Complete the addition of AES Key Wrap to blapi in freebl.

git-svn-id: svn://10.0.0.236/trunk@136390 18797224-902f-48f8-a5cc-f745e15eee43

mozilla/security/nss/lib/freebl/blapi.h

@@ -32,7 +32,7 @@
  * may use your version of this file under either the MPL or the
  * GPL.
  *
- * $Id: blapi.h,v 1.12 2002-11-16 06:09:57 nelsonb%netscape.com Exp $
+ * $Id: blapi.h,v 1.13 2003-01-16 00:15:19 nelsonb%netscape.com Exp $
  */
 
 #ifndef _BLAPI_H_
@@ -471,6 +471,62 @@ AES_Decrypt(AESContext *cx, unsigned char *output,
             unsigned int *outputLen, unsigned int maxOutputLen,
             const unsigned char *input, unsigned int inputLen);
 
+/******************************************/
+/*
+** AES key wrap algorithm, RFC 3394
+*/
+
+/*
+** Create a new AES context suitable for AES encryption/decryption.
+** 	"key" raw key data
+**      "iv"  The 8 byte "initial value"
+**      "encrypt", a boolean, true for key wrapping, false for unwrapping.
+** 	"keylen" the number of bytes of key data (16, 24, or 32)
+*/
+extern AESKeyWrapContext *
+AESKeyWrap_CreateContext(const unsigned char *key, const unsigned char *iv, 
+                         int encrypt, unsigned int keylen);
+
+/*
+** Destroy a AES KeyWrap context.
+**	"cx" the context
+**	"freeit" if PR_TRUE then free the object as well as its sub-objects
+*/
+extern void 
+AESKeyWrap_DestroyContext(AESKeyWrapContext *cx, PRBool freeit);
+
+/*
+** Perform AES key wrap.
+**	"cx" the context
+**	"output" the output buffer to store the encrypted data.
+**	"outputLen" how much data is stored in "output". Set by the routine
+**	   after some data is stored in output.
+**	"maxOutputLen" the maximum amount of data that can ever be
+**	   stored in "output"
+**	"input" the input data
+**	"inputLen" the amount of input data
+*/
+extern SECStatus 
+AESKeyWrap_Encrypt(AESKeyWrapContext *cx, unsigned char *output,
+            unsigned int *outputLen, unsigned int maxOutputLen,
+            const unsigned char *input, unsigned int inputLen);
+
+/*
+** Perform AES key unwrap.
+**	"cx" the context
+**	"output" the output buffer to store the decrypted data.
+**	"outputLen" how much data is stored in "output". Set by the routine
+**	   after some data is stored in output.
+**	"maxOutputLen" the maximum amount of data that can ever be
+**	   stored in "output"
+**	"input" the input data
+**	"inputLen" the amount of input data
+*/
+extern SECStatus 
+AESKeyWrap_Decrypt(AESKeyWrapContext *cx, unsigned char *output,
+            unsigned int *outputLen, unsigned int maxOutputLen,
+            const unsigned char *input, unsigned int inputLen);
+
 
 /******************************************/
 /*

mozilla/security/nss/lib/freebl/blapit.h

@@ -32,7 +32,7 @@
  * may use your version of this file under either the MPL or the
  * GPL.
  *
- * $Id: blapit.h,v 1.6 2002-11-16 03:21:53 nelsonb%netscape.com Exp $
+ * $Id: blapit.h,v 1.7 2003-01-16 00:15:20 nelsonb%netscape.com Exp $
  */
 
 #ifndef _BLAPIT_H_
@@ -83,6 +83,10 @@
 #define SHA384_BLOCK_LENGTH 	128 	/* bytes */
 #define SHA512_BLOCK_LENGTH 	128 	/* bytes */
 
+#define AES_KEY_WRAP_IV_BYTES    8
+#define AES_KEY_WRAP_BLOCK_SIZE  8  /* bytes */
+#define AES_BLOCK_SIZE          16  /* bytes */
+
 #define NSS_FREEBL_DEFAULT_CHUNKSIZE 2048
 
 /*
@@ -139,6 +143,7 @@ struct MD5ContextStr        ;
 struct SHA1ContextStr       ;
 struct SHA256ContextStr     ;
 struct SHA512ContextStr     ;
+struct AESKeyWrapContextStr ;
 
 typedef struct DESContextStr        DESContext;
 typedef struct RC2ContextStr        RC2Context;
@@ -152,6 +157,7 @@ typedef struct SHA256ContextStr     SHA256Context;
 typedef struct SHA512ContextStr     SHA512Context;
 /* SHA384Context is really a SHA512ContextStr.  This is not a mistake. */
 typedef struct SHA512ContextStr     SHA384Context;
+typedef struct AESKeyWrapContextStr AESKeyWrapContext;
 
 /***************************************************************************
 ** RSA Public and Private Key structures

mozilla/security/nss/lib/freebl/ldvector.c

@@ -32,7 +32,7 @@
  * may use your version of this file under either the MPL or the
  * GPL.
  *
- * $Id: ldvector.c,v 1.3 2002-11-02 01:51:42 nelsonb%netscape.com Exp $
+ * $Id: ldvector.c,v 1.4 2003-01-16 00:15:21 nelsonb%netscape.com Exp $
  */
 
 #include "loader.h"
@@ -160,6 +160,13 @@ static const struct FREEBLVectorStr vector = {
 
     /* End of Version 3.003. */
 
+    AESKeyWrap_CreateContext,
+    AESKeyWrap_DestroyContext,
+    AESKeyWrap_Encrypt,
+    AESKeyWrap_Decrypt,
+
+    /* End of Version 3.004. */
+
 };
 
 

mozilla/security/nss/lib/freebl/loader.c

@@ -32,7 +32,7 @@
  * may use your version of this file under either the MPL or the
  * GPL.
  *
- * $Id: loader.c,v 1.9 2002-11-16 06:09:58 nelsonb%netscape.com Exp $
+ * $Id: loader.c,v 1.10 2003-01-16 00:15:21 nelsonb%netscape.com Exp $
  */
 
 #include "loader.h"
@@ -1233,4 +1233,41 @@ SHA384_Resurrect(unsigned char *space, void *arg)
 }
 
 
+AESKeyWrapContext *
+AESKeyWrap_CreateContext(const unsigned char *key, const unsigned char *iv, 
+                         int encrypt, unsigned int keylen)
+{
+  if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+      return NULL;
+  return vector->p_AESKeyWrap_CreateContext(key, iv, encrypt, keylen);
+}
+
+void 
+AESKeyWrap_DestroyContext(AESKeyWrapContext *cx, PRBool freeit)
+{
+  if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+      return NULL;
+  return vector->p_AESKeyWrap_DestroyContext(cx, freeit);
+}
+
+SECStatus 
+AESKeyWrap_Encrypt(AESKeyWrapContext *cx, unsigned char *output,
+		   unsigned int *outputLen, unsigned int maxOutputLen,
+		   const unsigned char *input, unsigned int inputLen)
+{
+  if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+      return NULL;
+  return vector->p_AESKeyWrap_Encrypt(cx, output, outputLen, maxOutputLen,
+                                      input, inputLen);
+}
+SECStatus 
+AESKeyWrap_Decrypt(AESKeyWrapContext *cx, unsigned char *output,
+		   unsigned int *outputLen, unsigned int maxOutputLen,
+		   const unsigned char *input, unsigned int inputLen)
+{
+  if (!vector && PR_SUCCESS != freebl_RunLoaderOnce())
+      return NULL;
+  return vector->p_AESKeyWrap_Decrypt(cx, output, outputLen, maxOutputLen,
+		                      input, inputLen);
+}
 

mozilla/security/nss/lib/freebl/loader.h

@@ -32,7 +32,7 @@
  * may use your version of this file under either the MPL or the
  * GPL.
  *
- * $Id: loader.h,v 1.6 2002-11-16 06:09:58 nelsonb%netscape.com Exp $
+ * $Id: loader.h,v 1.7 2003-01-16 00:15:21 nelsonb%netscape.com Exp $
  */
 
 #ifndef _LOADER_H_
@@ -40,7 +40,7 @@
 
 #include "blapi.h"
 
-#define FREEBL_VERSION 0x0303
+#define FREEBL_VERSION 0x0304
 
 struct FREEBLVectorStr {
 
@@ -312,6 +312,23 @@ struct FREEBLVectorStr {
 
   /* Version 3.003 came to here */
 
+ AESKeyWrapContext * (* p_AESKeyWrap_CreateContext)(const unsigned char *key, 
+                   const unsigned char *iv, int encrypt, unsigned int keylen);
+
+ void (* p_AESKeyWrap_DestroyContext)(AESKeyWrapContext *cx, PRBool freeit);
+
+ SECStatus (* p_AESKeyWrap_Encrypt)(AESKeyWrapContext *cx, 
+            unsigned char *output,
+            unsigned int *outputLen, unsigned int maxOutputLen,
+            const unsigned char *input, unsigned int inputLen);
+
+ SECStatus (* p_AESKeyWrap_Decrypt)(AESKeyWrapContext *cx, 
+            unsigned char *output,
+            unsigned int *outputLen, unsigned int maxOutputLen,
+            const unsigned char *input, unsigned int inputLen);
+
+  /* Version 3.004 came to here */
+
 };
 
 typedef struct FREEBLVectorStr FREEBLVector;

mozilla/security/nss/lib/freebl/manifest.mn

@@ -88,6 +88,7 @@ CSRCS = \
 	desblapi.c \
 	des.c \
 	rijndael.c \
+	aeskeywrap.c \
 	dh.c \
 	pqg.c \
 	dsa.c \