Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

246 lines
5.7 KiB

  1. /* key.h */
  2. #ifdef __cplusplus
  3. extern "C" {
  4. #endif
  5. // needs to be put into wincrypt.h or left open in wincrypt.h
  6. #define KP_Z 30
  7. #define IPSEC_FLAG_CHECK 0xF42A19B6
  8. static BYTE rgbSymmetricKeyWrapIV[8] = {0x4a, 0xdd, 0xa2, 0x2c, 0x79, 0xe8, 0x21, 0x05};
  9. /*********************************/
  10. /* Function Definitions */
  11. /*********************************/
  12. extern void
  13. UnpickleKey(
  14. ALG_ID Algid,
  15. BYTE *pbData,
  16. DWORD cbData,
  17. BOOL *pfExportable,
  18. Key_t *pKey);
  19. extern Key_t *
  20. allocKey(
  21. void);
  22. // Delete a key
  23. extern void
  24. freeKey(
  25. IN OUT Key_t *key);
  26. // Copy a public key
  27. extern void
  28. CopyPubKey(
  29. IN Key_t *pKeyIn,
  30. OUT Key_t *pKeyOut);
  31. // Initialize a key
  32. extern DWORD
  33. initKey(
  34. IN OUT Key_t *key,
  35. IN Context_t *pContext,
  36. IN ALG_ID algId,
  37. IN DWORD dwFlags);
  38. extern BOOL
  39. checkKey(
  40. Key_t *key);
  41. // Derive key
  42. // if the pHash parameter is non zero and the key to be derived is a
  43. // 3 Key triple DES key, then the data is expanded to the appropriate key size
  44. extern DWORD
  45. deriveKey(
  46. Key_t *pKey,
  47. Context_t *pContext,
  48. BYTE *pbData,
  49. DWORD cbData,
  50. DWORD dwFlags,
  51. Hash_t *pHash,
  52. BOOL fGenKey,
  53. BOOL fAnySizeRC2);
  54. // generate a key
  55. extern DWORD
  56. generateKey(
  57. IN OUT Key_t *pKey,
  58. IN DWORD dwFlags,
  59. IN OUT uchar *pbRandom,
  60. IN DWORD cbRandom,
  61. IN Context_t *pContext);
  62. // duplicate a key
  63. extern DWORD
  64. DuplicateKey(
  65. Context_t *pContext,
  66. Key_t *pKey,
  67. Key_t *pNewKey,
  68. BOOL fCopyContext);
  69. // set the parameters on a key
  70. extern DWORD
  71. setKeyParams(
  72. IN OUT Key_t *pKey,
  73. IN DWORD dwParam,
  74. IN CONST BYTE *pbData,
  75. IN OUT Context_t *pContext,
  76. IN DWORD dwFlags);
  77. extern DWORD
  78. getKeyParams(
  79. IN Context_t *pContext,
  80. IN Key_t *key,
  81. IN DWORD param,
  82. IN DWORD dwFlags,
  83. OUT BYTE *data,
  84. OUT DWORD *len);
  85. extern DWORD
  86. ImportOpaqueBlob(
  87. Context_t *pContext,
  88. CONST BYTE *pbData,
  89. DWORD cbData,
  90. HCRYPTKEY *phKey);
  91. // Export the requested key into blob format
  92. extern DWORD
  93. exportKey(
  94. IN Context_t *pContext,
  95. IN Key_t *pKey,
  96. IN Key_t *pEncKey,
  97. IN DWORD dwBlobType,
  98. IN DWORD dwFlags,
  99. OUT BYTE *pbBlob,
  100. OUT DWORD *pcbBlob,
  101. IN BOOL fInternalExport);
  102. extern DWORD
  103. feedPlainText(
  104. Key_t *pKey,
  105. BYTE *pbData,
  106. DWORD dwBufLen,
  107. DWORD *pdwDataLen,
  108. int final);
  109. extern DWORD
  110. feedCypherText(
  111. Key_t *pKey,
  112. BYTE *pbData,
  113. DWORD *pdwDataLen,
  114. int final);
  115. extern DWORD
  116. generateSignature(
  117. IN Context_t *pContext,
  118. IN Key_t *key,
  119. IN uchar *hashVal,
  120. OUT uchar *pbSignature,
  121. OUT DWORD *pdwSigLen);
  122. // Verify signature
  123. extern DWORD
  124. verifySignature(
  125. IN Context_t *pContext,
  126. IN Key_t *pKey,
  127. IN uchar *pbHash,
  128. IN DWORD cbHash,
  129. IN uchar *pbSignature,
  130. IN DWORD cbSignature);
  131. extern DWORD
  132. BlockEncrypt(
  133. void EncFun(BYTE *In, BYTE *Out, void *key, int op),
  134. Key_t *pKey,
  135. int BlockLen,
  136. BOOL Final,
  137. BYTE *pbData,
  138. DWORD *pdwDataLen,
  139. DWORD dwBufLen);
  140. extern DWORD
  141. BlockDecrypt(
  142. void DecFun(BYTE *In, BYTE *Out, void *key, int op),
  143. Key_t *pKey,
  144. int BlockLen,
  145. BOOL Final,
  146. BYTE *pbData,
  147. DWORD *pdwDataLen);
  148. //
  149. // Function : TestSymmetricAlgorithm
  150. //
  151. // Description : This function expands the passed in key buffer for the appropriate algorithm,
  152. // encrypts the plaintext buffer with the same algorithm and key, and the
  153. // compares the passed in expected ciphertext with the calculated ciphertext
  154. // to make sure they are the same. The function only uses ECB mode for
  155. // block ciphers and the plaintext buffer must be the same length as the
  156. // ciphertext buffer. The length of the plaintext must be either the
  157. // the block length of the cipher if it is a block cipher or less
  158. // than MAX_BLOCKLEN if a stream cipher is being used.
  159. //
  160. extern DWORD
  161. TestSymmetricAlgorithm(
  162. IN ALG_ID Algid,
  163. IN CONST BYTE *pbKey,
  164. IN DWORD cbKey,
  165. IN CONST BYTE *pbPlaintext,
  166. IN DWORD cbPlaintext,
  167. IN CONST BYTE *pbCiphertext,
  168. IN CONST BYTE *pbIV);
  169. /*
  170. - GetRC4KeyForSymWrap
  171. -
  172. * Purpose:
  173. * RC4 or more precisely stream ciphers are not supported by the CMS spec
  174. * on symmetric key wrapping so we had to do something proprietary since
  175. * we want to support RC4 for applications other than SMIME
  176. *
  177. *
  178. * Parameters:
  179. * IN pContext - Pointer to the context
  180. * IN pbSalt - Pointer to the 8 byte salt buffer
  181. * IN pKey - Pointer to the orignial key
  182. * OUT ppNewKey - Pointer to a pointer to the new key
  183. */
  184. extern DWORD
  185. GetRC4KeyForSymWrap(
  186. IN Context_t *pContext,
  187. IN BYTE *pbSalt,
  188. IN Key_t *pKey,
  189. OUT Key_t **ppNewKey);
  190. /*
  191. - GetSymmetricKeyChecksum
  192. -
  193. * Purpose:
  194. * Calculates the checksum for a symmetric key which is to be
  195. * wrapped with another symmetric key. This should meet the
  196. * CMS specification
  197. *
  198. *
  199. * Parameters:
  200. * IN pKey - Pointer to the key
  201. * OUT pbChecksum - Pointer to the 8 byte checksum
  202. */
  203. extern void
  204. GetSymmetricKeyChecksum(
  205. IN BYTE *pbKey,
  206. IN DWORD cbKey,
  207. OUT BYTE *pbChecksum);
  208. // check for symmetric wrapping support
  209. #define UnsupportedSymKey(pKey) ((CALG_RC4 != pKey->algId) && \
  210. (CALG_RC2 != pKey->algId) && \
  211. (CALG_DES != pKey->algId) && \
  212. (CALG_CYLINK_MEK != pKey->algId) && \
  213. (CALG_3DES != pKey->algId) && \
  214. (CALG_3DES_112 != pKey->algId))
  215. #ifdef __cplusplus
  216. }
  217. #endif