diff options
Diffstat (limited to '')
-rw-r--r-- | comm/third_party/rnp/src/lib/ffi-priv-types.h | 240 |
1 files changed, 240 insertions, 0 deletions
diff --git a/comm/third_party/rnp/src/lib/ffi-priv-types.h b/comm/third_party/rnp/src/lib/ffi-priv-types.h new file mode 100644 index 0000000000..beb624c9ba --- /dev/null +++ b/comm/third_party/rnp/src/lib/ffi-priv-types.h @@ -0,0 +1,240 @@ +/*- + * Copyright (c) 2019 Ribose Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR + * CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ + +#include <rnp/rnp.h> +#include <json.h> +#include "utils.h" +#include <list> +#include <crypto/mem.h> +#include "sec_profile.hpp" + +struct rnp_key_handle_st { + rnp_ffi_t ffi; + pgp_key_search_t locator; + pgp_key_t * pub; + pgp_key_t * sec; +}; + +struct rnp_uid_handle_st { + rnp_ffi_t ffi; + pgp_key_t *key; + size_t idx; +}; + +struct rnp_signature_handle_st { + rnp_ffi_t ffi; + const pgp_key_t *key; + pgp_subsig_t * sig; + bool own_sig; +}; + +struct rnp_recipient_handle_st { + rnp_ffi_t ffi; + uint8_t keyid[PGP_KEY_ID_SIZE]; + pgp_pubkey_alg_t palg; +}; + +struct rnp_symenc_handle_st { + rnp_ffi_t ffi; + pgp_symm_alg_t alg; + pgp_hash_alg_t halg; + pgp_s2k_specifier_t s2k_type; + uint32_t iterations; + pgp_aead_alg_t aalg; +}; + +struct rnp_ffi_st { + FILE * errs; + rnp_key_store_t * pubring; + rnp_key_store_t * secring; + rnp_get_key_cb getkeycb; + void * getkeycb_ctx; + rnp_password_cb getpasscb; + void * getpasscb_ctx; + pgp_key_provider_t key_provider; + pgp_password_provider_t pass_provider; + rnp::SecurityContext context; + + rnp_ffi_st(pgp_key_store_format_t pub_fmt, pgp_key_store_format_t sec_fmt); + ~rnp_ffi_st(); + + rnp::RNG & rng() noexcept; + rnp::SecurityProfile &profile() noexcept; +}; + +struct rnp_input_st { + /* either src or src_directory are valid, not both */ + pgp_source_t src; + std::string src_directory; + rnp_input_reader_t *reader; + rnp_input_closer_t *closer; + void * app_ctx; + + rnp_input_st(); + rnp_input_st(const rnp_input_st &) = delete; + rnp_input_st(rnp_input_st &&) = delete; + ~rnp_input_st(); + + rnp_input_st &operator=(const rnp_input_st &) = delete; + rnp_input_st &operator=(rnp_input_st &&src); +}; + +struct rnp_output_st { + /* either dst or dst_directory are valid, not both */ + pgp_dest_t dst; + char * dst_directory; + rnp_output_writer_t *writer; + rnp_output_closer_t *closer; + void * app_ctx; + bool keep; +}; + +struct rnp_op_generate_st { + rnp_ffi_t ffi{}; + bool primary{}; + pgp_key_t *primary_sec{}; + pgp_key_t *primary_pub{}; + pgp_key_t *gen_sec{}; + pgp_key_t *gen_pub{}; + /* password used to encrypt the key, if specified */ + rnp::secure_vector<char> password; + /* request password for key encryption via ffi's password provider */ + bool request_password{}; + /* we don't use top-level keygen action here for easier fields access */ + rnp_keygen_crypto_params_t crypto{}; + rnp_key_protection_params_t protection{}; + rnp_selfsig_cert_info_t cert{}; + rnp_selfsig_binding_info_t binding{}; +}; + +struct rnp_op_sign_signature_st { + rnp_ffi_t ffi{}; + rnp_signer_info_t signer{}; + bool expiry_set : 1; + bool create_set : 1; + bool hash_set : 1; +}; + +typedef std::list<rnp_op_sign_signature_st> rnp_op_sign_signatures_t; + +struct rnp_op_sign_st { + rnp_ffi_t ffi{}; + rnp_input_t input{}; + rnp_output_t output{}; + rnp_ctx_t rnpctx{}; + rnp_op_sign_signatures_t signatures{}; +}; + +struct rnp_op_verify_signature_st { + rnp_ffi_t ffi; + rnp_result_t verify_status; + pgp_signature_t sig_pkt; +}; + +struct rnp_op_verify_st { + rnp_ffi_t ffi{}; + rnp_input_t input{}; + rnp_input_t detached_input{}; /* for detached signature will be source file/data */ + rnp_output_t output{}; + rnp_ctx_t rnpctx{}; + /* these fields are filled after operation execution */ + rnp_op_verify_signature_t signatures{}; + size_t signature_count{}; + char * filename{}; + uint32_t file_mtime{}; + /* encryption information */ + bool encrypted{}; + bool mdc{}; + bool validated{}; + pgp_aead_alg_t aead{}; + pgp_symm_alg_t salg{}; + bool ignore_sigs{}; + bool require_all_sigs{}; + bool allow_hidden{}; + /* recipient/symenc information */ + rnp_recipient_handle_t recipients{}; + size_t recipient_count{}; + rnp_recipient_handle_t used_recipient{}; + rnp_symenc_handle_t symencs{}; + size_t symenc_count{}; + rnp_symenc_handle_t used_symenc{}; + size_t encrypted_layers{}; + + ~rnp_op_verify_st(); +}; + +struct rnp_op_encrypt_st { + rnp_ffi_t ffi{}; + rnp_input_t input{}; + rnp_output_t output{}; + rnp_ctx_t rnpctx{}; + rnp_op_sign_signatures_t signatures{}; +}; + +#define RNP_LOCATOR_MAX_SIZE (MAX_ID_LENGTH + 1) +static_assert(RNP_LOCATOR_MAX_SIZE > PGP_FINGERPRINT_SIZE * 2, "Locator size mismatch."); +static_assert(RNP_LOCATOR_MAX_SIZE > PGP_KEY_ID_SIZE * 2, "Locator size mismatch."); +static_assert(RNP_LOCATOR_MAX_SIZE > PGP_KEY_GRIP_SIZE * 2, "Locator size mismatch."); +static_assert(RNP_LOCATOR_MAX_SIZE > MAX_ID_LENGTH, "Locator size mismatch."); + +struct rnp_identifier_iterator_st { + rnp_ffi_t ffi; + pgp_key_search_type_t type; + rnp_key_store_t * store; + std::list<pgp_key_t>::iterator *keyp; + unsigned uididx; + json_object * tbl; + char buf[RNP_LOCATOR_MAX_SIZE]; +}; + +struct rnp_decryption_kp_param_t { + rnp_op_verify_t op; + bool has_hidden; /* key provider had hidden keyid request */ + pgp_key_t * last; /* last key, returned in hidden keyid request */ + + rnp_decryption_kp_param_t(rnp_op_verify_t opobj) + : op(opobj), has_hidden(false), last(NULL){}; +}; + +/* This is just for readability at the call site and will hopefully reduce mistakes. + * + * Instead of: + * void do_something(rnp_ffi_t ffi, bool with_secret_keys); + * do_something(ffi, true); + * do_something(ffi, false); + * + * You can have something a bit clearer: + * void do_something(rnp_ffi_t ffi, key_type_t key_type); + * do_something(ffi, KEY_TYPE_PUBLIC); + * do_something(ffi, KEY_TYPE_SECRET); + */ +typedef enum key_type_t { + KEY_TYPE_NONE, + KEY_TYPE_PUBLIC, + KEY_TYPE_SECRET, + KEY_TYPE_ANY +} key_type_t; |