|
Couchbase Lite C
Couchbase Lite C API
|
Callbacks for performing cryptographic operations with an externally managed key pair. More...
#include <cbl/CBLTLSIdentity.h>
Data Fields | |
| bool(* | publicKeyData )(void *externalKey, void *output, size_t outputMaxLen, size_t *outputLen) |
| Provides the public key data as an ASN.1 DER-encoded SubjectPublicKeyInfo structure. More... | |
| bool(* | decrypt )(void *externalKey, FLSlice input, void *output, size_t outputMaxLen, size_t *outputLen) |
| Decrypts the input data using the private key, applying the RSA algorithm with PKCS#1 v1.5 padding. More... | |
| bool(* | sign )(void *externalKey, CBLSignatureDigestAlgorithm digestAlgorithm, FLSlice inputData, void *outSignature) |
| Generates a signature for the input data using the private key and the PKCS#1 v1.5 padding algorithm. More... | |
| void(* | _cbl_nullable )(void *externalKey) |
| Called when the CBLKeyPair is released and the callback is no longer needed, so that your code can free any associated resources. More... | |
Callbacks for performing cryptographic operations with an externally managed key pair.
These callbacks are used during certificate signing and the TLS handshake process. The core idea is that all private key operations are delegated to the application's secure key storage, ensuring that the private key is never exposed outside the key storage.
| void(* CBLExternalKeyCallbacks::_cbl_nullable) (void *externalKey) |
Called when the CBLKeyPair is released and the callback is no longer needed, so that your code can free any associated resources.
(This callback is optionaly and may be NULL.)
| externalKey | The external key pointer given to CBLKeyPair_CreateWithExternalKey. |
| bool(* CBLExternalKeyCallbacks::decrypt) (void *externalKey, FLSlice input, void *output, size_t outputMaxLen, size_t *outputLen) |
Decrypts the input data using the private key, applying the RSA algorithm with PKCS#1 v1.5 padding.
In some cryptographic libraries, this is referred to as “RSA/ECB/PKCS1Padding.
| externalKey | The external key pointer given to CBLKeyPair_CreateWithExternalKey. |
| input | The encrypted data (size is always equal to the key size.) |
| output | Where to write the decrypted data. |
| outputMaxLen | Maximum length of output that can be written. |
| outputLen | Store the length of the output here before returning. |
| bool(* CBLExternalKeyCallbacks::publicKeyData) (void *externalKey, void *output, size_t outputMaxLen, size_t *outputLen) |
Provides the public key data as an ASN.1 DER-encoded SubjectPublicKeyInfo structure.
For more information, see RFC 5280: https://datatracker.ietf.org/doc/html/rfc5280
| externalKey | The external key pointer given to CBLKeyPair_CreateWithExternalKey. |
| output | Where to copy the key data. |
| outputMaxLen | Maximum length of output that can be written. |
| outputLen | Store the length of the output here before returning. |
| bool(* CBLExternalKeyCallbacks::sign) (void *externalKey, CBLSignatureDigestAlgorithm digestAlgorithm, FLSlice inputData, void *outSignature) |
Generates a signature for the input data using the private key and the PKCS#1 v1.5 padding algorithm.
Ensure that the input data, which is already hashed based on the specified digest algorithm, is encoded as an ASN.1 DigestInfo structure in DER format before performing the signing operation. Some cryptographic libraries may handle the DigestInfo formatting internally.
| externalKey | The external key pointer given to CBLKeyPair_CreateWithExternalKey. |
| digestAlgorithm | Indicates what type of digest to create the signature from. |
| inputData | The data to be signed. |
| outSignature | Write the signature here; length must be equal to the key size. |
1.9.2