summaryrefslogtreecommitdiffstats
path: root/security/nss/lib/cryptohi/keyi.h
diff options
context:
space:
mode:
Diffstat (limited to 'security/nss/lib/cryptohi/keyi.h')
-rw-r--r--security/nss/lib/cryptohi/keyi.h45
1 files changed, 45 insertions, 0 deletions
diff --git a/security/nss/lib/cryptohi/keyi.h b/security/nss/lib/cryptohi/keyi.h
new file mode 100644
index 0000000000..5683afbeb6
--- /dev/null
+++ b/security/nss/lib/cryptohi/keyi.h
@@ -0,0 +1,45 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef _KEYI_H_
+#define _KEYI_H_
+#include "secerr.h"
+
+SEC_BEGIN_PROTOS
+/* NSS private functions */
+/* map an oid to a keytype... actually this function and it's converse
+ * are good candidates for public functions.. */
+KeyType seckey_GetKeyType(SECOidTag pubKeyOid);
+
+/* extract the 'encryption' (could be signing) and hash oids from and
+ * algorithm, key and parameters (parameters is the parameters field
+ * of a algorithm ID structure (SECAlgorithmID)*/
+SECStatus sec_DecodeSigAlg(const SECKEYPublicKey *key, SECOidTag sigAlg,
+ const SECItem *param, SECOidTag *encalg, SECOidTag *hashalg);
+
+/* just get the 'encryption' oid from the combined signature oid */
+SECOidTag sec_GetEncAlgFromSigAlg(SECOidTag sigAlg);
+
+/* extract the RSA-PSS hash algorithms and salt length from
+ * parameters, taking into account of the default implications.
+ *
+ * (parameters is the parameters field of a algorithm ID structure
+ * (SECAlgorithmID)*/
+SECStatus sec_DecodeRSAPSSParams(PLArenaPool *arena,
+ const SECItem *params,
+ SECOidTag *hashAlg,
+ SECOidTag *maskHashAlg,
+ unsigned long *saltLength);
+
+/* convert the encoded RSA-PSS parameters into PKCS #11 mechanism parameters */
+SECStatus sec_DecodeRSAPSSParamsToMechanism(PLArenaPool *arena,
+ const SECItem *params,
+ CK_RSA_PKCS_PSS_PARAMS *mech);
+
+/* make sure the key length matches the policy for keyType */
+SECStatus seckey_EnforceKeySize(KeyType keyType, unsigned keyLength,
+ SECErrorCodes error);
+SEC_END_PROTOS
+
+#endif /* _KEYHI_H_ */