mirror of
https://github.com/rn10950/RetroZilla.git
synced 2024-11-10 18:00:15 +01:00
140 lines
5.2 KiB
C
140 lines
5.2 KiB
C
/* This Source Code Form is subject to the terms of the Mozilla Public
|
|
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
|
|
|
|
/*
|
|
* Support routines for PKCS7 implementation, none of which are exported.
|
|
* This file should only contain things that are needed by both the
|
|
* encoding/creation side *and* the decoding/decryption side. Anything
|
|
* else should just be static routines in the appropriate file.
|
|
*
|
|
* Do not export this file! If something in here is really needed outside
|
|
* of pkcs7 code, first try to add a PKCS7 interface which will do it for
|
|
* you. If that has a problem, then just move out what you need, changing
|
|
* its name as appropriate!
|
|
*/
|
|
|
|
#ifndef _P7LOCAL_H_
|
|
#define _P7LOCAL_H_
|
|
|
|
#include "secpkcs7.h"
|
|
#include "secasn1t.h"
|
|
|
|
extern const SEC_ASN1Template sec_PKCS7ContentInfoTemplate[];
|
|
|
|
/* opaque objects */
|
|
typedef struct sec_pkcs7_cipher_object sec_PKCS7CipherObject;
|
|
|
|
|
|
/************************************************************************/
|
|
SEC_BEGIN_PROTOS
|
|
|
|
/*
|
|
* Look through a set of attributes and find one that matches the
|
|
* specified object ID. If "only" is true, then make sure that
|
|
* there is not more than one attribute of the same type. Otherwise,
|
|
* just return the first one found. (XXX Does anybody really want
|
|
* that first-found behavior? It was like that when I found it...)
|
|
*/
|
|
extern SEC_PKCS7Attribute *sec_PKCS7FindAttribute (SEC_PKCS7Attribute **attrs,
|
|
SECOidTag oidtag,
|
|
PRBool only);
|
|
/*
|
|
* Return the single attribute value, doing some sanity checking first:
|
|
* - Multiple values are *not* expected.
|
|
* - Empty values are *not* expected.
|
|
*/
|
|
extern SECItem *sec_PKCS7AttributeValue (SEC_PKCS7Attribute *attr);
|
|
|
|
/*
|
|
* Encode a set of attributes (found in "src").
|
|
*/
|
|
extern SECItem *sec_PKCS7EncodeAttributes (PLArenaPool *poolp,
|
|
SECItem *dest, void *src);
|
|
|
|
/*
|
|
* Make sure that the order of the attributes guarantees valid DER
|
|
* (which must be in lexigraphically ascending order for a SET OF);
|
|
* if reordering is necessary it will be done in place (in attrs).
|
|
*/
|
|
extern SECStatus sec_PKCS7ReorderAttributes (SEC_PKCS7Attribute **attrs);
|
|
|
|
|
|
/*
|
|
* Create a context for decrypting, based on the given key and algorithm.
|
|
*/
|
|
extern sec_PKCS7CipherObject *
|
|
sec_PKCS7CreateDecryptObject (PK11SymKey *key, SECAlgorithmID *algid);
|
|
|
|
/*
|
|
* Create a context for encrypting, based on the given key and algorithm,
|
|
* and fill in the algorithm id.
|
|
*/
|
|
extern sec_PKCS7CipherObject *
|
|
sec_PKCS7CreateEncryptObject (PLArenaPool *poolp, PK11SymKey *key,
|
|
SECOidTag algtag, SECAlgorithmID *algid);
|
|
|
|
/*
|
|
* Destroy the given decryption or encryption object.
|
|
*/
|
|
extern void sec_PKCS7DestroyDecryptObject (sec_PKCS7CipherObject *obj);
|
|
extern void sec_PKCS7DestroyEncryptObject (sec_PKCS7CipherObject *obj);
|
|
|
|
/*
|
|
* What will be the output length of the next call to encrypt/decrypt?
|
|
* Result can be used to perform memory allocations. Note that the amount
|
|
* is exactly accurate only when not doing a block cipher or when final
|
|
* is false, otherwise it is an upper bound on the amount because until
|
|
* we see the data we do not know how many padding bytes there are
|
|
* (always between 1 and the cipher block size).
|
|
*
|
|
* Note that this can return zero, which does not mean that the cipher
|
|
* operation can be skipped! (It simply means that there are not enough
|
|
* bytes to make up an entire block; the bytes will be reserved until
|
|
* there are enough to encrypt/decrypt at least one block.) However,
|
|
* if zero is returned it *does* mean that no output buffer need be
|
|
* passed in to the subsequent cipher operation, as no output bytes
|
|
* will be stored.
|
|
*/
|
|
extern unsigned int sec_PKCS7DecryptLength (sec_PKCS7CipherObject *obj,
|
|
unsigned int input_len,
|
|
PRBool final);
|
|
extern unsigned int sec_PKCS7EncryptLength (sec_PKCS7CipherObject *obj,
|
|
unsigned int input_len,
|
|
PRBool final);
|
|
|
|
/*
|
|
* Decrypt a given length of input buffer (starting at "input" and
|
|
* containing "input_len" bytes), placing the decrypted bytes in
|
|
* "output" and storing the output length in "*output_len_p".
|
|
* "obj" is the return value from sec_PKCS7CreateDecryptObject.
|
|
* When "final" is true, this is the last of the data to be decrypted.
|
|
*/
|
|
extern SECStatus sec_PKCS7Decrypt (sec_PKCS7CipherObject *obj,
|
|
unsigned char *output,
|
|
unsigned int *output_len_p,
|
|
unsigned int max_output_len,
|
|
const unsigned char *input,
|
|
unsigned int input_len,
|
|
PRBool final);
|
|
|
|
/*
|
|
* Encrypt a given length of input buffer (starting at "input" and
|
|
* containing "input_len" bytes), placing the encrypted bytes in
|
|
* "output" and storing the output length in "*output_len_p".
|
|
* "obj" is the return value from sec_PKCS7CreateEncryptObject.
|
|
* When "final" is true, this is the last of the data to be encrypted.
|
|
*/
|
|
extern SECStatus sec_PKCS7Encrypt (sec_PKCS7CipherObject *obj,
|
|
unsigned char *output,
|
|
unsigned int *output_len_p,
|
|
unsigned int max_output_len,
|
|
const unsigned char *input,
|
|
unsigned int input_len,
|
|
PRBool final);
|
|
|
|
/************************************************************************/
|
|
SEC_END_PROTOS
|
|
|
|
#endif /* _P7LOCAL_H_ */
|