// secure_channel.h #ifndef SECURE_CHANNEL_H #define SECURE_CHANNEL_H #include #include // Размеры ключей #define SC_PRIVKEY_SIZE 32 #define SC_PUBKEY_SIZE 64 #define SC_HASH_SIZE 32 #define SC_NONCE_SIZE 13 // CCM requires exactly 13 bytes #define SC_SHARED_SECRET_SIZE SC_HASH_SIZE #define SC_SESSION_KEY_SIZE 16 #define SC_TAG_SIZE 8 #define SC_CRC32_SIZE 4 // Коды возврата #define SC_OK 0 #define SC_ERR_INVALID_ARG -1 #define SC_ERR_CRYPTO -2 #define SC_ERR_NOT_INITIALIZED -3 #define SC_ERR_AUTH_FAILED -4 #define SC_ERR_CRC_FAILED -5 #define SC_PEER_PUBKEY_BIN 0 #define SC_PEER_PUBKEY_HEX 1 // Типы typedef int sc_status_t; typedef struct secure_channel sc_context_t; struct SC_MYKEYS { /* Локальные ключи */ uint8_t private_key[SC_PRIVKEY_SIZE]; uint8_t public_key[SC_PUBKEY_SIZE]; }; // Контекст защищенного канала struct secure_channel { struct SC_MYKEYS* pk; /* Ключи пира (после key exchange) */ uint8_t peer_public_key[SC_PUBKEY_SIZE]; uint8_t session_key[SC_SESSION_KEY_SIZE]; /* Derived session key */ /* Nonces для отправки и приема */ uint8_t send_nonce[SC_NONCE_SIZE]; uint8_t recv_nonce[SC_NONCE_SIZE]; uint8_t initialized; uint8_t peer_key_set; uint8_t session_ready; uint64_t tx_counter; uint64_t rx_counter; }; // Функции инициализации sc_status_t sc_init_ctx(sc_context_t *ctx, struct SC_MYKEYS *mykeys); sc_status_t sc_generate_keypair(struct SC_MYKEYS *keys); sc_status_t sc_init_local_keys(struct SC_MYKEYS *mykeys, const char *public_key, const char *private_key); sc_status_t sc_set_peer_public_key(sc_context_t *ctx, const char *peer_public_key, int mode);// mode: 0-bin 1-hex key format sc_status_t sc_compute_public_key_from_private(const uint8_t *private_key, uint8_t *public_key); // Криптографические операции sc_status_t sc_encrypt(sc_context_t *ctx, const uint8_t *plaintext, size_t plaintext_len, uint8_t *ciphertext, size_t *ciphertext_len); sc_status_t sc_decrypt(sc_context_t *ctx, const uint8_t *ciphertext, size_t ciphertext_len, uint8_t *plaintext, size_t *plaintext_len); #endif // SECURE_CHANNEL_H