OSX/sec/Security/SecOTRIdentityPriv.h

   1 /*
   2  * Copyright (c) 2011-2014 Apple Inc. All Rights Reserved.
   3  *
   4  * @APPLE_LICENSE_HEADER_START@
   5  *
   6  * This file contains Original Code and/or Modifications of Original Code
   7  * as defined in and that are subject to the Apple Public Source License
   8  * Version 2.0 (the 'License'). You may not use this file except in
   9  * compliance with the License. Please obtain a copy of the License at
  10  * http://www.opensource.apple.com/apsl/ and read it before using this
  11  * file.
  12  *
  13  * The Original Code and all software distributed under the License are
  14  * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
  15  * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
  16  * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
  17  * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
  18  * Please see the License for the specific language governing rights and
  19  * limitations under the License.
  20  *
  21  * @APPLE_LICENSE_HEADER_END@
  22  */
  23
  24
  25 #ifndef _SECOTRIDENTITYPRIV_H_
  26
  27 #include <CoreFoundation/CFRuntime.h>
  28 #include <CoreFoundation/CFData.h>
  29
  30 #include <Security/SecKey.h>
  31
  32 #include <Security/oidsalg.h>
  33
  34 #include <CommonCrypto/CommonDigest.h> // DIGEST_LENGTH
  35 #include <Security/SecOTR.h>
  36
  37 __BEGIN_DECLS
  38
  39 extern CFStringRef sErrorDomain;
  40
  41 // OAEP Padding, uses lots of space. Might need this to be data
  42 // Driven when we support more key types.
  43 #define kPaddingOverhead (2 + 2 * CC_SHA1_DIGEST_LENGTH + 1)
  44
  45 //
  46 // Identity opaque structs
  47 //
  48
  49 #define kMPIDHashSize   CC_SHA1_DIGEST_LENGTH
  50
  51 struct _SecOTRFullIdentity {
  52     CFRuntimeBase _base;
  53
  54     SecKeyRef   publicSigningKey;
  55     SecKeyRef   privateSigningKey;
  56     CFDataRef   privateKeyPersistentRef;
  57
  58     uint8_t     publicIDHash[kMPIDHashSize];
  59 };
  60
  61
  62 struct _SecOTRPublicIdentity {
  63     CFRuntimeBase _base;
  64
  65     SecKeyRef   publicSigningKey;
  66
  67     bool        wantsHashes;
  68
  69     uint8_t     hash[kMPIDHashSize];
  70 };
  71
  72 enum SecOTRError {
  73     secOTRErrorLocal,
  74     secOTRErrorOSError,
  75 };
  76
  77 extern const SecAsn1AlgId *kOTRSignatureAlgIDPtr;
  78 void EnsureOTRAlgIDInited(void);
  79
  80 // Private functions for Public and Full IDs
  81 SecOTRFullIdentityRef SecOTRFullIdentityCreateWithSize(CFAllocatorRef allocator, int bits);
  82
  83 bool SecOTRFIAppendSignature(SecOTRFullIdentityRef fullID,
  84                                 CFDataRef dataToHash,
  85                                 CFMutableDataRef appendTo,
  86                                 CFErrorRef *error);
  87
  88 void SecOTRFIAppendPublicHash(SecOTRFullIdentityRef fullID, CFMutableDataRef appendTo);
  89 bool SecOTRFIComparePublicHash(SecOTRFullIdentityRef fullID, const uint8_t hash[kMPIDHashSize]);
  90
  91 size_t SecOTRFISignatureSize(SecOTRFullIdentityRef privateID);
  92
  93 bool SecOTRFICompareToPublicKey(SecOTRFullIdentityRef fullID, SecKeyRef publicKey);
  94
  95 bool SecOTRPIVerifySignature(SecOTRPublicIdentityRef publicID,
  96                                 const uint8_t *dataToHash, size_t amountToHash,
  97                                 const uint8_t *signatureStart, size_t signatureSize, CFErrorRef *error);
  98
  99 bool SecOTRPIEqualToBytes(SecOTRPublicIdentityRef id, const uint8_t*bytes, CFIndex size);
 100 bool SecOTRPIEqual(SecOTRPublicIdentityRef left, SecOTRPublicIdentityRef right);
 101
 102 size_t SecOTRPISignatureSize(SecOTRPublicIdentityRef publicID);
 103
 104 void SecOTRPICopyHash(SecOTRPublicIdentityRef publicID, uint8_t hash[kMPIDHashSize]);
 105 void SecOTRPIAppendHash(SecOTRPublicIdentityRef publicID, CFMutableDataRef appendTo);
 106
 107 bool SecOTRPICompareHash(SecOTRPublicIdentityRef publicID, const uint8_t hash[kMPIDHashSize]);
 108
 109 bool SecOTRPICompareToPublicKey(SecOTRPublicIdentityRef publicID, SecKeyRef publicKey);
 110
 111
 112 // Utility streaming functions
 113 OSStatus insertSize(CFIndex size, uint8_t* here);
 114 OSStatus appendSize(CFIndex size, CFMutableDataRef into);
 115 OSStatus readSize(const uint8_t** data, size_t* limit, uint16_t* size);
 116
 117 OSStatus appendPublicOctets(SecKeyRef fromKey, CFMutableDataRef appendTo);
 118 OSStatus appendPublicOctetsAndSize(SecKeyRef fromKey, CFMutableDataRef appendTo);
 119 OSStatus appendSizeAndData(CFDataRef data, CFMutableDataRef appendTo);
 120
 121 SecKeyRef CreateECPrivateKeyFrom(CFAllocatorRef allocator, const uint8_t** data, size_t* limit);
 122 SecKeyRef CreateECPublicKeyFrom(CFAllocatorRef allocator, const uint8_t** data, size_t* limit);
 123
 124 bool SecOTRCreateError(enum SecOTRError family, CFIndex errorCode, CFStringRef descriptionString, CFErrorRef previousError, CFErrorRef *newError);
 125
 126 __END_DECLS
 127
 128 #endif