PageRenderTime 49ms CodeModel.GetById 13ms app.highlight 30ms RepoModel.GetById 2ms app.codeStats 0ms

/gecko_api/include/blapit.h

http://firefox-mac-pdf.googlecode.com/
C++ Header | 380 lines | 207 code | 50 blank | 123 comment | 2 complexity | 80d7509fea1de7884448ab5aebc11afb MD5 | raw file
  1/*
  2 * blapit.h - public data structures for the crypto library
  3 *
  4 * ***** BEGIN LICENSE BLOCK *****
  5 * Version: MPL 1.1/GPL 2.0/LGPL 2.1
  6 *
  7 * The contents of this file are subject to the Mozilla Public License Version
  8 * 1.1 (the "License"); you may not use this file except in compliance with
  9 * the License. You may obtain a copy of the License at
 10 * http://www.mozilla.org/MPL/
 11 *
 12 * Software distributed under the License is distributed on an "AS IS" basis,
 13 * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
 14 * for the specific language governing rights and limitations under the
 15 * License.
 16 *
 17 * The Original Code is the Netscape security libraries.
 18 *
 19 * The Initial Developer of the Original Code is
 20 * Netscape Communications Corporation.
 21 * Portions created by the Initial Developer are Copyright (C) 1994-2000
 22 * the Initial Developer. All Rights Reserved.
 23 *
 24 * Contributor(s):
 25 *   Dr Vipul Gupta <vipul.gupta@sun.com> and
 26 *   Douglas Stebila <douglas@stebila.ca>, Sun Microsystems Laboratories
 27 *
 28 * Alternatively, the contents of this file may be used under the terms of
 29 * either the GNU General Public License Version 2 or later (the "GPL"), or
 30 * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
 31 * in which case the provisions of the GPL or the LGPL are applicable instead
 32 * of those above. If you wish to allow use of your version of this file only
 33 * under the terms of either the GPL or the LGPL, and not to allow others to
 34 * use your version of this file under the terms of the MPL, indicate your
 35 * decision by deleting the provisions above and replace them with the notice
 36 * and other provisions required by the GPL or the LGPL. If you do not delete
 37 * the provisions above, a recipient may use your version of this file under
 38 * the terms of any one of the MPL, the GPL or the LGPL.
 39 *
 40 * ***** END LICENSE BLOCK ***** */
 41/* $Id: blapit.h,v 1.20 2007/02/28 19:47:37 rrelyea%redhat.com Exp $ */
 42
 43#ifndef _BLAPIT_H_
 44#define _BLAPIT_H_
 45
 46#include "seccomon.h"
 47#include "prlink.h"
 48#include "plarena.h"
 49#include "ecl-exp.h"
 50
 51
 52/* RC2 operation modes */
 53#define NSS_RC2			0
 54#define NSS_RC2_CBC		1
 55
 56/* RC5 operation modes */
 57#define NSS_RC5                 0
 58#define NSS_RC5_CBC             1
 59
 60/* DES operation modes */
 61#define NSS_DES			0
 62#define NSS_DES_CBC		1
 63#define NSS_DES_EDE3		2
 64#define NSS_DES_EDE3_CBC	3
 65
 66#define DES_KEY_LENGTH		8	/* Bytes */
 67
 68/* AES operation modes */
 69#define NSS_AES                 0
 70#define NSS_AES_CBC             1
 71
 72/* Camellia operation modes */
 73#define NSS_CAMELLIA                 0
 74#define NSS_CAMELLIA_CBC             1
 75
 76#define DSA_SIGNATURE_LEN 	40	/* Bytes */
 77#define DSA_SUBPRIME_LEN	20	/* Bytes */
 78
 79/* XXX We shouldn't have to hard code this limit. For
 80 * now, this is the quickest way to support ECDSA signature
 81 * processing (ECDSA signature lengths depend on curve
 82 * size). This limit is sufficient for curves upto
 83 * 576 bits.
 84 */
 85#define MAX_ECKEY_LEN 	        72	/* Bytes */
 86
 87/*
 88 * Number of bytes each hash algorithm produces
 89 */
 90#define MD2_LENGTH		16	/* Bytes */
 91#define MD5_LENGTH		16	/* Bytes */
 92#define SHA1_LENGTH		20	/* Bytes */
 93#define SHA256_LENGTH 		32 	/* bytes */
 94#define SHA384_LENGTH 		48 	/* bytes */
 95#define SHA512_LENGTH 		64 	/* bytes */
 96#define HASH_LENGTH_MAX         SHA512_LENGTH
 97
 98/*
 99 * Input block size for each hash algorithm.
100 */
101
102#define MD2_BLOCK_LENGTH 	 64 	/* bytes */
103#define MD5_BLOCK_LENGTH 	 64 	/* bytes */
104#define SHA1_BLOCK_LENGTH 	 64 	/* bytes */
105#define SHA256_BLOCK_LENGTH 	 64 	/* bytes */
106#define SHA384_BLOCK_LENGTH 	128 	/* bytes */
107#define SHA512_BLOCK_LENGTH 	128 	/* bytes */
108#define HASH_BLOCK_LENGTH_MAX 	SHA512_BLOCK_LENGTH
109
110#define AES_KEY_WRAP_IV_BYTES    8
111#define AES_KEY_WRAP_BLOCK_SIZE  8  /* bytes */
112#define AES_BLOCK_SIZE          16  /* bytes */
113
114#define CAMELLIA_BLOCK_SIZE          16  /* bytes */
115
116#define NSS_FREEBL_DEFAULT_CHUNKSIZE 2048
117
118/*
119 * These values come from the initial key size limits from the PKCS #11
120 * module. They may be arbitrarily adjusted to any value freebl supports.
121 */
122#define RSA_MIN_MODULUS_BITS   128
123#define RSA_MAX_MODULUS_BITS  8192
124#define RSA_MAX_EXPONENT_BITS   64
125#define DH_MIN_P_BITS	       128
126#define DH_MAX_P_BITS         2236
127
128/*
129 * The FIPS 186 algorithm for generating primes P and Q allows only 9
130 * distinct values for the length of P, and only one value for the
131 * length of Q.
132 * The algorithm uses a variable j to indicate which of the 9 lengths
133 * of P is to be used.
134 * The following table relates j to the lengths of P and Q in bits.
135 *
136 *	j	bits in P	bits in Q
137 *	_	_________	_________
138 *	0	 512		160
139 *	1	 576		160
140 *	2	 640		160
141 *	3	 704		160
142 *	4	 768		160
143 *	5	 832		160
144 *	6	 896		160
145 *	7	 960		160
146 *	8	1024		160
147 *
148 * The FIPS-186 compliant PQG generator takes j as an input parameter.
149 */
150
151#define DSA_Q_BITS       160
152#define DSA_MAX_P_BITS	1024
153#define DSA_MIN_P_BITS	 512
154
155/*
156 * function takes desired number of bits in P,
157 * returns index (0..8) or -1 if number of bits is invalid.
158 */
159#define PQG_PBITS_TO_INDEX(bits) \
160    (((bits) < 512 || (bits) > 1024 || (bits) % 64) ? \
161    -1 : (int)((bits)-512)/64)
162
163/*
164 * function takes index (0-8)
165 * returns number of bits in P for that index, or -1 if index is invalid.
166 */
167#define PQG_INDEX_TO_PBITS(j) (((unsigned)(j) > 8) ? -1 : (512 + 64 * (j)))
168
169
170/***************************************************************************
171** Opaque objects 
172*/
173
174struct DESContextStr        ;
175struct RC2ContextStr        ;
176struct RC4ContextStr        ;
177struct RC5ContextStr        ;
178struct AESContextStr        ;
179struct CamelliaContextStr   ;
180struct MD2ContextStr        ;
181struct MD5ContextStr        ;
182struct SHA1ContextStr       ;
183struct SHA256ContextStr     ;
184struct SHA512ContextStr     ;
185struct AESKeyWrapContextStr ;
186
187typedef struct DESContextStr        DESContext;
188typedef struct RC2ContextStr        RC2Context;
189typedef struct RC4ContextStr        RC4Context;
190typedef struct RC5ContextStr        RC5Context;
191typedef struct AESContextStr        AESContext;
192typedef struct CamelliaContextStr   CamelliaContext;
193typedef struct MD2ContextStr        MD2Context;
194typedef struct MD5ContextStr        MD5Context;
195typedef struct SHA1ContextStr       SHA1Context;
196typedef struct SHA256ContextStr     SHA256Context;
197typedef struct SHA512ContextStr     SHA512Context;
198/* SHA384Context is really a SHA512ContextStr.  This is not a mistake. */
199typedef struct SHA512ContextStr     SHA384Context;
200typedef struct AESKeyWrapContextStr AESKeyWrapContext;
201
202/***************************************************************************
203** RSA Public and Private Key structures
204*/
205
206/* member names from PKCS#1, section 7.1 */
207struct RSAPublicKeyStr {
208    PRArenaPool * arena;
209    SECItem modulus;
210    SECItem publicExponent;
211};
212typedef struct RSAPublicKeyStr RSAPublicKey;
213
214/* member names from PKCS#1, section 7.2 */
215struct RSAPrivateKeyStr {
216    PRArenaPool * arena;
217    SECItem version;
218    SECItem modulus;
219    SECItem publicExponent;
220    SECItem privateExponent;
221    SECItem prime1;
222    SECItem prime2;
223    SECItem exponent1;
224    SECItem exponent2;
225    SECItem coefficient;
226};
227typedef struct RSAPrivateKeyStr RSAPrivateKey;
228
229
230/***************************************************************************
231** DSA Public and Private Key and related structures
232*/
233
234struct PQGParamsStr {
235    PRArenaPool *arena;
236    SECItem prime;    /* p */
237    SECItem subPrime; /* q */
238    SECItem base;     /* g */
239    /* XXX chrisk: this needs to be expanded to hold j and validationParms (RFC2459 7.3.2) */
240};
241typedef struct PQGParamsStr PQGParams;
242
243struct PQGVerifyStr {
244    PRArenaPool * arena;	/* includes this struct, seed, & h. */
245    unsigned int  counter;
246    SECItem       seed;
247    SECItem       h;
248};
249typedef struct PQGVerifyStr PQGVerify;
250
251struct DSAPublicKeyStr {
252    PQGParams params;
253    SECItem publicValue;
254};
255typedef struct DSAPublicKeyStr DSAPublicKey;
256
257struct DSAPrivateKeyStr {
258    PQGParams params;
259    SECItem publicValue;
260    SECItem privateValue;
261};
262typedef struct DSAPrivateKeyStr DSAPrivateKey;
263
264/***************************************************************************
265** Diffie-Hellman Public and Private Key and related structures
266** Structure member names suggested by PKCS#3.
267*/
268
269struct DHParamsStr {
270    PRArenaPool * arena;
271    SECItem prime; /* p */
272    SECItem base; /* g */
273};
274typedef struct DHParamsStr DHParams;
275
276struct DHPublicKeyStr {
277    PRArenaPool * arena;
278    SECItem prime;
279    SECItem base;
280    SECItem publicValue;
281};
282typedef struct DHPublicKeyStr DHPublicKey;
283
284struct DHPrivateKeyStr {
285    PRArenaPool * arena;
286    SECItem prime;
287    SECItem base;
288    SECItem publicValue;
289    SECItem privateValue;
290};
291typedef struct DHPrivateKeyStr DHPrivateKey;
292
293/***************************************************************************
294** Data structures used for elliptic curve parameters and
295** public and private keys.
296*/
297
298/*
299** The ECParams data structures can encode elliptic curve 
300** parameters for both GFp and GF2m curves.
301*/
302
303typedef enum { ec_params_explicit,
304	       ec_params_named
305} ECParamsType;
306
307typedef enum { ec_field_GFp = 1,
308               ec_field_GF2m
309} ECFieldType;
310
311struct ECFieldIDStr {
312    int         size;   /* field size in bits */
313    ECFieldType type;
314    union {
315        SECItem  prime; /* prime p for (GFp) */
316        SECItem  poly;  /* irreducible binary polynomial for (GF2m) */
317    } u;
318    int         k1;     /* first coefficient of pentanomial or
319                         * the only coefficient of trinomial 
320                         */
321    int         k2;     /* two remaining coefficients of pentanomial */
322    int         k3;
323};
324typedef struct ECFieldIDStr ECFieldID;
325
326struct ECCurveStr {
327    SECItem a;          /* contains octet stream encoding of
328                         * field element (X9.62 section 4.3.3) 
329			 */
330    SECItem b;
331    SECItem seed;
332};
333typedef struct ECCurveStr ECCurve;
334
335struct ECParamsStr {
336    PRArenaPool * arena;
337    ECParamsType  type;
338    ECFieldID     fieldID;
339    ECCurve       curve; 
340    SECItem       base;
341    SECItem       order; 
342    int           cofactor;
343    SECItem       DEREncoding;
344    ECCurveName   name;
345    SECItem       curveOID;
346};
347typedef struct ECParamsStr ECParams;
348
349struct ECPublicKeyStr {
350    ECParams ecParams;   
351    SECItem publicValue;   /* elliptic curve point encoded as 
352			    * octet stream.
353			    */
354};
355typedef struct ECPublicKeyStr ECPublicKey;
356
357struct ECPrivateKeyStr {
358    ECParams ecParams;   
359    SECItem publicValue;   /* encoded ec point */
360    SECItem privateValue;  /* private big integer */
361    SECItem version;       /* As per SEC 1, Appendix C, Section C.4 */
362};
363typedef struct ECPrivateKeyStr ECPrivateKey;
364
365typedef void * (*BLapiAllocateFunc)(void);
366typedef void (*BLapiDestroyContextFunc)(void *cx, PRBool freeit);
367typedef SECStatus (*BLapiInitContextFunc)(void *cx, 
368				   const unsigned char *key, 
369				   unsigned int keylen,
370				   const unsigned char *, 
371				   int, 
372				   unsigned int ,
373				   unsigned int );
374typedef SECStatus (*BLapiEncrypt)(void *cx, unsigned char *output,
375				unsigned int *outputLen, 
376				unsigned int maxOutputLen,
377				const unsigned char *input, 
378				unsigned int inputLen);
379
380#endif /* _BLAPIT_H_ */