Line data Source code
1 1 : /** @file
2 : * @brief Bluetooth subsystem crypto APIs.
3 : */
4 :
5 : /*
6 : * Copyright (c) 2017-2020 Nordic Semiconductor ASA
7 : * Copyright (c) 2015-2017 Intel Corporation
8 : *
9 : * SPDX-License-Identifier: Apache-2.0
10 : */
11 : #ifndef ZEPHYR_INCLUDE_BLUETOOTH_CRYPTO_H_
12 : #define ZEPHYR_INCLUDE_BLUETOOTH_CRYPTO_H_
13 :
14 : /**
15 : * @brief Cryptography
16 : * @defgroup bt_crypto Cryptography
17 : * @ingroup bluetooth
18 : * @{
19 : */
20 :
21 : #include <stdbool.h>
22 : #include <stddef.h>
23 : #include <stdint.h>
24 :
25 : #ifdef __cplusplus
26 : extern "C" {
27 : #endif
28 :
29 : /** @brief Generate random data.
30 : *
31 : * A random number generation helper which utilizes the Bluetooth
32 : * controller's own RNG.
33 : *
34 : * @param buf Buffer to insert the random data
35 : * @param len Length of random data to generate
36 : *
37 : * @return Zero on success or error code otherwise, positive in case
38 : * of protocol error or negative (POSIX) in case of stack internal error
39 : */
40 1 : int bt_rand(void *buf, size_t len);
41 :
42 : /** @brief AES encrypt little-endian data.
43 : *
44 : * An AES encrypt helper is used to request the Bluetooth controller's own
45 : * hardware to encrypt the plaintext using the key and returns the encrypted
46 : * data.
47 : *
48 : * @param key 128 bit LS byte first key for the encryption of the plaintext
49 : * @param plaintext 128 bit LS byte first plaintext data block to be encrypted
50 : * @param enc_data 128 bit LS byte first encrypted data block
51 : *
52 : * @return Zero on success or error code otherwise.
53 : */
54 1 : int bt_encrypt_le(const uint8_t key[16], const uint8_t plaintext[16],
55 : uint8_t enc_data[16]);
56 :
57 : /** @brief AES encrypt big-endian data.
58 : *
59 : * An AES encrypt helper is used to request the Bluetooth controller's own
60 : * hardware to encrypt the plaintext using the key and returns the encrypted
61 : * data.
62 : *
63 : * @param key 128 bit MS byte first key for the encryption of the plaintext
64 : * @param plaintext 128 bit MS byte first plaintext data block to be encrypted
65 : * @param enc_data 128 bit MS byte first encrypted data block
66 : *
67 : * @return Zero on success or error code otherwise.
68 : */
69 1 : int bt_encrypt_be(const uint8_t key[16], const uint8_t plaintext[16],
70 : uint8_t enc_data[16]);
71 :
72 :
73 : /** @brief Decrypt big-endian data with AES-CCM.
74 : *
75 : * Decrypts and authorizes @c enc_data with AES-CCM, as described in
76 : * https://tools.ietf.org/html/rfc3610.
77 : *
78 : * Assumes that the MIC follows directly after the encrypted data.
79 : *
80 : * @param key 128 bit MS byte first key
81 : * @param nonce 13 byte MS byte first nonce
82 : * @param enc_data Encrypted data
83 : * @param len Length of the encrypted data
84 : * @param aad Additional authenticated data
85 : * @param aad_len Additional authenticated data length
86 : * @param plaintext Plaintext buffer to place result in
87 : * @param mic_size Size of the trailing MIC (in bytes)
88 : *
89 : * @retval 0 Successfully decrypted the data.
90 : * @retval -EINVAL Invalid parameters.
91 : * @retval -EBADMSG Authentication failed.
92 : */
93 1 : int bt_ccm_decrypt(const uint8_t key[16], uint8_t nonce[13], const uint8_t *enc_data,
94 : size_t len, const uint8_t *aad, size_t aad_len,
95 : uint8_t *plaintext, size_t mic_size);
96 :
97 :
98 : /** @brief Encrypt big-endian data with AES-CCM.
99 : *
100 : * Encrypts and generates a MIC from @c plaintext with AES-CCM, as described in
101 : * https://tools.ietf.org/html/rfc3610.
102 : *
103 : * Places the MIC directly after the encrypted data.
104 : *
105 : * @param key 128 bit MS byte first key
106 : * @param nonce 13 byte MS byte first nonce
107 : * @param plaintext Plaintext buffer to encrypt
108 : * @param len Length of the encrypted data
109 : * @param aad Additional authenticated data
110 : * @param aad_len Additional authenticated data length
111 : * @param enc_data Buffer to place encrypted data in
112 : * @param mic_size Size of the trailing MIC (in bytes)
113 : *
114 : * @retval 0 Successfully encrypted the data.
115 : * @retval -EINVAL Invalid parameters.
116 : */
117 1 : int bt_ccm_encrypt(const uint8_t key[16], uint8_t nonce[13],
118 : const uint8_t *plaintext, size_t len, const uint8_t *aad,
119 : size_t aad_len, uint8_t *enc_data, size_t mic_size);
120 :
121 : #ifdef __cplusplus
122 : }
123 : #endif
124 : /**
125 : * @}
126 : */
127 :
128 : #endif /* ZEPHYR_INCLUDE_BLUETOOTH_CRYPTO_H_ */
|