Hardware-accelerated cryptography. Platforms should only implement this when there are hardware-accelerated cryptography facilities. Applications must fall back to platform-independent CPU-based algorithms if the cipher algorithm isn't supported in hardware.
You should implement cipher algorithms in this descending order of priority to maximize usage for SSL.
The method of chaining encrypted blocks in a sequence. https://en.wikipedia.org/wiki/Block_cipher_mode_of_operation
Values
kSbCryptographyBlockCipherModeCbc
- Cipher Block Chaining mode.kSbCryptographyBlockCipherModeCfb
- Cipher Feedback mode.kSbCryptographyBlockCipherModeCtr
- Counter mode: A nonce is combined with an increasing counter.kSbCryptographyBlockCipherModeEcb
- Electronic Code Book mode: No chaining.kSbCryptographyBlockCipherModeOfb
- Output Feedback mode.kSbCryptographyBlockCipherModeGcm
- Galois/Counter Mode.The direction of a cryptographic transformation.
Values
kSbCryptographyDirectionEncode
- Cryptographic transformations that encode/encrypt data into atarget format.kSbCryptographyDirectionDecode
- Cryptographic transformations that decode/decrypt data intoits original form.Description
Creates an SbCryptographyTransformer with the given initialization data. It can then be used to transform a series of data blocks. Returns kSbCryptographyInvalidTransformer if the algorithm isn't supported, or if the parameters are not compatible with the algorithm.
An SbCryptographyTransformer contains all state to start decrypting a sequence of cipher blocks according to the cipher block mode. It is not thread-safe, but implementations must allow different SbCryptographyTransformer instances to operate on different threads.
All parameters must not be assumed to live longer than the call to this function. They must be copied by the implementation to be retained.
This function determines success mainly based on whether the combination of algorithm
, direction
, block_size_bits
, and mode
is supported and whether all the sizes passed in are sufficient for the selected parameters. In particular, this function cannot verify that the key and IV used were correct for the ciphertext, were it to be used in the decode direction. The caller must make that verification.
For example, to decrypt AES-128-CTR: SbCryptographyCreateTransformer(kSbCryptographyAlgorithmAes, 128, kSbCryptographyDirectionDecode, kSbCryptographyBlockCipherModeCtr, ...);
Declaration and definitions
#include "starboard/configuration.h" #include "starboard/cryptography.h" SbCryptographyTransformer SbCryptographyCreateTransformer( const char* algorithm, int block_size_bits, SbCryptographyDirection direction, SbCryptographyBlockCipherMode mode, const void* initialization_vector, int initialization_vector_size, const void* key, int key_size) { SB_UNREFERENCED_PARAMETER(algorithm); SB_UNREFERENCED_PARAMETER(block_size_bits); SB_UNREFERENCED_PARAMETER(direction); SB_UNREFERENCED_PARAMETER(mode); SB_UNREFERENCED_PARAMETER(initialization_vector); SB_UNREFERENCED_PARAMETER(initialization_vector_size); SB_UNREFERENCED_PARAMETER(key); SB_UNREFERENCED_PARAMETER(key_size); return kSbCryptographyInvalidTransformer; }
Parameters
Description
Destroys the given transformer
instance.
Declaration and definitions
#include "starboard/configuration.h" #include "starboard/cryptography.h" void SbCryptographyDestroyTransformer(SbCryptographyTransformer transformer) { SB_UNREFERENCED_PARAMETER(transformer); }
Parameters
Description
Calculates the authenticator tag for a transformer and places up to out_tag_size
bytes of it in out_tag
. Returns whether it was able to get the tag, which mainly has to do with whether it is compatible with the current block cipher mode.
Declaration and definitions
#include "starboard/configuration.h" #include "starboard/cryptography.h" bool SbCryptographyGetTag( SbCryptographyTransformer transformer, void* out_tag, int out_tag_size) { SB_UNREFERENCED_PARAMETER(transformer); SB_UNREFERENCED_PARAMETER(out_tag); SB_UNREFERENCED_PARAMETER(out_tag_size); return false; }
Parameters
Description
Returns whether the given transformer handle is valid.
Declaration
static SB_C_INLINE bool SbCryptographyIsTransformerValid( SbCryptographyTransformer transformer) { return transformer != kSbCryptographyInvalidTransformer; }
Parameters
Description
Sets additional authenticated data (AAD) for a transformer, for chaining modes that support it (GCM). Returns whether the data was successfully set. This can fail if the chaining mode doesn't support AAD, if the parameters are invalid, or if the internal state is invalid for setting AAD.
Declaration and definitions
#include "starboard/configuration.h" #include "starboard/cryptography.h" bool SbCryptographySetAuthenticatedData( SbCryptographyTransformer transformer, const void* data, int data_size) { SB_UNREFERENCED_PARAMETER(transformer); SB_UNREFERENCED_PARAMETER(data); SB_UNREFERENCED_PARAMETER(data_size); return false; }
Parameters
Description
Sets the initialization vector (IV) for a transformer, replacing the internally-set IV. The block cipher mode algorithm will update the IV appropriately after every block, so this is not necessary unless the stream is discontiguous in some way. This happens with AES-GCM in TLS.
Declaration and definitions
#include "starboard/configuration.h" #include "starboard/cryptography.h" void SbCryptographySetInitializationVector( SbCryptographyTransformer transformer, const void* initialization_vector, int initialization_vector_size) { SB_UNREFERENCED_PARAMETER(transformer); SB_UNREFERENCED_PARAMETER(initialization_vector); SB_UNREFERENCED_PARAMETER(initialization_vector_size); }
Parameters
Description
Transforms one or more block_size_bits
-sized blocks of in_data
, with the given transformer
, placing the result in out_data
. Returns the number of bytes that were written to out_data
, unless there was an error, in which case it will return a negative number.
Declaration and definitions
#include "starboard/configuration.h" #include "starboard/cryptography.h" int SbCryptographyTransform(SbCryptographyTransformer transformer, const void* in_data, int in_data_size, void* out_data) { SB_UNREFERENCED_PARAMETER(transformer); SB_UNREFERENCED_PARAMETER(in_data); SB_UNREFERENCED_PARAMETER(in_data_size); SB_UNREFERENCED_PARAMETER(out_data); return 0; }
Parameters