1 2 #ifndef __ICA_OPENSSL_API_H__ 3 # define __ICA_OPENSSL_API_H__ 4 5 /** 6 ** abstract data types for API 7 **/ 8 9 # define ICA_ADAPTER_HANDLE int 10 11 # if defined(linux) || defined (_AIX) 12 # define ICA_CALL 13 # endif 14 15 # if defined(WIN32) || defined(_WIN32) 16 # define ICA_CALL __stdcall 17 # endif 18 19 /* -----------------------------------------------* 20 | RSA defines and typedefs | 21 *------------------------------------------------*/ 22 /* 23 * All data elements of the RSA key are in big-endian format 24 * Modulus-Exponent form of key 25 * 26 */ 27 # define MAX_EXP_SIZE 256 28 # define MAX_MODULUS_SIZE 256 29 # define MAX_MODEXP_SIZE (MAX_EXP_SIZE + MAX_MODULUS_SIZE) 30 31 # define MAX_OPERAND_SIZE MAX_EXP_SIZE 32 33 typedef unsigned char ICA_KEY_RSA_MODEXPO_REC[MAX_MODEXP_SIZE]; 34 /* 35 * All data elements of the RSA key are in big-endian format 36 * Chinese Remainder Thereom(CRT) form of key 37 * Used only for Decrypt, the encrypt form is typically Modulus-Exponent 38 * 39 */ 40 # define MAX_BP_SIZE 136 41 # define MAX_BQ_SIZE 128 42 # define MAX_NP_SIZE 136 43 # define MAX_NQ_SIZE 128 44 # define MAX_QINV_SIZE 136 45 # define MAX_RSACRT_SIZE (MAX_BP_SIZE+MAX_BQ_SIZE+MAX_NP_SIZE+MAX_NQ_SIZE+MAX_QINV_SIZE) 46 47 # define RSA_GEN_OPERAND_MAX 256/* bytes */ 48 49 typedef unsigned char ICA_KEY_RSA_CRT_REC[MAX_RSACRT_SIZE]; 50 /* -----------------------------------------------* 51 | RSA key token types | 52 *------------------------------------------------*/ 53 54 # define RSA_PUBLIC_MODULUS_EXPONENT 3 55 # define RSA_PKCS_PRIVATE_CHINESE_REMAINDER 6 56 57 # define KEYTYPE_MODEXPO 1 58 # define KEYTYPE_PKCSCRT 2 59 60 /* -----------------------------------------------* 61 | RSA Key Token format | 62 *------------------------------------------------*/ 63 64 /*- 65 * NOTE: All the fields in the ICA_KEY_RSA_MODEXPO structure 66 * (lengths, offsets, exponents, modulus, etc.) are 67 * stored in big-endian format 68 */ 69 70 typedef struct _ICA_KEY_RSA_MODEXPO { 71 unsigned int keyType; /* RSA key type. */ 72 unsigned int keyLength; /* Total length of the token. */ 73 unsigned int modulusBitLength; /* Modulus n bit length. */ 74 /* -- Start of the data length. */ 75 unsigned int nLength; /* Modulus n = p * q */ 76 unsigned int expLength; /* exponent (public or private) */ 77 /* e = 1/d * mod(p-1)(q-1) */ 78 /* -- Start of the data offsets */ 79 unsigned int nOffset; /* Modulus n . */ 80 unsigned int expOffset; /* exponent (public or private) */ 81 unsigned char reserved[112]; /* reserved area */ 82 /* -- Start of the variable -- */ 83 /* -- length token data. -- */ 84 ICA_KEY_RSA_MODEXPO_REC keyRecord; 85 } ICA_KEY_RSA_MODEXPO; 86 # define SZ_HEADER_MODEXPO (sizeof(ICA_KEY_RSA_MODEXPO) - sizeof(ICA_KEY_RSA_MODEXPO_REC)) 87 88 /*- 89 * NOTE: All the fields in the ICA_KEY_RSA_CRT structure 90 * (lengths, offsets, exponents, modulus, etc.) are 91 * stored in big-endian format 92 */ 93 94 typedef struct _ICA_KEY_RSA_CRT { 95 unsigned int keyType; /* RSA key type. */ 96 unsigned int keyLength; /* Total length of the token. */ 97 unsigned int modulusBitLength; /* Modulus n bit length. */ 98 /* -- Start of the data length. */ 99 # if _AIX 100 unsigned int nLength; /* Modulus n = p * q */ 101 # endif 102 unsigned int pLength; /* Prime number p . */ 103 unsigned int qLength; /* Prime number q . */ 104 unsigned int dpLength; /* dp = d * mod(p-1) . */ 105 unsigned int dqLength; /* dq = d * mod(q-1) . */ 106 unsigned int qInvLength; /* PKCS: qInv = Ap/q */ 107 /* -- Start of the data offsets */ 108 # if _AIX 109 unsigned int nOffset; /* Modulus n . */ 110 # endif 111 unsigned int pOffset; /* Prime number p . */ 112 unsigned int qOffset; /* Prime number q . */ 113 unsigned int dpOffset; /* dp . */ 114 unsigned int dqOffset; /* dq . */ 115 unsigned int qInvOffset; /* qInv for PKCS */ 116 # if _AIX 117 unsigned char reserved[80]; /* reserved area */ 118 # else 119 unsigned char reserved[88]; /* reserved area */ 120 # endif 121 /* -- Start of the variable -- */ 122 /* -- length token data. -- */ 123 ICA_KEY_RSA_CRT_REC keyRecord; 124 } ICA_KEY_RSA_CRT; 125 # define SZ_HEADER_CRT (sizeof(ICA_KEY_RSA_CRT) - sizeof(ICA_KEY_RSA_CRT_REC)) 126 127 unsigned int 128 icaOpenAdapter(unsigned int adapterId, ICA_ADAPTER_HANDLE * pAdapterHandle); 129 130 unsigned int icaCloseAdapter(ICA_ADAPTER_HANDLE adapterHandle); 131 132 unsigned int 133 icaRsaModExpo(ICA_ADAPTER_HANDLE hAdapterHandle, 134 unsigned int inputDataLength, 135 unsigned char *pInputData, 136 ICA_KEY_RSA_MODEXPO *pKeyModExpo, 137 unsigned int *pOutputDataLength, unsigned char *pOutputData); 138 139 unsigned int 140 icaRsaCrt(ICA_ADAPTER_HANDLE hAdapterHandle, 141 unsigned int inputDataLength, 142 unsigned char *pInputData, 143 ICA_KEY_RSA_CRT *pKeyCrt, 144 unsigned int *pOutputDataLength, unsigned char *pOutputData); 145 146 unsigned int 147 icaRandomNumberGenerate(ICA_ADAPTER_HANDLE hAdapterHandle, 148 unsigned int outputDataLength, 149 unsigned char *pOutputData); 150 151 /* 152 * Specific macros and definitions to not have IFDEF;s all over the main code 153 */ 154 155 # if (_AIX) 156 static const char *IBMCA_LIBNAME = "/lib/libica.a(shr.o)"; 157 # elif (WIN32) 158 static const char *IBMCA_LIBNAME = "cryptica"; 159 # else 160 static const char *IBMCA_LIBNAME = "ica"; 161 # endif 162 163 # if (WIN32) 164 /* 165 * The ICA_KEY_RSA_MODEXPO & ICA_KEY_RSA_CRT lengths and offsets must be in 166 * big-endian format. 167 * 168 */ 169 # define CORRECT_ENDIANNESS(b) ( \ 170 (((unsigned long) (b) & 0x000000ff) << 24) | \ 171 (((unsigned long) (b) & 0x0000ff00) << 8) | \ 172 (((unsigned long) (b) & 0x00ff0000) >> 8) | \ 173 (((unsigned long) (b) & 0xff000000) >> 24) \ 174 ) 175 # define CRT_KEY_TYPE RSA_PKCS_PRIVATE_CHINESE_REMAINDER 176 # define ME_KEY_TYPE RSA_PUBLIC_MODULUS_EXPONENT 177 # else 178 # define CORRECT_ENDIANNESS(b) (b) 179 # define CRT_KEY_TYPE KEYTYPE_PKCSCRT 180 # define ME_KEY_TYPE KEYTYPE_MODEXPO 181 # endif 182 183 #endif /* __ICA_OPENSSL_API_H__ */ 184