other-licenses/android/dst.h@97036ab72558 (annotated)
other-licenses/android/dst.h
Tue, 06 Jan 2015 21:39:09 +0100
- author
- Michael Schloh von Bennewitz <michael@schloh.com>
- date
- Tue, 06 Jan 2015 21:39:09 +0100
- branch
- TOR_BUG_9701
- changeset 8
- 97036ab72558
- permissions
- -rw-r--r--
Conditionally force memory storage according to privacy.thirdparty.isolate;
This solves Tor bug #9701, complying with disk avoidance documented in
https://www.torproject.org/projects/torbrowser/design/#disk-avoidance.
| michael@0 | 1 | /* $NetBSD: dst.h,v 1.1.1.1 2004/05/20 19:49:41 christos Exp $ */ |
| michael@0 | 2 | |
| michael@0 | 3 | /* |
| michael@0 | 4 | * This version of this file is derived from Android 2.3 "Gingerbread", |
| michael@0 | 5 | * which contains uncredited changes by Android/Google developers. It has |
| michael@0 | 6 | * been modified in 2011 for use in the Android build of Mozilla Firefox by |
| michael@0 | 7 | * Mozilla contributors (including Michael Edwards <m.k.edwards@gmail.com>, |
| michael@0 | 8 | * and Steve Workman <sjhworkman@gmail.com>). |
| michael@0 | 9 | * These changes are offered under the same license as the original NetBSD |
| michael@0 | 10 | * file, whose copyright and license are unchanged above. |
| michael@0 | 11 | */ |
| michael@0 | 12 | |
| michael@0 | 13 | #ifndef DST_H |
| michael@0 | 14 | #define DST_H |
| michael@0 | 15 | |
| michael@0 | 16 | #ifndef HAS_DST_KEY |
| michael@0 | 17 | typedef struct dst_key { |
| michael@0 | 18 | char *dk_key_name; /* name of the key */ |
| michael@0 | 19 | int dk_key_size; /* this is the size of the key in bits */ |
| michael@0 | 20 | int dk_proto; /* what protocols this key can be used for */ |
| michael@0 | 21 | int dk_alg; /* algorithm number from key record */ |
| michael@0 | 22 | u_int32_t dk_flags; /* and the flags of the public key */ |
| michael@0 | 23 | u_int16_t dk_id; /* identifier of the key */ |
| michael@0 | 24 | } DST_KEY; |
| michael@0 | 25 | #endif /* HAS_DST_KEY */ |
| michael@0 | 26 | |
| michael@0 | 27 | /* |
| michael@0 | 28 | * do not taint namespace |
| michael@0 | 29 | */ |
| michael@0 | 30 | #define dst_bsafe_init __dst_bsafe_init |
| michael@0 | 31 | #define dst_buffer_to_key __dst_buffer_to_key |
| michael@0 | 32 | #define dst_check_algorithm __dst_check_algorithm |
| michael@0 | 33 | #define dst_compare_keys __dst_compare_keys |
| michael@0 | 34 | #define dst_cylink_init __dst_cylink_init |
| michael@0 | 35 | #define dst_dnskey_to_key __dst_dnskey_to_key |
| michael@0 | 36 | #define dst_eay_dss_init __dst_eay_dss_init |
| michael@0 | 37 | #define dst_free_key __dst_free_key |
| michael@0 | 38 | #define dst_generate_key __dst_generate_key |
| michael@0 | 39 | #define dst_hmac_md5_init __dst_hmac_md5_init |
| michael@0 | 40 | #define dst_init __dst_init |
| michael@0 | 41 | #define dst_key_to_buffer __dst_key_to_buffer |
| michael@0 | 42 | #define dst_key_to_dnskey __dst_key_to_dnskey |
| michael@0 | 43 | #define dst_read_key __dst_read_key |
| michael@0 | 44 | #define dst_rsaref_init __dst_rsaref_init |
| michael@0 | 45 | #define dst_s_build_filename __dst_s_build_filename |
| michael@0 | 46 | #define dst_s_calculate_bits __dst_s_calculate_bits |
| michael@0 | 47 | #define dst_s_conv_bignum_b64_to_u8 __dst_s_conv_bignum_b64_to_u8 |
| michael@0 | 48 | #define dst_s_conv_bignum_u8_to_b64 __dst_s_conv_bignum_u8_to_b64 |
| michael@0 | 49 | #define dst_s_dns_key_id __dst_s_dns_key_id |
| michael@0 | 50 | #define dst_s_dump __dst_s_dump |
| michael@0 | 51 | #define dst_s_filename_length __dst_s_filename_length |
| michael@0 | 52 | #define dst_s_fopen __dst_s_fopen |
| michael@0 | 53 | #define dst_s_get_int16 __dst_s_get_int16 |
| michael@0 | 54 | #define dst_s_get_int32 __dst_s_get_int32 |
| michael@0 | 55 | #define dst_s_id_calc __dst_s_id_calc |
| michael@0 | 56 | #define dst_s_put_int16 __dst_s_put_int16 |
| michael@0 | 57 | #define dst_s_put_int32 __dst_s_put_int32 |
| michael@0 | 58 | #define dst_s_quick_random __dst_s_quick_random |
| michael@0 | 59 | #define dst_s_quick_random_set __dst_s_quick_random_set |
| michael@0 | 60 | #define dst_s_random __dst_s_random |
| michael@0 | 61 | #define dst_s_semi_random __dst_s_semi_random |
| michael@0 | 62 | #define dst_s_verify_str __dst_s_verify_str |
| michael@0 | 63 | #define dst_sig_size __dst_sig_size |
| michael@0 | 64 | #define dst_sign_data __dst_sign_data |
| michael@0 | 65 | #define dst_verify_data __dst_verify_data |
| michael@0 | 66 | #define dst_write_key __dst_write_key |
| michael@0 | 67 | |
| michael@0 | 68 | /* |
| michael@0 | 69 | * DST Crypto API defintions |
| michael@0 | 70 | */ |
| michael@0 | 71 | void dst_init(void); |
| michael@0 | 72 | int dst_check_algorithm(const int); |
| michael@0 | 73 | |
| michael@0 | 74 | int dst_sign_data(const int, /* specifies INIT/UPDATE/FINAL/ALL */ |
| michael@0 | 75 | DST_KEY *, /* the key to use */ |
| michael@0 | 76 | void **, /* pointer to state structure */ |
| michael@0 | 77 | const u_char *, /* data to be signed */ |
| michael@0 | 78 | const int, /* length of input data */ |
| michael@0 | 79 | u_char *, /* buffer to write signature to */ |
| michael@0 | 80 | const int); /* size of output buffer */ |
| michael@0 | 81 | |
| michael@0 | 82 | int dst_verify_data(const int, /* specifies INIT/UPDATE/FINAL/ALL */ |
| michael@0 | 83 | DST_KEY *, /* the key to use */ |
| michael@0 | 84 | void **, /* pointer to state structure */ |
| michael@0 | 85 | const u_char *, /* data to be verified */ |
| michael@0 | 86 | const int, /* length of input data */ |
| michael@0 | 87 | const u_char *, /* buffer containing signature */ |
| michael@0 | 88 | const int); /* length of signature */ |
| michael@0 | 89 | |
| michael@0 | 90 | |
| michael@0 | 91 | DST_KEY *dst_read_key(const char *, /* name of key */ |
| michael@0 | 92 | const u_int16_t, /* key tag identifier */ |
| michael@0 | 93 | const int, /* key algorithm */ |
| michael@0 | 94 | const int); /* Private/PublicKey wanted*/ |
| michael@0 | 95 | |
| michael@0 | 96 | int dst_write_key(const DST_KEY *, /* key to write out */ |
| michael@0 | 97 | const int); /* Public/Private */ |
| michael@0 | 98 | |
| michael@0 | 99 | DST_KEY *dst_dnskey_to_key(const char *, /* KEY record name */ |
| michael@0 | 100 | const u_char *, /* KEY RDATA */ |
| michael@0 | 101 | const int); /* size of input buffer*/ |
| michael@0 | 102 | |
| michael@0 | 103 | |
| michael@0 | 104 | int dst_key_to_dnskey(const DST_KEY *, /* key to translate */ |
| michael@0 | 105 | u_char *, /* output buffer */ |
| michael@0 | 106 | const int); /* size of out_storage*/ |
| michael@0 | 107 | |
| michael@0 | 108 | |
| michael@0 | 109 | DST_KEY *dst_buffer_to_key(const char *, /* name of the key */ |
| michael@0 | 110 | const int, /* algorithm */ |
| michael@0 | 111 | const int, /* dns flags */ |
| michael@0 | 112 | const int, /* dns protocol */ |
| michael@0 | 113 | const u_char *, /* key in dns wire fmt */ |
| michael@0 | 114 | const int); /* size of key */ |
| michael@0 | 115 | |
| michael@0 | 116 | |
| michael@0 | 117 | int dst_key_to_buffer(DST_KEY *, u_char *, int); |
| michael@0 | 118 | |
| michael@0 | 119 | DST_KEY *dst_generate_key(const char *, /* name of new key */ |
| michael@0 | 120 | const int, /* key algorithm to generate */ |
| michael@0 | 121 | const int, /* size of new key */ |
| michael@0 | 122 | const int, /* alg dependent parameter*/ |
| michael@0 | 123 | const int, /* key DNS flags */ |
| michael@0 | 124 | const int); /* key DNS protocol */ |
| michael@0 | 125 | |
| michael@0 | 126 | DST_KEY *dst_free_key(DST_KEY *); |
| michael@0 | 127 | int dst_compare_keys(const DST_KEY *, const DST_KEY *); |
| michael@0 | 128 | |
| michael@0 | 129 | int dst_sig_size(DST_KEY *); |
| michael@0 | 130 | |
| michael@0 | 131 | |
| michael@0 | 132 | /* support for dns key tags/ids */ |
| michael@0 | 133 | u_int16_t dst_s_dns_key_id(const u_char *, const int); |
| michael@0 | 134 | u_int16_t dst_s_id_calc(const u_char *, const int); |
| michael@0 | 135 | |
| michael@0 | 136 | /* Used by callers as well as by the library. */ |
| michael@0 | 137 | #define RAW_KEY_SIZE 8192 /* large enough to store any key */ |
| michael@0 | 138 | |
| michael@0 | 139 | /* DST_API control flags */ |
| michael@0 | 140 | /* These are used used in functions dst_sign_data and dst_verify_data */ |
| michael@0 | 141 | #define SIG_MODE_INIT 1 /* initialize digest */ |
| michael@0 | 142 | #define SIG_MODE_UPDATE 2 /* add data to digest */ |
| michael@0 | 143 | #define SIG_MODE_FINAL 4 /* generate/verify signature */ |
| michael@0 | 144 | #define SIG_MODE_ALL (SIG_MODE_INIT|SIG_MODE_UPDATE|SIG_MODE_FINAL) |
| michael@0 | 145 | |
| michael@0 | 146 | /* Flags for dst_read_private_key() */ |
| michael@0 | 147 | #define DST_FORCE_READ 0x1000000 |
| michael@0 | 148 | #define DST_CAN_SIGN 0x010F |
| michael@0 | 149 | #define DST_NO_AUTHEN 0x8000 |
| michael@0 | 150 | #define DST_EXTEND_FLAG 0x1000 |
| michael@0 | 151 | #define DST_STANDARD 0 |
| michael@0 | 152 | #define DST_PRIVATE 0x2000000 |
| michael@0 | 153 | #define DST_PUBLIC 0x4000000 |
| michael@0 | 154 | #define DST_RAND_SEMI 1 |
| michael@0 | 155 | #define DST_RAND_STD 2 |
| michael@0 | 156 | #define DST_RAND_KEY 3 |
| michael@0 | 157 | #define DST_RAND_DSS 4 |
| michael@0 | 158 | |
| michael@0 | 159 | |
| michael@0 | 160 | /* DST algorithm codes */ |
| michael@0 | 161 | #define KEY_RSA 1 |
| michael@0 | 162 | #define KEY_DH 2 |
| michael@0 | 163 | #define KEY_DSA 3 |
| michael@0 | 164 | #define KEY_PRIVATE 254 |
| michael@0 | 165 | #define KEY_EXPAND 255 |
| michael@0 | 166 | #define KEY_HMAC_MD5 157 |
| michael@0 | 167 | #define KEY_HMAC_SHA1 158 |
| michael@0 | 168 | #define UNKNOWN_KEYALG 0 |
| michael@0 | 169 | #define DST_MAX_ALGS KEY_HMAC_SHA1 |
| michael@0 | 170 | |
| michael@0 | 171 | /* DST constants to locations in KEY record changes in new KEY record */ |
| michael@0 | 172 | #define DST_FLAGS_SIZE 2 |
| michael@0 | 173 | #define DST_KEY_PROT 2 |
| michael@0 | 174 | #define DST_KEY_ALG 3 |
| michael@0 | 175 | #define DST_EXT_FLAG 4 |
| michael@0 | 176 | #define DST_KEY_START 4 |
| michael@0 | 177 | |
| michael@0 | 178 | #ifndef SIGN_F_NOKEY |
| michael@0 | 179 | #define SIGN_F_NOKEY 0xC000 |
| michael@0 | 180 | #endif |
| michael@0 | 181 | |
| michael@0 | 182 | /* error codes from dst routines */ |
| michael@0 | 183 | #define SIGN_INIT_FAILURE (-23) |
| michael@0 | 184 | #define SIGN_UPDATE_FAILURE (-24) |
| michael@0 | 185 | #define SIGN_FINAL_FAILURE (-25) |
| michael@0 | 186 | #define VERIFY_INIT_FAILURE (-26) |
| michael@0 | 187 | #define VERIFY_UPDATE_FAILURE (-27) |
| michael@0 | 188 | #define VERIFY_FINAL_FAILURE (-28) |
| michael@0 | 189 | #define MISSING_KEY_OR_SIGNATURE (-30) |
| michael@0 | 190 | #define UNSUPPORTED_KEYALG (-31) |
| michael@0 | 191 | |
| michael@0 | 192 | #endif /* DST_H */ |
