | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|---|
| | | * GNU General Public License for more details. |
|---|
| | | * |
|---|
| | | * You should have received a copy of the GNU General Public License |
|---|
| | | * along with this program. If not, see <http://www.gnu.org/licenses/>. |
|---|
| | | */ |
|---|
| | | #ifndef BCTBX_CRYPTO_H |
|---|
| | | #define BCTBX_CRYPTO_H |
|---|
| | | |
|---|
| | |
|---|
| | | * |
|---|
| | | * @return a pointer to a null terminated string containing the certificate in PEM format. This buffer must then be freed by caller. NULL on failure. |
|---|
| | | */ |
|---|
| | | BCTBX_PUBLIC char *bctbx_x509_certificates_chain_get_pem(bctbx_x509_certificate_t *cert); |
|---|
| | | BCTBX_PUBLIC char *bctbx_x509_certificates_chain_get_pem(const bctbx_x509_certificate_t *cert); |
|---|
| | | |
|---|
| | | /** |
|---|
| | | * @brief Return an informational string about the certificate |
|---|
| | |
|---|
| | | BCTBX_PUBLIC int32_t bctbx_ssl_config_set_authmode(bctbx_ssl_config_t *ssl_config, int authmode); |
|---|
| | | BCTBX_PUBLIC int32_t bctbx_ssl_config_set_rng(bctbx_ssl_config_t *ssl_config, int(*rng_function)(void *, unsigned char *, size_t), void *rng_context); |
|---|
| | | BCTBX_PUBLIC int32_t bctbx_ssl_config_set_callback_verify(bctbx_ssl_config_t *ssl_config, int(*callback_function)(void *, bctbx_x509_certificate_t *, int, uint32_t *), void *callback_data); |
|---|
| | | BCTBX_PUBLIC int32_t bctbx_ssl_config_set_callback_cli_cert(bctbx_ssl_config_t *ssl_config, int(*callback_function)(void *, bctbx_ssl_context_t *, unsigned char *, size_t), void *callback_data); |
|---|
| | | BCTBX_PUBLIC int32_t bctbx_ssl_config_set_callback_cli_cert(bctbx_ssl_config_t *ssl_config, int(*callback_function)(void *, bctbx_ssl_context_t *, const bctbx_list_t *), void *callback_data); |
|---|
| | | BCTBX_PUBLIC int32_t bctbx_ssl_config_set_ca_chain(bctbx_ssl_config_t *ssl_config, bctbx_x509_certificate_t *ca_chain); |
|---|
| | | BCTBX_PUBLIC int32_t bctbx_ssl_config_set_own_cert(bctbx_ssl_config_t *ssl_config, bctbx_x509_certificate_t *cert, bctbx_signing_key_t *key); |
|---|
| | | BCTBX_PUBLIC int32_t bctbx_ssl_config_set_ciphersuites(bctbx_ssl_config_t *ssl_config,const int *ciphersuites); |
|---|
| | |
|---|
| | | /***** DTLS-SRTP functions *****/ |
|---|
| | | BCTBX_PUBLIC bctbx_dtls_srtp_profile_t bctbx_ssl_get_dtls_srtp_protection_profile(bctbx_ssl_context_t *ssl_ctx); |
|---|
| | | BCTBX_PUBLIC int32_t bctbx_ssl_config_set_dtls_srtp_protection_profiles(bctbx_ssl_config_t *ssl_config, const bctbx_dtls_srtp_profile_t *profiles, size_t profiles_number); |
|---|
| | | BCTBX_PUBLIC int32_t bctbx_ssl_get_dtls_srtp_key_material(bctbx_ssl_context_t *ssl_ctx, char *output, size_t *output_length); |
|---|
| | | BCTBX_PUBLIC int32_t bctbx_ssl_get_dtls_srtp_key_material(bctbx_ssl_config_t *ssl_ctx, uint8_t *output, size_t *output_length); |
|---|
| | | BCTBX_PUBLIC uint8_t bctbx_dtls_srtp_supported(void); |
|---|
| | | BCTBX_PUBLIC void bctbx_ssl_set_mtu(bctbx_ssl_context_t *ssl_ctx, uint16_t mtu); |
|---|
| | | |
|---|
| | |
|---|
| | | * @Brief Conclude a AES-GCM encryption stream, generate tag if requested, free resources |
|---|
| | | * |
|---|
| | | * @param[in/out] context a context already initialized using bctbx_aes_gcm_context_new |
|---|
| | | * @param[out] tag a buffer to hold the authentication tag. Can be NULL if tagLength is 0 |
|---|
| | | * @param[in] tagLength length of reqested authentication tag, max 16 |
|---|
| | | * @param[out] tag a buffer to hold the authentication tag. Can be NULL if tagLength is 0 |
|---|
| | | * @param[in] tagLength length of requested authentication tag, max 16 |
|---|
| | | * |
|---|
| | | * @return 0 on success, crypto library error code otherwise |
|---|
| | | */ |
|---|
| | |
|---|
| | | /** |
|---|
| | | * @brief encrypt the file in input buffer for linphone encrypted file transfer |
|---|
| | | * |
|---|
| | | * @param[in/out] cryptoContext a context already initialized using bctbx_aes_gcm_context_new |
|---|
| | | * This function must be called with NULL in the plain text to conclude the encryption. |
|---|
| | | * At this last call, if a cipher buffer is provided with non 0 length, it will get an authentication tag of the requested size (max 16) |
|---|
| | | * |
|---|
| | | * @param[in/out] cryptoContext a context already initialized using bctbx_aes_gcm_context_new (created if NULL) |
|---|
| | | * @param[in] key encryption key |
|---|
| | | * @param[in] length buffer size |
|---|
| | | * @param[in] plain buffer holding the input data |
|---|
| | | * @param[out] cipher buffer to store the output data |
|---|
| | | * @param[out] cipher buffer to store the output data (cipher or authentication tag) |
|---|
| | | */ |
|---|
| | | BCTBX_PUBLIC int bctbx_aes_gcm_encryptFile(void **cryptoContext, unsigned char *key, size_t length, char *plain, char *cipher); |
|---|
| | | |
|---|
| | | /** |
|---|
| | | * @brief decrypt the file in input buffer for linphone encrypted file transfer |
|---|
| | | * |
|---|
| | | * This function must be called with NULL in the cipher text to conclude the encryption. |
|---|
| | | * At this last call, if a plain buffer is provided with non 0 length, it will get the authentication tag of length bytes (max 16) |
|---|
| | | * |
|---|
| | | * @param[in/out] cryptoContext a context already initialized using bctbx_aes_gcm_context_new |
|---|
| | | * @param[in] key encryption key |
|---|
| | | * @param[in] length buffer size |
|---|
| | | * @param[out] plain buffer holding the output data |
|---|
| | | * @param[int] cipher buffer to store the input data |
|---|
| | | * @param[in] length input buffer size |
|---|
| | | * @param[out] plain buffer holding the output data (plain text or tag) |
|---|
| | | * @param[in] cipher buffer to store the input data. WARNING: size must be a multiple of 16 bytes |
|---|
| | | */ |
|---|
| | | BCTBX_PUBLIC int bctbx_aes_gcm_decryptFile(void **cryptoContext, unsigned char *key, size_t length, char *plain, char *cipher); |
|---|
| | | |
|---|
