xref: /onnv-gate/usr/src/lib/libkmsagent/common/KMSAgentAESKeyWrap.h (revision 12720:3db6e0082404) 
1  /*
2   * CDDL HEADER START
3   *
4   * The contents of this file are subject to the terms of the
5   * Common Development and Distribution License (the "License").
6   * You may not use this file except in compliance with the License.
7   *
8   * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9   * or http://www.opensolaris.org/os/licensing.
10   * See the License for the specific language governing permissions
11   * and limitations under the License.
12   *
13   * When distributing Covered Code, include this CDDL HEADER in each
14   * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15   * If applicable, add the following below this CDDL HEADER, with the
16   * fields enclosed by brackets "[]" replaced with your own identifying
17   * information: Portions Copyright [yyyy] [name of copyright owner]
18   *
19   * CDDL HEADER END
20   */
21  
22  /*
23   * Copyright (c) 2010, Oracle and/or its affiliates. All rights reserved.
24   */
25  
26  /*
27   * \file KMSAgentAESKeyWrap.h
28   */
29  
30  #ifndef KMSAgentAESKeyWrap_H
31  #define KMSAgentAESKeyWrap_H
32  
33  #ifdef WIN32
34  #include <string.h>
35  typedef unsigned char		uint8_t;
36  typedef unsigned short		uint16_t;
37  typedef unsigned int		uint32_t;
38  typedef unsigned long long	uint64_t;
39  #endif
40  
41  #ifdef __cplusplus
42  extern "C" {
43  #endif
44  
45      /**
46       * AES Key Wrap (see RFC 3394). No logging is performed since this
47       *  functions must execute in a Known Answer Test prior to
48       *  #KMSAgent_InitializeLibrary.
49       *  @param  kek  The AES symmetric key-encryption key
50       *  @param  kek_len The size, in bytes, of the KEK
51       *  @param  pt  The plain text key to be AES key wrapped
52       *  @param  len The "n" parameter from RFC3394, i.e. the number of 64-bit key data
53       *          blocks.  For example, with 256 bit plain text keys n=4.
54       *  @param  ct  The resulting AES wrapped key.  The size of ct needs to allow
55       *          for the 64-bit integrity check  value, i.e. sizeof(pt+8)
56       */
57      void aes_key_wrap (const uint8_t *kek,
58                         size_t kek_len,
59                         const uint8_t *pt,
60                         size_t len,
61                         uint8_t *ct);
62  
63      /**
64       * AES Key Unwrap (see RFC 3394). No logging is performed since this
65       *  functions must execute in a Known Answer Test prior to
66       *  #KMSAgent_InitializeLibrary.
67       *  @param  kek  The AES symmetric key-encryption key
68       *  @param  kek_len The size, in bytes, of the KEK
69       *  @param  ct  The AES wrapped key.
70       *  @param  pt  The resulting, unwrapped, plain text key.
71       *  @param  len The "n" parameter from RFC3394, i.e. the number of 64-bit key data
72       *          blocks.  For example, with 256 bit plain text keys n=4.
73       *  @return 0 on success, non-zero otherwise
74       */
75      int aes_key_unwrap (const uint8_t *kek,
76                          size_t kek_len,
77                          const uint8_t *ct,
78                          uint8_t *pt,
79                          size_t len);
80  
81  #ifdef __cplusplus
82  }
83  #endif
84  
85  #endif /* KMSAgentAESKeyWrap_H */
86