diff options
Diffstat (limited to 'module/pkcs.m')
| -rw-r--r-- | module/pkcs.m | 176 |
1 files changed, 176 insertions, 0 deletions
diff --git a/module/pkcs.m b/module/pkcs.m new file mode 100644 index 00000000..cf164e59 --- /dev/null +++ b/module/pkcs.m @@ -0,0 +1,176 @@ +# +# Public-Key Cryptography Standards (PKCS) +# +# Ref: http://www.rsa.com +# RFC1423 +# + +PKCS: module { + + PATH: con "/dis/lib/crypt/pkcs.dis"; + + init: fn(): string; + + # PKCS Object Identifiers + + objIdTab : array of ASN1->Oid; + + id_pkcs, + id_pkcs_1, + id_pkcs_rsaEncryption, + id_pkcs_md2WithRSAEncryption, + id_pkcs_md4WithRSAEncryption, + id_pkcs_md5WithRSAEncryption, + id_pkcs_3, + id_pkcs_dhKeyAgreement, + id_pkcs_5, + id_pkcs_pbeWithMD2AndDESCBC, + id_pkcs_pbeWithMD5AndDESCBC, + id_pkcs_7, + id_pkcs_data, + id_pkcs_singnedData, + id_pkcs_envelopedData, + id_pkcs_signedAndEnvelopedData, + id_pkcs_digestData, + id_pkcs_encryptedData, + id_pkcs_9, + id_pkcs_emailAddress, + id_pkcs_unstructuredName, + id_pkcs_contentType, + id_pkcs_messageDigest, + id_pkcs_signingTime, + id_pkcs_countersignature, + id_pkcs_challengePassword, + id_pkcs_unstructuredAddress, + id_pkcs_extCertAttrs, + id_algorithm_shaWithDSS : con iota; + + # PKCS1 + + RSAParams: adt { + modulus : ref Keyring->IPint; + exponent : ref Keyring->IPint; + }; + + RSAKey: adt { + modulus : ref Keyring->IPint; + modlen : int; + exponent : ref Keyring->IPint; + + bits: fn(k: self ref RSAKey): int; + #tostring: fn(k: self ref RSAKey): string; + }; + + MD2_WithRSAEncryption : con 0; + MD5_WithRSAEncryption : con 1; + + rsa_encrypt: fn(data: array of byte, key: ref RSAKey, blocktype: int): (string, array of byte); + rsa_decrypt: fn(data: array of byte, key: ref RSAKey, public: int): (string, array of byte); + rsa_sign: fn(data: array of byte, sk: ref RSAKey, algid: int): (string, array of byte); + rsa_verify: fn(data, signature: array of byte, pk: ref RSAKey, algid: int): int; + decode_rsapubkey: fn(a: array of byte): (string, ref RSAKey); + + # Note: + # DSS included here is only for completeness. + + DSSParams: adt { + p : ref Keyring->IPint; + q : ref Keyring->IPint; + alpha : ref Keyring->IPint; + }; + + DSSPublicKey: adt { + params : ref DSSParams; + y : ref Keyring->IPint; + }; + + DSSPrivateKey: adt { + params : ref DSSParams; + x : ref Keyring->IPint; + }; + + generateDSSKeyPair: fn(strength: int): (ref DSSPublicKey, ref DSSPrivateKey); + dss_sign: fn(a: array of byte, sk: ref DSSPrivateKey): (string, array of byte); + dss_verify: fn(a, signa: array of byte, pk: ref DSSPublicKey): int; + decode_dsspubkey: fn(a: array of byte): (string, ref DSSPublicKey); + + # PKCS3 + + DHParams: adt { + prime : ref Keyring->IPint; # prime (p) + base : ref Keyring->IPint; # generator (alpha) + privateValueLength : int; + }; + + DHPublicKey: adt { + param : ref DHParams; + pk : ref Keyring->IPint; + }; + + DHPrivateKey: adt { + param : ref DHParams; + pk : ref Keyring->IPint; + sk : ref Keyring->IPint; + }; + + generateDHParams: fn(primelen: int): ref DHParams; + setupDHAgreement: fn(dh: ref DHParams): (ref DHPrivateKey, ref DHPublicKey); + computeDHAgreedKey: fn(dh: ref DHParams, mysk, upk: ref Keyring->IPint): array of byte; + decode_dhpubkey: fn(a: array of byte): (string, ref DHPublicKey); + + # PKCS5 + + PBEParams: adt { + salt : array of byte; # [8] + iterationCount : int; + }; + + PBE_MD2_DESCBC : con 0; + PBE_MD5_DESCBC : con 1; + + generateDESKey: fn(pw: array of byte, param: ref PBEParams, alg: int) + : (ref Keyring->DESstate, array of byte, array of byte); + pbe_encrypt: fn(state: ref Keyring->DESstate, b: array of byte): array of byte; + pbe_decrypt: fn(state: ref Keyring->DESstate, eb: array of byte): array of byte; + + # PKCS6 + + ExtCertInfo: adt { + version : int; + cert : array of byte; # der encoded x509 Certificate + attrs : list of array of byte; # attribute as array of byte + }; + + # PKCS7 + # See module X509 + + # PKCS8 + + PrivateKeyInfo: adt { # as SEQUENCE + version : int; # should be 0 + privateKeyAlgorithm : ref AlgIdentifier; + privateKey : array of byte; # octet string + attrs : list of array of byte; # [0] IMPLICIT Attributes OPTIONAL + + encode: fn(p: self ref PrivateKeyInfo): (string, array of byte); + decode: fn(a: array of byte): (string, ref PrivateKeyInfo); + }; + + EncryptedPrivateKeyInfo: adt { # as SEQUENCE + encryptionAlgorithm : ref AlgIdentifier; + encryptedData : array of byte; # octet string + + encode: fn(ep: self ref EncryptedPrivateKeyInfo): (string, array of byte); + decode: fn(a: array of byte): (string, ref EncryptedPrivateKeyInfo); + }; + + AlgIdentifier: adt { # TODO: move this to ASN1 + oid : ref ASN1->Oid; + parameter : array of byte; + }; + + # PKCS10 + # See module X509 +}; + + |