sec/Security/SecOTRIdentityPriv.h

   1 /*
   2  *  SecOTRIdentityPriv.h
   3  *  libsecurity_libSecOTR
   4  *
   5  *  Created by Mitch Adler on 2/9/11.
   6  *  Copyright 2011 Apple Inc. All rights reserved.
   7  *
   8  */
   9
  10 #ifndef _SECOTRIDENTITYPRIV_H_
  11
  12 #include <CoreFoundation/CFRuntime.h>
  13 #include <CoreFoundation/CFData.h>
  14
  15 #include <Security/SecKey.h>
  16
  17 #include <Security/oidsalg.h>
  18
  19 #include <CommonCrypto/CommonDigest.h> // DIGEST_LENGTH
  20 #include <Security/SecOTR.h>
  21
  22 __BEGIN_DECLS
  23
  24 extern CFStringRef sErrorDomain;
  25
  26 // OAEP Padding, uses lots of space. Might need this to be data
  27 // Driven when we support more key types.
  28 #define kPaddingOverhead (2 + 2 * CC_SHA1_DIGEST_LENGTH + 1)
  29
  30 //
  31 // Identity opaque structs
  32 //
  33
  34 #define kMPIDHashSize   CC_SHA1_DIGEST_LENGTH
  35
  36 struct _SecOTRFullIdentity {
  37     CFRuntimeBase _base;
  38
  39     SecKeyRef   publicSigningKey;
  40     SecKeyRef   privateSigningKey;
  41
  42     uint8_t     publicIDHash[kMPIDHashSize];
  43 };
  44
  45
  46 struct _SecOTRPublicIdentity {
  47     CFRuntimeBase _base;
  48
  49     SecKeyRef   publicSigningKey;
  50
  51     bool        wantsHashes;
  52
  53     uint8_t     hash[kMPIDHashSize];
  54 };
  55
  56 enum SecOTRError {
  57     secOTRErrorLocal,
  58     secOTRErrorOSError,
  59 };
  60
  61 const SecAsn1AlgId *kOTRSignatureAlgIDPtr;
  62 void EnsureOTRAlgIDInited(void);
  63
  64 // Private functions for Public and Full IDs
  65 SecOTRFullIdentityRef SecOTRFullIdentityCreateWithSize(CFAllocatorRef allocator, int bits);
  66
  67 bool SecOTRFIAppendSignature(SecOTRFullIdentityRef fullID,
  68                                 CFDataRef dataToHash,
  69                                 CFMutableDataRef appendTo,
  70                                 CFErrorRef *error);
  71
  72 void SecOTRFIAppendPublicHash(SecOTRFullIdentityRef fullID, CFMutableDataRef appendTo);
  73 bool SecOTRFIComparePublicHash(SecOTRFullIdentityRef fullID, const uint8_t hash[kMPIDHashSize]);
  74
  75 size_t SecOTRFISignatureSize(SecOTRFullIdentityRef privateID);
  76
  77 bool SecOTRPIVerifySignature(SecOTRPublicIdentityRef publicID,
  78                                 const uint8_t *dataToHash, size_t amountToHash,
  79                                 const uint8_t *signatureStart, size_t signatureSize, CFErrorRef *error);
  80
  81 bool SecOTRPIEqualToBytes(SecOTRPublicIdentityRef id, const uint8_t*bytes, CFIndex size);
  82 bool SecOTRPIEqual(SecOTRPublicIdentityRef left, SecOTRPublicIdentityRef right);
  83
  84 size_t SecOTRPISignatureSize(SecOTRPublicIdentityRef publicID);
  85
  86 void SecOTRPICopyHash(SecOTRPublicIdentityRef publicID, uint8_t hash[kMPIDHashSize]);
  87 void SecOTRPIAppendHash(SecOTRPublicIdentityRef publicID, CFMutableDataRef appendTo);
  88
  89 bool SecOTRPICompareHash(SecOTRPublicIdentityRef publicID, const uint8_t hash[kMPIDHashSize]);
  90
  91 // Utility streaming functions
  92 OSStatus insertSize(CFIndex size, uint8_t* here);
  93 OSStatus appendSize(CFIndex size, CFMutableDataRef into);
  94 OSStatus readSize(const uint8_t** data, size_t* limit, uint16_t* size);
  95
  96 OSStatus appendPublicOctets(SecKeyRef fromKey, CFMutableDataRef appendTo);
  97 OSStatus appendPublicOctetsAndSize(SecKeyRef fromKey, CFMutableDataRef appendTo);
  98 OSStatus appendSizeAndData(CFDataRef data, CFMutableDataRef appendTo);
  99
 100 SecKeyRef CreateECPrivateKeyFrom(CFAllocatorRef allocator, const uint8_t** data, size_t* limit);
 101 SecKeyRef CreateECPublicKeyFrom(CFAllocatorRef allocator, const uint8_t** data, size_t* limit);
 102
 103 void SecOTRCreateError(enum SecOTRError family, CFIndex errorCode, CFStringRef descriptionString, CFErrorRef previousError, CFErrorRef *newError);
 104
 105 __END_DECLS
 106
 107 #endif