• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Copyright 2015 The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *      http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 #ifndef SYSTEM_KEYMASTER_ECIES_KEM_H_
18 #define SYSTEM_KEYMASTER_ECIES_KEM_H_
19 
20 #include "kem.h"
21 
22 #include <keymaster/UniquePtr.h>
23 #include <openssl/ec.h>
24 
25 #include <keymaster/authorization_set.h>
26 
27 #include "hkdf.h"
28 #include "key_exchange.h"
29 
30 namespace keymaster {
31 
32 /**
33  * EciesKem is an implementation of the key encapsulation mechanism ECIES-KEM described in
34  * ISO 18033-2 (http://www.shoup.net/iso/std6.pdf, http://www.shoup.net/papers/iso-2_1.pdf).
35  */
36 class EciesKem : public Kem {
37   public:
~EciesKem()38     virtual ~EciesKem() override {}
39     EciesKem(const AuthorizationSet& kem_description, keymaster_error_t* error);
40 
41     /* Kem interface. */
42     bool Encrypt(const Buffer& peer_public_value, Buffer* output_clear_key,
43                  Buffer* output_encrypted_key) override;
44     bool Encrypt(const uint8_t* peer_public_value, size_t peer_public_value_len,
45                  Buffer* output_clear_key, Buffer* output_encrypted_key) override;
46 
47     bool Decrypt(EC_KEY* private_key, const Buffer& encrypted_key, Buffer* output_key) override;
48     bool Decrypt(EC_KEY* private_key, const uint8_t* encrypted_key, size_t encrypted_key_len,
49                  Buffer* output_key) override;
50 
51   private:
52     UniquePtr<KeyExchange> key_exchange_;
53     UniquePtr<Rfc5869Sha256Kdf> kdf_;
54     bool single_hash_mode_;
55     uint32_t key_bytes_to_generate_;
56     keymaster_ec_curve_t curve_;
57 };
58 
59 }  // namespace keymaster
60 
61 #endif  // SYSTEM_KEYMASTER_ECIES_KEM_H_
62