OSX/libsecurity_cryptkit/lib/CryptKitDER.h

   1 /*
   2  * Copyright (c) 2001,2011,2014 Apple Inc. All Rights Reserved.
   3  *
   4  * @APPLE_LICENSE_HEADER_START@
   5  *
   6  * This file contains Original Code and/or Modifications of Original Code
   7  * as defined in and that are subject to the Apple Public Source License
   8  * Version 2.0 (the 'License'). You may not use this file except in
   9  * compliance with the License. Please obtain a copy of the License at
  10  * http://www.opensource.apple.com/apsl/ and read it before using this
  11  * file.
  12  *
  13  * The Original Code and all software distributed under the License are
  14  * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
  15  * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
  16  * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
  17  * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
  18  * Please see the License for the specific language governing rights and
  19  * limitations under the License.
  20  *
  21  * @APPLE_LICENSE_HEADER_END@
  22  */
  23
  24
  25 #ifndef _CRYPTKIT_DER_H_
  26 #define _CRYPTKIT_DER_H_
  27
  28 #include <security_cryptkit/ckconfig.h>
  29
  30 #include <security_cryptkit/feeTypes.h>
  31 #include <security_cryptkit/feePublicKey.h>
  32 #include <security_cryptkit/giantIntegers.h>
  33 #include <security_cryptkit/falloc.h>
  34 #include <security_cryptkit/curveParams.h>
  35
  36 #ifdef  __cplusplus
  37 extern "C" {
  38 #endif
  39
  40 /*
  41  * Encode/decode the two FEE signature types. We malloc returned data via
  42  * falloc(); caller must free via ffree().
  43  */
  44 feeReturn feeDEREncodeElGamalSignature(
  45         giant                   u,
  46         giant                   PmX,
  47         unsigned char   **encodedSig,           // fallocd and RETURNED
  48         unsigned                *encodedSigLen);        // RETURNED
  49
  50 feeReturn feeDEREncodeECDSASignature(
  51         giant                   c,
  52         giant                   d,
  53         unsigned char   **encodedSig,           // fallocd and RETURNED
  54         unsigned                *encodedSigLen);        // RETURNED
  55
  56 feeReturn feeDERDecodeElGamalSignature(
  57         const unsigned char     *encodedSig,
  58         size_t                  encodedSigLen,
  59         giant                   *u,                                     // newGiant'd and RETURNED
  60         giant                   *PmX);                          // newGiant'd and RETURNED
  61
  62 feeReturn feeDERDecodeECDSASignature(
  63         const unsigned char     *encodedSig,
  64         size_t                  encodedSigLen,
  65         giant                   *c,                                     // newGiant'd and RETURNED
  66         giant                   *d);                            // newGiant'd and RETURNED
  67
  68 /*
  69  * RAW format for ECDSA signatures
  70  */
  71 feeReturn feeRAWEncodeECDSASignature(
  72     unsigned        groupBytesLen,
  73     giant                       c,
  74     giant                       d,
  75     unsigned char       **encodedSig,           // fallocd and RETURNED
  76     unsigned            *encodedSigLen);        // RETURNED
  77
  78 feeReturn feeRAWDecodeECDSASignature(
  79     unsigned        groupBytesLen,
  80     const unsigned char *encodedSig,
  81     size_t                      encodedSigLen,
  82     giant                       *c,                                     // newGiant'd and RETURNED
  83     giant                       *d);                            // newGiant'd and RETURNED
  84
  85
  86
  87 /*
  88  * Encode/decode the FEE private and public keys. We malloc returned data via
  89  * falloc(); caller must free via ffree().
  90  * These use a DER format which is custom to this module.
  91  */
  92 feeReturn feeDEREncodePublicKey(
  93         int                     version,
  94         const curveParams       *cp,
  95         giant                   plusX,
  96         giant                   minusX,
  97         giant                   plusY,                  // may be NULL
  98         unsigned char   **keyBlob,              // fmallocd and RETURNED
  99         unsigned                *keyBlobLen);           // RETURNED
 100
 101 feeReturn feeDEREncodePrivateKey(
 102         int                             version,
 103         const curveParams       *cp,
 104         const giant             privData,
 105         unsigned char   **keyBlob,              // fmallocd and RETURNED
 106         unsigned                *keyBlobLen);   // RETURNED
 107
 108 feeReturn feeDERDecodePublicKey(
 109         const unsigned char     *keyBlob,
 110         unsigned                keyBlobLen,
 111         int                             *version,               // this and remainder RETURNED
 112         curveParams             **cp,
 113         giant                   *plusX,
 114         giant                   *minusX,
 115         giant                   *plusY);                // always valid, may be (giant)0
 116
 117 feeReturn feeDERDecodePrivateKey(
 118         const unsigned char     *keyBlob,
 119         unsigned                keyBlobLen,
 120         int                             *version,               // this and remainder RETURNED
 121         curveParams             **cp,
 122         giant                   *privData);             // RETURNED
 123
 124 /* obtain the max size of a DER-encoded signature (either ElGamal or ECDSA) */
 125 unsigned feeSizeOfDERSig(
 126         giant g1,
 127         giant g2);
 128
 129 /*
 130  * Encode/decode public key in X.509 format.
 131  */
 132 feeReturn feeDEREncodeX509PublicKey(
 133         const unsigned char     *pubBlob,               /* x and y octet string */
 134         unsigned                        pubBlobLen,
 135         curveParams                     *cp,
 136         unsigned char           **x509Blob,             /* fmallocd and RETURNED */
 137         unsigned                        *x509BlobLen);  /* RETURNED */
 138
 139 feeReturn feeDERDecodeX509PublicKey(
 140         const unsigned char     *x509Blob,
 141         unsigned                        x509BlobLen,
 142         feeDepth                        *depth,                 /* RETURNED */
 143         unsigned char           **pubBlob,              /* x and y octet string RETURNED */
 144         unsigned                        *pubBlobLen);   /* RETURNED */
 145
 146 /*
 147  * Encode private, and decode private or public key, in unencrypted OpenSSL format.
 148  */
 149 feeReturn feeDEREncodeOpenSSLPrivateKey(
 150         const unsigned char     *privBlob,              /* private data octet string */
 151         unsigned                        privBlobLen,
 152         const unsigned char *pubBlob,           /* public key, optional */
 153         unsigned                        pubBlobLen,
 154         curveParams                     *cp,
 155         unsigned char           **openBlob,             /* fmallocd and RETURNED */
 156         unsigned                        *openBlobLen);  /* RETURNED */
 157
 158 feeReturn feeDERDecodeOpenSSLKey(
 159         const unsigned char     *osBlob,
 160         unsigned                        osBlobLen,
 161         feeDepth                        *depth,                 /* RETURNED */
 162         unsigned char           **privBlob,             /* private data octet string RETURNED */
 163         unsigned                        *privBlobLen,   /* RETURNED */
 164         unsigned char           **pubBlob,              /* public data octet string optionally RETURNED */
 165         unsigned                        *pubBlobLen);
 166
 167 /*
 168  * Encode/decode private key in unencrypted PKCS8 format.
 169  */
 170 feeReturn feeDEREncodePKCS8PrivateKey(
 171         const unsigned char     *privBlob,              /* private data octet string */
 172         unsigned                        privBlobLen,
 173         const unsigned char     *pubBlob,               /* public blob, optional */
 174         unsigned                        pubBlobLen,
 175         curveParams                     *cp,
 176         unsigned char           **pkcs8Blob,    /* fmallocd and RETURNED */
 177         unsigned                        *pkcs8BlobLen); /* RETURNED */
 178
 179 feeReturn feeDERDecodePKCS8PrivateKey(
 180         const unsigned char     *pkcs8Blob,
 181         unsigned                        pkcs8BlobLen,
 182         feeDepth                        *depth,                 /* RETURNED */
 183         unsigned char           **privBlob,             /* private data octet string RETURNED */
 184         unsigned                        *privBlobLen,   /* RETURNED */
 185         unsigned char           **pubBlob,              /* optionally returned, if it's there */
 186         unsigned                        *pubBlobLen);
 187
 188
 189 #ifdef  __cplusplus
 190 }
 191 #endif
 192
 193 #endif  /* _CRYPTKIT_DER_H_ */
 194
 195