2 * keyraw.h -- raw key and signature access and conversion
4 * Copyright (c) 2005-2008, NLnet Labs. All rights reserved.
6 * See LICENSE for the license.
13 * raw key and signature access and conversion
15 * Since those functions heavily rely op cryptographic operations,
16 * this module is dependent on openssl.
26 #if LDNS_BUILD_CONFIG_HAVE_SSL
27 # include <openssl/ssl.h>
28 # include <openssl/evp.h>
29 #endif /* LDNS_BUILD_CONFIG_HAVE_SSL */
32 * get the length of the keydata in bits
33 * \param[in] keydata the raw key data
34 * \param[in] len the length of the keydata
35 * \param[in] alg the cryptographic algorithm this is a key for
36 * \return the keysize in bits, or 0 on error
38 size_t sldns_rr_dnskey_key_size_raw(const unsigned char *keydata,
39 const size_t len, int alg);
42 * Calculates keytag of DNSSEC key, operates on wireformat rdata.
43 * \param[in] key the key as uncompressed wireformat rdata.
44 * \param[in] keysize length of key data.
47 uint16_t sldns_calc_keytag_raw(uint8_t* key, size_t keysize);
49 #if LDNS_BUILD_CONFIG_HAVE_SSL
51 * Get the PKEY id for GOST, loads GOST into openssl as a side effect.
52 * Only available if GOST is compiled into the library and openssl.
53 * \return the gost id for EVP_CTX creation.
55 int sldns_key_EVP_load_gost_id(void);
57 /** Release the engine reference held for the GOST engine. */
58 void sldns_key_EVP_unload_gost(void);
61 * Like sldns_key_buf2dsa, but uses raw buffer.
62 * \param[in] key the uncompressed wireformat of the key.
63 * \param[in] len length of key data
64 * \return a DSA * structure with the key material
66 DSA *sldns_key_buf2dsa_raw(unsigned char* key, size_t len);
69 * Converts a holding buffer with key material to EVP PKEY in openssl.
70 * Only available if ldns was compiled with GOST.
71 * \param[in] key data to convert
72 * \param[in] keylen length of the key data
73 * \return the key or NULL on error.
75 EVP_PKEY* sldns_gost2pkey_raw(unsigned char* key, size_t keylen);
78 * Converts a holding buffer with key material to EVP PKEY in openssl.
79 * Only available if ldns was compiled with ECDSA.
80 * \param[in] key data to convert
81 * \param[in] keylen length of the key data
82 * \param[in] algo precise algorithm to initialize ECC group values.
83 * \return the key or NULL on error.
85 EVP_PKEY* sldns_ecdsa2pkey_raw(unsigned char* key, size_t keylen, uint8_t algo);
88 * Like sldns_key_buf2rsa, but uses raw buffer.
89 * \param[in] key the uncompressed wireformat of the key.
90 * \param[in] len length of key data
91 * \return a RSA * structure with the key material
93 RSA *sldns_key_buf2rsa_raw(unsigned char* key, size_t len);
96 * Converts a holding buffer with key material to EVP PKEY in openssl.
97 * Only available if ldns was compiled with ED25519.
98 * \param[in] key the uncompressed wireformat of the key.
99 * \param[in] len length of key data
100 * \return the key or NULL on error.
102 EVP_PKEY* sldns_ed255192pkey_raw(const unsigned char* key, size_t len);
105 * Utility function to calculate hash using generic EVP_MD pointer.
106 * \param[in] data the data to hash.
107 * \param[in] len length of data.
108 * \param[out] dest the destination of the hash, must be large enough.
109 * \param[in] md the message digest to use.
110 * \return true if worked, false on failure.
112 int sldns_digest_evp(unsigned char* data, unsigned int len,
113 unsigned char* dest, const EVP_MD* md);
115 #endif /* LDNS_BUILD_CONFIG_HAVE_SSL */
121 #endif /* LDNS_KEYRAW_H */