dev_sys.c

提供了很多种加密算法和CA认证及相关服务如CMP、OCSP等的开发

/* The functions used to implement the Elgamal encryption routines */

int elgamalSelfTest( void );
int elgamalInitKey( CRYPT_INFO *cryptInfo, const void *key, const int keyLength );
int elgamalGenerateKey( CRYPT_INFO *cryptInfo, const int keySizeBits );
int elgamalEncrypt( CRYPT_INFO *cryptInfo, void *buffer, int length );
int elgamalDecrypt( CRYPT_INFO *cryptInfo, void *buffer, int length );

/* The functions used to implement the RSA encryption routines */

int rsaSelfTest( void );
int rsaInitKey( CRYPT_INFO *cryptInfo, const void *key, const int keyLength );
int rsaGenerateKey( CRYPT_INFO *cryptInfo, const int keySizeBits );
int rsaEncrypt( CRYPT_INFO *cryptInfo, void *buffer, int length );
int rsaDecrypt( CRYPT_INFO *cryptInfo, void *buffer, int length );

/* The functions used to implement the MD2 hash routines */

int md2SelfTest( void );
int md2Init( CRYPT_INFO *cryptInfo );
int md2End( CRYPT_INFO *cryptInfo );
int md2Hash( CRYPT_INFO *cryptInfo, void *buffer, int length );

/* The functions used to implement the MD4 hash routines */

int md4SelfTest( void );
int md4Init( CRYPT_INFO *cryptInfo );
int md4End( CRYPT_INFO *cryptInfo );
int md4Hash( CRYPT_INFO *cryptInfo, void *buffer, int length );

/* The functions used to implement the MD5 hash routines */

int md5SelfTest( void );
int md5Init( CRYPT_INFO *cryptInfo );
int md5End( CRYPT_INFO *cryptInfo );
int md5Hash( CRYPT_INFO *cryptInfo, void *buffer, int length );

/* The functions used to implement the RIPEMD-160 hash routines */

int ripemd160SelfTest( void );
int ripemd160Init( CRYPT_INFO *cryptInfo );
int ripemd160End( CRYPT_INFO *cryptInfo );
int ripemd160Hash( CRYPT_INFO *cryptInfo, void *buffer, int length );

/* The functions used to implement the SHA1 hash routines */

int shaSelfTest( void );
int shaInit( CRYPT_INFO *cryptInfo );
int shaEnd( CRYPT_INFO *cryptInfo );
int shaHash( CRYPT_INFO *cryptInfo, void *buffer, int length );

/* The functions used to implement the SHA2 hash routines */

int sha2SelfTest( void );
int sha2Init( CRYPT_INFO *cryptInfo );
int sha2End( CRYPT_INFO *cryptInfo );
int sha2Hash( CRYPT_INFO *cryptInfo, void *buffer, int length );

/* The functions used to implement the HMAC-MD5 MAC routines */

int hmacMD5SelfTest( void );
int hmacMD5Init( CRYPT_INFO *cryptInfo );
int hmacMD5End( CRYPT_INFO *cryptInfo );
int hmacMD5InitKey( CRYPT_INFO *cryptInfo, const void *key, const int keyLength );
int hmacMD5Hash( CRYPT_INFO *cryptInfo, void *buffer, int length );

/* The functions used to implement the HMAC-RIPEMD-160 MAC routines */

int hmacRIPEMD160SelfTest( void );
int hmacRIPEMD160Init( CRYPT_INFO *cryptInfo );
int hmacRIPEMD160End( CRYPT_INFO *cryptInfo );
int hmacRIPEMD160InitKey( CRYPT_INFO *cryptInfo, const void *key, const int keyLength );
int hmacRIPEMD160Hash( CRYPT_INFO *cryptInfo, void *buffer, int length );

/* The functions used to implement the HMAC-SHA MAC routines */

int hmacSHASelfTest( void );
int hmacSHAInit( CRYPT_INFO *cryptInfo );
int hmacSHAEnd( CRYPT_INFO *cryptInfo );
int hmacSHAInitKey( CRYPT_INFO *cryptInfo, const void *key, const int keyLength );
int hmacSHAHash( CRYPT_INFO *cryptInfo, void *buffer, int length );

/* The encryption library intrinsic capability list */

static CAPABILITY_INFO FAR_BSS capabilities[] = {
	/* The DES capabilities */
	{ CRYPT_ALGO_DES, bits( 64 ), "DES",
		bits( 40 ), bits( 64 ), bits( 64 ),
		desSelfTest, desInit, desEnd, loadIV, desInitKey, NULL,
		desEncryptECB, desDecryptECB, desEncryptCBC, desDecryptCBC,
		desEncryptCFB, desDecryptCFB, desEncryptOFB, desDecryptOFB },

	/* The triple DES capabilities.  Unlike the other algorithms, the minimum
	   key size here is 64 + 8 bits (nominally 56 + 1 bits) because using a
	   key any shorter is (a) no better than single DES, and (b) will result
	   in a key load error since the second key will be an all-zero weak
	   key.  We also give the default key size as 192 bits instead of 128 to
	   make sure that anyone using a key of the default size ends up with
	   three-key 3DES rather than two-key 3DES */
	{ CRYPT_ALGO_3DES, bits( 64 ), "3DES",
		bits( 64 + 8 ), bits( 192 ), bits( 192 ),
		des3SelfTest, des3Init, des3End, loadIV, des3InitKey, NULL,
		des3EncryptECB, des3DecryptECB, des3EncryptCBC, des3DecryptCBC,
		des3EncryptCFB, des3DecryptCFB, des3EncryptOFB, des3DecryptOFB },

#ifndef NO_IDEA
	/* The IDEA capabilities */
	{ CRYPT_ALGO_IDEA, bits( 64 ), "IDEA",
		bits( 40 ), bits( 128 ), bits( 128 ),
		ideaSelfTest, ideaInit, ideaEnd, loadIV, ideaInitKey, NULL,
		ideaEncryptECB, ideaDecryptECB, ideaEncryptCBC, ideaDecryptCBC,
		ideaEncryptCFB, ideaDecryptCFB, ideaEncryptOFB, ideaDecryptOFB },
#endif /* NO_IDEA */

#ifndef NO_CAST
	/* The CAST-128 capabilities */
	{ CRYPT_ALGO_CAST, bits( 64 ), "CAST-128",
		bits( 40 ), bits( 128 ), bits( 128 ),
		castSelfTest, castInit, castEnd, loadIV, castInitKey, NULL,
		castEncryptECB, castDecryptECB, castEncryptCBC, castDecryptCBC,
		castEncryptCFB, castDecryptCFB, castEncryptOFB, castDecryptOFB },
#endif /* NO_CAST */

#ifndef NO_RC2
	/* The RC2 capabilities */
	{ CRYPT_ALGO_RC2, bits( 64 ), "RC2",
		bits( 40 ), bits( 128 ), bits( 1024 ),
		rc2SelfTest, rc2Init, rc2End, loadIV, rc2InitKey, NULL,
		rc2EncryptECB, rc2DecryptECB, rc2EncryptCBC, rc2DecryptCBC,
		rc2EncryptCFB, rc2DecryptCFB, rc2EncryptOFB, rc2DecryptOFB },
#endif /* NO_RC2 */

#ifndef NO_RC4
	/* The RC4 capabilities */
	{ CRYPT_ALGO_RC4, bits( 8 ), "RC4",
		bits( 40 ), bits( 128 ), 256,
		rc4SelfTest, rc4Init, rc4End, NULL, rc4InitKey, NULL,
		NULL, NULL, NULL, NULL, NULL, NULL, rc4Encrypt, rc4Encrypt },
#endif /* NO_RC4 */

#ifndef NO_RC5
	/* The RC5 capabilities */
	{ CRYPT_ALGO_RC5, bits( 64 ), "RC5",
		bits( 40 ), bits( 128 ), bits( 832 ),
		rc5SelfTest, rc5Init, rc5End, loadIV, rc5InitKey, NULL,
		rc5EncryptECB, rc5DecryptECB, rc5EncryptCBC, rc5DecryptCBC,
		rc5EncryptCFB, rc5DecryptCFB, rc5EncryptOFB, rc5DecryptOFB },
#endif /* NO_RC5 */

	/* The AES capabilities */
	{ CRYPT_ALGO_AES, bits( 128 ), "AES",
		bits( 128 ), bits( 128 ), bits( 256 ),
		aesSelfTest, aesInit, aesEnd, loadIV, aesInitKey, NULL,
		aesEncryptECB, aesDecryptECB, aesEncryptCBC, aesDecryptCBC,
		aesEncryptCFB, aesDecryptCFB, aesEncryptOFB, aesDecryptOFB },

	/* The Blowfish capabilities */
	{ CRYPT_ALGO_BLOWFISH, bits( 64 ), "Blowfish",
		bits( 40 ), bits( 128 ), bits( 448 ),
		blowfishSelfTest, blowfishInit, blowfishEnd, loadIV, blowfishInitKey, NULL,
		blowfishEncryptECB, blowfishDecryptECB, blowfishEncryptCBC, blowfishDecryptCBC,
		blowfishEncryptCFB, blowfishDecryptCFB, blowfishEncryptOFB, blowfishDecryptOFB },

#ifndef NO_SKIPJACK
	/* The Skipjack capabilities */
	{ CRYPT_ALGO_SKIPJACK, bits( 64 ), "Skipjack",
		bits( 80 ), bits( 80 ), bits( 80 ),
		skipjackSelfTest, skipjackInit, skipjackEnd, loadIV, skipjackInitKey, NULL,
		skipjackEncryptECB, skipjackDecryptECB, skipjackEncryptCBC, skipjackDecryptCBC,
		skipjackEncryptCFB, skipjackDecryptCFB, skipjackEncryptOFB, skipjackDecryptOFB },
#endif /* NO_SKIPJACK */

	/* The MD2 capabilities */
	{ CRYPT_ALGO_MD2, bits( 128 ), "MD2",
		bits( 0 ), bits( 0 ), bits( 0 ),
		md2SelfTest, md2Init, md2End, NULL, NULL, NULL, md2Hash, md2Hash },

#ifndef NO_MD4
	/* The MD4 capabilities */
	{ CRYPT_ALGO_MD4, bits( 128 ), "MD4",
		bits( 0 ), bits( 0 ), bits( 0 ),
		md4SelfTest, md4Init, md4End, NULL, NULL, NULL, md4Hash, md4Hash },
#endif /* NO_MD4 */

	/* The MD5 capabilities */
	{ CRYPT_ALGO_MD5, bits( 128 ), "MD5",
		bits( 0 ), bits( 0 ), bits( 0 ),
		md5SelfTest, md5Init, md5End, NULL, NULL, NULL, md5Hash, md5Hash },

	/* The SHA1 capabilities */
	{ CRYPT_ALGO_SHA, bits( 160 ), "SHA",
		bits( 0 ), bits( 0 ), bits( 0 ),
		shaSelfTest, shaInit, shaEnd, NULL, NULL, NULL, shaHash, shaHash },

	/* The RIPEMD-160 capabilities */
	{ CRYPT_ALGO_RIPEMD160, bits( 160 ), "RIPEMD-160",
		bits( 0 ), bits( 0 ), bits( 0 ),
		ripemd160SelfTest, ripemd160Init, ripemd160End, NULL, NULL, NULL,
		ripemd160Hash, ripemd160Hash },

#ifndef NO_SHA2
	/* The SHA2 capabilities */
	{ CRYPT_ALGO_SHA, bits( 160 ), "SHA",
		bits( 0 ), bits( 0 ), bits( 0 ),
		shaSelfTest, shaInit, shaEnd, NULL, NULL, NULL, shaHash, shaHash },
#endif /* NO_SHA2 */

#ifndef NO_HMAC_MD5
	/* The HMAC-MD5 capabilities */
	{ CRYPT_ALGO_HMAC_MD5, bits( 128 ), "HMAC-MD5",
		bits( 40 ), bits( 128 ), CRYPT_MAX_KEYSIZE,
		hmacMD5SelfTest, hmacMD5Init, hmacMD5End, NULL, hmacMD5InitKey,
		NULL, hmacMD5Hash, hmacMD5Hash },
#endif /* NO_HMAC_MD5 */

	/* The HMAC-SHA capabilities */
	{ CRYPT_ALGO_HMAC_SHA, bits( 160 ), "HMAC-SHA",
		bits( 40 ), bits( 128 ), CRYPT_MAX_KEYSIZE,
		hmacSHASelfTest, hmacSHAInit, hmacSHAEnd, NULL, hmacSHAInitKey,
		NULL, hmacSHAHash, hmacSHAHash },

#ifndef NO_HMAC_RIPEMD160
	/* The HMAC-RIPEMD160 capabilities */
	{ CRYPT_ALGO_HMAC_RIPEMD160, bits( 160 ), "HMAC-RIPEMD160",
		bits( 40 ), bits( 128 ), CRYPT_MAX_KEYSIZE,
		hmacRIPEMD160SelfTest, hmacRIPEMD160Init, hmacRIPEMD160End, NULL, hmacRIPEMD160InitKey,
		NULL, hmacRIPEMD160Hash, hmacRIPEMD160Hash },
#endif /* NO_HMAC_RIPEMD160 */

	/* The Diffie-Hellman capabilities */
	{ CRYPT_ALGO_DH, bits( 0 ), "Diffie-Hellman",
		bits( 512 ), bits( 1024 ), CRYPT_MAX_PKCSIZE,
		dhSelfTest, NULL, NULL, NULL, dhInitKey, dhGenerateKey,
		dhEncrypt, dhDecrypt },

	/* The RSA capabilities */
	{ CRYPT_ALGO_RSA, bits( 0 ), "RSA",
		bits( 512 ), bits( 1024 ), CRYPT_MAX_PKCSIZE,
		rsaSelfTest, NULL, NULL, NULL, rsaInitKey, rsaGenerateKey,
		rsaEncrypt, rsaDecrypt, NULL, NULL, NULL, NULL, NULL, NULL,
		rsaDecrypt, rsaEncrypt },

	/* The DSA capabilities */
	{ CRYPT_ALGO_DSA, bits( 0 ), "DSA",
		bits( 512 ), bits( 1024 ), CRYPT_MAX_PKCSIZE,
		dsaSelfTest, NULL, NULL, NULL, dsaInitKey, dsaGenerateKey,
		NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL,
		dsaSign, dsaSigCheck },

#ifndef NO_ELGAMAL
	/* The ElGamal capabilities */
	{ CRYPT_ALGO_ELGAMAL, bits( 0 ), "Elgamal",
		bits( 512 ), bits( 1024 ), CRYPT_MAX_PKCSIZE,
		elgamalSelfTest, NULL, NULL, NULL, elgamalInitKey, elgamalGenerateKey,
		elgamalEncrypt, elgamalDecrypt, NULL, NULL, NULL, NULL, NULL, NULL,
		NULL, NULL },
#endif /* NO_ELGAMAL */

	/* Vendors may want to use their own algorithms which aren't part of the
	   general cryptlib suite.  The following includes the ability to include
	   vendor-specific algorithm capabilities defined in the file
	   vendalgo.c */
#ifdef USE_VENDOR_ALGOS
	#include "vendalgo.c"
#endif /* USE_VENDOR_ALGOS */

	/* The end-of-list marker.  This value isn't linked into the 
	   capabilities list when we call initCapabilities() */
	{ CRYPT_ALGO_NONE }
	};

/* Initialise the capability info */

static void initCapabilities( void )
	{
	CAPABILITY_INFO *prevCapabilityInfoPtr = NULL;
	int i;

	/* Perform a consistency check on the encryption mode values, which
	   are used to index a table of per-mode function pointers */
	assert( CRYPT_MODE_CBC == CRYPT_MODE_ECB + 1 && \
			CRYPT_MODE_CFB == CRYPT_MODE_CBC + 1 && \
			CRYPT_MODE_OFB == CRYPT_MODE_CFB + 1 && \
			CRYPT_MODE_LAST == CRYPT_MODE_OFB + 1 );

	for( i = 0; capabilities[ i ].cryptAlgo != CRYPT_ALGO_NONE; i++ )
		{
		assert( capabilityInfoOK( &capabilities[ i ], FALSE ) );
		if( prevCapabilityInfoPtr != NULL )
			prevCapabilityInfoPtr->next = &capabilities[ i ];
		prevCapabilityInfoPtr = &capabilities[ i ];
		}
	}

/****************************************************************************
*																			*
*						 	Device Access Routines							*
*																			*
****************************************************************************/

/* Set up the function pointers to the device methods */

int setDeviceSystem( DEVICE_INFO *deviceInfo )
	{
	deviceInfo->initFunction = initFunction;
	deviceInfo->shutdownFunction = shutdownFunction;
	deviceInfo->controlFunction = controlFunction;
	deviceInfo->getRandomFunction = getRandomFunction;
	deviceInfo->capabilityInfo = capabilities;
	deviceInfo->createObjectFunctions = createObjectFunctions;
	deviceInfo->mechanismFunctions = mechanismFunctions;

	return( CRYPT_OK );
	}