1 /**********************************************************************
3 * Copyright (c) 2005-2006 Cryptocom LTD *
4 * This file is distributed under the same license as OpenSSL *
6 * Implementation of CryptoPro key wrap algorithm, as defined in *
7 * RFC 4357 p 6.3 and 6.4 *
8 * Doesn't need OpenSSL *
9 **********************************************************************/
10 #ifndef GOST_KEYWRAP_H
11 #define GOST_KEYWRAP_H
14 /* Diversifies key using random UserKey Material
15 * Implements RFC 4357 p 6.5 key diversification algorithm
17 * inputKey - 32byte key to be diversified
18 * ukm - 8byte user key material
19 * outputKey - 32byte buffer to store diversified key
22 void keyDiversifyCryptoPro(gost_ctx *ctx,
23 const unsigned char *inputKey,
24 const unsigned char *ukm,
25 unsigned char *outputKey);
27 * Wraps key using RFC 4357 6.3
28 * ctx - gost encryption context, initialized with some S-boxes
29 * keyExchangeKey (KEK) 32-byte (256-bit) shared key
30 * ukm - 8 byte (64 bit) user key material,
31 * sessionKey - 32-byte (256-bit) key to be wrapped
32 * wrappedKey - 44-byte buffer to store wrapped key
35 int keyWrapCryptoPro(gost_ctx *ctx,
36 const unsigned char *keyExchangeKey,
37 const unsigned char *ukm,
38 const unsigned char *sessionKey,
39 unsigned char *wrappedKey) ;
41 * Unwraps key using RFC 4357 6.4
42 * ctx - gost encryption context, initialized with some S-boxes
43 * keyExchangeKey 32-byte shared key
44 * wrappedKey 44 byte key to be unwrapped (concatenation of 8-byte UKM,
45 * 32 byte encrypted key and 4 byte MAC
47 * sessionKEy - 32byte buffer to store sessionKey in
48 * Returns 1 if key is decrypted successfully, and 0 if MAC doesn't match
52 int keyUnwrapCryptoPro(gost_ctx *ctx,
53 const unsigned char *keyExchangeKey,
54 const unsigned char *wrappedKey,
55 unsigned char *sessionKey) ;
projects / openssl.git / blob