ref: 76b565d8b219c8db94a882e93725b4ab735414de
dir: /module/pkcs.m/
# # Public-Key Cryptography Standards (PKCS) # # Ref: http://www.rsa.com # RFC1423 # PKCS: module { PATH: con "/dis/lib/crypt/pkcs.dis"; init: fn(): string; # PKCS Object Identifiers objIdTab : array of ASN1->Oid; id_pkcs, id_pkcs_1, id_pkcs_rsaEncryption, id_pkcs_md2WithRSAEncryption, id_pkcs_md4WithRSAEncryption, id_pkcs_md5WithRSAEncryption, id_pkcs_3, id_pkcs_dhKeyAgreement, id_pkcs_5, id_pkcs_pbeWithMD2AndDESCBC, id_pkcs_pbeWithMD5AndDESCBC, id_pkcs_7, id_pkcs_data, id_pkcs_singnedData, id_pkcs_envelopedData, id_pkcs_signedAndEnvelopedData, id_pkcs_digestData, id_pkcs_encryptedData, id_pkcs_9, id_pkcs_emailAddress, id_pkcs_unstructuredName, id_pkcs_contentType, id_pkcs_messageDigest, id_pkcs_signingTime, id_pkcs_countersignature, id_pkcs_challengePassword, id_pkcs_unstructuredAddress, id_pkcs_extCertAttrs, id_algorithm_shaWithDSS : con iota; # PKCS1 RSAParams: adt { modulus : ref Keyring->IPint; exponent : ref Keyring->IPint; }; RSAKey: adt { modulus : ref Keyring->IPint; modlen : int; exponent : ref Keyring->IPint; bits: fn(k: self ref RSAKey): int; #tostring: fn(k: self ref RSAKey): string; }; MD2_WithRSAEncryption : con 0; MD5_WithRSAEncryption : con 1; rsa_encrypt: fn(data: array of byte, key: ref RSAKey, blocktype: int): (string, array of byte); rsa_decrypt: fn(data: array of byte, key: ref RSAKey, public: int): (string, array of byte); rsa_sign: fn(data: array of byte, sk: ref RSAKey, algid: int): (string, array of byte); rsa_verify: fn(data, signature: array of byte, pk: ref RSAKey, algid: int): int; decode_rsapubkey: fn(a: array of byte): (string, ref RSAKey); # Note: # DSS included here is only for completeness. DSSParams: adt { p : ref Keyring->IPint; q : ref Keyring->IPint; alpha : ref Keyring->IPint; }; DSSPublicKey: adt { params : ref DSSParams; y : ref Keyring->IPint; }; DSSPrivateKey: adt { params : ref DSSParams; x : ref Keyring->IPint; }; generateDSSKeyPair: fn(strength: int): (ref DSSPublicKey, ref DSSPrivateKey); dss_sign: fn(a: array of byte, sk: ref DSSPrivateKey): (string, array of byte); dss_verify: fn(a, signa: array of byte, pk: ref DSSPublicKey): int; decode_dsspubkey: fn(a: array of byte): (string, ref DSSPublicKey); # PKCS3 DHParams: adt { prime : ref Keyring->IPint; # prime (p) base : ref Keyring->IPint; # generator (alpha) privateValueLength : int; }; DHPublicKey: adt { param : ref DHParams; pk : ref Keyring->IPint; }; DHPrivateKey: adt { param : ref DHParams; pk : ref Keyring->IPint; sk : ref Keyring->IPint; }; generateDHParams: fn(primelen: int): ref DHParams; setupDHAgreement: fn(dh: ref DHParams): (ref DHPrivateKey, ref DHPublicKey); computeDHAgreedKey: fn(dh: ref DHParams, mysk, upk: ref Keyring->IPint): array of byte; decode_dhpubkey: fn(a: array of byte): (string, ref DHPublicKey); # PKCS5 PBEParams: adt { salt : array of byte; # [8] iterationCount : int; }; PBE_MD2_DESCBC : con 0; PBE_MD5_DESCBC : con 1; generateDESKey: fn(pw: array of byte, param: ref PBEParams, alg: int) : (ref Keyring->DESstate, array of byte, array of byte); pbe_encrypt: fn(state: ref Keyring->DESstate, b: array of byte): array of byte; pbe_decrypt: fn(state: ref Keyring->DESstate, eb: array of byte): array of byte; # PKCS6 ExtCertInfo: adt { version : int; cert : array of byte; # der encoded x509 Certificate attrs : list of array of byte; # attribute as array of byte }; # PKCS7 # See module X509 # PKCS8 PrivateKeyInfo: adt { # as SEQUENCE version : int; # should be 0 privateKeyAlgorithm : ref AlgIdentifier; privateKey : array of byte; # octet string attrs : list of array of byte; # [0] IMPLICIT Attributes OPTIONAL encode: fn(p: self ref PrivateKeyInfo): (string, array of byte); decode: fn(a: array of byte): (string, ref PrivateKeyInfo); }; EncryptedPrivateKeyInfo: adt { # as SEQUENCE encryptionAlgorithm : ref AlgIdentifier; encryptedData : array of byte; # octet string encode: fn(ep: self ref EncryptedPrivateKeyInfo): (string, array of byte); decode: fn(a: array of byte): (string, ref EncryptedPrivateKeyInfo); }; AlgIdentifier: adt { # TODO: move this to ASN1 oid : ref ASN1->Oid; parameter : array of byte; }; # PKCS10 # See module X509 };