1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
1.2 +++ b/modules/libmar/verify/cryptox.h Wed Dec 31 06:09:35 2014 +0100
1.3 @@ -0,0 +1,174 @@
1.4 +/* This Source Code Form is subject to the terms of the Mozilla Public
1.5 + * License, v. 2.0. If a copy of the MPL was not distributed with this
1.6 + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
1.7 +
1.8 +#ifndef CRYPTOX_H
1.9 +#define CRYPTOX_H
1.10 +
1.11 +#define XP_MIN_SIGNATURE_LEN_IN_BYTES 256
1.12 +
1.13 +#define CryptoX_Result int
1.14 +#define CryptoX_Success 0
1.15 +#define CryptoX_Error (-1)
1.16 +#define CryptoX_Succeeded(X) ((X) == CryptoX_Success)
1.17 +#define CryptoX_Failed(X) ((X) != CryptoX_Success)
1.18 +
1.19 +#if defined(MAR_NSS)
1.20 +
1.21 +#include "nss_secutil.h"
1.22 +
1.23 +#define CryptoX_InvalidHandleValue NULL
1.24 +#define CryptoX_ProviderHandle void*
1.25 +#define CryptoX_SignatureHandle VFYContext *
1.26 +#define CryptoX_PublicKey SECKEYPublicKey *
1.27 +#define CryptoX_Certificate CERTCertificate *
1.28 +
1.29 +#ifdef __cplusplus
1.30 +extern "C" {
1.31 +#endif
1.32 +CryptoX_Result NSS_LoadPublicKey(const char *certNickname,
1.33 + SECKEYPublicKey **publicKey,
1.34 + CERTCertificate **cert);
1.35 +CryptoX_Result NSS_VerifyBegin(VFYContext **ctx,
1.36 + SECKEYPublicKey * const *publicKey);
1.37 +CryptoX_Result NSS_VerifySignature(VFYContext * const *ctx ,
1.38 + const unsigned char *signature,
1.39 + unsigned int signatureLen);
1.40 +#ifdef __cplusplus
1.41 +} // extern "C"
1.42 +#endif
1.43 +
1.44 +#define CryptoX_InitCryptoProvider(CryptoHandle) \
1.45 + CryptoX_Success
1.46 +#define CryptoX_VerifyBegin(CryptoHandle, SignatureHandle, PublicKey) \
1.47 + NSS_VerifyBegin(SignatureHandle, PublicKey)
1.48 +#define CryptoX_FreeSignatureHandle(SignatureHandle) \
1.49 + VFY_DestroyContext(*SignatureHandle, PR_TRUE)
1.50 +#define CryptoX_VerifyUpdate(SignatureHandle, buf, len) \
1.51 + VFY_Update(*SignatureHandle, (const unsigned char*)(buf), len)
1.52 +#define CryptoX_LoadPublicKey(CryptoHandle, certData, dataSize, \
1.53 + publicKey, certName, cert) \
1.54 + NSS_LoadPublicKey(certName, publicKey, cert)
1.55 +#define CryptoX_VerifySignature(hash, publicKey, signedData, len) \
1.56 + NSS_VerifySignature(hash, (const unsigned char *)(signedData), len)
1.57 +#define CryptoX_FreePublicKey(key) \
1.58 + SECKEY_DestroyPublicKey(*key)
1.59 +#define CryptoX_FreeCertificate(cert) \
1.60 + CERT_DestroyCertificate(*cert)
1.61 +
1.62 +#elif XP_MACOSX
1.63 +
1.64 +#define CryptoX_InvalidHandleValue NULL
1.65 +#define CryptoX_ProviderHandle void*
1.66 +#define CryptoX_SignatureHandle void*
1.67 +#define CryptoX_PublicKey void*
1.68 +#define CryptoX_Certificate void*
1.69 +
1.70 +// Forward-declare Objective-C functions implemented in MacVerifyCrypto.mm.
1.71 +#ifdef __cplusplus
1.72 +extern "C" {
1.73 +#endif
1.74 +CryptoX_Result CryptoMac_InitCryptoProvider();
1.75 +CryptoX_Result CryptoMac_VerifyBegin(CryptoX_SignatureHandle* aInputData);
1.76 +CryptoX_Result CryptoMac_VerifyUpdate(CryptoX_SignatureHandle* aInputData,
1.77 + void* aBuf, unsigned int aLen);
1.78 +CryptoX_Result CryptoMac_LoadPublicKey(const unsigned char* aCertData,
1.79 + CryptoX_PublicKey* aPublicKey);
1.80 +CryptoX_Result CryptoMac_VerifySignature(CryptoX_SignatureHandle* aInputData,
1.81 + CryptoX_PublicKey* aPublicKey,
1.82 + const unsigned char* aSignature,
1.83 + unsigned int aSignatureLen);
1.84 +void CryptoMac_FreeSignatureHandle(CryptoX_SignatureHandle* aInputData);
1.85 +void CryptoMac_FreePublicKey(CryptoX_PublicKey* aPublicKey);
1.86 +#ifdef __cplusplus
1.87 +} // extern "C"
1.88 +#endif
1.89 +
1.90 +#define CryptoX_InitCryptoProvider(aProviderHandle) \
1.91 + CryptoMac_InitCryptoProvider()
1.92 +#define CryptoX_VerifyBegin(aCryptoHandle, aInputData, aPublicKey) \
1.93 + CryptoMac_VerifyBegin(aInputData)
1.94 +#define CryptoX_VerifyUpdate(aInputData, aBuf, aLen) \
1.95 + CryptoMac_VerifyUpdate(aInputData, aBuf, aLen)
1.96 +#define CryptoX_LoadPublicKey(aProviderHandle, aCertData, aDataSize, \
1.97 + aPublicKey, aCertName, aCert) \
1.98 + CryptoMac_LoadPublicKey(aCertData, aPublicKey)
1.99 +#define CryptoX_VerifySignature(aInputData, aPublicKey, aSignature, \
1.100 + aSignatureLen) \
1.101 + CryptoMac_VerifySignature(aInputData, aPublicKey, aSignature, aSignatureLen)
1.102 +#define CryptoX_FreeSignatureHandle(aInputData) \
1.103 + CryptoMac_FreeSignatureHandle(aInputData)
1.104 +#define CryptoX_FreePublicKey(aPublicKey) \
1.105 + CryptoMac_FreePublicKey(aPublicKey)
1.106 +#define CryptoX_FreeCertificate(aCertificate)
1.107 +
1.108 +#elif defined(XP_WIN)
1.109 +
1.110 +#include <windows.h>
1.111 +#include <wincrypt.h>
1.112 +
1.113 +CryptoX_Result CryptoAPI_InitCryptoContext(HCRYPTPROV *provider);
1.114 +CryptoX_Result CryptoAPI_LoadPublicKey(HCRYPTPROV hProv,
1.115 + BYTE *certData,
1.116 + DWORD sizeOfCertData,
1.117 + HCRYPTKEY *publicKey,
1.118 + HCERTSTORE *cert);
1.119 +CryptoX_Result CryptoAPI_VerifyBegin(HCRYPTPROV provider, HCRYPTHASH* hash);
1.120 +CryptoX_Result CryptoAPI_VerifyUpdate(HCRYPTHASH* hash,
1.121 + BYTE *buf, DWORD len);
1.122 +CryptoX_Result CyprtoAPI_VerifySignature(HCRYPTHASH *hash,
1.123 + HCRYPTKEY *pubKey,
1.124 + const BYTE *signature,
1.125 + DWORD signatureLen);
1.126 +
1.127 +#define CryptoX_InvalidHandleValue ((ULONG_PTR)NULL)
1.128 +#define CryptoX_ProviderHandle HCRYPTPROV
1.129 +#define CryptoX_SignatureHandle HCRYPTHASH
1.130 +#define CryptoX_PublicKey HCRYPTKEY
1.131 +#define CryptoX_Certificate HCERTSTORE
1.132 +#define CryptoX_InitCryptoProvider(CryptoHandle) \
1.133 + CryptoAPI_InitCryptoContext(CryptoHandle)
1.134 +#define CryptoX_VerifyBegin(CryptoHandle, SignatureHandle, PublicKey) \
1.135 + CryptoAPI_VerifyBegin(CryptoHandle, SignatureHandle)
1.136 +#define CryptoX_FreeSignatureHandle(SignatureHandle)
1.137 +#define CryptoX_VerifyUpdate(SignatureHandle, buf, len) \
1.138 + CryptoAPI_VerifyUpdate(SignatureHandle, (BYTE *)(buf), len)
1.139 +#define CryptoX_LoadPublicKey(CryptoHandle, certData, dataSize, \
1.140 + publicKey, certName, cert) \
1.141 + CryptoAPI_LoadPublicKey(CryptoHandle, (BYTE*)(certData), \
1.142 + dataSize, publicKey, cert)
1.143 +#define CryptoX_VerifySignature(hash, publicKey, signedData, len) \
1.144 + CyprtoAPI_VerifySignature(hash, publicKey, signedData, len)
1.145 +#define CryptoX_FreePublicKey(key) \
1.146 + CryptDestroyKey(*(key))
1.147 +#define CryptoX_FreeCertificate(cert) \
1.148 + CertCloseStore(*(cert), CERT_CLOSE_STORE_FORCE_FLAG);
1.149 +
1.150 +#else
1.151 +
1.152 +/* This default implementation is necessary because we don't want to
1.153 + * link to NSS from updater code on non Windows platforms. On Windows
1.154 + * we use CyrptoAPI instead of NSS. We don't call any function as they
1.155 + * would just fail, but this simplifies linking.
1.156 + */
1.157 +
1.158 +#define CryptoX_InvalidHandleValue NULL
1.159 +#define CryptoX_ProviderHandle void*
1.160 +#define CryptoX_SignatureHandle void*
1.161 +#define CryptoX_PublicKey void*
1.162 +#define CryptoX_Certificate void*
1.163 +#define CryptoX_InitCryptoProvider(CryptoHandle) \
1.164 + CryptoX_Error
1.165 +#define CryptoX_VerifyBegin(CryptoHandle, SignatureHandle, PublicKey) \
1.166 + CryptoX_Error
1.167 +#define CryptoX_FreeSignatureHandle(SignatureHandle)
1.168 +#define CryptoX_VerifyUpdate(SignatureHandle, buf, len) CryptoX_Error
1.169 +#define CryptoX_LoadPublicKey(CryptoHandle, certData, dataSize, \
1.170 + publicKey, certName, cert) \
1.171 + CryptoX_Error
1.172 +#define CryptoX_VerifySignature(hash, publicKey, signedData, len) CryptoX_Error
1.173 +#define CryptoX_FreePublicKey(key) CryptoX_Error
1.174 +
1.175 +#endif
1.176 +
1.177 +#endif
