OSX/libsecurity_asn1/lib/keyTemplates.h

   1 /*
   2  * Copyright (c) 2003-2006,2008,2010-2012 Apple Inc. All Rights Reserved.
   3  *
   4  * @APPLE_LICENSE_HEADER_START@
   5  *
   6  * This file contains Original Code and/or Modifications of Original Code
   7  * as defined in and that are subject to the Apple Public Source License
   8  * Version 2.0 (the 'License'). You may not use this file except in
   9  * compliance with the License. Please obtain a copy of the License at
  10  * http://www.opensource.apple.com/apsl/ and read it before using this
  11  * file.
  12  *
  13  * The Original Code and all software distributed under the License are
  14  * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
  15  * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
  16  * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
  17  * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
  18  * Please see the License for the specific language governing rights and
  19  * limitations under the License.
  20  *
  21  * @APPLE_LICENSE_HEADER_END@
  22  *
  23  * keyTemplate.h -  ASN1 templates for asymmetric keys and related
  24  * structs.
  25  */
  26
  27 #ifndef _NSS_KEY_TEMPLATES_H_
  28 #define _NSS_KEY_TEMPLATES_H_
  29
  30 #include <Security/SecAsn1Types.h>
  31
  32 /*
  33  * Arrays of SecAsn1Templates are always associated with a specific
  34  * C struct. We attempt to use C structs which are defined in CDSA
  35  * if at all possible; these always start with the CSSM_ prefix.
  36  * Otherwise we define the struct here, with an NSS_ prefix.
  37  * In either case, the name of the C struct is listed in comments
  38  * along with the extern declaration of the SecAsn1Template array.
  39  */
  40
  41 #ifdef  __cplusplus
  42 extern "C" {
  43 #endif
  44
  45 /*
  46  * ASN class : AlgorithmIdentifier
  47  * C struct  : SecAsn1AlgId
  48  */
  49 extern const SecAsn1Template kSecAsn1AlgorithmIDTemplate[];
  50
  51 /*
  52  * ASN class : SubjectPublicKeyInfo
  53  * C struct  : SecAsn1PubKeyInfo
  54  */
  55 extern const SecAsn1Template kSecAsn1SubjectPublicKeyInfoTemplate[];
  56
  57 /*
  58  * ASN class : Attribute
  59  * C struct  : NSS_Attribute
  60  */
  61 typedef struct {
  62     SecAsn1Oid  attrType;
  63     SecAsn1Item         **attrValue;
  64 } NSS_Attribute;
  65
  66 extern const SecAsn1Template kSecAsn1AttributeTemplate[];
  67 extern const SecAsn1Template kSecAsn1SetOfAttributeTemplate[];
  68
  69 /*
  70  * PKCS8 private key info
  71  * ASN class : PrivateKeyInfo
  72  * C struct  : NSS_PrivateKeyInfo
  73  */
  74 typedef struct {
  75     SecAsn1Item                                                 version;
  76     SecAsn1AlgId        algorithm;
  77     SecAsn1Item                                                 privateKey;
  78     NSS_Attribute                                       **attributes;
  79 } NSS_PrivateKeyInfo;
  80
  81 extern const SecAsn1Template kSecAsn1PrivateKeyInfoTemplate[];
  82
  83 /*
  84  * PKCS8 Encrypted Private Key Info
  85  * ASN class : EncryptedPrivateKeyInfo
  86  * C struct  : NSS_EncryptedPrivateKeyInfo
  87  *
  88  * The decrypted encryptedData field is a DER-encoded
  89  * NSS_PrivateKeyInfo.
  90  */
  91 typedef struct {
  92         SecAsn1AlgId    algorithm;
  93         SecAsn1Item                                             encryptedData;
  94 } NSS_EncryptedPrivateKeyInfo;
  95
  96 extern const SecAsn1Template kSecAsn1EncryptedPrivateKeyInfoTemplate[];
  97
  98 /*
  99  * ASN class : DigestInfo
 100  * C struct  : NSS_DigestInfo
 101  */
 102 typedef struct {
 103         SecAsn1AlgId    digestAlgorithm;
 104         SecAsn1Item                                             digest;
 105 } NSS_DigestInfo;
 106
 107 extern const SecAsn1Template kSecAsn1DigestInfoTemplate[];
 108
 109 /*
 110  * Key structs and templates, placed here due to their ubiquitous use.
 111  */
 112
 113 // MARK: *** RSA ***
 114
 115 /*
 116  * RSA public key, PKCS1 format
 117  *
 118  * ASN class : RSAPublicKey
 119  * C struct  : NSS_RSAPublicKeyPKCS1
 120  */
 121 typedef struct {
 122     SecAsn1Item modulus;
 123     SecAsn1Item publicExponent;
 124 } NSS_RSAPublicKeyPKCS1;
 125
 126 extern const SecAsn1Template kSecAsn1RSAPublicKeyPKCS1Template[];
 127
 128 /*
 129  * RSA public key, X509 format: NSS_SubjectPublicKeyInfoTemplate
 130  */
 131
 132 /*
 133  * RSA private key, PKCS1 format, used by openssl
 134  *
 135  * ASN class : RSAPrivateKey
 136  * C struct  : NSS_RSAPrivateKeyPKCS1
 137  */
 138 typedef struct {
 139         SecAsn1Item version;
 140     SecAsn1Item modulus;
 141     SecAsn1Item publicExponent;
 142     SecAsn1Item privateExponent;
 143     SecAsn1Item prime1;
 144     SecAsn1Item prime2;
 145     SecAsn1Item exponent1;
 146     SecAsn1Item exponent2;
 147     SecAsn1Item coefficient;
 148 } NSS_RSAPrivateKeyPKCS1;
 149
 150 extern const SecAsn1Template kSecAsn1RSAPrivateKeyPKCS1Template[];
 151
 152 /*
 153  * RSA private key, PKCS8 format: NSS_PrivateKeyInfo; the privateKey
 154  * value is a DER-encoded NSS_RSAPrivateKeyPKCS1.
 155  */
 156
 157 // MARK: *** Diffie-Hellman ***
 158
 159 /*** from PKCS3 ***/
 160
 161 /*
 162  * ASN class : DHParameter
 163  * C struct  : NSS_DHParameter
 164  */
 165 typedef struct {
 166         SecAsn1Item             prime;
 167         SecAsn1Item             base;
 168         SecAsn1Item             privateValueLength;     // optional
 169 } NSS_DHParameter;
 170
 171 extern const SecAsn1Template kSecAsn1DHParameterTemplate[];
 172
 173 /*
 174  * ASN class : DHParameterBlock
 175  * C struct  : NSS_DHParameterBlock
 176  */
 177 typedef struct {
 178         SecAsn1Oid              oid;                            // CSSMOID_PKCS3
 179         NSS_DHParameter params;
 180 } NSS_DHParameterBlock;
 181
 182 extern const SecAsn1Template kSecAsn1DHParameterBlockTemplate[];
 183
 184 /*
 185  * ASN class : DHPrivateKey
 186  * C struct  : NSS_DHPrivateKey
 187  */
 188 typedef struct {
 189         SecAsn1Oid              dhOid;                          // CSSMOID_DH
 190         NSS_DHParameter params;
 191         SecAsn1Item             secretPart;
 192 } NSS_DHPrivateKey;
 193
 194 extern const SecAsn1Template kSecAsn1DHPrivateKeyTemplate[];
 195
 196 /*
 197  * ANSI X9.42 style Diffie-Hellman keys.
 198  *
 199  * DomainParameters ::= SEQUENCE {  -- Galois field group parameters
 200  *   p         INTEGER,            -- odd prime, p = jq + 1
 201  *   g         INTEGER,            -- generator, g ^ q = 1 mod p
 202  *   q         INTEGER,            -- prime factor of p-1
 203  *   j         INTEGER  OPTIONAL,  -- cofactor, j >= 2
 204  *                                 -- required for cofactor method
 205  *   valParms  ValidationParms  OPTIONAL
 206  * }
 207  *
 208  * ValidationParms ::= SEQUENCE {
 209  *   seed           BIT STRING,  -- seed for prime number generation
 210  *   pGenCounter    INTEGER      -- parameter verification
 211  * }
 212  */
 213 typedef struct {
 214         SecAsn1Item             seed;                   // BIT STRING, length in bits
 215         SecAsn1Item             pGenCounter;
 216 } NSS_DHValidationParams;
 217
 218 typedef struct {
 219         SecAsn1Item                             p;
 220         SecAsn1Item                             g;
 221         SecAsn1Item                             q;
 222         SecAsn1Item                             j;                      // OPTIONAL
 223         NSS_DHValidationParams  *valParams;     // OPTIONAL
 224 } NSS_DHDomainParamsX942;
 225
 226 /* Custom X9.42 D-H AlgorithmIdentifier */
 227 typedef struct {
 228         SecAsn1Oid                              oid;            // CSSMOID_ANSI_DH_PUB_NUMBER
 229         NSS_DHDomainParamsX942  params;
 230 } NSS_DHAlgorithmIdentifierX942;
 231
 232 extern const SecAsn1Template kSecAsn1DHValidationParamsTemplate[];
 233 extern const SecAsn1Template kSecAsn1DHDomainParamsX942Template[];
 234 extern const SecAsn1Template kSecAsn1DHAlgorithmIdentifierX942Template[];
 235
 236 /* PKCS8 form of D-H private key using X9.42 domain parameters */
 237 typedef struct {
 238     SecAsn1Item                                                 version;
 239         NSS_DHAlgorithmIdentifierX942   algorithm;
 240         /* octet string containing DER-encoded integer */
 241         SecAsn1Item                                             privateKey;
 242     NSS_Attribute                                       **attributes;   // OPTIONAL
 243 } NSS_DHPrivateKeyPKCS8;
 244
 245 /* X509 form of D-H public key using X9.42 domain parameters */
 246 typedef struct {
 247         NSS_DHAlgorithmIdentifierX942   algorithm;
 248         /* bit string containing DER-encoded integer representing
 249          * raw public key */
 250         SecAsn1Item                                             publicKey;              // length in BITS
 251 } NSS_DHPublicKeyX509;
 252
 253 extern const SecAsn1Template kSecAsn1DHPrivateKeyPKCS8Template[];
 254 extern const SecAsn1Template kSecAsn1DHPublicKeyX509Template[];
 255
 256 // MARK: *** ECDSA ***
 257
 258 /*
 259  * ECDSA Private key as defined in section C.4 of Certicom SEC1.
 260  * The DER encoding of this is placed in the privateKey field
 261  * of a NSS_PrivateKeyInfo.
 262  */
 263 typedef struct {
 264     SecAsn1Item         version;
 265         SecAsn1Item             privateKey;
 266         SecAsn1Item             params;         /* optional, ANY */
 267         SecAsn1Item             pubKey;         /* BITSTRING, optional */
 268 } NSS_ECDSA_PrivateKey;
 269
 270 extern const SecAsn1Template kSecAsn1ECDSAPrivateKeyInfoTemplate[];
 271
 272 #ifdef  __cplusplus
 273 }
 274 #endif
 275
 276 #endif  /* _NSS_RSA_KEY_TEMPLATES_H_ */