source-git / gnutls

Clone
Source Code
GIT

Blame lib/crypto-backend.h

c8 c8s master
  1.   c8s
  2.   lib
  3.   crypto-backend.h
Blob History Raw
Packit Service 4684c1 
/*
Packit Service 4684c1 
 * Copyright (C) 2011-2012 Free Software Foundation, Inc.
Packit Service 4684c1 
 *
Packit Service 4684c1 
 * Author: Nikos Mavrogiannopoulos
Packit Service 4684c1 
 *
Packit Service 4684c1 
 * This file is part of GnuTLS.
Packit Service 4684c1 
 *
Packit Service 4684c1 
 * The GnuTLS is free software; you can redistribute it and/or
Packit Service 4684c1 
 * modify it under the terms of the GNU Lesser General Public License
Packit Service 4684c1 
 * as published by the Free Software Foundation; either version 2.1 of
Packit Service 4684c1 
 * the License, or (at your option) any later version.
Packit Service 4684c1 
 *
Packit Service 4684c1 
 * This library is distributed in the hope that it will be useful, but
Packit Service 4684c1 
 * WITHOUT ANY WARRANTY; without even the implied warranty of
Packit Service 4684c1 
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
Packit Service 4684c1 
 * Lesser General Public License for more details.
Packit Service 4684c1 
 *
Packit Service 4684c1 
 * You should have received a copy of the GNU Lesser General Public License
Packit Service 4684c1 
 * along with this program.  If not, see <https://www.gnu.org/licenses/>
Packit Service 4684c1 
 *
Packit Service 4684c1 
 */
Packit Service 4684c1
Packit Service 4684c1 
#ifndef GNUTLS_LIB_CRYPTO_BACKEND_H
Packit Service 4684c1 
#define GNUTLS_LIB_CRYPTO_BACKEND_H
Packit Service 4684c1
Packit Service 4684c1 
#include <gnutls/crypto.h>
Packit Service 4684c1
Packit Service 4684c1 
#define gnutls_crypto_single_cipher_st gnutls_crypto_cipher_st
Packit Service 4684c1 
#define gnutls_crypto_single_mac_st gnutls_crypto_mac_st
Packit Service 4684c1 
#define gnutls_crypto_single_digest_st gnutls_crypto_digest_st
Packit Service 4684c1
Packit Service 4684c1 
typedef struct {
Packit Service 4684c1 
	gnutls_cipher_init_func init;
Packit Service 4684c1 
	gnutls_cipher_setkey_func setkey;
Packit Service 4684c1 
	gnutls_cipher_setiv_func setiv;
Packit Service 4684c1 
	gnutls_cipher_getiv_func getiv;
Packit Service 4684c1 
	gnutls_cipher_encrypt_func encrypt;
Packit Service 4684c1 
	gnutls_cipher_decrypt_func decrypt;
Packit Service 4684c1 
	gnutls_cipher_aead_encrypt_func aead_encrypt;
Packit Service 4684c1 
	gnutls_cipher_aead_decrypt_func aead_decrypt;
Packit Service 4684c1 
	gnutls_cipher_deinit_func deinit;
Packit Service 4684c1 
	gnutls_cipher_auth_func auth;
Packit Service 4684c1 
	gnutls_cipher_tag_func tag;
Packit Service 4684c1
Packit Service 4684c1 
	/* Not needed for registered on run-time. Only included
Packit Service 4684c1 
	 * should define it. */
Packit Service 4684c1 
	int (*exists) (gnutls_cipher_algorithm_t);	/* true/false */
Packit Service 4684c1 
} gnutls_crypto_cipher_st;
Packit Service 4684c1
Packit Service 4684c1 
typedef struct {
Packit Service 4684c1 
	gnutls_mac_init_func init;
Packit Service 4684c1 
	gnutls_mac_setkey_func setkey;
Packit Service 4684c1 
	gnutls_mac_setnonce_func setnonce;
Packit Service 4684c1 
	gnutls_mac_hash_func hash;
Packit Service 4684c1 
	gnutls_mac_output_func output;
Packit Service 4684c1 
	gnutls_mac_deinit_func deinit;
Packit Service 4684c1 
	gnutls_mac_fast_func fast;
Packit Service 4684c1 
	gnutls_mac_copy_func copy;
Packit Service 4684c1
Packit Service 4684c1 
	/* Not needed for registered on run-time. Only included
Packit Service 4684c1 
	 * should define it. */
Packit Service 4684c1 
	int (*exists) (gnutls_mac_algorithm_t);
Packit Service 4684c1 
} gnutls_crypto_mac_st;
Packit Service 4684c1
Packit Service 4684c1 
typedef struct {
Packit Service 4684c1 
	gnutls_digest_init_func init;
Packit Service 4684c1 
	gnutls_digest_hash_func hash;
Packit Service 4684c1 
	gnutls_digest_output_func output;
Packit Service 4684c1 
	gnutls_digest_deinit_func deinit;
Packit Service 4684c1 
	gnutls_digest_fast_func fast;
Packit Service 4684c1 
	gnutls_digest_copy_func copy;
Packit Service 4684c1
Packit Service 4684c1 
	/* Not needed for registered on run-time. Only included
Packit Service 4684c1 
	 * should define it. */
Packit Service 4684c1 
	int (*exists) (gnutls_digest_algorithm_t);
Packit Service 4684c1 
} gnutls_crypto_digest_st;
Packit Service 4684c1
Packit Service 4684c1 
typedef struct {
Packit Service 4684c1 
	int (*hkdf_extract) (gnutls_mac_algorithm_t,
Packit Service 4684c1 
			     const void *key, size_t keysize,
Packit Service 4684c1 
			     const void *salt, size_t saltsize,
Packit Service 4684c1 
			     void *output);
Packit Service 4684c1 
	int (*hkdf_expand) (gnutls_mac_algorithm_t,
Packit Service 4684c1 
			    const void *key, size_t keysize,
Packit Service 4684c1 
			    const void *info, size_t infosize,
Packit Service 4684c1 
			    void *output, size_t length);
Packit Service 4684c1 
	int (*pbkdf2) (gnutls_mac_algorithm_t,
Packit Service 4684c1 
		       const void *key, size_t keysize,
Packit Service 4684c1 
		       const void *salt, size_t saltsize,
Packit Service 4684c1 
		       unsigned iter_count,
Packit Service 4684c1 
		       void *output, size_t length);
Packit Service 4684c1 
} gnutls_crypto_kdf_st;
Packit Service 4684c1
Packit Service 4684c1 
typedef struct gnutls_crypto_rnd {
Packit Service 4684c1 
	int (*init) (void **ctx); /* called prior to first usage of randomness */
Packit Service 4684c1 
	int (*rnd) (void *ctx, int level, void *data, size_t datasize);
Packit Service 4684c1 
	void (*rnd_refresh) (void *ctx);
Packit Service 4684c1 
	void (*deinit) (void *ctx);
Packit Service 4684c1 
	int (*self_test) (void); /* this should not require rng initialization */
Packit Service 4684c1 
} gnutls_crypto_rnd_st;
Packit Service 4684c1
Packit Service 4684c1 
typedef void *bigint_t;
Packit Service 4684c1
Packit Service 4684c1 
/**
Packit Service 4684c1 
 * gnutls_bigint_format_t:
Packit Service 4684c1 
 * @GNUTLS_MPI_FORMAT_USG: Raw unsigned integer format.
Packit Service 4684c1 
 * @GNUTLS_MPI_FORMAT_STD: Raw signed integer format, always a leading
Packit Service 4684c1 
 *   zero when positive.
Packit Service 4684c1 
 *
Packit Service 4684c1 
 * Enumeration of different bignum integer encoding formats.
Packit Service 4684c1 
 */
Packit Service 4684c1 
typedef enum {
Packit Service 4684c1 
	/* raw unsigned integer format */
Packit Service 4684c1 
	GNUTLS_MPI_FORMAT_USG = 0,
Packit Service 4684c1 
	/* raw signed integer format - always a leading zero when positive */
Packit Service 4684c1 
	GNUTLS_MPI_FORMAT_STD = 1,
Packit Service 4684c1 
	/* raw unsigned integer format, little endian format */
Packit Service 4684c1 
	GNUTLS_MPI_FORMAT_ULE = 2
Packit Service 4684c1 
} gnutls_bigint_format_t;
Packit Service 4684c1
Packit Service 4684c1 
/* Multi precision integer arithmetic */
Packit Service 4684c1 
typedef struct gnutls_crypto_bigint {
Packit Service 4684c1 
	int (*bigint_init) (bigint_t*);
Packit Service 4684c1 
	int (*bigint_init_multi) (bigint_t*, ...);
Packit Service 4684c1 
	void (*bigint_release) (bigint_t n);
Packit Service 4684c1 
	void (*bigint_clear) (bigint_t n);	/* zeros the int */
Packit Service 4684c1 
	/* 0 for equality, > 0 for m1>m2, < 0 for m1
Packit Service 4684c1 
	int (*bigint_cmp) (const bigint_t m1, const bigint_t m2);
Packit Service 4684c1 
	/* as bigint_cmp */
Packit Service 4684c1 
	int (*bigint_cmp_ui) (const bigint_t m1, unsigned long m2);
Packit Service 4684c1 
	/* r = a % b */
Packit Service 4684c1 
	int (*bigint_modm) (bigint_t r, const bigint_t a, const bigint_t b);
Packit Service 4684c1 
	/* a = b -> ret == a */
Packit Service 4684c1 
	int (*bigint_set) (bigint_t a, const bigint_t b);
Packit Service 4684c1 
	bigint_t (*bigint_copy) (const bigint_t a);
Packit Service 4684c1 
	/* a = b -> ret == a */
Packit Service 4684c1 
	int (*bigint_set_ui) (bigint_t a, unsigned long b);
Packit Service 4684c1 
	unsigned int (*bigint_get_nbits) (const bigint_t a);
Packit Service 4684c1 
	/* w = b ^ e mod m */
Packit Service 4684c1 
	int (*bigint_powm) (bigint_t w, const bigint_t b,
Packit Service 4684c1 
				 const bigint_t e, const bigint_t m);
Packit Service 4684c1 
	/* w = a + b mod m */
Packit Service 4684c1 
	int (*bigint_addm) (bigint_t w, const bigint_t a,
Packit Service 4684c1 
				 const bigint_t b, const bigint_t m);
Packit Service 4684c1 
	/* w = a - b mod m */
Packit Service 4684c1 
	int (*bigint_subm) (bigint_t w, const bigint_t a,
Packit Service 4684c1 
				 const bigint_t b, const bigint_t m);
Packit Service 4684c1 
	/* w = a * b mod m */
Packit Service 4684c1 
	int (*bigint_mulm) (bigint_t w, const bigint_t a,
Packit Service 4684c1 
				 const bigint_t b, const bigint_t m);
Packit Service 4684c1 
	/* w = a + b */ int (*bigint_add) (bigint_t w,
Packit Service 4684c1 
					       const bigint_t a,
Packit Service 4684c1 
					       const bigint_t b);
Packit Service 4684c1 
	/* w = a - b */ int (*bigint_sub) (bigint_t w,
Packit Service 4684c1 
					       const bigint_t a,
Packit Service 4684c1 
					       const bigint_t b);
Packit Service 4684c1 
	/* w = a * b */
Packit Service 4684c1 
	int (*bigint_mul) (bigint_t w, const bigint_t a,
Packit Service 4684c1 
				const bigint_t b);
Packit Service 4684c1 
	/* w = a + b */
Packit Service 4684c1 
	int (*bigint_add_ui) (bigint_t w, const bigint_t a,
Packit Service 4684c1 
				   unsigned long b);
Packit Service 4684c1 
	/* w = a - b */
Packit Service 4684c1 
	int (*bigint_sub_ui) (bigint_t w, const bigint_t a,
Packit Service 4684c1 
				   unsigned long b);
Packit Service 4684c1 
	/* w = a * b */
Packit Service 4684c1 
	int (*bigint_mul_ui) (bigint_t w, const bigint_t a,
Packit Service 4684c1 
				   unsigned long b);
Packit Service 4684c1 
	/* q = a / b */
Packit Service 4684c1 
	int (*bigint_div) (bigint_t q, const bigint_t a,
Packit Service 4684c1 
				const bigint_t b);
Packit Service 4684c1 
	/* 0 if prime */
Packit Service 4684c1 
	int (*bigint_prime_check) (const bigint_t pp);
Packit Service 4684c1
Packit Service 4684c1 
	/* reads a bigint from a buffer */
Packit Service 4684c1 
	/* stores a bigint into the buffer.  returns
Packit Service 4684c1 
	 * GNUTLS_E_SHORT_MEMORY_BUFFER if buf_size is not sufficient to
Packit Service 4684c1 
	 * store this integer, and updates the buf_size;
Packit Service 4684c1 
	 */
Packit Service 4684c1 
	int (*bigint_scan) (bigint_t m, const void *buf, size_t buf_size,
Packit Service 4684c1 
				 gnutls_bigint_format_t format);
Packit Service 4684c1 
	int (*bigint_print) (const bigint_t a, void *buf,
Packit Service 4684c1 
			     size_t * buf_size,
Packit Service 4684c1 
			     gnutls_bigint_format_t format);
Packit Service 4684c1 
} gnutls_crypto_bigint_st;
Packit Service 4684c1
Packit Service 4684c1 
/* Additional information about the public key, filled from
Packit Service 4684c1 
 * SubjectPublicKeyInfo parameters. When there are no parameters,
Packit Service 4684c1 
 * the pk field will be set to GNUTLS_PK_UNKNOWN.
Packit Service 4684c1 
 */
Packit Service 4684c1 
typedef struct gnutls_x509_spki_st {
Packit Service 4684c1 
	/* We can have a key which is of type RSA, but a certificate
Packit Service 4684c1 
	 * of type RSA-PSS; the value here will be the expected value
Packit Service 4684c1 
	 * for signatures (i.e., RSA-PSS) */
Packit Service 4684c1 
	gnutls_pk_algorithm_t pk;
Packit Service 4684c1
Packit Service 4684c1 
	/* the digest used by RSA-PSS */
Packit Service 4684c1 
	gnutls_digest_algorithm_t rsa_pss_dig;
Packit Service 4684c1
Packit Service 4684c1 
	/* the size of salt used by RSA-PSS */
Packit Service 4684c1 
	unsigned int salt_size;
Packit Service 4684c1
Packit Service 4684c1 
	/* if non-zero, the legacy value for PKCS#7 signatures will be
Packit Service 4684c1 
	 * written for RSA signatures. */
Packit Service 4684c1 
	unsigned int legacy;
Packit Service 4684c1
Packit Service 4684c1 
	/* the digest used by ECDSA/DSA */
Packit Service 4684c1 
	gnutls_digest_algorithm_t dsa_dig;
Packit Service 4684c1
Packit Service 4684c1 
	/* flags may include GNUTLS_PK_FLAG_REPRODUCIBLE for
Packit Service 4684c1 
	 * deterministic ECDSA/DSA */
Packit Service 4684c1 
	unsigned int flags;
Packit Service 4684c1 
} gnutls_x509_spki_st;
Packit Service 4684c1
Packit Service 4684c1 
#define GNUTLS_MAX_PK_PARAMS 16
Packit Service 4684c1
Packit Service 4684c1 
typedef struct {
Packit Service 4684c1 
	bigint_t params[GNUTLS_MAX_PK_PARAMS];
Packit Service 4684c1 
	unsigned int params_nr;	/* the number of parameters */
Packit Service 4684c1 
	unsigned int pkflags; /* gnutls_pk_flag_t */
Packit Service 4684c1 
	unsigned int qbits; /* GNUTLS_PK_DH */
Packit Service 4684c1 
	gnutls_ecc_curve_t curve; /* GNUTLS_PK_EC, GNUTLS_PK_ED25519, GNUTLS_PK_GOST* */
Packit Service 4684c1 
	gnutls_group_t dh_group; /* GNUTLS_PK_DH - used by ext/key_share */
Packit Service 4684c1 
	gnutls_gost_paramset_t gost_params; /* GNUTLS_PK_GOST_* */
Packit Service 4684c1 
	gnutls_datum_t raw_pub; /* used by x25519 */
Packit Service 4684c1 
	gnutls_datum_t raw_priv;
Packit Service 4684c1
Packit Service 4684c1 
	unsigned int seed_size;
Packit Service 4684c1 
	uint8_t seed[MAX_PVP_SEED_SIZE];
Packit Service 4684c1 
	gnutls_digest_algorithm_t palgo;
Packit Service 4684c1 
	/* public key information */
Packit Service 4684c1 
	gnutls_x509_spki_st spki;
Packit Service 4684c1
Packit Service 4684c1 
	gnutls_pk_algorithm_t algo;
Packit Service 4684c1 
} gnutls_pk_params_st;
Packit Service 4684c1
Packit Service 4684c1 
/**
Packit Service 4684c1 
 * gnutls_pk_flag_t:
Packit Service 4684c1 
 * @GNUTLS_PK_FLAG_NONE: No flag.
Packit Service 4684c1 
 *
Packit Service 4684c1 
 * Enumeration of public-key flag.
Packit Service 4684c1 
 */
Packit Service 4684c1 
typedef enum {
Packit Service 4684c1 
	GNUTLS_PK_FLAG_NONE = 0,
Packit Service 4684c1 
	GNUTLS_PK_FLAG_PROVABLE = 1,
Packit Service 4684c1 
	GNUTLS_PK_FLAG_REPRODUCIBLE = 2
Packit Service 4684c1 
} gnutls_pk_flag_t;
Packit Service 4684c1
Packit Service 4684c1 
#define FIX_SIGN_PARAMS(params, flags, dig) do {		\
Packit Service 4684c1 
	if ((flags) & GNUTLS_PRIVKEY_FLAG_REPRODUCIBLE) {	\
Packit Service 4684c1 
		(params).flags |= GNUTLS_PK_FLAG_REPRODUCIBLE;	\
Packit Service 4684c1 
		(params).dsa_dig = (dig);			\
Packit Service 4684c1 
	}							\
Packit Service 4684c1 
} while (0)
Packit Service 4684c1
Packit Service 4684c1 
void gnutls_pk_params_release(gnutls_pk_params_st * p);
Packit Service 4684c1 
void gnutls_pk_params_clear(gnutls_pk_params_st * p);
Packit Service 4684c1 
void gnutls_pk_params_init(gnutls_pk_params_st * p);
Packit Service 4684c1
Packit Service 4684c1
Packit Service 4684c1 
#define MAX_PUBLIC_PARAMS_SIZE 4	/* ok for RSA and DSA */
Packit Service 4684c1
Packit Service 4684c1 
/* parameters should not be larger than this limit */
Packit Service 4684c1 
#define DSA_PUBLIC_PARAMS 4
Packit Service 4684c1 
#define DH_PUBLIC_PARAMS 4
Packit Service 4684c1 
#define RSA_PUBLIC_PARAMS 2
Packit Service 4684c1 
#define ECC_PUBLIC_PARAMS 2
Packit Service 4684c1 
#define GOST_PUBLIC_PARAMS 2
Packit Service 4684c1
Packit Service 4684c1
Packit Service 4684c1 
#define MAX_PRIV_PARAMS_SIZE GNUTLS_MAX_PK_PARAMS	/* ok for RSA and DSA */
Packit Service 4684c1
Packit Service 4684c1 
/* parameters should not be larger than this limit */
Packit Service 4684c1 
#define DSA_PRIVATE_PARAMS 5
Packit Service 4684c1 
#define DH_PRIVATE_PARAMS 5
Packit Service 4684c1 
#define RSA_PRIVATE_PARAMS 8
Packit Service 4684c1 
#define ECC_PRIVATE_PARAMS 3
Packit Service 4684c1 
#define GOST_PRIVATE_PARAMS 3
Packit Service 4684c1
Packit Service 4684c1 
#if MAX_PRIV_PARAMS_SIZE - RSA_PRIVATE_PARAMS < 0
Packit Service 4684c1 
#error INCREASE MAX_PRIV_PARAMS
Packit Service 4684c1 
#endif
Packit Service 4684c1
Packit Service 4684c1 
#if MAX_PRIV_PARAMS_SIZE - ECC_PRIVATE_PARAMS < 0
Packit Service 4684c1 
#error INCREASE MAX_PRIV_PARAMS
Packit Service 4684c1 
#endif
Packit Service 4684c1
Packit Service 4684c1 
#if MAX_PRIV_PARAMS_SIZE - GOST_PRIVATE_PARAMS < 0
Packit Service 4684c1 
#error INCREASE MAX_PRIV_PARAMS
Packit Service 4684c1 
#endif
Packit Service 4684c1
Packit Service 4684c1 
#if MAX_PRIV_PARAMS_SIZE - DSA_PRIVATE_PARAMS < 0
Packit Service 4684c1 
#error INCREASE MAX_PRIV_PARAMS
Packit Service 4684c1 
#endif
Packit Service 4684c1
Packit Service 4684c1
Packit Service 4684c1 
/* params are:
Packit Service 4684c1 
 * RSA:
Packit Service 4684c1 
 *  [0] is modulus
Packit Service 4684c1 
 *  [1] is public exponent
Packit Service 4684c1 
 *  [2] is private exponent (private key only)
Packit Service 4684c1 
 *  [3] is prime1 (p) (private key only)
Packit Service 4684c1 
 *  [4] is prime2 (q) (private key only)
Packit Service 4684c1 
 *  [5] is coefficient (u == inverse of p mod q) (private key only)
Packit Service 4684c1 
 *  [6] e1 == d mod (p-1)
Packit Service 4684c1 
 *  [7] e2 == d mod (q-1)
Packit Service 4684c1 
 *
Packit Service 4684c1 
 *  note that for libgcrypt that does not use the inverse of q mod p,
Packit Service 4684c1 
 *  we need to perform conversions using fixup_params().
Packit Service 4684c1 
 *
Packit Service 4684c1 
 * DSA:
Packit Service 4684c1 
 *  [0] is p
Packit Service 4684c1 
 *  [1] is q
Packit Service 4684c1 
 *  [2] is g
Packit Service 4684c1 
 *  [3] is y (public key)
Packit Service 4684c1 
 *  [4] is x (private key only)
Packit Service 4684c1 
 *
Packit Service 4684c1 
 * DH: as DSA
Packit Service 4684c1 
 *
Packit Service 4684c1 
 * ECC:
Packit Service 4684c1 
 *  [0] is prime
Packit Service 4684c1 
 *  [1] is order
Packit Service 4684c1 
 *  [2] is A
Packit Service 4684c1 
 *  [3] is B
Packit Service 4684c1 
 *  [4] is Gx
Packit Service 4684c1 
 *  [5] is Gy
Packit Service 4684c1 
 *  [6] is x
Packit Service 4684c1 
 *  [7] is y
Packit Service 4684c1 
 *  [8] is k (private key)
Packit Service 4684c1 
 */
Packit Service 4684c1
Packit Service 4684c1 
#define ECC_X 0
Packit Service 4684c1 
#define ECC_Y 1
Packit Service 4684c1 
#define ECC_K 2
Packit Service 4684c1
Packit Service 4684c1 
#define GOST_X 0
Packit Service 4684c1 
#define GOST_Y 1
Packit Service 4684c1 
#define GOST_K 2
Packit Service 4684c1
Packit Service 4684c1 
#define DSA_P 0
Packit Service 4684c1 
#define DSA_Q 1
Packit Service 4684c1 
#define DSA_G 2
Packit Service 4684c1 
#define DSA_Y 3
Packit Service 4684c1 
#define DSA_X 4
Packit Service 4684c1
Packit Service 4684c1 
#define DH_P 0
Packit Service 4684c1 
#define DH_Q 1
Packit Service 4684c1 
#define DH_G 2
Packit Service 4684c1 
#define DH_Y 3
Packit Service 4684c1 
#define DH_X 4
Packit Service 4684c1
Packit Service 4684c1 
#define RSA_MODULUS 0
Packit Service 4684c1 
#define RSA_PUB 1
Packit Service 4684c1 
#define RSA_PRIV 2
Packit Service 4684c1 
#define RSA_PRIME1 3
Packit Service 4684c1 
#define RSA_PRIME2 4
Packit Service 4684c1 
#define RSA_COEF 5
Packit Service 4684c1 
#define RSA_E1 6
Packit Service 4684c1 
#define RSA_E2 7
Packit Service 4684c1
Packit Service 4684c1 
/**
Packit Service 4684c1 
 * gnutls_direction_t:
Packit Service 4684c1 
 * @GNUTLS_IMPORT: Import direction.
Packit Service 4684c1 
 * @GNUTLS_EXPORT: Export direction.
Packit Service 4684c1 
 *
Packit Service 4684c1 
 * Enumeration of different directions.
Packit Service 4684c1 
 */
Packit Service 4684c1 
typedef enum {
Packit Service 4684c1 
	GNUTLS_IMPORT = 0,
Packit Service 4684c1 
	GNUTLS_EXPORT = 1
Packit Service 4684c1 
} gnutls_direction_t;
Packit Service 4684c1
Packit Service 4684c1 
/* Public key algorithms */
Packit Service 4684c1 
typedef struct gnutls_crypto_pk {
Packit Service 4684c1 
	/* The params structure should contain the private or public key
Packit Service 4684c1 
	 * parameters, depending on the operation */
Packit Service 4684c1 
	int (*encrypt) (gnutls_pk_algorithm_t, gnutls_datum_t * ciphertext,
Packit Service 4684c1 
			const gnutls_datum_t * plaintext,
Packit Service 4684c1 
			const gnutls_pk_params_st * pub);
Packit Service 4684c1 
	int (*decrypt) (gnutls_pk_algorithm_t,
Packit Service 4684c1 
                        gnutls_datum_t * plaintext,
Packit Service 4684c1 
			const gnutls_datum_t * ciphertext,
Packit Service 4684c1 
			const gnutls_pk_params_st * priv);
Packit Service 4684c1 
	int (*decrypt2) (gnutls_pk_algorithm_t,
Packit Service 4684c1 
			 const gnutls_datum_t * ciphertext,
Packit Service 4684c1 
                         unsigned char * plaintext,
Packit Service 4684c1 
                         size_t paintext_size,
Packit Service 4684c1 
			 const gnutls_pk_params_st * priv);
Packit Service 4684c1 
	int (*sign) (gnutls_pk_algorithm_t, gnutls_datum_t * signature,
Packit Service 4684c1 
		     const gnutls_datum_t * data,
Packit Service 4684c1 
		     const gnutls_pk_params_st *priv,
Packit Service 4684c1 
		     const gnutls_x509_spki_st *sign);
Packit Service 4684c1 
	int (*verify) (gnutls_pk_algorithm_t, const gnutls_datum_t * data,
Packit Service 4684c1 
		       const gnutls_datum_t * sig,
Packit Service 4684c1 
		       const gnutls_pk_params_st *pub,
Packit Service 4684c1 
		       const gnutls_x509_spki_st *sign);
Packit Service 4684c1 
	/* sanity checks the public key parameters */
Packit Service 4684c1 
	int (*verify_priv_params) (gnutls_pk_algorithm_t,
Packit Service 4684c1 
			      const gnutls_pk_params_st * priv);
Packit Service 4684c1 
	int (*verify_pub_params) (gnutls_pk_algorithm_t,
Packit Service 4684c1 
			      const gnutls_pk_params_st * pub);
Packit Service 4684c1 
	int (*generate_keys) (gnutls_pk_algorithm_t, unsigned int nbits,
Packit Service 4684c1 
			 gnutls_pk_params_st *, unsigned ephemeral);
Packit Service 4684c1 
	int (*generate_params) (gnutls_pk_algorithm_t, unsigned int nbits,
Packit Service 4684c1 
			 gnutls_pk_params_st *);
Packit Service 4684c1 
	/* this function should convert params to ones suitable
Packit Service 4684c1 
	 * for the above functions
Packit Service 4684c1 
	 */
Packit Service 4684c1 
	int (*pk_fixup_private_params) (gnutls_pk_algorithm_t,
Packit Service 4684c1 
					gnutls_direction_t,
Packit Service 4684c1 
					gnutls_pk_params_st *);
Packit Service 4684c1 
#define PK_DERIVE_TLS13 1
Packit Service 4684c1 
	int (*derive) (gnutls_pk_algorithm_t, gnutls_datum_t * out,
Packit Service 4684c1 
		       const gnutls_pk_params_st * priv,
Packit Service 4684c1 
		       const gnutls_pk_params_st * pub,
Packit Service 4684c1 
		       const gnutls_datum_t *nonce,
Packit Service 4684c1 
		       unsigned int flags);
Packit Service 4684c1
Packit Service 4684c1 
	int (*curve_exists) (gnutls_ecc_curve_t);	/* true/false */
Packit Service 4684c1 
} gnutls_crypto_pk_st;
Packit Service 4684c1
Packit Service 4684c1 
/* priority: infinity for backend algorithms, 90 for kernel
Packit Service 4684c1 
   algorithms, lowest wins
Packit Service 4684c1 
 */
Packit Service 4684c1 
int gnutls_crypto_single_cipher_register(gnutls_cipher_algorithm_t
Packit Service 4684c1 
					 algorithm, int priority,
Packit Service 4684c1 
					 const gnutls_crypto_single_cipher_st *s,
Packit Service 4684c1 
					 int free_s);
Packit Service 4684c1 
int gnutls_crypto_single_mac_register(gnutls_mac_algorithm_t algorithm,
Packit Service 4684c1 
				      int priority,
Packit Service 4684c1 
				      const gnutls_crypto_single_mac_st *
Packit Service 4684c1 
				      s, int free_s);
Packit Service 4684c1 
int gnutls_crypto_single_digest_register(gnutls_digest_algorithm_t
Packit Service 4684c1 
					 algorithm, int priority,
Packit Service 4684c1 
					 const
Packit Service 4684c1 
					 gnutls_crypto_single_digest_st *
Packit Service 4684c1 
					 s, int free_s);
Packit Service 4684c1
Packit Service 4684c1 
int gnutls_crypto_rnd_register(int priority,
Packit Service 4684c1 
			       const gnutls_crypto_rnd_st * s);
Packit Service 4684c1 
int gnutls_crypto_pk_register(int priority, const gnutls_crypto_pk_st * s);
Packit Service 4684c1 
int gnutls_crypto_bigint_register(int priority,
Packit Service 4684c1 
				  const gnutls_crypto_bigint_st * s);
Packit Service 4684c1
Packit Service 4684c1 
/* Provided by crypto-backend */
Packit Service 4684c1 
int
Packit Service 4684c1 
_gnutls_prf_raw(gnutls_mac_algorithm_t mac,
Packit Service 4684c1 
		size_t master_size, const void *master,
Packit Service 4684c1 
		size_t label_size, const char *label,
Packit Service 4684c1 
		size_t seed_size, const uint8_t *seed, size_t outsize,
Packit Service 4684c1 
		char *out);
Packit Service 4684c1
Packit Service 4684c1 
int _gnutls_gost_key_wrap(gnutls_gost_paramset_t gost_params,
Packit Service 4684c1 
			  const gnutls_datum_t *kek,
Packit Service 4684c1 
			  const gnutls_datum_t *ukm,
Packit Service 4684c1 
			  const gnutls_datum_t *cek,
Packit Service 4684c1 
			  gnutls_datum_t *enc,
Packit Service 4684c1 
			  gnutls_datum_t *imit);
Packit Service 4684c1
Packit Service 4684c1 
int _gnutls_gost_key_unwrap(gnutls_gost_paramset_t gost_params,
Packit Service 4684c1 
			    const gnutls_datum_t *kek,
Packit Service 4684c1 
			    const gnutls_datum_t *ukm,
Packit Service 4684c1 
			    const gnutls_datum_t *enc,
Packit Service 4684c1 
			    const gnutls_datum_t *imit,
Packit Service 4684c1 
			    gnutls_datum_t *cek);
Packit Service 4684c1
Packit Service 4684c1 
#endif /* GNUTLS_LIB_CRYPTO_BACKEND_H */

Powered by Pagure 5.13.3

SSH Hostkey/Fingerprint | Documentation