+
+/****f* silccrypt/SilcPKCSAPI/silc_pkcs_register
+ *
+ * SYNOPSIS
+ *
+ * SilcBool silc_pkcs_register(const SilcPKCSObject *pkcs);
+ *
+ * DESCRIPTION
+ *
+ * Registers a new PKCS into the SILC. This function is used
+ * at the initialization of the SILC. All registered PKCSs
+ * should be unregistered with silc_pkcs_unregister. The `pkcs' includes
+ * the name of the PKCS and member functions for the algorithm. Usually
+ * this function is not called directly. Instead, application can call
+ * the silc_pkcs_register_default to register all PKCSs that are
+ * builtin the sources. Returns FALSE on error.
+ *
+ ***/
+SilcBool silc_pkcs_register(const SilcPKCSObject *pkcs);
+
+/****f* silccrypt/SilcPKCSAPI/silc_pkcs_unregister
+ *
+ * SYNOPSIS
+ *
+ * SilcBool silc_pkcs_unregister(SilcPKCSObject *pkcs);
+ *
+ * DESCRIPTION
+ *
+ * Unregister a PKCS from the SILC. Returns FALSE on error.
+ *
+ ***/
+SilcBool silc_pkcs_unregister(SilcPKCSObject *pkcs);
+
+/****f* silccrypt/SilcPKCSAPI/silc_pkcs_algorithm_register
+ *
+ * SYNOPSIS
+ *
+ * SilcBool silc_pkcs_algorithm_register(const SilcPKCSAlgorithm *pkcs);
+ *
+ * DESCRIPTION
+ *
+ * Registers a new PKCS Algorithm into the SILC. This function is used
+ * at the initialization of the SILC. All registered PKCS algorithms
+ * should be unregistered with silc_pkcs_unregister.
+ *
+ ***/
+SilcBool silc_pkcs_algorithm_register(const SilcPKCSAlgorithm *pkcs);
+
+/****f* silccrypt/SilcPKCSAPI/silc_pkcs_algorithm_unregister
+ *
+ * SYNOPSIS
+ *
+ * SilcBool silc_pkcs_algorithm_unregister(SilcPKCSAlgorithm *pkcs);
+ *
+ * DESCRIPTION
+ *
+ * Unregister a PKCS from the SILC. Returns FALSE on error.
+ *
+ ***/
+SilcBool silc_pkcs_algorithm_unregister(SilcPKCSAlgorithm *pkcs);
+
+/****f* silccrypt/SilcPKCSAPI/silc_pkcs_register_default
+ *
+ * SYNOPSIS
+ *
+ * SilcBool silc_pkcs_register_default(void);
+ *
+ * DESCRIPTION
+ *
+ * Registers all the default PKCS (all builtin PKCS) and PKCS algorithms.
+ * The application may use this to register the default PKCS if specific
+ * PKCS in any specific order is not wanted. Returns FALSE on error.
+ *
+ ***/
+SilcBool silc_pkcs_register_default(void);
+
+/****f* silccrypt/SilcPKCSAPI/silc_pkcs_unregister_all
+ *
+ * SYNOPSIS
+ *
+ * SilcBool silc_pkcs_unregister_all(void);
+ *
+ * DESCRIPTION
+ *
+ * Unregister all PKCS and PKCS algorithms. Returns FALSE on error.
+ *
+ ***/
+SilcBool silc_pkcs_unregister_all(void);
+
+/****f* silccrypt/SilcPKCSAPI/silc_pkcs_get_supported
+ *
+ * SYNOPSIS
+ *
+ * char *silc_pkcs_get_supported(void);
+ *
+ * DESCRIPTION
+ *
+ * Returns comma separated list of supported PKCS algorithms.
+ *
+ ***/
+char *silc_pkcs_get_supported(void);
+
+/****f* silccrypt/SilcPKCSAPI/silc_pkcs_find_pkcs
+ *
+ * SYNOPSIS
+ *
+ * const SilcPKCSObject *silc_pkcs_get_pkcs(SilcPKCSType type);
+ *
+ * DESCRIPTION
+ *
+ * Finds PKCS context by the PKCS type.
+ *
+ ***/
+const SilcPKCSObject *silc_pkcs_find_pkcs(SilcPKCSType type);
+
+/****f* silccrypt/SilcPKCSAPI/silc_pkcs_find_algorithm
+ *
+ * SYNOPSIS
+ *
+ * const SilcPKCSAlgorithm *silc_pkcs_find_algorithm(const char *algorithm,
+ * const char *scheme);
+ *
+ * DESCRIPTION
+ *
+ * Finds PKCS algorithm context by the algorithm name `algorithm' and
+ * the algorithm scheme `scheme'. The `scheme' may be NULL.
+ *
+ ***/
+const SilcPKCSAlgorithm *silc_pkcs_find_algorithm(const char *algorithm,
+ const char *scheme);
+
+/****f* silccrypt/SilcPKCSAPI/silc_pkcs_get_pkcs
+ *
+ * SYNOPSIS
+ *
+ * const SilcPKCSObject *silc_pkcs_get_pkcs(void *key);
+ *
+ * DESCRIPTION
+ *
+ * Returns the PKCS object from `key', which may be SilcPublicKey or
+ * SilcPrivateKey pointer.
+ *
+ ***/
+const SilcPKCSObject *silc_pkcs_get_pkcs(void *key);
+
+/****f* silccrypt/SilcPKCSAPI/silc_pkcs_get_algorithm
+ *
+ * SYNOPSIS
+ *
+ * const SilcPKCSAlgorithm *silc_pkcs_get_algorithm(void *key);
+ *
+ * DESCRIPTION
+ *
+ * Returns the PKCS algorithm object from `key', which may be SilcPublicKey
+ * or SilcPrivateKey pointer.
+ *
+ ***/
+const SilcPKCSAlgorithm *silc_pkcs_get_algorithm(void *key);
+
+/****f* silccrypt/SilcPKCSAPI/silc_pkcs_get_name
+ *
+ * SYNOPSIS
+ *
+ * const char *silc_pkcs_get_name(void *key);
+ *
+ * DESCRIPTION
+ *
+ * Returns PKCS algorithm name from the `key', which may be SilcPublicKey
+ * or SilcPrivateKey pointer.
+ *
+ ***/
+const char *silc_pkcs_get_name(void *key);
+
+/****f* silccrypt/SilcPKCSAPI/silc_pkcs_get_type
+ *
+ * SYNOPSIS
+ *
+ * SilcPKCSType silc_pkcs_get_type(void *key);
+ *
+ * DESCRIPTION
+ *
+ * Returns PKCS type from the `key', which may be SilcPublicKey or
+ * SilcPrivateKey pointer.
+ *
+ ***/
+SilcPKCSType silc_pkcs_get_type(void *key);
+
+/****f* silccrypt/SilcPKCSAPI/silc_pkcs_get_context
+ *
+ * SYNOPSIS
+ *
+ * void *silc_pkcs_get_context(SilcPKCSType type, SilcPublicKey public_key);
+ *
+ * DESCRIPTION
+ *
+ * Returns the internal PKCS `type' specific public key context from the
+ * `public_key'. The caller needs to explicitly type cast it to correct
+ * type. Returns NULL on error.
+ *
+ * For SILC_PKCS_SILC the returned context is SilcSILCPublicKey.
+ *
+ ***/
+void *silc_pkcs_get_context(SilcPKCSType type, SilcPublicKey public_key);
+
+/****f* silccrypt/SilcPKCSAPI/silc_pkcs_public_key_alloc
+ *
+ * SYNOPSIS
+ *
+ * SilcBool silc_pkcs_public_key_alloc(SilcPKCSType type,
+ * unsigned char *key,
+ * SilcUInt32 key_len
+ * SilcPublicKey *ret_public_key);
+ *
+ * DESCRIPTION
+ *
+ * Allocates SilcPublicKey of the type of `type' from the key data
+ * `key' of length of `key_len' bytes. Returns FALSE if the `key'
+ * is malformed or unsupported public key type. This function can be
+ * used to create public key from any kind of PKCS public keys that
+ * the implementation supports.
+ *
+ ***/
+SilcBool silc_pkcs_public_key_alloc(SilcPKCSType type,
+ unsigned char *key,
+ SilcUInt32 key_len,
+ SilcPublicKey *ret_public_key);
+
+/****f* silccrypt/SilcPKCSAPI/silc_pkcs_public_key_free
+ *
+ * SYNOPSIS
+ *
+ * void silc_pkcs_public_key_free(SilcPublicKey public_key);
+ *
+ * DESCRIPTION
+ *
+ * Frees the public key.
+ *
+ ***/
+void silc_pkcs_public_key_free(SilcPublicKey public_key);
+
+/****f* silccrypt/SilcPKCSAPI/silc_pkcs_public_key_export
+ *
+ * SYNOPSIS
+ *
+ * unsigned char *silc_pkcs_public_key_encode(SilcPublicKey public_key,
+ * SilcUInt32 *ret_len);
+ *
+ * DESCRIPTION
+ *
+ * Encodes the `public_key' into a binary format and returns it. Returns
+ * NULL on error. Caller must free the returned buffer.
+ *
+ ***/
+unsigned char *silc_pkcs_public_key_encode(SilcPublicKey public_key,
+ SilcUInt32 *ret_len);
+
+/****f* silccrypt/SilcPKCSAPI/silc_pkcs_public_key_get_len
+ *
+ * SYNOPSIS
+ *
+ * SilcUInt32 silc_pkcs_public_key_get_len(SilcPublicKey public_key);
+ *
+ * DESCRIPTION
+ *
+ * Returns the key length in bits from the public key.
+ *
+ ***/
+SilcUInt32 silc_pkcs_public_key_get_len(SilcPublicKey public_key);
+
+/****f* silccrypt/SilcPKCSAPI/silc_pkcs_public_key_compare
+ *
+ * SYNOPSIS
+ *
+ * SilcBool silc_pkcs_public_key_compare(SilcPublicKey key1,
+ * SilcPublicKey key2);
+ *
+ * DESCRIPTION
+ *
+ * Compares two public keys and returns TRUE if they are same key, and
+ * FALSE if they are not same.
+ *
+ ***/
+SilcBool silc_pkcs_public_key_compare(SilcPublicKey key1, SilcPublicKey key2);
+
+/****f* silccrypt/SilcPKCSAPI/silc_pkcs_public_key_copy
+ *
+ * SYNOPSIS
+ *
+ * SilcPublicKey silc_pkcs_public_key_copy(SilcPublicKey public_key);
+ *
+ * DESCRIPTION
+ *
+ * Copies the public key indicated by `public_key' and returns new
+ * allocated public key which is indentical to the `public_key'.
+ *
+ ***/
+SilcPublicKey silc_pkcs_public_key_copy(SilcPublicKey public_key);
+
+/****f* silccrypt/SilcPKCSAPI/silc_pkcs_private_key_alloc
+ *
+ * SYNOPSIS
+ *
+ * SilcBool silc_pkcs_private_key_alloc(SilcPKCSType type,
+ * unsigned char *key,
+ * SilcUInt32 key_len,
+ * SilcPrivateKey *ret_private_key);
+ *
+ * DESCRIPTION
+ *
+ * Allocates SilcPrivateKey of the type of `type' from the key data
+ * `key' of length of `key_len' bytes. Returns FALSE if the `key'
+ * is malformed or unsupported private key type.
+ *
+ ***/
+SilcBool silc_pkcs_private_key_alloc(SilcPKCSType type,
+ unsigned char *key,
+ SilcUInt32 key_len,
+ SilcPrivateKey *ret_private_key);
+
+/****f* silccrypt/SilcPKCSAPI/silc_pkcs_private_key_get_len
+ *
+ * SYNOPSIS
+ *
+ * SilcUInt32 silc_pkcs_private_key_get_len(SilcPrivateKey private_key);
+ *
+ * DESCRIPTION
+ *
+ * Returns the key length in bits from the private key.
+ *
+ ***/
+SilcUInt32 silc_pkcs_private_key_get_len(SilcPrivateKey private_key);
+
+/****f* silccrypt/SilcPKCSAPI/silc_pkcs_private_key_free
+ *
+ * SYNOPSIS
+ *
+ * void silc_pkcs_private_key_free(SilcPrivateKey private_key;
+ *
+ * DESCRIPTION
+ *
+ * Frees the private key.
+ *
+ ***/
+void silc_pkcs_private_key_free(SilcPrivateKey private_key);
+
+/****f* silccrypt/SilcPKCSAPI/silc_pkcs_encrypt
+ *
+ * SYNOPSIS
+ *
+ * SilcBool silc_pkcs_encrypt(SilcPublicKey public_key,
+ * unsigned char *src, SilcUInt32 src_len,
+ * unsigned char *dst, SilcUInt32 dst_size,
+ * SilcUInt32 *dst_len);
+ *
+ * DESCRIPTION
+ *
+ * Encrypts with the public key. Returns FALSE on error.
+ *
+ ***/
+SilcBool silc_pkcs_encrypt(SilcPublicKey public_key,
+ unsigned char *src, SilcUInt32 src_len,
+ unsigned char *dst, SilcUInt32 dst_size,
+ SilcUInt32 *dst_len, SilcRng rng);
+
+/****f* silccrypt/SilcPKCSAPI/silc_pkcs_decrypt
+ *
+ * SYNOPSIS
+ *
+ * SilcBool silc_pkcs_decrypt(SilcPrivateKey private_key,
+ * unsigned char *src, SilcUInt32 src_len,
+ * unsigned char *dst, SilcUInt32 dst_size,
+ * SilcUInt32 *dst_len);
+ *
+ * DESCRIPTION
+ *
+ * Decrypts with the private key. Returns FALSE on error.
+ *
+ ***/
+SilcBool silc_pkcs_decrypt(SilcPrivateKey private_key,
+ unsigned char *src, SilcUInt32 src_len,
+ unsigned char *dst, SilcUInt32 dst_size,
+ SilcUInt32 *dst_len);
+
+/****f* silccrypt/SilcPKCSAPI/silc_pkcs_sign
+ *
+ * SYNOPSIS
+ *
+ * SilcBool silc_pkcs_sign(SilcPrivateKey private_key,
+ * unsigned char *src, SilcUInt32 src_len,
+ * unsigned char *dst, SilcUInt32 dst_size,
+ * SilcUInt32 *dst_len, SilcHash hash);
+ *
+ * DESCRIPTION
+ *
+ * Generates signature with the private key. Returns FALSE on error.
+ * If `hash' is non-NULL the `src' will be hashed before signing.
+ *
+ ***/
+SilcBool silc_pkcs_sign(SilcPrivateKey private_key,
+ unsigned char *src, SilcUInt32 src_len,
+ unsigned char *dst, SilcUInt32 dst_size,
+ SilcUInt32 *dst_len, SilcHash hash);
+
+/****f* silccrypt/SilcPKCSAPI/silc_pkcs_verify
+ *
+ * SYNOPSIS
+ *
+ * SilcBool silc_pkcs_verify(SilcPublicKey public_key,
+ * unsigned char *signature,
+ * SilcUInt32 signature_len,
+ * unsigned char *data,
+ * SilcUInt32 data_len, SilcHash hash);
+ *
+ * DESCRIPTION
+ *
+ * Verifies signature. Returns FALSE on error. The 'signature' is
+ * verified against the 'data'. If the `hash' is non-NULL then the `data'
+ * will hashed before verification. If the `hash' is NULL, then the
+ * hash algorithm to be used is retrieved from the signature. If it
+ * isn't present in the signature the verification is done as is without
+ * hashing.
+ *
+ ***/
+SilcBool silc_pkcs_verify(SilcPublicKey public_key,
+ unsigned char *signature,
+ SilcUInt32 signature_len,
+ unsigned char *data,
+ SilcUInt32 data_len, SilcHash hash);
+
+/****f* silccrypt/SilcPKCSAPI/silc_pkcs_load_public_key
+ *
+ * SYNOPSIS
+ *
+ * SilcBool silc_pkcs_load_public_key(const char *filename,
+ * SilcPublicKey *ret_public_key);
+ *
+ * DESCRIPTION
+ *
+ * Loads public key from file and allocates new public key. Returns TRUE
+ * if loading was successful.
+ *
+ ***/
+SilcBool silc_pkcs_load_public_key(const char *filename,
+ SilcPublicKey *ret_public_key);
+
+/****f* silccrypt/SilcPKCSAPI/silc_pkcs_save_public_key
+ *
+ * SYNOPSIS
+ *
+ * SilcBool silc_pkcs_save_public_key(const char *filename,
+ * SilcPublicKey public_key,
+ * SilcPKCSFileEncoding encoding);
+ *
+ * DESCRIPTION
+ *
+ * Saves public key into file with specified encoding. Returns FALSE
+ * on error.
+ *
+ ***/
+SilcBool silc_pkcs_save_public_key(const char *filename,
+ SilcPublicKey public_key,
+ SilcPKCSFileEncoding encoding);
+
+/****f* silccrypt/SilcPKCSAPI/silc_pkcs_load_private_key
+ *
+ * SYNOPSIS
+ *
+ * SilcBool silc_pkcs_load_private_key(const char *filename,
+ * const unsigned char *passphrase,
+ * SilcUInt32 passphrase_len,
+ * SilcPrivateKey *ret_private_key);
+ *
+ * DESCRIPTION
+ *
+ * Loads private key from file and allocates new private key. Returns TRUE
+ * if loading was successful. The `passphrase' is used as decryption
+ * key of the private key file, in case it is encrypted.
+ *
+ ***/
+SilcBool silc_pkcs_load_private_key(const char *filename,
+ const unsigned char *passphrase,
+ SilcUInt32 passphrase_len,
+ SilcPrivateKey *ret_private_key);
+
+/****f* silccrypt/SilcPKCSAPI/silc_pkcs_save_private_key
+ *
+ * SYNOPSIS
+ *
+ * SilcBool silc_pkcs_save_private_key(const char *filename,
+ * SilcPrivateKey private_key,
+ * const unsigned char *passphrase,
+ * SilcUInt32 passphrase_len,
+ * SilcPKCSFileEncoding encoding,
+ * SilcRng rng);
+ *
+ * DESCRIPTION
+ *
+ * Saves private key into file. The private key is encrypted into
+ * the file with the `passphrase' as a key, if PKCS supports encrypted
+ * private keys. Returns FALSE on error.
+ *
+ ***/
+SilcBool silc_pkcs_save_private_key(const char *filename,
+ SilcPrivateKey private_key,
+ const unsigned char *passphrase,
+ SilcUInt32 passphrase_len,
+ SilcPKCSFileEncoding encoding,
+ SilcRng rng);
+
+#endif /* !SILCPKCS_H */