mgmt.h

/*
    This file is part of Pretty Curved Privacy (pcp1).

    Copyright (C) 2014 T.v.Dein.

    This program is free software: you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
    the Free Software Foundation, either version 3 of the License, or
    (at your option) any later version.

    This program is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    GNU General Public License for more details.

    You should have received a copy of the GNU General Public License
    along with this program.  If not, see <http://www.gnu.org/licenses/>.

    You can contact me by mail: <tom AT vondein DOT org>.
*/

/*
  key management, namely import and export routines.
  we're working with buffers only, no direct file i/o */

#ifndef _HAVE_PCP_MGMT_H
#define _HAVE_PCP_MGMT_H

#include <sodium.h>
#include <string.h>
#include <stdio.h>
#include <time.h>

#include "defines.h"
#include "platform.h"
#include "mem.h"
#include "ed.h"
#include "key.h"
#include "keysig.h"
#include "buffer.h"
#include "scrypt.h"

/* key management api, export, import, yaml and stuff */


/* various helper structs, used internally only */
struct _pcp_rfc_pubkey_header_t {
  uint8_t version;
  uint32_t ctime;
  uint8_t cipher;
};

struct _pcp_rfc_pubkey_0x21_t {
  byte sig_ed25519_pub[crypto_sign_PUBLICKEYBYTES];
  byte ed25519_pub[crypto_sign_PUBLICKEYBYTES];
  byte curve25519_pub[crypto_box_PUBLICKEYBYTES];
};

struct _pcp_rfc_pubkey_sigheader_0x21_t {
  uint8_t version;
  uint8_t type;
  uint8_t pkcipher;
  uint8_t hashcipher;
  uint16_t numsubs;
};

struct _pcp_rfc_pubkey_sigsub_0x21_t {
  uint32_t size;
  uint8_t type;
};

typedef struct _pcp_rfc_pubkey_header_t rfc_pub_h;
typedef struct _pcp_rfc_pubkey_0x21_t  rfc_pub_k;
typedef struct _pcp_rfc_pubkey_sigheader_0x21_t rfc_pub_sig_h;
typedef struct _pcp_rfc_pubkey_sigsub_0x21_t rfc_pub_sig_s;

struct _pcp_ks_bundle_t {
  pcp_pubkey_t *p;
  pcp_keysig_t *s;
};
typedef struct _pcp_ks_bundle_t pcp_ks_bundle_t;

#define EXP_PK_CIPHER        0x21
#define EXP_PK_CIPHER_NAME  "CURVE25519-ED25519-POLY1305-SALSA20"

#define EXP_HASH_CIPHER      0x22
#define EXP_HASH_NAME       "BLAKE2"

#define EXP_SIG_CIPHER       0x23
#define EXP_SIG_CIPHER_NAME "ED25519"

#define EXP_SIG_VERSION      0x01
#define EXP_SIG_TYPE         0x1F /* self signed */

/* sig sub notiation we support */
#define EXP_SIG_SUB_CTIME     2
#define EXP_SIG_SUB_SIGEXPIRE 3
#define EXP_SIG_SUB_KEYEXPIRE 9
#define EXP_SIG_SUB_NOTATION  20
#define EXP_SIG_SUB_KEYFLAGS  27

/* in armored mode, we're using the usual head+foot */
#define EXP_PK_HEADER "-----BEGIN ED25519-CURVE29915 PUBLIC KEY-----"
#define EXP_PK_FOOTER "------END ED25519-CURVE29915 PUBLIC KEY------"
#define EXP_SK_HEADER "-----BEGIN ED25519-CURVE29915 PRIVATE KEY-----"
#define EXP_SK_FOOTER "------END ED25519-CURVE29915 PRIVATE KEY------"


/* pubkey export formats */
#define EXP_FORMAT_NATIVE   1
#define EXP_FORMAT_PBP      2
#define EXP_FORMAT_YAML     3
#define EXP_FORMAT_C        4
#define EXP_FORMAT_PY       5
#define EXP_FORMAT_PERL     6

Buffer *pcp_export_rfc_pub (pcp_key_t *sk);


Buffer *pcp_export_pbp_pub(pcp_key_t *sk);

Buffer *pcp_export_yaml_pub(pcp_key_t *sk);

Buffer *pcp_export_perl_pub(pcp_key_t *sk);

Buffer *pcp_export_c_pub(pcp_key_t *sk);

Buffer *pcp_export_secret(pcp_key_t *sk, char *passphrase);

pcp_ks_bundle_t *pcp_import_pub(unsigned char *raw, size_t rawsize);
pcp_ks_bundle_t *pcp_import_pub_rfc(Buffer *blob);
pcp_ks_bundle_t *pcp_import_pub_pbp(Buffer *blob);

/* import secret key */
pcp_key_t *pcp_import_secret(unsigned char *raw, size_t rawsize, char *passphrase);
pcp_key_t *pcp_import_secret_native(Buffer *cipher, char *passphrase);

#endif // _HAVE_PCP_MGMT_H