Google Git
Sign in
coral / a71ch-crypto-support / 8dc1f1434da50a4b7361d651239c1f3f4f8cc25b / . / ext / amazon-freertos / libraries / freertos_plus / standard / crypto / include / iot_crypto.h
blob: 05c6619b6de528b29ac21a180cb1d1185668c82f [file] [log] [blame]
/*
* FreeRTOS Crypto V1.0.8
* Copyright (C) 2020 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Permission is hereby granted, free of charge, to any person obtaining a copy of
* this software and associated documentation files (the "Software"), to deal in
* the Software without restriction, including without limitation the rights to
* use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
* the Software, and to permit persons to whom the Software is furnished to do so,
* subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in all
* copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
* FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
* COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
* IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
* CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
*
* http://aws.amazon.com/freertos
* http://www.FreeRTOS.org
*/
#ifndef __AWS_CRYPTO__H__
#define __AWS_CRYPTO__H__
#include "FreeRTOS.h"
/**
* @brief Commonly used buffer sizes for storing cryptographic hash computation
* results.
*/
#define cryptoSHA1_DIGEST_BYTES 20
#define cryptoSHA256_DIGEST_BYTES 32
/**
* @brief Initializes the heap and threading functions for cryptography libraries.
*/
void CRYPTO_Init( void );
/**
* @brief Initializes the mbedTLS mutex functions.
*
* Provides mbedTLS access to mutex create, destroy, take and free.
*
* @see MBEDTLS_THREADING_ALT
*/
void CRYPTO_ConfigureThreading( void );
/**
* @brief Configures crypto library heap callouts so that the FreeRTOS heap is
* used instead of the C runtime heap. Skipping this call is likely to cause
* runtime memory corruption in the application.
*/
void CRYPTO_ConfigureHeap( void );
/**
* @brief Library-independent cryptographic algorithm identifiers.
*/
#define cryptoHASH_ALGORITHM_SHA1 1
#define cryptoHASH_ALGORITHM_SHA256 2
#define cryptoASYMMETRIC_ALGORITHM_RSA 1
#define cryptoASYMMETRIC_ALGORITHM_ECDSA 2
/**
* @brief Initializes digital signature verification.
*
* @param[out] ppvContext Opaque context structure.
* @param[in] xAsymmetricAlgorithm Cryptographic public key cryptosystem.
* @param[in] xHashAlgorithm Cryptographic hash algorithm that was used for signing.
*
* @return pdTRUE if initialization succeeds, or pdFALSE otherwise.
*/
BaseType_t CRYPTO_SignatureVerificationStart( void ** ppvContext,
BaseType_t xAsymmetricAlgorithm,
BaseType_t xHashAlgorithm );
/**
* @brief Updates a cryptographic hash computation with the specified byte array.
*
* @param[in] pvContext Opaque context structure.
* @param[in] pucData Byte array that was signed.
* @param[in] xDataLength Length in bytes of data that was signed.
*/
void CRYPTO_SignatureVerificationUpdate( void * pvContext,
const uint8_t * pucData,
size_t xDataLength );
/**
* @brief Verifies a digital signature computation using the public key from the
* specified certificate.
*
* @param[in] pvContext Opaque context structure.
* @param[in] pucSignerCertificate Base64 and DER encoded X.509 certificate of the
* signer.
* @param[in] xSignerCertificateLength Length in bytes of the certificate.
* @param[in] pucSignature Digital signature result to verify.
* @param[in] xSignatureLength in bytes of digital signature result.
*
* @return pdTRUE if the signature is correct or pdFALSE if the signature is invalid.
*/
BaseType_t CRYPTO_SignatureVerificationFinal( void * pvContext,
char * pcSignerCertificate,
size_t xSignerCertificateLength,
uint8_t * pucSignature,
size_t xSignatureLength );
#endif /* ifndef __AWS_CRYPTO__H__ */