xref: /inferno-os/module/pkcs.m (revision 46439007cf417cbd9ac8049bb4122c890097a0fa) 
1#
2# Public-Key Cryptography Standards (PKCS)
3#
4#	Ref: 	http://www.rsa.com
5#		RFC1423
6#
7
8PKCS: module {
9
10	PATH: con "/dis/lib/crypt/pkcs.dis";
11
12	init: fn(): string;
13
14	# PKCS Object Identifiers
15
16	objIdTab			: array of ASN1->Oid;
17
18	id_pkcs,
19	id_pkcs_1,
20	id_pkcs_rsaEncryption,
21	id_pkcs_md2WithRSAEncryption,
22	id_pkcs_md4WithRSAEncryption,
23	id_pkcs_md5WithRSAEncryption,
24	id_pkcs_3,
25	id_pkcs_dhKeyAgreement,
26	id_pkcs_5,
27	id_pkcs_pbeWithMD2AndDESCBC,
28	id_pkcs_pbeWithMD5AndDESCBC,
29	id_pkcs_7,
30	id_pkcs_data,
31	id_pkcs_singnedData,
32	id_pkcs_envelopedData,
33	id_pkcs_signedAndEnvelopedData,
34	id_pkcs_digestData,
35	id_pkcs_encryptedData,
36	id_pkcs_9,
37	id_pkcs_emailAddress,
38	id_pkcs_unstructuredName,
39	id_pkcs_contentType,
40	id_pkcs_messageDigest,
41	id_pkcs_signingTime,
42	id_pkcs_countersignature,
43	id_pkcs_challengePassword,
44	id_pkcs_unstructuredAddress,
45	id_pkcs_extCertAttrs,
46	id_algorithm_shaWithDSS		: con iota;
47
48	# PKCS1
49
50	RSAParams: adt {
51		modulus			: ref Keyring->IPint;
52		exponent		: ref Keyring->IPint;
53	};
54
55	RSAKey: adt {
56		modulus			: ref Keyring->IPint;
57		modlen			: int;
58		exponent		: ref Keyring->IPint;
59
60		bits: fn(k: self ref RSAKey): int;
61		#tostring: fn(k: self ref RSAKey): string;
62	};
63
64	MD2_WithRSAEncryption		: con 0;
65	MD5_WithRSAEncryption		: con 1;
66
67	rsa_encrypt: fn(data: array of byte, key: ref RSAKey, blocktype: int): (string, array of byte);
68	rsa_decrypt: fn(data: array of byte, key: ref RSAKey, public: int): (string, array of byte);
69	rsa_sign: fn(data: array of byte, sk: ref RSAKey, algid: int): (string, array of byte);
70	rsa_verify: fn(data, signature: array of byte, pk: ref RSAKey, algid: int): int;
71	decode_rsapubkey: fn(a: array of byte): (string, ref RSAKey);
72
73	# Note:
74	#	DSS included here is only for completeness.
75
76	DSSParams: adt {
77		p			: ref Keyring->IPint;
78		q			: ref Keyring->IPint;
79		alpha			: ref Keyring->IPint;
80	};
81
82	DSSPublicKey: adt {
83		params			: ref DSSParams;
84		y			: ref Keyring->IPint;
85	};
86
87	DSSPrivateKey: adt {
88		params			: ref DSSParams;
89		x			: ref Keyring->IPint;
90	};
91
92	generateDSSKeyPair: fn(strength: int): (ref DSSPublicKey, ref DSSPrivateKey);
93	dss_sign: fn(a: array of byte, sk: ref DSSPrivateKey): (string, array of byte);
94	dss_verify: fn(a, signa: array of byte, pk: ref DSSPublicKey): int;
95	decode_dsspubkey: fn(a: array of byte): (string, ref DSSPublicKey);
96
97	# PKCS3
98
99	DHParams: adt {
100		prime			: ref Keyring->IPint; # prime (p)
101		base			: ref Keyring->IPint; # generator (alpha)
102		privateValueLength	: int;
103	};
104
105	DHPublicKey: adt {
106		param			: ref DHParams;
107		pk			: ref Keyring->IPint;
108	};
109
110	DHPrivateKey: adt {
111		param			: ref DHParams;
112		pk			: ref Keyring->IPint;
113		sk			: ref Keyring->IPint;
114	};
115
116	generateDHParams: fn(primelen: int): ref DHParams;
117	setupDHAgreement: fn(dh: ref DHParams): (ref DHPrivateKey, ref DHPublicKey);
118	computeDHAgreedKey: fn(dh: ref DHParams, mysk, upk: ref Keyring->IPint): array of byte;
119	decode_dhpubkey: fn(a: array of byte): (string, ref DHPublicKey);
120
121	# PKCS5
122
123	PBEParams: adt {
124		salt			: array of byte; # [8]
125		iterationCount		: int;
126	};
127
128	PBE_MD2_DESCBC			: con 0;
129	PBE_MD5_DESCBC			: con 1;
130
131	generateDESKey: fn(pw: array of byte, param: ref PBEParams, alg: int)
132		: (ref Keyring->DESstate, array of byte, array of byte);
133	pbe_encrypt: fn(state: ref Keyring->DESstate, b: array of byte): array of byte;
134	pbe_decrypt: fn(state: ref Keyring->DESstate, eb: array of byte): array of byte;
135
136	# PKCS6
137
138	ExtCertInfo: adt {
139  		version 		: int;
140  		cert 			: array of byte; # der encoded x509 Certificate
141  		attrs 			: list of array of byte; # attribute as array of byte
142	};
143
144	# PKCS7
145	#	See module X509
146
147	# PKCS8
148
149	PrivateKeyInfo: adt {		# as SEQUENCE
150		version			: int; # should be 0
151		privateKeyAlgorithm	: ref AlgIdentifier;
152		privateKey		: array of byte; # octet string
153		attrs			: list of array of byte; # [0] IMPLICIT Attributes OPTIONAL
154
155		encode: fn(p: self ref PrivateKeyInfo): (string, array of byte);
156		decode: fn(a: array of byte): (string, ref PrivateKeyInfo);
157	};
158
159	EncryptedPrivateKeyInfo: adt {	# as SEQUENCE
160  		encryptionAlgorithm 	: ref AlgIdentifier;
161  		encryptedData 		: array of byte; # octet string
162
163		encode: fn(ep: self ref EncryptedPrivateKeyInfo): (string, array of byte);
164		decode: fn(a: array of byte): (string, ref EncryptedPrivateKeyInfo);
165	};
166
167	AlgIdentifier: adt {		# TODO: move this to ASN1
168		oid			: ref ASN1->Oid;
169		parameter		: array of byte;
170	};
171
172	# PKCS10
173	#	See module X509
174};
175
176
177