TrustCore SDK NanoCert API reference  version 7.0
pkcs_key.h
Go to the documentation of this file.
1 /*
2  * pkcs_key.h
3  *
4  * PKCS#1 PKCS#8 Parser and utilities routines
5  *
6  * Copyright 2019-2024 DigiCert, Inc. All Rights Reserved.
7  * Proprietary and Confidential Material.
8  *
9  */
21 #ifndef __PKCS_KEY_HEADER__
22 #define __PKCS_KEY_HEADER__
23 
24 
25 /*------------------------------------------------------------------*/
26 
27 #ifdef __cplusplus
28 extern "C" {
29 #endif
30 
31 /* encryption types --- do not change the values associated with the constants */
32 enum PKCS8EncryptionType
33 {
34  PCKS8_EncryptionType_undefined = 0,
35 #if defined(__ENABLE_MOCANA_PKCS5__)
36 #if defined(__ENABLE_DES_CIPHER__)
37  PCKS8_EncryptionType_pkcs5_v1_sha1_des = 10, /* oid suffix */
38 #endif
39 
40 #if defined(__ENABLE_ARC2_CIPHERS__)
41  PCKS8_EncryptionType_pkcs5_v1_sha1_rc2 = 11, /* oid suffix */
42 #endif
43 
44 #if defined(__ENABLE_DES_CIPHER__) && defined(__ENABLE_MOCANA_MD2__)
45  PCKS8_EncryptionType_pkcs5_v1_md2_des = 1, /* oid suffix */
46 #endif
47 
48 #if defined(__ENABLE_ARC2_CIPHERS__) && defined(__ENABLE_MOCANA_MD2__)
49  PCKS8_EncryptionType_pkcs5_v1_md2_rc2 = 4, /* oid suffix */
50 #endif
51 
52 #if defined(__ENABLE_DES_CIPHER__)
53  PCKS8_EncryptionType_pkcs5_v1_md5_des = 3, /* oid suffix */
54 #endif
55 
56 #if defined(__ENABLE_ARC2_CIPHERS__)
57  PCKS8_EncryptionType_pkcs5_v1_md5_rc2 = 6, /* oid suffix */
58 #endif
59 
60 #if !defined(__DISABLE_3DES_CIPHERS__)
61  PCKS8_EncryptionType_pkcs5_v2_3des = 5000 + 1, /* no signification */
62 #endif
63 
64 #if defined(__ENABLE_DES_CIPHER__)
65  PCKS8_EncryptionType_pkcs5_v2_des = 5000 + 2, /* no signification */
66 #endif
67 
68 #if defined(__ENABLE_ARC2_CIPHERS__)
69  PCKS8_EncryptionType_pkcs5_v2_rc2 = 5000 + 3, /* no signification */
70 #endif
71 
72 #if !defined(__DISABLE_AES_CIPHERS__)
73 
74 #if !defined(__DISABLE_AES128_CIPHER__)
75  PCKS8_EncryptionType_pkcs5_v2_aes128 = 5000 + 4, /* no signification */
76 #endif
77 
78 #if !defined(__DISABLE_AES192_CIPHER__)
79  PCKS8_EncryptionType_pkcs5_v2_aes192 = 5000 + 5, /* no signification */
80 #endif
81 
82 #if !defined(__DISABLE_AES256_CIPHER__)
83  PCKS8_EncryptionType_pkcs5_v2_aes256 = 5000 + 6, /* no signification */
84 #endif
85 
86 #endif /* !defined(__DISABLE_AES_CIPHERS__) */
87 
88 #endif /* __ENABLE_MOCANA_PKCS5__ */
89 
90  PKCS8_EncryptionType_pkcs12 = 12000,
91 #if !defined(__DISABLE_3DES_CIPHERS__)
92  PCKS8_EncryptionType_pkcs12_sha_2des = PKCS8_EncryptionType_pkcs12 + 4, /* 12000 + oid suffix */
93  PCKS8_EncryptionType_pkcs12_sha_3des = PKCS8_EncryptionType_pkcs12 + 3, /* 12000 + oid suffix */
94 #endif
95 
96 #if defined(__ENABLE_ARC2_CIPHERS__)
97  PCKS8_EncryptionType_pkcs12_sha_rc2_40 = PKCS8_EncryptionType_pkcs12 + 6, /* 12000 + oid suffix */
98  PCKS8_EncryptionType_pkcs12_sha_rc2_128 = PKCS8_EncryptionType_pkcs12 + 5, /* 12000 + oid suffix */
99 #endif
100 
101 #if !defined(__DISABLE_ARC4_CIPHERS__)
102  PCKS8_EncryptionType_pkcs12_sha_rc4_40 = PKCS8_EncryptionType_pkcs12 + 2, /* 12000 + oid suffix */
103  PCKS8_EncryptionType_pkcs12_sha_rc4_128 = PKCS8_EncryptionType_pkcs12 + 1, /* 12000 + oid suffix */
104 #endif
105 
106 };
107 
108 enum PKCS8PrfType
109 {
110  PKCS8_PrfType_undefined = 0, /* default to PKCS8_PrfType_pkcs5_v2_hmacSHA1Digest */
111 
112  /* suffixes of rsaDSI_OID */
113  /* applicable only if PCKS8_EncryptionType_pkcs5_v2_* is chosen */
114  PKCS8_PrfType_pkcs5_v2_hmacSHA1Digest = 7,
115  PKCS8_PrfType_pkcs5_v2_hmacSHA224Digest = 8,
116  PKCS8_PrfType_pkcs5_v2_hmacSHA256Digest = 9,
117  PKCS8_PrfType_pkcs5_v2_hmacSHA384Digest = 10,
118  PKCS8_PrfType_pkcs5_v2_hmacSHA512Digest = 11
119 };
120 
121 #if !defined(__DISABLE_MOCANA_CERTIFICATE_PARSING__)
122 
123 MOC_EXTERN MSTATUS PKCS_getPKCS1Key(MOC_RSA(hwAccelDescr hwAccelCtx)const ubyte* pPKCS1DER, ubyte4 pkcs1DERLen, AsymmetricKey* pKey);
124 #if defined(__ENABLE_MOCANA_DSA__)
125 /* This read an unencrypted raw file like those produced by openssl */
126 MOC_EXTERN MSTATUS PKCS_getDSAKey(MOC_DSA(hwAccelDescr hwAccelCtx)
127  const ubyte* pDSAKeyDer, ubyte4 pDSAKeyDerLen, AsymmetricKey* pKey);
128 #endif
129 
157 MOC_EXTERN MSTATUS PKCS_getPKCS8Key(MOC_ASYM(hwAccelDescr hwAccelCtx)const ubyte* pPKCS8DER, ubyte4 pkcs8DERLen, AsymmetricKey* pKey);
158 
191 MOC_EXTERN MSTATUS PKCS_getPKCS8KeyEx(MOC_HW(hwAccelDescr hwAccelCtx) const ubyte* pPKCS8DER, ubyte4 pkcs8DERLen,
192  const ubyte* password, ubyte4 passwordLen, AsymmetricKey* pKey);
193 
194 #if defined( __ENABLE_MOCANA_DER_CONVERSION__) || defined(__ENABLE_MOCANA_PEM_CONVERSION__)
195 MOC_EXTERN MSTATUS PKCS_setPKCS1Key(MOC_RSA(hwAccelDescr hwAccelCtx)
196  const AsymmetricKey* pKey,
197  ubyte **ppRetKeyDER, ubyte4 *pRetKeyDERLength);
198 
199 #ifdef __ENABLE_MOCANA_DSA__
200 MOC_EXTERN MSTATUS PKCS_setDsaDerKey(MOC_DSA(hwAccelDescr hwAccelCtx) const AsymmetricKey* pKey,
201  ubyte **ppRetKeyDER, ubyte4 *pRetKeyDERLength);
202 #endif
203 
204 #endif
205 
206 #if defined( __ENABLE_MOCANA_DER_CONVERSION__)
207 MOC_EXTERN MSTATUS PKCS_setPKCS8Key(MOC_HW(hwAccelDescr hwAccelCtx)
208  const AsymmetricKey* pKey,
209  randomContext* pRandomContext,
210  enum PKCS8EncryptionType encType,
211  enum PKCS8PrfType prfType,
212  const ubyte* password, ubyte4 passwordLen,
213  ubyte **ppRetKeyDER, ubyte4 *pRetKeyDERLength);
214 #endif
215 
216 #endif /* !defined(__DISABLE_MOCANA_CERTIFICATE_PARSING__) */
217 
218 #if defined(__ENABLE_MOCANA_PKCS8__)
219 
220 #if defined(__ENABLE_MOCANA_PEM_CONVERSION__)
221 
257 MOC_EXTERN MSTATUS PKCS8_decodePrivateKeyPEMEx(const ubyte* pFilePemPkcs8, ubyte4 fileSizePemPkcs8, ubyte *pPassword, ubyte4 passwordLen,
258  ubyte** ppKeyBlob, ubyte4 *pKeyBlobLength);
259 
320 MOC_EXTERN MSTATUS PKCS8_encodePrivateKeyPEM(
321  randomContext *pRandomContext,
322  ubyte* pKeyBlob,
323  ubyte4 keyBlobLen,
324  enum PKCS8EncryptionType encType,
325  enum PKCS8PrfType prfType,
326  ubyte *pPassword,
327  ubyte4 passwordLen,
328  ubyte** ppRetFilePemPkcs8,
329  ubyte4 *pRetFileSizePemPkcs8);
330 
331 #endif /* __ENABLE_MOCANA_PEM_CONVERSION__ */
332 
333 #if defined(__ENABLE_MOCANA_DER_CONVERSION__)
334 
370 MOC_EXTERN MSTATUS PKCS8_decodePrivateKeyDEREx(const ubyte* pFileDerPkcs8, ubyte4 fileSizeDerPkcs8, ubyte *pPassword, ubyte4 passwordLen,
371  ubyte** ppKeyBlob, ubyte4 *pKeyBlobLength);
372 
433 MOC_EXTERN MSTATUS PKCS8_encodePrivateKeyDER(
434  randomContext *pRandomContext,
435  ubyte* pKeyBlob,
436  ubyte4 keyBlobLen,
437  enum PKCS8EncryptionType encType,
438  enum PKCS8PrfType prfType,
439  ubyte *pPassword,
440  ubyte4 passwordLen,
441  ubyte** ppRetFileDerPkcs8,
442  ubyte4 *pRetFileSizeDerPkcs8);
443 
444 #endif /* __ENABLE_MOCANA_DER_CONVERSION__ */
445 
446 #endif /* __ENABLE_MOCANA_PKCS8__ */
447 
448 #ifdef __cplusplus
449 }
450 #endif
451 
452 #endif /* __PKCS_KEY_HEADER__ */
PKCS_getPKCS8KeyEx
MOC_EXTERN MSTATUS PKCS_getPKCS8KeyEx(MOC_HW(hwAccelDescr hwAccelCtx) const ubyte *pPKCS8DER, ubyte4 pkcs8DERLen, const ubyte *password, ubyte4 passwordLen, AsymmetricKey *pKey)
Extract SoT Platform-formatted key from PKCS #8 DER file (encrypted or unencrypted).
PKCS_getPKCS8Key
MOC_EXTERN MSTATUS PKCS_getPKCS8Key(MOC_ASYM(hwAccelDescr hwAccelCtx) const ubyte *pPKCS8DER, ubyte4 pkcs8DERLen, AsymmetricKey *pKey)
Extract SoT Platform-formatted key from unencrypted PKCS #8 DER file.