libsxmp/include/sxt/sxtkey.h

/*
 * Secure eXtended Message Passing framework
 * Secure eXtended Transport layer implementation: (libsxt)
 * - very similar to SSH2/TLS
 * - using already proven and tested crypto algos
 * - better than TLS for message passing
 *
 * PublicPrivateKeyPairs operation API
 *
 * (c) Alexander Vdolainen 2016 <avdolainen@zoho.com>
 *
 * libsxmp is free software: you can redistribute it and/or modify it
 * under the terms of the GNU Lesser General Public License as published
 * by the Free Software Foundation, either version 2.1 of the License, or
 * (at your option) any later version.
 *
 * libsxmp is distributed in the hope that it will be useful, but
 * WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
 * See the GNU Lesser General Public License for more details.
 *
 * You should have received a copy of the GNU Lesser General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>.";
 *
 */

#ifndef __SXT_SXTKEY_H__
#define __SXT_SXTKEY_H__

/* some taken code , copyright left in the header */
#define ED25519_PK_LEN 32
#define ED25519_SK_LEN 64
#define ED25519_SIG_LEN 64

typedef uint8_t ed25519_pubkey[ED25519_PK_LEN];
typedef uint8_t ed25519_privkey[ED25519_SK_LEN];
typedef uint8_t ed25519_signature[ED25519_SIG_LEN];

#define SXT_PPKP_MAXCSIZE  1024*1024

/* flags */
#define SXT_PPKP_PRIVATE  (1 << 2)
#define SXT_PPKP_PUBLIC   (1 << 1)

#define SXT_PPKP_IHASH    (1 << 1)
#define SXT_PPKP_ENCRYPT  (1 << 2)

/* magic values */
#define PPKP_MAGIC  "0xbeef0101"

/* here the supported types in SXT */
#define PPKP_ED25519  0xa

typedef struct sxtkey_type {
  uint8_t type;
  uint8_t flags;
  ed25519_pubkey *pubkey;
  ed25519_privkey *privkey;
  uint64_t hash;
  void *priv;
} sxtkey_t;

typedef struct sxtsignature_type {
  uint8_t type;
  ed25519_signature *sig;
} sxtsignature_t;

/* API */
/* allocate a key */
sxtkey_t *sxtkey_alloc(void);

/* burn i.e. zero all stuff within key structure to be
 * hidden in core dump
 */
void sxtkey_burn(sxtkey_t *);

/* free sxt key structure */
void sxtkey_free(sxtkey_t *);

/* generate a keypair, depends on type and optional parameter given
 * the last one leaved for stable API, current ed25519 keys doesn't
 * need them
 */
int sxtkey_generate(sxtkey_t *, int , int );

/* generic functions useful to deal with keys */
/* get 8bit ID from key name */
uint8_t sxtkey_type_fname(const char *);

/* get cstring name from type of the key */
const char *sxtkey_name(int);

/* return 0 if key isn't public, 1 otherwise */
int sxtkey_public(const sxtkey_t *);
/* return 0 if key isn't private, 1 otherwise */
int sxtkey_private(const sxtkey_t *);

/* duplication/convertion API */
/* will duplicate a key depends on it's kind */
int sxtkey_dup(const sxtkey_t *, sxtkey_t **);

/* will duplicate public key, if key was private or pair - it becomes public */
int sxtkey_dup_public(const sxtkey_t *, sxtkey_t **);

/* will duplicate private key, if key public error will returns */
int sxtkey_dup_private(const sxtkey_t *, sxtkey_t **);

/* import key API */

/* import a private key,
 * the most parameters the same as for export
 */
int sxtkey_import_priv_file(const char *file, const char *passkey,
                            int (*ask_passkey)(char *pkbuf, size_t length, int confirm, void *priv),
                            void *priv, sxtkey_t **ik);

/* import a public key from a given file */
int sxtkey_import_public_file(const char *file, sxtkey_t **ik);

/* some useful functions to import keys */
/* import public key from base64 blob, ctrl_hash is a hash
 * for control of decoding
 */
int sxtkey_pubkey_import_fbase64blob(const char *b64b, uint8_t keytype,
                                     uint64_t ctrl_hash, sxtkey_t **ik);

/* import a private key from base64 blob
 * with passkey related pointers (required in case of encrypted key,
 * SXT_EAUTH will returned if no passed or passkey invalid)
 */
int sxtkey_privkey_import_fbase64blob(const char *b64pk, uint8_t keytype,
                                      int (*ask_passkey)(char *pkbuf, size_t length,
                                                         int confirm, void *priv),
                                      void *priv, sxtkey_t **ik);

int sxtkey_privkey_import_rdbuf(ndbuf_t *buf, uint8_t keytype,
                                int (*ask_passkey)(char *pkbuf, size_t length,
                                                   int confirm, void *priv),
                                void *priv, sxtkey_t **ik);

/* export key API */
/** this function will pack the private key to sxt key container and
 * write it to the file.
 * @key - private key
 * @file - file name to write
 * NOTE: the following parameters required in case if you want to encrypt the key
 * with passkey (password)
 * @passkey - plaintext passkey
 * or
 * @ask_passkey with:
 *  @@pkbuf - passkey buffer (allocated)
 *  @@length - length of pkbuf
 *  @@confirm - if not nil - function should force passkey confirmation
 *  @@priv - some custom pointer to the some custom data
 * @priv - the data coming to ask_passkey function
 */
int sxtkey_export_priv_file(const sxtkey_t *key, const char *file, const char *passkey,
                             int (*ask_passkey)(char *pkbuf, size_t length, int confirm, void *priv),
                             void *priv);

/* export a public key to a given file */
int sxtkey_export_public_file(const sxtkey_t *key, const char *file);

/* key custom hash ops */
/* assign a 64bit hash, 0 mean there are no hash */
int sxtkey_assign_hash(sxtkey_t *, uint64_t);
/* get a 64bit hash from a key */
uint64_t sxtkey_hash(const sxtkey_t *);

#endif /* __SXT_SXTKEY_H__ */