xref: /inferno-os/module/pkcs.m (revision 46439007cf417cbd9ac8049bb4122c890097a0fa) 
1*46439007SCharles.Forsyth#
2*46439007SCharles.Forsyth# Public-Key Cryptography Standards (PKCS)
3*46439007SCharles.Forsyth#
4*46439007SCharles.Forsyth#	Ref: 	http://www.rsa.com
5*46439007SCharles.Forsyth#		RFC1423
6*46439007SCharles.Forsyth#
7*46439007SCharles.Forsyth
8*46439007SCharles.ForsythPKCS: module {
9*46439007SCharles.Forsyth
10*46439007SCharles.Forsyth	PATH: con "/dis/lib/crypt/pkcs.dis";
11*46439007SCharles.Forsyth
12*46439007SCharles.Forsyth	init: fn(): string;
13*46439007SCharles.Forsyth
14*46439007SCharles.Forsyth	# PKCS Object Identifiers
15*46439007SCharles.Forsyth
16*46439007SCharles.Forsyth	objIdTab			: array of ASN1->Oid;
17*46439007SCharles.Forsyth
18*46439007SCharles.Forsyth	id_pkcs,
19*46439007SCharles.Forsyth	id_pkcs_1,
20*46439007SCharles.Forsyth	id_pkcs_rsaEncryption,
21*46439007SCharles.Forsyth	id_pkcs_md2WithRSAEncryption,
22*46439007SCharles.Forsyth	id_pkcs_md4WithRSAEncryption,
23*46439007SCharles.Forsyth	id_pkcs_md5WithRSAEncryption,
24*46439007SCharles.Forsyth	id_pkcs_3,
25*46439007SCharles.Forsyth	id_pkcs_dhKeyAgreement,
26*46439007SCharles.Forsyth	id_pkcs_5,
27*46439007SCharles.Forsyth	id_pkcs_pbeWithMD2AndDESCBC,
28*46439007SCharles.Forsyth	id_pkcs_pbeWithMD5AndDESCBC,
29*46439007SCharles.Forsyth	id_pkcs_7,
30*46439007SCharles.Forsyth	id_pkcs_data,
31*46439007SCharles.Forsyth	id_pkcs_singnedData,
32*46439007SCharles.Forsyth	id_pkcs_envelopedData,
33*46439007SCharles.Forsyth	id_pkcs_signedAndEnvelopedData,
34*46439007SCharles.Forsyth	id_pkcs_digestData,
35*46439007SCharles.Forsyth	id_pkcs_encryptedData,
36*46439007SCharles.Forsyth	id_pkcs_9,
37*46439007SCharles.Forsyth	id_pkcs_emailAddress,
38*46439007SCharles.Forsyth	id_pkcs_unstructuredName,
39*46439007SCharles.Forsyth	id_pkcs_contentType,
40*46439007SCharles.Forsyth	id_pkcs_messageDigest,
41*46439007SCharles.Forsyth	id_pkcs_signingTime,
42*46439007SCharles.Forsyth	id_pkcs_countersignature,
43*46439007SCharles.Forsyth	id_pkcs_challengePassword,
44*46439007SCharles.Forsyth	id_pkcs_unstructuredAddress,
45*46439007SCharles.Forsyth	id_pkcs_extCertAttrs,
46*46439007SCharles.Forsyth	id_algorithm_shaWithDSS		: con iota;
47*46439007SCharles.Forsyth
48*46439007SCharles.Forsyth	# PKCS1
49*46439007SCharles.Forsyth
50*46439007SCharles.Forsyth	RSAParams: adt {
51*46439007SCharles.Forsyth		modulus			: ref Keyring->IPint;
52*46439007SCharles.Forsyth		exponent		: ref Keyring->IPint;
53*46439007SCharles.Forsyth	};
54*46439007SCharles.Forsyth
55*46439007SCharles.Forsyth	RSAKey: adt {
56*46439007SCharles.Forsyth		modulus			: ref Keyring->IPint;
57*46439007SCharles.Forsyth		modlen			: int;
58*46439007SCharles.Forsyth		exponent		: ref Keyring->IPint;
59*46439007SCharles.Forsyth
60*46439007SCharles.Forsyth		bits: fn(k: self ref RSAKey): int;
61*46439007SCharles.Forsyth		#tostring: fn(k: self ref RSAKey): string;
62*46439007SCharles.Forsyth	};
63*46439007SCharles.Forsyth
64*46439007SCharles.Forsyth	MD2_WithRSAEncryption		: con 0;
65*46439007SCharles.Forsyth	MD5_WithRSAEncryption		: con 1;
66*46439007SCharles.Forsyth
67*46439007SCharles.Forsyth	rsa_encrypt: fn(data: array of byte, key: ref RSAKey, blocktype: int): (string, array of byte);
68*46439007SCharles.Forsyth	rsa_decrypt: fn(data: array of byte, key: ref RSAKey, public: int): (string, array of byte);
69*46439007SCharles.Forsyth	rsa_sign: fn(data: array of byte, sk: ref RSAKey, algid: int): (string, array of byte);
70*46439007SCharles.Forsyth	rsa_verify: fn(data, signature: array of byte, pk: ref RSAKey, algid: int): int;
71*46439007SCharles.Forsyth	decode_rsapubkey: fn(a: array of byte): (string, ref RSAKey);
72*46439007SCharles.Forsyth
73*46439007SCharles.Forsyth	# Note:
74*46439007SCharles.Forsyth	#	DSS included here is only for completeness.
75*46439007SCharles.Forsyth
76*46439007SCharles.Forsyth	DSSParams: adt {
77*46439007SCharles.Forsyth		p			: ref Keyring->IPint;
78*46439007SCharles.Forsyth		q			: ref Keyring->IPint;
79*46439007SCharles.Forsyth		alpha			: ref Keyring->IPint;
80*46439007SCharles.Forsyth	};
81*46439007SCharles.Forsyth
82*46439007SCharles.Forsyth	DSSPublicKey: adt {
83*46439007SCharles.Forsyth		params			: ref DSSParams;
84*46439007SCharles.Forsyth		y			: ref Keyring->IPint;
85*46439007SCharles.Forsyth	};
86*46439007SCharles.Forsyth
87*46439007SCharles.Forsyth	DSSPrivateKey: adt {
88*46439007SCharles.Forsyth		params			: ref DSSParams;
89*46439007SCharles.Forsyth		x			: ref Keyring->IPint;
90*46439007SCharles.Forsyth	};
91*46439007SCharles.Forsyth
92*46439007SCharles.Forsyth	generateDSSKeyPair: fn(strength: int): (ref DSSPublicKey, ref DSSPrivateKey);
93*46439007SCharles.Forsyth	dss_sign: fn(a: array of byte, sk: ref DSSPrivateKey): (string, array of byte);
94*46439007SCharles.Forsyth	dss_verify: fn(a, signa: array of byte, pk: ref DSSPublicKey): int;
95*46439007SCharles.Forsyth	decode_dsspubkey: fn(a: array of byte): (string, ref DSSPublicKey);
96*46439007SCharles.Forsyth
97*46439007SCharles.Forsyth	# PKCS3
98*46439007SCharles.Forsyth
99*46439007SCharles.Forsyth	DHParams: adt {
100*46439007SCharles.Forsyth		prime			: ref Keyring->IPint; # prime (p)
101*46439007SCharles.Forsyth		base			: ref Keyring->IPint; # generator (alpha)
102*46439007SCharles.Forsyth		privateValueLength	: int;
103*46439007SCharles.Forsyth	};
104*46439007SCharles.Forsyth
105*46439007SCharles.Forsyth	DHPublicKey: adt {
106*46439007SCharles.Forsyth		param			: ref DHParams;
107*46439007SCharles.Forsyth		pk			: ref Keyring->IPint;
108*46439007SCharles.Forsyth	};
109*46439007SCharles.Forsyth
110*46439007SCharles.Forsyth	DHPrivateKey: adt {
111*46439007SCharles.Forsyth		param			: ref DHParams;
112*46439007SCharles.Forsyth		pk			: ref Keyring->IPint;
113*46439007SCharles.Forsyth		sk			: ref Keyring->IPint;
114*46439007SCharles.Forsyth	};
115*46439007SCharles.Forsyth
116*46439007SCharles.Forsyth	generateDHParams: fn(primelen: int): ref DHParams;
117*46439007SCharles.Forsyth	setupDHAgreement: fn(dh: ref DHParams): (ref DHPrivateKey, ref DHPublicKey);
118*46439007SCharles.Forsyth	computeDHAgreedKey: fn(dh: ref DHParams, mysk, upk: ref Keyring->IPint): array of byte;
119*46439007SCharles.Forsyth	decode_dhpubkey: fn(a: array of byte): (string, ref DHPublicKey);
120*46439007SCharles.Forsyth
121*46439007SCharles.Forsyth	# PKCS5
122*46439007SCharles.Forsyth
123*46439007SCharles.Forsyth	PBEParams: adt {
124*46439007SCharles.Forsyth		salt			: array of byte; # [8]
125*46439007SCharles.Forsyth		iterationCount		: int;
126*46439007SCharles.Forsyth	};
127*46439007SCharles.Forsyth
128*46439007SCharles.Forsyth	PBE_MD2_DESCBC			: con 0;
129*46439007SCharles.Forsyth	PBE_MD5_DESCBC			: con 1;
130*46439007SCharles.Forsyth
131*46439007SCharles.Forsyth	generateDESKey: fn(pw: array of byte, param: ref PBEParams, alg: int)
132*46439007SCharles.Forsyth		: (ref Keyring->DESstate, array of byte, array of byte);
133*46439007SCharles.Forsyth	pbe_encrypt: fn(state: ref Keyring->DESstate, b: array of byte): array of byte;
134*46439007SCharles.Forsyth	pbe_decrypt: fn(state: ref Keyring->DESstate, eb: array of byte): array of byte;
135*46439007SCharles.Forsyth
136*46439007SCharles.Forsyth	# PKCS6
137*46439007SCharles.Forsyth
138*46439007SCharles.Forsyth	ExtCertInfo: adt {
139*46439007SCharles.Forsyth  		version 		: int;
140*46439007SCharles.Forsyth  		cert 			: array of byte; # der encoded x509 Certificate
141*46439007SCharles.Forsyth  		attrs 			: list of array of byte; # attribute as array of byte
142*46439007SCharles.Forsyth	};
143*46439007SCharles.Forsyth
144*46439007SCharles.Forsyth	# PKCS7
145*46439007SCharles.Forsyth	#	See module X509
146*46439007SCharles.Forsyth
147*46439007SCharles.Forsyth	# PKCS8
148*46439007SCharles.Forsyth
149*46439007SCharles.Forsyth	PrivateKeyInfo: adt {		# as SEQUENCE
150*46439007SCharles.Forsyth		version			: int; # should be 0
151*46439007SCharles.Forsyth		privateKeyAlgorithm	: ref AlgIdentifier;
152*46439007SCharles.Forsyth		privateKey		: array of byte; # octet string
153*46439007SCharles.Forsyth		attrs			: list of array of byte; # [0] IMPLICIT Attributes OPTIONAL
154*46439007SCharles.Forsyth
155*46439007SCharles.Forsyth		encode: fn(p: self ref PrivateKeyInfo): (string, array of byte);
156*46439007SCharles.Forsyth		decode: fn(a: array of byte): (string, ref PrivateKeyInfo);
157*46439007SCharles.Forsyth	};
158*46439007SCharles.Forsyth
159*46439007SCharles.Forsyth	EncryptedPrivateKeyInfo: adt {	# as SEQUENCE
160*46439007SCharles.Forsyth  		encryptionAlgorithm 	: ref AlgIdentifier;
161*46439007SCharles.Forsyth  		encryptedData 		: array of byte; # octet string
162*46439007SCharles.Forsyth
163*46439007SCharles.Forsyth		encode: fn(ep: self ref EncryptedPrivateKeyInfo): (string, array of byte);
164*46439007SCharles.Forsyth		decode: fn(a: array of byte): (string, ref EncryptedPrivateKeyInfo);
165*46439007SCharles.Forsyth	};
166*46439007SCharles.Forsyth
167*46439007SCharles.Forsyth	AlgIdentifier: adt {		# TODO: move this to ASN1
168*46439007SCharles.Forsyth		oid			: ref ASN1->Oid;
169*46439007SCharles.Forsyth		parameter		: array of byte;
170*46439007SCharles.Forsyth	};
171*46439007SCharles.Forsyth
172*46439007SCharles.Forsyth	# PKCS10
173*46439007SCharles.Forsyth	#	See module X509
174*46439007SCharles.Forsyth};
175*46439007SCharles.Forsyth
176*46439007SCharles.Forsyth
177