algid.h

IBE是一种非对称密码技术

/* Copyright 2003-2006, Voltage Security, all rights reserved.
 */

#include "vibe.h"
#include "environment.h"
#include "base.h"
#include "libctx.h"
#include "derhelp.h"
#include "oidlist.h"

#ifndef _ALG_ID_H
#define _ALG_ID_H

#ifdef __cplusplus
extern "C" {
#endif

/* This is just VtGetAlgorithmFromBer, except it returns the index of
 * the chosen DerCoder as well.
 * <p>See vibe.h for a description of VtGetAlgorithmFromBer to
 * understand what this function does.
 */
int VOLT_CALLING_CONV VoltGetAlgorithmFromBer VOLT_PROTO_LIST ((
   VtLibCtx libraryCtx,
   unsigned char *encoding,
   unsigned int maxEncodingLen,
   VtDerCoder **DerCoders,
   unsigned int derCoderCount,
   unsigned int *algorithm,
   unsigned int *index
));

/* An AlgID is
 *    SEQUENCE {
 *      oid           OBJECT IDENTIFIER,
 *      parameters    ANY defined by oid }
 */

/* The OpenSSL template definitions.
 */
typedef struct
{
  Asn1ObjectId *oid;
  Asn1Encoded *params;
} Asn1AlgorithmId;

DECLARE_ASN1_FUNCTIONS (Asn1AlgorithmId)

/* These are the definitions for creating the encoding of CFB params
 * for a block cipher algID.
 */
typedef struct
{
  ASN1_OCTET_STRING *iv;
  ASN1_INTEGER *transfer;
} Asn1CFBParams;

DECLARE_ASN1_FUNCTIONS (Asn1CFBParams)

/* Create an algID encoding.
 *    SEQUENCE {
 *      oid           OBJECT IDENTIFIER,
 *      parameters    ANY defined by oid }
 * <p>If the params arg is NULL or the paramsLen arg is 0, and the
 * nullParams arg is 0, this function will place nothing into the
 * parameters portion of the AlgID.
 *   30 len
 *      06 len
 *         <OID>
 * <p>If the params arg is NULL or the paramsLen arg is 0, and the
 * nullParams arg is 5, this function will encode the params as
 * NULL: 05 00.
 *   30 len
 *      06 len
 *         <OID>
 *      05 00
 * <p>The routine will deposit the result into the caller-supplied
 * buffer (of size bufferSize bytes). It will then go to the address
 * given by algIdLen and deposit the length of the result string. If
 * the result buffer is not big enough, the routine will return the
 * "BufferTooSmall" error and set the algIdLen value to the required
 * space.
 *
 * @param libCtx The library context to use.
 * @param oid The OID to use (no 06 len).
 * @param oidLen The length, in bytes, of the OID.
 * @param params The params already encoded.
 * @param paramsLen The length, in bytes of the encoded params.
 * @params nullParams An int, if there are no params, this flag
 * indicates what to do, no params or NULL (05 00). If there are
 * params, this arg is ignored.
 * @param encoding The buffer into which this function will place the
 * algID.
 * @param bufferSize The size, in bytes, of the output buffer.
 * @param algIdLen The address where this function will deposit the
 * length of the algId, the number of bytes placed into the buffer.
 * @return an int, 0 if the function completed successfully or a
 * non-zero error code.
 */
int VOLT_CALLING_CONV VoltEncodeAlgId VOLT_PROTO_LIST ((
   VoltLibCtx *libCtx,
   unsigned char *oid,
   unsigned int oidLen,
   unsigned char *params,
   unsigned int paramsLen,
   unsigned int nullParams,
   unsigned char *algId,
   unsigned int bufferSize,
   unsigned int *algIdLen
));

/* Decode an algorithm ID. This function creates a new Asn1AlgorithmId
 * "object", it is the responsibility of the caller to destroy it (by
 * calling Asn1AlgorithmId_free).
 * <p>If the encoding is not an algID, this function returns the error
 * VT_ERROR_UNKNOWN_BER.
 *
 * @param libCtx The library context to use.
 * @param encoding The buffer containing the alleged algID.
 * @param maxEncodingLen The max number of bytes to decode.
 * @param algId The address where this function will deposit the
 * created Asn1AlgorithmId "object".
 * @return an int, 0 if the function completed successfully or a
 * non-zero error code.
 */
int VOLT_CALLING_CONV VoltDecodeAlgIdCreate VOLT_PROTO_LIST ((
   VoltLibCtx *libCtx,
   unsigned char *encoding,
   unsigned int maxEncodingLen,
   Asn1AlgorithmId **algId
));

/* This struct collects information about a block cipher for the algID
 * encoder or decoder.
 * The algorithm is the flag to return for VoltageGetAlgorithmFromBer.
 * It's used when the flag is VOLT_DER_TYPE_GET_ALG_FLAG. It is one of
 * the VT_ALG_ID_ #define's from volttk.h (e.g.
 * VT_ALG_ID_AES_128_CBC_PAD).
 */
typedef struct
{
  unsigned char *oid;
  unsigned int oidLen;
  unsigned int algorithm;
  unsigned int subAlg1;
  unsigned int subAlg2;
  VtAlgorithmImpl *algImpl;
  VtKeyParam *KeyParam;
} VoltBlockCipherAlgIdData;

/* Combine all Block Cipher DerCoder's into one call. This function is
 * the same as a regular DerCoder except the OID's are different. The
 * routine will know from the object what the algID params should be,
 * either none (ECB), and IV (OCTET STRING: CBC and OFB) or an IV and
 * transfer size (SEQUENCE { OCTET STRING, INTGER }: CFB).
 * <p>Note that this function is valid only for block cipher algorithms
 * that have no parameters other than the feedback params.
 *
 * @param flag The flag passed in by the external caller.
 * @param object The object passed in by the external caller.
 * @param info The info passed in by the external caller.
 * @param algIdData The data for the particular algorithm.
 * @return an int, 0 if the function completed successfully or a
 * non-zero error code.
 */
int VOLT_CALLING_CONV VoltDerCoderBlockCipher VOLT_PROTO_LIST ((
   unsigned int flag,
   Pointer object,
   VtDerCoderInfo *coderInfo,
   VoltBlockCipherAlgIdData *algIdData
));

/* Use this to pass info to a DerCoder when encoding.
 */
typedef struct
{
  VoltLibCtx *libCtx;
  Pointer info;
  unsigned char *encoding;
  unsigned int bufferSize;
  unsigned int *encodingLen;
} VoltDerCoderEncodeData;

/* Use this to pass info to a DerCoder when determining an algorithm.
 * The DerCoder will return 0 and set the unsigned int at the address
 * given by algorithm to the appropriate flag if there's a match. If
 * not, it will return VT_ERROR_UNKNOWN_BER.
 * A DerCoder will also deposit into this struct the KeyParam to use to
 * build a key for this algorithm, if the algorithm is a symmetric
 * cipher. If it's a digest or public key algorithm, the DerCoder will
 * set that field to NULL.
 * If the DerCoder is a symmetric algorithm, it will set the
 * SymKeyParam field to the KeyParam needed to build the key object.
 * Otherwise, it will set it to NULL.
 * If the DerCoder is a signature algorithm, it will set the DigestImpl
 * to the Impl needed to build a message digest object (this assumes
 * the associated info is NULL). Otherwise, it will set it to NULL.
 * The encodingType indicates whether the function that found the OID
 * found it inside an alg ID, a pub key, a private key, or params.
 */
typedef struct
{
  VoltLibCtx *libCtx;
  unsigned char *oid;
  unsigned int oidLen;
  unsigned int encodingType;
  unsigned int *algorithm;
  VtKeyParam *SymKeyParam;
  VtAlgorithmImpl *DigestImpl;
} VoltDerCoderGetAlgData;

/* These are th value encodingType can have. See algorithmid.c,
 * VtGetAlgorithmFromBer where they are used.
 */
#define VOLT_ENCODING_TYPE_ALG_ID   2
#define VOLT_ENCODING_TYPE_PARAMS   4
#define VOLT_ENCODING_TYPE_PUB_KEY  3
#define VOLT_ENCODING_TYPE_PRI_KEY  5

/* Use this struct to pass info to a DerCoder when decoding.
 * The type indicates that the info is for an AlgorithmID, public key
 * or private key. It is one of the following flags.
 *    VOLT_DER_TYPE_ALG_ID_FLAG
 *    VOLT_DER_TYPE_PUB_KEY_FLAG
 *    VOLT_DER_TYPE_PRI_KEY_FLAG
 * The asn1Object is the struct holding the decoded info, either
 * Asn1AlgorithmId, Asn1PrivateKeyInfo or Asn1SubjectPublicKey,
 * depending on the type.
 * The info is the data passed in by the caller to the SetKey or
 * SetObject function.
 */
typedef struct
{
  unsigned int type;
  Pointer asn1Object;
  Pointer info;
} VoltDerCoderDecodeData;

/* This struct is how info is passed to DerCoder's.
 */
typedef struct VtDerCoderInfoDef
{
  union
  {
    VoltDerCoderEncodeData encodeData;
    VoltDerCoderGetAlgData getAlgData;
    VoltDerCoderDecodeData decodeData;
  } info;
} VoltDerCoderInfo;

/*=========================================================*/
/*                                                         */
/* Some Fixed AlgID's                                      */
/*                                                         */
/*=========================================================*/

/* These defintions assume that lengths will be less than 0x7f. That's
 * a fairly safe assumption when it comes to OID's.
 */

/* An IBE Encrypt Alg ID will always be
 *    30 len
 *       06 len
 *          <IBE Encrypt OID>
 *       05 00
 */
#define VoltIBET1EncAlgIdSeqLen VoltIBET1EncOidBytesLen+4
#define VoltIBET1EncAlgIdOidOffset 4
#define VoltIBET1EncAlgIdBytes \
    0x30, VoltIBET1EncAlgIdSeqLen, 0x06, VoltIBET1EncOidBytesLen, \
      VoltIBET1EncOidBytes, 0x05, 0x00
#define VoltIBET1EncAlgIdBytesLen VoltIBET1EncAlgIdSeqLen+2

/* When there can be more than one IBE algID (BF and BB, for example),
 * then there is a max AlgID len.
 */
#define VoltMaxIBEAlgIDLen VoltIBET1EncAlgIdBytesLen

/* A DSA with SHA-1 Alg ID will always be
 *    30 len
 *       06 len
 *          <DSA sign OID>
 *
 * Note that there are no parameters, not even 05 00 (NULL). Various
 * standards (including RFC 2459 and RFC 3279), for some reason, have
 * explicitly specified no params.
 */
#define VoltDsaSHA1AlgIdSeqLen VoltDsaSHA1OidBytesLen+2
#define VoltDsaSHA1AlgIdOidOffset 4
#define VoltDsaSHA1AlgIdBytes \
    0x30, VoltDsaSHA1AlgIdSeqLen, 0x06, VoltDsaSHA1OidBytesLen, \
      VoltDsaSHA1OidBytes
#define VoltDsaSHA1AlgIdBytesLen VoltDsaSHA1AlgIdSeqLen+2

/* A SHA-1 Alg ID will always be
 *    30 len
 *       06 len
 *          <SHA-1 OID>
 *       05 00
 */
#define VoltSHA1AlgIdSeqLen VoltSHA1OidBytesLen+4
#define VoltSHA1AlgIdOidOffset 4
#define VoltSHA1AlgIdBytes \
      0x30, VoltSHA1AlgIdSeqLen, 0x06, VoltSHA1OidBytesLen, \
        VoltSHA1OidBytes, 0x05, 0x00
#define VoltSHA1AlgIdBytesLen VoltSHA1AlgIdSeqLen+2

/* An HMAC-SHA-1 Alg ID will always be
 *    30 len
 *       06 len
 *          <HMAC-SHA-1 OID>
 *       05 00
 */
#define VoltHMACSHA1AlgIdSeqLen VoltHMACSHA1OidBytesLen+4
#define VoltHMACSHA1AlgIdOidOffset 4
#define VoltHMACSHA1AlgIdBytes \
      0x30, VoltHMACSHA1AlgIdSeqLen, 0x06, VoltHMACSHA1OidBytesLen, \
        VoltHMACSHA1OidBytes, 0x05, 0x00
#define VoltHMACSHA1AlgIdBytesLen VoltHMACSHA1AlgIdSeqLen+2

/* A SHA-224 Alg ID will always be
 *    30 len
 *       06 len
 *          <SHA-224 OID>
 *       05 00
 */
#define VoltSHA224AlgIdSeqLen VoltSHA224OidBytesLen+4
#define VoltSHA224AlgIdOidOffset 4
#define VoltSHA224AlgIdBytes \
    0x30, VoltSHA224AlgIdSeqLen, 0x06, VoltSHA224OidBytesLen, \
      VoltSHA224OidBytes, 0x05, 0x00
#define VoltSHA224AlgIdBytesLen VoltSHA224AlgIdSeqLen+2

/* A SHA-256 Alg ID will always be
 *    30 len
 *       06 len
 *          <SHA-256 OID>
 *       05 00
 */
#define VoltSHA256AlgIdSeqLen VoltSHA256OidBytesLen+4
#define VoltSHA256AlgIdOidOffset 4
#define VoltSHA256AlgIdBytes \
    0x30, VoltSHA256AlgIdSeqLen, 0x06, VoltSHA256OidBytesLen, \
      VoltSHA256OidBytes, 0x05, 0x00
#define VoltSHA256AlgIdBytesLen VoltSHA256AlgIdSeqLen+2

/* A SHA-384 Alg ID will always be
 *    30 len
 *       06 len
 *          <SHA-384 OID>
 *       05 00
 */
#define VoltSHA384AlgIdSeqLen VoltSHA384OidBytesLen+4
#define VoltSHA384AlgIdOidOffset 4
#define VoltSHA384AlgIdBytes \
    0x30, VoltSHA384AlgIdSeqLen, 0x06, VoltSHA384OidBytesLen, \
      VoltSHA384OidBytes, 0x05, 0x00
#define VoltSHA384AlgIdBytesLen VoltSHA384AlgIdSeqLen+2

/* A SHA-512 Alg ID will always be
 *    30 len
 *       06 len
 *          <SHA-512 OID>
 *       05 00
 */
#define VoltSHA512AlgIdSeqLen VoltSHA512OidBytesLen+4
#define VoltSHA512AlgIdOidOffset 4
#define VoltSHA512AlgIdBytes \
    0x30, VoltSHA512AlgIdSeqLen, 0x06, VoltSHA512OidBytesLen, \
      VoltSHA512OidBytes, 0x05, 0x00
#define VoltSHA512AlgIdBytesLen VoltSHA512AlgIdSeqLen+2

/* An MD5 Alg ID will always be
 *    30 len
 *       06 len
 *          <MD5 OID>
 *       05 00
 */
#define VoltMD5AlgIdSeqLen VoltMD5OidBytesLen+4
#define VoltMD5AlgIdOidOffset 4
#define VoltMD5AlgIdBytes \
    0x30, VoltMD5AlgIdSeqLen, 0x06, VoltMD5OidBytesLen, \
      VoltMD5OidBytes, 0x05, 0x00
#define VoltMD5AlgIdBytesLen VoltMD5AlgIdSeqLen+2

/* An HMAC-MD5 Alg ID will always be
 *    30 len
 *       06 len
 *          <HMAC-MD5 OID>
 *       05 00
 */
#define VoltHMACMD5AlgIdSeqLen VoltHMACMD5OidBytesLen+4
#define VoltHMACMD5AlgIdOidOffset 4
#define VoltHMACMD5AlgIdBytes \
    0x30, VoltHMACMD5AlgIdSeqLen, 0x06, VoltHMACMD5OidBytesLen, \
      VoltHMACMD5OidBytes, 0x05, 0x00
#define VoltHMACMD5AlgIdBytesLen VoltHMACMD5AlgIdSeqLen+2

/* This #define needs to keep track of the largest symmetric cipher
 * algID the toolkit supports. For now it is AES-CFB. That AlgID will
 * be 36 bytes, but we'll make it 48 for now to be a little safe.
 */
#define VoltMaxSymAlgIDLen  48

/*=========================================================*/
/*                                                         */
/*                                                         */
/*                                                         */
/*=========================================================*/

#ifdef __cplusplus
}
#endif

#endif /* _ALG_ID_H */