SecureTransport/privateInc/cryptType.h

   1 /*
   2  * Copyright (c) 2000-2001 Apple Computer, Inc. All Rights Reserved.
   3  *
   4  * The contents of this file constitute Original Code as defined in and are
   5  * subject to the Apple Public Source License Version 1.2 (the 'License').
   6  * You may not use this file except in compliance with the License. Please obtain
   7  * a copy of the License at http://www.apple.com/publicsource and read it before
   8  * using this file.
   9  *
  10  * This Original Code and all software distributed under the License are
  11  * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS
  12  * OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT
  13  * LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
  14  * PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the
  15  * specific language governing rights and limitations under the License.
  16  */
  17
  18
  19 /*
  20         File:           cryptType.h
  21
  22         Contains:       Crypto structures and routines
  23
  24         Written by:     Doug Mitchell, based on Netscape SSLRef 3.0
  25
  26         Copyright: (c) 1999 by Apple Computer, Inc., all rights reserved.
  27
  28 */
  29 /*  *********************************************************************
  30     File: cryptype.h
  31
  32     SSLRef 3.0 Final -- 11/19/96
  33
  34     Copyright (c)1996 by Netscape Communications Corp.
  35
  36     By retrieving this software you are bound by the licensing terms
  37     disclosed in the file "LICENSE.txt". Please read it, and if you don't
  38     accept the terms, delete this software.
  39
  40     SSLRef 3.0 was developed by Netscape Communications Corp. of Mountain
  41     View, California <http://home.netscape.com/> and Consensus Development
  42     Corporation of Berkeley, California <http://www.consensus.com/>.
  43
  44     *********************************************************************
  45
  46     File: cryptype.h   Crypto structures and routines
  47
  48     Types associated with cryptographic functionality, including hashes,
  49     symmetric ciphers, and cipher specs.
  50
  51     ****************************************************************** */
  52
  53 #ifndef _CRYPTTYPE_H_
  54 #define _CRYPTTYPE_H_ 1
  55
  56 #include "sslerrs.h"
  57 #include <Security/CipherSuite.h>
  58 #include "sslPriv.h"
  59 #include "sslctx.h"
  60
  61 #ifdef __cplusplus
  62 extern "C" {
  63 #endif
  64
  65 typedef enum
  66 {   SSL2_RC4_128_WITH_MD5 =                 0x010080,
  67     SSL2_RC4_128_EXPORT_40_WITH_MD5 =       0x020080,
  68     SSL2_RC2_128_CBC_WITH_MD5 =             0x030080,
  69     SSL2_RC2_128_CBC_EXPORT40_WITH_MD5 =    0x040080,
  70     SSL2_IDEA_128_CBC_WITH_MD5 =            0x050080,
  71     SSL2_DES_64_CBC_WITH_MD5 =              0x060040,
  72     SSL2_DES_192_EDE3_CBC_WITH_MD5 =        0x0700C0
  73 } SSL2CipherKind;
  74
  75 typedef struct
  76 {   SSL2CipherKind      cipherKind;
  77     SSLCipherSuite      cipherSuite;
  78 } SSLCipherMapping;
  79
  80 /*
  81  * Note: we're not changing the digest mechanisms for now; BSAFE
  82  * doesn't provide the necessary "digest clone" op.
  83  */
  84 typedef SSLErr (*HashInit)(SSLBuffer digestCtx);
  85 typedef SSLErr (*HashUpdate)(SSLBuffer digestCtx, SSLBuffer data);
  86 typedef SSLErr (*HashFinal)(SSLBuffer digestCtx, SSLBuffer digest);
  87 typedef SSLErr (*HashClone)(SSLBuffer src, SSLBuffer dest);
  88
  89 typedef struct
  90 {   UInt32      contextSize;
  91     UInt32      digestSize;
  92     UInt32      macPadSize;
  93     HashInit    init;
  94     HashUpdate  update;
  95     HashFinal   final;
  96     HashClone   clone;
  97 } HashReference;
  98
  99 extern const HashReference SSLHashNull;
 100 extern const HashReference SSLHashMD5;
 101 extern const HashReference SSLHashSHA1;
 102
 103 #ifdef  _APPLE_CDSA_
 104 /*
 105  * All symmetric ciphers go thru CDSA, but we'll keep these callouts for
 106  * now. The major change here is the inclusion of the CipherContext
 107  * arg, for alg/mode and key storage.
 108  */
 109 struct CipherContext;
 110 typedef struct CipherContext CipherContext;
 111
 112 typedef SSLErr (*SSLKeyFunc)(
 113         UInt8 *key,
 114         UInt8 *iv,
 115         CipherContext *cipherCtx,
 116         SSLContext *ctx);
 117 typedef SSLErr (*SSLCryptFunc)(
 118         SSLBuffer src,
 119         SSLBuffer dest,
 120         CipherContext *cipherCtx,
 121         SSLContext *ctx);
 122 typedef SSLErr (*SSLFinishFunc)(
 123         CipherContext *cipherCtx,
 124         SSLContext *ctx);
 125
 126 #else
 127 typedef SSLErr (*SSLKeyFunc)(UInt8 *key, UInt8 *iv, void **cipherRef, SSLContext *ctx);
 128 typedef SSLErr (*SSLCryptFunc)(SSLBuffer src, SSLBuffer dest, void *cipherRef, SSLContext *ctx);
 129 typedef SSLErr (*SSLFinishFunc)(void *cipherRef, SSLContext *ctx);
 130 #endif  /* _APPLE_CDSA */
 131
 132 typedef enum
 133 {   NotExportable = 0,
 134     Exportable = 1
 135 } Exportability;
 136
 137 /*
 138  * Statically defined description of a symmetric sipher.
 139  */
 140 typedef struct {
 141     UInt8               keySize;            /* Sizes are in bytes */
 142     UInt8               secretKeySize;
 143     UInt8               ivSize;
 144     UInt8                       blockSize;
 145     #ifdef      _APPLE_CDSA_
 146     CSSM_ALGORITHMS             keyAlg;                         /* CSSM_ALGID_DES, etc. */
 147     CSSM_ALGORITHMS             encrAlg;                        /* ditto */
 148     CSSM_ENCRYPT_MODE   encrMode;                       /* CSSM_ALGMODE_CBCPadIV8, etc. */
 149         CSSM_PADDING            encrPad;
 150     #endif      /* _APPLE_CDSA */
 151     SSLKeyFunc          initialize;
 152     SSLCryptFunc        encrypt;
 153     SSLCryptFunc        decrypt;
 154     SSLFinishFunc       finish;
 155 } SSLSymmetricCipher;
 156
 157 #define MAX_DIGEST_SIZE 20          /* SHA digest size = 160 bits */
 158 #define MAX_MAC_PADDING 48          /* MD5 MAC padding size = 48 bytes */
 159 #define MASTER_SECRET_LEN 48        /* master secret = 3 x MD5 hashes concatenated */
 160 #ifdef  __APPLE__
 161 /* SSL V2 - mac secret is the size of symmetric key, not digest */
 162 #define MAX_SYMKEY_SIZE         24
 163 #endif  /* __APPLE__ */
 164
 165 typedef enum
 166 {   SSL_NULL_auth,
 167         /*
 168          * FIXME: I have no idea what the difference is between
 169          * e.g. SSL_RSA and SS_RSA_EXPORT. These don't go over the
 170          * wire.
 171          * The few times the SSLRef code behaves differently between
 172          * these two look wrong. See SSLDecodeRSAKeyExchange(),
 173          * SSLAdvanceHandshake().
 174          *
 175          * UPDATE: see comments for SSL_SERVER_KEYEXCH_HACK hack.
 176          */
 177     SSL_RSA,
 178     SSL_RSA_EXPORT,
 179     SSL_DH_DSS,
 180     SSL_DH_DSS_EXPORT,
 181     SSL_DH_RSA,
 182     SSL_DH_RSA_EXPORT,
 183     SSL_DHE_DSS,
 184     SSL_DHE_DSS_EXPORT,
 185     SSL_DHE_RSA,
 186     SSL_DHE_RSA_EXPORT,
 187     SSL_DH_anon,
 188     SSL_DH_anon_EXPORT,
 189     SSL_Fortezza
 190 } KeyExchangeMethod;
 191
 192 typedef struct {
 193     SSLCipherSuite                      cipherSpec;
 194     Exportability                       isExportable;
 195     KeyExchangeMethod                   keyExchangeMethod;
 196     const HashReference         *macAlgorithm;
 197     const SSLSymmetricCipher    *cipher;
 198 } SSLCipherSpec;
 199
 200 extern const SSLCipherMapping SSL2CipherMap[];
 201 extern const int SSL2CipherMapCount;
 202 extern UInt8 SSLMACPad1[], SSLMACPad2[];
 203
 204 #ifdef __cplusplus
 205 }
 206 #endif
 207
 208 #endif /* _CRYPTTYPE_H_ */