xref: /freebsd/contrib/unbound/sldns/keyraw.h (revision 1c05a6ea6b849ff95e539c31adea887c644a6a01)
1 /*
2  * keyraw.h -- raw key and signature access and conversion
3  *
4  * Copyright (c) 2005-2008, NLnet Labs. All rights reserved.
5  *
6  * See LICENSE for the license.
7  *
8  */
9 
10 /**
11  * \file
12  *
13  * raw key and signature access and conversion
14  *
15  * Since those functions heavily rely op cryptographic operations,
16  * this module is dependent on openssl.
17  *
18  */
19 
20 #ifndef LDNS_KEYRAW_H
21 #define LDNS_KEYRAW_H
22 
23 #ifdef __cplusplus
24 extern "C" {
25 #endif
26 #if LDNS_BUILD_CONFIG_HAVE_SSL
27 #  include <openssl/ssl.h>
28 #  include <openssl/evp.h>
29 #endif /* LDNS_BUILD_CONFIG_HAVE_SSL */
30 
31 /**
32  * get the length of the keydata in bits
33  * \param[in] keydata the raw key data
34  * \param[in] len the length of the keydata
35  * \param[in] alg the cryptographic algorithm this is a key for
36  * \return the keysize in bits, or 0 on error
37  */
38 size_t sldns_rr_dnskey_key_size_raw(const unsigned char *keydata,
39 	const size_t len, int alg);
40 
41 /**
42  * Calculates keytag of DNSSEC key, operates on wireformat rdata.
43  * \param[in] key the key as uncompressed wireformat rdata.
44  * \param[in] keysize length of key data.
45  * \return the keytag
46  */
47 uint16_t sldns_calc_keytag_raw(uint8_t* key, size_t keysize);
48 
49 #if LDNS_BUILD_CONFIG_HAVE_SSL
50 /**
51  * Get the PKEY id for GOST, loads GOST into openssl as a side effect.
52  * Only available if GOST is compiled into the library and openssl.
53  * \return the gost id for EVP_CTX creation.
54  */
55 int sldns_key_EVP_load_gost_id(void);
56 
57 /** Release the engine reference held for the GOST engine. */
58 void sldns_key_EVP_unload_gost(void);
59 
60 /**
61  * Like sldns_key_buf2dsa, but uses raw buffer.
62  * \param[in] key the uncompressed wireformat of the key.
63  * \param[in] len length of key data
64  * \return a DSA * structure with the key material
65  */
66 DSA *sldns_key_buf2dsa_raw(unsigned char* key, size_t len);
67 
68 /**
69  * Converts a holding buffer with key material to EVP PKEY in openssl.
70  * Only available if ldns was compiled with GOST.
71  * \param[in] key data to convert
72  * \param[in] keylen length of the key data
73  * \return the key or NULL on error.
74  */
75 EVP_PKEY* sldns_gost2pkey_raw(unsigned char* key, size_t keylen);
76 
77 /**
78  * Converts a holding buffer with key material to EVP PKEY in openssl.
79  * Only available if ldns was compiled with ECDSA.
80  * \param[in] key data to convert
81  * \param[in] keylen length of the key data
82  * \param[in] algo precise algorithm to initialize ECC group values.
83  * \return the key or NULL on error.
84  */
85 EVP_PKEY* sldns_ecdsa2pkey_raw(unsigned char* key, size_t keylen, uint8_t algo);
86 
87 /**
88  * Like sldns_key_buf2rsa, but uses raw buffer.
89  * \param[in] key the uncompressed wireformat of the key.
90  * \param[in] len length of key data
91  * \return a RSA * structure with the key material
92  */
93 RSA *sldns_key_buf2rsa_raw(unsigned char* key, size_t len);
94 
95 /**
96  * Utility function to calculate hash using generic EVP_MD pointer.
97  * \param[in] data the data to hash.
98  * \param[in] len  length of data.
99  * \param[out] dest the destination of the hash, must be large enough.
100  * \param[in] md the message digest to use.
101  * \return true if worked, false on failure.
102  */
103 int sldns_digest_evp(unsigned char* data, unsigned int len,
104 	unsigned char* dest, const EVP_MD* md);
105 
106 #endif /* LDNS_BUILD_CONFIG_HAVE_SSL */
107 
108 #ifdef __cplusplus
109 }
110 #endif
111 
112 #endif /* LDNS_KEYRAW_H */
113