1/* Copyright (c) 1998,2011,2014 Apple Inc. All Rights Reserved. 2 * 3 * NOTICE: USE OF THE MATERIALS ACCOMPANYING THIS NOTICE IS SUBJECT 4 * TO THE TERMS OF THE SIGNED "FAST ELLIPTIC ENCRYPTION (FEE) REFERENCE 5 * SOURCE CODE EVALUATION AGREEMENT" BETWEEN APPLE, INC. AND THE 6 * ORIGINAL LICENSEE THAT OBTAINED THESE MATERIALS FROM APPLE, 7 * INC. ANY USE OF THESE MATERIALS NOT PERMITTED BY SUCH AGREEMENT WILL 8 * EXPOSE YOU TO LIABILITY. 9 *************************************************************************** 10 * 11 * feeTypes.h - general purpose FEE typedefs and constants 12 * 13 * Revision History 14 * ---------------- 15 * 23 Mar 98 at Apple 16 * Added FR_BadKeyBlob. 17 * 20 Jan 98 at Apple 18 * New PT_GENERAL depth values. 19 * 09 Jan 98 at Apple 20 * Removed obsolete FEE_DEPTH_* values. 21 * 20 Aug 96 at NeXT 22 * Created. 23 */ 24 25#ifndef _CK_FEETYPES_H_ 26#define _CK_FEETYPES_H_ 27 28/* 29 * Opaque public key object. 30 */ 31typedef void *feePubKey; 32 33/* 34 * Standard return codes. 35 * Remember to update frtnStrings[] in utilities.c when adding new items. 36 */ 37typedef enum { 38 FR_Success = 0, 39 FR_BadPubKey, 40 FR_BadPubKeyString, 41 FR_IncompatibleKey, /* incompatible key */ 42 FR_IllegalDepth, 43 FR_BadUsageName, /* bad usageName */ 44 FR_BadSignatureFormat, /* signature corrupted */ 45 FR_InvalidSignature, /* signature intact, but not valid */ 46 FR_IllegalArg, /* illegal argument */ 47 FR_BadCipherText, /* malformed ciphertext */ 48 FR_Unimplemented, /* unimplemented function */ 49 FR_BadCipherFile, 50 FR_BadEnc64, /* bad enc64() format */ 51 FR_WrongSignatureType, /* ElGamal vs. ECDSA */ 52 FR_BadKeyBlob, 53 FR_IllegalCurve, /* e.g., ECDSA with Montgomery curve */ 54 FR_Internal, /* internal library error */ 55 FR_Memory, /* out of memory */ 56 FR_ShortPrivData /* insufficient privData for creating 57 * private key */ 58 /* etc. */ 59} feeReturn; 60 61/* 62 * The feeDepth parameter defines one of 'n' known curves. From a user's 63 * perspective, the most interesting parameter indicated by feeDepth is 64 * the size (in bits) of the key. 65 */ 66typedef unsigned feeDepth; 67 68/* 69 * Prime and curve description parameters. 70 */ 71typedef enum { 72 FPT_Default, /* default per key size */ 73 FPT_Mersenne, /* (2 ** q) - 1 */ 74 FPT_FEE, /* (2 ** q) - k */ 75 FPT_General /* random prime */ 76} feePrimeType; 77 78typedef enum { 79 FCT_Default, /* default per key size */ 80 FCT_Montgomery, /* a==1, b==0 */ 81 FCT_Weierstrass, /* c==0. IEEE P1363 compliant. */ 82 FCT_ANSI, /* ANSI X9.62/Certicom, also FCT_Weierstrass */ 83 FCT_General /* Other */ 84} feeCurveType; 85 86/* 87 * Some commonly used feeDepth values. In these definitions, q and k are 88 * from the expression (2^q - k), the base modulus of the curve. The case 89 * k=1 implies a Mersenne prime as the modulus. 90 */ 91#define FEE_PROTOTYPE_CURVES 0 92 93#if FEE_PROTOTYPE_CURVES 94 95 /* q k a b c */ 96 /* ---- ---- ---- ---- ---- */ 97#define FEE_DEPTH_31_1_W 0 /* 31 1 7 1 0 */ 98#define FEE_DEPTH_31_1_M 1 /* 31 1 1 0 666 */ 99#define FEE_DEPTH_31_1_P 2 /* 31 1 5824692 2067311435 0 */ 100#define FEE_DEPTH_40_213 3 /* 40 213 1627500953 523907505 0 */ 101#define FEE_DEPTH_127_1 4 /* 127 1 1 0 666 */ 102#define FEE_DEPTH_127_1W 5 /* 127 1 666 1 0 */ 103#define FEE_DEPTH_160_57 6 /* 160 57 0 3 0 */ 104#define FEE_DEPTH_192_1425 7 /* 192 1425 0 -11 0 */ 105#define FEE_DEPTH_192_M529891 8 /* 192 -529891 -152 722 0 */ 106 107/* 108 * The remaining curves are implemented as PT_GENERAL curves; modulo 109 * arithmetic does not utilize any FEE or Mersenne optimizations. These 110 * are here for performance measurements and DVT. 111 */ 112#define FEE_DEPTH_127_GEN 9 /* 127 1 1 0 666 */ 113#define FEE_DEPTH_160_GEN 10 /* 160 57 0 3 0 */ 114#define FEE_DEPTH_161_GEN 11 /* 161 .. -152 722 0 */ 115 116/* 117 * The default depth. 118 */ 119#define FEE_DEPTH_DEFAULT FEE_DEPTH_160_57 120 121/* 122 * Last enumerated depth. 123 */ 124#define FEE_DEPTH_MAX FEE_DEPTH_161_GEN 125 126#else /* FEE_PROTOTYPE_CURVES */ 127 128/* 129 * The real curves as of 4/9/2001. 130 * Note that ECDSA signatures can only be performed with curve of 131 * curveType FCT_Weierstrass. 132 * 133 * Default curveType for curves with same prime size is FCT_Weierstrass. 134 */ 135#define FEE_DEPTH_31M 0 /* size=31 FPT_Mersenne FCT_Montgomery */ 136#define FEE_DEPTH_31W 1 /* size=31 FPT_Mersenne FCT_Weierstrass */ 137#define FEE_DEPTH_127M 2 /* size=127 FPT_Mersenne FCT_Montgomery */ 138#define FEE_DEPTH_128W 3 /* size=128 FPT_FEE FCT_Weierstrass */ 139#define FEE_DEPTH_161W 4 /* size=161 FPT_FEE FCT_Weierstrass */ 140#define FEE_DEPTH_161G 5 /* size=161 FPT_General FCT_Weierstrass */ 141#define FEE_DEPTH_192G 6 /* size=192 FPT_General FCT_Weierstrass */ 142 143/* ANSI X9.62/Certicom curves */ 144#define FEE_DEPTH_secp192r1 7 /* size=192 FPT_General FCT_ANSI */ 145#define FEE_DEPTH_secp256r1 8 /* size=256 FPT_General FCT_ANSI */ 146#define FEE_DEPTH_secp384r1 9 /* size=384 FPT_General FCT_ANSI */ 147#define FEE_DEPTH_secp521r1 10 /* size=521 FPT_General FCT_ANSI */ 148/* 149 * The default depth. 150 */ 151#define FEE_DEPTH_DEFAULT FEE_DEPTH_161W 152 153/* 154 * Last enumerated depth. 155 */ 156#define FEE_DEPTH_MAX FEE_DEPTH_secp521r1 157 158#endif /* FEE_PROTOTYPE_CURVES */ 159 160/* 161 * Random number generator callback function. 162 */ 163typedef feeReturn (*feeRandFcn)( 164 void *ref, 165 unsigned char *bytes, /* must be alloc'd by caller */ 166 unsigned numBytes); 167 168#endif /* _CK_FEETYPES_H_ */ 169