Botan 3.5.0
Crypto and TLS for C&
ffi_keywrap.cpp
Go to the documentation of this file.
1/*
2* (C) 2017 Ribose Inc
3* 2023 Jack Lloyd
4*
5* Botan is released under the Simplified BSD License (see license.txt)
6*/
7
8#include <botan/ffi.h>
9
10#include <botan/internal/ffi_util.h>
11
12#if defined(BOTAN_HAS_NIST_KEYWRAP)
13 #include <botan/block_cipher.h>
14 #include <botan/nist_keywrap.h>
15#endif
16
17extern "C" {
18
19using namespace Botan_FFI;
20
21int botan_nist_kw_enc(const char* cipher_algo,
22 int padded,
23 const uint8_t key[],
24 size_t key_len,
25 const uint8_t kek[],
26 size_t kek_len,
27 uint8_t wrapped_key[],
28 size_t* wrapped_key_len) {
29#if defined(BOTAN_HAS_NIST_KEYWRAP)
30 return ffi_guard_thunk(__func__, [=]() -> int {
31 if(padded != 0 && padded != 1) {
33 }
34 auto bc = Botan::BlockCipher::create_or_throw(cipher_algo);
35 bc->set_key(kek, kek_len);
36
37 std::vector<uint8_t> output;
38
39 if(padded == 0) {
40 output = Botan::nist_key_wrap(key, key_len, *bc);
41 } else {
42 output = Botan::nist_key_wrap_padded(key, key_len, *bc);
43 }
44
45 return write_vec_output(wrapped_key, wrapped_key_len, output);
46 });
47#else
48 BOTAN_UNUSED(cipher_algo, padded, key, key_len, kek, kek_len, wrapped_key, wrapped_key_len);
50#endif
51}
52
53int botan_nist_kw_dec(const char* cipher_algo,
54 int padded,
55 const uint8_t wrapped_key[],
56 size_t wrapped_key_len,
57 const uint8_t kek[],
58 size_t kek_len,
59 uint8_t key[],
60 size_t* key_len) {
61#if defined(BOTAN_HAS_NIST_KEYWRAP)
62 return ffi_guard_thunk(__func__, [=]() -> int {
63 if(padded != 0 && padded != 1) {
65 }
66
67 auto bc = Botan::BlockCipher::create_or_throw(cipher_algo);
68 bc->set_key(kek, kek_len);
69
71
72 if(padded == 0) {
73 output = Botan::nist_key_unwrap(wrapped_key, wrapped_key_len, *bc);
74 } else {
75 output = Botan::nist_key_unwrap_padded(wrapped_key, wrapped_key_len, *bc);
76 }
77
78 return write_vec_output(key, key_len, output);
79 });
80#else
81 BOTAN_UNUSED(cipher_algo, padded, key, key_len, kek, kek_len, wrapped_key, wrapped_key_len);
83#endif
84}
85
86int botan_key_wrap3394(const uint8_t key[],
87 size_t key_len,
88 const uint8_t kek[],
89 size_t kek_len,
90 uint8_t wrapped_key[],
91 size_t* wrapped_key_len) {
92 std::string cipher_name = "AES-" + std::to_string(8 * kek_len);
93
94 return botan_nist_kw_enc(cipher_name.c_str(), 0, key, key_len, kek, kek_len, wrapped_key, wrapped_key_len);
95}
96
97int botan_key_unwrap3394(const uint8_t wrapped_key[],
98 size_t wrapped_key_len,
99 const uint8_t kek[],
100 size_t kek_len,
101 uint8_t key[],
102 size_t* key_len) {
103 std::string cipher_name = "AES-" + std::to_string(8 * kek_len);
104
105 return botan_nist_kw_dec(cipher_name.c_str(), 0, wrapped_key, wrapped_key_len, kek, kek_len, key, key_len);
106}
107}
#define BOTAN_UNUSED
Definition assert.h:118
static std::unique_ptr< BlockCipher > create_or_throw(std::string_view algo_spec, std::string_view provider="")
@ BOTAN_FFI_ERROR_NOT_IMPLEMENTED
Definition ffi.h:124
int botan_nist_kw_enc(const char *cipher_algo, int padded, const uint8_t key[], size_t key_len, const uint8_t kek[], size_t kek_len, uint8_t wrapped_key[], size_t *wrapped_key_len)
int botan_key_unwrap3394(const uint8_t wrapped_key[], size_t wrapped_key_len, const uint8_t kek[], size_t kek_len, uint8_t key[], size_t *key_len)
int botan_key_wrap3394(const uint8_t key[], size_t key_len, const uint8_t kek[], size_t kek_len, uint8_t wrapped_key[], size_t *wrapped_key_len)
int botan_nist_kw_dec(const char *cipher_algo, int padded, const uint8_t wrapped_key[], size_t wrapped_key_len, const uint8_t kek[], size_t kek_len, uint8_t key[], size_t *key_len)
int ffi_guard_thunk(const char *func_name, const std::function< int()> &thunk)
Definition ffi.cpp:116
int write_vec_output(uint8_t out[], size_t *out_len, const std::vector< uint8_t, Alloc > &buf)
Definition ffi_util.h:201
std::vector< uint8_t > nist_key_wrap(const uint8_t input[], size_t input_len, const BlockCipher &bc)
std::vector< uint8_t > nist_key_wrap_padded(const uint8_t input[], size_t input_len, const BlockCipher &bc)
secure_vector< uint8_t > nist_key_unwrap_padded(const uint8_t input[], size_t input_len, const BlockCipher &bc)
std::vector< T, secure_allocator< T > > secure_vector
Definition secmem.h:61
secure_vector< uint8_t > nist_key_unwrap(const uint8_t input[], size_t input_len, const BlockCipher &bc)