diff options
| author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2010-06-16 12:11:01 +0200 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2010-06-17 20:49:05 +0200 |
| commit | fac33709478cfbd1657aa502ea6ea1acb12ecc2d (patch) | |
| tree | 429a26482407e34e4ac3e1873e63557cc048e21e /ncr.h | |
| parent | a1e2f414b46deb9d746ba03fb337ef0c95d46f7a (diff) | |
| download | cryptodev-linux-fac33709478cfbd1657aa502ea6ea1acb12ecc2d.tar.gz cryptodev-linux-fac33709478cfbd1657aa502ea6ea1acb12ecc2d.tar.xz cryptodev-linux-fac33709478cfbd1657aa502ea6ea1acb12ecc2d.zip | |
Initial attempts to allow wrapping keys with out of band data such as flags, key ids etc.
Diffstat (limited to 'ncr.h')
| -rw-r--r-- | ncr.h | 23 |
1 files changed, 22 insertions, 1 deletions
@@ -6,7 +6,9 @@ #endif #define NCR_CIPHER_MAX_BLOCK_LEN 32 +#define NCR_CIPHER_MAX_KEY_LEN 64 #define NCR_HASH_MAX_OUTPUT_SIZE 64 + typedef enum { NCR_ALG_NONE, NCR_ALG_3DES_CBC=2, @@ -37,7 +39,8 @@ typedef enum { typedef enum { - NCR_WALG_AES_RFC3394, + NCR_WALG_AES_RFC3394, /* for secret keys only */ + NCR_WALG_AES_RFC5649, /* can wrap arbitrary key */ } ncr_wrap_algorithm_t; typedef enum { @@ -280,6 +283,24 @@ struct ncr_key_wrap_st { #define NCRIO_KEY_WRAP _IOR ('c', 250, struct ncr_key_wrap_st) #define NCRIO_KEY_UNWRAP _IOR ('c', 251, struct ncr_key_wrap_st) +/* Internal ops */ +struct ncr_master_key_st { + uint8_t key[NCR_CIPHER_MAX_KEY_LEN]; + uint16_t key_size; +}; + +#define NCRIO_MASTER_KEY_SET _IOR ('c', 260, struct ncr_master_key_st) + +/* These are similar to key_wrap and unwrap except that will store some extra + * fields to be able to recover a key */ +struct ncr_key_storage_wrap_st { + ncr_key_t keytowrap; + ncr_data_t data; /* encrypted keytowrap */ +}; + +#define NCRIO_KEY_STORAGE_WRAP _IOR ('c', 261, struct ncr_key_storage_wrap_st) +#define NCRIO_KEY_STORAGE_UNWRAP _IOR ('c', 262, struct ncr_key_storage_wrap_st) + /* Crypto Operations ioctls */ |