Expand description

§MobileCoin SGX: Crypto FFI Bindings

Project ChatLicenseTargetCrates.ioDocs StatusDependency Status

FFI linkage for the sgx_tcrypto library.

Structs§

Functions§

  • AES-CTR 128-bit - Only 128-bit key size is supported.
  • Get authentication tag from the given AES-GCM state.
  • Allocate and initialize AES-GCM encryption state.
  • Encrypt plaintext from p_src into p_dst.
  • Clear and free AES-GCM state.
  • Generates an ECDSA private key based on input random seed.
  • Clean up the CMAC state
  • Returns Hash calculation and clean up CMAC state.
  • Allocates and initializes CMAC state.
  • Updates CMAC has calculation based on the input message.
  • Create RSA key pair with <n_byte_size> key size and <e_byte_size> public exponent.
  • Create RSA private key using input buffer factors - little endian.
  • Create RSA private key using input buffer factors in little endian.
  • Create RSA public key using input buffer factors in little endian.
  • Generates an ECC public key based on a given ECC private key.
  • Checks whether the input point is a valid point on the given elliptic curve. Parameters: Return: sgx_status_t - SGX_SUCCESS or failure as defined sgx_error.h Inputs: sgx_ecc_state_handle_t ecc_handle - Handle to ECC crypto system sgx_ec256_public_t *p_point - Pointer to perform validity check on - LITTLE ENDIAN Output: int *p_valid - Return 0 if the point is an invalid point on ECC curve
  • Cleans up ecc context. Return: If context pointer is NULL, SGX_ERROR_INVALID_PARAMETER is returned. Parameters: Return: sgx_status_t - SGX_SUCCESS or failure as defined in sgx_error.h Output: sgx_ecc_state_handle_t ecc_handle - Handle to the ECC crypto system
  • Computes DH shared key based on own (local) private key and remote public Ga Key. NOTE: Caller code allocates memory for Shared key pointer to be populated
  • Populates private/public key pair. NOTE: Caller code allocates memory for Private & Public key pointers to be populated
  • Elliptic Curve Cryptography based on GF(p), 256 bit.
  • Computes signature for data based on private key.
  • Verifies the signature for the given data based on the public key. This API verifies the hash of input data verify(SHA256(p_data)). First it’ll calculate SHA256 hash for given data and then verify the signature for this hash.
  • Directly verify the signature for the given data based on the public key. (Without calculating data’s hash) see sgx_ecdsa_verify.
  • Clear and free RSA key which was generated by one of the Tcrypto “sgx_create_rsa_*” APIs.
  • Rijndael AES-GCM - Only 128-bit key AES-GCM Encryption/Decryption is supported
  • Message Authentication Rijndael 128 CMAC - Only 128-bit key size is supported. NOTE: Use sgx_rijndael128_cmac_msg if the src ptr contains the complete msg to perform hash (Option 1) Else use the Init, Update, Update, …, Final, Close procedure (Option 2) Option 1: If the complete dataset is available for hashing, sgx_rijndael128_cmac_msg is a single API call for generating the 128-bit hash for the given dataset. Return: If source, key, or MAC pointer is NULL, SGX_ERROR_INVALID_PARAMETER is returned. If out of enclave memory, SGX_ERROR_OUT_OF_MEMORY is returned. If hash function fails then SGX_ERROR_UNEXPECTED is returned. Option 2: If the hash is to be performed over multiple data sets, then use: A. sgx_cmac128_init - to create the context - context memory is allocated by this function. Return: If key pointer is NULL, SGX_ERROR_INVALID_PARAMETER is returned. If out of enclave memory, SGX_ERROR_OUT_OF_MEMORY is returned. If context creation fails then SGX_ERROR_UNEXPECTED is returned. B. sgx_cmac128_update - updates hash based on input source data This function should be called for each chunk of data to be included in the hash including the 1st and final chunks. Return: If source pointer or context pointer are NULL, SGX_ERROR_INVALID_PARAMETER is returned. If hash function fails then SGX_ERROR_UNEXPECTED is returned. C. sgx_cmac128_final - function obtains the hash value Upon completing the process of computing a hash over a set of data or sets of data, this function populates the hash value. Return: If hash pointer or context pointer are NULL, SGX_ERROR_INVALID_PARAMETER is returned. If the function fails then SGX_ERROR_UNEXPECTED is returned. D. sgx_cmac128_close - SHOULD BE CALLED to clean up the CMAC state Upon populating the hash value over a set of data or sets of data, this function is used to free the CMAC state. Return: If CMAC state pointer is NULL, SGX_ERROR_INVALID_PARAMETER is returned.
  • Computes signature for a given data based on RSA 3072 private key
  • Computes signature for a given data based on RSA 3072 private key and optional corresponding public key.
  • Verifies the signature for the given data based on the RSA 3072 public key.
  • Decrypt ciphertext [pin_data] using RSA private key, with OAEP SHA-256
  • Encrypt input data [pin_data] using RSA public key, with OAEP SHA-256
  • Cleans up SHA state
  • Returns Hash calculation
  • Allocates and initializes sha state
  • SHA Hashing functions - NOTE: ONLY 256/160-bit is supported.
  • Updates sha calculation based on the input message

Type Aliases§