diff options
| author | Richard Levitte <levitte@openssl.org> | 2002-10-11 17:10:59 +0000 |
|---|---|---|
| committer | Richard Levitte <levitte@openssl.org> | 2002-10-11 17:10:59 +0000 |
| commit | 2eaabb718b992b8e60979dd044cae78f23767195 (patch) | |
| tree | e46968da2c492ee0cecdef09dc8c1c7a93e883de | |
| parent | 5572f482e797a5f6eee34ef7f04a8defde7bdecf (diff) | |
Step 3 of move of engines: copy the corresponding vendor header files.
| -rw-r--r-- | engines/vendor_defns/aep.h | 178 | ||||
| -rw-r--r-- | engines/vendor_defns/atalla.h | 48 | ||||
| -rw-r--r-- | engines/vendor_defns/cswift.h | 234 | ||||
| -rw-r--r-- | engines/vendor_defns/hw_4758_cca.h | 149 | ||||
| -rw-r--r-- | engines/vendor_defns/hw_ubsec.h | 100 | ||||
| -rw-r--r-- | engines/vendor_defns/hwcryptohook.h | 486 | ||||
| -rw-r--r-- | engines/vendor_defns/sureware.h | 239 |
7 files changed, 1434 insertions, 0 deletions
diff --git a/engines/vendor_defns/aep.h b/engines/vendor_defns/aep.h new file mode 100644 index 0000000000..2b2792d2d6 --- /dev/null +++ b/engines/vendor_defns/aep.h @@ -0,0 +1,178 @@ +/* This header declares the necessary definitions for using the exponentiation + * acceleration capabilities, and rnd number generation of the AEP card. + * + */ + +/* + * + * Some AEP defines + * + */ + +/*Successful return value*/ +#define AEP_R_OK 0x00000000 + +/*Miscelleanous unsuccessful return value*/ +#define AEP_R_GENERAL_ERROR 0x10000001 + +/*Insufficient host memory*/ +#define AEP_R_HOST_MEMORY 0x10000002 + +#define AEP_R_FUNCTION_FAILED 0x10000006 + +/*Invalid arguments in function call*/ +#define AEP_R_ARGUMENTS_BAD 0x10020000 + +#define AEP_R_NO_TARGET_RESOURCES 0x10030000 + +/*Error occuring on socket operation*/ +#define AEP_R_SOCKERROR 0x10000010 + +/*Socket has been closed from the other end*/ +#define AEP_R_SOCKEOF 0x10000011 + +/*Invalid handles*/ +#define AEP_R_CONNECTION_HANDLE_INVALID 0x100000B3 + +#define AEP_R_TRANSACTION_HANDLE_INVALID 0x10040000 + +/*Transaction has not yet returned from accelerator*/ +#define AEP_R_TRANSACTION_NOT_READY 0x00010000 + +/*There is already a thread waiting on this transaction*/ +#define AEP_R_TRANSACTION_CLAIMED 0x10050000 + +/*The transaction timed out*/ +#define AEP_R_TIMED_OUT 0x10060000 + +#define AEP_R_FXN_NOT_IMPLEMENTED 0x10070000 + +#define AEP_R_TARGET_ERROR 0x10080000 + +/*Error in the AEP daemon process*/ +#define AEP_R_DAEMON_ERROR 0x10090000 + +/*Invalid ctx id*/ +#define AEP_R_INVALID_CTX_ID 0x10009000 + +#define AEP_R_NO_KEY_MANAGER 0x1000a000 + +/*Error obtaining a mutex*/ +#define AEP_R_MUTEX_BAD 0x000001A0 + +/*Fxn call before AEP_Initialise ot after AEP_Finialise*/ +#define AEP_R_AEPAPI_NOT_INITIALIZED 0x10000190 + +/*AEP_Initialise has already been called*/ +#define AEP_R_AEPAPI_ALREADY_INITIALIZED 0x10000191 + +/*Maximum number of connections to daemon reached*/ +#define AEP_R_NO_MORE_CONNECTION_HNDLS 0x10000200 + +/* + * + * Some AEP Type definitions + * + */ + +/* an unsigned 8-bit value */ +typedef unsigned char AEP_U8; + +/* an unsigned 8-bit character */ +typedef char AEP_CHAR; + +/* a BYTE-sized Boolean flag */ +typedef AEP_U8 AEP_BBOOL; + +/*Unsigned value, at least 16 bits long*/ +typedef unsigned short AEP_U16; + +/* an unsigned value, at least 32 bits long */ +#ifdef SIXTY_FOUR_BIT_LONG +typedef unsigned int AEP_U32; +#else +typedef unsigned long AEP_U32; +#endif + +#ifdef SIXTY_FOUR_BIT_LONG +typedef unsigned long AEP_U64; +#else +typedef struct { unsigned long l1, l2; } AEP_U64; +#endif + +/* at least 32 bits; each bit is a Boolean flag */ +typedef AEP_U32 AEP_FLAGS; + +typedef AEP_U8 *AEP_U8_PTR; +typedef AEP_CHAR *AEP_CHAR_PTR; +typedef AEP_U32 *AEP_U32_PTR; +typedef AEP_U64 *AEP_U64_PTR; +typedef void *AEP_VOID_PTR; + +/* Pointer to a AEP_VOID_PTR-- i.e., pointer to pointer to void */ +typedef AEP_VOID_PTR *AEP_VOID_PTR_PTR; + +/*Used to identify an AEP connection handle*/ +typedef AEP_U32 AEP_CONNECTION_HNDL; + +/*Pointer to an AEP connection handle*/ +typedef AEP_CONNECTION_HNDL *AEP_CONNECTION_HNDL_PTR; + +/*Used by an application (in conjunction with the apps process id) to +identify an individual transaction*/ +typedef AEP_U32 AEP_TRANSACTION_ID; + +/*Pointer to an applications transaction identifier*/ +typedef AEP_TRANSACTION_ID *AEP_TRANSACTION_ID_PTR; + +/*Return value type*/ +typedef AEP_U32 AEP_RV; + +#define MAX_PROCESS_CONNECTIONS 256 + +#define RAND_BLK_SIZE 1024 + +typedef enum{ + NotConnected= 0, + Connected= 1, + InUse= 2 +} AEP_CONNECTION_STATE; + + +typedef struct AEP_CONNECTION_ENTRY{ + AEP_CONNECTION_STATE conn_state; + AEP_CONNECTION_HNDL conn_hndl; +} AEP_CONNECTION_ENTRY; + + +typedef AEP_RV t_AEP_OpenConnection(AEP_CONNECTION_HNDL_PTR phConnection); +typedef AEP_RV t_AEP_CloseConnection(AEP_CONNECTION_HNDL hConnection); + +typedef AEP_RV t_AEP_ModExp(AEP_CONNECTION_HNDL hConnection, + AEP_VOID_PTR pA, AEP_VOID_PTR pP, + AEP_VOID_PTR pN, + AEP_VOID_PTR pResult, + AEP_TRANSACTION_ID* pidTransID); + +typedef AEP_RV t_AEP_ModExpCrt(AEP_CONNECTION_HNDL hConnection, + AEP_VOID_PTR pA, AEP_VOID_PTR pP, + AEP_VOID_PTR pQ, + AEP_VOID_PTR pDmp1, AEP_VOID_PTR pDmq1, + AEP_VOID_PTR pIqmp, + AEP_VOID_PTR pResult, + AEP_TRANSACTION_ID* pidTransID); + +#ifdef AEPRAND +typedef AEP_RV t_AEP_GenRandom(AEP_CONNECTION_HNDL hConnection, + AEP_U32 Len, + AEP_U32 Type, + AEP_VOID_PTR pResult, + AEP_TRANSACTION_ID* pidTransID); +#endif + +typedef AEP_RV t_AEP_Initialize(AEP_VOID_PTR pInitArgs); +typedef AEP_RV t_AEP_Finalize(); +typedef AEP_RV t_AEP_SetBNCallBacks(AEP_RV (*GetBigNumSizeFunc)(), + AEP_RV (*MakeAEPBigNumFunc)(), + AEP_RV (*ConverAEPBigNumFunc)()); + diff --git a/engines/vendor_defns/atalla.h b/engines/vendor_defns/atalla.h new file mode 100644 index 0000000000..149970d441 --- /dev/null +++ b/engines/vendor_defns/atalla.h @@ -0,0 +1,48 @@ +/* This header declares the necessary definitions for using the exponentiation + * acceleration capabilities of Atalla cards. The only cryptographic operation + * is performed by "ASI_RSAPrivateKeyOpFn" and this takes a structure that + * defines an "RSA private key". However, it is really only performing a + * regular mod_exp using the supplied modulus and exponent - no CRT form is + * being used. Hence, it is a generic mod_exp function in disguise, and we use + * it as such. + * + * Thanks to the people at Atalla for letting me know these definitions are + * fine and that they can be reproduced here. + * + * Geoff. + */ + +typedef struct ItemStr + { + unsigned char *data; + int len; + } Item; + +typedef struct RSAPrivateKeyStr + { + void *reserved; + Item version; + Item modulus; + Item publicExponent; + Item privateExponent; + Item prime[2]; + Item exponent[2]; + Item coefficient; + } RSAPrivateKey; + +/* Predeclare the function pointer types that we dynamically load from the DSO. + * These use the same names and form that Ben's original support code had (in + * crypto/bn/bn_exp.c) unless of course I've inadvertently changed the style + * somewhere along the way! + */ + +typedef int tfnASI_GetPerformanceStatistics(int reset_flag, + unsigned int *ret_buf); + +typedef int tfnASI_GetHardwareConfig(long card_num, unsigned int *ret_buf); + +typedef int tfnASI_RSAPrivateKeyOpFn(RSAPrivateKey * rsaKey, + unsigned char *output, + unsigned char *input, + unsigned int modulus_len); + diff --git a/engines/vendor_defns/cswift.h b/engines/vendor_defns/cswift.h new file mode 100644 index 0000000000..60079326bb --- /dev/null +++ b/engines/vendor_defns/cswift.h @@ -0,0 +1,234 @@ +/* Attribution notice: Rainbow have generously allowed me to reproduce + * the necessary definitions here from their API. This means the support + * can build independently of whether application builders have the + * API or hardware. This will allow developers to easily produce software + * that has latent hardware support for any users that have accelertors + * installed, without the developers themselves needing anything extra. + * + * I have only clipped the parts from the CryptoSwift header files that + * are (or seem) relevant to the CryptoSwift support code. This is + * simply to keep the file sizes reasonable. + * [Geoff] + */ + + +/* NB: These type widths do *not* seem right in general, in particular + * they're not terribly friendly to 64-bit architectures (unsigned long) + * will be 64-bit on IA-64 for a start. I'm leaving these alone as they + * agree with Rainbow's API and this will only be called into question + * on platforms with Rainbow support anyway! ;-) */ + +#ifdef __cplusplus +extern "C" { +#endif /* __cplusplus */ + +typedef long SW_STATUS; /* status */ +typedef unsigned char SW_BYTE; /* 8 bit byte */ +typedef unsigned short SW_U16; /* 16 bit number */ +#if defined(_IRIX) +#include <sgidefs.h> +typedef __uint32_t SW_U32; +#else +typedef unsigned long SW_U32; /* 32 bit integer */ +#endif + +#if defined(OPENSSL_SYS_WIN32) + typedef struct _SW_U64 { + SW_U32 low32; + SW_U32 high32; + } SW_U64; /* 64 bit integer */ +#elif defined(OPENSSL_SYS_MACINTOSH_CLASSIC) + typedef longlong SW_U64 +#else /* Unix variants */ + typedef struct _SW_U64 { + SW_U32 low32; + SW_U32 high32; + } SW_U64; /* 64 bit integer */ +#endif + +/* status codes */ +#define SW_OK (0L) +#define SW_ERR_BASE (-10000L) +#define SW_ERR_NO_CARD (SW_ERR_BASE-1) /* The Card is not present */ +#define SW_ERR_CARD_NOT_READY (SW_ERR_BASE-2) /* The card has not powered */ + /* up yet */ +#define SW_ERR_TIME_OUT (SW_ERR_BASE-3) /* Execution of a command */ + /* time out */ +#define SW_ERR_NO_EXECUTE (SW_ERR_BASE-4) /* The Card failed to */ + /* execute the command */ +#define SW_ERR_INPUT_NULL_PTR (SW_ERR_BASE-5) /* a required pointer is */ + /* NULL */ +#define SW_ERR_INPUT_SIZE (SW_ERR_BASE-6) /* size is invalid, too */ + /* small, too large. */ +#define SW_ERR_INVALID_HANDLE (SW_ERR_BASE-7) /* Invalid SW_ACC_CONTEXT */ + /* handle */ +#define SW_ERR_PENDING (SW_ERR_BASE-8) /* A request is already out- */ + /* standing at this */ + /* context handle */ +#define SW_ERR_AVAILABLE (SW_ERR_BASE-9) /* A result is available. */ +#define SW_ERR_NO_PENDING (SW_ERR_BASE-10)/* No request is pending. */ +#define SW_ERR_NO_MEMORY (SW_ERR_BASE-11)/* Not enough memory */ +#define SW_ERR_BAD_ALGORITHM (SW_ERR_BASE-12)/* Invalid algorithm type */ + /* in SW_PARAM structure */ +#define SW_ERR_MISSING_KEY (SW_ERR_BASE-13)/* No key is associated with */ + /* context. */ + /* swAttachKeyParam() is */ + /* not called. */ +#define SW_ERR_KEY_CMD_MISMATCH \ + (SW_ERR_BASE-14)/* Cannot perform requested */ + /* SW_COMMAND_CODE since */ + /* key attached via */ + /* swAttachKeyParam() */ + /* cannot be used for this*/ + /* SW_COMMAND_CODE. */ +#define SW_ERR_NOT_IMPLEMENTED \ + (SW_ERR_BASE-15)/* Not implemented */ +#define SW_ERR_BAD_COMMAND (SW_ERR_BASE-16)/* Bad command code */ +#define SW_ERR_BAD_ITEM_SIZE (SW_ERR_BASE-17)/* too small or too large in */ + /* the "initems" or */ + /* "outitems". */ +#define SW_ERR_BAD_ACCNUM (SW_ERR_BASE-18)/* Bad accelerator number */ +#define SW_ERR_SELFTEST_FAIL (SW_ERR_BASE-19)/* At least one of the self */ + /* test fail, look at the */ + /* selfTestBitmap in */ + /* SW_ACCELERATOR_INFO for*/ + /* details. */ +#define SW_ERR_MISALIGN (SW_ERR_BASE-20)/* Certain alogrithms require*/ + /* key materials aligned */ + /* in certain order, e.g. */ + /* 128 bit for CRT */ +#define SW_ERR_OUTPUT_NULL_PTR \ + (SW_ERR_BASE-21)/* a required pointer is */ + /* NULL */ +#define SW_ERR_OUTPUT_SIZE \ + (SW_ERR_BASE-22)/* size is invalid, too */ + /* small, too large. */ +#define SW_ERR_FIRMWARE_CHECKSUM \ + (SW_ERR_BASE-23)/* firmware checksum mismatch*/ + /* download failed. */ +#define SW_ERR_UNKNOWN_FIRMWARE \ + (SW_ERR_BASE-24)/* unknown firmware error */ +#define SW_ERR_INTERRUPT (SW_ERR_BASE-25)/* request is abort when */ + /* it's waiting to be */ + /* completed. */ +#define SW_ERR_NVWRITE_FAIL (SW_ERR_BASE-26)/* error in writing to Non- */ + /* volatile memory */ +#define SW_ERR_NVWRITE_RANGE (SW_ERR_BASE-27)/* out of range error in */ + /* writing to NV memory */ +#define SW_ERR_RNG_ERROR (SW_ERR_BASE-28)/* Random Number Generation */ + /* failure */ +#define SW_ERR_DSS_FAILURE (SW_ERR_BASE-29)/* DSS Sign or Verify failure*/ +#define SW_ERR_MODEXP_FAILURE (SW_ERR_BASE-30)/* Failure in various math */ + /* calculations */ +#define SW_ERR_ONBOARD_MEMORY (SW_ERR_BASE-31)/* Error in accessing on - */ + /* board memory */ +#define SW_ERR_FIRMWARE_VERSION \ + (SW_ERR_BASE-32)/* Wrong version in firmware */ + /* update */ +#define SW_ERR_ZERO_WORKING_ACCELERATOR \ + (SW_ERR_BASE-44)/* All accelerators are bad */ + + + /* algorithm type */ +#define SW_ALG_CRT 1 +#define SW_ALG_EXP 2 +#define SW_ALG_DSA 3 +#define SW_ALG_NVDATA 4 + + /* command code */ +#define SW_CMD_MODEXP_CRT 1 /* perform Modular Exponentiation using */ + /* Chinese Remainder Theorem (CRT) */ +#define SW_CMD_MODEXP 2 /* perform Modular Exponentiation */ +#define SW_CMD_DSS_SIGN 3 /* perform DSS sign */ +#define SW_CMD_DSS_VERIFY 4 /* perform DSS verify */ +#define SW_CMD_RAND 5 /* perform random number generation */ +#define SW_CMD_NVREAD 6 /* perform read to nonvolatile RAM */ +#define SW_CMD_NVWRITE 7 /* perform write to nonvolatile RAM */ + +typedef SW_U32 SW_ALGTYPE; /* alogrithm type */ +typedef SW_U32 SW_STATE; /* state */ +typedef SW_U32 SW_COMMAND_CODE; /* command code */ +typedef SW_U32 SW_COMMAND_BITMAP[4]; /* bitmap */ + +typedef struct _SW_LARGENUMBER { + SW_U32 nbytes; /* number of bytes in the buffer "value" */ + SW_BYTE* value; /* the large integer as a string of */ + /* bytes in network (big endian) order */ +} SW_LARGENUMBER; + +#if defined(OPENSSL_SYS_WIN32) + #include <windows.h> + typedef HANDLE SW_OSHANDLE; /* handle to kernel object */ + #define SW_OS_INVALID_HANDLE INVALID_HANDLE_VALUE + #define SW_CALLCONV _stdcall +#elif defined(OPENSSL_SYS_MACINTOSH_CLASSIC) + /* async callback mechanisms */ + /* swiftCallbackLevel */ + #define SW_MAC_CALLBACK_LEVEL_NO 0 + #define SW_MAC_CALLBACK_LEVEL_HARDWARE 1 /* from the hardware ISR */ + #define SW_MAC_CALLBACK_LEVEL_SECONDARY 2 /* as secondary ISR */ + typedef int SW_MAC_CALLBACK_LEVEL; + typedef int SW_OSHANDLE; + #define SW_OS_INVALID_HANDLE (-1) + #define SW_CALLCONV +#else /* Unix variants */ + typedef int SW_OSHANDLE; /* handle to driver */ + #define SW_OS_INVALID_HANDLE (-1) + #define SW_CALLCONV +#endif + +typedef struct _SW_CRT { + SW_LARGENUMBER p; /* prime number p */ + SW_LARGENUMBER q; /* prime number q */ + SW_LARGENUMBER dmp1; /* exponent1 */ + SW_LARGENUMBER dmq1; /* exponent2 */ + SW_LARGENUMBER iqmp; /* CRT coefficient */ +} SW_CRT; + +typedef struct _SW_EXP { + SW_LARGENUMBER modulus; /* modulus */ + SW_LARGENUMBER exponent;/* exponent */ +} SW_EXP; + +typedef struct _SW_DSA { + SW_LARGENUMBER p; /* */ + SW_LARGENUMBER q; /* */ + SW_LARGENUMBER g; /* */ + SW_LARGENUMBER key; /* private/public key */ +} SW_DSA; + +typedef struct _SW_NVDATA { + SW_U32 accnum; /* accelerator board number */ + SW_U32 offset; /* offset in byte */ +} SW_NVDATA; + +typedef struct _SW_PARAM { + SW_ALGTYPE type; /* type of the alogrithm */ + union { + SW_CRT crt; + SW_EXP exp; + SW_DSA dsa; + SW_NVDATA nvdata; + } up; +} SW_PARAM; + +typedef SW_U32 SW_CONTEXT_HANDLE; /* opaque context handle */ + + +/* Now the OpenSSL bits, these function types are the for the function + * pointers that will bound into the Rainbow shared libraries. */ +typedef SW_STATUS SW_CALLCONV t_swAcquireAccContext(SW_CONTEXT_HANDLE *hac); +typedef SW_STATUS SW_CALLCONV t_swAttachKeyParam(SW_CONTEXT_HANDLE hac, + SW_PARAM *key_params); +typedef SW_STATUS SW_CALLCONV t_swSimpleRequest(SW_CONTEXT_HANDLE hac, + SW_COMMAND_CODE cmd, + SW_LARGENUMBER pin[], + SW_U32 pin_count, + SW_LARGENUMBER pout[], + SW_U32 pout_count); +typedef SW_STATUS SW_CALLCONV t_swReleaseAccContext(SW_CONTEXT_HANDLE hac); + +#ifdef __cplusplus +} +#endif /* __cplusplus */ + diff --git a/engines/vendor_defns/hw_4758_cca.h b/engines/vendor_defns/hw_4758_cca.h new file mode 100644 index 0000000000..296636e81a --- /dev/null +++ b/engines/vendor_defns/hw_4758_cca.h @@ -0,0 +1,149 @@ +/**********************************************************************/ +/* */ +/* Prototypes of the CCA verbs used by the 4758 CCA openssl driver */ +/* */ +/* Maurice Gittens <maurice@gittens.nl> */ +/* */ +/**********************************************************************/ + +#ifndef __HW_4758_CCA__ +#define __HW_4758_CCA__ + +/* + * Only WIN32 support for now + */ +#if defined(WIN32) + + #define CCA_LIB_NAME "CSUNSAPI" + + #define CSNDPKX "CSNDPKX_32" + #define CSNDKRR "CSNDKRR_32" + #define CSNDPKE "CSNDPKE_32" + #define CSNDPKD "CSNDPKD_32" + #define CSNDDSV "CSNDDSV_32" + #define CSNDDSG "CSNDDSG_32" + #define CSNBRNG "CSNBRNG_32" + + #define SECURITYAPI __stdcall +#else + /* Fixme!! + Find out the values of these constants for other platforms. + */ + #define CCA_LIB_NAME "CSUNSAPI" + + #define CSNDPKX "CSNDPKX" + #define CSNDKRR "CSNDKRR" + #define CSNDPKE "CSNDPKE" + #define CSNDPKD "CSNDPKD" + #define CSNDDSV "CSNDDSV" + #define CSNDDSG "CSNDDSG" + #define CSNBRNG "CSNBRNG" + + #define SECURITYAPI +#endif + +/* + * security API prototypes + */ + +/* PKA Key Record Read */ +typedef void (SECURITYAPI *F_KEYRECORDREAD) + (long * return_code, + long * reason_code, + long * exit_data_length, + unsigned char * exit_data, + long * rule_array_count, + unsigned char * rule_array, + unsigned char * key_label, + long * key_token_length, + unsigned char * key_token); + +/* Random Number Generate */ +typedef void (SECURITYAPI *F_RANDOMNUMBERGENERATE) + (long * return_code, + long * reason_code, + long * exit_data_length, + unsigned char * exit_data, + unsigned char * form, + unsigned char * random_number); + +/* Digital Signature Generate */ +typedef void (SECURITYAPI *F_DIGITALSIGNATUREGENERATE) + (long * return_code, + long * reason_code, + long * exit_data_length, + unsigned char * exit_data, + long * rule_array_count, + unsigned char * rule_array, + long * PKA_private_key_id_length, + unsigned char * PKA_private_key_id, + long * hash_length, + unsigned char * hash, + long * signature_field_length, + long * signature_bit_length, + unsigned char * signature_field); + +/* Digital Signature Verify */ +typedef void (SECURITYAPI *F_DIGITALSIGNATUREVERIFY)( + long * return_code, + long * reason_code, + long * exit_data_length, + unsigned char * exit_data, + long * rule_array_count, + unsigned char * rule_array, + long * PKA_public_key_id_length, + unsigned char * PKA_public_key_id, + long * hash_length, + unsigned char * hash, + long * signature_field_length, + unsigned char * signature_field); + +/* PKA Public Key Extract */ +typedef void (SECURITYAPI *F_PUBLICKEYEXTRACT)( + long * return_code, + long * reason_code, + long * exit_data_length, + unsigned char * exit_data, + long * rule_array_count, + unsigned char * rule_array, + long * source_key_identifier_length, + unsigned char * source_key_identifier, + long * target_key_token_length, + unsigned char * target_key_token); + +/* PKA Encrypt */ +typedef void (SECURITYAPI *F_PKAENCRYPT) + (long * return_code, + long * reason_code, + long * exit_data_length, + unsigned char * exit_data, + long * rule_array_count, + unsigned char * rule_array, + long * key_value_length, + unsigned char * key_value, + long * data_struct_length, + unsigned char * data_struct, + long * RSA_public_key_length, + unsigned char * RSA_public_key, + long * RSA_encipher_length, + unsigned char * RSA_encipher ); + +/* PKA Decrypt */ +typedef void (SECURITYAPI *F_PKADECRYPT) + (long * return_code, + long * reason_code, + long * exit_data_length, + unsigned char * exit_data, + long * rule_array_count, + unsigned char * rule_array, + long * enciphered_key_length, + unsigned char * enciphered_key, + long * data_struct_length, + unsigned char * data_struct, + long * RSA_private_key_length, + unsigned char * RSA_private_key, + long * key_value_length, + unsigned char * key_value ); + + +#endif diff --git a/engines/vendor_defns/hw_ubsec.h b/engines/vendor_defns/hw_ubsec.h new file mode 100644 index 0000000000..b6619d40f2 --- /dev/null +++ b/engines/vendor_defns/hw_ubsec.h @@ -0,0 +1,100 @@ +/****************************************************************************** + * + * Copyright 2000 + * Broadcom Corporation + * 16215 Alton Parkway + * PO Box 57013 + * Irvine CA 92619-7013 + * + *****************************************************************************/ +/* + * Broadcom Corporation uBSec SDK + */ +/* + * Character device header file. + */ +/* + * Revision History: + * + * October 2000 JTT Created. + */ + +#define MAX_PUBLIC_KEY_BITS (1024) +#define MAX_PUBLIC_KEY_BYTES (1024/8) +#define SHA_BIT_SIZE (160) +#define MAX_CRYPTO_KEY_LENGTH 24 +#define MAX_MAC_KEY_LENGTH 64 +#define UBSEC_CRYPTO_DEVICE_NAME ((unsigned char *)"/dev/ubscrypt") +#define UBSEC_KEY_DEVICE_NAME ((unsigned char *)"/dev/ubskey") + +/* Math command types. */ +#define UBSEC_MATH_MODADD 0x0001 +#define UBSEC_MATH_MODSUB 0x0002 +#define UBSEC_MATH_MODMUL 0x0004 +#define UBSEC_MATH_MODEXP 0x0008 +#define UBSEC_MATH_MODREM 0x0010 +#define UBSEC_MATH_MODINV 0x0020 + +typedef long ubsec_MathCommand_t; +typedef long ubsec_RNGCommand_t; + +typedef struct ubsec_crypto_context_s { + unsigned int flags; + unsigned char crypto[MAX_CRYPTO_KEY_LENGTH]; + unsigned char auth[MAX_MAC_KEY_LENGTH]; +} ubsec_crypto_context_t, *ubsec_crypto_context_p; + +/* + * Predeclare the function pointer types that we dynamically load from the DSO. + */ + +typedef int t_UBSEC_ubsec_bytes_to_bits(unsigned char *n, int bytes); + +typedef int t_UBSEC_ubsec_bits_to_bytes(int bits); + +typedef int t_UBSEC_ubsec_open(unsigned char *device); + +typedef int t_UBSEC_ubsec_close(int fd); + +typedef int t_UBSEC_diffie_hellman_generate_ioctl (int fd, + unsigned char *x, int *x_len, unsigned char *y, int *y_len, + unsigned char *g, int g_len, unsigned char *m, int m_len, + unsigned char *userX, int userX_len, int random_bits); + +typedef int t_UBSEC_diffie_hellman_agree_ioctl (int fd, + unsigned char *x, int x_len, unsigned char *y, int y_len, + unsigned char *m, int m_len, unsigned char *k, int *k_len); + +typedef int t_UBSEC_rsa_mod_exp_ioctl (int fd, + unsigned char *x, int x_len, unsigned char *m, int m_len, + unsigned char *e, int e_len, unsigned char *y, int *y_len); + +typedef int t_UBSEC_rsa_mod_exp_crt_ioctl (int fd, + unsigned char *x, int x_len, unsigned char *qinv, int qinv_len, + unsigned char *edq, int edq_len, unsigned char *q, int q_len, + unsigned char *edp, int edp_len, unsigned char *p, int p_len, + unsigned char *y, int *y_len); + +typedef int t_UBSEC_dsa_sign_ioctl (int fd, + int hash, unsigned char *data, int data_len, + unsigned char *rndom, int random_len, + unsigned char *p, int p_len, unsigned char *q, int q_len, + unsigned char *g, int g_len, unsigned char *key, int key_len, + unsigned char *r, int *r_len, unsigned char *s, int *s_len); + +typedef int t_UBSEC_dsa_verify_ioctl (int fd, + int hash, unsigned char *data, int data_len, + unsigned char *p, int p_len, unsigned char *q, int q_len, + unsigned char *g, int g_len, unsigned char *key, int key_len, + unsigned char *r, int r_len, unsigned char *s, int s_len, + unsigned char *v, int *v_len); + +typedef int t_UBSEC_math_accelerate_ioctl(int fd, ubsec_MathCommand_t command, + unsigned char *ModN, int *ModN_len, unsigned char *ExpE, int *ExpE_len, + unsigned char *ParamA, int *ParamA_len, unsigned char *ParamB, int *ParamB_len, + unsigned char *Result, int *Result_len); + +typedef int t_UBSEC_rng_ioctl(int fd, ubsec_RNGCommand_t command, + unsigned char *Result, int *Result_len); + +typedef int t_UBSEC_max_key_len_ioctl(int fd, int *max_key_len); diff --git a/engines/vendor_defns/hwcryptohook.h b/engines/vendor_defns/hwcryptohook.h new file mode 100644 index 0000000000..482f1f2d11 --- /dev/null +++ b/engines/vendor_defns/hwcryptohook.h @@ -0,0 +1,486 @@ +/* + * ModExp / RSA (with/without KM) plugin API + * + * The application will load a dynamic library which + * exports entrypoint(s) defined in this file. + * + * This set of entrypoints provides only a multithreaded, + * synchronous-within-each-thread, facility. + * + * + * This file is Copyright 1998-2000 nCipher Corporation Limited. + * + * Redistribution and use in source and binary forms, with opr without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the copyright notice, + * this list of conditions, and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions, and the following + * disclaimer, in the documentation and/or other materials provided + * with the distribution + * + * IN NO EVENT SHALL NCIPHER CORPORATION LIMITED (`NCIPHER') AND/OR + * ANY OTHER AUTHORS OR DISTRIBUTORS OF THIS FILE BE LIABLE for any + * damages arising directly or indirectly from this file, its use or + * this licence. Without prejudice to the generality of the + * foregoing: all liability shall be excluded for direct, indirect, + * special, incidental, consequential or other damages or any loss of + * profits, business, revenue goodwill or anticipated savings; + * liability shall be excluded even if nCipher or anyone else has been + * advised of the possibility of damage. In any event, if the + * exclusion of liability is not effective, the liability of nCipher + * or any author or distributor shall be limited to the lesser of the + * price paid and 1,000 pounds sterling. This licence only fails to + * exclude or limit liability for death or personal injury arising out + * of negligence, and only to the extent that such an exclusion or + * limitation is not effective. + * + * NCIPHER AND THE AUTHORS AND DISTRIBUTORS SPECIFICALLY DISCLAIM ALL + * AND ANY WARRANTIES (WHETHER EXPRESS OR IMPLIED), including, but not + * limited to, any implied warranties of merchantability, fitness for + * a particular purpose, satisfactory quality, and/or non-infringement + * of any third party rights. + * + * US Government use: This software and documentation is Commercial + * Computer Software and Computer Software Documentation, as defined in + * sub-paragraphs (a)(1) and (a)(5) of DFAR 252.227-7014, "Rights in + * Noncommercial Computer Software and Noncommercial Computer Software + * Documentation." Use, duplication or disclosure by the Government is + * subject to the terms and conditions specified here. + * + * By using or distributing this file you will be accepting these + * terms and conditions, including the limitation of liability and + * lack of warranty. If you do not wish to accept these terms and + * conditions, DO NOT USE THE FILE. + * + * + * The actual dynamically loadable plugin, and the library files for + * static linking, which are also provided in some distributions, are + * not covered by the licence described above. You should have + * received a separate licence with terms and conditions for these + * library files; if you received the library files without a licence, + * please contact nCipher. + * + * + * $Id: hwcryptohook.h,v 1.1 2002/10/11 17:10:59 levitte Exp $ + */ + +#ifndef HWCRYPTOHOOK_H +#define HWCRYPTOHOOK_H + +#include <sys/types.h> +#include <stdio.h> + +#ifndef HWCRYPTOHOOK_DECLARE_APPTYPES +#define HWCRYPTOHOOK_DECLARE_APPTYPES 1 +#endif + +#define HWCRYPTOHOOK_ERROR_FAILED -1 +#define HWCRYPTOHOOK_ERROR_FALLBACK -2 +#define HWCRYPTOHOOK_ERROR_MPISIZE -3 + +#if HWCRYPTOHOOK_DECLARE_APPTYPES + +/* These structs are defined by the application and opaque to the + * crypto plugin. The application may define these as it sees fit. + * Default declarations are provided here, but the application may + * #define HWCRYPTOHOOK_DECLARE_APPTYPES 0 + * to prevent these declarations, and instead provide its own + * declarations of these types. (Pointers to them must still be + * ordinary pointers to structs or unions, or the resulting combined + * program will have a type inconsistency.) + */ +typedef struct HWCryptoHook_MutexValue HWCryptoHook_Mutex; +typedef struct HWCryptoHook_CondVarValue HWCryptoHook_CondVar; +typedef struct HWCryptoHook_PassphraseContextValue HWCryptoHook_PassphraseContext; +typedef struct HWCryptoHook_CallerContextValue HWCryptoHook_CallerContext; + +#endif /* HWCRYPTOHOOK_DECLARE_APPTYPES */ + +/* These next two structs are opaque to the application. The crypto + * plugin will return pointers to them; the caller simply manipulates + * the pointers. + */ +typedef struct HWCryptoHook_Context *HWCryptoHook_ContextHandle; +typedef struct HWCryptoHook_RSAKey *HWCryptoHook_RSAKeyHandle; + +typedef struct { + char *buf; + size_t size; +} HWCryptoHook_ErrMsgBuf; +/* Used for error reporting. When a HWCryptoHook function fails it + * will return a sentinel value (0 for pointer-valued functions, or a + * negative number, usually HWCRYPTOHOOK_ERROR_FAILED, for + * integer-valued ones). It will, if an ErrMsgBuf is passed, also put + * an error message there. + * + * size is the size of the buffer, and will not be modified. If you + * pass 0 for size you must pass 0 for buf, and nothing will be + * recorded (just as if you passed 0 for the struct pointer). + * Messages written to the buffer will always be null-terminated, even + * when truncated to fit within size bytes. + * + * The contents of the buffer are not defined if there is no error. + */ + +typedef struct HWCryptoHook_MPIStruct { + unsigned char *buf; + size_t size; +} HWCryptoHook_MPI; +/* When one of these is returned, a pointer is passed to the function. + * At call, size is the space available. Afterwards it is updated to + * be set to the actual length (which may be more than the space available, + * if there was not enough room and the result was truncated). + * buf (the pointer) is not updated. + * + * size is in bytes and may be zero at call or return, but must be a + * multiple of the limb size. Zero limbs at the MS end are not + * permitted. + */ + +#define HWCryptoHook_InitFlags_FallbackModExp 0x0002UL +#define HWCryptoHook_InitFlags_FallbackRSAImmed 0x0004UL +/* Enable requesting fallback to software in case of problems with the + * hardware support. This indicat |