]> git.saurik.com Git - apple/security.git/blob - SecureTransport/privateInc/cryptType.h
projects / apple / security.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Security-164.1.tar.gz
[apple/security.git] / SecureTransport / privateInc / cryptType.h
1 /*
2 * Copyright (c) 2000-2001 Apple Computer, Inc. All Rights Reserved.
3 *
4 * The contents of this file constitute Original Code as defined in and are
5 * subject to the Apple Public Source License Version 1.2 (the 'License').
6 * You may not use this file except in compliance with the License. Please obtain
7 * a copy of the License at http://www.apple.com/publicsource and read it before
8 * using this file.
9 *
10 * This Original Code and all software distributed under the License are
11 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS
12 * OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT
13 * LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
14 * PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the
15 * specific language governing rights and limitations under the License.
16 */
17
18
19 /*
20 File: cryptType.h
21
22 Contains: Crypto structures and routines
23
24 Written by: Doug Mitchell
25
26 Copyright: (c) 1999 by Apple Computer, Inc., all rights reserved.
27
28 */
29
30 #ifndef _CRYPTTYPE_H_
31 #define _CRYPTTYPE_H_ 1
32
33 #include <Security/CipherSuite.h>
34 #include "sslPriv.h"
35 #include "sslContext.h"
36 #include "tls_hmac.h"
37
38 #ifdef __cplusplus
39 extern "C" {
40 #endif
41
42 typedef enum
43 { SSL2_RC4_128_WITH_MD5 = 0x010080,
44 SSL2_RC4_128_EXPORT_40_WITH_MD5 = 0x020080,
45 SSL2_RC2_128_CBC_WITH_MD5 = 0x030080,
46 SSL2_RC2_128_CBC_EXPORT40_WITH_MD5 = 0x040080,
47 SSL2_IDEA_128_CBC_WITH_MD5 = 0x050080,
48 SSL2_DES_64_CBC_WITH_MD5 = 0x060040,
49 SSL2_DES_192_EDE3_CBC_WITH_MD5 = 0x0700C0
50 } SSL2CipherKind;
51
52 typedef struct
53 { SSL2CipherKind cipherKind;
54 SSLCipherSuite cipherSuite;
55 } SSLCipherMapping;
56
57 typedef OSStatus (*HashInit)(SSLBuffer &digestCtx, SSLContext *sslCtx);
58 typedef OSStatus (*HashUpdate)(SSLBuffer &digestCtx, const SSLBuffer &data);
59 /* HashFinal also does HashClose */
60 typedef OSStatus (*HashFinal)(SSLBuffer &digestCtx, SSLBuffer &digest);
61 typedef OSStatus (*HashClose)(SSLBuffer &digestCtx, SSLContext *sslCtx);
62 typedef OSStatus (*HashClone)(const SSLBuffer &src, SSLBuffer &dest);
63 typedef struct
64 { UInt32 contextSize;
65 UInt32 digestSize;
66 UInt32 macPadSize;
67 HashInit init;
68 HashUpdate update;
69 HashFinal final;
70 HashClose close;
71 HashClone clone;
72 } HashReference;
73
74 /*
75 * TLS addenda:
76 * -- new struct HashHmacReference
77 * -- structs which used to use HashReference now use HashHmacReference
78 * -- new union HashHmacContext, used in CipherContext.
79 */
80 typedef struct {
81 const HashReference *hash;
82 const HMACReference *hmac;
83 } HashHmacReference;
84
85 typedef union {
86 SSLBuffer hashCtx;
87 HMACContextRef hmacCtx;
88 } HashHmacContext;
89
90 /* these are declared in tls_hmac.c */
91 extern const HashHmacReference HashHmacNull;
92 extern const HashHmacReference HashHmacMD5;
93 extern const HashHmacReference HashHmacSHA1;
94
95 /*
96 * Hack to avoid circular dependency with tls_ssl.h.
97 */
98 struct _SslTlsCallouts;
99
100 /*
101 * All symmetric ciphers go thru CDSA, via these callouts.
102 */
103 struct CipherContext;
104 typedef struct CipherContext CipherContext;
105
106 typedef OSStatus (*SSLKeyFunc)(
107 UInt8 *key,
108 UInt8 *iv,
109 CipherContext *cipherCtx,
110 SSLContext *ctx);
111 typedef OSStatus (*SSLCryptFunc)(
112 SSLBuffer src,
113 SSLBuffer dest,
114 CipherContext *cipherCtx,
115 SSLContext *ctx);
116 typedef OSStatus (*SSLFinishFunc)(
117 CipherContext *cipherCtx,
118 SSLContext *ctx);
119
120 typedef enum
121 { NotExportable = 0,
122 Exportable = 1
123 } Exportability;
124
125 /*
126 * Statically defined description of a symmetric sipher.
127 */
128 typedef struct {
129 UInt8 keySize; /* Sizes are in bytes */
130 UInt8 secretKeySize;
131 UInt8 ivSize;
132 UInt8 blockSize;
133 CSSM_ALGORITHMS keyAlg; /* CSSM_ALGID_DES, etc. */
134 CSSM_ALGORITHMS encrAlg; /* ditto */
135 CSSM_ENCRYPT_MODE encrMode; /* CSSM_ALGMODE_CBCPadIV8, etc. */
136 CSSM_PADDING encrPad;
137 SSLKeyFunc initialize;
138 SSLCryptFunc encrypt;
139 SSLCryptFunc decrypt;
140 SSLFinishFunc finish;
141 } SSLSymmetricCipher;
142
143 #define MAX_MAC_PADDING 48 /* MD5 MAC padding size = 48 bytes */
144 #define MASTER_SECRET_LEN 48 /* master secret = 3 x MD5 hashes concatenated */
145
146 /* SSL V2 - mac secret is the size of symmetric key, not digest */
147 #define MAX_SYMKEY_SIZE 24
148
149 typedef enum
150 { SSL_NULL_auth,
151 SSL_RSA,
152 SSL_RSA_EXPORT,
153 SSL_DH_DSS,
154 SSL_DH_DSS_EXPORT,
155 SSL_DH_RSA,
156 SSL_DH_RSA_EXPORT,
157 SSL_DHE_DSS,
158 SSL_DHE_DSS_EXPORT,
159 SSL_DHE_RSA,
160 SSL_DHE_RSA_EXPORT,
161 SSL_DH_anon,
162 SSL_DH_anon_EXPORT,
163 SSL_Fortezza
164 } KeyExchangeMethod;
165
166 typedef struct {
167 SSLCipherSuite cipherSpec;
168 Exportability isExportable;
169 KeyExchangeMethod keyExchangeMethod;
170 const HashHmacReference *macAlgorithm;
171 const SSLSymmetricCipher *cipher;
172 } SSLCipherSpec;
173
174 extern const SSLCipherMapping SSL2CipherMap[];
175 extern const unsigned SSL2CipherMapCount;
176
177 /* Default size of server-generated Diffie-Hellman parameters and keys */
178 #ifdef NDEBUG
179 #define SSL_DH_DEFAULT_PRIME_SIZE 1024 /* in bits */
180 #else
181 #define SSL_DH_DEFAULT_PRIME_SIZE 512 /* in bits */
182 #endif
183
184 #ifdef __cplusplus
185 }
186 #endif
187
188 #endif /* _CRYPTTYPE_H_ */
mirror of Security