1*726fad2aSDina K Nimeh /* 2*726fad2aSDina K Nimeh * CDDL HEADER START 3*726fad2aSDina K Nimeh * 4*726fad2aSDina K Nimeh * The contents of this file are subject to the terms of the 5*726fad2aSDina K Nimeh * Common Development and Distribution License (the "License"). 6*726fad2aSDina K Nimeh * You may not use this file except in compliance with the License. 7*726fad2aSDina K Nimeh * 8*726fad2aSDina K Nimeh * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9*726fad2aSDina K Nimeh * or http://www.opensolaris.org/os/licensing. 10*726fad2aSDina K Nimeh * See the License for the specific language governing permissions 11*726fad2aSDina K Nimeh * and limitations under the License. 12*726fad2aSDina K Nimeh * 13*726fad2aSDina K Nimeh * When distributing Covered Code, include this CDDL HEADER in each 14*726fad2aSDina K Nimeh * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15*726fad2aSDina K Nimeh * If applicable, add the following below this CDDL HEADER, with the 16*726fad2aSDina K Nimeh * fields enclosed by brackets "[]" replaced with your own identifying 17*726fad2aSDina K Nimeh * information: Portions Copyright [yyyy] [name of copyright owner] 18*726fad2aSDina K Nimeh * 19*726fad2aSDina K Nimeh * CDDL HEADER END 20*726fad2aSDina K Nimeh */ 21*726fad2aSDina K Nimeh 22*726fad2aSDina K Nimeh /* 23*726fad2aSDina K Nimeh * Copyright (c) 2003, 2010, Oracle and/or its affiliates. All rights reserved. 24*726fad2aSDina K Nimeh */ 25*726fad2aSDina K Nimeh 26*726fad2aSDina K Nimeh #ifndef _DSA_IMPL_H 27*726fad2aSDina K Nimeh #define _DSA_IMPL_H 28*726fad2aSDina K Nimeh 29*726fad2aSDina K Nimeh #ifdef __cplusplus 30*726fad2aSDina K Nimeh extern "C" { 31*726fad2aSDina K Nimeh #endif 32*726fad2aSDina K Nimeh 33*726fad2aSDina K Nimeh #include <sys/types.h> 34*726fad2aSDina K Nimeh #include <bignum.h> 35*726fad2aSDina K Nimeh 36*726fad2aSDina K Nimeh /* DSA Signature is always 40 bytes */ 37*726fad2aSDina K Nimeh #define DSA_SIGNATURE_LENGTH 40 38*726fad2aSDina K Nimeh #define MIN_DSA_KEY_LEN (512 >> 3) 39*726fad2aSDina K Nimeh #define MAX_DSA_KEY_LEN (1024 >> 3) 40*726fad2aSDina K Nimeh 41*726fad2aSDina K Nimeh #define DSA_SUBPRIME_BITS 160 42*726fad2aSDina K Nimeh #define DSA_SUBPRIME_BYTES (DSA_SUBPRIME_BITS >> 3) 43*726fad2aSDina K Nimeh 44*726fad2aSDina K Nimeh #ifdef _KERNEL 45*726fad2aSDina K Nimeh 46*726fad2aSDina K Nimeh #include <sys/sunddi.h> 47*726fad2aSDina K Nimeh #include <sys/crypto/common.h> 48*726fad2aSDina K Nimeh 49*726fad2aSDina K Nimeh #define CK_RV int 50*726fad2aSDina K Nimeh 51*726fad2aSDina K Nimeh #define CKR_OK CRYPTO_SUCCESS 52*726fad2aSDina K Nimeh #define CKR_ARGUMENTS_BAD CRYPTO_ARGUMENTS_BAD 53*726fad2aSDina K Nimeh #define CKR_ATTRIBUTE_VALUE_INVALID CRYPTO_ATTRIBUTE_VALUE_INVALID 54*726fad2aSDina K Nimeh #define CKR_DEVICE_ERROR CRYPTO_DEVICE_ERROR 55*726fad2aSDina K Nimeh #define CKR_GENERAL_ERROR CRYPTO_GENERAL_ERROR 56*726fad2aSDina K Nimeh #define CKR_HOST_MEMORY CRYPTO_HOST_MEMORY 57*726fad2aSDina K Nimeh #define CKR_KEY_SIZE_RANGE CRYPTO_KEY_SIZE_RANGE 58*726fad2aSDina K Nimeh #define CKR_SIGNATURE_INVALID CRYPTO_SIGNATURE_INVALID 59*726fad2aSDina K Nimeh 60*726fad2aSDina K Nimeh int random_get_bytes(uint8_t *ran_out, size_t ran_len); 61*726fad2aSDina K Nimeh int random_get_pseudo_bytes(uint8_t *ran_out, size_t ran_len); 62*726fad2aSDina K Nimeh 63*726fad2aSDina K Nimeh #else 64*726fad2aSDina K Nimeh 65*726fad2aSDina K Nimeh #include <security/cryptoki.h> 66*726fad2aSDina K Nimeh #include <security/pkcs11t.h> 67*726fad2aSDina K Nimeh 68*726fad2aSDina K Nimeh #endif /* _KERNEL */ 69*726fad2aSDina K Nimeh 70*726fad2aSDina K Nimeh 71*726fad2aSDina K Nimeh /* DSA key using BIGNUM representations */ 72*726fad2aSDina K Nimeh typedef struct { 73*726fad2aSDina K Nimeh int size; /* key size in bits */ 74*726fad2aSDina K Nimeh BIGNUM p; /* p (<size-bit> prime) */ 75*726fad2aSDina K Nimeh BIGNUM q; /* q (160-bit prime) */ 76*726fad2aSDina K Nimeh BIGNUM g; /* g (the base) */ 77*726fad2aSDina K Nimeh BIGNUM x; /* private key (< q) */ 78*726fad2aSDina K Nimeh BIGNUM y; /* = g^x mod p */ 79*726fad2aSDina K Nimeh BIGNUM k; /* k (random number < q) */ 80*726fad2aSDina K Nimeh BIGNUM r; /* r (signature 1st part) */ 81*726fad2aSDina K Nimeh BIGNUM s; /* s (signature 2st part) */ 82*726fad2aSDina K Nimeh BIGNUM v; /* v (verification value - should be = r) */ 83*726fad2aSDina K Nimeh BIGNUM p_rr; /* 2^(2*(32*p->len)) mod p */ 84*726fad2aSDina K Nimeh BIGNUM q_rr; /* 2^(2*(32*q->len)) mod q */ 85*726fad2aSDina K Nimeh } DSAkey; 86*726fad2aSDina K Nimeh 87*726fad2aSDina K Nimeh /* DSA key using byte string representations, useful for parameter lists */ 88*726fad2aSDina K Nimeh typedef struct { 89*726fad2aSDina K Nimeh uint32_t prime_bits; /* size */ 90*726fad2aSDina K Nimeh uchar_t *prime; /* p */ 91*726fad2aSDina K Nimeh uint32_t subprime_bits; /* = 160 */ 92*726fad2aSDina K Nimeh uchar_t *subprime; /* q */ 93*726fad2aSDina K Nimeh uint32_t base_bytes; 94*726fad2aSDina K Nimeh uchar_t *base; /* g */ 95*726fad2aSDina K Nimeh uchar_t *private_x; /* x */ 96*726fad2aSDina K Nimeh uint32_t private_x_bits; 97*726fad2aSDina K Nimeh uchar_t *public_y; /* y */ 98*726fad2aSDina K Nimeh uint32_t public_y_bits; 99*726fad2aSDina K Nimeh uchar_t *signature; /* concat(r, s) */ 100*726fad2aSDina K Nimeh int (*rfunc)(void *, size_t); /* random function */ 101*726fad2aSDina K Nimeh } DSAbytekey; 102*726fad2aSDina K Nimeh 103*726fad2aSDina K Nimeh 104*726fad2aSDina K Nimeh CK_RV dsa_genkey_pair(DSAbytekey *bkey); 105*726fad2aSDina K Nimeh 106*726fad2aSDina K Nimeh CK_RV dsa_sign(DSAbytekey *bkey, uchar_t *msg, uint32_t msglen, uchar_t *sig); 107*726fad2aSDina K Nimeh 108*726fad2aSDina K Nimeh CK_RV dsa_verify(DSAbytekey *bkey, uchar_t *msg, uchar_t *sig); 109*726fad2aSDina K Nimeh 110*726fad2aSDina K Nimeh #ifdef __cplusplus 111*726fad2aSDina K Nimeh } 112*726fad2aSDina K Nimeh #endif 113*726fad2aSDina K Nimeh 114*726fad2aSDina K Nimeh #endif /* _DSA_IMPL_H */ 115