Botan 3.12.0
Crypto and TLS for C&
ffi.h
Go to the documentation of this file.
1/*
2* FFI (C89 API)
3* (C) 2015,2017 Jack Lloyd
4* (C) 2021 René Fischer
5* (C) 2024,2025,2026 Amos Treiber, René Meusel, Rohde & Schwarz Cybersecurity
6*
7* Botan is released under the Simplified BSD License (see license.txt)
8*/
9
10#ifndef BOTAN_FFI_H_
11#define BOTAN_FFI_H_
12
13#ifdef __cplusplus
14extern "C" {
15#endif
16
17/*
18This header exports some of botan's functionality via a C89 interface. This API
19is used by the Python, OCaml, Rust, Ruby, and Haskell bindings via those languages
20respective ctypes/FFI libraries.
21
22The API is intended to be as easy as possible to call from other
23languages, which often have easy ways to call C, because C. But some C
24code is easier to deal with than others, so to make things easy this
25API follows a few simple rules:
26
27- All interactions are via pointers to opaque structs. No need to worry about
28 structure padding issues and the like.
29
30- All functions return an int error code (except the version calls, which are
31 assumed to always have something to say).
32
33- Use simple types: size_t for lengths, const char* NULL terminated strings,
34 uint8_t for binary.
35
36- No ownership of memory transfers across the API boundary. The API will consume
37 data from const pointers with specified lengths. Outputs are either placed into
38 buffers provided by (and allocated by) the caller, or are returned via a
39 callback (what the FFI layer calls "view" functions).
40
41 When writing to an application-provided buffer, the function takes a pointer
42 to the output array and a read/write pointer to the length. The length field
43 is always set to the actual amount of data that would have been written. If
44 the input buffer's size was insufficient an error is returned.
45
46 In many situations the length of the output can be known in advance without
47 difficulty, in which case there will be a function which allows querying the
48 expected output length. For example `botan_hash_output_length` allows knowing
49 in advance the expected size for `botan_hash_final`. Some of these are exact,
50 while others such as `botan_pk_op_decrypt_output_length` can only provide an
51 upper bound for various technical reasons.
52
53 In some cases knowing the exact size is difficult or impossible. In these
54 situations view functions are used; see the handbook for further details.
55
56 TODO: Doxygen comments for all parameters
57*/
58
59#include <stddef.h>
60#include <stdint.h>
61
62/* NOLINTBEGIN(*-macro-usage,*-misplaced-const) */
63
64/**
65* The compile time API version. This matches the value of
66* botan_ffi_api_version. This can be used for compile-time checking if a
67* particular feature is available.
68*
69* Note this same value is also reflected in BOTAN_HAS_FFI in build.h, however
70* that declaration is not visible here since this header is intentionally
71* free-standing, depending only on a few C standard library headers.
72*/
73#define BOTAN_FFI_API_VERSION 20260506
74
75/**
76* BOTAN_FFI_EXPORT indicates public FFI functions.
77*
78* The arguments to the macro are to indicate the version that
79* that particular FFI function was first available
80*/
81#if defined(BOTAN_DLL)
82 #define BOTAN_FFI_EXPORT(maj, min) BOTAN_DLL
83#else
84 #if defined(__has_attribute)
85 #if __has_attribute(visibility)
86 #define BOTAN_FFI_EXPORT(maj, min) __attribute__((visibility("default")))
87 #endif
88 #elif defined(_MSC_VER) && !defined(BOTAN_IS_BEING_BUILT)
89 #define BOTAN_FFI_EXPORT(maj, min) __declspec(dllimport)
90 #else
91 #define BOTAN_FFI_EXPORT(maj, min)
92 #endif
93#endif
94
95#if !defined(BOTAN_NO_DEPRECATED_WARNINGS) && !defined(BOTAN_AMALGAMATION_H_) && !defined(BOTAN_IS_BEING_BUILT)
96 #if defined(__has_attribute)
97 #if __has_attribute(deprecated)
98 #define BOTAN_FFI_DEPRECATED(msg) __attribute__((deprecated(msg)))
99 #endif
100 #elif defined(_MSC_VER)
101 #define BOTAN_FFI_DEPRECATED(msg) __declspec(deprecated(msg))
102 #endif
103#endif
104
105#if !defined(BOTAN_FFI_DEPRECATED)
106 #define BOTAN_FFI_DEPRECATED(msg) /**/
107#endif
108
109/**
110* Error codes
111*
112* If you add a new value here be sure to also add it in
113* botan_error_description
114*/
150
151/**
152* The application provided context for a view function
153*/
154typedef void* botan_view_ctx;
155
156/**
157* Viewer function for binary data
158*
159* @param view_ctx some application context
160* @param data the binary data
161* @param len the length of data in bytes
162*/
163typedef int (*botan_view_bin_fn)(botan_view_ctx view_ctx, const uint8_t* data, size_t len);
164
165/**
166* Viewer function for string data
167*
168* @param view_ctx some application context
169* @param str the null terminated string
170* @param len the length of string *including* the null terminator
171*/
172typedef int (*botan_view_str_fn)(botan_view_ctx view_ctx, const char* str, size_t len);
173
174/**
175* Convert an error code into a string. Returns "Unknown error"
176* if the error code is not a known one.
177*/
178BOTAN_FFI_EXPORT(2, 8) const char* botan_error_description(int err);
179
180/**
181* Return the message of the last exception caught in this thread.
182*
183* This pointer can/will be reallocated or overwritten the next time
184* this thread calls any other Botan FFI function and must be copied
185* to persistent storage first.
186*/
187BOTAN_FFI_EXPORT(3, 0) const char* botan_error_last_exception_message(void);
188
189/**
190* Return the version of the currently supported FFI API. This is
191* expressed in the form YYYYMMDD of the release date of this version
192* of the API.
193*/
194BOTAN_FFI_EXPORT(2, 0) uint32_t botan_ffi_api_version(void);
195
196/**
197* Return 0 (ok) if the version given is one this library supports.
198* botan_ffi_supports_api(botan_ffi_api_version()) will always return 0.
199*/
200BOTAN_FFI_EXPORT(2, 0) int botan_ffi_supports_api(uint32_t api_version);
201
202/**
203* Return a free-form version string, e.g., 2.0.0
204*/
205BOTAN_FFI_EXPORT(2, 0) const char* botan_version_string(void);
206
207/**
208* Return the major version of the library
209*/
210BOTAN_FFI_EXPORT(2, 0) uint32_t botan_version_major(void);
211
212/**
213* Return the minor version of the library
214*/
215BOTAN_FFI_EXPORT(2, 0) uint32_t botan_version_minor(void);
216
217/**
218* Return the patch version of the library
219*/
220BOTAN_FFI_EXPORT(2, 0) uint32_t botan_version_patch(void);
221
222/**
223* Return the date this version was released as an integer.
224*
225* Returns 0 if the library was not built from an official release
226*/
227BOTAN_FFI_EXPORT(2, 0) uint32_t botan_version_datestamp(void);
228
229/**
230* Returns 0 if x[0..len] == y[0..len], or otherwise -1
231*/
232BOTAN_FFI_EXPORT(2, 3) int botan_constant_time_compare(const uint8_t* x, const uint8_t* y, size_t len);
233
234/**
235* Deprecated equivalent to botan_constant_time_compare
236*/
237BOTAN_FFI_DEPRECATED("Use botan_constant_time_compare")
238BOTAN_FFI_EXPORT(2, 0) int botan_same_mem(const uint8_t* x, const uint8_t* y, size_t len);
239
240/**
241* Clear out memory using a system specific approach to bypass elision by the
242* compiler (currently using RtlSecureZeroMemory or tricks with volatile pointers).
243*/
244BOTAN_FFI_EXPORT(2, 2) int botan_scrub_mem(void* mem, size_t bytes);
245
246/**
247* Flag that can be provided to botan_hex_encode to request lower case hex
248*/
249#define BOTAN_FFI_HEX_LOWER_CASE 1
250
251/**
252* Perform hex encoding
253* @param x is some binary data
254* @param len length of x in bytes
255* @param out an array of at least x*2 bytes
256* @param flags flags out be upper or lower case?
257* @return 0 on success, a negative value on failure
258*/
259BOTAN_FFI_EXPORT(2, 0) int botan_hex_encode(const uint8_t* x, size_t len, char* out, uint32_t flags);
260
261/**
262* Perform hex decoding
263* @param hex_str a string of hex chars (whitespace is ignored)
264* @param in_len the length of hex_str
265* @param out the output buffer should be at least strlen(hex_str)/2 bytes
266* @param out_len the size of the output buffer on input, set to the number of bytes written
267* @return 0 on success, a negative value on failure
268*/
269BOTAN_FFI_EXPORT(2, 3) int botan_hex_decode(const char* hex_str, size_t in_len, uint8_t* out, size_t* out_len);
270
271/**
272* Perform base64 encoding
273*
274* @param x the input data
275* @param len the length of x
276* @param out the output buffer
277* @param out_len the size of the output buffer on input, set to the number of bytes written
278* @return 0 on success, a negative value on failure
279
280*/
281BOTAN_FFI_EXPORT(2, 3) int botan_base64_encode(const uint8_t* x, size_t len, char* out, size_t* out_len);
282
283/**
284* Perform base64 decoding
285*/
286BOTAN_FFI_EXPORT(2, 3) int botan_base64_decode(const char* base64_str, size_t in_len, uint8_t* out, size_t* out_len);
287
288/**
289* RNG type
290*/
291typedef struct botan_rng_struct* botan_rng_t;
292
293/**
294* Initialize a random number generator object
295* @param rng rng object
296* @param rng_type type of the rng, possible values:
297* "system": system RNG
298* "esdm-full": ESDM RNG (fully seeded)
299* "esdm-pr": ESDM RNG (w. prediction resistance)
300* "user": userspace RNG
301* "user-threadsafe": userspace RNG, with internal locking
302* "rdrand": directly read RDRAND
303* Set rng_type to null to let the library choose some default.
304*/
305BOTAN_FFI_EXPORT(2, 0) int botan_rng_init(botan_rng_t* rng, const char* rng_type);
306
307/**
308* Initialize a custom random number generator from a set of callback functions
309* @param rng_out rng object to create
310* @param rng_name name of the rng
311* @param context An application-specific context passed to the callback functions
312* @param get_cb Callback for getting random bytes from the rng, return 0 for success
313* @param add_entropy_cb Callback for adding entropy to the rng, return 0 for success, may be NULL
314* @param destroy_cb Callback called when rng is destroyed, may be NULL
315*/
316BOTAN_FFI_EXPORT(3, 0)
317int botan_rng_init_custom(botan_rng_t* rng_out,
318 const char* rng_name,
319 void* context,
320 int (*get_cb)(void* context, uint8_t* out, size_t out_len),
321 int (*add_entropy_cb)(void* context, const uint8_t input[], size_t length),
322 void (*destroy_cb)(void* context));
323
324/**
325* Get random bytes from a random number generator
326*
327* @param rng rng object
328* @param out output buffer of size out_len
329* @param out_len number of requested bytes
330* @return 0 on success, negative on failure
331*/
332BOTAN_FFI_EXPORT(2, 0) int botan_rng_get(botan_rng_t rng, uint8_t* out, size_t out_len);
333
334/**
335* Get random bytes from system random number generator
336*
337* @param out output buffer of size out_len
338* @param out_len number of requested bytes
339* @return 0 on success, negative on failure
340*/
341BOTAN_FFI_EXPORT(3, 0) int botan_system_rng_get(uint8_t* out, size_t out_len);
342
343/**
344* Reseed a random number generator
345* Uses the System_RNG as a seed generator.
346*
347* @param rng rng object
348* @param bits number of bits to reseed with
349* @return 0 on success, a negative value on failure
350*/
351BOTAN_FFI_EXPORT(2, 0) int botan_rng_reseed(botan_rng_t rng, size_t bits);
352
353/**
354* Reseed a random number generator
355*
356* @param rng rng object
357* @param source_rng the rng that will be read from
358* @param bits number of bits to reseed with
359* @return 0 on success, a negative value on failure
360*/
361BOTAN_FFI_EXPORT(2, 8) int botan_rng_reseed_from_rng(botan_rng_t rng, botan_rng_t source_rng, size_t bits);
362
363/**
364* Add some seed material to a random number generator
365*
366* @param rng rng object
367* @param entropy the data to add
368* @param entropy_len length of entropy buffer
369* @return 0 on success, a negative value on failure
370*/
371BOTAN_FFI_EXPORT(2, 8) int botan_rng_add_entropy(botan_rng_t rng, const uint8_t* entropy, size_t entropy_len);
372
373/**
374* Create and seed a DRBG
375*
376* @param rng_out the new DRBG object
377* @param drbg_name the name of the DRBG (e.g. "HMAC_DRBG(SHA-256)")
378* @param seed the seed material (entropy || nonce || personalization_string)
379* @param seed_len length of seed in bytes
380* @return 0 on success, negative on failure
381*/
382BOTAN_FFI_EXPORT(3, 12)
383int botan_rng_init_drbg(botan_rng_t* rng_out, const char* drbg_name, const uint8_t* seed, size_t seed_len);
384
385/**
386* Generate random bytes from an RNG with additional input.
387*
388* For a DRBG, the additional input is mixed in before generating.
389* Many other RNG types (eg RDRAND or system RNG) will ignore the input.
390*
391* @param rng the RNG object
392* @param out output buffer
393* @param out_len number of bytes to generate
394* @param addl_input additional input to mix in (may be NULL if addl_len is 0)
395* @param addl_len length of additional input
396* @return 0 on success, negative on failure
397*/
398BOTAN_FFI_EXPORT(3, 12)
399int botan_rng_generate_with_input(
400 botan_rng_t rng, uint8_t* out, size_t out_len, const uint8_t* addl_input, size_t addl_len);
401
402/**
403* Frees all resources of the random number generator object
404* @param rng rng object
405* @return 0 if success, error if invalid object handle
406*/
407BOTAN_FFI_EXPORT(2, 0) int botan_rng_destroy(botan_rng_t rng);
408
409/*
410* Opaque type of an eXtendable Output Function (XOF)
411*/
412typedef struct botan_xof_struct* botan_xof_t;
413
414/**
415* Initialize an eXtendable Output Function
416* @param xof XOF object
417* @param xof_name name of the XOF, e.g., "SHAKE-128"
418* @param flags should be 0 in current API revision, all other uses are reserved
419* and return BOTAN_FFI_ERROR_BAD_FLAG
420*/
421BOTAN_FFI_EXPORT(3, 11) int botan_xof_init(botan_xof_t* xof, const char* xof_name, uint32_t flags);
422
423/**
424* Copy the state of an eXtendable Output Function
425* @param dest destination XOF object
426* @param source source XOF object
427* @return 0 on success, a negative value on failure
428*/
429BOTAN_FFI_EXPORT(3, 11) int botan_xof_copy_state(botan_xof_t* dest, botan_xof_t source);
430
431/**
432* Writes the block size of the eXtendable Output Function to *block_size
433* @param xof XOF object
434* @param block_size variable to hold the XOF's block size
435* @return 0 on success, a negative value on failure
436*/
437BOTAN_FFI_EXPORT(3, 11) int botan_xof_block_size(botan_xof_t xof, size_t* block_size);
438
439/**
440* Get the name of this eXtendable Output Function
441* @param xof the object to read
442* @param name output buffer
443* @param name_len on input, the length of buffer, on success the number of bytes written
444*/
445BOTAN_FFI_EXPORT(3, 11) int botan_xof_name(botan_xof_t xof, char* name, size_t* name_len);
446
447/**
448* Get the input/output state of this eXtendable Output Function
449* Typically, XOFs don't accept input as soon as the first output bytes were requested.
450* @param xof the object to read
451* @returns 1 iff the XOF is still accepting input bytes
452*/
453BOTAN_FFI_EXPORT(3, 11) int botan_xof_accepts_input(botan_xof_t xof);
454
455/**
456* Reinitializes the state of the eXtendable Output Function.
457* @param xof XOF object
458* @return 0 on success, a negative value on failure
459*/
460BOTAN_FFI_EXPORT(3, 11) int botan_xof_clear(botan_xof_t xof);
461
462/**
463* Send more input to the eXtendable Output Function
464* @param xof XOF object
465* @param in input buffer
466* @param in_len number of bytes to read from the input buffer
467* @return 0 on success, a negative value on failure
468*/
469BOTAN_FFI_EXPORT(3, 11) int botan_xof_update(botan_xof_t xof, const uint8_t* in, size_t in_len);
470
471/**
472* Generate output bytes from the eXtendable Output Function
473* @param xof XOF object
474* @param out output buffer
475* @param out_len number of bytes to write into the output buffer
476* @return 0 on success, a negative value on failure
477*/
478BOTAN_FFI_EXPORT(3, 11) int botan_xof_output(botan_xof_t xof, uint8_t* out, size_t out_len);
479
480/**
481* Frees all resources of the eXtendable Output Function object
482* @param xof xof object
483* @return 0 if success, error if invalid object handle
484*/
485BOTAN_FFI_EXPORT(3, 11) int botan_xof_destroy(botan_xof_t xof);
486
487/*
488* Opaque type of a hash function
489*/
490typedef struct botan_hash_struct* botan_hash_t;
491
492/**
493* Initialize a hash function object
494* @param hash hash object
495* @param hash_name name of the hash function, e.g., "SHA-384"
496* @param flags should be 0 in current API revision, all other uses are reserved
497* and return BOTAN_FFI_ERROR_BAD_FLAG
498*/
499BOTAN_FFI_EXPORT(2, 0) int botan_hash_init(botan_hash_t* hash, const char* hash_name, uint32_t flags);
500
501/**
502* Copy the state of a hash function object
503* @param dest destination hash object
504* @param source source hash object
505* @return 0 on success, a negative value on failure
506*/
507BOTAN_FFI_EXPORT(2, 2) int botan_hash_copy_state(botan_hash_t* dest, botan_hash_t source);
508
509/**
510* Writes the output length of the hash function to *output_length
511* @param hash hash object
512* @param output_length output buffer to hold the hash function output length
513* @return 0 on success, a negative value on failure
514*/
515BOTAN_FFI_EXPORT(2, 0) int botan_hash_output_length(botan_hash_t hash, size_t* output_length);
516
517/**
518* Writes the block size of the hash function to *block_size
519* @param hash hash object
520* @param block_size output buffer to hold the hash function output length
521* @return 0 on success, a negative value on failure
522*/
523BOTAN_FFI_EXPORT(2, 2) int botan_hash_block_size(botan_hash_t hash, size_t* block_size);
524
525/**
526* Send more input to the hash function
527* @param hash hash object
528* @param in input buffer
529* @param in_len number of bytes to read from the input buffer
530* @return 0 on success, a negative value on failure
531*/
532BOTAN_FFI_EXPORT(2, 0) int botan_hash_update(botan_hash_t hash, const uint8_t* in, size_t in_len);
533
534/**
535* Finalizes the hash computation and writes the output to
536* out[0:botan_hash_output_length()] then reinitializes for computing
537* another digest as if botan_hash_clear had been called.
538* @param hash hash object
539* @param out output buffer
540* @return 0 on success, a negative value on failure
541*/
542BOTAN_FFI_EXPORT(2, 0) int botan_hash_final(botan_hash_t hash, uint8_t out[]);
543
544/**
545* Reinitializes the state of the hash computation. A hash can
546* be computed (with update/final) immediately.
547* @param hash hash object
548* @return 0 on success, a negative value on failure
549*/
550BOTAN_FFI_EXPORT(2, 0) int botan_hash_clear(botan_hash_t hash);
551
552/**
553* Frees all resources of the hash object
554* @param hash hash object
555* @return 0 if success, error if invalid object handle
556*/
557BOTAN_FFI_EXPORT(2, 0) int botan_hash_destroy(botan_hash_t hash);
558
559/**
560* Get the name of this hash function
561* @param hash the object to read
562* @param name output buffer
563* @param name_len on input, the length of buffer, on success the number of bytes written
564*/
565BOTAN_FFI_EXPORT(2, 8) int botan_hash_name(botan_hash_t hash, char* name, size_t* name_len);
566
567/*
568* Opaque type of a message authentication code
569*/
570typedef struct botan_mac_struct* botan_mac_t;
571
572/**
573* Initialize a message authentication code object
574* @param mac mac object
575* @param mac_name name of the hash function, e.g., "HMAC(SHA-384)"
576* @param flags should be 0 in current API revision, all other uses are reserved
577* and return a negative value (error code)
578* @return 0 on success, a negative value on failure
579*/
580BOTAN_FFI_EXPORT(2, 0) int botan_mac_init(botan_mac_t* mac, const char* mac_name, uint32_t flags);
581
582/**
583* Writes the output length of the message authentication code to *output_length
584* @param mac mac object
585* @param output_length output buffer to hold the MAC output length
586* @return 0 on success, a negative value on failure
587*/
588BOTAN_FFI_EXPORT(2, 0) int botan_mac_output_length(botan_mac_t mac, size_t* output_length);
589
590/**
591* Sets the key on the MAC
592* @param mac mac object
593* @param key buffer holding the key
594* @param key_len size of the key buffer in bytes
595* @return 0 on success, a negative value on failure
596*/
597BOTAN_FFI_EXPORT(2, 0) int botan_mac_set_key(botan_mac_t mac, const uint8_t* key, size_t key_len);
598
599/**
600* Sets the nonce on the MAC
601* @param mac mac object
602* @param nonce buffer holding the key
603* @param nonce_len size of the key buffer in bytes
604* @return 0 on success, a negative value on failure
605*/
606BOTAN_FFI_EXPORT(3, 0) int botan_mac_set_nonce(botan_mac_t mac, const uint8_t* nonce, size_t nonce_len);
607
608/**
609* Send more input to the message authentication code
610* @param mac mac object
611* @param buf input buffer
612* @param len number of bytes to read from the input buffer
613* @return 0 on success, a negative value on failure
614*/
615BOTAN_FFI_EXPORT(2, 0) int botan_mac_update(botan_mac_t mac, const uint8_t* buf, size_t len);
616
617/**
618* Finalizes the MAC computation and writes the output to
619* out[0:botan_mac_output_length()] then reinitializes for computing
620* another MAC as if botan_mac_clear had been called.
621* @param mac mac object
622* @param out output buffer
623* @return 0 on success, a negative value on failure
624*/
625BOTAN_FFI_EXPORT(2, 0) int botan_mac_final(botan_mac_t mac, uint8_t out[]);
626
627/**
628* Reinitializes the state of the MAC computation. A MAC can
629* be computed (with update/final) immediately.
630* @param mac mac object
631* @return 0 on success, a negative value on failure
632*/
633BOTAN_FFI_EXPORT(2, 0) int botan_mac_clear(botan_mac_t mac);
634
635/**
636* Get the name of this MAC
637* @param mac the object to read
638* @param name output buffer
639* @param name_len on input, the length of buffer, on success the number of bytes written
640*/
641BOTAN_FFI_EXPORT(2, 8) int botan_mac_name(botan_mac_t mac, char* name, size_t* name_len);
642
643/**
644* Get the key length limits of this auth code
645* @param mac the object to read
646* @param out_minimum_keylength if non-NULL, will be set to minimum keylength of MAC
647* @param out_maximum_keylength if non-NULL, will be set to maximum keylength of MAC
648* @param out_keylength_modulo if non-NULL will be set to byte multiple of valid keys
649*/
650BOTAN_FFI_EXPORT(2, 8)
651int botan_mac_get_keyspec(botan_mac_t mac,
652 size_t* out_minimum_keylength,
653 size_t* out_maximum_keylength,
654 size_t* out_keylength_modulo);
655
656/**
657* Frees all resources of the MAC object
658* @param mac mac object
659* @return 0 if success, error if invalid object handle
660*/
661BOTAN_FFI_EXPORT(2, 0) int botan_mac_destroy(botan_mac_t mac);
662
663/*
664* Opaque type of a cipher mode
665*/
666typedef struct botan_cipher_struct* botan_cipher_t;
667
668#define BOTAN_CIPHER_INIT_FLAG_MASK_DIRECTION 1
669#define BOTAN_CIPHER_INIT_FLAG_ENCRYPT 0
670#define BOTAN_CIPHER_INIT_FLAG_DECRYPT 1
671
672/**
673* Initialize a cipher object
674*/
675BOTAN_FFI_EXPORT(2, 0) int botan_cipher_init(botan_cipher_t* cipher, const char* name, uint32_t flags);
676
677/**
678* Return the name of the cipher object
679*/
680BOTAN_FFI_EXPORT(2, 8) int botan_cipher_name(botan_cipher_t cipher, char* name, size_t* name_len);
681
682/**
683* Return the output length of this cipher, for a particular input length.
684*/
685BOTAN_FFI_EXPORT(2, 8) int botan_cipher_output_length(botan_cipher_t cipher, size_t in_len, size_t* out_len);
686
687/**
688* Return if the specified nonce length is valid for this cipher
689*/
690BOTAN_FFI_EXPORT(2, 0) int botan_cipher_valid_nonce_length(botan_cipher_t cipher, size_t nl);
691
692/**
693* Get the tag length of the cipher (0 for non-AEAD modes)
694*/
695BOTAN_FFI_EXPORT(2, 0) int botan_cipher_get_tag_length(botan_cipher_t cipher, size_t* tag_size);
696
697/**
698* Returns 1 iff the cipher provides authentication as well as confidentiality.
699*/
700BOTAN_FFI_EXPORT(3, 3) int botan_cipher_is_authenticated(botan_cipher_t cipher);
701
702/**
703 * Returns 1 iff the cipher requires the entire message before any
704 * encryption or decryption can be performed. No output data will be produced
705 * in botan_cipher_update() until the final flag is set.
706 */
707BOTAN_FFI_EXPORT(3, 4) int botan_cipher_requires_entire_message(botan_cipher_t cipher);
708
709/**
710* Get the default nonce length of this cipher
711*/
712BOTAN_FFI_EXPORT(2, 0) int botan_cipher_get_default_nonce_length(botan_cipher_t cipher, size_t* nl);
713
714/**
715* Return the update granularity of the cipher; botan_cipher_update must be
716* called with blocks of this size, except for the final.
717*/
718BOTAN_FFI_EXPORT(2, 0) int botan_cipher_get_update_granularity(botan_cipher_t cipher, size_t* ug);
719
720/**
721* Return the ideal update granularity of the cipher. This is some multiple of the
722* update granularity, reflecting possibilities for optimization.
723*/
724BOTAN_FFI_EXPORT(3, 0) int botan_cipher_get_ideal_update_granularity(botan_cipher_t cipher, size_t* ug);
725
726/**
727* Get information about the key lengths. Prefer botan_cipher_get_keyspec
728*/
729BOTAN_FFI_EXPORT(2, 0)
730int botan_cipher_query_keylen(botan_cipher_t cipher, size_t* out_minimum_keylength, size_t* out_maximum_keylength);
731
732/**
733* Get information about the supported key lengths.
734*/
735BOTAN_FFI_EXPORT(2, 8)
736int botan_cipher_get_keyspec(botan_cipher_t cipher, size_t* min_keylen, size_t* max_keylen, size_t* mod_keylen);
737
738/**
739* Set the key for this cipher object
740*/
741BOTAN_FFI_EXPORT(2, 0) int botan_cipher_set_key(botan_cipher_t cipher, const uint8_t* key, size_t key_len);
742
743/**
744* Reset the message specific state for this cipher.
745* Without resetting the keys, this resets the nonce, and any state
746* associated with any message bits that have been processed so far.
747*
748* It is conceptually equivalent to calling botan_cipher_clear followed
749* by botan_cipher_set_key with the original key.
750*/
751BOTAN_FFI_EXPORT(2, 8) int botan_cipher_reset(botan_cipher_t cipher);
752
753/**
754* Set the associated data. Will fail if cipher is not an AEAD
755*/
756BOTAN_FFI_EXPORT(2, 0) int botan_cipher_set_associated_data(botan_cipher_t cipher, const uint8_t* ad, size_t ad_len);
757
758/**
759* Begin processing a new message using the provided nonce
760*/
761BOTAN_FFI_EXPORT(2, 0) int botan_cipher_start(botan_cipher_t cipher, const uint8_t* nonce, size_t nonce_len);
762
763#define BOTAN_CIPHER_UPDATE_FLAG_FINAL (1U << 0)
764
765/**
766* @brief Encrypt/Decrypt some data and/or finalize the encryption/decryption
767*
768* This encrypts as many bytes from @p input_bytes into @p output_bytes as
769* possible. Unless ``BOTAN_CIPHER_UPDATE_FLAG_FINAL`` is set, this function will
770* consume bytes in multiples of botan_cipher_get_update_granularity().
771* @p input_consumed and @p output_written will be set accordingly and it is the
772* caller's responsibility to adapt their buffers accordingly before calling this
773* function again. Note that, unless ``BOTAN_CIPHER_UPDATE_FLAG_FINAL`` is set,
774* the cipher will at most generate @p input_size output bytes.
775*
776* Eventually, the caller must set the ``BOTAN_CIPHER_UPDATE_FLAG_FINAL`` flag to
777* indicate that no more input will be provided. This will cause the cipher to
778* consume all given input bytes and produce the final output; or return a
779* ``BOTAN_FFI_ERROR_INSUFFICIENT_BUFFER_SPACE`` error if the given output buffer
780* was too small. In the latter case, @p output_written will be set to the
781* required buffer size. Calling again with ``BOTAN_CIPHER_UPDATE_FLAG_FINAL``, a
782* big enough buffer and no further input will then produce the final output.
783*
784* Note that some ciphers require the entire message to be provided before any
785* output is produced. @sa botan_cipher_requires_entire_message().
786*/
787BOTAN_FFI_EXPORT(2, 0)
788int botan_cipher_update(botan_cipher_t cipher,
789 uint32_t flags,
790 uint8_t output[],
791 size_t output_size,
792 size_t* output_written,
793 const uint8_t input_bytes[],
794 size_t input_size,
795 size_t* input_consumed);
796
797/**
798* Reset the key, nonce, AD and all other state on this cipher object
799*/
800BOTAN_FFI_EXPORT(2, 0) int botan_cipher_clear(botan_cipher_t hash);
801
802/**
803* Destroy the cipher object
804* @return 0 if success, error if invalid object handle
805*/
806BOTAN_FFI_EXPORT(2, 0) int botan_cipher_destroy(botan_cipher_t cipher);
807
808/*
809* Derive a key from a passphrase for a number of iterations
810* @param pbkdf_algo PBKDF algorithm, e.g., "PBKDF2(SHA-256)"
811* @param out buffer to store the derived key, must be of out_len bytes
812* @param out_len the desired length of the key to produce
813* @param passphrase the password to derive the key from
814* @param salt a randomly chosen salt
815* @param salt_len length of salt in bytes
816* @param iterations the number of iterations to use (use 10K or more)
817* @return 0 on success, a negative value on failure
818*
819* Deprecated: use
820* botan_pwdhash(pbkdf_algo, iterations, 0, 0, out, out_len,
821* passphrase, 0, salt, salt_len);
822*/
823BOTAN_FFI_DEPRECATED("Use botan_pwdhash")
824BOTAN_FFI_EXPORT(2, 0)
825int botan_pbkdf(const char* pbkdf_algo,
826 uint8_t out[],
827 size_t out_len,
828 const char* passphrase,
829 const uint8_t salt[],
830 size_t salt_len,
831 size_t iterations);
832
833/**
834* Derive a key from a passphrase, running until msec time has elapsed.
835* @param pbkdf_algo PBKDF algorithm, e.g., "PBKDF2(SHA-256)"
836* @param out buffer to store the derived key, must be of out_len bytes
837* @param out_len the desired length of the key to produce
838* @param passphrase the password to derive the key from
839* @param salt a randomly chosen salt
840* @param salt_len length of salt in bytes
841* @param milliseconds_to_run if iterations is zero, then instead the PBKDF is
842* run until milliseconds_to_run milliseconds has passed
843* @param out_iterations_used set to the number iterations executed
844* @return 0 on success, a negative value on failure
845*
846* Deprecated: use
847*
848* botan_pwdhash_timed(pbkdf_algo,
849* static_cast<uint32_t>(ms_to_run),
850* iterations_used,
851* nullptr,
852* nullptr,
853* out, out_len,
854* password, 0,
855* salt, salt_len);
856*/
857BOTAN_FFI_EXPORT(2, 0)
858int botan_pbkdf_timed(const char* pbkdf_algo,
859 uint8_t out[],
860 size_t out_len,
861 const char* passphrase,
862 const uint8_t salt[],
863 size_t salt_len,
864 size_t milliseconds_to_run,
865 size_t* out_iterations_used);
866
867/*
868* Derive a key from a passphrase
869* @param algo PBKDF algorithm, e.g., "PBKDF2(SHA-256)" or "Scrypt"
870* @param param1 the first PBKDF algorithm parameter
871* @param param2 the second PBKDF algorithm parameter (may be zero if unneeded)
872* @param param3 the third PBKDF algorithm parameter (may be zero if unneeded)
873* @param out buffer to store the derived key, must be of out_len bytes
874* @param out_len the desired length of the key to produce
875* @param passphrase the password to derive the key from
876* @param passphrase_len if > 0, specifies length of password. If len == 0, then
877* strlen will be called on passphrase to compute the length.
878* @param salt a randomly chosen salt
879* @param salt_len length of salt in bytes
880* @return 0 on success, a negative value on failure
881*/
882BOTAN_FFI_EXPORT(2, 8)
883int botan_pwdhash(const char* algo,
884 size_t param1,
885 size_t param2,
886 size_t param3,
887 uint8_t out[],
888 size_t out_len,
889 const char* passphrase,
890 size_t passphrase_len,
891 const uint8_t salt[],
892 size_t salt_len);
893
894/*
895* Derive a key from a passphrase
896* @param pbkdf_algo PBKDF algorithm, e.g., "Scrypt" or "PBKDF2(SHA-256)"
897* @param msec the desired runtime in milliseconds
898* @param param1 will be set to the first password hash parameter
899* @param param2 will be set to the second password hash parameter
900* @param param3 will be set to the third password hash parameter
901* @param out buffer to store the derived key, must be of out_len bytes
902* @param out_len the desired length of the key to produce
903* @param passphrase the password to derive the key from
904* @param passphrase_len if > 0, specifies length of password. If len == 0, then
905* strlen will be called on passphrase to compute the length.
906* @param salt a randomly chosen salt
907* @param salt_len length of salt in bytes
908* @return 0 on success, a negative value on failure
909*/
910BOTAN_FFI_EXPORT(2, 8)
911int botan_pwdhash_timed(const char* algo,
912 uint32_t msec,
913 size_t* param1,
914 size_t* param2,
915 size_t* param3,
916 uint8_t out[],
917 size_t out_len,
918 const char* passphrase,
919 size_t passphrase_len,
920 const uint8_t salt[],
921 size_t salt_len);
922
923/**
924* Derive a key using scrypt
925* Deprecated; use
926* botan_pwdhash("Scrypt", N, r, p, out, out_len, password, 0, salt, salt_len);
927*/
928BOTAN_FFI_DEPRECATED("Use botan_pwdhash")
929BOTAN_FFI_EXPORT(2, 8)
930int botan_scrypt(uint8_t out[],
931 size_t out_len,
932 const char* passphrase,
933 const uint8_t salt[],
934 size_t salt_len,
935 size_t N,
936 size_t r,
937 size_t p);
938
939/**
940* Derive a key
941* @param kdf_algo KDF algorithm, e.g., "SP800-56C"
942* @param out buffer holding the derived key, must be of length out_len
943* @param out_len the desired output length in bytes
944* @param secret the secret input
945* @param secret_len size of secret in bytes
946* @param salt a diversifier
947* @param salt_len size of salt in bytes
948* @param label purpose for the derived keying material
949* @param label_len size of label in bytes
950* @return 0 on success, a negative value on failure
951*/
952BOTAN_FFI_EXPORT(2, 0)
953int botan_kdf(const char* kdf_algo,
954 uint8_t out[],
955 size_t out_len,
956 const uint8_t secret[],
957 size_t secret_len,
958 const uint8_t salt[],
959 size_t salt_len,
960 const uint8_t label[],
961 size_t label_len);
962
963/*
964* Raw Block Cipher (PRP) interface
965*/
966typedef struct botan_block_cipher_struct* botan_block_cipher_t;
967
968/**
969* Initialize a block cipher object
970*/
971BOTAN_FFI_EXPORT(2, 1) int botan_block_cipher_init(botan_block_cipher_t* bc, const char* cipher_name);
972
973/**
974* Destroy a block cipher object
975* @return 0 if success, error if invalid object handle
976*/
977BOTAN_FFI_EXPORT(2, 1) int botan_block_cipher_destroy(botan_block_cipher_t bc);
978
979/**
980* Reinitializes the block cipher
981* @return 0 on success, a negative value on failure
982*/
983BOTAN_FFI_EXPORT(2, 1) int botan_block_cipher_clear(botan_block_cipher_t bc);
984
985/**
986* Set the key for a block cipher instance
987*/
988BOTAN_FFI_EXPORT(2, 1) int botan_block_cipher_set_key(botan_block_cipher_t bc, const uint8_t key[], size_t len);
989
990/**
991* Return the positive block size of this block cipher, or negative to
992* indicate an error
993*/
994BOTAN_FFI_EXPORT(2, 1) int botan_block_cipher_block_size(botan_block_cipher_t bc);
995
996/**
997* Encrypt one or more blocks with the cipher
998*/
999BOTAN_FFI_EXPORT(2, 1)
1000int botan_block_cipher_encrypt_blocks(botan_block_cipher_t bc, const uint8_t in[], uint8_t out[], size_t blocks);
1001
1002/**
1003* Decrypt one or more blocks with the cipher
1004*/
1005BOTAN_FFI_EXPORT(2, 1)
1006int botan_block_cipher_decrypt_blocks(botan_block_cipher_t bc, const uint8_t in[], uint8_t out[], size_t blocks);
1007
1008/**
1009* Get the name of this block cipher
1010* @param cipher the object to read
1011* @param name output buffer
1012* @param name_len on input, the length of buffer, on success the number of bytes written
1013*/
1014BOTAN_FFI_EXPORT(2, 8) int botan_block_cipher_name(botan_block_cipher_t cipher, char* name, size_t* name_len);
1015
1016/**
1017* Get the key length limits of this block cipher
1018* @param cipher the object to read
1019* @param out_minimum_keylength if non-NULL, will be set to minimum keylength of cipher
1020* @param out_maximum_keylength if non-NULL, will be set to maximum keylength of cipher
1021* @param out_keylength_modulo if non-NULL will be set to byte multiple of valid keys
1022*/
1023BOTAN_FFI_EXPORT(2, 8)
1024int botan_block_cipher_get_keyspec(botan_block_cipher_t cipher,
1025 size_t* out_minimum_keylength,
1026 size_t* out_maximum_keylength,
1027 size_t* out_keylength_modulo);
1028
1029/*
1030* Multiple precision integers (MPI)
1031*/
1032typedef struct botan_mp_struct* botan_mp_t;
1033
1034/**
1035* Initialize an MPI
1036*/
1037BOTAN_FFI_EXPORT(2, 1) int botan_mp_init(botan_mp_t* mp);
1038
1039/**
1040* Destroy (deallocate) an MPI
1041* @return 0 if success, error if invalid object handle
1042*/
1043BOTAN_FFI_EXPORT(2, 1) int botan_mp_destroy(botan_mp_t mp);
1044
1045/**
1046* Convert the MPI to a hex string. Writes up to botan_mp_num_bytes(mp)*2 + 5 bytes
1047*
1048* Prefer botan_mp_view_hex
1049*/
1050BOTAN_FFI_EXPORT(2, 1) int botan_mp_to_hex(botan_mp_t mp, char* out);
1051
1052/**
1053* View the hex string encoding of the MPI.
1054*/
1055BOTAN_FFI_EXPORT(3, 10) int botan_mp_view_hex(botan_mp_t mp, botan_view_ctx ctx, botan_view_str_fn view);
1056
1057/**
1058* Convert the MPI to a string. Currently radix == 10 and radix == 16 are supported.
1059*/
1060BOTAN_FFI_EXPORT(2, 1) int botan_mp_to_str(botan_mp_t mp, uint8_t radix, char* out, size_t* out_len);
1061
1062/**
1063* View the MPI as a radix-N integer. Currently only radix 10 and radix 16 are supported
1064*/
1065BOTAN_FFI_EXPORT(3, 10) int botan_mp_view_str(botan_mp_t mp, uint8_t radix, botan_view_ctx ctx, botan_view_str_fn view);
1066
1067/**
1068* Set the MPI to zero
1069*/
1070BOTAN_FFI_EXPORT(2, 1) int botan_mp_clear(botan_mp_t mp);
1071
1072/**
1073* Set the MPI value from an int
1074*/
1075BOTAN_FFI_EXPORT(2, 1) int botan_mp_set_from_int(botan_mp_t mp, int initial_value);
1076
1077/**
1078* Set the MPI value from another MP object
1079*/
1080BOTAN_FFI_EXPORT(2, 1) int botan_mp_set_from_mp(botan_mp_t dest, botan_mp_t source);
1081
1082/**
1083* Set the MPI value from a string
1084*/
1085BOTAN_FFI_EXPORT(2, 1) int botan_mp_set_from_str(botan_mp_t dest, const char* str);
1086
1087/**
1088* Set the MPI value from a string with arbitrary radix.
1089* For arbitrary being 10 or 16.
1090*/
1091BOTAN_FFI_EXPORT(2, 1) int botan_mp_set_from_radix_str(botan_mp_t dest, const char* str, size_t radix);
1092
1093/**
1094* Return the number of significant bits in the MPI
1095*/
1096BOTAN_FFI_EXPORT(2, 1) int botan_mp_num_bits(botan_mp_t n, size_t* bits);
1097
1098/**
1099* Return the number of significant bytes in the MPI
1100*/
1101BOTAN_FFI_EXPORT(2, 1) int botan_mp_num_bytes(botan_mp_t n, size_t* bytes);
1102
1103/*
1104* Convert the MPI to a big-endian binary string. Writes botan_mp_num_bytes to vec
1105*
1106* Note that the sign of the integer is ignored here; only the absolute value is copied
1107*/
1108BOTAN_FFI_EXPORT(2, 1) int botan_mp_to_bin(botan_mp_t mp, uint8_t vec[]);
1109
1110/*
1111* View the big-endian binary string encoding of this integer
1112*
1113* Note that the sign of the integer is ignored here; only the absolute value is viewed
1114*/
1115BOTAN_FFI_EXPORT(3, 10) int botan_mp_view_bin(botan_mp_t mp, botan_view_ctx ctx, botan_view_bin_fn view);
1116
1117/*
1118* Set an MP to the big-endian binary value
1119*/
1120BOTAN_FFI_EXPORT(2, 1) int botan_mp_from_bin(botan_mp_t mp, const uint8_t vec[], size_t vec_len);
1121
1122/*
1123* Convert the MPI to a uint32_t, if possible. Fails if MPI is negative or too large.
1124*/
1125BOTAN_FFI_EXPORT(2, 1) int botan_mp_to_uint32(botan_mp_t mp, uint32_t* val);
1126
1127/**
1128* This function should have been named mp_is_non_negative. Returns 1
1129* iff mp is greater than *or equal to* zero. Use botan_mp_is_negative
1130* to detect negative numbers, botan_mp_is_zero to check for zero.
1131*/
1132BOTAN_FFI_EXPORT(2, 1) int botan_mp_is_positive(botan_mp_t mp);
1133
1134/**
1135* Return 1 iff mp is less than 0
1136*/
1137BOTAN_FFI_EXPORT(2, 1) int botan_mp_is_negative(botan_mp_t mp);
1138
1139BOTAN_FFI_EXPORT(2, 1) int botan_mp_flip_sign(botan_mp_t mp);
1140
1141BOTAN_FFI_EXPORT(2, 1) int botan_mp_is_zero(botan_mp_t mp);
1142
1143BOTAN_FFI_DEPRECATED("Use botan_mp_get_bit(0)") BOTAN_FFI_EXPORT(2, 1) int botan_mp_is_odd(botan_mp_t mp);
1144BOTAN_FFI_DEPRECATED("Use botan_mp_get_bit(0)") BOTAN_FFI_EXPORT(2, 1) int botan_mp_is_even(botan_mp_t mp);
1145
1146BOTAN_FFI_EXPORT(2, 8) int botan_mp_add_u32(botan_mp_t result, botan_mp_t x, uint32_t y);
1147BOTAN_FFI_EXPORT(2, 8) int botan_mp_sub_u32(botan_mp_t result, botan_mp_t x, uint32_t y);
1148
1149BOTAN_FFI_EXPORT(2, 1) int botan_mp_add(botan_mp_t result, botan_mp_t x, botan_mp_t y);
1150BOTAN_FFI_EXPORT(2, 1) int botan_mp_sub(botan_mp_t result, botan_mp_t x, botan_mp_t y);
1151BOTAN_FFI_EXPORT(2, 1) int botan_mp_mul(botan_mp_t result, botan_mp_t x, botan_mp_t y);
1152
1153BOTAN_FFI_EXPORT(2, 1)
1154int botan_mp_div(botan_mp_t quotient, botan_mp_t remainder, botan_mp_t x, botan_mp_t y);
1155
1156BOTAN_FFI_EXPORT(2, 1)
1157int botan_mp_mod_mul(botan_mp_t result, botan_mp_t x, botan_mp_t y, botan_mp_t mod);
1158
1159/*
1160* Returns 0 if x != y
1161* Returns 1 if x == y
1162* Returns negative number on error
1163*/
1164BOTAN_FFI_EXPORT(2, 1) int botan_mp_equal(botan_mp_t x, botan_mp_t y);
1165
1166/*
1167* Sets *result to comparison result:
1168* -1 if x < y, 0 if x == y, 1 if x > y
1169* Returns negative number on error or zero on success
1170*/
1171BOTAN_FFI_EXPORT(2, 1) int botan_mp_cmp(int* result, botan_mp_t x, botan_mp_t y);
1172
1173/*
1174* Swap two botan_mp_t
1175*/
1176BOTAN_FFI_EXPORT(2, 1) int botan_mp_swap(botan_mp_t x, botan_mp_t y);
1177
1178/* Return (base^exponent) % modulus */
1179BOTAN_FFI_EXPORT(2, 1)
1180int botan_mp_powmod(botan_mp_t out, botan_mp_t base, botan_mp_t exponent, botan_mp_t modulus);
1181
1182BOTAN_FFI_EXPORT(2, 1) int botan_mp_lshift(botan_mp_t out, botan_mp_t in, size_t shift);
1183BOTAN_FFI_EXPORT(2, 1) int botan_mp_rshift(botan_mp_t out, botan_mp_t in, size_t shift);
1184
1185BOTAN_FFI_EXPORT(2, 1) int botan_mp_mod_inverse(botan_mp_t out, botan_mp_t in, botan_mp_t modulus);
1186
1187BOTAN_FFI_EXPORT(2, 1) int botan_mp_rand_bits(botan_mp_t rand_out, botan_rng_t rng, size_t bits);
1188
1189BOTAN_FFI_EXPORT(2, 1)
1190int botan_mp_rand_range(botan_mp_t rand_out, botan_rng_t rng, botan_mp_t lower_bound, botan_mp_t upper_bound);
1191
1192BOTAN_FFI_EXPORT(2, 1) int botan_mp_gcd(botan_mp_t out, botan_mp_t x, botan_mp_t y);
1193
1194/**
1195* Returns 0 if n is not prime
1196* Returns 1 if n is prime
1197* Returns negative number on error
1198*/
1199BOTAN_FFI_EXPORT(2, 1) int botan_mp_is_prime(botan_mp_t n, botan_rng_t rng, size_t test_prob);
1200
1201/**
1202* Returns 0 if specified bit of n is not set
1203* Returns 1 if specified bit of n is set
1204* Returns negative number on error
1205*/
1206BOTAN_FFI_EXPORT(2, 1) int botan_mp_get_bit(botan_mp_t n, size_t bit);
1207
1208/**
1209* Set the specified bit
1210*/
1211BOTAN_FFI_EXPORT(2, 1) int botan_mp_set_bit(botan_mp_t n, size_t bit);
1212
1213/**
1214* Clear the specified bit
1215*/
1216BOTAN_FFI_EXPORT(2, 1) int botan_mp_clear_bit(botan_mp_t n, size_t bit);
1217
1218/* Bcrypt password hashing */
1219
1220/**
1221* Create a password hash using Bcrypt
1222* @param out buffer holding the password hash, should be of length 64 bytes
1223* @param out_len the desired output length in bytes
1224* @param password the password
1225* @param rng a random number generator
1226* @param work_factor how much work to do to slow down guessing attacks
1227* @param flags should be 0 in current API revision, all other uses are reserved
1228* and return BOTAN_FFI_ERROR_BAD_FLAG
1229* @return 0 on success, a negative value on failure
1230*
1231* Output is formatted bcrypt $2a$...
1232*
1233* TOD(Botan4) this should use char for the type of `out`
1234*/
1235BOTAN_FFI_EXPORT(2, 0)
1236int botan_bcrypt_generate(
1237 uint8_t* out, size_t* out_len, const char* password, botan_rng_t rng, size_t work_factor, uint32_t flags);
1238
1239/**
1240* Check a previously created password hash
1241* @param pass the password to check against
1242* @param hash the stored hash to check against
1243* @return 0 if if this password/hash combination is valid,
1244* 1 if the combination is not valid (but otherwise well formed),
1245* negative on error
1246*/
1247BOTAN_FFI_EXPORT(2, 0) int botan_bcrypt_is_valid(const char* pass, const char* hash);
1248
1249/*
1250* OIDs
1251*/
1252
1253typedef struct botan_asn1_oid_struct* botan_asn1_oid_t;
1254
1255/**
1256* @returns negative number on error, or zero on success
1257*/
1258BOTAN_FFI_EXPORT(3, 8) int botan_oid_destroy(botan_asn1_oid_t oid);
1259
1260/**
1261* Create an OID from a string, either dot notation (e.g. '1.2.3.4') or a registered name (e.g. 'RSA')
1262* @param oid handle to the resulting OID
1263* @param oid_str the name of the OID to create
1264* @returns negative number on error, or zero on success
1265*/
1266BOTAN_FFI_EXPORT(3, 8) int botan_oid_from_string(botan_asn1_oid_t* oid, const char* oid_str);
1267
1268/**
1269* Registers an OID so that it may later be retrieved by name
1270* @returns negative number on error, or zero on success
1271*/
1272BOTAN_FFI_EXPORT(3, 8) int botan_oid_register(botan_asn1_oid_t oid, const char* name);
1273
1274/**
1275* View an OID in dot notation
1276*/
1277BOTAN_FFI_EXPORT(3, 8) int botan_oid_view_string(botan_asn1_oid_t oid, botan_view_ctx ctx, botan_view_str_fn view);
1278
1279/**
1280* View an OIDs registered name if it exists, else its dot notation
1281*/
1282BOTAN_FFI_EXPORT(3, 8) int botan_oid_view_name(botan_asn1_oid_t oid, botan_view_ctx ctx, botan_view_str_fn view);
1283
1284/**
1285* @returns 0 if a != b
1286* @returns 1 if a == b
1287* @returns negative number on error
1288*/
1289BOTAN_FFI_EXPORT(3, 8) int botan_oid_equal(botan_asn1_oid_t a, botan_asn1_oid_t b);
1290
1291/**
1292* Sets @param result to comparison result:
1293* -1 if a < b, 0 if a == b, 1 if a > b
1294* @returns negative number on error or zero on success
1295*/
1296BOTAN_FFI_EXPORT(3, 8) int botan_oid_cmp(int* result, botan_asn1_oid_t a, botan_asn1_oid_t b);
1297
1298/*
1299* EC Groups
1300*/
1301
1302typedef struct botan_ec_group_struct* botan_ec_group_t;
1303
1304/**
1305* @returns negative number on error, or zero on success
1306*/
1307BOTAN_FFI_EXPORT(3, 8) int botan_ec_group_destroy(botan_ec_group_t ec_group);
1308
1309/**
1310* Checks if in this build configuration it is possible to register an application specific elliptic curve and sets
1311* @param out to 1 if so, 0 otherwise
1312* @returns 0 on success, a negative value on failure
1313*/
1314BOTAN_FFI_EXPORT(3, 8) int botan_ec_group_supports_application_specific_group(int* out);
1315
1316/**
1317* Checks if in this build configuration botan_ec_group_from_name(group_ptr, name) will succeed and sets
1318* @param out to 1 if so, 0 otherwise.
1319* @returns negative number on error, or zero on success
1320*/
1321BOTAN_FFI_EXPORT(3, 8) int botan_ec_group_supports_named_group(const char* name, int* out);
1322
1323/**
1324* Create a new EC Group from parameters
1325* @warning use only elliptic curve parameters that you trust
1326*
1327* @param ec_group the new object will be placed here
1328* @param p the elliptic curve prime (at most 521 bits)
1329* @param a the elliptic curve a param
1330* @param b the elliptic curve b param
1331* @param base_x the x coordinate of the group generator
1332* @param base_y the y coordinate of the group generator
1333* @param order the order of the group
1334* @returns negative number on error, or zero on success
1335*/
1336BOTAN_FFI_EXPORT(3, 8)
1337int botan_ec_group_from_params(botan_ec_group_t* ec_group,
1338 botan_asn1_oid_t oid,
1339 botan_mp_t p,
1340 botan_mp_t a,
1341 botan_mp_t b,
1342 botan_mp_t base_x,
1343 botan_mp_t base_y,
1344 botan_mp_t order);
1345
1346/**
1347* Decode a BER encoded ECC domain parameter set
1348* @param ec_group the new object will be placed here
1349* @param ber encoding
1350* @param ber_len size of the encoding in bytes
1351* @returns negative number on error, or zero on success
1352*/
1353BOTAN_FFI_EXPORT(3, 8) int botan_ec_group_from_ber(botan_ec_group_t* ec_group, const uint8_t* ber, size_t ber_len);
1354
1355/**
1356* Initialize an EC Group from the PEM/ASN.1 encoding
1357* @param ec_group the new object will be placed here
1358* @param pem encoding
1359* @returns negative number on error, or zero on success
1360*/
1361BOTAN_FFI_EXPORT(3, 8) int botan_ec_group_from_pem(botan_ec_group_t* ec_group, const char* pem);
1362
1363/**
1364* Initialize an EC Group from a group named by an object identifier
1365* @param ec_group the new object will be placed here
1366* @param oid a known OID
1367* @returns negative number on error, or zero on success
1368*/
1369BOTAN_FFI_EXPORT(3, 8) int botan_ec_group_from_oid(botan_ec_group_t* ec_group, botan_asn1_oid_t oid);
1370
1371/**
1372* Initialize an EC Group from a common group name (eg "secp256r1")
1373* @param ec_group the new object will be placed here
1374* @param name a known group name
1375* @returns negative number on error, or zero on success
1376*/
1377BOTAN_FFI_EXPORT(3, 8) int botan_ec_group_from_name(botan_ec_group_t* ec_group, const char* name);
1378
1379/**
1380* Unregister a previously registered group.
1381* @param oid the oid associated with the group to unregister
1382* @returns 1 if the group was found and unregistered, else 0
1383*
1384* Using this is discouraged for normal use. This is only useful or necessary if
1385* you are registering a very large number of distinct groups, and need to worry about memory constraints.
1386*/
1387BOTAN_FFI_EXPORT(3, 11) int botan_ec_group_unregister(botan_asn1_oid_t oid);
1388
1389/**
1390* View an EC Group in DER encoding
1391*/
1392BOTAN_FFI_EXPORT(3, 8)
1393int botan_ec_group_view_der(botan_ec_group_t ec_group, botan_view_ctx ctx, botan_view_bin_fn view);
1394
1395/**
1396* View an EC Group in PEM encoding
1397*/
1398BOTAN_FFI_EXPORT(3, 8)
1399int botan_ec_group_view_pem(botan_ec_group_t ec_group, botan_view_ctx ctx, botan_view_str_fn view);
1400
1401/**
1402* Get the curve OID of an EC Group
1403*/
1404BOTAN_FFI_EXPORT(3, 8) int botan_ec_group_get_curve_oid(botan_asn1_oid_t* oid, botan_ec_group_t ec_group);
1405
1406/**
1407* Get the prime modulus of the field
1408*/
1409BOTAN_FFI_EXPORT(3, 8) int botan_ec_group_get_p(botan_mp_t* p, botan_ec_group_t ec_group);
1410
1411/**
1412* Get the a parameter of the elliptic curve equation
1413*/
1414BOTAN_FFI_EXPORT(3, 8) int botan_ec_group_get_a(botan_mp_t* a, botan_ec_group_t ec_group);
1415
1416/**
1417* Get the b parameter of the elliptic curve equation
1418*/
1419BOTAN_FFI_EXPORT(3, 8) int botan_ec_group_get_b(botan_mp_t* b, botan_ec_group_t ec_group);
1420
1421/**
1422* Get the x coordinate of the base point
1423*/
1424BOTAN_FFI_EXPORT(3, 8) int botan_ec_group_get_g_x(botan_mp_t* g_x, botan_ec_group_t ec_group);
1425
1426/**
1427* Get the y coordinate of the base point
1428*/
1429BOTAN_FFI_EXPORT(3, 8) int botan_ec_group_get_g_y(botan_mp_t* g_y, botan_ec_group_t ec_group);
1430
1431/**
1432* Get the order of the base point
1433*/
1434BOTAN_FFI_EXPORT(3, 8) int botan_ec_group_get_order(botan_mp_t* order, botan_ec_group_t ec_group);
1435
1436/**
1437* @returns 0 if curve1 != curve2
1438* @returns 1 if curve1 == curve2
1439* @returns negative number on error
1440*/
1441BOTAN_FFI_EXPORT(3, 8) int botan_ec_group_equal(botan_ec_group_t curve1, botan_ec_group_t curve2);
1442
1443/*
1444* EC Points and Scalars
1445*/
1446typedef struct botan_ec_scalar_struct* botan_ec_scalar_t;
1447typedef struct botan_ec_point_struct* botan_ec_point_t;
1448
1449BOTAN_FFI_EXPORT(3, 12) int botan_ec_scalar_destroy(botan_ec_scalar_t ec_scalar);
1450
1451/**
1452* Create a new random scalar value
1453*/
1454BOTAN_FFI_EXPORT(3, 12)
1455int botan_ec_scalar_random(botan_ec_scalar_t* ec_scalar, botan_ec_group_t ec_group, botan_rng_t rng);
1456
1457/**
1458* Convert from an MPI to a scalar
1459* @returns a negative number if the provided MPI is negative or too large, 0 on success
1460*/
1461BOTAN_FFI_EXPORT(3, 12)
1462int botan_ec_scalar_from_mp(botan_ec_scalar_t* ec_scalar, botan_ec_group_t ec_group, botan_mp_t mp);
1463
1464/**
1465* Convert from a scalar to an MPI
1466* @returns a negative number on failure, 0 on success
1467*/
1468BOTAN_FFI_EXPORT(3, 12)
1469int botan_ec_scalar_to_mp(botan_ec_scalar_t ec_scalar, botan_mp_t* mp);
1470
1471BOTAN_FFI_EXPORT(3, 12) int botan_ec_point_destroy(botan_ec_point_t ec_point);
1472
1473/**
1474* Create a point set to the identity element of the group
1475*/
1476BOTAN_FFI_EXPORT(3, 12) int botan_ec_point_identity(botan_ec_point_t* ec_point, botan_ec_group_t ec_group);
1477
1478/**
1479* Create a point set to the standard group generator
1480*/
1481BOTAN_FFI_EXPORT(3, 12) int botan_ec_point_generator(botan_ec_point_t* ec_point, botan_ec_group_t ec_group);
1482
1483/**
1484* Create a point from a pair (x,y) of integers
1485* The integers must be within the field and must satisfy the curve equation
1486*/
1487BOTAN_FFI_EXPORT(3, 12)
1488int botan_ec_point_from_xy(botan_ec_point_t* ec_point, botan_ec_group_t ec_group, botan_mp_t x, botan_mp_t y);
1489
1490/**
1491* Create a point from a SEC1 compressed or uncompressed format.
1492* @returns negative number on error
1493*/
1494BOTAN_FFI_EXPORT(3, 12)
1495int botan_ec_point_from_bytes(botan_ec_point_t* ec_point,
1496 botan_ec_group_t ec_group,
1497 const uint8_t* bytes,
1498 size_t bytes_len);
1499
1500/**
1501* View the fixed length encoding of the affine x coordinate
1502* @returns negative number on error
1503*/
1504BOTAN_FFI_EXPORT(3, 12)
1505int botan_ec_point_view_x_bytes(botan_ec_point_t ec_point, botan_view_ctx ctx, botan_view_bin_fn view);
1506
1507/**
1508* View the fixed length encoding of the affine y coordinate
1509* @returns negative number on error
1510*/
1511BOTAN_FFI_EXPORT(3, 12)
1512int botan_ec_point_view_y_bytes(botan_ec_point_t ec_point, botan_view_ctx ctx, botan_view_bin_fn view);
1513
1514/**
1515* View the fixed length encoding of the affine x and y coordinates
1516* @returns negative number on error
1517*/
1518BOTAN_FFI_EXPORT(3, 12)
1519int botan_ec_point_view_xy_bytes(botan_ec_point_t ec_point, botan_view_ctx ctx, botan_view_bin_fn view);
1520
1521/**
1522* View the fixed length SEC1 uncompressed encoding
1523* @returns negative number on error
1524*/
1525BOTAN_FFI_EXPORT(3, 12)
1526int botan_ec_point_view_uncompressed(botan_ec_point_t ec_point, botan_view_ctx ctx, botan_view_bin_fn view);
1527
1528/**
1529* View the fixed length SEC1 compressed encoding
1530* @returns negative number on error
1531*/
1532BOTAN_FFI_EXPORT(3, 12)
1533int botan_ec_point_view_compressed(botan_ec_point_t ec_point, botan_view_ctx ctx, botan_view_bin_fn view);
1534
1535/**
1536* @returns 1 if @param ec_point is the identity element, else 0
1537* @returns negative number on error
1538*/
1539BOTAN_FFI_EXPORT(3, 12) int botan_ec_point_is_identity(botan_ec_point_t ec_point);
1540
1541/**
1542* @returns 1 if @param x == @param y else 0 otherwise
1543* @returns negative number on error
1544*/
1545BOTAN_FFI_EXPORT(3, 12) int botan_ec_point_equal(botan_ec_point_t x, botan_ec_point_t y);
1546
1547/**
1548* @param ec_point point to negate
1549* @param result contains the result
1550*/
1551BOTAN_FFI_EXPORT(3, 12) int botan_ec_point_negate(botan_ec_point_t* result, botan_ec_point_t ec_point);
1552
1553BOTAN_FFI_EXPORT(3, 12) int botan_ec_point_add(botan_ec_point_t* result, botan_ec_point_t x, botan_ec_point_t y);
1554
1555BOTAN_FFI_EXPORT(3, 12)
1556int botan_ec_point_mul(botan_ec_point_t* result,
1557 botan_ec_point_t ec_point,
1558 botan_ec_scalar_t ec_scalar,
1559 botan_rng_t rng);
1560
1561/*
1562* Public/private key creation, import, ...
1563*/
1564typedef struct botan_privkey_struct* botan_privkey_t;
1565
1566/**
1567* Create a new private key
1568* @param key the new object will be placed here
1569* @param algo_name something like "RSA" or "ECDSA"
1570* @param algo_params is specific to the algorithm. For RSA, specifies
1571* the modulus bit length. For ECC is the name of the curve.
1572* @param rng a random number generator
1573*/
1574BOTAN_FFI_EXPORT(2, 0)
1575int botan_privkey_create(botan_privkey_t* key, const char* algo_name, const char* algo_params, botan_rng_t rng);
1576
1577/**
1578* Create a new ec private key
1579* @param key the new object will be placed here
1580* @param algo_name something like "ECDSA" or "ECDH"
1581* @param ec_group a (possibly application specific) elliptic curve
1582* @param rng a random number generator
1583*/
1584BOTAN_FFI_EXPORT(3, 8)
1585int botan_ec_privkey_create(botan_privkey_t* key, const char* algo_name, botan_ec_group_t ec_group, botan_rng_t rng);
1586
1587#define BOTAN_CHECK_KEY_EXPENSIVE_TESTS 1
1588
1589BOTAN_FFI_EXPORT(2, 0) int botan_privkey_check_key(botan_privkey_t key, botan_rng_t rng, uint32_t flags);
1590
1591BOTAN_FFI_DEPRECATED("Use botan_privkey_create")
1592BOTAN_FFI_EXPORT(2, 0) int botan_privkey_create_rsa(botan_privkey_t* key, botan_rng_t rng, size_t n_bits);
1593BOTAN_FFI_DEPRECATED("Use botan_privkey_create")
1594BOTAN_FFI_EXPORT(2, 0) int botan_privkey_create_ecdsa(botan_privkey_t* key, botan_rng_t rng, const char* params);
1595BOTAN_FFI_DEPRECATED("Use botan_privkey_create")
1596BOTAN_FFI_EXPORT(2, 0) int botan_privkey_create_ecdh(botan_privkey_t* key, botan_rng_t rng, const char* params);
1597BOTAN_FFI_DEPRECATED("Use botan_privkey_create")
1598BOTAN_FFI_EXPORT(2, 0) int botan_privkey_create_mceliece(botan_privkey_t* key, botan_rng_t rng, size_t n, size_t t);
1599BOTAN_FFI_DEPRECATED("Use botan_privkey_create")
1600BOTAN_FFI_EXPORT(2, 0) int botan_privkey_create_dh(botan_privkey_t* key, botan_rng_t rng, const char* param);
1601
1602/**
1603 * Generates DSA key pair. Gives to a caller control over key length
1604 * and order of a subgroup 'q'.
1605 *
1606 * @param key handler to the resulting key
1607 * @param rng initialized PRNG
1608 * @param pbits length of the key in bits. Must be between in range (1024, 3072)
1609 * and multiple of 64. Bit size of the prime 'p'
1610 * @param qbits order of the subgroup. Must be in range (160, 256) and multiple
1611 * of 8
1612 *
1613 * @returns BOTAN_FFI_SUCCESS Success, `key' initialized with DSA key
1614 * @returns BOTAN_FFI_ERROR_NULL_POINTER either `key' or `rng' is NULL
1615 * @returns BOTAN_FFI_ERROR_BAD_PARAMETER unexpected value for either `pbits' or
1616 * `qbits'
1617 * @returns BOTAN_FFI_ERROR_NOT_IMPLEMENTED functionality not implemented
1618 *
1619*/
1620BOTAN_FFI_EXPORT(2, 5) int botan_privkey_create_dsa(botan_privkey_t* key, botan_rng_t rng, size_t pbits, size_t qbits);
1621
1622/**
1623 * Generates ElGamal key pair. Caller has a control over key length
1624 * and order of a subgroup 'q'. Function is able to use two types of
1625 * primes:
1626 * * if pbits-1 == qbits then safe primes are used for key generation
1627 * * otherwise generation uses group of prime order
1628 *
1629 * @param key handler to the resulting key
1630 * @param rng initialized PRNG
1631 * @param pbits length of the key in bits. Must be at least 1024
1632 * @param qbits order of the subgroup. Must be at least 160
1633 *
1634 * @returns BOTAN_FFI_SUCCESS Success, `key' initialized with DSA key
1635 * @returns BOTAN_FFI_ERROR_NULL_POINTER either `key' or `rng' is NULL
1636 * @returns BOTAN_FFI_ERROR_BAD_PARAMETER unexpected value for either `pbits' or
1637 * `qbits'
1638 * @returns BOTAN_FFI_ERROR_NOT_IMPLEMENTED functionality not implemented
1639 *
1640*/
1641BOTAN_FFI_EXPORT(2, 5)
1642int botan_privkey_create_elgamal(botan_privkey_t* key, botan_rng_t rng, size_t pbits, size_t qbits);
1643
1644/**
1645* Input currently assumed to be PKCS #8 structure;
1646* Set password to NULL to indicate no encryption expected
1647* Starting in 2.8.0, the rng parameter is unused and may be set to null
1648*/
1649BOTAN_FFI_EXPORT(2, 0)
1650int botan_privkey_load(botan_privkey_t* key, botan_rng_t rng, const uint8_t bits[], size_t len, const char* password);
1651
1652/**
1653* @return 0 if success, error if invalid object handle
1654*/
1655BOTAN_FFI_EXPORT(2, 0) int botan_privkey_destroy(botan_privkey_t key);
1656
1657#define BOTAN_PRIVKEY_EXPORT_FLAG_DER 0
1658#define BOTAN_PRIVKEY_EXPORT_FLAG_PEM 1
1659#define BOTAN_PRIVKEY_EXPORT_FLAG_RAW 2
1660
1661/**
1662* On input *out_len is number of bytes in out[]
1663* On output *out_len is number of bytes written (or required)
1664* If out is not big enough no output is written, *out_len is set and 1 is returned
1665* Returns 0 on success and sets
1666* If some other error occurs a negative integer is returned.
1667*/
1668BOTAN_FFI_DEPRECATED("Use botan_privkey_view_{der,pem,raw}")
1669BOTAN_FFI_EXPORT(2, 0) int botan_privkey_export(botan_privkey_t key, uint8_t out[], size_t* out_len, uint32_t flags);
1670
1671/**
1672* View the private key's DER encoding
1673*/
1674BOTAN_FFI_EXPORT(3, 0) int botan_privkey_view_der(botan_privkey_t key, botan_view_ctx ctx, botan_view_bin_fn view);
1675
1676/**
1677* View the private key's PEM encoding
1678*/
1679BOTAN_FFI_EXPORT(3, 0) int botan_privkey_view_pem(botan_privkey_t key, botan_view_ctx ctx, botan_view_str_fn view);
1680
1681/**
1682* View the private key's raw encoding
1683*/
1684BOTAN_FFI_EXPORT(3, 6) int botan_privkey_view_raw(botan_privkey_t key, botan_view_ctx ctx, botan_view_bin_fn view);
1685
1686BOTAN_FFI_EXPORT(2, 8) int botan_privkey_algo_name(botan_privkey_t key, char out[], size_t* out_len);
1687
1688/**
1689* Set encryption_algo to NULL or "" to have the library choose a default (recommended)
1690*/
1691BOTAN_FFI_DEPRECATED("Use botan_privkey_export_encrypted_pbkdf_{msec,iter}")
1692BOTAN_FFI_EXPORT(2, 0)
1693int botan_privkey_export_encrypted(botan_privkey_t key,
1694 uint8_t out[],
1695 size_t* out_len,
1696 botan_rng_t rng,
1697 const char* passphrase,
1698 const char* encryption_algo,
1699 uint32_t flags);
1700
1701/*
1702* Export a private key, running PBKDF for specified amount of time
1703* @param key the private key to export
1704*
1705* Note: starting in 3.0, the output iterations count is not provided
1706*/
1707BOTAN_FFI_DEPRECATED("Use botan_privkey_view_encrypted_{der,pem}_timed")
1708BOTAN_FFI_EXPORT(2, 0)
1709int botan_privkey_export_encrypted_pbkdf_msec(botan_privkey_t key,
1710 uint8_t out[],
1711 size_t* out_len,
1712 botan_rng_t rng,
1713 const char* passphrase,
1714 uint32_t pbkdf_msec_runtime,
1715 size_t* pbkdf_iterations_out,
1716 const char* cipher_algo,
1717 const char* pbkdf_algo,
1718 uint32_t flags);
1719
1720/**
1721* Export a private key using the specified number of iterations.
1722*/
1723BOTAN_FFI_DEPRECATED("Use botan_privkey_view_encrypted_{der,pem}")
1724BOTAN_FFI_EXPORT(2, 0)
1725int botan_privkey_export_encrypted_pbkdf_iter(botan_privkey_t key,
1726 uint8_t out[],
1727 size_t* out_len,
1728 botan_rng_t rng,
1729 const char* passphrase,
1730 size_t pbkdf_iterations,
1731 const char* cipher_algo,
1732 const char* pbkdf_algo,
1733 uint32_t flags);
1734
1735/**
1736* View the encryption of a private key (binary DER encoding)
1737*
1738* Set cipher_algo, pbkdf_algo to NULL to use defaults
1739* Set pbkdf_iterations to 0 to use defaults
1740*/
1741BOTAN_FFI_EXPORT(3, 0)
1742int botan_privkey_view_encrypted_der(botan_privkey_t key,
1743 botan_rng_t rng,
1744 const char* passphrase,
1745 const char* cipher_algo,
1746 const char* pbkdf_algo,
1747 size_t pbkdf_iterations,
1748 botan_view_ctx ctx,
1749 botan_view_bin_fn view);
1750
1751/**
1752* View the encryption of a private key (binary DER encoding)
1753*
1754* Set cipher_algo, pbkdf_algo to NULL to use defaults
1755*/
1756BOTAN_FFI_EXPORT(3, 0)
1757int botan_privkey_view_encrypted_der_timed(botan_privkey_t key,
1758 botan_rng_t rng,
1759 const char* passphrase,
1760 const char* cipher_algo,
1761 const char* pbkdf_algo,
1762 size_t pbkdf_runtime_msec,
1763 botan_view_ctx ctx,
1764 botan_view_bin_fn view);
1765
1766/**
1767* View the encryption of a private key (PEM encoding)
1768*
1769* Set cipher_algo, pbkdf_algo to NULL to use defaults
1770* Set pbkdf_iterations to 0 to use defaults
1771*/
1772BOTAN_FFI_EXPORT(3, 0)
1773int botan_privkey_view_encrypted_pem(botan_privkey_t key,
1774 botan_rng_t rng,
1775 const char* passphrase,
1776 const char* cipher_algo,
1777 const char* pbkdf_algo,
1778 size_t pbkdf_iterations,
1779 botan_view_ctx ctx,
1780 botan_view_str_fn view);
1781
1782/**
1783* View the encryption of a private key (PEM encoding)
1784*
1785* Set cipher_algo, pbkdf_algo to NULL to use defaults
1786*/
1787BOTAN_FFI_EXPORT(3, 0)
1788int botan_privkey_view_encrypted_pem_timed(botan_privkey_t key,
1789 botan_rng_t rng,
1790 const char* passphrase,
1791 const char* cipher_algo,
1792 const char* pbkdf_algo,
1793 size_t pbkdf_runtime_msec,
1794 botan_view_ctx ctx,
1795 botan_view_str_fn view);
1796
1797typedef struct botan_pubkey_struct* botan_pubkey_t;
1798
1799BOTAN_FFI_EXPORT(2, 0) int botan_pubkey_load(botan_pubkey_t* key, const uint8_t bits[], size_t len);
1800
1801BOTAN_FFI_EXPORT(2, 0) int botan_privkey_export_pubkey(botan_pubkey_t* out, botan_privkey_t in);
1802
1803BOTAN_FFI_DEPRECATED("Use botan_pubkey_view_{der,pem,raw}")
1804BOTAN_FFI_EXPORT(2, 0) int botan_pubkey_export(botan_pubkey_t key, uint8_t out[], size_t* out_len, uint32_t flags);
1805
1806/**
1807* View the public key's DER encoding
1808*/
1809BOTAN_FFI_EXPORT(3, 0) int botan_pubkey_view_der(botan_pubkey_t key, botan_view_ctx ctx, botan_view_bin_fn view);
1810
1811/**
1812* View the public key's PEM encoding
1813*/
1814BOTAN_FFI_EXPORT(3, 0) int botan_pubkey_view_pem(botan_pubkey_t key, botan_view_ctx ctx, botan_view_str_fn view);
1815
1816/**
1817* View the public key's raw encoding
1818*/
1819BOTAN_FFI_EXPORT(3, 6) int botan_pubkey_view_raw(botan_pubkey_t key, botan_view_ctx ctx, botan_view_bin_fn view);
1820
1821BOTAN_FFI_EXPORT(2, 0) int botan_pubkey_algo_name(botan_pubkey_t key, char out[], size_t* out_len);
1822
1823/**
1824* Returns 0 if key is valid, negative if invalid key or some other error
1825*/
1826BOTAN_FFI_EXPORT(2, 0) int botan_pubkey_check_key(botan_pubkey_t key, botan_rng_t rng, uint32_t flags);
1827
1828BOTAN_FFI_EXPORT(2, 0) int botan_pubkey_estimated_strength(botan_pubkey_t key, size_t* estimate);
1829
1830BOTAN_FFI_EXPORT(2, 0)
1831int botan_pubkey_fingerprint(botan_pubkey_t key, const char* hash, uint8_t out[], size_t* out_len);
1832
1833/**
1834* @return 0 if success, error if invalid object handle
1835*/
1836BOTAN_FFI_EXPORT(2, 0) int botan_pubkey_destroy(botan_pubkey_t key);
1837
1838/*
1839* Get arbitrary named fields from public or private keys
1840*/
1841BOTAN_FFI_EXPORT(2, 0) int botan_pubkey_get_field(botan_mp_t output, botan_pubkey_t key, const char* field_name);
1842
1843BOTAN_FFI_EXPORT(2, 0) int botan_privkey_get_field(botan_mp_t output, botan_privkey_t key, const char* field_name);
1844
1845/*
1846* Get the OID from public or private keys
1847*/
1848BOTAN_FFI_EXPORT(3, 8)
1849int botan_pubkey_oid(botan_asn1_oid_t* oid, botan_pubkey_t key);
1850
1851BOTAN_FFI_EXPORT(3, 8)
1852int botan_privkey_oid(botan_asn1_oid_t* oid, botan_privkey_t key);
1853
1854/**
1855* Checks whether a key is stateful and sets
1856* @param out to 1 if it is, or 0 if the key is not stateful
1857* @return 0 on success, a negative value on failure
1858*/
1859BOTAN_FFI_EXPORT(3, 8) int botan_privkey_stateful_operation(botan_privkey_t key, int* out);
1860
1861/**
1862* Gets information on many operations a (stateful) key has remaining and sets
1863* @param out to that value
1864* @return 0 on success, a negative value on failure or if the key is not stateful
1865*/
1866BOTAN_FFI_EXPORT(3, 8) int botan_privkey_remaining_operations(botan_privkey_t key, uint64_t* out);
1867
1868/*
1869* Algorithm specific key operations: RSA
1870*/
1871BOTAN_FFI_EXPORT(2, 0) int botan_privkey_load_rsa(botan_privkey_t* key, botan_mp_t p, botan_mp_t q, botan_mp_t e);
1872
1873BOTAN_FFI_EXPORT(2, 8) int botan_privkey_load_rsa_pkcs1(botan_privkey_t* key, const uint8_t bits[], size_t len);
1874
1875BOTAN_FFI_DEPRECATED("Use botan_privkey_get_field")
1876BOTAN_FFI_EXPORT(2, 0) int botan_privkey_rsa_get_p(botan_mp_t p, botan_privkey_t rsa_key);
1877BOTAN_FFI_DEPRECATED("Use botan_privkey_get_field")
1878BOTAN_FFI_EXPORT(2, 0) int botan_privkey_rsa_get_q(botan_mp_t q, botan_privkey_t rsa_key);
1879BOTAN_FFI_DEPRECATED("Use botan_privkey_get_field")
1880BOTAN_FFI_EXPORT(2, 0) int botan_privkey_rsa_get_d(botan_mp_t d, botan_privkey_t rsa_key);
1881BOTAN_FFI_DEPRECATED("Use botan_privkey_get_field")
1882BOTAN_FFI_EXPORT(2, 0) int botan_privkey_rsa_get_n(botan_mp_t n, botan_privkey_t rsa_key);
1883BOTAN_FFI_DEPRECATED("Use botan_privkey_get_field")
1884BOTAN_FFI_EXPORT(2, 0) int botan_privkey_rsa_get_e(botan_mp_t e, botan_privkey_t rsa_key);
1885
1886BOTAN_FFI_EXPORT(2, 8)
1887int botan_privkey_rsa_get_privkey(botan_privkey_t rsa_key, uint8_t out[], size_t* out_len, uint32_t flags);
1888
1889BOTAN_FFI_EXPORT(2, 0) int botan_pubkey_load_rsa(botan_pubkey_t* key, botan_mp_t n, botan_mp_t e);
1890
1891BOTAN_FFI_EXPORT(3, 11) int botan_pubkey_load_rsa_pkcs1(botan_pubkey_t* key, const uint8_t bits[], size_t len);
1892
1893BOTAN_FFI_DEPRECATED("Use botan_pubkey_get_field")
1894BOTAN_FFI_EXPORT(2, 0) int botan_pubkey_rsa_get_e(botan_mp_t e, botan_pubkey_t rsa_key);
1895BOTAN_FFI_DEPRECATED("Use botan_pubkey_get_field")
1896BOTAN_FFI_EXPORT(2, 0) int botan_pubkey_rsa_get_n(botan_mp_t n, botan_pubkey_t rsa_key);
1897
1898/*
1899* Algorithm specific key operations: DSA
1900*/
1901BOTAN_FFI_EXPORT(2, 0)
1902int botan_privkey_load_dsa(botan_privkey_t* key, botan_mp_t p, botan_mp_t q, botan_mp_t g, botan_mp_t x);
1903
1904BOTAN_FFI_EXPORT(2, 0)
1905int botan_pubkey_load_dsa(botan_pubkey_t* key, botan_mp_t p, botan_mp_t q, botan_mp_t g, botan_mp_t y);
1906
1907BOTAN_FFI_DEPRECATED("Use botan_privkey_get_field")
1908BOTAN_FFI_EXPORT(2, 0) int botan_privkey_dsa_get_x(botan_mp_t n, botan_privkey_t key);
1909
1910BOTAN_FFI_DEPRECATED("Use botan_pubkey_get_field")
1911BOTAN_FFI_EXPORT(2, 0) int botan_pubkey_dsa_get_p(botan_mp_t p, botan_pubkey_t key);
1912BOTAN_FFI_DEPRECATED("Use botan_pubkey_get_field")
1913BOTAN_FFI_EXPORT(2, 0) int botan_pubkey_dsa_get_q(botan_mp_t q, botan_pubkey_t key);
1914BOTAN_FFI_DEPRECATED("Use botan_pubkey_get_field")
1915BOTAN_FFI_EXPORT(2, 0) int botan_pubkey_dsa_get_g(botan_mp_t d, botan_pubkey_t key);
1916BOTAN_FFI_DEPRECATED("Use botan_pubkey_get_field")
1917BOTAN_FFI_EXPORT(2, 0) int botan_pubkey_dsa_get_y(botan_mp_t y, botan_pubkey_t key);
1918
1919/*
1920* Loads Diffie Hellman private key
1921*
1922* @param key variable populated with key material
1923* @param p prime order of a Z_p group
1924* @param g group generator
1925* @param x private key
1926*
1927* @pre key is NULL on input
1928* @post function allocates memory and assigns to `key'
1929*
1930* @return 0 on success, a negative value on failure
1931*/
1932BOTAN_FFI_EXPORT(2, 0) int botan_privkey_load_dh(botan_privkey_t* key, botan_mp_t p, botan_mp_t g, botan_mp_t x);
1933/**
1934* Loads Diffie Hellman public key
1935*
1936* @param key variable populated with key material
1937* @param p prime order of a Z_p group
1938* @param g group generator
1939* @param y public key
1940*
1941* @pre key is NULL on input
1942* @post function allocates memory and assigns to `key'
1943*
1944* @return 0 on success, a negative value on failure
1945*/
1946BOTAN_FFI_EXPORT(2, 0) int botan_pubkey_load_dh(botan_pubkey_t* key, botan_mp_t p, botan_mp_t g, botan_mp_t y);
1947
1948/*
1949* Algorithm specific key operations: ElGamal
1950*/
1951
1952/**
1953* Loads ElGamal public key
1954* @param key variable populated with key material
1955* @param p prime order of a Z_p group
1956* @param g group generator
1957* @param y public key
1958*
1959* @pre key is NULL on input
1960* @post function allocates memory and assigns to `key'
1961*
1962* @return 0 on success, a negative value on failure
1963*/
1964BOTAN_FFI_EXPORT(2, 0) int botan_pubkey_load_elgamal(botan_pubkey_t* key, botan_mp_t p, botan_mp_t g, botan_mp_t y);
1965
1966/**
1967* Loads ElGamal private key
1968*
1969* @param key variable populated with key material
1970* @param p prime order of a Z_p group
1971* @param g group generator
1972* @param x private key
1973*
1974* @pre key is NULL on input
1975* @post function allocates memory and assigns to `key'
1976*
1977* @return 0 on success, a negative value on failure
1978*/
1979BOTAN_FFI_EXPORT(2, 0) int botan_privkey_load_elgamal(botan_privkey_t* key, botan_mp_t p, botan_mp_t g, botan_mp_t x);
1980
1981/*
1982* Algorithm specific key operations: EC keys
1983*/
1984
1985BOTAN_FFI_EXPORT(3, 12) int botan_ec_privkey_get_private_key(botan_privkey_t key, botan_ec_scalar_t* value);
1986
1987BOTAN_FFI_EXPORT(3, 12) int botan_ec_privkey_get_group(botan_privkey_t key, botan_ec_group_t* ec_group);
1988
1989BOTAN_FFI_EXPORT(3, 12) int botan_ec_pubkey_get_group(botan_pubkey_t key, botan_ec_group_t* ec_group);
1990/*
1991* Algorithm specific key operations: Ed25519
1992*/
1993
1994BOTAN_FFI_EXPORT(2, 2) int botan_privkey_load_ed25519(botan_privkey_t* key, const uint8_t privkey[32]);
1995
1996BOTAN_FFI_EXPORT(2, 2) int botan_pubkey_load_ed25519(botan_pubkey_t* key, const uint8_t pubkey[32]);
1997
1998BOTAN_FFI_DEPRECATED("Use botan_privkey_view_raw")
1999BOTAN_FFI_EXPORT(2, 2) int botan_privkey_ed25519_get_privkey(botan_privkey_t key, uint8_t output[64]);
2000
2001BOTAN_FFI_DEPRECATED("Use botan_pubkey_view_raw")
2002BOTAN_FFI_EXPORT(2, 2) int botan_pubkey_ed25519_get_pubkey(botan_pubkey_t key, uint8_t pubkey[32]);
2003
2004/*
2005* Algorithm specific key operations: Ed448
2006*/
2007
2008BOTAN_FFI_EXPORT(3, 4) int botan_privkey_load_ed448(botan_privkey_t* key, const uint8_t privkey[57]);
2009
2010BOTAN_FFI_EXPORT(3, 4) int botan_pubkey_load_ed448(botan_pubkey_t* key, const uint8_t pubkey[57]);
2011
2012BOTAN_FFI_DEPRECATED("Use botan_privkey_view_raw")
2013BOTAN_FFI_EXPORT(3, 4) int botan_privkey_ed448_get_privkey(botan_privkey_t key, uint8_t output[57]);
2014
2015BOTAN_FFI_DEPRECATED("Use botan_pubkey_view_raw")
2016BOTAN_FFI_EXPORT(3, 4) int botan_pubkey_ed448_get_pubkey(botan_pubkey_t key, uint8_t pubkey[57]);
2017
2018/*
2019* Algorithm specific key operations: X25519
2020*/
2021
2022BOTAN_FFI_EXPORT(2, 8) int botan_privkey_load_x25519(botan_privkey_t* key, const uint8_t privkey[32]);
2023
2024BOTAN_FFI_EXPORT(2, 8) int botan_pubkey_load_x25519(botan_pubkey_t* key, const uint8_t pubkey[32]);
2025
2026BOTAN_FFI_DEPRECATED("Use botan_privkey_view_raw")
2027BOTAN_FFI_EXPORT(2, 8) int botan_privkey_x25519_get_privkey(botan_privkey_t key, uint8_t output[32]);
2028
2029BOTAN_FFI_DEPRECATED("Use botan_pubkey_view_raw")
2030BOTAN_FFI_EXPORT(2, 8) int botan_pubkey_x25519_get_pubkey(botan_pubkey_t key, uint8_t pubkey[32]);
2031
2032/*
2033* Algorithm specific key operations: X448
2034*/
2035
2036BOTAN_FFI_EXPORT(3, 4) int botan_privkey_load_x448(botan_privkey_t* key, const uint8_t privkey[56]);
2037
2038BOTAN_FFI_EXPORT(3, 4) int botan_pubkey_load_x448(botan_pubkey_t* key, const uint8_t pubkey[56]);
2039
2040BOTAN_FFI_DEPRECATED("Use botan_privkey_view_raw")
2041BOTAN_FFI_EXPORT(3, 4) int botan_privkey_x448_get_privkey(botan_privkey_t key, uint8_t output[56]);
2042
2043BOTAN_FFI_DEPRECATED("Use botan_pubkey_view_raw")
2044BOTAN_FFI_EXPORT(3, 4) int botan_pubkey_x448_get_pubkey(botan_pubkey_t key, uint8_t pubkey[56]);
2045
2046/*
2047* Algorithm specific key operations: ML-DSA
2048*/
2049
2050BOTAN_FFI_EXPORT(3, 6)
2051int botan_privkey_load_ml_dsa(botan_privkey_t* key, const uint8_t privkey[], size_t key_len, const char* mldsa_mode);
2052
2053BOTAN_FFI_EXPORT(3, 6)
2054int botan_pubkey_load_ml_dsa(botan_pubkey_t* key, const uint8_t pubkey[], size_t key_len, const char* mldsa_mode);
2055
2056/*
2057* Algorithm specific key operations: Kyber R3
2058*
2059* Note that Kyber R3 support is somewhat deprecated and may be removed in a
2060* future major release. Using the final ML-KEM is highly recommended in any new
2061* system.
2062*/
2063
2064BOTAN_FFI_DEPRECATED("Kyber R3 support is deprecated")
2065BOTAN_FFI_EXPORT(3, 1) int botan_privkey_load_kyber(botan_privkey_t* key, const uint8_t privkey[], size_t key_len);
2066
2067BOTAN_FFI_DEPRECATED("Kyber R3 support is deprecated")
2068BOTAN_FFI_EXPORT(3, 1) int botan_pubkey_load_kyber(botan_pubkey_t* key, const uint8_t pubkey[], size_t key_len);
2069
2070BOTAN_FFI_DEPRECATED("Use generic botan_privkey_view_raw")
2071BOTAN_FFI_EXPORT(3, 1)
2072int botan_privkey_view_kyber_raw_key(botan_privkey_t key, botan_view_ctx ctx, botan_view_bin_fn view);
2073
2074BOTAN_FFI_DEPRECATED("Use generic botan_pubkey_view_raw")
2075BOTAN_FFI_EXPORT(3, 1)
2076int botan_pubkey_view_kyber_raw_key(botan_pubkey_t key, botan_view_ctx ctx, botan_view_bin_fn view);
2077
2078/**
2079* Algorithm specific key operation: FrodoKEM
2080*/
2081
2082BOTAN_FFI_EXPORT(3, 6)
2083int botan_privkey_load_frodokem(botan_privkey_t* key, const uint8_t privkey[], size_t key_len, const char* frodo_mode);
2084
2085BOTAN_FFI_EXPORT(3, 6)
2086int botan_pubkey_load_frodokem(botan_pubkey_t* key, const uint8_t pubkey[], size_t key_len, const char* frodo_mode);
2087
2088/**
2089* Algorithm specific key operation: Classic McEliece
2090*/
2091
2092BOTAN_FFI_EXPORT(3, 6)
2093int botan_privkey_load_classic_mceliece(botan_privkey_t* key,
2094 const uint8_t privkey[],
2095 size_t key_len,
2096 const char* cmce_mode);
2097
2098BOTAN_FFI_EXPORT(3, 6)
2099int botan_pubkey_load_classic_mceliece(botan_pubkey_t* key,
2100 const uint8_t pubkey[],
2101 size_t key_len,
2102 const char* cmce_mode);
2103
2104/*
2105* Algorithm specific key operations: ML-KEM
2106*/
2107
2108BOTAN_FFI_EXPORT(3, 6)
2109int botan_privkey_load_ml_kem(botan_privkey_t* key, const uint8_t privkey[], size_t key_len, const char* mlkem_mode);
2110
2111BOTAN_FFI_EXPORT(3, 6)
2112int botan_pubkey_load_ml_kem(botan_pubkey_t* key, const uint8_t pubkey[], size_t key_len, const char* mlkem_mode);
2113
2114/*
2115* Algorithm specific key operations: SLH-DSA
2116*/
2117
2118BOTAN_FFI_EXPORT(3, 6)
2119int botan_privkey_load_slh_dsa(botan_privkey_t* key, const uint8_t privkey[], size_t key_len, const char* slhdsa_mode);
2120
2121BOTAN_FFI_EXPORT(3, 6)
2122int botan_pubkey_load_slh_dsa(botan_pubkey_t* key, const uint8_t pubkey[], size_t key_len, const char* slhdsa_mode);
2123
2124/*
2125* Algorithm specific key operations: ECDSA and ECDH
2126*/
2127BOTAN_FFI_EXPORT(3, 2)
2128int botan_pubkey_ecc_key_used_explicit_encoding(botan_pubkey_t key);
2129
2130BOTAN_FFI_EXPORT(2, 2)
2131int botan_privkey_load_ecdsa(botan_privkey_t* key, botan_mp_t scalar, const char* curve_name);
2132
2133BOTAN_FFI_EXPORT(2, 2)
2134int botan_pubkey_load_ecdsa(botan_pubkey_t* key, botan_mp_t public_x, botan_mp_t public_y, const char* curve_name);
2135
2136BOTAN_FFI_EXPORT(3, 10)
2137int botan_pubkey_load_ecdsa_sec1(botan_pubkey_t* key, const uint8_t sec1[], size_t sec1_len, const char* curve_name);
2138
2139BOTAN_FFI_EXPORT(2, 2)
2140int botan_pubkey_load_ecdh(botan_pubkey_t* key, botan_mp_t public_x, botan_mp_t public_y, const char* curve_name);
2141
2142BOTAN_FFI_EXPORT(3, 10)
2143int botan_pubkey_load_ecdh_sec1(botan_pubkey_t* key, const uint8_t sec1[], size_t sec1_len, const char* curve_name);
2144
2145BOTAN_FFI_EXPORT(2, 2)
2146int botan_privkey_load_ecdh(botan_privkey_t* key, botan_mp_t scalar, const char* curve_name);
2147
2148BOTAN_FFI_EXPORT(2, 2)
2149int botan_pubkey_load_sm2(botan_pubkey_t* key, botan_mp_t public_x, botan_mp_t public_y, const char* curve_name);
2150
2151BOTAN_FFI_EXPORT(3, 10)
2152int botan_pubkey_load_sm2_sec1(botan_pubkey_t* key, const uint8_t sec1[], size_t sec1_len, const char* curve_name);
2153
2154BOTAN_FFI_EXPORT(2, 2)
2155int botan_privkey_load_sm2(botan_privkey_t* key, botan_mp_t scalar, const char* curve_name);
2156
2157BOTAN_FFI_DEPRECATED("Use botan_pubkey_load_sm2")
2158BOTAN_FFI_EXPORT(2, 2)
2159int botan_pubkey_load_sm2_enc(botan_pubkey_t* key, botan_mp_t public_x, botan_mp_t public_y, const char* curve_name);
2160
2161BOTAN_FFI_DEPRECATED("Use botan_privkey_load_sm2")
2162BOTAN_FFI_EXPORT(2, 2)
2163int botan_privkey_load_sm2_enc(botan_privkey_t* key, botan_mp_t scalar, const char* curve_name);
2164
2165BOTAN_FFI_EXPORT(2, 3)
2166int botan_pubkey_sm2_compute_za(
2167 uint8_t out[], size_t* out_len, const char* ident, const char* hash_algo, botan_pubkey_t key);
2168
2169/**
2170* View the uncompressed public point associated with the key
2171*/
2172BOTAN_FFI_EXPORT(3, 0)
2173int botan_pubkey_view_ec_public_point(botan_pubkey_t key, botan_view_ctx ctx, botan_view_bin_fn view);
2174
2175/*
2176* Public Key Encryption
2177*/
2178typedef struct botan_pk_op_encrypt_struct* botan_pk_op_encrypt_t;
2179
2180BOTAN_FFI_EXPORT(2, 0)
2181int botan_pk_op_encrypt_create(botan_pk_op_encrypt_t* op, botan_pubkey_t key, const char* padding, uint32_t flags);
2182
2183/**
2184* @return 0 if success, error if invalid object handle
2185*/
2186BOTAN_FFI_EXPORT(2, 0) int botan_pk_op_encrypt_destroy(botan_pk_op_encrypt_t op);
2187
2188BOTAN_FFI_EXPORT(2, 8)
2189int botan_pk_op_encrypt_output_length(botan_pk_op_encrypt_t op, size_t ptext_len, size_t* ctext_len);
2190
2191BOTAN_FFI_EXPORT(2, 0)
2192int botan_pk_op_encrypt(botan_pk_op_encrypt_t op,
2193 botan_rng_t rng,
2194 uint8_t out[],
2195 size_t* out_len,
2196 const uint8_t plaintext[],
2197 size_t plaintext_len);
2198
2199/*
2200* Public Key Decryption
2201*/
2202typedef struct botan_pk_op_decrypt_struct* botan_pk_op_decrypt_t;
2203
2204BOTAN_FFI_EXPORT(2, 0)
2205int botan_pk_op_decrypt_create(botan_pk_op_decrypt_t* op, botan_privkey_t key, const char* padding, uint32_t flags);
2206
2207/**
2208* @return 0 if success, error if invalid object handle
2209*/
2210BOTAN_FFI_EXPORT(2, 0) int botan_pk_op_decrypt_destroy(botan_pk_op_decrypt_t op);
2211
2212BOTAN_FFI_EXPORT(2, 8)
2213int botan_pk_op_decrypt_output_length(botan_pk_op_decrypt_t op, size_t ctext_len, size_t* ptext_len);
2214
2215BOTAN_FFI_EXPORT(2, 0)
2216int botan_pk_op_decrypt(
2217 botan_pk_op_decrypt_t op, uint8_t out[], size_t* out_len, const uint8_t ciphertext[], size_t ciphertext_len);
2218
2219/*
2220* Signature Generation
2221*/
2222
2223#define BOTAN_PUBKEY_DER_FORMAT_SIGNATURE 1
2224
2225typedef struct botan_pk_op_sign_struct* botan_pk_op_sign_t;
2226
2227BOTAN_FFI_EXPORT(2, 0)
2228int botan_pk_op_sign_create(botan_pk_op_sign_t* op, botan_privkey_t key, const char* hash_and_padding, uint32_t flags);
2229
2230/**
2231* @return 0 if success, error if invalid object handle
2232*/
2233BOTAN_FFI_EXPORT(2, 0) int botan_pk_op_sign_destroy(botan_pk_op_sign_t op);
2234
2235BOTAN_FFI_EXPORT(2, 8) int botan_pk_op_sign_output_length(botan_pk_op_sign_t op, size_t* olen);
2236
2237BOTAN_FFI_EXPORT(2, 0) int botan_pk_op_sign_update(botan_pk_op_sign_t op, const uint8_t in[], size_t in_len);
2238
2239BOTAN_FFI_EXPORT(2, 0)
2240int botan_pk_op_sign_finish(botan_pk_op_sign_t op, botan_rng_t rng, uint8_t sig[], size_t* sig_len);
2241
2242/*
2243* Signature Verification
2244*/
2245typedef struct botan_pk_op_verify_struct* botan_pk_op_verify_t;
2246
2247BOTAN_FFI_EXPORT(2, 0)
2248int botan_pk_op_verify_create(botan_pk_op_verify_t* op,
2249 botan_pubkey_t key,
2250 const char* hash_and_padding,
2251 uint32_t flags);
2252
2253/**
2254* @return 0 if success, error if invalid object handle
2255*/
2256BOTAN_FFI_EXPORT(2, 0) int botan_pk_op_verify_destroy(botan_pk_op_verify_t op);
2257
2258BOTAN_FFI_EXPORT(2, 0) int botan_pk_op_verify_update(botan_pk_op_verify_t op, const uint8_t in[], size_t in_len);
2259BOTAN_FFI_EXPORT(2, 0) int botan_pk_op_verify_finish(botan_pk_op_verify_t op, const uint8_t sig[], size_t sig_len);
2260
2261/*
2262* Key Agreement
2263*/
2264typedef struct botan_pk_op_ka_struct* botan_pk_op_ka_t;
2265
2266BOTAN_FFI_EXPORT(2, 0)
2267int botan_pk_op_key_agreement_create(botan_pk_op_ka_t* op, botan_privkey_t key, const char* kdf, uint32_t flags);
2268
2269/**
2270* @return 0 if success, error if invalid object handle
2271*/
2272BOTAN_FFI_EXPORT(2, 0) int botan_pk_op_key_agreement_destroy(botan_pk_op_ka_t op);
2273
2274BOTAN_FFI_EXPORT(2, 0) int botan_pk_op_key_agreement_export_public(botan_privkey_t key, uint8_t out[], size_t* out_len);
2275
2276BOTAN_FFI_EXPORT(3, 0)
2277int botan_pk_op_key_agreement_view_public(botan_privkey_t key, botan_view_ctx ctx, botan_view_bin_fn view);
2278
2279BOTAN_FFI_EXPORT(2, 8) int botan_pk_op_key_agreement_size(botan_pk_op_ka_t op, size_t* out_len);
2280
2281BOTAN_FFI_EXPORT(2, 0)
2282int botan_pk_op_key_agreement(botan_pk_op_ka_t op,
2283 uint8_t out[],
2284 size_t* out_len,
2285 const uint8_t other_key[],
2286 size_t other_key_len,
2287 const uint8_t salt[],
2288 size_t salt_len);
2289
2290/*
2291* Key Encapsulation
2292*/
2293typedef struct botan_pk_op_kem_encrypt_struct* botan_pk_op_kem_encrypt_t;
2294
2295BOTAN_FFI_EXPORT(3, 0)
2296int botan_pk_op_kem_encrypt_create(botan_pk_op_kem_encrypt_t* op, botan_pubkey_t key, const char* kdf);
2297
2298/**
2299* @return 0 if success, error if invalid object handle
2300*/
2301BOTAN_FFI_EXPORT(3, 0) int botan_pk_op_kem_encrypt_destroy(botan_pk_op_kem_encrypt_t op);
2302
2303BOTAN_FFI_EXPORT(3, 0)
2304int botan_pk_op_kem_encrypt_shared_key_length(botan_pk_op_kem_encrypt_t op,
2305 size_t desired_shared_key_length,
2306 size_t* output_shared_key_length);
2307
2308BOTAN_FFI_EXPORT(3, 0)
2309int botan_pk_op_kem_encrypt_encapsulated_key_length(botan_pk_op_kem_encrypt_t op,
2310 size_t* output_encapsulated_key_length);
2311
2312BOTAN_FFI_EXPORT(3, 0)
2313int botan_pk_op_kem_encrypt_create_shared_key(botan_pk_op_kem_encrypt_t op,
2314 botan_rng_t rng,
2315 const uint8_t salt[],
2316 size_t salt_len,
2317 size_t desired_shared_key_len,
2318 uint8_t shared_key[],
2319 size_t* shared_key_len,
2320 uint8_t encapsulated_key[],
2321 size_t* encapsulated_key_len);
2322
2323typedef struct botan_pk_op_kem_decrypt_struct* botan_pk_op_kem_decrypt_t;
2324
2325BOTAN_FFI_EXPORT(3, 0)
2326int botan_pk_op_kem_decrypt_create(botan_pk_op_kem_decrypt_t* op, botan_privkey_t key, const char* kdf);
2327
2328/**
2329* @return 0 if success, error if invalid object handle
2330*/
2331BOTAN_FFI_EXPORT(3, 0) int botan_pk_op_kem_decrypt_destroy(botan_pk_op_kem_decrypt_t op);
2332
2333BOTAN_FFI_EXPORT(3, 0)
2334int botan_pk_op_kem_decrypt_shared_key_length(botan_pk_op_kem_decrypt_t op,
2335 size_t desired_shared_key_length,
2336 size_t* output_shared_key_length);
2337
2338BOTAN_FFI_EXPORT(3, 0)
2339int botan_pk_op_kem_decrypt_shared_key(botan_pk_op_kem_decrypt_t op,
2340 const uint8_t salt[],
2341 size_t salt_len,
2342 const uint8_t encapsulated_key[],
2343 size_t encapsulated_key_len,
2344 size_t desired_shared_key_len,
2345 uint8_t shared_key[],
2346 size_t* shared_key_len);
2347
2348/**
2349* Signature Scheme Utility Functions
2350*/
2351
2352BOTAN_FFI_EXPORT(2, 0) int botan_pkcs_hash_id(const char* hash_name, uint8_t pkcs_id[], size_t* pkcs_id_len);
2353
2354/*
2355* Always returns BOTAN_FFI_ERROR_NOT_IMPLEMENTED
2356*/
2357BOTAN_FFI_DEPRECATED("No longer implemented")
2358BOTAN_FFI_EXPORT(2, 0)
2359int botan_mceies_encrypt(botan_pubkey_t mce_key,
2360 botan_rng_t rng,
2361 const char* aead,
2362 const uint8_t pt[],
2363 size_t pt_len,
2364 const uint8_t ad[],
2365 size_t ad_len,
2366 uint8_t ct[],
2367 size_t* ct_len);
2368
2369/*
2370* Always returns BOTAN_FFI_ERROR_NOT_IMPLEMENTED
2371*/
2372BOTAN_FFI_DEPRECATED("No longer implemented")
2373BOTAN_FFI_EXPORT(2, 0)
2374int botan_mceies_decrypt(botan_privkey_t mce_key,
2375 const char* aead,
2376 const uint8_t ct[],
2377 size_t ct_len,
2378 const uint8_t ad[],
2379 size_t ad_len,
2380 uint8_t pt[],
2381 size_t* pt_len);
2382
2383/*
2384* X.509 certificates
2385**************************/
2386
2387typedef struct botan_x509_cert_struct* botan_x509_cert_t;
2388
2389/**
2390 * Generic values that may be retrieved from X.509 certificates or CRLs via
2391 * the generic getter functions.
2392 *
2393 * When extending this list the existing entries must stay backward-compatible
2394 * to remain ABI compatible across versions. Therefore, new values must be added
2395 * to the end of this list.
2396 *
2397 * See:
2398 * * botan_x509_cert_view_binary_values()
2399 * * botan_x509_crl_view_binary_values()
2400 * * botan_x509_cert_view_string_values()
2401 */
2402typedef enum /* NOLINT(*-enum-size,*-use-enum-class) */ {
2403 BOTAN_X509_SERIAL_NUMBER = 0, /** singleton binary big-endian encoding */
2404 BOTAN_X509_SUBJECT_DN_BITS = 1, /** singleton binary DER encoding of the subject distinguished name */
2405 BOTAN_X509_ISSUER_DN_BITS = 2, /** singleton binary DER encoding of the issuer distinguished name */
2406 BOTAN_X509_SUBJECT_KEY_IDENTIFIER = 3, /** singleton binary encoding */
2407 BOTAN_X509_AUTHORITY_KEY_IDENTIFIER = 4, /** singleton binary encoding */
2408
2409 BOTAN_X509_PUBLIC_KEY_PKCS8_BITS = 200, /** singleton binary DER encoding of the PKCS#8 public key */
2410 BOTAN_X509_TBS_DATA_BITS = 201, /** singleton binary DER encoding */
2411 BOTAN_X509_SIGNATURE_SCHEME_BITS = 202, /** singleton binary DER encoding of the algorithm identifier */
2412 BOTAN_X509_SIGNATURE_BITS = 203, /** singleton binary signature bits */
2413
2414 BOTAN_X509_DER_ENCODING = 300, /** singleton binary DER encoding of the whole object */
2415 BOTAN_X509_PEM_ENCODING = 301, /** singleton string value PEM encoding of the whole object */
2416
2417 BOTAN_X509_CRL_DISTRIBUTION_URLS = 400, /** multi-value string of the CRL distribution points */
2418 BOTAN_X509_OCSP_RESPONDER_URLS = 401, /** multi-value string of the OCSP responder URLs */
2419 BOTAN_X509_CA_ISSUERS_URLS = 402, /** multi-value string of the CA issuer URLs */
2420} botan_x509_value_type;
2421
2422BOTAN_FFI_EXPORT(2, 0) int botan_x509_cert_load(botan_x509_cert_t* cert_obj, const uint8_t cert[], size_t cert_len);
2423BOTAN_FFI_EXPORT(2, 0) int botan_x509_cert_load_file(botan_x509_cert_t* cert_obj, const char* filename);
2424
2425/**
2426* @return 0 if success, error if invalid object handle
2427*/
2428BOTAN_FFI_EXPORT(2, 0) int botan_x509_cert_destroy(botan_x509_cert_t cert);
2429
2430BOTAN_FFI_EXPORT(2, 8) int botan_x509_cert_dup(botan_x509_cert_t* new_cert, botan_x509_cert_t cert);
2431
2432/**
2433 * Retrieve a specific binary value from an X.509 certificate.
2434 *
2435 * For multi-values @p index allows enumerating the available entries, until
2436 * BOTAN_FFI_ERROR_OUT_OF_RANGE is returned. For singleton values, an @p index
2437 * of value "0" is expected.
2438 *
2439 * @returns BOTAN_FFI_ERROR_NO_VALUE if the provided @p cert does not provide
2440 * the requested @p value_type at all or not in binary format.
2441 */
2442BOTAN_FFI_EXPORT(3, 11)
2443int botan_x509_cert_view_binary_values(
2444 botan_x509_cert_t cert, botan_x509_value_type value_type, size_t index, botan_view_ctx ctx, botan_view_bin_fn view);
2445BOTAN_FFI_EXPORT(3, 11)
2446int botan_x509_cert_view_binary_values_count(botan_x509_cert_t cert, botan_x509_value_type value_type, size_t* count);
2447
2448/**
2449 * Retrieve a specific string value from an X.509 certificate.
2450 *
2451 * For multi-values @p index allows enumerating the available entries, until
2452 * BOTAN_FFI_ERROR_OUT_OF_RANGE is returned. For singleton values, an @p index
2453 * of value "0" is expected.
2454 *
2455 * @returns BOTAN_FFI_ERROR_NO_VALUE if the provided @p cert does not provide
2456 * the requested @p value_type at all or not in string format.
2457 */
2458BOTAN_FFI_EXPORT(3, 11)
2459int botan_x509_cert_view_string_values(
2460 botan_x509_cert_t cert, botan_x509_value_type value_type, size_t index, botan_view_ctx ctx, botan_view_str_fn view);
2461BOTAN_FFI_EXPORT(3, 11)
2462int botan_x509_cert_view_string_values_count(botan_x509_cert_t cert, botan_x509_value_type value_type, size_t* count);
2463
2464/* Prefer botan_x509_cert_not_before and botan_x509_cert_not_after */
2465BOTAN_FFI_EXPORT(2, 0) int botan_x509_cert_get_time_starts(botan_x509_cert_t cert, char out[], size_t* out_len);
2466BOTAN_FFI_EXPORT(2, 0) int botan_x509_cert_get_time_expires(botan_x509_cert_t cert, char out[], size_t* out_len);
2467
2468BOTAN_FFI_EXPORT(2, 8) int botan_x509_cert_not_before(botan_x509_cert_t cert, uint64_t* time_since_epoch);
2469BOTAN_FFI_EXPORT(2, 8) int botan_x509_cert_not_after(botan_x509_cert_t cert, uint64_t* time_since_epoch);
2470
2471/* TODO(Botan4) this should use char for the out param */
2472BOTAN_FFI_EXPORT(2, 0)
2473int botan_x509_cert_get_fingerprint(botan_x509_cert_t cert, const char* hash, uint8_t out[], size_t* out_len);
2474
2475BOTAN_FFI_EXPORT(2, 0) int botan_x509_cert_get_serial_number(botan_x509_cert_t cert, uint8_t out[], size_t* out_len);
2476BOTAN_FFI_EXPORT(3, 11) int botan_x509_cert_serial_number(botan_x509_cert_t cert, botan_mp_t* serial_number);
2477BOTAN_FFI_EXPORT(2, 0) int botan_x509_cert_get_authority_key_id(botan_x509_cert_t cert, uint8_t out[], size_t* out_len);
2478BOTAN_FFI_EXPORT(2, 0) int botan_x509_cert_get_subject_key_id(botan_x509_cert_t cert, uint8_t out[], size_t* out_len);
2479
2480BOTAN_FFI_EXPORT(2, 0) int botan_x509_cert_get_public_key_bits(botan_x509_cert_t cert, uint8_t out[], size_t* out_len);
2481
2482BOTAN_FFI_EXPORT(3, 0)
2483int botan_x509_cert_view_public_key_bits(botan_x509_cert_t cert, botan_view_ctx ctx, botan_view_bin_fn view);
2484
2485BOTAN_FFI_EXPORT(2, 0) int botan_x509_cert_get_public_key(botan_x509_cert_t cert, botan_pubkey_t* key);
2486
2487/**
2488 * Returns 1 iff the cert is a CA certificate
2489 */
2490BOTAN_FFI_EXPORT(3, 11) int botan_x509_cert_is_ca(botan_x509_cert_t cert);
2491
2492/**
2493 * Retrieves the path length constraint from the certificate.
2494 * If no such constraint is present, BOTAN_FFI_ERROR_NO_VALUE is returned.
2495 */
2496BOTAN_FFI_EXPORT(3, 11) int botan_x509_cert_get_path_length_constraint(botan_x509_cert_t cert, size_t* path_limit);
2497
2498/**
2499 * Enumerates the names of the given @p key in the issuer DN. If @p index is
2500 * out of bounds, BOTAN_FFI_ERROR_BAD_PARAMETER is returned.
2501 *
2502 * TODO(Botan4) use BOTAN_FFI_ERROR_OUT_OF_RANGE instead of BAD_PARAMETER
2503 * TODO(Botan4) this should use char for the out param
2504 */
2505BOTAN_FFI_EXPORT(2, 0)
2506int botan_x509_cert_get_issuer_dn(
2507 botan_x509_cert_t cert, const char* key, size_t index, uint8_t out[], size_t* out_len);
2508BOTAN_FFI_EXPORT(3, 11) int botan_x509_cert_get_issuer_dn_count(botan_x509_cert_t cert, const char* key, size_t* count);
2509
2510/**
2511 * Enumerates the names of the given @p key in the subject DN. If @p index is
2512 * out of bounds, BOTAN_FFI_ERROR_BAD_PARAMETER is returned.
2513 *
2514 * TODO(Botan4) use BOTAN_FFI_ERROR_OUT_OF_RANGE instead of BAD_PARAMETER
2515 * TODO(Botan4) this should use char for the out param
2516 */
2517BOTAN_FFI_EXPORT(2, 0)
2518int botan_x509_cert_get_subject_dn(
2519 botan_x509_cert_t cert, const char* key, size_t index, uint8_t out[], size_t* out_len);
2520BOTAN_FFI_EXPORT(3, 11)
2521int botan_x509_cert_get_subject_dn_count(botan_x509_cert_t cert, const char* key, size_t* count);
2522
2523BOTAN_FFI_EXPORT(2, 0) int botan_x509_cert_to_string(botan_x509_cert_t cert, char out[], size_t* out_len);
2524
2525BOTAN_FFI_EXPORT(3, 0)
2526int botan_x509_cert_view_as_string(botan_x509_cert_t cert, botan_view_ctx ctx, botan_view_str_fn view);
2527
2528/* Must match values of Key_Constraints in pkix_enums.h */
2541
2542BOTAN_FFI_EXPORT(2, 0) int botan_x509_cert_allowed_usage(botan_x509_cert_t cert, unsigned int key_usage);
2543
2544/**
2545* Check if the certificate allows the specified extended usage OID. See RFC 5280
2546* Section 4.2.1.12 for OIDs to query for this. If no extended key usage
2547* extension is found in the certificate, this always returns "not success".
2548*
2549* Typical OIDs to check for:
2550* * "PKIX.ServerAuth"
2551* * "PKIX.ClientAuth"
2552* * "PKIX.CodeSigning"
2553* * "PKIX.OCSPSigning"
2554*
2555* The @p oid parameter can be either a canonical OID string or identifiers as
2556* indicated in the examples above.
2557*/
2558BOTAN_FFI_EXPORT(3, 11) int botan_x509_cert_allowed_extended_usage_str(botan_x509_cert_t cert, const char* oid);
2559
2560/**
2561* Check if the certificate allows the specified extended usage OID. See RFC 5280
2562* Section 4.2.1.12 for OIDs to query for this. If no extended key usage
2563* extension is found in the certificate, this always returns "not success".
2564*
2565* This is similar to botan_x509_cert_allowed_extended_usage_str but takes an OID
2566* object instead of a string describing the OID.
2567*/
2568BOTAN_FFI_EXPORT(3, 11) int botan_x509_cert_allowed_extended_usage_oid(botan_x509_cert_t cert, botan_asn1_oid_t oid);
2569
2570typedef struct botan_x509_general_name_struct* botan_x509_general_name_t;
2571
2572/**
2573* GeneralName type identifiers as defined in RFC 5280 A.2 (GeneralName ::= CHOICE)
2574* Type identifiers that are omitted here are (currently) not supported. Also,
2575* there is currently no way to access OTHER_NAME values via the FFI.
2576*/
2585
2586/**
2587* Provides the contained type of the @p name and returns BOTAN_FFI_SUCCESS if
2588* that type is supported and may be retrieved via the view functions below.
2589* Otherwise BOTAN_FFI_ERROR_INVALID_OBJECT_STATE is returned.
2590*/
2591BOTAN_FFI_EXPORT(3, 11) int botan_x509_general_name_get_type(botan_x509_general_name_t name, unsigned int* type);
2592
2593/**
2594* Views the name as a string or returns BOTAN_FFI_ERROR_INVALID_OBJECT_STATE
2595* if the contained GeneralName value cannot be represented as a string.
2596*
2597* The types BOTAN_X509_EMAIL_ADDRESS, BOTAN_X509_DNS_NAME, BOTAN_X509_URI,
2598* BOTAN_X509_IP_ADDRESS may be viewed as "string".
2599*/
2600BOTAN_FFI_EXPORT(3, 11)
2601int botan_x509_general_name_view_string_value(botan_x509_general_name_t name,
2602 botan_view_ctx ctx,
2603 botan_view_str_fn view);
2604
2605/**
2606* Views the name as a bit string or returns BOTAN_FFI_ERROR_INVALID_OBJECT_STATE
2607* if the contained GeneralName value cannot be represented as a binary string.
2608*
2609* The types BOTAN_X509_DIRECTORY_NAME, BOTAN_X509_IP_ADDRESS may be viewed as
2610* "binary".
2611*/
2612BOTAN_FFI_EXPORT(3, 11)
2613int botan_x509_general_name_view_binary_value(botan_x509_general_name_t name,
2614 botan_view_ctx ctx,
2615 botan_view_bin_fn view);
2616
2617BOTAN_FFI_EXPORT(3, 11) int botan_x509_general_name_destroy(botan_x509_general_name_t alt_names);
2618
2619/**
2620* Extracts "permitted" name constraints from a given @p cert one-by-one.
2621* Returns BOTAN_FFI_ERROR_OUT_OF_RANGE if the given @p index is larger than the
2622* available number of "permitted" name constraints.
2623*/
2624BOTAN_FFI_EXPORT(3, 11)
2625int botan_x509_cert_permitted_name_constraints(botan_x509_cert_t cert,
2626 size_t index,
2627 botan_x509_general_name_t* constraint);
2628BOTAN_FFI_EXPORT(3, 11) int botan_x509_cert_permitted_name_constraints_count(botan_x509_cert_t cert, size_t* count);
2629
2630/**
2631* Extracts "excluded" name constraints from a given @p cert one-by-one.
2632* Returns BOTAN_FFI_ERROR_OUT_OF_RANGE if the given @p index is larger than the
2633* available number of "excluded" name constraints.
2634*/
2635BOTAN_FFI_EXPORT(3, 11)
2636int botan_x509_cert_excluded_name_constraints(botan_x509_cert_t cert,
2637 size_t index,
2638 botan_x509_general_name_t* constraint);
2639BOTAN_FFI_EXPORT(3, 11) int botan_x509_cert_excluded_name_constraints_count(botan_x509_cert_t cert, size_t* count);
2640
2641/**
2642* Provides access to all "subject alternative names", where each entry is
2643* returned as a botan_x509_general_name_t. If the given @p index is not
2644* within range of the available entries, BOTAN_FFI_ERROR_OUT_OF_RANGE is
2645* returned. If @p cert does not contain a SubjectAlternativeNames extension,
2646* BOTAN_FFI_ERROR_NO_VALUE is returned.
2647*/
2648BOTAN_FFI_EXPORT(3, 11)
2649int botan_x509_cert_subject_alternative_names(botan_x509_cert_t cert,
2650 size_t index,
2651 botan_x509_general_name_t* alt_name);
2652BOTAN_FFI_EXPORT(3, 11) int botan_x509_cert_subject_alternative_names_count(botan_x509_cert_t cert, size_t* count);
2653
2654/**
2655* Provides access to all "issuer alternative names", where each entry is
2656* returned as a botan_x509_general_name_t. If the given @p index is not
2657* within range of the available entries, BOTAN_FFI_ERROR_OUT_OF_RANGE is
2658* returned. If @p cert does not contain an IssuerAlternativeNames extension,
2659* BOTAN_FFI_ERROR_NO_VALUE is returned.
2660*/
2661BOTAN_FFI_EXPORT(3, 11)
2662int botan_x509_cert_issuer_alternative_names(botan_x509_cert_t cert, size_t index, botan_x509_general_name_t* alt_name);
2663BOTAN_FFI_EXPORT(3, 11) int botan_x509_cert_issuer_alternative_names_count(botan_x509_cert_t cert, size_t* count);
2664
2665/**
2666* Check if the certificate matches the specified hostname via alternative name or CN match.
2667* RFC 5280 wildcards also supported.
2668*/
2669BOTAN_FFI_EXPORT(2, 5) int botan_x509_cert_hostname_match(botan_x509_cert_t cert, const char* hostname);
2670
2671/**
2672* Returns 0 if the validation was successful, 1 if validation failed,
2673* and negative on error. A status code with details is written to
2674* *validation_result
2675*
2676* Intermediates or trusted lists can be null
2677* Trusted path can be null
2678*/
2679BOTAN_FFI_EXPORT(2, 8)
2680int botan_x509_cert_verify(int* validation_result,
2681 botan_x509_cert_t cert,
2682 const botan_x509_cert_t* intermediates,
2683 size_t intermediates_len,
2684 const botan_x509_cert_t* trusted,
2685 size_t trusted_len,
2686 const char* trusted_path,
2687 size_t required_strength,
2688 const char* hostname,
2689 uint64_t reference_time);
2690
2691/**
2692* Returns a pointer to a static character string explaining the status code,
2693* or else NULL if unknown.
2694*/
2695BOTAN_FFI_EXPORT(2, 8) const char* botan_x509_cert_validation_status(int code);
2696
2697/*
2698* X.509 CRL
2699**************************/
2700
2701typedef struct botan_x509_crl_struct* botan_x509_crl_t;
2702typedef struct botan_x509_crl_entry_struct* botan_x509_crl_entry_t;
2703
2704BOTAN_FFI_EXPORT(2, 13) int botan_x509_crl_load_file(botan_x509_crl_t* crl_obj, const char* crl_path);
2705BOTAN_FFI_EXPORT(2, 13)
2706int botan_x509_crl_load(botan_x509_crl_t* crl_obj, const uint8_t crl_bits[], size_t crl_bits_len);
2707
2708BOTAN_FFI_EXPORT(3, 11) int botan_x509_crl_this_update(botan_x509_crl_t crl, uint64_t* time_since_epoch);
2709BOTAN_FFI_EXPORT(3, 11) int botan_x509_crl_next_update(botan_x509_crl_t crl, uint64_t* time_since_epoch);
2710
2711/**
2712* Create a new CRL
2713* @param crl_obj The newly created CRL
2714* @param rng a random number generator object
2715* @param ca_cert The CA Certificate the CRL belongs to
2716* @param ca_key The private key of that CA
2717* @param issue_time The time when the CRL becomes valid
2718* @param next_update The number of seconds after issue_time until the CRL expires
2719* @param hash_fn The hash function to use, may be null
2720* @param padding The padding to use, may be null
2721*/
2722BOTAN_FFI_EXPORT(3, 11)
2723int botan_x509_crl_create(botan_x509_crl_t* crl_obj,
2724 botan_rng_t rng,
2725 botan_x509_cert_t ca_cert,
2726 botan_privkey_t ca_key,
2727 uint64_t issue_time,
2728 uint32_t next_update,
2729 const char* hash_fn,
2730 const char* padding);
2731
2732/* Must match values of CRL_Code in pkix_enums.h */
2745
2746/**
2747* Create a new CRL entry that marks @p cert as revoked
2748* @param entry The newly created CRL entry
2749* @param cert The certificate to mark as revoked
2750* @param reason_code The reason code for revocation
2751*/
2752BOTAN_FFI_EXPORT(3, 11)
2753int botan_x509_crl_entry_create(botan_x509_crl_entry_t* entry, botan_x509_cert_t cert, int reason_code);
2754
2755/**
2756* Update a CRL with new revoked entries. This does not modify the old crl, and instead creates a new one.
2757* @param crl_obj The newly created CRL
2758* @param last_crl The CRL to update
2759* @param rng a random number generator object
2760* @param ca_cert The CA Certificate the CRL belongs to
2761* @param ca_key The private key of that CA
2762* @param issue_time The time when the CRL becomes valid
2763* @param next_update The number of seconds after issue_time until the CRL expires
2764* @param new_entries The entries to add to the CRL
2765* @param new_entries_len The number of entries
2766* @param hash_fn The hash function to use, may be null
2767* @param padding The padding to use, may be null
2768*/
2769BOTAN_FFI_EXPORT(3, 11)
2770int botan_x509_crl_update(botan_x509_crl_t* crl_obj,
2771 botan_x509_crl_t last_crl,
2772 botan_rng_t rng,
2773 botan_x509_cert_t ca_cert,
2774 botan_privkey_t ca_key,
2775 uint64_t issue_time,
2776 uint32_t next_update,
2777 const botan_x509_crl_entry_t* new_entries,
2778 size_t new_entries_len,
2779 const char* hash_fn,
2780 const char* padding);
2781
2782BOTAN_FFI_EXPORT(3, 11) int botan_x509_crl_verify_signature(botan_x509_crl_t crl, botan_pubkey_t key);
2783
2784BOTAN_FFI_EXPORT(2, 13) int botan_x509_crl_destroy(botan_x509_crl_t crl);
2785
2786/**
2787 * Retrieve a specific binary value from an X.509 certificate revocation list.
2788 *
2789 * For multi-values @p index allows enumerating the available entries, until
2790 * BOTAN_FFI_ERROR_OUT_OF_RANGE is returned. For singleton values, an @p index
2791 * of value "0" is expected.
2792 *
2793 * @returns BOTAN_FFI_ERROR_NO_VALUE if the provided @p crl_obj does not provide
2794 * the requested @p value_type at all or not in binary format.
2795 */
2796BOTAN_FFI_EXPORT(3, 11)
2797int botan_x509_crl_view_binary_values(botan_x509_crl_t crl_obj,
2798 botan_x509_value_type value_type,
2799 size_t index,
2800 botan_view_ctx ctx,
2801 botan_view_bin_fn view);
2802BOTAN_FFI_EXPORT(3, 11)
2803int botan_x509_crl_view_binary_values_count(botan_x509_crl_t crl_obj, botan_x509_value_type value_type, size_t* count);
2804
2805/**
2806 * Retrieve a specific string value from an X.509 certificate revocation list.
2807 *
2808 * For multi-values @p index allows enumerating the available entries, until
2809 * BOTAN_FFI_ERROR_OUT_OF_RANGE is returned. For singleton values, an @p index
2810 * of value "0" is expected.
2811 *
2812 * @returns BOTAN_FFI_ERROR_NO_VALUE if the provided @p crl_obj does not provide
2813 * the requested @p value_type at all or not in string format.
2814 */
2815BOTAN_FFI_EXPORT(3, 11)
2816int botan_x509_crl_view_string_values(botan_x509_crl_t crl_obj,
2817 botan_x509_value_type value_type,
2818 size_t index,
2819 botan_view_ctx ctx,
2820 botan_view_str_fn view);
2821BOTAN_FFI_EXPORT(3, 11)
2822int botan_x509_crl_view_string_values_count(botan_x509_crl_t crl_obj, botan_x509_value_type value_type, size_t* count);
2823
2824/**
2825 * Given a CRL and a certificate,
2826 * check if the certificate is revoked on that particular CRL
2827 */
2828BOTAN_FFI_EXPORT(2, 13) int botan_x509_is_revoked(botan_x509_crl_t crl, botan_x509_cert_t cert);
2829
2830/**
2831* Allows iterating all entries of the CRL.
2832*
2833* @param crl the CRL whose entries should be listed
2834* @param index the index of the CRL entry to return
2835* @param entry an object handle containing the CRL entry data
2836*
2837* @returns BOTAN_FFI_ERROR_OUT_OF_RANGE if the given @p index is out of range of
2838* the CRL entry list.
2839*/
2840BOTAN_FFI_EXPORT(3, 11)
2841int botan_x509_crl_entries(botan_x509_crl_t crl, size_t index, botan_x509_crl_entry_t* entry);
2842BOTAN_FFI_EXPORT(3, 11) int botan_x509_crl_entries_count(botan_x509_crl_t crl, size_t* count);
2843
2844/**
2845* Return the revocation reason code for the given CRL @p entry.
2846* See `botan_x509_crl_reason_code` and RFC 5280 - 5.3.1 for possible reason codes.
2847*/
2848BOTAN_FFI_EXPORT(3, 11) int botan_x509_crl_entry_reason(botan_x509_crl_entry_t entry, int* reason_code);
2849
2850/**
2851* Return the revocation date for the given CRL @p entry as time since epoch
2852* in seconds.
2853*/
2854BOTAN_FFI_EXPORT(3, 11)
2855int botan_x509_crl_entry_revocation_date(botan_x509_crl_entry_t entry, uint64_t* time_since_epoch);
2856
2857/**
2858* Return the serial number associated with the given CRL @p entry.
2859*/
2860BOTAN_FFI_EXPORT(3, 11)
2861int botan_x509_crl_entry_serial_number(botan_x509_crl_entry_t entry, botan_mp_t* serial_number);
2862
2863/**
2864* View the serial number associated with the given CRL @p entry.
2865*/
2866BOTAN_FFI_EXPORT(3, 11)
2867int botan_x509_crl_entry_view_serial_number(botan_x509_crl_entry_t entry, botan_view_ctx ctx, botan_view_bin_fn view);
2868
2869BOTAN_FFI_EXPORT(3, 11) int botan_x509_crl_entry_destroy(botan_x509_crl_entry_t entry);
2870
2871/**
2872 * Different flavor of `botan_x509_cert_verify`, supports revocation lists.
2873 * CRLs are passed as an array, same as intermediates and trusted CAs
2874 */
2875BOTAN_FFI_EXPORT(2, 13)
2876int botan_x509_cert_verify_with_crl(int* validation_result,
2877 botan_x509_cert_t cert,
2878 const botan_x509_cert_t* intermediates,
2879 size_t intermediates_len,
2880 const botan_x509_cert_t* trusted,
2881 size_t trusted_len,
2882 const botan_x509_crl_t* crls,
2883 size_t crls_len,
2884 const char* trusted_path,
2885 size_t required_strength,
2886 const char* hostname,
2887 uint64_t reference_time);
2888
2889/**
2890 * Key wrapping as per RFC 3394
2891 */
2892BOTAN_FFI_DEPRECATED("Use botan_nist_kw_enc")
2893BOTAN_FFI_EXPORT(2, 2)
2894int botan_key_wrap3394(const uint8_t key[],
2895 size_t key_len,
2896 const uint8_t kek[],
2897 size_t kek_len,
2898 uint8_t wrapped_key[],
2899 size_t* wrapped_key_len);
2900
2901BOTAN_FFI_DEPRECATED("Use botan_nist_kw_dec")
2902BOTAN_FFI_EXPORT(2, 2)
2903int botan_key_unwrap3394(const uint8_t wrapped_key[],
2904 size_t wrapped_key_len,
2905 const uint8_t kek[],
2906 size_t kek_len,
2907 uint8_t key[],
2908 size_t* key_len);
2909
2910BOTAN_FFI_EXPORT(3, 0)
2911int botan_nist_kw_enc(const char* cipher_algo,
2912 int padded,
2913 const uint8_t key[],
2914 size_t key_len,
2915 const uint8_t kek[],
2916 size_t kek_len,
2917 uint8_t wrapped_key[],
2918 size_t* wrapped_key_len);
2919
2920BOTAN_FFI_EXPORT(3, 0)
2921int botan_nist_kw_dec(const char* cipher_algo,
2922 int padded,
2923 const uint8_t wrapped_key[],
2924 size_t wrapped_key_len,
2925 const uint8_t kek[],
2926 size_t kek_len,
2927 uint8_t key[],
2928 size_t* key_len);
2929
2930/**
2931* HOTP
2932*/
2933
2934typedef struct botan_hotp_struct* botan_hotp_t;
2935
2936/**
2937* Initialize a HOTP instance
2938*/
2939BOTAN_FFI_EXPORT(2, 8)
2940int botan_hotp_init(botan_hotp_t* hotp, const uint8_t key[], size_t key_len, const char* hash_algo, size_t digits);
2941
2942/**
2943* Destroy a HOTP instance
2944* @return 0 if success, error if invalid object handle
2945*/
2946BOTAN_FFI_EXPORT(2, 8)
2947int botan_hotp_destroy(botan_hotp_t hotp);
2948
2949/**
2950* Generate a HOTP code for the provided counter
2951*/
2952BOTAN_FFI_EXPORT(2, 8)
2953int botan_hotp_generate(botan_hotp_t hotp, uint32_t* hotp_code, uint64_t hotp_counter);
2954
2955/**
2956* Verify a HOTP code
2957*/
2958BOTAN_FFI_EXPORT(2, 8)
2959int botan_hotp_check(
2960 botan_hotp_t hotp, uint64_t* next_hotp_counter, uint32_t hotp_code, uint64_t hotp_counter, size_t resync_range);
2961
2962/**
2963* TOTP
2964*/
2965
2966typedef struct botan_totp_struct* botan_totp_t;
2967
2968/**
2969* Initialize a TOTP instance
2970*/
2971BOTAN_FFI_EXPORT(2, 8)
2972int botan_totp_init(
2973 botan_totp_t* totp, const uint8_t key[], size_t key_len, const char* hash_algo, size_t digits, size_t time_step);
2974
2975/**
2976* Destroy a TOTP instance
2977* @return 0 if success, error if invalid object handle
2978*/
2979BOTAN_FFI_EXPORT(2, 8)
2980int botan_totp_destroy(botan_totp_t totp);
2981
2982/**
2983* Generate a TOTP code for the provided timestamp
2984* @param totp the TOTP object
2985* @param totp_code the OTP code will be written here
2986* @param timestamp the current local timestamp
2987*/
2988BOTAN_FFI_EXPORT(2, 8)
2989int botan_totp_generate(botan_totp_t totp, uint32_t* totp_code, uint64_t timestamp);
2990
2991/**
2992* Verify a TOTP code
2993* @param totp the TOTP object
2994* @param totp_code the presented OTP
2995* @param timestamp the current local timestamp
2996* @param acceptable_clock_drift specifies the acceptable amount
2997* of clock drift (in terms of time steps) between the two hosts.
2998*/
2999BOTAN_FFI_EXPORT(2, 8)
3000int botan_totp_check(botan_totp_t totp, uint32_t totp_code, uint64_t timestamp, size_t acceptable_clock_drift);
3001
3002/**
3003* Format Preserving Encryption
3004*/
3005
3006typedef struct botan_fpe_struct* botan_fpe_t;
3007
3008#define BOTAN_FPE_FLAG_FE1_COMPAT_MODE 1
3009
3010BOTAN_FFI_EXPORT(2, 8)
3011int botan_fpe_fe1_init(
3012 botan_fpe_t* fpe, botan_mp_t n, const uint8_t key[], size_t key_len, size_t rounds, uint32_t flags);
3013
3014/**
3015* @return 0 if success, error if invalid object handle
3016*/
3017BOTAN_FFI_EXPORT(2, 8)
3018int botan_fpe_destroy(botan_fpe_t fpe);
3019
3020BOTAN_FFI_EXPORT(2, 8)
3021int botan_fpe_encrypt(botan_fpe_t fpe, botan_mp_t x, const uint8_t tweak[], size_t tweak_len);
3022
3023BOTAN_FFI_EXPORT(2, 8)
3024int botan_fpe_decrypt(botan_fpe_t fpe, botan_mp_t x, const uint8_t tweak[], size_t tweak_len);
3025
3026/**
3027* SRP-6 Server Session type
3028*/
3029typedef struct botan_srp6_server_session_struct* botan_srp6_server_session_t;
3030
3031/**
3032* Initialize an SRP-6 server session object
3033* @param srp6 SRP-6 server session object
3034*/
3035BOTAN_FFI_EXPORT(3, 0)
3036int botan_srp6_server_session_init(botan_srp6_server_session_t* srp6);
3037
3038/**
3039* Frees all resources of the SRP-6 server session object
3040* @param srp6 SRP-6 server session object
3041* @return 0 if success, error if invalid object handle
3042*/
3043BOTAN_FFI_EXPORT(3, 0)
3044int botan_srp6_server_session_destroy(botan_srp6_server_session_t srp6);
3045
3046/**
3047* SRP-6 Server side step 1
3048* @param srp6 SRP-6 server session object
3049* @param verifier the verification value saved from client registration
3050* @param verifier_len SRP-6 verifier value length
3051* @param group_id the SRP group id
3052* @param hash_id the SRP hash in use
3053* @param rng_obj a random number generator object
3054* @param B_pub out buffer to store the SRP-6 B value
3055* @param B_pub_len SRP-6 B value length
3056* @return 0 on success, negative on failure
3057*/
3058BOTAN_FFI_EXPORT(3, 0)
3059int botan_srp6_server_session_step1(botan_srp6_server_session_t srp6,
3060 const uint8_t verifier[],
3061 size_t verifier_len,
3062 const char* group_id,
3063 const char* hash_id,
3064 botan_rng_t rng_obj,
3065 uint8_t B_pub[],
3066 size_t* B_pub_len);
3067
3068/**
3069* SRP-6 Server side step 2
3070* @param srp6 SRP-6 server session object
3071* @param A the client's value
3072* @param A_len the client's value length
3073* @param key out buffer to store the symmetric key value
3074* @param key_len symmetric key length
3075* @return 0 on success, negative on failure
3076*/
3077BOTAN_FFI_EXPORT(3, 0)
3078int botan_srp6_server_session_step2(
3079 botan_srp6_server_session_t srp6, const uint8_t A[], size_t A_len, uint8_t key[], size_t* key_len);
3080
3081/**
3082* Generate a new SRP-6 verifier
3083* @param identifier a username or other client identifier
3084* @param password the secret used to authenticate user
3085* @param salt a randomly chosen value, at least 128 bits long
3086* @param salt_len the length of salt
3087* @param group_id specifies the shared SRP group
3088* @param hash_id specifies a secure hash function
3089* @param verifier out buffer to store the SRP-6 verifier value
3090* @param verifier_len SRP-6 verifier value length
3091* @return 0 on success, negative on failure
3092*/
3093BOTAN_FFI_EXPORT(3, 0)
3094int botan_srp6_generate_verifier(const char* identifier,
3095 const char* password,
3096 const uint8_t salt[],
3097 size_t salt_len,
3098 const char* group_id,
3099 const char* hash_id,
3100 uint8_t verifier[],
3101 size_t* verifier_len);
3102
3103/**
3104* SRP6a Client side
3105* @param username the username we are attempting login for
3106* @param password the password we are attempting to use
3107* @param group_id specifies the shared SRP group
3108* @param hash_id specifies a secure hash function
3109* @param salt is the salt value sent by the server
3110* @param salt_len the length of salt
3111* @param B is the server's public value
3112* @param B_len is the server's public value length
3113* @param rng_obj is a random number generator object
3114* @param A out buffer to store the SRP-6 A value
3115* @param A_len SRP-6 A verifier value length
3116* @param K out buffer to store the symmetric value
3117* @param K_len symmetric key length
3118* @return 0 on success, negative on failure
3119*/
3120BOTAN_FFI_EXPORT(3, 0)
3121int botan_srp6_client_agree(const char* username,
3122 const char* password,
3123 const char* group_id,
3124 const char* hash_id,
3125 const uint8_t salt[],
3126 size_t salt_len,
3127 const uint8_t B[],
3128 size_t B_len,
3129 botan_rng_t rng_obj,
3130 uint8_t A[],
3131 size_t* A_len,
3132 uint8_t K[],
3133 size_t* K_len);
3134
3135/**
3136* Return the size, in bytes, of the prime associated with group_id
3137*/
3138BOTAN_FFI_EXPORT(3, 0)
3139int botan_srp6_group_size(const char* group_id, size_t* group_p_bytes);
3140
3141/**
3142 * ZFEC
3143 */
3144
3145/**
3146 * Encode some bytes with certain ZFEC parameters.
3147 *
3148 * @param K the number of shares needed for recovery
3149 * @param N the number of shares generated
3150 * @param input the data to FEC
3151 * @param size the length in bytes of input, which must be a multiple of K
3152 *
3153 * @param outputs An out parameter pointing to a fully allocated array of size
3154 * [N][size / K]. For all n in range, an encoded block will be
3155 * written to the memory starting at outputs[n][0].
3156 *
3157 * @return 0 on success, negative on failure
3158 */
3159BOTAN_FFI_EXPORT(3, 0)
3160int botan_zfec_encode(size_t K, size_t N, const uint8_t* input, size_t size, uint8_t** outputs);
3161
3162/**
3163 * Decode some previously encoded shares using certain ZFEC parameters.
3164 *
3165 * @param K the number of shares needed for recovery
3166 * @param N the total number of shares
3167 *
3168 * @param indexes The index into the encoder's outputs for the corresponding
3169 * element of the inputs array. Must be of length K.
3170 *
3171 * @param inputs K previously encoded shares to decode
3172 * @param shareSize the length in bytes of each input
3173 *
3174 * @param outputs An out parameter pointing to a fully allocated array of size
3175 * [K][shareSize]. For all k in range, a decoded block will
3176 * written to the memory starting at outputs[k][0].
3177 *
3178 * @return 0 on success, negative on failure
3179 */
3180BOTAN_FFI_EXPORT(3, 0)
3181int botan_zfec_decode(
3182 size_t K, size_t N, const size_t* indexes, uint8_t* const* inputs, size_t shareSize, uint8_t** outputs);
3183
3184/**
3185* TPM2 context
3186*/
3187typedef struct botan_tpm2_ctx_struct* botan_tpm2_ctx_t;
3188
3189/**
3190* TPM2 session
3191*/
3192typedef struct botan_tpm2_session_struct* botan_tpm2_session_t;
3193
3194/**
3195* TPM2 crypto backend state object
3196*/
3197typedef struct botan_tpm2_crypto_backend_state_struct* botan_tpm2_crypto_backend_state_t;
3198
3199struct ESYS_CONTEXT;
3200
3201/**
3202* Checks if Botan's TSS2 crypto backend can be used in this build
3203* @returns 1 if the crypto backend can be enabled
3204*/
3205BOTAN_FFI_EXPORT(3, 6)
3206int botan_tpm2_supports_crypto_backend(void);
3207
3208/**
3209* Initialize a TPM2 context
3210* @param ctx_out output TPM2 context
3211* @param tcti_nameconf TCTI config (may be nullptr)
3212* @return 0 on success
3213*/
3214BOTAN_FFI_EXPORT(3, 6) int botan_tpm2_ctx_init(botan_tpm2_ctx_t* ctx_out, const char* tcti_nameconf);
3215
3216/**
3217* Initialize a TPM2 context
3218* @param ctx_out output TPM2 context
3219* @param tcti_name TCTI name (may be nullptr)
3220* @param tcti_conf TCTI config (may be nullptr)
3221* @return 0 on success
3222*/
3223BOTAN_FFI_EXPORT(3, 6)
3224int botan_tpm2_ctx_init_ex(botan_tpm2_ctx_t* ctx_out, const char* tcti_name, const char* tcti_conf);
3225
3226/**
3227* Wrap an existing ESYS_CONTEXT for use in Botan.
3228* Note that destroying the created botan_tpm2_ctx_t won't
3229* finalize @p esys_ctx
3230* @param ctx_out output TPM2 context
3231* @param esys_ctx ESYS_CONTEXT to wrap
3232* @return 0 on success
3233*/
3234BOTAN_FFI_EXPORT(3, 7)
3235int botan_tpm2_ctx_from_esys(botan_tpm2_ctx_t* ctx_out, struct ESYS_CONTEXT* esys_ctx);
3236
3237/**
3238* Enable Botan's TSS2 crypto backend that replaces the cryptographic functions
3239* required for the communication with the TPM with implementations provided
3240* by Botan instead of using TSS' defaults OpenSSL or mbedTLS.
3241* Note that the provided @p rng should not be dependent on the TPM and the
3242* caller must ensure that it remains usable for the lifetime of the @p ctx.
3243* @param ctx TPM2 context
3244* @param rng random number generator to be used by the crypto backend
3245*/
3246BOTAN_FFI_EXPORT(3, 6)
3247int botan_tpm2_ctx_enable_crypto_backend(botan_tpm2_ctx_t ctx, botan_rng_t rng);
3248
3249/**
3250* Frees all resources of a TPM2 context
3251* @param ctx TPM2 context
3252* @return 0 on success
3253*/
3254BOTAN_FFI_EXPORT(3, 6) int botan_tpm2_ctx_destroy(botan_tpm2_ctx_t ctx);
3255
3256/**
3257* Use this if you just need Botan's crypto backend but do not want to wrap any
3258* other ESYS functionality using Botan's TPM2 wrapper.
3259* A Crypto Backend State is created that the user needs to keep alive for as
3260* long as the crypto backend is used and needs to be destroyed after.
3261* Note that the provided @p rng should not be dependent on the TPM and the
3262* caller must ensure that it remains usable for the lifetime of the @p esys_ctx.
3263* @param cbs_out To be created Crypto Backend State
3264* @param esys_ctx TPM2 context
3265* @param rng random number generator to be used by the crypto backend
3266*/
3267BOTAN_FFI_EXPORT(3, 7)
3268int botan_tpm2_enable_crypto_backend(botan_tpm2_crypto_backend_state_t* cbs_out,
3269 struct ESYS_CONTEXT* esys_ctx,
3270 botan_rng_t rng);
3271
3272/**
3273* Frees all resources of a TPM2 Crypto Callback State
3274* Note that this does not attempt to de-register the crypto backend,
3275* it just frees the resource pointed to by @p cbs. Use the ESAPI function
3276* ``Esys_SetCryptoCallbacks(ctx, nullptr)`` to deregister manually.
3277* @param cbs TPM2 Crypto Callback State
3278* @return 0 on success
3279*/
3280BOTAN_FFI_EXPORT(3, 7) int botan_tpm2_crypto_backend_state_destroy(botan_tpm2_crypto_backend_state_t cbs);
3281
3282/**
3283* Initialize a random number generator object via TPM2
3284* @param rng_out rng object to create
3285* @param ctx TPM2 context
3286* @param s1 the first session to use (optional, may be nullptr)
3287* @param s2 the second session to use (optional, may be nullptr)
3288* @param s3 the third session to use (optional, may be nullptr)
3289*/
3290BOTAN_FFI_EXPORT(3, 6)
3291int botan_tpm2_rng_init(botan_rng_t* rng_out,
3292 botan_tpm2_ctx_t ctx,
3293 botan_tpm2_session_t s1,
3294 botan_tpm2_session_t s2,
3295 botan_tpm2_session_t s3);
3296
3297/**
3298* Create an unauthenticated session for use with TPM2
3299* @param session_out the session object to create
3300* @param ctx TPM2 context
3301*/
3302BOTAN_FFI_EXPORT(3, 6)
3303int botan_tpm2_unauthenticated_session_init(botan_tpm2_session_t* session_out, botan_tpm2_ctx_t ctx);
3304
3305/**
3306* Create an unauthenticated session for use with TPM2
3307* @param session the session object to destroy
3308*/
3309BOTAN_FFI_EXPORT(3, 6)
3310int botan_tpm2_session_destroy(botan_tpm2_session_t session);
3311
3312/* NOLINTEND(*-macro-usage,*-misplaced-const) */
3313
3314#ifdef __cplusplus
3315}
3316#endif
3317
3318#endif
botan_version_datestamp
uint32_t botan_version_datestamp()
Definition ffi.cpp:314
botan_same_mem
int botan_same_mem(const uint8_t *x, const uint8_t *y, size_t len)
Definition ffi.cpp:327
botan_version_string
const char * botan_version_string()
Definition ffi.cpp:298
botan_base64_decode
int botan_base64_decode(const char *base64_str, size_t in_len, uint8_t *out, size_t *out_len)
Definition ffi.cpp:370
botan_version_patch
uint32_t botan_version_patch()
Definition ffi.cpp:310
botan_base64_encode
int botan_base64_encode(const uint8_t *in, size_t len, char *out, size_t *out_len)
Definition ffi.cpp:360
botan_scrub_mem
int botan_scrub_mem(void *mem, size_t bytes)
Definition ffi.cpp:331
botan_hex_encode
int botan_hex_encode(const uint8_t *in, size_t len, char *out, uint32_t flags)
Definition ffi.cpp:339
botan_version_major
uint32_t botan_version_major()
Definition ffi.cpp:302
botan_ffi_api_version
uint32_t botan_ffi_api_version()
Definition ffi.cpp:219
botan_ffi_supports_api
int botan_ffi_supports_api(uint32_t api_version)
Definition ffi.cpp:223
botan_error_description
const char * botan_error_description(int err)
Definition ffi.cpp:142
botan_version_minor
uint32_t botan_version_minor()
Definition ffi.cpp:306
botan_constant_time_compare
int botan_constant_time_compare(const uint8_t *x, const uint8_t *y, size_t len)
Definition ffi.cpp:318
botan_hex_decode
int botan_hex_decode(const char *hex_str, size_t in_len, uint8_t *out, size_t *out_len)
Definition ffi.cpp:350
botan_error_last_exception_message
const char * botan_error_last_exception_message()
Definition ffi.cpp:138
botan_mp_lshift
int botan_mp_lshift(botan_mp_t out, botan_mp_t in, size_t shift)
Definition ffi_mp.cpp:244
botan_block_cipher_get_keyspec
int botan_block_cipher_get_keyspec(botan_block_cipher_t cipher, size_t *out_minimum_keylength, size_t *out_maximum_keylength, size_t *out_keylength_modulo)
Definition ffi_block.cpp:86
botan_block_cipher_init
int botan_block_cipher_init(botan_block_cipher_t *bc, const char *cipher_name)
Definition ffi_block.cpp:18
botan_pk_op_sign_finish
int botan_pk_op_sign_finish(botan_pk_op_sign_t op, botan_rng_t rng, uint8_t sig[], size_t *sig_len)
Definition ffi_pk_op.cpp:146
botan_x509_cert_get_subject_dn_count
int botan_x509_cert_get_subject_dn_count(botan_x509_cert_t cert, const char *key, size_t *count)
Definition ffi_cert.cpp:539
botan_x509_is_revoked
int botan_x509_is_revoked(botan_x509_crl_t crl, botan_x509_cert_t cert)
Definition ffi_cert.cpp:1333
botan_mp_is_prime
int botan_mp_is_prime(botan_mp_t n, botan_rng_t rng, size_t test_prob)
Definition ffi_mp.cpp:278
botan_rng_reseed_from_rng
int botan_rng_reseed_from_rng(botan_rng_t rng, botan_rng_t source_rng, size_t bits)
Definition ffi_rng.cpp:196
botan_x509_crl_destroy
int botan_x509_crl_destroy(botan_x509_crl_t crl)
Definition ffi_cert.cpp:1213
botan_ec_point_add
int botan_ec_point_add(botan_ec_point_t *result, botan_ec_point_t x, botan_ec_point_t y)
Definition ffi_ec.cpp:346
botan_privkey_load_x448
int botan_privkey_load_x448(botan_privkey_t *key, const uint8_t privkey[56])
Definition ffi_pkey_algs.cpp:1130
botan_ec_group_get_g_x
int botan_ec_group_get_g_x(botan_mp_t *g_x, botan_ec_group_t ec_group)
Definition ffi_ec.cpp:175
botan_mp_div
int botan_mp_div(botan_mp_t quotient, botan_mp_t remainder, botan_mp_t x, botan_mp_t y)
Definition ffi_mp.cpp:203
botan_mp_set_from_int
int botan_mp_set_from_int(botan_mp_t mp, int initial_value)
Definition ffi_mp.cpp:39
botan_mp_to_bin
int botan_mp_to_bin(botan_mp_t mp, uint8_t vec[])
Definition ffi_mp.cpp:128
botan_x509_cert_destroy
int botan_x509_cert_destroy(botan_x509_cert_t cert)
Definition ffi_cert.cpp:607
botan_pubkey_load_ml_dsa
int botan_pubkey_load_ml_dsa(botan_pubkey_t *key, const uint8_t pubkey[], size_t key_len, const char *mldsa_mode)
Definition ffi_pkey_algs.cpp:1378
botan_bcrypt_generate
int botan_bcrypt_generate(uint8_t *out, size_t *out_len, const char *password, botan_rng_t rng, size_t work_factor, uint32_t flags)
Definition ffi_kdf.cpp:177
botan_pk_op_sign_output_length
int botan_pk_op_sign_output_length(botan_pk_op_sign_t op, size_t *olen)
Definition ffi_pk_op.cpp:134
botan_pk_op_kem_decrypt_t
struct botan_pk_op_kem_decrypt_struct * botan_pk_op_kem_decrypt_t
Definition ffi.h:2323
botan_x509_cert_view_string_values
int botan_x509_cert_view_string_values(botan_x509_cert_t cert, botan_x509_value_type value_type, size_t index, botan_view_ctx ctx, botan_view_str_fn view)
Definition ffi_cert.cpp:353
botan_x509_crl_entry_serial_number
int botan_x509_crl_entry_serial_number(botan_x509_crl_entry_t entry, botan_mp_t *serial_number)
Definition ffi_cert.cpp:1401
botan_rng_init_drbg
int botan_rng_init_drbg(botan_rng_t *rng_out, const char *drbg_name, const uint8_t *seed, size_t seed_len)
Definition ffi_rng.cpp:200
botan_privkey_check_key
int botan_privkey_check_key(botan_privkey_t key, botan_rng_t rng, uint32_t flags)
Definition ffi_pkey.cpp:178
botan_xof_clear
int botan_xof_clear(botan_xof_t xof)
Definition ffi_xof.cpp:65
botan_mp_rand_range
int botan_mp_rand_range(botan_mp_t rand_out, botan_rng_t rng, botan_mp_t lower_bound, botan_mp_t upper_bound)
Definition ffi_mp.cpp:269
botan_pk_op_decrypt
int botan_pk_op_decrypt(botan_pk_op_decrypt_t op, uint8_t out[], size_t *out_len, const uint8_t ciphertext[], size_t ciphertext_len)
Definition ffi_pk_op.cpp:101
botan_srp6_server_session_step1
int botan_srp6_server_session_step1(botan_srp6_server_session_t srp6, const uint8_t verifier[], size_t verifier_len, const char *group_id, const char *hash_id, botan_rng_t rng_obj, uint8_t B_pub[], size_t *B_pub_len)
botan_privkey_rsa_get_q
int botan_privkey_rsa_get_q(botan_mp_t q, botan_privkey_t rsa_key)
Definition ffi_pkey_algs.cpp:311
botan_hash_update
int botan_hash_update(botan_hash_t hash, const uint8_t *in, size_t in_len)
Definition ffi_hash.cpp:59
botan_pubkey_load_ecdh
int botan_pubkey_load_ecdh(botan_pubkey_t *key, botan_mp_t public_x, botan_mp_t public_y, const char *curve_name)
Definition ffi_pkey_algs.cpp:657
botan_mp_rshift
int botan_mp_rshift(botan_mp_t out, botan_mp_t in, size_t shift)
Definition ffi_mp.cpp:248
botan_nist_kw_enc
int botan_nist_kw_enc(const char *cipher_algo, int padded, const uint8_t key[], size_t key_len, const uint8_t kek[], size_t kek_len, uint8_t wrapped_key[], size_t *wrapped_key_len)
Definition ffi_keywrap.cpp:22
botan_privkey_create_rsa
int botan_privkey_create_rsa(botan_privkey_t *key, botan_rng_t rng, size_t n_bits)
Definition ffi_pkey_algs.cpp:228
botan_privkey_view_kyber_raw_key
int botan_privkey_view_kyber_raw_key(botan_privkey_t key, botan_view_ctx ctx, botan_view_bin_fn view)
Definition ffi_pkey_algs.cpp:1271
botan_privkey_create_ecdsa
int botan_privkey_create_ecdsa(botan_privkey_t *key, botan_rng_t rng, const char *params)
Definition ffi_pkey_algs.cpp:439
botan_pubkey_t
struct botan_pubkey_struct * botan_pubkey_t
Definition ffi.h:1797
botan_ec_point_equal
int botan_ec_point_equal(botan_ec_point_t x, botan_ec_point_t y)
Definition ffi_ec.cpp:319
botan_mp_set_from_radix_str
int botan_mp_set_from_radix_str(botan_mp_t dest, const char *str, size_t radix)
Definition ffi_mp.cpp:47
botan_rng_add_entropy
int botan_rng_add_entropy(botan_rng_t rng, const uint8_t *entropy, size_t entropy_len)
Definition ffi_rng.cpp:189
botan_key_unwrap3394
int botan_key_unwrap3394(const uint8_t wrapped_key[], size_t wrapped_key_len, const uint8_t kek[], size_t kek_len, uint8_t key[], size_t *key_len)
Definition ffi_keywrap.cpp:104
botan_cipher_start
int botan_cipher_start(botan_cipher_t cipher, const uint8_t *nonce, size_t nonce_len)
Definition ffi_cipher.cpp:180
botan_mp_add
int botan_mp_add(botan_mp_t result, botan_mp_t x, botan_mp_t y)
Definition ffi_mp.cpp:153
botan_oid_cmp
int botan_oid_cmp(int *result, botan_asn1_oid_t a, botan_asn1_oid_t b)
Definition ffi_oid.cpp:63
botan_mp_powmod
int botan_mp_powmod(botan_mp_t out, botan_mp_t base, botan_mp_t exponent, botan_mp_t modulus)
Definition ffi_mp.cpp:239
botan_ec_point_destroy
int botan_ec_point_destroy(botan_ec_point_t ec_point)
Definition ffi_ec.cpp:230
botan_x509_crl_next_update
int botan_x509_crl_next_update(botan_x509_crl_t crl, uint64_t *time_since_epoch)
Definition ffi_cert.cpp:1102
botan_cipher_valid_nonce_length
int botan_cipher_valid_nonce_length(botan_cipher_t cipher, size_t nl)
Definition ffi_cipher.cpp:320
botan_ec_group_view_pem
int botan_ec_group_view_pem(botan_ec_group_t ec_group, botan_view_ctx ctx, botan_view_str_fn view)
Definition ffi_ec.cpp:133
botan_mac_init
int botan_mac_init(botan_mac_t *mac, const char *mac_name, uint32_t flags)
Definition ffi_mac.cpp:18
botan_ec_group_get_curve_oid
int botan_ec_group_get_curve_oid(botan_asn1_oid_t *oid, botan_ec_group_t ec_group)
Definition ffi_ec.cpp:139
botan_srp6_server_session_step2
int botan_srp6_server_session_step2(botan_srp6_server_session_t srp6, const uint8_t A[], size_t A_len, uint8_t key[], size_t *key_len)
Definition ffi_srp6.cpp:102
botan_mp_to_uint32
int botan_mp_to_uint32(botan_mp_t mp, uint32_t *val)
Definition ffi_mp.cpp:142
botan_pubkey_estimated_strength
int botan_pubkey_estimated_strength(botan_pubkey_t key, size_t *estimate)
Definition ffi_pkey.cpp:452
botan_mceies_encrypt
int botan_mceies_encrypt(botan_pubkey_t mce_key, botan_rng_t rng, const char *aead, const uint8_t pt[], size_t pt_len, const uint8_t ad[], size_t ad_len, uint8_t ct[], size_t *ct_len)
Definition ffi_pkey_algs.cpp:1576
botan_pkcs_hash_id
int botan_pkcs_hash_id(const char *hash_name, uint8_t pkcs_id[], size_t *pkcs_id_len)
Definition ffi_pkey.cpp:469
botan_privkey_rsa_get_privkey
int botan_privkey_rsa_get_privkey(botan_privkey_t rsa_key, uint8_t out[], size_t *out_len, uint32_t flags)
Definition ffi_pkey_algs.cpp:335
botan_privkey_create_dh
int botan_privkey_create_dh(botan_privkey_t *key, botan_rng_t rng, const char *param)
Definition ffi_pkey_algs.cpp:598
botan_privkey_load_rsa_pkcs1
int botan_privkey_load_rsa_pkcs1(botan_privkey_t *key, const uint8_t bits[], size_t len)
Definition ffi_pkey_algs.cpp:255
botan_hash_name
int botan_hash_name(botan_hash_t hash, char *name, size_t *name_len)
Definition ffi_hash.cpp:86
botan_x509_cert_get_issuer_dn_count
int botan_x509_cert_get_issuer_dn_count(botan_x509_cert_t cert, const char *key, size_t *count)
Definition ffi_cert.cpp:502
botan_cipher_get_tag_length
int botan_cipher_get_tag_length(botan_cipher_t cipher, size_t *tag_size)
Definition ffi_cipher.cpp:345
botan_ec_group_from_params
int botan_ec_group_from_params(botan_ec_group_t *ec_group, botan_asn1_oid_t oid, botan_mp_t p, botan_mp_t a, botan_mp_t b, botan_mp_t base_x, botan_mp_t base_y, botan_mp_t order)
Definition ffi_ec.cpp:51
botan_pubkey_load_slh_dsa
int botan_pubkey_load_slh_dsa(botan_pubkey_t *key, const uint8_t pubkey[], size_t key_len, const char *slhdsa_mode)
Definition ffi_pkey_algs.cpp:1428
botan_ec_group_get_g_y
int botan_ec_group_get_g_y(botan_mp_t *g_y, botan_ec_group_t ec_group)
Definition ffi_ec.cpp:180
botan_pk_op_key_agreement_export_public
int botan_pk_op_key_agreement_export_public(botan_privkey_t key, uint8_t out[], size_t *out_len)
Definition ffi_pk_op.cpp:208
botan_x509_crl_entry_destroy
int botan_x509_crl_entry_destroy(botan_x509_crl_entry_t entry)
Definition ffi_cert.cpp:1376
botan_x509_cert_issuer_alternative_names_count
int botan_x509_cert_issuer_alternative_names_count(botan_x509_cert_t cert, size_t *count)
Definition ffi_cert.cpp:946
botan_privkey_get_field
int botan_privkey_get_field(botan_mp_t output, botan_privkey_t key, const char *field_name)
Definition ffi_pkey_algs.cpp:216
botan_x509_cert_view_binary_values
int botan_x509_cert_view_binary_values(botan_x509_cert_t cert, botan_x509_value_type value_type, size_t index, botan_view_ctx ctx, botan_view_bin_fn view)
Definition ffi_cert.cpp:286
botan_x509_crl_view_binary_values_count
int botan_x509_crl_view_binary_values_count(botan_x509_crl_t crl_obj, botan_x509_value_type value_type, size_t *count)
Definition ffi_cert.cpp:1274
botan_srp6_generate_verifier
int botan_srp6_generate_verifier(const char *identifier, const char *password, const uint8_t salt[], size_t salt_len, const char *group_id, const char *hash_id, uint8_t verifier[], size_t *verifier_len)
Definition ffi_srp6.cpp:123
botan_rng_init_custom
int botan_rng_init_custom(botan_rng_t *rng_out, const char *rng_name, void *context, int(*get_cb)(void *context, uint8_t *out, size_t out_len), int(*add_entropy_cb)(void *context, const uint8_t input[], size_t length), void(*destroy_cb)(void *context))
Definition ffi_rng.cpp:81
botan_hotp_generate
int botan_hotp_generate(botan_hotp_t hotp, uint32_t *hotp_code, uint64_t hotp_counter)
Definition ffi_hotp.cpp:53
BOTAN_FFI_EXPORT
#define BOTAN_FFI_EXPORT(maj, min)
Definition ffi.h:91
botan_pwdhash_timed
int botan_pwdhash_timed(const char *algo, uint32_t msec, size_t *param1, size_t *param2, size_t *param3, uint8_t out[], size_t out_len, const char *passphrase, size_t passphrase_len, const uint8_t salt[], size_t salt_len)
Definition ffi_kdf.cpp:93
botan_srp6_server_session_t
struct botan_srp6_server_session_struct * botan_srp6_server_session_t
Definition ffi.h:3029
botan_rng_reseed
int botan_rng_reseed(botan_rng_t rng, size_t bits)
Definition ffi_rng.cpp:185
botan_mp_init
int botan_mp_init(botan_mp_t *mp)
Definition ffi_mp.cpp:24
botan_tpm2_ctx_enable_crypto_backend
int botan_tpm2_ctx_enable_crypto_backend(botan_tpm2_ctx_t ctx, botan_rng_t rng)
Definition ffi_tpm2.cpp:150
botan_privkey_view_encrypted_pem_timed
int botan_privkey_view_encrypted_pem_timed(botan_privkey_t key, botan_rng_t rng, const char *passphrase, const char *cipher_algo, const char *pbkdf_algo, size_t pbkdf_runtime_msec, botan_view_ctx ctx, botan_view_str_fn view)
Definition ffi_pkey.cpp:300
botan_tpm2_ctx_init_ex
int botan_tpm2_ctx_init_ex(botan_tpm2_ctx_t *ctx_out, const char *tcti_name, const char *tcti_conf)
Definition ffi_tpm2.cpp:100
botan_pk_op_decrypt_create
int botan_pk_op_decrypt_create(botan_pk_op_decrypt_t *op, botan_privkey_t key, const char *padding, uint32_t flags)
Definition ffi_pk_op.cpp:70
botan_pubkey_load_classic_mceliece
int botan_pubkey_load_classic_mceliece(botan_pubkey_t *key, const uint8_t pubkey[], size_t key_len, const char *cmce_mode)
Definition ffi_pkey_algs.cpp:1519
botan_x509_general_name_view_binary_value
int botan_x509_general_name_view_binary_value(botan_x509_general_name_t name, botan_view_ctx ctx, botan_view_bin_fn view)
Definition ffi_cert.cpp:781
botan_pubkey_rsa_get_n
int botan_pubkey_rsa_get_n(botan_mp_t n, botan_pubkey_t rsa_key)
Definition ffi_pkey_algs.cpp:331
botan_privkey_load
int botan_privkey_load(botan_privkey_t *key, botan_rng_t rng, const uint8_t bits[], size_t len, const char *password)
Definition ffi_pkey.cpp:87
botan_totp_generate
int botan_totp_generate(botan_totp_t totp, uint32_t *totp_code, uint64_t timestamp)
Definition ffi_totp.cpp:54
botan_ec_point_mul
int botan_ec_point_mul(botan_ec_point_t *result, botan_ec_point_t ec_point, botan_ec_scalar_t ec_scalar, botan_rng_t rng)
Definition ffi_ec.cpp:323
botan_pk_op_decrypt_t
struct botan_pk_op_decrypt_struct * botan_pk_op_decrypt_t
Definition ffi.h:2202
botan_mac_t
struct botan_mac_struct * botan_mac_t
Definition ffi.h:570
botan_mp_to_str
int botan_mp_to_str(botan_mp_t mp, uint8_t radix, char *out, size_t *out_len)
Definition ffi_mp.cpp:104
botan_x509_crl_this_update
int botan_x509_crl_this_update(botan_x509_crl_t crl, uint64_t *time_since_epoch)
Definition ffi_cert.cpp:1087
botan_x509_cert_view_binary_values_count
int botan_x509_cert_view_binary_values_count(botan_x509_cert_t cert, botan_x509_value_type value_type, size_t *count)
Definition ffi_cert.cpp:341
botan_zfec_decode
int botan_zfec_decode(size_t K, size_t N, const size_t *indexes, uint8_t *const *inputs, size_t shareSize, uint8_t **outputs)
Definition ffi_zfec.cpp:35
botan_mac_destroy
int botan_mac_destroy(botan_mac_t mac)
Definition ffi_mac.cpp:36
botan_mp_is_odd
int botan_mp_is_odd(botan_mp_t mp)
Definition ffi_mp.cpp:219
botan_asn1_oid_t
struct botan_asn1_oid_struct * botan_asn1_oid_t
Definition ffi.h:1253
botan_totp_init
int botan_totp_init(botan_totp_t *totp, const uint8_t key[], size_t key_len, const char *hash_algo, size_t digits, size_t time_step)
Definition ffi_totp.cpp:26
botan_x509_cert_get_public_key
int botan_x509_cert_get_public_key(botan_x509_cert_t cert, botan_pubkey_t *key)
Definition ffi_cert.cpp:463
botan_cipher_requires_entire_message
int botan_cipher_requires_entire_message(botan_cipher_t cipher)
Definition ffi_cipher.cpp:356
botan_tpm2_enable_crypto_backend
int botan_tpm2_enable_crypto_backend(botan_tpm2_crypto_backend_state_t *cbs_out, struct ESYS_CONTEXT *esys_ctx, botan_rng_t rng)
Definition ffi_tpm2.cpp:181
botan_privkey_load_classic_mceliece
int botan_privkey_load_classic_mceliece(botan_privkey_t *key, const uint8_t privkey[], size_t key_len, const char *cmce_mode)
Definition ffi_pkey_algs.cpp:1497
botan_privkey_load_x25519
int botan_privkey_load_x25519(botan_privkey_t *key, const uint8_t privkey[32])
Definition ffi_pkey_algs.cpp:1054
botan_privkey_t
struct botan_privkey_struct * botan_privkey_t
Definition ffi.h:1564
botan_cipher_output_length
int botan_cipher_output_length(botan_cipher_t cipher, size_t in_len, size_t *out_len)
Definition ffi_cipher.cpp:137
botan_oid_from_string
int botan_oid_from_string(botan_asn1_oid_t *oid, const char *oid_str)
Definition ffi_oid.cpp:22
botan_x509_crl_entry_t
struct botan_x509_crl_entry_struct * botan_x509_crl_entry_t
Definition ffi.h:2702
botan_x509_cert_allowed_extended_usage_oid
int botan_x509_cert_allowed_extended_usage_oid(botan_x509_cert_t cert, botan_asn1_oid_t oid)
Definition ffi_cert.cpp:598
botan_cipher_reset
int botan_cipher_reset(botan_cipher_t cipher)
Definition ffi_cipher.cpp:130
botan_cipher_init
int botan_cipher_init(botan_cipher_t *cipher, const char *name, uint32_t flags)
Definition ffi_cipher.cpp:99
botan_ec_point_generator
int botan_ec_point_generator(botan_ec_point_t *ec_point, botan_ec_group_t ec_group)
Definition ffi_ec.cpp:243
botan_privkey_view_encrypted_der
int botan_privkey_view_encrypted_der(botan_privkey_t key, botan_rng_t rng, const char *passphrase, const char *cipher_algo, const char *pbkdf_algo, size_t pbkdf_iterations, botan_view_ctx ctx, botan_view_bin_fn view)
Definition ffi_pkey.cpp:346
botan_block_cipher_clear
int botan_block_cipher_clear(botan_block_cipher_t bc)
Definition ffi_block.cpp:42
botan_pubkey_fingerprint
int botan_pubkey_fingerprint(botan_pubkey_t key, const char *hash, uint8_t out[], size_t *out_len)
Definition ffi_pkey.cpp:459
botan_xof_block_size
int botan_xof_block_size(botan_xof_t xof, size_t *block_size)
Definition ffi_xof.cpp:46
botan_ec_privkey_get_private_key
int botan_ec_privkey_get_private_key(botan_privkey_t key, botan_ec_scalar_t *value)
Definition ffi_pkey_algs.cpp:841
botan_pubkey_dsa_get_p
int botan_pubkey_dsa_get_p(botan_mp_t p, botan_pubkey_t key)
Definition ffi_pkey_algs.cpp:423
botan_privkey_export
int botan_privkey_export(botan_privkey_t key, uint8_t out[], size_t *out_len, uint32_t flags)
Definition ffi_pkey.cpp:212
botan_hash_destroy
int botan_hash_destroy(botan_hash_t hash)
Definition ffi_hash.cpp:37
botan_pubkey_load_ecdh_sec1
int botan_pubkey_load_ecdh_sec1(botan_pubkey_t *key, const uint8_t sec1[], size_t sec1_len, const char *curve_name)
Definition ffi_pkey_algs.cpp:681
botan_pk_op_kem_encrypt_shared_key_length
int botan_pk_op_kem_encrypt_shared_key_length(botan_pk_op_kem_encrypt_t op, size_t desired_shared_key_length, size_t *output_shared_key_length)
Definition ffi_pk_op.cpp:260
botan_pk_op_key_agreement_size
int botan_pk_op_key_agreement_size(botan_pk_op_ka_t op, size_t *out_len)
Definition ffi_pk_op.cpp:222
botan_x509_cert_load_file
int botan_x509_cert_load_file(botan_x509_cert_t *cert_obj, const char *filename)
Definition ffi_cert.cpp:177
botan_pk_op_sign_update
int botan_pk_op_sign_update(botan_pk_op_sign_t op, const uint8_t in[], size_t in_len)
Definition ffi_pk_op.cpp:142
botan_mac_set_nonce
int botan_mac_set_nonce(botan_mac_t mac, const uint8_t *nonce, size_t nonce_len)
Definition ffi_mac.cpp:47
botan_x509_cert_validation_status
const char * botan_x509_cert_validation_status(int code)
Definition ffi_cert.cpp:1040
botan_ec_scalar_to_mp
int botan_ec_scalar_to_mp(botan_ec_scalar_t ec_scalar, botan_mp_t *mp)
Definition ffi_ec.cpp:219
botan_pubkey_ecc_key_used_explicit_encoding
int botan_pubkey_ecc_key_used_explicit_encoding(botan_pubkey_t key)
Definition ffi_pkey_algs.cpp:445
botan_block_cipher_block_size
int botan_block_cipher_block_size(botan_block_cipher_t bc)
Definition ffi_block.cpp:60
botan_pubkey_load_frodokem
int botan_pubkey_load_frodokem(botan_pubkey_t *key, const uint8_t pubkey[], size_t key_len, const char *frodo_mode)
Definition ffi_pkey_algs.cpp:1474
botan_x509_crl_update
int botan_x509_crl_update(botan_x509_crl_t *crl_obj, botan_x509_crl_t last_crl, botan_rng_t rng, botan_x509_cert_t ca_cert, botan_privkey_t ca_key, uint64_t issue_time, uint32_t next_update, const botan_x509_crl_entry_t *new_entries, size_t new_entries_len, const char *hash_fn, const char *padding)
Definition ffi_cert.cpp:1164
botan_privkey_ed25519_get_privkey
int botan_privkey_ed25519_get_privkey(botan_privkey_t key, uint8_t output[64])
Definition ffi_pkey_algs.cpp:932
botan_x509_crl_t
struct botan_x509_crl_struct * botan_x509_crl_t
Definition ffi.h:2701
botan_srp6_server_session_init
int botan_srp6_server_session_init(botan_srp6_server_session_t *srp6)
Definition ffi_srp6.cpp:32
botan_tpm2_session_t
struct botan_tpm2_session_struct * botan_tpm2_session_t
Definition ffi.h:3192
botan_privkey_export_pubkey
int botan_privkey_export_pubkey(botan_pubkey_t *out, botan_privkey_t in)
Definition ffi_pkey.cpp:152
botan_tpm2_ctx_init
int botan_tpm2_ctx_init(botan_tpm2_ctx_t *ctx_out, const char *tcti_nameconf)
Definition ffi_tpm2.cpp:75
botan_cipher_destroy
int botan_cipher_destroy(botan_cipher_t cipher)
Definition ffi_cipher.cpp:119
botan_x509_cert_verify_with_crl
int botan_x509_cert_verify_with_crl(int *validation_result, botan_x509_cert_t cert, const botan_x509_cert_t *intermediates, size_t intermediates_len, const botan_x509_cert_t *trusted, size_t trusted_len, const botan_x509_crl_t *crls, size_t crls_len, const char *trusted_path, size_t required_strength, const char *hostname, uint64_t reference_time)
Definition ffi_cert.cpp:1443
BOTAN_FFI_DEPRECATED
#define BOTAN_FFI_DEPRECATED(msg)
Definition ffi.h:106
botan_pubkey_load_rsa_pkcs1
int botan_pubkey_load_rsa_pkcs1(botan_pubkey_t *key, const uint8_t bits[], size_t len)
Definition ffi_pkey_algs.cpp:289
botan_mp_num_bytes
int botan_mp_num_bytes(botan_mp_t n, size_t *bytes)
Definition ffi_mp.cpp:301
botan_x509_cert_get_authority_key_id
int botan_x509_cert_get_authority_key_id(botan_x509_cert_t cert, uint8_t out[], size_t *out_len)
Definition ffi_cert.cpp:701
botan_x509_cert_get_issuer_dn
int botan_x509_cert_get_issuer_dn(botan_x509_cert_t cert, const char *key, size_t index, uint8_t out[], size_t *out_len)
Definition ffi_cert.cpp:481
botan_x509_general_name_destroy
int botan_x509_general_name_destroy(botan_x509_general_name_t alt_names)
Definition ffi_cert.cpp:803
botan_pubkey_oid
int botan_pubkey_oid(botan_asn1_oid_t *oid, botan_pubkey_t key)
Definition ffi_pkey.cpp:396
botan_x509_cert_subject_alternative_names_count
int botan_x509_cert_subject_alternative_names_count(botan_x509_cert_t cert, size_t *count)
Definition ffi_cert.cpp:907
botan_pk_op_decrypt_destroy
int botan_pk_op_decrypt_destroy(botan_pk_op_decrypt_t op)
Definition ffi_pk_op.cpp:90
botan_x509_crl_reason_code
botan_x509_crl_reason_code
Definition ffi.h:2733
BOTAN_CRL_ENTRY_PRIVILEGE_WITHDRAWN
@ BOTAN_CRL_ENTRY_PRIVILEGE_WITHDRAWN
Definition ffi.h:2742
BOTAN_CRL_ENTRY_UNSPECIFIED
@ BOTAN_CRL_ENTRY_UNSPECIFIED
Definition ffi.h:2734
BOTAN_CRL_ENTRY_SUPERSEDED
@ BOTAN_CRL_ENTRY_SUPERSEDED
Definition ffi.h:2738
BOTAN_CRL_ENTRY_CERTIFICATE_HOLD
@ BOTAN_CRL_ENTRY_CERTIFICATE_HOLD
Definition ffi.h:2740
BOTAN_CRL_ENTRY_CESSATION_OF_OPERATION
@ BOTAN_CRL_ENTRY_CESSATION_OF_OPERATION
Definition ffi.h:2739
BOTAN_CRL_ENTRY_CA_COMPROMISE
@ BOTAN_CRL_ENTRY_CA_COMPROMISE
Definition ffi.h:2736
BOTAN_CRL_ENTRY_REMOVE_FROM_CRL
@ BOTAN_CRL_ENTRY_REMOVE_FROM_CRL
Definition ffi.h:2741
BOTAN_CRL_ENTRY_AA_COMPROMISE
@ BOTAN_CRL_ENTRY_AA_COMPROMISE
Definition ffi.h:2743
BOTAN_CRL_ENTRY_KEY_COMPROMISE
@ BOTAN_CRL_ENTRY_KEY_COMPROMISE
Definition ffi.h:2735
BOTAN_CRL_ENTRY_AFFILIATION_CHANGED
@ BOTAN_CRL_ENTRY_AFFILIATION_CHANGED
Definition ffi.h:2737
botan_x509_cert_excluded_name_constraints
int botan_x509_cert_excluded_name_constraints(botan_x509_cert_t cert, size_t index, botan_x509_general_name_t *constraint)
Definition ffi_cert.cpp:847
botan_cipher_name
int botan_cipher_name(botan_cipher_t cipher, char *name, size_t *name_len)
Definition ffi_cipher.cpp:360
botan_cipher_set_associated_data
int botan_cipher_set_associated_data(botan_cipher_t cipher, const uint8_t *ad, size_t ad_len)
Definition ffi_cipher.cpp:310
botan_mp_view_hex
int botan_mp_view_hex(botan_mp_t mp, botan_view_ctx ctx, botan_view_str_fn view)
Definition ffi_mp.cpp:97
botan_x509_crl_entries_count
int botan_x509_crl_entries_count(botan_x509_crl_t crl, size_t *count)
Definition ffi_cert.cpp:1363
botan_privkey_load_rsa
int botan_privkey_load_rsa(botan_privkey_t *key, botan_mp_t p, botan_mp_t q, botan_mp_t e)
Definition ffi_pkey_algs.cpp:238
botan_privkey_destroy
int botan_privkey_destroy(botan_privkey_t key)
Definition ffi_pkey.cpp:120
botan_pubkey_algo_name
int botan_pubkey_algo_name(botan_pubkey_t key, char out[], size_t *out_len)
Definition ffi_pkey.cpp:166
botan_pk_op_encrypt_t
struct botan_pk_op_encrypt_struct * botan_pk_op_encrypt_t
Definition ffi.h:2178
botan_pubkey_view_pem
int botan_pubkey_view_pem(botan_pubkey_t key, botan_view_ctx ctx, botan_view_str_fn view)
Definition ffi_pkey.cpp:202
botan_mp_from_bin
int botan_mp_from_bin(botan_mp_t mp, const uint8_t vec[], size_t vec_len)
Definition ffi_mp.cpp:76
botan_ec_group_get_a
int botan_ec_group_get_a(botan_mp_t *a, botan_ec_group_t ec_group)
Definition ffi_ec.cpp:167
botan_block_cipher_decrypt_blocks
int botan_block_cipher_decrypt_blocks(botan_block_cipher_t bc, const uint8_t in[], uint8_t out[], size_t blocks)
Definition ffi_block.cpp:71
botan_hash_clear
int botan_hash_clear(botan_hash_t hash)
Definition ffi_hash.cpp:55
botan_x509_crl_entries
int botan_x509_crl_entries(botan_x509_crl_t crl, size_t index, botan_x509_crl_entry_t *entry)
Definition ffi_cert.cpp:1343
botan_pubkey_dsa_get_y
int botan_pubkey_dsa_get_y(botan_mp_t y, botan_pubkey_t key)
Definition ffi_pkey_algs.cpp:435
botan_mp_add_u32
int botan_mp_add_u32(botan_mp_t result, botan_mp_t x, uint32_t y)
Definition ffi_mp.cpp:173
botan_pubkey_load_ml_kem
int botan_pubkey_load_ml_kem(botan_pubkey_t *key, const uint8_t pubkey[], size_t key_len, const char *mlkem_mode)
Definition ffi_pkey_algs.cpp:1328
botan_mp_to_hex
int botan_mp_to_hex(botan_mp_t mp, char *out)
Definition ffi_mp.cpp:83
botan_privkey_view_der
int botan_privkey_view_der(botan_privkey_t key, botan_view_ctx ctx, botan_view_bin_fn view)
Definition ffi_pkey.cpp:224
botan_privkey_stateful_operation
int botan_privkey_stateful_operation(botan_privkey_t key, int *out)
Definition ffi_pkey.cpp:422
botan_srp6_client_agree
int botan_srp6_client_agree(const char *username, const char *password, const char *group_id, const char *hash_id, const uint8_t salt[], size_t salt_len, const uint8_t B[], size_t B_len, botan_rng_t rng_obj, uint8_t A[], size_t *A_len, uint8_t K[], size_t *K_len)
Definition ffi_srp6.cpp:153
botan_x509_cert_subject_alternative_names
int botan_x509_cert_subject_alternative_names(botan_x509_cert_t cert, size_t index, botan_x509_general_name_t *alt_name)
Definition ffi_cert.cpp:882
botan_mp_swap
int botan_mp_swap(botan_mp_t x, botan_mp_t y)
Definition ffi_mp.cpp:234
botan_totp_t
struct botan_totp_struct * botan_totp_t
Definition ffi.h:2966
botan_fpe_decrypt
int botan_fpe_decrypt(botan_fpe_t fpe, botan_mp_t x, const uint8_t tweak[], size_t tweak_len)
Definition ffi_fpe.cpp:78
botan_privkey_load_ed448
int botan_privkey_load_ed448(botan_privkey_t *key, const uint8_t privkey[57])
Definition ffi_pkey_algs.cpp:980
botan_mp_destroy
int botan_mp_destroy(botan_mp_t mp)
Definition ffi_mp.cpp:149
botan_mp_mod_mul
int botan_mp_mod_mul(botan_mp_t result, botan_mp_t x, botan_mp_t y, botan_mp_t mod)
Definition ffi_mp.cpp:258
botan_pk_op_encrypt
int botan_pk_op_encrypt(botan_pk_op_encrypt_t op, botan_rng_t rng, uint8_t out[], size_t *out_len, const uint8_t plaintext[], size_t plaintext_len)
Definition ffi_pk_op.cpp:56
botan_x509_crl_entry_revocation_date
int botan_x509_crl_entry_revocation_date(botan_x509_crl_entry_t entry, uint64_t *time_since_epoch)
Definition ffi_cert.cpp:1427
botan_x509_cert_issuer_alternative_names
int botan_x509_cert_issuer_alternative_names(botan_x509_cert_t cert, size_t index, botan_x509_general_name_t *alt_name)
Definition ffi_cert.cpp:921
botan_privkey_view_raw
int botan_privkey_view_raw(botan_privkey_t key, botan_view_ctx ctx, botan_view_bin_fn view)
Definition ffi_pkey.cpp:234
botan_privkey_load_dh
int botan_privkey_load_dh(botan_privkey_t *key, botan_mp_t p, botan_mp_t g, botan_mp_t x)
Definition ffi_pkey_algs.cpp:602
botan_hash_output_length
int botan_hash_output_length(botan_hash_t hash, size_t *output_length)
Definition ffi_hash.cpp:41
botan_x509_general_name_t
struct botan_x509_general_name_struct * botan_x509_general_name_t
Definition ffi.h:2570
botan_ec_group_equal
int botan_ec_group_equal(botan_ec_group_t curve1, botan_ec_group_t curve2)
Definition ffi_ec.cpp:190
botan_pubkey_load_ed25519
int botan_pubkey_load_ed25519(botan_pubkey_t *key, const uint8_t pubkey[32])
Definition ffi_pkey_algs.cpp:915
botan_mp_rand_bits
int botan_mp_rand_bits(botan_mp_t rand_out, botan_rng_t rng, size_t bits)
Definition ffi_mp.cpp:265
botan_tpm2_rng_init
int botan_tpm2_rng_init(botan_rng_t *rng_out, botan_tpm2_ctx_t ctx, botan_tpm2_session_t s1, botan_tpm2_session_t s2, botan_tpm2_session_t s3)
Definition ffi_tpm2.cpp:212
botan_pubkey_view_ec_public_point
int botan_pubkey_view_ec_public_point(botan_pubkey_t key, botan_view_ctx ctx, botan_view_bin_fn view)
Definition ffi_pkey_algs.cpp:1541
botan_x509_cert_serial_number
int botan_x509_cert_serial_number(botan_x509_cert_t cert, botan_mp_t *serial_number)
Definition ffi_cert.cpp:669
botan_pk_op_kem_decrypt_shared_key
int botan_pk_op_kem_decrypt_shared_key(botan_pk_op_kem_decrypt_t op, const uint8_t salt[], size_t salt_len, const uint8_t encapsulated_key[], size_t encapsulated_key_len, size_t desired_shared_key_len, uint8_t shared_key[], size_t *shared_key_len)
Definition ffi_pk_op.cpp:331
botan_pubkey_load_sm2_sec1
int botan_pubkey_load_sm2_sec1(botan_pubkey_t *key, const uint8_t sec1[], size_t sec1_len, const char *curve_name)
Definition ffi_pkey_algs.cpp:783
botan_cipher_set_key
int botan_cipher_set_key(botan_cipher_t cipher, const uint8_t *key, size_t key_len)
Definition ffi_cipher.cpp:173
botan_x509_cert_get_time_expires
int botan_x509_cert_get_time_expires(botan_x509_cert_t cert, char out[], size_t *out_len)
Definition ffi_cert.cpp:626
botan_mp_equal
int botan_mp_equal(botan_mp_t x, botan_mp_t y)
Definition ffi_mp.cpp:211
botan_ec_point_view_x_bytes
int botan_ec_point_view_x_bytes(botan_ec_point_t ec_point, botan_view_ctx ctx, botan_view_bin_fn view)
Definition ffi_ec.cpp:280
botan_privkey_export_encrypted_pbkdf_iter
int botan_privkey_export_encrypted_pbkdf_iter(botan_privkey_t key, uint8_t out[], size_t *out_len, botan_rng_t rng, const char *passphrase, size_t pbkdf_iterations, const char *cipher_algo, const char *pbkdf_algo, uint32_t flags)
Definition ffi_pkey.cpp:326
botan_srp6_server_session_destroy
int botan_srp6_server_session_destroy(botan_srp6_server_session_t srp6)
Definition ffi_srp6.cpp:45
botan_privkey_rsa_get_n
int botan_privkey_rsa_get_n(botan_mp_t n, botan_privkey_t rsa_key)
Definition ffi_pkey_algs.cpp:315
botan_ec_group_view_der
int botan_ec_group_view_der(botan_ec_group_t ec_group, botan_view_ctx ctx, botan_view_bin_fn view)
Definition ffi_ec.cpp:128
botan_totp_destroy
int botan_totp_destroy(botan_totp_t totp)
Definition ffi_totp.cpp:45
botan_pk_op_key_agreement_create
int botan_pk_op_key_agreement_create(botan_pk_op_ka_t *op, botan_privkey_t key, const char *kdf, uint32_t flags)
Definition ffi_pk_op.cpp:188
botan_oid_register
int botan_oid_register(botan_asn1_oid_t oid, const char *name)
Definition ffi_oid.cpp:40
botan_pk_op_key_agreement_destroy
int botan_pk_op_key_agreement_destroy(botan_pk_op_ka_t op)
Definition ffi_pk_op.cpp:204
botan_mp_set_from_str
int botan_mp_set_from_str(botan_mp_t dest, const char *str)
Definition ffi_mp.cpp:43
botan_privkey_view_encrypted_der_timed
int botan_privkey_view_encrypted_der_timed(botan_privkey_t key, botan_rng_t rng, const char *passphrase, const char *cipher_algo, const char *pbkdf_algo, size_t pbkdf_runtime_msec, botan_view_ctx ctx, botan_view_bin_fn view)
Definition ffi_pkey.cpp:274
botan_mp_flip_sign
int botan_mp_flip_sign(botan_mp_t mp)
Definition ffi_mp.cpp:72
botan_xof_name
int botan_xof_name(botan_xof_t xof, char *name, size_t *name_len)
Definition ffi_xof.cpp:53
botan_scrypt
int botan_scrypt(uint8_t out[], size_t out_len, const char *passphrase, const uint8_t salt[], size_t salt_len, size_t N, size_t r, size_t p)
Definition ffi_kdf.cpp:166
botan_pubkey_view_der
int botan_pubkey_view_der(botan_pubkey_t key, botan_view_ctx ctx, botan_view_bin_fn view)
Definition ffi_pkey.cpp:197
botan_privkey_remaining_operations
int botan_privkey_remaining_operations(botan_privkey_t key, uint64_t *out)
Definition ffi_pkey.cpp:437
botan_cipher_get_ideal_update_granularity
int botan_cipher_get_ideal_update_granularity(botan_cipher_t cipher, size_t *ug)
Definition ffi_cipher.cpp:338
botan_mp_clear_bit
int botan_mp_clear_bit(botan_mp_t n, size_t bit)
Definition ffi_mp.cpp:290
botan_pk_op_verify_update
int botan_pk_op_verify_update(botan_pk_op_verify_t op, const uint8_t in[], size_t in_len)
Definition ffi_pk_op.cpp:172
botan_mceies_decrypt
int botan_mceies_decrypt(botan_privkey_t mce_key, const char *aead, const uint8_t ct[], size_t ct_len, const uint8_t ad[], size_t ad_len, uint8_t pt[], size_t *pt_len)
Definition ffi_pkey_algs.cpp:1564
botan_x509_cert_permitted_name_constraints
int botan_x509_cert_permitted_name_constraints(botan_x509_cert_t cert, size_t index, botan_x509_general_name_t *constraint)
Definition ffi_cert.cpp:812
botan_pk_op_kem_encrypt_t
struct botan_pk_op_kem_encrypt_struct * botan_pk_op_kem_encrypt_t
Definition ffi.h:2293
botan_xof_output
int botan_xof_output(botan_xof_t xof, uint8_t *out, size_t out_len)
Definition ffi_xof.cpp:81
botan_x509_cert_view_as_string
int botan_x509_cert_view_as_string(botan_x509_cert_t cert, botan_view_ctx ctx, botan_view_str_fn view)
Definition ffi_cert.cpp:559
botan_pubkey_x448_get_pubkey
int botan_pubkey_x448_get_pubkey(botan_pubkey_t key, uint8_t pubkey[56])
Definition ffi_pkey_algs.cpp:1182
botan_mp_is_zero
int botan_mp_is_zero(botan_mp_t mp)
Definition ffi_mp.cpp:215
botan_mp_mod_inverse
int botan_mp_mod_inverse(botan_mp_t out, botan_mp_t in, botan_mp_t modulus)
Definition ffi_mp.cpp:252
botan_mp_cmp
int botan_mp_cmp(int *result, botan_mp_t x, botan_mp_t y)
Definition ffi_mp.cpp:227
botan_x509_cert_get_time_starts
int botan_x509_cert_get_time_starts(botan_x509_cert_t cert, char out[], size_t *out_len)
Definition ffi_cert.cpp:616
botan_pk_op_kem_decrypt_create
int botan_pk_op_kem_decrypt_create(botan_pk_op_kem_decrypt_t *op, botan_privkey_t key, const char *kdf)
Definition ffi_pk_op.cpp:307
botan_pubkey_export
int botan_pubkey_export(botan_pubkey_t key, uint8_t out[], size_t *out_len, uint32_t flags)
Definition ffi_pkey.cpp:185
botan_xof_init
int botan_xof_init(botan_xof_t *xof, const char *xof_name, uint32_t flags)
Definition ffi_xof.cpp:19
botan_privkey_load_slh_dsa
int botan_privkey_load_slh_dsa(botan_privkey_t *key, const uint8_t privkey[], size_t key_len, const char *slhdsa_mode)
Definition ffi_pkey_algs.cpp:1405
botan_hotp_t
struct botan_hotp_struct * botan_hotp_t
Definition ffi.h:2934
botan_pbkdf
int botan_pbkdf(const char *pbkdf_algo, uint8_t out[], size_t out_len, const char *passphrase, const uint8_t salt[], size_t salt_len, size_t iterations)
Definition ffi_kdf.cpp:23
botan_pubkey_rsa_get_e
int botan_pubkey_rsa_get_e(botan_mp_t e, botan_pubkey_t rsa_key)
Definition ffi_pkey_algs.cpp:327
botan_mp_gcd
int botan_mp_gcd(botan_mp_t out, botan_mp_t x, botan_mp_t y)
Definition ffi_mp.cpp:274
botan_block_cipher_t
struct botan_block_cipher_struct * botan_block_cipher_t
Definition ffi.h:966
botan_ec_group_t
struct botan_ec_group_struct * botan_ec_group_t
Definition ffi.h:1302
botan_system_rng_get
int botan_system_rng_get(uint8_t *out, size_t out_len)
Definition ffi_rng.cpp:175
botan_fpe_destroy
int botan_fpe_destroy(botan_fpe_t fpe)
Definition ffi_fpe.cpp:56
botan_privkey_oid
int botan_privkey_oid(botan_asn1_oid_t *oid, botan_privkey_t key)
Definition ffi_pkey.cpp:409
botan_x509_crl_load
int botan_x509_crl_load(botan_x509_crl_t *crl_obj, const uint8_t crl_bits[], size_t crl_bits_len)
Definition ffi_cert.cpp:1070
botan_mp_clear
int botan_mp_clear(botan_mp_t mp)
Definition ffi_mp.cpp:35
botan_pubkey_load_ed448
int botan_pubkey_load_ed448(botan_pubkey_t *key, const uint8_t pubkey[57])
Definition ffi_pkey_algs.cpp:996
botan_ec_group_supports_named_group
int botan_ec_group_supports_named_group(const char *name, int *out)
Definition ffi_ec.cpp:37
botan_xof_copy_state
int botan_xof_copy_state(botan_xof_t *dest, botan_xof_t source)
Definition ffi_xof.cpp:39
botan_x509_cert_get_subject_dn
int botan_x509_cert_get_subject_dn(botan_x509_cert_t cert, const char *key, size_t index, uint8_t out[], size_t *out_len)
Definition ffi_cert.cpp:518
botan_cipher_is_authenticated
int botan_cipher_is_authenticated(botan_cipher_t cipher)
Definition ffi_cipher.cpp:352
botan_ec_point_from_bytes
int botan_ec_point_from_bytes(botan_ec_point_t *ec_point, botan_ec_group_t ec_group, const uint8_t *bytes, size_t bytes_len)
Definition ffi_ec.cpp:267
botan_mp_view_str
int botan_mp_view_str(botan_mp_t mp, uint8_t radix, botan_view_ctx ctx, botan_view_str_fn view)
Definition ffi_mp.cpp:116
botan_privkey_view_encrypted_pem
int botan_privkey_view_encrypted_pem(botan_privkey_t key, botan_rng_t rng, const char *passphrase, const char *cipher_algo, const char *pbkdf_algo, size_t pbkdf_iterations, botan_view_ctx ctx, botan_view_str_fn view)
Definition ffi_pkey.cpp:371
botan_privkey_load_ml_kem
int botan_privkey_load_ml_kem(botan_privkey_t *key, const uint8_t privkey[], size_t key_len, const char *mlkem_mode)
Definition ffi_pkey_algs.cpp:1305
botan_mp_get_bit
int botan_mp_get_bit(botan_mp_t n, size_t bit)
Definition ffi_mp.cpp:282
botan_privkey_load_sm2
int botan_privkey_load_sm2(botan_privkey_t *key, botan_mp_t scalar, const char *curve_name)
Definition ffi_pkey_algs.cpp:806
botan_mac_final
int botan_mac_final(botan_mac_t mac, uint8_t out[])
Definition ffi_mac.cpp:72
botan_pubkey_destroy
int botan_pubkey_destroy(botan_pubkey_t key)
Definition ffi_pkey.cpp:148
botan_ec_group_get_order
int botan_ec_group_get_order(botan_mp_t *order, botan_ec_group_t ec_group)
Definition ffi_ec.cpp:185
botan_x509_cert_dup
int botan_x509_cert_dup(botan_x509_cert_t *new_cert, botan_x509_cert_t cert)
Definition ffi_cert.cpp:194
botan_ec_point_identity
int botan_ec_point_identity(botan_ec_point_t *ec_point, botan_ec_group_t ec_group)
Definition ffi_ec.cpp:234
botan_x509_cert_verify
int botan_x509_cert_verify(int *validation_result, botan_x509_cert_t cert, const botan_x509_cert_t *intermediates, size_t intermediates_len, const botan_x509_cert_t *trusted, size_t trusted_len, const char *trusted_path, size_t required_strength, const char *hostname, uint64_t reference_time)
Definition ffi_cert.cpp:973
botan_privkey_export_encrypted
int botan_privkey_export_encrypted(botan_privkey_t key, uint8_t out[], size_t *out_len, botan_rng_t rng, const char *passphrase, const char *encryption_algo, uint32_t flags)
Definition ffi_pkey.cpp:239
botan_block_cipher_name
int botan_block_cipher_name(botan_block_cipher_t cipher, char *name, size_t *name_len)
Definition ffi_block.cpp:78
botan_pk_op_kem_encrypt_create
int botan_pk_op_kem_encrypt_create(botan_pk_op_kem_encrypt_t *op, botan_pubkey_t key, const char *kdf)
Definition ffi_pk_op.cpp:245
botan_rng_get
int botan_rng_get(botan_rng_t rng, uint8_t *out, size_t out_len)
Definition ffi_rng.cpp:168
botan_view_bin_fn
int(* botan_view_bin_fn)(botan_view_ctx view_ctx, const uint8_t *data, size_t len)
Definition ffi.h:163
botan_pubkey_load_sm2_enc
int botan_pubkey_load_sm2_enc(botan_pubkey_t *key, botan_mp_t public_x, botan_mp_t public_y, const char *curve_name)
Definition ffi_pkey_algs.cpp:828
botan_x509_cert_not_before
int botan_x509_cert_not_before(botan_x509_cert_t cert, uint64_t *time_since_epoch)
Definition ffi_cert.cpp:636
botan_hotp_destroy
int botan_hotp_destroy(botan_hotp_t hotp)
Definition ffi_hotp.cpp:44
botan_mp_sub_u32
int botan_mp_sub_u32(botan_mp_t result, botan_mp_t x, uint32_t y)
Definition ffi_mp.cpp:183
botan_pubkey_x25519_get_pubkey
int botan_pubkey_x25519_get_pubkey(botan_pubkey_t key, uint8_t pubkey[32])
Definition ffi_pkey_algs.cpp:1109
botan_pk_op_verify_destroy
int botan_pk_op_verify_destroy(botan_pk_op_verify_t op)
Definition ffi_pk_op.cpp:168
botan_mp_view_bin
int botan_mp_view_bin(botan_mp_t mp, botan_view_ctx ctx, botan_view_bin_fn view)
Definition ffi_mp.cpp:135
botan_srp6_group_size
int botan_srp6_group_size(const char *group_id, size_t *group_p_bytes)
Definition ffi_srp6.cpp:49
botan_ec_group_from_oid
int botan_ec_group_from_oid(botan_ec_group_t *ec_group, botan_asn1_oid_t oid)
Definition ffi_ec.cpp:98
botan_x509_crl_entry_view_serial_number
int botan_x509_crl_entry_view_serial_number(botan_x509_crl_entry_t entry, botan_view_ctx ctx, botan_view_bin_fn view)
Definition ffi_cert.cpp:1417
botan_xof_destroy
int botan_xof_destroy(botan_xof_t xof)
Definition ffi_xof.cpp:93
botan_x509_cert_t
struct botan_x509_cert_struct * botan_x509_cert_t
Definition ffi.h:2387
botan_mp_num_bits
int botan_mp_num_bits(botan_mp_t n, size_t *bits)
Definition ffi_mp.cpp:294
botan_privkey_rsa_get_p
int botan_privkey_rsa_get_p(botan_mp_t p, botan_privkey_t rsa_key)
Definition ffi_pkey_algs.cpp:307
botan_oid_view_string
int botan_oid_view_string(botan_asn1_oid_t oid, botan_view_ctx ctx, botan_view_str_fn view)
Definition ffi_oid.cpp:50
botan_ec_scalar_from_mp
int botan_ec_scalar_from_mp(botan_ec_scalar_t *ec_scalar, botan_ec_group_t ec_group, botan_mp_t mp)
Definition ffi_ec.cpp:209
botan_tpm2_ctx_t
struct botan_tpm2_ctx_struct * botan_tpm2_ctx_t
Definition ffi.h:3187
botan_x509_cert_excluded_name_constraints_count
int botan_x509_cert_excluded_name_constraints_count(botan_x509_cert_t cert, size_t *count)
Definition ffi_cert.cpp:869
botan_x509_cert_is_ca
int botan_x509_cert_is_ca(botan_x509_cert_t cert)
Definition ffi_cert.cpp:434
botan_x509_general_name_types
botan_x509_general_name_types
Definition ffi.h:2577
BOTAN_X509_DNS_NAME
@ BOTAN_X509_DNS_NAME
Definition ffi.h:2580
BOTAN_X509_DIRECTORY_NAME
@ BOTAN_X509_DIRECTORY_NAME
Definition ffi.h:2581
BOTAN_X509_OTHER_NAME
@ BOTAN_X509_OTHER_NAME
Definition ffi.h:2578
BOTAN_X509_EMAIL_ADDRESS
@ BOTAN_X509_EMAIL_ADDRESS
Definition ffi.h:2579
BOTAN_X509_IP_ADDRESS
@ BOTAN_X509_IP_ADDRESS
Definition ffi.h:2583
BOTAN_X509_URI
@ BOTAN_X509_URI
Definition ffi.h:2582
botan_privkey_create
int botan_privkey_create(botan_privkey_t *key, const char *algo_name, const char *algo_params, botan_rng_t rng)
Definition ffi_pkey.cpp:30
botan_x509_cert_hostname_match
int botan_x509_cert_hostname_match(botan_x509_cert_t cert, const char *hostname)
Definition ffi_cert.cpp:960
botan_mac_update
int botan_mac_update(botan_mac_t mac, const uint8_t *buf, size_t len)
Definition ffi_mac.cpp:62
botan_privkey_rsa_get_e
int botan_privkey_rsa_get_e(botan_mp_t e, botan_privkey_t rsa_key)
Definition ffi_pkey_algs.cpp:319
botan_hotp_check
int botan_hotp_check(botan_hotp_t hotp, uint64_t *next_hotp_counter, uint32_t hotp_code, uint64_t hotp_counter, size_t resync_range)
Definition ffi_hotp.cpp:67
botan_privkey_create_mceliece
int botan_privkey_create_mceliece(botan_privkey_t *key, botan_rng_t rng, size_t n, size_t t)
Definition ffi_pkey_algs.cpp:1559
botan_x509_cert_load
int botan_x509_cert_load(botan_x509_cert_t *cert_obj, const uint8_t cert[], size_t cert_len)
Definition ffi_cert.cpp:212
botan_mp_mul
int botan_mp_mul(botan_mp_t result, botan_mp_t x, botan_mp_t y)
Definition ffi_mp.cpp:193
botan_pk_op_ka_t
struct botan_pk_op_ka_struct * botan_pk_op_ka_t
Definition ffi.h:2264
botan_privkey_algo_name
int botan_privkey_algo_name(botan_privkey_t key, char out[], size_t *out_len)
Definition ffi_pkey.cpp:162
botan_hash_block_size
int botan_hash_block_size(botan_hash_t hash, size_t *block_size)
Definition ffi_hash.cpp:48
botan_ec_group_from_name
int botan_ec_group_from_name(botan_ec_group_t *ec_group, const char *name)
Definition ffi_ec.cpp:111
botan_pubkey_load
int botan_pubkey_load(botan_pubkey_t *key, const uint8_t bits[], size_t len)
Definition ffi_pkey.cpp:124
botan_ec_group_supports_application_specific_group
int botan_ec_group_supports_application_specific_group(int *out)
Definition ffi_ec.cpp:25
botan_pk_op_verify_create
int botan_pk_op_verify_create(botan_pk_op_verify_t *op, botan_pubkey_t key, const char *hash_and_padding, uint32_t flags)
Definition ffi_pk_op.cpp:150
botan_pubkey_load_x25519
int botan_pubkey_load_x25519(botan_pubkey_t *key, const uint8_t pubkey[32])
Definition ffi_pkey_algs.cpp:1070
botan_pk_op_key_agreement_view_public
int botan_pk_op_key_agreement_view_public(botan_privkey_t key, botan_view_ctx ctx, botan_view_bin_fn view)
Definition ffi_pk_op.cpp:212
botan_privkey_load_ecdh
int botan_privkey_load_ecdh(botan_privkey_t *key, botan_mp_t scalar, const char *curve_name)
Definition ffi_pkey_algs.cpp:704
botan_cipher_get_keyspec
int botan_cipher_get_keyspec(botan_cipher_t cipher, size_t *min_keylen, size_t *max_keylen, size_t *mod_keylen)
Definition ffi_cipher.cpp:156
botan_zfec_encode
int botan_zfec_encode(size_t K, size_t N, const uint8_t *input, size_t size, uint8_t **outputs)
Definition ffi_zfec.cpp:18
botan_pk_op_kem_encrypt_encapsulated_key_length
int botan_pk_op_kem_encrypt_encapsulated_key_length(botan_pk_op_kem_encrypt_t op, size_t *output_encapsulated_key_length)
Definition ffi_pk_op.cpp:273
botan_pk_op_verify_finish
int botan_pk_op_verify_finish(botan_pk_op_verify_t op, const uint8_t sig[], size_t sig_len)
Definition ffi_pk_op.cpp:176
botan_pk_op_sign_t
struct botan_pk_op_sign_struct * botan_pk_op_sign_t
Definition ffi.h:2225
botan_x509_crl_entry_create
int botan_x509_crl_entry_create(botan_x509_crl_entry_t *entry, botan_x509_cert_t cert, int reason_code)
Definition ffi_cert.cpp:1149
botan_tpm2_ctx_from_esys
int botan_tpm2_ctx_from_esys(botan_tpm2_ctx_t *ctx_out, struct ESYS_CONTEXT *esys_ctx)
Definition ffi_tpm2.cpp:133
botan_x509_cert_get_serial_number
int botan_x509_cert_get_serial_number(botan_x509_cert_t cert, uint8_t out[], size_t *out_len)
Definition ffi_cert.cpp:660
botan_x509_cert_get_subject_key_id
int botan_x509_cert_get_subject_key_id(botan_x509_cert_t cert, uint8_t out[], size_t *out_len)
Definition ffi_cert.cpp:710
botan_pubkey_view_raw
int botan_pubkey_view_raw(botan_pubkey_t key, botan_view_ctx ctx, botan_view_bin_fn view)
Definition ffi_pkey.cpp:207
botan_x509_cert_key_constraints
botan_x509_cert_key_constraints
Definition ffi.h:2529
KEY_ENCIPHERMENT
@ KEY_ENCIPHERMENT
Definition ffi.h:2533
NO_CONSTRAINTS
@ NO_CONSTRAINTS
Definition ffi.h:2530
CRL_SIGN
@ CRL_SIGN
Definition ffi.h:2537
DIGITAL_SIGNATURE
@ DIGITAL_SIGNATURE
Definition ffi.h:2531
KEY_AGREEMENT
@ KEY_AGREEMENT
Definition ffi.h:2535
DATA_ENCIPHERMENT
@ DATA_ENCIPHERMENT
Definition ffi.h:2534
KEY_CERT_SIGN
@ KEY_CERT_SIGN
Definition ffi.h:2536
ENCIPHER_ONLY
@ ENCIPHER_ONLY
Definition ffi.h:2538
NON_REPUDIATION
@ NON_REPUDIATION
Definition ffi.h:2532
DECIPHER_ONLY
@ DECIPHER_ONLY
Definition ffi.h:2539
botan_hash_copy_state
int botan_hash_copy_state(botan_hash_t *dest, botan_hash_t source)
Definition ffi_hash.cpp:79
botan_pubkey_get_field
int botan_pubkey_get_field(botan_mp_t output, botan_pubkey_t key, const char *field_name)
Definition ffi_pkey_algs.cpp:206
botan_x509_crl_create
int botan_x509_crl_create(botan_x509_crl_t *crl_obj, botan_rng_t rng, botan_x509_cert_t ca_cert, botan_privkey_t ca_key, uint64_t issue_time, uint32_t next_update, const char *hash_fn, const char *padding)
Definition ffi_cert.cpp:1123
botan_pubkey_load_ecdsa
int botan_pubkey_load_ecdsa(botan_pubkey_t *key, botan_mp_t public_x, botan_mp_t public_y, const char *curve_name)
Definition ffi_pkey_algs.cpp:465
botan_ec_group_destroy
int botan_ec_group_destroy(botan_ec_group_t ec_group)
Definition ffi_ec.cpp:21
botan_ec_privkey_create
int botan_ec_privkey_create(botan_privkey_t *key, const char *algo_name, botan_ec_group_t ec_group, botan_rng_t rng)
Definition ffi_pkey.cpp:61
botan_pubkey_load_sm2
int botan_pubkey_load_sm2(botan_pubkey_t *key, botan_mp_t public_x, botan_mp_t public_y, const char *curve_name)
Definition ffi_pkey_algs.cpp:759
botan_pk_op_kem_encrypt_create_shared_key
int botan_pk_op_kem_encrypt_create_shared_key(botan_pk_op_kem_encrypt_t op, botan_rng_t rng, const uint8_t salt[], size_t salt_len, size_t desired_shared_key_len, uint8_t shared_key[], size_t *shared_key_len, uint8_t encapsulated_key[], size_t *encapsulated_key_len)
Definition ffi_pk_op.cpp:285
botan_mp_t
struct botan_mp_struct * botan_mp_t
Definition ffi.h:1032
botan_ec_point_negate
int botan_ec_point_negate(botan_ec_point_t *result, botan_ec_point_t ec_point)
Definition ffi_ec.cpp:336
botan_pubkey_load_dsa
int botan_pubkey_load_dsa(botan_pubkey_t *key, botan_mp_t p, botan_mp_t q, botan_mp_t g, botan_mp_t y)
Definition ffi_pkey_algs.cpp:401
botan_privkey_dsa_get_x
int botan_privkey_dsa_get_x(botan_mp_t n, botan_privkey_t key)
Definition ffi_pkey_algs.cpp:419
botan_ec_point_view_xy_bytes
int botan_ec_point_view_xy_bytes(botan_ec_point_t ec_point, botan_view_ctx ctx, botan_view_bin_fn view)
Definition ffi_ec.cpp:294
botan_xof_t
struct botan_xof_struct * botan_xof_t
Definition ffi.h:412
botan_ec_point_from_xy
int botan_ec_point_from_xy(botan_ec_point_t *ec_point, botan_ec_group_t ec_group, botan_mp_t x, botan_mp_t y)
Definition ffi_ec.cpp:252
botan_view_ctx
void * botan_view_ctx
Definition ffi.h:154
botan_rng_t
struct botan_rng_struct * botan_rng_t
Definition ffi.h:291
botan_xof_update
int botan_xof_update(botan_xof_t xof, const uint8_t *in, size_t in_len)
Definition ffi_xof.cpp:69
botan_ec_group_unregister
int botan_ec_group_unregister(botan_asn1_oid_t oid)
Definition ffi_ec.cpp:124
botan_ec_group_get_b
int botan_ec_group_get_b(botan_mp_t *b, botan_ec_group_t ec_group)
Definition ffi_ec.cpp:171
botan_x509_cert_allowed_extended_usage_str
int botan_x509_cert_allowed_extended_usage_str(botan_x509_cert_t cert, const char *oid)
Definition ffi_cert.cpp:583
botan_block_cipher_destroy
int botan_block_cipher_destroy(botan_block_cipher_t bc)
Definition ffi_block.cpp:38
botan_tpm2_supports_crypto_backend
int botan_tpm2_supports_crypto_backend(void)
Definition ffi_tpm2.cpp:67
botan_ec_scalar_t
struct botan_ec_scalar_struct * botan_ec_scalar_t
Definition ffi.h:1446
BOTAN_FFI_ERROR
BOTAN_FFI_ERROR
Definition ffi.h:115
BOTAN_FFI_ERROR_TPM_ERROR
@ BOTAN_FFI_ERROR_TPM_ERROR
Definition ffi.h:146
BOTAN_FFI_ERROR_NOT_IMPLEMENTED
@ BOTAN_FFI_ERROR_NOT_IMPLEMENTED
Definition ffi.h:140
BOTAN_FFI_ERROR_INVALID_KEY_LENGTH
@ BOTAN_FFI_ERROR_INVALID_KEY_LENGTH
Definition ffi.h:136
BOTAN_FFI_ERROR_KEY_NOT_SET
@ BOTAN_FFI_ERROR_KEY_NOT_SET
Definition ffi.h:135
BOTAN_FFI_ERROR_TLS_ERROR
@ BOTAN_FFI_ERROR_TLS_ERROR
Definition ffi.h:143
BOTAN_FFI_ERROR_EXCEPTION_THROWN
@ BOTAN_FFI_ERROR_EXCEPTION_THROWN
Definition ffi.h:127
BOTAN_FFI_ERROR_OUT_OF_MEMORY
@ BOTAN_FFI_ERROR_OUT_OF_MEMORY
Definition ffi.h:128
BOTAN_FFI_ERROR_OUT_OF_RANGE
@ BOTAN_FFI_ERROR_OUT_OF_RANGE
Definition ffi.h:138
BOTAN_FFI_ERROR_INTERNAL_ERROR
@ BOTAN_FFI_ERROR_INTERNAL_ERROR
Definition ffi.h:130
BOTAN_FFI_INVALID_VERIFIER
@ BOTAN_FFI_INVALID_VERIFIER
Definition ffi.h:118
BOTAN_FFI_ERROR_INVALID_OBJECT
@ BOTAN_FFI_ERROR_INVALID_OBJECT
Definition ffi.h:141
BOTAN_FFI_ERROR_UNKNOWN_ERROR
@ BOTAN_FFI_ERROR_UNKNOWN_ERROR
Definition ffi.h:148
BOTAN_FFI_ERROR_HTTP_ERROR
@ BOTAN_FFI_ERROR_HTTP_ERROR
Definition ffi.h:144
BOTAN_FFI_ERROR_BAD_FLAG
@ BOTAN_FFI_ERROR_BAD_FLAG
Definition ffi.h:132
BOTAN_FFI_ERROR_INVALID_INPUT
@ BOTAN_FFI_ERROR_INVALID_INPUT
Definition ffi.h:120
BOTAN_FFI_ERROR_STRING_CONVERSION_ERROR
@ BOTAN_FFI_ERROR_STRING_CONVERSION_ERROR
Definition ffi.h:125
BOTAN_FFI_ERROR_NULL_POINTER
@ BOTAN_FFI_ERROR_NULL_POINTER
Definition ffi.h:133
BOTAN_FFI_SUCCESS
@ BOTAN_FFI_SUCCESS
Definition ffi.h:116
BOTAN_FFI_ERROR_SYSTEM_ERROR
@ BOTAN_FFI_ERROR_SYSTEM_ERROR
Definition ffi.h:129
BOTAN_FFI_ERROR_ROUGHTIME_ERROR
@ BOTAN_FFI_ERROR_ROUGHTIME_ERROR
Definition ffi.h:145
BOTAN_FFI_ERROR_NO_VALUE
@ BOTAN_FFI_ERROR_NO_VALUE
Definition ffi.h:122
BOTAN_FFI_ERROR_INVALID_OBJECT_STATE
@ BOTAN_FFI_ERROR_INVALID_OBJECT_STATE
Definition ffi.h:137
BOTAN_FFI_ERROR_INSUFFICIENT_BUFFER_SPACE
@ BOTAN_FFI_ERROR_INSUFFICIENT_BUFFER_SPACE
Definition ffi.h:124
BOTAN_FFI_ERROR_BAD_MAC
@ BOTAN_FFI_ERROR_BAD_MAC
Definition ffi.h:121
BOTAN_FFI_ERROR_BAD_PARAMETER
@ BOTAN_FFI_ERROR_BAD_PARAMETER
Definition ffi.h:134
botan_privkey_load_sm2_enc
int botan_privkey_load_sm2_enc(botan_privkey_t *key, botan_mp_t scalar, const char *curve_name)
Definition ffi_pkey_algs.cpp:835
botan_tpm2_crypto_backend_state_t
struct botan_tpm2_crypto_backend_state_struct * botan_tpm2_crypto_backend_state_t
Definition ffi.h:3197
botan_pwdhash
int botan_pwdhash(const char *algo, size_t param1, size_t param2, size_t param3, uint8_t out[], size_t out_len, const char *passphrase, size_t passphrase_len, const uint8_t salt[], size_t salt_len)
Definition ffi_kdf.cpp:54
botan_pubkey_load_kyber
int botan_pubkey_load_kyber(botan_pubkey_t *key, const uint8_t pubkey[], size_t key_len)
Definition ffi_pkey_algs.cpp:1238
botan_mac_name
int botan_mac_name(botan_mac_t mac, char *name, size_t *name_len)
Definition ffi_mac.cpp:79
botan_oid_view_name
int botan_oid_view_name(botan_asn1_oid_t oid, botan_view_ctx ctx, botan_view_str_fn view)
Definition ffi_oid.cpp:54
botan_hotp_init
int botan_hotp_init(botan_hotp_t *hotp, const uint8_t key[], size_t key_len, const char *hash_algo, size_t digits)
Definition ffi_hotp.cpp:26
botan_cipher_clear
int botan_cipher_clear(botan_cipher_t hash)
Definition ffi_cipher.cpp:123
botan_ec_point_t
struct botan_ec_point_struct * botan_ec_point_t
Definition ffi.h:1447
botan_pk_op_verify_t
struct botan_pk_op_verify_struct * botan_pk_op_verify_t
Definition ffi.h:2245
botan_ec_pubkey_get_group
int botan_ec_pubkey_get_group(botan_pubkey_t key, botan_ec_group_t *ec_group)
Definition ffi_pkey_algs.cpp:878
botan_x509_cert_view_public_key_bits
int botan_x509_cert_view_public_key_bits(botan_x509_cert_t cert, botan_view_ctx ctx, botan_view_bin_fn view)
Definition ffi_cert.cpp:723
botan_pk_op_decrypt_output_length
int botan_pk_op_decrypt_output_length(botan_pk_op_decrypt_t op, size_t ctext_len, size_t *ptext_len)
Definition ffi_pk_op.cpp:94
botan_pk_op_encrypt_create
int botan_pk_op_encrypt_create(botan_pk_op_encrypt_t *op, botan_pubkey_t key, const char *padding, uint32_t flags)
Definition ffi_pk_op.cpp:28
botan_mp_is_even
int botan_mp_is_even(botan_mp_t mp)
Definition ffi_mp.cpp:223
botan_ec_group_get_p
int botan_ec_group_get_p(botan_mp_t *p, botan_ec_group_t ec_group)
Definition ffi_ec.cpp:163
botan_tpm2_ctx_destroy
int botan_tpm2_ctx_destroy(botan_tpm2_ctx_t ctx)
Definition ffi_tpm2.cpp:172
botan_x509_crl_view_string_values
int botan_x509_crl_view_string_values(botan_x509_crl_t crl_obj, botan_x509_value_type value_type, size_t index, botan_view_ctx ctx, botan_view_str_fn view)
Definition ffi_cert.cpp:1286
botan_pubkey_check_key
int botan_pubkey_check_key(botan_pubkey_t key, botan_rng_t rng, uint32_t flags)
Definition ffi_pkey.cpp:170
botan_x509_crl_verify_signature
int botan_x509_crl_verify_signature(botan_x509_crl_t crl, botan_pubkey_t key)
Definition ffi_cert.cpp:1204
botan_fpe_encrypt
int botan_fpe_encrypt(botan_fpe_t fpe, botan_mp_t x, const uint8_t tweak[], size_t tweak_len)
Definition ffi_fpe.cpp:65
botan_tpm2_unauthenticated_session_init
int botan_tpm2_unauthenticated_session_init(botan_tpm2_session_t *session_out, botan_tpm2_ctx_t ctx)
Definition ffi_tpm2.cpp:232
botan_ec_group_from_ber
int botan_ec_group_from_ber(botan_ec_group_t *ec_group, const uint8_t *ber, size_t ber_len)
Definition ffi_ec.cpp:72
botan_rng_destroy
int botan_rng_destroy(botan_rng_t rng)
Definition ffi_rng.cpp:164
botan_x509_crl_load_file
int botan_x509_crl_load_file(botan_x509_crl_t *crl_obj, const char *crl_path)
Definition ffi_cert.cpp:1053
botan_pubkey_sm2_compute_za
int botan_pubkey_sm2_compute_za(uint8_t out[], size_t *out_len, const char *ident, const char *hash_algo, botan_pubkey_t key)
Definition ffi_pkey_algs.cpp:726
botan_tpm2_crypto_backend_state_destroy
int botan_tpm2_crypto_backend_state_destroy(botan_tpm2_crypto_backend_state_t cbs)
Definition ffi_tpm2.cpp:203
botan_oid_equal
int botan_oid_equal(botan_asn1_oid_t a, botan_asn1_oid_t b)
Definition ffi_oid.cpp:59
botan_ec_privkey_get_group
int botan_ec_privkey_get_group(botan_privkey_t key, botan_ec_group_t *ec_group)
Definition ffi_pkey_algs.cpp:859
botan_hash_final
int botan_hash_final(botan_hash_t hash, uint8_t out[])
Definition ffi_hash.cpp:71
botan_privkey_load_dsa
int botan_privkey_load_dsa(botan_privkey_t *key, botan_mp_t p, botan_mp_t q, botan_mp_t g, botan_mp_t x)
Definition ffi_pkey_algs.cpp:383
botan_hash_init
int botan_hash_init(botan_hash_t *hash, const char *hash_name, uint32_t flags)
Definition ffi_hash.cpp:18
botan_mac_get_keyspec
int botan_mac_get_keyspec(botan_mac_t mac, size_t *out_minimum_keylength, size_t *out_maximum_keylength, size_t *out_keylength_modulo)
Definition ffi_mac.cpp:83
botan_pubkey_ed25519_get_pubkey
int botan_pubkey_ed25519_get_pubkey(botan_pubkey_t key, uint8_t pubkey[32])
Definition ffi_pkey_algs.cpp:955
botan_cipher_t
struct botan_cipher_struct * botan_cipher_t
Definition ffi.h:666
botan_ec_scalar_destroy
int botan_ec_scalar_destroy(botan_ec_scalar_t ec_scalar)
Definition ffi_ec.cpp:196
botan_tpm2_session_destroy
int botan_tpm2_session_destroy(botan_tpm2_session_t session)
Definition ffi_tpm2.cpp:249
botan_cipher_update
int botan_cipher_update(botan_cipher_t cipher, uint32_t flags, uint8_t output[], size_t output_size, size_t *output_written, const uint8_t input_bytes[], size_t input_size, size_t *input_consumed)
Encrypt/Decrypt some data and/or finalize the encryption/decryption.
Definition ffi_cipher.cpp:188
botan_privkey_load_kyber
int botan_privkey_load_kyber(botan_privkey_t *key, const uint8_t privkey[], size_t key_len)
Definition ffi_pkey_algs.cpp:1205
botan_mac_output_length
int botan_mac_output_length(botan_mac_t mac, size_t *output_length)
Definition ffi_mac.cpp:51
botan_pk_op_sign_create
int botan_pk_op_sign_create(botan_pk_op_sign_t *op, botan_privkey_t key, const char *hash_and_padding, uint32_t flags)
Definition ffi_pk_op.cpp:110
botan_x509_cert_allowed_usage
int botan_x509_cert_allowed_usage(botan_x509_cert_t cert, unsigned int key_usage)
Definition ffi_cert.cpp:568
botan_pk_op_encrypt_output_length
int botan_pk_op_encrypt_output_length(botan_pk_op_encrypt_t op, size_t ptext_len, size_t *ctext_len)
Definition ffi_pk_op.cpp:49
botan_pk_op_key_agreement
int botan_pk_op_key_agreement(botan_pk_op_ka_t op, uint8_t out[], size_t *out_len, const uint8_t other_key[], size_t other_key_len, const uint8_t salt[], size_t salt_len)
Definition ffi_pk_op.cpp:232
botan_fpe_fe1_init
int botan_fpe_fe1_init(botan_fpe_t *fpe, botan_mp_t n, const uint8_t key[], size_t key_len, size_t rounds, uint32_t flags)
Definition ffi_fpe.cpp:28
botan_x509_cert_view_string_values_count
int botan_x509_cert_view_string_values_count(botan_x509_cert_t cert, botan_x509_value_type value_type, size_t *count)
Definition ffi_cert.cpp:422
botan_pk_op_kem_encrypt_destroy
int botan_pk_op_kem_encrypt_destroy(botan_pk_op_kem_encrypt_t op)
Definition ffi_pk_op.cpp:256
botan_view_str_fn
int(* botan_view_str_fn)(botan_view_ctx view_ctx, const char *str, size_t len)
Definition ffi.h:172
botan_x509_cert_not_after
int botan_x509_cert_not_after(botan_x509_cert_t cert, uint64_t *time_since_epoch)
Definition ffi_cert.cpp:648
botan_key_wrap3394
int botan_key_wrap3394(const uint8_t key[], size_t key_len, const uint8_t kek[], size_t kek_len, uint8_t wrapped_key[], size_t *wrapped_key_len)
Definition ffi_keywrap.cpp:93
botan_pubkey_ed448_get_pubkey
int botan_pubkey_ed448_get_pubkey(botan_pubkey_t key, uint8_t pubkey[57])
Definition ffi_pkey_algs.cpp:1032
botan_privkey_rsa_get_d
int botan_privkey_rsa_get_d(botan_mp_t d, botan_privkey_t rsa_key)
Definition ffi_pkey_algs.cpp:323
botan_pubkey_load_ecdsa_sec1
int botan_pubkey_load_ecdsa_sec1(botan_pubkey_t *key, const uint8_t sec1[], size_t sec1_len, const char *curve_name)
Definition ffi_pkey_algs.cpp:491
botan_x509_general_name_view_string_value
int botan_x509_general_name_view_string_value(botan_x509_general_name_t name, botan_view_ctx ctx, botan_view_str_fn view)
Definition ffi_cert.cpp:758
botan_ec_group_from_pem
int botan_ec_group_from_pem(botan_ec_group_t *ec_group, const char *pem)
Definition ffi_ec.cpp:85
botan_mp_is_negative
int botan_mp_is_negative(botan_mp_t mp)
Definition ffi_mp.cpp:64
botan_pk_op_encrypt_destroy
int botan_pk_op_encrypt_destroy(botan_pk_op_encrypt_t op)
Definition ffi_pk_op.cpp:45
botan_pubkey_dsa_get_g
int botan_pubkey_dsa_get_g(botan_mp_t d, botan_pubkey_t key)
Definition ffi_pkey_algs.cpp:431
botan_x509_crl_entry_reason
int botan_x509_crl_entry_reason(botan_x509_crl_entry_t entry, int *reason_code)
Definition ffi_cert.cpp:1385
botan_ec_scalar_random
int botan_ec_scalar_random(botan_ec_scalar_t *ec_scalar, botan_ec_group_t ec_group, botan_rng_t rng)
Definition ffi_ec.cpp:200
botan_mac_set_key
int botan_mac_set_key(botan_mac_t mac, const uint8_t *key, size_t key_len)
Definition ffi_mac.cpp:40
botan_x509_cert_get_public_key_bits
int botan_x509_cert_get_public_key_bits(botan_x509_cert_t cert, uint8_t out[], size_t *out_len)
Definition ffi_cert.cpp:719
botan_kdf
int botan_kdf(const char *kdf_algo, uint8_t out[], size_t out_len, const uint8_t secret[], size_t secret_len, const uint8_t salt[], size_t salt_len, const uint8_t label[], size_t label_len)
Definition ffi_kdf.cpp:143
botan_pubkey_dsa_get_q
int botan_pubkey_dsa_get_q(botan_mp_t q, botan_pubkey_t key)
Definition ffi_pkey_algs.cpp:427
botan_privkey_load_frodokem
int botan_privkey_load_frodokem(botan_privkey_t *key, const uint8_t privkey[], size_t key_len, const char *frodo_mode)
Definition ffi_pkey_algs.cpp:1455
botan_mp_sub
int botan_mp_sub(botan_mp_t result, botan_mp_t x, botan_mp_t y)
Definition ffi_mp.cpp:163
botan_privkey_create_ecdh
int botan_privkey_create_ecdh(botan_privkey_t *key, botan_rng_t rng, const char *params)
Definition ffi_pkey_algs.cpp:638
botan_privkey_load_ecdsa
int botan_privkey_load_ecdsa(botan_privkey_t *key, botan_mp_t scalar, const char *curve_name)
Definition ffi_pkey_algs.cpp:514
botan_ec_point_view_uncompressed
int botan_ec_point_view_uncompressed(botan_ec_point_t ec_point, botan_view_ctx ctx, botan_view_bin_fn view)
Definition ffi_ec.cpp:301
botan_xof_accepts_input
int botan_xof_accepts_input(botan_xof_t xof)
Definition ffi_xof.cpp:61
botan_x509_cert_get_fingerprint
int botan_x509_cert_get_fingerprint(botan_x509_cert_t cert, const char *hash, uint8_t out[], size_t *out_len)
Definition ffi_cert.cpp:685
botan_ec_point_view_y_bytes
int botan_ec_point_view_y_bytes(botan_ec_point_t ec_point, botan_view_ctx ctx, botan_view_bin_fn view)
Definition ffi_ec.cpp:287
botan_rng_init
int botan_rng_init(botan_rng_t *rng, const char *rng_type)
Definition ffi_rng.cpp:38
botan_x509_cert_get_path_length_constraint
int botan_x509_cert_get_path_length_constraint(botan_x509_cert_t cert, size_t *path_limit)
Definition ffi_cert.cpp:443
botan_block_cipher_encrypt_blocks
int botan_block_cipher_encrypt_blocks(botan_block_cipher_t bc, const uint8_t in[], uint8_t out[], size_t blocks)
Definition ffi_block.cpp:64
botan_privkey_load_ml_dsa
int botan_privkey_load_ml_dsa(botan_privkey_t *key, const uint8_t privkey[], size_t key_len, const char *mldsa_mode)
Definition ffi_pkey_algs.cpp:1355
botan_pk_op_kem_decrypt_shared_key_length
int botan_pk_op_kem_decrypt_shared_key_length(botan_pk_op_kem_decrypt_t op, size_t desired_shared_key_length, size_t *output_shared_key_length)
Definition ffi_pk_op.cpp:318
botan_totp_check
int botan_totp_check(botan_totp_t totp, uint32_t totp_code, uint64_t timestamp, size_t acceptable_clock_drift)
Definition ffi_totp.cpp:68
botan_x509_cert_to_string
int botan_x509_cert_to_string(botan_x509_cert_t cert, char out[], size_t *out_len)
Definition ffi_cert.cpp:555
botan_cipher_get_default_nonce_length
int botan_cipher_get_default_nonce_length(botan_cipher_t cipher, size_t *nl)
Definition ffi_cipher.cpp:324
botan_pk_op_kem_decrypt_destroy
int botan_pk_op_kem_decrypt_destroy(botan_pk_op_kem_decrypt_t op)
Definition ffi_pk_op.cpp:347
botan_pk_op_sign_destroy
int botan_pk_op_sign_destroy(botan_pk_op_sign_t op)
Definition ffi_pk_op.cpp:130
botan_privkey_x448_get_privkey
int botan_privkey_x448_get_privkey(botan_privkey_t key, uint8_t output[56])
Definition ffi_pkey_algs.cpp:1162
botan_mp_is_positive
int botan_mp_is_positive(botan_mp_t mp)
Definition ffi_mp.cpp:68
botan_privkey_load_ed25519
int botan_privkey_load_ed25519(botan_privkey_t *key, const uint8_t privkey[32])
Definition ffi_pkey_algs.cpp:898
botan_ec_point_is_identity
int botan_ec_point_is_identity(botan_ec_point_t ec_point)
Definition ffi_ec.cpp:315
botan_fpe_t
struct botan_fpe_struct * botan_fpe_t
Definition ffi.h:3006
botan_privkey_view_pem
int botan_privkey_view_pem(botan_privkey_t key, botan_view_ctx ctx, botan_view_str_fn view)
Definition ffi_pkey.cpp:229
botan_oid_destroy
int botan_oid_destroy(botan_asn1_oid_t oid)
Definition ffi_oid.cpp:18
botan_ec_point_view_compressed
int botan_ec_point_view_compressed(botan_ec_point_t ec_point, botan_view_ctx ctx, botan_view_bin_fn view)
Definition ffi_ec.cpp:308
botan_privkey_x25519_get_privkey
int botan_privkey_x25519_get_privkey(botan_privkey_t key, uint8_t output[32])
Definition ffi_pkey_algs.cpp:1086
botan_nist_kw_dec
int botan_nist_kw_dec(const char *cipher_algo, int padded, const uint8_t wrapped_key[], size_t wrapped_key_len, const uint8_t kek[], size_t kek_len, uint8_t key[], size_t *key_len)
Definition ffi_keywrap.cpp:57
botan_privkey_ed448_get_privkey
int botan_privkey_ed448_get_privkey(botan_privkey_t key, uint8_t output[57])
Definition ffi_pkey_algs.cpp:1012
botan_privkey_export_encrypted_pbkdf_msec
int botan_privkey_export_encrypted_pbkdf_msec(botan_privkey_t key, uint8_t out[], size_t *out_len, botan_rng_t rng, const char *passphrase, uint32_t pbkdf_msec_runtime, size_t *pbkdf_iterations_out, const char *cipher_algo, const char *pbkdf_algo, uint32_t flags)
Definition ffi_pkey.cpp:249
botan_x509_crl_view_string_values_count
int botan_x509_crl_view_string_values_count(botan_x509_crl_t crl_obj, botan_x509_value_type value_type, size_t *count)
Definition ffi_cert.cpp:1321
botan_cipher_query_keylen
int botan_cipher_query_keylen(botan_cipher_t cipher, size_t *out_minimum_keylength, size_t *out_maximum_keylength)
Definition ffi_cipher.cpp:145
botan_cipher_get_update_granularity
int botan_cipher_get_update_granularity(botan_cipher_t cipher, size_t *ug)
Definition ffi_cipher.cpp:331
botan_pubkey_load_rsa
int botan_pubkey_load_rsa(botan_pubkey_t *key, botan_mp_t n, botan_mp_t e)
Definition ffi_pkey_algs.cpp:273
botan_pbkdf_timed
int botan_pbkdf_timed(const char *pbkdf_algo, uint8_t out[], size_t out_len, const char *passphrase, const uint8_t salt[], size_t salt_len, size_t milliseconds_to_run, size_t *out_iterations_used)
Definition ffi_kdf.cpp:33
botan_x509_general_name_get_type
int botan_x509_general_name_get_type(botan_x509_general_name_t name, unsigned int *type)
Definition ffi_cert.cpp:733
botan_mac_clear
int botan_mac_clear(botan_mac_t mac)
Definition ffi_mac.cpp:58
botan_pubkey_view_kyber_raw_key
int botan_pubkey_view_kyber_raw_key(botan_pubkey_t key, botan_view_ctx ctx, botan_view_bin_fn view)
Definition ffi_pkey_algs.cpp:1286
botan_x509_cert_permitted_name_constraints_count
int botan_x509_cert_permitted_name_constraints_count(botan_x509_cert_t cert, size_t *count)
Definition ffi_cert.cpp:834
botan_block_cipher_set_key
int botan_block_cipher_set_key(botan_block_cipher_t bc, const uint8_t key[], size_t len)
Definition ffi_block.cpp:49
botan_mp_set_bit
int botan_mp_set_bit(botan_mp_t n, size_t bit)
Definition ffi_mp.cpp:286
botan_bcrypt_is_valid
int botan_bcrypt_is_valid(const char *pass, const char *hash)
Definition ffi_kdf.cpp:209
botan_mp_set_from_mp
int botan_mp_set_from_mp(botan_mp_t dest, botan_mp_t source)
Definition ffi_mp.cpp:60
botan_hash_t
struct botan_hash_struct * botan_hash_t
Definition ffi.h:490
botan_x509_value_type
botan_x509_value_type
Definition ffi.h:2402
BOTAN_X509_AUTHORITY_KEY_IDENTIFIER
@ BOTAN_X509_AUTHORITY_KEY_IDENTIFIER
Definition ffi.h:2407
BOTAN_X509_SUBJECT_KEY_IDENTIFIER
@ BOTAN_X509_SUBJECT_KEY_IDENTIFIER
Definition ffi.h:2406
BOTAN_X509_TBS_DATA_BITS
@ BOTAN_X509_TBS_DATA_BITS
Definition ffi.h:2410
BOTAN_X509_SIGNATURE_BITS
@ BOTAN_X509_SIGNATURE_BITS
Definition ffi.h:2412
BOTAN_X509_PUBLIC_KEY_PKCS8_BITS
@ BOTAN_X509_PUBLIC_KEY_PKCS8_BITS
Definition ffi.h:2409
BOTAN_X509_DER_ENCODING
@ BOTAN_X509_DER_ENCODING
Definition ffi.h:2414
BOTAN_X509_PEM_ENCODING
@ BOTAN_X509_PEM_ENCODING
Definition ffi.h:2415
BOTAN_X509_OCSP_RESPONDER_URLS
@ BOTAN_X509_OCSP_RESPONDER_URLS
Definition ffi.h:2418
BOTAN_X509_SIGNATURE_SCHEME_BITS
@ BOTAN_X509_SIGNATURE_SCHEME_BITS
Definition ffi.h:2411
BOTAN_X509_SUBJECT_DN_BITS
@ BOTAN_X509_SUBJECT_DN_BITS
Definition ffi.h:2404
BOTAN_X509_CRL_DISTRIBUTION_URLS
@ BOTAN_X509_CRL_DISTRIBUTION_URLS
Definition ffi.h:2417
BOTAN_X509_SERIAL_NUMBER
@ BOTAN_X509_SERIAL_NUMBER
Definition ffi.h:2403
BOTAN_X509_ISSUER_DN_BITS
@ BOTAN_X509_ISSUER_DN_BITS
Definition ffi.h:2405
BOTAN_X509_CA_ISSUERS_URLS
@ BOTAN_X509_CA_ISSUERS_URLS
Definition ffi.h:2419
botan_x509_crl_view_binary_values
int botan_x509_crl_view_binary_values(botan_x509_crl_t crl_obj, botan_x509_value_type value_type, size_t index, botan_view_ctx ctx, botan_view_bin_fn view)
Definition ffi_cert.cpp:1222
botan_rng_generate_with_input
int botan_rng_generate_with_input(botan_rng_t rng, uint8_t *out, size_t out_len, const uint8_t *addl_input, size_t addl_len)
Definition ffi_rng.cpp:230
botan_pubkey_load_x448
int botan_pubkey_load_x448(botan_pubkey_t *key, const uint8_t pubkey[56])
Definition ffi_pkey_algs.cpp:1146
botan_privkey_create_elgamal
int botan_privkey_create_elgamal(botan_privkey_t *key, botan_rng_t rng_obj, size_t pbits, size_t qbits)
Definition ffi_pkey_algs.cpp:536
botan_pubkey_load_dh
int botan_pubkey_load_dh(botan_pubkey_t *key, botan_mp_t p, botan_mp_t g, botan_mp_t y)
Definition ffi_pkey_algs.cpp:619
botan_pubkey_load_elgamal
int botan_pubkey_load_elgamal(botan_pubkey_t *key, botan_mp_t p, botan_mp_t g, botan_mp_t y)
Definition ffi_pkey_algs.cpp:562
botan_privkey_create_dsa
int botan_privkey_create_dsa(botan_privkey_t *key, botan_rng_t rng_obj, size_t pbits, size_t qbits)
Definition ffi_pkey_algs.cpp:360
botan_privkey_load_elgamal
int botan_privkey_load_elgamal(botan_privkey_t *key, botan_mp_t p, botan_mp_t g, botan_mp_t x)
Definition ffi_pkey_algs.cpp:579
Generated by doxygen 1.16.1