lib-dcrypt: Add API for dealing with raw keys

diff --git a/src/lib-dcrypt/dcrypt-private.h b/src/lib-dcrypt/dcrypt-private.h
index ac146dbc92bc9012621c00cde29288930285b2df..c13bc84eb581880c3037608f9628443e19b7d4de 100644 (file)
--- a/src/lib-dcrypt/dcrypt-private.h
+++ b/src/lib-dcrypt/dcrypt-private.h
@@ -151,6 +151,24 @@ struct dcrypt_vfs {
                               const char **error_r);
        bool (*private_key_id_old)(struct dcrypt_private_key *key,
                                   buffer_t *result, const char **error_r);
+       bool (*key_store_private_raw)(struct dcrypt_private_key *key,
+                                     pool_t pool,
+                                     enum dcrypt_key_type *key_type_r,
+                                     ARRAY_TYPE(dcrypt_raw_key) *keys_r,
+                                     const char **error_r);
+       bool (*key_store_public_raw)(struct dcrypt_public_key *key,
+                                    pool_t pool,
+                                    enum dcrypt_key_type *key_type_r,
+                                    ARRAY_TYPE(dcrypt_raw_key) *keys_r,
+                                    const char **error_r);
+       bool (*key_load_private_raw)(struct dcrypt_private_key **key_r,
+                                    enum dcrypt_key_type key_type,
+                                    const ARRAY_TYPE(dcrypt_raw_key) *keys,
+                                    const char **error_r);
+       bool (*key_load_public_raw)(struct dcrypt_public_key **key_r,
+                                   enum dcrypt_key_type key_type,
+                                   const ARRAY_TYPE(dcrypt_raw_key) *keys,
+                                   const char **error_r);
 };
 
 void dcrypt_set_vfs(struct dcrypt_vfs *vfs);

diff --git a/src/lib-dcrypt/dcrypt.c b/src/lib-dcrypt/dcrypt.c
index d9922054b02c169d46e2ec5a6dd4a661ac015210..2db30c19ac2db503bb89da886ee19c54debe5043 100644 (file)
--- a/src/lib-dcrypt/dcrypt.c
+++ b/src/lib-dcrypt/dcrypt.c
@@ -433,3 +433,60 @@ bool dcrypt_name2oid(const char *name, buffer_t *oid, const char **error_r)
        return dcrypt_vfs->name2oid(name, oid, error_r);
 }
 
+bool dcrypt_key_store_private_raw(struct dcrypt_private_key *key,
+                                 pool_t pool,
+                                 enum dcrypt_key_type *key_type_r,
+                                 ARRAY_TYPE(dcrypt_raw_key) *keys_r,
+                                 const char **error_r)
+{
+       i_assert(dcrypt_vfs != NULL);
+       if (dcrypt_vfs->key_store_private_raw == NULL) {
+               *error_r = "Not implemented";
+               return FALSE;
+       }
+       return dcrypt_vfs->key_store_private_raw(key, pool, key_type_r, keys_r,
+                                                error_r);
+}
+
+bool dcrypt_key_store_public_raw(struct dcrypt_public_key *key,
+                                pool_t pool,
+                                enum dcrypt_key_type *key_type_r,
+                                ARRAY_TYPE(dcrypt_raw_key) *keys_r,
+                                const char **error_r)
+{
+       i_assert(dcrypt_vfs != NULL);
+       if (dcrypt_vfs->key_store_public_raw == NULL) {
+               *error_r = "Not implemented";
+               return FALSE;
+       }
+       return dcrypt_vfs->key_store_public_raw(key, pool, key_type_r, keys_r,
+                                               error_r);
+}
+
+bool dcrypt_key_load_private_raw(struct dcrypt_private_key **key_r,
+                                enum dcrypt_key_type key_type,
+                                const ARRAY_TYPE(dcrypt_raw_key) *keys,
+                                const char **error_r)
+{
+       i_assert(dcrypt_vfs != NULL);
+       if (dcrypt_vfs->key_load_private_raw == NULL) {
+               *error_r = "Not implemented";
+               return FALSE;
+       }
+       return dcrypt_vfs->key_load_private_raw(key_r, key_type, keys,
+                                               error_r);
+}
+
+bool dcrypt_key_load_public_raw(struct dcrypt_public_key **key_r,
+                               enum dcrypt_key_type key_type,
+                               const ARRAY_TYPE(dcrypt_raw_key) *keys,
+                               const char **error_r)
+{
+       i_assert(dcrypt_vfs != NULL);
+       if (dcrypt_vfs->key_load_public_raw == NULL) {
+               *error_r = "Not implemented";
+               return FALSE;
+       }
+       return dcrypt_vfs->key_load_public_raw(key_r, key_type, keys,
+                                              error_r);
+}

diff --git a/src/lib-dcrypt/dcrypt.h b/src/lib-dcrypt/dcrypt.h
index f6145b0c2770a59cd2e66eea1504675fdd14d069..da20496bffe44fd7db5f34fb5f99a8673722472e 100644 (file)
--- a/src/lib-dcrypt/dcrypt.h
+++ b/src/lib-dcrypt/dcrypt.h
@@ -1,5 +1,6 @@
 #ifndef DCRYPT_H
 #define DCRYPT_H 1
+#include "array.h"
 
 struct dcrypt_context_symmetric;
 struct dcrypt_context_hmac;
@@ -56,6 +57,13 @@ struct dcrypt_settings {
        const char *module_dir;
 };
 
+struct dcrypt_raw_key {
+       const void *parameter;
+       size_t len;
+};
+
+ARRAY_DEFINE_TYPE(dcrypt_raw_key, struct dcrypt_raw_key);
+
 /**
  * load and initialize dcrypt backend, use either openssl or gnutls
  */
@@ -254,6 +262,48 @@ bool dcrypt_key_id_private(struct dcrypt_private_key *key,
 bool dcrypt_key_id_private_old(struct dcrypt_private_key *key,
                               buffer_t *result, const char **error_r);
 
+/* return raw private key:
+   Only ECC supported currently
+
+   returns OID bytes and private key in bigendian bytes
+*/
+bool dcrypt_key_store_private_raw(struct dcrypt_private_key *key,
+                                 pool_t pool,
+                                 enum dcrypt_key_type *key_type_r,
+                                 ARRAY_TYPE(dcrypt_raw_key) *keys_r,
+                                 const char **error_r);
+
+/* return raw public key
+   Only ECC supported currently
+
+   returns OID bytes and public key in compressed form (z||x)
+*/
+bool dcrypt_key_store_public_raw(struct dcrypt_public_key *key,
+                                pool_t pool,
+                                enum dcrypt_key_type *key_type_r,
+                                ARRAY_TYPE(dcrypt_raw_key) *keys_r,
+                                const char **error_r);
+
+/* load raw private key:
+   Only ECC supported currently
+
+   expects OID bytes and private key in bigendian bytes
+*/
+bool dcrypt_key_load_private_raw(struct dcrypt_private_key **key_r,
+                                enum dcrypt_key_type key_type,
+                                const ARRAY_TYPE(dcrypt_raw_key) *keys,
+                                const char **error_r);
+
+/* load raw public key
+   Only ECC supported currently
+
+   expects OID bytes and public key bytes.
+*/
+bool dcrypt_key_load_public_raw(struct dcrypt_public_key **key_r,
+                               enum dcrypt_key_type key_type,
+                               const ARRAY_TYPE(dcrypt_raw_key) *keys,
+                               const char **error_r);
+
 bool dcrypt_key_string_get_info(const char *key_data,
                                enum dcrypt_key_format *format_r,
                                enum dcrypt_key_version *version_r,