-uint32 silc_pkcs_get_key_len(SilcPKCS self);
-unsigned char *silc_pkcs_get_public_key(SilcPKCS pkcs, uint32 *len);
-unsigned char *silc_pkcs_get_private_key(SilcPKCS pkcs, uint32 *len);
-uint32 silc_pkcs_public_key_set(SilcPKCS pkcs, SilcPublicKey public_key);
-uint32 silc_pkcs_public_key_data_set(SilcPKCS pkcs, unsigned char *pk,
- uint32 pk_len);
-int silc_pkcs_private_key_set(SilcPKCS pkcs, SilcPrivateKey private_key);
-int silc_pkcs_private_key_data_set(SilcPKCS pkcs, unsigned char *prv,
- uint32 prv_len);
-int silc_pkcs_encrypt(SilcPKCS pkcs, unsigned char *src, uint32 src_len,
- unsigned char *dst, uint32 *dst_len);
-int silc_pkcs_decrypt(SilcPKCS pkcs, unsigned char *src, uint32 src_len,
- unsigned char *dst, uint32 *dst_len);
-int silc_pkcs_sign(SilcPKCS pkcs, unsigned char *src, uint32 src_len,
- unsigned char *dst, uint32 *dst_len);
-int silc_pkcs_verify(SilcPKCS pkcs, unsigned char *signature,
- uint32 signature_len, unsigned char *data,
- uint32 data_len);
-int silc_pkcs_sign_with_hash(SilcPKCS pkcs, SilcHash hash,
- unsigned char *src, uint32 src_len,
- unsigned char *dst, uint32 *dst_len);
-int silc_pkcs_verify_with_hash(SilcPKCS pkcs, SilcHash hash,
- unsigned char *signature,
- uint32 signature_len,
- unsigned char *data,
- uint32 data_len);
+
+/****f* silccrypt/SilcPKCSAPI/silc_pkcs_generate_key
+ *
+ * SYNOPSIS
+ *
+ * bool silc_pkcs_generate_key(SilcPKCS pkcs, SilcUInt32 bits_key_len,
+ * SilcRng rng);
+ *
+ * DESCRIPTION
+ *
+ * Generate new key pair into the `pkcs' context. Returns FALSE on error.
+ * If the `rng' is NULL global SILC RNG will be used.
+ *
+ ***/
+bool silc_pkcs_generate_key(SilcPKCS pkcs, SilcUInt32 bits_key_len,
+ SilcRng rng);
+
+/****f* silccrypt/SilcPKCSAPI/silc_pkcs_get_key_len
+ *
+ * SYNOPSIS
+ *
+ * SilcUInt32 silc_pkcs_get_key_len(SilcPKCS self);
+ *
+ * DESCRIPTION
+ *
+ * Returns the length of the key in bits.
+ *
+ ***/
+SilcUInt32 silc_pkcs_get_key_len(SilcPKCS self);
+
+/****f* silccrypt/SilcPKCSAPI/silc_pkcs_get_name
+ *
+ * SYNOPSIS
+ *
+ * const char *silc_pkcs_get_name(SilcPKCS pkcs);
+ *
+ * DESCRIPTION
+ *
+ * Returns PKCS name.
+ *
+ ***/
+const char *silc_pkcs_get_name(SilcPKCS pkcs);
+
+/****f* silccrypt/SilcPKCSAPI/silc_pkcs_get_public_key
+ *
+ * SYNOPSIS
+ *
+ * unsigned char *silc_pkcs_get_public_key(SilcPKCS pkcs, SilcUInt32 *len);
+ *
+ * DESCRIPTION
+ *
+ * Returns SILC style public key for the PKCS. Note that this is not
+ * the SILC Public Key, but the raw public key data from the PKCS.
+ * The caller must free the returned data.
+ *
+ ***/
+unsigned char *silc_pkcs_get_public_key(SilcPKCS pkcs, SilcUInt32 *len);
+
+/****f* silccrypt/SilcPKCSAPI/silc_pkcs_get_private_key
+ *
+ * SYNOPSIS
+ *
+ * unsigned char *silc_pkcs_get_private_key(SilcPKCS pkcs,
+ * SilcUInt32 *len);
+ *
+ * DESCRIPTION
+ *
+ * Returns SILC style private key. Note that this is not SilcPrivateKey
+ * but the raw private key bits from the PKCS. The caller must free the
+ * returned data and SHOULD zero the memory area before freeing.
+ *
+ ***/
+unsigned char *silc_pkcs_get_private_key(SilcPKCS pkcs, SilcUInt32 *len);
+
+/****f* silccrypt/SilcPKCSAPI/silc_pkcs_public_key_set
+ *
+ * SYNOPSIS
+ *
+ * SilcUInt32 silc_pkcs_public_key_set(SilcPKCS pkcs,
+ * SilcPublicKey public_key);
+ *
+ * DESCRIPTION
+ *
+ * Sets public key from SilcPublicKey. Returns the length of the key in
+ * bits.
+ *
+ ***/
+SilcUInt32 silc_pkcs_public_key_set(SilcPKCS pkcs, SilcPublicKey public_key);
+
+/****f* silccrypt/SilcPKCSAPI/silc_pkcs_public_key_data_set
+ *
+ * SYNOPSIS
+ *
+ * SilcUInt32 silc_pkcs_public_key_data_set(SilcPKCS pkcs,
+ * unsigned char *pk,
+ * SilcUInt32 pk_len);
+ *
+ * DESCRIPTION
+ *
+ * Sets public key from data. Returns the length of the key.
+ *
+ ***/
+SilcUInt32 silc_pkcs_public_key_data_set(SilcPKCS pkcs, unsigned char *pk,
+ SilcUInt32 pk_len);
+
+/****f* silccrypt/SilcPKCSAPI/silc_pkcs_private_key_set
+ *
+ * SYNOPSIS
+ *
+ * SilcUInt32 silc_pkcs_private_key_set(SilcPKCS pkcs,
+ * SilcPrivateKey private_key);
+ *
+ * DESCRIPTION
+ *
+ * Sets private key from SilcPrivateKey. Returns the length of the key
+ * in bits.
+ *
+ ***/
+SilcUInt32 silc_pkcs_private_key_set(SilcPKCS pkcs,
+ SilcPrivateKey private_key);
+
+/****f* silccrypt/SilcPKCSAPI/silc_pkcs_private_key_data_set
+ *
+ * SYNOPSIS
+ *
+ * SilcUInt32 silc_pkcs_private_key_data_set(SilcPKCS pkcs,
+ * unsigned char *prv,
+ * SilcUInt32 prv_len);
+ *
+ * DESCRIPTION
+ *
+ * Sets private key from data. Returns the length of the key.
+ *
+ ***/
+SilcUInt32 silc_pkcs_private_key_data_set(SilcPKCS pkcs, unsigned char *prv,
+ SilcUInt32 prv_len);
+
+/****f* silccrypt/SilcPKCSAPI/silc_pkcs_encrypt
+ *
+ * SYNOPSIS
+ *
+ * bool silc_pkcs_encrypt(SilcPKCS pkcs, unsigned char *src,
+ * SilcUInt32 src_len, unsigned char *dst,
+ * SilcUInt32 *dst_len);
+ *
+ * DESCRIPTION
+ *
+ * Encrypts. Returns FALSE on error.
+ *
+ ***/
+bool silc_pkcs_encrypt(SilcPKCS pkcs, unsigned char *src, SilcUInt32 src_len,
+ unsigned char *dst, SilcUInt32 *dst_len);
+
+/****f* silccrypt/SilcPKCSAPI/silc_pkcs_decrypt
+ *
+ * SYNOPSIS
+ *
+ * bool silc_pkcs_decrypt(SilcPKCS pkcs, unsigned char *src,
+ * SilcUInt32 src_len, unsigned char *dst,
+ * SilcUInt32 *dst_len);
+ *
+ * DESCRIPTION
+ *
+ * Decrypts. Returns FALSE on error.
+ *
+ ***/
+bool silc_pkcs_decrypt(SilcPKCS pkcs, unsigned char *src, SilcUInt32 src_len,
+ unsigned char *dst, SilcUInt32 *dst_len);
+
+/****f* silccrypt/SilcPKCSAPI/silc_pkcs_sign
+ *
+ * SYNOPSIS
+ *
+ * bool silc_pkcs_sign(SilcPKCS pkcs, unsigned char *src,
+ * SilcUInt32 src_len, unsigned char *dst,
+ * SilcUInt32 *dst_len);
+ *
+ * DESCRIPTION
+ *
+ * Generates signature. Returns FALSE on error.
+ *
+ ***/
+bool silc_pkcs_sign(SilcPKCS pkcs, unsigned char *src, SilcUInt32 src_len,
+ unsigned char *dst, SilcUInt32 *dst_len);
+
+/****f* silccrypt/SilcPKCSAPI/silc_pkcs_verify
+ *
+ * SYNOPSIS
+ *
+ * bool silc_pkcs_verify(SilcPKCS pkcs, unsigned char *signature,
+ * SilcUInt32 signature_len, unsigned char *data,
+ * SilcUInt32 data_len);
+ *
+ * DESCRIPTION
+ *
+ * Verifies signature. Returns FALSE on error. The 'signature' is
+ * verified against the 'data'.
+ *
+ ***/
+bool silc_pkcs_verify(SilcPKCS pkcs, unsigned char *signature,
+ SilcUInt32 signature_len, unsigned char *data,
+ SilcUInt32 data_len);
+
+/****f* silccrypt/SilcPKCSAPI/silc_pkcs_sign_with_hash
+ *
+ * SYNOPSIS
+ *
+ * bool silc_pkcs_sign_with_hash(SilcPKCS pkcs, SilcHash hash,
+ * unsigned char *src, SilcUInt32 src_len,
+ * unsigned char *dst, SilcUInt32 *dst_len);
+ *
+ * DESCRIPTION
+ *
+ * Generates signature with hash. The hash is signed. Returns FALSE on
+ * error.
+ *
+ ***/
+bool silc_pkcs_sign_with_hash(SilcPKCS pkcs, SilcHash hash,
+ unsigned char *src, SilcUInt32 src_len,
+ unsigned char *dst, SilcUInt32 *dst_len);
+
+/****f* silccrypt/SilcPKCSAPI/silc_pkcs_verify_with_hash
+ *
+ * SYNOPSIS
+ *
+ * bool silc_pkcs_verify_with_hash(SilcPKCS pkcs, SilcHash hash,
+ * unsigned char *signature,
+ * SilcUInt32 signature_len,
+ * unsigned char *data,
+ * SilcUInt32 data_len);
+ *
+ * DESCRIPTION
+ *
+ * Verifies signature with hash. The `data' is hashed and verified against
+ * the `signature'. Returns FALSE on error.
+ *
+ ***/
+bool silc_pkcs_verify_with_hash(SilcPKCS pkcs, SilcHash hash,
+ unsigned char *signature,
+ SilcUInt32 signature_len,
+ unsigned char *data,
+ SilcUInt32 data_len);
+
+/****f* silccrypt/SilcPKCSAPI/silc_pkcs_encode_identifier
+ *
+ * SYNOPSIS
+ *
+ * char *silc_pkcs_encode_identifier(char *username, char *host,
+ * char *realname, char *email,
+ * char *org, char *country);
+ *
+ * DESCRIPTION
+ *
+ * Encodes and returns SILC public key identifier. If some of the
+ * arguments is NULL those are not encoded into the identifier string.
+ * Protocol says that at least username and host must be provided.
+ *
+ ***/