crypt.h

提供了很多种加密算法和CA认证及相关服务如CMP、OCSP等的开发

		memPtr += 4

#define mgetLWord(memPtr)		\
		( ( WORD ) memPtr[ 0 ] ) | ( ( WORD ) memPtr[ 1 ] << 8 ); \
		memPtr += 2

#define mputLWord(memPtr,data)	\
		memPtr[ 0 ] = ( BYTE ) ( ( data ) & 0xFF ); \
		memPtr[ 1 ] = ( BYTE ) ( ( ( data ) >> 8 ) & 0xFF ); \
		memPtr += 2

#define mgetLLong(memPtr)		\
		( ( ( LONG ) memPtr[ 0 ] ) | ( ( LONG ) memPtr[ 1 ] << 8 ) | \
		  ( ( LONG ) memPtr[ 2 ] << 16 ) | ( ( LONG ) memPtr[ 3 ] << 24 ) ); \
		memPtr += 4

#define mputLLong(memPtr,data)	\
		memPtr[ 0 ] = ( BYTE ) ( ( data ) & 0xFF ); \
		memPtr[ 1 ] = ( BYTE ) ( ( ( data ) >> 8 ) & 0xFF ); \
		memPtr[ 2 ] = ( BYTE ) ( ( ( data ) >> 16 ) & 0xFF ); \
		memPtr[ 3 ] = ( BYTE ) ( ( ( data ) >> 24 ) & 0xFF ); \
		memPtr += 4

#ifdef _BIG_WORDS
  #define copyToLLong(dest,src,count)	\
					{ \
					LONG *destPtr = ( LONG * ) dest; \
					BYTE *srcPtr = src; \
					int i; \
					for( i = 0; i < count / 4; i++ ) \
						{ \
						destPtr[ i ] = mgetLLong( srcPtr ); \
						} \
					}

  #define copyToBLong(dest,src,count)	\
					{ \
					LONG *destPtr = ( LONG * ) dest; \
					BYTE *srcPtr = src; \
					int i; \
					for( i = 0; i < count / 4; i++ ) \
						{ \
						destPtr[ i ] = mgetBLong( srcPtr ); \
						} \
					}
#endif /* _BIG_WORDS */

/* Functions to convert the endianness from the canonical form to the
   internal form.  bigToLittle() converts from big-endian in-memory to
   little-endian in-CPU, littleToBig() converts from little-endian in-memory
   to big-endian in-CPU */

void longReverse( LONG *buffer, int count );
void wordReverse( WORD *buffer, int count );

#ifdef DATA_LITTLEENDIAN
  #define bigToLittleLong( x, y )	longReverse(x,y)
  #define bigToLittleWord( x, y )	wordReverse(x,y)
  #define littleToBigLong( x, y )
  #define littleToBigWord( x, y )
#else
  #define bigToLittleLong( x, y )
  #define bigToLittleWord( x, y )
  #define littleToBigLong( x, y )	longReverse(x,y)
  #define littleToBigWord( x, y )	wordReverse(x,y)
#endif /* DATA_LITTLEENDIAN */

/****************************************************************************
*																			*
*						Data Size and Crypto-related Constants				*
*																			*
****************************************************************************/

/* The size of a cryptlib key ID, an SHA-1 hash of the SubjectPublicKeyInfo,
   and the PGP key ID */

#define KEYID_SIZE				20
#define	PGP_KEYID_SIZE			8

/* The maximum private key data size.  This is used when buffering the last
   read private key from a keyset in case the password used to decrypt it is
   incorrect, and is equal to the overall size of the total number of
   possible PKC parameters in an encryption context, plus a little extra for
   encoding and encryption */

#define MAX_PRIVATE_KEYSIZE		( ( CRYPT_MAX_PKCSIZE * 8 ) + 256 )

/* The minimum and maximum conventional key size in bits.  In order to avoid
   problems with space inside shorter RSA-encrypted blocks, we limit the
   total keysize to 256 bits, which is adequate for all purposes - the
   limiting factor is three-key triple DES, which requires 3 * 64 bits of key
   and absolutely must have that many bits or it just reduces to two-key
   triple-DES.  Unfortunately when loading a default-length key into a
   context we can't tell what the user is going to do with the generated key
   (for example whether they will export it using a very short public key) so
   we have to take the approach of using a practical length which will work
   even with a 512-bit public key.  This means that for Blowfish, RC2, RC4,
   and RC5 the keylength is shorter than strictly necessary (actually for RC2
   we have to limit the keysize to 128 bits for CMS/SMIME compatibility) */

#define MIN_KEYSIZE_BITS		40
#define MAX_KEYSIZE_BITS		256

/* The maximum public-key size in bits.  This is used to save having to do
   lots of bit -> byte conversion when checking the lengths of PKC values
   which have the length specified in bits */

#define MAX_PKCSIZE_BITS		bytesToBits( CRYPT_MAX_PKCSIZE )

/* The maximum public-key object size.  This is used to allocate temporary
   buffers when working with signatures and PKC-encrypted keys.  The size
   estimate is somewhat crude and involves a fair safety margin, it usually
   contains a single PKC object (signature or encrypted key) along with
   algorithm and key ID information */

#define MAX_PKC_OBJECTSIZE		( CRYPT_MAX_PKCSIZE * 2 )

/* The minimum size of an encoded signature or exported key object.  This is
   used by the pointer-check macros (for the OS's which support this) to
   check that the pointers to objects which are passed to functions point to
   the minimal amount of valid memory required for an object, and also to
   zero the buffer for the object to ensure the caller gets invalid data if
   the function fails */

#define MIN_CRYPT_OBJECTSIZE	64

/* The minimum size of a certificate.  This is used by the pointer-check
   macros (for the OS's which support this) to check that the pointers being
   passed to these functions point to the minimal amount of valid memory
   required for an object */

#define MIN_CERTSIZE			256

/* The maximum size of an object attribute.  In theory this can be any size,
   but in practice we limit it to the following maximum to stop people
   creating things like certs containing MPEGs of themselves playing with
   their cat */

#define MAX_ATTRIBUTE_SIZE		1024

/* Some objects contain internal buffers used to process data whose size can
   be specified by the user, the following is the minimum size allowed for
   these buffers */

#define MIN_BUFFER_SIZE			8192

/* Some object types interact with exteral services which can return detailed
   error messages when problems occur, the following is the maximum length
   error string which we store.  Anything beyond this size is truncated */

#define MAX_ERRMSG_SIZE			512

/* The maximum number of iterations we allow for an iterated key setup such
   as a hashed password.  This is used to prevent DOS attacks from data 
   containing excessive iteration counts */

#define MAX_KEYSETUP_ITERATIONS	20000

/* The minimum and maximum size of various Internet-related values, used for
   range checking */

#define MIN_DNS_SIZE			4			/* x.com */
#define MAX_DNS_SIZE			255			/* Max hostname size */
#define MIN_RFC822_SIZE			8			/* xx@yy.zz */
#define MAX_RFC822_SIZE			255
#define MIN_URL_SIZE			12			/* http://x.com */
#define MAX_URL_SIZE			MAX_DNS_SIZE

/* The HMAC input and output padding values.  These are defined here rather
   than in cryptctx.h because they're needed by some routines which perform
   HMAC operations using raw SHA-1 contexts, since some devices provide SHA-1
   but not HMAC-SHA1 so we have to build it ourselves where it's needed for
   things like key hashing */

#define HMAC_IPAD				0x36
#define HMAC_OPAD				0x5C

/* Generic error return code/invalid value code */

#define CRYPT_ERROR				-1

/* A special return code to inform asynchronous routines to abort the
   operation currently in progress */

#define ASYNC_ABORT				-1234

/* A special return code to indicate that everything went OK but there's
   some special action to perform.  This is generally used when a lower-level
   routine wants to return a CRYPT_OK with some condition attached, typically
   that the calling routine not update state information since it's already
   been done by the returning routine or because the returning routine has
   more work to do on a later call */

#define OK_SPECIAL				-4321

/* When parameters get passed in messages, their mapping to parameters passed
   to the calling function gets lost.  The following error codes are used to
   denote errors in message parameters which are mapped to function parameter
   error codes by the caller.  For a message call:

	krnlSendMessage( object, {args}, MESSAGE_TYPE, value );

   we have the following possible error codes */

#define CRYPT_ARGERROR_OBJECT	-1000		/* Error in object being sent msg.*/
#define CRYPT_ARGERROR_VALUE	-1001		/* Error in message value */
#define CRYPT_ARGERROR_STR1		-1002		/* Error in first string arg */
#define CRYPT_ARGERROR_STR2		-1003		/* Error in second string arg */
#define CRYPT_ARGERROR_NUM1		-1004		/* Error in first numeric arg */
#define CRYPT_ARGERROR_NUM2		-1005		/* Error in second numeric arg */

#define cryptArgError( status )	\
		( ( status ) >= CRYPT_ARGERROR_NUM2 && ( status ) <= CRYPT_ARGERROR_OBJECT )

/****************************************************************************
*																			*
*								Data Structures								*
*																			*
****************************************************************************/

/* Information on a exported key/signature data.  This is an extended version
   of the data returned by the externally-visible cryptQueryObject() routine */

typedef struct {
	/* The object type, format type (eg cryptlib, CMS) and size information */
	CRYPT_OBJECT_TYPE type;			/* Object type */
	CRYPT_FORMAT_TYPE formatType;	/* Object format type */
	long size;						/* Object size */

	/* The encryption algorithm and mode */
	CRYPT_ALGO cryptAlgo;			/* The encryption algorithm */
	CRYPT_MODE cryptMode;			/* The encryption mode */

	/* The key ID for public key objects */
	BYTE keyID[ CRYPT_MAX_HASHSIZE ];	/* PKC key ID */
	int keyIDlength;

	/* The IV for conventionally encrypted data */
	BYTE iv[ CRYPT_MAX_IVSIZE ];	/* IV */
	int ivLength;

	/* The key derivation algorithm and iteration count for conventionally
	   encrypted keys */
	CRYPT_ALGO keySetupAlgo;		/* Key setup algorithm */
	int keySetupIterations;			/* Key setup iteration count */
	BYTE salt[ CRYPT_MAX_HASHSIZE ];/* Key setup salt */
	int saltLength;

	/* The hash algorithm for signatures */
	CRYPT_ALGO hashAlgo;			/* Hash algorithm */

	/* The start and length of the payload data */
	void *dataStart;				/* Start of payload data */
	int dataLength;

	/* The start and length of the issuerAndSerialNumber and attributes for 
	   CMS objects */
	void *iAndSStart;				/* Start of issuerAndSerialNumber */
	int iAndSLength;
	void *attributeStart;			/* Start of attributes */
	int attributeLength;
	} QUERY_INFO;

/* DLP algorithms require composite parameters when en/decrypting and 
   signing/sig checking, so we cant just pass in a single buffer full of 
   data as we can with RSA.  In addition the data length changes, for 
   example for a DSA sig we pass in a 20-byte hash and get back a ~50-byte 
   sig, for sig.checking we pass in a 20-byte hash and ~50-byte sig and get 
   back nothing.  Because of this we have to use the following structure to 
   pass data to the DLP-based PKCs */

typedef struct {
	const BYTE *inParam1, *inParam2;	/* Input parameters */
	BYTE *outParam;						/* Output parameter */
	int inLen1, inLen2, outLen;			/* Parameter lengths */
	CRYPT_FORMAT_TYPE formatType;		/* Paramter format type */
	} DLP_PARAMS;

#define setDLPParams( dlpDataPtr, dataIn, dataInLen, dataOut, dataOutLen ) \
	{ \
	memset( ( dlpDataPtr ), 0, sizeof( DLP_PARAMS ) ); \
	( dlpDataPtr )->formatType = CRYPT_FORMAT_CRYPTLIB; \
	( dlpDataPtr )->inParam1 = ( dataIn ); \
	( dlpDataPtr )->inLen1 = ( dataInLen ); \
	( dlpDataPtr )->outParam = ( dataOut ); \
	( dlpDataPtr )->outLen = ( dataOutLen ); \
	}

/* When calling key agreement functions we have to pass a mass of cruft
   around instead of the usual flat data (even more than the generic DLP
   parameter information) for which we use the following structure.  The 
   public value is the public key value used for the agreement process, 
   typically y = g^x mod p for DH-like mechanisms.  The ukm is the user 
   keying material, typically something which is mixed into the DH process 
   to make the new key unique.  The wrapped key is the output (originator)/
   input(recipient) to the keyagreement process.  The session key context 
   contains a context into which the derived key is loaded.  Typical 
   examples of use are:

	PKCS #3: publicValue = y
	Fortezza: publicValue = y, ukm = Ra, wrappedKey = TEK-wrapped MEK
	S/MIME: publicValue = y, ukm = 512-bit nonce, wrappedKey = g^x mod p */

typedef struct {
	BYTE publicValue[ CRYPT_MAX_PKCSIZE ];
	int publicValueLen;				/* Public key value */
	BYTE ukm[ CRYPT_MAX_PKCSIZE ];
	int ukmLen;						/* User keying material */
	BYTE wrappedKey[ CRYPT_MAX_PKCSIZE ];
	int wrappedKeyLen;				/* Wrapped key */
	CRYPT_CONTEXT sessionKeyContext;/* Context for derived key */
	} KEYAGREE_PARAMS;

/****************************************************************************
*																			*
*								Useful General Macros						*
*																			*
****************************************************************************/

/* Reasonably reliable way to get rid of unused argument warnings in a