OSX/sec/Security/SecOTRIdentityPriv.h

   1 /*
   2  * Copyright (c) 2011-2014 Apple Inc. All Rights Reserved.
   3  *
   4  * @APPLE_LICENSE_HEADER_START@
   5  *
   6  * This file contains Original Code and/or Modifications of Original Code
   7  * as defined in and that are subject to the Apple Public Source License
   8  * Version 2.0 (the 'License'). You may not use this file except in
   9  * compliance with the License. Please obtain a copy of the License at
  10  * http://www.opensource.apple.com/apsl/ and read it before using this
  11  * file.
  12  *
  13  * The Original Code and all software distributed under the License are
  14  * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
  15  * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
  16  * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
  17  * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
  18  * Please see the License for the specific language governing rights and
  19  * limitations under the License.
  20  *
  21  * @APPLE_LICENSE_HEADER_END@
  22  */
  23
  24
  25 #ifndef _SECOTRIDENTITYPRIV_H_
  26
  27 #include <CoreFoundation/CFRuntime.h>
  28 #include <CoreFoundation/CFData.h>
  29
  30 #include <Security/SecKey.h>
  31
  32 #include <Security/oidsalg.h>
  33
  34 #include <CommonCrypto/CommonDigest.h> // DIGEST_LENGTH
  35 #include <Security/SecOTR.h>
  36
  37 __BEGIN_DECLS
  38
  39 // OAEP Padding, uses lots of space. Might need this to be data
  40 // Driven when we support more key types.
  41 #define kPaddingOverhead (2 + 2 * CC_SHA1_DIGEST_LENGTH + 1)
  42
  43 //
  44 // Identity opaque structs
  45 //
  46
  47 #define kMPIDHashSize   CC_SHA1_DIGEST_LENGTH
  48
  49 struct _SecOTRFullIdentity {
  50     CFRuntimeBase _base;
  51
  52     SecKeyRef   publicSigningKey;
  53     SecKeyRef   privateSigningKey;
  54     CFDataRef   privateKeyPersistentRef;
  55
  56     uint8_t     publicIDHash[kMPIDHashSize];
  57 };
  58
  59
  60 struct _SecOTRPublicIdentity {
  61     CFRuntimeBase _base;
  62
  63     SecKeyRef   publicSigningKey;
  64
  65     bool        wantsHashes;
  66
  67     uint8_t     hash[kMPIDHashSize];
  68 };
  69
  70 enum SecOTRError {
  71     secOTRErrorLocal,
  72     secOTRErrorOSError,
  73 };
  74
  75 extern const SecAsn1AlgId *kOTRSignatureAlgIDPtr;
  76 void EnsureOTRAlgIDInited(void);
  77
  78 // Private functions for Public and Full IDs
  79
  80 bool SecOTRFIAppendSignature(SecOTRFullIdentityRef fullID,
  81                                 CFDataRef dataToHash,
  82                                 CFMutableDataRef appendTo,
  83                                 CFErrorRef *error);
  84
  85 void SecOTRFIAppendPublicHash(SecOTRFullIdentityRef fullID, CFMutableDataRef appendTo);
  86 bool SecOTRFIComparePublicHash(SecOTRFullIdentityRef fullID, const uint8_t hash[kMPIDHashSize]);
  87
  88 size_t SecOTRFISignatureSize(SecOTRFullIdentityRef privateID);
  89
  90 bool SecOTRFICompareToPublicKey(SecOTRFullIdentityRef fullID, SecKeyRef publicKey);
  91
  92 bool SecOTRPIVerifySignature(SecOTRPublicIdentityRef publicID,
  93                                 const uint8_t *dataToHash, size_t amountToHash,
  94                                 const uint8_t *signatureStart, size_t signatureSize, CFErrorRef *error);
  95
  96 bool SecOTRPIEqualToBytes(SecOTRPublicIdentityRef id, const uint8_t*bytes, CFIndex size);
  97 bool SecOTRPIEqual(SecOTRPublicIdentityRef left, SecOTRPublicIdentityRef right);
  98
  99 size_t SecOTRPISignatureSize(SecOTRPublicIdentityRef publicID);
 100
 101 void SecOTRPICopyHash(SecOTRPublicIdentityRef publicID, uint8_t hash[kMPIDHashSize]);
 102 void SecOTRPIAppendHash(SecOTRPublicIdentityRef publicID, CFMutableDataRef appendTo);
 103
 104 bool SecOTRPICompareHash(SecOTRPublicIdentityRef publicID, const uint8_t hash[kMPIDHashSize]);
 105
 106 bool SecOTRPICompareToPublicKey(SecOTRPublicIdentityRef publicID, SecKeyRef publicKey);
 107
 108
 109 // Utility streaming functions
 110 OSStatus insertSize(CFIndex size, uint8_t* here);
 111 OSStatus appendSize(CFIndex size, CFMutableDataRef into);
 112 OSStatus readSize(const uint8_t** data, size_t* limit, uint16_t* size);
 113
 114 OSStatus appendPublicOctets(SecKeyRef fromKey, CFMutableDataRef appendTo);
 115 OSStatus appendPublicOctetsAndSize(SecKeyRef fromKey, CFMutableDataRef appendTo);
 116 OSStatus appendSizeAndData(CFDataRef data, CFMutableDataRef appendTo);
 117
 118 SecKeyRef CreateECPublicKeyFrom(CFAllocatorRef allocator, const uint8_t** data, size_t* limit);
 119
 120 bool SecOTRCreateError(enum SecOTRError family, CFIndex errorCode, CFStringRef descriptionString, CFErrorRef previousError, CFErrorRef *newError);
 121
 122 __END_DECLS
 123
 124 #endif