1 2#ifndef __ICA_OPENSSL_API_H__ 3# define __ICA_OPENSSL_API_H__ 4 5/** 6 ** abstract data types for API 7 **/ 8 9# define ICA_ADAPTER_HANDLE int 10 11# if defined(linux) || defined (_AIX) 12# define ICA_CALL 13# endif 14 15# if defined(WIN32) || defined(_WIN32) 16# define ICA_CALL __stdcall 17# endif 18 19/* -----------------------------------------------* 20 | RSA defines and typedefs | 21 *------------------------------------------------*/ 22 /* 23 * All data elements of the RSA key are in big-endian format 24 * Modulus-Exponent form of key 25 * 26 */ 27# define MAX_EXP_SIZE 256 28# define MAX_MODULUS_SIZE 256 29# define MAX_MODEXP_SIZE (MAX_EXP_SIZE + MAX_MODULUS_SIZE) 30 31# define MAX_OPERAND_SIZE MAX_EXP_SIZE 32 33typedef unsigned char ICA_KEY_RSA_MODEXPO_REC[MAX_MODEXP_SIZE]; 34 /* 35 * All data elements of the RSA key are in big-endian format 36 * Chinese Remainder Thereom(CRT) form of key 37 * Used only for Decrypt, the encrypt form is typically Modulus-Exponent 38 * 39 */ 40# define MAX_BP_SIZE 136 41# define MAX_BQ_SIZE 128 42# define MAX_NP_SIZE 136 43# define MAX_NQ_SIZE 128 44# define MAX_QINV_SIZE 136 45# define MAX_RSACRT_SIZE (MAX_BP_SIZE+MAX_BQ_SIZE+MAX_NP_SIZE+MAX_NQ_SIZE+MAX_QINV_SIZE) 46 47# define RSA_GEN_OPERAND_MAX 256/* bytes */ 48 49typedef unsigned char ICA_KEY_RSA_CRT_REC[MAX_RSACRT_SIZE]; 50/* -----------------------------------------------* 51 | RSA key token types | 52 *------------------------------------------------*/ 53 54# define RSA_PUBLIC_MODULUS_EXPONENT 3 55# define RSA_PKCS_PRIVATE_CHINESE_REMAINDER 6 56 57# define KEYTYPE_MODEXPO 1 58# define KEYTYPE_PKCSCRT 2 59 60/* -----------------------------------------------* 61 | RSA Key Token format | 62 *------------------------------------------------*/ 63 64/*- 65 * NOTE: All the fields in the ICA_KEY_RSA_MODEXPO structure 66 * (lengths, offsets, exponents, modulus, etc.) are 67 * stored in big-endian format 68 */ 69 70typedef struct _ICA_KEY_RSA_MODEXPO { 71 unsigned int keyType; /* RSA key type. */ 72 unsigned int keyLength; /* Total length of the token. */ 73 unsigned int modulusBitLength; /* Modulus n bit length. */ 74 /* -- Start of the data length. */ 75 unsigned int nLength; /* Modulus n = p * q */ 76 unsigned int expLength; /* exponent (public or private) */ 77 /* e = 1/d * mod(p-1)(q-1) */ 78 /* -- Start of the data offsets */ 79 unsigned int nOffset; /* Modulus n . */ 80 unsigned int expOffset; /* exponent (public or private) */ 81 unsigned char reserved[112]; /* reserved area */ 82 /* -- Start of the variable -- */ 83 /* -- length token data. -- */ 84 ICA_KEY_RSA_MODEXPO_REC keyRecord; 85} ICA_KEY_RSA_MODEXPO; 86# define SZ_HEADER_MODEXPO (sizeof(ICA_KEY_RSA_MODEXPO) - sizeof(ICA_KEY_RSA_MODEXPO_REC)) 87 88/*- 89 * NOTE: All the fields in the ICA_KEY_RSA_CRT structure 90 * (lengths, offsets, exponents, modulus, etc.) are 91 * stored in big-endian format 92 */ 93 94typedef struct _ICA_KEY_RSA_CRT { 95 unsigned int keyType; /* RSA key type. */ 96 unsigned int keyLength; /* Total length of the token. */ 97 unsigned int modulusBitLength; /* Modulus n bit length. */ 98 /* -- Start of the data length. */ 99# if _AIX 100 unsigned int nLength; /* Modulus n = p * q */ 101# endif 102 unsigned int pLength; /* Prime number p . */ 103 unsigned int qLength; /* Prime number q . */ 104 unsigned int dpLength; /* dp = d * mod(p-1) . */ 105 unsigned int dqLength; /* dq = d * mod(q-1) . */ 106 unsigned int qInvLength; /* PKCS: qInv = Ap/q */ 107 /* -- Start of the data offsets */ 108# if _AIX 109 unsigned int nOffset; /* Modulus n . */ 110# endif 111 unsigned int pOffset; /* Prime number p . */ 112 unsigned int qOffset; /* Prime number q . */ 113 unsigned int dpOffset; /* dp . */ 114 unsigned int dqOffset; /* dq . */ 115 unsigned int qInvOffset; /* qInv for PKCS */ 116# if _AIX 117 unsigned char reserved[80]; /* reserved area */ 118# else 119 unsigned char reserved[88]; /* reserved area */ 120# endif 121 /* -- Start of the variable -- */ 122 /* -- length token data. -- */ 123 ICA_KEY_RSA_CRT_REC keyRecord; 124} ICA_KEY_RSA_CRT; 125# define SZ_HEADER_CRT (sizeof(ICA_KEY_RSA_CRT) - sizeof(ICA_KEY_RSA_CRT_REC)) 126 127unsigned int 128icaOpenAdapter(unsigned int adapterId, ICA_ADAPTER_HANDLE * pAdapterHandle); 129 130unsigned int icaCloseAdapter(ICA_ADAPTER_HANDLE adapterHandle); 131 132unsigned int 133icaRsaModExpo(ICA_ADAPTER_HANDLE hAdapterHandle, 134 unsigned int inputDataLength, 135 unsigned char *pInputData, 136 ICA_KEY_RSA_MODEXPO *pKeyModExpo, 137 unsigned int *pOutputDataLength, unsigned char *pOutputData); 138 139unsigned int 140icaRsaCrt(ICA_ADAPTER_HANDLE hAdapterHandle, 141 unsigned int inputDataLength, 142 unsigned char *pInputData, 143 ICA_KEY_RSA_CRT *pKeyCrt, 144 unsigned int *pOutputDataLength, unsigned char *pOutputData); 145 146unsigned int 147icaRandomNumberGenerate(ICA_ADAPTER_HANDLE hAdapterHandle, 148 unsigned int outputDataLength, 149 unsigned char *pOutputData); 150 151/* 152 * Specific macros and definitions to not have IFDEF;s all over the main code 153 */ 154 155# if (_AIX) 156static const char *IBMCA_LIBNAME = "/lib/libica.a(shr.o)"; 157# elif (WIN32) 158static const char *IBMCA_LIBNAME = "cryptica"; 159# else 160static const char *IBMCA_LIBNAME = "ica"; 161# endif 162 163# if (WIN32) 164/* 165 * The ICA_KEY_RSA_MODEXPO & ICA_KEY_RSA_CRT lengths and offsets must be in 166 * big-endian format. 167 * 168 */ 169# define CORRECT_ENDIANNESS(b) ( \ 170 (((unsigned long) (b) & 0x000000ff) << 24) | \ 171 (((unsigned long) (b) & 0x0000ff00) << 8) | \ 172 (((unsigned long) (b) & 0x00ff0000) >> 8) | \ 173 (((unsigned long) (b) & 0xff000000) >> 24) \ 174 ) 175# define CRT_KEY_TYPE RSA_PKCS_PRIVATE_CHINESE_REMAINDER 176# define ME_KEY_TYPE RSA_PUBLIC_MODULUS_EXPONENT 177# else 178# define CORRECT_ENDIANNESS(b) (b) 179# define CRT_KEY_TYPE KEYTYPE_PKCSCRT 180# define ME_KEY_TYPE KEYTYPE_MODEXPO 181# endif 182 183#endif /* __ICA_OPENSSL_API_H__ */ 184