File Coverage

inc/matrixssl-3-9-3-open/crypto/cryptolib.h

Criterion	Covered	Total	%
statement	3	3	100.0
branch			n/a
condition			n/a
subroutine			n/a
pod			n/a
total	3	3	100.0

line	stmt	code
1		/**
2		* @file cryptolib.h
3		* @version 950bba4 (HEAD -> master)
4		*
5		* Header file for definitions used with crypto lib.
6		*/
7		/*
8		* Copyright (c) 2013-2017 INSIDE Secure Corporation
9		* Copyright (c) PeerSec Networks, 2002-2011
10		* All Rights Reserved
11		*
12		* The latest version of this code is available at http://www.matrixssl.org
13		*
14		* This software is open source; you can redistribute it and/or modify
15		* it under the terms of the GNU General Public License as published by
16		* the Free Software Foundation; either version 2 of the License, or
17		* (at your option) any later version.
18		*
19		* This General Public License does NOT permit incorporating this software
20		* into proprietary programs. If you are unable to comply with the GPL, a
21		* commercial license for this software may be purchased from INSIDE at
22		* http://www.insidesecure.com/
23		*
24		* This program is distributed in WITHOUT ANY WARRANTY; without even the
25		* implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
26		* See the GNU General Public License for more details.
27		*
28		* You should have received a copy of the GNU General Public License
29		* along with this program; if not, write to the Free Software
30		* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
31		* http://www.gnu.org/copyleft/gpl.html
32		*/
33		/******************************************************************************/
34
35		#ifndef _h_PS_CRYPTOLIB
36		# define _h_PS_CRYPTOLIB
37
38		/******************************************************************************/
39		/*
40		Additional 'hidden' algorithm configuration here for deprecated support
41		*/
42
43		/** Symmetric. @security These are generally insecure and not enabled by default. */
44		/* #define USE_RC2 */
45		/* #define USE_ARC4 */
46		/* #define USE_SEED */
47		/* #define USE_IDEA */
48		# ifdef USE_PKCS12
49		/* #define USE_RC2 / * Only PKCS#12 parse should ever want this algorithm * / */
50		# endif
51
52		/** Digest. @security These are generally insecure and not enabled by default */
53		/* #define USE_MD4 */
54		/* #define USE_MD2 */
55
56		/** PRNG. @security By default the OS PRNG will be used directly. */
57		# define USE_PRNG
58		/* #define USE_YARROW */
59
60		/******************************************************************************/
61		/*
62		Additional configuration that is usually not modified.
63		*/
64		# define OCSP_VALID_TIME_WINDOW 604800 /* In seconds (1 week default window) */
65
66		/******************************************************************************/
67		/*
68		Include crypto provider layer headers
69		*/
70		# include "layer/layer.h"
71
72		/* Configuration validation/sanity checks */
73		# include "cryptoCheck.h"
74
75		/* Implementation layer */
76		# include "symmetric/symmetric.h"
77		# include "digest/digest.h"
78		# include "math/pstm.h"
79		# include "pubkey/pubkey.h"
80		# include "keyformat/asn1.h"
81		# include "keyformat/x509.h"
82		# include "prng/prng.h"
83
84		/******************************************************************************/
85		/*
86		Crypto trace
87		*/
88		# ifndef USE_CRYPTO_TRACE
89		# define psTraceCrypto(x)
90		# define psTraceStrCrypto(x, y)
91		# define psTraceIntCrypto(x, y)
92		# define psTracePtrCrypto(x, y)
93		# else
94		# define psTraceCrypto(x) _psTrace(x)
95		# define psTraceStrCrypto(x, y) _psTraceStr(x, y)
96		# define psTraceIntCrypto(x, y) _psTraceInt(x, y)
97		# define psTracePtrCrypto(x, y) _psTracePtr(x, y)
98		# endif /* USE_CRYPTO_TRACE */
99
100		/******************************************************************************/
101		/*
102		Helpers
103		*/
104		extern int32_t psBase64decode(const unsigned char *in, psSize_t len,
105		unsigned char out, psSize_t outlen);
106		extern void psOpenPrng(void);
107		extern void psClosePrng(void);
108		extern int32_t psGetPrngLocked(unsigned char *bytes, psSize_t size,
109		void *userPtr);
110
111		/******************************************************************************/
112		/*
113		RFC 3279 OID and PKCS standards OIDs
114		Matrix uses an oid summing mechanism to arrive at these defines.
115		The byte values of the OID are summed and compared with OID database
116		entries to produce a unique numbers (assuming MATRIXSSL_NO_OID_DATABASE
117		is not set.)
118		*/
119
120		# ifdef MATRIXSSL_NO_OID_DATABASE
121		/* Without OID database, some entries will be duplicates. */
122		# define OID_COLLISION 0
123		# else
124		/* To prevent collisions, some oids are added a sufficient multiple of this
125		to make them unique. */
126		# define OID_COLLISION 1024
127
128		/* Marking for OIDs that have not been discovered in the database.
129		The OIDs not discovered are guaranteed to be this value or larger. */
130		# define OID_NOT_FOUND 32768
131		# endif /* MATRIXSSL_NO_OID_DATABASE */
132
133		/* Raw digest algorithms */
134
135		# define OID_SHA1_ALG_STR "1.3.14.3.2.26"
136		# define OID_SHA1_ALG 88
137		# define OID_SHA1_ALG_HEX "\x06\x05\x2B\x0E\x03\x02\x1A"
138		# define OID_SHA224_ALG_STR "2.16.840.1.101.3.4.2.4"
139		# define OID_SHA224_ALG (417 + OID_COLLISION)
140		# define OID_SHA224_ALG_HEX "\x06\x09\x60\x86\x48\x01\x65\x03\x04\x02\x04"
141		# define OID_SHA256_ALG_STR "2.16.840.1.101.3.4.2.1"
142		# define OID_SHA256_ALG 414
143		# define OID_SHA256_ALG_HEX "\x06\x09\x60\x86\x48\x01\x65\x03\x04\x02\x01"
144		# define OID_SHA384_ALG_STR "2.16.840.1.101.3.4.2.2"
145		# define OID_SHA384_ALG 415
146		# define OID_SHA384_ALG_HEX "\x06\x09\x60\x86\x48\x01\x65\x03\x04\x02\x02"
147		# define OID_SHA512_ALG_STR "2.16.840.1.101.3.4.2.3"
148		# define OID_SHA512_ALG 416
149		# define OID_SHA512_ALG_HEX "\x06\x09\x60\x86\x48\x01\x65\x03\x04\x02\x03"
150		# define OID_MD2_ALG_STR "1.2.840.113549.2.2"
151		# define OID_MD2_ALG 646
152		# define OID_MD2_ALG_HEX "\x06\x08\x2A\x86\x48\x86\xF7\x0D\x02\x02"
153		# define OID_MD5_ALG_STR "1.2.840.113549.2.5"
154		# define OID_MD5_ALG 649
155		# define OID_MD5_ALG_HEX "\x06\x08\x2A\x86\x48\x86\xF7\x0D\x02\x05"
156
157		/* Signature algorithms */
158		# define OID_MD2_RSA_SIG_STR "1.2.840.113549.1.1.2"
159		# define OID_MD2_RSA_SIG (646 + OID_COLLISION)
160		# define OID_MD2_RSA_SIG_HEX "\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x01\x02"
161		# define OID_MD5_RSA_SIG_STR "1.2.840.113549.1.1.4"
162		# define OID_MD5_RSA_SIG 648
163		# define OID_MD5_RSA_SIG_HEX "\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x01\x04"
164		# define OID_SHA1_RSA_SIG_STR "1.2.840.113549.1.1.5"
165		# define OID_SHA1_RSA_SIG (649 + OID_COLLISION)
166		# define OID_SHA1_RSA_SIG_HEX "\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x01\x05"
167		# define OID_SHA1_RSA_SIG2_STR "1.3.14.3.2.29"
168		# define OID_SHA1_RSA_SIG2 91/* Older, alternate for SHA1_RSA */
169		# define OID_SHA1_RSA_SIG2_HEX "\x06\x05\x2B\x0E\x03\x02\x1D"
170		# define OID_ID_MGF1_STR "1.2.840.113549.1.1.8"
171		# define OID_ID_MGF1 (652 + OID_COLLISION * 2)
172		# define OID_ID_MGF1_HEX "\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x01\x08"
173		# define OID_RSASSA_PSS_STR "1.2.840.113549.1.1.10"
174		# define OID_RSASSA_PSS (654 + OID_COLLISION)
175		# define OID_RSASSA_PSS_HEX "\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x01\x0A"
176		# define OID_SHA224_RSA_SIG_STR "1.2.840.113549.1.1.14"
177		# define OID_SHA224_RSA_SIG (658 + OID_COLLISION)
178		# define OID_SHA224_RSA_SIG_HEX "\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x01\x0E"
179		# define OID_SHA256_RSA_SIG_STR "1.2.840.113549.1.1.11"
180		# define OID_SHA256_RSA_SIG (655 + OID_COLLISION)
181		# define OID_SHA256_RSA_SIG_HEX "\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x01\x0B"
182		# define OID_SHA384_RSA_SIG_STR "1.2.840.113549.1.1.12"
183		# define OID_SHA384_RSA_SIG (656 + OID_COLLISION)
184		# define OID_SHA384_RSA_SIG_HEX "\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x01\x0C"
185		# define OID_SHA512_RSA_SIG_STR "1.2.840.113549.1.1.13"
186		# define OID_SHA512_RSA_SIG (657 + OID_COLLISION)
187		# define OID_SHA512_RSA_SIG_HEX "\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x01\x0D"
188		# define OID_SHA1_DSA_SIG_STR "1.2.840.10040.4.3"
189		# define OID_SHA1_DSA_SIG 517
190		# define OID_SHA1_DSA_SIG_HEX "\x06\x07\x2A\x86\x48\xCE\x38\x04\x03"
191		# define OID_SHA1_ECDSA_SIG_STR "1.2.840.10045.4.1"
192		# define OID_SHA1_ECDSA_SIG 520
193		# define OID_SHA1_ECDSA_SIG_HEX "\x06\x07\x2A\x86\x48\xCE\x3D\x04\x01"
194		# define OID_SHA224_ECDSA_SIG_STR "1.2.840.10045.4.3.1"
195		# define OID_SHA224_ECDSA_SIG 523
196		# define OID_SHA224_ECDSA_SIG_HEX "\x06\x08\x2A\x86\x48\xCE\x3D\x04\x03\x01"
197		# define OID_SHA256_ECDSA_SIG_STR "1.2.840.10045.4.3.2"
198		# define OID_SHA256_ECDSA_SIG 524
199		# define OID_SHA256_ECDSA_SIG_HEX "\x06\x08\x2A\x86\x48\xCE\x3D\x04\x03\x02"
200		# define OID_SHA384_ECDSA_SIG_STR "1.2.840.10045.4.3.3"
201		# define OID_SHA384_ECDSA_SIG 525
202		# define OID_SHA384_ECDSA_SIG_HEX "\x06\x08\x2A\x86\x48\xCE\x3D\x04\x03\x03"
203		# define OID_SHA512_ECDSA_SIG_STR "1.2.840.10045.4.3.4"
204		# define OID_SHA512_ECDSA_SIG 526
205		# define OID_SHA512_ECDSA_SIG_HEX "\x06\x08\x2A\x86\x48\xCE\x3D\x04\x03\x04"
206
207		/* Public key algorithms */
208		# define OID_RSA_KEY_ALG_STR "1.2.840.113549.1.1.1"
209		# define OID_RSA_KEY_ALG 645
210		# define OID_RSA_KEY_ALG_HEX "\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x01\x01"
211		# define OID_DSA_KEY_ALG_STR "1.2.840.10040.4.1"
212		# define OID_DSA_KEY_ALG 515
213		# define OID_DSA_KEY_ALG_HEX "\x06\x07\x2A\x86\x48\xCE\x38\x04\x01"
214		# define OID_ECDSA_KEY_ALG_STR "1.2.840.10045.2.1"
215		# define OID_ECDSA_KEY_ALG 518
216		# define OID_ECDSA_KEY_ALG_HEX "\x06\x07\x2A\x86\x48\xCE\x3D\x02\x01"
217
218		/* Encryption algorithms */
219		# define OID_DES_EDE3_CBC_STR "1.2.840.113549.3.7"
220		# define OID_DES_EDE3_CBC (652 + OID_COLLISION)
221		# define OID_DES_EDE3_CBC_HEX "\x06\x08\x2A\x86\x48\x86\xF7\x0D\x03\x07"
222
223		# define OID_AES_128_CBC_STR "2.16.840.1.101.3.4.1.2"
224		# define OID_AES_128_CBC (414 + OID_COLLISION)
225		# define OID_AES_128_CBC_HEX "\x06\x09\x60\x86\x48\x01\x65\x03\x04\x01\x02"
226		# define OID_AES_128_WRAP_STR "2.16.840.1.101.3.4.1.5"
227		# define OID_AES_128_WRAP 417
228		# define OID_AES_128_WRAP_HEX "\x06\x09\x60\x86\x48\x01\x65\x03\x04\x01\x05"
229		# define OID_AES_128_GCM_STR "2.16.840.1.101.3.4.1.6"
230		# define OID_AES_128_GCM 418
231		# define OID_AES_128_GCM_HEX "\x06\x09\x60\x86\x48\x01\x65\x03\x04\x01\x06"
232		# define OID_AES_192_CBC_STR "2.16.840.1.101.3.4.1.22"
233		# define OID_AES_192_CBC 434
234		# define OID_AES_192_CBC_HEX "\x06\x09\x60\x86\x48\x01\x65\x03\x04\x01\x16"
235		# define OID_AES_192_WRAP_STR "2.16.840.1.101.3.4.1.25"
236		# define OID_AES_192_WRAP 437
237		# define OID_AES_192_WRAP_HEX "\x06\x09\x60\x86\x48\x01\x65\x03\x04\x01\x19"
238		# define OID_AES_192_GCM_STR "2.16.840.1.101.3.4.1.26"
239		# define OID_AES_192_GCM 438
240		# define OID_AES_192_GCM_HEX "\x06\x09\x60\x86\x48\x01\x65\x03\x04\x01\x1A"
241		# define OID_AES_256_CBC_STR "2.16.840.1.101.3.4.1.42"
242		# define OID_AES_256_CBC 454
243		# define OID_AES_256_CBC_HEX "\x06\x09\x60\x86\x48\x01\x65\x03\x04\x01\x2A"
244		# define OID_AES_256_WRAP_STR "2.16.840.1.101.3.4.1.45"
245		# define OID_AES_256_WRAP 457
246		# define OID_AES_256_WRAP_HEX "\x06\x09\x60\x86\x48\x01\x65\x03\x04\x01\x2D"
247		# define OID_AES_256_GCM_STR "2.16.840.1.101.3.4.1.46"
248		# define OID_AES_256_GCM 458
249		# define OID_AES_256_GCM_HEX "\x06\x09\x60\x86\x48\x01\x65\x03\x04\x01\x2E"
250
251		# define OID_AES_CMAC_STR "2.16.840.1.101.3.4.1.200_alt"
252		# define OID_AES_CMAC 612
253		# define OID_AES_CMAC_HEX "\x06\x0A\x60\x86\x48\x01\x65\x03\x04\x01\xC8"
254
255		# define OID_AES_CBC_CMAC_128_STR "0.4.0.127.0.7.1.1.1.2"
256		# define OID_AES_CBC_CMAC_128 143
257		# define OID_AES_CBC_CMAC_128_HEX "\x06\x09\x04\x00\x7F\x00\x07\x01\x01\x01\x02"
258		# define OID_AES_CBC_CMAC_192_STR "0.4.0.127.0.7.1.1.1.3"
259		# define OID_AES_CBC_CMAC_192 144
260		# define OID_AES_CBC_CMAC_192_HEX "\x06\x09\x04\x00\x7F\x00\x07\x01\x01\x01\x03"
261		# define OID_AES_CBC_CMAC_256_STR "0.4.0.127.0.7.1.1.1.4"
262		# define OID_AES_CBC_CMAC_256 145
263		# define OID_AES_CBC_CMAC_256_HEX "\x06\x09\x04\x00\x7F\x00\x07\x01\x01\x01\x04"
264
265		# define OID_AUTH_ENC_256_SUM_STR "1.2.840.113549.1.9.16.3.16"
266		# define OID_AUTH_ENC_256_SUM 687/* See RFC 6476 */
267		# define OID_AUTH_ENC_256_SUM_HEX "\x06\x0B\x2A\x86\x48\x86\xF7\x0D\x01\x09\x10\x03\x10"
268
269		# define OID_PKCS_PBKDF2_STR "1.2.840.113549.1.5.12"
270		# define OID_PKCS_PBKDF2 (660 + OID_COLLISION)
271		# define OID_PKCS_PBKDF2_HEX "\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x05\x0C"
272		# define OID_PKCS_PBES2_STR "1.2.840.113549.1.5.13"
273		# define OID_PKCS_PBES2 (661 + OID_COLLISION)
274		# define OID_PKCS_PBES2_HEX "\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x05\x0D"
275
276		# define OID_PKCS_PBESHA128RC4_STR "1.2.840.113549.1.12.1.1"
277		# define OID_PKCS_PBESHA128RC4 657
278		# define OID_PKCS_PBESHA128RC4_HEX "\x06\x0A\x2A\x86\x48\x86\xF7\x0D\x01\x0C\x01\x01"
279		# define OID_PKCS_PBESHA40RC4_STR "1.2.840.113549.1.12.1.2"
280		# define OID_PKCS_PBESHA40RC4 658
281		# define OID_PKCS_PBESHA40RC4_HEX "\x06\x0A\x2A\x86\x48\x86\xF7\x0D\x01\x0C\x01\x02"
282		# define OID_PKCS_PBESHA3DES3_STR "1.2.840.113549.1.12.1.3"
283		# define OID_PKCS_PBESHA3DES3 659
284		# define OID_PKCS_PBESHA3DES3_HEX "\x06\x0A\x2A\x86\x48\x86\xF7\x0D\x01\x0C\x01\x03"
285		# define OID_PKCS_PBESHA2DES3_STR "1.2.840.113549.1.12.1.4"
286		# define OID_PKCS_PBESHA2DES3 660
287		# define OID_PKCS_PBESHA2DES3_HEX "\x06\x0A\x2A\x86\x48\x86\xF7\x0D\x01\x0C\x01\x04"
288		# define OID_PKCS_PBESHA128RC2_STR "1.2.840.113549.1.12.1.5"
289		# define OID_PKCS_PBESHA128RC2 661
290		# define OID_PKCS_PBESHA128RC2_HEX "\x06\x0A\x2A\x86\x48\x86\xF7\x0D\x01\x0C\x01\x05"
291		# define OID_PKCS_PBESHA40RC2_STR "1.2.840.113549.1.12.1.6"
292		# define OID_PKCS_PBESHA40RC2 662
293		# define OID_PKCS_PBESHA40RC2_HEX "\x06\x0A\x2A\x86\x48\x86\xF7\x0D\x01\x0C\x01\x06"
294
295		# define OID_PKCS12_BAG_TYPE_KEY_STR "1.2.840.113549.1.12.10.1.1"
296		# define OID_PKCS12_BAG_TYPE_KEY 667
297		# define OID_PKCS12_BAG_TYPE_KEY_HEX "\x06\x0B\x2A\x86\x48\x86\xF7\x0D\x01\x0C\x0A\x01\x01"
298		# define OID_PKCS12_BAG_TYPE_SHROUD_STR "1.2.840.113549.1.12.10.1.2"
299		# define OID_PKCS12_BAG_TYPE_SHROUD 668
300		# define OID_PKCS12_BAG_TYPE_SHROUD_HEX "\x06\x0B\x2A\x86\x48\x86\xF7\x0D\x01\x0C\x0A\x01\x02"
301		# define OID_PKCS12_BAG_TYPE_CERT_STR "1.2.840.113549.1.12.10.1.3"
302		# define OID_PKCS12_BAG_TYPE_CERT 669
303		# define OID_PKCS12_BAG_TYPE_CERT_HEX "\x06\x0B\x2A\x86\x48\x86\xF7\x0D\x01\x0C\x0A\x01\x03"
304		# define OID_PKCS12_BAG_TYPE_CRL_STR "1.2.840.113549.1.12.10.1.4"
305		# define OID_PKCS12_BAG_TYPE_CRL 670
306		# define OID_PKCS12_BAG_TYPE_CRL_HEX "\x06\x0B\x2A\x86\x48\x86\xF7\x0D\x01\x0C\x0A\x01\x04"
307		# define OID_PKCS12_BAG_TYPE_SECRET_STR "1.2.840.113549.1.12.10.1.5"
308		# define OID_PKCS12_BAG_TYPE_SECRET 671
309		# define OID_PKCS12_BAG_TYPE_SECRET_HEX "\x06\x0B\x2A\x86\x48\x86\xF7\x0D\x01\x0C\x0A\x01\x05"
310		# define OID_PKCS12_BAG_TYPE_SAFE_STR "1.2.840.113549.1.12.10.1.6"
311		# define OID_PKCS12_BAG_TYPE_SAFE 672
312		# define OID_PKCS12_BAG_TYPE_SAFE_HEX "\x06\x0B\x2A\x86\x48\x86\xF7\x0D\x01\x0C\x0A\x01\x06"
313
314		# define OID_PKCS9_CERT_TYPE_X509_STR "1.2.840.113549.1.9.22.1"
315		# define OID_PKCS9_CERT_TYPE_X509 675
316		# define OID_PKCS9_CERT_TYPE_X509_HEX "\x06\x0A\x2A\x86\x48\x86\xF7\x0D\x01\x09\x16\x01"
317		# define OID_PKCS9_CERT_TYPE_SDSI_STR "1.2.840.113549.1.9.22.2"
318		# define OID_PKCS9_CERT_TYPE_SDSI 676
319		# define OID_PKCS9_CERT_TYPE_SDSI_HEX "\x06\x0A\x2A\x86\x48\x86\xF7\x0D\x01\x09\x16\x02"
320
321		# define OID_PKCS7_DATA_STR "1.2.840.113549.1.7.1"
322		# define OID_PKCS7_DATA 651
323		# define OID_PKCS7_DATA_HEX "\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x07\x01"
324		# define OID_PKCS7_SIGNED_DATA_STR "1.2.840.113549.1.7.2"
325		# define OID_PKCS7_SIGNED_DATA 652
326		# define OID_PKCS7_SIGNED_DATA_HEX "\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x07\x02"
327		# define OID_PKCS7_ENVELOPED_DATA_STR "1.2.840.113549.1.7.3"
328		# define OID_PKCS7_ENVELOPED_DATA 653
329		# define OID_PKCS7_ENVELOPED_DATA_HEX "\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x07\x03"
330		# define OID_PKCS7_SIGNED_ENVELOPED_DATA_STR "1.2.840.113549.1.7.4"
331		# define OID_PKCS7_SIGNED_ENVELOPED_DATA 654
332		# define OID_PKCS7_SIGNED_ENVELOPED_DATA_HEX "\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x07\x04"
333		# define OID_PKCS7_DIGESTED_DATA_STR "1.2.840.113549.1.7.5"
334		# define OID_PKCS7_DIGESTED_DATA 655
335		# define OID_PKCS7_DIGESTED_DATA_HEX "\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x07\x05"
336		# define OID_PKCS7_ENCRYPTED_DATA_STR "1.2.840.113549.1.7.6"
337		# define OID_PKCS7_ENCRYPTED_DATA 656
338		# define OID_PKCS7_ENCRYPTED_DATA_HEX "\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x07\x06"
339
340		# define OID_OCSP_STR "1.3.6.1.5.5.7.48.1"
341		# define OID_OCSP 116
342		# define OID_OCSP_HEX "\x06\x08\x2B\x06\x01\x05\x05\x07\x30\x01"
343		# define OID_BASIC_OCSP_RESPONSE_STR "1.3.6.1.5.5.7.48.1.1"
344		# define OID_BASIC_OCSP_RESPONSE 117
345		# define OID_BASIC_OCSP_RESPONSE_HEX "\x06\x09\x2B\x06\x01\x05\x05\x07\x30\x01\x01"
346
347		/* These definitions are for MatrixCMS (optional component). */
348		# define OID_ECKA_EG_X963KDF_SHA256_STR "0.4.0.127.0.7.1.1.5.1.1.3"
349		# define OID_ECKA_EG_X963KDF_SHA256 150
350		# define OID_ECKA_EG_X963KDF_SHA256_HEX "\x06\x0B\x04\x00\x7F\x00\x07\x01\x01\x05\x01\x01\x03"
351		# define OID_ECKA_EG_X963KDF_SHA384_STR "0.4.0.127.0.7.1.1.5.1.1.4"
352		# define OID_ECKA_EG_X963KDF_SHA384 151
353		# define OID_ECKA_EG_X963KDF_SHA384_HEX "\x06\x0B\x04\x00\x7F\x00\x07\x01\x01\x05\x01\x01\x04"
354		# define OID_ECKA_EG_X963KDF_SHA512_STR "0.4.0.127.0.7.1.1.5.1.1.5"
355		# define OID_ECKA_EG_X963KDF_SHA512 152
356		# define OID_ECKA_EG_X963KDF_SHA512_HEX "\x06\x0B\x04\x00\x7F\x00\x07\x01\x01\x05\x01\x01\x05"
357		# define OID_DHSINGLEPASS_STDDH_SHA1KDF_SCHEME_STR "1.3.133.16.840.63.0.2"
358		# define OID_DHSINGLEPASS_STDDH_SHA1KDF_SCHEME 464
359		# define OID_DHSINGLEPASS_STDDH_SHA1KDF_SCHEME_HEX "\x06\x09\x2B\x81\x05\x10\x86\x48\x3F\x00\x02"
360		# define OID_DHSINGLEPASS_COFACTORDH_SHA1KDF_SCHEME_STR "1.3.133.16.840.63.0.3"
361		# define OID_DHSINGLEPASS_COFACTORDH_SHA1KDF_SCHEME 465
362		# define OID_DHSINGLEPASS_COFACTORDH_SHA1KDF_SCHEME_HEX "\x06\x09\x2B\x81\x05\x10\x86\x48\x3F\x00\x03"
363		# define OID_MQVSINGLEPASS_SHA1KDF_SCHEME_STR "1.3.133.16.840.63.0.16"
364		# define OID_MQVSINGLEPASS_SHA1KDF_SCHEME 478
365		# define OID_MQVSINGLEPASS_SHA1KDF_SCHEME_HEX "\x06\x09\x2B\x81\x05\x10\x86\x48\x3F\x00\x10"
366		# define OID_DHSINGLEPASS_STDDH_SHA256KDF_SCHEME_STR "1.3.132.1.11.1"
367		# define OID_DHSINGLEPASS_STDDH_SHA256KDF_SCHEME 189
368		# define OID_DHSINGLEPASS_STDDH_SHA256KDF_SCHEME_HEX "\x06\x06\x2B\x81\x04\x01\x0B\x01"
369		# define OID_DHSINGLEPASS_STDDH_SHA384KDF_SCHEME_STR "1.3.132.1.11.2"
370		# define OID_DHSINGLEPASS_STDDH_SHA384KDF_SCHEME 190
371		# define OID_DHSINGLEPASS_STDDH_SHA384KDF_SCHEME_HEX "\x06\x06\x2B\x81\x04\x01\x0B\x02"
372		# define OID_DHSINGLEPASS_STDDH_SHA512KDF_SCHEME_STR "1.3.132.1.11.3"
373		# define OID_DHSINGLEPASS_STDDH_SHA512KDF_SCHEME 191
374		# define OID_DHSINGLEPASS_STDDH_SHA512KDF_SCHEME_HEX "\x06\x06\x2B\x81\x04\x01\x0B\x03"
375
376		# define PBE12 1
377		# define PBES2 2
378		# define AUTH_SAFE_3DES 1
379		# define AUTH_SAFE_RC2 2
380
381		# define PKCS12_KEY_ID 1
382		# define PKCS12_IV_ID 2
383		# define PKCS12_MAC_ID 3
384
385		# if defined(USE_PKCS1_OAEP) \|\| defined(USE_PKCS1_PSS)
386		# define PKCS1_SHA1_ID 0
387		# define PKCS1_MD5_ID 1
388		# define PKCS1_SHA256_ID 2
389		# define PKCS1_SHA384_ID 3
390		# define PKCS1_SHA512_ID 4
391		# define PKCS1_SHA224_ID 5
392		# endif
393
394		/******************************************************************************/
395		/* These values are all mutually exlusive bits to define Cipher flags */
396		# define CRYPTO_FLAGS_AES (1 << 0)
397		# define CRYPTO_FLAGS_AES256 (1 << 1)
398		# define CRYPTO_FLAGS_3DES (1 << 2)
399		# define CRYPTO_FLAGS_ARC4 (1 << 3)
400		# define CRYPTO_FLAGS_SEED (1 << 4)
401		# define CRYPTO_FLAGS_IDEA (1 << 5)
402		# define CRYPTO_FLAGS_CHACHA (1 << 6) /* Short for CHACHA20_POLY2305 */
403
404		# define CRYPTO_FLAGS_SHA1 (1 << 8)
405		# define CRYPTO_FLAGS_SHA2 (1 << 9)
406		# define CRYPTO_FLAGS_SHA3 (1 << 10)
407		# define CRYPTO_FLAGS_GCM (1 << 11)
408		# define CRYPTO_FLAGS_CCM (1 << 12)
409		# define CRYPTO_FLAGS_CCM8 (1 << 13)/* CCM mode with 8 byte ICV */
410		# define CRYPTO_FLAGS_MD5 (1 << 14)
411
412		# define CRYPTO_FLAGS_TLS (1 << 16)
413		# define CRYPTO_FLAGS_TLS_1_1 (1 << 17)
414		# define CRYPTO_FLAGS_TLS_1_2 (1 << 18)
415
416		# define CRYPTO_FLAGS_INBOUND (1 << 24)
417		# define CRYPTO_FLAGS_ARC4INITE (1 << 25)
418		# define CRYPTO_FLAGS_ARC4INITD (1 << 26)
419		# define CRYPTO_FLAGS_BLOCKING (1 << 27)
420
421		# define CRYPTO_FLAGS_DISABLED (1 << 30)
422
423		/******************************************************************************/
424
425		# define CRYPT_INVALID_KEYSIZE -21
426		# define CRYPT_INVALID_ROUNDS -22
427
428		/******************************************************************************/
429		/* 32-bit Rotates */
430		/******************************************************************************/
431		# if defined(_MSC_VER)
432		/******************************************************************************/
433
434		/* instrinsic rotate */
435		# include
436		# pragma intrinsic(_lrotr,_lrotl)
437		# define ROR(x, n) _lrotr(x, n)
438		# define ROL(x, n) _lrotl(x, n)
439
440		/******************************************************************************/
441		# elif defined(__GNUC__) && (defined(__i386__) \|\| defined(__x86_64__)) && \
442		!defined(INTEL_CC) && !defined(PS_NO_ASM)
443
444		static __inline unsigned ROL(unsigned word, int i)
445		{
446		asm ("roll %%cl,%0"
447		: "=r" (word)
448		: "0" (word), "c" (i));
449		return word;
450		}
451
452	25416	static __inline unsigned ROR(unsigned word, int i)
453		{
454	25416	asm ("rorl %%cl,%0"
455		: "=r" (word)
456		: "0" (word), "c" (i));
457	25416	return word;
458		}
459
460		/******************************************************************************/
461		# else
462
463		/* rotates the hard way */
464		# define ROL(x, y) \
465		( (((unsigned long) (x) << (unsigned long) ((y) & 31)) \| \
466		(((unsigned long) (x) & 0xFFFFFFFFUL) >> (unsigned long) (32 - ((y) & 31)))) & \
467		0xFFFFFFFFUL)
468		# define ROR(x, y) \
469		( ((((unsigned long) (x) & 0xFFFFFFFFUL) >> (unsigned long) ((y) & 31)) \| \
470		((unsigned long) (x) << (unsigned long) (32 - ((y) & 31)))) & 0xFFFFFFFFUL)
471
472		# endif /* 32-bit Rotates */
473		/******************************************************************************/
474
475		# ifdef HAVE_NATIVE_INT64
476		# ifdef _MSC_VER
477		# define CONST64(n) n ## ui64
478		# else
479		# define CONST64(n) n ## ULL
480		# endif
481		# endif
482
483		/******************************************************************************/
484		/*
485		Endian helper macros
486		*/
487		# if defined (ENDIAN_NEUTRAL)
488		# define STORE32L(x, y) { \
489		(y)[3] = (unsigned char) (((x) >> 24) & 255); \
490		(y)[2] = (unsigned char) (((x) >> 16) & 255); \
491		(y)[1] = (unsigned char) (((x) >> 8) & 255); \
492		(y)[0] = (unsigned char) ((x) & 255); \
493		}
494
495		# define LOAD32L(x, y) { \
496		x = ((unsigned long) ((y)[3] & 255) << 24) \| \
497		((unsigned long) ((y)[2] & 255) << 16) \| \
498		((unsigned long) ((y)[1] & 255) << 8) \| \
499		((unsigned long) ((y)[0] & 255)); \
500		}
501
502		# define STORE64L(x, y) { \
503		(y)[7] = (unsigned char) (((x) >> 56) & 255); \
504		(y)[6] = (unsigned char) (((x) >> 48) & 255); \
505		(y)[5] = (unsigned char) (((x) >> 40) & 255); \
506		(y)[4] = (unsigned char) (((x) >> 32) & 255); \
507		(y)[3] = (unsigned char) (((x) >> 24) & 255); \
508		(y)[2] = (unsigned char) (((x) >> 16) & 255); \
509		(y)[1] = (unsigned char) (((x) >> 8) & 255); \
510		(y)[0] = (unsigned char) ((x) & 255); \
511		}
512
513		# define LOAD64L(x, y) { \
514		x = (((uint64) ((y)[7] & 255)) << 56) \| (((uint64) ((y)[6] & 255)) << 48) \| \
515		(((uint64) ((y)[5] & 255)) << 40) \| (((uint64) ((y)[4] & 255)) << 32) \| \
516		(((uint64) ((y)[3] & 255)) << 24) \| (((uint64) ((y)[2] & 255)) << 16) \| \
517		(((uint64) ((y)[1] & 255)) << 8) \| (((uint64) ((y)[0] & 255))); \
518		}
519
520		# define STORE32H(x, y) { \
521		(y)[0] = (unsigned char) (((x) >> 24) & 255); \
522		(y)[1] = (unsigned char) (((x) >> 16) & 255); \
523		(y)[2] = (unsigned char) (((x) >> 8) & 255); \
524		(y)[3] = (unsigned char) ((x) & 255); \
525		}
526
527		# define LOAD32H(x, y) { \
528		x = ((unsigned long) ((y)[0] & 255) << 24) \| \
529		((unsigned long) ((y)[1] & 255) << 16) \| \
530		((unsigned long) ((y)[2] & 255) << 8) \| \
531		((unsigned long) ((y)[3] & 255)); \
532		}
533
534		# define STORE64H(x, y) { \
535		(y)[0] = (unsigned char) (((x) >> 56) & 255); \
536		(y)[1] = (unsigned char) (((x) >> 48) & 255); \
537		(y)[2] = (unsigned char) (((x) >> 40) & 255); \
538		(y)[3] = (unsigned char) (((x) >> 32) & 255); \
539		(y)[4] = (unsigned char) (((x) >> 24) & 255); \
540		(y)[5] = (unsigned char) (((x) >> 16) & 255); \
541		(y)[6] = (unsigned char) (((x) >> 8) & 255); \
542		(y)[7] = (unsigned char) ((x) & 255); \
543		}
544
545		# define LOAD64H(x, y) { \
546		x = (((uint64) ((y)[0] & 255)) << 56) \| (((uint64) ((y)[1] & 255)) << 48) \| \
547		(((uint64) ((y)[2] & 255)) << 40) \| (((uint64) ((y)[3] & 255)) << 32) \| \
548		(((uint64) ((y)[4] & 255)) << 24) \| (((uint64) ((y)[5] & 255)) << 16) \| \
549		(((uint64) ((y)[6] & 255)) << 8) \| (((uint64) ((y)[7] & 255))); \
550		}
551
552		# endif /* ENDIAN_NEUTRAL */
553
554		# ifdef ENDIAN_LITTLE
555		# define STORE32H(x, y) { \
556		(y)[0] = (unsigned char) (((x) >> 24) & 255); \
557		(y)[1] = (unsigned char) (((x) >> 16) & 255); \
558		(y)[2] = (unsigned char) (((x) >> 8) & 255); \
559		(y)[3] = (unsigned char) ((x) & 255); \
560		}
561
562		# define LOAD32H(x, y) { \
563		x = ((unsigned long) ((y)[0] & 255) << 24) \| \
564		((unsigned long) ((y)[1] & 255) << 16) \| \
565		((unsigned long) ((y)[2] & 255) << 8) \| \
566		((unsigned long) ((y)[3] & 255)); \
567		}
568
569		# define STORE64H(x, y) { \
570		(y)[0] = (unsigned char) (((x) >> 56) & 255); \
571		(y)[1] = (unsigned char) (((x) >> 48) & 255); \
572		(y)[2] = (unsigned char) (((x) >> 40) & 255); \
573		(y)[3] = (unsigned char) (((x) >> 32) & 255); \
574		(y)[4] = (unsigned char) (((x) >> 24) & 255); \
575		(y)[5] = (unsigned char) (((x) >> 16) & 255); \
576		(y)[6] = (unsigned char) (((x) >> 8) & 255); \
577		(y)[7] = (unsigned char) ((x) & 255); \
578		}
579
580		# define LOAD64H(x, y) { \
581		x = (((uint64) ((y)[0] & 255)) << 56) \| (((uint64) ((y)[1] & 255)) << 48) \| \
582		(((uint64) ((y)[2] & 255)) << 40) \| (((uint64) ((y)[3] & 255)) << 32) \| \
583		(((uint64) ((y)[4] & 255)) << 24) \| (((uint64) ((y)[5] & 255)) << 16) \| \
584		(((uint64) ((y)[6] & 255)) << 8) \| (((uint64) ((y)[7] & 255))); }
585
586		# ifdef ENDIAN_32BITWORD
587		# define STORE32L(x, y) { \
588		unsigned long __t = (x); memcpy(y, &__t, 4); \
589		}
590
591		# define LOAD32L(x, y) memcpy(&(x), y, 4);
592
593		# define STORE64L(x, y) { \
594		(y)[7] = (unsigned char) (((x) >> 56) & 255); \
595		(y)[6] = (unsigned char) (((x) >> 48) & 255); \
596		(y)[5] = (unsigned char) (((x) >> 40) & 255); \
597		(y)[4] = (unsigned char) (((x) >> 32) & 255); \
598		(y)[3] = (unsigned char) (((x) >> 24) & 255); \
599		(y)[2] = (unsigned char) (((x) >> 16) & 255); \
600		(y)[1] = (unsigned char) (((x) >> 8) & 255); \
601		(y)[0] = (unsigned char) ((x) & 255); \
602		}
603
604		# define LOAD64L(x, y) { \
605		x = (((uint64) ((y)[7] & 255)) << 56) \| (((uint64) ((y)[6] & 255)) << 48) \| \
606		(((uint64) ((y)[5] & 255)) << 40) \| (((uint64) ((y)[4] & 255)) << 32) \| \
607		(((uint64) ((y)[3] & 255)) << 24) \| (((uint64) ((y)[2] & 255)) << 16) \| \
608		(((uint64) ((y)[1] & 255)) << 8) \| (((uint64) ((y)[0] & 255))); \
609		}
610
611		# else /* 64-bit words then */
612		# define STORE32L(x, y) \
613		{ unsigned int __t = (x); memcpy(y, &__t, 4); }
614
615		# define LOAD32L(x, y) \
616		{ memcpy(&(x), y, 4); x &= 0xFFFFFFFF; }
617
618		# define STORE64L(x, y) \
619		{ uint64 __t = (x); memcpy(y, &__t, 8); }
620
621		# define LOAD64L(x, y) \
622		{ memcpy(&(x), y, 8); }
623
624		# endif /* ENDIAN_64BITWORD */
625		# endif /* ENDIAN_LITTLE */
626
627		/******************************************************************************/
628
629		# ifdef ENDIAN_BIG
630		# define STORE32L(x, y) { \
631		(y)[3] = (unsigned char) (((x) >> 24) & 255); \
632		(y)[2] = (unsigned char) (((x) >> 16) & 255); \
633		(y)[1] = (unsigned char) (((x) >> 8) & 255); \
634		(y)[0] = (unsigned char) ((x) & 255); \
635		}
636
637		# define LOAD32L(x, y) { \
638		x = ((unsigned long) ((y)[3] & 255) << 24) \| \
639		((unsigned long) ((y)[2] & 255) << 16) \| \
640		((unsigned long) ((y)[1] & 255) << 8) \| \
641		((unsigned long) ((y)[0] & 255)); \
642		}
643
644		# define STORE64L(x, y) { \
645		(y)[7] = (unsigned char) (((x) >> 56) & 255); \
646		(y)[6] = (unsigned char) (((x) >> 48) & 255); \
647		(y)[5] = (unsigned char) (((x) >> 40) & 255); \
648		(y)[4] = (unsigned char) (((x) >> 32) & 255); \
649		(y)[3] = (unsigned char) (((x) >> 24) & 255); \
650		(y)[2] = (unsigned char) (((x) >> 16) & 255); \
651		(y)[1] = (unsigned char) (((x) >> 8) & 255); \
652		(y)[0] = (unsigned char) ((x) & 255); \
653		}
654
655		# define LOAD64L(x, y) { \
656		x = (((uint64) ((y)[7] & 255)) << 56) \| (((uint64) ((y)[6] & 255)) << 48) \| \
657		(((uint64) ((y)[5] & 255)) << 40) \| (((uint64) ((y)[4] & 255)) << 32) \| \
658		(((uint64) ((y)[3] & 255)) << 24) \| (((uint64) ((y)[2] & 255)) << 16) \| \
659		(((uint64) ((y)[1] & 255)) << 8) \| (((uint64) ((y)[0] & 255))); \
660		}
661
662		/******************************************************************************/
663
664		# ifdef ENDIAN_32BITWORD
665		# define STORE32H(x, y) \
666		{ unsigned int __t = (x); memcpy(y, &__t, 4); }
667
668		# define LOAD32H(x, y) memcpy(&(x), y, 4);
669
670		# define STORE64H(x, y) { \
671		(y)[0] = (unsigned char) (((x) >> 56) & 255); \
672		(y)[1] = (unsigned char) (((x) >> 48) & 255); \
673		(y)[2] = (unsigned char) (((x) >> 40) & 255); \
674		(y)[3] = (unsigned char) (((x) >> 32) & 255); \
675		(y)[4] = (unsigned char) (((x) >> 24) & 255); \
676		(y)[5] = (unsigned char) (((x) >> 16) & 255); \
677		(y)[6] = (unsigned char) (((x) >> 8) & 255); \
678		(y)[7] = (unsigned char) ((x) & 255); \
679		}
680
681		# define LOAD64H(x, y) { \
682		x = (((uint64) ((y)[0] & 255)) << 56) \| (((uint64) ((y)[1] & 255)) << 48) \| \
683		(((uint64) ((y)[2] & 255)) << 40) \| (((uint64) ((y)[3] & 255)) << 32) \| \
684		(((uint64) ((y)[4] & 255)) << 24) \| (((uint64) ((y)[5] & 255)) << 16) \| \
685		(((uint64) ((y)[6] & 255)) << 8) \| (((uint64) ((y)[7] & 255))); \
686		}
687
688		/******************************************************************************/
689
690		# else /* 64-bit words then */
691
692		# define STORE32H(x, y) \
693		{ unsigned int __t = (x); memcpy(y, &__t, 4); }
694
695		# define LOAD32H(x, y) \
696		{ memcpy(&(x), y, 4); x &= 0xFFFFFFFF; }
697
698		# define STORE64H(x, y) \
699		{ uint64 __t = (x); memcpy(y, &__t, 8); }
700
701		# define LOAD64H(x, y) \
702		{ memcpy(&(x), y, 8); }
703
704		# endif /* ENDIAN_64BITWORD */
705		# endif /* ENDIAN_BIG */
706
707		/******************************************************************************/
708
709		# ifdef HAVE_NATIVE_INT64
710		# define ROL64c(x, y) \
711		( (((x) << ((uint64) (y) & 63)) \| \
712		(((x) & CONST64(0xFFFFFFFFFFFFFFFF)) >> ((uint64) 64 - ((y) & 63)))) & CONST64(0xFFFFFFFFFFFFFFFF))
713
714		# define ROR64c(x, y) \
715		( ((((x) & CONST64(0xFFFFFFFFFFFFFFFF)) >> ((uint64) (y) & CONST64(63))) \| \
716		((x) << ((uint64) (64 - ((y) & CONST64(63)))))) & CONST64(0xFFFFFFFFFFFFFFFF))
717		# endif /* HAVE_NATIVE_INT64 */
718
719		/******************************************************************************/
720		/*
721		Return the length of padding bytes required for a record of 'LEN' bytes
722		The name Pwr2 indicates that calculations will work with 'BLOCKSIZE'
723		that are powers of 2.
724		Because of the trailing pad length byte, a length that is a multiple
725		of the pad bytes
726		*/
727		# define psPadLenPwr2(LEN, BLOCKSIZE) \
728		BLOCKSIZE <= 1 ? (unsigned char) 0 : \
729		(unsigned char) (BLOCKSIZE - ((LEN) &(BLOCKSIZE - 1)))
730
731		# ifdef USE_CRL
732		extern int32_t psCrlOpen();
733		extern void psCrlClose();
734		# endif
735
736		#endif /* _h_PS_CRYPTOLIB */
737
738		/******************************************************************************/
739