Changeset 59689 in vbox for trunk/include/iprt

Timestamp:

Feb 15, 2016 9:25:36 PM (9 years ago)

Author:

vboxsync

svn:sync-xref-src-repo-rev:

105546

Message:

IPRT: Added RTCrDigestGetAlgorithmOid, RTCrDigestTypeToAlgorithmOid, RTCrPkixPubKeyVerifySignedDigest, RTCrX509AlgorithmIdentifier_CombineEncryptionAndDigest, RTCrX509AlgorithmIdentifier_CombineEncryptionOidAndDigestOid, and RTCrX509AlgorithmIdentifier_CompareDigestOidAndEncryptedDigestOid.

Location:

trunk/include/iprt

Files:

• crypto/digest.h (modified) (1 diff)
• crypto/pkix.h (modified) (1 diff)
• crypto/x509.h (modified) (1 diff)
• mangling.h (modified) (4 diffs)

trunk/include/iprt/crypto/digest.h

@@ -182 +182 @@
 RTDECL(bool) RTCrDigestIsFinalized(RTCRDIGEST hDigest);
 RTDECL(RTDIGESTTYPE) RTCrDigestGetType(RTCRDIGEST hDigest);
+RTDECL(const char *) RTCrDigestGetAlgorithmOid(RTCRDIGEST hDigest);
+
+
+/**
+ * Translates an IPRT digest type value to an OID.
+ *
+ * @returns Dotted OID string on success, NULL if not translatable.
+ * @param       enmDigestType       The IPRT digest type value to convert.
+ */
+RTDECL(const char *) RTCrDigestTypeToAlgorithmOid(RTDIGESTTYPE enmDigestType);
 
 /** @} */

trunk/include/iprt/crypto/pkix.h

@@ -53 +53 @@
                                           PCRTASN1BITSTRING pSignatureValue, const void *pvData, size_t cbData,
                                           PRTERRINFO pErrInfo);
+
+
+/**
+ * Verifies the signed digest (@a pvSignedDigest) against our digest (@a
+ * hDigest) using the specfied public key (@a pPublicKey) and algorithm.
+ *
+ * @returns IPRT status code.
+ * @param   pAlgorithm      The signature algorithm (digest w/ cipher).
+ * @param   pParameters     Parameter to the public key algorithm. Optional.
+ * @param   pPublicKey      The public key.
+ * @param   pvSignedDigest  The signed digest.
+ * @param   cbSignedDigest  The signed digest size.
+ * @param   hDigest         The digest of the data to compare @a pvSignedDigest
+ *                          with.
+ * @param   pErrInfo        Where to return extended error info. Optional.
+ */
+RTDECL(int) RTCrPkixPubKeyVerifySignedDigest(PCRTASN1OBJID pAlgorithm, PCRTASN1DYNTYPE pParameters,
+                                             PCRTASN1BITSTRING pPublicKey, void const *pvSignedDigest, size_t cbSignedDigest,
+                                             RTCRDIGEST hDigest, PRTERRINFO pErrInfo);
 
 

trunk/include/iprt/crypto/x509.h

@@ -93 +93 @@
 RTDECL(int) RTCrX509AlgorithmIdentifier_CompareDigestAndEncryptedDigest(PCRTCRX509ALGORITHMIDENTIFIER pDigest,
                                                                         PCRTCRX509ALGORITHMIDENTIFIER pEncryptedDigest);
+/**
+ * Compares a digest OID with an encrypted digest algorithm OID, checking if
+ * they specify the same digest.
+ *
+ * @returns 0 if same digest, -1 if the digest is unknown, 1 if the encrypted
+ *          digest does not match.
+ * @param   pszDigestOid            The digest algorithm OID.
+ * @param   pszEncryptedDigestOid   The encrypted digest algorithm OID.
+ */
+RTDECL(int) RTCrX509AlgorithmIdentifier_CompareDigestOidAndEncryptedDigestOid(const char *pszDigestOid,
+                                                                              const char *pszEncryptedDigestOid);
+
+
+/**
+ * Combine the encryption algorithm with the digest algorithm.
+ *
+ * @returns OID of encrypted digest algorithm.
+ * @param   pEncryption         The encryption algorithm.  Will work if this is
+ *                              the OID of an encrypted digest algorithm too, as
+ *                              long as it matches @a pDigest.
+ * @param   pDigest             The digest algorithm.  Will work if this is the
+ *                              OID of an encrypted digest algorithm too, as
+ *                              long as it matches @a pEncryption.
+ */
+RTDECL(const char *) RTCrX509AlgorithmIdentifier_CombineEncryptionAndDigest(PCRTCRX509ALGORITHMIDENTIFIER pEncryption,
+                                                                            PCRTCRX509ALGORITHMIDENTIFIER pDigest);
+
+/**
+ * Combine the encryption algorithm OID with the digest algorithm OID.
+ *
+ * @returns OID of encrypted digest algorithm.
+ * @param   pszEncryptionOid    The encryption algorithm.  Will work if this is
+ *                              the OID of an encrypted digest algorithm too, as
+ *                              long as it matches @a pszDigestOid.
+ * @param   pszDigestOid        The digest algorithm.  Will work if this is the
+ *                              OID of an encrypted digest algorithm too, as
+ *                              long as it matches @a pszEncryptionOid.
+ */
+RTDECL(const char *) RTCrX509AlgorithmIdentifier_CombineEncryptionOidAndDigestOid(const char *pszEncryptionOid,
+                                                                                  const char *pszDigestOid);
+
 
 /** @name Typical Digest Algorithm OIDs.

trunk/include/iprt/mangling.h

@@ -2692 +2692 @@
 # define RTCrDigestGetHashSize                          RT_MANGLER(RTCrDigestGetHashSize)
 # define RTCrDigestGetType                              RT_MANGLER(RTCrDigestGetType)
+# define RTCrDigestGetAlgorithmOid                      RT_MANGLER(RTCrDigestGetAlgorithmOid)
 # define RTCrDigestIsFinalized                          RT_MANGLER(RTCrDigestIsFinalized)
 # define RTCrDigestMatch                                RT_MANGLER(RTCrDigestMatch)
@@ -2705 +2706 @@
 # define RTCrDigestFindByObjIdString                    RT_MANGLER(RTCrDigestFindByObjIdString)
 # define RTCrDigestFindByType                           RT_MANGLER(RTCrDigestFindByType)
+# define RTCrDigestTypeToAlgorithmOid                   RT_MANGLER(RTCrDigestTypeToAlgorithmOid)
 # define RTCrRsaDigestInfo_DecodeAsn1                   RT_MANGLER(RTCrRsaDigestInfo_DecodeAsn1)
 # define RTCrRsaOtherPrimeInfo_DecodeAsn1               RT_MANGLER(RTCrRsaOtherPrimeInfo_DecodeAsn1)
@@ -2846 +2848 @@
 # define RTCrPkixGetCiperOidFromSignatureAlgorithm      RT_MANGLER(RTCrPkixGetCiperOidFromSignatureAlgorithm)
 # define RTCrPkixPubKeyVerifySignature                  RT_MANGLER(RTCrPkixPubKeyVerifySignature)
+# define RTCrPkixPubKeyVerifySignedDigest               RT_MANGLER(RTCrPkixPubKeyVerifySignedDigest)
 # define RTCrSpcAttributeTypeAndOptionalValue_DecodeAsn1 RT_MANGLER(RTCrSpcAttributeTypeAndOptionalValue_DecodeAsn1)
 # define RTCrSpcIndirectDataContent_DecodeAsn1          RT_MANGLER(RTCrSpcIndirectDataContent_DecodeAsn1)
@@ -2961 +2964 @@
 # define RTCrX509CertPathsValidateAll                   RT_MANGLER(RTCrX509CertPathsValidateAll)
 # define RTCrX509CertPathsValidateOne                   RT_MANGLER(RTCrX509CertPathsValidateOne)
-# define RTCrX509AlgorithmIdentifier_Compare            RT_MANGLER(RTCrX509AlgorithmIdentifier_Compare)
-# define RTCrX509AlgorithmIdentifier_CompareDigestAndEncryptedDigest RT_MANGLER(RTCrX509AlgorithmIdentifier_CompareDigestAndEncryptedDigest)
+# define RTCrX509AlgorithmIdentifier_CombineEncryptionAndDigest             RT_MANGLER(RTCrX509AlgorithmIdentifier_CombineEncryptionAndDigest)
+# define RTCrX509AlgorithmIdentifier_CombineEncryptionOidAndDigestOid       RT_MANGLER(RTCrX509AlgorithmIdentifier_CombineEncryptionOidAndDigestOid)
+# define RTCrX509AlgorithmIdentifier_Compare                                RT_MANGLER(RTCrX509AlgorithmIdentifier_Compare)
+# define RTCrX509AlgorithmIdentifier_CompareDigestAndEncryptedDigest        RT_MANGLER(RTCrX509AlgorithmIdentifier_CompareDigestAndEncryptedDigest)
+# define RTCrX509AlgorithmIdentifier_CompareDigestOidAndEncryptedDigestOid  RT_MANGLER(RTCrX509AlgorithmIdentifier_CompareDigestOidAndEncryptedDigestOid)
 # define RTCrX509AlgorithmIdentifier_CompareWithString  RT_MANGLER(RTCrX509AlgorithmIdentifier_CompareWithString)
 # define RTCrX509AlgorithmIdentifier_Delete             RT_MANGLER(RTCrX509AlgorithmIdentifier_Delete)