1 /* 2 * Copyright (C) 2016 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 #ifndef CRYPTO_UTILS_ANDROID_PUBKEY_H 18 #define CRYPTO_UTILS_ANDROID_PUBKEY_H 19 20 #include <stdbool.h> 21 #include <stddef.h> 22 #include <stdint.h> 23 24 #include <openssl/rsa.h> 25 26 #ifdef __cplusplus 27 extern "C" { 28 #endif 29 30 // Size of an RSA modulus such as an encrypted block or a signature. 31 #define ANDROID_PUBKEY_MODULUS_SIZE (2048 / 8) 32 33 // Size of an encoded RSA key. 34 #define ANDROID_PUBKEY_ENCODED_SIZE \ 35 (3 * sizeof(uint32_t) + 2 * ANDROID_PUBKEY_MODULUS_SIZE) 36 37 /* Allocates a new RSA |key| object, decodes a public RSA key stored in 38 * Android's custom binary format from |key_buffer| and sets the key parameters 39 * in |key|. |size| specifies the size of the key buffer and must be at least 40 * |ANDROID_PUBKEY_ENCODED_SIZE|. The resulting |*key| can be used with the 41 * standard BoringSSL API to perform public operations. 42 * 43 * Returns true if successful, in which case the caller receives ownership of 44 * the |*key| object, i.e. needs to call RSA_free() when done with it. If there 45 * is an error, |key| is left untouched and the return value will be false. 46 */ 47 bool android_pubkey_decode(const uint8_t* key_buffer, size_t size, RSA** key); 48 49 /* Encodes |key| in the Android RSA public key binary format and stores the 50 * bytes in |key_buffer|. |key_buffer| should be of size at least 51 * |ANDROID_PUBKEY_ENCODED_SIZE|. 52 * 53 * Returns true if successful, false on error. 54 */ 55 bool android_pubkey_encode(const RSA* key, uint8_t* key_buffer, size_t size); 56 57 #ifdef __cplusplus 58 } // extern "C" 59 #endif 60 61 #endif // CRYPTO_UTILS_ANDROID_PUBKEY_H 62