security/nss/lib/freebl/blapit.h@6474c204b198
security/nss/lib/freebl/blapit.h
Wed, 31 Dec 2014 06:09:35 +0100
- author
- Michael Schloh von Bennewitz <michael@schloh.com>
- date
- Wed, 31 Dec 2014 06:09:35 +0100
- changeset 0
- 6474c204b198
- permissions
- -rw-r--r--
Cloned upstream origin tor-browser at tor-browser-31.3.0esr-4.5-1-build1
revision ID fc1c9ff7c1b2defdbc039f12214767608f46423f for hacking purpose.
1 /*
2 * blapit.h - public data structures for the freebl library
3 *
4 * This Source Code Form is subject to the terms of the Mozilla Public
5 * License, v. 2.0. If a copy of the MPL was not distributed with this
6 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
8 #ifndef _BLAPIT_H_
9 #define _BLAPIT_H_
11 #include "seccomon.h"
12 #include "prlink.h"
13 #include "plarena.h"
14 #include "ecl-exp.h"
17 /* RC2 operation modes */
18 #define NSS_RC2 0
19 #define NSS_RC2_CBC 1
21 /* RC5 operation modes */
22 #define NSS_RC5 0
23 #define NSS_RC5_CBC 1
25 /* DES operation modes */
26 #define NSS_DES 0
27 #define NSS_DES_CBC 1
28 #define NSS_DES_EDE3 2
29 #define NSS_DES_EDE3_CBC 3
31 #define DES_KEY_LENGTH 8 /* Bytes */
33 /* AES operation modes */
34 #define NSS_AES 0
35 #define NSS_AES_CBC 1
36 #define NSS_AES_CTS 2
37 #define NSS_AES_CTR 3
38 #define NSS_AES_GCM 4
40 /* Camellia operation modes */
41 #define NSS_CAMELLIA 0
42 #define NSS_CAMELLIA_CBC 1
44 /* SEED operation modes */
45 #define NSS_SEED 0
46 #define NSS_SEED_CBC 1
48 #define DSA1_SUBPRIME_LEN 20 /* Bytes */
49 #define DSA1_SIGNATURE_LEN (DSA1_SUBPRIME_LEN*2) /* Bytes */
50 #define DSA_MAX_SUBPRIME_LEN 32 /* Bytes */
51 #define DSA_MAX_SIGNATURE_LEN (DSA_MAX_SUBPRIME_LEN*2)/* Bytes */
53 /*
54 * Mark the old defines as deprecated. This will warn code that expected
55 * DSA1 only that they need to change if the are to support DSA2.
56 */
57 #if defined(__GNUC__) && (__GNUC__ > 3)
58 /* make GCC warn when we use these #defines */
59 typedef int __BLAPI_DEPRECATED __attribute__((deprecated));
60 #define DSA_SUBPRIME_LEN ((__BLAPI_DEPRECATED)DSA1_SUBPRIME_LEN)
61 #define DSA_SIGNATURE_LEN ((__BLAPI_DEPRECATED)DSA1_SIGNATURE_LEN)
62 #define DSA_Q_BITS ((__BLAPI_DEPRECATED)(DSA1_SUBPRIME_LEN*8))
63 #else
64 #ifdef _WIN32
65 /* This magic gets the windows compiler to give us a deprecation
66 * warning */
67 #pragma deprecated(DSA_SUBPRIME_LEN, DSA_SIGNATURE_LEN, DSA_QBITS)
68 #endif
69 #define DSA_SUBPRIME_LEN DSA1_SUBPRIME_LEN
70 #define DSA_SIGNATURE_LEN DSA1_SIGNATURE_LEN
71 #define DSA_Q_BITS (DSA1_SUBPRIME_LEN*8)
72 #endif
75 /* XXX We shouldn't have to hard code this limit. For
76 * now, this is the quickest way to support ECDSA signature
77 * processing (ECDSA signature lengths depend on curve
78 * size). This limit is sufficient for curves upto
79 * 576 bits.
80 */
81 #define MAX_ECKEY_LEN 72 /* Bytes */
83 #ifdef NSS_ECC_MORE_THAN_SUITE_B
84 #define EC_MAX_KEY_BITS 571 /* in bits */
85 #define EC_MIN_KEY_BITS 112 /* in bits */
86 #else
87 #define EC_MAX_KEY_BITS 521 /* in bits */
88 #define EC_MIN_KEY_BITS 256 /* in bits */
89 #endif
91 /* EC point compression format */
92 #define EC_POINT_FORM_COMPRESSED_Y0 0x02
93 #define EC_POINT_FORM_COMPRESSED_Y1 0x03
94 #define EC_POINT_FORM_UNCOMPRESSED 0x04
95 #define EC_POINT_FORM_HYBRID_Y0 0x06
96 #define EC_POINT_FORM_HYBRID_Y1 0x07
98 /*
99 * Number of bytes each hash algorithm produces
100 */
101 #define MD2_LENGTH 16 /* Bytes */
102 #define MD5_LENGTH 16 /* Bytes */
103 #define SHA1_LENGTH 20 /* Bytes */
104 #define SHA256_LENGTH 32 /* bytes */
105 #define SHA384_LENGTH 48 /* bytes */
106 #define SHA512_LENGTH 64 /* bytes */
107 #define HASH_LENGTH_MAX SHA512_LENGTH
109 /*
110 * Input block size for each hash algorithm.
111 */
113 #define MD2_BLOCK_LENGTH 64 /* bytes */
114 #define MD5_BLOCK_LENGTH 64 /* bytes */
115 #define SHA1_BLOCK_LENGTH 64 /* bytes */
116 #define SHA224_BLOCK_LENGTH 64 /* bytes */
117 #define SHA256_BLOCK_LENGTH 64 /* bytes */
118 #define SHA384_BLOCK_LENGTH 128 /* bytes */
119 #define SHA512_BLOCK_LENGTH 128 /* bytes */
120 #define HASH_BLOCK_LENGTH_MAX SHA512_BLOCK_LENGTH
122 #define AES_KEY_WRAP_IV_BYTES 8
123 #define AES_KEY_WRAP_BLOCK_SIZE 8 /* bytes */
124 #define AES_BLOCK_SIZE 16 /* bytes */
126 #define AES_128_KEY_LENGTH 16 /* bytes */
127 #define AES_192_KEY_LENGTH 24 /* bytes */
128 #define AES_256_KEY_LENGTH 32 /* bytes */
130 #define CAMELLIA_BLOCK_SIZE 16 /* bytes */
132 #define SEED_BLOCK_SIZE 16 /* bytes */
133 #define SEED_KEY_LENGTH 16 /* bytes */
135 #define NSS_FREEBL_DEFAULT_CHUNKSIZE 2048
137 /*
138 * These values come from the initial key size limits from the PKCS #11
139 * module. They may be arbitrarily adjusted to any value freebl supports.
140 */
141 #define RSA_MIN_MODULUS_BITS 128
142 #define RSA_MAX_MODULUS_BITS 16384
143 #define RSA_MAX_EXPONENT_BITS 64
144 #define DH_MIN_P_BITS 128
145 #define DH_MAX_P_BITS 16384
147 /*
148 * The FIPS 186-1 algorithm for generating primes P and Q allows only 9
149 * distinct values for the length of P, and only one value for the
150 * length of Q.
151 * The algorithm uses a variable j to indicate which of the 9 lengths
152 * of P is to be used.
153 * The following table relates j to the lengths of P and Q in bits.
154 *
155 * j bits in P bits in Q
156 * _ _________ _________
157 * 0 512 160
158 * 1 576 160
159 * 2 640 160
160 * 3 704 160
161 * 4 768 160
162 * 5 832 160
163 * 6 896 160
164 * 7 960 160
165 * 8 1024 160
166 *
167 * The FIPS-186-1 compliant PQG generator takes j as an input parameter.
168 *
169 * FIPS 186-3 algorithm specifies 4 distinct P and Q sizes:
170 *
171 * bits in P bits in Q
172 * _________ _________
173 * 1024 160
174 * 2048 224
175 * 2048 256
176 * 3072 256
177 *
178 * The FIPS-186-3 complaiant PQG generator (PQG V2) takes arbitrary p and q
179 * lengths as input and returns an error if they aren't in this list.
180 */
182 #define DSA1_Q_BITS 160
183 #define DSA_MAX_P_BITS 3072
184 #define DSA_MIN_P_BITS 512
185 #define DSA_MAX_Q_BITS 256
186 #define DSA_MIN_Q_BITS 160
188 #if DSA_MAX_Q_BITS != DSA_MAX_SUBPRIME_LEN*8
189 #error "Inconsistent declaration of DSA SUBPRIME/Q parameters in blapit.h"
190 #endif
193 /*
194 * function takes desired number of bits in P,
195 * returns index (0..8) or -1 if number of bits is invalid.
196 */
197 #define PQG_PBITS_TO_INDEX(bits) \
198 (((bits) < 512 || (bits) > 1024 || (bits) % 64) ? \
199 -1 : (int)((bits)-512)/64)
201 /*
202 * function takes index (0-8)
203 * returns number of bits in P for that index, or -1 if index is invalid.
204 */
205 #define PQG_INDEX_TO_PBITS(j) (((unsigned)(j) > 8) ? -1 : (512 + 64 * (j)))
208 /***************************************************************************
209 ** Opaque objects
210 */
212 struct DESContextStr ;
213 struct RC2ContextStr ;
214 struct RC4ContextStr ;
215 struct RC5ContextStr ;
216 struct AESContextStr ;
217 struct CamelliaContextStr ;
218 struct MD2ContextStr ;
219 struct MD5ContextStr ;
220 struct SHA1ContextStr ;
221 struct SHA256ContextStr ;
222 struct SHA512ContextStr ;
223 struct AESKeyWrapContextStr ;
224 struct SEEDContextStr ;
226 typedef struct DESContextStr DESContext;
227 typedef struct RC2ContextStr RC2Context;
228 typedef struct RC4ContextStr RC4Context;
229 typedef struct RC5ContextStr RC5Context;
230 typedef struct AESContextStr AESContext;
231 typedef struct CamelliaContextStr CamelliaContext;
232 typedef struct MD2ContextStr MD2Context;
233 typedef struct MD5ContextStr MD5Context;
234 typedef struct SHA1ContextStr SHA1Context;
235 typedef struct SHA256ContextStr SHA256Context;
236 /* SHA224Context is really a SHA256ContextStr. This is not a mistake. */
237 typedef struct SHA256ContextStr SHA224Context;
238 typedef struct SHA512ContextStr SHA512Context;
239 /* SHA384Context is really a SHA512ContextStr. This is not a mistake. */
240 typedef struct SHA512ContextStr SHA384Context;
241 typedef struct AESKeyWrapContextStr AESKeyWrapContext;
242 typedef struct SEEDContextStr SEEDContext;
244 /***************************************************************************
245 ** RSA Public and Private Key structures
246 */
248 /* member names from PKCS#1, section 7.1 */
249 struct RSAPublicKeyStr {
250 PLArenaPool * arena;
251 SECItem modulus;
252 SECItem publicExponent;
253 };
254 typedef struct RSAPublicKeyStr RSAPublicKey;
256 /* member names from PKCS#1, section 7.2 */
257 struct RSAPrivateKeyStr {
258 PLArenaPool * arena;
259 SECItem version;
260 SECItem modulus;
261 SECItem publicExponent;
262 SECItem privateExponent;
263 SECItem prime1;
264 SECItem prime2;
265 SECItem exponent1;
266 SECItem exponent2;
267 SECItem coefficient;
268 };
269 typedef struct RSAPrivateKeyStr RSAPrivateKey;
272 /***************************************************************************
273 ** DSA Public and Private Key and related structures
274 */
276 struct PQGParamsStr {
277 PLArenaPool *arena;
278 SECItem prime; /* p */
279 SECItem subPrime; /* q */
280 SECItem base; /* g */
281 /* XXX chrisk: this needs to be expanded to hold j and validationParms (RFC2459 7.3.2) */
282 };
283 typedef struct PQGParamsStr PQGParams;
285 struct PQGVerifyStr {
286 PLArenaPool * arena; /* includes this struct, seed, & h. */
287 unsigned int counter;
288 SECItem seed;
289 SECItem h;
290 };
291 typedef struct PQGVerifyStr PQGVerify;
293 struct DSAPublicKeyStr {
294 PQGParams params;
295 SECItem publicValue;
296 };
297 typedef struct DSAPublicKeyStr DSAPublicKey;
299 struct DSAPrivateKeyStr {
300 PQGParams params;
301 SECItem publicValue;
302 SECItem privateValue;
303 };
304 typedef struct DSAPrivateKeyStr DSAPrivateKey;
306 /***************************************************************************
307 ** Diffie-Hellman Public and Private Key and related structures
308 ** Structure member names suggested by PKCS#3.
309 */
311 struct DHParamsStr {
312 PLArenaPool * arena;
313 SECItem prime; /* p */
314 SECItem base; /* g */
315 };
316 typedef struct DHParamsStr DHParams;
318 struct DHPublicKeyStr {
319 PLArenaPool * arena;
320 SECItem prime;
321 SECItem base;
322 SECItem publicValue;
323 };
324 typedef struct DHPublicKeyStr DHPublicKey;
326 struct DHPrivateKeyStr {
327 PLArenaPool * arena;
328 SECItem prime;
329 SECItem base;
330 SECItem publicValue;
331 SECItem privateValue;
332 };
333 typedef struct DHPrivateKeyStr DHPrivateKey;
335 /***************************************************************************
336 ** Data structures used for elliptic curve parameters and
337 ** public and private keys.
338 */
340 /*
341 ** The ECParams data structures can encode elliptic curve
342 ** parameters for both GFp and GF2m curves.
343 */
345 typedef enum { ec_params_explicit,
346 ec_params_named
347 } ECParamsType;
349 typedef enum { ec_field_GFp = 1,
350 ec_field_GF2m
351 } ECFieldType;
353 struct ECFieldIDStr {
354 int size; /* field size in bits */
355 ECFieldType type;
356 union {
357 SECItem prime; /* prime p for (GFp) */
358 SECItem poly; /* irreducible binary polynomial for (GF2m) */
359 } u;
360 int k1; /* first coefficient of pentanomial or
361 * the only coefficient of trinomial
362 */
363 int k2; /* two remaining coefficients of pentanomial */
364 int k3;
365 };
366 typedef struct ECFieldIDStr ECFieldID;
368 struct ECCurveStr {
369 SECItem a; /* contains octet stream encoding of
370 * field element (X9.62 section 4.3.3)
371 */
372 SECItem b;
373 SECItem seed;
374 };
375 typedef struct ECCurveStr ECCurve;
377 struct ECParamsStr {
378 PLArenaPool * arena;
379 ECParamsType type;
380 ECFieldID fieldID;
381 ECCurve curve;
382 SECItem base;
383 SECItem order;
384 int cofactor;
385 SECItem DEREncoding;
386 ECCurveName name;
387 SECItem curveOID;
388 };
389 typedef struct ECParamsStr ECParams;
391 struct ECPublicKeyStr {
392 ECParams ecParams;
393 SECItem publicValue; /* elliptic curve point encoded as
394 * octet stream.
395 */
396 };
397 typedef struct ECPublicKeyStr ECPublicKey;
399 struct ECPrivateKeyStr {
400 ECParams ecParams;
401 SECItem publicValue; /* encoded ec point */
402 SECItem privateValue; /* private big integer */
403 SECItem version; /* As per SEC 1, Appendix C, Section C.4 */
404 };
405 typedef struct ECPrivateKeyStr ECPrivateKey;
407 typedef void * (*BLapiAllocateFunc)(void);
408 typedef void (*BLapiDestroyContextFunc)(void *cx, PRBool freeit);
409 typedef SECStatus (*BLapiInitContextFunc)(void *cx,
410 const unsigned char *key,
411 unsigned int keylen,
412 const unsigned char *,
413 int,
414 unsigned int ,
415 unsigned int );
416 typedef SECStatus (*BLapiEncrypt)(void *cx, unsigned char *output,
417 unsigned int *outputLen,
418 unsigned int maxOutputLen,
419 const unsigned char *input,
420 unsigned int inputLen);
422 #endif /* _BLAPIT_H_ */
