OSX/libsecurity_cryptkit/lib/CryptKitDER.h

   1 /*
   2  * Copyright (c) 2001,2011,2014 Apple Inc. All Rights Reserved.
   3  *
   4  * @APPLE_LICENSE_HEADER_START@
   5  *
   6  * This file contains Original Code and/or Modifications of Original Code
   7  * as defined in and that are subject to the Apple Public Source License
   8  * Version 2.0 (the 'License'). You may not use this file except in
   9  * compliance with the License. Please obtain a copy of the License at
  10  * http://www.opensource.apple.com/apsl/ and read it before using this
  11  * file.
  12  *
  13  * The Original Code and all software distributed under the License are
  14  * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
  15  * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
  16  * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
  17  * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
  18  * Please see the License for the specific language governing rights and
  19  * limitations under the License.
  20  *
  21  * @APPLE_LICENSE_HEADER_END@
  22  */
  23
  24
  25 #ifndef _CRYPTKIT_DER_H_
  26 #define _CRYPTKIT_DER_H_
  27
  28 #include <security_cryptkit/ckconfig.h>
  29
  30 #if     CRYPTKIT_DER_ENABLE
  31
  32 #include <security_cryptkit/feeTypes.h>
  33 #include <security_cryptkit/feePublicKey.h>
  34 #include <security_cryptkit/giantIntegers.h>
  35 #include <security_cryptkit/falloc.h>
  36 #include <security_cryptkit/curveParams.h>
  37
  38 #ifdef  __cplusplus
  39 extern "C" {
  40 #endif
  41
  42 /*
  43  * Encode/decode the two FEE signature types. We malloc returned data via
  44  * falloc(); caller must free via ffree().
  45  */
  46 feeReturn feeDEREncodeElGamalSignature(
  47         giant                   u,
  48         giant                   PmX,
  49         unsigned char   **encodedSig,           // fallocd and RETURNED
  50         unsigned                *encodedSigLen);        // RETURNED
  51
  52 feeReturn feeDEREncodeECDSASignature(
  53         giant                   c,
  54         giant                   d,
  55         unsigned char   **encodedSig,           // fallocd and RETURNED
  56         unsigned                *encodedSigLen);        // RETURNED
  57
  58 feeReturn feeDERDecodeElGamalSignature(
  59         const unsigned char     *encodedSig,
  60         size_t                  encodedSigLen,
  61         giant                   *u,                                     // newGiant'd and RETURNED
  62         giant                   *PmX);                          // newGiant'd and RETURNED
  63
  64 feeReturn feeDERDecodeECDSASignature(
  65         const unsigned char     *encodedSig,
  66         size_t                  encodedSigLen,
  67         giant                   *c,                                     // newGiant'd and RETURNED
  68         giant                   *d);                            // newGiant'd and RETURNED
  69
  70 /*
  71  * RAW format for ECDSA signatures
  72  */
  73 feeReturn feeRAWEncodeECDSASignature(
  74     unsigned        groupBytesLen,
  75     giant                       c,
  76     giant                       d,
  77     unsigned char       **encodedSig,           // fallocd and RETURNED
  78     unsigned            *encodedSigLen);        // RETURNED
  79
  80 feeReturn feeRAWDecodeECDSASignature(
  81     unsigned        groupBytesLen,
  82     const unsigned char *encodedSig,
  83     size_t                      encodedSigLen,
  84     giant                       *c,                                     // newGiant'd and RETURNED
  85     giant                       *d);                            // newGiant'd and RETURNED
  86
  87
  88
  89 /*
  90  * Encode/decode the FEE private and public keys. We malloc returned data via
  91  * falloc(); caller must free via ffree().
  92  * These use a DER format which is custom to this module.
  93  */
  94 feeReturn feeDEREncodePublicKey(
  95         int                     version,
  96         const curveParams       *cp,
  97         giant                   plusX,
  98         giant                   minusX,
  99         giant                   plusY,                  // may be NULL
 100         unsigned char   **keyBlob,              // fmallocd and RETURNED
 101         unsigned                *keyBlobLen);           // RETURNED
 102
 103 feeReturn feeDEREncodePrivateKey(
 104         int                             version,
 105         const curveParams       *cp,
 106         const giant             privData,
 107         unsigned char   **keyBlob,              // fmallocd and RETURNED
 108         unsigned                *keyBlobLen);   // RETURNED
 109
 110 feeReturn feeDERDecodePublicKey(
 111         const unsigned char     *keyBlob,
 112         unsigned                keyBlobLen,
 113         int                             *version,               // this and remainder RETURNED
 114         curveParams             **cp,
 115         giant                   *plusX,
 116         giant                   *minusX,
 117         giant                   *plusY);                // always valid, may be (giant)0
 118
 119 feeReturn feeDERDecodePrivateKey(
 120         const unsigned char     *keyBlob,
 121         unsigned                keyBlobLen,
 122         int                             *version,               // this and remainder RETURNED
 123         curveParams             **cp,
 124         giant                   *privData);             // RETURNED
 125
 126 /* obtain the max size of a DER-encoded signature (either ElGamal or ECDSA) */
 127 unsigned feeSizeOfDERSig(
 128         giant g1,
 129         giant g2);
 130
 131 /*
 132  * Encode/decode public key in X.509 format.
 133  */
 134 feeReturn feeDEREncodeX509PublicKey(
 135         const unsigned char     *pubBlob,               /* x and y octet string */
 136         unsigned                        pubBlobLen,
 137         curveParams                     *cp,
 138         unsigned char           **x509Blob,             /* fmallocd and RETURNED */
 139         unsigned                        *x509BlobLen);  /* RETURNED */
 140
 141 feeReturn feeDERDecodeX509PublicKey(
 142         const unsigned char     *x509Blob,
 143         unsigned                        x509BlobLen,
 144         feeDepth                        *depth,                 /* RETURNED */
 145         unsigned char           **pubBlob,              /* x and y octet string RETURNED */
 146         unsigned                        *pubBlobLen);   /* RETURNED */
 147
 148 /*
 149  * Encode private, and decode private or public key, in unencrypted OpenSSL format.
 150  */
 151 feeReturn feeDEREncodeOpenSSLPrivateKey(
 152         const unsigned char     *privBlob,              /* private data octet string */
 153         unsigned                        privBlobLen,
 154         const unsigned char *pubBlob,           /* public key, optional */
 155         unsigned                        pubBlobLen,
 156         curveParams                     *cp,
 157         unsigned char           **openBlob,             /* fmallocd and RETURNED */
 158         unsigned                        *openBlobLen);  /* RETURNED */
 159
 160 feeReturn feeDERDecodeOpenSSLKey(
 161         const unsigned char     *osBlob,
 162         unsigned                        osBlobLen,
 163         feeDepth                        *depth,                 /* RETURNED */
 164         unsigned char           **privBlob,             /* private data octet string RETURNED */
 165         unsigned                        *privBlobLen,   /* RETURNED */
 166         unsigned char           **pubBlob,              /* public data octet string optionally RETURNED */
 167         unsigned                        *pubBlobLen);
 168
 169 /*
 170  * Encode/decode private key in unencrypted PKCS8 format.
 171  */
 172 feeReturn feeDEREncodePKCS8PrivateKey(
 173         const unsigned char     *privBlob,              /* private data octet string */
 174         unsigned                        privBlobLen,
 175         const unsigned char     *pubBlob,               /* public blob, optional */
 176         unsigned                        pubBlobLen,
 177         curveParams                     *cp,
 178         unsigned char           **pkcs8Blob,    /* fmallocd and RETURNED */
 179         unsigned                        *pkcs8BlobLen); /* RETURNED */
 180
 181 feeReturn feeDERDecodePKCS8PrivateKey(
 182         const unsigned char     *pkcs8Blob,
 183         unsigned                        pkcs8BlobLen,
 184         feeDepth                        *depth,                 /* RETURNED */
 185         unsigned char           **privBlob,             /* private data octet string RETURNED */
 186         unsigned                        *privBlobLen,   /* RETURNED */
 187         unsigned char           **pubBlob,              /* optionally returned, if it's there */
 188         unsigned                        *pubBlobLen);
 189
 190
 191 #ifdef  __cplusplus
 192 }
 193 #endif
 194
 195 #endif  /* CRYPTKIT_DER_ENABLE */
 196 #endif  /* _CRYPTKIT_DER_H_ */
 197
 198