Couchbase C Client
3.3.11
Asynchronous C Client for Couchbase
|
Register crypto-providers and working with encrypted fields of the documents.
These routines contain functionality to define and hook crypto providers, as well as functions which should be used for portable (cross SDK) encoding of encrypted fields.
Functions | |
void | lcbcrypto_register (lcb_INSTANCE *instance, const char *name, lcbcrypto_PROVIDER *provider) |
Register crypto-provider for specified alias. More... | |
void | lcbcrypto_unregister (lcb_INSTANCE *instance, const char *name) |
Unregister crypto-provider for specified alias. More... | |
void | lcbcrypto_ref (lcbcrypto_PROVIDER *provider) |
Increment reference counter for crypto-provider. More... | |
void | lcbcrypto_unref (lcbcrypto_PROVIDER *provider) |
Decrement reference counter for crypto-provider. More... | |
lcb_STATUS | lcbcrypto_encrypt_fields (lcb_INSTANCE *instance, lcbcrypto_CMDENCRYPT *cmd) |
Encrypt all specified fields in the JSON encoded object. More... | |
lcb_STATUS | lcbcrypto_decrypt_fields (lcb_INSTANCE *instance, lcbcrypto_CMDDECRYPT *cmd) |
Decrypt all specified fields in the JSON encoded object. More... | |
Macros | |
#define | LCBCRYPTO_DEFAULT_FIELD_PREFIX |
Default prefix for encrypted JSON fields. | |
void lcbcrypto_register | ( | lcb_INSTANCE * | instance, |
const char * | name, | ||
lcbcrypto_PROVIDER * | provider | ||
) |
Register crypto-provider for specified alias.
See full example in example/crypto/openssl_symmetric_provider.c
instance | the handle |
name | provider alias, this will be recorded in JSON. |
provider | implementation of the crypto-provider |
void lcbcrypto_unregister | ( | lcb_INSTANCE * | instance, |
const char * | name | ||
) |
Unregister crypto-provider for specified alias.
See full example in example/crypto/openssl_symmetric_provider.c
instance | the handle |
name | provider alias. |
void lcbcrypto_ref | ( | lcbcrypto_PROVIDER * | provider | ) |
Increment reference counter for crypto-provider.
provider | provider instance |
void lcbcrypto_unref | ( | lcbcrypto_PROVIDER * | provider | ) |
Decrement reference counter for crypto-provider.
It calls destructor once counter reaches zero. The provider instance should not be used after calling this function.
provider | provider instance |
lcb_STATUS lcbcrypto_encrypt_fields | ( | lcb_INSTANCE * | instance, |
lcbcrypto_CMDENCRYPT * | cmd | ||
) |
Encrypt all specified fields in the JSON encoded object.
The function will remove original content of the field, and rename it using LCBCRYPTO_DEFAULT_FIELD_PREFIX, or custom prefix, specified in the command.
See full example in example/crypto/openssl_symmetric_encrypt.c
instance | the handle |
cmd | the command structure |
lcb_STATUS lcbcrypto_decrypt_fields | ( | lcb_INSTANCE * | instance, |
lcbcrypto_CMDDECRYPT * | cmd | ||
) |
Decrypt all specified fields in the JSON encoded object.
The function will remove original content of the field, and rename it using LCBCRYPTO_DEFAULT_FIELD_PREFIX, or custom prefix, specified in the command.
See full example in example/crypto/openssl_symmetric_decrypt.c
instance | the handle |
cmd | the command structure |
struct lcbcrypto_SIGV |
struct lcbcrypto_PROVIDER |
Crypto-provider interface.
See full example in example/crypto/openssl_symmetric_provider.c
Data Fields | |
uint16_t | version |
version of the structure, current value is 1 | |
int16_t | _refcnt |
reference counter | |
uint64_t | flags |
provider-specific flags | |
void * | cookie |
opaque pointer (e.g. More... | |
void(* | destructor )(struct lcbcrypto_PROVIDER *provider) |
destructor function, or NULL | |
union { | |
struct { | |
void(* | release_bytes )(struct lcbcrypto_PROVIDER *provider, void *bytes) |
function to use when the library wants to deallocate memory, returned by provider | |
lcb_STATUS(* | generate_iv )(struct lcbcrypto_PROVIDER *provider, uint8_t **iv, size_t *iv_len) |
initialization vector (IV) generator | |
lcb_STATUS(* | sign )(struct lcbcrypto_PROVIDER *provider, const lcbcrypto_SIGV *inputs, size_t input_num, uint8_t **sig, size_t *sig_len) |
generate cryptographic signature for the data | |
lcb_STATUS(* | verify_signature )(struct lcbcrypto_PROVIDER *provider, const lcbcrypto_SIGV *inputs, size_t input_num, uint8_t *sig, size_t sig_len) |
verify signature of the data | |
lcb_STATUS(* | encrypt )(struct lcbcrypto_PROVIDER *provider, const uint8_t *input, size_t input_len, const uint8_t *iv, size_t iv_len, uint8_t **output, size_t *output_len) |
encrypt data | |
lcb_STATUS(* | decrypt )(struct lcbcrypto_PROVIDER *provider, const uint8_t *input, size_t input_len, const uint8_t *iv, size_t iv_len, uint8_t **output, size_t *output_len) |
decrypt data | |
const char *(* | get_key_id )(struct lcbcrypto_PROVIDER *provider) |
returns key identifier, associated with the crypto-provider | |
} | v1 |
} | v |
void* cookie |
opaque pointer (e.g.
pointer to wrapper instance)
struct lcbcrypto_FIELDSPEC |
Structure for JSON field specification for encrypt/decrypt API.
Public Member Functions | |
LCB_DEPRECATED2 (const char *kid, "Do not use kid field. Encryption keys have to be part of the provider implementation") | |
Data Fields | |
const char * | name |
field name (NUL-terminated) | |
const char * | alg |
crypto provider alias (NUL-terminated) | |
struct lcbcrypto_CMDENCRYPT |
Data Fields | ||
---|---|---|
uint16_t | version | version of the structure, currently valid value is 0 |
const char * | prefix |
prefix to encrypted field. When NULL, it will use LCBCRYPTO_DEFAULT_FIELD_PREFIX |
const char * | doc | pointer to the input JSON document |
size_t | ndoc | size of the input JSON document |
char * | out |
pointer to output JSON document. When no changes were applied, this field will be set to NULL |
size_t | nout | size of the output JSON document |
lcbcrypto_FIELDSPEC * | fields | list of field specs |
size_t | nfields | number of field specs |
struct lcbcrypto_CMDDECRYPT |
Data Fields | ||
---|---|---|
uint16_t | version | version of the structure, currently valid value is 0 |
const char * | prefix |
prefix to encrypted field. When NULL, it will use LCBCRYPTO_DEFAULT_FIELD_PREFIX |
const char * | doc | pointer to the input JSON document |
size_t | ndoc | size of the input JSON document |
char * | out |
pointer to output JSON document. When no changes were applied, this field will be set to NULL |
size_t | nout | size of the output JSON document |
lcbcrypto_FIELDSPEC * | fields | list of field specs |
size_t | nfields | number of field specs |