TrustCore SDK NanoCert API reference  version 7.0
Macros | Enumerations | Functions
pkcs5.h File Reference

Header file for SoT Platform PKCS #5 convenience API. More...

Go to the source code of this file.

Macros

#define MOC_MIN_800_132_ITERATION_COUNT   1000
 
#define MOC_MIN_800_132_KEY_LEN   14
 
#define MOC_MIN_800_132_SALT_LEN   16
 

Enumerations

enum  encFunc {
  nilEncryption = 0, tdesEncryption = 1, twoKeyTdesEncryption = 2, desEncryption = 3,
  rc4Encryption = 4, rc2Encryption = 5, rc2EkbEncryption = 6, bfEncryption = 7,
  aesEncryption = 8, aesCtrEncryption = 9
}
 
enum  hashFunc {
  md2Encryption = 2, md4Encryption = 3, md5Encryption = 4, sha1Encryption = 5,
  sha256Encryption = 11, sha384Encryption = 12, sha512Encryption = 13, sha224Encryption = 14
}
 

Functions

MOC_EXTERN MSTATUS PKCS5_CreateKey_PBKDF1 (MOC_HASH(hwAccelDescr hwAccelCtx) const ubyte *pSalt, ubyte4 saltLen, ubyte4 iterationCount, enum hashFunc hashingFunction, const ubyte *pPassword, ubyte4 passwordLen, ubyte4 dkLen, ubyte *pRetDerivedKey)
 Generate a key based on the RFC 2898 PBKDF1 key generation method. More...
 
MOC_EXTERN MSTATUS PKCS5_CreateKey_PBKDF2 (MOC_HASH(hwAccelDescr hwAccelCtx) const ubyte *pSalt, ubyte4 saltLen, ubyte4 iterationCount, ubyte rsaAlgoId, const ubyte *pPassword, ubyte4 passwordLen, ubyte4 dkLen, ubyte *pRetDerivedKey)
 Generate a key based on the RFC 2898 PBKDF2 key generation method. More...
 
MOC_EXTERN MSTATUS PKCS5_decrypt (MOC_SYM(hwAccelDescr hwAccelCtx) ubyte subType, CStream cs, ASN1_ITEMPTR pPBEParam, ASN1_ITEMPTR pEncrypted, const ubyte *password, sbyte4 passwordLen, ubyte **privateKeyInfo, sbyte4 *privateKeyInfoLen)
 Decrypt data that is PKCS5 encrypted. More...
 
MOC_EXTERN MSTATUS PKCS5_decryptV2 (MOC_SYM(hwAccelDescr hwAccelCtx) const ubyte *pAsn1PBE, ubyte4 pbeLen, ubyte *pData, ubyte4 dataLen, const ubyte *pPassword, sbyte4 passwordLen, ubyte *pPrivateKeyInfo, ubyte4 privKeyInfoBufferLen, ubyte4 *pPrivKeyInfoLen)
 Decrypt data that is PKCS5 V2 encrypted and in a raw buffer form. More...
 
MOC_EXTERN MSTATUS PKCS5_encryptV1 (MOC_SYM(hwAccelDescr hwAccelCtx) ubyte pkcs5SubType, const ubyte *password, ubyte4 passwordLen, const ubyte *salt, ubyte4 saltLen, ubyte4 iterCount, ubyte *plainText, ubyte4 ptLen)
 Encrypt a plaintext buffer with PBES1 encryption as defined in RFC 2898. More...
 
MOC_EXTERN MSTATUS PKCS5_encryptV2 (MOC_SYM(hwAccelDescr hwAccelCtx) const BulkEncryptionAlgo *pAlgo, ubyte rsaAlgoId, ubyte4 keyLength, sbyte4 effectiveKeyBits, const ubyte *password, ubyte4 passwordLen, const ubyte *salt, ubyte4 saltLen, ubyte4 iterCount, const ubyte *iv, ubyte *plainText, ubyte4 ptLen)
 Encrypt a plaintext buffer with PBES2 encryption as defined in RFC 2898. More...
 
MOC_EXTERN MSTATUS PKCS5_encryptV2_Alt (ubyte encryptionAlgo, ubyte digestAlg, ubyte4 keyLength, sbyte4 effectiveKeyBits, const ubyte *pPassword, ubyte4 passwordLen, const ubyte *pSalt, ubyte4 saltLen, ubyte4 iterCount, const ubyte *pIv, ubyte *pPlainText, ubyte4 ptLen, ubyte *pCipherText, ubyte4 ctBufferLen, ubyte4 *pCtLen)
 Encrypt a plaintext buffer with PBES2 encryption as defined in RFC 2898. More...
 

Detailed Description

Header file for SoT Platform PKCS #5, version 2.0, convenience API, as defined by RFC 2898.

Function Documentation

◆ PKCS5_encryptV2_Alt()

MOC_EXTERN MSTATUS PKCS5_encryptV2_Alt ( ubyte  encryptionAlgo,
ubyte  digestAlg,
ubyte4  keyLength,
sbyte4  effectiveKeyBits,
const ubyte *  pPassword,
ubyte4  passwordLen,
const ubyte *  pSalt,
ubyte4  saltLen,
ubyte4  iterCount,
const ubyte *  pIv,
ubyte *  pPlainText,
ubyte4  ptLen,
ubyte *  pCipherText,
ubyte4  ctBufferLen,
ubyte4 *  pCtLen 
)

This function encrypts a plaintext buffer with PBES2 encryption as defined in RFC 2898. It combines the PBKDF2 password-based key derivation function with the given bulk encryption algorithm.

Note
Use PBES2 for new applications because it supports large key sizes and many encryption schemes. Use PBES1 (see PKCS5_encryptV1()) only for compatibility with existing applications because it uses small key sizes and supports only two encryption schemes.
Parameters
encryptionAlgoThe encryption algorithm. One of the following enum values
  • nilEncryption
  • tdesEncryption
  • twoKeyTdesEncryption
  • desEncryption
  • rc4Encryption
  • rc2Encryption
  • rc2EkbEncryption
  • bfEncryption
  • aesEncryption
  • aesCtrEncryption
digestAlgPseudorandom function algorithm to apply to the password and salt; any of the following enum values from src/crypto/crypto.h:
  • md2withRSAEncryption
  • md4withRSAEncryption
  • md5withRSAEncryption
  • sha1withRSAEncryption
  • sha224withRSAEncryption
  • sha256withRSAEncryption
  • sha384withRSAEncryption
  • sha512withRSAEncryption
keyLengthLength of key to derive; the maximum value is (2^32 - 1) bytes.
effectiveKeyBitsSpecify "1" to ensure encryption.
pPasswordPointer to password to use for key derivation.
passwordLenLength in bytes of password (password).
pSaltPointer to salt to use for key derivation.
saltLenLength in bytes of the salt (salt).
iterCountIteration count to use for key derivation.
pIvInitialization vector whose first pAlgo->blockSize bytes are appended to the derived key.
pPlainTextBuffer holding the plaintext message to encrypt.
ptLenLength in bytes of plaintext message, plainText.
pCipherTextBuffer to hold the resulting cipherText. It must have enough space for a padded message.
ctBufferLenLength of the pCipherText buffer in bytes.
pCtLenContents will be set to the number of bytes contained in the resulting ciphertext.
Returns
OK (0) if successful; otherwise a negative number error code definition from merrors.h. To retrieve a string containing an English text error identifier corresponding to the function's returned error status, use the DISPLAY_ERROR macro.