1 /* Copyright (c) 2016, Google Inc. 2 * 3 * Permission to use, copy, modify, and/or distribute this software for any 4 * purpose with or without fee is hereby granted, provided that the above 5 * copyright notice and this permission notice appear in all copies. 6 * 7 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 8 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 9 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY 10 * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 11 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION 12 * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN 13 * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ 14 15 #ifndef OPENSSL_HEADER_X509_INTERNAL_H 16 #define OPENSSL_HEADER_X509_INTERNAL_H 17 18 #include <openssl/base.h> 19 #include <openssl/evp.h> 20 #include <openssl/x509.h> 21 22 #if defined(__cplusplus) 23 extern "C" { 24 #endif 25 26 27 /* RSA-PSS functions. */ 28 29 /* x509_rsa_pss_to_ctx configures |ctx| for an RSA-PSS operation based on 30 * signature algorithm parameters in |sigalg| (which must have type 31 * |NID_rsassaPss|) and key |pkey|. It returns one on success and zero on 32 * error. */ 33 int x509_rsa_pss_to_ctx(EVP_MD_CTX *ctx, X509_ALGOR *sigalg, EVP_PKEY *pkey); 34 35 /* x509_rsa_pss_to_ctx sets |algor| to the signature algorithm parameters for 36 * |ctx|, which must have been configured for an RSA-PSS signing operation. It 37 * returns one on success and zero on error. */ 38 int x509_rsa_ctx_to_pss(EVP_MD_CTX *ctx, X509_ALGOR *algor); 39 40 /* x509_print_rsa_pss_params prints a human-readable representation of RSA-PSS 41 * parameters in |sigalg| to |bp|. It returns one on success and zero on 42 * error. */ 43 int x509_print_rsa_pss_params(BIO *bp, const X509_ALGOR *sigalg, int indent, 44 ASN1_PCTX *pctx); 45 46 47 /* Signature algorithm functions. */ 48 49 /* x509_digest_sign_algorithm encodes the signing parameters of |ctx| as an 50 * AlgorithmIdentifer and saves the result in |algor|. It returns one on 51 * success, or zero on error. */ 52 int x509_digest_sign_algorithm(EVP_MD_CTX *ctx, X509_ALGOR *algor); 53 54 /* x509_digest_verify_init sets up |ctx| for a signature verification operation 55 * with public key |pkey| and parameters from |algor|. The |ctx| argument must 56 * have been initialised with |EVP_MD_CTX_init|. It returns one on success, or 57 * zero on error. */ 58 int x509_digest_verify_init(EVP_MD_CTX *ctx, X509_ALGOR *sigalg, 59 EVP_PKEY *pkey); 60 61 62 #if defined(__cplusplus) 63 } /* extern C */ 64 #endif 65 66 #endif /* OPENSSL_HEADER_X509_INTERNAL_H */ 67