1/*
2 * Copyright (c) 1999-2001,2005-2007,2010-2012,2014 Apple Inc. All Rights Reserved.
3 *
4 * @APPLE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. Please obtain a copy of the License at
10 * http://www.opensource.apple.com/apsl/ and read it before using this
11 * file.
12 *
13 * The Original Code and all software distributed under the License are
14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18 * Please see the License for the specific language governing rights and
19 * limitations under the License.
20 *
21 * @APPLE_LICENSE_HEADER_END@
22 */
23
24/*
25 * sslBER.h - BER routines
26 */
27
28#ifndef	_SSL_BER_H_
29#define _SSL_BER_H_
30
31#ifndef	_SSL_PRIV_H_
32#include "sslPriv.h"
33#endif
34
35#ifdef __cplusplus
36extern	"C" {
37#endif
38
39/*
40 * Given a PKCS-1 encoded RSA public key, extract the
41 * modulus and public exponent.
42 *
43 * RSAPublicKey ::= SEQUENCE {
44 *		modulus INTEGER, -- n
45 *		publicExponent INTEGER -- e }
46 */
47
48OSStatus sslDecodeRsaBlob(
49	const SSLBuffer	*blob,			/* PKCS-1 encoded */
50	SSLBuffer		*modulus,		/* data mallocd and RETURNED */
51	SSLBuffer		*exponent);		/* data mallocd and RETURNED */
52
53/*
54 * Given a raw modulus and exponent, cook up a
55 * BER-encoded RSA public key blob.
56 */
57
58OSStatus sslEncodeRsaBlob(
59	const SSLBuffer	*modulus,
60	const SSLBuffer	*exponent,
61	SSLBuffer		*blob);			/* data mallocd and RETURNED */
62
63/*
64 * Given a DER encoded DHParameter, extract the prime and generator.
65 * modulus and public exponent.
66 */
67OSStatus sslDecodeDhParams(
68	const SSLBuffer	*blob,			/* PKCS-1 encoded */
69	SSLBuffer		*prime,			/* data mallocd and RETURNED */
70	SSLBuffer		*generator);	/* data mallocd and RETURNED */
71
72/*
73 * Given a prime and generator, cook up a BER-encoded DHParameter blob.
74 */
75OSStatus sslEncodeDhParams(
76	const SSLBuffer	*prime,
77	const SSLBuffer	*generator,
78	SSLBuffer		*blob);			/* data mallocd and RETURNED */
79
80/*
81 * Given an ECDSA public key in CSSM format, extract the SSL_ECDSA_NamedCurve
82 * from its algorithm parameters.
83 */
84OSStatus sslEcdsaPeerCurve(
85	CSSM_KEY_PTR pubKey,
86	SSL_ECDSA_NamedCurve *namedCurve);
87
88/*
89 * Given an ECDSA public key in X509 format, extract the raw public key
90 * bits in ECPOint format.
91 */
92OSStatus sslEcdsaPubKeyBits(
93	CSSM_KEY_PTR	pubKey,
94	SSLBuffer		*pubBits);		/* data mallocd and RETURNED */
95
96#ifdef __cplusplus
97}
98#endif
99
100#endif	/* _SSL_BER_H_ */
101