lib/crypto-backend.h

   1 /*
   2  * Copyright (C) 2011 Free Software Foundation, Inc.
   3  *
   4  * Author: Nikos Mavrogiannopoulos
   5  *
   6  * This file is part of GnuTLS.
   7  *
   8  * The GnuTLS is free software; you can redistribute it and/or
   9  * modify it under the terms of the GNU Lesser General Public License
  10  * as published by the Free Software Foundation; either version 3 of
  11  * the License, or (at your option) any later version.
  12  *
  13  * This library is distributed in the hope that it will be useful, but
  14  * WITHOUT ANY WARRANTY; without even the implied warranty of
  15  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  16  * Lesser General Public License for more details.
  17  *
  18  * You should have received a copy of the GNU Lesser General Public License
  19  * along with this program.  If not, see <http://www.gnu.org/licenses/>
  20  *
  21  */
  22
  23 #ifndef GNUTLS_CRYPTO_BACKEND_H
  24 # define GNUTLS_CRYPTO_BACKEND_H
  25
  26 # include <gnutls/crypto.h>
  27
  28 # define gnutls_crypto_single_cipher_st gnutls_crypto_cipher_st
  29 # define gnutls_crypto_single_mac_st gnutls_crypto_mac_st
  30 # define gnutls_crypto_single_digest_st gnutls_crypto_digest_st
  31
  32   typedef struct
  33   {
  34     int (*init) (gnutls_cipher_algorithm_t, void **ctx, int enc);
  35     int (*setkey) (void *ctx, const void *key, size_t keysize);
  36     int (*setiv) (void *ctx, const void *iv, size_t ivsize);
  37     int (*encrypt) (void *ctx, const void *plain, size_t plainsize,
  38                     void *encr, size_t encrsize);
  39     int (*decrypt) (void *ctx, const void *encr, size_t encrsize,
  40                     void *plain, size_t plainsize);
  41     int (*auth) (void *ctx, const void *data, size_t datasize);
  42     void (*tag) (void *ctx, void *tag, size_t tagsize);
  43     void (*deinit) (void *ctx);
  44   } gnutls_crypto_cipher_st;
  45
  46   typedef struct
  47   {
  48     int (*init) (gnutls_mac_algorithm_t, void **ctx);
  49     int (*setkey) (void *ctx, const void *key, size_t keysize);
  50     void (*reset) (void *ctx);
  51     int (*hash) (void *ctx, const void *text, size_t textsize);
  52     int (*output) (void *src_ctx, void *digest, size_t digestsize);
  53     void (*deinit) (void *ctx);
  54     int (*fast)(gnutls_mac_algorithm_t, const void *key, size_t keysize, const void *text, size_t textsize, void *digest);
  55   } gnutls_crypto_mac_st;
  56
  57   typedef struct
  58   {
  59     int (*init) (gnutls_digest_algorithm_t, void **ctx);
  60     void (*reset) (void *ctx);
  61     int (*hash) (void *ctx, const void *src, size_t srcsize);
  62     int (*copy) (void **dst_ctx, void *src_ctx);
  63     int (*output) (void *src_ctx, void *digest, size_t digestsize);
  64     void (*deinit) (void *ctx);
  65     int (*fast)(gnutls_digest_algorithm_t, const void *src, size_t srcsize, void *digest);
  66   } gnutls_crypto_digest_st;
  67
  68   typedef struct gnutls_crypto_rnd
  69   {
  70     int (*init) (void **ctx);
  71     int (*rnd) (void *ctx, int level, void *data, size_t datasize);
  72     void (*deinit) (void *ctx);
  73   } gnutls_crypto_rnd_st;
  74
  75   typedef void *bigint_t;
  76
  77   typedef struct
  78   {
  79     bigint_t g;                 /* group generator */
  80     bigint_t p;                 /* prime */
  81   } gnutls_group_st;
  82
  83 /**
  84  * gnutls_bigint_format_t:
  85  * @GNUTLS_MPI_FORMAT_USG: Raw unsigned integer format.
  86  * @GNUTLS_MPI_FORMAT_STD: Raw signed integer format, always a leading
  87  *   zero when positive.
  88  * @GNUTLS_MPI_FORMAT_PGP: The pgp integer format.
  89  *
  90  * Enumeration of different bignum integer encoding formats.
  91  */
  92   typedef enum
  93   {
  94     /* raw unsigned integer format */
  95     GNUTLS_MPI_FORMAT_USG = 0,
  96     /* raw signed integer format - always a leading zero when positive */
  97     GNUTLS_MPI_FORMAT_STD = 1,
  98     /* the pgp integer format */
  99     GNUTLS_MPI_FORMAT_PGP = 2
 100   } gnutls_bigint_format_t;
 101
 102 /* Multi precision integer arithmetic */
 103   typedef struct gnutls_crypto_bigint
 104   {
 105     bigint_t (*bigint_new) (int nbits);
 106     void (*bigint_release) (bigint_t n);
 107     /* 0 for equality, > 0 for m1>m2, < 0 for m1<m2 */
 108     int (*bigint_cmp) (const bigint_t m1, const bigint_t m2);
 109     /* as bigint_cmp */
 110     int (*bigint_cmp_ui) (const bigint_t m1, unsigned long m2);
 111     /* ret = a % b */
 112       bigint_t (*bigint_mod) (const bigint_t a, const bigint_t b);
 113     /* a = b -> ret == a */
 114       bigint_t (*bigint_set) (bigint_t a, const bigint_t b);
 115     /* a = b -> ret == a */
 116       bigint_t (*bigint_set_ui) (bigint_t a, unsigned long b);
 117     unsigned int (*bigint_get_nbits) (const bigint_t a);
 118     /* w = b ^ e mod m */
 119       bigint_t (*bigint_powm) (bigint_t w, const bigint_t b,
 120                                const bigint_t e, const bigint_t m);
 121     /* w = a + b mod m */
 122       bigint_t (*bigint_addm) (bigint_t w, const bigint_t a,
 123                                const bigint_t b, const bigint_t m);
 124     /* w = a - b mod m */
 125       bigint_t (*bigint_subm) (bigint_t w, const bigint_t a, const bigint_t b,
 126                                const bigint_t m);
 127     /* w = a * b mod m */
 128       bigint_t (*bigint_mulm) (bigint_t w, const bigint_t a, const bigint_t b,
 129                                const bigint_t m);
 130     /* w = a + b */ bigint_t (*bigint_add) (bigint_t w, const bigint_t a,
 131                                             const bigint_t b);
 132     /* w = a - b */ bigint_t (*bigint_sub) (bigint_t w, const bigint_t a,
 133                                             const bigint_t b);
 134     /* w = a * b */
 135       bigint_t (*bigint_mul) (bigint_t w, const bigint_t a, const bigint_t b);
 136     /* w = a + b */
 137       bigint_t (*bigint_add_ui) (bigint_t w, const bigint_t a,
 138                                  unsigned long b);
 139     /* w = a - b */
 140       bigint_t (*bigint_sub_ui) (bigint_t w, const bigint_t a,
 141                                  unsigned long b);
 142     /* w = a * b */
 143       bigint_t (*bigint_mul_ui) (bigint_t w, const bigint_t a,
 144                                  unsigned long b);
 145     /* q = a / b */
 146       bigint_t (*bigint_div) (bigint_t q, const bigint_t a, const bigint_t b);
 147     /* 0 if prime */
 148     int (*bigint_prime_check) (const bigint_t pp);
 149     int (*bigint_generate_group) (gnutls_group_st * gg, unsigned int bits);
 150
 151     /* reads an bigint from a buffer */
 152     /* stores an bigint into the buffer.  returns
 153      * GNUTLS_E_SHORT_MEMORY_BUFFER if buf_size is not sufficient to
 154      * store this integer, and updates the buf_size;
 155      */
 156       bigint_t (*bigint_scan) (const void *buf, size_t buf_size,
 157                                gnutls_bigint_format_t format);
 158     int (*bigint_print) (const bigint_t a, void *buf, size_t * buf_size,
 159                          gnutls_bigint_format_t format);
 160   } gnutls_crypto_bigint_st;
 161
 162 #define GNUTLS_MAX_PK_PARAMS 16
 163
 164   typedef struct
 165   {
 166     bigint_t params[GNUTLS_MAX_PK_PARAMS];
 167     unsigned int params_nr;     /* the number of parameters */
 168     unsigned int flags;
 169   } gnutls_pk_params_st;
 170
 171 /**
 172  * gnutls_pk_flag_t:
 173  * @GNUTLS_PK_FLAG_NONE: No flag.
 174  *
 175  * Enumeration of public-key flag.
 176  */
 177   typedef enum
 178   {
 179     GNUTLS_PK_FLAG_NONE = 0
 180   } gnutls_pk_flag_t;
 181
 182
 183   void gnutls_pk_params_release (gnutls_pk_params_st * p);
 184   void gnutls_pk_params_init (gnutls_pk_params_st * p);
 185
 186
 187 #define MAX_PUBLIC_PARAMS_SIZE 4        /* ok for RSA and DSA */
 188
 189 /* parameters should not be larger than this limit */
 190 #define DSA_PUBLIC_PARAMS 4
 191 #define RSA_PUBLIC_PARAMS 2
 192 #define ECC_PUBLIC_PARAMS 8
 193
 194
 195 #define MAX_PRIV_PARAMS_SIZE GNUTLS_MAX_PK_PARAMS       /* ok for RSA and DSA */
 196
 197 /* parameters should not be larger than this limit */
 198 #define DSA_PRIVATE_PARAMS 5
 199 #define RSA_PRIVATE_PARAMS 8
 200 #define ECC_PRIVATE_PARAMS 9
 201
 202 #if MAX_PRIV_PARAMS_SIZE - RSA_PRIVATE_PARAMS < 0
 203 #error INCREASE MAX_PRIV_PARAMS
 204 #endif
 205
 206 #if MAX_PRIV_PARAMS_SIZE - ECC_PRIVATE_PARAMS < 0
 207 #error INCREASE MAX_PRIV_PARAMS
 208 #endif
 209
 210 #if MAX_PRIV_PARAMS_SIZE - DSA_PRIVATE_PARAMS < 0
 211 #error INCREASE MAX_PRIV_PARAMS
 212 #endif
 213
 214
 215 /* params are:
 216  * RSA:
 217  *  [0] is modulus
 218  *  [1] is public exponent
 219  *  [2] is private exponent (private key only)
 220  *  [3] is prime1 (p) (private key only)
 221  *  [4] is prime2 (q) (private key only)
 222  *  [5] is coefficient (u == inverse of p mod q) (private key only)
 223  *  [6] e1 == d mod (p-1)
 224  *  [7] e2 == d mod (q-1)
 225  *
 226  *  note that for libgcrypt that does not use the inverse of q mod p,
 227  *  we need to perform conversions using fixup_params().
 228  *
 229  * DSA:
 230  *  [0] is p
 231  *  [1] is q
 232  *  [2] is g
 233  *  [3] is y (public key)
 234  *  [4] is x (private key only)
 235  *
 236  * ECC:
 237  *  [0] is prime
 238  *  [1] is order
 239  *  [2] is A
 240  *  [3] is B
 241  *  [4] is Gx
 242  *  [5] is Gy
 243  *  [6] is x
 244  *  [7] is y
 245  *  [8] is k (private key)
 246  */
 247
 248 /**
 249  * gnutls_direction_t:
 250  * @GNUTLS_IMPORT: Import direction.
 251  * @GNUTLS_EXPORT: Export direction.
 252  *
 253  * Enumeration of different directions.
 254  */
 255   typedef enum
 256   {
 257     GNUTLS_IMPORT = 0,
 258     GNUTLS_EXPORT = 1
 259   } gnutls_direction_t;
 260
 261 /* Public key algorithms */
 262   typedef struct gnutls_crypto_pk
 263   {
 264     /* The params structure should contain the private or public key
 265      * parameters, depending on the operation */
 266     int (*encrypt) (gnutls_pk_algorithm_t, gnutls_datum_t * ciphertext,
 267                     const gnutls_datum_t * plaintext,
 268                     const gnutls_pk_params_st * pub);
 269     int (*decrypt) (gnutls_pk_algorithm_t, gnutls_datum_t * plaintext,
 270                     const gnutls_datum_t * ciphertext,
 271                     const gnutls_pk_params_st * priv);
 272
 273     int (*sign) (gnutls_pk_algorithm_t, gnutls_datum_t * signature,
 274                  const gnutls_datum_t * data,
 275                  const gnutls_pk_params_st * priv);
 276     int (*verify) (gnutls_pk_algorithm_t, const gnutls_datum_t * data,
 277                    const gnutls_datum_t * signature,
 278                    const gnutls_pk_params_st * pub);
 279     int (*generate) (gnutls_pk_algorithm_t, unsigned int nbits,
 280                      gnutls_pk_params_st *);
 281     /* this function should convert params to ones suitable
 282      * for the above functions
 283      */
 284     int (*pk_fixup_private_params) (gnutls_pk_algorithm_t, gnutls_direction_t,
 285                                     gnutls_pk_params_st *);
 286     int (*derive) (gnutls_pk_algorithm_t, gnutls_datum_t * out,
 287                    const gnutls_pk_params_st * priv,
 288                    const gnutls_pk_params_st * pub);
 289
 290
 291   } gnutls_crypto_pk_st;
 292
 293 /* priority: infinity for backend algorithms, 90 for kernel
 294    algorithms, lowest wins
 295  */
 296   int gnutls_crypto_single_cipher_register (gnutls_cipher_algorithm_t
 297                                              algorithm, int priority,
 298                                              const
 299                                              gnutls_crypto_single_cipher_st *
 300                                              s);
 301   int gnutls_crypto_single_mac_register (gnutls_mac_algorithm_t algorithm,
 302                                           int priority,
 303                                           const gnutls_crypto_single_mac_st *
 304                                           s);
 305   int gnutls_crypto_single_digest_register (gnutls_digest_algorithm_t
 306                                              algorithm, int priority,
 307                                              const
 308                                              gnutls_crypto_single_digest_st *
 309                                              s);
 310
 311   int gnutls_crypto_cipher_register (int priority,
 312                                       const gnutls_crypto_cipher_st * s);
 313   int gnutls_crypto_mac_register (int priority,
 314                                    const gnutls_crypto_mac_st * s);
 315   int gnutls_crypto_digest_register (int priority,
 316                                       const gnutls_crypto_digest_st * s);
 317
 318   int gnutls_crypto_rnd_register (int priority,
 319                                    const gnutls_crypto_rnd_st * s);
 320   int gnutls_crypto_pk_register (int priority,
 321                                   const gnutls_crypto_pk_st * s);
 322   int gnutls_crypto_bigint_register (int priority,
 323                                       const gnutls_crypto_bigint_st * s);
 324
 325 #endif