1/*
2 * Copyright (c) 2010,2012-2014 Apple Inc. All Rights Reserved.
3 *
4 * @APPLE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. Please obtain a copy of the License at
10 * http://www.opensource.apple.com/apsl/ and read it before using this
11 * file.
12 *
13 * The Original Code and all software distributed under the License are
14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18 * Please see the License for the specific language governing rights and
19 * limitations under the License.
20 *
21 * @APPLE_LICENSE_HEADER_END@
22 */
23
24/*!
25	@header SecECKey
26	The functions provided in SecECKey.h implement and manage a rsa
27    public or private key.
28*/
29
30#ifndef _SECURITY_SECECKEY_H_
31#define _SECURITY_SECECKEY_H_
32
33#include <Security/SecKey.h>
34#include <Security/SecKeyPriv.h>
35#include <CoreFoundation/CFData.h>
36
37__BEGIN_DECLS
38
39typedef struct SecECPublicKeyParams {
40	uint8_t             *modulus;			/* modulus */
41	CFIndex             modulusLength;
42	uint8_t             *exponent;			/* public exponent */
43	CFIndex             exponentLength;
44} SecECPublicKeyParams;
45
46enum {
47    kSecPaddingECIES_SHA2_AES128GCM_MAC128 = 0x9000, /* EC Key Using IESGCM to encrypt */
48};
49
50/* Given an EC public key in encoded form return a SecKeyRef representing
51   that key. Supported encodings are kSecKeyEncodingPkcs1. */
52SecKeyRef SecKeyCreateECPublicKey(CFAllocatorRef allocator,
53    const uint8_t *keyData, CFIndex keyDataLength,
54    SecKeyEncoding encoding);
55
56/* Given an EC private key in encoded form return a SecKeyRef representing
57   that key.  Supported encodings are kSecKeyEncodingPkcs1. */
58SecKeyRef SecKeyCreateECPrivateKey(CFAllocatorRef allocator,
59    const uint8_t *keyData, CFIndex keyDataLength,
60    SecKeyEncoding encoding);
61
62/* These are the named curves we support. These values come from RFC 4492
63   section 5.1.1, with the exception of SSL_Curve_None which means
64   "ECDSA not negotiated". */
65typedef enum
66{
67	kSecECCurveNone = -1,
68	kSecECCurveSecp256r1 = 23,
69	kSecECCurveSecp384r1 = 24,
70	kSecECCurveSecp521r1 = 25
71} SecECNamedCurve;
72
73/* Return a named curve enum for ecPrivateKey. */
74SecECNamedCurve SecECKeyGetNamedCurve(SecKeyRef ecPrivateKey);
75CFDataRef SecECKeyCopyPublicBits(SecKeyRef key);
76
77
78__END_DECLS
79
80#endif /* !_SECURITY_SECECKEY_H_ */
81