mars_nwe/mars-matrixssl
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
Files
684e265a0c5511d4fd11e103868bd70fd371fe74
mars-matrixssl/matrixssl/psExt.h
Janne Johansson 69b5f2c6c3 MatrixSSL 4.5.1
2022-07-29 12:30:12 +03:00

100 lines
4.4 KiB
C
Raw Blame History

/* psExt.h
*
* External API for signing message digests with RSA and ECC private keys.
* This should be implemented by the the external module. For an example
* implementation, see exampleExtCvSigModule.c.
*/
/*****************************************************************************
* Copyright (c) 2007-2017 Rambus Inc. All Rights Reserved.
*
* The latest version of this code is available at http://www.matrixssl.org
*
* This software is open source; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This General Public License does NOT permit incorporating this software
* into proprietary programs. If you are unable to comply with the GPL, a
* commercial license for this software may be purchased from Rambus at
* http://www.rambus.com/
*
* This program is distributed in WITHOUT ANY WARRANTY; without even the
* implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
* See the GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
* http://www.gnu.org/copyleft/gpl.html
*****************************************************************************/
#ifndef INCLUDE_GUARD_EXAMPLEEXTCVSIGMODULE_H
#define INCLUDE_GUARD_EXAMPLEEXTCVSIGMODULE_H
/** Load a certificate from an external module.
@param cert_key_id[in] ID of the certificate/private key pair whose certificate should be loaded.
@param cert_buf[out] Pointer to a buffer containing the certificate in DER format. Allocated in this function. Caller must free.
@param cert_len[out] Length of the certificate in bytes.
@return 0 on success, < 0 on failure.
*/
int psExtLoadCert(unsigned int cert_key_id,
unsigned char **cert_buf,
size_t *cert_len);
/** Sign a hash using an RSA private key (PKCS #1.5 Encrypt).
@param cert_key_id[in] ID of the certificate/private key pair whose private key should be used in the signing operation.
@param hash_to_sign[in] Pointer to the hash value to sign.
@param hash_len[in] Length of the hash in bytes. This value can be used to identify the hash algorithm, e.g. 32 implies SHA-256.
@param signature[out] Pointer to a buffer containing the resulting signature. The buffer is allocated in this function. Caller must free.
@param signature_len[out] Length of the resulting signature in bytes
@return 0 on success, < 0 on failure.
*/
int psExtRsaSignHash(unsigned int cert_key_id,
unsigned char *hash_to_sign,
size_t hash_len,
unsigned char **signature,
size_t *signature_len);
/** Sign a hash using an ECDSA private key (ANS X9.62 / RFC 4492).
@param cert_key_id[in] ID of the certificate/private key pair whose private key should be used in the signing operation.
@param hash_to_sign[in] Pointer to the hash value to sign.
@param hash_len[in] Length of the hash in bytes. This value can be used to identify the hash algorithm, e.g. 32 implies SHA-256.
@param signature[out] Pointer to a buffer containing the resulting signature. The buffer is allocated in this function. Caller must free.
@param signature_len[out] Length of the resulting signature in bytes.
@return 0 on success, < 0 on failure.
*/
int psExtEcdsaSignHash(unsigned int cert_key_id,
unsigned char *hash_to_sign,
size_t hash_len,
unsigned char **signature,
size_t *signature_len);
/** Perform cleanup and finish operation.
*/
void psExtCleanup(void);
/** Example definitions of private key-certificate pair IDs.
These example IDs can be used to communicate to the external module, which key-certificate pair should be used.
*/
#define CERT_KEY_ID_RSA1024 0
#define CERT_KEY_ID_RSA2048 1
#define CERT_KEY_ID_RSA3072 2
#define CERT_KEY_ID_RSA4096 3
#define CERT_KEY_ID_ECC192 4
#define CERT_KEY_ID_ECC224 5
#define CERT_KEY_ID_ECC256 6
#define CERT_KEY_ID_ECC384 7
#define CERT_KEY_ID_ECC521 8
#define CERT_KEY_ID_ECC256_ECDH_RSA 9
#define CERT_KEY_ID_ECC521_ECDH_RSA 10
#endif /* INCLUDE_GUARD_EXAMPLEEXTCVSIGMODULE_H */
/* end of file exampleExtCvSigModule.h */
Reference in New Issue View Git Blame Copy Permalink