1/*
2 * Portions Copyright (C) Internet Systems Consortium, Inc. ("ISC")
3 *
4 * Permission to use, copy, modify, and/or distribute this software for any
5 * purpose with or without fee is hereby granted, provided that the above
6 * copyright notice and this permission notice appear in all copies.
7 *
8 * THE SOFTWARE IS PROVIDED "AS IS" AND ISC AND NETWORK ASSOCIATES DISCLAIMS
9 * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED
10 * WARRANTIES OF MERCHANTABILITY AND FITNESS.  IN NO EVENT SHALL ISC BE LIABLE
11 * FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
13 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR
14 * IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
15 *
16 * See the COPYRIGHT file distributed with this work for additional
17 * information regarding copyright ownership.
18 *
19 * Portions Copyright (C) Network Associates, Inc.
20 *
21 * Permission to use, copy, modify, and/or distribute this software for any
22 * purpose with or without fee is hereby granted, provided that the above
23 * copyright notice and this permission notice appear in all copies.
24 *
25 * THE SOFTWARE IS PROVIDED "AS IS" AND ISC AND NETWORK ASSOCIATES DISCLAIMS
26 * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED
27 * WARRANTIES OF MERCHANTABILITY AND FITNESS.  IN NO EVENT SHALL ISC BE LIABLE
28 * FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
29 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
30 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR
31 * IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
32 */
33
34/* $Id: dst_internal.h,v 1.13 2024/05/17 23:56:19 jsg Exp $ */
35
36#ifndef DST_DST_INTERNAL_H
37#define DST_DST_INTERNAL_H 1
38
39#include <isc/buffer.h>
40#include <isc/region.h>
41#include <isc/types.h>
42#include <isc/refcount.h>
43#include <isc/sha1.h>
44#include <isc/sha2.h>
45#include <isc/hmacsha.h>
46
47#include <dns/time.h>
48#include <dst/dst.h>
49
50#include <openssl/err.h>
51#include <openssl/objects.h>
52
53/***
54 *** Types
55 ***/
56
57typedef struct dst_func dst_func_t;
58
59typedef struct dst_hmacsha1_key   dst_hmacsha1_key_t;
60typedef struct dst_hmacsha224_key dst_hmacsha224_key_t;
61typedef struct dst_hmacsha256_key dst_hmacsha256_key_t;
62typedef struct dst_hmacsha384_key dst_hmacsha384_key_t;
63typedef struct dst_hmacsha512_key dst_hmacsha512_key_t;
64
65/*%
66 * Indicate whether a DST context will be used for signing
67 * or for verification
68 */
69typedef enum { DO_SIGN, DO_VERIFY } dst_use_t;
70
71/*% DST Key Structure */
72struct dst_key {
73	isc_refcount_t	refs;
74	unsigned int	key_size;	/*%< size of the key in bits */
75	unsigned int	key_proto;	/*%< protocols this key is used for */
76	unsigned int	key_alg;	/*%< algorithm of the key */
77	uint32_t	key_flags;	/*%< flags of the public key */
78	uint16_t	key_bits;	/*%< hmac digest bits */
79	union {
80		dst_hmacsha1_key_t *hmacsha1;
81		dst_hmacsha224_key_t *hmacsha224;
82		dst_hmacsha256_key_t *hmacsha256;
83		dst_hmacsha384_key_t *hmacsha384;
84		dst_hmacsha512_key_t *hmacsha512;
85
86	} keydata;			/*%< pointer to key in crypto pkg fmt */
87
88	dst_func_t *    func;	       /*%< crypto package specific functions */
89};
90
91struct dst_context {
92	dst_use_t use;
93	dst_key_t *key;
94	isc_logcategory_t *category;
95	union {
96		isc_hmacsha1_t *hmacsha1ctx;
97		isc_hmacsha224_t *hmacsha224ctx;
98		isc_hmacsha256_t *hmacsha256ctx;
99		isc_hmacsha384_t *hmacsha384ctx;
100		isc_hmacsha512_t *hmacsha512ctx;
101	} ctxdata;
102};
103
104struct dst_func {
105	/*
106	 * Context functions
107	 */
108	isc_result_t (*createctx)(dst_key_t *key, dst_context_t *dctx);
109	void (*destroyctx)(dst_context_t *dctx);
110	isc_result_t (*adddata)(dst_context_t *dctx, const isc_region_t *data);
111
112	/*
113	 * Key operations
114	 */
115	isc_result_t (*sign)(dst_context_t *dctx, isc_buffer_t *sig);
116	isc_result_t (*verify)(dst_context_t *dctx, const isc_region_t *sig);
117	void (*destroy)(dst_key_t *key);
118
119	/* conversion functions */
120	isc_result_t (*todns)(const dst_key_t *key, isc_buffer_t *data);
121	isc_result_t (*fromdns)(dst_key_t *key, isc_buffer_t *data);
122};
123
124/*%
125 * Initializers
126 */
127isc_result_t dst__openssl_init(void);
128
129isc_result_t dst__hmacsha1_init(struct dst_func **funcp);
130isc_result_t dst__hmacsha224_init(struct dst_func **funcp);
131isc_result_t dst__hmacsha256_init(struct dst_func **funcp);
132isc_result_t dst__hmacsha384_init(struct dst_func **funcp);
133isc_result_t dst__hmacsha512_init(struct dst_func **funcp);
134isc_result_t dst__opensslrsa_init(struct dst_func **funcp,
135				  unsigned char algorithm);
136
137/*%
138 * Destructors
139 */
140void dst__openssl_destroy(void);
141
142#endif /* DST_DST_INTERNAL_H */
143/*! \file */
144