1 /* 2 * keyraw.h -- raw key and signature access and conversion 3 * 4 * Copyright (c) 2005-2008, NLnet Labs. All rights reserved. 5 * 6 * See LICENSE for the license. 7 * 8 */ 9 10 /** 11 * \file 12 * 13 * raw key and signature access and conversion 14 * 15 * Since those functions heavily rely op cryptographic operations, 16 * this module is dependent on openssl. 17 * 18 */ 19 20 #ifndef LDNS_KEYRAW_H 21 #define LDNS_KEYRAW_H 22 23 #ifdef __cplusplus 24 extern "C" { 25 #endif 26 #if LDNS_BUILD_CONFIG_HAVE_SSL 27 # include <openssl/ssl.h> 28 # include <openssl/evp.h> 29 #endif /* LDNS_BUILD_CONFIG_HAVE_SSL */ 30 31 /** 32 * get the length of the keydata in bits 33 * \param[in] keydata the raw key data 34 * \param[in] len the length of the keydata 35 * \param[in] alg the cryptographic algorithm this is a key for 36 * \return the keysize in bits, or 0 on error 37 */ 38 size_t sldns_rr_dnskey_key_size_raw(const unsigned char *keydata, 39 const size_t len, int alg); 40 41 /** 42 * Calculates keytag of DNSSEC key, operates on wireformat rdata. 43 * \param[in] key the key as uncompressed wireformat rdata. 44 * \param[in] keysize length of key data. 45 * \return the keytag 46 */ 47 uint16_t sldns_calc_keytag_raw(uint8_t* key, size_t keysize); 48 49 #if LDNS_BUILD_CONFIG_HAVE_SSL 50 /** 51 * Get the PKEY id for GOST, loads GOST into openssl as a side effect. 52 * Only available if GOST is compiled into the library and openssl. 53 * \return the gost id for EVP_CTX creation. 54 */ 55 int sldns_key_EVP_load_gost_id(void); 56 57 /** Release the engine reference held for the GOST engine. */ 58 void sldns_key_EVP_unload_gost(void); 59 60 /** 61 * Like sldns_key_buf2dsa, but uses raw buffer. 62 * \param[in] key the uncompressed wireformat of the key. 63 * \param[in] len length of key data 64 * \return a DSA * structure with the key material 65 */ 66 DSA *sldns_key_buf2dsa_raw(unsigned char* key, size_t len); 67 68 /** 69 * Converts a holding buffer with key material to EVP PKEY in openssl. 70 * Only available if ldns was compiled with GOST. 71 * \param[in] key data to convert 72 * \param[in] keylen length of the key data 73 * \return the key or NULL on error. 74 */ 75 EVP_PKEY* sldns_gost2pkey_raw(unsigned char* key, size_t keylen); 76 77 /** 78 * Converts a holding buffer with key material to EVP PKEY in openssl. 79 * Only available if ldns was compiled with ECDSA. 80 * \param[in] key data to convert 81 * \param[in] keylen length of the key data 82 * \param[in] algo precise algorithm to initialize ECC group values. 83 * \return the key or NULL on error. 84 */ 85 EVP_PKEY* sldns_ecdsa2pkey_raw(unsigned char* key, size_t keylen, uint8_t algo); 86 87 /** 88 * Like sldns_key_buf2rsa, but uses raw buffer. 89 * \param[in] key the uncompressed wireformat of the key. 90 * \param[in] len length of key data 91 * \return a RSA * structure with the key material 92 */ 93 RSA *sldns_key_buf2rsa_raw(unsigned char* key, size_t len); 94 95 /** 96 * Utility function to calculate hash using generic EVP_MD pointer. 97 * \param[in] data the data to hash. 98 * \param[in] len length of data. 99 * \param[out] dest the destination of the hash, must be large enough. 100 * \param[in] md the message digest to use. 101 * \return true if worked, false on failure. 102 */ 103 int sldns_digest_evp(unsigned char* data, unsigned int len, 104 unsigned char* dest, const EVP_MD* md); 105 106 #endif /* LDNS_BUILD_CONFIG_HAVE_SSL */ 107 108 #ifdef __cplusplus 109 } 110 #endif 111 112 #endif /* LDNS_KEYRAW_H */ 113