1 /* 2 * This file is part of the openHiTLS project. 3 * 4 * openHiTLS is licensed under the Mulan PSL v2. 5 * You can use this software according to the terms and conditions of the Mulan PSL v2. 6 * You may obtain a copy of Mulan PSL v2 at: 7 * 8 * http://license.coscl.org.cn/MulanPSL2 9 * 10 * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, 11 * EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, 12 * MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE. 13 * See the Mulan PSL v2 for more details. 14 */ 15 16 /** 17 * @defgroup hitls_crypt_reg 18 * @ingroup hitls 19 * @brief Algorithm related interfaces to be registered 20 */ 21 22 #ifndef HITLS_CRYPT_TYPE_H 23 #define HITLS_CRYPT_TYPE_H 24 25 #include <stdint.h> 26 #include <stdbool.h> 27 #include "bsl_obj.h" 28 29 #ifdef __cplusplus 30 extern "C" { 31 #endif 32 33 typedef void HITLS_Lib_Ctx; 34 35 /** 36 * @ingroup hitls_crypt_type 37 * @brief Key handle, which is converted into the corresponding structure based on the algorithm library 38 * used by the user. 39 */ 40 typedef void HITLS_CRYPT_Key; 41 42 /** 43 * @ingroup hitls_crypt_type 44 * @brief Hash context. The user converts the structure based on the algorithm library. 45 */ 46 typedef void HITLS_HASH_Ctx; 47 48 /** 49 * @ingroup hitls_crypt_type 50 * @brief HMAC context. The user converts the HMAC context into the corresponding structure 51 * based on the algorithm library. 52 */ 53 typedef void HITLS_HMAC_Ctx; 54 55 /** 56 * @ingroup hitls_crypt_type 57 * @brief cipher context. The user converts the cipher context into the corresponding structure 58 * based on the algorithm library. 59 */ 60 typedef void HITLS_Cipher_Ctx; 61 62 typedef struct BslList HITLS_CIPHER_List; 63 64 /** 65 * @ingroup hitls_crypt_type 66 * @brief Enumerated value of the symmetric encryption algorithm type. 67 */ 68 typedef enum { 69 HITLS_AEAD_CIPHER, 70 HITLS_CBC_CIPHER, 71 HITLS_CIPHER_TYPE_BUTT = 255 72 } HITLS_CipherType; 73 74 /** 75 * @ingroup hitls_crypt_type 76 * @brief Enumerated value of the symmetric encryption algorithm. 77 */ 78 typedef enum { 79 HITLS_CIPHER_NULL = BSL_CID_NULL, // Represents a null value, no encryption or decryption 80 HITLS_CIPHER_AES_128_CBC = BSL_CID_AES128_CBC, 81 HITLS_CIPHER_AES_256_CBC = BSL_CID_AES256_CBC, 82 HITLS_CIPHER_AES_128_GCM = BSL_CID_AES128_GCM, 83 HITLS_CIPHER_AES_256_GCM = BSL_CID_AES256_GCM, 84 HITLS_CIPHER_AES_128_CCM = BSL_CID_AES128_CCM, 85 HITLS_CIPHER_AES_256_CCM = BSL_CID_AES256_CCM, 86 HITLS_CIPHER_AES_128_CCM8 = BSL_CID_AES128_CCM8, 87 HITLS_CIPHER_AES_256_CCM8 = BSL_CID_AES256_CCM8, 88 HITLS_CIPHER_CHACHA20_POLY1305 = BSL_CID_CHACHA20_POLY1305, 89 HITLS_CIPHER_SM4_CBC = BSL_CID_SM4_CBC, 90 HITLS_CIPHER_SM4_GCM = BSL_CID_SM4_GCM, 91 HITLS_CIPHER_BUTT = BSL_CID_UNKNOWN // Represents an unrecognized algorithm type 92 } HITLS_CipherAlgo; 93 94 /** 95 * @ingroup hitls_crypt_type 96 * @brief Hash algorithm enumeration 97 */ 98 typedef enum { 99 HITLS_HASH_NULL = BSL_CID_NULL, // Represents a null value, no hash operation 100 HITLS_HASH_MD5 = BSL_CID_MD5, 101 HITLS_HASH_SHA1 = BSL_CID_SHA1, 102 HITLS_HASH_SHA_224 = BSL_CID_SHA224, 103 HITLS_HASH_SHA_256 = BSL_CID_SHA256, 104 HITLS_HASH_SHA_384 = BSL_CID_SHA384, 105 HITLS_HASH_SHA_512 = BSL_CID_SHA512, 106 HITLS_HASH_SM3 = BSL_CID_SM3, 107 HITLS_HASH_BUTT = BSL_CID_UNKNOWN // Represents an unrecognized algorithm type 108 } HITLS_HashAlgo; // CRYPT_MD_AlgId 109 110 /** 111 * @ingroup hitls_crypt_type 112 * @brief MAC algorithm enumerated value 113 */ 114 typedef enum { 115 HITLS_MAC_NULL = BSL_CID_NULL, // Represents a null value, no MAC operation 116 HITLS_MAC_MD5 = BSL_CID_HMAC_MD5, 117 HITLS_MAC_1 = BSL_CID_HMAC_SHA1, 118 HITLS_MAC_224 = BSL_CID_HMAC_SHA224, 119 HITLS_MAC_256 = BSL_CID_HMAC_SHA256, 120 HITLS_MAC_384 = BSL_CID_HMAC_SHA384, 121 HITLS_MAC_512 = BSL_CID_HMAC_SHA512, 122 HITLS_MAC_SM3 = BSL_CID_HMAC_SM3, 123 HITLS_MAC_AEAD = BSL_CID_MAC_AEAD, 124 HITLS_MAC_BUTT = BSL_CID_UNKNOWN // Represents an unrecognized algorithm type 125 } HITLS_MacAlgo; 126 127 /** 128 * @ingroup hitls_crypt_type 129 * @brief Enumerated value of the authentication algorithm 130 */ 131 typedef enum { 132 HITLS_AUTH_NULL, 133 HITLS_AUTH_RSA, 134 HITLS_AUTH_ECDSA, 135 HITLS_AUTH_DSS, 136 HITLS_AUTH_PSK, 137 HITLS_AUTH_SM2, 138 HITLS_AUTH_ANY, 139 HITLS_AUTH_BUTT = 255 140 } HITLS_AuthAlgo; 141 142 /** 143 * @ingroup hitls_crypt_type 144 * @brief Key exchange algorithm enumerated value 145 */ 146 typedef enum { 147 HITLS_KEY_EXCH_NULL, 148 HITLS_KEY_EXCH_ECDHE, 149 HITLS_KEY_EXCH_DHE, 150 HITLS_KEY_EXCH_ECDH, 151 HITLS_KEY_EXCH_DH, 152 HITLS_KEY_EXCH_RSA, 153 HITLS_KEY_EXCH_PSK, 154 HITLS_KEY_EXCH_DHE_PSK, 155 HITLS_KEY_EXCH_ECDHE_PSK, 156 HITLS_KEY_EXCH_RSA_PSK, 157 HITLS_KEY_EXCH_ECC, /* sm2 encrypt */ 158 HITLS_KEY_EXCH_BUTT = 255 159 } HITLS_KeyExchAlgo; 160 161 /** 162 * @ingroup hitls_crypt_type 163 * @brief Signature algorithm enumeration 164 */ 165 typedef enum { 166 HITLS_SIGN_RSA_PKCS1_V15 = BSL_CID_RSA, 167 HITLS_SIGN_DSA = BSL_CID_DSA, 168 HITLS_SIGN_ECDSA = BSL_CID_ECDSA, 169 HITLS_SIGN_RSA_PSS = BSL_CID_RSASSAPSS, 170 HITLS_SIGN_ED25519 = BSL_CID_ED25519, 171 HITLS_SIGN_SM2 = BSL_CID_SM2DSA, 172 HITLS_SIGN_BUTT = 255 173 } HITLS_SignAlgo; 174 175 /** 176 * @ingroup hitls_crypt_type 177 * @brief Elliptic curve type enumerated value 178 */ 179 typedef enum { 180 HITLS_EC_CURVE_TYPE_NAMED_CURVE = 3, 181 HITLS_EC_CURVE_TYPE_BUTT = 255 182 } HITLS_ECCurveType; 183 184 /** 185 * @ingroup hitls_crypt_type 186 * @brief Named Group enumerated value 187 */ 188 typedef enum { 189 HITLS_EC_GROUP_SECP256R1 = 23, 190 HITLS_EC_GROUP_SECP384R1 = 24, 191 HITLS_EC_GROUP_SECP521R1 = 25, 192 HITLS_EC_GROUP_BRAINPOOLP256R1 = 26, 193 HITLS_EC_GROUP_BRAINPOOLP384R1 = 27, 194 HITLS_EC_GROUP_BRAINPOOLP512R1 = 28, 195 HITLS_EC_GROUP_CURVE25519 = 29, 196 HITLS_EC_GROUP_SM2 = 41, 197 HITLS_FF_DHE_2048 = 256, 198 HITLS_FF_DHE_3072 = 257, 199 HITLS_FF_DHE_4096 = 258, 200 HITLS_FF_DHE_6144 = 259, 201 HITLS_FF_DHE_8192 = 260, 202 HITLS_HYBRID_X25519_MLKEM768 = 4588, 203 HITLS_HYBRID_ECDH_NISTP256_MLKEM768 = 4587, 204 HITLS_HYBRID_ECDH_NISTP384_MLKEM1024 = 4589, 205 HITLS_NAMED_GROUP_BUTT = 0xFFFFu 206 } HITLS_NamedGroup; 207 208 /** 209 * @ingroup hitls_crypt_type 210 * @brief Elliptic curve point format enumerated value 211 */ 212 typedef enum { 213 HITLS_POINT_FORMAT_UNCOMPRESSED = 0, 214 HITLS_POINT_FORMAT_BUTT = 255 215 } HITLS_ECPointFormat; 216 217 /** 218 * @ingroup hitls_crypt_type 219 * @brief Elliptic curve parameter 220 */ 221 typedef struct { 222 HITLS_ECCurveType type; /**< Elliptic curve type. */ 223 union { 224 void *prime; /**< Display prime number: corresponding to the protocol explicit_prime. */ 225 void *char2; /**< Display char2: corresponding to the protocol explicit_char2. */ 226 HITLS_NamedGroup namedcurve; /**< Elliptic curve ID. */ 227 } param; 228 } HITLS_ECParameters; 229 230 /** 231 * @ingroup hitls_crypt_type 232 * @brief Key parameters 233 */ 234 typedef struct { 235 HITLS_CipherType type; /**< Encryption algorithm type. Currently, only aead is supported. */ 236 HITLS_CipherAlgo algo; /**< Symmetric encryption algorithm. */ 237 const uint8_t *key; /**< Symmetry key. */ 238 uint32_t keyLen; /**< Symmetry key length. */ 239 const uint8_t *iv; /**< IV. */ 240 uint32_t ivLen; /**< IV length. */ 241 uint8_t *aad; /**< Aad: AEAD: one of the input parameters for encryption and decryption. 242 additional data. */ 243 uint32_t aadLen; /**< Aad length. */ 244 const uint8_t *hmacKey; /**< Hmac key. */ 245 uint32_t hmacKeyLen; /**< Hmac key length. */ 246 HITLS_Cipher_Ctx **ctx; /**< HITLS_Cipher_Ctx handle */ 247 } HITLS_CipherParameters; 248 249 /** 250 * @ingroup hitls_crypt_type 251 * @brief sm2 ecdhe negotiation key parameters 252 */ 253 typedef struct { 254 HITLS_CRYPT_Key *tmpPriKey; /* Local temporary private key. */ 255 uint8_t *tmpPeerPubkey; /* Peer temporary public key. */ 256 uint32_t tmpPeerPubKeyLen; /* Length of the peer temporary public key. */ 257 HITLS_CRYPT_Key *priKey; /* Local private key, which is used for SM2 algorithm negotiation. 258 It is the private key of the encryption certificate. */ 259 HITLS_CRYPT_Key *peerPubKey; /* Peer public key, which is used for SM2 algorithm negotiation. 260 It is the public key in the encryption certificate. */ 261 bool isClient; /* Client ID, which is used by the SM2 algorithm negotiation key. */ 262 } HITLS_Sm2GenShareKeyParameters; 263 264 /** 265 * @ingroup hitls_crypt_type 266 * @brief HKDF-Extract Input 267 */ 268 typedef struct { 269 HITLS_HashAlgo hashAlgo; /* Hash algorithm. */ 270 const uint8_t *salt; /* Salt value. */ 271 uint32_t saltLen; /* Salt value length. */ 272 const uint8_t *inputKeyMaterial; /* Input Keying Material. */ 273 uint32_t inputKeyMaterialLen; /* Ikm length. */ 274 } HITLS_CRYPT_HkdfExtractInput; 275 276 /** 277 * @ingroup hitls_crypt_type 278 * @brief HKDF-Expand Input 279 */ 280 typedef struct { 281 HITLS_HashAlgo hashAlgo; /* Hash algorithm. */ 282 const uint8_t *prk; /* A pseudorandom key of at least HashLen octets. */ 283 uint32_t prkLen; /* Prk length. */ 284 const uint8_t *info; /* Extended data. */ 285 uint32_t infoLen; /* Extend the data length. */ 286 } HITLS_CRYPT_HkdfExpandInput; 287 288 #ifdef __cplusplus 289 } 290 #endif 291 #endif 292