+
+/****f* silccrypt/SilcPKCSAPI/silc_pkcs_is_supported
+ *
+ * SYNOPSIS
+ *
+ * SilcBool silc_pkcs_is_supported(const unsigned char *name);
+ *
+ * DESCRIPTION
+ *
+ * Returns TRUE if PKCS algorithm `name' is supported.
+ *
+ ***/
+SilcBool silc_pkcs_is_supported(const unsigned char *name);
+
+/****f* silccrypt/SilcPKCSAPI/silc_pkcs_get_supported
+ *
+ * SYNOPSIS
+ *
+ * char *silc_pkcs_get_supported(void);
+ *
+ * DESCRIPTION
+ *
+ * Returns comma separated list of supported PKCS algorithms.
+ *
+ ***/
+char *silc_pkcs_get_supported(void);
+
+/****f* silccrypt/SilcPKCSAPI/silc_pkcs_generate_key
+ *
+ * SYNOPSIS
+ *
+ * SilcBool silc_pkcs_generate_key(SilcPKCS pkcs, SilcUInt32 bits_key_len,
+ * SilcRng rng);
+ *
+ * DESCRIPTION
+ *
+ * Generate new key pair into the `pkcs' context. Returns FALSE on error.
+ * If the `rng' is NULL global SILC RNG will be used.
+ *
+ ***/
+SilcBool silc_pkcs_generate_key(SilcPKCS pkcs, SilcUInt32 bits_key_len,
+ SilcRng rng);
+
+/****f* silccrypt/SilcPKCSAPI/silc_pkcs_get_key_len
+ *
+ * SYNOPSIS
+ *
+ * SilcUInt32 silc_pkcs_get_key_len(SilcPKCS self);
+ *
+ * DESCRIPTION
+ *
+ * Returns the length of the key in bits.
+ *
+ ***/
+SilcUInt32 silc_pkcs_get_key_len(SilcPKCS self);
+
+/****f* silccrypt/SilcPKCSAPI/silc_pkcs_get_name
+ *
+ * SYNOPSIS
+ *
+ * const char *silc_pkcs_get_name(SilcPKCS pkcs);
+ *
+ * DESCRIPTION
+ *
+ * Returns PKCS name.
+ *
+ ***/
+const char *silc_pkcs_get_name(SilcPKCS pkcs);
+
+/****f* silccrypt/SilcPKCSAPI/silc_pkcs_get_public_key
+ *
+ * SYNOPSIS
+ *
+ * unsigned char *silc_pkcs_get_public_key(SilcPKCS pkcs, SilcUInt32 *len);
+ *
+ * DESCRIPTION
+ *
+ * Returns SILC style public key for the PKCS. Note that this is not
+ * the SILC Public Key, but the raw public key data from the PKCS.
+ * The caller must free the returned data.
+ *
+ ***/
+unsigned char *silc_pkcs_get_public_key(SilcPKCS pkcs, SilcUInt32 *len);
+
+/****f* silccrypt/SilcPKCSAPI/silc_pkcs_get_private_key
+ *
+ * SYNOPSIS
+ *
+ * unsigned char *silc_pkcs_get_private_key(SilcPKCS pkcs,
+ * SilcUInt32 *len);
+ *
+ * DESCRIPTION
+ *
+ * Returns SILC style private key. Note that this is not SilcPrivateKey
+ * but the raw private key bits from the PKCS. The caller must free the
+ * returned data and SHOULD zero the memory area before freeing.
+ *
+ ***/
+unsigned char *silc_pkcs_get_private_key(SilcPKCS pkcs, SilcUInt32 *len);
+
+/****f* silccrypt/SilcPKCSAPI/silc_pkcs_public_key_set
+ *
+ * SYNOPSIS
+ *
+ * SilcUInt32 silc_pkcs_public_key_set(SilcPKCS pkcs,
+ * SilcPublicKey public_key);
+ *
+ * DESCRIPTION
+ *
+ * Sets public key from SilcPublicKey. Returns the length of the key in
+ * bits.
+ *
+ ***/
+SilcUInt32 silc_pkcs_public_key_set(SilcPKCS pkcs, SilcPublicKey public_key);
+
+/****f* silccrypt/SilcPKCSAPI/silc_pkcs_public_key_data_set
+ *
+ * SYNOPSIS
+ *
+ * SilcUInt32 silc_pkcs_public_key_data_set(SilcPKCS pkcs,
+ * unsigned char *pk,
+ * SilcUInt32 pk_len);
+ *
+ * DESCRIPTION
+ *
+ * Sets public key from data. Returns the length of the key.
+ *
+ ***/
+SilcUInt32 silc_pkcs_public_key_data_set(SilcPKCS pkcs, unsigned char *pk,
+ SilcUInt32 pk_len);
+
+/****f* silccrypt/SilcPKCSAPI/silc_pkcs_private_key_set
+ *
+ * SYNOPSIS
+ *
+ * SilcUInt32 silc_pkcs_private_key_set(SilcPKCS pkcs,
+ * SilcPrivateKey private_key);
+ *
+ * DESCRIPTION
+ *
+ * Sets private key from SilcPrivateKey. Returns the length of the key
+ * in bits.
+ *
+ ***/
+SilcUInt32 silc_pkcs_private_key_set(SilcPKCS pkcs,
+ SilcPrivateKey private_key);
+
+/****f* silccrypt/SilcPKCSAPI/silc_pkcs_private_key_data_set
+ *
+ * SYNOPSIS
+ *
+ * SilcUInt32 silc_pkcs_private_key_data_set(SilcPKCS pkcs,
+ * unsigned char *prv,
+ * SilcUInt32 prv_len);
+ *
+ * DESCRIPTION
+ *
+ * Sets private key from data. Returns the length of the key.
+ *
+ ***/
+SilcUInt32 silc_pkcs_private_key_data_set(SilcPKCS pkcs, unsigned char *prv,
+ SilcUInt32 prv_len);
+
+/****f* silccrypt/SilcPKCSAPI/silc_pkcs_encrypt
+ *
+ * SYNOPSIS
+ *
+ * SilcBool silc_pkcs_encrypt(SilcPKCS pkcs, unsigned char *src,
+ * SilcUInt32 src_len, unsigned char *dst,
+ * SilcUInt32 *dst_len);
+ *
+ * DESCRIPTION
+ *
+ * Encrypts. Returns FALSE on error.
+ *
+ ***/
+SilcBool silc_pkcs_encrypt(SilcPKCS pkcs, unsigned char *src,
+ SilcUInt32 src_len,
+ unsigned char *dst, SilcUInt32 *dst_len);
+
+/****f* silccrypt/SilcPKCSAPI/silc_pkcs_decrypt
+ *
+ * SYNOPSIS
+ *
+ * SilcBool silc_pkcs_decrypt(SilcPKCS pkcs, unsigned char *src,
+ * SilcUInt32 src_len, unsigned char *dst,
+ * SilcUInt32 *dst_len);
+ *
+ * DESCRIPTION
+ *
+ * Decrypts. Returns FALSE on error.
+ *
+ ***/
+SilcBool silc_pkcs_decrypt(SilcPKCS pkcs, unsigned char *src,
+ SilcUInt32 src_len,
+ unsigned char *dst, SilcUInt32 *dst_len);
+
+/****f* silccrypt/SilcPKCSAPI/silc_pkcs_sign
+ *
+ * SYNOPSIS
+ *
+ * SilcBool silc_pkcs_sign(SilcPKCS pkcs, unsigned char *src,
+ * SilcUInt32 src_len, unsigned char *dst,
+ * SilcUInt32 *dst_len);
+ *
+ * DESCRIPTION
+ *
+ * Generates signature. Returns FALSE on error.
+ *
+ ***/
+SilcBool silc_pkcs_sign(SilcPKCS pkcs, unsigned char *src, SilcUInt32 src_len,
+ unsigned char *dst, SilcUInt32 *dst_len);
+
+/****f* silccrypt/SilcPKCSAPI/silc_pkcs_verify
+ *
+ * SYNOPSIS
+ *
+ * SilcBool silc_pkcs_verify(SilcPKCS pkcs, unsigned char *signature,
+ * SilcUInt32 signature_len, unsigned char *data,
+ * SilcUInt32 data_len);
+ *
+ * DESCRIPTION
+ *
+ * Verifies signature. Returns FALSE on error. The 'signature' is
+ * verified against the 'data'.
+ *
+ ***/
+SilcBool silc_pkcs_verify(SilcPKCS pkcs, unsigned char *signature,
+ SilcUInt32 signature_len, unsigned char *data,
+ SilcUInt32 data_len);
+
+/****f* silccrypt/SilcPKCSAPI/silc_pkcs_sign_with_hash
+ *
+ * SYNOPSIS
+ *
+ * SilcBool silc_pkcs_sign_with_hash(SilcPKCS pkcs, SilcHash hash,
+ * unsigned char *src, SilcUInt32 src_len,
+ * unsigned char *dst, SilcUInt32 *dst_len);
+ *
+ * DESCRIPTION
+ *
+ * Generates signature with hash. The hash is signed. Returns FALSE on
+ * error.
+ *
+ ***/
+SilcBool silc_pkcs_sign_with_hash(SilcPKCS pkcs, SilcHash hash,
+ unsigned char *src, SilcUInt32 src_len,
+ unsigned char *dst, SilcUInt32 *dst_len);
+
+/****f* silccrypt/SilcPKCSAPI/silc_pkcs_verify_with_hash
+ *
+ * SYNOPSIS
+ *
+ * SilcBool silc_pkcs_verify_with_hash(SilcPKCS pkcs, SilcHash hash,
+ * unsigned char *signature,
+ * SilcUInt32 signature_len,
+ * unsigned char *data,
+ * SilcUInt32 data_len);
+ *
+ * DESCRIPTION
+ *
+ * Verifies signature with hash. The `data' is hashed and verified against
+ * the `signature'. Returns FALSE on error.
+ *
+ ***/
+SilcBool silc_pkcs_verify_with_hash(SilcPKCS pkcs, SilcHash hash,
+ unsigned char *signature,
+ SilcUInt32 signature_len,
+ unsigned char *data,
+ SilcUInt32 data_len);
+
+/****f* silccrypt/SilcPKCSAPI/silc_pkcs_encode_identifier
+ *
+ * SYNOPSIS
+ *
+ * char *silc_pkcs_encode_identifier(char *username, char *host,
+ * char *realname, char *email,
+ * char *org, char *country);
+ *
+ * DESCRIPTION
+ *
+ * Encodes and returns SILC public key identifier. If some of the
+ * arguments is NULL those are not encoded into the identifier string.
+ * Protocol says that at least username and host must be provided.
+ *
+ ***/
+char *silc_pkcs_encode_identifier(char *username, char *host, char *realname,
+ char *email, char *org, char *country);
+
+/****f* silccrypt/SilcPKCSAPI/silc_pkcs_decode_identifier
+ *
+ * SYNOPSIS
+ *
+ * SilcPublicKeyIdentifier silc_pkcs_decode_identifier(char *identifier);
+ *
+ * DESCRIPTION
+ *
+ * Decodes the provided `identifier' and returns allocated context for
+ * the identifier.
+ *
+ ***/
+SilcPublicKeyIdentifier silc_pkcs_decode_identifier(char *identifier);
+
+/****f* silccrypt/SilcPKCSAPI/silc_pkcs_free_identifier
+ *
+ * SYNOPSIS
+ *
+ * void silc_pkcs_free_identifier(SilcPublicKeyIdentifier identifier);
+ *
+ * DESCRIPTION
+ *
+ * Frees decoded public key identifier context. Call this to free the
+ * context returned by the silc_pkcs_decode_identifier.
+ *
+ ***/
+void silc_pkcs_free_identifier(SilcPublicKeyIdentifier identifier);
+
+/****f* silccrypt/SilcPKCSAPI/silc_pkcs_public_key_alloc
+ *
+ * SYNOPSIS
+ *
+ * SilcPublicKey silc_pkcs_public_key_alloc(const char *name,
+ * const char *identifier,
+ * const unsigned char *pk,
+ * SilcUInt32 pk_len);
+ *
+ * DESCRIPTION
+ *
+ * Allocates SILC style public key formed from sent arguments. The
+ * 'name' is the algorithm (PKCS) name, the 'identifier' is the public
+ * key identifier generated with silc_pkcs_encode_identifier, and the
+ * 'pk' and 'pk_len' are the raw public key data returned for example
+ * by silc_pkcs_get_public_key.
+ *
+ ***/
+SilcPublicKey silc_pkcs_public_key_alloc(const char *name,
+ const char *identifier,
+ const unsigned char *pk,
+ SilcUInt32 pk_len);
+
+/****f* silccrypt/SilcPKCSAPI/silc_pkcs_public_key_free
+ *
+ * SYNOPSIS
+ *
+ * void silc_pkcs_public_key_free(SilcPublicKey public_key);
+ *
+ * DESCRIPTION
+ *
+ * Frees public key and all data in it.
+ *
+ ***/
+void silc_pkcs_public_key_free(SilcPublicKey public_key);
+
+/****f* silccrypt/SilcPKCSAPI/silc_pkcs_private_key_alloc
+ *
+ * SYNOPSIS
+ *
+ * SilcPrivateKey silc_pkcs_private_key_alloc(const char *name,
+ * const unsigned char *prv,
+ * SilcUInt32 prv_len);
+ *
+ * DESCRIPTION
+ *
+ * Allocates SILC private key formed from sent arguments. The 'name'
+ * is the algorithm name, and the 'prv' and 'prv_len' are the raw
+ * private key bits returned by silc_pkcs_get_private_key.
+ *
+ ***/
+SilcPrivateKey silc_pkcs_private_key_alloc(const char *name,
+ const unsigned char *prv,
+ SilcUInt32 prv_len);
+
+/****f* silccrypt/SilcPKCSAPI/silc_pkcs_private_key_free
+ *
+ * SYNOPSIS
+ *
+ * void silc_pkcs_private_key_free(SilcPrivateKey private_key);
+ *
+ * DESCRIPTION
+ *
+ * Frees private key and all data in it. The private key is zeroed
+ * before it is freed.
+ *
+ ***/
+void silc_pkcs_private_key_free(SilcPrivateKey private_key);
+
+/****f* silccrypt/SilcPKCSAPI/silc_pkcs_public_key_encode
+ *
+ * SYNOPSIS
+ *
+ * unsigned char *
+ * silc_pkcs_public_key_encode(SilcPublicKey public_key, SilcUInt32 *len);
+ *
+ * DESCRIPTION
+ *
+ * Encodes SILC style public key from SilcPublicKey. Returns the encoded
+ * data.
+ *
+ ***/
+unsigned char *
+silc_pkcs_public_key_encode(SilcPublicKey public_key, SilcUInt32 *len);
+
+/****f* silccrypt/SilcPKCSAPI/silc_pkcs_public_key_data_encode
+ *
+ * SYNOPSIS
+ *
+ * unsigned char *
+ * silc_pkcs_public_key_data_encode(unsigned char *pk, SilcUInt32 pk_len,
+ * char *pkcs, char *identifier,
+ * SilcUInt32 *len);
+ *
+ * DESCRIPTION
+ *
+ * Encodes SILC style public key. Returns the encoded data.
+ *
+ ***/
+unsigned char *
+silc_pkcs_public_key_data_encode(unsigned char *pk, SilcUInt32 pk_len,
+ char *pkcs, char *identifier,
+ SilcUInt32 *len);
+
+/****f* silccrypt/SilcPKCSAPI/silc_pkcs_public_key_decode
+ *
+ * SYNOPSIS
+ *
+ * SilcBool silc_pkcs_public_key_decode(unsigned char *data,
+ * SilcUInt32 data_len,
+ * SilcPublicKey *public_key);
+ *
+ * DESCRIPTION
+ *
+ * Decodes SILC style public key. Returns TRUE if the decoding was
+ * successful. Allocates new public key as well.
+ *
+ ***/
+SilcBool silc_pkcs_public_key_decode(unsigned char *data, SilcUInt32 data_len,
+ SilcPublicKey *public_key);
+
+/****f* silccrypt/SilcPKCSAPI/silc_pkcs_public_key_payload_encode
+ *
+ * SYNOPSIS
+ *
+ * SilcBool silc_pkcs_public_key_payload_encode(SilcPublicKey public_key);
+ *
+ * DESCRIPTION
+ *
+ * Encodes the Public Key Payload from the public key indicated by
+ * `public_key' of type of `pk_type'. The type is SilcSKEPKType.
+ * Returns the encoded payload buffer.
+ *
+ ***/
+SilcBuffer silc_pkcs_public_key_payload_encode(SilcPublicKey public_key);
+
+/****f* silccrypt/SilcPKCSAPI/silc_pkcs_public_key_payload_decode
+ *
+ * SYNOPSIS
+ *
+ * SilcBool silc_pkcs_public_key_payload_decode(unsigned char *data,
+ * SilcUInt32 data_len,
+ * SilcPublicKey *public_key);
+ *
+ * DESCRIPTION
+ *
+ * Decodes Public Key Payload from `data' of `data_len' bytes in length
+ * data buffer into `public_key' pointer. Returns FALSE if the payload
+ * cannot be decoded.
+ *
+ ***/
+SilcBool silc_pkcs_public_key_payload_decode(unsigned char *data,
+ SilcUInt32 data_len,
+ SilcPublicKey *public_key);
+
+/****f* silccrypt/SilcPKCSAPI/silc_pkcs_public_key_compare
+ *
+ * SYNOPSIS
+ *
+ * SilcBool silc_pkcs_public_key_compare(SilcPublicKey key1,
+ * SilcPublicKey key2);
+ *
+ * DESCRIPTION
+ *
+ * Compares two public keys and returns TRUE if they are same key, and
+ * FALSE if they are not same.
+ *
+ ***/
+SilcBool silc_pkcs_public_key_compare(SilcPublicKey key1, SilcPublicKey key2);
+
+/****f* silccrypt/SilcPKCSAPI/silc_pkcs_public_key_copy
+ *
+ * SYNOPSIS
+ *
+ * SilcPublicKey silc_pkcs_public_key_copy(SilcPublicKey public_key);
+ *
+ * DESCRIPTION
+ *
+ * Copies the public key indicated by `public_key' and returns new allocated
+ * public key which is indentical to the `public_key'.
+ *
+ ***/
+SilcPublicKey silc_pkcs_public_key_copy(SilcPublicKey public_key);
+
+/****f* silccrypt/SilcPKCSAPI/silc_pkcs_private_key_encode
+ *
+ * SYNOPSIS
+ *
+ * unsigned char *
+ * silc_pkcs_private_key_encode(SilcPrivateKey private_key,
+ * SilcUInt32 *len);
+ *
+ * DESCRIPTION
+ *
+ * Encodes SILC private key from SilcPrivateKey. Returns the encoded data.
+ *
+ ***/
+unsigned char *
+silc_pkcs_private_key_encode(SilcPrivateKey private_key, SilcUInt32 *len);
+
+/****f* silccrypt/SilcPKCSAPI/silc_pkcs_private_key_data_encode
+ *
+ * SYNOPSIS
+ *
+ * unsigned char *
+ * silc_pkcs_private_key_data_encode(unsigned char *prv, SilcUInt32 prv_len,
+ * char *pkcs, SilcUInt32 *len);
+ *
+ * DESCRIPTION
+ *
+ * Encodes SILC private key. Returns the encoded data.
+ *
+ ***/
+unsigned char *
+silc_pkcs_private_key_data_encode(unsigned char *prv, SilcUInt32 prv_len,
+ char *pkcs, SilcUInt32 *len);
+
+/****f* silccrypt/SilcPKCSAPI/silc_pkcs_private_key_decode
+ *
+ * SYNOPSIS
+ *
+ * SilcBool silc_pkcs_private_key_decode(unsigned char *data,
+ * SilcUInt32 data_len,
+ * SilcPrivateKey *private_key);
+ *
+ * DESCRIPTION
+ *
+ * Decodes SILC style private key. Returns TRUE if the decoding was
+ * successful. Allocates new private key as well.
+ *
+ ***/
+SilcBool silc_pkcs_private_key_decode(unsigned char *data, SilcUInt32 data_len,
+ SilcPrivateKey *private_key);
+
+/****f* silccrypt/SilcPKCSAPI/silc_pkcs_save_public_key
+ *
+ * SYNOPSIS
+ *
+ * SilcBool silc_pkcs_save_public_key(const char *filename,
+ * SilcPublicKey public_key,
+ * SilcUInt32 encoding);
+ *
+ * DESCRIPTION
+ *
+ * Saves public key into file. Returns FALSE on error.
+ *
+ ***/
+SilcBool silc_pkcs_save_public_key(const char *filename, SilcPublicKey public_key,
+ SilcUInt32 encoding);
+
+/****f* silccrypt/SilcPKCSAPI/silc_pkcs_save_public_key_data
+ *
+ * SYNOPSIS
+ *
+ * SilcBool silc_pkcs_save_public_key_data(const char *filename,
+ * unsigned char *data,
+ * SilcUInt32 data_len,
+ * SilcUInt32 encoding);
+ *
+ * DESCRIPTION
+ *
+ * Saves public key into file. The public key is already encoded as
+ * data when calling this function. Returns FALSE on error.
+ *
+ ***/
+SilcBool silc_pkcs_save_public_key_data(const char *filename, unsigned char *data,
+ SilcUInt32 data_len, SilcUInt32 encoding);
+
+/****f* silccrypt/SilcPKCSAPI/silc_pkcs_save_private_key
+ *
+ * SYNOPSIS
+ *
+ * SilcBool silc_pkcs_save_private_key(const char *filename,
+ * SilcPrivateKey private_key,
+ * unsigned char *passphrase,
+ * SilcUInt32 passphrase_len,
+ * SilcUInt32 encoding);
+ *
+ * DESCRIPTION
+ *
+ * Saves private key into file. The private key is encrypted into
+ * the file with the `passphrase' as a key. The encryption algorithm
+ * is AES with 256 bit key in CBC mode. Returns FALSE on error.
+ *
+ ***/
+SilcBool silc_pkcs_save_private_key(const char *filename,
+ SilcPrivateKey private_key,
+ unsigned char *passphrase,
+ SilcUInt32 passphrase_len,
+ SilcUInt32 encoding);
+
+/****f* silccrypt/SilcPKCSAPI/silc_pkcs_load_public_key
+ *
+ * SYNOPSIS
+ *
+ * SilcBool silc_pkcs_load_public_key(const char *filename,
+ * SilcPublicKey *public_key,
+ * SilcUInt32 encoding);
+ *
+ * DESCRIPTION
+ *
+ * Loads public key from file and allocates new public key. Returns TRUE
+ * if loading was successful.
+ *
+ ***/
+SilcBool silc_pkcs_load_public_key(const char *filename, SilcPublicKey *public_key,
+ SilcUInt32 encoding);
+
+/****f* silccrypt/SilcPKCSAPI/silc_pkcs_load_private_key
+ *
+ * SYNOPSIS
+ *
+ * SilcBool silc_pkcs_load_private_key(const char *filename,
+ * SilcPrivateKey *private_key,
+ * unsigned char *passphrase,
+ * SilcUInt32 passphrase_len,
+ * SilcUInt32 encoding);
+ *
+ * DESCRIPTION
+ *
+ * Loads private key from file and allocates new private key. Returns TRUE
+ * if loading was successful. The `passphrase' is used as decryption
+ * key of the private key file.
+ *
+ ***/
+SilcBool silc_pkcs_load_private_key(const char *filename,
+ SilcPrivateKey *private_key,
+ unsigned char *passphrase,
+ SilcUInt32 passphrase_len,
+ SilcUInt32 encoding);
+
+#endif /* !SILCPKCS_H */