FwdLockGlue.h revision fdd65a0fc7df2c878cc601e4c0f4021cb264f051 
1bc8d3f97eb5c958007f2713238472e0c1c8fe02Howard Hinnant/*
2bc8d3f97eb5c958007f2713238472e0c1c8fe02Howard Hinnant * Copyright (C) 2010 The Android Open Source Project
3f5256e16dfc425c1d466f6308d4026d529ce9e0bHoward Hinnant *
4bc8d3f97eb5c958007f2713238472e0c1c8fe02Howard Hinnant * Licensed under the Apache License, Version 2.0 (the "License");
5bc8d3f97eb5c958007f2713238472e0c1c8fe02Howard Hinnant * you may not use this file except in compliance with the License.
6bc8d3f97eb5c958007f2713238472e0c1c8fe02Howard Hinnant * You may obtain a copy of the License at
7bc8d3f97eb5c958007f2713238472e0c1c8fe02Howard Hinnant *
8bc8d3f97eb5c958007f2713238472e0c1c8fe02Howard Hinnant *      http://www.apache.org/licenses/LICENSE-2.0
9bc8d3f97eb5c958007f2713238472e0c1c8fe02Howard Hinnant *
10bc8d3f97eb5c958007f2713238472e0c1c8fe02Howard Hinnant * Unless required by applicable law or agreed to in writing, software
11bc8d3f97eb5c958007f2713238472e0c1c8fe02Howard Hinnant * distributed under the License is distributed on an "AS IS" BASIS,
12bc8d3f97eb5c958007f2713238472e0c1c8fe02Howard Hinnant * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13bc8d3f97eb5c958007f2713238472e0c1c8fe02Howard Hinnant * See the License for the specific language governing permissions and
14bc8d3f97eb5c958007f2713238472e0c1c8fe02Howard Hinnant * limitations under the License.
15bc8d3f97eb5c958007f2713238472e0c1c8fe02Howard Hinnant */
16bc8d3f97eb5c958007f2713238472e0c1c8fe02Howard Hinnant
17bc8d3f97eb5c958007f2713238472e0c1c8fe02Howard Hinnant#ifndef __FWDLOCKGLUE_H__
18bc8d3f97eb5c958007f2713238472e0c1c8fe02Howard Hinnant#define __FWDLOCKGLUE_H__
19bc8d3f97eb5c958007f2713238472e0c1c8fe02Howard Hinnant
20bc8d3f97eb5c958007f2713238472e0c1c8fe02Howard Hinnant#ifdef __cplusplus
21bc8d3f97eb5c958007f2713238472e0c1c8fe02Howard Hinnantextern "C" {
22bc8d3f97eb5c958007f2713238472e0c1c8fe02Howard Hinnant#endif
23bc8d3f97eb5c958007f2713238472e0c1c8fe02Howard Hinnant
24bc8d3f97eb5c958007f2713238472e0c1c8fe02Howard Hinnant/**
25bc8d3f97eb5c958007f2713238472e0c1c8fe02Howard Hinnant * Generates the specified number of cryptographically secure random bytes.
26bc8d3f97eb5c958007f2713238472e0c1c8fe02Howard Hinnant *
27bc8d3f97eb5c958007f2713238472e0c1c8fe02Howard Hinnant * @param[out] pBuffer A reference to the buffer that should receive the random data.
28bc8d3f97eb5c958007f2713238472e0c1c8fe02Howard Hinnant * @param[in] numBytes The number of random bytes to generate.
29bc8d3f97eb5c958007f2713238472e0c1c8fe02Howard Hinnant *
30bc8d3f97eb5c958007f2713238472e0c1c8fe02Howard Hinnant * @return A Boolean value indicating whether the operation was successful.
31bc8d3f97eb5c958007f2713238472e0c1c8fe02Howard Hinnant */
32bc8d3f97eb5c958007f2713238472e0c1c8fe02Howard Hinnantint FwdLockGlue_GetRandomNumber(void *pBuffer, size_t numBytes);
33bc8d3f97eb5c958007f2713238472e0c1c8fe02Howard Hinnant
34bc8d3f97eb5c958007f2713238472e0c1c8fe02Howard Hinnant/**
35bc8d3f97eb5c958007f2713238472e0c1c8fe02Howard Hinnant * Performs initialization of the key-encryption key. Should be called once during startup to
36bc8d3f97eb5c958007f2713238472e0c1c8fe02Howard Hinnant * facilitate encryption and decryption of session keys.
37bc8d3f97eb5c958007f2713238472e0c1c8fe02Howard Hinnant *
38bc8d3f97eb5c958007f2713238472e0c1c8fe02Howard Hinnant * @return A Boolean value indicating whether the operation was successful.
39bc8d3f97eb5c958007f2713238472e0c1c8fe02Howard Hinnant */
40bc8d3f97eb5c958007f2713238472e0c1c8fe02Howard Hinnantint FwdLockGlue_InitializeKeyEncryption();
41bc8d3f97eb5c958007f2713238472e0c1c8fe02Howard Hinnant
42bc8d3f97eb5c958007f2713238472e0c1c8fe02Howard Hinnant/**
43bc8d3f97eb5c958007f2713238472e0c1c8fe02Howard Hinnant * Returns the length of the encrypted key, given the length of the plaintext key.
44bc8d3f97eb5c958007f2713238472e0c1c8fe02Howard Hinnant *
45bc8d3f97eb5c958007f2713238472e0c1c8fe02Howard Hinnant * @param[in] plaintextKeyLength The length in bytes of the plaintext key.
46bc8d3f97eb5c958007f2713238472e0c1c8fe02Howard Hinnant *
47bc8d3f97eb5c958007f2713238472e0c1c8fe02Howard Hinnant * @return The length in bytes of the encrypted key.
48bc8d3f97eb5c958007f2713238472e0c1c8fe02Howard Hinnant */
49bc8d3f97eb5c958007f2713238472e0c1c8fe02Howard Hinnantsize_t FwdLockGlue_GetEncryptedKeyLength(size_t plaintextKeyLength);
50bc8d3f97eb5c958007f2713238472e0c1c8fe02Howard Hinnant
51bc8d3f97eb5c958007f2713238472e0c1c8fe02Howard Hinnant/**
52bc8d3f97eb5c958007f2713238472e0c1c8fe02Howard Hinnant * Encrypts the given session key using a key-encryption key unique to this device.
53bc8d3f97eb5c958007f2713238472e0c1c8fe02Howard Hinnant *
54bc8d3f97eb5c958007f2713238472e0c1c8fe02Howard Hinnant * @param[in] pPlaintextKey A reference to the buffer containing the plaintext key.
55bc8d3f97eb5c958007f2713238472e0c1c8fe02Howard Hinnant * @param[in] plaintextKeyLength The length in bytes of the plaintext key.
56bc8d3f97eb5c958007f2713238472e0c1c8fe02Howard Hinnant * @param[out] pEncryptedKey A reference to the buffer containing the encrypted key.
57bc8d3f97eb5c958007f2713238472e0c1c8fe02Howard Hinnant * @param[in] encryptedKeyLength The length in bytes of the encrypted key.
58bc8d3f97eb5c958007f2713238472e0c1c8fe02Howard Hinnant *
59bc8d3f97eb5c958007f2713238472e0c1c8fe02Howard Hinnant * @return A Boolean value indicating whether the operation was successful.
60bc8d3f97eb5c958007f2713238472e0c1c8fe02Howard Hinnant */
61bc8d3f97eb5c958007f2713238472e0c1c8fe02Howard Hinnantint FwdLockGlue_EncryptKey(const void *pPlaintextKey,
62bc8d3f97eb5c958007f2713238472e0c1c8fe02Howard Hinnant                           size_t plaintextKeyLength,
63bc8d3f97eb5c958007f2713238472e0c1c8fe02Howard Hinnant                           void *pEncryptedKey,
64bc8d3f97eb5c958007f2713238472e0c1c8fe02Howard Hinnant                           size_t encryptedKeyLength);
65bc8d3f97eb5c958007f2713238472e0c1c8fe02Howard Hinnant
66bc8d3f97eb5c958007f2713238472e0c1c8fe02Howard Hinnant/**
67bc8d3f97eb5c958007f2713238472e0c1c8fe02Howard Hinnant * Decrypts the given session key using a key-encryption key unique to this device.
68bc8d3f97eb5c958007f2713238472e0c1c8fe02Howard Hinnant *
69bc8d3f97eb5c958007f2713238472e0c1c8fe02Howard Hinnant * @param[in] pEncryptedKey A reference to the buffer containing the encrypted key.
70bc8d3f97eb5c958007f2713238472e0c1c8fe02Howard Hinnant * @param[in] encryptedKeyLength The length in bytes of the encrypted key.
71bc8d3f97eb5c958007f2713238472e0c1c8fe02Howard Hinnant * @param[out] pDecryptedKey A reference to the buffer containing the decrypted key.
72bc8d3f97eb5c958007f2713238472e0c1c8fe02Howard Hinnant * @param[in] decryptedKeyLength The length in bytes of the decrypted key.
73bc8d3f97eb5c958007f2713238472e0c1c8fe02Howard Hinnant *
74 * @return A Boolean value indicating whether the operation was successful.
75 */
76int FwdLockGlue_DecryptKey(const void *pEncryptedKey,
77                           size_t encryptedKeyLength,
78                           void *pDecryptedKey,
79                           size_t decryptedKeyLength);
80
81#ifdef __cplusplus
82}
83#endif
84
85#endif // __FWDLOCKGLUE_H__
86