2 * Copyright (C) 2011 Free Software Foundation, Inc.
4 * Author: Nikos Mavrogiannopoulos
6 * This file is part of GnuTLS.
8 * The GnuTLS is free software; you can redistribute it and/or
9 * modify it under the terms of the GNU Lesser General Public License
10 * as published by the Free Software Foundation; either version 3 of
11 * the License, or (at your option) any later version.
13 * This library is distributed in the hope that it will be useful, but
14 * WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 * Lesser General Public License for more details.
18 * You should have received a copy of the GNU Lesser General Public License
19 * along with this program. If not, see <http://www.gnu.org/licenses/>
23 #ifndef GNUTLS_CRYPTO_BACKEND_H
24 # define GNUTLS_CRYPTO_BACKEND_H
26 # include <gnutls/crypto.h>
28 # define gnutls_crypto_single_cipher_st gnutls_crypto_cipher_st
29 # define gnutls_crypto_single_mac_st gnutls_crypto_mac_st
30 # define gnutls_crypto_single_digest_st gnutls_crypto_digest_st
34 int (*init
) (gnutls_cipher_algorithm_t
, void **ctx
, int enc
);
35 int (*setkey
) (void *ctx
, const void *key
, size_t keysize
);
36 int (*setiv
) (void *ctx
, const void *iv
, size_t ivsize
);
37 int (*encrypt
) (void *ctx
, const void *plain
, size_t plainsize
,
38 void *encr
, size_t encrsize
);
39 int (*decrypt
) (void *ctx
, const void *encr
, size_t encrsize
,
40 void *plain
, size_t plainsize
);
41 int (*auth
) (void *ctx
, const void *data
, size_t datasize
);
42 void (*tag
) (void *ctx
, void *tag
, size_t tagsize
);
43 void (*deinit
) (void *ctx
);
44 } gnutls_crypto_cipher_st
;
48 int (*init
) (gnutls_mac_algorithm_t
, void **ctx
);
49 int (*setkey
) (void *ctx
, const void *key
, size_t keysize
);
50 void (*reset
) (void *ctx
);
51 int (*hash
) (void *ctx
, const void *text
, size_t textsize
);
52 int (*output
) (void *src_ctx
, void *digest
, size_t digestsize
);
53 void (*deinit
) (void *ctx
);
54 int (*fast
)(gnutls_mac_algorithm_t
, const void *key
, size_t keysize
, const void *text
, size_t textsize
, void *digest
);
55 } gnutls_crypto_mac_st
;
59 int (*init
) (gnutls_digest_algorithm_t
, void **ctx
);
60 void (*reset
) (void *ctx
);
61 int (*hash
) (void *ctx
, const void *src
, size_t srcsize
);
62 int (*copy
) (void **dst_ctx
, void *src_ctx
);
63 int (*output
) (void *src_ctx
, void *digest
, size_t digestsize
);
64 void (*deinit
) (void *ctx
);
65 int (*fast
)(gnutls_digest_algorithm_t
, const void *src
, size_t srcsize
, void *digest
);
66 } gnutls_crypto_digest_st
;
68 typedef struct gnutls_crypto_rnd
70 int (*init
) (void **ctx
);
71 int (*rnd
) (void *ctx
, int level
, void *data
, size_t datasize
);
72 void (*deinit
) (void *ctx
);
73 } gnutls_crypto_rnd_st
;
75 typedef void *bigint_t
;
79 bigint_t g
; /* group generator */
80 bigint_t p
; /* prime */
84 * gnutls_bigint_format_t:
85 * @GNUTLS_MPI_FORMAT_USG: Raw unsigned integer format.
86 * @GNUTLS_MPI_FORMAT_STD: Raw signed integer format, always a leading
88 * @GNUTLS_MPI_FORMAT_PGP: The pgp integer format.
90 * Enumeration of different bignum integer encoding formats.
94 /* raw unsigned integer format */
95 GNUTLS_MPI_FORMAT_USG
= 0,
96 /* raw signed integer format - always a leading zero when positive */
97 GNUTLS_MPI_FORMAT_STD
= 1,
98 /* the pgp integer format */
99 GNUTLS_MPI_FORMAT_PGP
= 2
100 } gnutls_bigint_format_t
;
102 /* Multi precision integer arithmetic */
103 typedef struct gnutls_crypto_bigint
105 bigint_t (*bigint_new
) (int nbits
);
106 void (*bigint_release
) (bigint_t n
);
107 /* 0 for equality, > 0 for m1>m2, < 0 for m1<m2 */
108 int (*bigint_cmp
) (const bigint_t m1
, const bigint_t m2
);
110 int (*bigint_cmp_ui
) (const bigint_t m1
, unsigned long m2
);
112 bigint_t (*bigint_mod
) (const bigint_t a
, const bigint_t b
);
113 /* a = b -> ret == a */
114 bigint_t (*bigint_set
) (bigint_t a
, const bigint_t b
);
115 /* a = b -> ret == a */
116 bigint_t (*bigint_set_ui
) (bigint_t a
, unsigned long b
);
117 unsigned int (*bigint_get_nbits
) (const bigint_t a
);
118 /* w = b ^ e mod m */
119 bigint_t (*bigint_powm
) (bigint_t w
, const bigint_t b
,
120 const bigint_t e
, const bigint_t m
);
121 /* w = a + b mod m */
122 bigint_t (*bigint_addm
) (bigint_t w
, const bigint_t a
,
123 const bigint_t b
, const bigint_t m
);
124 /* w = a - b mod m */
125 bigint_t (*bigint_subm
) (bigint_t w
, const bigint_t a
, const bigint_t b
,
127 /* w = a * b mod m */
128 bigint_t (*bigint_mulm
) (bigint_t w
, const bigint_t a
, const bigint_t b
,
130 /* w = a + b */ bigint_t (*bigint_add
) (bigint_t w
, const bigint_t a
,
132 /* w = a - b */ bigint_t (*bigint_sub
) (bigint_t w
, const bigint_t a
,
135 bigint_t (*bigint_mul
) (bigint_t w
, const bigint_t a
, const bigint_t b
);
137 bigint_t (*bigint_add_ui
) (bigint_t w
, const bigint_t a
,
140 bigint_t (*bigint_sub_ui
) (bigint_t w
, const bigint_t a
,
143 bigint_t (*bigint_mul_ui
) (bigint_t w
, const bigint_t a
,
146 bigint_t (*bigint_div
) (bigint_t q
, const bigint_t a
, const bigint_t b
);
148 int (*bigint_prime_check
) (const bigint_t pp
);
149 int (*bigint_generate_group
) (gnutls_group_st
* gg
, unsigned int bits
);
151 /* reads an bigint from a buffer */
152 /* stores an bigint into the buffer. returns
153 * GNUTLS_E_SHORT_MEMORY_BUFFER if buf_size is not sufficient to
154 * store this integer, and updates the buf_size;
156 bigint_t (*bigint_scan
) (const void *buf
, size_t buf_size
,
157 gnutls_bigint_format_t format
);
158 int (*bigint_print
) (const bigint_t a
, void *buf
, size_t * buf_size
,
159 gnutls_bigint_format_t format
);
160 } gnutls_crypto_bigint_st
;
162 #define GNUTLS_MAX_PK_PARAMS 16
166 bigint_t params
[GNUTLS_MAX_PK_PARAMS
];
167 unsigned int params_nr
; /* the number of parameters */
169 } gnutls_pk_params_st
;
173 * @GNUTLS_PK_FLAG_NONE: No flag.
175 * Enumeration of public-key flag.
179 GNUTLS_PK_FLAG_NONE
= 0
183 void gnutls_pk_params_release (gnutls_pk_params_st
* p
);
184 void gnutls_pk_params_init (gnutls_pk_params_st
* p
);
187 #define MAX_PUBLIC_PARAMS_SIZE 4 /* ok for RSA and DSA */
189 /* parameters should not be larger than this limit */
190 #define DSA_PUBLIC_PARAMS 4
191 #define RSA_PUBLIC_PARAMS 2
192 #define ECC_PUBLIC_PARAMS 8
195 #define MAX_PRIV_PARAMS_SIZE GNUTLS_MAX_PK_PARAMS /* ok for RSA and DSA */
197 /* parameters should not be larger than this limit */
198 #define DSA_PRIVATE_PARAMS 5
199 #define RSA_PRIVATE_PARAMS 8
200 #define ECC_PRIVATE_PARAMS 9
202 #if MAX_PRIV_PARAMS_SIZE - RSA_PRIVATE_PARAMS < 0
203 #error INCREASE MAX_PRIV_PARAMS
206 #if MAX_PRIV_PARAMS_SIZE - ECC_PRIVATE_PARAMS < 0
207 #error INCREASE MAX_PRIV_PARAMS
210 #if MAX_PRIV_PARAMS_SIZE - DSA_PRIVATE_PARAMS < 0
211 #error INCREASE MAX_PRIV_PARAMS
218 * [1] is public exponent
219 * [2] is private exponent (private key only)
220 * [3] is prime1 (p) (private key only)
221 * [4] is prime2 (q) (private key only)
222 * [5] is coefficient (u == inverse of p mod q) (private key only)
223 * [6] e1 == d mod (p-1)
224 * [7] e2 == d mod (q-1)
226 * note that for libgcrypt that does not use the inverse of q mod p,
227 * we need to perform conversions using fixup_params().
233 * [3] is y (public key)
234 * [4] is x (private key only)
245 * [8] is k (private key)
249 * gnutls_direction_t:
250 * @GNUTLS_IMPORT: Import direction.
251 * @GNUTLS_EXPORT: Export direction.
253 * Enumeration of different directions.
259 } gnutls_direction_t
;
261 /* Public key algorithms */
262 typedef struct gnutls_crypto_pk
264 /* The params structure should contain the private or public key
265 * parameters, depending on the operation */
266 int (*encrypt
) (gnutls_pk_algorithm_t
, gnutls_datum_t
* ciphertext
,
267 const gnutls_datum_t
* plaintext
,
268 const gnutls_pk_params_st
* pub
);
269 int (*decrypt
) (gnutls_pk_algorithm_t
, gnutls_datum_t
* plaintext
,
270 const gnutls_datum_t
* ciphertext
,
271 const gnutls_pk_params_st
* priv
);
273 int (*sign
) (gnutls_pk_algorithm_t
, gnutls_datum_t
* signature
,
274 const gnutls_datum_t
* data
,
275 const gnutls_pk_params_st
* priv
);
276 int (*verify
) (gnutls_pk_algorithm_t
, const gnutls_datum_t
* data
,
277 const gnutls_datum_t
* signature
,
278 const gnutls_pk_params_st
* pub
);
279 int (*generate
) (gnutls_pk_algorithm_t
, unsigned int nbits
,
280 gnutls_pk_params_st
*);
281 /* this function should convert params to ones suitable
282 * for the above functions
284 int (*pk_fixup_private_params
) (gnutls_pk_algorithm_t
, gnutls_direction_t
,
285 gnutls_pk_params_st
*);
286 int (*derive
) (gnutls_pk_algorithm_t
, gnutls_datum_t
* out
,
287 const gnutls_pk_params_st
* priv
,
288 const gnutls_pk_params_st
* pub
);
291 } gnutls_crypto_pk_st
;
293 /* priority: infinity for backend algorithms, 90 for kernel
294 algorithms, lowest wins
296 int gnutls_crypto_single_cipher_register (gnutls_cipher_algorithm_t
297 algorithm
, int priority
,
299 gnutls_crypto_single_cipher_st
*
301 int gnutls_crypto_single_mac_register (gnutls_mac_algorithm_t algorithm
,
303 const gnutls_crypto_single_mac_st
*
305 int gnutls_crypto_single_digest_register (gnutls_digest_algorithm_t
306 algorithm
, int priority
,
308 gnutls_crypto_single_digest_st
*
311 int gnutls_crypto_cipher_register (int priority
,
312 const gnutls_crypto_cipher_st
* s
);
313 int gnutls_crypto_mac_register (int priority
,
314 const gnutls_crypto_mac_st
* s
);
315 int gnutls_crypto_digest_register (int priority
,
316 const gnutls_crypto_digest_st
* s
);
318 int gnutls_crypto_rnd_register (int priority
,
319 const gnutls_crypto_rnd_st
* s
);
320 int gnutls_crypto_pk_register (int priority
,
321 const gnutls_crypto_pk_st
* s
);
322 int gnutls_crypto_bigint_register (int priority
,
323 const gnutls_crypto_bigint_st
* s
);