Botan 3.6.1
Crypto and TLS for C&
ffi.h
Go to the documentation of this file.
1/*
2* FFI (C89 API)
3* (C) 2015,2017 Jack Lloyd
4* (C) 2021 René Fischer
5*
6* Botan is released under the Simplified BSD License (see license.txt)
7*/
8
9#ifndef BOTAN_FFI_H_
10#define BOTAN_FFI_H_
11
12#ifdef __cplusplus
13extern "C" {
14#endif
15
16/*
17This header exports some of botan's functionality via a C89 interface. This API
18is uesd by the Python, OCaml, Rust, Ruby, and Haskell bindings via those languages
19respective ctypes/FFI libraries.
20
21The API is intended to be as easy as possible to call from other
22languages, which often have easy ways to call C, because C. But some C
23code is easier to deal with than others, so to make things easy this
24API follows a few simple rules:
25
26- All interactions are via pointers to opaque structs. No need to worry about
27 structure padding issues and the like.
28
29- All functions return an int error code (except the version calls, which are
30 assumed to always have something to say).
31
32- Use simple types: size_t for lengths, const char* NULL terminated strings,
33 uint8_t for binary.
34
35- No ownership of memory transfers across the API boundary. The API will
36 consume data from const pointers, and will produce output by writing to
37 buffers provided by (and allocated by) the caller.
38
39- If exporting a value (a string or a blob) the function takes a pointer to the
40 output array and a read/write pointer to the length. If the length is insufficient, an
41 error is returned. So passing nullptr/0 allows querying the final value.
42
43 Typically there is also a function which allows querying the expected output
44 length of a function, for example `botan_hash_output_length` allows knowing in
45 advance the expected size for `botan_hash_final`. Some of these are exact,
46 while others such as `botan_pk_op_decrypt_output_length` only provide an upper
47 bound.
48
49 The big exception to this currently is the various functions which serialize
50 public and private keys, where there are currently no function that can
51 estimate the serialized size. Here view functions are used; see the handbook
52 for further details.
53
54 TODO:
55 - Doxygen comments for all functions/params
56 - TLS
57*/
58
59#include <stddef.h>
60#include <stdint.h>
61
62/**
63* The compile time API version. This matches the value of
64* botan_ffi_api_version. This can be used for compile-time checking if a
65* particular feature is available.
66*
67* Note this same value is also reflected in BOTAN_HAS_FFI in build.h, however
68* that declaration is not visible here since this header is intentionally
69* free-standing, depending only on a few C standard library headers.
70*/
71#define BOTAN_FFI_API_VERSION 20240408
72
73/**
74* BOTAN_FFI_EXPORT indicates public FFI functions.
75*
76* The arguments to the macro are to indicate the version that
77* that particular FFI function was first available
78*/
79#if defined(BOTAN_DLL)
80 #define BOTAN_FFI_EXPORT(maj, min) BOTAN_DLL
81#else
82 #if defined(__has_attribute)
83 #if __has_attribute(visibility)
84 #define BOTAN_FFI_EXPORT(maj, min) __attribute__((visibility("default")))
85 #endif
86 #elif defined(_MSC_VER) && !defined(BOTAN_IS_BEING_BUILT)
87 #define BOTAN_FFI_EXPORT(maj, min) __declspec(dllimport)
88 #else
89 #define BOTAN_FFI_EXPORT(maj, min)
90 #endif
91#endif
92
93#if !defined(BOTAN_NO_DEPRECATED_WARNINGS)
94 #if defined(__has_attribute)
95 #if __has_attribute(deprecated)
96 #define BOTAN_FFI_DEPRECATED(msg) __attribute__((deprecated(msg)))
97 #endif
98 #elif defined(_MSC_VER)
99 #define BOTAN_FFI_DEPRECATED(msg) __declspec(deprecated(msg))
100 #endif
101#endif
102
103#if !defined(BOTAN_FFI_DEPRECATED)
104 #define BOTAN_FFI_DEPRECATED(msg) /**/
105#endif
106
107/**
108* Error codes
109*
110* If you add a new value here be sure to also add it in
111* botan_error_description
112*/
145
146typedef void* botan_view_ctx;
147
148/**
149* Viewer function for binary data
150*
151* @param view_ctx some application context
152* @param data the binary data
153* @param len the length of data in bytes
154*/
155typedef int (*botan_view_bin_fn)(botan_view_ctx view_ctx, const uint8_t* data, size_t len);
156
157/**
158* Viewer function for string data
159*
160* @param view_ctx some application context
161* @param str the null terminated string
162* @param len the length of string *including* the null terminator
163*/
164typedef int (*botan_view_str_fn)(botan_view_ctx view_ctx, const char* str, size_t len);
165
166/**
167* Convert an error code into a string. Returns "Unknown error"
168* if the error code is not a known one.
169*/
170BOTAN_FFI_EXPORT(2, 8) const char* botan_error_description(int err);
171
172/**
173* Return the message of the last exception caught in this thread.
174*
175* This pointer can/will be reallocated or overwritten the next time
176* this thread calls any other Botan FFI function and must be copied
177* to persistent storage first.
178*/
179BOTAN_FFI_EXPORT(3, 0) const char* botan_error_last_exception_message(void);
180
181/**
182* Return the version of the currently supported FFI API. This is
183* expressed in the form YYYYMMDD of the release date of this version
184* of the API.
185*/
186BOTAN_FFI_EXPORT(2, 0) uint32_t botan_ffi_api_version(void);
187
188/**
189* Return 0 (ok) if the version given is one this library supports.
190* botan_ffi_supports_api(botan_ffi_api_version()) will always return 0.
191*/
192BOTAN_FFI_EXPORT(2, 0) int botan_ffi_supports_api(uint32_t api_version);
193
194/**
195* Return a free-form version string, e.g., 2.0.0
196*/
197BOTAN_FFI_EXPORT(2, 0) const char* botan_version_string(void);
198
199/**
200* Return the major version of the library
201*/
202BOTAN_FFI_EXPORT(2, 0) uint32_t botan_version_major(void);
203
204/**
205* Return the minor version of the library
206*/
207BOTAN_FFI_EXPORT(2, 0) uint32_t botan_version_minor(void);
208
209/**
210* Return the patch version of the library
211*/
212BOTAN_FFI_EXPORT(2, 0) uint32_t botan_version_patch(void);
213
214/**
215* Return the date this version was released as
216* an integer, or 0 if an unreleased version
217*/
218BOTAN_FFI_EXPORT(2, 0) uint32_t botan_version_datestamp(void);
219
220/**
221* Returns 0 if x[0..len] == y[0..len], or otherwise -1
222*/
223BOTAN_FFI_EXPORT(2, 3) int botan_constant_time_compare(const uint8_t* x, const uint8_t* y, size_t len);
224
225/**
226* Deprecated equivalent to botan_constant_time_compare
227*/
228BOTAN_FFI_DEPRECATED("Use botan_constant_time_compare")
229BOTAN_FFI_EXPORT(2, 0) int botan_same_mem(const uint8_t* x, const uint8_t* y, size_t len);
230
231/**
232* Clear out memory using a system specific approach to bypass elision by the
233* compiler (currently using RtlSecureZeroMemory or tricks with volatile pointers).
234*/
235BOTAN_FFI_EXPORT(2, 2) int botan_scrub_mem(void* mem, size_t bytes);
236
237#define BOTAN_FFI_HEX_LOWER_CASE 1
238
239/**
240* Perform hex encoding
241* @param x is some binary data
242* @param len length of x in bytes
243* @param out an array of at least x*2 bytes
244* @param flags flags out be upper or lower case?
245* @return 0 on success, a negative value on failure
246*/
247BOTAN_FFI_EXPORT(2, 0) int botan_hex_encode(const uint8_t* x, size_t len, char* out, uint32_t flags);
248
249/**
250* Perform hex decoding
251* @param hex_str a string of hex chars (whitespace is ignored)
252* @param in_len the length of hex_str
253* @param out the output buffer should be at least strlen(hex_str)/2 bytes
254* @param out_len the size of the output buffer on input, set to the number of bytes written
255* @return 0 on success, a negative value on failure
256*/
257BOTAN_FFI_EXPORT(2, 3) int botan_hex_decode(const char* hex_str, size_t in_len, uint8_t* out, size_t* out_len);
258
259/**
260* Perform base64 encoding
261*/
262BOTAN_FFI_EXPORT(2, 3) int botan_base64_encode(const uint8_t* x, size_t len, char* out, size_t* out_len);
263
264/**
265* Perform base64 decoding
266*/
267BOTAN_FFI_EXPORT(2, 3) int botan_base64_decode(const char* base64_str, size_t in_len, uint8_t* out, size_t* out_len);
268
269/**
270* RNG type
271*/
272typedef struct botan_rng_struct* botan_rng_t;
273
274/**
275* Initialize a random number generator object
276* @param rng rng object
277* @param rng_type type of the rng, possible values:
278* "system": system RNG
279* "user": userspace RNG
280* "user-threadsafe": userspace RNG, with internal locking
281* "rdrand": directly read RDRAND
282* Set rng_type to null to let the library choose some default.
283*/
284BOTAN_FFI_EXPORT(2, 0) int botan_rng_init(botan_rng_t* rng, const char* rng_type);
285
286/**
287* Initialize a custom random number generator from a set of callback functions
288* @param rng_out rng object to create
289* @param rng_name name of the rng
290* @param context An application-specific context passed to the callback functions
291* @param get_cb Callback for getting random bytes from the rng, return 0 for success
292* @param add_entropy_cb Callback for adding entropy to the rng, return 0 for success, may be NULL
293* @param destroy_cb Callback called when rng is destroyed, may be NULL
294*/
295BOTAN_FFI_EXPORT(3, 0)
296int botan_rng_init_custom(botan_rng_t* rng_out,
297 const char* rng_name,
298 void* context,
299 int (*get_cb)(void* context, uint8_t* out, size_t out_len),
300 int (*add_entropy_cb)(void* context, const uint8_t input[], size_t length),
301 void (*destroy_cb)(void* context));
302
303/**
304* Get random bytes from a random number generator
305* @param rng rng object
306* @param out output buffer of size out_len
307* @param out_len number of requested bytes
308* @return 0 on success, negative on failure
309*/
310BOTAN_FFI_EXPORT(2, 0) int botan_rng_get(botan_rng_t rng, uint8_t* out, size_t out_len);
311
312/**
313* Get random bytes from system random number generator
314* @param out output buffer of size out_len
315* @param out_len number of requested bytes
316* @return 0 on success, negative on failure
317*/
318BOTAN_FFI_EXPORT(3, 0) int botan_system_rng_get(uint8_t* out, size_t out_len);
319
320/**
321* Reseed a random number generator
322* Uses the System_RNG as a seed generator.
323*
324* @param rng rng object
325* @param bits number of bits to reseed with
326* @return 0 on success, a negative value on failure
327*/
328BOTAN_FFI_EXPORT(2, 0) int botan_rng_reseed(botan_rng_t rng, size_t bits);
329
330/**
331* Reseed a random number generator
332*
333* @param rng rng object
334* @param source_rng the rng that will be read from
335* @param bits number of bits to reseed with
336* @return 0 on success, a negative value on failure
337*/
338BOTAN_FFI_EXPORT(2, 8) int botan_rng_reseed_from_rng(botan_rng_t rng, botan_rng_t source_rng, size_t bits);
339
340/**
341* Add some seed material to a random number generator
342*
343* @param rng rng object
344* @param entropy the data to add
345* @param entropy_len length of entropy buffer
346* @return 0 on success, a negative value on failure
347*/
348BOTAN_FFI_EXPORT(2, 8) int botan_rng_add_entropy(botan_rng_t rng, const uint8_t* entropy, size_t entropy_len);
349
350/**
351* Frees all resources of the random number generator object
352* @param rng rng object
353* @return 0 if success, error if invalid object handle
354*/
355BOTAN_FFI_EXPORT(2, 0) int botan_rng_destroy(botan_rng_t rng);
356
357/*
358* Hash type
359*/
360typedef struct botan_hash_struct* botan_hash_t;
361
362/**
363* Initialize a hash function object
364* @param hash hash object
365* @param hash_name name of the hash function, e.g., "SHA-384"
366* @param flags should be 0 in current API revision, all other uses are reserved
367* and return BOTAN_FFI_ERROR_BAD_FLAG
368*/
369BOTAN_FFI_EXPORT(2, 0) int botan_hash_init(botan_hash_t* hash, const char* hash_name, uint32_t flags);
370
371/**
372* Copy the state of a hash function object
373* @param dest destination hash object
374* @param source source hash object
375* @return 0 on success, a negative value on failure
376*/
377BOTAN_FFI_EXPORT(2, 2) int botan_hash_copy_state(botan_hash_t* dest, botan_hash_t source);
378
379/**
380* Writes the output length of the hash function to *output_length
381* @param hash hash object
382* @param output_length output buffer to hold the hash function output length
383* @return 0 on success, a negative value on failure
384*/
385BOTAN_FFI_EXPORT(2, 0) int botan_hash_output_length(botan_hash_t hash, size_t* output_length);
386
387/**
388* Writes the block size of the hash function to *block_size
389* @param hash hash object
390* @param block_size output buffer to hold the hash function output length
391* @return 0 on success, a negative value on failure
392*/
393BOTAN_FFI_EXPORT(2, 2) int botan_hash_block_size(botan_hash_t hash, size_t* block_size);
394
395/**
396* Send more input to the hash function
397* @param hash hash object
398* @param in input buffer
399* @param in_len number of bytes to read from the input buffer
400* @return 0 on success, a negative value on failure
401*/
402BOTAN_FFI_EXPORT(2, 0) int botan_hash_update(botan_hash_t hash, const uint8_t* in, size_t in_len);
403
404/**
405* Finalizes the hash computation and writes the output to
406* out[0:botan_hash_output_length()] then reinitializes for computing
407* another digest as if botan_hash_clear had been called.
408* @param hash hash object
409* @param out output buffer
410* @return 0 on success, a negative value on failure
411*/
412BOTAN_FFI_EXPORT(2, 0) int botan_hash_final(botan_hash_t hash, uint8_t out[]);
413
414/**
415* Reinitializes the state of the hash computation. A hash can
416* be computed (with update/final) immediately.
417* @param hash hash object
418* @return 0 on success, a negative value on failure
419*/
420BOTAN_FFI_EXPORT(2, 0) int botan_hash_clear(botan_hash_t hash);
421
422/**
423* Frees all resources of the hash object
424* @param hash hash object
425* @return 0 if success, error if invalid object handle
426*/
427BOTAN_FFI_EXPORT(2, 0) int botan_hash_destroy(botan_hash_t hash);
428
429/**
430* Get the name of this hash function
431* @param hash the object to read
432* @param name output buffer
433* @param name_len on input, the length of buffer, on success the number of bytes written
434*/
435BOTAN_FFI_EXPORT(2, 8) int botan_hash_name(botan_hash_t hash, char* name, size_t* name_len);
436
437/*
438* Message Authentication type
439*/
440typedef struct botan_mac_struct* botan_mac_t;
441
442/**
443* Initialize a message authentication code object
444* @param mac mac object
445* @param mac_name name of the hash function, e.g., "HMAC(SHA-384)"
446* @param flags should be 0 in current API revision, all other uses are reserved
447* and return a negative value (error code)
448* @return 0 on success, a negative value on failure
449*/
450BOTAN_FFI_EXPORT(2, 0) int botan_mac_init(botan_mac_t* mac, const char* mac_name, uint32_t flags);
451
452/**
453* Writes the output length of the message authentication code to *output_length
454* @param mac mac object
455* @param output_length output buffer to hold the MAC output length
456* @return 0 on success, a negative value on failure
457*/
458BOTAN_FFI_EXPORT(2, 0) int botan_mac_output_length(botan_mac_t mac, size_t* output_length);
459
460/**
461* Sets the key on the MAC
462* @param mac mac object
463* @param key buffer holding the key
464* @param key_len size of the key buffer in bytes
465* @return 0 on success, a negative value on failure
466*/
467BOTAN_FFI_EXPORT(2, 0) int botan_mac_set_key(botan_mac_t mac, const uint8_t* key, size_t key_len);
468
469/**
470* Sets the nonce on the MAC
471* @param mac mac object
472* @param nonce buffer holding the key
473* @param nonce_len size of the key buffer in bytes
474* @return 0 on success, a negative value on failure
475*/
476BOTAN_FFI_EXPORT(3, 0) int botan_mac_set_nonce(botan_mac_t mac, const uint8_t* nonce, size_t nonce_len);
477
478/**
479* Send more input to the message authentication code
480* @param mac mac object
481* @param buf input buffer
482* @param len number of bytes to read from the input buffer
483* @return 0 on success, a negative value on failure
484*/
485BOTAN_FFI_EXPORT(2, 0) int botan_mac_update(botan_mac_t mac, const uint8_t* buf, size_t len);
486
487/**
488* Finalizes the MAC computation and writes the output to
489* out[0:botan_mac_output_length()] then reinitializes for computing
490* another MAC as if botan_mac_clear had been called.
491* @param mac mac object
492* @param out output buffer
493* @return 0 on success, a negative value on failure
494*/
495BOTAN_FFI_EXPORT(2, 0) int botan_mac_final(botan_mac_t mac, uint8_t out[]);
496
497/**
498* Reinitializes the state of the MAC computation. A MAC can
499* be computed (with update/final) immediately.
500* @param mac mac object
501* @return 0 on success, a negative value on failure
502*/
503BOTAN_FFI_EXPORT(2, 0) int botan_mac_clear(botan_mac_t mac);
504
505/**
506* Get the name of this MAC
507* @param mac the object to read
508* @param name output buffer
509* @param name_len on input, the length of buffer, on success the number of bytes written
510*/
511BOTAN_FFI_EXPORT(2, 8) int botan_mac_name(botan_mac_t mac, char* name, size_t* name_len);
512
513/**
514* Get the key length limits of this auth code
515* @param mac the object to read
516* @param out_minimum_keylength if non-NULL, will be set to minimum keylength of MAC
517* @param out_maximum_keylength if non-NULL, will be set to maximum keylength of MAC
518* @param out_keylength_modulo if non-NULL will be set to byte multiple of valid keys
519*/
520BOTAN_FFI_EXPORT(2, 8)
521int botan_mac_get_keyspec(botan_mac_t mac,
522 size_t* out_minimum_keylength,
523 size_t* out_maximum_keylength,
524 size_t* out_keylength_modulo);
525
526/**
527* Frees all resources of the MAC object
528* @param mac mac object
529* @return 0 if success, error if invalid object handle
530*/
531BOTAN_FFI_EXPORT(2, 0) int botan_mac_destroy(botan_mac_t mac);
532
533/*
534* Cipher modes
535*/
536typedef struct botan_cipher_struct* botan_cipher_t;
537
538#define BOTAN_CIPHER_INIT_FLAG_MASK_DIRECTION 1
539#define BOTAN_CIPHER_INIT_FLAG_ENCRYPT 0
540#define BOTAN_CIPHER_INIT_FLAG_DECRYPT 1
541
542/**
543* Initialize a cipher object
544*/
545BOTAN_FFI_EXPORT(2, 0) int botan_cipher_init(botan_cipher_t* cipher, const char* name, uint32_t flags);
546
547/**
548* Return the name of the cipher object
549*/
550BOTAN_FFI_EXPORT(2, 8) int botan_cipher_name(botan_cipher_t cipher, char* name, size_t* name_len);
551
552/**
553* Return the output length of this cipher, for a particular input length.
554*/
555BOTAN_FFI_EXPORT(2, 8) int botan_cipher_output_length(botan_cipher_t cipher, size_t in_len, size_t* out_len);
556
557/**
558* Return if the specified nonce length is valid for this cipher
559*/
560BOTAN_FFI_EXPORT(2, 0) int botan_cipher_valid_nonce_length(botan_cipher_t cipher, size_t nl);
561
562/**
563* Get the tag length of the cipher (0 for non-AEAD modes)
564*/
565BOTAN_FFI_EXPORT(2, 0) int botan_cipher_get_tag_length(botan_cipher_t cipher, size_t* tag_size);
566
567/**
568* Returns 1 iff the cipher provides authentication as well as confidentiality.
569*/
570BOTAN_FFI_EXPORT(3, 3) int botan_cipher_is_authenticated(botan_cipher_t cipher);
571
572/**
573 * Returns 1 iff the cipher requires the entire message before any
574 * encryption or decryption can be performed. No output data will be produced
575 * in botan_cipher_update() until the final flag is set.
576 */
577BOTAN_FFI_EXPORT(3, 4) int botan_cipher_requires_entire_message(botan_cipher_t cipher);
578
579/**
580* Get the default nonce length of this cipher
581*/
582BOTAN_FFI_EXPORT(2, 0) int botan_cipher_get_default_nonce_length(botan_cipher_t cipher, size_t* nl);
583
584/**
585* Return the update granularity of the cipher; botan_cipher_update must be
586* called with blocks of this size, except for the final.
587*/
588BOTAN_FFI_EXPORT(2, 0) int botan_cipher_get_update_granularity(botan_cipher_t cipher, size_t* ug);
589
590/**
591* Return the ideal update granularity of the cipher. This is some multiple of the
592* update granularity, reflecting possibilities for optimization.
593*/
594BOTAN_FFI_EXPORT(3, 0) int botan_cipher_get_ideal_update_granularity(botan_cipher_t cipher, size_t* ug);
595
596/**
597* Get information about the key lengths. Prefer botan_cipher_get_keyspec
598*/
599BOTAN_FFI_EXPORT(2, 0)
600int botan_cipher_query_keylen(botan_cipher_t, size_t* out_minimum_keylength, size_t* out_maximum_keylength);
601
602/**
603* Get information about the supported key lengths.
604*/
605BOTAN_FFI_EXPORT(2, 8)
606int botan_cipher_get_keyspec(botan_cipher_t, size_t* min_keylen, size_t* max_keylen, size_t* mod_keylen);
607
608/**
609* Set the key for this cipher object
610*/
611BOTAN_FFI_EXPORT(2, 0) int botan_cipher_set_key(botan_cipher_t cipher, const uint8_t* key, size_t key_len);
612
613/**
614* Reset the message specific state for this cipher.
615* Without resetting the keys, this resets the nonce, and any state
616* associated with any message bits that have been processed so far.
617*
618* It is conceptually equivalent to calling botan_cipher_clear followed
619* by botan_cipher_set_key with the original key.
620*/
621BOTAN_FFI_EXPORT(2, 8) int botan_cipher_reset(botan_cipher_t cipher);
622
623/**
624* Set the associated data. Will fail if cipher is not an AEAD
625*/
626BOTAN_FFI_EXPORT(2, 0) int botan_cipher_set_associated_data(botan_cipher_t cipher, const uint8_t* ad, size_t ad_len);
627
628/**
629* Begin processing a new message using the provided nonce
630*/
631BOTAN_FFI_EXPORT(2, 0) int botan_cipher_start(botan_cipher_t cipher, const uint8_t* nonce, size_t nonce_len);
632
633#define BOTAN_CIPHER_UPDATE_FLAG_FINAL (1U << 0)
634
635/**
636* @brief Encrypt/Decrypt some data and/or finalize the encryption/decryption
637*
638* This encrypts as many bytes from @p input_bytes into @p output_bytes as
639* possible. Unless ``BOTAN_CIPHER_UPDATE_FLAG_FINAL`` is set, this function will
640* consume bytes in multiples of botan_cipher_get_update_granularity().
641* @p input_consumed and @p output_written will be set accordingly and it is the
642* caller's responsibility to adapt their buffers accordingly before calling this
643* function again. Note that, unless ``BOTAN_CIPHER_UPDATE_FLAG_FINAL`` is set,
644* the cipher will at most generate @p input_size output bytes.
645*
646* Eventually, the caller must set the ``BOTAN_CIPHER_UPDATE_FLAG_FINAL`` flag to
647* indicate that no more input will be provided. This will cause the cipher to
648* consume all given input bytes and produce the final output; or return a
649* ``BOTAN_FFI_ERROR_INSUFFICIENT_BUFFER_SPACE`` error if the given output buffer
650* was too small. In the latter case, @p output_written will be set to the
651* required buffer size. Calling again with ``BOTAN_CIPHER_UPDATE_FLAG_FINAL``, a
652* big enough buffer and no further input will then produce the final output.
653*
654* Note that some ciphers require the entire message to be provided before any
655* output is produced. @sa botan_cipher_requires_entire_message().
656*/
657BOTAN_FFI_EXPORT(2, 0)
658int botan_cipher_update(botan_cipher_t cipher,
659 uint32_t flags,
660 uint8_t output[],
661 size_t output_size,
662 size_t* output_written,
663 const uint8_t input_bytes[],
664 size_t input_size,
665 size_t* input_consumed);
666
667/**
668* Reset the key, nonce, AD and all other state on this cipher object
669*/
670BOTAN_FFI_EXPORT(2, 0) int botan_cipher_clear(botan_cipher_t hash);
671
672/**
673* Destroy the cipher object
674* @return 0 if success, error if invalid object handle
675*/
676BOTAN_FFI_EXPORT(2, 0) int botan_cipher_destroy(botan_cipher_t cipher);
677
678/*
679* Derive a key from a passphrase for a number of iterations
680* @param pbkdf_algo PBKDF algorithm, e.g., "PBKDF2(SHA-256)"
681* @param out buffer to store the derived key, must be of out_len bytes
682* @param out_len the desired length of the key to produce
683* @param passphrase the password to derive the key from
684* @param salt a randomly chosen salt
685* @param salt_len length of salt in bytes
686* @param iterations the number of iterations to use (use 10K or more)
687* @return 0 on success, a negative value on failure
688*
689* Deprecated: use
690* botan_pwdhash(pbkdf_algo, iterations, 0, 0, out, out_len,
691* passphrase, 0, salt, salt_len);
692*/
693BOTAN_FFI_DEPRECATED("Use botan_pwdhash")
694BOTAN_FFI_EXPORT(2, 0)
695int botan_pbkdf(const char* pbkdf_algo,
696 uint8_t out[],
697 size_t out_len,
698 const char* passphrase,
699 const uint8_t salt[],
700 size_t salt_len,
701 size_t iterations);
702
703/**
704* Derive a key from a passphrase, running until msec time has elapsed.
705* @param pbkdf_algo PBKDF algorithm, e.g., "PBKDF2(SHA-256)"
706* @param out buffer to store the derived key, must be of out_len bytes
707* @param out_len the desired length of the key to produce
708* @param passphrase the password to derive the key from
709* @param salt a randomly chosen salt
710* @param salt_len length of salt in bytes
711* @param milliseconds_to_run if iterations is zero, then instead the PBKDF is
712* run until milliseconds_to_run milliseconds has passed
713* @param out_iterations_used set to the number iterations executed
714* @return 0 on success, a negative value on failure
715*
716* Deprecated: use
717*
718* botan_pwdhash_timed(pbkdf_algo,
719* static_cast<uint32_t>(ms_to_run),
720* iterations_used,
721* nullptr,
722* nullptr,
723* out, out_len,
724* password, 0,
725* salt, salt_len);
726*/
727BOTAN_FFI_EXPORT(2, 0)
728int botan_pbkdf_timed(const char* pbkdf_algo,
729 uint8_t out[],
730 size_t out_len,
731 const char* passphrase,
732 const uint8_t salt[],
733 size_t salt_len,
734 size_t milliseconds_to_run,
735 size_t* out_iterations_used);
736
737/*
738* Derive a key from a passphrase
739* @param algo PBKDF algorithm, e.g., "PBKDF2(SHA-256)" or "Scrypt"
740* @param param1 the first PBKDF algorithm parameter
741* @param param2 the second PBKDF algorithm parameter (may be zero if unneeded)
742* @param param3 the third PBKDF algorithm parameter (may be zero if unneeded)
743* @param out buffer to store the derived key, must be of out_len bytes
744* @param out_len the desired length of the key to produce
745* @param passphrase the password to derive the key from
746* @param passphrase_len if > 0, specifies length of password. If len == 0, then
747* strlen will be called on passphrase to compute the length.
748* @param salt a randomly chosen salt
749* @param salt_len length of salt in bytes
750* @return 0 on success, a negative value on failure
751*/
752int BOTAN_FFI_EXPORT(2, 8) botan_pwdhash(const char* algo,
753 size_t param1,
754 size_t param2,
755 size_t param3,
756 uint8_t out[],
757 size_t out_len,
758 const char* passphrase,
759 size_t passphrase_len,
760 const uint8_t salt[],
761 size_t salt_len);
762
763/*
764* Derive a key from a passphrase
765* @param pbkdf_algo PBKDF algorithm, e.g., "Scrypt" or "PBKDF2(SHA-256)"
766* @param msec the desired runtime in milliseconds
767* @param param1 will be set to the first password hash parameter
768* @param param2 will be set to the second password hash parameter
769* @param param3 will be set to the third password hash parameter
770* @param out buffer to store the derived key, must be of out_len bytes
771* @param out_len the desired length of the key to produce
772* @param passphrase the password to derive the key from
773* @param passphrase_len if > 0, specifies length of password. If len == 0, then
774* strlen will be called on passphrase to compute the length.
775* @param salt a randomly chosen salt
776* @param salt_len length of salt in bytes
777* @return 0 on success, a negative value on failure
778*/
779int BOTAN_FFI_EXPORT(2, 8) botan_pwdhash_timed(const char* algo,
780 uint32_t msec,
781 size_t* param1,
782 size_t* param2,
783 size_t* param3,
784 uint8_t out[],
785 size_t out_len,
786 const char* passphrase,
787 size_t passphrase_len,
788 const uint8_t salt[],
789 size_t salt_len);
790
791/**
792* Derive a key using scrypt
793* Deprecated; use
794* botan_pwdhash("Scrypt", N, r, p, out, out_len, password, 0, salt, salt_len);
795*/
796BOTAN_FFI_DEPRECATED("Use botan_pwdhash")
797BOTAN_FFI_EXPORT(2, 8)
798int botan_scrypt(uint8_t out[],
799 size_t out_len,
800 const char* passphrase,
801 const uint8_t salt[],
802 size_t salt_len,
803 size_t N,
804 size_t r,
805 size_t p);
806
807/**
808* Derive a key
809* @param kdf_algo KDF algorithm, e.g., "SP800-56C"
810* @param out buffer holding the derived key, must be of length out_len
811* @param out_len the desired output length in bytes
812* @param secret the secret input
813* @param secret_len size of secret in bytes
814* @param salt a diversifier
815* @param salt_len size of salt in bytes
816* @param label purpose for the derived keying material
817* @param label_len size of label in bytes
818* @return 0 on success, a negative value on failure
819*/
820BOTAN_FFI_EXPORT(2, 0)
821int botan_kdf(const char* kdf_algo,
822 uint8_t out[],
823 size_t out_len,
824 const uint8_t secret[],
825 size_t secret_len,
826 const uint8_t salt[],
827 size_t salt_len,
828 const uint8_t label[],
829 size_t label_len);
830
831/*
832* Raw Block Cipher (PRP) interface
833*/
834typedef struct botan_block_cipher_struct* botan_block_cipher_t;
835
836/**
837* Initialize a block cipher object
838*/
839BOTAN_FFI_EXPORT(2, 1) int botan_block_cipher_init(botan_block_cipher_t* bc, const char* cipher_name);
840
841/**
842* Destroy a block cipher object
843* @return 0 if success, error if invalid object handle
844*/
845BOTAN_FFI_EXPORT(2, 1) int botan_block_cipher_destroy(botan_block_cipher_t bc);
846
847/**
848* Reinitializes the block cipher
849* @return 0 on success, a negative value on failure
850*/
851BOTAN_FFI_EXPORT(2, 1) int botan_block_cipher_clear(botan_block_cipher_t bc);
852
853/**
854* Set the key for a block cipher instance
855*/
856BOTAN_FFI_EXPORT(2, 1) int botan_block_cipher_set_key(botan_block_cipher_t bc, const uint8_t key[], size_t len);
857
858/**
859* Return the positive block size of this block cipher, or negative to
860* indicate an error
861*/
862BOTAN_FFI_EXPORT(2, 1) int botan_block_cipher_block_size(botan_block_cipher_t bc);
863
864/**
865* Encrypt one or more blocks with the cipher
866*/
867BOTAN_FFI_EXPORT(2, 1)
868int botan_block_cipher_encrypt_blocks(botan_block_cipher_t bc, const uint8_t in[], uint8_t out[], size_t blocks);
869
870/**
871* Decrypt one or more blocks with the cipher
872*/
873BOTAN_FFI_EXPORT(2, 1)
874int botan_block_cipher_decrypt_blocks(botan_block_cipher_t bc, const uint8_t in[], uint8_t out[], size_t blocks);
875
876/**
877* Get the name of this block cipher
878* @param cipher the object to read
879* @param name output buffer
880* @param name_len on input, the length of buffer, on success the number of bytes written
881*/
882BOTAN_FFI_EXPORT(2, 8) int botan_block_cipher_name(botan_block_cipher_t cipher, char* name, size_t* name_len);
883
884/**
885* Get the key length limits of this block cipher
886* @param cipher the object to read
887* @param out_minimum_keylength if non-NULL, will be set to minimum keylength of cipher
888* @param out_maximum_keylength if non-NULL, will be set to maximum keylength of cipher
889* @param out_keylength_modulo if non-NULL will be set to byte multiple of valid keys
890*/
891BOTAN_FFI_EXPORT(2, 8)
892int botan_block_cipher_get_keyspec(botan_block_cipher_t cipher,
893 size_t* out_minimum_keylength,
894 size_t* out_maximum_keylength,
895 size_t* out_keylength_modulo);
896
897/*
898* Multiple precision integers (MPI)
899*/
900typedef struct botan_mp_struct* botan_mp_t;
901
902/**
903* Initialize an MPI
904*/
905BOTAN_FFI_EXPORT(2, 1) int botan_mp_init(botan_mp_t* mp);
906
907/**
908* Destroy (deallocate) an MPI
909* @return 0 if success, error if invalid object handle
910*/
911BOTAN_FFI_EXPORT(2, 1) int botan_mp_destroy(botan_mp_t mp);
912
913/**
914* Convert the MPI to a hex string. Writes botan_mp_num_bytes(mp)*2 + 1 bytes
915*/
916BOTAN_FFI_EXPORT(2, 1) int botan_mp_to_hex(botan_mp_t mp, char* out);
917
918/**
919* Convert the MPI to a string. Currently base == 10 and base == 16 are supported.
920*/
921BOTAN_FFI_EXPORT(2, 1) int botan_mp_to_str(botan_mp_t mp, uint8_t base, char* out, size_t* out_len);
922
923/**
924* Set the MPI to zero
925*/
926BOTAN_FFI_EXPORT(2, 1) int botan_mp_clear(botan_mp_t mp);
927
928/**
929* Set the MPI value from an int
930*/
931BOTAN_FFI_EXPORT(2, 1) int botan_mp_set_from_int(botan_mp_t mp, int initial_value);
932
933/**
934* Set the MPI value from another MP object
935*/
936BOTAN_FFI_EXPORT(2, 1) int botan_mp_set_from_mp(botan_mp_t dest, botan_mp_t source);
937
938/**
939* Set the MPI value from a string
940*/
941BOTAN_FFI_EXPORT(2, 1) int botan_mp_set_from_str(botan_mp_t dest, const char* str);
942
943/**
944* Set the MPI value from a string with arbitrary radix.
945* For arbitrary being 10 or 16.
946*/
947BOTAN_FFI_EXPORT(2, 1) int botan_mp_set_from_radix_str(botan_mp_t dest, const char* str, size_t radix);
948
949/**
950* Return the number of significant bits in the MPI
951*/
952BOTAN_FFI_EXPORT(2, 1) int botan_mp_num_bits(botan_mp_t n, size_t* bits);
953
954/**
955* Return the number of significant bytes in the MPI
956*/
957BOTAN_FFI_EXPORT(2, 1) int botan_mp_num_bytes(botan_mp_t n, size_t* bytes);
958
959/*
960* Convert the MPI to a big-endian binary string. Writes botan_mp_num_bytes to vec
961*/
962BOTAN_FFI_EXPORT(2, 1) int botan_mp_to_bin(botan_mp_t mp, uint8_t vec[]);
963
964/*
965* Set an MP to the big-endian binary value
966*/
967BOTAN_FFI_EXPORT(2, 1) int botan_mp_from_bin(botan_mp_t mp, const uint8_t vec[], size_t vec_len);
968
969/*
970* Convert the MPI to a uint32_t, if possible. Fails if MPI is negative or too large.
971*/
972BOTAN_FFI_EXPORT(2, 1) int botan_mp_to_uint32(botan_mp_t mp, uint32_t* val);
973
974/**
975* This function should have been named mp_is_non_negative. Returns 1
976* iff mp is greater than *or equal to* zero. Use botan_mp_is_negative
977* to detect negative numbers, botan_mp_is_zero to check for zero.
978*/
979BOTAN_FFI_EXPORT(2, 1) int botan_mp_is_positive(botan_mp_t mp);
980
981/**
982* Return 1 iff mp is less than 0
983*/
984BOTAN_FFI_EXPORT(2, 1) int botan_mp_is_negative(botan_mp_t mp);
985
986BOTAN_FFI_EXPORT(2, 1) int botan_mp_flip_sign(botan_mp_t mp);
987
988BOTAN_FFI_EXPORT(2, 1) int botan_mp_is_zero(botan_mp_t mp);
989
990BOTAN_FFI_DEPRECATED("Use botan_mp_get_bit(0)") BOTAN_FFI_EXPORT(2, 1) int botan_mp_is_odd(botan_mp_t mp);
991BOTAN_FFI_DEPRECATED("Use botan_mp_get_bit(0)") BOTAN_FFI_EXPORT(2, 1) int botan_mp_is_even(botan_mp_t mp);
992
993BOTAN_FFI_EXPORT(2, 8) int botan_mp_add_u32(botan_mp_t result, botan_mp_t x, uint32_t y);
994BOTAN_FFI_EXPORT(2, 8) int botan_mp_sub_u32(botan_mp_t result, botan_mp_t x, uint32_t y);
995
996BOTAN_FFI_EXPORT(2, 1) int botan_mp_add(botan_mp_t result, botan_mp_t x, botan_mp_t y);
997BOTAN_FFI_EXPORT(2, 1) int botan_mp_sub(botan_mp_t result, botan_mp_t x, botan_mp_t y);
998BOTAN_FFI_EXPORT(2, 1) int botan_mp_mul(botan_mp_t result, botan_mp_t x, botan_mp_t y);
999
1000BOTAN_FFI_EXPORT(2, 1)
1001int botan_mp_div(botan_mp_t quotient, botan_mp_t remainder, botan_mp_t x, botan_mp_t y);
1002
1003BOTAN_FFI_EXPORT(2, 1)
1004int botan_mp_mod_mul(botan_mp_t result, botan_mp_t x, botan_mp_t y, botan_mp_t mod);
1005
1006/*
1007* Returns 0 if x != y
1008* Returns 1 if x == y
1009* Returns negative number on error
1010*/
1011BOTAN_FFI_EXPORT(2, 1) int botan_mp_equal(botan_mp_t x, botan_mp_t y);
1012
1013/*
1014* Sets *result to comparison result:
1015* -1 if x < y, 0 if x == y, 1 if x > y
1016* Returns negative number on error or zero on success
1017*/
1018BOTAN_FFI_EXPORT(2, 1) int botan_mp_cmp(int* result, botan_mp_t x, botan_mp_t y);
1019
1020/*
1021* Swap two botan_mp_t
1022*/
1023BOTAN_FFI_EXPORT(2, 1) int botan_mp_swap(botan_mp_t x, botan_mp_t y);
1024
1025/* Return (base^exponent) % modulus */
1026BOTAN_FFI_EXPORT(2, 1)
1027int botan_mp_powmod(botan_mp_t out, botan_mp_t base, botan_mp_t exponent, botan_mp_t modulus);
1028
1029BOTAN_FFI_EXPORT(2, 1) int botan_mp_lshift(botan_mp_t out, botan_mp_t in, size_t shift);
1030BOTAN_FFI_EXPORT(2, 1) int botan_mp_rshift(botan_mp_t out, botan_mp_t in, size_t shift);
1031
1032BOTAN_FFI_EXPORT(2, 1) int botan_mp_mod_inverse(botan_mp_t out, botan_mp_t in, botan_mp_t modulus);
1033
1034BOTAN_FFI_EXPORT(2, 1) int botan_mp_rand_bits(botan_mp_t rand_out, botan_rng_t rng, size_t bits);
1035
1036BOTAN_FFI_EXPORT(2, 1)
1037int botan_mp_rand_range(botan_mp_t rand_out, botan_rng_t rng, botan_mp_t lower_bound, botan_mp_t upper_bound);
1038
1039BOTAN_FFI_EXPORT(2, 1) int botan_mp_gcd(botan_mp_t out, botan_mp_t x, botan_mp_t y);
1040
1041/**
1042* Returns 0 if n is not prime
1043* Returns 1 if n is prime
1044* Returns negative number on error
1045*/
1046BOTAN_FFI_EXPORT(2, 1) int botan_mp_is_prime(botan_mp_t n, botan_rng_t rng, size_t test_prob);
1047
1048/**
1049* Returns 0 if specified bit of n is not set
1050* Returns 1 if specified bit of n is set
1051* Returns negative number on error
1052*/
1053BOTAN_FFI_EXPORT(2, 1) int botan_mp_get_bit(botan_mp_t n, size_t bit);
1054
1055/**
1056* Set the specified bit
1057*/
1058BOTAN_FFI_EXPORT(2, 1) int botan_mp_set_bit(botan_mp_t n, size_t bit);
1059
1060/**
1061* Clear the specified bit
1062*/
1063BOTAN_FFI_EXPORT(2, 1) int botan_mp_clear_bit(botan_mp_t n, size_t bit);
1064
1065/* Bcrypt password hashing */
1066
1067/**
1068* Create a password hash using Bcrypt
1069* @param out buffer holding the password hash, should be of length 64 bytes
1070* @param out_len the desired output length in bytes
1071* @param password the password
1072* @param rng a random number generator
1073* @param work_factor how much work to do to slow down guessing attacks
1074* @param flags should be 0 in current API revision, all other uses are reserved
1075* and return BOTAN_FFI_ERROR_BAD_FLAG
1076* @return 0 on success, a negative value on failure
1077
1078* Output is formatted bcrypt $2a$...
1079*/
1080BOTAN_FFI_EXPORT(2, 0)
1081int botan_bcrypt_generate(
1082 uint8_t* out, size_t* out_len, const char* password, botan_rng_t rng, size_t work_factor, uint32_t flags);
1083
1084/**
1085* Check a previously created password hash
1086* @param pass the password to check against
1087* @param hash the stored hash to check against
1088* @return 0 if if this password/hash combination is valid,
1089* 1 if the combination is not valid (but otherwise well formed),
1090* negative on error
1091*/
1092BOTAN_FFI_EXPORT(2, 0) int botan_bcrypt_is_valid(const char* pass, const char* hash);
1093
1094/*
1095* Public/private key creation, import, ...
1096*/
1097typedef struct botan_privkey_struct* botan_privkey_t;
1098
1099/**
1100* Create a new private key
1101* @param key the new object will be placed here
1102* @param algo_name something like "RSA" or "ECDSA"
1103* @param algo_params is specific to the algorithm. For RSA, specifies
1104* the modulus bit length. For ECC is the name of the curve.
1105* @param rng a random number generator
1106*/
1107BOTAN_FFI_EXPORT(2, 0)
1108int botan_privkey_create(botan_privkey_t* key, const char* algo_name, const char* algo_params, botan_rng_t rng);
1109
1110#define BOTAN_CHECK_KEY_EXPENSIVE_TESTS 1
1111
1112BOTAN_FFI_EXPORT(2, 0) int botan_privkey_check_key(botan_privkey_t key, botan_rng_t rng, uint32_t flags);
1113
1114BOTAN_FFI_DEPRECATED("Use botan_privkey_create")
1115BOTAN_FFI_EXPORT(2, 0) int botan_privkey_create_rsa(botan_privkey_t* key, botan_rng_t rng, size_t n_bits);
1116BOTAN_FFI_DEPRECATED("Use botan_privkey_create")
1117BOTAN_FFI_EXPORT(2, 0) int botan_privkey_create_ecdsa(botan_privkey_t* key, botan_rng_t rng, const char* params);
1118BOTAN_FFI_DEPRECATED("Use botan_privkey_create")
1119BOTAN_FFI_EXPORT(2, 0) int botan_privkey_create_ecdh(botan_privkey_t* key, botan_rng_t rng, const char* params);
1120BOTAN_FFI_DEPRECATED("Use botan_privkey_create")
1121BOTAN_FFI_EXPORT(2, 0) int botan_privkey_create_mceliece(botan_privkey_t* key, botan_rng_t rng, size_t n, size_t t);
1122BOTAN_FFI_DEPRECATED("Use botan_privkey_create")
1123BOTAN_FFI_EXPORT(2, 0) int botan_privkey_create_dh(botan_privkey_t* key, botan_rng_t rng, const char* param);
1124
1125/**
1126 * Generates DSA key pair. Gives to a caller control over key length
1127 * and order of a subgroup 'q'.
1128 *
1129 * @param key handler to the resulting key
1130 * @param rng initialized PRNG
1131 * @param pbits length of the key in bits. Must be between in range (1024, 3072)
1132 * and multiple of 64. Bit size of the prime 'p'
1133 * @param qbits order of the subgroup. Must be in range (160, 256) and multiple
1134 * of 8
1135 *
1136 * @returns BOTAN_FFI_SUCCESS Success, `key' initialized with DSA key
1137 * @returns BOTAN_FFI_ERROR_NULL_POINTER either `key' or `rng' is NULL
1138 * @returns BOTAN_FFI_ERROR_BAD_PARAMETER unexpected value for either `pbits' or
1139 * `qbits'
1140 * @returns BOTAN_FFI_ERROR_NOT_IMPLEMENTED functionality not implemented
1141 *
1142*/
1143BOTAN_FFI_EXPORT(2, 5) int botan_privkey_create_dsa(botan_privkey_t* key, botan_rng_t rng, size_t pbits, size_t qbits);
1144
1145/**
1146 * Generates ElGamal key pair. Caller has a control over key length
1147 * and order of a subgroup 'q'. Function is able to use two types of
1148 * primes:
1149 * * if pbits-1 == qbits then safe primes are used for key generation
1150 * * otherwise generation uses group of prime order
1151 *
1152 * @param key handler to the resulting key
1153 * @param rng initialized PRNG
1154 * @param pbits length of the key in bits. Must be at least 1024
1155 * @param qbits order of the subgroup. Must be at least 160
1156 *
1157 * @returns BOTAN_FFI_SUCCESS Success, `key' initialized with DSA key
1158 * @returns BOTAN_FFI_ERROR_NULL_POINTER either `key' or `rng' is NULL
1159 * @returns BOTAN_FFI_ERROR_BAD_PARAMETER unexpected value for either `pbits' or
1160 * `qbits'
1161 * @returns BOTAN_FFI_ERROR_NOT_IMPLEMENTED functionality not implemented
1162 *
1163*/
1164BOTAN_FFI_EXPORT(2, 5)
1165int botan_privkey_create_elgamal(botan_privkey_t* key, botan_rng_t rng, size_t pbits, size_t qbits);
1166
1167/**
1168* Input currently assumed to be PKCS #8 structure;
1169* Set password to NULL to indicate no encryption expected
1170* Starting in 2.8.0, the rng parameter is unused and may be set to null
1171*/
1172BOTAN_FFI_EXPORT(2, 0)
1173int botan_privkey_load(botan_privkey_t* key, botan_rng_t rng, const uint8_t bits[], size_t len, const char* password);
1174
1175/**
1176* @return 0 if success, error if invalid object handle
1177*/
1178BOTAN_FFI_EXPORT(2, 0) int botan_privkey_destroy(botan_privkey_t key);
1179
1180#define BOTAN_PRIVKEY_EXPORT_FLAG_DER 0
1181#define BOTAN_PRIVKEY_EXPORT_FLAG_PEM 1
1182#define BOTAN_PRIVKEY_EXPORT_FLAG_RAW 2
1183
1184/**
1185* On input *out_len is number of bytes in out[]
1186* On output *out_len is number of bytes written (or required)
1187* If out is not big enough no output is written, *out_len is set and 1 is returned
1188* Returns 0 on success and sets
1189* If some other error occurs a negative integer is returned.
1190*/
1191BOTAN_FFI_EXPORT(2, 0) int botan_privkey_export(botan_privkey_t key, uint8_t out[], size_t* out_len, uint32_t flags);
1192
1193/**
1194* View the private key's DER encoding
1195*/
1196BOTAN_FFI_EXPORT(3, 0) int botan_privkey_view_der(botan_privkey_t key, botan_view_ctx ctx, botan_view_bin_fn view);
1197
1198/**
1199* View the private key's PEM encoding
1200*/
1201BOTAN_FFI_EXPORT(3, 0) int botan_privkey_view_pem(botan_privkey_t key, botan_view_ctx ctx, botan_view_str_fn view);
1202
1203/**
1204* View the private key's raw encoding
1205*/
1206BOTAN_FFI_EXPORT(3, 6) int botan_privkey_view_raw(botan_privkey_t key, botan_view_ctx ctx, botan_view_bin_fn view);
1207
1208BOTAN_FFI_EXPORT(2, 8) int botan_privkey_algo_name(botan_privkey_t key, char out[], size_t* out_len);
1209
1210/**
1211* Set encryption_algo to NULL or "" to have the library choose a default (recommended)
1212*/
1213BOTAN_FFI_DEPRECATED("Use botan_privkey_export_encrypted_pbkdf_{msec,iter}")
1214BOTAN_FFI_EXPORT(2, 0)
1215int botan_privkey_export_encrypted(botan_privkey_t key,
1216 uint8_t out[],
1217 size_t* out_len,
1218 botan_rng_t rng,
1219 const char* passphrase,
1220 const char* encryption_algo,
1221 uint32_t flags);
1222
1223/*
1224* Export a private key, running PBKDF for specified amount of time
1225* @param key the private key to export
1226*
1227* Note: starting in 3.0, the output iterations count is not provided
1228*/
1229BOTAN_FFI_EXPORT(2, 0)
1230int botan_privkey_export_encrypted_pbkdf_msec(botan_privkey_t key,
1231 uint8_t out[],
1232 size_t* out_len,
1233 botan_rng_t rng,
1234 const char* passphrase,
1235 uint32_t pbkdf_msec_runtime,
1236 size_t* pbkdf_iterations_out,
1237 const char* cipher_algo,
1238 const char* pbkdf_algo,
1239 uint32_t flags);
1240
1241/**
1242* Export a private key using the specified number of iterations.
1243*/
1244BOTAN_FFI_EXPORT(2, 0)
1245int botan_privkey_export_encrypted_pbkdf_iter(botan_privkey_t key,
1246 uint8_t out[],
1247 size_t* out_len,
1248 botan_rng_t rng,
1249 const char* passphrase,
1250 size_t pbkdf_iterations,
1251 const char* cipher_algo,
1252 const char* pbkdf_algo,
1253 uint32_t flags);
1254
1255/**
1256* View the encryption of a private key (binary DER encoding)
1257*
1258* Set cipher_algo, pbkdf_algo to NULL to use defaults
1259* Set pbkdf_iterations to 0 to use defaults
1260*/
1261BOTAN_FFI_EXPORT(3, 0)
1262int botan_privkey_view_encrypted_der(botan_privkey_t key,
1263 botan_rng_t rng,
1264 const char* passphrase,
1265 const char* cipher_algo,
1266 const char* pbkdf_algo,
1267 size_t pbkdf_iterations,
1268 botan_view_ctx ctx,
1269 botan_view_bin_fn view);
1270
1271/**
1272* View the encryption of a private key (binary DER encoding)
1273*
1274* Set cipher_algo, pbkdf_algo to NULL to use defaults
1275*/
1276BOTAN_FFI_EXPORT(3, 0)
1277int botan_privkey_view_encrypted_der_timed(botan_privkey_t key,
1278 botan_rng_t rng,
1279 const char* passphrase,
1280 const char* cipher_algo,
1281 const char* pbkdf_algo,
1282 size_t pbkdf_runtime_msec,
1283 botan_view_ctx ctx,
1284 botan_view_bin_fn view);
1285
1286/**
1287* View the encryption of a private key (PEM encoding)
1288*
1289* Set cipher_algo, pbkdf_algo to NULL to use defaults
1290* Set pbkdf_iterations to 0 to use defaults
1291*/
1292BOTAN_FFI_EXPORT(3, 0)
1293int botan_privkey_view_encrypted_pem(botan_privkey_t key,
1294 botan_rng_t rng,
1295 const char* passphrase,
1296 const char* cipher_algo,
1297 const char* pbkdf_algo,
1298 size_t pbkdf_iterations,
1299 botan_view_ctx ctx,
1300 botan_view_str_fn view);
1301
1302/**
1303* View the encryption of a private key (PEM encoding)
1304*
1305* Set cipher_algo, pbkdf_algo to NULL to use defaults
1306*/
1307BOTAN_FFI_EXPORT(3, 0)
1308int botan_privkey_view_encrypted_pem_timed(botan_privkey_t key,
1309 botan_rng_t rng,
1310 const char* passphrase,
1311 const char* cipher_algo,
1312 const char* pbkdf_algo,
1313 size_t pbkdf_runtime_msec,
1314 botan_view_ctx ctx,
1315 botan_view_str_fn view);
1316
1317typedef struct botan_pubkey_struct* botan_pubkey_t;
1318
1319BOTAN_FFI_EXPORT(2, 0) int botan_pubkey_load(botan_pubkey_t* key, const uint8_t bits[], size_t len);
1320
1321BOTAN_FFI_EXPORT(2, 0) int botan_privkey_export_pubkey(botan_pubkey_t* out, botan_privkey_t in);
1322
1323BOTAN_FFI_EXPORT(2, 0) int botan_pubkey_export(botan_pubkey_t key, uint8_t out[], size_t* out_len, uint32_t flags);
1324
1325/**
1326* View the public key's DER encoding
1327*/
1328BOTAN_FFI_EXPORT(3, 0) int botan_pubkey_view_der(botan_pubkey_t key, botan_view_ctx ctx, botan_view_bin_fn view);
1329
1330/**
1331* View the public key's PEM encoding
1332*/
1333BOTAN_FFI_EXPORT(3, 0) int botan_pubkey_view_pem(botan_pubkey_t key, botan_view_ctx ctx, botan_view_str_fn view);
1334
1335/**
1336* View the public key's raw encoding
1337*/
1338BOTAN_FFI_EXPORT(3, 6) int botan_pubkey_view_raw(botan_pubkey_t key, botan_view_ctx ctx, botan_view_bin_fn view);
1339
1340BOTAN_FFI_EXPORT(2, 0) int botan_pubkey_algo_name(botan_pubkey_t key, char out[], size_t* out_len);
1341
1342/**
1343* Returns 0 if key is valid, negative if invalid key or some other error
1344*/
1345BOTAN_FFI_EXPORT(2, 0) int botan_pubkey_check_key(botan_pubkey_t key, botan_rng_t rng, uint32_t flags);
1346
1347BOTAN_FFI_EXPORT(2, 0) int botan_pubkey_estimated_strength(botan_pubkey_t key, size_t* estimate);
1348
1349BOTAN_FFI_EXPORT(2, 0)
1350int botan_pubkey_fingerprint(botan_pubkey_t key, const char* hash, uint8_t out[], size_t* out_len);
1351
1352/**
1353* @return 0 if success, error if invalid object handle
1354*/
1355BOTAN_FFI_EXPORT(2, 0) int botan_pubkey_destroy(botan_pubkey_t key);
1356
1357/*
1358* Get arbitrary named fields from public or private keys
1359*/
1360BOTAN_FFI_EXPORT(2, 0) int botan_pubkey_get_field(botan_mp_t output, botan_pubkey_t key, const char* field_name);
1361
1362BOTAN_FFI_EXPORT(2, 0) int botan_privkey_get_field(botan_mp_t output, botan_privkey_t key, const char* field_name);
1363
1364/*
1365* Algorithm specific key operations: RSA
1366*/
1367BOTAN_FFI_EXPORT(2, 0) int botan_privkey_load_rsa(botan_privkey_t* key, botan_mp_t p, botan_mp_t q, botan_mp_t e);
1368
1369BOTAN_FFI_EXPORT(2, 8) int botan_privkey_load_rsa_pkcs1(botan_privkey_t* key, const uint8_t bits[], size_t len);
1370
1371BOTAN_FFI_DEPRECATED("Use botan_privkey_get_field")
1372BOTAN_FFI_EXPORT(2, 0) int botan_privkey_rsa_get_p(botan_mp_t p, botan_privkey_t rsa_key);
1373BOTAN_FFI_DEPRECATED("Use botan_privkey_get_field")
1374BOTAN_FFI_EXPORT(2, 0) int botan_privkey_rsa_get_q(botan_mp_t q, botan_privkey_t rsa_key);
1375BOTAN_FFI_DEPRECATED("Use botan_privkey_get_field")
1376BOTAN_FFI_EXPORT(2, 0) int botan_privkey_rsa_get_d(botan_mp_t d, botan_privkey_t rsa_key);
1377BOTAN_FFI_DEPRECATED("Use botan_privkey_get_field")
1378BOTAN_FFI_EXPORT(2, 0) int botan_privkey_rsa_get_n(botan_mp_t n, botan_privkey_t rsa_key);
1379BOTAN_FFI_DEPRECATED("Use botan_privkey_get_field")
1380BOTAN_FFI_EXPORT(2, 0) int botan_privkey_rsa_get_e(botan_mp_t e, botan_privkey_t rsa_key);
1381
1382BOTAN_FFI_EXPORT(2, 8)
1383int botan_privkey_rsa_get_privkey(botan_privkey_t rsa_key, uint8_t out[], size_t* out_len, uint32_t flags);
1384
1385BOTAN_FFI_EXPORT(2, 0) int botan_pubkey_load_rsa(botan_pubkey_t* key, botan_mp_t n, botan_mp_t e);
1386
1387BOTAN_FFI_DEPRECATED("Use botan_pubkey_get_field")
1388BOTAN_FFI_EXPORT(2, 0) int botan_pubkey_rsa_get_e(botan_mp_t e, botan_pubkey_t rsa_key);
1389BOTAN_FFI_DEPRECATED("Use botan_pubkey_get_field")
1390BOTAN_FFI_EXPORT(2, 0) int botan_pubkey_rsa_get_n(botan_mp_t n, botan_pubkey_t rsa_key);
1391
1392/*
1393* Algorithm specific key operations: DSA
1394*/
1395BOTAN_FFI_EXPORT(2, 0)
1396int botan_privkey_load_dsa(botan_privkey_t* key, botan_mp_t p, botan_mp_t q, botan_mp_t g, botan_mp_t x);
1397
1398BOTAN_FFI_EXPORT(2, 0)
1399int botan_pubkey_load_dsa(botan_pubkey_t* key, botan_mp_t p, botan_mp_t q, botan_mp_t g, botan_mp_t y);
1400
1401BOTAN_FFI_DEPRECATED("Use botan_privkey_get_field")
1402BOTAN_FFI_EXPORT(2, 0) int botan_privkey_dsa_get_x(botan_mp_t n, botan_privkey_t key);
1403
1404BOTAN_FFI_DEPRECATED("Use botan_pubkey_get_field")
1405BOTAN_FFI_EXPORT(2, 0) int botan_pubkey_dsa_get_p(botan_mp_t p, botan_pubkey_t key);
1406BOTAN_FFI_DEPRECATED("Use botan_pubkey_get_field")
1407BOTAN_FFI_EXPORT(2, 0) int botan_pubkey_dsa_get_q(botan_mp_t q, botan_pubkey_t key);
1408BOTAN_FFI_DEPRECATED("Use botan_pubkey_get_field")
1409BOTAN_FFI_EXPORT(2, 0) int botan_pubkey_dsa_get_g(botan_mp_t d, botan_pubkey_t key);
1410BOTAN_FFI_DEPRECATED("Use botan_pubkey_get_field")
1411BOTAN_FFI_EXPORT(2, 0) int botan_pubkey_dsa_get_y(botan_mp_t y, botan_pubkey_t key);
1412
1413/*
1414* Loads Diffie Hellman private key
1415*
1416* @param key variable populated with key material
1417* @param p prime order of a Z_p group
1418* @param g group generator
1419* @param x private key
1420*
1421* @pre key is NULL on input
1422* @post function allocates memory and assigns to `key'
1423*
1424* @return 0 on success, a negative value on failure
1425*/
1426BOTAN_FFI_EXPORT(2, 0) int botan_privkey_load_dh(botan_privkey_t* key, botan_mp_t p, botan_mp_t g, botan_mp_t x);
1427/**
1428* Loads Diffie Hellman public key
1429*
1430* @param key variable populated with key material
1431* @param p prime order of a Z_p group
1432* @param g group generator
1433* @param y public key
1434*
1435* @pre key is NULL on input
1436* @post function allocates memory and assigns to `key'
1437*
1438* @return 0 on success, a negative value on failure
1439*/
1440BOTAN_FFI_EXPORT(2, 0) int botan_pubkey_load_dh(botan_pubkey_t* key, botan_mp_t p, botan_mp_t g, botan_mp_t y);
1441
1442/*
1443* Algorithm specific key operations: ElGamal
1444*/
1445
1446/**
1447* Loads ElGamal public key
1448* @param key variable populated with key material
1449* @param p prime order of a Z_p group
1450* @param g group generator
1451* @param y public key
1452*
1453* @pre key is NULL on input
1454* @post function allocates memory and assigns to `key'
1455*
1456* @return 0 on success, a negative value on failure
1457*/
1458BOTAN_FFI_EXPORT(2, 0) int botan_pubkey_load_elgamal(botan_pubkey_t* key, botan_mp_t p, botan_mp_t g, botan_mp_t y);
1459
1460/**
1461* Loads ElGamal private key
1462*
1463* @param key variable populated with key material
1464* @param p prime order of a Z_p group
1465* @param g group generator
1466* @param x private key
1467*
1468* @pre key is NULL on input
1469* @post function allocates memory and assigns to `key'
1470*
1471* @return 0 on success, a negative value on failure
1472*/
1473BOTAN_FFI_EXPORT(2, 0) int botan_privkey_load_elgamal(botan_privkey_t* key, botan_mp_t p, botan_mp_t g, botan_mp_t x);
1474
1475/*
1476* Algorithm specific key operations: Ed25519
1477*/
1478
1479BOTAN_FFI_EXPORT(2, 2) int botan_privkey_load_ed25519(botan_privkey_t* key, const uint8_t privkey[32]);
1480
1481BOTAN_FFI_EXPORT(2, 2) int botan_pubkey_load_ed25519(botan_pubkey_t* key, const uint8_t pubkey[32]);
1482
1483BOTAN_FFI_EXPORT(2, 2) int botan_privkey_ed25519_get_privkey(botan_privkey_t key, uint8_t output[64]);
1484
1485BOTAN_FFI_EXPORT(2, 2) int botan_pubkey_ed25519_get_pubkey(botan_pubkey_t key, uint8_t pubkey[32]);
1486
1487/*
1488* Algorithm specific key operations: Ed448
1489*/
1490
1491BOTAN_FFI_EXPORT(3, 4) int botan_privkey_load_ed448(botan_privkey_t* key, const uint8_t privkey[57]);
1492
1493BOTAN_FFI_EXPORT(3, 4) int botan_pubkey_load_ed448(botan_pubkey_t* key, const uint8_t pubkey[57]);
1494
1495BOTAN_FFI_EXPORT(3, 4) int botan_privkey_ed448_get_privkey(botan_privkey_t key, uint8_t output[57]);
1496
1497BOTAN_FFI_EXPORT(3, 4) int botan_pubkey_ed448_get_pubkey(botan_pubkey_t key, uint8_t pubkey[57]);
1498
1499/*
1500* Algorithm specific key operations: X25519
1501*/
1502
1503BOTAN_FFI_EXPORT(2, 8) int botan_privkey_load_x25519(botan_privkey_t* key, const uint8_t privkey[32]);
1504
1505BOTAN_FFI_EXPORT(2, 8) int botan_pubkey_load_x25519(botan_pubkey_t* key, const uint8_t pubkey[32]);
1506
1507BOTAN_FFI_EXPORT(2, 8) int botan_privkey_x25519_get_privkey(botan_privkey_t key, uint8_t output[32]);
1508
1509BOTAN_FFI_EXPORT(2, 8) int botan_pubkey_x25519_get_pubkey(botan_pubkey_t key, uint8_t pubkey[32]);
1510
1511/*
1512* Algorithm specific key operations: X448
1513*/
1514
1515BOTAN_FFI_EXPORT(3, 4) int botan_privkey_load_x448(botan_privkey_t* key, const uint8_t privkey[56]);
1516
1517BOTAN_FFI_EXPORT(3, 4) int botan_pubkey_load_x448(botan_pubkey_t* key, const uint8_t pubkey[56]);
1518
1519BOTAN_FFI_EXPORT(3, 4) int botan_privkey_x448_get_privkey(botan_privkey_t key, uint8_t output[56]);
1520
1521BOTAN_FFI_EXPORT(3, 4) int botan_pubkey_x448_get_pubkey(botan_pubkey_t key, uint8_t pubkey[56]);
1522
1523/*
1524* Algorithm specific key operations: ML-DSA
1525*/
1526
1527BOTAN_FFI_EXPORT(3, 6)
1528int botan_privkey_load_ml_dsa(botan_privkey_t* key, const uint8_t privkey[], size_t key_len, const char* mldsa_mode);
1529
1530BOTAN_FFI_EXPORT(3, 6)
1531int botan_pubkey_load_ml_dsa(botan_pubkey_t* key, const uint8_t pubkey[], size_t key_len, const char* mldsa_mode);
1532
1533/*
1534* Algorithm specific key operations: Kyber
1535*/
1536
1537BOTAN_FFI_EXPORT(3, 1) int botan_privkey_load_kyber(botan_privkey_t* key, const uint8_t privkey[], size_t key_len);
1538
1539BOTAN_FFI_EXPORT(3, 1) int botan_pubkey_load_kyber(botan_pubkey_t* key, const uint8_t pubkey[], size_t key_len);
1540
1541BOTAN_FFI_DEPRECATED("Use generic botan_privkey_view_raw")
1542BOTAN_FFI_EXPORT(3, 1)
1543int botan_privkey_view_kyber_raw_key(botan_privkey_t key, botan_view_ctx ctx, botan_view_bin_fn view);
1544
1545BOTAN_FFI_DEPRECATED("Use generic botan_pubkey_view_raw")
1546BOTAN_FFI_EXPORT(3, 1)
1547int botan_pubkey_view_kyber_raw_key(botan_pubkey_t key, botan_view_ctx ctx, botan_view_bin_fn view);
1548
1549/**
1550* Algorithm specific key operation: FrodoKEM
1551*/
1552
1553BOTAN_FFI_EXPORT(3, 6)
1554int botan_privkey_load_frodokem(botan_privkey_t* key, const uint8_t privkey[], size_t key_len, const char* frodo_mode);
1555
1556BOTAN_FFI_EXPORT(3, 6)
1557int botan_pubkey_load_frodokem(botan_pubkey_t* key, const uint8_t pubkey[], size_t key_len, const char* frodo_mode);
1558
1559/*
1560* Algorithm specific key operations: ML-KEM
1561*/
1562
1563BOTAN_FFI_EXPORT(3, 6)
1564int botan_privkey_load_ml_kem(botan_privkey_t* key, const uint8_t privkey[], size_t key_len, const char* mlkem_mode);
1565
1566BOTAN_FFI_EXPORT(3, 6)
1567int botan_pubkey_load_ml_kem(botan_pubkey_t* key, const uint8_t pubkey[], size_t key_len, const char* mlkem_mode);
1568
1569/*
1570* Algorithm specific key operations: SLH-DSA
1571*/
1572
1573BOTAN_FFI_EXPORT(3, 6)
1574int botan_privkey_load_slh_dsa(botan_privkey_t* key, const uint8_t privkey[], size_t key_len, const char* slhdsa_mode);
1575
1576BOTAN_FFI_EXPORT(3, 6)
1577int botan_pubkey_load_slh_dsa(botan_pubkey_t* key, const uint8_t pubkey[], size_t key_len, const char* slhdsa_mode);
1578
1579/*
1580* Algorithm specific key operations: ECDSA and ECDH
1581*/
1582BOTAN_FFI_EXPORT(3, 2)
1583int botan_pubkey_ecc_key_used_explicit_encoding(botan_pubkey_t key);
1584
1585BOTAN_FFI_EXPORT(2, 2)
1586int botan_privkey_load_ecdsa(botan_privkey_t* key, botan_mp_t scalar, const char* curve_name);
1587
1588BOTAN_FFI_EXPORT(2, 2)
1589int botan_pubkey_load_ecdsa(botan_pubkey_t* key, botan_mp_t public_x, botan_mp_t public_y, const char* curve_name);
1590
1591BOTAN_FFI_EXPORT(2, 2)
1592int botan_pubkey_load_ecdh(botan_pubkey_t* key, botan_mp_t public_x, botan_mp_t public_y, const char* curve_name);
1593
1594BOTAN_FFI_EXPORT(2, 2)
1595int botan_privkey_load_ecdh(botan_privkey_t* key, botan_mp_t scalar, const char* curve_name);
1596
1597BOTAN_FFI_EXPORT(2, 2)
1598int botan_pubkey_load_sm2(botan_pubkey_t* key, botan_mp_t public_x, botan_mp_t public_y, const char* curve_name);
1599
1600BOTAN_FFI_EXPORT(2, 2)
1601int botan_privkey_load_sm2(botan_privkey_t* key, botan_mp_t scalar, const char* curve_name);
1602
1603BOTAN_FFI_DEPRECATED("Use botan_pubkey_load_sm2")
1604BOTAN_FFI_EXPORT(2, 2)
1605int botan_pubkey_load_sm2_enc(botan_pubkey_t* key, botan_mp_t public_x, botan_mp_t public_y, const char* curve_name);
1606
1607BOTAN_FFI_DEPRECATED("Use botan_privkey_load_sm2")
1608BOTAN_FFI_EXPORT(2, 2)
1609int botan_privkey_load_sm2_enc(botan_privkey_t* key, botan_mp_t scalar, const char* curve_name);
1610
1611BOTAN_FFI_EXPORT(2, 3)
1612int botan_pubkey_sm2_compute_za(
1613 uint8_t out[], size_t* out_len, const char* ident, const char* hash_algo, botan_pubkey_t key);
1614
1615/**
1616* View the uncompressed public point associated with the key
1617*/
1618BOTAN_FFI_EXPORT(3, 0)
1619int botan_pubkey_view_ec_public_point(botan_pubkey_t key, botan_view_ctx ctx, botan_view_bin_fn view);
1620
1621/*
1622* Public Key Encryption
1623*/
1624typedef struct botan_pk_op_encrypt_struct* botan_pk_op_encrypt_t;
1625
1626BOTAN_FFI_EXPORT(2, 0)
1627int botan_pk_op_encrypt_create(botan_pk_op_encrypt_t* op, botan_pubkey_t key, const char* padding, uint32_t flags);
1628
1629/**
1630* @return 0 if success, error if invalid object handle
1631*/
1632BOTAN_FFI_EXPORT(2, 0) int botan_pk_op_encrypt_destroy(botan_pk_op_encrypt_t op);
1633
1634BOTAN_FFI_EXPORT(2, 8)
1635int botan_pk_op_encrypt_output_length(botan_pk_op_encrypt_t op, size_t ptext_len, size_t* ctext_len);
1636
1637BOTAN_FFI_EXPORT(2, 0)
1638int botan_pk_op_encrypt(botan_pk_op_encrypt_t op,
1639 botan_rng_t rng,
1640 uint8_t out[],
1641 size_t* out_len,
1642 const uint8_t plaintext[],
1643 size_t plaintext_len);
1644
1645/*
1646* Public Key Decryption
1647*/
1648typedef struct botan_pk_op_decrypt_struct* botan_pk_op_decrypt_t;
1649
1650BOTAN_FFI_EXPORT(2, 0)
1651int botan_pk_op_decrypt_create(botan_pk_op_decrypt_t* op, botan_privkey_t key, const char* padding, uint32_t flags);
1652
1653/**
1654* @return 0 if success, error if invalid object handle
1655*/
1656BOTAN_FFI_EXPORT(2, 0) int botan_pk_op_decrypt_destroy(botan_pk_op_decrypt_t op);
1657
1658BOTAN_FFI_EXPORT(2, 8)
1659int botan_pk_op_decrypt_output_length(botan_pk_op_decrypt_t op, size_t ctext_len, size_t* ptext_len);
1660
1661BOTAN_FFI_EXPORT(2, 0)
1662int botan_pk_op_decrypt(
1663 botan_pk_op_decrypt_t op, uint8_t out[], size_t* out_len, const uint8_t ciphertext[], size_t ciphertext_len);
1664
1665/*
1666* Signature Generation
1667*/
1668
1669#define BOTAN_PUBKEY_DER_FORMAT_SIGNATURE 1
1670
1671typedef struct botan_pk_op_sign_struct* botan_pk_op_sign_t;
1672
1673BOTAN_FFI_EXPORT(2, 0)
1674int botan_pk_op_sign_create(botan_pk_op_sign_t* op, botan_privkey_t key, const char* hash_and_padding, uint32_t flags);
1675
1676/**
1677* @return 0 if success, error if invalid object handle
1678*/
1679BOTAN_FFI_EXPORT(2, 0) int botan_pk_op_sign_destroy(botan_pk_op_sign_t op);
1680
1681BOTAN_FFI_EXPORT(2, 8) int botan_pk_op_sign_output_length(botan_pk_op_sign_t op, size_t* olen);
1682
1683BOTAN_FFI_EXPORT(2, 0) int botan_pk_op_sign_update(botan_pk_op_sign_t op, const uint8_t in[], size_t in_len);
1684
1685BOTAN_FFI_EXPORT(2, 0)
1686int botan_pk_op_sign_finish(botan_pk_op_sign_t op, botan_rng_t rng, uint8_t sig[], size_t* sig_len);
1687
1688/*
1689* Signature Verification
1690*/
1691typedef struct botan_pk_op_verify_struct* botan_pk_op_verify_t;
1692
1693BOTAN_FFI_EXPORT(2, 0)
1694int botan_pk_op_verify_create(botan_pk_op_verify_t* op,
1695 botan_pubkey_t key,
1696 const char* hash_and_padding,
1697 uint32_t flags);
1698
1699/**
1700* @return 0 if success, error if invalid object handle
1701*/
1702BOTAN_FFI_EXPORT(2, 0) int botan_pk_op_verify_destroy(botan_pk_op_verify_t op);
1703
1704BOTAN_FFI_EXPORT(2, 0) int botan_pk_op_verify_update(botan_pk_op_verify_t op, const uint8_t in[], size_t in_len);
1705BOTAN_FFI_EXPORT(2, 0) int botan_pk_op_verify_finish(botan_pk_op_verify_t op, const uint8_t sig[], size_t sig_len);
1706
1707/*
1708* Key Agreement
1709*/
1710typedef struct botan_pk_op_ka_struct* botan_pk_op_ka_t;
1711
1712BOTAN_FFI_EXPORT(2, 0)
1713int botan_pk_op_key_agreement_create(botan_pk_op_ka_t* op, botan_privkey_t key, const char* kdf, uint32_t flags);
1714
1715/**
1716* @return 0 if success, error if invalid object handle
1717*/
1718BOTAN_FFI_EXPORT(2, 0) int botan_pk_op_key_agreement_destroy(botan_pk_op_ka_t op);
1719
1720BOTAN_FFI_EXPORT(2, 0) int botan_pk_op_key_agreement_export_public(botan_privkey_t key, uint8_t out[], size_t* out_len);
1721
1722BOTAN_FFI_EXPORT(3, 0)
1723int botan_pk_op_key_agreement_view_public(botan_privkey_t key, botan_view_ctx ctx, botan_view_bin_fn view);
1724
1725BOTAN_FFI_EXPORT(2, 8) int botan_pk_op_key_agreement_size(botan_pk_op_ka_t op, size_t* out_len);
1726
1727BOTAN_FFI_EXPORT(2, 0)
1728int botan_pk_op_key_agreement(botan_pk_op_ka_t op,
1729 uint8_t out[],
1730 size_t* out_len,
1731 const uint8_t other_key[],
1732 size_t other_key_len,
1733 const uint8_t salt[],
1734 size_t salt_len);
1735
1736/*
1737* Key Encapsulation
1738*/
1739typedef struct botan_pk_op_kem_encrypt_struct* botan_pk_op_kem_encrypt_t;
1740
1741BOTAN_FFI_EXPORT(3, 0)
1742int botan_pk_op_kem_encrypt_create(botan_pk_op_kem_encrypt_t* op, botan_pubkey_t key, const char* kdf);
1743
1744/**
1745* @return 0 if success, error if invalid object handle
1746*/
1747BOTAN_FFI_EXPORT(3, 0) int botan_pk_op_kem_encrypt_destroy(botan_pk_op_kem_encrypt_t op);
1748
1749BOTAN_FFI_EXPORT(3, 0)
1750int botan_pk_op_kem_encrypt_shared_key_length(botan_pk_op_kem_encrypt_t op,
1751 size_t desired_shared_key_length,
1752 size_t* output_shared_key_length);
1753
1754BOTAN_FFI_EXPORT(3, 0)
1755int botan_pk_op_kem_encrypt_encapsulated_key_length(botan_pk_op_kem_encrypt_t op,
1756 size_t* output_encapsulated_key_length);
1757
1758BOTAN_FFI_EXPORT(3, 0)
1759int botan_pk_op_kem_encrypt_create_shared_key(botan_pk_op_kem_encrypt_t op,
1760 botan_rng_t rng,
1761 const uint8_t salt[],
1762 size_t salt_len,
1763 size_t desired_shared_key_len,
1764 uint8_t shared_key[],
1765 size_t* shared_key_len,
1766 uint8_t encapsulated_key[],
1767 size_t* encapsulated_key_len);
1768
1769typedef struct botan_pk_op_kem_decrypt_struct* botan_pk_op_kem_decrypt_t;
1770
1771BOTAN_FFI_EXPORT(3, 0)
1772int botan_pk_op_kem_decrypt_create(botan_pk_op_kem_decrypt_t* op, botan_privkey_t key, const char* kdf);
1773
1774/**
1775* @return 0 if success, error if invalid object handle
1776*/
1777BOTAN_FFI_EXPORT(3, 0) int botan_pk_op_kem_decrypt_destroy(botan_pk_op_kem_decrypt_t op);
1778
1779BOTAN_FFI_EXPORT(3, 0)
1780int botan_pk_op_kem_decrypt_shared_key_length(botan_pk_op_kem_decrypt_t op,
1781 size_t desired_shared_key_length,
1782 size_t* output_shared_key_length);
1783
1784BOTAN_FFI_EXPORT(3, 0)
1785int botan_pk_op_kem_decrypt_shared_key(botan_pk_op_kem_decrypt_t op,
1786 const uint8_t salt[],
1787 size_t salt_len,
1788 const uint8_t encapsulated_key[],
1789 size_t encapsulated_key_len,
1790 size_t desired_shared_key_len,
1791 uint8_t shared_key[],
1792 size_t* shared_key_len);
1793
1794/**
1795* Signature Scheme Utility Functions
1796*/
1797
1798BOTAN_FFI_EXPORT(2, 0) int botan_pkcs_hash_id(const char* hash_name, uint8_t pkcs_id[], size_t* pkcs_id_len);
1799
1800/*
1801* Always returns BOTAN_FFI_ERROR_NOT_IMPLEMENTED
1802*/
1803BOTAN_FFI_DEPRECATED("No longer implemented")
1804BOTAN_FFI_EXPORT(2, 0)
1805int botan_mceies_encrypt(botan_pubkey_t mce_key,
1806 botan_rng_t rng,
1807 const char* aead,
1808 const uint8_t pt[],
1809 size_t pt_len,
1810 const uint8_t ad[],
1811 size_t ad_len,
1812 uint8_t ct[],
1813 size_t* ct_len);
1814
1815/*
1816* Always returns BOTAN_FFI_ERROR_NOT_IMPLEMENTED
1817*/
1818BOTAN_FFI_DEPRECATED("No longer implemented")
1819BOTAN_FFI_EXPORT(2, 0)
1820int botan_mceies_decrypt(botan_privkey_t mce_key,
1821 const char* aead,
1822 const uint8_t ct[],
1823 size_t ct_len,
1824 const uint8_t ad[],
1825 size_t ad_len,
1826 uint8_t pt[],
1827 size_t* pt_len);
1828
1829/*
1830* X.509 certificates
1831**************************/
1832
1833typedef struct botan_x509_cert_struct* botan_x509_cert_t;
1834
1835BOTAN_FFI_EXPORT(2, 0) int botan_x509_cert_load(botan_x509_cert_t* cert_obj, const uint8_t cert[], size_t cert_len);
1836BOTAN_FFI_EXPORT(2, 0) int botan_x509_cert_load_file(botan_x509_cert_t* cert_obj, const char* filename);
1837
1838/**
1839* @return 0 if success, error if invalid object handle
1840*/
1841BOTAN_FFI_EXPORT(2, 0) int botan_x509_cert_destroy(botan_x509_cert_t cert);
1842
1843BOTAN_FFI_EXPORT(2, 8) int botan_x509_cert_dup(botan_x509_cert_t* new_cert, botan_x509_cert_t cert);
1844
1845/* Prefer botan_x509_cert_not_before and botan_x509_cert_not_after */
1846BOTAN_FFI_EXPORT(2, 0) int botan_x509_cert_get_time_starts(botan_x509_cert_t cert, char out[], size_t* out_len);
1847BOTAN_FFI_EXPORT(2, 0) int botan_x509_cert_get_time_expires(botan_x509_cert_t cert, char out[], size_t* out_len);
1848
1849BOTAN_FFI_EXPORT(2, 8) int botan_x509_cert_not_before(botan_x509_cert_t cert, uint64_t* time_since_epoch);
1850BOTAN_FFI_EXPORT(2, 8) int botan_x509_cert_not_after(botan_x509_cert_t cert, uint64_t* time_since_epoch);
1851
1852BOTAN_FFI_EXPORT(2, 0)
1853int botan_x509_cert_get_fingerprint(botan_x509_cert_t cert, const char* hash, uint8_t out[], size_t* out_len);
1854
1855BOTAN_FFI_EXPORT(2, 0) int botan_x509_cert_get_serial_number(botan_x509_cert_t cert, uint8_t out[], size_t* out_len);
1856BOTAN_FFI_EXPORT(2, 0) int botan_x509_cert_get_authority_key_id(botan_x509_cert_t cert, uint8_t out[], size_t* out_len);
1857BOTAN_FFI_EXPORT(2, 0) int botan_x509_cert_get_subject_key_id(botan_x509_cert_t cert, uint8_t out[], size_t* out_len);
1858
1859BOTAN_FFI_EXPORT(2, 0) int botan_x509_cert_get_public_key_bits(botan_x509_cert_t cert, uint8_t out[], size_t* out_len);
1860
1861BOTAN_FFI_EXPORT(3, 0)
1862int botan_x509_cert_view_public_key_bits(botan_x509_cert_t cert, botan_view_ctx ctx, botan_view_bin_fn view);
1863
1864BOTAN_FFI_EXPORT(2, 0) int botan_x509_cert_get_public_key(botan_x509_cert_t cert, botan_pubkey_t* key);
1865
1866BOTAN_FFI_EXPORT(2, 0)
1867int botan_x509_cert_get_issuer_dn(
1868 botan_x509_cert_t cert, const char* key, size_t index, uint8_t out[], size_t* out_len);
1869
1870BOTAN_FFI_EXPORT(2, 0)
1871int botan_x509_cert_get_subject_dn(
1872 botan_x509_cert_t cert, const char* key, size_t index, uint8_t out[], size_t* out_len);
1873
1874BOTAN_FFI_EXPORT(2, 0) int botan_x509_cert_to_string(botan_x509_cert_t cert, char out[], size_t* out_len);
1875
1876BOTAN_FFI_EXPORT(3, 0)
1877int botan_x509_cert_view_as_string(botan_x509_cert_t cert, botan_view_ctx ctx, botan_view_str_fn view);
1878
1879/* Must match values of Key_Constraints in key_constraints.h */
1880enum botan_x509_cert_key_constraints {
1881 NO_CONSTRAINTS = 0,
1882 DIGITAL_SIGNATURE = 32768,
1883 NON_REPUDIATION = 16384,
1884 KEY_ENCIPHERMENT = 8192,
1885 DATA_ENCIPHERMENT = 4096,
1886 KEY_AGREEMENT = 2048,
1887 KEY_CERT_SIGN = 1024,
1888 CRL_SIGN = 512,
1889 ENCIPHER_ONLY = 256,
1890 DECIPHER_ONLY = 128
1891};
1892
1893BOTAN_FFI_EXPORT(2, 0) int botan_x509_cert_allowed_usage(botan_x509_cert_t cert, unsigned int key_usage);
1894
1895/**
1896* Check if the certificate matches the specified hostname via alternative name or CN match.
1897* RFC 5280 wildcards also supported.
1898*/
1899BOTAN_FFI_EXPORT(2, 5) int botan_x509_cert_hostname_match(botan_x509_cert_t cert, const char* hostname);
1900
1901/**
1902* Returns 0 if the validation was successful, 1 if validation failed,
1903* and negative on error. A status code with details is written to
1904* *validation_result
1905*
1906* Intermediates or trusted lists can be null
1907* Trusted path can be null
1908*/
1909BOTAN_FFI_EXPORT(2, 8)
1910int botan_x509_cert_verify(int* validation_result,
1911 botan_x509_cert_t cert,
1912 const botan_x509_cert_t* intermediates,
1913 size_t intermediates_len,
1914 const botan_x509_cert_t* trusted,
1915 size_t trusted_len,
1916 const char* trusted_path,
1917 size_t required_strength,
1918 const char* hostname,
1919 uint64_t reference_time);
1920
1921/**
1922* Returns a pointer to a static character string explaining the status code,
1923* or else NULL if unknown.
1924*/
1925BOTAN_FFI_EXPORT(2, 8) const char* botan_x509_cert_validation_status(int code);
1926
1927/*
1928* X.509 CRL
1929**************************/
1930
1931typedef struct botan_x509_crl_struct* botan_x509_crl_t;
1932
1933BOTAN_FFI_EXPORT(2, 13) int botan_x509_crl_load_file(botan_x509_crl_t* crl_obj, const char* crl_path);
1934BOTAN_FFI_EXPORT(2, 13)
1935int botan_x509_crl_load(botan_x509_crl_t* crl_obj, const uint8_t crl_bits[], size_t crl_bits_len);
1936
1937BOTAN_FFI_EXPORT(2, 13) int botan_x509_crl_destroy(botan_x509_crl_t crl);
1938
1939/**
1940 * Given a CRL and a certificate,
1941 * check if the certificate is revoked on that particular CRL
1942 */
1943BOTAN_FFI_EXPORT(2, 13) int botan_x509_is_revoked(botan_x509_crl_t crl, botan_x509_cert_t cert);
1944
1945/**
1946 * Different flavor of `botan_x509_cert_verify`, supports revocation lists.
1947 * CRLs are passed as an array, same as intermediates and trusted CAs
1948 */
1949BOTAN_FFI_EXPORT(2, 13)
1950int botan_x509_cert_verify_with_crl(int* validation_result,
1951 botan_x509_cert_t cert,
1952 const botan_x509_cert_t* intermediates,
1953 size_t intermediates_len,
1954 const botan_x509_cert_t* trusted,
1955 size_t trusted_len,
1956 const botan_x509_crl_t* crls,
1957 size_t crls_len,
1958 const char* trusted_path,
1959 size_t required_strength,
1960 const char* hostname,
1961 uint64_t reference_time);
1962
1963/**
1964 * Key wrapping as per RFC 3394
1965 */
1966BOTAN_FFI_DEPRECATED("Use botan_nist_kw_enc")
1967BOTAN_FFI_EXPORT(2, 2)
1968int botan_key_wrap3394(const uint8_t key[],
1969 size_t key_len,
1970 const uint8_t kek[],
1971 size_t kek_len,
1972 uint8_t wrapped_key[],
1973 size_t* wrapped_key_len);
1974
1975BOTAN_FFI_DEPRECATED("Use botan_nist_kw_dec")
1976BOTAN_FFI_EXPORT(2, 2)
1977int botan_key_unwrap3394(const uint8_t wrapped_key[],
1978 size_t wrapped_key_len,
1979 const uint8_t kek[],
1980 size_t kek_len,
1981 uint8_t key[],
1982 size_t* key_len);
1983
1984BOTAN_FFI_EXPORT(3, 0)
1985int botan_nist_kw_enc(const char* cipher_algo,
1986 int padded,
1987 const uint8_t key[],
1988 size_t key_len,
1989 const uint8_t kek[],
1990 size_t kek_len,
1991 uint8_t wrapped_key[],
1992 size_t* wrapped_key_len);
1993
1994BOTAN_FFI_EXPORT(3, 0)
1995int botan_nist_kw_dec(const char* cipher_algo,
1996 int padded,
1997 const uint8_t wrapped_key[],
1998 size_t wrapped_key_len,
1999 const uint8_t kek[],
2000 size_t kek_len,
2001 uint8_t key[],
2002 size_t* key_len);
2003
2004/**
2005* HOTP
2006*/
2007
2008typedef struct botan_hotp_struct* botan_hotp_t;
2009
2010/**
2011* Initialize a HOTP instance
2012*/
2013BOTAN_FFI_EXPORT(2, 8)
2014int botan_hotp_init(botan_hotp_t* hotp, const uint8_t key[], size_t key_len, const char* hash_algo, size_t digits);
2015
2016/**
2017* Destroy a HOTP instance
2018* @return 0 if success, error if invalid object handle
2019*/
2020BOTAN_FFI_EXPORT(2, 8)
2021int botan_hotp_destroy(botan_hotp_t hotp);
2022
2023/**
2024* Generate a HOTP code for the provided counter
2025*/
2026BOTAN_FFI_EXPORT(2, 8)
2027int botan_hotp_generate(botan_hotp_t hotp, uint32_t* hotp_code, uint64_t hotp_counter);
2028
2029/**
2030* Verify a HOTP code
2031*/
2032BOTAN_FFI_EXPORT(2, 8)
2033int botan_hotp_check(
2034 botan_hotp_t hotp, uint64_t* next_hotp_counter, uint32_t hotp_code, uint64_t hotp_counter, size_t resync_range);
2035
2036/**
2037* TOTP
2038*/
2039
2040typedef struct botan_totp_struct* botan_totp_t;
2041
2042/**
2043* Initialize a TOTP instance
2044*/
2045BOTAN_FFI_EXPORT(2, 8)
2046int botan_totp_init(
2047 botan_totp_t* totp, const uint8_t key[], size_t key_len, const char* hash_algo, size_t digits, size_t time_step);
2048
2049/**
2050* Destroy a TOTP instance
2051* @return 0 if success, error if invalid object handle
2052*/
2053BOTAN_FFI_EXPORT(2, 8)
2054int botan_totp_destroy(botan_totp_t totp);
2055
2056/**
2057* Generate a TOTP code for the provided timestamp
2058* @param totp the TOTP object
2059* @param totp_code the OTP code will be written here
2060* @param timestamp the current local timestamp
2061*/
2062BOTAN_FFI_EXPORT(2, 8)
2063int botan_totp_generate(botan_totp_t totp, uint32_t* totp_code, uint64_t timestamp);
2064
2065/**
2066* Verify a TOTP code
2067* @param totp the TOTP object
2068* @param totp_code the presented OTP
2069* @param timestamp the current local timestamp
2070* @param acceptable_clock_drift specifies the acceptable amount
2071* of clock drift (in terms of time steps) between the two hosts.
2072*/
2073BOTAN_FFI_EXPORT(2, 8)
2074int botan_totp_check(botan_totp_t totp, uint32_t totp_code, uint64_t timestamp, size_t acceptable_clock_drift);
2075
2076/**
2077* Format Preserving Encryption
2078*/
2079
2080typedef struct botan_fpe_struct* botan_fpe_t;
2081
2082#define BOTAN_FPE_FLAG_FE1_COMPAT_MODE 1
2083
2084BOTAN_FFI_EXPORT(2, 8)
2085int botan_fpe_fe1_init(
2086 botan_fpe_t* fpe, botan_mp_t n, const uint8_t key[], size_t key_len, size_t rounds, uint32_t flags);
2087
2088/**
2089* @return 0 if success, error if invalid object handle
2090*/
2091BOTAN_FFI_EXPORT(2, 8)
2092int botan_fpe_destroy(botan_fpe_t fpe);
2093
2094BOTAN_FFI_EXPORT(2, 8)
2095int botan_fpe_encrypt(botan_fpe_t fpe, botan_mp_t x, const uint8_t tweak[], size_t tweak_len);
2096
2097BOTAN_FFI_EXPORT(2, 8)
2098int botan_fpe_decrypt(botan_fpe_t fpe, botan_mp_t x, const uint8_t tweak[], size_t tweak_len);
2099
2100/**
2101* SRP-6 Server Session type
2102*/
2103typedef struct botan_srp6_server_session_struct* botan_srp6_server_session_t;
2104
2105/**
2106* Initialize an SRP-6 server session object
2107* @param srp6 SRP-6 server session object
2108*/
2109BOTAN_FFI_EXPORT(3, 0)
2110int botan_srp6_server_session_init(botan_srp6_server_session_t* srp6);
2111
2112/**
2113* Frees all resources of the SRP-6 server session object
2114* @param srp6 SRP-6 server session object
2115* @return 0 if success, error if invalid object handle
2116*/
2117BOTAN_FFI_EXPORT(3, 0)
2118int botan_srp6_server_session_destroy(botan_srp6_server_session_t srp6);
2119
2120/**
2121* SRP-6 Server side step 1
2122* @param srp6 SRP-6 server session object
2123* @param verifier the verification value saved from client registration
2124* @param verifier_len SRP-6 verifier value length
2125* @param group_id the SRP group id
2126* @param hash_id the SRP hash in use
2127* @param rng_obj a random number generator object
2128* @param B_pub out buffer to store the SRP-6 B value
2129* @param B_pub_len SRP-6 B value length
2130* @return 0 on success, negative on failure
2131*/
2132BOTAN_FFI_EXPORT(3, 0)
2133int botan_srp6_server_session_step1(botan_srp6_server_session_t srp6,
2134 const uint8_t verifier[],
2135 size_t verifier_len,
2136 const char* group_id,
2137 const char* hash_id,
2138 botan_rng_t rng_obj,
2139 uint8_t B_pub[],
2140 size_t* B_pub_len);
2141
2142/**
2143* SRP-6 Server side step 2
2144* @param srp6 SRP-6 server session object
2145* @param A the client's value
2146* @param A_len the client's value length
2147* @param key out buffer to store the symmetric key value
2148* @param key_len symmetric key length
2149* @return 0 on success, negative on failure
2150*/
2151BOTAN_FFI_EXPORT(3, 0)
2152int botan_srp6_server_session_step2(
2153 botan_srp6_server_session_t srp6, const uint8_t A[], size_t A_len, uint8_t key[], size_t* key_len);
2154
2155/**
2156* Generate a new SRP-6 verifier
2157* @param identifier a username or other client identifier
2158* @param password the secret used to authenticate user
2159* @param salt a randomly chosen value, at least 128 bits long
2160* @param salt_len the length of salt
2161* @param group_id specifies the shared SRP group
2162* @param hash_id specifies a secure hash function
2163* @param verifier out buffer to store the SRP-6 verifier value
2164* @param verifier_len SRP-6 verifier value length
2165* @return 0 on success, negative on failure
2166*/
2167BOTAN_FFI_EXPORT(3, 0)
2168int botan_srp6_generate_verifier(const char* identifier,
2169 const char* password,
2170 const uint8_t salt[],
2171 size_t salt_len,
2172 const char* group_id,
2173 const char* hash_id,
2174 uint8_t verifier[],
2175 size_t* verifier_len);
2176
2177/**
2178* SRP6a Client side
2179* @param username the username we are attempting login for
2180* @param password the password we are attempting to use
2181* @param group_id specifies the shared SRP group
2182* @param hash_id specifies a secure hash function
2183* @param salt is the salt value sent by the server
2184* @param salt_len the length of salt
2185* @param B is the server's public value
2186* @param B_len is the server's public value length
2187* @param rng_obj is a random number generator object
2188* @param A out buffer to store the SRP-6 A value
2189* @param A_len SRP-6 A verifier value length
2190* @param K out buffer to store the symmetric value
2191* @param K_len symmetric key length
2192* @return 0 on success, negative on failure
2193*/
2194BOTAN_FFI_EXPORT(3, 0)
2195int botan_srp6_client_agree(const char* username,
2196 const char* password,
2197 const char* group_id,
2198 const char* hash_id,
2199 const uint8_t salt[],
2200 size_t salt_len,
2201 const uint8_t B[],
2202 size_t B_len,
2203 botan_rng_t rng_obj,
2204 uint8_t A[],
2205 size_t* A_len,
2206 uint8_t K[],
2207 size_t* K_len);
2208
2209/**
2210* Return the size, in bytes, of the prime associated with group_id
2211*/
2212BOTAN_FFI_EXPORT(3, 0)
2213int botan_srp6_group_size(const char* group_id, size_t* group_p_bytes);
2214
2215/**
2216 * ZFEC
2217 */
2218
2219/**
2220 * Encode some bytes with certain ZFEC parameters.
2221 *
2222 * @param K the number of shares needed for recovery
2223 * @param N the number of shares generated
2224 * @param input the data to FEC
2225 * @param size the length in bytes of input, which must be a multiple of K
2226 *
2227 * @param outputs An out parameter pointing to a fully allocated array of size
2228 * [N][size / K]. For all n in range, an encoded block will be
2229 * written to the memory starting at outputs[n][0].
2230 *
2231 * @return 0 on success, negative on failure
2232 */
2233BOTAN_FFI_EXPORT(3, 0)
2234int botan_zfec_encode(size_t K, size_t N, const uint8_t* input, size_t size, uint8_t** outputs);
2235
2236/**
2237 * Decode some previously encoded shares using certain ZFEC parameters.
2238 *
2239 * @param K the number of shares needed for recovery
2240 * @param N the total number of shares
2241 *
2242 * @param indexes The index into the encoder's outputs for the corresponding
2243 * element of the inputs array. Must be of length K.
2244 *
2245 * @param inputs K previously encoded shares to decode
2246 * @param shareSize the length in bytes of each input
2247 *
2248 * @param outputs An out parameter pointing to a fully allocated array of size
2249 * [K][shareSize]. For all k in range, a decoded block will
2250 * written to the memory starting at outputs[k][0].
2251 *
2252 * @return 0 on success, negative on failure
2253 */
2254BOTAN_FFI_EXPORT(3, 0)
2255int botan_zfec_decode(
2256 size_t K, size_t N, const size_t* indexes, uint8_t* const* inputs, size_t shareSize, uint8_t** outputs);
2257
2258/**
2259* TPM2 context
2260*/
2261typedef struct botan_tpm2_ctx_struct* botan_tpm2_ctx_t;
2262
2263/**
2264* TPM2 session
2265*/
2266typedef struct botan_tpm2_session_struct* botan_tpm2_session_t;
2267
2268/**
2269* Checks if Botan's TSS2 crypto backend can be used in this build
2270* @returns 1 if the crypto backend can be enabled
2271*/
2272BOTAN_FFI_EXPORT(3, 6)
2273int botan_tpm2_supports_crypto_backend();
2274
2275/**
2276* Initialize a TPM2 context
2277* @param ctx_out output TPM2 context
2278* @param tcti_nameconf TCTI config (may be nullptr)
2279* @return 0 on success
2280*/
2281BOTAN_FFI_EXPORT(3, 6) int botan_tpm2_ctx_init(botan_tpm2_ctx_t* ctx_out, const char* tcti_nameconf);
2282
2283/**
2284* Initialize a TPM2 context
2285* @param ctx_out output TPM2 context
2286* @param tcti_name TCTI name (may be nullptr)
2287* @param tcti_conf TCTI config (may be nullptr)
2288* @return 0 on success
2289*/
2290BOTAN_FFI_EXPORT(3, 6)
2291int botan_tpm2_ctx_init_ex(botan_tpm2_ctx_t* ctx_out, const char* tcti_name, const char* tcti_conf);
2292
2293/**
2294* Enable Botan's TSS2 crypto backend that replaces the cryptographic functions
2295* required for the communication with the TPM with implementations provided
2296* by Botan instead of using TSS' defaults OpenSSL or mbedTLS.
2297* Note that the provided @p rng should not be dependent on the TPM and the
2298* caller must ensure that it remains usable for the lifetime of the @p ctx.
2299* @param ctx TPM2 context
2300* @param rng random number generator to be used by the crypto backend
2301*/
2302BOTAN_FFI_EXPORT(3, 6)
2303int botan_tpm2_ctx_enable_crypto_backend(botan_tpm2_ctx_t ctx, botan_rng_t rng);
2304
2305/**
2306* Frees all resouces of a TPM2 context
2307* @param ctx TPM2 context
2308* @return 0 on success
2309*/
2310BOTAN_FFI_EXPORT(3, 6) int botan_tpm2_ctx_destroy(botan_tpm2_ctx_t ctx);
2311
2312/**
2313* Initialize a random number generator object via TPM2
2314* @param rng_out rng object to create
2315* @param ctx TPM2 context
2316* @param s1 the first session to use (optional, may be nullptr)
2317* @param s2 the second session to use (optional, may be nullptr)
2318* @param s3 the third session to use (optional, may be nullptr)
2319*/
2320BOTAN_FFI_EXPORT(3, 6)
2321int botan_tpm2_rng_init(botan_rng_t* rng_out,
2322 botan_tpm2_ctx_t ctx,
2323 botan_tpm2_session_t s1,
2324 botan_tpm2_session_t s2,
2325 botan_tpm2_session_t s3);
2326
2327/**
2328* Create an unauthenticated session for use with TPM2
2329* @param session_out the session object to create
2330* @param ctx TPM2 context
2331*/
2332BOTAN_FFI_EXPORT(3, 6)
2333int botan_tpm2_unauthenticated_session_init(botan_tpm2_session_t* session_out, botan_tpm2_ctx_t ctx);
2334
2335/**
2336* Create an unauthenticated session for use with TPM2
2337* @param session the session object to destroy
2338*/
2339BOTAN_FFI_EXPORT(3, 6)
2340int botan_tpm2_session_destroy(botan_tpm2_session_t session);
2341
2342#ifdef __cplusplus
2343}
2344#endif
2345
2346#endif
name
std::string name
Definition commoncrypto_hash.cpp:24
botan_mp_lshift
int botan_mp_lshift(botan_mp_t out, botan_mp_t in, size_t shift)
Definition ffi_mp.cpp:199
botan_block_cipher_get_keyspec
int botan_block_cipher_get_keyspec(botan_block_cipher_t cipher, size_t *out_minimum_keylength, size_t *out_maximum_keylength, size_t *out_keylength_modulo)
Definition ffi_block.cpp:87
botan_block_cipher_init
int botan_block_cipher_init(botan_block_cipher_t *bc, const char *cipher_name)
Definition ffi_block.cpp:18
botan_mp_is_prime
int botan_mp_is_prime(botan_mp_t n, botan_rng_t rng, size_t test_prob)
Definition ffi_mp.cpp:231
botan_rng_reseed_from_rng
int botan_rng_reseed_from_rng(botan_rng_t rng, botan_rng_t source_rng, size_t bits)
Definition ffi_rng.cpp:175
botan_mp_div
int botan_mp_div(botan_mp_t quotient, botan_mp_t remainder, botan_mp_t x, botan_mp_t y)
Definition ffi_mp.cpp:161
botan_version_minor
uint32_t botan_version_minor(void)
Definition ffi.cpp:286
botan_mp_set_from_int
int botan_mp_set_from_int(botan_mp_t mp, int initial_value)
Definition ffi_mp.cpp:37
botan_mp_to_bin
int botan_mp_to_bin(botan_mp_t mp, uint8_t vec[])
Definition ffi_mp.cpp:101
botan_bcrypt_generate
int botan_bcrypt_generate(uint8_t *out, size_t *out_len, const char *password, botan_rng_t rng, size_t work_factor, uint32_t flags)
Definition ffi_kdf.cpp:157
botan_privkey_check_key
int botan_privkey_check_key(botan_privkey_t key, botan_rng_t rng, uint32_t flags)
Definition ffi_pkey.cpp:127
botan_base64_encode
int botan_base64_encode(const uint8_t *x, size_t len, char *out, size_t *out_len)
Definition ffi.cpp:328
botan_privkey_create_elgamal
int botan_privkey_create_elgamal(botan_privkey_t *key, botan_rng_t rng, size_t pbits, size_t qbits)
Definition ffi_pkey_algs.cpp:442
botan_mp_rand_range
int botan_mp_rand_range(botan_mp_t rand_out, botan_rng_t rng, botan_mp_t lower_bound, botan_mp_t upper_bound)
Definition ffi_mp.cpp:222
botan_hash_update
int botan_hash_update(botan_hash_t hash, const uint8_t *in, size_t in_len)
Definition ffi_hash.cpp:59
botan_mp_rshift
int botan_mp_rshift(botan_mp_t out, botan_mp_t in, size_t shift)
Definition ffi_mp.cpp:203
botan_nist_kw_enc
int botan_nist_kw_enc(const char *cipher_algo, int padded, const uint8_t key[], size_t key_len, const uint8_t kek[], size_t kek_len, uint8_t wrapped_key[], size_t *wrapped_key_len)
Definition ffi_keywrap.cpp:21
botan_privkey_create_rsa
int botan_privkey_create_rsa(botan_privkey_t *key, botan_rng_t rng, size_t n_bits)
Definition ffi_pkey_algs.cpp:199
botan_version_datestamp
uint32_t botan_version_datestamp(void)
Definition ffi.cpp:294
botan_version_patch
uint32_t botan_version_patch(void)
Definition ffi.cpp:290
botan_privkey_create_ecdsa
int botan_privkey_create_ecdsa(botan_privkey_t *key, botan_rng_t rng, const char *params)
Definition ffi_pkey_algs.cpp:380
botan_mp_set_from_radix_str
int botan_mp_set_from_radix_str(botan_mp_t dest, const char *str, size_t radix)
Definition ffi_mp.cpp:45
botan_rng_add_entropy
int botan_rng_add_entropy(botan_rng_t rng, const uint8_t *entropy, size_t entropy_len)
Definition ffi_rng.cpp:171
botan_cipher_start
int botan_cipher_start(botan_cipher_t cipher, const uint8_t *nonce, size_t nonce_len)
Definition ffi_cipher.cpp:159
botan_mp_add
int botan_mp_add(botan_mp_t result, botan_mp_t x, botan_mp_t y)
Definition ffi_mp.cpp:116
botan_mp_powmod
int botan_mp_powmod(botan_mp_t out, botan_mp_t base, botan_mp_t exponent, botan_mp_t modulus)
Definition ffi_mp.cpp:194
botan_version_major
uint32_t botan_version_major(void)
Definition ffi.cpp:282
botan_cipher_valid_nonce_length
int botan_cipher_valid_nonce_length(botan_cipher_t cipher, size_t nl)
Definition ffi_cipher.cpp:295
botan_mac_init
int botan_mac_init(botan_mac_t *mac, const char *mac_name, uint32_t flags)
Definition ffi_mac.cpp:18
botan_mp_to_uint32
int botan_mp_to_uint32(botan_mp_t mp, uint32_t *val)
Definition ffi_mp.cpp:105
botan_privkey_create_dh
int botan_privkey_create_dh(botan_privkey_t *key, botan_rng_t rng, const char *param)
Definition ffi_pkey_algs.cpp:501
botan_hash_name
int botan_hash_name(botan_hash_t hash, char *name, size_t *name_len)
Definition ffi_hash.cpp:82
botan_cipher_get_tag_length
int botan_cipher_get_tag_length(botan_cipher_t cipher, size_t *tag_size)
Definition ffi_cipher.cpp:311
botan_privkey_get_field
int botan_privkey_get_field(botan_mp_t output, botan_privkey_t key, const char *field_name)
Definition ffi_pkey_algs.cpp:187
botan_rng_init_custom
int botan_rng_init_custom(botan_rng_t *rng_out, const char *rng_name, void *context, int(*get_cb)(void *context, uint8_t *out, size_t out_len), int(*add_entropy_cb)(void *context, const uint8_t input[], size_t length), void(*destroy_cb)(void *context))
Definition ffi_rng.cpp:67
BOTAN_FFI_EXPORT
#define BOTAN_FFI_EXPORT(maj, min)
Definition ffi.h:89
botan_pwdhash_timed
int botan_pwdhash_timed(const char *algo, uint32_t msec, size_t *param1, size_t *param2, size_t *param3, uint8_t out[], size_t out_len, const char *passphrase, size_t passphrase_len, const uint8_t salt[], size_t salt_len)
Definition ffi_kdf.cpp:86
botan_rng_reseed
int botan_rng_reseed(botan_rng_t rng, size_t bits)
Definition ffi_rng.cpp:167
botan_mp_init
int botan_mp_init(botan_mp_t *mp)
Definition ffi_mp.cpp:21
botan_same_mem
int botan_same_mem(const uint8_t *x, const uint8_t *y, size_t len)
Definition ffi.cpp:304
botan_privkey_load
int botan_privkey_load(botan_privkey_t *key, botan_rng_t rng, const uint8_t bits[], size_t len, const char *password)
Definition ffi_pkey.cpp:54
botan_mac_t
struct botan_mac_struct * botan_mac_t
Definition ffi.h:440
botan_base64_decode
int botan_base64_decode(const char *base64_str, size_t in_len, uint8_t *out, size_t *out_len)
Definition ffi.cpp:335
botan_mac_destroy
int botan_mac_destroy(botan_mac_t mac)
Definition ffi_mac.cpp:35
botan_mp_is_odd
int botan_mp_is_odd(botan_mp_t mp)
Definition ffi_mp.cpp:177
botan_cipher_requires_entire_message
int botan_cipher_requires_entire_message(botan_cipher_t cipher)
Definition ffi_cipher.cpp:319
botan_privkey_t
struct botan_privkey_struct * botan_privkey_t
Definition ffi.h:1097
botan_cipher_output_length
int botan_cipher_output_length(botan_cipher_t cipher, size_t in_len, size_t *out_len)
Definition ffi_cipher.cpp:126
botan_cipher_reset
int botan_cipher_reset(botan_cipher_t cipher)
Definition ffi_cipher.cpp:122
botan_cipher_init
int botan_cipher_init(botan_cipher_t *cipher, const char *name, uint32_t flags)
Definition ffi_cipher.cpp:96
botan_block_cipher_clear
int botan_block_cipher_clear(botan_block_cipher_t bc)
Definition ffi_block.cpp:43
botan_privkey_export
int botan_privkey_export(botan_privkey_t key, uint8_t out[], size_t *out_len, uint32_t flags)
Definition ffi_pkey.cpp:161
botan_hash_destroy
int botan_hash_destroy(botan_hash_t hash)
Definition ffi_hash.cpp:37
botan_mac_set_nonce
int botan_mac_set_nonce(botan_mac_t mac, const uint8_t *nonce, size_t nonce_len)
Definition ffi_mac.cpp:43
botan_block_cipher_block_size
int botan_block_cipher_block_size(botan_block_cipher_t bc)
Definition ffi_block.cpp:61
botan_cipher_destroy
int botan_cipher_destroy(botan_cipher_t cipher)
Definition ffi_cipher.cpp:114
BOTAN_FFI_DEPRECATED
#define BOTAN_FFI_DEPRECATED(msg)
Definition ffi.h:104
botan_mp_num_bytes
int botan_mp_num_bytes(botan_mp_t n, size_t *bytes)
Definition ffi_mp.cpp:251
botan_cipher_name
int botan_cipher_name(botan_cipher_t cipher, char *name, size_t *name_len)
Definition ffi_cipher.cpp:323
botan_cipher_set_associated_data
int botan_cipher_set_associated_data(botan_cipher_t cipher, const uint8_t *ad, size_t ad_len)
Definition ffi_cipher.cpp:285
botan_cipher_get_keyspec
int botan_cipher_get_keyspec(botan_cipher_t, size_t *min_keylen, size_t *max_keylen, size_t *mod_keylen)
Definition ffi_cipher.cpp:141
botan_privkey_destroy
int botan_privkey_destroy(botan_privkey_t key)
Definition ffi_pkey.cpp:79
botan_mp_from_bin
int botan_mp_from_bin(botan_mp_t mp, const uint8_t vec[], size_t vec_len)
Definition ffi_mp.cpp:79
botan_block_cipher_decrypt_blocks
int botan_block_cipher_decrypt_blocks(botan_block_cipher_t bc, const uint8_t in[], uint8_t out[], size_t blocks)
Definition ffi_block.cpp:72
botan_hash_clear
int botan_hash_clear(botan_hash_t hash)
Definition ffi_hash.cpp:55
botan_mp_add_u32
int botan_mp_add_u32(botan_mp_t result, botan_mp_t x, uint32_t y)
Definition ffi_mp.cpp:134
botan_mp_to_hex
int botan_mp_to_hex(botan_mp_t mp, char *out)
Definition ffi_mp.cpp:83
botan_privkey_view_der
int botan_privkey_view_der(botan_privkey_t key, botan_view_ctx ctx, botan_view_bin_fn view)
Definition ffi_pkey.cpp:173
botan_mp_swap
int botan_mp_swap(botan_mp_t x, botan_mp_t y)
Definition ffi_mp.cpp:189
botan_mp_destroy
int botan_mp_destroy(botan_mp_t mp)
Definition ffi_mp.cpp:112
botan_ffi_api_version
uint32_t botan_ffi_api_version(void)
Definition ffi.cpp:219
botan_mp_mod_mul
int botan_mp_mod_mul(botan_mp_t result, botan_mp_t x, botan_mp_t y, botan_mp_t mod)
Definition ffi_mp.cpp:211
botan_privkey_view_raw
int botan_privkey_view_raw(botan_privkey_t key, botan_view_ctx ctx, botan_view_bin_fn view)
Definition ffi_pkey.cpp:183
botan_hash_output_length
int botan_hash_output_length(botan_hash_t hash, size_t *output_length)
Definition ffi_hash.cpp:41
botan_mp_rand_bits
int botan_mp_rand_bits(botan_mp_t rand_out, botan_rng_t rng, size_t bits)
Definition ffi_mp.cpp:218
botan_cipher_set_key
int botan_cipher_set_key(botan_cipher_t cipher, const uint8_t *key, size_t key_len)
Definition ffi_cipher.cpp:155
botan_mp_equal
int botan_mp_equal(botan_mp_t x, botan_mp_t y)
Definition ffi_mp.cpp:169
botan_cipher_query_keylen
int botan_cipher_query_keylen(botan_cipher_t, size_t *out_minimum_keylength, size_t *out_maximum_keylength)
Definition ffi_cipher.cpp:134
botan_mp_set_from_str
int botan_mp_set_from_str(botan_mp_t dest, const char *str)
Definition ffi_mp.cpp:41
botan_mp_flip_sign
int botan_mp_flip_sign(botan_mp_t mp)
Definition ffi_mp.cpp:75
botan_scrypt
int botan_scrypt(uint8_t out[], size_t out_len, const char *passphrase, const uint8_t salt[], size_t salt_len, size_t N, size_t r, size_t p)
Definition ffi_kdf.cpp:146
botan_cipher_get_ideal_update_granularity
int botan_cipher_get_ideal_update_granularity(botan_cipher_t cipher, size_t *ug)
Definition ffi_cipher.cpp:307
botan_mp_clear_bit
int botan_mp_clear_bit(botan_mp_t n, size_t bit)
Definition ffi_mp.cpp:243
botan_mp_is_zero
int botan_mp_is_zero(botan_mp_t mp)
Definition ffi_mp.cpp:173
botan_mp_mod_inverse
int botan_mp_mod_inverse(botan_mp_t out, botan_mp_t in, botan_mp_t modulus)
Definition ffi_mp.cpp:207
botan_mp_cmp
int botan_mp_cmp(int *result, botan_mp_t x, botan_mp_t y)
Definition ffi_mp.cpp:185
botan_pbkdf
int botan_pbkdf(const char *pbkdf_algo, uint8_t out[], size_t out_len, const char *passphrase, const uint8_t salt[], size_t salt_len, size_t iterations)
Definition ffi_kdf.cpp:22
botan_mp_gcd
int botan_mp_gcd(botan_mp_t out, botan_mp_t x, botan_mp_t y)
Definition ffi_mp.cpp:227
botan_block_cipher_t
struct botan_block_cipher_struct * botan_block_cipher_t
Definition ffi.h:834
botan_system_rng_get
int botan_system_rng_get(uint8_t *out, size_t out_len)
Definition ffi_rng.cpp:160
botan_version_string
const char * botan_version_string(void)
Definition ffi.cpp:278
botan_hex_encode
int botan_hex_encode(const uint8_t *x, size_t len, char *out, uint32_t flags)
Definition ffi.cpp:313
botan_mp_clear
int botan_mp_clear(botan_mp_t mp)
Definition ffi_mp.cpp:33
botan_cipher_is_authenticated
int botan_cipher_is_authenticated(botan_cipher_t cipher)
Definition ffi_cipher.cpp:315
botan_mp_get_bit
int botan_mp_get_bit(botan_mp_t n, size_t bit)
Definition ffi_mp.cpp:235
botan_privkey_load_sm2
int botan_privkey_load_sm2(botan_privkey_t *key, botan_mp_t scalar, const char *curve_name)
Definition ffi_pkey_algs.cpp:646
botan_mac_final
int botan_mac_final(botan_mac_t mac, uint8_t out[])
Definition ffi_mac.cpp:59
botan_block_cipher_name
int botan_block_cipher_name(botan_block_cipher_t cipher, char *name, size_t *name_len)
Definition ffi_block.cpp:79
botan_rng_get
int botan_rng_get(botan_rng_t rng, uint8_t *out, size_t out_len)
Definition ffi_rng.cpp:156
botan_view_bin_fn
int(* botan_view_bin_fn)(botan_view_ctx view_ctx, const uint8_t *data, size_t len)
Definition ffi.h:155
botan_mp_sub_u32
int botan_mp_sub_u32(botan_mp_t result, botan_mp_t x, uint32_t y)
Definition ffi_mp.cpp:143
botan_scrub_mem
int botan_scrub_mem(void *mem, size_t bytes)
Definition ffi.cpp:308
botan_mp_num_bits
int botan_mp_num_bits(botan_mp_t n, size_t *bits)
Definition ffi_mp.cpp:247
botan_privkey_create
int botan_privkey_create(botan_privkey_t *key, const char *algo_name, const char *algo_params, botan_rng_t rng)
Definition ffi_pkey.cpp:27
botan_mac_update
int botan_mac_update(botan_mac_t mac, const uint8_t *buf, size_t len)
Definition ffi_mac.cpp:55
botan_privkey_create_mceliece
int botan_privkey_create_mceliece(botan_privkey_t *key, botan_rng_t rng, size_t n, size_t t)
Definition ffi_pkey_algs.cpp:1262
botan_mp_mul
int botan_mp_mul(botan_mp_t result, botan_mp_t x, botan_mp_t y)
Definition ffi_mp.cpp:152
botan_privkey_algo_name
int botan_privkey_algo_name(botan_privkey_t key, char out[], size_t *out_len)
Definition ffi_pkey.cpp:111
botan_hash_block_size
int botan_hash_block_size(botan_hash_t hash, size_t *block_size)
Definition ffi_hash.cpp:48
botan_pubkey_view_raw
int botan_pubkey_view_raw(botan_pubkey_t key, botan_view_ctx ctx, botan_view_bin_fn view)
Definition ffi_pkey.cpp:156
botan_hash_copy_state
int botan_hash_copy_state(botan_hash_t *dest, botan_hash_t source)
Definition ffi_hash.cpp:78
botan_pubkey_get_field
int botan_pubkey_get_field(botan_mp_t output, botan_pubkey_t key, const char *field_name)
Definition ffi_pkey_algs.cpp:177
botan_privkey_create_dsa
int botan_privkey_create_dsa(botan_privkey_t *key, botan_rng_t rng, size_t pbits, size_t qbits)
Definition ffi_pkey_algs.cpp:304
botan_pubkey_load_sm2
int botan_pubkey_load_sm2(botan_pubkey_t *key, botan_mp_t public_x, botan_mp_t public_y, const char *curve_name)
Definition ffi_pkey_algs.cpp:627
botan_mp_t
struct botan_mp_struct * botan_mp_t
Definition ffi.h:900
botan_view_ctx
void * botan_view_ctx
Definition ffi.h:146
botan_rng_t
struct botan_rng_struct * botan_rng_t
Definition ffi.h:272
botan_block_cipher_destroy
int botan_block_cipher_destroy(botan_block_cipher_t bc)
Definition ffi_block.cpp:39
BOTAN_FFI_ERROR
BOTAN_FFI_ERROR
Definition ffi.h:113
BOTAN_FFI_ERROR_TPM_ERROR
@ BOTAN_FFI_ERROR_TPM_ERROR
Definition ffi.h:141
BOTAN_FFI_ERROR_NOT_IMPLEMENTED
@ BOTAN_FFI_ERROR_NOT_IMPLEMENTED
Definition ffi.h:135
BOTAN_FFI_ERROR_INVALID_KEY_LENGTH
@ BOTAN_FFI_ERROR_INVALID_KEY_LENGTH
Definition ffi.h:132
BOTAN_FFI_ERROR_KEY_NOT_SET
@ BOTAN_FFI_ERROR_KEY_NOT_SET
Definition ffi.h:131
BOTAN_FFI_ERROR_TLS_ERROR
@ BOTAN_FFI_ERROR_TLS_ERROR
Definition ffi.h:138
BOTAN_FFI_ERROR_EXCEPTION_THROWN
@ BOTAN_FFI_ERROR_EXCEPTION_THROWN
Definition ffi.h:123
BOTAN_FFI_ERROR_OUT_OF_MEMORY
@ BOTAN_FFI_ERROR_OUT_OF_MEMORY
Definition ffi.h:124
BOTAN_FFI_ERROR_INTERNAL_ERROR
@ BOTAN_FFI_ERROR_INTERNAL_ERROR
Definition ffi.h:126
BOTAN_FFI_INVALID_VERIFIER
@ BOTAN_FFI_INVALID_VERIFIER
Definition ffi.h:115
BOTAN_FFI_ERROR_INVALID_OBJECT
@ BOTAN_FFI_ERROR_INVALID_OBJECT
Definition ffi.h:136
BOTAN_FFI_ERROR_UNKNOWN_ERROR
@ BOTAN_FFI_ERROR_UNKNOWN_ERROR
Definition ffi.h:143
BOTAN_FFI_ERROR_HTTP_ERROR
@ BOTAN_FFI_ERROR_HTTP_ERROR
Definition ffi.h:139
BOTAN_FFI_ERROR_BAD_FLAG
@ BOTAN_FFI_ERROR_BAD_FLAG
Definition ffi.h:128
BOTAN_FFI_ERROR_INVALID_INPUT
@ BOTAN_FFI_ERROR_INVALID_INPUT
Definition ffi.h:117
BOTAN_FFI_ERROR_STRING_CONVERSION_ERROR
@ BOTAN_FFI_ERROR_STRING_CONVERSION_ERROR
Definition ffi.h:121
BOTAN_FFI_ERROR_NULL_POINTER
@ BOTAN_FFI_ERROR_NULL_POINTER
Definition ffi.h:129
BOTAN_FFI_SUCCESS
@ BOTAN_FFI_SUCCESS
Definition ffi.h:114
BOTAN_FFI_ERROR_SYSTEM_ERROR
@ BOTAN_FFI_ERROR_SYSTEM_ERROR
Definition ffi.h:125
BOTAN_FFI_ERROR_ROUGHTIME_ERROR
@ BOTAN_FFI_ERROR_ROUGHTIME_ERROR
Definition ffi.h:140
BOTAN_FFI_ERROR_INVALID_OBJECT_STATE
@ BOTAN_FFI_ERROR_INVALID_OBJECT_STATE
Definition ffi.h:133
BOTAN_FFI_ERROR_INSUFFICIENT_BUFFER_SPACE
@ BOTAN_FFI_ERROR_INSUFFICIENT_BUFFER_SPACE
Definition ffi.h:120
BOTAN_FFI_ERROR_BAD_MAC
@ BOTAN_FFI_ERROR_BAD_MAC
Definition ffi.h:118
BOTAN_FFI_ERROR_BAD_PARAMETER
@ BOTAN_FFI_ERROR_BAD_PARAMETER
Definition ffi.h:130
botan_pwdhash
int botan_pwdhash(const char *algo, size_t param1, size_t param2, size_t param3, uint8_t out[], size_t out_len, const char *passphrase, size_t passphrase_len, const uint8_t salt[], size_t salt_len)
Definition ffi_kdf.cpp:53
botan_mac_name
int botan_mac_name(botan_mac_t mac, char *name, size_t *name_len)
Definition ffi_mac.cpp:63
botan_cipher_clear
int botan_cipher_clear(botan_cipher_t hash)
Definition ffi_cipher.cpp:118
botan_mp_is_even
int botan_mp_is_even(botan_mp_t mp)
Definition ffi_mp.cpp:181
botan_rng_destroy
int botan_rng_destroy(botan_rng_t rng)
Definition ffi_rng.cpp:152
botan_ffi_supports_api
int botan_ffi_supports_api(uint32_t api_version)
Definition ffi.cpp:223
botan_error_description
const char * botan_error_description(int err)
Definition ffi.cpp:146
botan_hash_final
int botan_hash_final(botan_hash_t hash, uint8_t out[])
Definition ffi_hash.cpp:71
botan_error_last_exception_message
const char * botan_error_last_exception_message(void)
Definition ffi.cpp:142
botan_hash_init
int botan_hash_init(botan_hash_t *hash, const char *hash_name, uint32_t flags)
Definition ffi_hash.cpp:18
botan_mac_get_keyspec
int botan_mac_get_keyspec(botan_mac_t mac, size_t *out_minimum_keylength, size_t *out_maximum_keylength, size_t *out_keylength_modulo)
Definition ffi_mac.cpp:67
botan_cipher_t
struct botan_cipher_struct * botan_cipher_t
Definition ffi.h:536
botan_cipher_update
int botan_cipher_update(botan_cipher_t cipher, uint32_t flags, uint8_t output[], size_t output_size, size_t *output_written, const uint8_t input_bytes[], size_t input_size, size_t *input_consumed)
Encrypt/Decrypt some data and/or finalize the encryption/decryption.
Definition ffi_cipher.cpp:167
botan_mac_output_length
int botan_mac_output_length(botan_mac_t mac, size_t *output_length)
Definition ffi_mac.cpp:47
botan_view_str_fn
int(* botan_view_str_fn)(botan_view_ctx view_ctx, const char *str, size_t len)
Definition ffi.h:164
botan_constant_time_compare
int botan_constant_time_compare(const uint8_t *x, const uint8_t *y, size_t len)
Definition ffi.cpp:298
botan_mp_is_negative
int botan_mp_is_negative(botan_mp_t mp)
Definition ffi_mp.cpp:67
botan_hex_decode
int botan_hex_decode(const char *hex_str, size_t in_len, uint8_t *out, size_t *out_len)
Definition ffi.cpp:321
botan_mac_set_key
int botan_mac_set_key(botan_mac_t mac, const uint8_t *key, size_t key_len)
Definition ffi_mac.cpp:39
botan_kdf
int botan_kdf(const char *kdf_algo, uint8_t out[], size_t out_len, const uint8_t secret[], size_t secret_len, const uint8_t salt[], size_t salt_len, const uint8_t label[], size_t label_len)
Definition ffi_kdf.cpp:130
botan_mp_sub
int botan_mp_sub(botan_mp_t result, botan_mp_t x, botan_mp_t y)
Definition ffi_mp.cpp:125
botan_privkey_create_ecdh
int botan_privkey_create_ecdh(botan_privkey_t *key, botan_rng_t rng, const char *params)
Definition ffi_pkey_algs.cpp:537
botan_rng_init
int botan_rng_init(botan_rng_t *rng, const char *rng_type)
Definition ffi_rng.cpp:30
botan_block_cipher_encrypt_blocks
int botan_block_cipher_encrypt_blocks(botan_block_cipher_t bc, const uint8_t in[], uint8_t out[], size_t blocks)
Definition ffi_block.cpp:65
botan_cipher_get_default_nonce_length
int botan_cipher_get_default_nonce_length(botan_cipher_t cipher, size_t *nl)
Definition ffi_cipher.cpp:299
botan_mp_is_positive
int botan_mp_is_positive(botan_mp_t mp)
Definition ffi_mp.cpp:71
botan_privkey_view_pem
int botan_privkey_view_pem(botan_privkey_t key, botan_view_ctx ctx, botan_view_str_fn view)
Definition ffi_pkey.cpp:178
botan_nist_kw_dec
int botan_nist_kw_dec(const char *cipher_algo, int padded, const uint8_t wrapped_key[], size_t wrapped_key_len, const uint8_t kek[], size_t kek_len, uint8_t key[], size_t *key_len)
Definition ffi_keywrap.cpp:53
botan_cipher_get_update_granularity
int botan_cipher_get_update_granularity(botan_cipher_t cipher, size_t *ug)
Definition ffi_cipher.cpp:303
botan_pbkdf_timed
int botan_pbkdf_timed(const char *pbkdf_algo, uint8_t out[], size_t out_len, const char *passphrase, const uint8_t salt[], size_t salt_len, size_t milliseconds_to_run, size_t *out_iterations_used)
Definition ffi_kdf.cpp:32
botan_mac_clear
int botan_mac_clear(botan_mac_t mac)
Definition ffi_mac.cpp:51
botan_mp_to_str
int botan_mp_to_str(botan_mp_t mp, uint8_t base, char *out, size_t *out_len)
Definition ffi_mp.cpp:90
botan_block_cipher_set_key
int botan_block_cipher_set_key(botan_block_cipher_t bc, const uint8_t key[], size_t len)
Definition ffi_block.cpp:50
botan_mp_set_bit
int botan_mp_set_bit(botan_mp_t n, size_t bit)
Definition ffi_mp.cpp:239
botan_bcrypt_is_valid
int botan_bcrypt_is_valid(const char *pass, const char *hash)
Definition ffi_kdf.cpp:188
botan_mp_set_from_mp
int botan_mp_set_from_mp(botan_mp_t dest, botan_mp_t source)
Definition ffi_mp.cpp:63
botan_hash_t
struct botan_hash_struct * botan_hash_t
Definition ffi.h:360
Generated by doxygen 1.12.0