The Tor Browser: security/nss/lib/cryptohi/keythi.h@b8a032363ba2 (annotated)

security/nss/lib/cryptohi/keythi.h@b8a032363ba2 (annotated)

security/nss/lib/cryptohi/keythi.h

Thu, 22 Jan 2015 13:21:57 +0100

author: Michael Schloh von Bennewitz <michael@schloh.com>
date: Thu, 22 Jan 2015 13:21:57 +0100
branch: TOR_BUG_9701
changeset 15: b8a032363ba2
permissions: -rw-r--r--

Incorporate requested changes from Mozilla in review:
https://bugzilla.mozilla.org/show_bug.cgi?id=1123480#c6

 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 #ifndef _KEYTHI_H_
 #define _KEYTHI_H_ 1
 #include "plarena.h"
 #include "pkcs11t.h"
 #include "secmodt.h"
 #include "prclist.h"
 /*
 ** RFC 4055 Section 1.2 specifies three different RSA key types.
 **
 ** rsaKey maps to keys with SEC_OID_PKCS1_RSA_ENCRYPTION and can be used for
 ** both encryption and signatures with old (PKCS #1 v1.5) and new (PKCS #1
 ** v2.1) padding schemes.
 **
 ** rsaPssKey maps to keys with SEC_OID_PKCS1_RSA_PSS_SIGNATURE and may only
 ** be used for signatures with PSS padding (PKCS #1 v2.1).
 **
 ** rsaOaepKey maps to keys with SEC_OID_PKCS1_RSA_OAEP_ENCRYPTION and may only
 ** be used for encryption with OAEP padding (PKCS #1 v2.1).
 */
 typedef enum {
     nullKey = 0,
     rsaKey = 1,
     dsaKey = 2,
     fortezzaKey = 3, /* deprecated */
     dhKey = 4,
     keaKey = 5, /* deprecated */
     ecKey = 6,
     rsaPssKey = 7,
     rsaOaepKey = 8
 } KeyType;
 /*
 ** Template Definitions
 **/
 SEC_BEGIN_PROTOS
 extern const SEC_ASN1Template SECKEY_RSAPublicKeyTemplate[];
 extern const SEC_ASN1Template SECKEY_RSAPSSParamsTemplate[];
 extern const SEC_ASN1Template SECKEY_DSAPublicKeyTemplate[];
 extern const SEC_ASN1Template SECKEY_DHPublicKeyTemplate[];
 extern const SEC_ASN1Template SECKEY_DHParamKeyTemplate[];
 extern const SEC_ASN1Template SECKEY_PQGParamsTemplate[];
 extern const SEC_ASN1Template SECKEY_DSAPrivateKeyExportTemplate[];
 /* Windows DLL accessor functions */
 SEC_ASN1_CHOOSER_DECLARE(SECKEY_DSAPublicKeyTemplate)
 SEC_ASN1_CHOOSER_DECLARE(SECKEY_RSAPublicKeyTemplate)
 SEC_ASN1_CHOOSER_DECLARE(SECKEY_RSAPSSParamsTemplate)
 SEC_END_PROTOS
 /*
 ** RSA Public Key structures
 ** member names from PKCS#1, section 7.1
 */
 struct SECKEYRSAPublicKeyStr {
     PLArenaPool * arena;
     SECItem modulus;
     SECItem publicExponent;
 };
 typedef struct SECKEYRSAPublicKeyStr SECKEYRSAPublicKey;
 /*
 ** RSA-PSS parameters
 */
 struct SECKEYRSAPSSParamsStr {
     SECAlgorithmID *hashAlg;
     SECAlgorithmID *maskAlg;
     SECItem saltLength;
     SECItem trailerField;
 };
 typedef struct SECKEYRSAPSSParamsStr SECKEYRSAPSSParams;
 /*
 ** DSA Public Key and related structures
 */
 struct SECKEYPQGParamsStr {
     PLArenaPool *arena;
     SECItem prime;    /* p */
     SECItem subPrime; /* q */
     SECItem base;     /* g */
     /* XXX chrisk: this needs to be expanded to hold j and validationParms (RFC2459 7.3.2) */
 };
 typedef struct SECKEYPQGParamsStr SECKEYPQGParams;
 struct SECKEYDSAPublicKeyStr {
     SECKEYPQGParams params;
     SECItem publicValue;
 };
 typedef struct SECKEYDSAPublicKeyStr SECKEYDSAPublicKey;
 /*
 ** Diffie-Hellman Public Key structure
 ** Structure member names suggested by PKCS#3.
 */
 struct SECKEYDHParamsStr {
     PLArenaPool * arena;
     SECItem prime; /* p */
     SECItem base; /* g */
 };
 typedef struct SECKEYDHParamsStr SECKEYDHParams;
 struct SECKEYDHPublicKeyStr {
     PLArenaPool * arena;
     SECItem prime;
     SECItem base;
     SECItem publicValue;
 };
 typedef struct SECKEYDHPublicKeyStr SECKEYDHPublicKey;
 /*
 ** Elliptic curve Public Key structure
 ** The PKCS#11 layer needs DER encoding of ANSI X9.62
 ** parameters value
 */
 typedef SECItem SECKEYECParams;
 struct SECKEYECPublicKeyStr {
     SECKEYECParams DEREncodedParams;
     int     size;             /* size in bits */
     SECItem publicValue;      /* encoded point */
     /* XXX Even though the PKCS#11 interface takes encoded parameters,
      * we may still wish to decode them above PKCS#11 for things like
      * printing key information. For named curves, which is what
      * we initially support, we ought to have the curve name at the
      * very least.
      */
 };
 typedef struct SECKEYECPublicKeyStr SECKEYECPublicKey;
 /*
 ** FORTEZZA Public Key structures
 */
 struct SECKEYFortezzaPublicKeyStr {
     int      KEAversion;
     int      DSSversion;
     unsigned char    KMID[8];
     SECItem clearance;
     SECItem KEApriviledge;
     SECItem DSSpriviledge;
     SECItem KEAKey;
     SECItem DSSKey;
     SECKEYPQGParams params;
     SECKEYPQGParams keaParams;
 };
 typedef struct SECKEYFortezzaPublicKeyStr SECKEYFortezzaPublicKey;
 #define KEAprivilege KEApriviledge /* corrected spelling */
 #define DSSprivilege DSSpriviledge /* corrected spelling */
 struct SECKEYDiffPQGParamsStr {
     SECKEYPQGParams DiffKEAParams;
     SECKEYPQGParams DiffDSAParams;
 };
 typedef struct SECKEYDiffPQGParamsStr SECKEYDiffPQGParams;
 struct SECKEYPQGDualParamsStr {
     SECKEYPQGParams CommParams;
     SECKEYDiffPQGParams DiffParams;
 };
 typedef struct SECKEYPQGDualParamsStr SECKEYPQGDualParams;
 struct SECKEYKEAParamsStr {
     PLArenaPool *arena;
     SECItem hash;
 };
 typedef struct SECKEYKEAParamsStr SECKEYKEAParams;
 struct SECKEYKEAPublicKeyStr {
     SECKEYKEAParams params;
     SECItem publicValue;
 };
 typedef struct SECKEYKEAPublicKeyStr SECKEYKEAPublicKey;
 /*
 ** A Generic  public key object.
 */
 struct SECKEYPublicKeyStr {
     PLArenaPool *arena;
     KeyType keyType;
     PK11SlotInfo *pkcs11Slot;
     CK_OBJECT_HANDLE pkcs11ID;
     union {
         SECKEYRSAPublicKey rsa;
 	SECKEYDSAPublicKey dsa;
 	SECKEYDHPublicKey  dh;
         SECKEYKEAPublicKey kea;
         SECKEYFortezzaPublicKey fortezza;
 	SECKEYECPublicKey  ec;
     } u;
 };
 typedef struct SECKEYPublicKeyStr SECKEYPublicKey;
 /* bit flag definitions for staticflags */
 #define SECKEY_Attributes_Cached 0x1    /* bit 0 states
                                            whether attributes are cached */
 #define SECKEY_CKA_PRIVATE (1U << 1)    /* bit 1 is the value of CKA_PRIVATE */
 #define SECKEY_CKA_ALWAYS_AUTHENTICATE (1U << 2)
 #define SECKEY_ATTRIBUTES_CACHED(key) \
      (0 != (key->staticflags & SECKEY_Attributes_Cached))
 #define SECKEY_ATTRIBUTE_VALUE(key,attribute) \
      (0 != (key->staticflags & SECKEY_##attribute))
 #define SECKEY_HAS_ATTRIBUTE_SET(key,attribute) \
     (0 != (key->staticflags & SECKEY_Attributes_Cached)) ? \
     (0 != (key->staticflags & SECKEY_##attribute)) : \
     PK11_HasAttributeSet(key->pkcs11Slot,key->pkcs11ID,attribute, PR_FALSE)
 #define SECKEY_HAS_ATTRIBUTE_SET_LOCK(key,attribute, haslock) \
     (0 != (key->staticflags & SECKEY_Attributes_Cached)) ? \
     (0 != (key->staticflags & SECKEY_##attribute)) : \
     PK11_HasAttributeSet(key->pkcs11Slot,key->pkcs11ID,attribute, haslock)
 /*
 ** A generic key structure
 */
 struct SECKEYPrivateKeyStr {
     PLArenaPool *arena;
     KeyType keyType;
     PK11SlotInfo *pkcs11Slot;	/* pkcs11 slot this key lives in */
     CK_OBJECT_HANDLE pkcs11ID;  /* ID of pkcs11 object */
     PRBool pkcs11IsTemp;	/* temp pkcs11 object, delete it when done */
     void *wincx;		/* context for errors and pw prompts */
     PRUint32 staticflags;       /* bit flag of cached PKCS#11 attributes */
 };
 typedef struct SECKEYPrivateKeyStr SECKEYPrivateKey;
 typedef struct {
     PRCList links;
     SECKEYPrivateKey *key;
 } SECKEYPrivateKeyListNode;
 typedef struct {
     PRCList list;
     PLArenaPool *arena;
 } SECKEYPrivateKeyList;
 typedef struct {
     PRCList links;
     SECKEYPublicKey *key;
 } SECKEYPublicKeyListNode;
 typedef struct {
     PRCList list;
     PLArenaPool *arena;
 } SECKEYPublicKeyList;
 #endif /* _KEYTHI_H_ */

The Tor Browser / annotate

security/nss/lib/cryptohi/keythi.h@b8a032363ba2 (annotated)

security/nss/lib/cryptohi/keythi.h