- Generated by
1.14.0
X.509 signature algorithm and signature value helpers. More...
Go to the source code of this file.
Data Structures | |
| struct | qsc_x509_ecdsa_signature_t |
| The decoded ECDSA signature value. More... | |
Macros | |
| #define | QSC_X509_MAX_SIGNATURE_COMPONENT_SIZE 66U |
| The maximum size in bytes of an ECDSA signature component. | |
Typedefs | |
| typedef struct qsc_x509_ecdsa_signature_t | qsc_x509_ecdsa_signature |
| The decoded ECDSA signature value. | |
Functions | |
| QSC_EXPORT_API qsc_asn1_status | qsc_x509_signature_algorithm_decode (const qsc_encoding_ber_element *element, qsc_x509_algorithm_identifier *algorithm) |
| Decodes a signature AlgorithmIdentifier structure. | |
| QSC_EXPORT_API bool | qsc_x509_signature_algorithm_equal (const qsc_x509_algorithm_identifier *left, const qsc_x509_algorithm_identifier *right) |
| Compares two decoded algorithm identifiers for semantic equality. | |
| QSC_EXPORT_API bool | qsc_x509_signature_algorithm_is_ecdsa (qsc_x509_signature_algorithm algorithm) |
| Tests whether a decoded signature algorithm is an ECDSA variant. | |
| QSC_EXPORT_API bool | qsc_x509_signature_algorithm_is_ml_dsa (qsc_x509_signature_algorithm algorithm) |
| Tests whether a decoded signature algorithm is an ML-DSA variant. | |
| QSC_EXPORT_API bool | qsc_x509_signature_algorithm_matches_spki (qsc_x509_signature_algorithm algorithm, const qsc_x509_subject_public_key_info *spki) |
| Tests whether a decoded signature algorithm is compatible with the supplied subject public key information. | |
| QSC_EXPORT_API size_t | qsc_x509_signature_expected_size (qsc_x509_signature_algorithm algorithm, qsc_x509_named_curve curve) |
| Gets the expected raw signature size in octets for a signature algorithm. | |
| QSC_EXPORT_API qsc_asn1_status | qsc_x509_signature_value_decode_raw (const qsc_encoding_ber_element *element, uint8_t *signature, size_t signaturelen, size_t *outlen) |
| Decodes a certificate signature BIT STRING as a raw octet sequence. | |
| QSC_EXPORT_API qsc_asn1_status | qsc_x509_signature_value_decode_ecdsa (const qsc_encoding_ber_element *element, qsc_x509_named_curve curve, qsc_x509_ecdsa_signature *signature) |
| Decodes a certificate ECDSA signature BIT STRING. | |
| QSC_EXPORT_API size_t | qsc_x509_signature_component_size (qsc_x509_named_curve curve) |
| Gets the expected maximum signature component size in octets for a named curve. | |
X.509 signature algorithm and signature value helpers.
This header defines the public API used to decode certificate, CRL, and CSR signature AlgorithmIdentifier structures, compare decoded signature algorithms, classify supported signature families, and decode signature values from the BIT STRING form used in DER encoded X.509 objects.
The module supports the classical ECDSA families used elsewhere in the QSC tree and the pure ML-DSA signature identifiers used by the post-quantum path. ECDSA signatures are decoded from the DER SEQUENCE of INTEGER values into fixed-width big-endian component arrays. ML-DSA signatures are treated as raw opaque octet strings carried directly in the BIT STRING payload. The helper routines in this module are validation-oriented and do not allocate memory or retain references into caller-owned ASN.1 buffers.
| typedef struct qsc_x509_ecdsa_signature_t qsc_x509_ecdsa_signature |
The decoded ECDSA signature value.
| QSC_EXPORT_API qsc_asn1_status qsc_x509_signature_algorithm_decode | ( | const qsc_encoding_ber_element * | element, |
| qsc_x509_algorithm_identifier * | algorithm ) |
Decodes a signature AlgorithmIdentifier structure.
| element | [const qsc_encoding_ber_element*] The ASN.1 SEQUENCE element containing the AlgorithmIdentifier structure. |
| algorithm | [qsc_x509_algorithm_identifier*] Receives the decoded algorithm identifier. |
| QSC_EXPORT_API bool qsc_x509_signature_algorithm_equal | ( | const qsc_x509_algorithm_identifier * | left, |
| const qsc_x509_algorithm_identifier * | right ) |
Compares two decoded algorithm identifiers for semantic equality.
| left | [const qsc_x509_algorithm_identifier*] The left algorithm value. |
| right | [const qsc_x509_algorithm_identifier*] The right algorithm value. |
| QSC_EXPORT_API bool qsc_x509_signature_algorithm_is_ecdsa | ( | qsc_x509_signature_algorithm | algorithm | ) |
Tests whether a decoded signature algorithm is an ECDSA variant.
| algorithm | [qsc_x509_signature_algorithm] The decoded signature algorithm. |
| QSC_EXPORT_API bool qsc_x509_signature_algorithm_is_ml_dsa | ( | qsc_x509_signature_algorithm | algorithm | ) |
Tests whether a decoded signature algorithm is an ML-DSA variant.
| algorithm | [qsc_x509_signature_algorithm] The decoded signature algorithm. |
| QSC_EXPORT_API bool qsc_x509_signature_algorithm_matches_spki | ( | qsc_x509_signature_algorithm | algorithm, |
| const qsc_x509_subject_public_key_info * | spki ) |
Tests whether a decoded signature algorithm is compatible with the supplied subject public key information.
| algorithm | [qsc_x509_signature_algorithm] The decoded signature algorithm. |
| spki | [const qsc_x509_subject_public_key_info*] The public key information. |
| QSC_EXPORT_API size_t qsc_x509_signature_component_size | ( | qsc_x509_named_curve | curve | ) |
Gets the expected maximum signature component size in octets for a named curve.
| curve | [qsc_x509_named_curve] The named curve identifier. |
| QSC_EXPORT_API size_t qsc_x509_signature_expected_size | ( | qsc_x509_signature_algorithm | algorithm, |
| qsc_x509_named_curve | curve ) |
Gets the expected raw signature size in octets for a signature algorithm.
For ECDSA this returns the size of the raw concatenated r || s form used by the internal QSC verification path. For ML-DSA this returns the compiled signature size when available. For unknown or unsupported algorithms, zero is returned.
| algorithm | [qsc_x509_signature_algorithm] The decoded signature algorithm. |
| curve | [qsc_x509_named_curve] The named curve for ECDSA signatures. |
| QSC_EXPORT_API qsc_asn1_status qsc_x509_signature_value_decode_ecdsa | ( | const qsc_encoding_ber_element * | element, |
| qsc_x509_named_curve | curve, | ||
| qsc_x509_ecdsa_signature * | signature ) |
Decodes a certificate ECDSA signature BIT STRING.
| element | [const qsc_encoding_ber_element*] The BIT STRING element containing the DER encoded ECDSA signature value. |
| curve | [qsc_x509_named_curve] The named curve associated with the signing key. |
| signature | [qsc_x509_ecdsa_signature*] Receives the decoded signature components. |
| QSC_EXPORT_API qsc_asn1_status qsc_x509_signature_value_decode_raw | ( | const qsc_encoding_ber_element * | element, |
| uint8_t * | signature, | ||
| size_t | signaturelen, | ||
| size_t * | outlen ) |
Decodes a certificate signature BIT STRING as a raw octet sequence.
| element | [const qsc_encoding_ber_element*] The BIT STRING element containing the signature value. |
| signature | [uint8_t*] Receives the raw signature octets. |
| signaturelen | [size_t] The size of the output array in octets. |
| outlen | [size_t*] Receives the number of octets written. |
1.14.0