/*
- * Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved
+ * Copyright (c) 2017 - 2019 Samsung Electronics Co., Ltd All Rights Reserved
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
using KeyIdPair = std::pair<int, RawBuffer>;
RawBuffer generateIV();
-DataPair generateAKey(const CryptoAlgorithm &alg,
- const Password &pwd,
- const RawBuffer &iv);
-Data generateSKey(const CryptoAlgorithm &alg,
+
+AlgoType generateAKey(const CryptoAlgorithm &alg,
+ const Password &pubPwd,
+ const Password &privPwd,
+ const RawBuffer &pubPwdIv,
+ const RawBuffer &privPwdIv,
+ RawBuffer &pubTag,
+ RawBuffer &privTag,
+ const RawBuffer &hashPriv,
+ const RawBuffer &hashPub);
+
+void generateSKey(const CryptoAlgorithm &alg,
const Password &pwd,
const RawBuffer &iv,
- RawBuffer &tag);
-RawBuffer importKey(const Data &key,
- const Password &pwd,
- const RawBuffer &iv,
- RawBuffer &tag);
-
-RawBuffer importData(const Data &data,
- const Password &pwd,
- const RawBuffer &iv,
- RawBuffer &tag);
+ RawBuffer &tag,
+ const RawBuffer &hash);
+
+void importData(const Data &key,
+ const EncryptionParams &encData,
+ const Password &pwd,
+ const RawBuffer &pwdIV,
+ RawBuffer &tag,
+ const RawBuffer &hash);
+
+void importWrappedKey(const RawBuffer &wrappingKeyId,
+ const Pwd &wrappingKeyPwd,
+ const CryptoAlgorithm &alg,
+ const Data &encryptedKey,
+ const Password &encryptedKeyPassword,
+ const RawBuffer &encryptedKeyIV,
+ RawBuffer &encryptedKeyTag,
+ const RawBuffer &encryptedKeyId);
+
+RawBuffer exportWrappedKey(const RawBuffer &wrappingKeyId,
+ const Pwd &wrappingKeyPwd,
+ const CryptoAlgorithm &alg,
+ const RawBuffer &keyToWrapId,
+ const Pwd &keyToWrapPwd);
RawBuffer getData(const RawBuffer &dataId,
const Pwd &pwd);
void destroyData(const RawBuffer &dataId);
-void destroyKey(const RawBuffer &key);
+void destroyKey(const RawBuffer &keyId);
RawBuffer symmetricEncrypt(
- const RawBuffer &key,
+ const RawBuffer &keyId,
const Pwd &pwd,
const CryptoAlgorithm &alg,
const RawBuffer &data);
+
RawBuffer symmetricDecrypt(
- const RawBuffer &key,
+ const RawBuffer &keyId,
const Pwd &pwd,
const CryptoAlgorithm &alg,
const RawBuffer &cipher);
RawBuffer asymmetricEncrypt(
- const RawBuffer &key,
+ const RawBuffer &keyId,
const Pwd &pwd,
const CryptoAlgorithm &alg,
const RawBuffer &data);
+
RawBuffer asymmetricDecrypt(
- const RawBuffer &key,
+ const RawBuffer &keyId,
const Pwd &pwd,
const CryptoAlgorithm &alg,
const RawBuffer &cipher);
-BufferPair encryptDataAesGcm(const RawBuffer &key,
+BufferPair encryptDataAesGcm(const RawBuffer &keyId,
const Pwd &pwd,
const RawBuffer &iv,
int tagSize,
const RawBuffer &data,
const RawBuffer &aad = RawBuffer());
-RawBuffer decryptDataAesGcm(const RawBuffer &key,
+RawBuffer decryptDataAesGcm(const RawBuffer &keyId,
const Pwd &pwd,
const RawBuffer &iv,
const RawBuffer &tag,
const RawBuffer &data,
const RawBuffer &aad = RawBuffer());
-RawBuffer sign(const RawBuffer &pkey,
+uint32_t initCipher(const RawBuffer &keyId,
+ const Pwd &pwd,
+ const CryptoAlgorithm &alg,
+ bool encrypt);
+
+void addAAD(uint32_t opId,
+ const RawBuffer &aad);
+
+RawBuffer updateCipher(uint32_t opId,
+ const RawBuffer &data);
+
+RawBuffer finalizeCipher(uint32_t opId,
+ const RawBuffer &data);
+
+RawBuffer sign(const RawBuffer &pkeyId,
const Pwd &pwd,
const CryptoAlgorithm &alg,
const RawBuffer &message);
-int verify(const RawBuffer &pkey,
+int verify(const RawBuffer &pkeyId,
const Pwd &pwd,
const CryptoAlgorithm &alg,
const RawBuffer &message,
const RawBuffer &signature);
+void deriveECDH(const RawBuffer &prvKeyId,
+ const Pwd &prvKeyPwd,
+ const RawBuffer &pubKey,
+ const Password &secretPwd,
+ const RawBuffer &secretPwdIV,
+ RawBuffer &secretTag,
+ const RawBuffer &secretHash);
+
+void deriveKBKDF(const RawBuffer &secretId,
+ const Pwd &secretPwd,
+ const CryptoAlgorithm &alg,
+ const Password &keyPwd,
+ const RawBuffer &keyPwdIV,
+ RawBuffer &keyTag,
+ const RawBuffer &keyHash);
+
+size_t maxChunkSize();
} // namespace Internals
} // namespace TZ
} // namespace Crypto
projects / platform / core / security / key-manager.git / blobdiff