• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 // Copyright 2023 Google LLC
2 //
3 // Licensed under the Apache License, Version 2.0 (the "License");
4 // you may not use this file except in compliance with the License.
5 // You may obtain a copy of the License at
6 //
7 //    https://www.apache.org/licenses/LICENSE-2.0
8 //
9 // Unless required by applicable law or agreed to in writing, software
10 // distributed under the License is distributed on an "AS IS" BASIS,
11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 // See the License for the specific language governing permissions and
13 // limitations under the License.
14 
15 #ifndef ANONYMOUS_TOKENS_CPP_CRYPTO_CONSTANTS_H_
16 #define ANONYMOUS_TOKENS_CPP_CRYPTO_CONSTANTS_H_
17 
18 #include <cstdint>
19 
20 #include "absl/strings/string_view.h"
21 
22 
23 namespace anonymous_tokens {
24 
25 // Returned integer on successful execution of BoringSSL methods
26 constexpr int kBsslSuccess = 1;
27 
28 // RSA modulus size, 4096 bits
29 //
30 // Our recommended size.
31 constexpr int kRsaModulusSizeInBits4096 = 4096;
32 
33 // RSA modulus size, 512 bytes
34 constexpr int kRsaModulusSizeInBytes512 = 512;
35 
36 // RSA modulus size, 2048 bits
37 //
38 // Recommended size for RSA Blind Signatures without Public Metadata.
39 //
40 // https://www.ietf.org/archive/id/draft-ietf-privacypass-protocol-08.html#name-token-type-blind-rsa-2048-b.
41 constexpr int kRsaModulusSizeInBits2048 = 2048;
42 
43 // RSA modulus size, 256 bytes
44 constexpr int kRsaModulusSizeInBytes256 = 256;
45 
46 // Salt length, 48 bytes
47 //
48 // Recommended size. The convention is to use hLen, the length of the output of
49 // the hash function in bytes. A salt length of zero will result in a
50 // deterministic signature value.
51 //
52 // https://datatracker.ietf.org/doc/draft-irtf-cfrg-rsa-blind-signatures/
53 constexpr int kSaltLengthInBytes48 = 48;
54 
55 // Length of message mask, 32 bytes.
56 //
57 // https://datatracker.ietf.org/doc/draft-irtf-cfrg-rsa-blind-signatures/
58 constexpr int kRsaMessageMaskSizeInBytes32 = 32;
59 
60 // Info used in HKDF for Public Metadata Hash.
61 constexpr absl::string_view kHkdfPublicMetadataInfo = "PBRSA";
62 
63 constexpr int kHkdfPublicMetadataInfoSizeInBytes = 5;
64 
65 // Object identifier for Rivest, Shamir, Adleman (RSA) Signature Scheme with
66 // Appendix - Probabilistic Signature Scheme (RSASSA-PSS) defined here:
67 // https://oidref.com/1.2.840.113549.1.1.10
68 constexpr char kRsaSsaPssOid[] = "1.2.840.113549.1.1.10";
69 
70 // Object identifier for SHA384 defined here:
71 // https://oidref.com/2.16.840.1.101.3.4.2.2
72 constexpr char kSha384Oid[] = "2.16.840.1.101.3.4.2.2";
73 
74 // Object identifier for RSA algorithm that uses the Mask Generator Function 1
75 // (MGF1) defined here:
76 // https://oidref.com/1.2.840.113549.1.1.8
77 constexpr char kRsaSsaPssMgf1Oid[] = "1.2.840.113549.1.1.8";
78 
79 }  // namespace anonymous_tokens
80 
81 
82 #endif  // ANONYMOUS_TOKENS_CPP_CRYPTO_CONSTANTS_H_
83