keythi.h source code [include/nss/keythi.h]

1	/ This Source Code Form is subject to the terms of the Mozilla Public*
2	* License, v. 2.0. If a copy of the MPL was not distributed with this
3	* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
4	#ifndef _KEYTHI_H_
5	#define _KEYTHI_H_ 1
6
7	#include "eccutil.h"
8	#include "kyber.h"
9	#include "plarena.h"
10	#include "pkcs11t.h"
11	#include "secmodt.h"
12	#include "prclist.h"
13
14	/*
15	** RFC 4055 Section 1.2 specifies three different RSA key types.
16	**
17	** rsaKey maps to keys with SEC_OID_PKCS1_RSA_ENCRYPTION and can be used for
18	** both encryption and signatures with old (PKCS #1 v1.5) and new (PKCS #1
19	** v2.1) padding schemes.
20	**
21	** rsaPssKey maps to keys with SEC_OID_PKCS1_RSA_PSS_SIGNATURE and may only
22	** be used for signatures with PSS padding (PKCS #1 v2.1).
23	**
24	** rsaOaepKey maps to keys with SEC_OID_PKCS1_RSA_OAEP_ENCRYPTION and may only
25	** be used for encryption with OAEP padding (PKCS #1 v2.1).
26	*/
27
28	typedef enum {
29	nullKey = `0`,
30	rsaKey = `1`,
31	dsaKey = `2`,
32	fortezzaKey = `3`, / deprecated /
33	dhKey = `4`,
34	keaKey = `5`, / deprecated /
35	ecKey = `6`,
36	rsaPssKey = `7`,
37	rsaOaepKey = `8`,
38	kyberKey = `9`,
39	} KeyType;
40
41	/*
42	** Template Definitions
43	**/
44
45	SEC_BEGIN_PROTOS
46	extern const SEC_ASN1Template SECKEY_RSAPublicKeyTemplate[];
47	extern const SEC_ASN1Template SECKEY_RSAPSSParamsTemplate[];
48	extern const SEC_ASN1Template SECKEY_DSAPublicKeyTemplate[];
49	extern const SEC_ASN1Template SECKEY_DHPublicKeyTemplate[];
50	extern const SEC_ASN1Template SECKEY_DHParamKeyTemplate[];
51	extern const SEC_ASN1Template SECKEY_PQGParamsTemplate[];
52	extern const SEC_ASN1Template SECKEY_DSAPrivateKeyExportTemplate[];
53
54	/ Windows DLL accessor functions /
55	SEC_ASN1_CHOOSER_DECLARE(SECKEY_DSAPublicKeyTemplate)
56	SEC_ASN1_CHOOSER_DECLARE(SECKEY_RSAPublicKeyTemplate)
57	SEC_ASN1_CHOOSER_DECLARE(SECKEY_RSAPSSParamsTemplate)
58	SEC_END_PROTOS
59
60	/*
61	** RSA Public Key structures
62	** member names from PKCS#1, section 7.1
63	*/
64
65	struct SECKEYRSAPublicKeyStr {
66	PLArenaPool *arena;
67	SECItem modulus;
68	SECItem publicExponent;
69	};
70	typedef struct SECKEYRSAPublicKeyStr SECKEYRSAPublicKey;
71
72	/*
73	** RSA-PSS parameters
74	*/
75	struct SECKEYRSAPSSParamsStr {
76	SECAlgorithmID *hashAlg;
77	SECAlgorithmID *maskAlg;
78	SECItem saltLength;
79	SECItem trailerField;
80	};
81	typedef struct SECKEYRSAPSSParamsStr SECKEYRSAPSSParams;
82
83	/*
84	** DSA Public Key and related structures
85	*/
86
87	struct SECKEYPQGParamsStr {
88	PLArenaPool *arena;
89	SECItem prime; / p /
90	SECItem subPrime; / q /
91	SECItem base; / g /
92	/ XXX chrisk: this needs to be expanded to hold j and validationParms (RFC2459 7.3.2) /
93	};
94	typedef struct SECKEYPQGParamsStr SECKEYPQGParams;
95
96	struct SECKEYDSAPublicKeyStr {
97	SECKEYPQGParams params;
98	SECItem publicValue;
99	};
100	typedef struct SECKEYDSAPublicKeyStr SECKEYDSAPublicKey;
101
102	/*
103	** Diffie-Hellman Public Key structure
104	** Structure member names suggested by PKCS#3.
105	*/
106	struct SECKEYDHParamsStr {
107	PLArenaPool *arena;
108	SECItem prime; / p /
109	SECItem base; / g /
110	};
111	typedef struct SECKEYDHParamsStr SECKEYDHParams;
112
113	struct SECKEYDHPublicKeyStr {
114	PLArenaPool *arena;
115	SECItem prime;
116	SECItem base;
117	SECItem publicValue;
118	};
119	typedef struct SECKEYDHPublicKeyStr SECKEYDHPublicKey;
120
121	/*
122	** Elliptic curve Public Key structure
123	** The PKCS#11 layer needs DER encoding of ANSI X9.62
124	** parameters value
125	*/
126	typedef SECItem SECKEYECParams;
127
128	struct SECKEYECPublicKeyStr {
129	SECKEYECParams DEREncodedParams;
130	int size; / size in bits /
131	SECItem publicValue; / encoded point /
132	ECPointEncoding encoding; / deprecated, ignored /
133	};
134	typedef struct SECKEYECPublicKeyStr SECKEYECPublicKey;
135
136	/*
137	** FORTEZZA Public Key structures
138	*/
139	struct SECKEYFortezzaPublicKeyStr {
140	int KEAversion;
141	int DSSversion;
142	unsigned char KMID[`8`];
143	SECItem clearance;
144	SECItem KEApriviledge;
145	SECItem DSSpriviledge;
146	SECItem KEAKey;
147	SECItem DSSKey;
148	SECKEYPQGParams params;
149	SECKEYPQGParams keaParams;
150	};
151	typedef struct SECKEYFortezzaPublicKeyStr SECKEYFortezzaPublicKey;
152	#define KEAprivilege KEApriviledge /* corrected spelling */
153	#define DSSprivilege DSSpriviledge /* corrected spelling */
154
155	struct SECKEYDiffPQGParamsStr {
156	SECKEYPQGParams DiffKEAParams;
157	SECKEYPQGParams DiffDSAParams;
158	};
159	typedef struct SECKEYDiffPQGParamsStr SECKEYDiffPQGParams;
160
161	struct SECKEYPQGDualParamsStr {
162	SECKEYPQGParams CommParams;
163	SECKEYDiffPQGParams DiffParams;
164	};
165	typedef struct SECKEYPQGDualParamsStr SECKEYPQGDualParams;
166
167	struct SECKEYKEAParamsStr {
168	PLArenaPool *arena;
169	SECItem hash;
170	};
171	typedef struct SECKEYKEAParamsStr SECKEYKEAParams;
172
173	struct SECKEYKEAPublicKeyStr {
174	SECKEYKEAParams params;
175	SECItem publicValue;
176	};
177	typedef struct SECKEYKEAPublicKeyStr SECKEYKEAPublicKey;
178
179	/*
180	** Kyber Public Key structure
181	*/
182
183	struct SECKEYKyberPublicKeyStr {
184	KyberParams params;
185	SECItem publicValue;
186	};
187	typedef struct SECKEYKyberPublicKeyStr SECKEYKyberPublicKey;
188
189	/*
190	** A Generic public key object.
191	*/
192	struct SECKEYPublicKeyStr {
193	PLArenaPool *arena;
194	KeyType keyType;
195	PK11SlotInfo *pkcs11Slot;
196	CK_OBJECT_HANDLE pkcs11ID;
197	union {
198	SECKEYRSAPublicKey rsa;
199	SECKEYDSAPublicKey dsa;
200	SECKEYDHPublicKey dh;
201	SECKEYKEAPublicKey kea;
202	SECKEYFortezzaPublicKey fortezza;
203	SECKEYECPublicKey ec;
204	SECKEYKyberPublicKey kyber;
205	} u;
206	};
207	typedef struct SECKEYPublicKeyStr SECKEYPublicKey;
208
209	/ bit flag definitions for staticflags /
210	#define SECKEY_Attributes_Cached 0x1 /* bit 0 states \
211	whether attributes are cached */
212	#define SECKEY_CKA_PRIVATE (1U << 1) /* bit 1 is the value of CKA_PRIVATE */
213	#define SECKEY_CKA_ALWAYS_AUTHENTICATE (1U << 2)
214
215	#define SECKEY_ATTRIBUTES_CACHED(key) \
216	(0 != (key->staticflags & SECKEY_Attributes_Cached))
217
218	#define SECKEY_ATTRIBUTE_VALUE(key, attribute) \
219	(0 != (key->staticflags & SECKEY_##attribute))
220
221	#define SECKEY_HAS_ATTRIBUTE_SET(key, attribute) \
222	(0 != (key->staticflags & SECKEY_Attributes_Cached)) ? (0 != (key->staticflags & SECKEY_##attribute)) : PK11_HasAttributeSet(key->pkcs11Slot, key->pkcs11ID, attribute, PR_FALSE)
223
224	#define SECKEY_HAS_ATTRIBUTE_SET_LOCK(key, attribute, haslock) \
225	(0 != (key->staticflags & SECKEY_Attributes_Cached)) ? (0 != (key->staticflags & SECKEY_##attribute)) : pk11_HasAttributeSet_Lock(key->pkcs11Slot, key->pkcs11ID, attribute, haslock)
226
227	/*
228	** A generic key structure
229	*/
230	struct SECKEYPrivateKeyStr {
231	PLArenaPool *arena;
232	KeyType keyType;
233	PK11SlotInfo pkcs11Slot; /* pkcs11 slot this key lives in /
234	CK_OBJECT_HANDLE pkcs11ID; / ID of pkcs11 object /
235	PRBool pkcs11IsTemp; / temp pkcs11 object, delete it when done /
236	void wincx; /* context for errors and pw prompts /
237	PRUint32 staticflags; / bit flag of cached PKCS#11 attributes /
238	};
239	typedef struct SECKEYPrivateKeyStr SECKEYPrivateKey;
240
241	typedef struct {
242	PRCList links;
243	SECKEYPrivateKey *key;
244	} SECKEYPrivateKeyListNode;
245
246	typedef struct {
247	PRCList list;
248	PLArenaPool *arena;
249	} SECKEYPrivateKeyList;
250
251	typedef struct {
252	PRCList links;
253	SECKEYPublicKey *key;
254	} SECKEYPublicKeyListNode;
255
256	typedef struct {
257	PRCList list;
258	PLArenaPool *arena;
259	} SECKEYPublicKeyList;
260	#endif /* _KEYTHI_H_ */
261

source code of include/nss/keythi.h