Mercurial > trustbridge > nss-cmake-static

comparison nss/lib/softoken/lowpbe.h @ 0:1e5118fa0cb1

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
This is NSS with a Cmake Buildsyste To compile a static NSS library for Windows we've used the Chromium-NSS fork and added a Cmake buildsystem to compile it statically for Windows. See README.chromium for chromium changes and README.trustbridge for our modifications.
author Andre Heinecke <andre.heinecke@intevation.de>
date Mon, 28 Jul 2014 10:47:06 +0200
parents
children
comparison
equal deleted inserted replaced
-1:000000000000 0:1e5118fa0cb1
1 /* This Source Code Form is subject to the terms of the Mozilla Public
2 * License, v. 2.0. If a copy of the MPL was not distributed with this
3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
4
5 #ifndef _SECPKCS5_H_
6 #define _SECPKCS5_H_
7
8 #include "plarena.h"
9 #include "secitem.h"
10 #include "seccomon.h"
11 #include "secoidt.h"
12 #include "hasht.h"
13
14 typedef SECItem * (* SEC_PKCS5GetPBEPassword)(void *arg);
15
16 /* used for V2 PKCS 12 Draft Spec */
17 typedef enum {
18 pbeBitGenIDNull = 0,
19 pbeBitGenCipherKey = 0x01,
20 pbeBitGenCipherIV = 0x02,
21 pbeBitGenIntegrityKey = 0x03
22 } PBEBitGenID;
23
24 typedef enum {
25 NSSPKCS5_PBKDF1 = 0,
26 NSSPKCS5_PBKDF2 = 1,
27 NSSPKCS5_PKCS12_V2 = 2
28 } NSSPKCS5PBEType;
29
30 typedef struct NSSPKCS5PBEParameterStr NSSPKCS5PBEParameter;
31
32 struct NSSPKCS5PBEParameterStr {
33 PLArenaPool *poolp;
34 SECItem salt; /* octet string */
35 SECItem iteration; /* integer */
36 SECItem keyLength; /* integer */
37
38 /* used locally */
39 int iter;
40 int keyLen;
41 int ivLen;
42 unsigned char *ivData;
43 HASH_HashType hashType;
44 NSSPKCS5PBEType pbeType;
45 SECAlgorithmID prfAlg;
46 PBEBitGenID keyID;
47 SECOidTag encAlg;
48 PRBool is2KeyDES;
49 };
50
51
52 SEC_BEGIN_PROTOS
53 /* Create a PKCS5 Algorithm ID
54 * The algorithm ID is set up using the PKCS #5 parameter structure
55 * algorithm is the PBE algorithm ID for the desired algorithm
56 * pbe is a pbe param block with all the info needed to create the
57 * algorithm id.
58 * If an error occurs or the algorithm specified is not supported
59 * or is not a password based encryption algorithm, NULL is returned.
60 * Otherwise, a pointer to the algorithm id is returned.
61 */
62 extern SECAlgorithmID *
63 nsspkcs5_CreateAlgorithmID(PLArenaPool *arena, SECOidTag algorithm,
64 NSSPKCS5PBEParameter *pbe);
65
66 /*
67 * Convert an Algorithm ID to a PBE Param.
68 * NOTE: this does not suppport PKCS 5 v2 because it's only used for the
69 * keyDB which only support PKCS 5 v1, PFX, and PKCS 12.
70 */
71 NSSPKCS5PBEParameter *
72 nsspkcs5_AlgidToParam(SECAlgorithmID *algid);
73
74 /*
75 * Convert an Algorithm ID to a PBE Param.
76 * NOTE: this does not suppport PKCS 5 v2 because it's only used for the
77 * keyDB which only support PKCS 5 v1, PFX, and PKCS 12.
78 */
79 NSSPKCS5PBEParameter *
80 nsspkcs5_NewParam(SECOidTag alg, SECItem *salt, int iterator);
81
82
83 /* Encrypt/Decrypt data using password based encryption.
84 * algid is the PBE algorithm identifier,
85 * pwitem is the password,
86 * src is the source for encryption/decryption,
87 * encrypt is PR_TRUE for encryption, PR_FALSE for decryption.
88 * The key and iv are generated based upon PKCS #5 then the src
89 * is either encrypted or decrypted. If an error occurs, NULL
90 * is returned, otherwise the ciphered contents is returned.
91 */
92 extern SECItem *
93 nsspkcs5_CipherData(NSSPKCS5PBEParameter *, SECItem *pwitem,
94 SECItem *src, PRBool encrypt, PRBool *update);
95
96 extern SECItem *
97 nsspkcs5_ComputeKeyAndIV(NSSPKCS5PBEParameter *, SECItem *pwitem,
98 SECItem *iv, PRBool faulty3DES);
99
100 /* Destroys PBE parameter */
101 extern void
102 nsspkcs5_DestroyPBEParameter(NSSPKCS5PBEParameter *param);
103
104 HASH_HashType HASH_FromHMACOid(SECOidTag oid);
105
106 SEC_END_PROTOS
107
108 #endif
This site is hosted by Intevation GmbH (Datenschutzerklärung und Impressum | Privacy Policy and Imprint)