aboutsummaryrefslogtreecommitdiff
path: root/openssl/engines/ccgost/gost_keywrap.h
blob: 37c2a0f73dabc7b97f54687438b6adf0a9ed5612 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
/**********************************************************************
 *                         gost_keywrap.h                             *
 *             Copyright (c) 2005-2006 Cryptocom LTD                  *
 *       This file is distributed under the same license as OpenSSL   *
 *                                                                    *
 * Implementation of CryptoPro key wrap algorithm, as defined in      *
 * RFC 4357 p 6.3 and 6.4                                             *
 * Doesn't need OpenSSL                                               *
 **********************************************************************/
#ifndef GOST_KEYWRAP_H
#define GOST_KEYWRAP_H
#include <string.h>
#include "gost89.h"
/* Diversifies key using random UserKey Material
 * Implements RFC 4357 p 6.5 key diversification algorithm 
 * 
 * inputKey - 32byte key to be diversified
 * ukm - 8byte user key material
 * outputKey - 32byte buffer to store diversified key 
 *
 */
void keyDiversifyCryptoPro(gost_ctx *ctx,
	const unsigned char *inputKey, 
	const unsigned char *ukm, 
	unsigned char *outputKey);
/*
 * Wraps key using RFC 4357 6.3
 * ctx - gost encryption context, initialized with some S-boxes 
 * keyExchangeKey (KEK) 32-byte (256-bit) shared key
 * ukm - 8 byte (64 bit) user key material, 
 * sessionKey - 32-byte (256-bit) key to be wrapped
 * wrappedKey - 44-byte buffer to store wrapped key
 */ 

int keyWrapCryptoPro(gost_ctx *ctx,
	const unsigned char *keyExchangeKey, 
	const unsigned char *ukm,
	const	unsigned char *sessionKey, 
	unsigned char *wrappedKey) ;
/*
 * Unwraps key using RFC 4357 6.4
 * ctx - gost encryption context, initialized with some S-boxes 
 * keyExchangeKey 32-byte shared key
 * wrappedKey  44 byte key to be unwrapped (concatenation of 8-byte UKM,
 * 32 byte  encrypted key and 4 byte MAC  
 * 
 * sessionKEy - 32byte buffer to store sessionKey in
 * Returns 1 if key is decrypted successfully, and 0 if MAC doesn't match
 */ 


int keyUnwrapCryptoPro(gost_ctx *ctx,
	const unsigned char *keyExchangeKey,
	const unsigned char *wrappedKey, 
	unsigned char *sessionKey) ;
#endif