diff options
Diffstat (limited to 'src/wsgcrypt.h')
| -rw-r--r-- | src/wsgcrypt.h | 78 |
1 files changed, 78 insertions, 0 deletions
diff --git a/src/wsgcrypt.h b/src/wsgcrypt.h new file mode 100644 index 0000000..1dc7416 --- /dev/null +++ b/src/wsgcrypt.h @@ -0,0 +1,78 @@ +/** + * wsgcrypt.h + * + * Created on 2020-11-26 + * @author: qyc + * + * @explain: + */ +#ifndef WSGCRYPT_H +#define WSGCRYPT_H + +#ifdef __cplusplus +extern "C" { +#endif + +#include "gcrypt.h" +#include "glib.h" + +/* + * Define HAVE_LIBGCRYPT_AEAD here, because it's used in several source + * files. + */ +#if GCRYPT_VERSION_NUMBER >= 0x010600 /* 1.6.0 */ +/* Whether to provide support for authentication in addition to decryption. */ +#define HAVE_LIBGCRYPT_AEAD +#endif + +/* + * Define some other "do we have?" items as well. + */ +#if GCRYPT_VERSION_NUMBER >= 0x010700 /* 1.7.0 */ +/* Whether ChaCh20 PNE can be supported. */ +#define HAVE_LIBGCRYPT_CHACHA20 +/* Whether AEAD_CHACHA20_POLY1305 can be supported. */ +#define HAVE_LIBGCRYPT_CHACHA20_POLY1305 +#endif + +#define HASH_SHA2_256_LENGTH 32 + +/* Convenience function to calculate the HMAC from the data in BUFFER + of size LENGTH with key KEY of size KEYLEN using the algorithm ALGO avoiding the creating of a + hash object. The hash is returned in the caller provided buffer + DIGEST which must be large enough to hold the digest of the given + algorithm. */ +gcry_error_t ws_hmac_buffer(int algo, void *digest, const void *buffer, size_t length, const void *key, size_t keylen); + +/** + * RFC 5869 HMAC-based Extract-and-Expand Key Derivation Function (HKDF): + * HKDF-Expand(PRK, info, L) -> OKM + * + * @param hashalgo [in] Libgcrypt hash algorithm identifier. + * @param prk [in] Pseudo-random key. + * @param prk_len [in] Length of prk. + * @param info [in] Optional context (can be NULL if info_len is zero). + * @param info_len [in] Length of info. + * @param out [out] Output keying material. + * @param out_len [in] Size of output keying material. + * @return 0 on success and an error code otherwise. + */ +gcry_error_t hkdf_expand(int hashalgo, const guint8 *prk, guint prk_len, const guint8 *info, guint info_len, guint8 *out, guint out_len); + +/* + * Calculate HKDF-Extract(salt, IKM) -> PRK according to RFC 5869. + * Caller MUST ensure that 'prk' is large enough to store the digest from hash + * algorithm 'hashalgo' (e.g. 32 bytes for SHA-256). + */ +static inline gcry_error_t hkdf_extract(int hashalgo, const guint8 *salt, size_t salt_len, const guint8 *ikm, size_t ikm_len, guint8 *prk) +{ + /* PRK = HMAC-Hash(salt, IKM) where salt is key, and IKM is input. */ + return ws_hmac_buffer(hashalgo, prk, ikm, ikm_len, salt, salt_len); +} + + +#ifdef __cplusplus +} +#endif + +#endif //WSGCRYPT_H |