/* * Secure eXtended Message Passing framework * Secure eXtended Transport layer implementation: (libsxt) * - very similar to SSH2/TLS * - using already proven and tested crypto algos * - better than TLS for message passing * * PublicPrivateKeyPairs operation API * * (c) Alexander Vdolainen 2016 * * libsxmp is free software: you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as published * by the Free Software Foundation, either version 2.1 of the License, or * (at your option) any later version. * * libsxmp is distributed in the hope that it will be useful, but * WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. * See the GNU Lesser General Public License for more details. * * You should have received a copy of the GNU Lesser General Public License * along with this program. If not, see ."; * */ #ifndef __SXT_SXTKEY_H__ #define __SXT_SXTKEY_H__ /* some taken code , copyright left in the header */ #define ED25519_PK_LEN 32 #define ED25519_SK_LEN 64 #define ED25519_SIG_LEN 64 typedef uint8_t ed25519_pubkey[ED25519_PK_LEN]; typedef uint8_t ed25519_privkey[ED25519_SK_LEN]; typedef uint8_t ed25519_signature[ED25519_SIG_LEN]; #define SXT_PPKP_MAXCSIZE 1024*1024 /* flags */ #define SXT_PPKP_PRIVATE (1 << 2) #define SXT_PPKP_PUBLIC (1 << 1) #define SXT_PPKP_IHASH (1 << 1) #define SXT_PPKP_ENCRYPT (1 << 2) /* magic values */ #define PPKP_MAGIC "0xbeef0101" /* here the supported types in SXT */ #define PPKP_ED25519 0xa typedef struct sxtkey_type { uint8_t type; uint8_t flags; ed25519_pubkey *pubkey; ed25519_privkey *privkey; uint64_t hash; void *priv; } sxtkey_t; typedef struct sxtsignature_type { uint8_t type; ed25519_signature *sig; } sxtsignature_t; /* API */ /* allocate a key */ sxtkey_t *sxtkey_alloc(void); /* burn i.e. zero all stuff within key structure to be * hidden in core dump */ void sxtkey_burn(sxtkey_t *); /* free sxt key structure */ void sxtkey_free(sxtkey_t *); /* generate a keypair, depends on type and optional parameter given * the last one leaved for stable API, current ed25519 keys doesn't * need them */ int sxtkey_generate(sxtkey_t *, int , int ); /* generic functions useful to deal with keys */ /* get 8bit ID from key name */ uint8_t sxtkey_type_fname(const char *); /* get cstring name from type of the key */ const char *sxtkey_name(int); /* return 0 if key isn't public, 1 otherwise */ int sxtkey_public(const sxtkey_t *); /* return 0 if key isn't private, 1 otherwise */ int sxtkey_private(const sxtkey_t *); /* duplication/convertion API */ /* will duplicate a key depends on it's kind */ int sxtkey_dup(const sxtkey_t *, sxtkey_t **); /* will duplicate public key, if key was private or pair - it becomes public */ int sxtkey_dup_public(const sxtkey_t *, sxtkey_t **); /* will duplicate private key, if key public error will returns */ int sxtkey_dup_private(const sxtkey_t *, sxtkey_t **); /* import key API */ /* import a private key, * the most parameters the same as for export */ int sxtkey_import_priv_file(const char *file, const char *passkey, int (*ask_passkey)(char *pkbuf, size_t length, int confirm, void *priv), void *priv, sxtkey_t **ik); /* import a public key from a given file */ int sxtkey_import_public_file(const char *file, sxtkey_t **ik); /* some useful functions to import keys */ /* import public key from base64 blob, ctrl_hash is a hash * for control of decoding */ int sxtkey_pubkey_import_fbase64blob(const char *b64b, uint8_t keytype, uint64_t ctrl_hash, sxtkey_t **ik); /* import a private key from base64 blob * with passkey related pointers (required in case of encrypted key, * SXT_EAUTH will returned if no passed or passkey invalid) */ int sxtkey_privkey_import_fbase64blob(const char *b64pk, uint8_t keytype, int (*ask_passkey)(char *pkbuf, size_t length, int confirm, void *priv), void *priv, sxtkey_t **ik); int sxtkey_privkey_import_rdbuf(ndbuf_t *buf, uint8_t keytype, int (*ask_passkey)(char *pkbuf, size_t length, int confirm, void *priv), void *priv, sxtkey_t **ik); /* export key API */ /** this function will pack the private key to sxt key container and * write it to the file. * @key - private key * @file - file name to write * NOTE: the following parameters required in case if you want to encrypt the key * with passkey (password) * @passkey - plaintext passkey * or * @ask_passkey with: * @@pkbuf - passkey buffer (allocated) * @@length - length of pkbuf * @@confirm - if not nil - function should force passkey confirmation * @@priv - some custom pointer to the some custom data * @priv - the data coming to ask_passkey function */ int sxtkey_export_priv_file(const sxtkey_t *key, const char *file, const char *passkey, int (*ask_passkey)(char *pkbuf, size_t length, int confirm, void *priv), void *priv); /* export a public key to a given file */ int sxtkey_export_public_file(const sxtkey_t *key, const char *file); /* key custom hash ops */ /* assign a 64bit hash, 0 mean there are no hash */ int sxtkey_assign_hash(sxtkey_t *, uint64_t); /* get a 64bit hash from a key */ uint64_t sxtkey_hash(const sxtkey_t *); #endif /* __SXT_SXTKEY_H__ */