aboutsummaryrefslogtreecommitdiffstats
path: root/libparc/parc/security/parc_Pkcs12KeyStore.h
diff options
context:
space:
mode:
Diffstat (limited to 'libparc/parc/security/parc_Pkcs12KeyStore.h')
-rw-r--r--libparc/parc/security/parc_Pkcs12KeyStore.h134
1 files changed, 134 insertions, 0 deletions
diff --git a/libparc/parc/security/parc_Pkcs12KeyStore.h b/libparc/parc/security/parc_Pkcs12KeyStore.h
new file mode 100644
index 00000000..950284ea
--- /dev/null
+++ b/libparc/parc/security/parc_Pkcs12KeyStore.h
@@ -0,0 +1,134 @@
+/*
+ * Copyright (c) 2017 Cisco and/or its affiliates.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at:
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/**
+ * @file parc_Pkcs12KeyStore.h
+ * @ingroup security
+ * @brief A concrete implementation of PARCKeyStore based on a PCKS12 keystore.
+ *
+ */
+#ifndef libparc_parc_Pkcs12KeyStore_h
+#define libparc_parc_Pkcs12KeyStore_h
+
+#include <parc/security/parc_KeyStore.h>
+#include <parc/security/parc_Signer.h>
+#include <parc/security/parc_SigningAlgorithm.h>
+
+struct parc_pkcs12_keystore;
+typedef struct parc_pkcs12_keystore PARCPkcs12KeyStore;
+
+extern PARCKeyStoreInterface *PARCPkcs12KeyStoreAsKeyStore;
+
+/**
+ * Increase the number of references to a `PARCPkcs12KeyStore` instance.
+ *
+ * Note that new `PARCPkcs12KeyStore` is not created,
+ * only that the given `PARCPkcs12KeyStore` reference count is incremented.
+ * Discard the reference by invoking `parcPkcs12KeyStore_Release`.
+ *
+ * @param [in] instance A pointer to a valid PARCPkcs12KeyStore instance.
+ *
+ * @return The same value as @p instance.
+ *
+ * Example:
+ * @code
+ * {
+ * parcPkcs12KeyStore_CreateFile(...);
+ * PARCPkcs12KeyStore *a = parcPkcs12Store_Open(...)
+ *
+ * PARCPkcs12KeyStore *b = parcPkcs12KeyStore_Acquire();
+ *
+ * parcPkcs12KeyStore_Release(&a);
+ * parcPkcs12KeyStore_Release(&b);
+ * }
+ * @endcode
+ */
+PARCPkcs12KeyStore *parcPkcs12KeyStore_Acquire(const PARCPkcs12KeyStore *instance);
+
+/**
+ * Release a previously acquired reference to the given `PARCPkcs12KeyStore` instance,
+ * decrementing the reference count for the instance.
+ *
+ * The pointer to the instance is set to NULL as a side-effect of this function.
+ *
+ * If the invocation causes the last reference to the instance to be released,
+ * the instance is deallocated and the instance's implementation will perform
+ * additional cleanup and release other privately held references.
+ *
+ * @param [in,out] instancePtr A pointer to a pointer to the instance to release.
+ *
+ * Example:
+ * @code
+ * {
+ * PARCPkcs12KeyStore *a = parcPkcs12Store_Open(...);
+ *
+ * parcPkcs12KeyStore_Release(&a);
+ * }
+ * @endcode
+ */
+void parcPkcs12KeyStore_Release(PARCPkcs12KeyStore **instancePtr);
+
+/**
+ * Creates a PKCS12 keystore identity with a self-signed certifiate. Note that this call currently
+ * aborts if keystore i/o access fails, behavior that may change in the future.
+ *
+ * @param [in] filename The name of the PKCS12 file.
+ * @param [in] password The password to open the PKCS12 file.
+ * @param [in] subjectName The certificate subject associated with the PKCS12 file.
+ * @param [in] keyLength The length of the public key associated with the PKCS12 file.
+ * @param [in] validityDays The validity (in days) of the certificate associated with the PKCS12 file.
+ *
+ * @return true on success, false if certificate creation fails, and will abort if keystore i/o fails.
+ *
+ * Example:
+ * @code
+ * {
+ * const char *filename = "/tmp/ccnxFileKeyStore_Pkcs12Open_CreateAndOpen.p12";
+ * const char *password = "12345";
+ * const char *subject = "alice";
+ * bool result = parcPkcs12KeyStore_CreateFile(filename, password, subject, PARCSigningAlgorithm_RSA, 1024, 32);
+ * }
+ * @endcode
+ */
+bool parcPkcs12KeyStore_CreateFile(const char *filename, const char *password, const char *subjectName,
+ PARCSigningAlgorithm signAlgo, unsigned keyLength, unsigned validityDays);
+
+/**
+ * Create a `PARCPkcs12KeyStore` instance.
+ *
+ * @param [in] filename The name of a file containing the PKCS12 keystore.
+ * @param [in] password The password to decrypt/unlock the determines how the signer digests data. Supports PARCCryptoHashType_SHA256 and PARCCryptoHashType_SHA512.
+ * @param [in] hashType Determines how the signer digests data. Possible values are PARCCryptoHashType_SHA256 and PARCCryptoHashType_SHA512.
+ *
+ * @return A `PARCPkcs12KeyStore` instance using the public/private key pair contained within the PKCS12 file.
+ *
+ * Example:
+ * @code
+ * {
+ * const char *filename = "/tmp/ccnxFileKeyStore_Pkcs12Open_CreateAndOpen.p12";
+ * const char *password = "12345";
+ * const char *subject = "alice";
+ * bool result = parcPkcs12KeyStore_CreateFile(filename, password, subject, 1024, 32);
+ *
+ * ...
+ *
+ * PARCSigningInterface *interface = parcPkcs12Store_Open(filename, password, PARCCryptoHashType_SHA256);
+ *
+ * ...
+ * }
+ * @endcode
+ */
+PARCPkcs12KeyStore *parcPkcs12KeyStore_Open(const char *filename, const char *password, PARCCryptoHashType hashType);
+#endif // libparc_parc_Pkcs12Store_h