Sesame-Device/include/crypto.h

60 lines
1.9 KiB
C
Raw Permalink Normal View History

#pragma once
#include "message.h"
#include <stddef.h>
2023-12-05 20:46:41 +01:00
void enableCrypto();
/**
* @brief Create a random server challenge.
*
* @return uint32_t
*/
uint32_t randomChallenge();
/**
* @brief Create a message authentication code (MAC) for some data.
*
* @param data The data to authenticate
* @param dataLength The number of bytes to authenticate
* @param mac The output to store the MAC (must be at least 32 bytes)
* @param key The secret key used for authentication
* @return true The MAC was successfully written
* @return false The MAC could not be created
*/
2023-12-05 20:46:41 +01:00
bool authenticateData(const uint8_t* data, size_t dataLength, uint8_t* mac, const uint8_t* key);
/**
* @brief Calculate a MAC for message content.
*
* @param message The message for which to calculate the MAC.
* @param mac The output where the computed MAC is stored
* @param key The secret key used for authentication
* @return true The MAC was successfully computed
* @return false The MAC could not be created
*/
2023-12-05 20:46:41 +01:00
bool authenticateMessage(Message* message, uint8_t* mac, const uint8_t* key);
/**
* @brief Create a message authentication code (MAC) for a message.
*
* @param message The message to authenticate
* @param key The secret key used for authentication
* @return true The MAC was successfully added to the message
* @return false The MAC could not be created
*/
2023-12-05 20:46:41 +01:00
bool authenticateMessage(SignedMessage* message, const uint8_t* key);
/**
* @brief Check if a received unlock message is authentic
*
* This function computes the MAC of the message and compares it with
* the MAC included in the message. The message is authentic if both
* MACs are identical.
*
* @param message The message to authenticate
* @param key The secret key used for authentication
* @return true The message is authentic
* @return false The message is invalid, or the MAC could not be calculated
*/
2023-12-05 20:46:41 +01:00
bool isAuthenticMessage(SignedMessage* message, const uint8_t* key);