PageRenderTime 84ms CodeModel.GetById 41ms app.highlight 12ms RepoModel.GetById 28ms app.codeStats 0ms

/gecko_api/include/keyhi.h

http://firefox-mac-pdf.googlecode.com/
C++ Header | 311 lines | 93 code | 51 blank | 167 comment | 2 complexity | ed5d3b1304ec259d4a170a4e8105419a MD5 | raw file
  1/* ***** BEGIN LICENSE BLOCK *****
  2 * Version: MPL 1.1/GPL 2.0/LGPL 2.1
  3 *
  4 * The contents of this file are subject to the Mozilla Public License Version
  5 * 1.1 (the "License"); you may not use this file except in compliance with
  6 * the License. You may obtain a copy of the License at
  7 * http://www.mozilla.org/MPL/
  8 *
  9 * Software distributed under the License is distributed on an "AS IS" basis,
 10 * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
 11 * for the specific language governing rights and limitations under the
 12 * License.
 13 *
 14 * The Original Code is the Netscape security libraries.
 15 *
 16 * The Initial Developer of the Original Code is
 17 * Netscape Communications Corporation.
 18 * Portions created by the Initial Developer are Copyright (C) 1994-2000
 19 * the Initial Developer. All Rights Reserved.
 20 *
 21 * Contributor(s):
 22 *   Dr Stephen Henson <stephen.henson@gemplus.com>
 23 *   Dr Vipul Gupta <vipul.gupta@sun.com>, Sun Microsystems Laboratories
 24 *
 25 * Alternatively, the contents of this file may be used under the terms of
 26 * either the GNU General Public License Version 2 or later (the "GPL"), or
 27 * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
 28 * in which case the provisions of the GPL or the LGPL are applicable instead
 29 * of those above. If you wish to allow use of your version of this file only
 30 * under the terms of either the GPL or the LGPL, and not to allow others to
 31 * use your version of this file under the terms of the MPL, indicate your
 32 * decision by deleting the provisions above and replace them with the notice
 33 * and other provisions required by the GPL or the LGPL. If you do not delete
 34 * the provisions above, a recipient may use your version of this file under
 35 * the terms of any one of the MPL, the GPL or the LGPL.
 36 *
 37 * ***** END LICENSE BLOCK ***** */
 38/* $Id: keyhi.h,v 1.16 2006/05/31 23:54:51 wtchang%redhat.com Exp $ */
 39
 40#ifndef _KEYHI_H_
 41#define _KEYHI_H_
 42
 43#include "plarena.h"
 44
 45#include "seccomon.h"
 46#include "secoidt.h"
 47#include "secdert.h"
 48#include "keythi.h"
 49#include "certt.h"
 50/*#include "secpkcs5.h" */
 51
 52SEC_BEGIN_PROTOS
 53
 54
 55/*
 56** Destroy a subject-public-key-info object.
 57*/
 58extern void SECKEY_DestroySubjectPublicKeyInfo(CERTSubjectPublicKeyInfo *spki);
 59
 60/*
 61** Copy subject-public-key-info "src" to "dst". "dst" is filled in
 62** appropriately (memory is allocated for each of the sub objects).
 63*/
 64extern SECStatus SECKEY_CopySubjectPublicKeyInfo(PRArenaPool *arena,
 65					     CERTSubjectPublicKeyInfo *dst,
 66					     CERTSubjectPublicKeyInfo *src);
 67
 68/*
 69** Update the PQG parameters for a cert's public key.
 70** Only done for DSA and Fortezza certs
 71*/
 72extern SECStatus
 73SECKEY_UpdateCertPQG(CERTCertificate * subjectCert);
 74
 75
 76/* Compare the KEA parameters of two public keys.  
 77 * Only used by fortezza.      */
 78
 79extern SECStatus
 80SECKEY_KEAParamCompare(CERTCertificate *cert1,CERTCertificate *cert2);
 81
 82/*
 83** Return the strength of the public key in bytes
 84*/
 85extern unsigned SECKEY_PublicKeyStrength(const SECKEYPublicKey *pubk);
 86
 87/*
 88** Return the strength of the public key in bits
 89*/
 90extern unsigned SECKEY_PublicKeyStrengthInBits(const SECKEYPublicKey *pubk);
 91
 92/*
 93** Return the length of the signature in bytes
 94*/
 95extern unsigned SECKEY_SignatureLen(const SECKEYPublicKey *pubk);
 96
 97/*
 98** Make a copy of the private key "privKey"
 99*/
100extern SECKEYPrivateKey *SECKEY_CopyPrivateKey(const SECKEYPrivateKey *privKey);
101
102/*
103** Make a copy of the public key "pubKey"
104*/
105extern SECKEYPublicKey *SECKEY_CopyPublicKey(const SECKEYPublicKey *pubKey);
106
107/*
108** Convert a private key "privateKey" into a public key
109*/
110extern SECKEYPublicKey *SECKEY_ConvertToPublicKey(SECKEYPrivateKey *privateKey);
111
112/*
113 * create a new RSA key pair. The private Key is returned...
114 */
115SECKEYPrivateKey *SECKEY_CreateRSAPrivateKey(int keySizeInBits,
116					   SECKEYPublicKey **pubk, void *cx);
117	
118/*
119 * create a new DH key pair. The private Key is returned...
120 */
121SECKEYPrivateKey *SECKEY_CreateDHPrivateKey(SECKEYDHParams *param,
122					   SECKEYPublicKey **pubk, void *cx);
123
124/*
125 * create a new EC key pair. The private Key is returned...
126 */
127SECKEYPrivateKey *SECKEY_CreateECPrivateKey(SECKEYECParams *param,
128                                           SECKEYPublicKey **pubk, void *cx);
129
130/*
131** Create a subject-public-key-info based on a public key.
132*/
133extern CERTSubjectPublicKeyInfo *
134SECKEY_CreateSubjectPublicKeyInfo(SECKEYPublicKey *k);
135
136/*
137** Decode a DER encoded public key into an SECKEYPublicKey structure.
138*/
139extern SECKEYPublicKey *SECKEY_DecodeDERPublicKey(SECItem *pubkder);
140
141/*
142** Convert a base64 ascii encoded DER public key to our internal format.
143*/
144extern SECKEYPublicKey *SECKEY_ConvertAndDecodePublicKey(char *pubkstr);
145
146/*
147** Convert a base64 ascii encoded DER public key and challenge to spki,
148** and verify the signature and challenge data are correct
149*/
150extern CERTSubjectPublicKeyInfo *
151SECKEY_ConvertAndDecodePublicKeyAndChallenge(char *pkacstr, char *challenge,
152								void *cx);
153
154/*
155** Encode a  CERTSubjectPublicKeyInfo structure. into a
156** DER encoded subject public key info. 
157*/
158SECItem *
159SECKEY_EncodeDERSubjectPublicKeyInfo(SECKEYPublicKey *pubk);
160
161/*
162** Decode a DER encoded subject public key info into a
163** CERTSubjectPublicKeyInfo structure.
164*/
165extern CERTSubjectPublicKeyInfo *
166SECKEY_DecodeDERSubjectPublicKeyInfo(SECItem *spkider);
167
168/*
169** Convert a base64 ascii encoded DER subject public key info to our
170** internal format.
171*/
172extern CERTSubjectPublicKeyInfo *
173SECKEY_ConvertAndDecodeSubjectPublicKeyInfo(char *spkistr);
174
175/*
176 * extract the public key from a subject Public Key info structure.
177 * (used by JSS).
178 */
179extern SECKEYPublicKey *
180SECKEY_ExtractPublicKey(CERTSubjectPublicKeyInfo *);
181
182/*
183** Destroy a private key object.
184**	"key" the object
185*/
186extern void SECKEY_DestroyPrivateKey(SECKEYPrivateKey *key);
187
188
189/*
190** Destroy a public key object.
191**	"key" the object
192*/
193extern void SECKEY_DestroyPublicKey(SECKEYPublicKey *key);
194
195/* Destroy and zero out a private key info structure.  for now this
196 * function zero's out memory allocated in an arena for the key 
197 * since PORT_FreeArena does not currently do this.  
198 *
199 * NOTE -- If a private key info is allocated in an arena, one should 
200 * not call this function with freeit = PR_FALSE.  The function should 
201 * destroy the arena.  
202 */
203extern void
204SECKEY_DestroyPrivateKeyInfo(SECKEYPrivateKeyInfo *pvk, PRBool freeit);
205
206/* Destroy and zero out an encrypted private key info.
207 *
208 * NOTE -- If a encrypted private key info is allocated in an arena, one should 
209 * not call this function with freeit = PR_FALSE.  The function should 
210 * destroy the arena.  
211 */
212extern void
213SECKEY_DestroyEncryptedPrivateKeyInfo(SECKEYEncryptedPrivateKeyInfo *epki,
214				      PRBool freeit);
215
216/* Copy private key info structure.  
217 *  poolp is the arena into which the contents of from is to be copied.
218 *	NULL is a valid entry.
219 *  to is the destination private key info
220 *  from is the source private key info
221 * if either from or to is NULL or an error occurs, SECFailure is 
222 * returned.  otherwise, SECSuccess is returned.
223 */
224extern SECStatus
225SECKEY_CopyPrivateKeyInfo(PRArenaPool *poolp,
226			  SECKEYPrivateKeyInfo *to,
227			  SECKEYPrivateKeyInfo *from);
228
229extern SECStatus
230SECKEY_CacheStaticFlags(SECKEYPrivateKey* key);
231
232/* Copy encrypted private key info structure.  
233 *  poolp is the arena into which the contents of from is to be copied.
234 *	NULL is a valid entry.
235 *  to is the destination encrypted private key info
236 *  from is the source encrypted private key info
237 * if either from or to is NULL or an error occurs, SECFailure is 
238 * returned.  otherwise, SECSuccess is returned.
239 */
240extern SECStatus
241SECKEY_CopyEncryptedPrivateKeyInfo(PRArenaPool *poolp,
242				   SECKEYEncryptedPrivateKeyInfo *to,
243				   SECKEYEncryptedPrivateKeyInfo *from);
244/*
245 * Accessor functions for key type of public and private keys.
246 */
247KeyType SECKEY_GetPrivateKeyType(SECKEYPrivateKey *privKey);
248KeyType SECKEY_GetPublicKeyType(SECKEYPublicKey *pubKey);
249
250/*
251 * Creates a PublicKey from its DER encoding.
252 * Currently only supports RSA and DSA keys.
253 */
254SECKEYPublicKey*
255SECKEY_ImportDERPublicKey(SECItem *derKey, CK_KEY_TYPE type);
256
257SECKEYPrivateKeyList*
258SECKEY_NewPrivateKeyList(void);
259
260void
261SECKEY_DestroyPrivateKeyList(SECKEYPrivateKeyList *keys);
262
263void
264SECKEY_RemovePrivateKeyListNode(SECKEYPrivateKeyListNode *node);
265
266SECStatus
267SECKEY_AddPrivateKeyToListTail( SECKEYPrivateKeyList *list,
268                                SECKEYPrivateKey *key);
269
270#define PRIVKEY_LIST_HEAD(l) ((SECKEYPrivateKeyListNode*)PR_LIST_HEAD(&l->list))
271#define PRIVKEY_LIST_NEXT(n) ((SECKEYPrivateKeyListNode *)n->links.next)
272#define PRIVKEY_LIST_END(n,l) (((void *)n) == ((void *)&l->list))
273
274SECKEYPublicKeyList*
275SECKEY_NewPublicKeyList(void);
276
277void
278SECKEY_DestroyPublicKeyList(SECKEYPublicKeyList *keys);
279
280void
281SECKEY_RemovePublicKeyListNode(SECKEYPublicKeyListNode *node);
282
283SECStatus
284SECKEY_AddPublicKeyToListTail( SECKEYPublicKeyList *list,
285                                SECKEYPublicKey *key);
286
287#define PUBKEY_LIST_HEAD(l) ((SECKEYPublicKeyListNode*)PR_LIST_HEAD(&l->list))
288#define PUBKEY_LIST_NEXT(n) ((SECKEYPublicKeyListNode *)n->links.next)
289#define PUBKEY_LIST_END(n,l) (((void *)n) == ((void *)&l->list))
290
291/*
292 * Length in bits of the EC's field size.  This is also the length of
293 * the x and y coordinates of EC points, such as EC public keys and
294 * base points.
295 *
296 * Return 0 on failure (unknown EC domain parameters).
297 */
298extern int SECKEY_ECParamsToKeySize(const SECItem *params);
299
300/*
301 * Length in bits of the EC base point order, usually denoted n.  This
302 * is also the length of EC private keys and ECDSA signature components
303 * r and s.
304 *
305 * Return 0 on failure (unknown EC domain parameters).
306 */
307extern int SECKEY_ECParamsToBasePointOrderLen(const SECItem *params);
308
309SEC_END_PROTOS
310
311#endif /* _KEYHI_H_ */