rfc3961: Add a kernel rfc3961 implementation
[openafs.git] / src / crypto / rfc3961 / rfc3961.h
1
2 /* This header defines the public interface to a library which implements
3  * RFC3961 crypto on top of an existing EVP layer. It is created using
4  * selected bits of Heimdal's libkrb5.
5  */
6
7 typedef int krb5_error_code;
8 typedef int krb5_key_usage;
9 typedef struct _krb5_context * krb5_context;
10
11 typedef struct {
12     size_t length;
13     void *data;
14 } heim_octet_string;
15
16 typedef heim_octet_string krb5_data;
17
18 typedef struct {
19   int keytype;
20   heim_octet_string keyvalue;
21 } krb5_keyblock;
22
23 typedef struct krb5_crypto_data *krb5_crypto;
24
25 typedef enum CKSUMTYPE {
26   CKSUMTYPE_NONE = 0,
27   CKSUMTYPE_CRC32 = 1,
28   CKSUMTYPE_RSA_MD4 = 2,
29   CKSUMTYPE_RSA_MD4_DES = 3,
30   CKSUMTYPE_DES_MAC = 4,
31   CKSUMTYPE_DES_MAC_K = 5,
32   CKSUMTYPE_RSA_MD4_DES_K = 6,
33   CKSUMTYPE_RSA_MD5 = 7,
34   CKSUMTYPE_RSA_MD5_DES = 8,
35   CKSUMTYPE_RSA_MD5_DES3 = 9,
36   CKSUMTYPE_SHA1_OTHER = 10,
37   CKSUMTYPE_HMAC_SHA1_DES3 = 12,
38   CKSUMTYPE_SHA1 = 14,
39   CKSUMTYPE_HMAC_SHA1_96_AES_128 = 15,
40   CKSUMTYPE_HMAC_SHA1_96_AES_256 = 16,
41   CKSUMTYPE_GSSAPI = 32771,
42   CKSUMTYPE_HMAC_MD5 = -138,
43   CKSUMTYPE_HMAC_MD5_ENC = -1138
44 } CKSUMTYPE;
45
46 typedef struct Checksum {
47   CKSUMTYPE cksumtype;
48   heim_octet_string checksum;
49 } Checksum;
50
51 typedef int krb5_cksumtype;
52
53 typedef enum ENCTYPE {
54   ETYPE_NULL = 0,
55   ETYPE_DES_CBC_CRC = 1,
56   ETYPE_DES_CBC_MD4 = 2,
57   ETYPE_DES_CBC_MD5 = 3,
58   ETYPE_DES3_CBC_MD5 = 5,
59   ETYPE_OLD_DES3_CBC_SHA1 = 7,
60   ETYPE_SIGN_DSA_GENERATE = 8,
61   ETYPE_ENCRYPT_RSA_PRIV = 9,
62   ETYPE_ENCRYPT_RSA_PUB = 10,
63   ETYPE_DES3_CBC_SHA1 = 16,
64   ETYPE_AES128_CTS_HMAC_SHA1_96 = 17,
65   ETYPE_AES256_CTS_HMAC_SHA1_96 = 18,
66   ETYPE_ARCFOUR_HMAC_MD5 = 23,
67   ETYPE_ARCFOUR_HMAC_MD5_56 = 24,
68   ETYPE_ENCTYPE_PK_CROSS = 48,
69   ETYPE_ARCFOUR_MD4 = -128,
70   ETYPE_ARCFOUR_HMAC_OLD = -133,
71   ETYPE_ARCFOUR_HMAC_OLD_EXP = -135,
72   ETYPE_DES_CBC_NONE = -4096,
73   ETYPE_DES3_CBC_NONE = -4097,
74   ETYPE_DES_CFB64_NONE = -4098,
75   ETYPE_DES_PCBC_NONE = -4099,
76   ETYPE_DIGEST_MD5_NONE = -4100,
77   ETYPE_CRAM_MD5_NONE = -4101
78 } ENCTYPE;
79
80 enum {
81   ENCTYPE_NULL          = ETYPE_NULL
82 };
83
84 typedef ENCTYPE krb5_enctype;
85
86 krb5_error_code krb5_init_context(krb5_context *context);
87
88 krb5_error_code krb5_enctype_valid(krb5_context, krb5_enctype);
89
90 krb5_error_code krb5_crypto_init(krb5_context context,
91                                  const krb5_keyblock *key,
92                                  krb5_enctype etype,
93                                  krb5_crypto *crypto);
94
95 krb5_error_code krb5_crypto_destroy(krb5_context context,
96                                     krb5_crypto crypto);
97
98 krb5_error_code krb5_encrypt(krb5_context context,
99                              krb5_crypto crypto,
100                              unsigned usage,
101                              const void *data,
102                              size_t len,
103                              krb5_data *result);
104
105 krb5_error_code krb5_decrypt(krb5_context context,
106                              krb5_crypto crypto,
107                              unsigned usage,
108                              void *data,
109                              size_t len,
110                              krb5_data *result);
111
112 krb5_error_code krb5_enctype_keybits(krb5_context context,
113                                      krb5_enctype type,
114                                      size_t *keybits);
115
116 void krb5_data_free(krb5_data *p);
117
118 krb5_error_code krb5_data_alloc(krb5_data *p, int len);
119
120 void krb5_free_keyblock_contents(krb5_context context,
121                                  krb5_keyblock *keyblock);
122
123 krb5_error_code krb5_crypto_prf(krb5_context context,
124                                 const krb5_crypto crypto,
125                                 const krb5_data *input,
126                                 krb5_data *output);
127
128 krb5_error_code krb5_generate_random_block(void *buf, size_t len);
129
130 krb5_error_code krb5_random_to_key(krb5_context context,
131                                    krb5_enctype type,
132                                    const void *data,
133                                    size_t size,
134                                    krb5_keyblock *key);
135
136 size_t krb5_crypto_overhead (krb5_context context,
137                              krb5_crypto crypto);
138
139 krb5_error_code krb5_crypto_get_checksum_type (krb5_context context,
140                                                krb5_crypto crypto,
141                                                krb5_cksumtype *type);
142 krb5_error_code krb5_checksumsize (krb5_context context,
143                                    krb5_cksumtype type,
144                                    size_t *size);
145
146 krb5_error_code krb5_create_checksum (krb5_context context,
147                                       krb5_crypto crypto,
148                                       krb5_key_usage usage,
149                                       int type,
150                                       void *data,
151                                       size_t len,
152                                       Checksum *result);
153
154 krb5_error_code krb5_verify_checksum (krb5_context context,
155                                       krb5_crypto crypto,
156                                       krb5_key_usage usage,
157                                       void *data,
158                                       size_t len,
159                                       Checksum *cksum);
160
161 void free_Checksum(Checksum *data);