1238384Sjkim/********************************************************************** 2238384Sjkim * gost_keywrap.h * 3238384Sjkim * Copyright (c) 2005-2006 Cryptocom LTD * 4238384Sjkim * This file is distributed under the same license as OpenSSL * 5238384Sjkim * * 6238384Sjkim * Implementation of CryptoPro key wrap algorithm, as defined in * 7238384Sjkim * RFC 4357 p 6.3 and 6.4 * 8238384Sjkim * Doesn't need OpenSSL * 9238384Sjkim **********************************************************************/ 10238384Sjkim#ifndef GOST_KEYWRAP_H 11280304Sjkim# define GOST_KEYWRAP_H 12280304Sjkim# include <string.h> 13280304Sjkim# include "gost89.h" 14280304Sjkim/*- 15280304Sjkim * Diversifies key using random UserKey Material 16280304Sjkim * Implements RFC 4357 p 6.5 key diversification algorithm 17280304Sjkim * 18238384Sjkim * inputKey - 32byte key to be diversified 19238384Sjkim * ukm - 8byte user key material 20280304Sjkim * outputKey - 32byte buffer to store diversified key 21238384Sjkim * 22238384Sjkim */ 23280304Sjkimvoid keyDiversifyCryptoPro(gost_ctx * ctx, 24280304Sjkim const unsigned char *inputKey, 25280304Sjkim const unsigned char *ukm, 26280304Sjkim unsigned char *outputKey); 27280304Sjkim/*- 28238384Sjkim * Wraps key using RFC 4357 6.3 29280304Sjkim * ctx - gost encryption context, initialized with some S-boxes 30238384Sjkim * keyExchangeKey (KEK) 32-byte (256-bit) shared key 31280304Sjkim * ukm - 8 byte (64 bit) user key material, 32238384Sjkim * sessionKey - 32-byte (256-bit) key to be wrapped 33238384Sjkim * wrappedKey - 44-byte buffer to store wrapped key 34280304Sjkim */ 35238384Sjkim 36280304Sjkimint keyWrapCryptoPro(gost_ctx * ctx, 37280304Sjkim const unsigned char *keyExchangeKey, 38280304Sjkim const unsigned char *ukm, 39280304Sjkim const unsigned char *sessionKey, 40280304Sjkim unsigned char *wrappedKey); 41280304Sjkim/*- 42238384Sjkim * Unwraps key using RFC 4357 6.4 43280304Sjkim * ctx - gost encryption context, initialized with some S-boxes 44238384Sjkim * keyExchangeKey 32-byte shared key 45238384Sjkim * wrappedKey 44 byte key to be unwrapped (concatenation of 8-byte UKM, 46280304Sjkim * 32 byte encrypted key and 4 byte MAC 47280304Sjkim * 48238384Sjkim * sessionKEy - 32byte buffer to store sessionKey in 49238384Sjkim * Returns 1 if key is decrypted successfully, and 0 if MAC doesn't match 50280304Sjkim */ 51238384Sjkim 52280304Sjkimint keyUnwrapCryptoPro(gost_ctx * ctx, 53280304Sjkim const unsigned char *keyExchangeKey, 54280304Sjkim const unsigned char *wrappedKey, 55280304Sjkim unsigned char *sessionKey); 56238384Sjkim#endif 57