x509_signature.h
Go to the documentation of this file.
1 /**
2  * @file x509_signature.h
3  * @brief RSA/DSA/ECDSA/EdDSA signature generation and verification
4  *
5  * @section License
6  *
7  * SPDX-License-Identifier: GPL-2.0-or-later
8  *
9  * Copyright (C) 2010-2023 Oryx Embedded SARL. All rights reserved.
10  *
11  * This file is part of CycloneCRYPTO Open.
12  *
13  * This program is free software; you can redistribute it and/or
14  * modify it under the terms of the GNU General Public License
15  * as published by the Free Software Foundation; either version 2
16  * of the License, or (at your option) any later version.
17  *
18  * This program is distributed in the hope that it will be useful,
19  * but WITHOUT ANY WARRANTY; without even the implied warranty of
20  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
21  * GNU General Public License for more details.
22  *
23  * You should have received a copy of the GNU General Public License
24  * along with this program; if not, write to the Free Software Foundation,
25  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
26  *
27  * @author Oryx Embedded SARL (www.oryx-embedded.com)
28  * @version 2.2.2
29  **/
30 
31 #ifndef _X509_SIGNATURE_H
32 #define _X509_SIGNATURE_H
33 
34 //Dependencies
35 #include "core/crypto.h"
36 #include "pkix/x509_common.h"
37 
38 //Signature generation/verification callback functions
39 #ifndef X509_SIGN_CALLBACK_SUPPORT
40  #define X509_SIGN_CALLBACK_SUPPORT DISABLED
41 #elif (X509_SIGN_CALLBACK_SUPPORT != ENABLED && X509_SIGN_CALLBACK_SUPPORT != DISABLED)
42  #error X509_SIGN_CALLBACK_SUPPORT parameter is not valid
43 #endif
44 
45 //C++ guard
46 #ifdef __cplusplus
47 extern "C" {
48 #endif
49 
50 
51 /**
52  * @brief Signature generation callback function
53  **/
54 
55 typedef error_t (*X509SignGenCallback)(const PrngAlgo *prngAlgo,
56  void *prngContext, const uint8_t *tbsCert, size_t tbsCertLen,
57  const X509SignatureAlgoId *signatureAlgoId,
58  const X509SubjectPublicKeyInfo *publicKeyInfo, const void *privateKey,
59  uint8_t *output, size_t *written);
60 
61 
62 /**
63  * @brief Signature verification callback function
64  **/
65 
66 typedef error_t (*X509SignVerifyCallback)(const uint8_t *tbsCert,
67  size_t tbsCertLen, const X509SignatureAlgoId *signatureAlgoId,
68  const X509SubjectPublicKeyInfo *publicKeyInfo,
69  const X509SignatureValue *signatureValue);
70 
71 
72 //X.509 related functions
75 
76 error_t x509GenerateSignature(const PrngAlgo *prngAlgo, void *prngContext,
77  const uint8_t *tbsCert, size_t tbsCertLen, const X509SignatureAlgoId *signatureAlgoId,
78  const X509SubjectPublicKeyInfo *publicKeyInfo, const void *privateKey,
79  uint8_t *output, size_t *written);
80 
81 error_t x509GenerateRsaSignature(const uint8_t *tbsCert, size_t tbsCertLen,
82  const HashAlgo *hashAlgo, const RsaPrivateKey *privateKey, uint8_t *output,
83  size_t *written);
84 
85 error_t x509GenerateRsaPssSignature(const PrngAlgo *prngAlgo, void *prngContext,
86  const uint8_t *tbsCert, size_t tbsCertLen, const HashAlgo *hashAlgo,
87  size_t saltLen, const RsaPrivateKey *privateKey, uint8_t *output,
88  size_t *written);
89 
90 error_t x509GenerateDsaSignature(const PrngAlgo *prngAlgo, void *prngContext,
91  const uint8_t *tbsCert, size_t tbsCertLen, const HashAlgo *hashAlgo,
92  const DsaPrivateKey *privateKey, uint8_t *output, size_t *written);
93 
94 error_t x509GenerateEcdsaSignature(const PrngAlgo *prngAlgo, void *prngContext,
95  const uint8_t *tbsCert, size_t tbsCertLen, const HashAlgo *hashAlgo,
96  const X509SubjectPublicKeyInfo *publicKeyInfo, const EcPrivateKey *privateKey,
97  uint8_t *output, size_t *written);
98 
99 error_t x509GenerateEd25519Signature(const uint8_t *tbsCert, size_t tbsCertLen,
100  const EddsaPrivateKey *privateKey, uint8_t *output, size_t *written);
101 
102 error_t x509GenerateEd448Signature(const uint8_t *tbsCert, size_t tbsCertLen,
103  const EddsaPrivateKey *privateKey, uint8_t *output, size_t *written);
104 
105 error_t x509VerifySignature(const uint8_t *tbsCert, size_t tbsCertLen,
106  const X509SignatureAlgoId *signatureAlgoId,
107  const X509SubjectPublicKeyInfo *publicKeyInfo,
108  const X509SignatureValue *signatureValue);
109 
110 error_t x509VerifyRsaSignature(const uint8_t *tbsCert, size_t tbsCertLen,
111  const HashAlgo *hashAlgo, const X509SubjectPublicKeyInfo *publicKeyInfo,
112  const X509SignatureValue *signatureValue);
113 
114 error_t x509VerifyRsaPssSignature(const uint8_t *tbsCert, size_t tbsCertLen,
115  const HashAlgo *hashAlgo, size_t saltLen,
116  const X509SubjectPublicKeyInfo *publicKeyInfo,
117  const X509SignatureValue *signatureValue);
118 
119 error_t x509VerifyDsaSignature(const uint8_t *tbsCert, size_t tbsCertLen,
120  const HashAlgo *hashAlgo, const X509SubjectPublicKeyInfo *publicKeyInfo,
121  const X509SignatureValue *signatureValue);
122 
123 error_t x509VerifyEcdsaSignature(const uint8_t *tbsCert, size_t tbsCertLen,
124  const HashAlgo *hashAlgo, const X509SubjectPublicKeyInfo *publicKeyInfo,
125  const X509SignatureValue *signatureValue);
126 
127 error_t x509VerifyEd25519Signature(const uint8_t *tbsCert, size_t tbsCertLen,
128  const X509SubjectPublicKeyInfo *publicKeyInfo,
129  const X509SignatureValue *signatureValue);
130 
131 error_t x509VerifyEd448Signature(const uint8_t *tbsCert, size_t tbsCertLen,
132  const X509SubjectPublicKeyInfo *publicKeyInfo,
133  const X509SignatureValue *signatureValue);
134 
135 //C++ guard
136 #ifdef __cplusplus
137 }
138 #endif
139 
140 #endif
X.509 common definitions.
error_t x509VerifyRsaSignature(const uint8_t *tbsCert, size_t tbsCertLen, const HashAlgo *hashAlgo, const X509SubjectPublicKeyInfo *publicKeyInfo, const X509SignatureValue *signatureValue)
RSA signature verification.
error_t x509GenerateSignature(const PrngAlgo *prngAlgo, void *prngContext, const uint8_t *tbsCert, size_t tbsCertLen, const X509SignatureAlgoId *signatureAlgoId, const X509SubjectPublicKeyInfo *publicKeyInfo, const void *privateKey, uint8_t *output, size_t *written)
Certificate signature generation.
error_t x509GenerateRsaSignature(const uint8_t *tbsCert, size_t tbsCertLen, const HashAlgo *hashAlgo, const RsaPrivateKey *privateKey, uint8_t *output, size_t *written)
RSA signature generation.
Signature algorithm identifier.
Definition: x509_common.h:884
#define PrngAlgo
Definition: crypto.h:840
error_t x509VerifyEd25519Signature(const uint8_t *tbsCert, size_t tbsCertLen, const X509SubjectPublicKeyInfo *publicKeyInfo, const X509SignatureValue *signatureValue)
Ed25519 signature verification.
error_t(* X509SignGenCallback)(const PrngAlgo *prngAlgo, void *prngContext, const uint8_t *tbsCert, size_t tbsCertLen, const X509SignatureAlgoId *signatureAlgoId, const X509SubjectPublicKeyInfo *publicKeyInfo, const void *privateKey, uint8_t *output, size_t *written)
Signature generation callback function.
error_t x509GenerateEd25519Signature(const uint8_t *tbsCert, size_t tbsCertLen, const EddsaPrivateKey *privateKey, uint8_t *output, size_t *written)
Ed25519 signature generation.
error_t x509VerifyDsaSignature(const uint8_t *tbsCert, size_t tbsCertLen, const HashAlgo *hashAlgo, const X509SubjectPublicKeyInfo *publicKeyInfo, const X509SignatureValue *signatureValue)
DSA signature verification.
error_t x509GenerateEd448Signature(const uint8_t *tbsCert, size_t tbsCertLen, const EddsaPrivateKey *privateKey, uint8_t *output, size_t *written)
Ed448 signature generation.
error_t x509VerifyRsaPssSignature(const uint8_t *tbsCert, size_t tbsCertLen, const HashAlgo *hashAlgo, size_t saltLen, const X509SubjectPublicKeyInfo *publicKeyInfo, const X509SignatureValue *signatureValue)
RSA-PSS signature verification.
error_t
Error codes.
Definition: error.h:43
error_t x509RegisterSignVerifyCallback(X509SignVerifyCallback callback)
Register signature verification callback function.
error_t x509RegisterSignGenCallback(X509SignGenCallback callback)
Register signature generation callback function.
General definitions for cryptographic algorithms.
error_t x509GenerateRsaPssSignature(const PrngAlgo *prngAlgo, void *prngContext, const uint8_t *tbsCert, size_t tbsCertLen, const HashAlgo *hashAlgo, size_t saltLen, const RsaPrivateKey *privateKey, uint8_t *output, size_t *written)
RSA-PSS signature generation.
EC private key.
Definition: ec.h:104
DSA private key.
Definition: dsa.h:72
error_t(* X509SignVerifyCallback)(const uint8_t *tbsCert, size_t tbsCertLen, const X509SignatureAlgoId *signatureAlgoId, const X509SubjectPublicKeyInfo *publicKeyInfo, const X509SignatureValue *signatureValue)
Signature verification callback function.
Signature value.
Definition: x509_common.h:898
error_t x509VerifyEd448Signature(const uint8_t *tbsCert, size_t tbsCertLen, const X509SubjectPublicKeyInfo *publicKeyInfo, const X509SignatureValue *signatureValue)
Ed448 signature verification.
error_t x509VerifySignature(const uint8_t *tbsCert, size_t tbsCertLen, const X509SignatureAlgoId *signatureAlgoId, const X509SubjectPublicKeyInfo *publicKeyInfo, const X509SignatureValue *signatureValue)
Certificate signature verification.
EdDSA private key.
Definition: eddsa.h:59
error_t x509GenerateEcdsaSignature(const PrngAlgo *prngAlgo, void *prngContext, const uint8_t *tbsCert, size_t tbsCertLen, const HashAlgo *hashAlgo, const X509SubjectPublicKeyInfo *publicKeyInfo, const EcPrivateKey *privateKey, uint8_t *output, size_t *written)
ECDSA signature generation.
RSA private key.
Definition: rsa.h:61
Subject public key information.
Definition: x509_common.h:699
error_t x509GenerateDsaSignature(const PrngAlgo *prngAlgo, void *prngContext, const uint8_t *tbsCert, size_t tbsCertLen, const HashAlgo *hashAlgo, const DsaPrivateKey *privateKey, uint8_t *output, size_t *written)
DSA signature generation.
Common interface for hash algorithms.
Definition: crypto.h:937
error_t x509VerifyEcdsaSignature(const uint8_t *tbsCert, size_t tbsCertLen, const HashAlgo *hashAlgo, const X509SubjectPublicKeyInfo *publicKeyInfo, const X509SignatureValue *signatureValue)
ECDSA signature verification.