libsecurity_cryptkit/lib/CryptKitDER.h

   1 /*
   2  * CryptKitDER.h - snacc-based routines to create and parse DER-encoded FEE
   3  *                                 keys and signatures
   4  *
   5  * Created 3/12/2001 by dmitch.
   6  */
   7
   8 #ifndef _CRYPTKIT_DER_H_
   9 #define _CRYPTKIT_DER_H_
  10
  11 #include <security_cryptkit/ckconfig.h>
  12
  13 #if     CRYPTKIT_DER_ENABLE
  14
  15 #include <security_cryptkit/feeTypes.h>
  16 #include <security_cryptkit/feePublicKey.h>
  17 #include <security_cryptkit/giantIntegers.h>
  18 #include <security_cryptkit/falloc.h>
  19 #include <security_cryptkit/curveParams.h>
  20
  21 #ifdef  __cplusplus
  22 extern "C" {
  23 #endif
  24
  25 /*
  26  * Encode/decode the two FEE signature types. We malloc returned data via
  27  * falloc(); caller must free via ffree().
  28  */
  29 feeReturn feeDEREncodeElGamalSignature(
  30         giant                   u,
  31         giant                   PmX,
  32         unsigned char   **encodedSig,           // fallocd and RETURNED
  33         unsigned                *encodedSigLen);        // RETURNED
  34
  35 feeReturn feeDEREncodeECDSASignature(
  36         giant                   c,
  37         giant                   d,
  38         unsigned char   **encodedSig,           // fallocd and RETURNED
  39         unsigned                *encodedSigLen);        // RETURNED
  40
  41 feeReturn feeDERDecodeElGamalSignature(
  42         const unsigned char     *encodedSig,
  43         size_t                  encodedSigLen,
  44         giant                   *u,                                     // newGiant'd and RETURNED
  45         giant                   *PmX);                          // newGiant'd and RETURNED
  46
  47 feeReturn feeDERDecodeECDSASignature(
  48         const unsigned char     *encodedSig,
  49         size_t                  encodedSigLen,
  50         giant                   *c,                                     // newGiant'd and RETURNED
  51         giant                   *d);                            // newGiant'd and RETURNED
  52
  53 /*
  54  * Encode/decode the FEE private and public keys. We malloc returned data via
  55  * falloc(); caller must free via ffree().
  56  * These use a DER format which is custom to this module.
  57  */
  58 feeReturn feeDEREncodePublicKey(
  59         int                     version,
  60         const curveParams       *cp,
  61         giant                   plusX,
  62         giant                   minusX,
  63         giant                   plusY,                  // may be NULL
  64         unsigned char   **keyBlob,              // fmallocd and RETURNED
  65         unsigned                *keyBlobLen);           // RETURNED
  66
  67 feeReturn feeDEREncodePrivateKey(
  68         int                             version,
  69         const curveParams       *cp,
  70         const giant             privData,
  71         unsigned char   **keyBlob,              // fmallocd and RETURNED
  72         unsigned                *keyBlobLen);   // RETURNED
  73
  74 feeReturn feeDERDecodePublicKey(
  75         const unsigned char     *keyBlob,
  76         unsigned                keyBlobLen,
  77         int                             *version,               // this and remainder RETURNED
  78         curveParams             **cp,
  79         giant                   *plusX,
  80         giant                   *minusX,
  81         giant                   *plusY);                // always valid, may be (giant)0
  82
  83 feeReturn feeDERDecodePrivateKey(
  84         const unsigned char     *keyBlob,
  85         unsigned                keyBlobLen,
  86         int                             *version,               // this and remainder RETURNED
  87         curveParams             **cp,
  88         giant                   *privData);             // RETURNED
  89
  90 /* obtain the max size of a DER-encoded signature (either ElGamal or ECDSA) */
  91 unsigned feeSizeOfDERSig(
  92         giant g1,
  93         giant g2);
  94
  95 /*
  96  * Encode/decode public key in X.509 format.
  97  */
  98 feeReturn feeDEREncodeX509PublicKey(
  99         const unsigned char     *pubBlob,               /* x and y octet string */
 100         unsigned                        pubBlobLen,
 101         curveParams                     *cp,
 102         unsigned char           **x509Blob,             /* fmallocd and RETURNED */
 103         unsigned                        *x509BlobLen);  /* RETURNED */
 104
 105 feeReturn feeDERDecodeX509PublicKey(
 106         const unsigned char     *x509Blob,
 107         unsigned                        x509BlobLen,
 108         feeDepth                        *depth,                 /* RETURNED */
 109         unsigned char           **pubBlob,              /* x and y octet string RETURNED */
 110         unsigned                        *pubBlobLen);   /* RETURNED */
 111
 112 /*
 113  * Encode private, and decode private or public key, in unencrypted OpenSSL format.
 114  */
 115 feeReturn feeDEREncodeOpenSSLPrivateKey(
 116         const unsigned char     *privBlob,              /* private data octet string */
 117         unsigned                        privBlobLen,
 118         const unsigned char *pubBlob,           /* public key, optional */
 119         unsigned                        pubBlobLen,
 120         curveParams                     *cp,
 121         unsigned char           **openBlob,             /* fmallocd and RETURNED */
 122         unsigned                        *openBlobLen);  /* RETURNED */
 123
 124 feeReturn feeDERDecodeOpenSSLKey(
 125         const unsigned char     *osBlob,
 126         unsigned                        osBlobLen,
 127         feeDepth                        *depth,                 /* RETURNED */
 128         unsigned char           **privBlob,             /* private data octet string RETURNED */
 129         unsigned                        *privBlobLen,   /* RETURNED */
 130         unsigned char           **pubBlob,              /* public data octet string optionally RETURNED */
 131         unsigned                        *pubBlobLen);
 132
 133 /*
 134  * Encode/decode private key in unencrypted PKCS8 format.
 135  */
 136 feeReturn feeDEREncodePKCS8PrivateKey(
 137         const unsigned char     *privBlob,              /* private data octet string */
 138         unsigned                        privBlobLen,
 139         const unsigned char     *pubBlob,               /* public blob, optional */
 140         unsigned                        pubBlobLen,
 141         curveParams                     *cp,
 142         unsigned char           **pkcs8Blob,    /* fmallocd and RETURNED */
 143         unsigned                        *pkcs8BlobLen); /* RETURNED */
 144
 145 feeReturn feeDERDecodePKCS8PrivateKey(
 146         const unsigned char     *pkcs8Blob,
 147         unsigned                        pkcs8BlobLen,
 148         feeDepth                        *depth,                 /* RETURNED */
 149         unsigned char           **privBlob,             /* private data octet string RETURNED */
 150         unsigned                        *privBlobLen,   /* RETURNED */
 151         unsigned char           **pubBlob,              /* optionally returned, if it's there */
 152         unsigned                        *pubBlobLen);
 153
 154
 155 #ifdef  __cplusplus
 156 }
 157 #endif
 158
 159 #endif  /* CRYPTKIT_DER_ENABLE */
 160 #endif  /* _CRYPTKIT_DER_H_ */
 161
 162