abc/GmSSL
1
0
Fork 0
mirror of https://github.com/guanzhi/GmSSL.git synced 2026-05-07 00:46:17 +08:00
Code Issues Packages Projects Releases Wiki Activity

add gm api headers

Browse Source
This commit is contained in:
Zhi Guan
2017-02-15 15:43:12 +08:00
parent b0d309b527
commit 065259f710
4 changed files with 2197 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

778
include/openssl/saf.h Normal file
View File

@@ -0,0 +1,778 @@
/* ====================================================================
* Copyright (c) 2016 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*/
/*
* SAF API is a crypto API with key and certificate management.
* The API is defined in the GM standard GM/T 0019-2012:
* Universal Cryptography Service Interface Specification
*/
#ifndef HEADER_SAF_H
#define HEADER_SAF_H
#define SGD_MAX_COUNT 64
#define SGD_MAX_NAME_SIZE 256
#ifdef __cplusplus
extern "C" {
#endif
typedef struct SGD_USR_CERT_ENUMLIST_ {
unsigned int certCount;
unsigned char *certificate[SGD_MAX_COUNT];
unsigned int certificateLen[SGD_MAX_COUNT];
unsigned char *containerName[SGD_MAX_COUNT];
unsigned int containterNameLen[SGD_MAX_COUNT]; //correct?ß
unsigned int keyUsage[SGD_MAX_COUNT];
} SGD_USR_CERT_ENUMLIST;
typedef struct SGD_KEYCONTAINERINFO_ENUMLIST_ {
unsigned int keyPairCount;
unsigned char *containerName[SGD_MAX_COUNT];
unsigned int conatinerNameLen[SGD_MAX_COUNT];
unsigned int keyUsage[SGD_MAX_COUNT];
unsigned int keyType[SGD_MAX_COUNT];
} SGD_KEYCONTAINERINFO_ENUMLIST;
typedef struct {
unsigned char dn_c[SGD_MAX_NAME_SIZE];
unsigned char dn_c_len[1];
unsigned char dn_s[SGD_MAX_NAME_SIZE];
unsigned char dn_s_len[1];
unsigned char dn_l[SGD_MAX_NAME_SIZE];
unsigned char dn_l_len[1];
unsigned char dn_o[5][SGD_MAX_NAME_SIZE];
unsigned int dn_o_len[5];
unsigned char dn_ou[5][SGD_MAX_NAME_SIZE];
unsigned int dn_ou_len[5];
unsigned char dn_cn[2][SGD_MAX_NAME_SIZE];
unsigned int dn_cn_len[2];
unsigned char dn_email[2][SGD_MAX_NAME_SIZE];
unsigned int dn_email_len[2];
} SGD_NAME_INFO;
int SAF_Initialize(
void **phAppHandle,
char *pubCfgFilePath);
int SAF_Finalize(
void *hAppHandle);
int SAF_GetVersion(
unsigned int *puiVersion);
int SAF_Login(
void *hAppHandle,
unsigned int uiUsrType,
unsigned char *pucContainerName,
unsigned int uiContainerNameLen,
unsigned char *pucPin,
unsigned int uiPinLen,
unsigned int *puiRemainCount);
int SAF_ChangePin(
void *hAppHandle,
unsigned int uiUsrType,
unsigned char *pucContainerName,
unsigned int uiContainerNameLen,
unsigned char *pucOldPin,
unsigned int uiOldPinLen,
unsigned char *pucNewPin,
unsigned int uiNewPinLen,
unsigned int *puiRemainCount);
int SAF_Logout(
void *hAppHandle,
unsigned int uiUsrType);
int SAF_AddTrustedRootCaCertificate(
void *hAppHandle,
unsigned char *pucCertificate,
unsigned int uiCertificateLen);
int SAF_GetRootCaCertificateCount(
void *hAppHandle,
unsigned int *puiCount);
int SAF_GetRootCaCertificate(
void *hAppHandle,
unsigned int uiIndex,
unsigned char *pucCertificate,
unsigned int *puiCertificateLen);
int SAF_RemoveRootCaCertificate(
void *hAppHandle,
unsigned int uiIndex);
int SAF_AddCaCertificate(
void *hAppHandle,
unsigned char *pucCertificate,
unsigned int *puiCertificateLen);
int SAF_GetCaCertificateCount(
void *hAppHandle,
unsigned int *puiCount);
int SAF_GetCaCertificate(
void *hAppHandle,
unsigned int uiIndex,
unsigned char *pucCertificate,
unsigned int *puiCertificateLen);
int SAF_RemoveCaCertificate(
void *hAppHandle,
unsigned int uiIndex);
int SAF_AddCrl(
void *hAppHandle,
unsigned char *pucDerCrl,
unsigned int uiDerCrlLen);
int SAF_VerifyCertificate(
void *hAppHandle,
unsigned char *pucUsrCertificate,
unsigned int uiUsrCertificateLen);
int SAF_VerifyCertificateByCrl(
void *hAppHandle,
unsigned char *pucUsrCertificate,
unsigned int uiUsrCertificateLen,
unsigned char *pucDerCrl,
unsigned int uiDerCrlLen);
int SAF_GetCertificateStateByOCSP(
void *hAppHandle,
unsigned char *pcOcspHostURL,
unsigned int uiOcspHostURLLen,
unsigned char *pucUsrCertificate,
unsigned int uiUsrCertificateLen,
unsigned char *pucCACertificate,
unsigned int uiCACertficateLen);
int SAF_GetCertFromLdap(
void *hAppHandle,
char *pcLdapHostURL,
unsigned int uiLdapHostURLLen,
unsigned char *pucQueryDN,
unsigned int uiQueryDNLen,
unsigned char *pucOutCert,
unsigned int *puiOutCertLen);
int SAF_GetCrlFromLdap(
void *hAppHandle,
char *pcLdapHostURL,
unsigned int uiLdapHostURLLen,
unsigned char *pucCertificate,
unsigned int uiCertificateLen,
unsigned char *pucCrlData,
unsigned int *puiCrlDataLen);
int SAF_GetCertificateInfo(
void *hAppHandle,
unsigned char *pucCertificate,
unsigned int uiCertificateLen,
unsigned int uiInfoType,
unsigned char *pucInfo,
unsigned int *puiInfoLen);
int SAF_GetExtTypeInfo(
void *hAppHandle,
unsigned char *pucDerCert,
unsigned int uiDerCertLen,
unsigned int uiInfoType,
unsigned char *pucPriOid,
unsigned int uiPriOidLen,
unsigned char *pucInfo,
unsigned int *puiInfoLen);
int SAF_EnumCertificates(
void *hAppHandle,
SGD_USR_CERT_ENUMLIST *usrCerts);
int SAF_EnumKeyContainerInfo(
void *hAppHandle,
SGD_KEYCONTAINERINFO_ENUMLIST *keyContainerInfo);
int SAF_EnumCertificatesFree(
void *hAppHandle,
SGD_USR_CERT_ENUMLIST *usrCerts);
int SAF_EnumKeyContainerInfoFree(
void *hAppHandle,
SGD_KEYCONTAINERINFO_ENUMLIST *keyContainerInfo);
int SAF_Base64_Encode(
unsigned char *pucInData,
unsigned int puiInDataLen,
unsigned char *pucOutData,
unsigned int *puiOutDataLen);
int SAF_Base64_Decode(
unsigned char *pucInData,
unsigned int puiInDataLen,
unsigned char *pucOutData,
unsigned int *puiOutDataLen);
int SAF_Base64_CreateBase64Obj(
void **phBase64Obj);
int SAF_Base64_DestroyBase64Obj(
void *hBase64Obj);
int SAF_Base64_EncodeUpdate(
void *hBase64Obj,
unsigned char *pucInData,
unsigned int puiInDataLen,
unsigned char *pucOutData,
unsigned int *puiOutDataLen);
int SAF_Base64_EncodeFinal(
void *hBase64Obj,
unsigned char *pucOutData,
unsigned int *puiOutDataLen);
int SAF_Base64_DecodeUpdate(
void *hBase64Obj,
unsigned char *pucInData,
unsigned int puiInDataLen,
unsigned char *pucOutData,
unsigned int *puiOutDataLen);
int SAF_Base64_DecodeFinal(
void *hBase64Obj,
unsigned char *pucOutData,
unsigned int *puiOutDataLen);
int SAF_GenRandom(
unsigned int uiRandLen,
unsigned char *pucRand);
int SAF_Hash(
unsigned int uiAlgoType,
unsigned char *pucInData,
unsigned int uiInDataLen,
unsigned char *pucPublicKey,
unsigned int uiPublicKeyLen,
unsigned char *pubID,
unsigned int ulIDLen,
unsigned char *pucOutData,
unsigned int *puiOutDataLen);
int SAF_CreateHashObj(void **phHashObj,
unsigned int uiAlgoType,
unsigned char *pucPublicKey,
unsigned int uiPublicKeyLen,
unsigned char *pucID,
unsigned int ulIDLen);
int SAF_DestroyHashObj(
void *phHashObj);
int SAF_HashUpdate(
void *phHashObj,
const unsigned char *pucInData,
unsigned int uiInDataLen);
int SAF_HashFinal(
void *phHashObj,
unsigned char *pucOutData,
unsigned int *uiOutDataLen);
int SAF_GenRsaKeyPair(
void *hAppHandle,
unsigned char *pucContainerName,
unsigned int uiContainerNameLen,
unsigned int uiKeyBits,
unsigned int uiKeyUsage,
unsigned int uiExportFlag);
int SAF_GetPublicKey(
void *hAppHandle,
unsigned char *pucContainerName,
unsigned int uiContainerNameLen,
unsigned int uiKeyUsage,
unsigned char *pucPublicKey,
unsigned int *puiPublicKeyLen);
int SAF_RsaSign(
void *hAppHandle,
unsigned char *pucContainerName,
unsigned int uiContainerNameLen,
unsigned int uiHashAlgoType,
unsigned char *pucInData,
unsigned int uiInDataLen,
unsigned char *pucSignature,
unsigned int *puiSignatureLen);
int SAF_RsaSignFile(
void *hAppHandle,
unsigned char *pucContainerName,
unsigned int uiContainerNameLen,
unsigned int uiHashAlgoType,
unsigned char *pucFileName,
unsigned char *pucSignature,
unsigned int *puiSignatureLen);
int SAF_RsaVerifySign(
unsigned int uiHashAlgoType,
unsigned char *pucPublicKey,
unsigned int uiPublicKeyLen,
unsigned char *pucInData,
unsigned int uiInDataLen,
unsigned char *pucSignature,
unsigned int uiSignatureLen);
int SAF_RsaVerifySignFile(
unsigned int uiHashAlgoType,
unsigned char *pucPublicKey,
unsigned int uiPublicKeyLen,
unsigned char *pucFileName,
unsigned char *pucSignature,
unsigned int uiSignatureLen);
int SAF_VerifySignByCert(
unsigned int uiHashAlgoType,
unsigned char *pucCertificate,
unsigned int uiCertificateLen,
unsigned char *pucInData,
unsigned int uiInDataLen,
unsigned char *pucSignature,
unsigned int uiSignatureLen);
int SAF_GenEccKeyPair(
void *hAppHandle,
unsigned char *pucContainerName,
unsigned int uiContainerNameLen,
unsigned int uiKeyBits,
unsigned int uiKeyUsage,
unsigned int uiExportFlag);
int SAF_GetEccPublicKey(
void *hAppHandle,
unsigned char *pucContainerName,
unsigned int uiContainerNameLen,
unsigned int uiKeyUsage,
unsigned char *pucPublicKey,
unsigned int *puiPublicKeyLen);
int SAF_EccSign(
void *hAppHandle,
unsigned char *pucContainerName,
unsigned int uiContainerNameLen,
unsigned int uiAlgorithmID,
unsigned char *pucInData,
unsigned int uiInDataLen,
unsigned char *pucSignData,
unsigned int *puiSignDataLen);
int SAF_EccVerifySign(
unsigned char *pucPublicKey,
unsigned int uiPublicKeyLen,
unsigned int uiAlgorithmID,
unsigned char *pucInData,
unsigned int uiInDataLen,
unsigned char *pucSignData,
unsigned int uiSignDataLen);
int SAF_EccPublicKeyEnc(
unsigned char *pucPublicKey,
unsigned int uiPublicKeyLen,
unsigned int uiAlgorithmID,
unsigned char *pucInData,
unsigned int uiInDataLen,
unsigned char *pucOutData,
unsigned int *puiOutDataLen);
int SAF_EccPublicKeyEncByCert(
unsigned char *pucCertificate,
unsigned int uiCertificateLen,
unsigned int uiAlgorithmID,
unsigned char *pucInData,
unsigned int uiInDataLen,
unsigned char *pucOutData,
unsigned int *puiOutDataLen);
int SAF_EccVerifySignByCert(
unsigned int uiAlgorithmID,
unsigned char *pucCertificate,
unsigned int uiCertificateLen,
unsigned char *pucInData,
unsigned int uiInDataLen,
unsigned char *pucSignData,
unsigned int uiSignDataLen);
int SAF_CreateSymmKeyObj(
void *hAppHandle,
void **phSymmKeyObj,
unsigned char *pucContainerName,
unsigned int uiContainerLen,
unsigned char *pucIV,
unsigned int uiIVLen,
unsigned int uiEncOrDec,
unsigned int uiCryptoAlgID);
int SAF_GenerateKeyWithEPK(
void *hSymmKeyObj,
unsigned char *pucPublicKey,
unsigned int uiPublicKeyLen,
unsigned char *pucSymmKey,
unsigned int uiSymmKeyLen,
void **phKeyHandle);
int SAF_ImportEncedKey(
void *hSymmKeyObj,
unsigned char *pucSymmKey,
unsigned int uiSymmKeyLen,
void **phKeyHandle);
int SAF_GenerateAgreementDataWithECC(
void *hSymmKeyObj,
unsigned char *pucContainerName,
unsigned int uiContainerNameLen,
unsigned int uiKeyBits,
unsigned char *pucSponsorID,
unsigned int uiSponsorIDLength,
unsigned char *pucSponsorPublicKey,
unsigned int *puiSponsorPublicKeyLen,
unsigned char *pucSponsorTmpPublicKey,
unsigned int *puiSponsorTmpPublicKeyLen,
void **phAgreementHandle);
int SAF_GenerateKeyWithECC(
void *phAgreementHandle,
unsigned char *pucResponseID,
unsigned int uiResponseIDLength,
unsigned char *pucResponsePublicKey,
unsigned int uiResponsePublicKeyLen,
unsigned char *pucResponseTmpPublicKey,
unsigned int uiResponseTmpPublicKeyLen,
void **phKeyHandle);
int SAF_GenerateAgreementDataAdnKeyWithECC(
void *hSymmKeyObj,
unsigned char *pucContainerName,
unsigned int uiContainerNameLen,
unsigned int uiKeyBits,
unsigned char *pucResponseID,
unsigned int uiResponseIDLength,
unsigned char *pucSponsorID,
unsigned int uiSponsorIDLength,
unsigned char *pucSponsorPublicKey,
unsigned int *puiSponsorPublicKeyLen,
unsigned char *pucSponsorTmpPublicKey,
unsigned int *puiSponsorTmpPublicKeyLen,
unsigned char *pucResponsePublicKey,
unsigned int uiResponsePublicKeyLen,
unsigned char *pucResponseTmpPublicKey,
unsigned int uiResponseTmpPublicKeyLen,
void **phKeyHandle);
int SAF_DestroySymmAlgoObj(
void *hSymmKeyObj);
int SAF_DestroyKeyHandle(
void *hKeyHandle);
int SAF_SymmEncrypt(
void *hKeyHandle,
const unsigned char *pucInData,
unsigned int uiInDataLen,
unsigned char *pucOutData,
unsigned int *puiOutDataLen);
int SAF_SymmEncryptUpdate(
void *hKeyHandle,
const unsigned char *pucInData,
unsigned int uiInDataLen,
unsigned char *pucOutData,
unsigned int *puiOutDataLen);
int SAF_SymmEncryptFinal(
void *hKeyHandle,
unsigned char *pucOutData,
unsigned int *puiOutDataLen);
int SAF_SymmDecrypt(
void *hKeyHandle,
unsigned char *pucInData,
unsigned int uiInDataLen,
unsigned char *pucOutData,
unsigned int *puiOutDataLen);
int SAF_SymmDecryptUpdate(
void *hKeyHandle,
unsigned char *pucInData,
unsigned int uiInDataLen,
unsigned char *pucOutData,
unsigned int *puiOutDataLen);
int SAF_SymmDecryptFinal(
void *hKeyHandle,
unsigned char *pucOutData,
unsigned int *puiOutDataLen);
int SAF_Mac(
void *hKeyHandle,
const unsigned char *pucInData,
unsigned int uiInDataLen,
unsigned char *pucOutData,
unsigned int *puiOutDataLen);
int SAF_MacUpdate(
void *hKeyHandle,
const unsigned char *pucInData,
unsigned int uiInDataLen);
int SAF_MacFinal(
void *hKeyHandle,
unsigned char *pucOutData,
unsigned int *puiOutDataLen);
int SAF_Pkcs7_EncodeData(
void *hAppHandle,
unsigned char *pucSignContainerName,
unsigned int uiSignContainerNameLen,
unsigned int uiSignKeyUsage,
unsigned char *pucSignerCertificate,
unsigned int uiSignerCertificateLen,
unsigned int uiDigestAlgorithm,
unsigned char *pucEncCertificate,
unsigned int uiEncCertificateLen,
unsigned char *pucData,
unsigned int uiDataLen,
unsigned char *pucDerP7Data,
unsigned int *puiDerP7DataLen);
int SAF_Pkcs7_DecodeData(
void *hAppHandle);
int SAF_Pkcs7_EncodeSignedData(
void *hAppHandle,
unsigned char *pucSignContainerName,
unsigned int uiSignContainerNameLen,
unsigned int uiSignKeyUsage,
unsigned char *pucSignerCertificate,
unsigned int uiSignerCertificateLen,
unsigned int uiDigestAlgorithm,
unsigned char *pucData,
unsigned int uiDataLen,
unsigned char *pucDerP7Data,
unsigned int *puiDerP7DataLen);
int SAF_Pkcs7_DecodeSignedData(
void *hAppHandle,
unsigned char *pucDerP7SignedData,
unsigned int uiDerP7SignedDataLen,
unsigned char *pucSignerCertificate,
unsigned int uiSignerCertificateLen,
unsigned int uiDigestAlgorithm,
unsigned char *pucData,
unsigned int uiDataLen,
unsigned char *pucSign,
unsigned int *puiSignLen);
int SAF_Pkcs7_EncodeEnvelopedData(
void *hAppHandle,
unsigned char *pucData,
unsigned int uiDataLen,
unsigned char *pucEncCertificate,
unsigned int uiEncCertificateLen,
unsigned int uiSymmAlgorithm,
unsigned char *pucDerP7EnvelopedData,
unsigned int *puiDerP7EnvelopedDataLen);
int SAF_Pkcs7_DecodeEnvelopedData(
void *hAppHandle,
unsigned char *pucDecContainerName,
unsigned int uiDecContainerNameLen,
unsigned int uiDecKeyUsage,
unsigned char *pucDerP7EnvelopedData,
unsigned int uiDerP7EnvelopedDataLen,
unsigned char *pucData,
unsigned int *puiDataLen);
int SAF_Pkcs7_EncodeDigestedData(
void *hAppHandle,
unsigned int uiDigestAlgorithm,
unsigned char *pucData,
unsigned int uiDataLen,
unsigned char *pucDerP7DigestedData,
unsigned int *puiDerP7DigestedDataLen);
int SAF_Pkcs7_DecodeDigestedData(
void *hAppHandle,
unsigned int uiDigestAlgorithm,
unsigned char *pucDerP7DigestedData,
unsigned int uiDerP7DigestedDataLen,
unsigned char *pucData,
unsigned int uiDataLen,
unsigned char *pucDigest,
unsigned int *puiDigestLen);
int SAF_SM2_EncodeSignedAndEnvelopedData(
void *hAppHandle,
unsigned char *pucSignContainerName,
unsigned int uiSignContainerNameLen,
unsigned int uiSignKeyUsage,
unsigned char *pucSignerCertificate,
unsigned int uiSignerCertificateLen,
unsigned int uiDigestAlgorithm,
unsigned char *pucEncCertificate,
unsigned int uiEncCertificateLen,
unsigned int uiSymmAlgorithm,
unsigned char *pucData,
unsigned int uiDataLen,
unsigned char *pucDerSignedAndEnvelopedData,
unsigned int *puiDerSignedAndEnvelopedDataLen);
int SAF_SM2_DecodeSignedAndEnvelopedData(
void *hAppHandle,
unsigned char *pucDerContainerName,
unsigned int uiDerContainerNameLen,
unsigned int uiDecKeyUsage,
unsigned char *pucDerSignedAndEnvelopedData,
unsigned int uiDerSignedAndEnvelopedDataLen,
unsigned char *pucData,
unsigned int *puiDataLen,
unsigned char *pucSignerCertificate,
unsigned int *puiSignerCertificateLen,
unsigned int *puiDigestAlgorithms);
int SAF_SM2_EncodeSignedData(
void *hAppHandle,
unsigned char *pucSignContainerName,
unsigned int uiSignContainerNameLen,
unsigned int uiSignKeyUsage,
unsigned char *pucSignerCertificate,
unsigned int uiSignerCertificateLen,
unsigned int uiDigestAlgorithm,
unsigned char *pucData,
unsigned int uiDataLen,
unsigned char *pucDerSignedData,
unsigned int *puiDerSignedDataLen);
int SAF_SM2_DecodeSignedData(
void *hAppHandle,
unsigned char *pucDerSignedData,
unsigned int uiDerSignedDataLen,
unsigned char *pucSignerCertificate,
unsigned int uiSignerCertificateLen,
unsigned int uiDigestAlgorithm,
unsigned char *pucData,
unsigned int uiDataLen,
unsigned char *pucSign,
unsigned int *puiSignLen);
int SAF_SM2_EncodeEnvelopedData(
void *hAppHandle,
unsigned char *pucData,
unsigned int uiDataLen,
unsigned char *pucEncCertificate,
unsigned int uiEncCertificateLen,
unsigned int uiSymmAlgorithm,
unsigned char *pucDerEnvelopedData,
unsigned int *puiDerEnvelopedDataLen);
int SAF_SM2_DecodeEnvelopedData(
void *hAppHandle,
unsigned char *pucDecContainerName,
unsigned int uiDecContainerNameLen,
unsigned int uiDecKeyUsage,
unsigned char *pucDerEnvelopedData,
unsigned int uiDerEnvelopedDataLen,
unsigned char *pucData,
unsigned int *puiDataLen);
#define SAR_Ok 0x00000000
#define SAR_UnknownErr 0x02000001
#define SAR_NotSupportYetErr 0x02000002
#define SAR_FileErr 0x02000003
#define SAR_ProviderTypeErr 0x02000004
#define SAR_LoadProviderErr 0x02000005
#define SAR_LoadDevMngApiErr 0x02000006
#define SAR_AlgoTypeErr 0x02000007
#define SAR_NameLenErr 0x02000008
#define SAR_KeyUsageErr 0x02000009
#define SAR_ModulusLenErr 0x02000010
#define SAR_NotInitializeErr 0x02000011
#define SAR_ObjErr 0x02000012
#define SAR_MemoryErr 0x02000100
#define SAR_TimeoutErr 0x02000101
#define SAR_IndataLenErr 0x02000200
#define SAR_IndataErr 0x02000201
#define SAR_GenRandErr 0x02000300
#define SAR_HashObjErr 0x02000301
#define SAR_HashErr 0x02000302
#define SAR_GenRsaKeyErr 0x02000303
#define SAR_RsaModulusLenErr 0x02000304
#define SAR_CspImportPubKeyErr 0x02000305
#define SAR_RsaEncErr 0x02000306
#define SAR_RsaDecErr 0x02000307
#define SAR_HashNotEqualErr 0x02000308
#define SAR_KeyNotFoundErr 0x02000309
#define SAR_CertNotFoundErr 0x02000310
#define SAR_NotExportErr 0x02000311
#define SAR_CertRevokedErr 0x02000316
#define SAR_CertNotYetValidErr 0x02000317
#define SAR_CerthashExpiredErr 0x02000318
#define SAR_CertVerifyErr 0x02000319
#define SAR_CertEncodeErr 0x02000320
#define SAR_DecryptPadErr 0x02000400
#define SAR_MacLenErr 0x02000401
#define SAR_KeyInfoTypeErr 0x02000402
#define SAR_NotLogin 0x02000403
#ifdef __cplusplus
}
#endif
#endif

505
include/openssl/sdf.h Normal file
View File

@@ -0,0 +1,505 @@
/* ====================================================================
* Copyright (c) 2016 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*/
/*
* SDF API is a cryptographic API for PCI-E cards defined in standard
* GM/T 0018-2012: Interface Specifications of Cryptography Device Application
*
* Note: this header file follows the specification of GM/T 0018-2012. As we
* know, some vendors provide header files with some differences, especially
* the definations of data structures. So be sure to check the file provided by
* vendors and compare with this one.
*
* The implementations of SDF API from different vendors might have different
* behaviors on the same function. The comments in this file will show
* information and warnings on these issues. If the application developer use
* the GmSSL implementation, see `crypto/gmapi/sdf_lcl.h` for more information.
*/
#ifndef HEADER_SDF_H
#define HEADER_SDF_H
#include <stdio.h>
#include <openssl/sgd.h>
#ifdef __cplusplus
extern "C" {
#endif
typedef struct DeviceInfo_st{
unsigned char IssuerName[40];
unsigned char DeviceName[16];
unsigned char DeviceSerial[16]; /* 8-char date +
* 3-char batch num +
* 5-char serial num
*/
unsigned int DeviceVersion;
unsigned int StandardVersion;
unsigned int AsymAlgAbility[2]; /* AsymAlgAbility[0] = algors
* AsymAlgAbility[1] = modulus lens
*/
unsigned int SymAlgAbility;
unsigned int HashAlgAbility;
unsigned int BufferSize;
} DEVICEINFO;
#define RSAref_MAX_BITS 2048
#define RSAref_MAX_LEN ((RSAref_MAX_BITS + 7) / 8)
#define RSAref_MAX_PBITS ((RSAref_MAX_BITS + 1) / 2)
#define RSAref_MAX_PLEN ((RSAref_MAX_PBITS + 7)/ 8)
typedef struct RSArefPublicKey_st {
unsigned int bits;
unsigned char m[RSAref_MAX_LEN];
unsigned char e[RSAref_MAX_LEN];
} RSArefPublicKey;
typedef struct RSArefPrivateKey_st {
unsigned int bits;
unsigned char m[RSAref_MAX_LEN];
unsigned char e[RSAref_MAX_LEN];
unsigned char d[RSAref_MAX_LEN];
unsigned char prime[2][RSAref_MAX_PLEN];
unsigned char pexp[2][RSAref_MAX_PLEN];
unsigned char coef[RSAref_MAX_PLEN];
} RSArefPrivateKey;
#define ECCref_MAX_BITS 512
#define ECCref_MAX_LEN ((ECCref_MAX_BITS+7) / 8)
typedef struct ECCrefPublicKey_st {
unsigned int bits;
unsigned char x[ECCref_MAX_LEN];
unsigned char y[ECCref_MAX_LEN];
} ECCrefPublicKey;
typedef struct ECCrefPrivateKey_st {
unsigned int bits;
unsigned char K[ECCref_MAX_LEN];
} ECCrefPrivateKey;
typedef struct ECCCipher_st {
unsigned char x[ECCref_MAX_LEN];
unsigned char y[ECCref_MAX_LEN];
/*
* In SM2 ciphertext the `M` is the hash result of the plaintext
* with generated Diffie-Hellman keys, so the length should be the
* digest length, for SM3 it is 256-bit which is equal to the max
* elliptic curve key length (256-bit).
*/
unsigned char M[32];
/* length of ciphertext `C` */
unsigned int L;
unsigned char C[1];
} ECCCipher;
typedef struct ECCSignature_st {
unsigned char r[ECCref_MAX_LEN];
unsigned char s[ECCref_MAX_LEN];
} ECCSignature;
/* ENVELOPEDKEYBLOB is not used in this API, and it requires the
* ECCCIPHERBLOB and ECCPUBLICKEYBLOB defined in SKF API
*/
#if 0
typedef struct SDF_ENVELOPEDKEYBLOB {
unsigned long Version;
unsigned long ulSymmAlgID;
ECCCIPHERBLOB ECCCipehrBlob;
ECCPUBLICKEYBLOB PubKey;
unsigned char cbEncryptedPrivKey[64];
} ENVELOPEDKEYBLOB, *PENVELOPEDKEYBLOB;
#endif
int SDF_OpenDevice(
void **phDeviceHandle);
int SDF_CloseDevice(
void *hDeviceHandle);
int SDF_OpenSession(
void *hDeviceHandle,
void **phSessionHandle);
int SDF_CloseSession(
void *hSessionHandle);
int SDF_GetDeviceInfo(
void *hSessionHandle,
DEVICEINFO *pstDeviceInfo);
int SDF_GenerateRandom(
void *hSessionHandle,
unsigned int uiLength,
unsigned char *pucRandom);
int SDF_GetPrivateKeyAccessRight(
void *hSessionHandle,
unsigned int uiKeyIndex,
unsigned char *pucPassword,
unsigned int uiPwdLength);
int SDF_ReleasePrivateKeyAccessRight(
void *hSessionHandle,
unsigned int uiKeyIndex);
int SDF_ExportSignPublicKey_RSA(
void *hSessionHandle,
unsigned int uiKeyIndex,
RSArefPublicKey *pucPublicKey);
int SDF_ExportEncPublicKey_RSA(
void *hSessionHandle,
unsigned int uiKeyIndex,
RSArefPublicKey *pucPublicKey);
int SDF_GenerateKeyPair_RSA(
void *hSessionHandle,
unsigned int uiKeyBits,
RSArefPublicKey *pucPublicKey,
RSArefPrivateKey *pucPrivateKey);
int SDF_GenerateKeyWithIPK_RSA(
void *hSessionHandle,
unsigned int uiIPKIndex,
unsigned int uiKeyBits,
unsigned char *pucKey,
unsigned int *puiKeyLength,
void **phKeyHandle);
int SDF_GenerateKeyWithEPK_RSA(
void *hSessionHandle,
unsigned int uiKeyBits,
RSArefPublicKey *pucPublicKey,
unsigned char *pucKey,
unsigned int *puiKeyLength,
void **phKeyHandle);
int SDF_ImportKeyWithISK_RSA(
void *hSessionHandle,
unsigned int uiISKIndex,
unsigned char *pucKey,
unsigned int uiKeyLength,
void **phKeyHandle);
int SDF_ExchangeDigitEnvelopeBaseOnRSA(
void *hSessionHandle,
unsigned int uiKeyIndex,
RSArefPublicKey *pucPublicKey,
unsigned char *pucDEInput,
unsigned int uiDELength,
unsigned char *pucDEOutput,
unsigned int *puiDELength);
int SDF_ExportSignPublicKey_ECC(
void *hSessionHandle,
unsigned int uiKeyIndex,
ECCrefPublicKey *pucPublicKey);
int SDF_ExportEncPublicKey_ECC(
void *hSessionHandle,
unsigned int uiKeyIndex,
ECCrefPublicKey *pucPublicKey);
int SDF_GenerateKeyPair_ECC(
void *hSessionHandle,
unsigned int uiAlgID,
unsigned int uiKeyBits,
ECCrefPublicKey *pucPublicKey,
ECCrefPrivateKey *pucPrivateKey);
int SDF_GenerateKeyWithIPK_ECC(
void *hSessionHandle,
unsigned int uiIPKIndex,
unsigned int uiKeyBits,
ECCCipher *pucKey,
void **phKeyHandle);
int SDF_GenerateKeyWithEPK_ECC(
void *hSessionHandle,
unsigned int uiKeyBits,
unsigned int uiAlgID,
ECCrefPublicKey *pucPublicKey,
ECCCipher *pucKey,
void **phKeyHandle);
int SDF_ImportKeyWithISK_ECC(
void *hSessionHandle,
unsigned int uiISKIndex,
ECCCipher *pucKey,
void **phKeyHandle);
int SDF_GenerateAgreementDataWithECC(
void *hSessionHandle,
unsigned int uiISKIndex,
unsigned int uiKeyBits,
unsigned char *pucSponsorID,
unsigned int uiSponsorIDLength,
ECCrefPublicKey *pucSponsorPublicKey,
ECCrefPublicKey *pucSponsorTmpPublicKey,
void **phAgreementHandle);
int SDF_GenerateKeyWithECC(
void *hSessionHandle,
unsigned char *pucResponseID,
unsigned int uiResponseIDLength,
ECCrefPublicKey *pucResponsePublicKey,
ECCrefPublicKey *pucResponseTmpPublicKey,
void *hAgreementHandle,
void **phKeyHandle);
int SDF_GenerateAgreementDataAndKeyWithECC(
void *hSessionHandle,
unsigned int uiISKIndex,
unsigned int uiKeyBits,
unsigned char *pucResponseID,
unsigned int uiResponseIDLength,
unsigned char *pucSponsorID,
unsigned int uiSponsorIDLength,
ECCrefPublicKey *pucSponsorPublicKey,
ECCrefPublicKey *pucSponsorTmpPublicKey,
ECCrefPublicKey *pucResponsePublicKey,
ECCrefPublicKey *pucResponseTmpPublicKey,
void **phKeyHandle);
int SDF_ExchangeDigitEnvelopeBaseOnECC(
void *hSessionHandle,
unsigned int uiKeyIndex,
unsigned int uiAlgID,
ECCrefPublicKey *pucPublicKey,
ECCCipher *pucEncDataIn,
ECCCipher *pucEncDataOut);
int SDF_GenerateKeyWithKEK(
void *hSessionHandle,
unsigned int uiKeyBits,
unsigned int uiAlgID,
unsigned int uiKEKIndex,
unsigned char *pucKey,
unsigned int *puiKeyLength,
void **phKeyHandle);
int SDF_ImportKeyWithKEK(
void *hSessionHandle,
unsigned int uiAlgID,
unsigned int uiKEKIndex,
unsigned char *pucKey,
unsigned int uiKeyLength,
void **phKeyHandle);
int SDF_DestroyKey(
void *hSessionHandle,
void *hKeyHandle);
int SDF_ExternalPublicKeyOperation_RSA(
void *hSessionHandle,
RSArefPublicKey *pucPublicKey,
unsigned char *pucDataInput,
unsigned int uiInputLength,
unsigned char *pucDataOutput,
unsigned int *puiOutputLength);
int SDF_InternalPublicKeyOperation_RSA(
void *hSessionHandle,
unsigned int uiKeyIndex,
unsigned char *pucDataInput,
unsigned int uiInputLength,
unsigned char *pucDataOutput,
unsigned int *puiOutputLength);
int SDF_InternalPrivateKeyOperation_RSA(
void *hSessionHandle,
unsigned int uiKeyIndex,
unsigned char *pucDataInput,
unsigned int uiInputLength,
unsigned char *pucDataOutput,
unsigned int *puiOutputLength);
int SDF_ExternalVerify_ECC(
void *hSessionHandle,
unsigned int uiAlgID,
ECCrefPublicKey *pucPublicKey,
unsigned char *pucDataInput,
unsigned int uiInputLength,
ECCSignature *pucSignature);
int SDF_InternalSign_ECC(
void *hSessionHandle,
unsigned int uiISKIndex,
unsigned char *pucData,
unsigned int uiDataLength,
ECCSignature *pucSignature);
int SDF_InternalVerify_ECC(
void *hSessionHandle,
unsigned int uiIPKIndex,
unsigned char *pucData,
unsigned int uiDataLength,
ECCSignature *pucSignature);
int SDF_ExternalEncrypt_ECC(
void *hSessionHandle,
unsigned int uiAlgID,
ECCrefPublicKey *pucPublicKey,
unsigned char *pucData,
unsigned int uiDataLength,
ECCCipher *pucEncData);
int SDF_Encrypt(
void *hSessionHandle,
void *hKeyHandle,
unsigned int uiAlgID,
unsigned char *pucIV,
unsigned char *pucData,
unsigned int uiDataLength,
unsigned char *pucEncData,
unsigned int *puiEncDataLength);
int SDF_Decrypt(
void *hSessionHandle,
void *hKeyHandle,
unsigned int uiAlgID,
unsigned char *pucIV,
unsigned char *pucEncData,
unsigned int uiEncDataLength,
unsigned char *pucData,
unsigned int *puiDataLength);
int SDF_CalculateMAC(
void *hSessionHandle,
void *hKeyHandle,
unsigned int uiAlgID,
unsigned char *pucIV,
unsigned char *pucData,
unsigned int uiDataLength,
unsigned char *pucMAC,
unsigned int *puiMACLength);
int SDF_HashInit(
void *hSessionHandle,
unsigned int uiAlgID,
ECCrefPublicKey *pucPublicKey,
unsigned char *pucID,
unsigned int uiIDLength);
int SDF_HashUpdate(
void *hSessionHandle,
unsigned char *pucData,
unsigned int uiDataLength);
int SDF_HashFinal(void *hSessionHandle,
unsigned char *pucHash,
unsigned int *puiHashLength);
int SDF_CreateFile(
void *hSessionHandle,
unsigned char *pucFileName,
unsigned int uiNameLen, /* max 128-byte */
unsigned int uiFileSize);
int SDF_ReadFile(
void *hSessionHandle,
unsigned char *pucFileName,
unsigned int uiNameLen,
unsigned int uiOffset,
unsigned int *puiReadLength,
unsigned char *pucBuffer);
int SDF_WriteFile(
void *hSessionHandle,
unsigned char *pucFileName,
unsigned int uiNameLen,
unsigned int uiOffset,
unsigned int uiWriteLength,
unsigned char *pucBuffer);
int SDF_DeleteFile(
void *hSessionHandle,
unsigned char *pucFileName,
unsigned int uiNameLen);
#define SDR_OK 0x0
#define SDR_BASE 0x01000000
#define SDR_UNKNOWERR (SDR_BASE + 0x00000001)
#define SDR_NOTSUPPORT (SDR_BASE + 0x00000002)
#define SDR_COMMFAIL (SDR_BASE + 0x00000003)
#define SDR_HARDFAIL (SDR_BASE + 0x00000004)
#define SDR_OPENDEVICE (SDR_BASE + 0x00000005)
#define SDR_OPENSESSION (SDR_BASE + 0x00000006)
#define SDR_PARDENY (SDR_BASE + 0x00000007)
#define SDR_KEYNOTEXIST (SDR_BASE + 0x00000008)
#define SDR_ALGNOTSUPPOT (SDR_BASE + 0x00000009)
#define SDR_ALGMODNOTSUPPORT (SDR_BASE + 0x0000000A)
#define SDR_PKOPERR (SDR_BASE + 0x0000000B)
#define SDR_SKOPERR (SDR_BASE + 0x0000000C)
#define SDR_SIGNERR (SDR_BASE + 0x0000000D)
#define SDR_VERIFYERR (SDR_BASE + 0x0000000E)
#define SDR_SYMOPERR (SDR_BASE + 0x0000000F)
#define SDR_STEPERR (SDR_BASE + 0x00000010)
#define SDR_FILESIZEERR (SDR_BASE + 0x00000011)
#define SDR_FILENOEXIST (SDR_BASE + 0x00000012)
#define SDR_FILEOFSERR (SDR_BASE + 0x00000013)
#define SDR_KEYTYPEERR (SDR_BASE + 0x00000014)
#define SDR_KEYERR (SDR_BASE + 0x00000015)
#define SDR_ENCDATAERR (SDR_BASE + 0x00000016)
#define SDR_RANDERR (SDR_BASE + 0x00000017)
#define SDR_PRKRERR (SDR_BASE + 0x00000018)
#define SDR_MACERR (SDR_BASE + 0x00000019)
#define SDR_FILEEXSITS (SDR_BASE + 0x0000001A)
#define SDR_FILEWERR (SDR_BASE + 0x0000001B)
#define SDR_NOBUFFER (SDR_BASE + 0x0000001C)
#define SDR_INARGERR (SDR_BASE + 0x0000001D)
#define SDR_OUTARGERR (SDR_BASE + 0x0000001E)
#ifdef __cplusplus
}
#endif
#endif

749
include/openssl/skf.h Normal file
View File

@@ -0,0 +1,749 @@
/* ====================================================================
* Copyright (c) 2015 - 2016 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*/
/* This header file is from the official specification with minor
* modification.
*/
#ifndef HEADER_SKF_H
#define HEADER_SKF_H
#include <openssl/sgd.h>
//FIXME: all the WIN32 types
#ifndef WIN32
typedef signed char INT8;
typedef signed short INT16;
typedef signed int INT32;
typedef unsigned char UINT8;
typedef unsigned short UINT16;
typedef unsigned int UINT32;
typedef long BOOL;
typedef UINT8 BYTE;
typedef UINT8 CHAR;
typedef INT16 SHORT;
typedef UINT16 USHORT;
typedef INT32 LONG;
typedef UINT32 ULONG;
typedef UINT32 UINT;
typedef UINT16 WORD;
typedef UINT32 DWORD;
typedef UINT32 FLAGS;
typedef CHAR * LPSTR;
typedef void * HANDLE;
#else
#ifndef _WINDEF_H
typedef signed char INT8;
typedef signed short INT16;
typedef signed int INT32;
typedef unsigned char UINT8;
typedef unsigned short UINT16;
typedef unsigned int UINT32;
typedef long BOOL;
typedef UINT8 BYTE;
typedef UINT8 CHAR;
typedef INT16 SHORT;
typedef UINT16 USHORT;
typedef INT32 LONG;
typedef UINT32 ULONG;
typedef UINT32 UINT;
typedef UINT16 WORD;
typedef UINT32 DWORD;
typedef UINT32 FLAGS;
typedef CHAR * LPSTR;
typedef void * HANDLE;
#endif
#endif
typedef HANDLE DEVHANDLE;
typedef HANDLE HAPPLICATION;
typedef HANDLE HSESSION;
typedef HANDLE HCONTAINER;
#ifndef FALSE
#define FALSE 0x00000000
#endif
#ifndef TRUE
#define TRUE 0x00000001
#endif
#ifdef WIN32
#define DEVAPI __stdcall
#else
#define DEVAPI
#endif
#ifndef ADMIN_TYPE
#define ADMIN_TYPE 0
#endif
#ifndef USER_TYPE
#define USER_TYPE 1
#endif
#define MAX_RSA_MODULUS_LEN 256
#define MAX_RSA_EXPONENT_LEN 4
#define ECC_MAX_XCOORDINATE_BITS_LEN 512
#define ECC_MAX_YCOORDINATE_BITS_LEN 512
#define ECC_MAX_MODULUS_BITS_LEN 512
#define MAX_IV_LEN 32
#define MAX_FILE_NAME_SIZE 32
#define MAX_FILE_CONTAINER_NAME_SIZE 64
#define SECURE_NEVER_ACCOUNT 0x00000000
#define SECURE_ADM_ACCOUNT 0x00000001
#define SECURE_USER_ACCOUNT 0x00000010
#define SECURE_ANYONE_ACCOUNT 0x000000FF
#ifdef __cplusplus
extern "C" {
#endif
typedef struct Struct_Version{
BYTE major;
BYTE minor;
} VERSION;
typedef struct Struct_DEVINFO {
VERSION Version;
CHAR Manufacturer[64];
CHAR Issuer[64];
CHAR Label[32];
CHAR SerialNumber[32];
VERSION HWVersion;
VERSION FirmwareVersion;
ULONG AlgSymCap;
ULONG AlgAsymCap;
ULONG AlgHashCap;
ULONG DevAuthAlgId;
ULONG TotalSpace;
ULONG FreeSpace;
ULONG MaxECCBufferSize;
ULONG MaxBufferSize;
BYTE Reserved[64];
} DEVINFO, *PDEVINFO;
typedef struct Struct_RSAPUBLICKEYBLOB {
ULONG AlgID;
ULONG BitLen;
BYTE Modulus[MAX_RSA_MODULUS_LEN];
BYTE PublicExponent[MAX_RSA_EXPONENT_LEN];
} RSAPUBLICKEYBLOB, *PRSAPUBLICKEYBLOB;
typedef struct Struct_RSAPRIVATEKEYBLOB {
ULONG AlgID;
ULONG BitLen;
BYTE Modulus[MAX_RSA_MODULUS_LEN];
BYTE PublicExponent[MAX_RSA_EXPONENT_LEN];
BYTE PrivateExponent[MAX_RSA_MODULUS_LEN];
BYTE Prime1[MAX_RSA_MODULUS_LEN/2];
BYTE Prime2[MAX_RSA_MODULUS_LEN/2];
BYTE Prime1Exponent[MAX_RSA_MODULUS_LEN/2];
BYTE Prime2Exponent[MAX_RSA_MODULUS_LEN/2];
BYTE Coefficient[MAX_RSA_MODULUS_LEN/2];
} RSAPRIVATEKEYBLOB, *PRSAPRIVATEKEYBLOB;
typedef struct Struct_ECCPUBLICKEYBLOB {
ULONG BitLen;
BYTE XCoordinate[ECC_MAX_XCOORDINATE_BITS_LEN/8];
BYTE YCoordinate[ECC_MAX_YCOORDINATE_BITS_LEN/8];
} ECCPUBLICKEYBLOB, *PECCPUBLICKEYBLOB;
typedef struct Struct_ECCPRIVATEKEYBLOB {
ULONG BitLen;
BYTE PrivateKey[ECC_MAX_MODULUS_BITS_LEN/8];
} ECCPRIVATEKEYBLOB, *PECCPRIVATEKEYBLOB;
typedef struct Struct_ECCCIPHERBLOB {
BYTE XCoordinate[ECC_MAX_XCOORDINATE_BITS_LEN/8];
BYTE YCoordinate[ECC_MAX_XCOORDINATE_BITS_LEN/8];
BYTE HASH[32];
ULONG CipherLen;
BYTE Cipher[1];
} ECCCIPHERBLOB, *PECCCIPHERBLOB;
typedef struct Struct_ECCSIGNATUREBLOB {
BYTE r[ECC_MAX_XCOORDINATE_BITS_LEN/8];
BYTE s[ECC_MAX_XCOORDINATE_BITS_LEN/8];
} ECCSIGNATUREBLOB, *PECCSIGNATUREBLOB;
typedef struct Struct_BLOCKCIPHERPARAM {
BYTE IV[MAX_IV_LEN];
ULONG IVLen;
ULONG PaddingType;
ULONG FeedBitLen;
} BLOCKCIPHERPARAM, *PBLOCKCIPHERPARAM;
typedef struct SKF_ENVELOPEDKEYBLOB {
ULONG Version;
ULONG ulSymmAlgID;
ULONG ulBits;
BYTE cbEncryptedPriKey[64];
ECCPUBLICKEYBLOB PubKey;
ECCCIPHERBLOB ECCCipherBlob;
} ENVELOPEDKEYBLOB, *PENVELOPEDKEYBLOB;
typedef struct Struct_FILEATTRIBUTE {
CHAR FileName[MAX_FILE_NAME_SIZE];
ULONG FileSize;
ULONG ReadRights;
ULONG WriteRights;
} FILEATTRIBUTE, *PFILEATTRIBUTE;
ULONG DEVAPI SKF_WaitForDevEvent(
LPSTR szDevName,
ULONG *pulDevNameLen,
ULONG *pulEvent);
ULONG DEVAPI SKF_CancelWaitForDevEvent(
void);
ULONG DEVAPI SKF_EnumDev(BOOL bPresent,
LPSTR szNameList,
ULONG *pulSize);
ULONG DEVAPI SKF_ConnectDev(
LPSTR szName,
DEVHANDLE *phDev);
ULONG DEVAPI SKF_DisConnectDev(
DEVHANDLE hDev);
ULONG DEVAPI SKF_GetDevState(
LPSTR szDevName,
ULONG *pulDevState);
ULONG DEVAPI SKF_SetLabel(
DEVHANDLE hDev,
LPSTR szLabel);
ULONG DEVAPI SKF_GetDevInfo(
DEVHANDLE hDev,
DEVINFO *pDevInfo);
ULONG DEVAPI SKF_LockDev(
DEVHANDLE hDev,
ULONG ulTimeOut);
ULONG DEVAPI SKF_UnlockDev(
DEVHANDLE hDev);
ULONG DEVAPI SKF_Transmit(
DEVHANDLE hDev,
BYTE *pbCommand,
ULONG ulCommandLen,
BYTE *pbData,
ULONG *pulDataLen);
ULONG DEVAPI SKF_ChangeDevAuthKey(
DEVHANDLE hDev,
BYTE *pbKeyValue,
ULONG ulKeyLen);
ULONG DEVAPI SKF_DevAuth(
DEVHANDLE hDev,
BYTE *pbAuthData,
ULONG ulLen);
ULONG DEVAPI SKF_ChangePIN(
HAPPLICATION hApplication,
ULONG ulPINType,
LPSTR szOldPin,
LPSTR szNewPin,
ULONG *pulRetryCount);
LONG DEVAPI SKF_GetPINInfo(
HAPPLICATION hApplication,
ULONG ulPINType,
ULONG *pulMaxRetryCount,
ULONG *pulRemainRetryCount,
BOOL *pbDefaultPin);
ULONG DEVAPI SKF_VerifyPIN(
HAPPLICATION hApplication,
ULONG ulPINType,
LPSTR szPIN,
ULONG *pulRetryCount);
ULONG DEVAPI SKF_UnblockPIN(
HAPPLICATION hApplication,
LPSTR szAdminPIN,
LPSTR szNewUserPIN,
ULONG *pulRetryCount);
ULONG DEVAPI SKF_ClearSecureState(
HAPPLICATION hApplication);
ULONG DEVAPI SKF_CreateApplication(
DEVHANDLE hDev,
LPSTR szAppName,
LPSTR szAdminPin,
DWORD dwAdminPinRetryCount,
LPSTR szUserPin,
DWORD dwUserPinRetryCount,
DWORD dwCreateFileRights,
HAPPLICATION *phApplication);
ULONG DEVAPI SKF_EnumApplication(DEVHANDLE hDev,
LPSTR szAppName,
ULONG *pulSize);
ULONG DEVAPI SKF_DeleteApplication(
DEVHANDLE hDev,
LPSTR szAppName);
ULONG DEVAPI SKF_OpenApplication(
DEVHANDLE hDev,
LPSTR szAppName,
HAPPLICATION *phApplication);
ULONG DEVAPI SKF_CloseApplication(
HAPPLICATION hApplication);
ULONG DEVAPI SKF_CreateFile(
HAPPLICATION hApplication,
LPSTR szFileName,
ULONG ulFileSize,
ULONG ulReadRights,
ULONG ulWriteRights);
ULONG DEVAPI SKF_DeleteFile(
HAPPLICATION hApplication,
LPSTR szFileName);
ULONG DEVAPI SKF_EnumFiles(
HAPPLICATION hApplication,
LPSTR szFileList,
ULONG *pulSize);
ULONG DEVAPI SKF_GetFileInfo(
HAPPLICATION hApplication,
LPSTR szFileName,
FILEATTRIBUTE *pFileInfo);
ULONG DEVAPI SKF_ReadFile(
HAPPLICATION hApplication,
LPSTR szFileName,
ULONG ulOffset,
ULONG ulSize,
BYTE *pbOutData,
ULONG *pulOutLen);
ULONG DEVAPI SKF_WriteFile(
HAPPLICATION hApplication,
LPSTR szFileName,
ULONG ulOffset,
BYTE *pbData,
ULONG ulSize);
ULONG DEVAPI SKF_CreateContainer(
HAPPLICATION hApplication,
LPSTR szContainerName,
HCONTAINER *phContainer);
ULONG DEVAPI SKF_DeleteContainer(
HAPPLICATION hApplication,
LPSTR szContainerName);
ULONG DEVAPI SKF_EnumContainer(
HAPPLICATION hApplication,
LPSTR szContainerName,
ULONG *pulSize);
ULONG DEVAPI SKF_OpenContainer(
HAPPLICATION hApplication,
LPSTR szContainerName,
HCONTAINER *phContainer);
ULONG DEVAPI SKF_CloseContainer(
HCONTAINER hContainer);
ULONG DEVAPI SKF_GetContainerType(
HCONTAINER hContainer,
ULONG *pulContainerType);
ULONG DEVAPI SKF_ImportCertificate(
HCONTAINER hContainer,
BOOL bExportSignKey,
BYTE *pbCert,
ULONG ulCertLen);
ULONG DEVAPI SKF_ExportCertificate(
HCONTAINER hContainer,
BOOL bSignFlag,
BYTE *pbCert,
ULONG *pulCertLen);
ULONG DEVAPI SKF_ExportPublicKey(
HCONTAINER hContainer,
BOOL bSignFlag,
BYTE *pbBlob,
ULONG *pulBlobLen);
ULONG DEVAPI SKF_GenRandom(
DEVHANDLE hDev,
BYTE *pbRandom,
ULONG ulRandomLen);
ULONG DEVAPI SKF_GenExtRSAKey(
DEVHANDLE hDev,
ULONG ulBitsLen,
RSAPRIVATEKEYBLOB *pBlob);
ULONG DEVAPI SKF_GenRSAKeyPair(
HCONTAINER hContainer,
ULONG ulBitsLen,
RSAPUBLICKEYBLOB *pBlob);
ULONG DEVAPI SKF_ImportRSAKeyPair(
HCONTAINER hContainer,
ULONG ulSymAlgId,
BYTE *pbWrappedKey,
ULONG ulWrappedKeyLen,
BYTE *pbEncryptedData,
ULONG ulEncryptedDataLen);
ULONG DEVAPI SKF_RSASignData(
HCONTAINER hContainer,
BYTE *pbData,
ULONG ulDataLen,
BYTE *pbSignature,
ULONG *pulSignLen);
ULONG DEVAPI SKF_RSAVerify(
DEVHANDLE hDev,
RSAPUBLICKEYBLOB *pRSAPubKeyBlob,
BYTE *pbData,
ULONG ulDataLen,
BYTE *pbSignature,
ULONG ulSignLen);
ULONG DEVAPI SKF_RSAExportSessionKey(
HCONTAINER hContainer,
ULONG ulAlgId,
RSAPUBLICKEYBLOB *pPubKey,
BYTE *pbData,
ULONG *pulDataLen,
HANDLE *phSessionKey);
ULONG DEVAPI SKF_ExtRSAPubKeyOperation(
DEVHANDLE hDev,
RSAPUBLICKEYBLOB *pRSAPubKeyBlob,
BYTE *pbInput,
ULONG ulInputLen,
BYTE *pbOutput,
ULONG *pulOutputLen);
ULONG DEVAPI SKF_ExtRSAPriKeyOperation(
DEVHANDLE hDev,
RSAPRIVATEKEYBLOB *pRSAPriKeyBlob,
BYTE *pbInput,
ULONG ulInputLen,
BYTE *pbOutput,
ULONG *pulOutputLen);
ULONG DEVAPI SKF_GenECCKeyPair(
HCONTAINER hContainer,
ULONG ulAlgId,
ECCPUBLICKEYBLOB *pBlob);
ULONG DEVAPI SKF_ImportECCKeyPair(
HCONTAINER hContainer,
ENVELOPEDKEYBLOB *pEnvelopedKeyBlob);
ULONG DEVAPI SKF_ECCSignData(
HCONTAINER hContainer,
BYTE *pbDigest,
ULONG ulDigestLen,
ECCSIGNATUREBLOB *pSignature);
ULONG DEVAPI SKF_ECCVerify(
DEVHANDLE hDev,
ECCPUBLICKEYBLOB *pECCPubKeyBlob,
BYTE *pbData,
ULONG ulDataLen,
ECCSIGNATUREBLOB *pSignature);
ULONG DEVAPI SKF_ECCExportSessionKey(
HCONTAINER hContainer,
ULONG ulAlgId,
ECCPUBLICKEYBLOB *pPubKey,
ECCCIPHERBLOB *pData,
HANDLE *phSessionKey);
ULONG DEVAPI SKF_ExtECCEncrypt(
DEVHANDLE hDev,
ECCPUBLICKEYBLOB *pECCPubKeyBlob,
BYTE *pbPlainText,
ULONG ulPlainTextLen,
ECCCIPHERBLOB *pCipherText);
ULONG DEVAPI SKF_ExtECCDecrypt(
DEVHANDLE hDev,
ECCPRIVATEKEYBLOB *pECCPriKeyBlob,
ECCCIPHERBLOB *pCipherText,
BYTE *pbPlainText,
ULONG *pulPlainTextLen);
ULONG DEVAPI SKF_ExtECCSign(
DEVHANDLE hDev,
ECCPRIVATEKEYBLOB *pECCPriKeyBlob,
BYTE *pbData,
ULONG ulDataLen,
ECCSIGNATUREBLOB *pSignature);
ULONG DEVAPI SKF_ExtECCVerify(
DEVHANDLE hDev,
ECCPUBLICKEYBLOB *pECCPubKeyBlob,
BYTE *pbData,
ULONG ulDataLen,
ECCSIGNATUREBLOB *pSignature);
ULONG DEVAPI SKF_GenerateAgreementDataWithECC(
HCONTAINER hContainer,
ULONG ulAlgId,
ECCPUBLICKEYBLOB *pTempECCPubKeyBlob,
BYTE *pbID,
ULONG ulIDLen,
HANDLE *phAgreementHandle);
ULONG DEVAPI SKF_GenerateAgreementDataAndKeyWithECC(
HANDLE hContainer,
ULONG ulAlgId,
ECCPUBLICKEYBLOB *pSponsorECCPubKeyBlob,
ECCPUBLICKEYBLOB *pSponsorTempECCPubKeyBlob,
ECCPUBLICKEYBLOB *pTempECCPubKeyBlob,
BYTE *pbID,
ULONG ulIDLen,
BYTE *pbSponsorID,
ULONG ulSponsorIDLen,
HANDLE *phKeyHandle);
ULONG DEVAPI SKF_GenerateKeyWithECC(
HANDLE hAgreementHandle,
ECCPUBLICKEYBLOB *pECCPubKeyBlob,
ECCPUBLICKEYBLOB *pTempECCPubKeyBlob,
BYTE *pbID,
ULONG ulIDLen,
HANDLE *phKeyHandle);
ULONG DEVAPI SKF_ImportSessionKey(
HCONTAINER hContainer,
ULONG ulAlgId,
BYTE *pbWrapedData,
ULONG ulWrapedLen,
HANDLE *phKey);
ULONG DEVAPI SKF_SetSymmKey(
DEVHANDLE hDev,
BYTE *pbKey,
ULONG ulAlgID,
HANDLE *phKey);
ULONG DEVAPI SKF_EncryptInit(
HANDLE hKey,
BLOCKCIPHERPARAM EncryptParam);
ULONG DEVAPI SKF_Encrypt(
HANDLE hKey,
BYTE *pbData,
ULONG ulDataLen,
BYTE *pbEncryptedData,
ULONG *pulEncryptedLen);
ULONG DEVAPI SKF_EncryptUpdate(
HANDLE hKey,
BYTE *pbData,
ULONG ulDataLen,
BYTE *pbEncryptedData,
ULONG *pulEncryptedLen);
ULONG DEVAPI SKF_EncryptFinal(
HANDLE hKey,
BYTE *pbEncryptedData,
ULONG *pulEncryptedDataLen);
ULONG DEVAPI SKF_DecryptInit(
HANDLE hKey,
BLOCKCIPHERPARAM DecryptParam);
ULONG DEVAPI SKF_Decrypt(
HANDLE hKey,
BYTE *pbEncryptedData,
ULONG ulEncryptedLen,
BYTE *pbData,
ULONG *pulDataLen);
ULONG DEVAPI SKF_DecryptUpdate(
HANDLE hKey,
BYTE *pbEncryptedData,
ULONG ulEncryptedLen,
BYTE *pbData,
ULONG *pulDataLen);
ULONG DEVAPI SKF_DecryptFinal(
HANDLE hKey,
BYTE *pbDecryptedData,
ULONG *pulDecryptedDataLen);
ULONG DEVAPI SKF_DigestInit(
DEVHANDLE hDev,
ULONG ulAlgID,
ECCPUBLICKEYBLOB *pPubKey,
BYTE *pbID,
ULONG ulIDLen,
HANDLE *phHash);
ULONG DEVAPI SKF_Digest(
HANDLE hHash,
BYTE *pbData,
ULONG ulDataLen,
BYTE *pbHashData,
ULONG *pulHashLen);
ULONG DEVAPI SKF_DigestUpdate(
HANDLE hHash,
BYTE *pbData,
ULONG ulDataLen);
ULONG DEVAPI SKF_DigestFinal(
HANDLE hHash,
BYTE *pHashData,
ULONG *pulHashLen);
ULONG DEVAPI SKF_MacInit(
HANDLE hKey,
BLOCKCIPHERPARAM *pMacParam,
HANDLE *phMac);
ULONG DEVAPI SKF_Mac(
HANDLE hMac,
BYTE *pbData,
ULONG ulDataLen,
BYTE *pbMacData,
ULONG *pulMacLen);
ULONG DEVAPI SKF_MacUpdate(
HANDLE hMac,
BYTE *pbData,
ULONG ulDataLen);
ULONG DEVAPI SKF_MacFinal(
HANDLE hMac,
BYTE *pbMacData,
ULONG *pulMacDataLen);
ULONG DEVAPI SKF_CloseHandle(
HANDLE hHandle);
#define SAR_OK 0x00000000
#define SAR_FAIL 0x0A000001
#define SAR_UNKNOWNERR 0x0A000002
#define SAR_NOTSUPPORTYETERR 0x0A000003
#define SAR_FILEERR 0x0A000004
#define SAR_INVALIDHANDLEERR 0x0A000005
#define SAR_INVALIDPARAMERR 0x0A000006
#define SAR_READFILEERR 0x0A000007
#define SAR_WRITEFILEERR 0x0A000008
#define SAR_NAMELENERR 0x0A000009
#define SAR_KEYUSAGEERR 0x0A00000A
#define SAR_MODULUSLENERR 0x0A00000B
#define SAR_NOTINITIALIZEERR 0x0A00000C
#define SAR_OBJERR 0x0A00000D
#define SAR_MEMORYERR 0x0A00000E
#define SAR_TIMEOUTERR 0x0A00000F
#define SAR_INDATALENERR 0x0A000010
#define SAR_INDATAERR 0x0A000011
#define SAR_GENRANDERR 0x0A000012
#define SAR_HASHOBJERR 0x0A000013
#define SAR_HASHERR 0x0A000014
#define SAR_GENRSAKEYERR 0x0A000015
#define SAR_RSAMODULUSLENERR 0x0A000016
#define SAR_CSPIMPRTPUBKEYERR 0x0A000017
#define SAR_RSAENCERR 0x0A000018
#define SAR_RSADECERR 0x0A000019
#define SAR_HASHNOTEQUALERR 0x0A00001A
#define SAR_KEYNOTFOUNTERR 0x0A00001B
#define SAR_CERTNOTFOUNTERR 0x0A00001C
#define SAR_NOTEXPORTERR 0x0A00001D
#define SAR_DECRYPTPADERR 0x0A00001E
#define SAR_MACLENERR 0x0A00001F
#define SAR_BUFFER_TOO_SMALL 0x0A000020
#define SAR_KEYINFOTYPEERR 0x0A000021
#define SAR_NOT_EVENTERR 0x0A000022
#define SAR_DEVICE_REMOVED 0x0A000023
#define SAR_PIN_INCORRECT 0x0A000024
#define SAR_PIN_LOCKED 0x0A000025
#define SAR_PIN_INVALID 0x0A000026
#define SAR_PIN_LEN_RANGE 0x0A000027
#define SAR_USER_ALREADY_LOGGED_IN 0x0A000028
#define SAR_USER_PIN_NOT_INITIALIZED 0x0A000029
#define SAR_USER_TYPE_INVALID 0x0A00002A
#define SAR_APPLICATION_NAME_INVALID 0x0A00002B
#define SAR_APPLICATION_EXISTS 0x0A00002C
#define SAR_USER_NOT_LOGGED_IN 0x0A00002D
#define SAR_APPLICATION_NOT_EXISTS 0x0A00002E
#define SAR_FILE_ALREADY_EXIST 0x0A00002F
#define SAR_NO_ROOM 0x0A000030
#define SAR_FILE_NOT_EXIST 0x0A000031
#ifdef __cplusplus
}
#endif
#endif

165
include/openssl/sof.h Normal file
View File

@@ -0,0 +1,165 @@
/* ====================================================================
* Copyright (c) 2016 The GmSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the GmSSL Project.
* (http://gmssl.org/)"
*
* 4. The name "GmSSL Project" must not be used to endorse or promote
* products derived from this software without prior written
* permission. For written permission, please contact
* guanzhi1980@gmail.com.
*
* 5. Products derived from this software may not be called "GmSSL"
* nor may "GmSSL" appear in their names without prior written
* permission of the GmSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the GmSSL Project
* (http://gmssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE GmSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE GmSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*/
/* GM/T 0020 */
#ifndef HEADER_SOF_H
#define HEADER_SOF_H
typedef char * BSTR;
typedef long BOOL;
#ifdef __cplusplus
extern "C" {
#endif
BSTR SOF_GetVersion(void);
long SOF_SetSignMethod(long SignMethod);
long SOF_GetSignMethod(void);
long SOF_SetEncryptMethod(long EncryptMethod);
long SOF_GetEncryptMethod(void);
BSTR SOF_GetUserList(void);
BSTR SOF_ExportUserCert(BSTR ContainerName);
BOOL SOF_Login(BSTR ContainerName, BSTR PassWd);
long SOF_GetPinRetryCount(BSTR ContainerName);
BOOL SOF_ChangePassWd(BSTR ContainerName, BSTR OldPassWd, BSTR NewPassWd);
BSTR SOF_ExportExChangeUserCert(BSTR ContainerName);
BSTR SOF_GetCertInfo(BSTR Base64EncodeCert, short Type);
BSTR SOF_GetCertInfoByOid(BSTR Base64EncodeCert, BSTR Oid);
BSTR SOF_GetDeviceInfo(BSTR ContainerName, long Type);
long SOF_ValidateCert(BSTR Base64EncodeCert);
BSTR SOF_SignData(BSTR ContainerName, BSTR InData);
BOOL SOF_VerifySignedData(BSTR Base64EncodeCert, BSTR InData, BSTR SignValue);
BSTR SOF_SignFile(BSTR ContainerName, BSTR InFile);
BOOL SOF_VerifySignedFile(BSTR Base64EncodeCert, BSTR InFile, BSTR SignValue);
BSTR SOF_EncryptData(BSTR Base64EncodeCert, BSTR InData);
BSTR SOF_DecryptData(BSTR ContainerName, BSTR InData);
BOOL SOF_EncryptFile(BSTR Base64EncodeCert, BSTR InFile, BSTR OutFile);
BOOL SOF_DecryptFile(BSTR ContainerName, BSTR InFile, BSTR OutFile);
BSTR SOF_SignMessage(short flag, BSTR ContainerName, BSTR InData);
BOOL SOF_VerifySignedMessage(BSTR MessageData, BSTR InData);
BSTR SOF_GetInfoFromSignedMessage(BSTR SignedMessage, short Type);
BSTR SOF_SignDataXML(BSTR ContainerName, BSTR InData);
BOOL SOF_VerifySignedDataXML(BSTR InData);
BSTR SOF_GetXMLSignatureInfo(BSTR XMLSignedData, short Type);
BSTR SOF_GenRandom(short RandomLen);
long SOF_GetLastError(void);
long SOF_SetCertTrustList(BSTR CTLAltName, BSTR CTLContent, short CTLContentLen);
BSTR SOF_GetCertTrustListAltNames(void);
BSTR SOF_GetCertTrustList(BSTR CTLAltName);
long SOF_DelCertTrustList(BSTR CTLAltName);
long SOF_InitCertAppPolicy(BSTR PolicyName);
BSTR SOF_GetServerCertificate(short CertUsage);
BSTR SOF_SignMessageDetach(BSTR InData);
long SOF_VerifySignedMessageDetach(BSTR InData, BSTR SignedMessage);
BSTR SOF_CreateTimeStampRequest(BSTR InData);
BSTR SOF_CreateTimeStampResponse(BSTR TimeStampRequest);
long SOF_VerifyTimeStamp(BSTR InData, BSTR tsResponseData);
BSTR SOF_GetTimeStampInfo(BSTR tsResponseData, short type);
#define SOR_OK 0x00000000
#define SOR_UnknownErr 0x0B000001
#define SOR_NotSupportYetErr 0x0B000002
#define SOR_FileErr 0x0B000003
#define SOR_ProviderTypeErr 0x0B000004
#define SOR_LoadProviderErr 0x0B000005
#define SOR_LoadDevMngApiErr 0x0B000006
#define SOR_AlgoTypeErr 0x0B000007
#define SOR_NameLenErr 0x0B000008
#define SOR_KeyUsageErr 0x0B000009
#define SOR_ModulusLenErr 0x0B000010
#define SOR_NotInitializeErr 0x0B000011
#define SOR_ObjErr 0x0B000012
#define SOR_MemoryErr 0x0B000100
#define SOR_TimeoutErr 0x0B000101
#define SOR_IndataLenErr 0x0B000200
#define SOR_IndataErr 0x0B000201
#define SOR_GenRandErr 0x0B000300
#define SOR_HashObjErr 0x0B000301
#define SOR_HashErr 0x0B000302
#define SOR_GenRsaKeyErr 0x0B000303
#define SOR_RsaModulusLenErr 0x0B000304
#define SOR_CspImprtPubKeyErr 0x0B000305
#define SOR_RsaEncErr 0x0B000306
#define SOR_RsaDecErr 0x0B000307
#define SOR_HashNotEqualErr 0x0B000308
#define SOR_KeyNotFountErr 0x0B000309
#define SOR_CertNotFountErr 0x0B000310
#define SOR_NotExportErr 0x0B000311
#define SOR_VerifyPolicyErr 0x0B000312
#define SOR_DecryptPadErr 0x0B000400
#define SOR_MacLenErr 0x0B000401
#define SOR_KeyInfoTypeErr 0x0B000402
#define SOR_NullPointerErr 0x0B000403
#define SOR_AppNotFoundErr 0x0B000404
#define SOR_CertEncodeErr 0x0B000405
#define SOR_CertInvalidErr 0x0B000406
#define SOR_CertHasExpiredErr 0x0B000407
#define SOR_CertRevokedErr 0x0B000408
#define SOR_SignDataErr 0x0B000409
#define SOR_VerifySignDataErr 0x0B000410
#define SOR_ReadFileErr 0x0B000411
#define SOR_WriteFileErr 0x0B000412
#define SOR_SecretSegmentErr 0x0B000413
#define SOR_SecretRecoverErr 0x0B000414
#define SOR_EncryptDataErr 0x0B000415
#define SOR_DecryptDataErr 0x0B000416
#define SOR_PKCS7EncodeErr 0x0B000417
#define SOR_XMLEncodeErr 0x0B000418
#define SOR_ParameterNotSupportErr 0x0B000419
#define SOR_CTLNotFound 0x0B000420
#define SOR_AppNotFound 0x0B000421
#ifdef __cplusplus
}
#endif
#endif