Virgil IoT KIT
Enumerations | Functions
secbox.h File Reference

Security Box implementation. More...

#include <stdint.h>
#include <virgil/iot/storage_hal/storage_hal.h>
#include <virgil/iot/status_code/status_code.h>
#include <virgil/iot/secmodule/secmodule.h>

Go to the source code of this file.

Enumerations

enum  vs_secbox_type_t { VS_SECBOX_SIGNED, VS_SECBOX_SIGNED_AND_ENCRYPTED }
 Security box operation type. More...
 

Functions

vs_status_e vs_secbox_init (vs_storage_op_ctx_t *ctx, vs_secmodule_impl_t *secmodule)
 Initialize Security Box. More...
 
vs_status_e vs_secbox_deinit (void)
 Destroy Security Box. More...
 
ssize_t vs_secbox_file_size (vs_storage_element_id_t id)
 Security Box element size. More...
 
vs_status_e vs_secbox_save (vs_secbox_type_t type, vs_storage_element_id_t id, const uint8_t *data, size_t data_sz)
 Save Security Box element. More...
 
vs_status_e vs_secbox_load (vs_storage_element_id_t id, uint8_t *data, size_t data_sz)
 Load Security Box element. More...
 
vs_status_e vs_secbox_del (vs_storage_element_id_t id)
 Delete Security Box element. More...
 

Detailed Description

Security Box implementation.

Security Box provides the ability to save/load/delete data on external storage with security options. Data can be save with signature without encryption. Or it can be saved with signature and encryption.

Security Box Usage

vs_storage_op_ctx_t secbox_storage_impl; // Storage for Security Box
vs_secmodule_impl_t *secmodule_impl; // Security Module
vs_secbox_type_t type = VS_SECBOX_SIGNED_AND_ENCRYPTED; // Security operation type : signed and encrypted
vs_storage_element_id_t file_id = "SOME_FILE"; // File identifier
static char data_to_save[] = "Data to save"; // Data to be saved
static char data_to_load[128]; // Read data buffer
ssize_t file_size; // File size
size_t data_size = sizeof(data_to_save); // Data size
// Initialize secbox_storage_impl, secmodule_impl
// Security Module can be initialized by default software implementation
secmodule_impl = vs_soft_secmodule_impl(&slots_storage_impl);
// Initialize security box
STATUS_CHECK(vs_secbox_init(&secbox_storage_impl, secmodule_impl), "Unable to initialize Secbox module");
// Save data
STATUS_CHECK(vs_secbox_save(type, file_id, data_to_save, data_size), "Unable to save data");
// Get file size
file_size = vs_secbox_file_size(file_id);
assert(file_size > 0);
// Load file
STATUS_CHECK(vs_secbox_load(file_id, data_to_load, data_size), "Unable to load data");
// Delete file
STATUS_CHECK(vs_secbox_del(file_id), "Unable to delete file");

Enumeration Type Documentation

◆ vs_secbox_type_t

enum vs_secbox_type_t

Security box operation type.

Enumerator
VS_SECBOX_SIGNED 

Signed data.

VS_SECBOX_SIGNED_AND_ENCRYPTED 

Signed and encrypted data.

Function Documentation

◆ vs_secbox_deinit()

vs_status_e vs_secbox_deinit ( void  )

Destroy Security Box.

Destroys Security Box. This function must be called after all operations with Security Box.

Returns
VS_CODE_OK in case of success or error code.

◆ vs_secbox_del()

vs_status_e vs_secbox_del ( vs_storage_element_id_t  id)

Delete Security Box element.

Deletes file on the disk.

Parameters
[in]idElement ID
Returns
VS_CODE_OK in case of success or error code.

◆ vs_secbox_file_size()

ssize_t vs_secbox_file_size ( vs_storage_element_id_t  id)

Security Box element size.

Get saved data size without signatures and encryption.

Parameters
[in]idElement ID
Returns
Element size or vs_status_e negative value in case of error

◆ vs_secbox_init()

vs_status_e vs_secbox_init ( vs_storage_op_ctx_t ctx,
vs_secmodule_impl_t secmodule 
)

Initialize Security Box.

Initializes Security Box. This function must be called before any operations with Security Box.

Parameters
[in]ctxStorage context. Must not be NULL.
[in]secmoduleSecurity Module implementation. Must not be NULL.
Returns
VS_CODE_OK in case of success or error code.

◆ vs_secbox_load()

vs_status_e vs_secbox_load ( vs_storage_element_id_t  id,
uint8_t *  data,
size_t  data_sz 
)

Load Security Box element.

Loads data.

Parameters
[in]idElement ID
[out]dataData buffer. Must not be NULL.
[in]data_szData size. Must not be zero.
Returns
VS_CODE_OK in case of success or error code.

◆ vs_secbox_save()

vs_status_e vs_secbox_save ( vs_secbox_type_t  type,
vs_storage_element_id_t  id,
const uint8_t *  data,
size_t  data_sz 
)

Save Security Box element.

Saves data with specified crypto mode.

Parameters
[in]typeSecurity operation type.
[in]idElement ID
[in]dataData buffer. Must not be NULL.
[in]data_szData size. Must not be zero.
Returns
VS_CODE_OK in case of success or error code.
vs_secmodule_impl_t
Security Module implementation.
Definition: secmodule.h:458
STATUS_CHECK
#define STATUS_CHECK(OPERATION, MESSAGE,...)
Status code check and perform goto terminate if non-successful.
Definition: status_code.h:145
vs_secbox_init
vs_status_e vs_secbox_init(vs_storage_op_ctx_t *ctx, vs_secmodule_impl_t *secmodule)
Initialize Security Box.
vs_storage_element_id_t
uint8_t vs_storage_element_id_t[VS_STORAGE_ELEMENT_ID_MAX]
Definition: storage_hal.h:72
vs_secbox_load
vs_status_e vs_secbox_load(vs_storage_element_id_t id, uint8_t *data, size_t data_sz)
Load Security Box element.
vs_secbox_file_size
ssize_t vs_secbox_file_size(vs_storage_element_id_t id)
Security Box element size.
VS_SECBOX_SIGNED_AND_ENCRYPTED
@ VS_SECBOX_SIGNED_AND_ENCRYPTED
Signed and encrypted data.
Definition: secbox.h:95
vs_secbox_type_t
vs_secbox_type_t
Security box operation type.
Definition: secbox.h:93
vs_secbox_save
vs_status_e vs_secbox_save(vs_secbox_type_t type, vs_storage_element_id_t id, const uint8_t *data, size_t data_sz)
Save Security Box element.
vs_soft_secmodule_impl
vs_secmodule_impl_t * vs_soft_secmodule_impl(vs_storage_op_ctx_t *slots_storage_impl)
Initialize software crypto implementation.
vs_secbox_del
vs_status_e vs_secbox_del(vs_storage_element_id_t id)
Delete Security Box element.
vs_storage_op_ctx_t
Storage element context.
Definition: storage_hal.h:221
Generated by   doxygen 1.8.17