/*
- * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
extern "C" {
# endif
+/* Well known parameter names that core passes to providers */
+#define OSSL_PROV_PARAM_CORE_VERSION "openssl-version" /* utf8_ptr */
+#define OSSL_PROV_PARAM_CORE_PROV_NAME "provider-name" /* utf8_ptr */
+#define OSSL_PROV_PARAM_CORE_MODULE_FILENAME "module-filename" /* utf8_ptr */
+
/* Well known parameter names that Providers can define */
#define OSSL_PROV_PARAM_NAME "name" /* utf8_string */
#define OSSL_PROV_PARAM_VERSION "version" /* utf8_string */
#define OSSL_PROV_PARAM_BUILDINFO "buildinfo" /* utf8_string */
-#define OSSL_PROV_PARAM_MODULE_FILENAME "module-filename" /* octet_string */
/* Self test callback parameters */
#define OSSL_PROV_PARAM_SELF_TEST_PHASE "st-phase" /* utf8_string */
* Algorithm parameters
* If "engine" or "properties" are specified, they should always be paired
* with the algorithm type.
+ * Note these are common names that are shared by many types (such as kdf, mac,
+ * and pkey) e.g: see OSSL_MAC_PARAM_DIGEST below.
*/
#define OSSL_ALG_PARAM_DIGEST "digest" /* utf8_string */
#define OSSL_ALG_PARAM_CIPHER "cipher" /* utf8_string */
#define OSSL_DIGEST_NAME_SHA2_256 "SHA2-256"
#define OSSL_DIGEST_NAME_SHA2_384 "SHA2-384"
#define OSSL_DIGEST_NAME_SHA2_512 "SHA2-512"
+#define OSSL_DIGEST_NAME_SHA2_512_224 "SHA2-512/224"
+#define OSSL_DIGEST_NAME_SHA2_512_256 "SHA2-512/256"
#define OSSL_DIGEST_NAME_MD2 "MD2"
#define OSSL_DIGEST_NAME_MD4 "MD4"
#define OSSL_DIGEST_NAME_MDC2 "MDC2"
#define OSSL_MAC_PARAM_PROPERTIES OSSL_ALG_PARAM_PROPERTIES /* utf8 string */
#define OSSL_MAC_PARAM_SIZE "size" /* size_t */
-/* Known MAC names (not a complete list) */
+/* Known MAC names */
+#define OSSL_MAC_NAME_BLAKE2BMAC "BLAKE2BMAC"
+#define OSSL_MAC_NAME_BLAKE2SMAC "BLAKE2SMAC"
#define OSSL_MAC_NAME_CMAC "CMAC"
+#define OSSL_MAC_NAME_GMAC "GMAC"
#define OSSL_MAC_NAME_HMAC "HMAC"
#define OSSL_MAC_NAME_KMAC128 "KMAC128"
#define OSSL_MAC_NAME_KMAC256 "KMAC256"
+#define OSSL_MAC_NAME_POLY1305 "POLY1305"
+#define OSSL_MAC_NAME_SIPHASH "SIPHASH"
/* KDF / PRF parameters */
#define OSSL_KDF_PARAM_SECRET "secret" /* octet string */
#define OSSL_KDF_NAME_KBKDF "KBKDF"
#define OSSL_KDF_NAME_KRB5KDF "KRB5KDF"
+/* Know RAND names */
+#define OSSL_RAND_PARAM_STATUS "status"
+#define OSSL_RAND_PARAM_STRENGTH "strength"
+#define OSSL_RAND_PARAM_RESEED_REQUESTS "reseed_requests"
+#define OSSL_RAND_PARAM_RESEED_TIME_INTERVAL "reseed_time_interval"
+#define OSSL_RAND_PARAM_MAX_REQUEST "max_request"
+#define OSSL_RAND_PARAM_MIN_ENTROPYLEN "min_entropylen"
+#define OSSL_RAND_PARAM_MAX_ENTROPYLEN "max_entropylen"
+#define OSSL_RAND_PARAM_MIN_NONCELEN "min_noncelen"
+#define OSSL_RAND_PARAM_MAX_NONCELEN "max_noncelen"
+#define OSSL_RAND_PARAM_MAX_PERSLEN "max_perslen"
+#define OSSL_RAND_PARAM_MAX_ADINLEN "max_adinlen"
+#define OSSL_RAND_PARAM_RESEED_CTR "reseed_counter"
+#define OSSL_RAND_PARAM_RESEED_PROP_CTR "reseed_prop_counter"
+#define OSSL_RAND_PARAM_PROPERTIES OSSL_ALG_PARAM_PROPERTIES
+#define OSSL_RAND_PARAM_DIGEST OSSL_ALG_PARAM_DIGEST
+#define OSSL_RAND_PARAM_CIPHER OSSL_ALG_PARAM_CIPHER
+#define OSSL_RAND_PARAM_TEST_ENTROPY "test_entropy"
+#define OSSL_RAND_PARAM_TEST_NONCE "test_nonce"
+
/* PKEY parameters */
/* Common PKEY parameters */
#define OSSL_PKEY_PARAM_BITS "bits" /* integer */
#define OSSL_PKEY_PARAM_DEFAULT_DIGEST "default-digest" /* utf8 string */
#define OSSL_PKEY_PARAM_MANDATORY_DIGEST "mandatory-digest" /* utf8 string */
#define OSSL_PKEY_PARAM_PAD_MODE "pad-mode"
-#define OSSL_PKEY_PARAM_DIGEST OSSL_ALG_PARAM_DIGEST
-#define OSSL_PKEY_PARAM_PROPERTIES OSSL_ALG_PARAM_PROPERTIES
#define OSSL_PKEY_PARAM_DIGEST_SIZE "digest-size"
+#define OSSL_PKEY_PARAM_MASKGENFUNC "mgf"
#define OSSL_PKEY_PARAM_MGF1_DIGEST "mgf1-digest"
#define OSSL_PKEY_PARAM_MGF1_PROPERTIES "mgf1-properties"
+#define OSSL_PKEY_PARAM_TLS_ENCODED_PT "tls-encoded-pt"
+#define OSSL_PKEY_PARAM_GROUP_NAME "group"
/* Diffie-Hellman/DSA public/private key */
#define OSSL_PKEY_PARAM_PUB_KEY "pub"
#define OSSL_PKEY_PARAM_PRIV_KEY "priv"
/* Diffie-Hellman/DSA Parameters */
-#define OSSL_PKEY_PARAM_FFC_P "p"
-#define OSSL_PKEY_PARAM_FFC_G "g"
-#define OSSL_PKEY_PARAM_FFC_Q "q"
-#define OSSL_PKEY_PARAM_FFC_GINDEX "gindex"
-#define OSSL_PKEY_PARAM_FFC_PCOUNTER "pcounter"
-#define OSSL_PKEY_PARAM_FFC_SEED "seed"
-#define OSSL_PKEY_PARAM_FFC_COFACTOR "j"
-#define OSSL_PKEY_PARAM_FFC_H "hindex"
-#define OSSL_PKEY_PARAM_FFC_GROUP "group"
-
-#define OSSL_PKEY_PARAM_FFC_GINDEX "gindex"
-#define OSSL_PKEY_PARAM_FFC_PCOUNTER "pcounter"
-#define OSSL_PKEY_PARAM_FFC_SEED "seed"
-#define OSSL_PKEY_PARAM_FFC_COFACTOR "j"
-#define OSSL_PKEY_PARAM_FFC_H "hindex"
+#define OSSL_PKEY_PARAM_FFC_P "p"
+#define OSSL_PKEY_PARAM_FFC_G "g"
+#define OSSL_PKEY_PARAM_FFC_Q "q"
+#define OSSL_PKEY_PARAM_FFC_GINDEX "gindex"
+#define OSSL_PKEY_PARAM_FFC_PCOUNTER "pcounter"
+#define OSSL_PKEY_PARAM_FFC_SEED "seed"
+#define OSSL_PKEY_PARAM_FFC_COFACTOR "j"
+#define OSSL_PKEY_PARAM_FFC_H "hindex"
+#define OSSL_PKEY_PARAM_FFC_VALIDATE_TYPE "valid-type"
+
+/* Diffie-Hellman/DSA Parameters parameter validation types */
+#define OSSL_FFC_PARAM_VALIDATE_PQ "validate-pq"
+#define OSSL_FFC_PARAM_VALIDATE_G "validate-g"
+#define OSSL_FFC_PARAM_VALIDATE_PQG "validate-pqg"
/* Diffie-Hellman params */
-#define OSSL_PKEY_PARAM_FFC_GROUP "group"
-#define OSSL_PKEY_PARAM_FFC_GENERATOR "safeprime-generator"
-#define OSSL_PKEY_PARAM_DH_PRIV_LEN "priv_len"
+#define OSSL_PKEY_PARAM_DH_GENERATOR "safeprime-generator"
+#define OSSL_PKEY_PARAM_DH_PRIV_LEN "priv_len"
/* Elliptic Curve Domain Parameters */
-#define OSSL_PKEY_PARAM_EC_NAME "curve-name"
+#define OSSL_PKEY_PARAM_EC_PUB_X "qx"
+#define OSSL_PKEY_PARAM_EC_PUB_Y "qy"
/* Elliptic Curve Key Parameters */
#define OSSL_PKEY_PARAM_USE_COFACTOR_FLAG "use-cofactor-flag"
#define OSSL_PKEY_PARAM_RSA_COEFFICIENT8 OSSL_PKEY_PARAM_RSA_COEFFICIENT"8"
#define OSSL_PKEY_PARAM_RSA_COEFFICIENT9 OSSL_PKEY_PARAM_RSA_COEFFICIENT"9"
+/* RSA padding modes */
+#define OSSL_PKEY_RSA_PAD_MODE_NONE "none"
+#define OSSL_PKEY_RSA_PAD_MODE_PKCSV15 "pkcs1"
+#define OSSL_PKEY_RSA_PAD_MODE_SSLV23 "sslv23"
+#define OSSL_PKEY_RSA_PAD_MODE_OAEP "oaep"
+#define OSSL_PKEY_RSA_PAD_MODE_X931 "x931"
+#define OSSL_PKEY_RSA_PAD_MODE_PSS "pss"
+
+/* RSA pss padding salt length */
+#define OSSL_PKEY_RSA_PSS_SALT_LEN_DIGEST "digest"
+#define OSSL_PKEY_RSA_PSS_SALT_LEN_MAX "max"
+#define OSSL_PKEY_RSA_PSS_SALT_LEN_AUTO "auto"
/* Key generation parameters */
-#define OSSL_PKEY_PARAM_RSA_BITS OSSL_PKEY_PARAM_BITS
-#define OSSL_PKEY_PARAM_RSA_PRIMES "primes"
+#define OSSL_PKEY_PARAM_RSA_BITS OSSL_PKEY_PARAM_BITS
+#define OSSL_PKEY_PARAM_RSA_PRIMES "primes"
+#define OSSL_PKEY_PARAM_RSA_DIGEST OSSL_PKEY_PARAM_DIGEST
+#define OSSL_PKEY_PARAM_RSA_MASKGENFUNC OSSL_PKEY_PARAM_MASKGENFUNC
+#define OSSL_PKEY_PARAM_RSA_MGF1_DIGEST OSSL_PKEY_PARAM_MGF1_DIGEST
+#define OSSL_PKEY_PARAM_RSA_PSS_SALTLEN "saltlen"
/* Key generation parameters */
#define OSSL_PKEY_PARAM_FFC_TYPE "type"
#define OSSL_PKEY_PARAM_FFC_DIGEST_PROPS OSSL_PKEY_PARAM_PROPERTIES
/* Key Exchange parameters */
-
#define OSSL_EXCHANGE_PARAM_PAD "pad" /* uint */
#define OSSL_EXCHANGE_PARAM_EC_ECDH_COFACTOR_MODE "ecdh-cofactor-mode" /* int */
#define OSSL_EXCHANGE_PARAM_KDF_TYPE "kdf-type" /* utf8_string */
#define OSSL_SIGNATURE_PARAM_PAD_MODE OSSL_PKEY_PARAM_PAD_MODE
#define OSSL_SIGNATURE_PARAM_DIGEST OSSL_PKEY_PARAM_DIGEST
#define OSSL_SIGNATURE_PARAM_PROPERTIES OSSL_PKEY_PARAM_PROPERTIES
-#define OSSL_SIGNATURE_PARAM_PSS_SALTLEN "pss-saltlen"
+#define OSSL_SIGNATURE_PARAM_PSS_SALTLEN "saltlen"
#define OSSL_SIGNATURE_PARAM_MGF1_DIGEST OSSL_PKEY_PARAM_MGF1_DIGEST
#define OSSL_SIGNATURE_PARAM_MGF1_PROPERTIES \
OSSL_PKEY_PARAM_MGF1_PROPERTIES
#define OSSL_SIGNATURE_PARAM_DIGEST_SIZE OSSL_PKEY_PARAM_DIGEST_SIZE
-#define OSSL_SIGNATURE_PARAM_KAT "kat"
/* Asym cipher parameters */
#define OSSL_ASYM_CIPHER_PARAM_PAD_MODE OSSL_PKEY_PARAM_PAD_MODE
#define OSSL_GEN_PARAM_POTENTIAL "potential" /* integer */
#define OSSL_GEN_PARAM_ITERATION "iteration" /* integer */
+/* ACVP Test parameters : These should not be used normally */
+#define OSSL_PKEY_PARAM_RSA_TEST_XP1 "xp1"
+#define OSSL_PKEY_PARAM_RSA_TEST_XP2 "xp2"
+#define OSSL_PKEY_PARAM_RSA_TEST_XP "xp"
+#define OSSL_PKEY_PARAM_RSA_TEST_XQ1 "xq1"
+#define OSSL_PKEY_PARAM_RSA_TEST_XQ2 "xq2"
+#define OSSL_PKEY_PARAM_RSA_TEST_XQ "xq"
+#define OSSL_PKEY_PARAM_RSA_TEST_P1 "p1"
+#define OSSL_PKEY_PARAM_RSA_TEST_P2 "p2"
+#define OSSL_PKEY_PARAM_RSA_TEST_Q1 "q1"
+#define OSSL_PKEY_PARAM_RSA_TEST_Q2 "q2"
+#define OSSL_SIGNATURE_PARAM_KAT "kat"
+
+/* Capabilities */
+
+/* TLS-GROUP Capbility */
+#define OSSL_CAPABILITY_TLS_GROUP_NAME "tls-group-name"
+#define OSSL_CAPABILITY_TLS_GROUP_NAME_INTERNAL "tls-group-name-internal"
+#define OSSL_CAPABILITY_TLS_GROUP_ID "tls-group-id"
+#define OSSL_CAPABILITY_TLS_GROUP_ALG "tls-group-alg"
+#define OSSL_CAPABILITY_TLS_GROUP_SECURITY_BITS "tls-group-sec-bits"
+#define OSSL_CAPABILITY_TLS_GROUP_MIN_TLS "tls-min-tls"
+#define OSSL_CAPABILITY_TLS_GROUP_MAX_TLS "tls-max-tls"
+#define OSSL_CAPABILITY_TLS_GROUP_MIN_DTLS "tls-min-dtls"
+#define OSSL_CAPABILITY_TLS_GROUP_MAX_DTLS "tls-max-dtls"
+
# ifdef __cplusplus
}
# endif
projects / openssl.git / blobdiff