2 * softoken.h - private data structures and prototypes for the softoken lib
4 * This Source Code Form is subject to the terms of the Mozilla Public
5 * License, v. 2.0. If a copy of the MPL was not distributed with this
6 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
21 ** RSA encryption/decryption. When encrypting/decrypting the output
22 ** buffer must be at least the size of the public key modulus.
26 ** Format some data into a PKCS#1 encryption block, preparing the
27 ** data for RSA encryption.
28 ** "result" where the formatted block is stored (memory is allocated)
29 ** "modulusLen" the size of the formatted block
30 ** "blockType" what block type to use (SEC_RSABlock*)
31 ** "data" the data to format
33 extern SECStatus RSA_FormatBlock(SECItem *result,
34 unsigned int modulusLen,
35 RSA_BlockType blockType,
38 ** Similar, but just returns a pointer to the allocated memory, *and*
39 ** will *only* format one block, even if we (in the future) modify
40 ** RSA_FormatBlock() to loop over multiples of modulusLen.
42 extern unsigned char *RSA_FormatOneBlock(unsigned int modulusLen,
43 RSA_BlockType blockType,
49 * convenience wrappers for doing single RSA operations. They create the
50 * RSA context internally and take care of the formatting
51 * requirements. Blinding happens automagically within RSA_Sign and
55 SECStatus RSA_Sign(NSSLOWKEYPrivateKey *key, unsigned char *output,
56 unsigned int *outputLen, unsigned int maxOutputLen,
57 unsigned char *input, unsigned int inputLen);
59 SECStatus RSA_HashSign(SECOidTag hashOid,
60 NSSLOWKEYPrivateKey *key, unsigned char *sig,
61 unsigned int *sigLen, unsigned int maxLen,
62 unsigned char *hash, unsigned int hashLen);
64 SECStatus RSA_SignPSS(CK_RSA_PKCS_PSS_PARAMS *pss_params,
65 NSSLOWKEYPrivateKey *key,
66 unsigned char *output, unsigned int *output_len,
67 unsigned int max_output_len, const unsigned char *input,
68 unsigned int input_len);
70 SECStatus RSA_CheckSign(NSSLOWKEYPublicKey *key, unsigned char *sign,
71 unsigned int signLength, unsigned char *hash,
72 unsigned int hashLength);
74 SECStatus RSA_HashCheckSign(SECOidTag hashOid,
75 NSSLOWKEYPublicKey *key, unsigned char *sig,
76 unsigned int sigLen, unsigned char *digest,
77 unsigned int digestLen);
79 SECStatus RSA_CheckSignPSS(CK_RSA_PKCS_PSS_PARAMS *pss_params,
80 NSSLOWKEYPublicKey *key,
81 const unsigned char *sign, unsigned int sign_len,
82 const unsigned char *hash, unsigned int hash_len);
84 SECStatus RSA_CheckSignRecover(NSSLOWKEYPublicKey *key, unsigned char *data,
85 unsigned int *data_len,unsigned int max_output_len,
86 unsigned char *sign, unsigned int sign_len);
88 SECStatus RSA_EncryptBlock(NSSLOWKEYPublicKey *key, unsigned char *output,
89 unsigned int *outputLen, unsigned int maxOutputLen,
90 unsigned char *input, unsigned int inputLen);
92 SECStatus RSA_DecryptBlock(NSSLOWKEYPrivateKey *key, unsigned char *output,
93 unsigned int *outputLen, unsigned int maxOutputLen,
94 unsigned char *input, unsigned int inputLen);
97 SECStatus RSA_EncryptOAEP(CK_RSA_PKCS_OAEP_PARAMS *oaepParams,
98 NSSLOWKEYPublicKey *key,
99 unsigned char *output, unsigned int *outputLen,
100 unsigned int maxOutputLen,
101 const unsigned char *input, unsigned int inputLen);
104 SECStatus RSA_DecryptOAEP(CK_RSA_PKCS_OAEP_PARAMS *oaepParams,
105 NSSLOWKEYPrivateKey *key,
106 unsigned char *output, unsigned int *outputLen,
107 unsigned int maxOutputLen,
108 const unsigned char *input, unsigned int inputLen);
111 * added to make pkcs #11 happy
115 SECStatus RSA_SignRaw( NSSLOWKEYPrivateKey *key, unsigned char *output,
116 unsigned int *output_len, unsigned int maxOutputLen,
117 unsigned char *input, unsigned int input_len);
119 SECStatus RSA_CheckSignRaw( NSSLOWKEYPublicKey *key, unsigned char *sign,
120 unsigned int sign_len, unsigned char *hash,
121 unsigned int hash_len);
123 SECStatus RSA_CheckSignRecoverRaw( NSSLOWKEYPublicKey *key, unsigned char *data,
124 unsigned int *data_len, unsigned int max_output_len,
125 unsigned char *sign, unsigned int sign_len);
127 SECStatus RSA_EncryptRaw( NSSLOWKEYPublicKey *key, unsigned char *output,
128 unsigned int *output_len,
129 unsigned int max_output_len,
130 unsigned char *input, unsigned int input_len);
132 SECStatus RSA_DecryptRaw(NSSLOWKEYPrivateKey *key, unsigned char *output,
133 unsigned int *output_len,
134 unsigned int max_output_len,
135 unsigned char *input, unsigned int input_len);
136 #ifdef NSS_ENABLE_ECC
138 ** pepare an ECParam structure from DEREncoded params
140 extern SECStatus EC_FillParams(PLArenaPool *arena,
141 const SECItem *encodedParams, ECParams *params);
142 extern SECStatus EC_DecodeParams(const SECItem *encodedParams,
143 ECParams **ecparams);
144 extern SECStatus EC_CopyParams(PLArenaPool *arena, ECParams *dstParams,
145 const ECParams *srcParams);
150 ** Prepare a buffer for padded CBC encryption, growing to the appropriate
151 ** boundary, filling with the appropriate padding.
153 ** blockSize must be a power of 2.
155 ** We add from 1 to blockSize bytes -- we *always* grow.
156 ** The extra bytes contain the value of the length of the padding:
157 ** if we have 2 bytes of padding, then the padding is "0x02, 0x02".
159 ** NOTE: If arena is non-NULL, we re-allocate from there, otherwise
160 ** we assume (and use) PR memory (re)allocation.
162 extern unsigned char * CBC_PadBuffer(PLArenaPool *arena, unsigned char *inbuf,
163 unsigned int inlen, unsigned int *outlen,
167 /****************************************/
169 ** Power-Up selftests required for FIPS and invoked only
170 ** under PKCS #11 FIPS mode.
172 extern CK_RV sftk_fipsPowerUpSelfTest( void );
175 ** make known fixed PKCS #11 key types to their sizes in bytes
177 unsigned long sftk_MapKeySize(CK_KEY_TYPE keyType);
180 ** FIPS 140-2 auditing
182 extern PRBool sftk_audit_enabled;
184 extern void sftk_LogAuditMessage(NSSAuditSeverity severity,
185 NSSAuditType, const char *msg);
187 extern void sftk_AuditCreateObject(CK_SESSION_HANDLE hSession,
188 CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount,
189 CK_OBJECT_HANDLE_PTR phObject, CK_RV rv);
191 extern void sftk_AuditCopyObject(CK_SESSION_HANDLE hSession,
192 CK_OBJECT_HANDLE hObject,
193 CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount,
194 CK_OBJECT_HANDLE_PTR phNewObject, CK_RV rv);
196 extern void sftk_AuditDestroyObject(CK_SESSION_HANDLE hSession,
197 CK_OBJECT_HANDLE hObject, CK_RV rv);
199 extern void sftk_AuditGetObjectSize(CK_SESSION_HANDLE hSession,
200 CK_OBJECT_HANDLE hObject, CK_ULONG_PTR pulSize,
203 extern void sftk_AuditGetAttributeValue(CK_SESSION_HANDLE hSession,
204 CK_OBJECT_HANDLE hObject, CK_ATTRIBUTE_PTR pTemplate,
205 CK_ULONG ulCount, CK_RV rv);
207 extern void sftk_AuditSetAttributeValue(CK_SESSION_HANDLE hSession,
208 CK_OBJECT_HANDLE hObject, CK_ATTRIBUTE_PTR pTemplate,
209 CK_ULONG ulCount, CK_RV rv);
211 extern void sftk_AuditCryptInit(const char *opName,
212 CK_SESSION_HANDLE hSession,
213 CK_MECHANISM_PTR pMechanism,
214 CK_OBJECT_HANDLE hKey, CK_RV rv);
216 extern void sftk_AuditGenerateKey(CK_SESSION_HANDLE hSession,
217 CK_MECHANISM_PTR pMechanism,
218 CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount,
219 CK_OBJECT_HANDLE_PTR phKey, CK_RV rv);
221 extern void sftk_AuditGenerateKeyPair(CK_SESSION_HANDLE hSession,
222 CK_MECHANISM_PTR pMechanism,
223 CK_ATTRIBUTE_PTR pPublicKeyTemplate,
224 CK_ULONG ulPublicKeyAttributeCount,
225 CK_ATTRIBUTE_PTR pPrivateKeyTemplate,
226 CK_ULONG ulPrivateKeyAttributeCount,
227 CK_OBJECT_HANDLE_PTR phPublicKey,
228 CK_OBJECT_HANDLE_PTR phPrivateKey, CK_RV rv);
230 extern void sftk_AuditWrapKey(CK_SESSION_HANDLE hSession,
231 CK_MECHANISM_PTR pMechanism,
232 CK_OBJECT_HANDLE hWrappingKey, CK_OBJECT_HANDLE hKey,
233 CK_BYTE_PTR pWrappedKey,
234 CK_ULONG_PTR pulWrappedKeyLen, CK_RV rv);
236 extern void sftk_AuditUnwrapKey(CK_SESSION_HANDLE hSession,
237 CK_MECHANISM_PTR pMechanism,
238 CK_OBJECT_HANDLE hUnwrappingKey,
239 CK_BYTE_PTR pWrappedKey, CK_ULONG ulWrappedKeyLen,
240 CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulAttributeCount,
241 CK_OBJECT_HANDLE_PTR phKey, CK_RV rv);
243 extern void sftk_AuditDeriveKey(CK_SESSION_HANDLE hSession,
244 CK_MECHANISM_PTR pMechanism,
245 CK_OBJECT_HANDLE hBaseKey,
246 CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulAttributeCount,
247 CK_OBJECT_HANDLE_PTR phKey, CK_RV rv);
249 extern void sftk_AuditDigestKey(CK_SESSION_HANDLE hSession,
250 CK_OBJECT_HANDLE hKey, CK_RV rv);
253 ** FIPS 140-2 Error state
255 extern PRBool sftk_fatalError;
258 ** macros to check for forked child process after C_Initialize
260 #if defined(XP_UNIX) && !defined(NO_FORK_CHECK)
264 #define FORK_ASSERT() \
266 char* forkAssert = getenv("NSS_STRICT_NOFORK"); \
267 if ( (!forkAssert) || (0 == strcmp(forkAssert, "1")) ) { \
274 #define FORK_ASSERT()
278 /* we have 3 methods of implementing the fork checks :
279 * - Solaris "mixed" method
280 * - pthread_atfork method
284 #if !defined (CHECK_FORK_MIXED) && !defined(CHECK_FORK_PTHREAD) && \
285 !defined (CHECK_FORK_GETPID)
287 /* Choose fork check method automatically unless specified
288 * This section should be updated as more platforms get pthread fixes
289 * to unregister fork handlers in dlclose.
294 /* Solaris 8, s9 use PID checks, s10 uses pthread_atfork */
296 #define CHECK_FORK_MIXED
300 #define CHECK_FORK_PTHREAD
304 /* Other Unix platforms use only PID checks. Even if pthread_atfork is
305 * available, the behavior of dlclose isn't guaranteed by POSIX to
306 * unregister the fork handler. */
308 #define CHECK_FORK_GETPID
314 #if defined(CHECK_FORK_MIXED)
316 extern PRBool usePthread_atfork;
319 extern PRBool forked;
321 #define PARENT_FORKED() (usePthread_atfork ? forked : (myPid && myPid != getpid()))
323 #elif defined(CHECK_FORK_PTHREAD)
325 extern PRBool forked;
327 #define PARENT_FORKED() forked
329 #elif defined(CHECK_FORK_GETPID)
334 #define PARENT_FORKED() (myPid && myPid != getpid())
338 extern PRBool parentForkedAfterC_Initialize;
339 extern PRBool sftkForkCheckDisabled;
341 #define CHECK_FORK() \
343 if (!sftkForkCheckDisabled && PARENT_FORKED()) { \
345 return CKR_DEVICE_ERROR; \
349 #define SKIP_AFTER_FORK(x) if (!parentForkedAfterC_Initialize) x
351 #define ENABLE_FORK_CHECK() \
353 char* doForkCheck = getenv("NSS_STRICT_NOFORK"); \
354 if ( doForkCheck && !strcmp(doForkCheck, "DISABLED") ) { \
355 sftkForkCheckDisabled = PR_TRUE; \
362 /* non-Unix platforms, or fork check disabled */
365 #define SKIP_AFTER_FORK(x) x
366 #define ENABLE_FORK_CHECK()
368 #ifndef NO_FORK_CHECK
369 #define NO_FORK_CHECK
377 #endif /* _SOFTOKEN_H_ */