format update
Change-Id: I8e15451d7229cad5fb4c6d5cf7464fcde9d6c56c
diff --git a/src/crypto-support/crypto-helper.hpp b/src/crypto-support/crypto-helper.hpp
index 6b5f277..9ce7ce7 100644
--- a/src/crypto-support/crypto-helper.hpp
+++ b/src/crypto-support/crypto-helper.hpp
@@ -32,6 +32,11 @@
static const uint8_t INFO[] = {0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, 0xf8, 0xf9};
static const int AES_128_KEY_LEN = 16;
+class CryptoError : public std::runtime_error {
+public:
+ using std::runtime_error::runtime_error;
+};
+
struct ECDH_CTX {
int EC_NID;
EVP_PKEY_CTX* ctx_params;
@@ -57,42 +62,54 @@
deriveSecret(const std::string& peerKeyStr);
unique_ptr<ECDH_CTX> context;
- PUBLIC_WITH_TESTS_ELSE_PRIVATE :
- uint8_t*
- deriveSecret(const uint8_t* peerkey, int peerKeySize);
+ PUBLIC_WITH_TESTS_ELSE_PRIVATE : uint8_t*
+ deriveSecret(const uint8_t* peerkey, int peerKeySize);
uint8_t*
getRawSelfPubKey();
};
+/**
+ * HMAC based key derivation function (HKDF)
+ * @p secret, intput, the input to the HKDF
+ * @p secretLen, intput, the length of the secret
+ * @p salt, intput, the salt used in HKDF
+ * @p saltLen, intput, the length of the salt
+ * @p output, output, the output of the HKDF
+ * @p output_len, intput, the length of expected output
+ * @p info, intput, the additional information used in HKDF
+ * @p info_len, intput, the additional information used in HKDF
+ * @return the length of the derived key if successful, -1 if failed
+ */
int
-hkdf(const uint8_t* secret, int secretLen, const uint8_t* salt,
- int saltLen, uint8_t* okm, int okm_len,
+hkdf(const uint8_t* secret, int secret_len,
+ const uint8_t* salt, int salt_len,
+ uint8_t* output, int output_len,
const uint8_t* info = INFO, int info_len = INFO_LEN);
/**
- * HMAC SHA 256 keyed hash function
- * @param key the key for the function
- * @param key_len the length of the key
- * @param data the array to hmac
- * @param data_length the length of the array
- * @param result result. Enough memory (32 Bytes) must be allocated beforehand
+ * HMAC based on SHA-256
+ * @p data, intput, the array to hmac
+ * @p data_length, intput, the length of the array
+ * @p key, intput, the key for the function
+ * @p key_len, intput, the length of the key
+ * @p result, output, result of the HMAC. Enough memory (32 Bytes) must be allocated beforehands
* @return 0 if successful, -1 if failed
*/
int
-ndn_compute_hmac_sha256(const uint8_t* data, const unsigned data_length,
- const uint8_t* key, const unsigned key_length,
- uint8_t* result);
+hmac_sha256(const uint8_t* data, const unsigned data_length,
+ const uint8_t* key, const unsigned key_length,
+ uint8_t* result);
/**
- * Authentication GCM 128 Encryption
+ * Authenticated GCM 128 Encryption with associated data
* @p plaintext, input, plaintext
* @p plaintext_len, input, size of plaintext
* @p associated, input, associated authentication data
* @p associated_len, input, size of associated authentication data
* @p key, input, 16 bytes AES key
* @p iv, input, 12 bytes IV
- * @p ciphertext, output
+ * @p ciphertext, output, enough memory must be allocated beforehands
* @p tag, output, 16 bytes tag
* @return the size of ciphertext
* @throw CryptoError when there is an error in the process of encryption
@@ -102,7 +119,7 @@
const uint8_t* key, const uint8_t* iv, uint8_t* ciphertext, uint8_t* tag);
/**
- * Authentication GCM 128 Decryption
+ * Authenticated GCM 128 Decryption with associated data
* @p ciphertext, input, ciphertext
* @p ciphertext_len, input, size of ciphertext
* @p associated, input, associated authentication data
@@ -110,7 +127,7 @@
* @p tag, input, 16 bytes tag
* @p key, input, 16 bytes AES key
* @p iv, input, 12 bytes IV
- * @p plaintext, output
+ * @p plaintext, output, enough memory must be allocated beforehands
* @return the size of plaintext or -1 if the verification fails
* @throw CryptoError when there is an error in the process of encryption
*/
@@ -118,29 +135,9 @@
aes_gcm_128_decrypt(const uint8_t* ciphertext, size_t ciphertext_len, const uint8_t* associated, size_t associated_len,
const uint8_t* tag, const uint8_t* key, const uint8_t* iv, uint8_t* plaintext);
-/**
- * HMAC SHA 256 keyed hash function
- * @param key the key for the function
- * @param key_len the length of the key
- * @param cleartext the cleartext array to be hashed
- * @param cleartext_len the length of the array
- * @param output the output array
- * @param output_len the longest output len possible (changed to actual on return).
- * @return 0 if successful, -1 if failed
- */
-int
-hmac_sha_256(const uint8_t* key, size_t key_len,
- const uint8_t* cleartext, size_t cleartext_len,
- uint8_t* output, size_t* output_len);
-
void
handleErrors(const std::string& errorInfo);
-class CryptoError : public std::runtime_error {
-public:
- using std::runtime_error::runtime_error;
-};
-
} // namespace ndncert
} // namespace ndn