unbound/ldns/keyraw.h

   1 /*
   2  * keyraw.h -- raw key and signature access and conversion
   3  *
   4  * Copyright (c) 2005-2008, NLnet Labs. All rights reserved.
   5  *
   6  * See LICENSE for the license.
   7  *
   8  */
   9
  10 /**
  11  * \file
  12  *
  13  * raw key and signature access and conversion
  14  *
  15  * Since those functions heavily rely op cryptographic operations,
  16  * this module is dependent on openssl.
  17  *
  18  */
  19
  20 #ifndef LDNS_KEYRAW_H
  21 #define LDNS_KEYRAW_H
  22
  23 #ifdef __cplusplus
  24 extern "C" {
  25 #endif
  26 #if LDNS_BUILD_CONFIG_HAVE_SSL
  27 #  include <openssl/ssl.h>
  28 #  include <openssl/evp.h>
  29 #endif /* LDNS_BUILD_CONFIG_HAVE_SSL */
  30
  31 /**
  32  * get the length of the keydata in bits
  33  * \param[in] keydata the raw key data
  34  * \param[in] len the length of the keydata
  35  * \param[in] alg the cryptographic algorithm this is a key for
  36  * \return the keysize in bits, or 0 on error
  37  */
  38 size_t sldns_rr_dnskey_key_size_raw(const unsigned char *keydata,
  39         const size_t len, int alg);
  40
  41 /**
  42  * Calculates keytag of DNSSEC key, operates on wireformat rdata.
  43  * \param[in] key the key as uncompressed wireformat rdata.
  44  * \param[in] keysize length of key data.
  45  * \return the keytag
  46  */
  47 uint16_t sldns_calc_keytag_raw(uint8_t* key, size_t keysize);
  48
  49 #if LDNS_BUILD_CONFIG_HAVE_SSL
  50 /**
  51  * Get the PKEY id for GOST, loads GOST into openssl as a side effect.
  52  * Only available if GOST is compiled into the library and openssl.
  53  * \return the gost id for EVP_CTX creation.
  54  */
  55 int sldns_key_EVP_load_gost_id(void);
  56
  57 /** Release the engine reference held for the GOST engine. */
  58 void sldns_key_EVP_unload_gost(void);
  59
  60 /**
  61  * Like sldns_key_buf2dsa, but uses raw buffer.
  62  * \param[in] key the uncompressed wireformat of the key.
  63  * \param[in] len length of key data
  64  * \return a DSA * structure with the key material
  65  */
  66 DSA *sldns_key_buf2dsa_raw(unsigned char* key, size_t len);
  67
  68 /**
  69  * Converts a holding buffer with key material to EVP PKEY in openssl.
  70  * Only available if ldns was compiled with GOST.
  71  * \param[in] key data to convert
  72  * \param[in] keylen length of the key data
  73  * \return the key or NULL on error.
  74  */
  75 EVP_PKEY* sldns_gost2pkey_raw(unsigned char* key, size_t keylen);
  76
  77 /**
  78  * Converts a holding buffer with key material to EVP PKEY in openssl.
  79  * Only available if ldns was compiled with ECDSA.
  80  * \param[in] key data to convert
  81  * \param[in] keylen length of the key data
  82  * \param[in] algo precise algorithm to initialize ECC group values.
  83  * \return the key or NULL on error.
  84  */
  85 EVP_PKEY* sldns_ecdsa2pkey_raw(unsigned char* key, size_t keylen, uint8_t algo);
  86
  87 /**
  88  * Like sldns_key_buf2rsa, but uses raw buffer.
  89  * \param[in] key the uncompressed wireformat of the key.
  90  * \param[in] len length of key data
  91  * \return a RSA * structure with the key material
  92  */
  93 RSA *sldns_key_buf2rsa_raw(unsigned char* key, size_t len);
  94
  95 /**
  96  * Utility function to calculate hash using generic EVP_MD pointer.
  97  * \param[in] data the data to hash.
  98  * \param[in] len  length of data.
  99  * \param[out] dest the destination of the hash, must be large enough.
 100  * \param[in] md the message digest to use.
 101  * \return true if worked, false on failure.
 102  */
 103 int sldns_digest_evp(unsigned char* data, unsigned int len,
 104         unsigned char* dest, const EVP_MD* md);
 105
 106 #endif /* LDNS_BUILD_CONFIG_HAVE_SSL */
 107
 108 #ifdef __cplusplus
 109 }
 110 #endif
 111
 112 #endif /* LDNS_KEYRAW_H */