onlineupdate/source/libmar/verify/cryptox.h

   1 /* This Source Code Form is subject to the terms of the Mozilla Public
   2  * License, v. 2.0. If a copy of the MPL was not distributed with this
   3  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
   4
   5 #ifndef CRYPTOX_H
   6 #define CRYPTOX_H
   7
   8 #define XP_MIN_SIGNATURE_LEN_IN_BYTES 256
   9
  10 #define CryptoX_Result int
  11 #define CryptoX_Success 0
  12 #define CryptoX_Error (-1)
  13 #define CryptoX_Succeeded(X) ((X) == CryptoX_Success)
  14 #define CryptoX_Failed(X) ((X) != CryptoX_Success)
  15
  16 #if defined(MAR_NSS)
  17
  18 #include "cert.h"
  19 #include "keyhi.h"
  20 #include "cryptohi.h"
  21
  22 #define CryptoX_InvalidHandleValue NULL
  23 #define CryptoX_ProviderHandle void*
  24 #define CryptoX_SignatureHandle VFYContext *
  25 #define CryptoX_PublicKey SECKEYPublicKey *
  26 #define CryptoX_Certificate CERTCertificate *
  27
  28 #ifdef __cplusplus
  29 extern "C" {
  30 #endif
  31 CryptoX_Result NSS_LoadPublicKey(const unsigned char* certData,
  32                                  unsigned int certDataSize,
  33                                  SECKEYPublicKey** publicKey);
  34 CryptoX_Result NSS_VerifyBegin(VFYContext **ctx,
  35                                SECKEYPublicKey * const *publicKey);
  36 CryptoX_Result NSS_VerifySignature(VFYContext * const *ctx ,
  37                                    const unsigned char *signature,
  38                                    unsigned int signatureLen);
  39 #ifdef __cplusplus
  40 } // extern "C"
  41 #endif
  42
  43 #define CryptoX_InitCryptoProvider(CryptoHandle) \
  44   CryptoX_Success
  45 #define CryptoX_VerifyBegin(CryptoHandle, SignatureHandle, PublicKey) \
  46   NSS_VerifyBegin(SignatureHandle, PublicKey)
  47 #define CryptoX_FreeSignatureHandle(SignatureHandle) \
  48   VFY_DestroyContext(*SignatureHandle, PR_TRUE)
  49 #define CryptoX_VerifyUpdate(SignatureHandle, buf, len) \
  50   VFY_Update(*SignatureHandle, (const unsigned char*)(buf), len)
  51 #define CryptoX_LoadPublicKey(CryptoHandle, certData, dataSize, publicKey) \
  52   NSS_LoadPublicKey(certData, dataSize, publicKey)
  53 #define CryptoX_VerifySignature(hash, publicKey, signedData, len) \
  54   NSS_VerifySignature(hash, (const unsigned char *)(signedData), len)
  55 #define CryptoX_FreePublicKey(key) \
  56   SECKEY_DestroyPublicKey(*key)
  57 #define CryptoX_FreeCertificate(cert) \
  58   CERT_DestroyCertificate(*cert)
  59
  60 #elif defined(MACOSX)
  61
  62 #define CryptoX_InvalidHandleValue NULL
  63 #define CryptoX_ProviderHandle void*
  64 #define CryptoX_SignatureHandle void*
  65 #define CryptoX_PublicKey void*
  66 #define CryptoX_Certificate void*
  67
  68 // Forward-declare Objective-C functions implemented in MacVerifyCrypto.mm.
  69 #ifdef __cplusplus
  70 extern "C" {
  71 #endif
  72 CryptoX_Result CryptoMac_InitCryptoProvider();
  73 CryptoX_Result CryptoMac_VerifyBegin(CryptoX_SignatureHandle* aInputData);
  74 CryptoX_Result CryptoMac_VerifyUpdate(CryptoX_SignatureHandle* aInputData,
  75                                       void* aBuf, unsigned int aLen);
  76 CryptoX_Result CryptoMac_LoadPublicKey(const unsigned char* aCertData,
  77                                        unsigned int aDataSize,
  78                                        CryptoX_PublicKey* aPublicKey);
  79 CryptoX_Result CryptoMac_VerifySignature(CryptoX_SignatureHandle* aInputData,
  80         CryptoX_PublicKey* aPublicKey,
  81         const unsigned char* aSignature,
  82         unsigned int aSignatureLen);
  83 void CryptoMac_FreeSignatureHandle(CryptoX_SignatureHandle* aInputData);
  84 void CryptoMac_FreePublicKey(CryptoX_PublicKey* aPublicKey);
  85 #ifdef __cplusplus
  86 } // extern "C"
  87 #endif
  88
  89 #define CryptoX_InitCryptoProvider(aProviderHandle) \
  90   CryptoMac_InitCryptoProvider()
  91 #define CryptoX_VerifyBegin(aCryptoHandle, aInputData, aPublicKey) \
  92   CryptoMac_VerifyBegin(aInputData)
  93 #define CryptoX_VerifyUpdate(aInputData, aBuf, aLen) \
  94   CryptoMac_VerifyUpdate(aInputData, aBuf, aLen)
  95 #define CryptoX_LoadPublicKey(aProviderHandle, aCertData, aDataSize, \
  96                               aPublicKey) \
  97   CryptoMac_LoadPublicKey(aCertData, aDataSize, aPublicKey)
  98 #define CryptoX_VerifySignature(aInputData, aPublicKey, aSignature, \
  99                                 aSignatureLen) \
 100   CryptoMac_VerifySignature(aInputData, aPublicKey, aSignature, aSignatureLen)
 101 #define CryptoX_FreeSignatureHandle(aInputData) \
 102   CryptoMac_FreeSignatureHandle(aInputData)
 103 #define CryptoX_FreePublicKey(aPublicKey) \
 104   CryptoMac_FreePublicKey(aPublicKey)
 105 #define CryptoX_FreeCertificate(aCertificate)
 106
 107 #elif defined(WNT)
 108
 109 #include <windows.h>
 110 #include <wincrypt.h>
 111
 112 CryptoX_Result CryptoAPI_InitCryptoContext(HCRYPTPROV *provider);
 113 CryptoX_Result CryptoAPI_LoadPublicKey(HCRYPTPROV hProv,
 114                                        BYTE *certData,
 115                                        DWORD sizeOfCertData,
 116                                        HCRYPTKEY *publicKey);
 117 CryptoX_Result CryptoAPI_VerifyBegin(HCRYPTPROV provider, HCRYPTHASH* hash);
 118 CryptoX_Result CryptoAPI_VerifyUpdate(HCRYPTHASH* hash,
 119                                       BYTE *buf, DWORD len);
 120 CryptoX_Result CryptoAPI_VerifySignature(HCRYPTHASH *hash,
 121         HCRYPTKEY *pubKey,
 122         const BYTE *signature,
 123         DWORD signatureLen);
 124
 125 #define CryptoX_InvalidHandleValue ((ULONG_PTR)NULL)
 126 #define CryptoX_ProviderHandle HCRYPTPROV
 127 #define CryptoX_SignatureHandle HCRYPTHASH
 128 #define CryptoX_PublicKey HCRYPTKEY
 129 #define CryptoX_Certificate HCERTSTORE
 130 #define CryptoX_InitCryptoProvider(CryptoHandle) \
 131   CryptoAPI_InitCryptoContext(CryptoHandle)
 132 #define CryptoX_VerifyBegin(CryptoHandle, SignatureHandle, PublicKey) \
 133   CryptoAPI_VerifyBegin(CryptoHandle, SignatureHandle)
 134 #define CryptoX_FreeSignatureHandle(SignatureHandle)
 135 #define CryptoX_VerifyUpdate(SignatureHandle, buf, len) \
 136   CryptoAPI_VerifyUpdate(SignatureHandle, (BYTE *)(buf), len)
 137 #define CryptoX_LoadPublicKey(CryptoHandle, certData, dataSize, publicKey) \
 138   CryptoAPI_LoadPublicKey(CryptoHandle, (BYTE*)(certData), dataSize, publicKey)
 139 #define CryptoX_VerifySignature(hash, publicKey, signedData, len) \
 140   CryptoAPI_VerifySignature(hash, publicKey, signedData, len)
 141 #define CryptoX_FreePublicKey(key) \
 142   CryptDestroyKey(*(key))
 143 #define CryptoX_FreeCertificate(cert) \
 144   CertCloseStore(*(cert), CERT_CLOSE_STORE_FORCE_FLAG);
 145
 146 #else
 147
 148 /* This default implementation is necessary because we don't want to
 149  * link to NSS from updater code on non Windows platforms.  On Windows
 150  * we use CryptoAPI instead of NSS.  We don't call any function as they
 151  * would just fail, but this simplifies linking.
 152  */
 153
 154 #define CryptoX_InvalidHandleValue NULL
 155 #define CryptoX_ProviderHandle void*
 156 #define CryptoX_SignatureHandle void*
 157 #define CryptoX_PublicKey void*
 158 #define CryptoX_Certificate void*
 159 #define CryptoX_InitCryptoProvider(CryptoHandle) \
 160   CryptoX_Error
 161 #define CryptoX_VerifyBegin(CryptoHandle, SignatureHandle, PublicKey) \
 162   CryptoX_Error
 163 #define CryptoX_FreeSignatureHandle(SignatureHandle)
 164 #define CryptoX_VerifyUpdate(SignatureHandle, buf, len) CryptoX_Error
 165 #define CryptoX_LoadPublicKey(CryptoHandle, certData, dataSize, publicKey) \
 166   CryptoX_Error
 167 #define CryptoX_VerifySignature(hash, publicKey, signedData, len) CryptoX_Error
 168 #define CryptoX_FreePublicKey(key) CryptoX_Error
 169
 170 #endif
 171
 172 #endif