search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Patrick Welche <prlw1@cam.ac.uk>
[netbsd-mini2440.git] / crypto / external / bsd / netpgp / dist / src / lib / crypto.h
blob9be744a51b4d3176f57f6e4c7dcdb4f2c9f74e2b
1 /*-
2 * Copyright (c) 2009 The NetBSD Foundation, Inc.
3 * All rights reserved.
4 *
5 * This code is derived from software contributed to The NetBSD Foundation
6 * by Alistair Crooks (agc@NetBSD.org)
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
16 *
17 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
18 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
19 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
20 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
21 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
22 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
23 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
24 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
25 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
26 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
27 * POSSIBILITY OF SUCH DAMAGE.
28 */
29 /*
30 * Copyright (c) 2005-2008 Nominet UK (www.nic.uk)
31 * All rights reserved.
32 * Contributors: Ben Laurie, Rachel Willmer. The Contributors have asserted
33 * their moral rights under the UK Copyright Design and Patents Act 1988 to
34 * be recorded as the authors of this copyright work.
35 *
36 * Licensed under the Apache License, Version 2.0 (the "License"); you may not
37 * use this file except in compliance with the License.
38 *
39 * You may obtain a copy of the License at
40 * http://www.apache.org/licenses/LICENSE-2.0
41 *
42 * Unless required by applicable law or agreed to in writing, software
43 * distributed under the License is distributed on an "AS IS" BASIS,
44 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
45 *
46 * See the License for the specific language governing permissions and
47 * limitations under the License.
48 */
49
50 /** \file
51 */
52
53 #ifndef CRYPTO_H_
54 #define CRYPTO_H_
55
56 #include "keyring.h"
57 #include "packet.h"
58 #include "memory.h"
59 #include "packet-parse.h"
60
61 #include <openssl/dsa.h>
62
63 #define OPS_MIN_HASH_SIZE 16
64
65 typedef int __ops_hash_init_t(__ops_hash_t *);
66 typedef void __ops_hash_add_t(__ops_hash_t *, const unsigned char *, unsigned);
67 typedef unsigned __ops_hash_finish_t(__ops_hash_t *, unsigned char *);
68
69 /** _ops_hash_t */
70 struct _ops_hash_t {
71 __ops_hash_alg_t alg; /* algorithm */
72 size_t size; /* size */
73 const char *name; /* what it's known as */
74 __ops_hash_init_t *init; /* initialisation func */
75 __ops_hash_add_t *add; /* add text func */
76 __ops_hash_finish_t *finish; /* finalise func */
77 void *data; /* blob for data */
78 };
79
80 typedef void __ops_setiv_func_t(__ops_crypt_t *, const unsigned char *);
81 typedef void __ops_setkey_func_t(__ops_crypt_t *, const unsigned char *);
82 typedef void __ops_crypt_init_t(__ops_crypt_t *);
83 typedef void __ops_crypt_resync_t(__ops_crypt_t *);
84 typedef void __ops_blkenc_t(__ops_crypt_t *, void *, const void *);
85 typedef void __ops_blkdec_t(__ops_crypt_t *, void *, const void *);
86 typedef void __ops_crypt_cfb_encrypt_t(__ops_crypt_t *, void *, const void *,
87 size_t);
88 typedef void __ops_crypt_cfb_decrypt_t(__ops_crypt_t *, void *, const void *,
89 size_t);
90 typedef void __ops_crypt_finish_t(__ops_crypt_t *);
91
92 /** _ops_crypt_t */
93 struct _ops_crypt_t {
94 __ops_symm_alg_t alg;
95 size_t blocksize;
96 size_t keysize;
97 __ops_setiv_func_t *set_iv;
98 __ops_setkey_func_t *set_crypt_key;
99 __ops_crypt_init_t *base_init;
100 __ops_crypt_resync_t *decrypt_resync;
101 /* encrypt/decrypt one block */
102 __ops_blkenc_t *block_encrypt;
103 __ops_blkdec_t *block_decrypt;
104 /* Standard CFB encrypt/decrypt (as used by Sym Enc Int Prot packets) */
105 __ops_crypt_cfb_encrypt_t *cfb_encrypt;
106 __ops_crypt_cfb_decrypt_t *cfb_decrypt;
107 __ops_crypt_finish_t *decrypt_finish;
108 unsigned char iv[OPS_MAX_BLOCK_SIZE];
109 unsigned char civ[OPS_MAX_BLOCK_SIZE];
110 unsigned char siv[OPS_MAX_BLOCK_SIZE];
111 /* siv is needed for weird v3 resync */
112 unsigned char key[OPS_MAX_KEY_SIZE];
113 int num;
114 /* num is offset - see openssl _encrypt doco */
115 void *encrypt_key;
116 void *decrypt_key;
117 };
118
119 void __ops_crypto_init(void);
120 void __ops_crypto_finish(void);
121 void __ops_hash_md5(__ops_hash_t *);
122 void __ops_hash_sha1(__ops_hash_t *);
123 void __ops_hash_sha256(__ops_hash_t *);
124 void __ops_hash_sha512(__ops_hash_t *);
125 void __ops_hash_sha384(__ops_hash_t *);
126 void __ops_hash_sha224(__ops_hash_t *);
127 void __ops_hash_any(__ops_hash_t *, __ops_hash_alg_t);
128 __ops_hash_alg_t __ops_str_to_hash_alg(const char *);
129 const char *__ops_text_from_hash(__ops_hash_t *);
130 unsigned __ops_hash_size(__ops_hash_alg_t);
131 unsigned __ops_hash(unsigned char *, __ops_hash_alg_t, const void *, size_t);
132
133 void __ops_hash_add_int(__ops_hash_t *, unsigned, unsigned);
134
135 unsigned __ops_dsa_verify(const unsigned char *, size_t,
136 const __ops_dsa_sig_t *,
137 const __ops_dsa_pubkey_t *);
138
139 int __ops_rsa_public_decrypt(unsigned char *, const unsigned char *, size_t,
140 const __ops_rsa_pubkey_t *);
141 int __ops_rsa_public_encrypt(unsigned char *, const unsigned char *, size_t,
142 const __ops_rsa_pubkey_t *);
143
144 int __ops_rsa_private_encrypt(unsigned char *, const unsigned char *, size_t,
145 const __ops_rsa_seckey_t *, const __ops_rsa_pubkey_t *);
146 int __ops_rsa_private_decrypt(unsigned char *, const unsigned char *, size_t,
147 const __ops_rsa_seckey_t *, const __ops_rsa_pubkey_t *);
148
149 unsigned __ops_block_size(__ops_symm_alg_t);
150 unsigned __ops_key_size(__ops_symm_alg_t);
151
152 int __ops_decrypt_data(__ops_content_tag_t, __ops_region_t *,
153 __ops_stream_t *);
154
155 int __ops_crypt_any(__ops_crypt_t *, __ops_symm_alg_t);
156 void __ops_decrypt_init(__ops_crypt_t *);
157 void __ops_encrypt_init(__ops_crypt_t *);
158 size_t __ops_decrypt_se(__ops_crypt_t *, void *, const void *, size_t);
159 size_t __ops_encrypt_se(__ops_crypt_t *, void *, const void *, size_t);
160 size_t __ops_decrypt_se_ip(__ops_crypt_t *, void *, const void *, size_t);
161 size_t __ops_encrypt_se_ip(__ops_crypt_t *, void *, const void *, size_t);
162 unsigned __ops_is_sa_supported(__ops_symm_alg_t);
163
164 void __ops_reader_push_decrypt(__ops_stream_t *, __ops_crypt_t *,
165 __ops_region_t *);
166 void __ops_reader_pop_decrypt(__ops_stream_t *);
167
168 /* Hash everything that's read */
169 void __ops_reader_push_hash(__ops_stream_t *, __ops_hash_t *);
170 void __ops_reader_pop_hash(__ops_stream_t *);
171
172 int __ops_decrypt_decode_mpi(unsigned char *, unsigned, const BIGNUM *,
173 const __ops_seckey_t *);
174 unsigned __ops_rsa_encrypt_mpi(const unsigned char *, const size_t,
175 const __ops_pubkey_t *,
176 __ops_pk_sesskey_params_t *);
177
178 /* Encrypt everything that's written */
179 struct __ops_key_data;
180 void __ops_writer_push_encrypt(__ops_output_t *,
181 const struct __ops_key_data *);
182
183 unsigned __ops_encrypt_file(__ops_io_t *, const char *, const char *,
184 const __ops_key_t *,
185 const unsigned, const unsigned);
186 unsigned __ops_decrypt_file(__ops_io_t *,
187 const char *,
188 const char *,
189 __ops_keyring_t *,
190 const unsigned,
191 const unsigned,
192 void *,
193 __ops_cbfunc_t *);
194
195 __ops_memory_t *
196 __ops_encrypt_buf(__ops_io_t *,
197 const void *,
198 const size_t,
199 const __ops_key_t *,
200 const unsigned);
201 __ops_memory_t *
202 __ops_decrypt_buf(__ops_io_t *,
203 const void *,
204 const size_t,
205 __ops_keyring_t *,
206 const unsigned,
207 void *,
208 __ops_cbfunc_t *);
209
210 /* Keys */
211 __ops_key_t *__ops_rsa_new_selfsign_key(const int,
212 const unsigned long, __ops_userid_t *);
213
214 int __ops_dsa_size(const __ops_dsa_pubkey_t *);
215 DSA_SIG *__ops_dsa_sign(unsigned char *, unsigned,
216 const __ops_dsa_seckey_t *,
217 const __ops_dsa_pubkey_t *);
218
219 int openssl_read_pem_seckey(const char *, __ops_key_t *, const char *);
220
221 /** __ops_reader_t */
222 struct __ops_reader_t {
223 __ops_reader_func_t *reader; /* reader func to get parse data */
224 __ops_reader_destroyer_t *destroyer;
225 void *arg; /* args to pass to reader function */
226 unsigned accumulate:1; /* set to gather packet data */
227 unsigned char *accumulated; /* the accumulated data */
228 unsigned asize; /* size of the buffer */
229 unsigned alength;/* used buffer */
230 unsigned position; /* reader-specific offset */
231 __ops_reader_t *next;
232 __ops_stream_t *parent;/* parent parse_info structure */
233 };
234
235
236 /** __ops_cryptinfo_t
237 Encrypt/decrypt settings
238 */
239 struct __ops_cryptinfo_t {
240 char *passphrase;
241 __ops_keyring_t *keyring;
242 const __ops_key_t *keydata;
243 __ops_cbfunc_t *getpassphrase;
244 };
245
246 /** __ops_cbdata_t */
247 struct __ops_cbdata_t {
248 __ops_cbfunc_t *cbfunc; /* callback function */
249 void *arg; /* args to pass to callback func */
250 __ops_error_t **errors; /* address of error stack */
251 __ops_cbdata_t *next;
252 __ops_output_t *output;/* used if writing out parsed info */
253 __ops_io_t *io; /* error/output messages */
254 void *passfp; /* fp for passphrase input */
255 __ops_cryptinfo_t cryptinfo; /* used when decrypting */
256 };
257
258 /** __ops_hashtype_t */
259 typedef struct {
260 __ops_hash_t hash; /* hashes we should hash data with */
261 unsigned char keyid[OPS_KEY_ID_SIZE];
262 } __ops_hashtype_t;
263
264 #define NTAGS 0x100 /* == 256 */
265
266 /** \brief Structure to hold information about a packet parse.
267 *
268 * This information includes options about the parse:
269 * - whether the packet contents should be accumulated or not
270 * - whether signature subpackets should be parsed or left raw
271 *
272 * It contains options specific to the parsing of armoured data:
273 * - whether headers are allowed in armoured data without a gap
274 * - whether a blank line is allowed at the start of the armoured data
275 *
276 * It also specifies :
277 * - the callback function to use and its arguments
278 * - the reader function to use and its arguments
279 *
280 * It also contains information about the current state of the parse:
281 * - offset from the beginning
282 * - the accumulated data, if any
283 * - the size of the buffer, and how much has been used
284 *
285 * It has a linked list of errors.
286 */
287
288 struct __ops_stream_t {
289 unsigned char ss_raw[NTAGS / 8];
290 /* 1 bit / sig-subpkt type; set to get raw data */
291 unsigned char ss_parsed[NTAGS / 8];
292 /* 1 bit / sig-subpkt type; set to get parsed data */
293 __ops_reader_t readinfo;
294 __ops_cbdata_t cbinfo;
295 __ops_error_t *errors;
296 void *io; /* io streams */
297 __ops_crypt_t decrypt;
298 __ops_cryptinfo_t cryptinfo;
299 size_t hashc;
300 __ops_hashtype_t *hashes;
301 unsigned reading_v3_secret:1;
302 unsigned reading_mpi_len:1;
303 unsigned exact_read:1;
304 };
305
306 #endif /* CRYPTO_H_ */
NetBSD on the FriendlyARM MINI2440