Sesame-Device/include/crypto.h

55 lines
2.1 KiB
C
Raw Permalink Normal View History

#pragma once
#include "message.h"
#include <stddef.h>
/**
* @brief Create a message authentication code (MAC) for some data.
*
* @param data The data to authenticate
* @param dataLength The number of bytes to authenticate
* @param mac The output to store the MAC (must be at least 32 bytes)
* @param key The secret key used for authentication
* @param keyLength The length of the secret key
* @return true The MAC was successfully written
* @return false The MAC could not be created
*/
bool authenticateData(const uint8_t* data, size_t dataLength, uint8_t* mac, const uint8_t* key, size_t keyLength);
/**
* @brief Calculate a MAC for message content.
*
* @param message The message for which to calculate the MAC.
* @param mac The output where the computed MAC is stored
* @param key The secret key used for authentication
* @param keyLength The length of the secret key
* @return true The MAC was successfully computed
* @return false The MAC could not be created
*/
bool authenticateMessage(Message* message, uint8_t* mac, const uint8_t* key, size_t keyLength);
/**
* @brief Create a message authentication code (MAC) for a message.
*
* @param message The message to authenticate
* @param key The secret key used for authentication
* @param keyLength The length of the secret key
* @return true The MAC was successfully added to the message
* @return false The MAC could not be created
*/
bool authenticateMessage(AuthenticatedMessage* message, const uint8_t* key, size_t keyLength);
/**
* @brief Check if a received unlock message is authentic
*
* This function computes the MAC of the message and compares it with
* the MAC included in the message. The message is authentic if both
* MACs are identical.
*
* @param message The message to authenticate
* @param key The secret key used for authentication
* @param keyLength The length of the key in bytes
* @return true The message is authentic
* @return false The message is invalid, or the MAC could not be calculated
*/
bool isAuthenticMessage(AuthenticatedMessage* message, const uint8_t* key, size_t keyLength);