X-Git-Url: https://git.saurik.com/apple/security.git/blobdiff_plain/5dd5f9ec28f304ca377c42fd7f711d6cf12b90e1..5c19dc3ae3bd8e40a9c028b0deddd50ff337692c:/OSX/include/security_asn1/osKeyTemplates.h diff --git a/OSX/include/security_asn1/osKeyTemplates.h b/OSX/include/security_asn1/osKeyTemplates.h new file mode 100644 index 00000000..2a018796 --- /dev/null +++ b/OSX/include/security_asn1/osKeyTemplates.h @@ -0,0 +1,208 @@ +/* + * Copyright (c) 2003-2006,2008,2010-2012 Apple Inc. All Rights Reserved. + * + * @APPLE_LICENSE_HEADER_START@ + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. + * + * The Original Code and all software distributed under the License are + * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER + * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, + * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. + * + * @APPLE_LICENSE_HEADER_END@ + */ +/* + * osKeyTemplate.h - ASN1 templates for openssl asymmetric keys + */ + +#ifndef _OS_KEY_TEMPLATES_H_ +#define _OS_KEY_TEMPLATES_H_ + +#include + +/* + * Arrays of SecAsn1Template are always associated with a specific + * C struct. We attempt to use C structs which are defined in CDSA + * if at all possible; these always start with the CSSM_ prefix. + * Otherwise we define the struct here, with an NSS_ prefix. + * In either case, the name of the C struct is listed in comments + * along with the extern declaration of the SecAsn1Template array. + */ + +#ifdef __cplusplus +extern "C" { +#endif + +/*** + *** Note: RSA and Diffie-Hellman keys and structs are in + *** security_asn1/keyTemplates.h. + ***/ + +// MARK: *** DSA *** + +/* + * Note that most of the DSA structs are hand rolled and are not + * expressed in ASN1 in any doc that I'm aware of. + */ + +/**** + **** DSA support + ****/ + +/* + * DSA algorithm parameters. Used in CDSA key generation context as + * well as the parameters in an X509-formatted DSA public key. + */ +typedef struct { + SecAsn1Item p; + SecAsn1Item q; + SecAsn1Item g; +} NSS_DSAAlgParams; + +extern const SecAsn1Template kSecAsn1DSAAlgParamsTemplate[]; + +/* + * DSA algorithm parameters, BSAFE style. Only used in FIPS186 format + * public and private keys. + */ +typedef struct { + SecAsn1Item keySizeInBits; + SecAsn1Item p; + SecAsn1Item q; + SecAsn1Item g; +} NSS_DSAAlgParamsBSAFE; + +extern const SecAsn1Template kSecAsn1DSAAlgParamsBSAFETemplate[]; + +/* + * DSA X509-style AlgorithmID. Avoids ASN_ANY processing via direct + * insertion of the appropriate parameters. + */ +typedef struct { + SecAsn1Oid algorithm; + NSS_DSAAlgParams *params; // optional +} NSS_DSAAlgorithmIdX509; + +extern const SecAsn1Template kSecAsn1DSAAlgorithmIdX509Template[]; + +/* + * DSA AlgorithmID, BSAFE style. Avoids ASN_ANY + * processing via direct insertion of the appropriate parameters. + */ +typedef struct { + SecAsn1Oid algorithm; + NSS_DSAAlgParamsBSAFE params; +} NSS_DSAAlgorithmIdBSAFE; + +extern const SecAsn1Template kSecAsn1DSAAlgorithmIdBSAFETemplate[]; + +/**** + **** DSA public keys + ****/ + +/* + * DSA public key, openssl/X509 format. + * + * The publicKey is actually the DER encoding of an ASN + * integer, wrapped in a BIT STRING. + */ +typedef struct { + NSS_DSAAlgorithmIdX509 dsaAlg; + SecAsn1Item publicKey; // BIT string - Length in bits +} NSS_DSAPublicKeyX509; + +extern const SecAsn1Template kSecAsn1DSAPublicKeyX509Template[]; + +/* + * DSA public key, BSAFE/FIPS186 format. + * The public key is the DER encoding of an ASN integer, wrapped + * in a bit string. + */ +typedef struct { + NSS_DSAAlgorithmIdBSAFE dsaAlg; + SecAsn1Item publicKey; // BIT string - Length in bits +} NSS_DSAPublicKeyBSAFE; + +extern const SecAsn1Template kSecAsn1DSAPublicKeyBSAFETemplate[]; + +/**** + **** DSA private keys + ****/ + +/* + * DSA Private key, openssl custom format. + */ +typedef struct { + SecAsn1Item version; + SecAsn1Item p; + SecAsn1Item q; + SecAsn1Item g; + SecAsn1Item pub; + SecAsn1Item priv; +} NSS_DSAPrivateKeyOpenssl; + +extern const SecAsn1Template kSecAsn1DSAPrivateKeyOpensslTemplate[]; + +/* + * DSA private key, BSAFE/FIPS186 style. + * This is basically a DSA-specific NSS_PrivateKeyInfo. + * + * NSS_DSAPrivateKeyBSAFE.privateKey is an octet string containing + * the DER encoding of this. + */ +typedef struct { + SecAsn1Item privateKey; +} NSS_DSAPrivateKeyOcts; + +extern const SecAsn1Template kSecAsn1DSAPrivateKeyOctsTemplate[]; + +typedef struct { + SecAsn1Item version; + NSS_DSAAlgorithmIdBSAFE dsaAlg; + /* octet string containing a DER-encoded NSS_DSAPrivateKeyOcts */ + SecAsn1Item privateKey; +} NSS_DSAPrivateKeyBSAFE; + +extern const SecAsn1Template kSecAsn1DSAPrivateKeyBSAFETemplate[]; + +/* + * DSA Private Key, PKCS8/SMIME style. Doesn't have keySizeInBits + * in the alg params; has version in the top-level struct; the + * private key itself is a DER-encoded integer wrapped in an + * octet string. + */ +typedef struct { + SecAsn1Item version; + NSS_DSAAlgorithmIdX509 dsaAlg; + /* octet string containing DER-encoded integer */ + SecAsn1Item privateKey; + NSS_Attribute **attributes; // optional +} NSS_DSAPrivateKeyPKCS8; + +extern const SecAsn1Template kSecAsn1DSAPrivateKeyPKCS8Template[]; + +/* + * DSA Signature. + */ +typedef struct { + SecAsn1Item r; + SecAsn1Item s; +} NSS_DSASignature; + +extern const SecAsn1Template kSecAsn1DSASignatureTemplate[]; + +#ifdef __cplusplus +} +#endif + + +#endif /* _OS_KEY_TEMPLATES_H_ */