| | 1 | /* |
| | 2 | * Copyright (c) 2011-2014 Apple Inc. All Rights Reserved. |
| | 3 | * |
| | 4 | * @APPLE_LICENSE_HEADER_START@ |
| | 5 | * |
| | 6 | * This file contains Original Code and/or Modifications of Original Code |
| | 7 | * as defined in and that are subject to the Apple Public Source License |
| | 8 | * Version 2.0 (the 'License'). You may not use this file except in |
| | 9 | * compliance with the License. Please obtain a copy of the License at |
| | 10 | * http://www.opensource.apple.com/apsl/ and read it before using this |
| | 11 | * file. |
| | 12 | * |
| | 13 | * The Original Code and all software distributed under the License are |
| | 14 | * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER |
| | 15 | * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, |
| | 16 | * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, |
| | 17 | * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. |
| | 18 | * Please see the License for the specific language governing rights and |
| | 19 | * limitations under the License. |
| | 20 | * |
| | 21 | * @APPLE_LICENSE_HEADER_END@ |
| | 22 | */ |
| | 23 | |
| | 24 | |
| | 25 | #ifndef _SECOTRIDENTITYPRIV_H_ |
| | 26 | |
| | 27 | #include <CoreFoundation/CFRuntime.h> |
| | 28 | #include <CoreFoundation/CFData.h> |
| | 29 | |
| | 30 | #include <Security/SecKey.h> |
| | 31 | |
| | 32 | #include <Security/oidsalg.h> |
| | 33 | |
| | 34 | #include <CommonCrypto/CommonDigest.h> // DIGEST_LENGTH |
| | 35 | #include <Security/SecOTR.h> |
| | 36 | |
| | 37 | __BEGIN_DECLS |
| | 38 | |
| | 39 | extern CFStringRef sErrorDomain; |
| | 40 | |
| | 41 | // OAEP Padding, uses lots of space. Might need this to be data |
| | 42 | // Driven when we support more key types. |
| | 43 | #define kPaddingOverhead (2 + 2 * CC_SHA1_DIGEST_LENGTH + 1) |
| | 44 | |
| | 45 | // |
| | 46 | // Identity opaque structs |
| | 47 | // |
| | 48 | |
| | 49 | #define kMPIDHashSize CC_SHA1_DIGEST_LENGTH |
| | 50 | |
| | 51 | struct _SecOTRFullIdentity { |
| | 52 | CFRuntimeBase _base; |
| | 53 | |
| | 54 | SecKeyRef publicSigningKey; |
| | 55 | SecKeyRef privateSigningKey; |
| | 56 | CFDataRef privateKeyPersistentRef; |
| | 57 | |
| | 58 | uint8_t publicIDHash[kMPIDHashSize]; |
| | 59 | }; |
| | 60 | |
| | 61 | |
| | 62 | struct _SecOTRPublicIdentity { |
| | 63 | CFRuntimeBase _base; |
| | 64 | |
| | 65 | SecKeyRef publicSigningKey; |
| | 66 | |
| | 67 | bool wantsHashes; |
| | 68 | |
| | 69 | uint8_t hash[kMPIDHashSize]; |
| | 70 | }; |
| | 71 | |
| | 72 | enum SecOTRError { |
| | 73 | secOTRErrorLocal, |
| | 74 | secOTRErrorOSError, |
| | 75 | }; |
| | 76 | |
| | 77 | extern const SecAsn1AlgId *kOTRSignatureAlgIDPtr; |
| | 78 | void EnsureOTRAlgIDInited(void); |
| | 79 | |
| | 80 | // Private functions for Public and Full IDs |
| | 81 | SecOTRFullIdentityRef SecOTRFullIdentityCreateWithSize(CFAllocatorRef allocator, int bits); |
| | 82 | |
| | 83 | bool SecOTRFIAppendSignature(SecOTRFullIdentityRef fullID, |
| | 84 | CFDataRef dataToHash, |
| | 85 | CFMutableDataRef appendTo, |
| | 86 | CFErrorRef *error); |
| | 87 | |
| | 88 | void SecOTRFIAppendPublicHash(SecOTRFullIdentityRef fullID, CFMutableDataRef appendTo); |
| | 89 | bool SecOTRFIComparePublicHash(SecOTRFullIdentityRef fullID, const uint8_t hash[kMPIDHashSize]); |
| | 90 | |
| | 91 | size_t SecOTRFISignatureSize(SecOTRFullIdentityRef privateID); |
| | 92 | |
| | 93 | bool SecOTRFICompareToPublicKey(SecOTRFullIdentityRef fullID, SecKeyRef publicKey); |
| | 94 | |
| | 95 | bool SecOTRPIVerifySignature(SecOTRPublicIdentityRef publicID, |
| | 96 | const uint8_t *dataToHash, size_t amountToHash, |
| | 97 | const uint8_t *signatureStart, size_t signatureSize, CFErrorRef *error); |
| | 98 | |
| | 99 | bool SecOTRPIEqualToBytes(SecOTRPublicIdentityRef id, const uint8_t*bytes, CFIndex size); |
| | 100 | bool SecOTRPIEqual(SecOTRPublicIdentityRef left, SecOTRPublicIdentityRef right); |
| | 101 | |
| | 102 | size_t SecOTRPISignatureSize(SecOTRPublicIdentityRef publicID); |
| | 103 | |
| | 104 | void SecOTRPICopyHash(SecOTRPublicIdentityRef publicID, uint8_t hash[kMPIDHashSize]); |
| | 105 | void SecOTRPIAppendHash(SecOTRPublicIdentityRef publicID, CFMutableDataRef appendTo); |
| | 106 | |
| | 107 | bool SecOTRPICompareHash(SecOTRPublicIdentityRef publicID, const uint8_t hash[kMPIDHashSize]); |
| | 108 | |
| | 109 | bool SecOTRPICompareToPublicKey(SecOTRPublicIdentityRef publicID, SecKeyRef publicKey); |
| | 110 | |
| | 111 | |
| | 112 | // Utility streaming functions |
| | 113 | OSStatus insertSize(CFIndex size, uint8_t* here); |
| | 114 | OSStatus appendSize(CFIndex size, CFMutableDataRef into); |
| | 115 | OSStatus readSize(const uint8_t** data, size_t* limit, uint16_t* size); |
| | 116 | |
| | 117 | OSStatus appendPublicOctets(SecKeyRef fromKey, CFMutableDataRef appendTo); |
| | 118 | OSStatus appendPublicOctetsAndSize(SecKeyRef fromKey, CFMutableDataRef appendTo); |
| | 119 | OSStatus appendSizeAndData(CFDataRef data, CFMutableDataRef appendTo); |
| | 120 | |
| | 121 | SecKeyRef CreateECPrivateKeyFrom(CFAllocatorRef allocator, const uint8_t** data, size_t* limit); |
| | 122 | SecKeyRef CreateECPublicKeyFrom(CFAllocatorRef allocator, const uint8_t** data, size_t* limit); |
| | 123 | |
| | 124 | bool SecOTRCreateError(enum SecOTRError family, CFIndex errorCode, CFStringRef descriptionString, CFErrorRef previousError, CFErrorRef *newError); |
| | 125 | |
| | 126 | __END_DECLS |
| | 127 | |
| | 128 | #endif |
projects / apple / security.git / blame_incremental