ia64/xen-unstable

view tools/vtpm_manager/crypto/crypto.h @ 8977:f84d5cdd9895

Clean up segment selector fixup and validation.

Signed-off-by: Keir Fraser <keir@xensource.com>
author kaf24@firebug.cl.cam.ac.uk
date Thu Feb 23 14:43:45 2006 +0100 (2006-02-23)
parents 06d84bf87159
children
line source
1 // ===================================================================
2 //
3 // Copyright (c) 2005, Intel Corp.
4 // All rights reserved.
5 //
6 // Redistribution and use in source and binary forms, with or without
7 // modification, are permitted provided that the following conditions
8 // are met:
9 //
10 // * Redistributions of source code must retain the above copyright
11 // notice, this list of conditions and the following disclaimer.
12 // * Redistributions in binary form must reproduce the above
13 // copyright notice, this list of conditions and the following
14 // disclaimer in the documentation and/or other materials provided
15 // with the distribution.
16 // * Neither the name of Intel Corporation nor the names of its
17 // contributors may be used to endorse or promote products derived
18 // from this software without specific prior written permission.
19 //
20 // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
21 // "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
22 // LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
23 // FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
24 // COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
25 // INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
26 // (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
27 // SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 // HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
29 // STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
30 // ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
31 // OF THE POSSIBILITY OF SUCH DAMAGE.
32 // ===================================================================
33 //
34 // crypto.h
35 //
36 // This file defines the TPM Crypto API
37 //
38 // ==================================================================
40 #ifndef __CRYPTO_H__
41 #define __CRYPTO_H__
43 #include <stddef.h>
44 #include <stdint.h>
45 #include <stdbool.h>
47 #include "tcg.h"
48 #include "sym_crypto.h"
50 #define CRYPTO_MAX_SIG_SIZE (2048 / 8)
51 #define CRYPTO_MAX_RSA_KEY_SIZE (4096 / 8) //in bytes
53 #define OAEP_P "TCPA"
54 #define OAEP_P_SIZE 4
56 // Algorithms supported by crypto. Stored in CRYPTO_INFO.algorithmID
57 #define CRYPTO_ALGORITH_RSA 0x01
59 // Supported Encryption Schemes CRYPTO_INFO.encScheme
60 #define CRYPTO_ES_NONE 0x0001
61 #define CRYPTO_ES_RSAESPKCSv15 0x0002
62 #define CRYPTO_ES_RSAESOAEP_SHA1_MGF1 0x0003
64 // Supported Signature schemes CRYPTO_INFO.sigScheme
65 #define CRYPTO_SS_NONE 0x0001
66 #define CRYPTO_SS_RSASSAPKCS1v15_SHA1 0x0002
67 #define CRYPTO_SS_RSASSAPKCS1v15_DER 0x0003
69 typedef struct CRYPTO_INFO {
70 void *keyInfo;
71 UINT32 algorithmID;
72 UINT32 encScheme;
73 UINT32 sigScheme;
74 } CRYPTO_INFO;
77 void Crypto_Init(const BYTE* rand, int size);
79 void Crypto_Exit();
81 void Crypto_GetRandom(void* data, int size);
83 void Crypto_HMAC( const BYTE* text,
84 int text_len,
85 const BYTE* key,
86 int key_len,
87 BYTE* digest);
89 TPM_RESULT Crypto_HMAC_buf (const buffer_t * text,
90 const buffer_t * key,
91 BYTE * o_digest); /* presumably of 20 bytes */
93 void Crypto_SHA1Full( const BYTE* text,
94 UINT32 size,
95 BYTE* hash); //Complete 3part SHA1
97 // o_hash needs to be large enough to hold the digest, ie 20 bytes
98 TPM_RESULT Crypto_SHA1Full_buf (const buffer_t * buf,
99 BYTE * o_hash);
101 void Crypto_SHA1Start(UINT32* maxNumBytes);
102 void Crypto_SHA1Update(int numBytes, const BYTE* hashData);
103 void Crypto_SHA1Complete( int hashDataSize,
104 const BYTE* hashData,
105 BYTE* hashValue);
107 void Crypto_RSACreateKey( /*in*/ UINT32 keySize,
108 /*in*/ UINT32 pubExpSize,
109 /*in*/ BYTE *pubExp,
110 /*out*/ UINT32 *privExpSize,
111 /*out*/ BYTE *privExp,
112 /*out*/ UINT32 *modulusSize,
113 /*out*/ BYTE *modulus,
114 /*out*/ CRYPTO_INFO *keys);
116 void Crypto_RSABuildCryptoInfo( /*[IN]*/ UINT32 pubExpSize,
117 /*[IN]*/ BYTE *pubExp,
118 /*[IN]*/ UINT32 privExpSize,
119 /*[IN]*/ BYTE *privExp,
120 /*[IN]*/ UINT32 modulusSize,
121 /*[IN]*/ BYTE *modulus,
122 /*[OUT]*/ CRYPTO_INFO* cryptoInfo);
124 void Crypto_RSABuildCryptoInfoPublic( /*[IN]*/ UINT32 pubExpSize,
125 /*[IN]*/ BYTE *pubExp,
126 /*[IN]*/ UINT32 modulusSize,
127 /*[IN]*/ BYTE *modulus,
128 CRYPTO_INFO* cryptoInfo);
130 //
131 // symmetric pack and unpack operations
132 //
133 TPM_RESULT Crypto_RSAPackCryptoInfo (const CRYPTO_INFO* cryptoInfo,
134 BYTE ** io_buf, UINT32 * io_buflen);
136 TPM_RESULT Crypto_RSAUnpackCryptoInfo (CRYPTO_INFO * ci,
137 BYTE * in, UINT32 len,
138 UINT32 * o_lenread);
141 // return 0 on success, -1 on error
142 int Crypto_RSAEnc( CRYPTO_INFO *keys,
143 UINT32 inDataSize,
144 BYTE *inData,
145 /*out*/ UINT32 *outDataSize,
146 /*out*/ BYTE *outData);
148 // return 0 on success, -1 on error
149 int Crypto_RSADec( CRYPTO_INFO *keys,
150 UINT32 inDataSize,
151 BYTE *inData,
152 /*out*/ UINT32 *outDataSize,
153 /*out*/ BYTE *outData);
155 // return 0 on success, -1 on error
156 int Crypto_RSASign( CRYPTO_INFO *keys,
157 UINT32 inDataSize,
158 BYTE *inData,
159 /*out*/ UINT32 *sigSize,
160 /*out*/ BYTE *sig);
162 bool Crypto_RSAVerify( CRYPTO_INFO *keys,
163 UINT32 inDataSize,
164 BYTE *inData,
165 UINT32 sigSize,
166 BYTE *sig);
168 //private:
169 int RSA_verify_DER(int dtype, unsigned char *m, unsigned int m_len,
170 unsigned char *sigbuf, unsigned int siglen, CRYPTO_INFO *key);
172 int RSA_sign_DER(int type, unsigned char *m, unsigned int m_len,
173 unsigned char *sigret, unsigned int *siglen, CRYPTO_INFO *key);
175 #endif // __CRYPTO_H__