/src/Botan-3.4.0/src/lib/ffi/ffi_keywrap.cpp
Line | Count | Source (jump to first uncovered line) |
1 | | /* |
2 | | * (C) 2017 Ribose Inc |
3 | | * 2023 Jack Lloyd |
4 | | * |
5 | | * Botan is released under the Simplified BSD License (see license.txt) |
6 | | */ |
7 | | |
8 | | #include <botan/ffi.h> |
9 | | |
10 | | #include <botan/internal/ffi_util.h> |
11 | | |
12 | | #if defined(BOTAN_HAS_NIST_KEYWRAP) |
13 | | #include <botan/block_cipher.h> |
14 | | #include <botan/nist_keywrap.h> |
15 | | #endif |
16 | | |
17 | | extern "C" { |
18 | | |
19 | | using namespace Botan_FFI; |
20 | | |
21 | | int botan_nist_kw_enc(const char* cipher_algo, |
22 | | int padded, |
23 | | const uint8_t key[], |
24 | | size_t key_len, |
25 | | const uint8_t kek[], |
26 | | size_t kek_len, |
27 | | uint8_t wrapped_key[], |
28 | 0 | size_t* wrapped_key_len) { |
29 | 0 | #if defined(BOTAN_HAS_NIST_KEYWRAP) |
30 | 0 | return ffi_guard_thunk(__func__, [=]() -> int { |
31 | 0 | if(padded != 0 && padded != 1) { |
32 | 0 | return BOTAN_FFI_ERROR_NOT_IMPLEMENTED; |
33 | 0 | } |
34 | 0 | auto bc = Botan::BlockCipher::create_or_throw(cipher_algo); |
35 | 0 | bc->set_key(kek, kek_len); |
36 | |
|
37 | 0 | std::vector<uint8_t> output; |
38 | |
|
39 | 0 | if(padded == 0) { |
40 | 0 | output = Botan::nist_key_wrap(key, key_len, *bc); |
41 | 0 | } else { |
42 | 0 | output = Botan::nist_key_wrap_padded(key, key_len, *bc); |
43 | 0 | } |
44 | |
|
45 | 0 | return write_vec_output(wrapped_key, wrapped_key_len, output); |
46 | 0 | }); |
47 | | #else |
48 | | BOTAN_UNUSED(cipher_algo, padded, key, key_len, kek, kek_len, wrapped_key, wrapped_key_len); |
49 | | return BOTAN_FFI_ERROR_NOT_IMPLEMENTED; |
50 | | #endif |
51 | 0 | } |
52 | | |
53 | | int botan_nist_kw_dec(const char* cipher_algo, |
54 | | int padded, |
55 | | const uint8_t wrapped_key[], |
56 | | size_t wrapped_key_len, |
57 | | const uint8_t kek[], |
58 | | size_t kek_len, |
59 | | uint8_t key[], |
60 | 0 | size_t* key_len) { |
61 | 0 | #if defined(BOTAN_HAS_NIST_KEYWRAP) |
62 | 0 | return ffi_guard_thunk(__func__, [=]() -> int { |
63 | 0 | if(padded != 0 && padded != 1) { |
64 | 0 | return BOTAN_FFI_ERROR_NOT_IMPLEMENTED; |
65 | 0 | } |
66 | | |
67 | 0 | auto bc = Botan::BlockCipher::create_or_throw(cipher_algo); |
68 | 0 | bc->set_key(kek, kek_len); |
69 | |
|
70 | 0 | Botan::secure_vector<uint8_t> output; |
71 | |
|
72 | 0 | if(padded == 0) { |
73 | 0 | output = Botan::nist_key_unwrap(wrapped_key, wrapped_key_len, *bc); |
74 | 0 | } else { |
75 | 0 | output = Botan::nist_key_unwrap_padded(wrapped_key, wrapped_key_len, *bc); |
76 | 0 | } |
77 | |
|
78 | 0 | return write_vec_output(key, key_len, output); |
79 | 0 | }); |
80 | | #else |
81 | | BOTAN_UNUSED(cipher_algo, padded, key, key_len, kek, kek_len, wrapped_key, wrapped_key_len); |
82 | | return BOTAN_FFI_ERROR_NOT_IMPLEMENTED; |
83 | | #endif |
84 | 0 | } |
85 | | |
86 | | int botan_key_wrap3394(const uint8_t key[], |
87 | | size_t key_len, |
88 | | const uint8_t kek[], |
89 | | size_t kek_len, |
90 | | uint8_t wrapped_key[], |
91 | 0 | size_t* wrapped_key_len) { |
92 | 0 | std::string cipher_name = "AES-" + std::to_string(8 * kek_len); |
93 | |
|
94 | 0 | return botan_nist_kw_enc(cipher_name.c_str(), 0, key, key_len, kek, kek_len, wrapped_key, wrapped_key_len); |
95 | 0 | } |
96 | | |
97 | | int botan_key_unwrap3394(const uint8_t wrapped_key[], |
98 | | size_t wrapped_key_len, |
99 | | const uint8_t kek[], |
100 | | size_t kek_len, |
101 | | uint8_t key[], |
102 | 0 | size_t* key_len) { |
103 | 0 | std::string cipher_name = "AES-" + std::to_string(8 * kek_len); |
104 | |
|
105 | 0 | return botan_nist_kw_dec(cipher_name.c_str(), 0, wrapped_key, wrapped_key_len, kek, kek_len, key, key_len); |
106 | 0 | } |
107 | | } |