xsec/enc/OpenSSL/OpenSSLCryptoKeyEC.hpp - santuario-cpp - Git at Google

 /**
  * Licensed to the Apache Software Foundation (ASF) under one
  * or more contributor license agreements. See the NOTICE file
  * distributed with this work for additional information
  * regarding copyright ownership. The ASF licenses this file
  * to you under the Apache License, Version 2.0 (the
  * "License"); you may not use this file except in compliance
  * with the License. You may obtain a copy of the License at
  *
  * http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing,
  * software distributed under the License is distributed on an
  * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
  * KIND, either express or implied. See the License for the
  * specific language governing permissions and limitations
  * under the License.
  */

 /*
  * XSEC
  *
  * OpenSSLCryptoKeyEC := EC Keys
  *
  * Author(s): Scott Cantor
  *
  * $Id:$
  *
  */

 #ifndef OPENSSLCRYPTOKEYEC_INCLUDE
 #define OPENSSLCRYPTOKEYEC_INCLUDE

 #include <xsec/enc/XSECCryptoKeyEC.hpp>

 #if defined (XSEC_HAVE_OPENSSL) && defined(XSEC_OPENSSL_HAVE_EC)
 #include <openssl/ec.h>
 #include <openssl/evp.h>

 /**
  * \ingroup opensslcrypto
  */

 /**
  * \brief OpenSSL implementation class for EC keys.
  *
  * The library uses classes derived from this to process EC keys.
  */


 class XSEC_EXPORT OpenSSLCryptoKeyEC : public XSECCryptoKeyEC {

 public :

 	/** @name Constructors and Destructors */
 	//@{

 	OpenSSLCryptoKeyEC();

 	/**
 	 * \brief Destructor
 	 *
 	 * Will call the OpenSSL function to destroy the EC key - which will
 	 * also overwrite any Private keys
 	 */

 	virtual ~OpenSSLCryptoKeyEC();

 	//@}

 	/** @name Required Key Interface methods */
 	//@{

 	/**
 	 * \brief Return the type of this key.
 	 *
 	 * Allows the caller (and library) to determine whether this is a
 	 * public key, private key or a key pair
 	 */

 	virtual XSECCryptoKey::KeyType getKeyType() const;

 	/**
 	 *\brief Return the OpenSSL string identifier
 	 */

 	virtual const XMLCh * getProviderName() const;

 	/**
 	 * \brief Replicate key
 	 */

 	virtual XSECCryptoKey * clone() const;

 	//@}

 	/** @name Required EC methods */
 	//@{

 	/**
 	 * \brief Create an EC-DSA signature
 	 *
 	 * Sign the buffer using the internal private key.  Will throw an ECError
 	 * if the key is not set, or is not a private key.
 	 *
 	 * @param hashBuf Buffer containing the pre-calculated (binary) digest
 	 * @param hashLen Number of bytes of hash in the hashBuf
 	 * @param base64SignatureBuf Buffer to place the base64 encoded result
 	 * in.
 	 * @param base64SignatureBufLen Implementations need to ensure they do
 	 * not write more bytes than this into the buffer
 	 */

 	virtual unsigned int signBase64SignatureDSA(unsigned char * hashBuf,
 		unsigned int hashLen,
 		char * base64SignatureBuf,
 		unsigned int base64SignatureBufLen) const;

 	/**
 	 * \brief Verify an EC-DSA signature
 	 *
 	 * The library will call this function to validate a signature
 	 *
 	 * @param hashBuf Buffer containing the pre-calculated (binary) digest
 	 * @param hashLen Length of the data in the digest buffer
 	 * @param base64Signature Buffer containing the Base64 encoded signature
 	 * @param sigLen Length of the data in the signature buffer
 	 * @returns true if the signature was valid, false otherwise
 	 */


 	virtual bool verifyBase64SignatureDSA(unsigned char * hashBuf,
 							 unsigned int hashLen,
 							 char * base64Signature,
 							 unsigned int sigLen) const;

 	//@}

 	/** @name Optional Interface methods
 	 *
 	 * Have been fully implemented in the OpenSSL interface to allow interop
 	 * testing to occur.
 	 *
 	 */
 	//@{

     virtual void loadPublicKeyBase64(const char* curveName,
         const char* b64,
         unsigned int len);

 	//@}

 	/** @name OpenSSL Specific functions */
 	//@{

 	/**
 	 * \brief Library specific constructor
 	 *
 	 * Used to create a new key around an OpenSSL EVP_PKEY object
 	 * holding an EC key
 	 */

 	OpenSSLCryptoKeyEC(EVP_PKEY *k);

 	/**
 	 * \brief Get OpenSSL EC_KEY structure
 	 */

 	EC_KEY * getOpenSSLEC(void) {return mp_ecKey;}

     /**
 	 * \brief Get OpenSSL EC_KEY structure
 	 */

 	const EC_KEY * getOpenSSLEC(void) const {return mp_ecKey;}

 	//@}
 	//@}


 private:

 	EC_KEY					        * mp_ecKey;

 };

 #endif /* XSEC_HAVE_OPENSSL */
 #endif /* XSECCRYPTOKEYEC_INCLUDE */
	/**
	* Licensed to the Apache Software Foundation (ASF) under one
	* or more contributor license agreements. See the NOTICE file
	* distributed with this work for additional information
	* regarding copyright ownership. The ASF licenses this file
	* to you under the Apache License, Version 2.0 (the
	* "License"); you may not use this file except in compliance
	* with the License. You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing,
	* software distributed under the License is distributed on an
	* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
	* KIND, either express or implied. See the License for the
	* specific language governing permissions and limitations
	* under the License.
	*/

	/*
	* XSEC
	*
	* OpenSSLCryptoKeyEC := EC Keys
	*
	* Author(s): Scott Cantor
	*
	* $Id:$
	*
	*/

	#ifndef OPENSSLCRYPTOKEYEC_INCLUDE
	#define OPENSSLCRYPTOKEYEC_INCLUDE

	#include <xsec/enc/XSECCryptoKeyEC.hpp>

	#if defined (XSEC_HAVE_OPENSSL) && defined(XSEC_OPENSSL_HAVE_EC)
	#include <openssl/ec.h>
	#include <openssl/evp.h>

	/**
	* \ingroup opensslcrypto
	*/

	/**
	* \brief OpenSSL implementation class for EC keys.
	*
	* The library uses classes derived from this to process EC keys.
	*/


	class XSEC_EXPORT OpenSSLCryptoKeyEC : public XSECCryptoKeyEC {

	public :

	/** @name Constructors and Destructors */
	//@{

	OpenSSLCryptoKeyEC();

	/**
	* \brief Destructor
	*
	* Will call the OpenSSL function to destroy the EC key - which will
	* also overwrite any Private keys
	*/

	virtual ~OpenSSLCryptoKeyEC();

	//@}

	/** @name Required Key Interface methods */
	//@{

	/**
	* \brief Return the type of this key.
	*
	* Allows the caller (and library) to determine whether this is a
	* public key, private key or a key pair
	*/

	virtual XSECCryptoKey::KeyType getKeyType() const;

	/**
	*\brief Return the OpenSSL string identifier
	*/

	virtual const XMLCh * getProviderName() const;

	/**
	* \brief Replicate key
	*/

	virtual XSECCryptoKey * clone() const;

	//@}

	/** @name Required EC methods */
	//@{

	/**
	* \brief Create an EC-DSA signature
	*
	* Sign the buffer using the internal private key. Will throw an ECError
	* if the key is not set, or is not a private key.
	*
	* @param hashBuf Buffer containing the pre-calculated (binary) digest
	* @param hashLen Number of bytes of hash in the hashBuf
	* @param base64SignatureBuf Buffer to place the base64 encoded result
	* in.
	* @param base64SignatureBufLen Implementations need to ensure they do
	* not write more bytes than this into the buffer
	*/

	virtual unsigned int signBase64SignatureDSA(unsigned char * hashBuf,
	unsigned int hashLen,
	char * base64SignatureBuf,
	unsigned int base64SignatureBufLen) const;

	/**
	* \brief Verify an EC-DSA signature
	*
	* The library will call this function to validate a signature
	*
	* @param hashBuf Buffer containing the pre-calculated (binary) digest
	* @param hashLen Length of the data in the digest buffer
	* @param base64Signature Buffer containing the Base64 encoded signature
	* @param sigLen Length of the data in the signature buffer
	* @returns true if the signature was valid, false otherwise
	*/


	virtual bool verifyBase64SignatureDSA(unsigned char * hashBuf,
	unsigned int hashLen,
	char * base64Signature,
	unsigned int sigLen) const;

	//@}

	/** @name Optional Interface methods
	*
	* Have been fully implemented in the OpenSSL interface to allow interop
	* testing to occur.
	*
	*/
	//@{

	virtual void loadPublicKeyBase64(const char* curveName,
	const char* b64,
	unsigned int len);

	//@}

	/** @name OpenSSL Specific functions */
	//@{

	/**
	* \brief Library specific constructor
	*
	* Used to create a new key around an OpenSSL EVP_PKEY object
	* holding an EC key
	*/

	OpenSSLCryptoKeyEC(EVP_PKEY *k);

	/**
	* \brief Get OpenSSL EC_KEY structure
	*/

	EC_KEY * getOpenSSLEC(void) {return mp_ecKey;}

	/**
	* \brief Get OpenSSL EC_KEY structure
	*/

	const EC_KEY * getOpenSSLEC(void) const {return mp_ecKey;}

	//@}
	//@}


	private:

	EC_KEY * mp_ecKey;

	};

	#endif /* XSEC_HAVE_OPENSSL */
	#endif /* XSECCRYPTOKEYEC_INCLUDE */