Go to the documentation of this file.
26 #ifndef SOPC_CRYPTO_PROVIDER_H_
27 #define SOPC_CRYPTO_PROVIDER_H_
184 uint32_t* pLengthOut);
203 uint32_t* pLengthOut);
258 uint32_t* pCipherTextBlockSize,
259 uint32_t* pPlainTextBlockSize);
274 uint32_t* pLenNonce);
293 uint32_t* pSymmCryptoKeyLength,
294 uint32_t* pSymmSignKeyLength,
295 uint32_t* pSymmInitVectorLength);
317 uint32_t* pLenKeyBits);
337 uint32_t* pLenKeyBytes);
379 uint32_t* pCipherTextBlockSize,
380 uint32_t* pPlainTextBlockSize);
440 uint32_t* pLengthOut);
462 uint32_t* pLengthOut);
577 const uint8_t* pInput,
578 uint32_t lenPlainText,
614 const uint8_t* pInput,
615 uint32_t lenCipherText,
654 const uint8_t* pInput,
660 uint32_t uSequenceNumber,
691 const uint8_t* pInput,
725 const uint8_t* pInput,
728 const uint8_t* pSignature,
840 uint32_t lenClientNonce,
842 uint32_t lenServerNonce,
871 uint32_t lenServerNonce,
899 uint32_t lenClientNonce,
940 const uint8_t* pInput,
945 const char** errorReason);
980 const uint8_t* pInput,
985 uint32_t* pLenWritten,
986 const char** errorReason);
1025 const uint8_t* pInput,
1028 uint8_t* pSignature,
1029 uint32_t lenSignature,
1030 const char** errorReason);
1065 const uint8_t* pInput,
1068 const uint8_t* pSignature,
1069 uint32_t lenSignature,
1070 const char** errorReason);
SOPC_ReturnStatus SOPC_CryptoProvider_PubSubGetLength_MessageRandom(const SOPC_CryptoProvider *pProvider, uint32_t *pLength)
Writes the length in bytes in pLength of the random bytes used for PubSub encryption/decryption.
const SOPC_CryptoProfile * SOPC_CryptoProvider_GetProfileServices(const SOPC_CryptoProvider *pProvider)
Returns the non NULL client-server crypto profile but returns NULL if the PubSub profile is non NULL.
SOPC_ReturnStatus SOPC_CryptoProvider_DeriveGetLengths(const SOPC_CryptoProvider *pProvider, uint32_t *pSymmCryptoKeyLength, uint32_t *pSymmSignKeyLength, uint32_t *pSymmInitVectorLength)
Provides the lengths in bytes of the secrets derived from the nonce exchange.
Defines the common interface that a PKI should provide. This is a minimal interface,...
SOPC_ReturnStatus SOPC_CryptoProvider_AsymmetricGetLength_MsgCipherText(const SOPC_CryptoProvider *pProvider, const SOPC_AsymmetricKey *pKey, uint32_t *pLenMsg)
Provides the length in bytes of a ciphered message to be decrypted with a single asymmetric decryptio...
SOPC_CryptolibContext * pCryptolibContext
Definition: sopc_crypto_provider.h:66
SOPC_ReturnStatus SOPC_CryptoProvider_DeriveKeySets(const SOPC_CryptoProvider *pProvider, const SOPC_ExposedBuffer *pClientNonce, uint32_t lenClientNonce, const SOPC_ExposedBuffer *pServerNonce, uint32_t lenServerNonce, SOPC_SC_SecurityKeySet *pClientKeySet, SOPC_SC_SecurityKeySet *pServerKeySet)
Derive pseudo-random key sets from the randomly generated and shared secrets.
const SOPC_CryptoProfile_PubSub * SOPC_CryptoProvider_GetProfilePubSub(const SOPC_CryptoProvider *pProvider)
Returns the non NULL PubSub crypto profile but returns NULL if the client-server profile is non NULL.
The signed public key representation, or a chained list of such keys.
Definition: key_manager_lib.h:66
SOPC_ReturnStatus SOPC_CryptoProvider_AsymmetricEncrypt(const SOPC_CryptoProvider *pProvider, const uint8_t *pInput, uint32_t lenInput, const SOPC_AsymmetricKey *pKey, uint8_t *pOutput, uint32_t lenOutput, const char **errorReason)
Encrypts a payload pInput of lenInput bytes.
The PKIProvider object defines the common interface for the Public Key Infrastructure.
Definition: sopc_pki.h:71
const SOPC_CryptoProfile_PubSub *const pProfilePubSub
Definition: sopc_crypto_provider.h:61
The SOPC_KeyManager provides an API for Asymmetric Key Management such as loading signed public keys ...
SOPC_CryptoProvider * SOPC_CryptoProvider_Create(const char *uri)
Creates an initialized SOPC_CryptoProvider context for a client-server connection from a string conta...
SOPC_ReturnStatus SOPC_CryptoProvider_DerivePseudoRandomData(const SOPC_CryptoProvider *pProvider, const SOPC_ExposedBuffer *pSecret, uint32_t lenSecret, const SOPC_ExposedBuffer *pSeed, uint32_t lenSeed, SOPC_ExposedBuffer *pOutput, uint32_t lenOutput)
Derives pseudo-random data from the randomly generated and shared secrets.
SOPC_ReturnStatus SOPC_CryptoProvider_GenerateRandomID(const SOPC_CryptoProvider *pProvider, uint32_t *pID)
Generates 4 bytes of truly random data.
SOPC_ReturnStatus SOPC_CryptoProvider_AsymmetricGetLength_MsgPlainText(const SOPC_CryptoProvider *pProvider, const SOPC_AsymmetricKey *pKey, uint32_t *pLenMsg)
Provides the maximum length in bytes of a message to be encrypted with a single asymmetric encryption...
SOPC_ReturnStatus SOPC_CryptoProvider_SymmetricGetLength_Signature(const SOPC_CryptoProvider *pProvider, uint32_t *pLength)
Provides the length in bytes of the symmetric signature message.
SOPC_ReturnStatus SOPC_CryptoProvider_AsymmetricDecrypt(const SOPC_CryptoProvider *pProvider, const uint8_t *pInput, uint32_t lenInput, const SOPC_AsymmetricKey *pKey, uint8_t *pOutput, uint32_t lenOutput, uint32_t *pLenWritten, const char **errorReason)
Decrypts a payload pInput of lenInput bytes.
SOPC_ReturnStatus SOPC_CryptoProvider_AsymmetricGetLength_KeyBits(const SOPC_CryptoProvider *pProvider, const SOPC_AsymmetricKey *pKey, uint32_t *pLenKeyBits)
Writes the length in bits in pLenKeyBits of the asymmetric key pKey.
Defines the common declarations for the cryptographic objects.
SOPC_ReturnStatus SOPC_CryptoProvider_GenerateRandomBytes(const SOPC_CryptoProvider *pProvider, uint32_t nBytes, SOPC_ExposedBuffer **ppBuffer)
Generates truly random data of arbitrary length.
SOPC_ReturnStatus SOPC_CryptoProvider_Deinit(SOPC_CryptoProvider *pCryptoProvider)
Deinitializes a SOPC_CryptoProvider context (this process is specific to the chosen cryptographic lib...
Definition: crypto_provider_lib.h:35
The SOPC_CryptoProvider context.
Definition: sopc_crypto_provider.h:47
SOPC_ReturnStatus SOPC_CryptoProvider_AsymmetricGetLength_Encryption(const SOPC_CryptoProvider *pProvider, const SOPC_AsymmetricKey *pKey, uint32_t lengthIn, uint32_t *pLengthOut)
Calculates the size of the required output buffer to cipher lengthIn bytes through asymmetric encrypt...
SOPC_ReturnStatus SOPC_CryptoProvider_SymmetricVerify(const SOPC_CryptoProvider *pProvider, const uint8_t *pInput, uint32_t lenInput, SOPC_SecretBuffer *pKey, const uint8_t *pSignature, uint32_t lenOutput)
Verifies the signature pSignature of the payload pInput of lenInput bytes.
SOPC_ReturnStatus SOPC_CryptoProvider_SymmetricDecrypt(const SOPC_CryptoProvider *pProvider, const uint8_t *pInput, uint32_t lenCipherText, SOPC_SecretBuffer *pKey, SOPC_SecretBuffer *pIV, uint8_t *pOutput, uint32_t lenOutput)
Decrypts a payload pInput of lenPlainText bytes into a padded deciphered payload pOutput.
SOPC_ReturnStatus SOPC_CryptoProvider_AsymmetricGetLength_KeyBytes(const SOPC_CryptoProvider *pProvider, const SOPC_AsymmetricKey *pKey, uint32_t *pLenKeyBytes)
Writes the length in bytes in pLenKeyBytes of the asymmetric key pKey.
SOPC_ReturnStatus SOPC_CryptoProvider_GenerateSecureChannelNonce(const SOPC_CryptoProvider *pProvider, SOPC_SecretBuffer **ppNonce)
Generates a single truly random nonce for the SecureChannel creation.
SOPC_ReturnStatus SOPC_CryptoProvider_AsymmetricGetLength_OAEPHashLength(const SOPC_CryptoProvider *pProvider, uint32_t *length)
Provides the length of the hash used for OAEP encryption/decryption.
SOPC_ReturnStatus SOPC_CryptoProvider_AsymmetricGetLength_PSSHashLength(const SOPC_CryptoProvider *pProvider, uint32_t *length)
Provides the length of the hash used for PSS signature/verification.
SOPC_ReturnStatus SOPC_CryptoProvider_DeriveKeySetsServer(const SOPC_CryptoProvider *pProvider, const SOPC_ExposedBuffer *pClientNonce, uint32_t lenClientNonce, SOPC_SecretBuffer *pServerNonce, SOPC_SC_SecurityKeySet *pClientKeySet, SOPC_SC_SecurityKeySet *pServerKeySet)
Derive pseudo-random key sets from the randomly generated and shared secrets.
SOPC_ReturnStatus SOPC_CryptoProvider_SymmetricSign(const SOPC_CryptoProvider *pProvider, const uint8_t *pInput, uint32_t lenInput, SOPC_SecretBuffer *pKey, uint8_t *pOutput, uint32_t lenOutput)
Signs a payload pInput of lenInput bytes, writes the signature in pOutput of lenOutput bytes.
SOPC_ReturnStatus SOPC_CryptoProvider_Init(SOPC_CryptoProvider *pCryptoProvider)
Initializes a SOPC_CryptoProvider context. Called by SOPC_CryptoProvider_Create() upon context creati...
SOPC_ReturnStatus SOPC_CryptoProvider_SymmetricEncrypt(const SOPC_CryptoProvider *pProvider, const uint8_t *pInput, uint32_t lenPlainText, SOPC_SecretBuffer *pKey, SOPC_SecretBuffer *pIV, uint8_t *pOutput, uint32_t lenOutput)
Encrypts a padded payload pInput of lenPlainText bytes.
SOPC_ReturnStatus SOPC_CryptoProvider_SymmetricGetLength_SecureChannelNonce(const SOPC_CryptoProvider *pProvider, uint32_t *pLenNonce)
Provides the length in bytes of the SecureChannel nonces used in the symmetric encryption process.
SOPC_ReturnStatus SOPC_CryptoProvider_PubSubCrypt(const SOPC_CryptoProvider *pProvider, const uint8_t *pInput, uint32_t lenInput, SOPC_SecretBuffer *pKey, SOPC_SecretBuffer *pKeyNonce, const SOPC_ExposedBuffer *pRandom, uint32_t lenRandom, uint32_t uSequenceNumber, uint8_t *pOutput, uint32_t lenOutput)
Encrypts or Decrypts a payload pInput of lenInput bytes.
SOPC_ReturnStatus SOPC_CryptoProvider_SymmetricGetLength_CryptoKey(const SOPC_CryptoProvider *pProvider, uint32_t *pLength)
Writes the length in bytes in pLength of the key used for symmetric encryption/decryption.
void SOPC_CryptoProvider_Free(SOPC_CryptoProvider *pCryptoProvider)
Frees a SOPC_CryptoProvider created with SOPC_CryptoProvider_Create().
SOPC_CryptoProvider * SOPC_CryptoProvider_CreatePubSub(const char *uri)
Creates an initialized SOPC_CryptoProvider context for PubSub exchanges from a string containing the ...
SOPC_ReturnStatus SOPC_CryptoProvider_SymmetricGetLength_Decryption(const SOPC_CryptoProvider *pProvider, uint32_t lengthIn, uint32_t *pLengthOut)
Writes the length in bytes in pLengthOut of a decrypted message of lengthIn bytes.
SOPC_ReturnStatus SOPC_CryptoProvider_AsymmetricVerify(const SOPC_CryptoProvider *pProvider, const uint8_t *pInput, uint32_t lenInput, const SOPC_AsymmetricKey *pKeyRemotePublic, const uint8_t *pSignature, uint32_t lenSignature, const char **errorReason)
Verifies the signature pSignature of a payload pInput of lenInput bytes.
SOPC_ReturnStatus SOPC_CryptoProvider_DeriveKeySetsClient(const SOPC_CryptoProvider *pProvider, SOPC_SecretBuffer *pClientNonce, const SOPC_ExposedBuffer *pServerNonce, uint32_t lenServerNonce, SOPC_SC_SecurityKeySet *pClientKeySet, SOPC_SC_SecurityKeySet *pServerKeySet)
Derive pseudo-random key sets from the randomly generated and shared secrets.
SOPC_ReturnStatus SOPC_CryptoProvider_PubSubGetLength_KeyNonce(const SOPC_CryptoProvider *pProvider, uint32_t *pLength)
Writes the length in bytes in pLength of the key nonce used for PubSub encryption/decryption.
SOPC_ReturnStatus SOPC_CryptoProvider_AsymmetricGetLength_Decryption(const SOPC_CryptoProvider *pProvider, const SOPC_AsymmetricKey *pKey, uint32_t lengthIn, uint32_t *pLengthOut)
Calculates the size of the required output buffer to decipher lengthIn bytes through asymmetric decry...
The asymmetric key representation.
Definition: key_manager_lib.h:46
const SOPC_CryptoProfile *const pProfile
Definition: sopc_crypto_provider.h:54
SOPC_ReturnStatus SOPC_CryptoProvider_Certificate_Validate(const SOPC_CryptoProvider *pProvider, const SOPC_PKIProvider *pPKI, const SOPC_CertificateList *pCert, uint32_t *error)
Validates the given Certificate pCert.
SOPC_CryptoProfiles gather pointers to cryptographic functions of the security policies of OPC UA Ser...
Definition: sopc_crypto_profiles.h:218
Definition: sopc_key_sets.h:26
SOPC_CryptoProfiles_PubSub gather pointers to cryptographic functions of the security policies of OPC...
Definition: sopc_crypto_profiles.h:243
struct SOPC_SecretBuffer SOPC_SecretBuffer
Definition: sopc_secret_buffer.h:35
SOPC_ReturnStatus SOPC_CryptoProvider_AsymmetricGetLength_Signature(const SOPC_CryptoProvider *pProvider, const SOPC_AsymmetricKey *pKey, uint32_t *pLength)
Calculates the size of the required output buffer to contain the asymmetric signature.
uint8_t SOPC_ExposedBuffer
Definition: sopc_secret_buffer.h:36
SOPC_ReturnStatus SOPC_CryptoProvider_AsymmetricGetLength_Msgs(const SOPC_CryptoProvider *pProvider, const SOPC_AsymmetricKey *pKey, uint32_t *pCipherTextBlockSize, uint32_t *pPlainTextBlockSize)
Provides the lengths in bytes of the messages used in asymmetric encryption process.
SOPC_ReturnStatus SOPC_CryptoProvider_SymmetricGetLength_Blocks(const SOPC_CryptoProvider *pProvider, uint32_t *pCipherTextBlockSize, uint32_t *pPlainTextBlockSize)
Provides the lengths in bytes of the blocks used in the symmetric encryption process.
SOPC_ReturnStatus SOPC_CryptoProvider_AsymmetricSign(const SOPC_CryptoProvider *pProvider, const uint8_t *pInput, uint32_t lenInput, const SOPC_AsymmetricKey *pKeyPrivateLocal, uint8_t *pSignature, uint32_t lenSignature, const char **errorReason)
Signs a payload pInput of lenInput bytes.
SecretBuffer (mangled key) and ExposedBuffer (contiguous deciphered buffered) APIs.
const char * SOPC_CryptoProvider_AsymmetricGetUri_SignAlgorithm(const SOPC_CryptoProvider *pProvider)
Returns the URI of the AsymetricSignatureAlgorithm.
SOPC_ReturnStatus SOPC_CryptoProvider_SymmetricGetLength_SignKey(const SOPC_CryptoProvider *pProvider, uint32_t *pLength)
Writes the length in bytes in pLength of the key used for symmetric signature.
SOPC_ReturnStatus SOPC_CryptoProvider_SymmetricGetLength_Encryption(const SOPC_CryptoProvider *pProvider, uint32_t lengthIn, uint32_t *pLengthOut)
Writes the length in bytes in pLengthOut of an encrypted message of lengthIn bytes.
SOPC_ReturnStatus SOPC_CryptoProvider_CertificateGetLength_Thumbprint(const SOPC_CryptoProvider *pProvider, uint32_t *pLength)
Calculates the size of the signature of the certificates.
SOPC_ReturnStatus
Definition: libs2opc_client.h:61