1fabacaf3e6019804cc8a98a2b8296be1d0125519Thai Duong/* 2fabacaf3e6019804cc8a98a2b8296be1d0125519Thai Duong * Copyright 2015 The Android Open Source Project 3fabacaf3e6019804cc8a98a2b8296be1d0125519Thai Duong * 4fabacaf3e6019804cc8a98a2b8296be1d0125519Thai Duong * Licensed under the Apache License, Version 2.0 (the "License"); 5fabacaf3e6019804cc8a98a2b8296be1d0125519Thai Duong * you may not use this file except in compliance with the License. 6fabacaf3e6019804cc8a98a2b8296be1d0125519Thai Duong * You may obtain a copy of the License at 7fabacaf3e6019804cc8a98a2b8296be1d0125519Thai Duong * 8fabacaf3e6019804cc8a98a2b8296be1d0125519Thai Duong * http://www.apache.org/licenses/LICENSE-2.0 9fabacaf3e6019804cc8a98a2b8296be1d0125519Thai Duong * 10fabacaf3e6019804cc8a98a2b8296be1d0125519Thai Duong * Unless required by applicable law or agreed to in writing, software 11fabacaf3e6019804cc8a98a2b8296be1d0125519Thai Duong * distributed under the License is distributed on an "AS IS" BASIS, 12fabacaf3e6019804cc8a98a2b8296be1d0125519Thai Duong * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13fabacaf3e6019804cc8a98a2b8296be1d0125519Thai Duong * See the License for the specific language governing permissions and 14fabacaf3e6019804cc8a98a2b8296be1d0125519Thai Duong * limitations under the License. 15fabacaf3e6019804cc8a98a2b8296be1d0125519Thai Duong */ 16fabacaf3e6019804cc8a98a2b8296be1d0125519Thai Duong 17fabacaf3e6019804cc8a98a2b8296be1d0125519Thai Duong#ifndef SYSTEM_KEYMASTER_ECIES_KEM_H_ 18fabacaf3e6019804cc8a98a2b8296be1d0125519Thai Duong#define SYSTEM_KEYMASTER_ECIES_KEM_H_ 19fabacaf3e6019804cc8a98a2b8296be1d0125519Thai Duong 20fabacaf3e6019804cc8a98a2b8296be1d0125519Thai Duong#include "kem.h" 21fabacaf3e6019804cc8a98a2b8296be1d0125519Thai Duong 22f38a002624126ca837865826f948edc9100d6e8aJanis Danisevskis#include <keymaster/UniquePtr.h> 23fabacaf3e6019804cc8a98a2b8296be1d0125519Thai Duong#include <openssl/ec.h> 24fabacaf3e6019804cc8a98a2b8296be1d0125519Thai Duong 25fabacaf3e6019804cc8a98a2b8296be1d0125519Thai Duong#include <keymaster/authorization_set.h> 26fabacaf3e6019804cc8a98a2b8296be1d0125519Thai Duong 27fabacaf3e6019804cc8a98a2b8296be1d0125519Thai Duong#include "hkdf.h" 28fabacaf3e6019804cc8a98a2b8296be1d0125519Thai Duong#include "key_exchange.h" 29fabacaf3e6019804cc8a98a2b8296be1d0125519Thai Duong 30fabacaf3e6019804cc8a98a2b8296be1d0125519Thai Duongnamespace keymaster { 31fabacaf3e6019804cc8a98a2b8296be1d0125519Thai Duong 32fabacaf3e6019804cc8a98a2b8296be1d0125519Thai Duong/** 33fabacaf3e6019804cc8a98a2b8296be1d0125519Thai Duong * EciesKem is an implementation of the key encapsulation mechanism ECIES-KEM described in 34fabacaf3e6019804cc8a98a2b8296be1d0125519Thai Duong * ISO 18033-2 (http://www.shoup.net/iso/std6.pdf, http://www.shoup.net/papers/iso-2_1.pdf). 35fabacaf3e6019804cc8a98a2b8296be1d0125519Thai Duong */ 36fabacaf3e6019804cc8a98a2b8296be1d0125519Thai Duongclass EciesKem : public Kem { 37fabacaf3e6019804cc8a98a2b8296be1d0125519Thai Duong public: 38fabacaf3e6019804cc8a98a2b8296be1d0125519Thai Duong virtual ~EciesKem() override {} 39fabacaf3e6019804cc8a98a2b8296be1d0125519Thai Duong EciesKem(const AuthorizationSet& kem_description, keymaster_error_t* error); 40fabacaf3e6019804cc8a98a2b8296be1d0125519Thai Duong 41fabacaf3e6019804cc8a98a2b8296be1d0125519Thai Duong /* Kem interface. */ 42fabacaf3e6019804cc8a98a2b8296be1d0125519Thai Duong bool Encrypt(const Buffer& peer_public_value, Buffer* output_clear_key, 43fabacaf3e6019804cc8a98a2b8296be1d0125519Thai Duong Buffer* output_encrypted_key) override; 44fabacaf3e6019804cc8a98a2b8296be1d0125519Thai Duong bool Encrypt(const uint8_t* peer_public_value, size_t peer_public_value_len, 45fabacaf3e6019804cc8a98a2b8296be1d0125519Thai Duong Buffer* output_clear_key, Buffer* output_encrypted_key) override; 46fabacaf3e6019804cc8a98a2b8296be1d0125519Thai Duong 47fabacaf3e6019804cc8a98a2b8296be1d0125519Thai Duong bool Decrypt(EC_KEY* private_key, const Buffer& encrypted_key, Buffer* output_key) override; 48fabacaf3e6019804cc8a98a2b8296be1d0125519Thai Duong bool Decrypt(EC_KEY* private_key, const uint8_t* encrypted_key, size_t encrypted_key_len, 49fabacaf3e6019804cc8a98a2b8296be1d0125519Thai Duong Buffer* output_key) override; 50fabacaf3e6019804cc8a98a2b8296be1d0125519Thai Duong 51fabacaf3e6019804cc8a98a2b8296be1d0125519Thai Duong private: 52fabacaf3e6019804cc8a98a2b8296be1d0125519Thai Duong UniquePtr<KeyExchange> key_exchange_; 53fabacaf3e6019804cc8a98a2b8296be1d0125519Thai Duong UniquePtr<Rfc5869Sha256Kdf> kdf_; 54fabacaf3e6019804cc8a98a2b8296be1d0125519Thai Duong bool single_hash_mode_; 55fabacaf3e6019804cc8a98a2b8296be1d0125519Thai Duong uint32_t key_bytes_to_generate_; 56fabacaf3e6019804cc8a98a2b8296be1d0125519Thai Duong keymaster_ec_curve_t curve_; 57fabacaf3e6019804cc8a98a2b8296be1d0125519Thai Duong}; 58fabacaf3e6019804cc8a98a2b8296be1d0125519Thai Duong 59fabacaf3e6019804cc8a98a2b8296be1d0125519Thai Duong} // namespace keymaster 60fabacaf3e6019804cc8a98a2b8296be1d0125519Thai Duong 61fabacaf3e6019804cc8a98a2b8296be1d0125519Thai Duong#endif // SYSTEM_KEYMASTER_ECIES_KEM_H_ 62