TrustCore SDK NanoCrypto API reference  version 7.0
pubcrypto.h
Go to the documentation of this file.
1 /*
2  * pubcrypto.h
3  *
4  * General Public Crypto Definitions & Types Header
5  *
6  * Copyright 2019-2024 DigiCert, Inc. All Rights Reserved.
7  * Proprietary and Confidential Material.
8  *
9  */
10 
16 /*------------------------------------------------------------------*/
17 
18 #ifndef __PUBCRYPTO_HEADER__
19 #define __PUBCRYPTO_HEADER__
20 
21 #include "../cap/capasym.h"
22 #include "../crypto/cryptodecl.h"
23 
24 #ifdef __ENABLE_MOCANA_QS__
25 #include "../crypto_interface/crypto_interface_qs.h"
26 #endif
27 
28 #ifdef __cplusplus
29 extern "C" {
30 #endif
31 
32 #if (defined(__ENABLE_MOCANA_ECC__))
33 struct ECCKey;
34 struct PrimeEllipticCurve;
35 #endif
36 
37 struct RSAKey;
38 
39 #if (defined(__ENABLE_MOCANA_DSA__))
40 struct DSAKey;
41 #endif
42 struct AsymmetricKey;
43 struct vlong;
44 struct MAlgoId;
45 
46 typedef struct AsymmetricKey
47 {
48  ubyte4 type;
49  union
50  {
51  struct RSAKey* pRSA;
52 #if (defined(__ENABLE_MOCANA_ECC__))
53  struct ECCKey* pECC;
54 #endif
55 #if (defined(__ENABLE_MOCANA_DSA__))
56  struct DSAKey* pDSA;
57 #endif
58  struct MocAsymmetricKey *pMocAsymKey;
59  } key;
60 
61  struct MAlgoId *pAlgoId;
62 
63 #ifdef __ENABLE_MOCANA_QS__
64  QS_CTX *pQsCtx;
65 #endif
66 
67 } AsymmetricKey;
68 
69 /* General structure that can be used to load two keys at once */
70 typedef struct HybridKey
71 {
72  void *pKey1;
73  void *pKey2;
74 
75 } HybridKey;
76 
87 MOC_EXTERN MSTATUS CRYPTO_initAsymmetricKey(AsymmetricKey* pKey);
88 
99 MOC_EXTERN MSTATUS CRYPTO_uninitAsymmetricKey(AsymmetricKey* pKey, struct vlong** ppVlongQueue);
100 
110 MOC_EXTERN MSTATUS CRYPTO_copyAsymmetricKey(AsymmetricKey* pNew, const AsymmetricKey* pSrc);
111 
120 MOC_EXTERN MSTATUS CRYPTO_matchPublicKey(const AsymmetricKey* pKey1, const AsymmetricKey* pKey2);
121 
122 #if (defined(__ENABLE_MOCANA_ECC__))
123 
132 MOC_EXTERN ubyte4 CRYPTO_getECCurveId( const AsymmetricKey* pKey);
133 #endif
134 
147 MOC_EXTERN MSTATUS CRYPTO_createRSAKey( AsymmetricKey* pKey, struct vlong** ppVlongQueue);
148 
170 MOC_EXTERN MSTATUS CRYPTO_setRSAParameters(MOC_RSA(hwAccelDescr hwAccelCtx)
171  AsymmetricKey* pKey,
172  ubyte4 exponent,
173  const ubyte* modulus,
174  ubyte4 modulusLen,
175  const ubyte* p,
176  ubyte4 pLen,
177  const ubyte* q,
178  ubyte4 qLen,
179  struct vlong **ppVlongQueue);
180 /* ECC key */
181 #if (defined(__ENABLE_MOCANA_ECC__))
182 
200 MOC_EXTERN MSTATUS CRYPTO_createECCKey(
201  AsymmetricKey* pKey,
202  PEllipticCurvePtr pEC
203  );
204 
205 #ifdef __ENABLE_MOCANA_CRYPTO_INTERFACE__
206 
220 MOC_EXTERN MSTATUS CRYPTO_createECCKeyEx(
221  AsymmetricKey *pKey,
222  ubyte4 eccCurveId
223  );
224 #endif
225 
244 MOC_EXTERN MSTATUS CRYPTO_setECCParameters(MOC_ECC(hwAccelDescr hwAccelCtx) AsymmetricKey* pKey,
245  ubyte4 curveId,
246  const ubyte* point,
247  ubyte4 pointLen,
248  const ubyte* scalar,
249  ubyte4 scalarLen);
250 
251 
252 #ifdef __ENABLE_MOCANA_QS__
253 
254 
275 MOC_EXTERN MSTATUS CRYPTO_setHybridParameters(
276  AsymmetricKey *pKey,
277  ubyte4 curveId,
278  ubyte4 qsAlgId,
279  ubyte *pPubKey,
280  ubyte4 pubKeyLen
281  );
282 #endif
283 
284 #endif /* __ENABLE_MOCANA_ECC__ */
285 
286 #if (defined(__ENABLE_MOCANA_DSA__))
287 
303 MOC_EXTERN MSTATUS CRYPTO_createDSAKey( AsymmetricKey* pKey, struct vlong** ppVlongQueue);
304 
336 MOC_EXTERN MSTATUS CRYPTO_setDSAParameters( MOC_DSA(hwAccelDescr hwAccelCtx) AsymmetricKey* pKey,
337  const ubyte* p,
338  ubyte4 pLen,
339  const ubyte* q,
340  ubyte4 qLen,
341  const ubyte* g,
342  ubyte4 gLen,
343  const ubyte* y,
344  ubyte4 yLen,
345  const ubyte* x,
346  ubyte4 xLen,
347  struct vlong **ppVlongQueue);
348 #endif
349 
350 /* To convert a key object to a single byte array (serialize), call
351  * CRYPTO_serializeKey.
352  * To convert the byte array version of the key to a key object (deserialize),
353  * call CRYPTO_deserializeKey.
354  * The serialize function takes an AsymmetricKey as a the key object to
355  * serialize. However, you might not have the key in that form. It might be an
356  * RSAKey, DSAKey, ECCKey, or MocAsymKey. To "convert" an "algorithm key" to an
357  * AsymmetricKey, call CRYPTO_loadAsymmetricKey
358  */
359 
432 MOC_EXTERN MSTATUS CRYPTO_loadAsymmetricKey (
433  AsymmetricKey *pAsymKey,
434  ubyte4 keyType,
435  void **ppAlgKey
436  );
437 
438 MOC_EXTERN MSTATUS CRYPTO_loadAlgoId (
439  AsymmetricKey *pAsymKey,
440  void **ppAlgoId
441  );
442 
457 typedef MSTATUS (*MKeySerialize) ( MOC_ASYM(hwAccelDescr hwAccelCtx)
458  AsymmetricKey *, serializedKeyFormat, ubyte **, ubyte4 *);
459 
465 MOC_EXTERN MSTATUS KeySerializeRsa ( MOC_ASYM(hwAccelDescr )
466  AsymmetricKey *, serializedKeyFormat, ubyte **, ubyte4 *);
467 
473 MOC_EXTERN MSTATUS KeySerializeDsa ( MOC_ASYM(hwAccelDescr )
474  AsymmetricKey *, serializedKeyFormat, ubyte **, ubyte4 *);
475 
481 MOC_EXTERN MSTATUS KeySerializeEcc ( MOC_ASYM(hwAccelDescr )
482  AsymmetricKey *, serializedKeyFormat, ubyte **, ubyte4 *);
483 
489 MOC_EXTERN MSTATUS KeySerializeQs (AsymmetricKey *, serializedKeyFormat, ubyte **, ubyte4 *);
490 
496 MOC_EXTERN MSTATUS KeySerializeHybrid (AsymmetricKey *, serializedKeyFormat, ubyte **, ubyte4 *);
497 
498 MOC_EXTERN MSTATUS KeySerializeTpmRsa (
499  AsymmetricKey *, serializedKeyFormat, ubyte **, ubyte4 *);
500 
562 MOC_EXTERN MSTATUS CRYPTO_serializeKey (
563  MOC_ASYM(hwAccelDescr hwAccelCtx)
564  AsymmetricKey *pKeyToSerialize,
565  MKeySerialize *pSupportedAlgorithms,
566  ubyte4 supportedAlgorithmCount,
567  serializedKeyFormat format,
568  ubyte **ppSerializedKey,
569  ubyte4 *pSerializedKeyLen
570  );
571 
632 MOC_EXTERN MSTATUS CRYPTO_deserializeKey (
633  MOC_ASYM(hwAccelDescr hwAccelCtx)
634  ubyte *pSerializedKey,
635  ubyte4 serializedKeyLen,
636  MKeySerialize *pSupportedAlgorithms,
637  ubyte4 supportedAlgorithmCount,
638  AsymmetricKey *pDeserializedKey
639  );
640 
671 MOC_EXTERN MSTATUS CRYPTO_serializeAsymKey (
672  MOC_ASYM(hwAccelDescr hwAccelCtx)
673  AsymmetricKey *pKeyToSerialize,
674  serializedKeyFormat format,
675  ubyte **ppSerializedKey,
676  ubyte4 *pSerializedKeyLen
677  );
678 
695 MOC_EXTERN MSTATUS CRYPTO_getKeyTapInfo(
696  ubyte *pKey,
697  ubyte4 keyLen,
698  MocCtx pMocCtx,
699  byteBoolean *pIsTap,
700  ubyte4 *pProvider,
701  ubyte4 *pModuleId
702 );
703 
724 MOC_EXTERN MSTATUS CRYPTO_serializeAsymKeyToStorage(
725  MOC_ASYM(hwAccelDescr hwAccelCtx)
726  AsymmetricKey *pKeyToSerialize,
727  serializedKeyFormat format,
728  ubyte *pId,
729  ubyte4 idLen,
730  ubyte4 tokenId,
731  ubyte **ppSerializedKey,
732  ubyte4 *pSerializedKeyLen
733 );
734 
755 MOC_EXTERN MSTATUS CRYPTO_deserializeAsymKey (
756  MOC_ASYM(hwAccelDescr hwAccelCtx)
757  ubyte *pSerializedKey,
758  ubyte4 serializedKeyLen,
759  MocCtx pMocCtx,
760  AsymmetricKey *pDeserializedKey
761  );
762 
788 MOC_EXTERN MSTATUS CRYPTO_deserializeAsymKeyWithCreds (
789  MOC_ASYM(hwAccelDescr hwAccelCtx)
790  ubyte *pSerializedKey,
791  ubyte4 serializedKeyLen,
792  MocCtx pMocCtx,
793  ubyte *pPassword,
794  ubyte4 passwordLen,
795  void *pLoadCtx,
796  AsymmetricKey *pDeserializedKey
797  );
798 
805 MOC_EXTERN MSTATUS CRYPTO_makeKeyInfo (
806  intBoolean isPrivateKey,
807  ubyte *pAlgId,
808  ubyte4 algIdLen,
809  ubyte *pKeyData,
810  ubyte4 keyDataLen,
811  ubyte **ppKeyInfo,
812  ubyte4 *pKeyInfoLen
813  );
814 
854 MOC_EXTERN MSTATUS CRYPTO_findKeyInfoComponents (
855  ubyte *pKeyInfo,
856  ubyte4 keyInfoLen,
857  ubyte **ppAlgId,
858  ubyte4 *pAlgIdLen,
859  ubyte **ppKeyData,
860  ubyte4 *pKeyDataLen,
861  intBoolean *isPrivate
862  );
863 
864 /* This is the definiton (function signature) of a callback used when loading
865 * keys into an AsymmetricKey object.
866 * <p>A user will be calling a function (e.g. an OpenSSL engine written by
867 * Mocana) with key data to load. The loading function will know how to perform
868 * some of the operations needed to load the key, but it is possible the key data
869 * represents a hardware key or some other non-standard situation. In that case,
870 * the caller will supply a callback to perform initialization operations (such
871 * creating or copying a hardware handle).
872 * <p>This is the interface for the Callback.
873 * <p>The caller passes in a data struct containing the Callback function along
874 * with any information the function will need to perform its operations. That
875 * pLocalData can be NULL, or it might be a hardware handle, or it could be a
876 * struct itself, containing hardware info or maybe key usage data or whatever
877 * the key needs.
878 * <p>The called function will make a call to the Callback, passing the
879 * pLocalData it was given back to the callback.
880 * <p>For example, the caller might do something like this.
881 * <pre>
882 * <code>
883 * MKeyContextCallbackInfo callbackInfo;
884 *
885 * callbackInfo.KeyContextCallback = TPMCallback;
886 * callbackInfo.pLocalInfo = (void *)secModHandle;
887 *
888 * status = SomeLoadFunction (
889 * data, dataLen, pAsymKey, (void *)&callbackInfo);
890 * </code>
891 * </pre>
892 * <p>The Load function will do something like this.
893 * <pre>
894 * <code>
895 *
896 * --load key data operations--
897 *
898 * if (NULL != pCallbackInfo)
899 * {
900 * if (NULL != pCallbackInfo->KeyContextCallback)
901 * {
902 * status = pCallbackInfo->KeyContextCallback (
903 * pAsymKey, pCallbackInfo->pLocalInfo, state);
904 * if (OK != state)
905 * goto exit;
906 * }
907 * }
908 *
909 * --more load key data operations--
910 *
911 * </code>
912 * </pre>
913 * <p>The state is ???
914 */
915 typedef MSTATUS (*MKeyContextCallback) (
916  AsymmetricKey *pAsymKey,
917  void *pLocalInfo,
918  ubyte4 state
919  );
920 
921 /* This is a struct containing the Callback information to pass to a Load
922  * function.
923  * <p>See the comments for the definition of the function pointer
924  * KeyContextCallback.
925  */
926 typedef struct
927 {
928  MKeyContextCallback KeyContextCallback;
929  void *pLocalData;
930 } MKeyContextCallbackInfo;
931 
932 
933 #ifdef __cplusplus
934 }
935 #endif
936 /* For backwards compatibility.
937  * In previous versions of NanoCrypto, the definitions in mocasym.h were in
938  * pubcrypto.h. So if someone includes pubcrypto.h expecting to get the MocAsymKey
939  * definitions, they'll get them here.
940  */
941 #include "../crypto/mocasym.h"
942 
943 #endif /* __PUBCRYPTO_HEADER__ */
CRYPTO_setECCParameters
MOC_EXTERN MSTATUS CRYPTO_setECCParameters(MOC_ECC(hwAccelDescr hwAccelCtx) AsymmetricKey *pKey, ubyte4 curveId, const ubyte *point, ubyte4 pointLen, const ubyte *scalar, ubyte4 scalarLen)
Populate a caller allocated AsymmetricKey structure with the provided ECC key data.
CRYPTO_makeKeyInfo
MOC_EXTERN MSTATUS CRYPTO_makeKeyInfo(intBoolean isPrivateKey, ubyte *pAlgId, ubyte4 algIdLen, ubyte *pKeyData, ubyte4 keyDataLen, ubyte **ppKeyInfo, ubyte4 *pKeyInfoLen)
Build SubjectPublicKeyInfo or PrivateKeyInfo.
CRYPTO_serializeKey
MOC_EXTERN MSTATUS CRYPTO_serializeKey(MOC_ASYM(hwAccelDescr hwAccelCtx) AsymmetricKey *pKeyToSerialize, MKeySerialize *pSupportedAlgorithms, ubyte4 supportedAlgorithmCount, serializedKeyFormat format, ubyte **ppSerializedKey, ubyte4 *pSerializedKeyLen)
Serialize an asymmetric key.
CRYPTO_serializeAsymKeyToStorage
MOC_EXTERN MSTATUS CRYPTO_serializeAsymKeyToStorage(MOC_ASYM(hwAccelDescr hwAccelCtx) AsymmetricKey *pKeyToSerialize, serializedKeyFormat format, ubyte *pId, ubyte4 idLen, ubyte4 tokenId, ubyte **ppSerializedKey, ubyte4 *pSerializedKeyLen)
Serialize an asymmetric key to secure storage with a given token and identifier.
CRYPTO_setHybridParameters
MOC_EXTERN MSTATUS CRYPTO_setHybridParameters(AsymmetricKey *pKey, ubyte4 curveId, ubyte4 qsAlgId, ubyte *pPubKey, ubyte4 pubKeyLen)
Populate a caller allocated AsymmetricKey structure with the provided hybrid public key data...
CRYPTO_setRSAParameters
MOC_EXTERN MSTATUS CRYPTO_setRSAParameters(MOC_RSA(hwAccelDescr hwAccelCtx) AsymmetricKey *pKey, ubyte4 exponent, const ubyte *modulus, ubyte4 modulusLen, const ubyte *p, ubyte4 pLen, const ubyte *q, ubyte4 qLen, struct vlong **ppVlongQueue)
Populate an existing AsymmetricKey structure with the provided RSA key data.
CRYPTO_deserializeAsymKey
MOC_EXTERN MSTATUS CRYPTO_deserializeAsymKey(MOC_ASYM(hwAccelDescr hwAccelCtx) ubyte *pSerializedKey, ubyte4 serializedKeyLen, MocCtx pMocCtx, AsymmetricKey *pDeserializedKey)
Deserialize a key, building an AsymmetricKey from the byte array that is the key data.
KeySerializeEcc
MOC_EXTERN MSTATUS KeySerializeEcc(MOC_ASYM(hwAccelDescr) AsymmetricKey *, serializedKeyFormat, ubyte **, ubyte4 *)
This is an implementation of MKeySerialize.
CRYPTO_createDSAKey
MOC_EXTERN MSTATUS CRYPTO_createDSAKey(AsymmetricKey *pKey, struct vlong **ppVlongQueue)
Populate an existing AsymmetricKey structure with a new DSA key.
CRYPTO_deserializeAsymKeyWithCreds
MOC_EXTERN MSTATUS CRYPTO_deserializeAsymKeyWithCreds(MOC_ASYM(hwAccelDescr hwAccelCtx) ubyte *pSerializedKey, ubyte4 serializedKeyLen, MocCtx pMocCtx, ubyte *pPassword, ubyte4 passwordLen, void *pLoadCtx, AsymmetricKey *pDeserializedKey)
Deserialize a key, building an AsymmetricKey from the byte array that is the key data.
MKeySerialize
MSTATUS(* MKeySerialize)(MOC_ASYM(hwAccelDescr hwAccelCtx) AsymmetricKey *, serializedKeyFormat, ubyte **, ubyte4 *)
This is what an MKeySerialize really is.
Definition: pubcrypto.h:457
CRYPTO_initAsymmetricKey
MOC_EXTERN MSTATUS CRYPTO_initAsymmetricKey(AsymmetricKey *pKey)
Initialize a caller allocated AsymmetricKey.
CRYPTO_matchPublicKey
MOC_EXTERN MSTATUS CRYPTO_matchPublicKey(const AsymmetricKey *pKey1, const AsymmetricKey *pKey2)
Determine if two AsymmetricKey structures contain the same key values.
CRYPTO_loadAsymmetricKey
MOC_EXTERN MSTATUS CRYPTO_loadAsymmetricKey(AsymmetricKey *pAsymKey, ubyte4 keyType, void **ppAlgKey)
Load the AlgKey into the AsymKey, transferring ownership to the AsymKey.
CRYPTO_getKeyTapInfo
MOC_EXTERN MSTATUS CRYPTO_getKeyTapInfo(ubyte *pKey, ubyte4 keyLen, MocCtx pMocCtx, byteBoolean *pIsTap, ubyte4 *pProvider, ubyte4 *pModuleId)
Checks a serialized key to see if it is a tradition TAP key or Secure Storage key and outputs the pro...
KeySerializeRsa
MOC_EXTERN MSTATUS KeySerializeRsa(MOC_ASYM(hwAccelDescr) AsymmetricKey *, serializedKeyFormat, ubyte **, ubyte4 *)
This is an implementation of MKeySerialize.
CRYPTO_findKeyInfoComponents
MOC_EXTERN MSTATUS CRYPTO_findKeyInfoComponents(ubyte *pKeyInfo, ubyte4 keyInfoLen, ubyte **ppAlgId, ubyte4 *pAlgIdLen, ubyte **ppKeyData, ubyte4 *pKeyDataLen, intBoolean *isPrivate)
Find the algorithm identifier and the actual key info in the KeyInfo.
KeySerializeDsa
MOC_EXTERN MSTATUS KeySerializeDsa(MOC_ASYM(hwAccelDescr) AsymmetricKey *, serializedKeyFormat, ubyte **, ubyte4 *)
This is an implementation of MKeySerialize.
CRYPTO_createECCKeyEx
MOC_EXTERN MSTATUS CRYPTO_createECCKeyEx(AsymmetricKey *pKey, ubyte4 eccCurveId)
Populate a caller allocated AsymmetricKey structure with a new empty ECC key.
CRYPTO_createRSAKey
MOC_EXTERN MSTATUS CRYPTO_createRSAKey(AsymmetricKey *pKey, struct vlong **ppVlongQueue)
Populate an existing AsymmetricKey structure with a new RSA key.
CRYPTO_setDSAParameters
MOC_EXTERN MSTATUS CRYPTO_setDSAParameters(MOC_DSA(hwAccelDescr hwAccelCtx) AsymmetricKey *pKey, const ubyte *p, ubyte4 pLen, const ubyte *q, ubyte4 qLen, const ubyte *g, ubyte4 gLen, const ubyte *y, ubyte4 yLen, const ubyte *x, ubyte4 xLen, struct vlong **ppVlongQueue)
Populate an existing AsymmetricKey structure with a new DSA key and sets all of the DSA key parameter...
CRYPTO_deserializeKey
MOC_EXTERN MSTATUS CRYPTO_deserializeKey(MOC_ASYM(hwAccelDescr hwAccelCtx) ubyte *pSerializedKey, ubyte4 serializedKeyLen, MKeySerialize *pSupportedAlgorithms, ubyte4 supportedAlgorithmCount, AsymmetricKey *pDeserializedKey)
Deserialize a key, building an AsymmetricKey from the byte array that is the key data.
KeySerializeHybrid
MOC_EXTERN MSTATUS KeySerializeHybrid(AsymmetricKey *, serializedKeyFormat, ubyte **, ubyte4 *)
This is an implementation of MKeySerialize.
CRYPTO_serializeAsymKey
MOC_EXTERN MSTATUS CRYPTO_serializeAsymKey(MOC_ASYM(hwAccelDescr hwAccelCtx) AsymmetricKey *pKeyToSerialize, serializedKeyFormat format, ubyte **ppSerializedKey, ubyte4 *pSerializedKeyLen)
Serialize an asymmetric key.
KeySerializeQs
MOC_EXTERN MSTATUS KeySerializeQs(AsymmetricKey *, serializedKeyFormat, ubyte **, ubyte4 *)
This is an implementation of MKeySerialize.
CRYPTO_getECCurveId
MOC_EXTERN ubyte4 CRYPTO_getECCurveId(const AsymmetricKey *pKey)
Get the ECC curveId from an AsymmetricKey.
CRYPTO_createECCKey
MOC_EXTERN MSTATUS CRYPTO_createECCKey(AsymmetricKey *pKey, PEllipticCurvePtr pEC)
Populate a caller allocated AsymmetricKey structure with a new empty ECC key.
CRYPTO_uninitAsymmetricKey
MOC_EXTERN MSTATUS CRYPTO_uninitAsymmetricKey(AsymmetricKey *pKey, struct vlong **ppVlongQueue)
Uninitialize an AsymmetricKey.
CRYPTO_copyAsymmetricKey
MOC_EXTERN MSTATUS CRYPTO_copyAsymmetricKey(AsymmetricKey *pNew, const AsymmetricKey *pSrc)
Copy the contents an AsymmetricKey to another caller allocated AsymmetricKey.