generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Step 3 of move of engines: copy the corresponding vendor header files.

Browse Source
This commit is contained in:
Richard Levitte 2002-10-11 17:10:59 +00:00
parent 5572f482e7
commit 2eaabb718b
7 changed files with 1434 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

178
engines/vendor_defns/aep.h Normal file
View File

@ -0,0 +1,178 @@
/* This header declares the necessary definitions for using the exponentiation
* acceleration capabilities, and rnd number generation of the AEP card.
*
*/
/*
*
* Some AEP defines
*
*/
/*Successful return value*/
#define AEP_R_OK 0x00000000
/*Miscelleanous unsuccessful return value*/
#define AEP_R_GENERAL_ERROR 0x10000001
/*Insufficient host memory*/
#define AEP_R_HOST_MEMORY 0x10000002
#define AEP_R_FUNCTION_FAILED 0x10000006
/*Invalid arguments in function call*/
#define AEP_R_ARGUMENTS_BAD 0x10020000
#define AEP_R_NO_TARGET_RESOURCES 0x10030000
/*Error occuring on socket operation*/
#define AEP_R_SOCKERROR 0x10000010
/*Socket has been closed from the other end*/
#define AEP_R_SOCKEOF 0x10000011
/*Invalid handles*/
#define AEP_R_CONNECTION_HANDLE_INVALID 0x100000B3
#define AEP_R_TRANSACTION_HANDLE_INVALID 0x10040000
/*Transaction has not yet returned from accelerator*/
#define AEP_R_TRANSACTION_NOT_READY 0x00010000
/*There is already a thread waiting on this transaction*/
#define AEP_R_TRANSACTION_CLAIMED 0x10050000
/*The transaction timed out*/
#define AEP_R_TIMED_OUT 0x10060000
#define AEP_R_FXN_NOT_IMPLEMENTED 0x10070000
#define AEP_R_TARGET_ERROR 0x10080000
/*Error in the AEP daemon process*/
#define AEP_R_DAEMON_ERROR 0x10090000
/*Invalid ctx id*/
#define AEP_R_INVALID_CTX_ID 0x10009000
#define AEP_R_NO_KEY_MANAGER 0x1000a000
/*Error obtaining a mutex*/
#define AEP_R_MUTEX_BAD 0x000001A0
/*Fxn call before AEP_Initialise ot after AEP_Finialise*/
#define AEP_R_AEPAPI_NOT_INITIALIZED 0x10000190
/*AEP_Initialise has already been called*/
#define AEP_R_AEPAPI_ALREADY_INITIALIZED 0x10000191
/*Maximum number of connections to daemon reached*/
#define AEP_R_NO_MORE_CONNECTION_HNDLS 0x10000200
/*
*
* Some AEP Type definitions
*
*/
/* an unsigned 8-bit value */
typedef unsigned char AEP_U8;
/* an unsigned 8-bit character */
typedef char AEP_CHAR;
/* a BYTE-sized Boolean flag */
typedef AEP_U8 AEP_BBOOL;
/*Unsigned value, at least 16 bits long*/
typedef unsigned short AEP_U16;
/* an unsigned value, at least 32 bits long */
#ifdef SIXTY_FOUR_BIT_LONG
typedef unsigned int AEP_U32;
#else
typedef unsigned long AEP_U32;
#endif
#ifdef SIXTY_FOUR_BIT_LONG
typedef unsigned long AEP_U64;
#else
typedef struct { unsigned long l1, l2; } AEP_U64;
#endif
/* at least 32 bits; each bit is a Boolean flag */
typedef AEP_U32 AEP_FLAGS;
typedef AEP_U8 *AEP_U8_PTR;
typedef AEP_CHAR *AEP_CHAR_PTR;
typedef AEP_U32 *AEP_U32_PTR;
typedef AEP_U64 *AEP_U64_PTR;
typedef void *AEP_VOID_PTR;
/* Pointer to a AEP_VOID_PTR-- i.e., pointer to pointer to void */
typedef AEP_VOID_PTR *AEP_VOID_PTR_PTR;
/*Used to identify an AEP connection handle*/
typedef AEP_U32 AEP_CONNECTION_HNDL;
/*Pointer to an AEP connection handle*/
typedef AEP_CONNECTION_HNDL *AEP_CONNECTION_HNDL_PTR;
/*Used by an application (in conjunction with the apps process id) to
identify an individual transaction*/
typedef AEP_U32 AEP_TRANSACTION_ID;
/*Pointer to an applications transaction identifier*/
typedef AEP_TRANSACTION_ID *AEP_TRANSACTION_ID_PTR;
/*Return value type*/
typedef AEP_U32 AEP_RV;
#define MAX_PROCESS_CONNECTIONS 256
#define RAND_BLK_SIZE 1024
typedef enum{
NotConnected= 0,
Connected= 1,
InUse= 2
} AEP_CONNECTION_STATE;
typedef struct AEP_CONNECTION_ENTRY{
AEP_CONNECTION_STATE conn_state;
AEP_CONNECTION_HNDL conn_hndl;
} AEP_CONNECTION_ENTRY;
typedef AEP_RV t_AEP_OpenConnection(AEP_CONNECTION_HNDL_PTR phConnection);
typedef AEP_RV t_AEP_CloseConnection(AEP_CONNECTION_HNDL hConnection);
typedef AEP_RV t_AEP_ModExp(AEP_CONNECTION_HNDL hConnection,
AEP_VOID_PTR pA, AEP_VOID_PTR pP,
AEP_VOID_PTR pN,
AEP_VOID_PTR pResult,
AEP_TRANSACTION_ID* pidTransID);
typedef AEP_RV t_AEP_ModExpCrt(AEP_CONNECTION_HNDL hConnection,
AEP_VOID_PTR pA, AEP_VOID_PTR pP,
AEP_VOID_PTR pQ,
AEP_VOID_PTR pDmp1, AEP_VOID_PTR pDmq1,
AEP_VOID_PTR pIqmp,
AEP_VOID_PTR pResult,
AEP_TRANSACTION_ID* pidTransID);
#ifdef AEPRAND
typedef AEP_RV t_AEP_GenRandom(AEP_CONNECTION_HNDL hConnection,
AEP_U32 Len,
AEP_U32 Type,
AEP_VOID_PTR pResult,
AEP_TRANSACTION_ID* pidTransID);
#endif
typedef AEP_RV t_AEP_Initialize(AEP_VOID_PTR pInitArgs);
typedef AEP_RV t_AEP_Finalize();
typedef AEP_RV t_AEP_SetBNCallBacks(AEP_RV (*GetBigNumSizeFunc)(),
AEP_RV (*MakeAEPBigNumFunc)(),
AEP_RV (*ConverAEPBigNumFunc)());

48
engines/vendor_defns/atalla.h Normal file
View File

@ -0,0 +1,48 @@
/* This header declares the necessary definitions for using the exponentiation
* acceleration capabilities of Atalla cards. The only cryptographic operation
* is performed by "ASI_RSAPrivateKeyOpFn" and this takes a structure that
* defines an "RSA private key". However, it is really only performing a
* regular mod_exp using the supplied modulus and exponent - no CRT form is
* being used. Hence, it is a generic mod_exp function in disguise, and we use
* it as such.
*
* Thanks to the people at Atalla for letting me know these definitions are
* fine and that they can be reproduced here.
*
* Geoff.
*/
typedef struct ItemStr
{
unsigned char *data;
int len;
} Item;
typedef struct RSAPrivateKeyStr
{
void *reserved;
Item version;
Item modulus;
Item publicExponent;
Item privateExponent;
Item prime[2];
Item exponent[2];
Item coefficient;
} RSAPrivateKey;
/* Predeclare the function pointer types that we dynamically load from the DSO.
* These use the same names and form that Ben's original support code had (in
* crypto/bn/bn_exp.c) unless of course I've inadvertently changed the style
* somewhere along the way!
*/
typedef int tfnASI_GetPerformanceStatistics(int reset_flag,
unsigned int *ret_buf);
typedef int tfnASI_GetHardwareConfig(long card_num, unsigned int *ret_buf);
typedef int tfnASI_RSAPrivateKeyOpFn(RSAPrivateKey * rsaKey,
unsigned char *output,
unsigned char *input,
unsigned int modulus_len);

234
engines/vendor_defns/cswift.h Normal file
View File

@ -0,0 +1,234 @@
/* Attribution notice: Rainbow have generously allowed me to reproduce
* the necessary definitions here from their API. This means the support
* can build independently of whether application builders have the
* API or hardware. This will allow developers to easily produce software
* that has latent hardware support for any users that have accelertors
* installed, without the developers themselves needing anything extra.
*
* I have only clipped the parts from the CryptoSwift header files that
* are (or seem) relevant to the CryptoSwift support code. This is
* simply to keep the file sizes reasonable.
* [Geoff]
*/
/* NB: These type widths do *not* seem right in general, in particular
* they're not terribly friendly to 64-bit architectures (unsigned long)
* will be 64-bit on IA-64 for a start. I'm leaving these alone as they
* agree with Rainbow's API and this will only be called into question
* on platforms with Rainbow support anyway! ;-) */
#ifdef __cplusplus
extern "C" {
#endif /* __cplusplus */
typedef long SW_STATUS; /* status */
typedef unsigned char SW_BYTE; /* 8 bit byte */
typedef unsigned short SW_U16; /* 16 bit number */
#if defined(_IRIX)
#include <sgidefs.h>
typedef __uint32_t SW_U32;
#else
typedef unsigned long SW_U32; /* 32 bit integer */
#endif
#if defined(OPENSSL_SYS_WIN32)
typedef struct _SW_U64 {
SW_U32 low32;
SW_U32 high32;
} SW_U64; /* 64 bit integer */
#elif defined(OPENSSL_SYS_MACINTOSH_CLASSIC)
typedef longlong SW_U64
#else /* Unix variants */
typedef struct _SW_U64 {
SW_U32 low32;
SW_U32 high32;
} SW_U64; /* 64 bit integer */
#endif
/* status codes */
#define SW_OK (0L)
#define SW_ERR_BASE (-10000L)
#define SW_ERR_NO_CARD (SW_ERR_BASE-1) /* The Card is not present */
#define SW_ERR_CARD_NOT_READY (SW_ERR_BASE-2) /* The card has not powered */
/* up yet */
#define SW_ERR_TIME_OUT (SW_ERR_BASE-3) /* Execution of a command */
/* time out */
#define SW_ERR_NO_EXECUTE (SW_ERR_BASE-4) /* The Card failed to */
/* execute the command */
#define SW_ERR_INPUT_NULL_PTR (SW_ERR_BASE-5) /* a required pointer is */
/* NULL */
#define SW_ERR_INPUT_SIZE (SW_ERR_BASE-6) /* size is invalid, too */
/* small, too large. */
#define SW_ERR_INVALID_HANDLE (SW_ERR_BASE-7) /* Invalid SW_ACC_CONTEXT */
/* handle */
#define SW_ERR_PENDING (SW_ERR_BASE-8) /* A request is already out- */
/* standing at this */
/* context handle */
#define SW_ERR_AVAILABLE (SW_ERR_BASE-9) /* A result is available. */
#define SW_ERR_NO_PENDING (SW_ERR_BASE-10)/* No request is pending. */
#define SW_ERR_NO_MEMORY (SW_ERR_BASE-11)/* Not enough memory */
#define SW_ERR_BAD_ALGORITHM (SW_ERR_BASE-12)/* Invalid algorithm type */
/* in SW_PARAM structure */
#define SW_ERR_MISSING_KEY (SW_ERR_BASE-13)/* No key is associated with */
/* context. */
/* swAttachKeyParam() is */
/* not called. */
#define SW_ERR_KEY_CMD_MISMATCH \
(SW_ERR_BASE-14)/* Cannot perform requested */
/* SW_COMMAND_CODE since */
/* key attached via */
/* swAttachKeyParam() */
/* cannot be used for this*/
/* SW_COMMAND_CODE. */
#define SW_ERR_NOT_IMPLEMENTED \
(SW_ERR_BASE-15)/* Not implemented */
#define SW_ERR_BAD_COMMAND (SW_ERR_BASE-16)/* Bad command code */
#define SW_ERR_BAD_ITEM_SIZE (SW_ERR_BASE-17)/* too small or too large in */
/* the "initems" or */
/* "outitems". */
#define SW_ERR_BAD_ACCNUM (SW_ERR_BASE-18)/* Bad accelerator number */
#define SW_ERR_SELFTEST_FAIL (SW_ERR_BASE-19)/* At least one of the self */
/* test fail, look at the */
/* selfTestBitmap in */
/* SW_ACCELERATOR_INFO for*/
/* details. */
#define SW_ERR_MISALIGN (SW_ERR_BASE-20)/* Certain alogrithms require*/
/* key materials aligned */
/* in certain order, e.g. */
/* 128 bit for CRT */
#define SW_ERR_OUTPUT_NULL_PTR \
(SW_ERR_BASE-21)/* a required pointer is */
/* NULL */
#define SW_ERR_OUTPUT_SIZE \
(SW_ERR_BASE-22)/* size is invalid, too */
/* small, too large. */
#define SW_ERR_FIRMWARE_CHECKSUM \
(SW_ERR_BASE-23)/* firmware checksum mismatch*/
/* download failed. */
#define SW_ERR_UNKNOWN_FIRMWARE \
(SW_ERR_BASE-24)/* unknown firmware error */
#define SW_ERR_INTERRUPT (SW_ERR_BASE-25)/* request is abort when */
/* it's waiting to be */
/* completed. */
#define SW_ERR_NVWRITE_FAIL (SW_ERR_BASE-26)/* error in writing to Non- */
/* volatile memory */
#define SW_ERR_NVWRITE_RANGE (SW_ERR_BASE-27)/* out of range error in */
/* writing to NV memory */
#define SW_ERR_RNG_ERROR (SW_ERR_BASE-28)/* Random Number Generation */
/* failure */
#define SW_ERR_DSS_FAILURE (SW_ERR_BASE-29)/* DSS Sign or Verify failure*/
#define SW_ERR_MODEXP_FAILURE (SW_ERR_BASE-30)/* Failure in various math */
/* calculations */
#define SW_ERR_ONBOARD_MEMORY (SW_ERR_BASE-31)/* Error in accessing on - */
/* board memory */
#define SW_ERR_FIRMWARE_VERSION \
(SW_ERR_BASE-32)/* Wrong version in firmware */
/* update */
#define SW_ERR_ZERO_WORKING_ACCELERATOR \
(SW_ERR_BASE-44)/* All accelerators are bad */
/* algorithm type */
#define SW_ALG_CRT 1
#define SW_ALG_EXP 2
#define SW_ALG_DSA 3
#define SW_ALG_NVDATA 4
/* command code */
#define SW_CMD_MODEXP_CRT 1 /* perform Modular Exponentiation using */
/* Chinese Remainder Theorem (CRT) */
#define SW_CMD_MODEXP 2 /* perform Modular Exponentiation */
#define SW_CMD_DSS_SIGN 3 /* perform DSS sign */
#define SW_CMD_DSS_VERIFY 4 /* perform DSS verify */
#define SW_CMD_RAND 5 /* perform random number generation */
#define SW_CMD_NVREAD 6 /* perform read to nonvolatile RAM */
#define SW_CMD_NVWRITE 7 /* perform write to nonvolatile RAM */
typedef SW_U32 SW_ALGTYPE; /* alogrithm type */
typedef SW_U32 SW_STATE; /* state */
typedef SW_U32 SW_COMMAND_CODE; /* command code */
typedef SW_U32 SW_COMMAND_BITMAP[4]; /* bitmap */
typedef struct _SW_LARGENUMBER {
SW_U32 nbytes; /* number of bytes in the buffer "value" */
SW_BYTE* value; /* the large integer as a string of */
/* bytes in network (big endian) order */
} SW_LARGENUMBER;
#if defined(OPENSSL_SYS_WIN32)
#include <windows.h>
typedef HANDLE SW_OSHANDLE; /* handle to kernel object */
#define SW_OS_INVALID_HANDLE INVALID_HANDLE_VALUE
#define SW_CALLCONV _stdcall
#elif defined(OPENSSL_SYS_MACINTOSH_CLASSIC)
/* async callback mechanisms */
/* swiftCallbackLevel */
#define SW_MAC_CALLBACK_LEVEL_NO 0
#define SW_MAC_CALLBACK_LEVEL_HARDWARE 1 /* from the hardware ISR */
#define SW_MAC_CALLBACK_LEVEL_SECONDARY 2 /* as secondary ISR */
typedef int SW_MAC_CALLBACK_LEVEL;
typedef int SW_OSHANDLE;
#define SW_OS_INVALID_HANDLE (-1)
#define SW_CALLCONV
#else /* Unix variants */
typedef int SW_OSHANDLE; /* handle to driver */
#define SW_OS_INVALID_HANDLE (-1)
#define SW_CALLCONV
#endif
typedef struct _SW_CRT {
SW_LARGENUMBER p; /* prime number p */
SW_LARGENUMBER q; /* prime number q */
SW_LARGENUMBER dmp1; /* exponent1 */
SW_LARGENUMBER dmq1; /* exponent2 */
SW_LARGENUMBER iqmp; /* CRT coefficient */
} SW_CRT;
typedef struct _SW_EXP {
SW_LARGENUMBER modulus; /* modulus */
SW_LARGENUMBER exponent;/* exponent */
} SW_EXP;
typedef struct _SW_DSA {
SW_LARGENUMBER p; /* */
SW_LARGENUMBER q; /* */
SW_LARGENUMBER g; /* */
SW_LARGENUMBER key; /* private/public key */
} SW_DSA;
typedef struct _SW_NVDATA {
SW_U32 accnum; /* accelerator board number */
SW_U32 offset; /* offset in byte */
} SW_NVDATA;
typedef struct _SW_PARAM {
SW_ALGTYPE type; /* type of the alogrithm */
union {
SW_CRT crt;
SW_EXP exp;
SW_DSA dsa;
SW_NVDATA nvdata;
} up;
} SW_PARAM;
typedef SW_U32 SW_CONTEXT_HANDLE; /* opaque context handle */
/* Now the OpenSSL bits, these function types are the for the function
* pointers that will bound into the Rainbow shared libraries. */
typedef SW_STATUS SW_CALLCONV t_swAcquireAccContext(SW_CONTEXT_HANDLE *hac);
typedef SW_STATUS SW_CALLCONV t_swAttachKeyParam(SW_CONTEXT_HANDLE hac,
SW_PARAM *key_params);
typedef SW_STATUS SW_CALLCONV t_swSimpleRequest(SW_CONTEXT_HANDLE hac,
SW_COMMAND_CODE cmd,
SW_LARGENUMBER pin[],
SW_U32 pin_count,
SW_LARGENUMBER pout[],
SW_U32 pout_count);
typedef SW_STATUS SW_CALLCONV t_swReleaseAccContext(SW_CONTEXT_HANDLE hac);
#ifdef __cplusplus
}
#endif /* __cplusplus */

149
engines/vendor_defns/hw_4758_cca.h Normal file
View File

@ -0,0 +1,149 @@
/**********************************************************************/
/* */
/* Prototypes of the CCA verbs used by the 4758 CCA openssl driver */
/* */
/* Maurice Gittens <maurice@gittens.nl> */
/* */
/**********************************************************************/
#ifndef __HW_4758_CCA__
#define __HW_4758_CCA__
/*
* Only WIN32 support for now
*/
#if defined(WIN32)
#define CCA_LIB_NAME "CSUNSAPI"
#define CSNDPKX "CSNDPKX_32"
#define CSNDKRR "CSNDKRR_32"
#define CSNDPKE "CSNDPKE_32"
#define CSNDPKD "CSNDPKD_32"
#define CSNDDSV "CSNDDSV_32"
#define CSNDDSG "CSNDDSG_32"
#define CSNBRNG "CSNBRNG_32"
#define SECURITYAPI __stdcall
#else
/* Fixme!!
Find out the values of these constants for other platforms.
*/
#define CCA_LIB_NAME "CSUNSAPI"
#define CSNDPKX "CSNDPKX"
#define CSNDKRR "CSNDKRR"
#define CSNDPKE "CSNDPKE"
#define CSNDPKD "CSNDPKD"
#define CSNDDSV "CSNDDSV"
#define CSNDDSG "CSNDDSG"
#define CSNBRNG "CSNBRNG"
#define SECURITYAPI
#endif
/*
* security API prototypes
*/
/* PKA Key Record Read */
typedef void (SECURITYAPI *F_KEYRECORDREAD)
(long * return_code,
long * reason_code,
long * exit_data_length,
unsigned char * exit_data,
long * rule_array_count,
unsigned char * rule_array,
unsigned char * key_label,
long * key_token_length,
unsigned char * key_token);
/* Random Number Generate */
typedef void (SECURITYAPI *F_RANDOMNUMBERGENERATE)
(long * return_code,
long * reason_code,
long * exit_data_length,
unsigned char * exit_data,
unsigned char * form,
unsigned char * random_number);
/* Digital Signature Generate */
typedef void (SECURITYAPI *F_DIGITALSIGNATUREGENERATE)
(long * return_code,
long * reason_code,
long * exit_data_length,
unsigned char * exit_data,
long * rule_array_count,
unsigned char * rule_array,
long * PKA_private_key_id_length,
unsigned char * PKA_private_key_id,
long * hash_length,
unsigned char * hash,
long * signature_field_length,
long * signature_bit_length,
unsigned char * signature_field);
/* Digital Signature Verify */
typedef void (SECURITYAPI *F_DIGITALSIGNATUREVERIFY)(
long * return_code,
long * reason_code,
long * exit_data_length,
unsigned char * exit_data,
long * rule_array_count,
unsigned char * rule_array,
long * PKA_public_key_id_length,
unsigned char * PKA_public_key_id,
long * hash_length,
unsigned char * hash,
long * signature_field_length,
unsigned char * signature_field);
/* PKA Public Key Extract */
typedef void (SECURITYAPI *F_PUBLICKEYEXTRACT)(
long * return_code,
long * reason_code,
long * exit_data_length,
unsigned char * exit_data,
long * rule_array_count,
unsigned char * rule_array,
long * source_key_identifier_length,
unsigned char * source_key_identifier,
long * target_key_token_length,
unsigned char * target_key_token);
/* PKA Encrypt */
typedef void (SECURITYAPI *F_PKAENCRYPT)
(long * return_code,
long * reason_code,
long * exit_data_length,
unsigned char * exit_data,
long * rule_array_count,
unsigned char * rule_array,
long * key_value_length,
unsigned char * key_value,
long * data_struct_length,
unsigned char * data_struct,
long * RSA_public_key_length,
unsigned char * RSA_public_key,
long * RSA_encipher_length,
unsigned char * RSA_encipher );
/* PKA Decrypt */
typedef void (SECURITYAPI *F_PKADECRYPT)
(long * return_code,
long * reason_code,
long * exit_data_length,
unsigned char * exit_data,
long * rule_array_count,
unsigned char * rule_array,
long * enciphered_key_length,
unsigned char * enciphered_key,
long * data_struct_length,
unsigned char * data_struct,
long * RSA_private_key_length,
unsigned char * RSA_private_key,
long * key_value_length,
unsigned char * key_value );
#endif

100
engines/vendor_defns/hw_ubsec.h Normal file
View File

@ -0,0 +1,100 @@
/******************************************************************************
*
* Copyright 2000
* Broadcom Corporation
* 16215 Alton Parkway
* PO Box 57013
* Irvine CA 92619-7013
*
*****************************************************************************/
/*
* Broadcom Corporation uBSec SDK
*/
/*
* Character device header file.
*/
/*
* Revision History:
*
* October 2000 JTT Created.
*/
#define MAX_PUBLIC_KEY_BITS (1024)
#define MAX_PUBLIC_KEY_BYTES (1024/8)
#define SHA_BIT_SIZE (160)
#define MAX_CRYPTO_KEY_LENGTH 24
#define MAX_MAC_KEY_LENGTH 64
#define UBSEC_CRYPTO_DEVICE_NAME ((unsigned char *)"/dev/ubscrypt")
#define UBSEC_KEY_DEVICE_NAME ((unsigned char *)"/dev/ubskey")
/* Math command types. */
#define UBSEC_MATH_MODADD 0x0001
#define UBSEC_MATH_MODSUB 0x0002
#define UBSEC_MATH_MODMUL 0x0004
#define UBSEC_MATH_MODEXP 0x0008
#define UBSEC_MATH_MODREM 0x0010
#define UBSEC_MATH_MODINV 0x0020
typedef long ubsec_MathCommand_t;
typedef long ubsec_RNGCommand_t;
typedef struct ubsec_crypto_context_s {
unsigned int flags;
unsigned char crypto[MAX_CRYPTO_KEY_LENGTH];
unsigned char auth[MAX_MAC_KEY_LENGTH];
} ubsec_crypto_context_t, *ubsec_crypto_context_p;
/*
* Predeclare the function pointer types that we dynamically load from the DSO.
*/
typedef int t_UBSEC_ubsec_bytes_to_bits(unsigned char *n, int bytes);
typedef int t_UBSEC_ubsec_bits_to_bytes(int bits);
typedef int t_UBSEC_ubsec_open(unsigned char *device);
typedef int t_UBSEC_ubsec_close(int fd);
typedef int t_UBSEC_diffie_hellman_generate_ioctl (int fd,
unsigned char *x, int *x_len, unsigned char *y, int *y_len,
unsigned char *g, int g_len, unsigned char *m, int m_len,
unsigned char *userX, int userX_len, int random_bits);
typedef int t_UBSEC_diffie_hellman_agree_ioctl (int fd,
unsigned char *x, int x_len, unsigned char *y, int y_len,
unsigned char *m, int m_len, unsigned char *k, int *k_len);
typedef int t_UBSEC_rsa_mod_exp_ioctl (int fd,
unsigned char *x, int x_len, unsigned char *m, int m_len,
unsigned char *e, int e_len, unsigned char *y, int *y_len);
typedef int t_UBSEC_rsa_mod_exp_crt_ioctl (int fd,
unsigned char *x, int x_len, unsigned char *qinv, int qinv_len,
unsigned char *edq, int edq_len, unsigned char *q, int q_len,
unsigned char *edp, int edp_len, unsigned char *p, int p_len,
unsigned char *y, int *y_len);
typedef int t_UBSEC_dsa_sign_ioctl (int fd,
int hash, unsigned char *data, int data_len,
unsigned char *rndom, int random_len,
unsigned char *p, int p_len, unsigned char *q, int q_len,
unsigned char *g, int g_len, unsigned char *key, int key_len,
unsigned char *r, int *r_len, unsigned char *s, int *s_len);
typedef int t_UBSEC_dsa_verify_ioctl (int fd,
int hash, unsigned char *data, int data_len,
unsigned char *p, int p_len, unsigned char *q, int q_len,
unsigned char *g, int g_len, unsigned char *key, int key_len,
unsigned char *r, int r_len, unsigned char *s, int s_len,
unsigned char *v, int *v_len);
typedef int t_UBSEC_math_accelerate_ioctl(int fd, ubsec_MathCommand_t command,
unsigned char *ModN, int *ModN_len, unsigned char *ExpE, int *ExpE_len,
unsigned char *ParamA, int *ParamA_len, unsigned char *ParamB, int *ParamB_len,
unsigned char *Result, int *Result_len);
typedef int t_UBSEC_rng_ioctl(int fd, ubsec_RNGCommand_t command,
unsigned char *Result, int *Result_len);
typedef int t_UBSEC_max_key_len_ioctl(int fd, int *max_key_len);

486
engines/vendor_defns/hwcryptohook.h Normal file
View File

@ -0,0 +1,486 @@
/*
* ModExp / RSA (with/without KM) plugin API
*
* The application will load a dynamic library which
* exports entrypoint(s) defined in this file.
*
* This set of entrypoints provides only a multithreaded,
* synchronous-within-each-thread, facility.
*
*
* This file is Copyright 1998-2000 nCipher Corporation Limited.
*
* Redistribution and use in source and binary forms, with opr without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the copyright notice,
* this list of conditions, and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions, and the following
* disclaimer, in the documentation and/or other materials provided
* with the distribution
*
* IN NO EVENT SHALL NCIPHER CORPORATION LIMITED (`NCIPHER') AND/OR
* ANY OTHER AUTHORS OR DISTRIBUTORS OF THIS FILE BE LIABLE for any
* damages arising directly or indirectly from this file, its use or
* this licence. Without prejudice to the generality of the
* foregoing: all liability shall be excluded for direct, indirect,
* special, incidental, consequential or other damages or any loss of
* profits, business, revenue goodwill or anticipated savings;
* liability shall be excluded even if nCipher or anyone else has been
* advised of the possibility of damage. In any event, if the
* exclusion of liability is not effective, the liability of nCipher
* or any author or distributor shall be limited to the lesser of the
* price paid and 1,000 pounds sterling. This licence only fails to
* exclude or limit liability for death or personal injury arising out
* of negligence, and only to the extent that such an exclusion or
* limitation is not effective.
*
* NCIPHER AND THE AUTHORS AND DISTRIBUTORS SPECIFICALLY DISCLAIM ALL
* AND ANY WARRANTIES (WHETHER EXPRESS OR IMPLIED), including, but not
* limited to, any implied warranties of merchantability, fitness for
* a particular purpose, satisfactory quality, and/or non-infringement
* of any third party rights.
*
* US Government use: This software and documentation is Commercial
* Computer Software and Computer Software Documentation, as defined in
* sub-paragraphs (a)(1) and (a)(5) of DFAR 252.227-7014, "Rights in
* Noncommercial Computer Software and Noncommercial Computer Software
* Documentation." Use, duplication or disclosure by the Government is
* subject to the terms and conditions specified here.
*
* By using or distributing this file you will be accepting these
* terms and conditions, including the limitation of liability and
* lack of warranty. If you do not wish to accept these terms and
* conditions, DO NOT USE THE FILE.
*
*
* The actual dynamically loadable plugin, and the library files for
* static linking, which are also provided in some distributions, are
* not covered by the licence described above. You should have
* received a separate licence with terms and conditions for these
* library files; if you received the library files without a licence,
* please contact nCipher.
*
*
* $Id: hwcryptohook.h,v 1.1 2002/10/11 17:10:59 levitte Exp $
*/
#ifndef HWCRYPTOHOOK_H
#define HWCRYPTOHOOK_H
#include <sys/types.h>
#include <stdio.h>
#ifndef HWCRYPTOHOOK_DECLARE_APPTYPES
#define HWCRYPTOHOOK_DECLARE_APPTYPES 1
#endif
#define HWCRYPTOHOOK_ERROR_FAILED -1
#define HWCRYPTOHOOK_ERROR_FALLBACK -2
#define HWCRYPTOHOOK_ERROR_MPISIZE -3
#if HWCRYPTOHOOK_DECLARE_APPTYPES
/* These structs are defined by the application and opaque to the
* crypto plugin. The application may define these as it sees fit.
* Default declarations are provided here, but the application may
* #define HWCRYPTOHOOK_DECLARE_APPTYPES 0
* to prevent these declarations, and instead provide its own
* declarations of these types. (Pointers to them must still be
* ordinary pointers to structs or unions, or the resulting combined
* program will have a type inconsistency.)
*/
typedef struct HWCryptoHook_MutexValue HWCryptoHook_Mutex;
typedef struct HWCryptoHook_CondVarValue HWCryptoHook_CondVar;
typedef struct HWCryptoHook_PassphraseContextValue HWCryptoHook_PassphraseContext;
typedef struct HWCryptoHook_CallerContextValue HWCryptoHook_CallerContext;
#endif /* HWCRYPTOHOOK_DECLARE_APPTYPES */
/* These next two structs are opaque to the application. The crypto
* plugin will return pointers to them; the caller simply manipulates
* the pointers.
*/
typedef struct HWCryptoHook_Context *HWCryptoHook_ContextHandle;
typedef struct HWCryptoHook_RSAKey *HWCryptoHook_RSAKeyHandle;
typedef struct {
char *buf;
size_t size;
} HWCryptoHook_ErrMsgBuf;
/* Used for error reporting. When a HWCryptoHook function fails it
* will return a sentinel value (0 for pointer-valued functions, or a
* negative number, usually HWCRYPTOHOOK_ERROR_FAILED, for
* integer-valued ones). It will, if an ErrMsgBuf is passed, also put
* an error message there.
*
* size is the size of the buffer, and will not be modified. If you
* pass 0 for size you must pass 0 for buf, and nothing will be
* recorded (just as if you passed 0 for the struct pointer).
* Messages written to the buffer will always be null-terminated, even
* when truncated to fit within size bytes.
*
* The contents of the buffer are not defined if there is no error.
*/
typedef struct HWCryptoHook_MPIStruct {
unsigned char *buf;
size_t size;
} HWCryptoHook_MPI;
/* When one of these is returned, a pointer is passed to the function.
* At call, size is the space available. Afterwards it is updated to
* be set to the actual length (which may be more than the space available,
* if there was not enough room and the result was truncated).
* buf (the pointer) is not updated.
*
* size is in bytes and may be zero at call or return, but must be a
* multiple of the limb size. Zero limbs at the MS end are not
* permitted.
*/
#define HWCryptoHook_InitFlags_FallbackModExp 0x0002UL
#define HWCryptoHook_InitFlags_FallbackRSAImmed 0x0004UL
/* Enable requesting fallback to software in case of problems with the
* hardware support. This indicates to the crypto provider that the
* application is prepared to fall back to software operation if the
* ModExp* or RSAImmed* functions return HWCRYPTOHOOK_ERROR_FALLBACK.
* Without this flag those calls will never return
* HWCRYPTOHOOK_ERROR_FALLBACK. The flag will also cause the crypto
* provider to avoid repeatedly attempting to contact dead hardware
* within a short interval, if appropriate.
*/
#define HWCryptoHook_InitFlags_SimpleForkCheck 0x0010UL
/* Without _SimpleForkCheck the library is allowed to assume that the
* application will not fork and call the library in the child(ren).
*
* When it is specified, this is allowed. However, after a fork
* neither parent nor child may unload any loaded keys or call
* _Finish. Instead, they should call exit (or die with a signal)
* without calling _Finish. After all the children have died the
* parent may unload keys or call _Finish.
*
* This flag only has any effect on UN*X platforms.
*/
typedef struct {
unsigned long flags;
void *logstream; /* usually a FILE*. See below. */
size_t limbsize; /* bignum format - size of radix type, must be power of 2 */
int mslimbfirst; /* 0 or 1 */
int msbytefirst; /* 0 or 1; -1 = native */
/* All the callback functions should return 0 on success, or a
* nonzero integer (whose value will be visible in the error message
* put in the buffer passed to the call).
*
* If a callback is not available pass a null function pointer.
*
* The callbacks may not call down again into the crypto plugin.
*/
/* For thread-safety. Set everything to 0 if you promise only to be
* singlethreaded. maxsimultaneous is the number of calls to
* ModExp[Crt]/RSAImmed{Priv,Pub}/RSA. If you don't know what to
* put there then say 0 and the hook library will use a default.
*
* maxmutexes is a small limit on the number of simultaneous mutexes
* which will be requested by the library. If there is no small
* limit, set it to 0. If the crypto plugin cannot create the
* advertised number of mutexes the calls to its functions may fail.
* If a low number of mutexes is advertised the plugin will try to
* do the best it can. Making larger numbers of mutexes available
* may improve performance and parallelism by reducing contention
* over critical sections. Unavailability of any mutexes, implying
* single-threaded operation, should be indicated by the setting
* mutex_init et al to 0.
*/
int maxmutexes;
int maxsimultaneous;
size_t mutexsize;
int (*mutex_init)(HWCryptoHook_Mutex*, HWCryptoHook_CallerContext *cactx);
int (*mutex_acquire)(HWCryptoHook_Mutex*);
void (*mutex_release)(HWCryptoHook_Mutex*);
void (*mutex_destroy)(HWCryptoHook_Mutex*);
/* For greater efficiency, can use condition vars internally for
* synchronisation. In this case maxsimultaneous is ignored, but
* the other mutex stuff must be available. In singlethreaded
* programs, set everything to 0.
*/
size_t condvarsize;
int (*condvar_init)(HWCryptoHook_CondVar*, HWCryptoHook_CallerContext *cactx);
int (*condvar_wait)(HWCryptoHook_CondVar*, HWCryptoHook_Mutex*);
void (*condvar_signal)(HWCryptoHook_CondVar*);
void (*condvar_broadcast)(HWCryptoHook_CondVar*);
void (*condvar_destroy)(HWCryptoHook_CondVar*);
/* The semantics of acquiring and releasing mutexes and broadcasting
* and waiting on condition variables are expected to be those from
* POSIX threads (pthreads). The mutexes may be (in pthread-speak)
* fast mutexes, recursive mutexes, or nonrecursive ones.
*
* The _release/_signal/_broadcast and _destroy functions must
* always succeed when given a valid argument; if they are given an
* invalid argument then the program (crypto plugin + application)
* has an internal error, and they should abort the program.
*/
int (*getpassphrase)(const char *prompt_info,
int *len_io, char *buf,
HWCryptoHook_PassphraseContext *ppctx,
HWCryptoHook_CallerContext *cactx);
/* Passphrases and the prompt_info, if they contain high-bit-set
* characters, are UTF-8. The prompt_info may be a null pointer if
* no prompt information is available (it should not be an empty
* string). It will not contain text like `enter passphrase';
* instead it might say something like `Operator Card for John
* Smith' or `SmartCard in nFast Module #1, Slot #1'.
*
* buf points to a buffer in which to return the passphrase; on
* entry *len_io is the length of the buffer. It should be updated
* by the callback. The returned passphrase should not be
* null-terminated by the callback.
*/
int (*getphystoken)(const char *prompt_info,
const char *wrong_info,
HWCryptoHook_PassphraseContext *ppctx,
HWCryptoHook_CallerContext *cactx);
/* Requests that the human user physically insert a different
* smartcard, DataKey, etc. The plugin should check whether the
* currently inserted token(s) are appropriate, and if they are it
* should not make this call.
*
* prompt_info is as before. wrong_info is a description of the
* currently inserted token(s) so that the user is told what
* something is. wrong_info, like prompt_info, may be null, but
* should not be an empty string. Its contents should be
* syntactically similar to that of prompt_info.
*/
/* Note that a single LoadKey operation might cause several calls to
* getpassphrase and/or requestphystoken. If requestphystoken is
* not provided (ie, a null pointer is passed) then the plugin may
* not support loading keys for which authorisation by several cards
* is required. If getpassphrase is not provided then cards with
* passphrases may not be supported.
*
* getpassphrase and getphystoken do not need to check that the
* passphrase has been entered correctly or the correct token
* inserted; the crypto plugin will do that. If this is not the
* case then the crypto plugin is responsible for calling these
* routines again as appropriate until the correct token(s) and
* passphrase(s) are supplied as required, or until any retry limits
* implemented by the crypto plugin are reached.
*
* In either case, the application must allow the user to say `no'
* or `cancel' to indicate that they do not know the passphrase or
* have the appropriate token; this should cause the callback to
* return nonzero indicating error.
*/
void (*logmessage)(void *logstream, const char *message);
/* A log message will be generated at least every time something goes
* wrong and an ErrMsgBuf is filled in (or would be if one was
* provided). Other diagnostic information may be written there too,
* including more detailed reasons for errors which are reported in an
* ErrMsgBuf.
*
* When a log message is generated, this callback is called. It
* should write a message to the relevant logging arrangements.
*
* The message string passed will be null-terminated and may be of arbitrary
* length. It will not be prefixed by the time and date, nor by the
* name of the library that is generating it - if this is required,
* the logmessage callback must do it. The message will not have a
* trailing newline (though it may contain internal newlines).
*
* If a null pointer is passed for logmessage a default function is
* used. The default function treats logstream as a FILE* which has
* been converted to a void*. If logstream is 0 it does nothing.
* Otherwise it prepends the date and time and library name and
* writes the message to logstream. Each line will be prefixed by a
* descriptive string containing the date, time and identity of the
* crypto plugin. Errors on the logstream are not reported
* anywhere, and the default function doesn't flush the stream, so
* the application must set the buffering how it wants it.
*
* The crypto plugin may also provide a facility to have copies of
* log messages sent elsewhere, and or for adjusting the verbosity
* of the log messages; any such facilities will be configured by
* external means.
*/
} HWCryptoHook_InitInfo;
typedef
HWCryptoHook_ContextHandle HWCryptoHook_Init_t(const HWCryptoHook_InitInfo *initinfo,
size_t initinfosize,
const HWCryptoHook_ErrMsgBuf *errors,
HWCryptoHook_CallerContext *cactx);
extern HWCryptoHook_Init_t HWCryptoHook_Init;
/* Caller should set initinfosize to the size of the HWCryptoHook struct,
* so it can be extended later.
*
* On success, a message for display or logging by the server,
* including the name and version number of the plugin, will be filled
* in into *errors; on failure *errors is used for error handling, as
* usual.
*/
/* All these functions return 0 on success, HWCRYPTOHOOK_ERROR_FAILED
* on most failures. HWCRYPTOHOOK_ERROR_MPISIZE means at least one of
* the output MPI buffer(s) was too small; the sizes of all have been
* set to the desired size (and for those where the buffer was large
* enough, the value may have been copied in), and no error message
* has been recorded.
*
* You may pass 0 for the errors struct. In any case, unless you set
* _NoStderr at init time then messages may be reported to stderr.
*/
/* The RSAImmed* functions (and key managed RSA) only work with
* modules which have an RSA patent licence - currently that means KM
* units; the ModExp* ones work with all modules, so you need a patent
* licence in the software in the US. They are otherwise identical.
*/
typedef
void HWCryptoHook_Finish_t(HWCryptoHook_ContextHandle hwctx);
extern HWCryptoHook_Finish_t HWCryptoHook_Finish;
/* You must not have any calls going or keys loaded when you call this. */
typedef
int HWCryptoHook_RandomBytes_t(HWCryptoHook_ContextHandle hwctx,
unsigned char *buf, size_t len,
const HWCryptoHook_ErrMsgBuf *errors);
extern HWCryptoHook_RandomBytes_t HWCryptoHook_RandomBytes;
typedef
int HWCryptoHook_ModExp_t(HWCryptoHook_ContextHandle hwctx,
HWCryptoHook_MPI a,
HWCryptoHook_MPI p,
HWCryptoHook_MPI n,
HWCryptoHook_MPI *r,
const HWCryptoHook_ErrMsgBuf *errors);
extern HWCryptoHook_ModExp_t HWCryptoHook_ModExp;
typedef
int HWCryptoHook_RSAImmedPub_t(HWCryptoHook_ContextHandle hwctx,
HWCryptoHook_MPI m,
HWCryptoHook_MPI e,
HWCryptoHook_MPI n,
HWCryptoHook_MPI *r,
const HWCryptoHook_ErrMsgBuf *errors);
extern HWCryptoHook_RSAImmedPub_t HWCryptoHook_RSAImmedPub;
typedef
int HWCryptoHook_ModExpCRT_t(HWCryptoHook_ContextHandle hwctx,
HWCryptoHook_MPI a,
HWCryptoHook_MPI p,
HWCryptoHook_MPI q,
HWCryptoHook_MPI dmp1,
HWCryptoHook_MPI dmq1,
HWCryptoHook_MPI iqmp,
HWCryptoHook_MPI *r,
const HWCryptoHook_ErrMsgBuf *errors);
extern HWCryptoHook_ModExpCRT_t HWCryptoHook_ModExpCRT;
typedef
int HWCryptoHook_RSAImmedPriv_t(HWCryptoHook_ContextHandle hwctx,
HWCryptoHook_MPI m,
HWCryptoHook_MPI p,
HWCryptoHook_MPI q,
HWCryptoHook_MPI dmp1,
HWCryptoHook_MPI dmq1,
HWCryptoHook_MPI iqmp,
HWCryptoHook_MPI *r,
const HWCryptoHook_ErrMsgBuf *errors);
extern HWCryptoHook_RSAImmedPriv_t HWCryptoHook_RSAImmedPriv;
/* The RSAImmed* and ModExp* functions may return E_FAILED or
* E_FALLBACK for failure.
*
* E_FAILED means the failure is permanent and definite and there
* should be no attempt to fall back to software. (Eg, for some
* applications, which support only the acceleration-only
* functions, the `key material' may actually be an encoded key
* identifier, and doing the operation in software would give wrong
* answers.)
*
* E_FALLBACK means that doing the computation in software would seem
* reasonable. If an application pays attention to this and is
* able to fall back, it should also set the Fallback init flags.
*/
typedef
int HWCryptoHook_RSALoadKey_t(HWCryptoHook_ContextHandle hwctx,
const char *key_ident,
HWCryptoHook_RSAKeyHandle *keyhandle_r,
const HWCryptoHook_ErrMsgBuf *errors,
HWCryptoHook_PassphraseContext *ppctx);
extern HWCryptoHook_RSALoadKey_t HWCryptoHook_RSALoadKey;
/* The key_ident is a null-terminated string configured by the
* user via the application's usual configuration mechanisms.
* It is provided to the user by the crypto provider's key management
* system. The user must be able to enter at least any string of between
* 1 and 1023 characters inclusive, consisting of printable 7-bit
* ASCII characters. The provider should avoid using
* any characters except alphanumerics and the punctuation
* characters _ - + . / @ ~ (the user is expected to be able
* to enter these without quoting). The string may be case-sensitive.
* The application may allow the user to enter other NULL-terminated strings,
* and the provider must cope (returning an error if the string is not
* valid).
*
* If the key does not exist, no error is recorded and 0 is returned;
* keyhandle_r will be set to 0 instead of to a key handle.
*/
typedef
int HWCryptoHook_RSAGetPublicKey_t(HWCryptoHook_RSAKeyHandle k,
HWCryptoHook_MPI *n,
HWCryptoHook_MPI *e,
const HWCryptoHook_ErrMsgBuf *errors);
extern HWCryptoHook_RSAGetPublicKey_t HWCryptoHook_RSAGetPublicKey;
/* The crypto plugin will not store certificates.
*
* Although this function for acquiring the public key value is
* provided, it is not the purpose of this API to deal fully with the
* handling of the public key.
*
* It is expected that the crypto supplier's key generation program
* will provide general facilities for producing X.509
* self-certificates and certificate requests in PEM format. These
* will be given to the user so that they can configure them in the
* application, send them to CAs, or whatever.
*
* In case this kind of certificate handling is not appropriate, the
* crypto supplier's key generation program should be able to be
* configured not to generate such a self-certificate or certificate
* request. Then the application will need to do all of this, and
* will need to store and handle the public key and certificates
* itself.
*/
typedef
int HWCryptoHook_RSAUnloadKey_t(HWCryptoHook_RSAKeyHandle k,
const HWCryptoHook_ErrMsgBuf *errors);
extern HWCryptoHook_RSAUnloadKey_t HWCryptoHook_RSAUnloadKey;
/* Might fail due to locking problems, or other serious internal problems. */
typedef
int HWCryptoHook_RSA_t(HWCryptoHook_MPI m,
HWCryptoHook_RSAKeyHandle k,
HWCryptoHook_MPI *r,
const HWCryptoHook_ErrMsgBuf *errors);
extern HWCryptoHook_RSA_t HWCryptoHook_RSA;
/* RSA private key operation (sign or decrypt) - raw, unpadded. */
#endif /*HWCRYPTOHOOK_H*/

239
engines/vendor_defns/sureware.h Normal file
View File

@ -0,0 +1,239 @@
/*
* Written by Corinne Dive-Reclus(cdive@baltimore.com)
*
* Copyright@2001 Baltimore Technologies Ltd.
* *
* THIS FILE IS PROVIDED BY BALTIMORE TECHNOLOGIES ``AS IS'' AND *
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE *
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE *
* ARE DISCLAIMED. IN NO EVENT SHALL BALTIMORE TECHNOLOGIES BE LIABLE *
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL *
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS *
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) *
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT *
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY *
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF *
* SUCH DAMAGE. *
*
*
*/
#ifdef WIN32
#define SW_EXPORT __declspec ( dllexport )
#else
#define SW_EXPORT
#endif
/*
* List of exposed SureWare errors
*/
#define SUREWAREHOOK_ERROR_FAILED -1
#define SUREWAREHOOK_ERROR_FALLBACK -2
#define SUREWAREHOOK_ERROR_UNIT_FAILURE -3
#define SUREWAREHOOK_ERROR_DATA_SIZE -4
#define SUREWAREHOOK_ERROR_INVALID_PAD -5
/*
* -----------------WARNING-----------------------------------
* In all the following functions:
* msg is a string with at least 24 bytes free.
* A 24 bytes string will be concatenated to the existing content of msg.
*/
/*
* SureWare Initialisation function
* in param threadsafe, if !=0, thread safe enabled
* return SureWareHOOK_ERROR_UNIT_FAILURE if failure, 1 if success
*/
typedef int SureWareHook_Init_t(char*const msg,int threadsafe);
extern SW_EXPORT SureWareHook_Init_t SureWareHook_Init;
/*
* SureWare Finish function
*/
typedef void SureWareHook_Finish_t();
extern SW_EXPORT SureWareHook_Finish_t SureWareHook_Finish;
/*
* PRE_CONDITION:
* DO NOT CALL ANY OF THE FOLLOWING FUNCTIONS IN CASE OF INIT FAILURE
*/
/*
* SureWare RAND Bytes function
* In case of failure, the content of buf is unpredictable.
* return 1 if success
* SureWareHOOK_ERROR_FALLBACK if function not available in hardware
* SureWareHOOK_ERROR_FAILED if error while processing
* SureWareHOOK_ERROR_UNIT_FAILURE if hardware failure
* SUREWAREHOOK_ERROR_DATA_SIZE wrong size for buf
*
* in/out param buf : a num bytes long buffer where random bytes will be put
* in param num : the number of bytes into buf
*/
typedef int SureWareHook_Rand_Bytes_t(char*const msg,unsigned char *buf, int num);
extern SW_EXPORT SureWareHook_Rand_Bytes_t SureWareHook_Rand_Bytes;
/*
* SureWare RAND Seed function
* Adds some seed to the Hardware Random Number Generator
* return 1 if success
* SureWareHOOK_ERROR_FALLBACK if function not available in hardware
* SureWareHOOK_ERROR_FAILED if error while processing
* SureWareHOOK_ERROR_UNIT_FAILURE if hardware failure
* SUREWAREHOOK_ERROR_DATA_SIZE wrong size for buf
*
* in param buf : the seed to add into the HRNG
* in param num : the number of bytes into buf
*/
typedef int SureWareHook_Rand_Seed_t(char*const msg,const void *buf, int num);
extern SW_EXPORT SureWareHook_Rand_Seed_t SureWareHook_Rand_Seed;
/*
* SureWare Load Private Key function
* return 1 if success
* SureWareHOOK_ERROR_FAILED if error while processing
* No hardware is contact for this function.
*
* in param key_id :the name of the private protected key file without the extension
".sws"
* out param hptr : a pointer to a buffer allocated by SureWare_Hook
* out param num: the effective key length in bytes
* out param keytype: 1 if RSA 2 if DSA
*/
typedef int SureWareHook_Load_Privkey_t(char*const msg,const char *key_id,char **hptr,unsigned long *num,char *keytype);
extern SW_EXPORT SureWareHook_Load_Privkey_t SureWareHook_Load_Privkey;
/*
* SureWare Info Public Key function
* return 1 if success
* SureWareHOOK_ERROR_FAILED if error while processing
* No hardware is contact for this function.
*
* in param key_id :the name of the private protected key file without the extension
".swp"
* out param hptr : a pointer to a buffer allocated by SureWare_Hook
* out param num: the effective key length in bytes
* out param keytype: 1 if RSA 2 if DSA
*/
typedef int SureWareHook_Info_Pubkey_t(char*const msg,const char *key_id,unsigned long *num,
char *keytype);
extern SW_EXPORT SureWareHook_Info_Pubkey_t SureWareHook_Info_Pubkey;
/*
* SureWare Load Public Key function
* return 1 if success
* SureWareHOOK_ERROR_FAILED if error while processing
* No hardware is contact for this function.
*
* in param key_id :the name of the public protected key file without the extension
".swp"
* in param num : the bytes size of n and e
* out param n: where to write modulus in bn format
* out param e: where to write exponent in bn format
*/
typedef int SureWareHook_Load_Rsa_Pubkey_t(char*const msg,const char *key_id,unsigned long num,
unsigned long *n, unsigned long *e);
extern SW_EXPORT SureWareHook_Load_Rsa_Pubkey_t SureWareHook_Load_Rsa_Pubkey;
/*
* SureWare Load DSA Public Key function
* return 1 if success
* SureWareHOOK_ERROR_FAILED if error while processing
* No hardware is contact for this function.
*
* in param key_id :the name of the public protected key file without the extension
".swp"
* in param num : the bytes size of n and e
* out param pub: where to write pub key in bn format
* out param p: where to write prime in bn format
* out param q: where to write sunprime (length 20 bytes) in bn format
* out param g: where to write base in bn format
*/
typedef int SureWareHook_Load_Dsa_Pubkey_t(char*const msg,const char *key_id,unsigned long num,
unsigned long *pub, unsigned long *p,unsigned long*q,
unsigned long *g);
extern SW_EXPORT SureWareHook_Load_Dsa_Pubkey_t SureWareHook_Load_Dsa_Pubkey;
/*
* SureWare Free function
* Destroy the key into the hardware if destroy==1
*/
typedef void SureWareHook_Free_t(char *p,int destroy);
extern SW_EXPORT SureWareHook_Free_t SureWareHook_Free;
#define SUREWARE_PKCS1_PAD 1
#define SUREWARE_ISO9796_PAD 2
#define SUREWARE_NO_PAD 0
/*
* SureWare RSA Private Decryption
* return 1 if success
* SureWareHOOK_ERROR_FAILED if error while processing
* SureWareHOOK_ERROR_UNIT_FAILURE if hardware failure
* SUREWAREHOOK_ERROR_DATA_SIZE wrong size for buf
*
* in param flen : byte size of from and to
* in param from : encrypted data buffer, should be a not-null valid pointer
* out param tlen: byte size of decrypted data, if error, unexpected value
* out param to : decrypted data buffer, should be a not-null valid pointer
* in param prsa: a protected key pointer, should be a not-null valid pointer
* int padding: padding id as follow
* SUREWARE_PKCS1_PAD
* SUREWARE_NO_PAD
*
*/
typedef int SureWareHook_Rsa_Priv_Dec_t(char*const msg,int flen,unsigned char *from,
int *tlen,unsigned char *to,
char *prsa,int padding);
extern SW_EXPORT SureWareHook_Rsa_Priv_Dec_t SureWareHook_Rsa_Priv_Dec;
/*
* SureWare RSA Signature
* return 1 if success
* SureWareHOOK_ERROR_FAILED if error while processing
* SureWareHOOK_ERROR_UNIT_FAILURE if hardware failure
* SUREWAREHOOK_ERROR_DATA_SIZE wrong size for buf
*
* in param flen : byte size of from and to
* in param from : encrypted data buffer, should be a not-null valid pointer
* out param tlen: byte size of decrypted data, if error, unexpected value
* out param to : decrypted data buffer, should be a not-null valid pointer
* in param prsa: a protected key pointer, should be a not-null valid pointer
* int padding: padding id as follow
* SUREWARE_PKCS1_PAD
* SUREWARE_ISO9796_PAD
*
*/
typedef int SureWareHook_Rsa_Sign_t(char*const msg,int flen,unsigned char *from,
int *tlen,unsigned char *to,
char *prsa,int padding);
extern SW_EXPORT SureWareHook_Rsa_Sign_t SureWareHook_Rsa_Sign;
/*
* SureWare DSA Signature
* return 1 if success
* SureWareHOOK_ERROR_FAILED if error while processing
* SureWareHOOK_ERROR_UNIT_FAILURE if hardware failure
* SUREWAREHOOK_ERROR_DATA_SIZE wrong size for buf
*
* in param flen : byte size of from and to
* in param from : encrypted data buffer, should be a not-null valid pointer
* out param to : decrypted data buffer, should be a 40bytes valid pointer
* in param pdsa: a protected key pointer, should be a not-null valid pointer
*
*/
typedef int SureWareHook_Dsa_Sign_t(char*const msg,int flen,const unsigned char *from,
unsigned long *r,unsigned long *s,char *pdsa);
extern SW_EXPORT SureWareHook_Dsa_Sign_t SureWareHook_Dsa_Sign;
/*
* SureWare Mod Exp
* return 1 if success
* SureWareHOOK_ERROR_FAILED if error while processing
* SureWareHOOK_ERROR_UNIT_FAILURE if hardware failure
* SUREWAREHOOK_ERROR_DATA_SIZE wrong size for buf
*
* mod and res are mlen bytes long.
* exp is elen bytes long
* data is dlen bytes long
* mlen,elen and dlen are all multiple of sizeof(unsigned long)
*/
typedef int SureWareHook_Mod_Exp_t(char*const msg,int mlen,const unsigned long *mod,
int elen,const unsigned long *exp,
int dlen,unsigned long *data,
unsigned long *res);
extern SW_EXPORT SureWareHook_Mod_Exp_t SureWareHook_Mod_Exp;