📄 cryptctx.h
字号:
/****************************************************************************
* *
* cryptlib Encryption Context Header File *
* Copyright Peter Gutmann 1992-2002 *
* *
****************************************************************************/
#ifndef _CRYPTCTX_DEFINED
#define _CRYPTCTX_DEFINED
/* If the general cryptlib header hasn't been included yet, include it now */
#ifndef _CRYPT_DEFINED
#include "crypt.h"
#endif /* _CRYPT_DEFINED */
/* If the bignum header hasn't been included yet, include it now */
#ifndef BN_H
#if defined( INC_ALL )
#include "bn.h"
#else
#include "bn/bn.h"
#endif /* Compiler-specific includes */
#endif /* BN_H */
/* We need to include the following because the encryption context stores
validity information for private keys */
#include <time.h>
/* When reading a key into a PKC context, we read the data straight into the
context-internal bignums rather than passing them in via a
CRYPT_PKCINFO_xxx intermediary. In this case we pass in the following
dummy struct to tell the key load code to use the built-in values */
typedef struct {
int dummy;
} PKCINFO_LOADINTERNAL;
/****************************************************************************
* *
* Data Structures *
* *
****************************************************************************/
/* A forward declaration for the parameter type passed to functions in the
CAPABILITY_INFO struct */
struct CI;
/* The structure used to store internal information about the crypto library
capabilities. This information is used internally by the library and is
not available to users */
typedef struct CA {
/* Basic identification information for the algorithm */
const CRYPT_ALGO cryptAlgo; /* The encryption algorithm */
const int blockSize; /* The basic block size of the algorithm */
const char *algoName; /* Algorithm name */
/* Keying information. Note that the maximum sizes may vary (for
example for two-key triple DES vs three-key triple DES) so the
crypt query functions should be used to determine the actual size
for a particular context rather than just using maxKeySize */
const int minKeySize; /* Minimum key size in bytes */
const int keySize; /* Recommended key size in bytes */
const int maxKeySize; /* Maximum key size in bytes */
/* The functions for implementing the algorithm */
int ( *selfTestFunction )( void );
int ( *initFunction )( struct CI *cryptInfoPtr );
int ( *endFunction )( struct CI *cryptInfoPtr );
int ( *initIVFunction )( struct CI *cryptInfoPtr, const void *iv, const int ivLength );
int ( *initKeyFunction )( struct CI *cryptInfoPtr, const void *key, const int keyLength );
int ( *generateKeyFunction )( struct CI *cryptInfoPtr, const int keySizeBits );
int ( *encryptFunction )( struct CI *cryptInfoPtr, void *buffer, int length );
int ( *decryptFunction )( struct CI *cryptInfoPtr, void *buffer, int length );
int ( *encryptCBCFunction )( struct CI *cryptInfoPtr, void *buffer, int length );
int ( *decryptCBCFunction )( struct CI *cryptInfoPtr, void *buffer, int length );
int ( *encryptCFBFunction )( struct CI *cryptInfoPtr, void *buffer, int length );
int ( *decryptCFBFunction )( struct CI *cryptInfoPtr, void *buffer, int length );
int ( *encryptOFBFunction )( struct CI *cryptInfoPtr, void *buffer, int length );
int ( *decryptOFBFunction )( struct CI *cryptInfoPtr, void *buffer, int length );
int ( *signFunction )( struct CI *cryptInfoPtr, void *buffer, int length );
int ( *sigCheckFunction )( struct CI *cryptInfoPtr, void *buffer, int length );
/* Non-native implementations may require extra parameters (for example
to specify the algorithm and mode in the manner required by the
non-native implementation), the following values can be used to store
these parameters */
const int param1, param2, param3, param4;
/* Sometimes the capabilities may be stored as a dynamically-created
linked list instead of a static table, so we need to store a pointer
to the next element in the list */
struct CA *next; /* Next element in list */
} CAPABILITY_INFO;
/* The internal fields in a context which hold data for a conventional,
public-key, hash, or MAC algorithm. These are implemented as a union to
conserve memory if the entire context is allocated in pagelocked memory,
leading to a lot of memory being consumed by unused storage. In addition
these structures provide a convenient way to group the context-type-
specific parameters.
For the following context types, CONTEXT_CONV and CONTEXT_HASH should be
allocated in pagelocked memory since they contain the sensitive userKey
and partially sensitve IV fields */
typedef enum { CONTEXT_NONE, CONTEXT_CONV, CONTEXT_PKC, CONTEXT_HASH,
CONTEXT_MAC } CONTEXT_TYPE;
#define needsSecureMemory( contextType ) \
( contextType == CONTEXT_CONV || contextType == CONTEXT_MAC )
typedef struct {
/* General algorithm information */
CRYPT_MODE mode; /* Encryption mode being used */
/* User keying information for. The user key is the key as entered by
the user, the IV is the initial IV */
BYTE userKey[ CRYPT_MAX_KEYSIZE ]; /* User encryption key */
BYTE iv[ CRYPT_MAX_IVSIZE ]; /* Initial IV */
int userKeyLength; /* User encryption key length in bytes */
int ivLength; /* IV length in bytes */
BOOLEAN keySet; /* Whether the key is set up */
BOOLEAN ivSet; /* Whether the IV is set up */
/* Conventional encryption keying information. The key is the raw
encryption key stored in whatever form is required by the algorithm,
usually the key-scheduled user key. The IV is the current working IV.
The ivCount is the number of bytes of IV which have been used, and is
used when a block cipher is used as a stream cipher */
void *key; /* Internal working key */
BYTE currentIV[ CRYPT_MAX_IVSIZE ]; /* Internal working IV */
int keyLength; /* Internal key length in bytes */
int ivCount; /* Internal IV count for chaining modes */
/* Information obtained when a key suitable for use by this algorithm
is derived from a longer user key */
BYTE salt[ CRYPT_MAX_HASHSIZE ];/* Salt */
int saltLength; /* Salt size */
int keySetupIterations; /* Number of times setup was iterated */
CRYPT_ALGO keySetupAlgorithm; /* Algorithm used for key setup */
} CONV_INFO;
typedef struct {
/* General information on the key: Whether it's a public or private key,
whether a key is loaded, the nominal key size in bits, and the key
IDs. Since the OpenPGP key ID can't be calculated directly like the
other IDs, we have to keep track of whether it's been set or not with
a flag */
BOOLEAN isPublicKey; /* Whether key is a public key */
BOOLEAN keySet; /* Whether the key is set up */
int keySizeBits; /* Nominal key size in bits */
BYTE keyID[ KEYID_SIZE ]; /* Key ID for this key */
BYTE pgpKeyID[ PGP_KEYID_SIZE ];/* PGP key ID for this key */
BYTE openPGPKeyID[ PGP_KEYID_SIZE ];/* OpenPGP key ID for this key */
BOOLEAN openPGPKeyIDSet; /* Whether the OpenPGP key ID has been set */
/* Public-key encryption keying information. Since each algorithm has
its own unique parameters, the bignums are given generic names here.
The algorithm-specific code refers to them by their actual names,
which are implemented as symbolic defines of the form
<algo>Param_<param_name>, eg rsaParam_e */
BIGNUM *param1;
BIGNUM *param2;
BIGNUM *param3;
BIGNUM *param4;
BIGNUM *param5;
BIGNUM *param6;
BIGNUM *param7;
BIGNUM *param8; /* The PKC key components */
BN_MONT_CTX *montCTX1;
BN_MONT_CTX *montCTX2;
BN_MONT_CTX *montCTX3; /* Precompute Montgomery values */
/* If the context is tied to a device the keying info won't be available,
however we generally need the public key information for use in cert
requests and whatnot so we save a copy as SubjectPublicKeyInfo when
the key is loaded/generated */
void *publicKeyInfo; /* X.509 SubjectPublicKeyInfo */
int publicKeyInfoSize; /* Key info size */
/* For key agreement keys, we also store domain parameters (which
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -