OSX/libsecurity_asn1/security_asn1/osKeyTemplates.h

   1 /*
   2  * Copyright (c) 2003-2006,2008,2010-2012 Apple Inc. All Rights Reserved.
   3  *
   4  * @APPLE_LICENSE_HEADER_START@
   5  *
   6  * This file contains Original Code and/or Modifications of Original Code
   7  * as defined in and that are subject to the Apple Public Source License
   8  * Version 2.0 (the 'License'). You may not use this file except in
   9  * compliance with the License. Please obtain a copy of the License at
  10  * http://www.opensource.apple.com/apsl/ and read it before using this
  11  * file.
  12  *
  13  * The Original Code and all software distributed under the License are
  14  * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
  15  * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
  16  * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
  17  * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
  18  * Please see the License for the specific language governing rights and
  19  * limitations under the License.
  20  *
  21  * @APPLE_LICENSE_HEADER_END@
  22  */
  23 /*
  24  * osKeyTemplate.h -  ASN1 templates for openssl asymmetric keys
  25  */
  26
  27 #ifndef _OS_KEY_TEMPLATES_H_
  28 #define _OS_KEY_TEMPLATES_H_
  29
  30 #include <Security/keyTemplates.h>
  31
  32 /*
  33  * Arrays of SecAsn1Template are always associated with a specific
  34  * C struct. We attempt to use C structs which are defined in CDSA
  35  * if at all possible; these always start with the CSSM_ prefix.
  36  * Otherwise we define the struct here, with an NSS_ prefix.
  37  * In either case, the name of the C struct is listed in comments
  38  * along with the extern declaration of the SecAsn1Template array.
  39  */
  40
  41 #ifdef  __cplusplus
  42 extern "C" {
  43 #endif
  44
  45 /***
  46  *** Note: RSA and Diffie-Hellman keys and structs are in
  47  *** security_asn1/keyTemplates.h.
  48  ***/
  49
  50 // MARK: *** DSA ***
  51
  52 /*
  53  * Note that most of the DSA structs are hand rolled and are not
  54  * expressed in ASN1 in any doc that I'm aware of.
  55  */
  56
  57 /****
  58  **** DSA support
  59  ****/
  60
  61 /*
  62  * DSA algorithm parameters. Used in CDSA key generation context as
  63  * well as the parameters in an X509-formatted DSA public key.
  64  */
  65 typedef struct {
  66         SecAsn1Item     p;
  67         SecAsn1Item     q;
  68         SecAsn1Item     g;
  69 } NSS_DSAAlgParams;
  70
  71 extern const SecAsn1Template kSecAsn1DSAAlgParamsTemplate[];
  72
  73 /*
  74  * DSA algorithm parameters, BSAFE style. Only used in FIPS186 format
  75  * public and private keys.
  76  */
  77 typedef struct {
  78         SecAsn1Item     keySizeInBits;
  79         SecAsn1Item     p;
  80         SecAsn1Item     q;
  81         SecAsn1Item     g;
  82 } NSS_DSAAlgParamsBSAFE;
  83
  84 extern const SecAsn1Template kSecAsn1DSAAlgParamsBSAFETemplate[];
  85
  86 /*
  87  * DSA X509-style AlgorithmID. Avoids ASN_ANY processing via direct
  88  * insertion of the appropriate parameters.
  89  */
  90 typedef struct {
  91         SecAsn1Oid                      algorithm;
  92         NSS_DSAAlgParams        *params;                // optional
  93 } NSS_DSAAlgorithmIdX509;
  94
  95 extern const SecAsn1Template kSecAsn1DSAAlgorithmIdX509Template[];
  96
  97 /*
  98  * DSA AlgorithmID, BSAFE style. Avoids ASN_ANY
  99  * processing via direct insertion of the appropriate parameters.
 100  */
 101 typedef struct {
 102         SecAsn1Oid                              algorithm;
 103         NSS_DSAAlgParamsBSAFE   params;
 104 } NSS_DSAAlgorithmIdBSAFE;
 105
 106 extern const SecAsn1Template kSecAsn1DSAAlgorithmIdBSAFETemplate[];
 107
 108 /****
 109  **** DSA public keys
 110  ****/
 111
 112 /*
 113  * DSA public key, openssl/X509 format.
 114  *
 115  * The publicKey is actually the DER encoding of an ASN
 116  * integer, wrapped in a BIT STRING.
 117  */
 118 typedef struct {
 119         NSS_DSAAlgorithmIdX509  dsaAlg;
 120         SecAsn1Item                             publicKey;              // BIT string - Length in bits
 121 } NSS_DSAPublicKeyX509;
 122
 123 extern const SecAsn1Template kSecAsn1DSAPublicKeyX509Template[];
 124
 125 /*
 126  * DSA public key, BSAFE/FIPS186 format.
 127  * The public key is the DER encoding of an ASN integer, wrapped
 128  * in a bit string.
 129  */
 130 typedef struct {
 131         NSS_DSAAlgorithmIdBSAFE         dsaAlg;
 132         SecAsn1Item                                     publicKey;      // BIT string - Length in bits
 133 } NSS_DSAPublicKeyBSAFE;
 134
 135 extern const SecAsn1Template kSecAsn1DSAPublicKeyBSAFETemplate[];
 136
 137 /****
 138  **** DSA private keys
 139  ****/
 140
 141 /*
 142  * DSA Private key, openssl custom format.
 143  */
 144 typedef struct {
 145         SecAsn1Item     version;
 146         SecAsn1Item     p;
 147         SecAsn1Item     q;
 148         SecAsn1Item     g;
 149         SecAsn1Item     pub;
 150         SecAsn1Item     priv;
 151 } NSS_DSAPrivateKeyOpenssl;
 152
 153 extern const SecAsn1Template kSecAsn1DSAPrivateKeyOpensslTemplate[];
 154
 155 /*
 156  * DSA private key, BSAFE/FIPS186 style.
 157  * This is basically a DSA-specific NSS_PrivateKeyInfo.
 158  *
 159  * NSS_DSAPrivateKeyBSAFE.privateKey is an octet string containing
 160  * the DER encoding of this.
 161  */
 162 typedef struct {
 163         SecAsn1Item                             privateKey;
 164 } NSS_DSAPrivateKeyOcts;
 165
 166 extern const SecAsn1Template kSecAsn1DSAPrivateKeyOctsTemplate[];
 167
 168 typedef struct {
 169         SecAsn1Item                             version;
 170         NSS_DSAAlgorithmIdBSAFE dsaAlg;
 171         /* octet string containing a DER-encoded NSS_DSAPrivateKeyOcts */
 172         SecAsn1Item                             privateKey;
 173 } NSS_DSAPrivateKeyBSAFE;
 174
 175 extern const SecAsn1Template kSecAsn1DSAPrivateKeyBSAFETemplate[];
 176
 177 /*
 178  * DSA Private Key, PKCS8/SMIME style. Doesn't have keySizeInBits
 179  * in the alg params; has version in the top-level struct; the
 180  * private key itself is a DER-encoded integer wrapped in an
 181  * octet string.
 182  */
 183 typedef struct {
 184         SecAsn1Item                             version;
 185         NSS_DSAAlgorithmIdX509  dsaAlg;
 186         /* octet string containing DER-encoded integer */
 187         SecAsn1Item                             privateKey;
 188     NSS_Attribute                       **attributes;           // optional
 189 } NSS_DSAPrivateKeyPKCS8;
 190
 191 extern const SecAsn1Template kSecAsn1DSAPrivateKeyPKCS8Template[];
 192
 193 /*
 194  * DSA Signature.
 195  */
 196 typedef struct {
 197         SecAsn1Item     r;
 198         SecAsn1Item     s;
 199 } NSS_DSASignature;
 200
 201 extern const SecAsn1Template kSecAsn1DSASignatureTemplate[];
 202
 203 #ifdef  __cplusplus
 204 }
 205 #endif
 206
 207
 208 #endif  /* _OS_KEY_TEMPLATES_H_ */