Couchbase C Client  3.2.2
Asynchronous C Client for Couchbase
crypto.h
Go to the documentation of this file.
1 /* -*- Mode: C; tab-width: 4; c-basic-offset: 4; indent-tabs-mode: nil -*- */
2 /*
3  * Copyright 2018-2020 Couchbase, Inc.
4  *
5  * Licensed under the Apache License, Version 2.0 (the "License");
6  * you may not use this file except in compliance with the License.
7  * You may obtain a copy of the License at
8  *
9  * http://www.apache.org/licenses/LICENSE-2.0
10  *
11  * Unless required by applicable law or agreed to in writing, software
12  * distributed under the License is distributed on an "AS IS" BASIS,
13  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14  * See the License for the specific language governing permissions and
15  * limitations under the License.
16  */
17 
18 #ifndef LCB_CRYPTO_H
19 #define LCB_CRYPTO_H
20 
28 #ifdef __cplusplus
29 extern "C" {
30 #endif
31 
51 typedef struct lcbcrypto_SIGV {
52  const uint8_t *data;
53  size_t len;
55 
56 struct lcbcrypto_PROVIDER;
67 typedef struct lcbcrypto_PROVIDER {
68  uint16_t version;
69  int16_t _refcnt;
70  uint64_t flags;
71  void *cookie;
72  void (*destructor)(struct lcbcrypto_PROVIDER *provider);
73  union {
74  struct {
76  void (*release_bytes)(struct lcbcrypto_PROVIDER *provider, void *bytes);
78  lcb_STATUS (*generate_iv)(struct lcbcrypto_PROVIDER *provider, uint8_t **iv, size_t *iv_len);
80  lcb_STATUS (*sign)(struct lcbcrypto_PROVIDER *provider, const lcbcrypto_SIGV *inputs, size_t input_num,
81  uint8_t **sig, size_t *sig_len);
83  lcb_STATUS (*verify_signature)(struct lcbcrypto_PROVIDER *provider, const lcbcrypto_SIGV *inputs,
84  size_t input_num, uint8_t *sig, size_t sig_len);
86  lcb_STATUS (*encrypt)(struct lcbcrypto_PROVIDER *provider, const uint8_t *input, size_t input_len,
87  const uint8_t *iv, size_t iv_len, uint8_t **output, size_t *output_len);
89  lcb_STATUS (*decrypt)(struct lcbcrypto_PROVIDER *provider, const uint8_t *input, size_t input_len,
90  const uint8_t *iv, size_t iv_len, uint8_t **output, size_t *output_len);
92  const char *(*get_key_id)(struct lcbcrypto_PROVIDER *provider);
93  } v1;
94  } v;
96 
105 typedef struct lcbcrypto_FIELDSPEC {
106  const char *name;
107  const char *alg;
108  LCB_DEPRECATED2(const char *kid,
109  "Do not use kid field. Encryption keys have to be part of the provider implementation");
118 typedef struct lcbcrypto_CMDENCRYPT {
119  uint16_t version;
120  const char *prefix;
121  const char *doc;
122  size_t ndoc;
123  char *out;
124  size_t nout;
126  size_t nfields;
135 typedef struct lcbcrypto_CMDDECRYPT {
136  uint16_t version;
137  const char *prefix;
138  const char *doc;
139  size_t ndoc;
140  char *out;
141  size_t nout;
143  size_t nfields;
170 LIBCOUCHBASE_API void lcbcrypto_register(lcb_INSTANCE *instance, const char *name, lcbcrypto_PROVIDER *provider);
171 
180 LIBCOUCHBASE_API void lcbcrypto_unregister(lcb_INSTANCE *instance, const char *name);
181 
187 LIBCOUCHBASE_API void lcbcrypto_ref(lcbcrypto_PROVIDER *provider);
188 
196 LIBCOUCHBASE_API void lcbcrypto_unref(lcbcrypto_PROVIDER *provider);
197 
201 #define LCBCRYPTO_DEFAULT_FIELD_PREFIX "__crypt_"
202 
235 LIBCOUCHBASE_API lcb_STATUS lcbcrypto_encrypt_fields(lcb_INSTANCE *instance, lcbcrypto_CMDENCRYPT *cmd);
236 
275 LIBCOUCHBASE_API lcb_STATUS lcbcrypto_decrypt_fields(lcb_INSTANCE *instance, lcbcrypto_CMDDECRYPT *cmd);
278 #ifdef __cplusplus
279 }
280 #endif
281 #endif /* LCB_CRYPTO_H */
const char * doc
pointer to the input JSON document
Definition: crypto.h:126
Structure for JSON field specification for encrypt/decrypt API.
Definition: crypto.h:109
Command to decrypt JSON fields.
Definition: crypto.h:141
uint64_t flags
provider-specific flags
Definition: crypto.h:73
lcb_STATUS
Error codes returned by the library.
Definition: error.h:210
void lcbcrypto_unregister(lcb_INSTANCE *instance, const char *name)
Unregister crypto-provider for specified alias.
size_t len
length of the data in bytes
Definition: crypto.h:55
lcb_STATUS lcbcrypto_encrypt_fields(lcb_INSTANCE *instance, lcbcrypto_CMDENCRYPT *cmd)
Encrypt all specified fields in the JSON encoded object.
void(* destructor)(struct lcbcrypto_PROVIDER *provider)
destructor function, or NULL
Definition: crypto.h:75
void lcbcrypto_ref(lcbcrypto_PROVIDER *provider)
Increment reference counter for crypto-provider.
Command to encrypt JSON fields.
Definition: crypto.h:123
struct lcb_st lcb_INSTANCE
Library handle representing a connection to a cluster and its data buckets.
Definition: couchbase.h:35
uint16_t version
version of the structure, current value is 1
Definition: crypto.h:71
void lcbcrypto_register(lcb_INSTANCE *instance, const char *name, lcbcrypto_PROVIDER *provider)
Register crypto-provider for specified alias.
lcbcrypto_FIELDSPEC * fields
list of field specs
Definition: crypto.h:130
size_t nfields
number of field specs
Definition: crypto.h:131
const uint8_t * data
pointer to data
Definition: crypto.h:54
const char * alg
crypto provider alias (NUL-terminated)
Definition: crypto.h:111
lcb_STATUS lcbcrypto_decrypt_fields(lcb_INSTANCE *instance, lcbcrypto_CMDDECRYPT *cmd)
Decrypt all specified fields in the JSON encoded object.
int16_t _refcnt
reference counter
Definition: crypto.h:72
Crypto-provider interface.
Definition: crypto.h:70
void * cookie
opaque pointer (e.g.
Definition: crypto.h:74
size_t ndoc
size of the input JSON document
Definition: crypto.h:127
const char * prefix
prefix to encrypted field.
Definition: crypto.h:125
IOV-style structure for signing functions of crypto-provider.
Definition: crypto.h:53
const char * name
field name (NUL-terminated)
Definition: crypto.h:110
char * out
pointer to output JSON document.
Definition: crypto.h:128
size_t nout
size of the output JSON document
Definition: crypto.h:129
void lcbcrypto_unref(lcbcrypto_PROVIDER *provider)
Decrement reference counter for crypto-provider.