1238384Sjkim/**********************************************************************
2238384Sjkim *                         gost_keywrap.h                             *
3238384Sjkim *             Copyright (c) 2005-2006 Cryptocom LTD                  *
4238384Sjkim *       This file is distributed under the same license as OpenSSL   *
5238384Sjkim *                                                                    *
6238384Sjkim * Implementation of CryptoPro key wrap algorithm, as defined in      *
7238384Sjkim * RFC 4357 p 6.3 and 6.4                                             *
8238384Sjkim * Doesn't need OpenSSL                                               *
9238384Sjkim **********************************************************************/
10238384Sjkim#ifndef GOST_KEYWRAP_H
11280304Sjkim# define GOST_KEYWRAP_H
12280304Sjkim# include <string.h>
13280304Sjkim# include "gost89.h"
14280304Sjkim/*-
15280304Sjkim * Diversifies key using random UserKey Material
16280304Sjkim * Implements RFC 4357 p 6.5 key diversification algorithm
17280304Sjkim *
18238384Sjkim * inputKey - 32byte key to be diversified
19238384Sjkim * ukm - 8byte user key material
20280304Sjkim * outputKey - 32byte buffer to store diversified key
21238384Sjkim *
22238384Sjkim */
23280304Sjkimvoid keyDiversifyCryptoPro(gost_ctx * ctx,
24280304Sjkim                           const unsigned char *inputKey,
25280304Sjkim                           const unsigned char *ukm,
26280304Sjkim                           unsigned char *outputKey);
27280304Sjkim/*-
28238384Sjkim * Wraps key using RFC 4357 6.3
29280304Sjkim * ctx - gost encryption context, initialized with some S-boxes
30238384Sjkim * keyExchangeKey (KEK) 32-byte (256-bit) shared key
31280304Sjkim * ukm - 8 byte (64 bit) user key material,
32238384Sjkim * sessionKey - 32-byte (256-bit) key to be wrapped
33238384Sjkim * wrappedKey - 44-byte buffer to store wrapped key
34280304Sjkim */
35238384Sjkim
36280304Sjkimint keyWrapCryptoPro(gost_ctx * ctx,
37280304Sjkim                     const unsigned char *keyExchangeKey,
38280304Sjkim                     const unsigned char *ukm,
39280304Sjkim                     const unsigned char *sessionKey,
40280304Sjkim                     unsigned char *wrappedKey);
41280304Sjkim/*-
42238384Sjkim * Unwraps key using RFC 4357 6.4
43280304Sjkim * ctx - gost encryption context, initialized with some S-boxes
44238384Sjkim * keyExchangeKey 32-byte shared key
45238384Sjkim * wrappedKey  44 byte key to be unwrapped (concatenation of 8-byte UKM,
46280304Sjkim * 32 byte  encrypted key and 4 byte MAC
47280304Sjkim *
48238384Sjkim * sessionKEy - 32byte buffer to store sessionKey in
49238384Sjkim * Returns 1 if key is decrypted successfully, and 0 if MAC doesn't match
50280304Sjkim */
51238384Sjkim
52280304Sjkimint keyUnwrapCryptoPro(gost_ctx * ctx,
53280304Sjkim                       const unsigned char *keyExchangeKey,
54280304Sjkim                       const unsigned char *wrappedKey,
55280304Sjkim                       unsigned char *sessionKey);
56238384Sjkim#endif
57