]> git.saurik.com Git - apple/security.git/blob - OSX/libsecurity_cryptkit/lib/CryptKitDER.h
Security-57336.1.9.tar.gz
[apple/security.git] / OSX / libsecurity_cryptkit / lib / CryptKitDER.h
1 /*
2 * Copyright (c) 2001,2011,2014 Apple Inc. All Rights Reserved.
3 *
4 * @APPLE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. Please obtain a copy of the License at
10 * http://www.opensource.apple.com/apsl/ and read it before using this
11 * file.
12 *
13 * The Original Code and all software distributed under the License are
14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18 * Please see the License for the specific language governing rights and
19 * limitations under the License.
20 *
21 * @APPLE_LICENSE_HEADER_END@
22 */
23
24
25 #ifndef _CRYPTKIT_DER_H_
26 #define _CRYPTKIT_DER_H_
27
28 #include <security_cryptkit/ckconfig.h>
29
30 #if CRYPTKIT_DER_ENABLE
31
32 #include <security_cryptkit/feeTypes.h>
33 #include <security_cryptkit/feePublicKey.h>
34 #include <security_cryptkit/giantIntegers.h>
35 #include <security_cryptkit/falloc.h>
36 #include <security_cryptkit/curveParams.h>
37
38 #ifdef __cplusplus
39 extern "C" {
40 #endif
41
42 /*
43 * Encode/decode the two FEE signature types. We malloc returned data via
44 * falloc(); caller must free via ffree().
45 */
46 feeReturn feeDEREncodeElGamalSignature(
47 giant u,
48 giant PmX,
49 unsigned char **encodedSig, // fallocd and RETURNED
50 unsigned *encodedSigLen); // RETURNED
51
52 feeReturn feeDEREncodeECDSASignature(
53 giant c,
54 giant d,
55 unsigned char **encodedSig, // fallocd and RETURNED
56 unsigned *encodedSigLen); // RETURNED
57
58 feeReturn feeDERDecodeElGamalSignature(
59 const unsigned char *encodedSig,
60 size_t encodedSigLen,
61 giant *u, // newGiant'd and RETURNED
62 giant *PmX); // newGiant'd and RETURNED
63
64 feeReturn feeDERDecodeECDSASignature(
65 const unsigned char *encodedSig,
66 size_t encodedSigLen,
67 giant *c, // newGiant'd and RETURNED
68 giant *d); // newGiant'd and RETURNED
69
70 /*
71 * RAW format for ECDSA signatures
72 */
73 feeReturn feeRAWEncodeECDSASignature(
74 unsigned groupBytesLen,
75 giant c,
76 giant d,
77 unsigned char **encodedSig, // fallocd and RETURNED
78 unsigned *encodedSigLen); // RETURNED
79
80 feeReturn feeRAWDecodeECDSASignature(
81 unsigned groupBytesLen,
82 const unsigned char *encodedSig,
83 size_t encodedSigLen,
84 giant *c, // newGiant'd and RETURNED
85 giant *d); // newGiant'd and RETURNED
86
87
88
89 /*
90 * Encode/decode the FEE private and public keys. We malloc returned data via
91 * falloc(); caller must free via ffree().
92 * These use a DER format which is custom to this module.
93 */
94 feeReturn feeDEREncodePublicKey(
95 int version,
96 const curveParams *cp,
97 giant plusX,
98 giant minusX,
99 giant plusY, // may be NULL
100 unsigned char **keyBlob, // fmallocd and RETURNED
101 unsigned *keyBlobLen); // RETURNED
102
103 feeReturn feeDEREncodePrivateKey(
104 int version,
105 const curveParams *cp,
106 const giant privData,
107 unsigned char **keyBlob, // fmallocd and RETURNED
108 unsigned *keyBlobLen); // RETURNED
109
110 feeReturn feeDERDecodePublicKey(
111 const unsigned char *keyBlob,
112 unsigned keyBlobLen,
113 int *version, // this and remainder RETURNED
114 curveParams **cp,
115 giant *plusX,
116 giant *minusX,
117 giant *plusY); // always valid, may be (giant)0
118
119 feeReturn feeDERDecodePrivateKey(
120 const unsigned char *keyBlob,
121 unsigned keyBlobLen,
122 int *version, // this and remainder RETURNED
123 curveParams **cp,
124 giant *privData); // RETURNED
125
126 /* obtain the max size of a DER-encoded signature (either ElGamal or ECDSA) */
127 unsigned feeSizeOfDERSig(
128 giant g1,
129 giant g2);
130
131 /*
132 * Encode/decode public key in X.509 format.
133 */
134 feeReturn feeDEREncodeX509PublicKey(
135 const unsigned char *pubBlob, /* x and y octet string */
136 unsigned pubBlobLen,
137 curveParams *cp,
138 unsigned char **x509Blob, /* fmallocd and RETURNED */
139 unsigned *x509BlobLen); /* RETURNED */
140
141 feeReturn feeDERDecodeX509PublicKey(
142 const unsigned char *x509Blob,
143 unsigned x509BlobLen,
144 feeDepth *depth, /* RETURNED */
145 unsigned char **pubBlob, /* x and y octet string RETURNED */
146 unsigned *pubBlobLen); /* RETURNED */
147
148 /*
149 * Encode private, and decode private or public key, in unencrypted OpenSSL format.
150 */
151 feeReturn feeDEREncodeOpenSSLPrivateKey(
152 const unsigned char *privBlob, /* private data octet string */
153 unsigned privBlobLen,
154 const unsigned char *pubBlob, /* public key, optional */
155 unsigned pubBlobLen,
156 curveParams *cp,
157 unsigned char **openBlob, /* fmallocd and RETURNED */
158 unsigned *openBlobLen); /* RETURNED */
159
160 feeReturn feeDERDecodeOpenSSLKey(
161 const unsigned char *osBlob,
162 unsigned osBlobLen,
163 feeDepth *depth, /* RETURNED */
164 unsigned char **privBlob, /* private data octet string RETURNED */
165 unsigned *privBlobLen, /* RETURNED */
166 unsigned char **pubBlob, /* public data octet string optionally RETURNED */
167 unsigned *pubBlobLen);
168
169 /*
170 * Encode/decode private key in unencrypted PKCS8 format.
171 */
172 feeReturn feeDEREncodePKCS8PrivateKey(
173 const unsigned char *privBlob, /* private data octet string */
174 unsigned privBlobLen,
175 const unsigned char *pubBlob, /* public blob, optional */
176 unsigned pubBlobLen,
177 curveParams *cp,
178 unsigned char **pkcs8Blob, /* fmallocd and RETURNED */
179 unsigned *pkcs8BlobLen); /* RETURNED */
180
181 feeReturn feeDERDecodePKCS8PrivateKey(
182 const unsigned char *pkcs8Blob,
183 unsigned pkcs8BlobLen,
184 feeDepth *depth, /* RETURNED */
185 unsigned char **privBlob, /* private data octet string RETURNED */
186 unsigned *privBlobLen, /* RETURNED */
187 unsigned char **pubBlob, /* optionally returned, if it's there */
188 unsigned *pubBlobLen);
189
190
191 #ifdef __cplusplus
192 }
193 #endif
194
195 #endif /* CRYPTKIT_DER_ENABLE */
196 #endif /* _CRYPTKIT_DER_H_ */
197
198