dearsky/pico-hsm
1
0
Fork 0
Code Issues 17 Pull Requests 4 Actions Packages Projects Releases 26 Wiki Activity

Extending DKEK and key storage to key domains.

Browse Source 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
This commit is contained in:
Pol Henarejos
2022-05-24 00:29:19 +02:00
parent 7b5cb48dcc
commit 89d40b7c94
3 changed files with 132 additions and 102 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
src/hsm/dkek.h
View File

@@ -18,19 +18,27 @@
#ifndef _DKEK_H_
#define _DKEK_H_
extern int load_dkek();
extern int save_dkek_key(const uint8_t *key);
extern int store_dkek_key();
extern int load_dkek(uint8_t, uint8_t *);
extern int save_dkek_key(uint8_t, const uint8_t *key);
extern int store_dkek_key(uint8_t, uint8_t *);
extern void init_dkek();
extern void release_dkek();
extern void import_dkek_share(const uint8_t *share);
extern int dkek_kcv(uint8_t *kcv);
extern int dkek_encrypt(uint8_t *data, size_t len);
extern int dkek_decrypt(uint8_t *data, size_t len);
extern int dkek_encode_key(void *key_ctx, int key_type, uint8_t *out, size_t *out_len);
extern void release_dkek(uint8_t *);
extern int import_dkek_share(uint8_t, const uint8_t *share);
extern int dkek_kcv(uint8_t, uint8_t *kcv);
extern int dkek_encrypt(uint8_t, uint8_t *data, size_t len);
extern int dkek_decrypt(uint8_t, uint8_t *data, size_t len);
extern int dkek_encode_key(uint8_t, void *key_ctx, int key_type, uint8_t *out, size_t *out_len);
extern int dkek_type_key(const uint8_t *in);
extern int dkek_decode_key(void *key_ctx, const uint8_t *in, size_t in_len, int *key_size_out);
extern int dkek_decode_key(uint8_t, void *key_ctx, const uint8_t *in, size_t in_len, int *key_size_out);
#define MAX_DKEK_ENCODE_KEY_BUFFER (8+1+12+6+(8+2*4+2*4096/8+3+13)+16)
#define MAX_KEY_DOMAINS 16
#define DKEK_IV_SIZE (IV_SIZE)
#define DKEK_KEY_SIZE (32)
#define DKEK_SIZE (DKEK_IV_SIZE+DKEK_KEY_SIZE)
#define DKEK_KEY(p) (p+DKEK_IV_SIZE)
#define DKEK_IV(p) (p)
#endif