return keyType;
}
-void destroyKey(const RawBuffer &key)
+void destroyKey(const RawBuffer &keyId)
{
- TrustZoneContext::Instance().executeDestroy(key);
+ TrustZoneContext::Instance().executeDestroy(keyId);
}
void importData(const Data &data,
hash);
}
-void importWrappedKey(const RawBuffer &wrappingKey,
+void importWrappedKey(const RawBuffer &wrappingKeyId,
const Pwd &wrappingKeyPwd,
const CryptoAlgorithm &alg,
const Data &encryptedKey,
decompose(alg, algo, ctrLenOrTagSizeBits, iv, aad);
// TODO it is awful!
- TrustZoneContext::Instance().importWrappedKey(wrappingKey,
+ TrustZoneContext::Instance().importWrappedKey(wrappingKeyId,
wrappingKeyPwd,
getAlgType(algo),
iv,
encryptedKeyId);
}
-RawBuffer exportWrappedKey(const RawBuffer &wrappingKey,
+RawBuffer exportWrappedKey(const RawBuffer &wrappingKeyId,
const Pwd &wrappingKeyPwd,
const CryptoAlgorithm &alg,
const RawBuffer &keyToWrapId,
decompose(alg, algo, ctrLenOrTagSizeBits, iv, aad);
// TODO it is awful!
- return TrustZoneContext::Instance().exportWrappedKey(wrappingKey,
+ return TrustZoneContext::Instance().exportWrappedKey(wrappingKeyId,
wrappingKeyPwd,
getAlgType(algo),
iv,
TrustZoneContext::Instance().destroyData(dataId);
}
-BufferPair encryptDataAesGcm(const RawBuffer &key,
+BufferPair encryptDataAesGcm(const RawBuffer &keyId,
const Pwd &pwd,
const RawBuffer &iv,
int tagSize,
RawBuffer result;
RawBuffer tag;
- TrustZoneContext::Instance().executeEncryptAE(key, pwd, iv, tagSize,
+ TrustZoneContext::Instance().executeEncryptAE(keyId, pwd, iv, tagSize,
aad, data, result, tag);
return std::make_pair(result, tag);
}
-RawBuffer encryptDataAesGcmPacked(const RawBuffer &key,
+RawBuffer encryptDataAesGcmPacked(const RawBuffer &keyId,
const Pwd &pwd,
const RawBuffer &iv,
int tagSize,
const RawBuffer &data,
const RawBuffer &aad)
{
- auto pair = encryptDataAesGcm(key, pwd, iv, tagSize, data, aad);
+ auto pair = encryptDataAesGcm(keyId, pwd, iv, tagSize, data, aad);
std::copy(pair.second.begin(), pair.second.end(),
std::back_inserter(pair.first));
return pair.first;
}
-RawBuffer decryptDataAesGcm(const RawBuffer &key,
+RawBuffer decryptDataAesGcm(const RawBuffer &keyId,
const Pwd &pwd,
const RawBuffer &iv,
int tagSizeBits,
{
RawBuffer result;
- TrustZoneContext::Instance().executeDecryptAE(key, pwd, iv, tagSizeBits,
+ TrustZoneContext::Instance().executeDecryptAE(keyId, pwd, iv, tagSizeBits,
tag, aad, data, result);
return result;
}
-RawBuffer decryptDataAesGcmPacked(const RawBuffer &key,
+RawBuffer decryptDataAesGcmPacked(const RawBuffer &keyId,
const Pwd &pwd,
const RawBuffer &iv,
int tagSizeBits,
ThrowErr(Exc::Crypto::InputParam, "Wrong size of tag");
auto tagPos = data.data() + data.size() - tagSizeBytes;
- return decryptDataAesGcm(key,
+ return decryptDataAesGcm(keyId,
pwd,
iv,
tagSizeBits,
}
-RawBuffer symmetricEncrypt(const RawBuffer &key,
+RawBuffer symmetricEncrypt(const RawBuffer &keyId,
const Pwd &pwd,
const CryptoAlgorithm &alg,
const RawBuffer &data)
RawBuffer result;
TrustZoneContext::Instance().executeCrypt(CMD_ENCRYPT,
getAlgType(algo),
- key,
+ keyId,
pwd,
unpack<RawBuffer>(alg, ParamName::ED_IV),
data,
alg.getParam(ParamName::ED_TAG_LEN, tagLenBits);
RawBuffer aad;
alg.getParam(ParamName::ED_AAD, aad);
- return encryptDataAesGcmPacked(key,
+ return encryptDataAesGcmPacked(keyId,
pwd,
unpack<RawBuffer>(alg, ParamName::ED_IV),
tagLenBits,
"Incorrect algorithm provided for symmetric crypto operation");
}
-RawBuffer symmetricDecrypt(const RawBuffer &key,
+RawBuffer symmetricDecrypt(const RawBuffer &keyId,
const Pwd &pwd,
const CryptoAlgorithm &alg,
const RawBuffer &data)
RawBuffer result;
TrustZoneContext::Instance().executeCrypt(CMD_DECRYPT,
getAlgType(algo),
- key,
+ keyId,
pwd,
unpack<RawBuffer>(alg, ParamName::ED_IV),
data,
alg.getParam(ParamName::ED_TAG_LEN, tagSizeBits);
RawBuffer aad;
alg.getParam(ParamName::ED_AAD, aad);
- return decryptDataAesGcmPacked(key,
+ return decryptDataAesGcmPacked(keyId,
pwd,
unpack<RawBuffer>(alg, ParamName::ED_IV),
tagSizeBits,
"Incorrect algorithm provided for symmetric crypto operation");
}
-RawBuffer asymmetricEncrypt(const RawBuffer &key,
+RawBuffer asymmetricEncrypt(const RawBuffer &keyId,
const Pwd &pwd,
const CryptoAlgorithm &alg,
const RawBuffer &data)
case AlgoType::RSA_OAEP: {
TrustZoneContext::Instance().executeCrypt(CMD_ENCRYPT,
getAlgType(algo),
- key,
+ keyId,
pwd,
result, // unused dummy
data,
"Incorrect algorithm provided for asymmetric crypto operation");
}
-RawBuffer asymmetricDecrypt(const RawBuffer &key,
+RawBuffer asymmetricDecrypt(const RawBuffer &keyId,
const Pwd &pwd,
const CryptoAlgorithm &alg,
const RawBuffer &cipher)
case AlgoType::RSA_OAEP: {
TrustZoneContext::Instance().executeCrypt(CMD_DECRYPT,
getAlgType(algo),
- key,
+ keyId,
pwd,
result, // unused dummy
cipher,
"Incorrect algorithm provided for asymmetric crypto operation");
}
-uint32_t initCipher(const RawBuffer &key,
+uint32_t initCipher(const RawBuffer &keyId,
const Pwd &pwd,
const CryptoAlgorithm &alg,
bool encrypt)
RawBuffer aad;
alg.getParam(ParamName::ED_AAD, aad);
return TrustZoneContext::Instance().initGcmCipher(encrypt ? CIPHER_ENCRYPT : CIPHER_DECRYPT,
- key,
+ keyId,
pwd,
unpack<RawBuffer>(alg, ParamName::ED_IV),
tagSizeBits,
return TrustZoneContext::Instance().finalizeGcmCipher(opId, data);
}
-RawBuffer sign(const RawBuffer &pkey,
+RawBuffer sign(const RawBuffer &pkeyId,
const Pwd &pwd,
const CryptoAlgorithm &alg,
const RawBuffer &message)
RawBuffer signature;
TrustZoneContext::Instance().executeSign(getAlgType(algo),
getHashType(hash),
- pkey,
+ pkeyId,
pwd,
message,
signature);
return signature;
}
-int verify(const RawBuffer &pkey,
+int verify(const RawBuffer &pkeyId,
const Pwd &pwd,
const CryptoAlgorithm &alg,
const RawBuffer &message,
return TrustZoneContext::Instance().executeVerify(getAlgType(algo),
getHashType(hash),
- pkey,
+ pkeyId,
pwd,
message,
signature);
}
-void deriveECDH(const RawBuffer &prvKey,
+void deriveECDH(const RawBuffer &prvKeyId,
const Pwd &prvKeyPwd,
const RawBuffer &pubKey,
const Password &secretPwd,
RawBuffer secretPwdBuf(secretPwd.begin(), secretPwd.end());
- TrustZoneContext::Instance().executeEcdh(prvKey,
+ TrustZoneContext::Instance().executeEcdh(prvKeyId,
prvKeyPwd,
xBuf,
yBuf,
secretHash);
}
-void deriveKBKDF(const RawBuffer &secret,
+void deriveKBKDF(const RawBuffer &secretId,
const CryptoAlgorithm &alg,
const Password &keyPwd,
const RawBuffer &keyPwdIV,
RawBuffer keyPwdBuf(keyPwd.begin(), keyPwd.end());
- TrustZoneContext::Instance().executeKbkdf(secret,
+ TrustZoneContext::Instance().executeKbkdf(secretId,
label,
context,
fixed,
projects / platform / core / security / key-manager.git / blobdiff