Provides simple APIs for cryptographic operations.

Required Header

#include <yaca/yaca_simple.h>

Overview

It provides simple APIs for encryption/decryption, signing/verification, and message digestion.

Examples

Simple Encrypt API example

#include <stdio.h>

#include <yaca_crypto.h>
#include <yaca_simple.h>
#include <yaca_encrypt.h>
#include <yaca_key.h>
#include <yaca_error.h>

/* include helpers functions and definitions */
#include "misc.h"

int main()
{
    int ret;
    yaca_key_h key = YACA_KEY_NULL;
    yaca_key_h iv = YACA_KEY_NULL;
    size_t iv_bit_len;

    char *encrypted = NULL;
    char *decrypted = NULL;
    size_t encrypted_len;
    size_t decrypted_len;

    ret = yaca_initialize();
    if (ret != YACA_ERROR_NONE)
        goto exit;

    printf("Plain data (16 of %zu bytes): %.16s\n", INPUT_DATA_SIZE, INPUT_DATA);

    /* Key generation */
    ret = yaca_key_derive_pbkdf2("foo bar", "123456789", 10, 1000,
                                 YACA_DIGEST_SHA256, YACA_KEY_LENGTH_256BIT, &key);
    if (ret != YACA_ERROR_NONE)
        goto exit;

    /* IV generation */
    ret = yaca_encrypt_get_iv_bit_length(YACA_ENCRYPT_AES, YACA_BCM_CTR, YACA_KEY_LENGTH_256BIT,
                                         &iv_bit_len);
    if (ret != YACA_ERROR_NONE)
        goto exit;

    if (iv_bit_len > 0) {
        ret = yaca_key_generate(YACA_KEY_TYPE_IV, iv_bit_len, &iv);
        if (ret != YACA_ERROR_NONE)
            goto exit;
    }

    /* Encryption */
    {
        ret = yaca_simple_encrypt(YACA_ENCRYPT_AES, YACA_BCM_CTR, key, iv,
                                  INPUT_DATA, INPUT_DATA_SIZE, &encrypted, &encrypted_len);
        if (ret != YACA_ERROR_NONE)
            goto exit;

        /* display encrypted data in hexadecimal format */
        dump_hex(encrypted, 16, "Encrypted data (16 of %zu bytes): ", encrypted_len);
    }

    /* Decryption */
    {
        ret = yaca_simple_decrypt(YACA_ENCRYPT_AES, YACA_BCM_CTR, key, iv,
                                  encrypted, encrypted_len, &decrypted, &decrypted_len);
        if (ret != YACA_ERROR_NONE)
            goto exit;

        printf("Decrypted data (16 of %zu bytes): %.16s\n\n", decrypted_len, decrypted);
    }

exit:
    yaca_free(encrypted);
    yaca_free(decrypted);
    yaca_key_destroy(iv);
    yaca_key_destroy(key);

    yaca_cleanup();
    return ret;
}

Simple Message Digest API example

#include <stdio.h>

#include <yaca_crypto.h>
#include <yaca_simple.h>
#include <yaca_error.h>

/* include helpers functions and definitions */
#include "misc.h"

int main()
{
    int ret;
    char *digest = NULL;
    size_t digest_len;

    ret = yaca_initialize();
    if (ret != YACA_ERROR_NONE)
        goto exit;

    printf("Plain data (16 of %zu bytes): %.16s\n", INPUT_DATA_SIZE, INPUT_DATA);

    /* Calculate digest */
    ret = yaca_simple_calculate_digest(YACA_DIGEST_SHA256, INPUT_DATA, INPUT_DATA_SIZE,
                                       &digest, &digest_len);
    if (ret != YACA_ERROR_NONE)
        goto exit;

    /* display digest in hexadecimal format */
    dump_hex(digest, digest_len, "Message digest: ");

exit:
    yaca_free(digest);

    yaca_cleanup();
    return ret;
}

Simple Signature API example

#include <stdio.h>

#include <yaca_crypto.h>
#include <yaca_key.h>
#include <yaca_error.h>
#include <yaca_simple.h>

/* include helpers functions and definitions */
#include "misc.h"

int main()
{
    int ret;
    yaca_key_h priv_key = YACA_KEY_NULL;
    yaca_key_h pub_key = YACA_KEY_NULL;

    char *signature = NULL;
    size_t signature_len;

    ret = yaca_initialize();
    if (ret != YACA_ERROR_NONE)
        goto exit;

    /* Generate key pair */
    ret = yaca_key_generate(YACA_KEY_TYPE_DSA_PRIV, YACA_KEY_LENGTH_2048BIT, &priv_key);
    if (ret != YACA_ERROR_NONE)
        goto exit;

    ret = yaca_key_extract_public(priv_key, &pub_key);
    if (ret != YACA_ERROR_NONE)
        goto exit;

    /* Sign */
    {
        ret = yaca_simple_calculate_signature(YACA_DIGEST_SHA384, priv_key,
                                              INPUT_DATA, INPUT_DATA_SIZE,
                                              &signature, &signature_len);
        if (ret != YACA_ERROR_NONE)
            goto exit;

        /* display signature in hexadecimal format */
        dump_hex(signature, signature_len, "Signature of INPUT_DATA:");
    }

    /* Verify */
    {
        ret = yaca_simple_verify_signature(YACA_DIGEST_SHA384, pub_key,
                                           INPUT_DATA, INPUT_DATA_SIZE,
                                           signature, signature_len);
        if (ret != YACA_ERROR_NONE) {
            printf("Verification failed\n");
            goto exit;
        } else {
            printf("Verification successful\n");
        }
    }

exit:
    yaca_free(signature);
    yaca_key_destroy(priv_key);
    yaca_key_destroy(pub_key);

    yaca_cleanup();
    return ret;
}

Simple CMAC Signature API example

#include <stdio.h>

#include <yaca_crypto.h>
#include <yaca_key.h>
#include <yaca_error.h>
#include <yaca_simple.h>

/* include helpers functions and definitions */
#include "misc.h"

int main()
{
    int ret;
    yaca_key_h sym_key = YACA_KEY_NULL;

    char *signature1 = NULL;
    char *signature2 = NULL;
    size_t signature_len;

    ret = yaca_initialize();
    if (ret != YACA_ERROR_NONE)
        goto exit;

    /* Key generation */
    ret = yaca_key_generate(YACA_KEY_TYPE_SYMMETRIC, YACA_KEY_LENGTH_256BIT, &sym_key);
    if (ret != YACA_ERROR_NONE)
        goto exit;

    /* Sign */
    {
        ret = yaca_simple_calculate_cmac(YACA_ENCRYPT_AES, sym_key,
                                         INPUT_DATA, INPUT_DATA_SIZE,
                                         &signature1, &signature_len);
        if (ret != YACA_ERROR_NONE)
            goto exit;

        /* display signature in hexadecimal format */
        dump_hex(signature1, signature_len, "CMAC Signature of INPUT_DATA:");
    }

    /* Verify */
    {
        ret = yaca_simple_calculate_cmac(YACA_ENCRYPT_AES, sym_key,
                                         INPUT_DATA, INPUT_DATA_SIZE,
                                         &signature2, &signature_len);
        if (ret != YACA_ERROR_NONE)
            goto exit;

        ret = yaca_memcmp(signature1, signature2, signature_len);
        if (ret != YACA_ERROR_NONE) {
            printf("Verification failed\n");
            goto exit;
        } else {
            printf("Verification successful\n");
        }
    }

exit:
    yaca_free(signature1);
    yaca_free(signature2);
    yaca_key_destroy(sym_key);

    yaca_cleanup();
    return ret;
}

Functions
int	yaca_simple_encrypt (yaca_encrypt_algorithm_e algo, yaca_block_cipher_mode_e bcm, const yaca_key_h sym_key, const yaca_key_h iv, const char plaintext, size_t plaintext_len, char ciphertext, size_t ciphertext_len)
	Encrypts data using a symmetric cipher.
int	yaca_simple_decrypt (yaca_encrypt_algorithm_e algo, yaca_block_cipher_mode_e bcm, const yaca_key_h sym_key, const yaca_key_h iv, const char ciphertext, size_t ciphertext_len, char plaintext, size_t plaintext_len)
	Decrypts data using a symmetric cipher.
int	yaca_simple_calculate_digest (yaca_digest_algorithm_e algo, const char message, size_t message_len, char digest, size_t digest_len)
	Calculates a digest of a message.
int	yaca_simple_calculate_signature (yaca_digest_algorithm_e algo, const yaca_key_h prv_key, const char message, size_t message_len, char signature, size_t signature_len)
	Creates a signature using asymmetric private key.
int	yaca_simple_verify_signature (yaca_digest_algorithm_e algo, const yaca_key_h pub_key, const char message, size_t message_len, const char signature, size_t signature_len)
	Verifies a signature using asymmetric public key.
int	yaca_simple_calculate_hmac (yaca_digest_algorithm_e algo, const yaca_key_h sym_key, const char message, size_t message_len, char mac, size_t mac_len)
	Calculates a HMAC of given message using symmetric key.
int	yaca_simple_calculate_cmac (yaca_encrypt_algorithm_e algo, const yaca_key_h sym_key, const char message, size_t message_len, char mac, size_t mac_len)
	Calculates a CMAC of given message using symmetric key.

Function Documentation

int yaca_simple_calculate_cmac	(	yaca_encrypt_algorithm_e	algo,
		const yaca_key_h	sym_key,
		const char *	message,
		size_t	message_len,
		char **	mac,
		size_t *	mac_len
	)

Calculates a CMAC of given message using symmetric key.

Since :: 3.0

Remarks:: For verification, calculate message CMAC and compare with received MAC using yaca_memcmp().; The mac should be freed using yaca_free().; The message can be NULL but then message_len must be 0.

Parameters:

[in]	algo	Encryption algorithm that will be used
[in]	sym_key	Key that will be used, supported key types: YACA_KEY_TYPE_SYMMETRIC, YACA_KEY_TYPE_DES
[in]	message	Message to calculate CMAC from
[in]	message_len	Length of the message
[out]	mac	MAC, will be allocated by the library
[out]	mac_len	Length of the MAC

Returns:: YACA_ERROR_NONE on success, negative on error

Return values:

YACA_ERROR_NONE	Successful
YACA_ERROR_INVALID_PARAMETER	Required parameters have incorrect values (NULL, 0 invalid algo or sym_key)
YACA_ERROR_OUT_OF_MEMORY	Out of memory error
YACA_ERROR_INTERNAL	Internal error

See also:: yaca_key_type_e; yaca_encrypt_algorithm_e; yaca_memcmp(); yaca_free()

int yaca_simple_calculate_digest	(	yaca_digest_algorithm_e	algo,
		const char *	message,
		size_t	message_len,
		char **	digest,
		size_t *	digest_len
	)

Calculates a digest of a message.

Since :: 3.0

Remarks:: The digest should be freed using yaca_free().; The message can be NULL but then message_len must be 0.

Parameters:

[in]	algo	Digest algorithm (select YACA_DIGEST_SHA256 if unsure)
[in]	message	Message from which the digest is to be calculated
[in]	message_len	Length of the message
[out]	digest	Message digest, will be allocated by the library
[out]	digest_len	Length of message digest (depends on algorithm)

Returns:: YACA_ERROR_NONE on success, negative on error

Return values:

YACA_ERROR_NONE	Successful
YACA_ERROR_INVALID_PARAMETER	Required parameters have incorrect values (NULL, invalid algo)
YACA_ERROR_OUT_OF_MEMORY	Out of memory error
YACA_ERROR_INTERNAL	Internal error

See also:: yaca_digest_algorithm_e; yaca_free()

int yaca_simple_calculate_hmac	(	yaca_digest_algorithm_e	algo,
		const yaca_key_h	sym_key,
		const char *	message,
		size_t	message_len,
		char **	mac,
		size_t *	mac_len
	)

Calculates a HMAC of given message using symmetric key.

Since :: 3.0

Remarks:: For verification, calculate message HMAC and compare with received MAC using yaca_memcmp().; The mac should be freed using yaca_free().; The message can be NULL but then message_len must be 0.

Parameters:

[in]	algo	Digest algorithm that will be used
[in]	sym_key	Key that will be used, supported key types: YACA_KEY_TYPE_SYMMETRIC, YACA_KEY_TYPE_DES
[in]	message	Message to calculate HMAC from
[in]	message_len	Length of the message
[out]	mac	MAC, will be allocated by the library
[out]	mac_len	Length of the MAC

Returns:: YACA_ERROR_NONE on success, negative on error

Return values:

YACA_ERROR_NONE	Successful
YACA_ERROR_INVALID_PARAMETER	Required parameters have incorrect values (NULL, 0 invalid algo or sym_key)
YACA_ERROR_OUT_OF_MEMORY	Out of memory error
YACA_ERROR_INTERNAL	Internal error

See also:: yaca_key_type_e; yaca_digest_algorithm_e; yaca_memcmp(); yaca_free()

int yaca_simple_calculate_signature	(	yaca_digest_algorithm_e	algo,
		const yaca_key_h	prv_key,
		const char *	message,
		size_t	message_len,
		char **	signature,
		size_t *	signature_len
	)

Creates a signature using asymmetric private key.

Since :: 3.0

Remarks:: For YACA_DIGEST_SHA384 and YACA_DIGEST_SHA512 the RSA key size must be bigger than YACA_KEY_LENGTH_512BIT.; Using of YACA_DIGEST_MD5 algorithm for DSA and ECDSA operations is prohibited.; The signature should be freed using yaca_free().; The message can be NULL but then message_len must be 0.

Parameters:

[in]	algo	Digest algorithm that will be used
[in]	prv_key	Private key that will be used, algorithm is deduced based on key type, supported key types: YACA_KEY_TYPE_RSA_PRIV, YACA_KEY_TYPE_DSA_PRIV, YACA_KEY_TYPE_EC_PRIV
[in]	message	Message to be signed
[in]	message_len	Length of the message
[out]	signature	Message signature, will be allocated by the library
[out]	signature_len	Length of the signature

Returns:: YACA_ERROR_NONE on success, negative on error

Return values:

YACA_ERROR_NONE	Successful
YACA_ERROR_INVALID_PARAMETER	Required parameters have incorrect values (NULL, 0 invalid algo or prv_key)
YACA_ERROR_OUT_OF_MEMORY	Out of memory error
YACA_ERROR_INTERNAL	Internal error

See also:: yaca_key_type_e; yaca_digest_algorithm_e; yaca_simple_verify_signature(); yaca_free()

int yaca_simple_decrypt	(	yaca_encrypt_algorithm_e	algo,
		yaca_block_cipher_mode_e	bcm,
		const yaca_key_h	sym_key,
		const yaca_key_h	iv,
		const char *	ciphertext,
		size_t	ciphertext_len,
		char **	plaintext,
		size_t *	plaintext_len
	)

Decrypts data using a symmetric cipher.

Since :: 3.0

Remarks:: yaca_simple_decrypt() doesn't support YACA_BCM_GCM and YACA_BCM_CCM.; The plaintext should be freed using yaca_free().; The ciphertext can be NULL but then ciphertext_len must be 0.

Parameters:

[in]	algo	Decryption algorithm that was used to encrypt the data
[in]	bcm	Chaining mode that was used to encrypt the data
[in]	sym_key	Symmetric encryption key that was used to encrypt the data
[in]	iv	Initialization Vector that was used to encrypt the data
[in]	ciphertext	Ciphertext to be decrypted
[in]	ciphertext_len	Length of ciphertext
[out]	plaintext	Decrypted data, will be allocated by the library
[out]	plaintext_len	Length of the decrypted data

Returns:: YACA_ERROR_NONE on success, negative on error

Return values:

YACA_ERROR_NONE	Successful
YACA_ERROR_INVALID_PARAMETER	Required parameters have incorrect values (NULL, 0 invalid algo, bcm, sym_key or iv)
YACA_ERROR_OUT_OF_MEMORY	Out of memory error
YACA_ERROR_INTERNAL	Internal error

See also:: yaca_encrypt_algorithm_e; yaca_block_cipher_mode_e; yaca_simple_encrypt(); yaca_free()

int yaca_simple_encrypt	(	yaca_encrypt_algorithm_e	algo,
		yaca_block_cipher_mode_e	bcm,
		const yaca_key_h	sym_key,
		const yaca_key_h	iv,
		const char *	plaintext,
		size_t	plaintext_len,
		char **	ciphertext,
		size_t *	ciphertext_len
	)

Encrypts data using a symmetric cipher.

Since :: 3.0

Remarks:: yaca_simple_encrypt() doesn't support YACA_BCM_GCM and YACA_BCM_CCM.; The ciphertext should be freed using yaca_free().; The plaintext can be NULL but then plaintext_len must be 0.

Parameters:

[in]	algo	Encryption algorithm (select YACA_ENCRYPT_AES if unsure)
[in]	bcm	Chaining mode (select YACA_BCM_CBC if unsure)
[in]	sym_key	Symmetric encryption key (see yaca_key.h for key generation functions)
[in]	iv	Initialization Vector
[in]	plaintext	Plaintext to be encrypted
[in]	plaintext_len	Length of the plaintext
[out]	ciphertext	Encrypted data, will be allocated by the library
[out]	ciphertext_len	Length of the encrypted data (may be larger than decrypted)

Returns:: YACA_ERROR_NONE on success, negative on error

Return values:

YACA_ERROR_NONE	Successful
YACA_ERROR_INVALID_PARAMETER	Required parameters have incorrect values (NULL, 0 invalid algo, bcm, sym_key or iv)
YACA_ERROR_OUT_OF_MEMORY	Out of memory error
YACA_ERROR_INTERNAL	Internal error

See also:: yaca_encrypt_algorithm_e; yaca_block_cipher_mode_e; yaca_simple_decrypt(); yaca_free()

int yaca_simple_verify_signature	(	yaca_digest_algorithm_e	algo,
		const yaca_key_h	pub_key,
		const char *	message,
		size_t	message_len,
		const char *	signature,
		size_t	signature_len
	)

Verifies a signature using asymmetric public key.

Since :: 3.0

Remarks:: The message can be NULL but then message_len must be 0.

Parameters:

[in]	algo	Digest algorithm that will be used
[in]	pub_key	Public key that will be used, algorithm is deduced based on key type, supported key types: YACA_KEY_TYPE_RSA_PUB, YACA_KEY_TYPE_DSA_PUB, YACA_KEY_TYPE_EC_PUB
[in]	message	Message
[in]	message_len	Length of the message
[in]	signature	Message signature to be verified
[in]	signature_len	Length of the signature

Returns:: YACA_ERROR_NONE on success, negative on error

Return values:

YACA_ERROR_NONE	Successful
YACA_ERROR_INVALID_PARAMETER	Required parameters have incorrect values (NULL, 0 invalid algo or pub_key)
YACA_ERROR_OUT_OF_MEMORY	Out of memory error
YACA_ERROR_INTERNAL	Internal error
YACA_ERROR_DATA_MISMATCH	The verification failed

See also:: yaca_key_type_e; yaca_digest_algorithm_e; yaca_simple_calculate_signature()

Required Header

Overview

Examples

Functions

Function Documentation