QSC/x509key_8h_source.html

/* 2020-2026 Quantum Resistant Cryptographic Solutions Corporation

 * All Rights Reserved.

 *

 * NOTICE:

 * This software and all accompanying materials are the exclusive property of

 * Quantum Resistant Cryptographic Solutions Corporation (QRCS). The intellectual

 * and technical concepts contained herein are proprietary to QRCS and are

 * protected under applicable Canadian, U.S., and international copyright,

 * patent, and trade secret laws.

 *

 * CRYPTOGRAPHIC ALGORITHMS AND IMPLEMENTATIONS:

 * - This software includes implementations of cryptographic primitives and

 *   algorithms that are standardized or in the public domain, such as AES

 *   and SHA-3, which are not proprietary to QRCS.

 * - This software also includes cryptographic primitives, constructions, and

 *   algorithms designed by QRCS, including but not limited to RCS, SCB, CSX, QMAC, and

 *   related components, which are proprietary to QRCS.

 * - All source code, implementations, protocol compositions, optimizations,

 *   parameter selections, and engineering work contained in this software are

 *   original works of QRCS and are protected under this license.

 *

 * LICENSE AND USE RESTRICTIONS:

 * - This software is licensed under the Quantum Resistant Cryptographic Solutions

 *   Public Research and Evaluation License (QRCS-PREL), 2025-2026.

 * - Permission is granted solely for non-commercial evaluation, academic research,

 *   cryptographic analysis, interoperability testing, and feasibility assessment.

 * - Commercial use, production deployment, commercial redistribution, or

 *   integration into products or services is strictly prohibited without a

 *   separate written license agreement executed with QRCS.

 * - Licensing and authorized distribution are solely at the discretion of QRCS.

 *

 * EXPERIMENTAL CRYPTOGRAPHY NOTICE:

 * Portions of this software may include experimental, novel, or evolving

 * cryptographic designs. Use of this software is entirely at the user's risk.

 *

 * DISCLAIMER:

 * THIS SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR

 * IMPLIED, INCLUDING BUT NOT LIMITED TO WARRANTIES OF MERCHANTABILITY, FITNESS

 * FOR A PARTICULAR PURPOSE, SECURITY, OR NON-INFRINGEMENT. QRCS DISCLAIMS ALL

 * LIABILITY FOR ANY DIRECT, INDIRECT, INCIDENTAL, OR CONSEQUENTIAL DAMAGES

 * ARISING FROM THE USE OR MISUSE OF THIS SOFTWARE.

 *

 * FULL LICENSE:

 * This software is subject to the Quantum Resistant Cryptographic Solutions

 * Public Research and Evaluation License (QRCS-PREL), 2025-2026. The complete license terms

 * are provided in the accompanying LICENSE file or at https://www.qrcscorp.ca.

 *

 * Written by: John G. Underhill

 * Contact: contact@qrcscorp.ca

 */


#ifndef QSC_X509_KEY_H

#define QSC_X509_KEY_H


#include "qsccommon.h"

#include "x509types.h"


#define QSC_X509_EDDSA_SEED_SIZE 32U


#define QSC_X509_EDDSA_PUBLIC_KEY_SIZE 32U


#define QSC_X509_ML_DSA_44_PRIVATEKEY_SIZE 2560U


#define QSC_X509_ML_DSA_65_PRIVATEKEY_SIZE 4032U


#define QSC_X509_ML_DSA_87_PRIVATEKEY_SIZE 4896U


#define QSC_X509_ML_KEM_512_PRIVATEKEY_SIZE 1632U


#define QSC_X509_ML_KEM_768_PRIVATEKEY_SIZE 2400U


#define QSC_X509_ML_KEM_1024_PRIVATEKEY_SIZE 3168U


#ifndef QSC_X509_ML_DSA_44_PUBLICKEY_SIZE

#define QSC_X509_ML_DSA_44_PUBLICKEY_SIZE 1312U

#endif


#ifndef QSC_X509_ML_DSA_65_PUBLICKEY_SIZE

#define QSC_X509_ML_DSA_65_PUBLICKEY_SIZE 1952U

#endif


#ifndef QSC_X509_ML_DSA_87_PUBLICKEY_SIZE

#define QSC_X509_ML_DSA_87_PUBLICKEY_SIZE 2592U

#endif


#ifndef QSC_X509_ML_KEM_512_PUBLICKEY_SIZE

#define QSC_X509_ML_KEM_512_PUBLICKEY_SIZE 800U

#endif


#ifndef QSC_X509_ML_KEM_768_PUBLICKEY_SIZE

#define QSC_X509_ML_KEM_768_PUBLICKEY_SIZE 1184U

#endif


#ifndef QSC_X509_ML_KEM_1024_PUBLICKEY_SIZE

#define QSC_X509_ML_KEM_1024_PUBLICKEY_SIZE 1568U

#endif


QSC_CPLUSPLUS_ENABLED_START


#define QSC_X509_PRIVATE_KEY_MAX QSC_X509_ML_DSA_87_PRIVATEKEY_SIZE


#define QSC_X509_PRIVATE_KEY_PUBLIC_MAX QSC_X509_SPKI_MAX


typedef struct qsc_x509_private_key_t

{

    qsc_x509_algorithm_identifier algorithm;

    uint8_t privatekey[QSC_X509_PRIVATE_KEY_MAX];

    size_t privatekeylen;

    uint8_t publickey[QSC_X509_PRIVATE_KEY_PUBLIC_MAX];

    size_t publickeylen;

    bool publickey_present;

} qsc_x509_private_key;


QSC_EXPORT_API void qsc_x509_private_key_initialize(qsc_x509_private_key* key);


QSC_EXPORT_API qsc_asn1_status qsc_x509_private_key_decode_sec1_der(const uint8_t* data, size_t datalen, qsc_x509_private_key* key);


QSC_EXPORT_API qsc_asn1_status qsc_x509_private_key_decode_sec1_pem(const char* pem, size_t pemlen, qsc_x509_private_key* key);


QSC_EXPORT_API qsc_asn1_status qsc_x509_private_key_decode_pkcs8_der(const uint8_t* data, size_t datalen, qsc_x509_private_key* key);


QSC_EXPORT_API qsc_asn1_status qsc_x509_private_key_decode_pkcs8_pem(const char* pem, size_t pemlen, qsc_x509_private_key* key);


QSC_EXPORT_API qsc_asn1_status qsc_x509_private_key_validate(const qsc_x509_private_key* key);


QSC_EXPORT_API size_t qsc_x509_private_key_expected_private_size(const qsc_x509_algorithm_identifier* algorithm);


QSC_EXPORT_API size_t qsc_x509_private_key_expected_public_size(const qsc_x509_algorithm_identifier* algorithm);


QSC_EXPORT_API qsc_asn1_status qsc_x509_private_key_decode_pkcs8_der_ex(const uint8_t* data, size_t datalen, qsc_x509_algorithm_identifier* algorithm,

    uint8_t* privatekey, size_t privatekeycapacity, size_t* privatekeylen,

    uint8_t* publickey, size_t publickeycapacity, size_t* publickeylen, bool* publickeypresent);


QSC_EXPORT_API qsc_asn1_status qsc_x509_private_key_decode_pkcs8_pem_ex(const char* pem, size_t pemlen, qsc_x509_algorithm_identifier* algorithm,

    uint8_t* privatekey, size_t privatekeycapacity, size_t* privatekeylen,

    uint8_t* publickey, size_t publickeycapacity, size_t* publickeylen, bool* publickeypresent);


QSC_EXPORT_API bool qsc_x509_certificate_key_match(const qsc_x509_certificate* certificate, const qsc_x509_private_key* key);


QSC_CPLUSPLUS_ENABLED_END


#endif

qsc_asn1_status
enum qsc_asn1_status_t qsc_asn1_status
ASN.1 helper status codes.

qsccommon.h
Contains common definitions for the Quantum Secure Cryptographic (QSC) library.

QSC_EXPORT_API
#define QSC_EXPORT_API
API export macro for Microsoft compilers when importing from a DLL.
Definition qsccommon.h:645

qsc_x509_private_key_t
Definition x509key.h:205

qsc_x509_private_key_t::publickey
uint8_t publickey[QSC_X509_PRIVATE_KEY_PUBLIC_MAX]
Definition x509key.h:209

qsc_x509_private_key_t::algorithm
qsc_x509_algorithm_identifier algorithm
Definition x509key.h:206

qsc_x509_private_key_t::privatekeylen
size_t privatekeylen
Definition x509key.h:208

qsc_x509_private_key_t::publickey_present
bool publickey_present
Definition x509key.h:211

qsc_x509_private_key_t::publickeylen
size_t publickeylen
Definition x509key.h:210

qsc_x509_private_key_t::privatekey
uint8_t privatekey[QSC_X509_PRIVATE_KEY_MAX]
Definition x509key.h:207

qsc_x509_private_key
A decoded private key object with optional embedded public key material.

qsc_x509_private_key_decode_sec1_pem
QSC_EXPORT_API qsc_asn1_status qsc_x509_private_key_decode_sec1_pem(const char *pem, size_t pemlen, qsc_x509_private_key *key)
Decode a SEC 1 PEM private key.
Definition x509key.c:1049

qsc_x509_private_key_validate
QSC_EXPORT_API qsc_asn1_status qsc_x509_private_key_validate(const qsc_x509_private_key *key)
Get the expected private key size for an algorithm identifier.
Definition x509key.c:732

qsc_x509_private_key_decode_pkcs8_der
QSC_EXPORT_API qsc_asn1_status qsc_x509_private_key_decode_pkcs8_der(const uint8_t *data, size_t datalen, qsc_x509_private_key *key)
Decode a PKCS #8 DER private key.
Definition x509key.c:1068

qsc_x509_private_key_expected_public_size
QSC_EXPORT_API size_t qsc_x509_private_key_expected_public_size(const qsc_x509_algorithm_identifier *algorithm)
Get the expected public key size for an algorithm identifier.
Definition x509key.c:829

qsc_x509_private_key_decode_sec1_der
QSC_EXPORT_API qsc_asn1_status qsc_x509_private_key_decode_sec1_der(const uint8_t *data, size_t datalen, qsc_x509_private_key *key)
Decode a SEC 1 DER private key.
Definition x509key.c:1004

QSC_X509_PRIVATE_KEY_PUBLIC_MAX
#define QSC_X509_PRIVATE_KEY_PUBLIC_MAX
The maximum supported embedded public key length in bytes.
Definition x509key.h:192

qsc_x509_private_key_initialize
QSC_EXPORT_API void qsc_x509_private_key_initialize(qsc_x509_private_key *key)
Initialize a private-key container.
Definition x509key.c:994

qsc_x509_private_key_decode_pkcs8_pem_ex
QSC_EXPORT_API qsc_asn1_status qsc_x509_private_key_decode_pkcs8_pem_ex(const char *pem, size_t pemlen, qsc_x509_algorithm_identifier *algorithm, uint8_t *privatekey, size_t privatekeycapacity, size_t *privatekeylen, uint8_t *publickey, size_t publickeycapacity, size_t *publickeylen, bool *publickeypresent)
Decode a PKCS #8 PEM private key into caller-supplied buffers.
Definition x509key.c:947

qsc_x509_private_key_decode_pkcs8_der_ex
QSC_EXPORT_API qsc_asn1_status qsc_x509_private_key_decode_pkcs8_der_ex(const uint8_t *data, size_t datalen, qsc_x509_algorithm_identifier *algorithm, uint8_t *privatekey, size_t privatekeycapacity, size_t *privatekeylen, uint8_t *publickey, size_t publickeycapacity, size_t *publickeylen, bool *publickeypresent)
Decode a PKCS #8 DER private key into caller-supplied buffers.
Definition x509key.c:890

qsc_x509_certificate_key_match
QSC_EXPORT_API bool qsc_x509_certificate_key_match(const qsc_x509_certificate *certificate, const qsc_x509_private_key *key)
Test whether a certificate matches a private key object.
Definition x509key.c:1127

qsc_x509_private_key_decode_pkcs8_pem
QSC_EXPORT_API qsc_asn1_status qsc_x509_private_key_decode_pkcs8_pem(const char *pem, size_t pemlen, qsc_x509_private_key *key)
Decode a PKCS #8 PEM private key.
Definition x509key.c:1108