1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
|
/*
* Implementation of RFC 5649 variant of AES Key Wrap, using Cryptlib
* to supply the AES ECB encryption and decryption functions.
*/
#ifndef _AES_KEYWRAP_
#define _AES_KEYWRAP_
/*
* Input and output buffers can overlap (we use memmove()), but be
* warned that failures can occur after we've started writing to the
* output buffer, so if the input and output buffers do overlap, the
* input may have been overwritten by the time the failure occurs.
*/
typedef enum {
AES_KEY_WRAP_OK, /* Success */
AES_KEY_WRAP_BAD_ARGUMENTS, /* Null pointers or similar */
AES_KEY_WRAP_ENCRYPTION_FAILED, /* cryptEncrypt() failed */
AES_KEY_WRAP_DECRYPTION_FAILED, /* cryptDecrypt() failed */
AES_KEY_WRAP_BAD_MAGIC, /* MSB(32,A) != 0xA65959A6 */
AES_KEY_WRAP_BAD_LENGTH, /* LSB(32,A) out of range */
AES_KEY_WRAP_BAD_PADDING /* Nonzero padding detected */
} aes_key_wrap_status_t;
extern aes_key_wrap_status_t aes_key_wrap(const CRYPT_CONTEXT kek,
const unsigned char * const plaintext,
const size_t plaintext_length,
unsigned char *cyphertext,
size_t *ciphertext_length);
extern aes_key_wrap_status_t aes_key_unwrap(const CRYPT_CONTEXT kek,
const unsigned char * const ciphertext,
const size_t ciphertext_length,
unsigned char *plaintext,
size_t *plaintext_length);
extern const char *
aes_key_wrap_error_string(const aes_key_wrap_status_t code);
/*
* AES_KEY_WRAP_CIPHERTEXT_SIZE() tells you how big the ciphertext
* will be for a given plaintext size.
*/
#define AES_KEY_WRAP_CIPHERTEXT_SIZE(_plaintext_length_) \
((size_t) (((_plaintext_length_) + 15) & ~7))
#endif
/*
* Local variables:
* indent-tabs-mode: nil
* End:
*/
|