|
Packit Service |
0210bb |
/*
|
|
Packit Service |
0210bb |
* COPYRIGHT (c) International Business Machines Corp. 2001-2017
|
|
Packit Service |
0210bb |
*
|
|
Packit Service |
0210bb |
* This program is provided under the terms of the Common Public License,
|
|
Packit Service |
0210bb |
* version 1.0 (CPL-1.0). Any use, reproduction or distribution for this
|
|
Packit Service |
0210bb |
* software constitutes recipient's acceptance of CPL-1.0 terms which can be
|
|
Packit Service |
0210bb |
* found in the file LICENSE file or at
|
|
Packit Service |
0210bb |
* https://opensource.org/licenses/cpl1.0.php
|
|
Packit Service |
0210bb |
*/
|
|
Packit Service |
0210bb |
|
|
Packit Service |
0210bb |
// File: defs.h
|
|
Packit Service |
0210bb |
//
|
|
Packit Service |
0210bb |
// Contains various definitions needed by both the host-side
|
|
Packit Service |
0210bb |
// and coprocessor-side code.
|
|
Packit Service |
0210bb |
//
|
|
Packit Service |
0210bb |
|
|
Packit Service |
0210bb |
#ifndef _DEFS_H
|
|
Packit Service |
0210bb |
#define _DEFS_H
|
|
Packit Service |
0210bb |
|
|
Packit Service |
0210bb |
#define MAX_SESSION_COUNT 64
|
|
Packit Service |
0210bb |
#define MAX_PIN_LEN 8
|
|
Packit Service |
0210bb |
#define MIN_PIN_LEN 4
|
|
Packit Service |
0210bb |
|
|
Packit Service |
0210bb |
#ifndef MIN
|
|
Packit Service |
0210bb |
#define MIN(a, b) ((a) < (b) ? (a) : (b))
|
|
Packit Service |
0210bb |
#endif
|
|
Packit Service |
0210bb |
#ifndef MAX
|
|
Packit Service |
0210bb |
#define MAX(a, b) ((a) > (b) ? (a) : (b))
|
|
Packit Service |
0210bb |
#endif
|
|
Packit Service |
0210bb |
|
|
Packit Service |
0210bb |
#define UNUSED(var) ((void)(var))
|
|
Packit Service |
0210bb |
|
|
Packit Service |
0210bb |
// the following constants are used for sccSignOn
|
|
Packit Service |
0210bb |
//
|
|
Packit Service |
0210bb |
#define PKCS_11_PRG_ID "pkcs11 2.01"
|
|
Packit Service |
0210bb |
#define PKCS_11_DEVELOPER_ID 0xE
|
|
Packit Service |
0210bb |
#define PKCS_11_VERSION 1
|
|
Packit Service |
0210bb |
#define PKCS_11_INSTANCE 0
|
|
Packit Service |
0210bb |
#define PKCS_11_QUEUE 0
|
|
Packit Service |
0210bb |
|
|
Packit Service |
0210bb |
// the following are "boolean" attributes
|
|
Packit Service |
0210bb |
//
|
|
Packit Service |
0210bb |
#define CKA_IBM_TWEAK_ALLOW_KEYMOD 0x80000001
|
|
Packit Service |
0210bb |
#define CKA_IBM_TWEAK_ALLOW_WEAK_DES 0x80000002
|
|
Packit Service |
0210bb |
#define CKA_IBM_TWEAK_DES_PARITY_CHK 0x80000003
|
|
Packit Service |
0210bb |
#define CKA_IBM_TWEAK_NETSCAPE 0x80000004
|
|
Packit Service |
0210bb |
|
|
Packit Service |
0210bb |
#define MODE_COPY (1 << 0)
|
|
Packit Service |
0210bb |
#define MODE_CREATE (1 << 1)
|
|
Packit Service |
0210bb |
#define MODE_KEYGEN (1 << 2)
|
|
Packit Service |
0210bb |
#define MODE_MODIFY (1 << 3)
|
|
Packit Service |
0210bb |
#define MODE_DERIVE (1 << 4)
|
|
Packit Service |
0210bb |
#define MODE_UNWRAP (1 << 5)
|
|
Packit Service |
0210bb |
|
|
Packit Service |
0210bb |
// RSA block formatting types
|
|
Packit Service |
0210bb |
//
|
|
Packit Service |
0210bb |
#define PKCS_BT_1 1
|
|
Packit Service |
0210bb |
#define PKCS_BT_2 2
|
|
Packit Service |
0210bb |
|
|
Packit Service |
0210bb |
#define OP_ENCRYPT_INIT 1
|
|
Packit Service |
0210bb |
#define OP_DECRYPT_INIT 2
|
|
Packit Service |
0210bb |
#define OP_WRAP 3
|
|
Packit Service |
0210bb |
#define OP_UNWRAP 4
|
|
Packit Service |
0210bb |
#define OP_SIGN_INIT 5
|
|
Packit Service |
0210bb |
#define OP_VERIFY_INIT 6
|
|
Packit Service |
0210bb |
|
|
Packit Service |
0210bb |
// saved-state identifiers
|
|
Packit Service |
0210bb |
//
|
|
Packit Service |
0210bb |
enum {
|
|
Packit Service |
0210bb |
STATE_INVALID = 0,
|
|
Packit Service |
0210bb |
STATE_ENCR,
|
|
Packit Service |
0210bb |
STATE_DECR,
|
|
Packit Service |
0210bb |
STATE_DIGEST,
|
|
Packit Service |
0210bb |
STATE_SIGN,
|
|
Packit Service |
0210bb |
STATE_VERIFY
|
|
Packit Service |
0210bb |
};
|
|
Packit Service |
0210bb |
|
|
Packit Service |
0210bb |
|
|
Packit Service |
0210bb |
#define ENCRYPT 1
|
|
Packit Service |
0210bb |
#define DECRYPT 0
|
|
Packit Service |
0210bb |
|
|
Packit Service |
0210bb |
#define MAX_RSA_KEYLEN 1920
|
|
Packit Service |
0210bb |
|
|
Packit Service |
0210bb |
#define MAX_AES_KEY_SIZE 64 /* encompasses CCA key size */
|
|
Packit Service |
0210bb |
#define AES_KEY_SIZE_256 32
|
|
Packit Service |
0210bb |
#define AES_KEY_SIZE_192 24
|
|
Packit Service |
0210bb |
#define AES_KEY_SIZE_128 16
|
|
Packit Service |
0210bb |
#define AES_BLOCK_SIZE 16
|
|
Packit Service |
0210bb |
#define AES_INIT_VECTOR_SIZE AES_BLOCK_SIZE
|
|
Packit Service |
0210bb |
#define AES_COUNTER_SIZE 16
|
|
Packit Service |
0210bb |
|
|
Packit Service |
0210bb |
#define MAX_DES_KEY_SIZE 64 /* encompasses CCA key size */
|
|
Packit Service |
0210bb |
#define DES_KEY_SIZE 8
|
|
Packit Service |
0210bb |
#define DES_BLOCK_SIZE 8
|
|
Packit Service |
0210bb |
|
|
Packit Service |
0210bb |
/*
|
|
Packit Service |
0210bb |
* It should be able to keep any kind of key (AES, 3DES, etc) and also
|
|
Packit Service |
0210bb |
* a PBKDF key
|
|
Packit Service |
0210bb |
*/
|
|
Packit Service |
0210bb |
#define MAX_KEY_SIZE 96
|
|
Packit Service |
0210bb |
|
|
Packit Service |
0210bb |
#define SHA1_HASH_SIZE 20
|
|
Packit Service |
0210bb |
#define SHA1_BLOCK_SIZE 64
|
|
Packit Service |
0210bb |
#define SHA1_BLOCK_SIZE_MASK (SHA1_BLOCK_SIZE - 1)
|
|
Packit Service |
0210bb |
#define SHA224_HASH_SIZE 28
|
|
Packit Service |
0210bb |
#define SHA224_BLOCK_SIZE 64
|
|
Packit Service |
0210bb |
#define SHA224_BLOCK_SIZE_MASK (SHA224_BLOCK_SIZE - 1)
|
|
Packit Service |
0210bb |
#define SHA256_HASH_SIZE 32
|
|
Packit Service |
0210bb |
#define SHA256_BLOCK_SIZE 64
|
|
Packit Service |
0210bb |
#define SHA256_BLOCK_SIZE_MASK (SHA256_BLOCK_SIZE - 1)
|
|
Packit Service |
0210bb |
#define SHA384_HASH_SIZE 48
|
|
Packit Service |
0210bb |
#define SHA384_BLOCK_SIZE 128
|
|
Packit Service |
0210bb |
#define SHA384_BLOCK_SIZE_MASK (SHA384_BLOCK_SIZE - 1)
|
|
Packit Service |
0210bb |
#define SHA512_HASH_SIZE 64
|
|
Packit Service |
0210bb |
#define SHA512_BLOCK_SIZE 128
|
|
Packit Service |
0210bb |
#define SHA512_BLOCK_SIZE_MASK (SHA512_BLOCK_SIZE - 1)
|
|
Packit Service |
0210bb |
#define SHA3_224_HASH_SIZE SHA224_HASH_SIZE
|
|
Packit Service |
0210bb |
#define SHA3_224_BLOCK_SIZE 144
|
|
Packit Service |
0210bb |
#define SHA3_224_BLOCK_SIZE_MASK (SHA3_224_BLOCK_SIZE - 1)
|
|
Packit Service |
0210bb |
#define SHA3_256_HASH_SIZE SHA256_HASH_SIZE
|
|
Packit Service |
0210bb |
#define SHA3_256_BLOCK_SIZE 136
|
|
Packit Service |
0210bb |
#define SHA3_256_BLOCK_SIZE_MASK (SHA3_256_BLOCK_SIZE - 1)
|
|
Packit Service |
0210bb |
#define SHA3_384_HASH_SIZE SHA384_HASH_SIZE
|
|
Packit Service |
0210bb |
#define SHA3_384_BLOCK_SIZE 104
|
|
Packit Service |
0210bb |
#define SHA3_384_BLOCK_SIZE_MASK (SHA3_384_BLOCK_SIZE - 1)
|
|
Packit Service |
0210bb |
#define SHA3_512_HASH_SIZE SHA512_HASH_SIZE
|
|
Packit Service |
0210bb |
#define SHA3_512_BLOCK_SIZE 72
|
|
Packit Service |
0210bb |
#define SHA3_512_BLOCK_SIZE_MASK (SHA3_512_BLOCK_SIZE - 1)
|
|
Packit Service |
0210bb |
#define MAX_SHA_HASH_SIZE SHA512_HASH_SIZE
|
|
Packit Service |
0210bb |
#define MAX_SHA_BLOCK_SIZE SHA3_224_BLOCK_SIZE
|
|
Packit Service |
0210bb |
|
|
Packit Service |
0210bb |
#ifndef PATH_MAX
|
|
Packit Service |
0210bb |
#define PATH_MAX 4096
|
|
Packit Service |
0210bb |
#endif
|
|
Packit Service |
0210bb |
|
|
Packit Service |
0210bb |
struct oc_sha_ctx {
|
|
Packit Service |
0210bb |
unsigned char hash[MAX_SHA_HASH_SIZE + 1];
|
|
Packit Service |
0210bb |
unsigned int hash_len;
|
|
Packit Service |
0210bb |
unsigned int hash_blksize;
|
|
Packit Service |
0210bb |
unsigned int tail_len;
|
|
Packit Service |
0210bb |
int message_part;
|
|
Packit Service |
0210bb |
unsigned char tail[MAX_SHA_BLOCK_SIZE];
|
|
Packit Service |
0210bb |
unsigned int dev_ctx_offs;
|
|
Packit Service |
0210bb |
};
|
|
Packit Service |
0210bb |
|
|
Packit Service |
0210bb |
#define MD2_HASH_SIZE 16
|
|
Packit Service |
0210bb |
#define MD2_BLOCK_SIZE 48
|
|
Packit Service |
0210bb |
|
|
Packit Service |
0210bb |
#define MD5_HASH_SIZE 16
|
|
Packit Service |
0210bb |
#define MD5_BLOCK_SIZE 64
|
|
Packit Service |
0210bb |
|
|
Packit Service |
0210bb |
#define DSA_SIGNATURE_SIZE 40
|
|
Packit Service |
0210bb |
|
|
Packit Service |
0210bb |
#define DEFAULT_SO_PIN "87654321"
|
|
Packit Service |
0210bb |
|
|
Packit Service |
0210bb |
#define MAX_TOK_OBJS 2048
|
|
Packit Service |
0210bb |
|
|
Packit Service |
0210bb |
|
|
Packit Service |
0210bb |
typedef enum {
|
|
Packit Service |
0210bb |
ALL = 1,
|
|
Packit Service |
0210bb |
PRIVATE,
|
|
Packit Service |
0210bb |
PUBLIC
|
|
Packit Service |
0210bb |
} SESS_OBJ_TYPE;
|
|
Packit Service |
0210bb |
|
|
Packit Service |
0210bb |
typedef enum {
|
|
Packit Service |
0210bb |
NO_LOCK = 0,
|
|
Packit Service |
0210bb |
READ_LOCK,
|
|
Packit Service |
0210bb |
WRITE_LOCK,
|
|
Packit Service |
0210bb |
} OBJ_LOCK_TYPE;
|
|
Packit Service |
0210bb |
|
|
Packit Service |
0210bb |
typedef struct _DL_NODE {
|
|
Packit Service |
0210bb |
struct _DL_NODE *next;
|
|
Packit Service |
0210bb |
struct _DL_NODE *prev;
|
|
Packit Service |
0210bb |
void *data;
|
|
Packit Service |
0210bb |
} DL_NODE;
|
|
Packit Service |
0210bb |
|
|
Packit Service |
0210bb |
|
|
Packit Service |
0210bb |
// Token local
|
|
Packit Service |
0210bb |
//
|
|
Packit Service |
0210bb |
#define PK_LITE_DIR token_specific.token_directory
|
|
Packit Service |
0210bb |
#define PK_DIR PK_LITE_DIR
|
|
Packit Service |
0210bb |
#define SUB_DIR token_specific.token_subdir
|
|
Packit Service |
0210bb |
#define DBGTAG token_specific.token_debug_tag
|
|
Packit Service |
0210bb |
|
|
Packit Service |
0210bb |
#define PK_LITE_NV "NVTOK.DAT"
|
|
Packit Service |
0210bb |
#define PK_LITE_OBJ_DIR "TOK_OBJ"
|
|
Packit Service |
0210bb |
#define PK_LITE_OBJ_IDX "OBJ.IDX"
|
|
Packit Service |
0210bb |
|
|
Packit Service |
0210bb |
#define DEL_CMD "/bin/rm -f"
|
|
Packit Service |
0210bb |
|
|
Packit Service |
0210bb |
#endif
|