src/crypto/rfc3961/rfc3961.h

   1
   2 /* This header defines the public interface to a library which implements
   3  * RFC3961 crypto on top of an existing EVP layer. It is created using
   4  * selected bits of Heimdal's libkrb5.
   5  */
   6
   7 typedef int krb5_error_code;
   8 typedef int krb5_key_usage;
   9 typedef struct _krb5_context * krb5_context;
  10
  11 typedef struct {
  12     size_t length;
  13     void *data;
  14 } afs_heim_octet_string;
  15
  16 typedef afs_heim_octet_string krb5_data;
  17
  18 typedef struct {
  19   int keytype;
  20   afs_heim_octet_string keyvalue;
  21 } krb5_keyblock;
  22
  23 typedef struct krb5_crypto_data *krb5_crypto;
  24
  25 typedef enum CKSUMTYPE {
  26   CKSUMTYPE_NONE = 0,
  27   CKSUMTYPE_CRC32 = 1,
  28   CKSUMTYPE_RSA_MD4 = 2,
  29   CKSUMTYPE_RSA_MD4_DES = 3,
  30   CKSUMTYPE_DES_MAC = 4,
  31   CKSUMTYPE_DES_MAC_K = 5,
  32   CKSUMTYPE_RSA_MD4_DES_K = 6,
  33   CKSUMTYPE_RSA_MD5 = 7,
  34   CKSUMTYPE_RSA_MD5_DES = 8,
  35   CKSUMTYPE_RSA_MD5_DES3 = 9,
  36   CKSUMTYPE_SHA1_OTHER = 10,
  37   CKSUMTYPE_HMAC_SHA1_DES3 = 12,
  38   CKSUMTYPE_SHA1 = 14,
  39   CKSUMTYPE_HMAC_SHA1_96_AES_128 = 15,
  40   CKSUMTYPE_HMAC_SHA1_96_AES_256 = 16,
  41   CKSUMTYPE_GSSAPI = 32771,
  42   CKSUMTYPE_HMAC_MD5 = -138,
  43   CKSUMTYPE_HMAC_MD5_ENC = -1138
  44 } CKSUMTYPE;
  45
  46 typedef struct Checksum {
  47   CKSUMTYPE cksumtype;
  48   afs_heim_octet_string checksum;
  49 } Checksum;
  50
  51 typedef int krb5_cksumtype;
  52
  53 typedef enum ENCTYPE {
  54   ETYPE_NULL = 0,
  55   ETYPE_DES_CBC_CRC = 1,
  56   ETYPE_DES_CBC_MD4 = 2,
  57   ETYPE_DES_CBC_MD5 = 3,
  58   ETYPE_DES3_CBC_MD5 = 5,
  59   ETYPE_OLD_DES3_CBC_SHA1 = 7,
  60   ETYPE_SIGN_DSA_GENERATE = 8,
  61   ETYPE_ENCRYPT_RSA_PRIV = 9,
  62   ETYPE_ENCRYPT_RSA_PUB = 10,
  63   ETYPE_DES3_CBC_SHA1 = 16,
  64   ETYPE_AES128_CTS_HMAC_SHA1_96 = 17,
  65   ETYPE_AES256_CTS_HMAC_SHA1_96 = 18,
  66   ETYPE_ARCFOUR_HMAC_MD5 = 23,
  67   ETYPE_ARCFOUR_HMAC_MD5_56 = 24,
  68   ETYPE_ENCTYPE_PK_CROSS = 48,
  69   ETYPE_ARCFOUR_MD4 = -128,
  70   ETYPE_ARCFOUR_HMAC_OLD = -133,
  71   ETYPE_ARCFOUR_HMAC_OLD_EXP = -135,
  72   ETYPE_DES_CBC_NONE = -4096,
  73   ETYPE_DES3_CBC_NONE = -4097,
  74   ETYPE_DES_CFB64_NONE = -4098,
  75   ETYPE_DES_PCBC_NONE = -4099,
  76   ETYPE_DIGEST_MD5_NONE = -4100,
  77   ETYPE_CRAM_MD5_NONE = -4101
  78 } ENCTYPE;
  79
  80 enum {
  81   ENCTYPE_NULL          = ETYPE_NULL
  82 };
  83
  84 typedef ENCTYPE krb5_enctype;
  85
  86 #define krb5_init_context oafs_h_krb5_init_context
  87 #define krb5_free_context oafs_h_krb5_free_context
  88 #define krb5_enctype_valid oafs_h_krb5_enctype_valid
  89 #define krb5_crypto_init oafs_h_krb5_crypto_init
  90 #define krb5_crypto_destroy oafs_h_krb5_crypto_destroy
  91 #define krb5_encrypt oafs_h_krb5_encrypt
  92 #define krb5_decrypt oafs_h_krb5_decrypt
  93 #define krb5_enctype_keybits oafs_h_krb5_enctype_keybits
  94 #define krb5_data_free oafs_h_krb5_data_free
  95 #define krb5_data_alloc oafs_h_krb5_data_alloc
  96 #define krb5_keyblock_init oafs_h_krb5_keyblock_init
  97 #define krb5_copy_keyblock oafs_h_krb5_copy_keyblock
  98 #define krb5_copy_keyblock_contents oafs_h_krb5_copy_keyblock_contents
  99 #define krb5_free_keyblock oafs_h_krb5_free_keyblock
 100 #define krb5_free_keyblock_contents oafs_h_krb5_free_keyblock_contents
 101 #define krb5_keyblock_zero oafs_h_krb5_keyblock_zero
 102 #define krb5_keyblock_get_enctype oafs_h_krb5_keyblock_get_enctype
 103
 104 krb5_error_code krb5_init_context(krb5_context *context);
 105
 106 void krb5_free_context(krb5_context context);
 107
 108 krb5_error_code krb5_enctype_valid(krb5_context, krb5_enctype);
 109
 110 krb5_error_code krb5_crypto_init(krb5_context context,
 111                                  const krb5_keyblock *key,
 112                                  krb5_enctype etype,
 113                                  krb5_crypto *crypto);
 114
 115 krb5_error_code krb5_crypto_destroy(krb5_context context,
 116                                     krb5_crypto crypto);
 117
 118 krb5_error_code krb5_encrypt(krb5_context context,
 119                              krb5_crypto crypto,
 120                              unsigned usage,
 121                              const void *data,
 122                              size_t len,
 123                              krb5_data *result);
 124
 125 krb5_error_code krb5_decrypt(krb5_context context,
 126                              krb5_crypto crypto,
 127                              unsigned usage,
 128                              void *data,
 129                              size_t len,
 130                              krb5_data *result);
 131
 132 krb5_error_code krb5_enctype_keybits(krb5_context context,
 133                                      krb5_enctype type,
 134                                      size_t *keybits);
 135
 136 void krb5_data_free(krb5_data *p);
 137
 138 krb5_error_code krb5_data_alloc(krb5_data *p, int len);
 139
 140 void krb5_free_keyblock_contents(krb5_context context,
 141                                  krb5_keyblock *keyblock);
 142
 143 #define krb5_crypto_prf oafs_h_krb5_crypto_prf
 144 #define krb5_crypto_fx_cf2 oafs_h_krb5_crypto_fx_cf2
 145 #define krb5_generate_random_block oafs_h_krb5_generate_random_block
 146 #define krb5_random_to_key oafs_h_krb5_random_ro_key
 147 #define krb5_crypto_overhead oafs_h_krb5_crypto_overhead
 148
 149 krb5_error_code krb5_crypto_prf(krb5_context context,
 150                                 const krb5_crypto crypto,
 151                                 const krb5_data *input,
 152                                 krb5_data *output);
 153
 154 krb5_error_code krb5_crypto_fx_cf2(krb5_context context,
 155                                    const krb5_crypto crypto1,
 156                                    const krb5_crypto crypto2,
 157                                    krb5_data *pepper1,
 158                                    krb5_data *pepper2,
 159                                    krb5_enctype enctype,
 160                                    krb5_keyblock *res);
 161
 162 void krb5_generate_random_block(void *buf, size_t len);
 163
 164 krb5_error_code krb5_random_to_key(krb5_context context,
 165                                    krb5_enctype type,
 166                                    const void *data,
 167                                    size_t size,
 168                                    krb5_keyblock *key);
 169
 170 size_t krb5_crypto_overhead (krb5_context context,
 171                              krb5_crypto crypto);
 172
 173 #define krb5_crypto_get_checksum_type oafs_h_krb5_crypto_get_checksum_type
 174 #define krb5_checksumsize oafs_h_krb5_checksumsize
 175 #define krb5_create_checksum oafs_h_krb5_create_checksum
 176 #define krb5_verify_checksum oafs_h_krb5_verify_checksum
 177 #define free_Checksum oafs_h_free_Checksum
 178
 179 krb5_error_code krb5_crypto_get_checksum_type (krb5_context context,
 180                                                krb5_crypto crypto,
 181                                                krb5_cksumtype *type);
 182 krb5_error_code krb5_checksumsize (krb5_context context,
 183                                    krb5_cksumtype type,
 184                                    size_t *size);
 185
 186 krb5_error_code krb5_create_checksum (krb5_context context,
 187                                       krb5_crypto crypto,
 188                                       krb5_key_usage usage,
 189                                       int type,
 190                                       void *data,
 191                                       size_t len,
 192                                       Checksum *result);
 193
 194 krb5_error_code krb5_verify_checksum (krb5_context context,
 195                                       krb5_crypto crypto,
 196                                       krb5_key_usage usage,
 197                                       void *data,
 198                                       size_t len,
 199                                       Checksum *cksum);
 200
 201
 202 void free_Checksum(Checksum *data);
 203
 204 void krb5_keyblock_zero(krb5_keyblock *keyblock);
 205 void krb5_free_keyblock_contents(krb5_context context,
 206                             krb5_keyblock *keyblock);
 207 void krb5_free_keyblock(krb5_context context,
 208                    krb5_keyblock *keyblock);
 209 krb5_error_code krb5_copy_keyblock_contents (krb5_context context,
 210                              const krb5_keyblock *inblock,
 211                              krb5_keyblock *to);
 212 krb5_error_code krb5_copy_keyblock (krb5_context context,
 213                     const krb5_keyblock *inblock,
 214                     krb5_keyblock **to);
 215 krb5_enctype krb5_keyblock_get_enctype(const krb5_keyblock *block);
 216 krb5_error_code krb5_keyblock_init(krb5_context context,
 217                    krb5_enctype type,
 218                    const void *data,
 219                    size_t size,
 220                    krb5_keyblock *key);