xref: /onnv-gate/usr/src/lib/libkmsagent/common/KMSAgentAESKeyWrap.h (revision 12720:3db6e0082404) 
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  */
21 
22 /*
23  * Copyright (c) 2010, Oracle and/or its affiliates. All rights reserved.
24  */
25 
26 /*
27  * \file KMSAgentAESKeyWrap.h
28  */
29 
30 #ifndef KMSAgentAESKeyWrap_H
31 #define KMSAgentAESKeyWrap_H
32 
33 #ifdef WIN32
34 #include <string.h>
35 typedef unsigned char		uint8_t;
36 typedef unsigned short		uint16_t;
37 typedef unsigned int		uint32_t;
38 typedef unsigned long long	uint64_t;
39 #endif
40 
41 #ifdef __cplusplus
42 extern "C" {
43 #endif
44 
45     /**
46      * AES Key Wrap (see RFC 3394). No logging is performed since this
47      *  functions must execute in a Known Answer Test prior to
48      *  #KMSAgent_InitializeLibrary.
49      *  @param  kek  The AES symmetric key-encryption key
50      *  @param  kek_len The size, in bytes, of the KEK
51      *  @param  pt  The plain text key to be AES key wrapped
52      *  @param  len The "n" parameter from RFC3394, i.e. the number of 64-bit key data
53      *          blocks.  For example, with 256 bit plain text keys n=4.
54      *  @param  ct  The resulting AES wrapped key.  The size of ct needs to allow
55      *          for the 64-bit integrity check  value, i.e. sizeof(pt+8)
56      */
57     void aes_key_wrap (const uint8_t *kek,
58                        size_t kek_len,
59                        const uint8_t *pt,
60                        size_t len,
61                        uint8_t *ct);
62 
63     /**
64      * AES Key Unwrap (see RFC 3394). No logging is performed since this
65      *  functions must execute in a Known Answer Test prior to
66      *  #KMSAgent_InitializeLibrary.
67      *  @param  kek  The AES symmetric key-encryption key
68      *  @param  kek_len The size, in bytes, of the KEK
69      *  @param  ct  The AES wrapped key.
70      *  @param  pt  The resulting, unwrapped, plain text key.
71      *  @param  len The "n" parameter from RFC3394, i.e. the number of 64-bit key data
72      *          blocks.  For example, with 256 bit plain text keys n=4.
73      *  @return 0 on success, non-zero otherwise
74      */
75     int aes_key_unwrap (const uint8_t *kek,
76                         size_t kek_len,
77                         const uint8_t *ct,
78                         uint8_t *pt,
79                         size_t len);
80 
81 #ifdef __cplusplus
82 }
83 #endif
84 
85 #endif /* KMSAgentAESKeyWrap_H */
86