OLD | NEW |
| (Empty) |
1 /* This Source Code Form is subject to the terms of the Mozilla Public | |
2 * License, v. 2.0. If a copy of the MPL was not distributed with this | |
3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ | |
4 | |
5 #ifndef _KEYHI_H_ | |
6 #define _KEYHI_H_ | |
7 | |
8 #include "plarena.h" | |
9 | |
10 #include "seccomon.h" | |
11 #include "secoidt.h" | |
12 #include "secdert.h" | |
13 #include "keythi.h" | |
14 #include "certt.h" | |
15 /*#include "secpkcs5.h" */ | |
16 | |
17 SEC_BEGIN_PROTOS | |
18 | |
19 /* | |
20 ** Destroy a subject-public-key-info object. | |
21 */ | |
22 extern void SECKEY_DestroySubjectPublicKeyInfo(CERTSubjectPublicKeyInfo *spki); | |
23 | |
24 /* | |
25 ** Copy subject-public-key-info "src" to "dst". "dst" is filled in | |
26 ** appropriately (memory is allocated for each of the sub objects). | |
27 */ | |
28 extern SECStatus SECKEY_CopySubjectPublicKeyInfo(PLArenaPool *arena, | |
29 CERTSubjectPublicKeyInfo *dst, | |
30 CERTSubjectPublicKeyInfo *src); | |
31 | |
32 /* | |
33 ** Update the PQG parameters for a cert's public key. | |
34 ** Only done for DSA certs | |
35 */ | |
36 extern SECStatus | |
37 SECKEY_UpdateCertPQG(CERTCertificate *subjectCert); | |
38 | |
39 /* | |
40 ** Return the number of bits in the provided big integer. This assumes that the | |
41 ** SECItem contains a big-endian number and counts from the first non-zero bit. | |
42 */ | |
43 extern unsigned SECKEY_BigIntegerBitLength(const SECItem *number); | |
44 | |
45 /* | |
46 ** Return the strength of the public key in bytes | |
47 */ | |
48 extern unsigned SECKEY_PublicKeyStrength(const SECKEYPublicKey *pubk); | |
49 | |
50 /* | |
51 ** Return the strength of the public key in bits | |
52 */ | |
53 extern unsigned SECKEY_PublicKeyStrengthInBits(const SECKEYPublicKey *pubk); | |
54 | |
55 /* | |
56 ** Return the length of the signature in bytes | |
57 */ | |
58 extern unsigned SECKEY_SignatureLen(const SECKEYPublicKey *pubk); | |
59 | |
60 /* | |
61 ** Make a copy of the private key "privKey" | |
62 */ | |
63 extern SECKEYPrivateKey *SECKEY_CopyPrivateKey(const SECKEYPrivateKey *privKey); | |
64 | |
65 /* | |
66 ** Make a copy of the public key "pubKey" | |
67 */ | |
68 extern SECKEYPublicKey *SECKEY_CopyPublicKey(const SECKEYPublicKey *pubKey); | |
69 | |
70 /* | |
71 ** Convert a private key "privateKey" into a public key | |
72 */ | |
73 extern SECKEYPublicKey *SECKEY_ConvertToPublicKey(SECKEYPrivateKey *privateKey); | |
74 | |
75 /* | |
76 * create a new RSA key pair. The private Key is returned... | |
77 */ | |
78 SECKEYPrivateKey *SECKEY_CreateRSAPrivateKey(int keySizeInBits, | |
79 SECKEYPublicKey **pubk, void *cx); | |
80 | |
81 /* | |
82 * create a new DH key pair. The private Key is returned... | |
83 */ | |
84 SECKEYPrivateKey *SECKEY_CreateDHPrivateKey(SECKEYDHParams *param, | |
85 SECKEYPublicKey **pubk, void *cx); | |
86 | |
87 /* | |
88 * create a new EC key pair. The private Key is returned... | |
89 */ | |
90 SECKEYPrivateKey *SECKEY_CreateECPrivateKey(SECKEYECParams *param, | |
91 SECKEYPublicKey **pubk, void *cx); | |
92 | |
93 /* | |
94 ** Create a subject-public-key-info based on a public key. | |
95 */ | |
96 extern CERTSubjectPublicKeyInfo * | |
97 SECKEY_CreateSubjectPublicKeyInfo(const SECKEYPublicKey *k); | |
98 | |
99 /* | |
100 ** Convert a base64 ascii encoded DER public key and challenge to spki, | |
101 ** and verify the signature and challenge data are correct | |
102 */ | |
103 extern CERTSubjectPublicKeyInfo * | |
104 SECKEY_ConvertAndDecodePublicKeyAndChallenge(char *pkacstr, char *challenge, | |
105 void *cx); | |
106 | |
107 /* | |
108 ** Encode a CERTSubjectPublicKeyInfo structure. into a | |
109 ** DER encoded subject public key info. | |
110 */ | |
111 SECItem * | |
112 SECKEY_EncodeDERSubjectPublicKeyInfo(const SECKEYPublicKey *pubk); | |
113 | |
114 /* | |
115 ** Decode a DER encoded subject public key info into a | |
116 ** CERTSubjectPublicKeyInfo structure. | |
117 */ | |
118 extern CERTSubjectPublicKeyInfo * | |
119 SECKEY_DecodeDERSubjectPublicKeyInfo(const SECItem *spkider); | |
120 | |
121 /* | |
122 ** Convert a base64 ascii encoded DER subject public key info to our | |
123 ** internal format. | |
124 */ | |
125 extern CERTSubjectPublicKeyInfo * | |
126 SECKEY_ConvertAndDecodeSubjectPublicKeyInfo(const char *spkistr); | |
127 | |
128 /* | |
129 * extract the public key from a subject Public Key info structure. | |
130 * (used by JSS). | |
131 */ | |
132 extern SECKEYPublicKey * | |
133 SECKEY_ExtractPublicKey(const CERTSubjectPublicKeyInfo *); | |
134 | |
135 /* | |
136 ** Destroy a private key object. | |
137 ** "key" the object | |
138 */ | |
139 extern void SECKEY_DestroyPrivateKey(SECKEYPrivateKey *key); | |
140 | |
141 /* | |
142 ** Destroy a public key object. | |
143 ** "key" the object | |
144 */ | |
145 extern void SECKEY_DestroyPublicKey(SECKEYPublicKey *key); | |
146 | |
147 /* Destroy and zero out a private key info structure. for now this | |
148 * function zero's out memory allocated in an arena for the key | |
149 * since PORT_FreeArena does not currently do this. | |
150 * | |
151 * NOTE -- If a private key info is allocated in an arena, one should | |
152 * not call this function with freeit = PR_FALSE. The function should | |
153 * destroy the arena. | |
154 */ | |
155 extern void | |
156 SECKEY_DestroyPrivateKeyInfo(SECKEYPrivateKeyInfo *pvk, PRBool freeit); | |
157 | |
158 /* Destroy and zero out an encrypted private key info. | |
159 * | |
160 * NOTE -- If a encrypted private key info is allocated in an arena, one should | |
161 * not call this function with freeit = PR_FALSE. The function should | |
162 * destroy the arena. | |
163 */ | |
164 extern void | |
165 SECKEY_DestroyEncryptedPrivateKeyInfo(SECKEYEncryptedPrivateKeyInfo *epki, | |
166 PRBool freeit); | |
167 | |
168 /* Copy private key info structure. | |
169 * poolp is the arena into which the contents of from is to be copied. | |
170 * NULL is a valid entry. | |
171 * to is the destination private key info | |
172 * from is the source private key info | |
173 * if either from or to is NULL or an error occurs, SECFailure is | |
174 * returned. otherwise, SECSuccess is returned. | |
175 */ | |
176 extern SECStatus | |
177 SECKEY_CopyPrivateKeyInfo(PLArenaPool *poolp, | |
178 SECKEYPrivateKeyInfo *to, | |
179 const SECKEYPrivateKeyInfo *from); | |
180 | |
181 extern SECStatus | |
182 SECKEY_CacheStaticFlags(SECKEYPrivateKey *key); | |
183 | |
184 /* Copy encrypted private key info structure. | |
185 * poolp is the arena into which the contents of from is to be copied. | |
186 * NULL is a valid entry. | |
187 * to is the destination encrypted private key info | |
188 * from is the source encrypted private key info | |
189 * if either from or to is NULL or an error occurs, SECFailure is | |
190 * returned. otherwise, SECSuccess is returned. | |
191 */ | |
192 extern SECStatus | |
193 SECKEY_CopyEncryptedPrivateKeyInfo(PLArenaPool *poolp, | |
194 SECKEYEncryptedPrivateKeyInfo *to, | |
195 const SECKEYEncryptedPrivateKeyInfo *from); | |
196 /* | |
197 * Accessor functions for key type of public and private keys. | |
198 */ | |
199 KeyType SECKEY_GetPrivateKeyType(const SECKEYPrivateKey *privKey); | |
200 KeyType SECKEY_GetPublicKeyType(const SECKEYPublicKey *pubKey); | |
201 | |
202 /* | |
203 * Creates a PublicKey from its DER encoding. | |
204 * Currently only supports RSA, DSA, and DH keys. | |
205 */ | |
206 SECKEYPublicKey * | |
207 SECKEY_ImportDERPublicKey(const SECItem *derKey, CK_KEY_TYPE type); | |
208 | |
209 SECKEYPrivateKeyList * | |
210 SECKEY_NewPrivateKeyList(void); | |
211 | |
212 void | |
213 SECKEY_DestroyPrivateKeyList(SECKEYPrivateKeyList *keys); | |
214 | |
215 void | |
216 SECKEY_RemovePrivateKeyListNode(SECKEYPrivateKeyListNode *node); | |
217 | |
218 SECStatus | |
219 SECKEY_AddPrivateKeyToListTail(SECKEYPrivateKeyList *list, | |
220 SECKEYPrivateKey *key); | |
221 | |
222 #define PRIVKEY_LIST_HEAD(l) ((SECKEYPrivateKeyListNode *)PR_LIST_HEAD(&l->list)
) | |
223 #define PRIVKEY_LIST_NEXT(n) ((SECKEYPrivateKeyListNode *)n->links.next) | |
224 #define PRIVKEY_LIST_END(n, l) (((void *)n) == ((void *)&l->list)) | |
225 | |
226 SECKEYPublicKeyList * | |
227 SECKEY_NewPublicKeyList(void); | |
228 | |
229 void | |
230 SECKEY_DestroyPublicKeyList(SECKEYPublicKeyList *keys); | |
231 | |
232 void | |
233 SECKEY_RemovePublicKeyListNode(SECKEYPublicKeyListNode *node); | |
234 | |
235 SECStatus | |
236 SECKEY_AddPublicKeyToListTail(SECKEYPublicKeyList *list, | |
237 SECKEYPublicKey *key); | |
238 | |
239 #define PUBKEY_LIST_HEAD(l) ((SECKEYPublicKeyListNode *)PR_LIST_HEAD(&l->list)) | |
240 #define PUBKEY_LIST_NEXT(n) ((SECKEYPublicKeyListNode *)n->links.next) | |
241 #define PUBKEY_LIST_END(n, l) (((void *)n) == ((void *)&l->list)) | |
242 | |
243 /* | |
244 * Length in bits of the EC's field size. This is also the length of | |
245 * the x and y coordinates of EC points, such as EC public keys and | |
246 * base points. | |
247 * | |
248 * Return 0 on failure (unknown EC domain parameters). | |
249 */ | |
250 extern int SECKEY_ECParamsToKeySize(const SECItem *params); | |
251 | |
252 /* | |
253 * Length in bits of the EC base point order, usually denoted n. This | |
254 * is also the length of EC private keys and ECDSA signature components | |
255 * r and s. | |
256 * | |
257 * Return 0 on failure (unknown EC domain parameters). | |
258 */ | |
259 extern int SECKEY_ECParamsToBasePointOrderLen(const SECItem *params); | |
260 | |
261 /* | |
262 * Returns the object identifier of the curve, of the provided | |
263 * elliptic curve parameters structures. | |
264 * | |
265 * Return 0 on failure (unknown EC domain parameters). | |
266 */ | |
267 SECOidTag SECKEY_GetECCOid(const SECKEYECParams *params); | |
268 | |
269 SEC_END_PROTOS | |
270 | |
271 #endif /* _KEYHI_H_ */ | |
OLD | NEW |