HCOSE_COUNTERSIGN COSE_Enveloped_GetCounterSigner(HCOSE_ENCRYPT h, int iSigner, cose_errback * perr)
{
CHECK_CONDITION(IsValidEncryptHandle(h), COSE_ERR_INVALID_HANDLE);
return _COSE_CounterSign_get(&((COSE_Enveloped *)h)->m_message, iSigner, perr);
errorReturn:
return NULL;
}
bool COSE_Enveloped_AddCounterSigner(HCOSE_ENCRYPT hEnv, HCOSE_COUNTERSIGN hSign, cose_errback * perr)
{
CHECK_CONDITION(IsValidEncryptHandle(hEnv), COSE_ERR_INVALID_HANDLE);
return _COSE_CounterSign_add(&((COSE_Enveloped *)hEnv)->m_message, hSign, perr);
errorReturn:
return false;
}
bool COSE_Encrypt_map_put_int(HCOSE_ENCRYPT h, int key, cn_cbor * value, int flags, cose_errback * perror)
{
if (!IsValidEncryptHandle(h) || (value == NULL)) {
if (perror != NULL) perror->err = COSE_ERR_INVALID_PARAMETER;
return false;
}
return _COSE_map_put(&((COSE_Encrypt *)h)->m_message, key, value, flags, perror);
}
cn_cbor * COSE_Encrypt_map_get_int(HCOSE_ENCRYPT h, int key, int flags, cose_errback * perror)
{
if (!IsValidEncryptHandle(h)) {
if (perror != NULL) perror->err = COSE_ERR_INVALID_PARAMETER;
return NULL;
}
return _COSE_map_get_int(&((COSE_Encrypt *)h)->m_message, key, flags, perror);
}
bool COSE_Encrypt_SetContent(HCOSE_ENCRYPT h, const byte * rgb, size_t cb, cose_errback * perror)
{
if (!IsValidEncryptHandle(h) || (rgb == NULL)) {
if (perror != NULL) perror->err = COSE_ERR_INVALID_PARAMETER;
return false;
}
return _COSE_Encrypt_SetContent((COSE_Encrypt *)h, rgb, cb, perror);
}
bool COSE_Encrypt_SetExternal(HCOSE_ENCRYPT hcose, const byte * pbExternalData, size_t cbExternalData, cose_errback * perr)
{
if (!IsValidEncryptHandle(hcose)) {
if (perr != NULL) perr->err = COSE_ERR_INVALID_PARAMETER;
return false;
}
return _COSE_SetExternal(&((COSE_Encrypt *)hcose)->m_message, pbExternalData, cbExternalData, perr);
}
bool COSE_Encrypt_encrypt(HCOSE_ENCRYPT h, const byte * pbKey, size_t cbKey, cose_errback * perr)
{
CHECK_CONDITION(IsValidEncryptHandle(h), COSE_ERR_INVALID_HANDLE);
CHECK_CONDITION(pbKey != NULL, COSE_ERR_INVALID_PARAMETER);
return _COSE_Enveloped_encrypt((COSE_Encrypt *)h, pbKey, cbKey, "Encrypt0", perr);
errorReturn:
return false;
}
const byte * COSE_Encrypt_GetContent(HCOSE_ENCRYPT h, size_t * pcbContent, cose_errback * perror)
{
COSE_Encrypt * cose = (COSE_Encrypt *) h;
if (!IsValidEncryptHandle(h) || (pcbContent == NULL)) {
if (perror != NULL) perror->err = COSE_ERR_INVALID_PARAMETER;
return false;
}
*pcbContent = cose->cbContent;
return cose->pbContent;
}
bool COSE_Encrypt_decrypt(HCOSE_ENCRYPT h, const byte * pbKey, size_t cbKey, cose_errback * perr)
{
COSE_Encrypt * pcose = (COSE_Encrypt *)h;
bool f;
if (!IsValidEncryptHandle(h)) {
if (perr != NULL) perr->err = COSE_ERR_INVALID_PARAMETER;
return false;
}
f = _COSE_Enveloped_decrypt(pcose, NULL, pbKey, cbKey, "Encrypt0", perr);
return f;
}
bool COSE_Encrypt_decrypt(HCOSE_ENCRYPT h, const byte * pbKey, size_t cbKey, cose_errback * perr)
{
COSE_Encrypt * pcose = (COSE_Encrypt *)h;
cose_errback error = { 0 };
bool f;
if (!IsValidEncryptHandle(h)) {
if (perr != NULL) perr->err = COSE_ERR_INVALID_PARAMETER;
return false;
}
f = _COSE_Encrypt_decrypt(pcose, pbKey, cbKey, &error);
if (perr != NULL) *perr = error;
return f;
}
bool COSE_Encrypt_Free(HCOSE_ENCRYPT h)
{
#ifdef USE_CBOR_CONTEXT
cn_cbor_context context;
#endif
COSE_Encrypt * pEncrypt = (COSE_Encrypt *)h;
if (!IsValidEncryptHandle(h)) return false;
#ifdef USE_CBOR_CONTEXT
context = ((COSE_Encrypt *)h)->m_message.m_allocContext;
#endif
_COSE_Encrypt_Release(pEncrypt);
_COSE_RemoveFromList(&EncryptRoot, &pEncrypt->m_message);
COSE_FREE((COSE_Encrypt *)h, &context);
return true;
}
bool COSE_Encrypt_encrypt(HCOSE_ENCRYPT h, const byte * pbKey, size_t cbKey, cose_errback * perr)
{
int alg;
const cn_cbor * cn_Alg = NULL;
byte * pbAuthData = NULL;
cn_cbor * pAuthData = NULL;
cn_cbor * ptmp = NULL;
size_t cbitKey;
#ifdef USE_CBOR_CONTEXT
cn_cbor_context * context = NULL;
#endif
COSE_Encrypt * pcose = (COSE_Encrypt *) h;
CHECK_CONDITION(IsValidEncryptHandle(h), COSE_ERR_INVALID_PARAMETER);
#ifdef USE_CBOR_CONTEXT
context = &pcose->m_message.m_allocContext;
#endif // USE_CBOR_CONTEXT
cn_Alg = _COSE_map_get_int(&pcose->m_message, COSE_Header_Algorithm, COSE_BOTH, perr);
if (cn_Alg == NULL) goto errorReturn;
CHECK_CONDITION((cn_Alg->type == CN_CBOR_UINT) || (cn_Alg->type == CN_CBOR_INT), COSE_ERR_INVALID_PARAMETER);
alg = (int) cn_Alg->v.uint;
// Get the key size
switch (alg) {
#ifdef INCLUDE_AES_CCM
case COSE_Algorithm_AES_CCM_64_64_128:
case COSE_Algorithm_AES_CCM_16_128_128:
case COSE_Algorithm_AES_CCM_64_128_128:
case COSE_Algorithm_AES_CCM_16_64_128:
cbitKey = 128;
break;
case COSE_Algorithm_AES_CCM_64_64_256:
case COSE_Algorithm_AES_CCM_16_128_256:
case COSE_Algorithm_AES_CCM_64_128_256:
case COSE_Algorithm_AES_CCM_16_64_256:
cbitKey = 256;
break;
#endif // INCLUDE_AES_CCM
case COSE_Algorithm_AES_GCM_128: cbitKey = 128; break;
case COSE_Algorithm_AES_GCM_192: cbitKey = 192; break;
case COSE_Algorithm_AES_GCM_256: cbitKey = 256; break;
default:
FAIL_CONDITION(COSE_ERR_INVALID_PARAMETER);
}
// Build protected headers
const cn_cbor * cbProtected = _COSE_encode_protected(&pcose->m_message, perr);
if (cbProtected == NULL) goto errorReturn;
// Build authenticated data
size_t cbAuthData = 0;
if (!_COSE_Encrypt_Build_AAD(&pcose->m_message, &pbAuthData, &cbAuthData, "Encrypted", perr)) goto errorReturn;
switch (alg) {
#ifdef INCLUDE_AES_CCM
case COSE_Algorithm_AES_CCM_16_64_128:
case COSE_Algorithm_AES_CCM_16_64_256:
if (!AES_CCM_Encrypt((COSE_Enveloped *)pcose, 64, 16, pbKey, cbKey, pbAuthData, cbAuthData, perr)) goto errorReturn;
break;
case COSE_Algorithm_AES_CCM_16_128_128:
case COSE_Algorithm_AES_CCM_16_128_256:
if (!AES_CCM_Encrypt((COSE_Enveloped *)pcose, 128, 16, pbKey, cbKey, pbAuthData, cbAuthData, perr)) goto errorReturn;
break;
case COSE_Algorithm_AES_CCM_64_64_128:
case COSE_Algorithm_AES_CCM_64_64_256:
if (!AES_CCM_Encrypt((COSE_Enveloped *)pcose, 64, 64, pbKey, cbKey, pbAuthData, cbAuthData, perr)) goto errorReturn;
break;
case COSE_Algorithm_AES_CCM_64_128_128:
case COSE_Algorithm_AES_CCM_64_128_256:
if (!AES_CCM_Encrypt((COSE_Enveloped *)pcose, 128, 64, pbKey, cbKey, pbAuthData, cbAuthData, perr)) goto errorReturn;
break;
#endif
case COSE_Algorithm_AES_GCM_128:
case COSE_Algorithm_AES_GCM_192:
case COSE_Algorithm_AES_GCM_256:
if (!AES_GCM_Encrypt((COSE_Enveloped *)pcose, pbKey, cbKey, pbAuthData, cbAuthData, perr)) goto errorReturn;
break;
default:
FAIL_CONDITION(COSE_ERR_INVALID_PARAMETER);
}
// Figure out the clean up
if (pbAuthData != NULL) COSE_FREE(pbAuthData, context);
if (pAuthData != NULL) cn_cbor_free(pAuthData CBOR_CONTEXT_PARAM);
return true;
errorReturn:
if (pbAuthData != NULL) COSE_FREE(pbAuthData, context);
if (pAuthData != NULL) cn_cbor_free(pAuthData CBOR_CONTEXT_PARAM);
if (ptmp != NULL) cn_cbor_free(ptmp CBOR_CONTEXT_PARAM);
return false;
}
