Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
godotengine
GitHub Repository: godotengine/godot
 Path: blob/master/thirdparty/mbedtls/include/mbedtls/nist_kw.h
9904 views
1
/**

2
 * \file nist_kw.h

3
 *

4
 * \brief This file provides an API for key wrapping (KW) and key wrapping with

5
 *        padding (KWP) as defined in NIST SP 800-38F.

6
 *        https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-38F.pdf

7
 *

8
 *        Key wrapping specifies a deterministic authenticated-encryption mode

9
 *        of operation, according to <em>NIST SP 800-38F: Recommendation for

10
 *        Block Cipher Modes of Operation: Methods for Key Wrapping</em>. Its

11
 *        purpose is to protect cryptographic keys.

12
 *

13
 *        Its equivalent is RFC 3394 for KW, and RFC 5649 for KWP.

14
 *        https://tools.ietf.org/html/rfc3394

15
 *        https://tools.ietf.org/html/rfc5649

16
 *

17
 */

18
/*

19
 *  Copyright The Mbed TLS Contributors

20
 *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later

21
 */

22


23
#ifndef MBEDTLS_NIST_KW_H

24
#define MBEDTLS_NIST_KW_H

25
#include "mbedtls/private_access.h"

26


27
#include "mbedtls/build_info.h"

28


29
#include "mbedtls/cipher.h"

30


31
#ifdef __cplusplus

32
extern "C" {

33
#endif

34


35
typedef enum {

36
    MBEDTLS_KW_MODE_KW = 0,

37
    MBEDTLS_KW_MODE_KWP = 1

38
} mbedtls_nist_kw_mode_t;

39


40
#if !defined(MBEDTLS_NIST_KW_ALT)

41
// Regular implementation

42
//

43


44
/**

45
 * \brief    The key wrapping context-type definition. The key wrapping context is passed

46
 *           to the APIs called.

47
 *

48
 * \note     The definition of this type may change in future library versions.

49
 *           Don't make any assumptions on this context!

50
 */

51
typedef struct {

52
    mbedtls_cipher_context_t MBEDTLS_PRIVATE(cipher_ctx);    /*!< The cipher context used. */

53
} mbedtls_nist_kw_context;

54


55
#else  /* MBEDTLS_NIST_key wrapping_ALT */

56
#include "nist_kw_alt.h"

57
#endif /* MBEDTLS_NIST_KW_ALT */

58


59
/**

60
 * \brief           This function initializes the specified key wrapping context

61
 *                  to make references valid and prepare the context

62
 *                  for mbedtls_nist_kw_setkey() or mbedtls_nist_kw_free().

63
 *

64
 * \param ctx       The key wrapping context to initialize.

65
 *

66
 */

67
void mbedtls_nist_kw_init(mbedtls_nist_kw_context *ctx);

68


69
/**

70
 * \brief           This function initializes the key wrapping context set in the

71
 *                  \p ctx parameter and sets the encryption key.

72
 *

73
 * \param ctx       The key wrapping context.

74
 * \param cipher    The 128-bit block cipher to use. Only AES is supported.

75
 * \param key       The Key Encryption Key (KEK).

76
 * \param keybits   The KEK size in bits. This must be acceptable by the cipher.

77
 * \param is_wrap   Specify whether the operation within the context is wrapping or unwrapping

78
 *

79
 * \return          \c 0 on success.

80
 * \return          \c MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA for any invalid input.

81
 * \return          \c MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE for 128-bit block ciphers

82
 *                  which are not supported.

83
 * \return          cipher-specific error code on failure of the underlying cipher.

84
 */

85
int mbedtls_nist_kw_setkey(mbedtls_nist_kw_context *ctx,

86
                           mbedtls_cipher_id_t cipher,

87
                           const unsigned char *key,

88
                           unsigned int keybits,

89
                           const int is_wrap);

90


91
/**

92
 * \brief   This function releases and clears the specified key wrapping context

93
 *          and underlying cipher sub-context.

94
 *

95
 * \param ctx       The key wrapping context to clear.

96
 */

97
void mbedtls_nist_kw_free(mbedtls_nist_kw_context *ctx);

98


99
/**

100
 * \brief           This function encrypts a buffer using key wrapping.

101
 *

102
 * \param ctx       The key wrapping context to use for encryption.

103
 * \param mode      The key wrapping mode to use (MBEDTLS_KW_MODE_KW or MBEDTLS_KW_MODE_KWP)

104
 * \param input     The buffer holding the input data.

105
 * \param in_len    The length of the input data in Bytes.

106
 *                  The input uses units of 8 Bytes called semiblocks.

107
 *                  <ul><li>For KW mode: a multiple of 8 bytes between 16 and 2^57-8 inclusive. </li>

108
 *                  <li>For KWP mode: any length between 1 and 2^32-1 inclusive.</li></ul>

109
 * \param[out] output    The buffer holding the output data.

110
 *                  <ul><li>For KW mode: Must be at least 8 bytes larger than \p in_len.</li>

111
 *                  <li>For KWP mode: Must be at least 8 bytes larger rounded up to a multiple of

112
 *                  8 bytes for KWP (15 bytes at most).</li></ul>

113
 * \param[out] out_len The number of bytes written to the output buffer. \c 0 on failure.

114
 * \param[in] out_size The capacity of the output buffer.

115
 *

116
 * \return          \c 0 on success.

117
 * \return          \c MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA for invalid input length.

118
 * \return          cipher-specific error code on failure of the underlying cipher.

119
 */

120
int mbedtls_nist_kw_wrap(mbedtls_nist_kw_context *ctx, mbedtls_nist_kw_mode_t mode,

121
                         const unsigned char *input, size_t in_len,

122
                         unsigned char *output, size_t *out_len, size_t out_size);

123


124
/**

125
 * \brief           This function decrypts a buffer using key wrapping.

126
 *

127
 * \param ctx       The key wrapping context to use for decryption.

128
 * \param mode      The key wrapping mode to use (MBEDTLS_KW_MODE_KW or MBEDTLS_KW_MODE_KWP)

129
 * \param input     The buffer holding the input data.

130
 * \param in_len    The length of the input data in Bytes.

131
 *                  The input uses units of 8 Bytes called semiblocks.

132
 *                  The input must be a multiple of semiblocks.

133
 *                  <ul><li>For KW mode: a multiple of 8 bytes between 24 and 2^57 inclusive. </li>

134
 *                  <li>For KWP mode: a multiple of 8 bytes between 16 and 2^32 inclusive.</li></ul>

135
 * \param[out] output    The buffer holding the output data.

136
 *                  The output buffer's minimal length is 8 bytes shorter than \p in_len.

137
 * \param[out] out_len The number of bytes written to the output buffer. \c 0 on failure.

138
 *                  For KWP mode, the length could be up to 15 bytes shorter than \p in_len,

139
 *                  depending on how much padding was added to the data.

140
 * \param[in] out_size The capacity of the output buffer.

141
 *

142
 * \return          \c 0 on success.

143
 * \return          \c MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA for invalid input length.

144
 * \return          \c MBEDTLS_ERR_CIPHER_AUTH_FAILED for verification failure of the ciphertext.

145
 * \return          cipher-specific error code on failure of the underlying cipher.

146
 */

147
int mbedtls_nist_kw_unwrap(mbedtls_nist_kw_context *ctx, mbedtls_nist_kw_mode_t mode,

148
                           const unsigned char *input, size_t in_len,

149
                           unsigned char *output, size_t *out_len, size_t out_size);

150


151


152
#if defined(MBEDTLS_SELF_TEST) && defined(MBEDTLS_AES_C)

153
/**

154
 * \brief          The key wrapping checkup routine.

155
 *

156
 * \return         \c 0 on success.

157
 * \return         \c 1 on failure.

158
 */

159
int mbedtls_nist_kw_self_test(int verbose);

160
#endif /* MBEDTLS_SELF_TEST && MBEDTLS_AES_C */

161


162
#ifdef __cplusplus

163
}

164
#endif

165


166
#endif /* MBEDTLS_NIST_KW_H */

167


168