aapicrpt.h

是一个手机功能的模拟程序

/*
 * Copyright (C) Ericsson Mobile Communications AB, 2000.
 * Licensed to AU-System AB.
 * All rights reserved.
 *
 * This software is covered by the license agreement between
 * the end user and AU-System AB, and may be used and copied
 * only in accordance with the terms of the said agreement.
 *
 * Neither Ericsson Mobile Communications AB nor AU-System AB
 * assumes any responsibility or liability for any errors or inaccuracies in
 * this software, or any consequential, incidental or indirect damage arising
 * out of the use of the Generic WAP Client software.
 */
/*
 * aapicrpt.h
 *
 * Created by Anders Edenbrandt, Thu Sep 09 14:01:33 1999.
 *
 * Revision history:
 *   000929, AED: added adaptor functions for session cache
 *
 */
#ifndef _aapicrpt_h
#define _aapicrpt_h

/* To define basic types, BYTE, UINT16, etc. */
#include "tapicmmn.h"


/***********************************************************************
 * Type and constant definitions
 ***********************************************************************/

/*---------------------------------------------
 * Bulk encryption
 *---------------------------------------------*/

typedef UINT8 BulkCipherAlgorithm;

/* The bulk encryption algorithms defined by WTLS. */
#define CIPHER_NULL             0
#define CIPHER_RC5_CBC_40       1
#define CIPHER_RC5_CBC_56       2
#define CIPHER_RC5_CBC          3
#define CIPHER_DES_CBC_40       4
#define CIPHER_DES_CBC          5
#define CIPHER_3DES_CBC_EDE     6
#define CIPHER_IDEA_CBC_40      7
#define CIPHER_IDEA_CBC_56      8
#define CIPHER_IDEA_CBC         9
#define CIPHER_RC5_CBC_64      10
#define CIPHER_IDEA_CBC_64     11

/* Key parameter object for bulk encryption routines. */
typedef struct {
  BYTE   *key;
  UINT16 keyLen;
  BYTE   *iv;
  UINT16 ivLen;
} KeyObject;


/*---------------------------------------------
 * Secure hash algorithms
 *---------------------------------------------*/

typedef UINT8 HashAlgorithm;

/* The secure hash algorithms that can be used in WTLS. */
#define HASH_SHA              1
#define HASH_MD5              2

typedef void *HashHandle;


/************************************************************
 * Cipher Method
 ************************************************************/

typedef struct {
  BulkCipherAlgorithm bulkCipherAlg;
  HashAlgorithm       hashAlg;
} CipherMethod;


/*---------------------------------------------
 * Key exchange
 *---------------------------------------------*/

typedef UINT8 KeyExchangeSuite;

/* The key exchange suites defined by WTLS. */
#define KEY_EXCH_NULL           0
#define KEY_EXCH_SHARED_SECRET  1
#define KEY_EXCH_DH_ANON        2
#define KEY_EXCH_DH_ANON_512    3
#define KEY_EXCH_DH_ANON_768    4
#define KEY_EXCH_RSA_ANON       5
#define KEY_EXCH_RSA_ANON_512   6
#define KEY_EXCH_RSA_ANON_768   7
#define KEY_EXCH_RSA            8
#define KEY_EXCH_RSA_512        9
#define KEY_EXCH_RSA_768        10
#define KEY_EXCH_ECDH_ANON      11
#define KEY_EXCH_ECDH_ANON_113  12
#define KEY_EXCH_ECDH_ANON_131  13
#define KEY_EXCH_ECDH_ECDSA     14


/*---------------------------------------------
 * Parameter to key agreement routines
 *---------------------------------------------*/

typedef struct {
  UINT16 expLen;
  BYTE   *exponent;
  UINT16 modLen;
  BYTE   *modulus;
} PublicKey_RSA;

typedef struct {
  UINT16 len;
  BYTE   *y;
} PublicKey_DH;

typedef struct {
  UINT8 len;
  BYTE *point;
} PublicKey_EC;

typedef struct {
  union {
    PublicKey_RSA rsa_key;
    PublicKey_DH  dh_key;
    PublicKey_EC  ec_key;
  } _u;
} PublicKey;

typedef struct {
  BYTE   parameterIndex;
  UINT16 paramLen;
  BYTE   *params;
} ParameterSpecifier;

typedef struct {
  KeyExchangeSuite       keyExchangeSuite;
  union {
    struct {
      BYTE   *identifier;
      UINT16 idLen;
    } secretKey;
    struct {
      PublicKey          pubKey;
      ParameterSpecifier parameterSpecifier;
    } keyParam;
    struct {
      UINT16 bufLen;
      BYTE   *buf;
    } certificates;
  } _u;
} KeyExchangeParameters;

/***********************************************************************
 * Function return values
 *
 * Each function in this crypto library returns an integer
 * value. Successful return is indicated by the value CRV_OK.
 * Other values indicate some sort of failure or problem.
 * The Generic WAP client treats all failures as equal, i.e.,
 * a certain library function that fails will be handled in
 * a uniform way regardless of the actual reason for failure.
 * However, the return code is logged with CLNTc_log when
 * LOG_EXTERNAL is defined.
 * It is recommended that the following constants be used
 * as return values for the Adapter functions of this API.
 ***********************************************************************/

#define CRV_OK                                       0
#define CRV_GENERAL_ERROR                            1
#define CRV_BUFFER_TOO_SMALL                         2
#define CRV_UNSUPPORTED_METHOD                       3
#define CRV_ALREADY_INITIALISED                      4
#define CRV_INSUFFICIENT_MEMORY                      5
#define CRV_CRYPTOLIB_NOT_INITIALISED                6
#define CRV_KEY_TOO_LONG                             7
#define CRV_NOT_IMPLEMENTED                          8
#define CRV_INVALID_PARAMETER                        9
#define CRV_DATA_LENGTH                             10
#define CRV_INVALID_KEY                             11
#define CRV_INVALID_HANDLE                          12
#define CRV_KEY_LENGTH                              13
#define CRV_MISSING_KEY                             14
#define CRV_UNKNOWN_CERTIFICATE_TYPE                15
#define CRV_NO_MATCHING_ROOT_CERTIFICATE            16
#define CRV_BAD_CERTIFICATE                         17
#define CRV_CERTIFICATE_EXPIRED                     18
#define CRV_MISSING_CERTIFICATE                     19
#define CRV_CONFIG_ERROR                            20
#define CRV_NOT_FOUND                               21
#define CRV_INVALID_COMMON_NAME                     22


/***********************************************************************
 * General functions
 ***********************************************************************/

/*
 * Perform necessary initialization chores, for example, seed
 * the random number generator.
 * This function must be called once before any other functions
 * in the crypto library are used.
 * The response should be delivered by a call to the connector function
 * CRYPTc_initialiseResponse. The parameter, "id",
 * should be passed back in this response.
 */
void
CRYPTa_initialise (UINT16 id);

/*
 * Terminate the use of the crypto library. This function is called
 * when WTLS is being shut down. Current handles held by the user
 * (e.g., HashHandle and MasterSecretID) are no longer valid
 * after calling this function.
 */
INT16
CRYPTa_terminate (void);


/*
 * Called when a WTLS connection has been established.
 */
void
CRYPTa_connectionEstablished (UINT8 objectId, UINT8 channelId,
                              UINT8 masterSecretId);

/*
 * Called when a WTLS connection has been terminated.
 */
void
CRYPTa_connectionTerminated (UINT8 objectId, UINT8 channelId);


/***********************************************************************
 * Crypto Methods
 ***********************************************************************/

/*
 * Retrieve lists of crypto parameters that the crypto library supports.
 * This includes cipher methods, key exchange methods, and trusted
 * certificates.
 * The response should be delivered by a call to the connector function
 * CRYPTc_getMethodsResponse. The parameter, "id",
 * should be passed back in this response.
 */
void
CRYPTa_getMethods (UINT16 id);


/***********************************************************************
 * Bulk encryption algorithms
 ***********************************************************************/

/*
 * Encrypt single-part data.
 * For some encryption methods, the input plaintext data has certain
 * length constraints. If these constraints are not satisfied, then
 * CRYPTa_encrypt will fail with return code CRV_DATA_LENGTH.
 * The plaintext and ciphertext can be in the same place, i.e., it is
 * OK if data and encryptedData point to the same location.
 * The ciphertext is always of the same length as the plaintext.
 */
INT16
CRYPTa_encrypt (BulkCipherAlgorithm method,
                KeyObject key,
                BYTE *data, UINT16 dataLen,
                BYTE *encryptedData);

/*
 * Decrypt single-part data.
 * For some decryption methods, the input ciphertext has certain
 * length constraints. If these constraints are not satisfied, then
 * CRYPTa_decrypt will fail with return code CRV_DATA_LENGTH.
 * The ciphertext and plaintext can be in the same place, i.e., it is
 * OK if data and decryptedData point to the same location.
 * The ciphertext is always of the same length as the plaintext.
 */
INT16
CRYPTa_decrypt (BulkCipherAlgorithm method,
                KeyObject key,
                BYTE *data, UINT16 dataLen,
                BYTE *decryptedData);


/***********************************************************************
 * Secure hash algorithms
 ***********************************************************************/

/*
 * Compute a hash digest of given single-part data.
 * The input data and digest output can be in the same place, i.e.,
 * it is OK if "data" and "digest" point to the same location.
 * CRYPTa_hash is equivalent to a call to CRYPTa_hashInit, followed
 * by a sequence of CRYPTa_hashUpdate operations, and terminated
 * by a call to CRYPTa_hashFinal.
 */
INT16
CRYPTa_hash (HashAlgorithm alg,
             BYTE *data, UINT16 dataLen,
             BYTE *digest);