google
diff --git a/‎keymanager/key_protection_service/key_custody_core/kps_key_custody_core_cgo.go‎
Lines changed: 61 additions & 5 deletions b/‎keymanager/key_protection_service/key_custody_core/kps_key_custody_core_cgo.go‎
Lines changed: 61 additions & 5 deletions
diff --git a/‎keymanager/key_protection_service/key_custody_core/src/lib.rs‎
Lines changed: 25 additions & 6 deletions b/‎keymanager/key_protection_service/key_custody_core/src/lib.rs‎
Lines changed: 25 additions & 6 deletions
diff --git a/‎keymanager/key_protection_service/service.go‎
Lines changed: 35 additions & 4 deletions b/‎keymanager/key_protection_service/service.go‎
Lines changed: 35 additions & 4 deletions
diff --git a/‎keymanager/key_protection_service/service_test.go‎
Lines changed: 71 additions & 2 deletions b/‎keymanager/key_protection_service/service_test.go‎
Lines changed: 71 additions & 2 deletions
@@ -29,10 +29,10 @@ func GenerateKEMKeypair(bindingPubKey []byte, lifespanSecs uint64) (uuid.UUID, [
 	var pubkeyBuf [32]byte
 	pubkeyLen := C.size_t(len(pubkeyBuf))
 
-	algo := C.KmHpkeAlgorithm{
-		kem:  C.KM_KEM_ALGORITHM_DHKEM_X25519_HKDF_SHA256,
-		kdf:  C.KM_KDF_ALGORITHM_HKDF_SHA256,
-		aead: C.KM_AEAD_ALGORITHM_AES_256_GCM,
+	algo := C.KpsHpkeAlgorithm{
+		kem:  C.KPS_KEM_ALGORITHM_DHKEM_X25519_HKDF_SHA256,
+		kdf:  C.KPS_KDF_ALGORITHM_HKDF_SHA256,
+		aead: C.KPS_AEAD_ALGORITHM_AES_256_GCM,
 	}
 
 	rc := C.key_manager_generate_kem_keypair(
@@ -42,7 +42,7 @@ func GenerateKEMKeypair(bindingPubKey []byte, lifespanSecs uint64) (uuid.UUID, [
 		C.uint64_t(lifespanSecs),
 		(*C.uint8_t)(unsafe.Pointer(&uuidBytes[0])),
 		(*C.uint8_t)(unsafe.Pointer(&pubkeyBuf[0])),
-		pubkeyLen,
+		&pubkeyLen,
 	)
 	if rc != 0 {
 		return uuid.Nil, nil, fmt.Errorf("key_manager_generate_kem_keypair failed with code %d", rc)
@@ -57,3 +57,59 @@ func GenerateKEMKeypair(bindingPubKey []byte, lifespanSecs uint64) (uuid.UUID, [
 	copy(pubkey, pubkeyBuf[:pubkeyLen])
 	return id, pubkey, nil
 }
+
+// DecapAndSeal decapsulates a shared secret using the stored KEM key and
+// reseals it with the associated binding public key via Rust FFI.
+// Returns the new encapsulated key and sealed ciphertext.
+func DecapAndSeal(kemUUID uuid.UUID, encapsulatedKey, aad []byte) ([]byte, []byte, error) {
+	if len(encapsulatedKey) == 0 {
+		return nil, nil, fmt.Errorf("encapsulated key must not be empty")
+	}
+
+	uuidBytes := kemUUID[:]
+
+	var outEncKey [32]byte
+	outEncKeyLen := C.size_t(len(outEncKey))
+	var outCT [48]byte // 32-byte secret + 16-byte GCM tag
+	outCTLen := C.size_t(len(outCT))
+
+	var aadPtr *C.uint8_t
+	aadLen := C.size_t(0)
+	if len(aad) > 0 {
+		aadPtr = (*C.uint8_t)(unsafe.Pointer(&aad[0]))
+		aadLen = C.size_t(len(aad))
+	}
+
+	rc := C.key_manager_decap_and_seal(
+		(*C.uint8_t)(unsafe.Pointer(&uuidBytes[0])),
+		(*C.uint8_t)(unsafe.Pointer(&encapsulatedKey[0])),
+		C.size_t(len(encapsulatedKey)),
+		aadPtr,
+		aadLen,
+		(*C.uint8_t)(unsafe.Pointer(&outEncKey[0])),
+		&outEncKeyLen,
+		(*C.uint8_t)(unsafe.Pointer(&outCT[0])),
+		&outCTLen,
+	)
+	if rc != 0 {
+		return nil, nil, fmt.Errorf("key_manager_decap_and_seal failed with code %d", rc)
+	}
+
+	sealEnc := make([]byte, outEncKeyLen)
+	copy(sealEnc, outEncKey[:outEncKeyLen])
+	sealedCT := make([]byte, outCTLen)
+	copy(sealedCT, outCT[:outCTLen])
+	return sealEnc, sealedCT, nil
+}
+
+// DestroyKEMKey destroys the KEM key identified by kemUUID via Rust FFI.
+func DestroyKEMKey(kemUUID uuid.UUID) error {
+	uuidBytes := kemUUID[:]
+	rc := C.key_manager_destroy_kem_key(
+		(*C.uint8_t)(unsafe.Pointer(&uuidBytes[0])),
+	)
+	if rc != 0 {
+		return fmt.Errorf("key_manager_destroy_kem_key failed with code %d", rc)
+	}
+	return nil
+}
@@ -70,42 +70,61 @@ pub unsafe extern "C" fn key_manager_generate_kem_keypair(
     expiry_secs: u64,
     out_uuid: *mut u8,
     out_pubkey: *mut u8,
-    out_pubkey_len: usize,
+    out_pubkey_len: *mut usize,
 ) -> i32 {
     // Safety Invariant Checks
     if binding_pubkey.is_null()
         || binding_pubkey_len == 0
         || out_pubkey.is_null()
         || out_uuid.is_null()
+        || out_pubkey_len.is_null()
     {
         return -1;
     }
 
     // Convert to Safe Types
     let binding_pubkey_slice = unsafe { slice::from_raw_parts(binding_pubkey, binding_pubkey_len) };
     let out_uuid = unsafe { slice::from_raw_parts_mut(out_uuid, 16) };
-    let out_pubkey = unsafe { slice::from_raw_parts_mut(out_pubkey, out_pubkey_len) };
+    // We cannot verify pubkey length safely without dereferencing out_pubkey_len
+    let pubkey_capacity = unsafe { *out_pubkey_len };
+    let out_pubkey = unsafe { slice::from_raw_parts_mut(out_pubkey, pubkey_capacity) };
 
     let binding_pubkey = match PublicKey::try_from(binding_pubkey_slice.to_vec()) {
         Ok(pk) => pk,
         Err(_) => return -1,
     };
 
-    // Call Safe Internal Function
     // Call Safe Internal Function
     match generate_kem_keypair_internal(algo.into(), binding_pubkey, expiry_secs) {
         Ok((id, pubkey)) => {
-            if out_pubkey_len != pubkey.as_bytes().len() {
-                return -2;
+            let actual_len = pubkey.as_bytes().len();
+            if pubkey_capacity < actual_len {
+                 return -2;
             }
+            unsafe { *out_pubkey_len = actual_len };
             out_uuid.copy_from_slice(id.as_bytes());
-            out_pubkey.copy_from_slice(pubkey.as_bytes());
+            out_pubkey[..actual_len].copy_from_slice(pubkey.as_bytes());
             0 // Success
         }
         Err(e) => e,
     }
 }
 
+#[unsafe(no_mangle)]
+pub unsafe extern "C" fn key_manager_decap_and_seal(
+    _uuid_bytes: *const u8,
+    _encapsulated_key: *const u8,
+    _encapsulated_key_len: usize,
+    _aad: *const u8,
+    _aad_len: usize,
+    _out_encapsulated_key: *mut u8,
+    _out_encapsulated_key_len: *mut usize,
+    _out_ciphertext: *mut u8,
+    _out_ciphertext_len: *mut usize,
+) -> i32 {
+    -1 // Not implemented
+}
+
 /// Destroys the KEM key associated with the given UUID.
 ///
 /// ## Arguments
 
@@ -10,18 +10,49 @@ type KEMKeyGenerator interface {
 	GenerateKEMKeypair(bindingPubKey []byte, lifespanSecs uint64) (uuid.UUID, []byte, error)
 }
 
-// Service implements KEMKeyGenerator by delegating to the KPS KCC FFI.
+// DecapSealer decapsulates a shared secret and reseals it with the binding key.
+type DecapSealer interface {
+	DecapAndSeal(kemUUID uuid.UUID, encapsulatedKey, aad []byte) (sealEnc []byte, sealedCT []byte, err error)
+}
+
+// KEMKeyDestroyer destroys a KEM key by UUID.
+type KEMKeyDestroyer interface {
+	DestroyKEMKey(kemUUID uuid.UUID) error
+}
+
+// Service implements KEMKeyGenerator, DecapSealer, and KEMKeyDestroyer by
+// delegating to the KPS KCC FFI.
 type Service struct {
 	generateKEMKeypairFn func(bindingPubKey []byte, lifespanSecs uint64) (uuid.UUID, []byte, error)
+	decapAndSealFn       func(kemUUID uuid.UUID, encapsulatedKey, aad []byte) ([]byte, []byte, error)
+	destroyKEMKeyFn      func(kemUUID uuid.UUID) error
 }
 
-// NewService creates a new KPS KOL service with the given KCC function.
-func NewService(generateKEMKeypairFn func(bindingPubKey []byte, lifespanSecs uint64) (uuid.UUID, []byte, error)) *Service {
-	return &Service{generateKEMKeypairFn: generateKEMKeypairFn}
+// NewService creates a new KPS KOL service with the given KCC functions.
+func NewService(
+	generateKEMKeypairFn func(bindingPubKey []byte, lifespanSecs uint64) (uuid.UUID, []byte, error),
+	decapAndSealFn func(kemUUID uuid.UUID, encapsulatedKey, aad []byte) ([]byte, []byte, error),
+	destroyKEMKeyFn func(kemUUID uuid.UUID) error,
+) *Service {
+	return &Service{
+		generateKEMKeypairFn: generateKEMKeypairFn,
+		decapAndSealFn:       decapAndSealFn,
+		destroyKEMKeyFn:      destroyKEMKeyFn,
+	}
 }
 
 // GenerateKEMKeypair generates a KEM keypair linked to the provided binding
 // public key by calling the KPS KCC FFI.
 func (s *Service) GenerateKEMKeypair(bindingPubKey []byte, lifespanSecs uint64) (uuid.UUID, []byte, error) {
 	return s.generateKEMKeypairFn(bindingPubKey, lifespanSecs)
 }
+
+// DestroyKEMKey destroys the KEM key identified by kemUUID by calling the KPS KCC FFI.
+func (s *Service) DestroyKEMKey(kemUUID uuid.UUID) error {
+	return s.destroyKEMKeyFn(kemUUID)
+}
+
+// DecapAndSeal decapsulates a shared secret and reseals it with the binding key.
+func (s *Service) DecapAndSeal(kemUUID uuid.UUID, encapsulatedKey, aad []byte) ([]byte, []byte, error) {
+	return s.decapAndSealFn(kemUUID, encapsulatedKey, aad)
+}
@@ -7,6 +7,15 @@ import (
 	"github.com/google/uuid"
 )
 
+// noopDecapAndSeal is a placeholder for tests that don't exercise DecapAndSeal.
+func noopDecapAndSeal(_ uuid.UUID, _, _ []byte) ([]byte, []byte, error) {
+	return nil, nil, nil
+}
+
+// noopDestroyKEMKey is a placeholder for tests that don't exercise DestroyKEMKey.
+func noopDestroyKEMKey(_ uuid.UUID) error {
+	return nil
+}
 func TestServiceGenerateKEMKeypairSuccess(t *testing.T) {
 	expectedUUID := uuid.New()
 	expectedPubKey := make([]byte, 32)
@@ -22,7 +31,7 @@ func TestServiceGenerateKEMKeypairSuccess(t *testing.T) {
 			t.Fatalf("expected lifespanSecs 7200, got %d", lifespanSecs)
 		}
 		return expectedUUID, expectedPubKey, nil
-	})
+	}, noopDecapAndSeal, noopDestroyKEMKey)
 
 	id, pubKey, err := svc.GenerateKEMKeypair(make([]byte, 32), 7200)
 	if err != nil {
@@ -39,10 +48,70 @@ func TestServiceGenerateKEMKeypairSuccess(t *testing.T) {
 func TestServiceGenerateKEMKeypairError(t *testing.T) {
 	svc := NewService(func(bindingPubKey []byte, lifespanSecs uint64) (uuid.UUID, []byte, error) {
 		return uuid.Nil, nil, fmt.Errorf("FFI error")
-	})
+	}, noopDecapAndSeal, noopDestroyKEMKey)
 
 	_, _, err := svc.GenerateKEMKeypair(make([]byte, 32), 3600)
 	if err == nil {
 		t.Fatal("expected error, got nil")
 	}
 }
+
+func TestServiceDecapAndSealSuccess(t *testing.T) {
+	kemUUID := uuid.New()
+	expectedSealEnc := []byte("seal-enc-key")
+	expectedSealedCT := []byte("sealed-ciphertext")
+
+	svc := NewService(nil, func(id uuid.UUID, encKey, aad []byte) ([]byte, []byte, error) {
+		if id != kemUUID {
+			t.Fatalf("expected KEM UUID %s, got %s", kemUUID, id)
+		}
+		return expectedSealEnc, expectedSealedCT, nil
+	}, noopDestroyKEMKey)
+
+	sealEnc, sealedCT, err := svc.DecapAndSeal(kemUUID, []byte("enc-key"), []byte("aad"))
+	if err != nil {
+		t.Fatalf("unexpected error: %v", err)
+	}
+	if string(sealEnc) != string(expectedSealEnc) {
+		t.Fatalf("expected seal enc %q, got %q", expectedSealEnc, sealEnc)
+	}
+	if string(sealedCT) != string(expectedSealedCT) {
+		t.Fatalf("expected sealed CT %q, got %q", expectedSealedCT, sealedCT)
+	}
+}
+
+func TestServiceDecapAndSealError(t *testing.T) {
+	svc := NewService(nil, func(_ uuid.UUID, _, _ []byte) ([]byte, []byte, error) {
+		return nil, nil, fmt.Errorf("decap FFI error")
+	}, noopDestroyKEMKey)
+
+	_, _, err := svc.DecapAndSeal(uuid.New(), []byte("enc-key"), nil)
+	if err == nil {
+		t.Fatal("expected error, got nil")
+	}
+}
+
+func TestServiceDestroyKEMKeySuccess(t *testing.T) {
+	kemUUID := uuid.New()
+	svc := NewService(nil, noopDecapAndSeal, func(id uuid.UUID) error {
+		if id != kemUUID {
+			t.Fatalf("expected KEM UUID %s, got %s", kemUUID, id)
+		}
+		return nil
+	})
+
+	if err := svc.DestroyKEMKey(kemUUID); err != nil {
+		t.Fatalf("unexpected error: %v", err)
+	}
+}
+
+func TestServiceDestroyKEMKeyError(t *testing.T) {
+	svc := NewService(nil, noopDecapAndSeal, func(_ uuid.UUID) error {
+		return fmt.Errorf("destroy FFI error")
+	})
+
+	err := svc.DestroyKEMKey(uuid.New())
+	if err == nil {
+		t.Fatal("expected error, got nil")
+	}
+}