diff options
Diffstat (limited to 'src/lib')
-rw-r--r-- | src/lib/ffi/ffi.cpp | 46 | ||||
-rw-r--r-- | src/lib/ffi/ffi.h | 11 |
2 files changed, 57 insertions, 0 deletions
diff --git a/src/lib/ffi/ffi.cpp b/src/lib/ffi/ffi.cpp index 0a591ca44..f13ab7b83 100644 --- a/src/lib/ffi/ffi.cpp +++ b/src/lib/ffi/ffi.cpp @@ -90,6 +90,10 @@ #include <botan/tls_server.h> #endif +#if defined(BOTAN_HAS_RFC3394_KEYWRAP) + #include <botan/rfc3394.h> +#endif + namespace { #define BOTAN_ASSERT_ARG_NON_NULL(p) \ @@ -2311,6 +2315,48 @@ int botan_mceies_encrypt(botan_pubkey_t mce_key_obj, }); } +int botan_key_wrap3394( uint8_t key[], size_t key_len, + uint8_t kek[], size_t kek_len, + uint8_t wrapped_key[], size_t *wrapped_key_len) +{ +#if defined(BOTAN_HAS_RFC3394_KEYWRAP) + try + { + const Botan::SymmetricKey kek_sym(kek, kek_len); + const Botan::secure_vector<uint8_t> key_pt(key, key + key_len); + const Botan::secure_vector<uint8_t> key_ct = Botan::rfc3394_keywrap(key_pt, kek_sym); + return write_vec_output(wrapped_key, wrapped_key_len, key_ct); + } + catch(std::exception &e) + { + return ffi_error_exception_thrown(e.what()); + } +#else + return BOTAN_FFI_ERROR_NOT_IMPLEMENTED; +#endif +} + +int botan_key_unwrap3394( uint8_t wrapped_key[], size_t wrapped_key_len, + uint8_t kek[], size_t kek_len, + uint8_t key[], size_t *key_len) +{ +#if defined(BOTAN_HAS_RFC3394_KEYWRAP) + try + { + const Botan::SymmetricKey kek_sym(kek, kek_len); + const Botan::secure_vector<uint8_t> key_ct(wrapped_key, wrapped_key + wrapped_key_len); + const Botan::secure_vector<uint8_t> key_pt = Botan::rfc3394_keyunwrap(key_ct, kek_sym); + return write_vec_output(key, key_len, key_pt); + } + catch(std::exception &e) + { + return ffi_error_exception_thrown(e.what()); + } +#else + return BOTAN_FFI_ERROR_NOT_IMPLEMENTED; +#endif +} + /* int botan_tls_channel_init_client(botan_tls_channel_t* channel, botan_tls_channel_output_fn output_fn, diff --git a/src/lib/ffi/ffi.h b/src/lib/ffi/ffi.h index 4c774984c..e56ad5629 100644 --- a/src/lib/ffi/ffi.h +++ b/src/lib/ffi/ffi.h @@ -1057,6 +1057,17 @@ enum botan_x509_cert_key_constraints { BOTAN_DLL int botan_x509_cert_allowed_usage(botan_x509_cert_t cert, unsigned int key_usage); +/** + * Key wrapping as per RFC 3394 + */ +BOTAN_DLL int botan_key_wrap3394(uint8_t key[], size_t key_len, + uint8_t kek[], size_t kek_len, + uint8_t wrapped_key[], size_t *wrapped_key_len); + +BOTAN_DLL int botan_key_unwrap3394( uint8_t wrapped_key[], size_t wrapped_key_len, + uint8_t kek[], size_t kek_len, + uint8_t key[], size_t *key_len); + /* * TLS (WIP) */ |