keyhi.h source code [include/nss/keyhi.h]

1	/ This Source Code Form is subject to the terms of the Mozilla Public*
2	* License, v. 2.0. If a copy of the MPL was not distributed with this
3	* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
4
5	#ifndef _KEYHI_H_
6	#define _KEYHI_H_
7
8	#include "plarena.h"
9
10	#include "seccomon.h"
11	#include "secoidt.h"
12	#include "secdert.h"
13	#include "keythi.h"
14	#include "certt.h"
15	/#include "secpkcs5.h" /
16
17	SEC_BEGIN_PROTOS
18
19	/*
20	** Destroy a subject-public-key-info object.
21	*/
22	extern void SECKEY_DestroySubjectPublicKeyInfo(CERTSubjectPublicKeyInfo *spki);
23
24	/*
25	** Copy subject-public-key-info "src" to "dst". "dst" is filled in
26	** appropriately (memory is allocated for each of the sub objects).
27	*/
28	extern SECStatus SECKEY_CopySubjectPublicKeyInfo(PLArenaPool *arena,
29	CERTSubjectPublicKeyInfo *dst,
30	CERTSubjectPublicKeyInfo *src);
31
32	/*
33	** Update the PQG parameters for a cert's public key.
34	** Only done for DSA certs
35	*/
36	extern SECStatus
37	SECKEY_UpdateCertPQG(CERTCertificate *subjectCert);
38
39	/*
40	** Return the number of bits in the provided big integer. This assumes that the
41	** SECItem contains a big-endian number and counts from the first non-zero bit.
42	*/
43	extern unsigned SECKEY_BigIntegerBitLength(const SECItem *number);
44
45	/*
46	** Return the strength of the public key in bytes
47	*/
48	extern unsigned SECKEY_PublicKeyStrength(const SECKEYPublicKey *pubk);
49
50	/*
51	** Return the strength of the public key in bits
52	*/
53	extern unsigned SECKEY_PublicKeyStrengthInBits(const SECKEYPublicKey *pubk);
54
55	/*
56	** Return the strength of the private key in bits
57	*/
58	extern unsigned SECKEY_PrivateKeyStrengthInBits(const SECKEYPrivateKey *privk);
59
60	/*
61	** Return the length of the signature in bytes
62	*/
63	extern unsigned SECKEY_SignatureLen(const SECKEYPublicKey *pubk);
64
65	/*
66	** Make a copy of the private key "privKey"
67	*/
68	extern SECKEYPrivateKey SECKEY_CopyPrivateKey(const* SECKEYPrivateKey *privKey);
69
70	/*
71	** Make a copy of the public key "pubKey"
72	*/
73	extern SECKEYPublicKey SECKEY_CopyPublicKey(const* SECKEYPublicKey *pubKey);
74
75	/*
76	** Convert a private key "privateKey" into a public key
77	*/
78	extern SECKEYPublicKey SECKEY_ConvertToPublicKey(SECKEYPrivateKey privateKey);
79
80	/*
81	* create a new RSA key pair. The private Key is returned...
82	*/
83	SECKEYPrivateKey SECKEY_CreateRSAPrivateKey(int* keySizeInBits,
84	SECKEYPublicKey *pubk, void* *cx);
85
86	/*
87	* create a new DH key pair. The private Key is returned...
88	*/
89	SECKEYPrivateKey SECKEY_CreateDHPrivateKey(SECKEYDHParams param,
90	SECKEYPublicKey *pubk, void* *cx);
91
92	/*
93	* create a new EC key pair. The private Key is returned...
94	*/
95	SECKEYPrivateKey SECKEY_CreateECPrivateKey(SECKEYECParams param,
96	SECKEYPublicKey *pubk, void* *cx);
97
98	/*
99	** Create a subject-public-key-info based on a public key.
100	*/
101	extern CERTSubjectPublicKeyInfo *
102	SECKEY_CreateSubjectPublicKeyInfo(const SECKEYPublicKey *k);
103
104	/*
105	** Convert a base64 ascii encoded DER public key and challenge to spki,
106	** and verify the signature and challenge data are correct
107	*/
108	extern CERTSubjectPublicKeyInfo *
109	SECKEY_ConvertAndDecodePublicKeyAndChallenge(char pkacstr, char* *challenge,
110	void *cx);
111
112	/*
113	** Encode a CERTSubjectPublicKeyInfo structure. into a
114	** DER encoded subject public key info.
115	*/
116	SECItem *
117	SECKEY_EncodeDERSubjectPublicKeyInfo(const SECKEYPublicKey *pubk);
118
119	/*
120	** Decode a DER encoded subject public key info into a
121	** CERTSubjectPublicKeyInfo structure.
122	*/
123	extern CERTSubjectPublicKeyInfo *
124	SECKEY_DecodeDERSubjectPublicKeyInfo(const SECItem *spkider);
125
126	/*
127	** Convert a base64 ascii encoded DER subject public key info to our
128	** internal format.
129	*/
130	extern CERTSubjectPublicKeyInfo *
131	SECKEY_ConvertAndDecodeSubjectPublicKeyInfo(const char *spkistr);
132
133	/*
134	* extract the public key from a subject Public Key info structure.
135	* (used by JSS).
136	*/
137	extern SECKEYPublicKey *
138	SECKEY_ExtractPublicKey(const CERTSubjectPublicKeyInfo *);
139
140	/*
141	** Destroy a private key object.
142	** "key" the object
143	*/
144	extern void SECKEY_DestroyPrivateKey(SECKEYPrivateKey *key);
145
146	/*
147	** Destroy a public key object.
148	** "key" the object
149	*/
150	extern void SECKEY_DestroyPublicKey(SECKEYPublicKey *key);
151
152	/ Destroy and zero out a private key info structure. for now this*
153	* function zero's out memory allocated in an arena for the key
154	* since PORT_FreeArena does not currently do this.
155	*
156	* NOTE -- If a private key info is allocated in an arena, one should
157	* not call this function with freeit = PR_FALSE. The function should
158	* destroy the arena.
159	*/
160	extern void
161	SECKEY_DestroyPrivateKeyInfo(SECKEYPrivateKeyInfo *pvk, PRBool freeit);
162
163	/ Destroy and zero out an encrypted private key info.*
164	*
165	* NOTE -- If a encrypted private key info is allocated in an arena, one should
166	* not call this function with freeit = PR_FALSE. The function should
167	* destroy the arena.
168	*/
169	extern void
170	SECKEY_DestroyEncryptedPrivateKeyInfo(SECKEYEncryptedPrivateKeyInfo *epki,
171	PRBool freeit);
172
173	/ Copy private key info structure.*
174	* poolp is the arena into which the contents of from is to be copied.
175	* NULL is a valid entry.
176	* to is the destination private key info
177	* from is the source private key info
178	* if either from or to is NULL or an error occurs, SECFailure is
179	* returned. otherwise, SECSuccess is returned.
180	*/
181	extern SECStatus
182	SECKEY_CopyPrivateKeyInfo(PLArenaPool *poolp,
183	SECKEYPrivateKeyInfo *to,
184	const SECKEYPrivateKeyInfo *from);
185
186	extern SECStatus
187	SECKEY_CacheStaticFlags(SECKEYPrivateKey *key);
188
189	/ Copy encrypted private key info structure.*
190	* poolp is the arena into which the contents of from is to be copied.
191	* NULL is a valid entry.
192	* to is the destination encrypted private key info
193	* from is the source encrypted private key info
194	* if either from or to is NULL or an error occurs, SECFailure is
195	* returned. otherwise, SECSuccess is returned.
196	*/
197	extern SECStatus
198	SECKEY_CopyEncryptedPrivateKeyInfo(PLArenaPool *poolp,
199	SECKEYEncryptedPrivateKeyInfo *to,
200	const SECKEYEncryptedPrivateKeyInfo *from);
201	/*
202	* Accessor functions for key type of public and private keys.
203	*/
204	KeyType SECKEY_GetPrivateKeyType(const SECKEYPrivateKey *privKey);
205	KeyType SECKEY_GetPublicKeyType(const SECKEYPublicKey *pubKey);
206
207	/*
208	* Creates a PublicKey from its DER encoding.
209	* Currently only supports RSA, DSA, and DH keys.
210	*/
211	SECKEYPublicKey *
212	SECKEY_ImportDERPublicKey(const SECItem *derKey, CK_KEY_TYPE type);
213
214	SECKEYPrivateKeyList *
215	SECKEY_NewPrivateKeyList(void);
216
217	void
218	SECKEY_DestroyPrivateKeyList(SECKEYPrivateKeyList *keys);
219
220	void
221	SECKEY_RemovePrivateKeyListNode(SECKEYPrivateKeyListNode *node);
222
223	SECStatus
224	SECKEY_AddPrivateKeyToListTail(SECKEYPrivateKeyList *list,
225	SECKEYPrivateKey *key);
226
227	#define PRIVKEY_LIST_HEAD(l) ((SECKEYPrivateKeyListNode *)PR_LIST_HEAD(&l->list))
228	#define PRIVKEY_LIST_NEXT(n) ((SECKEYPrivateKeyListNode *)n->links.next)
229	#define PRIVKEY_LIST_END(n, l) (((void )n) == ((void )&l->list))
230
231	SECKEYPublicKeyList *
232	SECKEY_NewPublicKeyList(void);
233
234	void
235	SECKEY_DestroyPublicKeyList(SECKEYPublicKeyList *keys);
236
237	void
238	SECKEY_RemovePublicKeyListNode(SECKEYPublicKeyListNode *node);
239
240	SECStatus
241	SECKEY_AddPublicKeyToListTail(SECKEYPublicKeyList *list,
242	SECKEYPublicKey *key);
243
244	#define PUBKEY_LIST_HEAD(l) ((SECKEYPublicKeyListNode *)PR_LIST_HEAD(&l->list))
245	#define PUBKEY_LIST_NEXT(n) ((SECKEYPublicKeyListNode *)n->links.next)
246	#define PUBKEY_LIST_END(n, l) (((void )n) == ((void )&l->list))
247
248	/*
249	* Length in bits of the EC's field size. This is also the length of
250	* the x and y coordinates of EC points, such as EC public keys and
251	* base points.
252	*
253	* Return 0 on failure (unknown EC domain parameters).
254	*/
255	extern int SECKEY_ECParamsToKeySize(const SECItem *params);
256
257	/*
258	* Length in bits of the EC base point order, usually denoted n. This
259	* is also the length of EC private keys and ECDSA signature components
260	* r and s.
261	*
262	* Return 0 on failure (unknown EC domain parameters).
263	*/
264	extern int SECKEY_ECParamsToBasePointOrderLen(const SECItem *params);
265
266	/*
267	* Returns the object identifier of the curve, of the provided
268	* elliptic curve parameters structures.
269	*
270	* Return 0 on failure (unknown EC domain parameters).
271	*/
272	SECOidTag SECKEY_GetECCOid(const SECKEYECParams *params);
273
274	SEC_END_PROTOS
275
276	#endif /* _KEYHI_H_ */
277

source code of include/nss/keyhi.h