2
0

gost_keywrap.h 2.1 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556
  1. /**********************************************************************
  2. * gost_keywrap.h *
  3. * Copyright (c) 2005-2006 Cryptocom LTD *
  4. * This file is distributed under the same license as OpenSSL *
  5. * *
  6. * Implementation of CryptoPro key wrap algorithm, as defined in *
  7. * RFC 4357 p 6.3 and 6.4 *
  8. * Doesn't need OpenSSL *
  9. **********************************************************************/
  10. #ifndef GOST_KEYWRAP_H
  11. #define GOST_KEYWRAP_H
  12. #include <string.h>
  13. #include "gost89.h"
  14. /* Diversifies key using random UserKey Material
  15. * Implements RFC 4357 p 6.5 key diversification algorithm
  16. *
  17. * inputKey - 32byte key to be diversified
  18. * ukm - 8byte user key material
  19. * outputKey - 32byte buffer to store diversified key
  20. *
  21. */
  22. void keyDiversifyCryptoPro(gost_ctx *ctx,
  23. const unsigned char *inputKey,
  24. const unsigned char *ukm,
  25. unsigned char *outputKey);
  26. /*
  27. * Wraps key using RFC 4357 6.3
  28. * ctx - gost encryption context, initialized with some S-boxes
  29. * keyExchangeKey (KEK) 32-byte (256-bit) shared key
  30. * ukm - 8 byte (64 bit) user key material,
  31. * sessionKey - 32-byte (256-bit) key to be wrapped
  32. * wrappedKey - 44-byte buffer to store wrapped key
  33. */
  34. int keyWrapCryptoPro(gost_ctx *ctx,
  35. const unsigned char *keyExchangeKey,
  36. const unsigned char *ukm,
  37. const unsigned char *sessionKey,
  38. unsigned char *wrappedKey) ;
  39. /*
  40. * Unwraps key using RFC 4357 6.4
  41. * ctx - gost encryption context, initialized with some S-boxes
  42. * keyExchangeKey 32-byte shared key
  43. * wrappedKey 44 byte key to be unwrapped (concatenation of 8-byte UKM,
  44. * 32 byte encrypted key and 4 byte MAC
  45. *
  46. * sessionKEy - 32byte buffer to store sessionKey in
  47. * Returns 1 if key is decrypted successfully, and 0 if MAC doesn't match
  48. */
  49. int keyUnwrapCryptoPro(gost_ctx *ctx,
  50. const unsigned char *keyExchangeKey,
  51. const unsigned char *wrappedKey,
  52. unsigned char *sessionKey) ;
  53. #endif