High Performance OPC UA Server SDK
1.4.2.279
|
Data Structures | |
struct | crypto_key_plain |
Internal representation of a key in byte string format. More... | |
struct | crypto_key |
Private/public key handle. More... | |
Macros | |
#define | crypto_alg_null 0 |
Null operation for all algorithms. More... | |
#define | CRYPTO_SHA1_LEN 20 |
Destination buffer lengths for hash algorithms. More... | |
#define | CRYPTO_SHA224_LEN 28 |
#define | CRYPTO_SHA256_LEN 32 |
#define | CRYPTO_SHA384_LEN 48 |
#define | CRYPTO_SHA512_LEN 64 |
#define | CRYPTO_AES_BLOCK_SIZE_BYTES 16 |
Size of AES cipher and plain text blocks in bytes. More... | |
#define | CRYPTO_KEY_INITIALIZER { NULL, crypto_key_type_none, false } |
static initializer | |
Functions | |
int | crypt_sym_encrypt (enum crypto_sym_alg alg_id, struct crypto_key *key, unsigned char *iv, size_t len, const unsigned char *in, unsigned char *out) |
En-/decrypt buffer content using the requested algorithm. More... | |
int | crypt_sym_decrypt (enum crypto_sym_alg alg_id, struct crypto_key *key, unsigned char *iv, size_t len, const unsigned char *in, unsigned char *out) |
En-/decrypt buffer content using the requested algorithm. More... | |
int | crypt_sym_sign (enum crypto_sign_alg alg_id, struct crypto_key *signkey, const unsigned char *data, size_t datalen, unsigned char *mac, size_t maclen) |
Sign the given data using HMAC and the given algorithm. More... | |
int | crypt_sym_verify (enum crypto_sign_alg alg_id, struct crypto_key *signkey, const unsigned char *data, size_t datalen, unsigned char *mac, size_t maclen) |
Verify the correctness of the given signature. More... | |
int | crypt_encrypt (enum crypto_asym_alg alg_id, enum crypto_pad_alg pad_id, struct crypto_key *pubkey, const unsigned char *ptext, size_t plen, unsigned char *ctext, size_t *clen) |
Encrypt buffer content using the requested algorithm. More... | |
int | crypt_decrypt (enum crypto_asym_alg alg_id, enum crypto_pad_alg pad_id, struct crypto_key *privkey, const unsigned char *ctext, size_t clen, unsigned char *ptext, size_t *plen) |
Decrypt buffer content using the requested algorithm. More... | |
int | crypt_sign (enum crypto_sign_alg alg_id, struct crypto_key *privkey, const unsigned char *data, size_t datalen, unsigned char *sig, size_t siglen) |
Create cryptographic signature (e.g. More... | |
int | crypt_verify (enum crypto_sign_alg alg_id, struct crypto_key *verkey, const unsigned char *data, size_t len, const unsigned char *sig, size_t siglen) |
Verify cryptographic signature (e.g. More... | |
int | crypt_hash (enum crypto_hash_alg alg_id, const unsigned char *data, size_t len, unsigned char *md) |
Generate a hash value (e.g. More... | |
int | crypt_psha (enum crypto_hash_alg alg_id, const unsigned char *secret, size_t secretlen, const unsigned char *seed, size_t seedlen, unsigned char *out, size_t outlen) |
Generate P-SHA hash value. More... | |
int | crypt_random (unsigned char *data, size_t len) |
Fill the given buffer with random bytes. More... | |
int | crypt_random_seed (const unsigned char *seed, size_t seedlen) |
Initializes the RNG with the provided seed data. More... | |
int | crypt_init (const unsigned char *seed, size_t seedlen) |
Initialize the crypto library. More... | |
void | crypt_clear (void) |
Clean up resources of the crypto library. | |
int | crypto_key_from_pem (const unsigned char *pem, size_t pemlen, const unsigned char *pwd, size_t pwdlen, enum crypto_key_type type, struct crypto_key *key) |
Decode RSA key from PEM format. More... | |
int | crypto_key_to_pem (struct crypto_key *key, unsigned char *pem, size_t *pemlen) |
Encode private key into PEM format. More... | |
int | crypto_key_create_rsa_key (struct crypto_key *key, size_t bits) |
Create a random RSA keypair. More... | |
int | crypto_key_get_rsa_public_key (struct crypto_key *key, struct crypto_key *pubkey) |
Get the public key from a keypair/private key. More... | |
int | crypto_key_check_rsa_pair (struct crypto_key *key, struct crypto_key *pubkey) |
Check if the public key and the private key match. More... | |
int | crypto_key_init (enum crypto_key_type type, const unsigned char *keydata, size_t keydatalen, struct crypto_key *key) |
Prepare key structure for use in symmetric encryption. More... | |
size_t | crypto_key_length (struct crypto_key *key) |
Get the key length. More... | |
void | crypto_key_clear (struct crypto_key *key) |
Release handle to key. More... | |
#define CRYPTO_AES_BLOCK_SIZE_BYTES 16 |
Size of AES cipher and plain text blocks in bytes.
#define crypto_alg_null 0 |
Null operation for all algorithms.
#define CRYPTO_SHA1_LEN 20 |
Destination buffer lengths for hash algorithms.
enum crypto_asym_alg |
enum crypto_hash_alg |
Enumeration of hash algorithms.
enum crypto_key_format |
enum crypto_key_type |
Describes the type of the contained key.
enum crypto_pad_alg |
enum crypto_sign_alg |
Enumeration of message signing algorithms (algorithm, hash and scheme combined).
enum crypto_sym_alg |
int crypt_decrypt | ( | enum crypto_asym_alg | alg_id, |
enum crypto_pad_alg | pad_id, | ||
struct crypto_key * | privkey, | ||
const unsigned char * | ctext, | ||
size_t | clen, | ||
unsigned char * | ptext, | ||
size_t * | plen | ||
) |
Decrypt buffer content using the requested algorithm.
alg_id | Identifier of the requested algorithm. |
pad_id | Identifier of the padding algorithm. |
privkey | The private key. |
ctext | The cipher text. Can contain more than one encrypted block. |
clen | Length of the cipher text. Must be a multiple of the key length. |
ptext | The plain text. |
plen | Length of the plain text buffer. Used length on return. |
int crypt_encrypt | ( | enum crypto_asym_alg | alg_id, |
enum crypto_pad_alg | pad_id, | ||
struct crypto_key * | pubkey, | ||
const unsigned char * | ptext, | ||
size_t | plen, | ||
unsigned char * | ctext, | ||
size_t * | clen | ||
) |
Encrypt buffer content using the requested algorithm.
The plain text can be of any size, independently of alg_id and pad_id. ctext can contain more than one block.
alg_id | Identifier of the encryption algorithm. |
pad_id | Identifier of the padding algorithm. |
pubkey | The public key. |
ctext | The plain text. |
plen | Length of the plain text. |
ptext | The cipher text. |
clen | Length of the cipher text buffer. Used space on return. |
int crypt_hash | ( | enum crypto_hash_alg | alg_id, |
const unsigned char * | data, | ||
size_t | len, | ||
unsigned char * | md | ||
) |
Generate a hash value (e.g.
SHA1).
alg_id | Identifier of the requested algorithm. |
data | Data to hash. |
len | Length in bytes of the data to hash. |
md | The resulting message digest. |
int crypt_init | ( | const unsigned char * | seed, |
size_t | seedlen | ||
) |
Initialize the crypto library.
Must be called before any other call to this API.
seed | Data for seeding the entropy generator. |
seedlen | Length of seed. |
int crypt_psha | ( | enum crypto_hash_alg | alg_id, |
const unsigned char * | secret, | ||
size_t | secretlen, | ||
const unsigned char * | seed, | ||
size_t | seedlen, | ||
unsigned char * | out, | ||
size_t | outlen | ||
) |
Generate P-SHA hash value.
alg_id | Identifier of the requested algorithm (only sha1 and sha256 mandatory). |
secret | Shared secret data. |
secretlen | Length in bytes of the shared secret. |
seed | Label and seed data. |
seedlen | Length in bytes of the label and seed. The max. supported size is 32 bytes. |
out | Buffer of size outlen for storing the created hashes. |
outlen | Length in bytes of the hash value to create. Must be a multiple of the digest length. |
int crypt_random | ( | unsigned char * | data, |
size_t | len | ||
) |
Fill the given buffer with random bytes.
data | Buffer to fill with random bytes. |
len | Size of the buffer in bytes. |
int crypt_random_seed | ( | const unsigned char * | seed, |
size_t | seedlen | ||
) |
Initializes the RNG with the provided seed data.
seed | Data for seeding the random number generator. |
seedlen | Length of seed in bytes. |
int crypt_sign | ( | enum crypto_sign_alg | alg_id, |
struct crypto_key * | privkey, | ||
const unsigned char * | data, | ||
size_t | datalen, | ||
unsigned char * | sig, | ||
size_t | siglen | ||
) |
Create cryptographic signature (e.g.
RSA SHA1).
alg_id | Identifier of the requested algorithm. |
privkey | The private signing key. |
data | Data to sign. |
datalen | Length in bytes of the data to sign. |
sig | The resulting signature. |
siglen | Length of the buffer to store the signature. |
int crypt_sym_decrypt | ( | enum crypto_sym_alg | alg_id, |
struct crypto_key * | key, | ||
unsigned char * | iv, | ||
size_t | len, | ||
const unsigned char * | in, | ||
unsigned char * | out | ||
) |
En-/decrypt buffer content using the requested algorithm.
alg_id | Identifier of the crypto algorithm. |
key | Encrytpion key. |
iv | Initialization vector of size 16 bytes. (updated after use) |
len | Length in bytes of the text to encrypt/decrypt (multiple of 16). |
in | Plain text of "len" bytes. |
out | Cipher text of "len" bytes. |
int crypt_sym_encrypt | ( | enum crypto_sym_alg | alg_id, |
struct crypto_key * | key, | ||
unsigned char * | iv, | ||
size_t | len, | ||
const unsigned char * | in, | ||
unsigned char * | out | ||
) |
En-/decrypt buffer content using the requested algorithm.
alg_id | Identifier of the crypto algorithm. |
key | Encrytpion key. |
iv | Initialization vector of size 16 bytes. (updated after use) |
len | Length in bytes of the text to encrypt/decrypt (multiple of 16). |
in | Plain text of "len" bytes. |
out | Cipher text of "len" bytes. |
int crypt_sym_sign | ( | enum crypto_sign_alg | alg_id, |
struct crypto_key * | signkey, | ||
const unsigned char * | data, | ||
size_t | datalen, | ||
unsigned char * | mac, | ||
size_t | maclen | ||
) |
Sign the given data using HMAC and the given algorithm.
alg_id | HMAC algorithm to use. |
signkey | Key for hashing. |
data | Data to sign. |
datalen | Length of the data to sign. |
mac | Destination buffer of size maclen. |
maclen | Size of the destination buffer. |
int crypt_sym_verify | ( | enum crypto_sign_alg | alg_id, |
struct crypto_key * | signkey, | ||
const unsigned char * | data, | ||
size_t | datalen, | ||
unsigned char * | mac, | ||
size_t | maclen | ||
) |
Verify the correctness of the given signature.
alg_id | HMAC algorithm to use. |
signkey | Key for hashing. |
data | Data to sign. |
datalen | Length of the data to sign. |
mac | Buffer containing the signature to verify. |
maclen | Length of the signature data to be verified. |
int crypt_verify | ( | enum crypto_sign_alg | alg_id, |
struct crypto_key * | verkey, | ||
const unsigned char * | data, | ||
size_t | len, | ||
const unsigned char * | sig, | ||
size_t | siglen | ||
) |
Verify cryptographic signature (e.g.
RSA SHA1).
alg_id | Identifier of the requested algorithm. |
verkey | Key containing the public key component. |
data | Signed data. |
len | Length in bytes of the signed data. |
sig | The message digest. |
siglen | Length of the buffer with the message digest. |
int crypto_key_check_rsa_pair | ( | struct crypto_key * | key, |
struct crypto_key * | pubkey | ||
) |
Check if the public key and the private key match.
Useful to check if a certificate and a private key match. This function is optional and may return UA_EBADNOTSUPPORTED.
key | Pointer to the private key. |
pubkey | Pointer to the public key. |
void crypto_key_clear | ( | struct crypto_key * | key | ) |
Release handle to key.
key | Key handle to release. |
int crypto_key_create_rsa_key | ( | struct crypto_key * | key, |
size_t | bits | ||
) |
Create a random RSA keypair.
key | Pointer to the key structure to be set. |
bits | Required length of the key in bits. |
int crypto_key_from_pem | ( | const unsigned char * | pem, |
size_t | pemlen, | ||
const unsigned char * | pwd, | ||
size_t | pwdlen, | ||
enum crypto_key_type | type, | ||
struct crypto_key * | key | ||
) |
Decode RSA key from PEM format.
pem | Buffer containing a PEM encoded key. |
pemlen | Length of the data in the buffer. |
pwd | Buffer containing a optional password. |
pwdlen | Length of the password. |
type | Type of the decoded key. |
key | Handle to the decoded key. |
int crypto_key_get_rsa_public_key | ( | struct crypto_key * | key, |
struct crypto_key * | pubkey | ||
) |
Get the public key from a keypair/private key.
This function is optional and may return UA_EBADNOTSUPPORTED.
key | Pointer to the key structure containing the keypair/private key. |
pubkey | Pointer to the key structure to be initialized with the public key. |
int crypto_key_init | ( | enum crypto_key_type | type, |
const unsigned char * | keydata, | ||
size_t | keydatalen, | ||
struct crypto_key * | key | ||
) |
Prepare key structure for use in symmetric encryption.
type | The type of key. |
keydata | Buffer containing the key data. |
keydatalen | Length of the data in the key buffer. |
key | Pointer to the key structure to be initialized. |
size_t crypto_key_length | ( | struct crypto_key * | key | ) |
Get the key length.
key | Handle of the key. |
int crypto_key_to_pem | ( | struct crypto_key * | key, |
unsigned char * | pem, | ||
size_t * | pemlen | ||
) |
Encode private key into PEM format.
The result is a zero terminated string.
key | Handle to the key to be encoded. |
pem | Buffer to store the encoded key. |
pemlen | Length of the destination buffer and used buffer on return. |