X-Git-Url: http://git.silcnet.org/gitweb/?a=blobdiff_plain;f=lib%2Fsilccrypt%2Fsilcpkcs.h;h=2fd34f7490650fb731eda7c30007401524b1f626;hb=e7b6c157b80152bf9fb9266e6bdd93f9fb0db776;hp=13488c72ee2cfd30eec8ee3d29be7b4b35fb3be3;hpb=abfab56ac76372f17c2e509b2e2fdd4675ec7764;p=silc.git diff --git a/lib/silccrypt/silcpkcs.h b/lib/silccrypt/silcpkcs.h index 13488c72..2fd34f74 100644 --- a/lib/silccrypt/silcpkcs.h +++ b/lib/silccrypt/silcpkcs.h @@ -49,10 +49,11 @@ typedef struct SilcPKCSObjectStruct SilcPKCSObject; */ typedef enum { SILC_PKCS_SILC = 1, /* SILC PKCS */ - SILC_PKCS_SSH2 = 2, /* SSH2 PKCS (not supported) */ - SILC_PKCS_X509V3 = 3, /* X.509v3 PKCS (not supported) */ - SILC_PKCS_OPENPGP = 4, /* OpenPGP PKCS (not supported) */ + SILC_PKCS_SSH2 = 2, /* SSH2 PKCS */ + SILC_PKCS_X509V3 = 3, /* X.509v3 PKCS */ + SILC_PKCS_OPENPGP = 4, /* OpenPGP PKCS */ SILC_PKCS_SPKI = 5, /* SPKI PKCS (not supported) */ + SILC_PKCS_ANY = 0, } SilcPKCSType; /***/ @@ -67,12 +68,13 @@ typedef enum { * This context represents any kind of PKCS public key. It can be * allocated by silc_pkcs_public_key_alloc and is freed by the * silc_pkcs_public_key_free. The PKCS specific public key context - * can be retrieved by calling silc_pkcs_get_context. + * can be retrieved by calling silc_pkcs_public_key_get_pkcs. * * SOURCE */ typedef struct SilcPublicKeyStruct { - const SilcPKCSObject *pkcs; /* PKCS */ + SilcPKCSObject *pkcs; /* PKCS */ + const SilcPKCSAlgorithm *alg; /* PKCS algorithm */ void *public_key; /* PKCS specific public key */ } *SilcPublicKey; /***/ @@ -85,12 +87,14 @@ typedef struct SilcPublicKeyStruct { * * DESCRIPTION * - * This context represents any kind of PKCS private key. + * This context represents any kind of PKCS private key. The PKCS specific + * key context can be retrieved by calling silc_pkcs_private_key_get_pkcs. * * SOURCE */ typedef struct SilcPrivateKeyStruct { - const SilcPKCSObject *pkcs; /* PKCS */ + SilcPKCSObject *pkcs; /* PKCS */ + const SilcPKCSAlgorithm *alg; /* PKCS algorithm */ void *private_key; /* PKCS specific private key */ } *SilcPrivateKey; /***/ @@ -394,11 +398,12 @@ const char *silc_pkcs_get_name(void *key); ***/ SilcPKCSType silc_pkcs_get_type(void *key); -/****f* silccrypt/SilcPKCSAPI/silc_pkcs_get_context +/****f* silccrypt/SilcPKCSAPI/silc_pkcs_public_key_get_pkcs * * SYNOPSIS * - * void *silc_pkcs_get_context(SilcPKCSType type, SilcPublicKey public_key); + * void *silc_pkcs_public_key_get_pkcs(SilcPKCSType type, + * SilcPublicKey public_key); * * DESCRIPTION * @@ -407,9 +412,31 @@ SilcPKCSType silc_pkcs_get_type(void *key); * type. Returns NULL on error. * * For SILC_PKCS_SILC the returned context is SilcSILCPublicKey. + * For SILC_PKCS_SSH2 the returned context is SilcSshPublicKey. * ***/ -void *silc_pkcs_get_context(SilcPKCSType type, SilcPublicKey public_key); +void *silc_pkcs_public_key_get_pkcs(SilcPKCSType type, + SilcPublicKey public_key); + +/****f* silccrypt/SilcPKCSAPI/silc_pkcs_private_key_get_pkcs + * + * SYNOPSIS + * + * void *silc_pkcs_private_key_get_pkcs(SilcPKCSType type, + * SilcPublicKey public_key); + * + * DESCRIPTION + * + * Returns the internal PKCS `type' specific private key context from the + * `private_key'. The caller needs to explicitly type cast it to correct + * type. Returns NULL on error. + * + * For SILC_PKCS_SILC the returned context is SilcSILCPrivateKey. + * For SILC_PKCS_SSH2 the returned context is SilcSshPrivateKey. + * + ***/ +void *silc_pkcs_private_key_get_pkcs(SilcPKCSType type, + SilcPrivateKey private_key); /****f* silccrypt/SilcPKCSAPI/silc_pkcs_public_key_alloc * @@ -442,7 +469,9 @@ SilcBool silc_pkcs_public_key_alloc(SilcPKCSType type, * * DESCRIPTION * - * Frees the public key. + * Frees the public key. This will also automatically free the underlaying + * PKCS specific public key. All public keys allocated through the + * PKCS API must be freed by calling this function. * ***/ void silc_pkcs_public_key_free(SilcPublicKey public_key); @@ -553,7 +582,9 @@ SilcUInt32 silc_pkcs_private_key_get_len(SilcPrivateKey private_key); * * DESCRIPTION * - * Frees the private key. + * Frees the public key. This will also automatically free the underlaying + * PKCS specific private key. All private keys allocated through the + * PKCS API must be freed by calling this function. * ***/ void silc_pkcs_private_key_free(SilcPrivateKey private_key); @@ -614,6 +645,7 @@ SilcAsyncOperation silc_pkcs_decrypt(SilcPrivateKey private_key, * SilcUInt32 src_len, * SilcBool compute_hash, * SilcHash hash, + * SilcRng rng, * SilcPKCSSignCb sign_cb, * void *context); * @@ -622,9 +654,10 @@ SilcAsyncOperation silc_pkcs_decrypt(SilcPrivateKey private_key, * Computes signature with the private key. The `sign_cb' will be called * to deliver the signature data. If `compute_hash' is TRUE the `hash' * will be used to compute a message digest over the `src'. The `hash' - * must always be valid. The signature operation may be asynchronous if - * the `private_key' is accelerated private key. If this returns NULL the - * asynchronous operation cannot be controlled. + * must always be valid. The `rng' should always be provided. The + * signature operation may be asynchronous if the `private_key' is + * accelerated private key. If this returns NULL the asynchronous + * operation cannot be controlled. * ***/ SilcAsyncOperation silc_pkcs_sign(SilcPrivateKey private_key, @@ -632,6 +665,7 @@ SilcAsyncOperation silc_pkcs_sign(SilcPrivateKey private_key, SilcUInt32 src_len, SilcBool compute_hash, SilcHash hash, + SilcRng rng, SilcPKCSSignCb sign_cb, void *context); @@ -655,8 +689,9 @@ SilcAsyncOperation silc_pkcs_sign(SilcPrivateKey private_key, * the 'data'. If the `hash' is non-NULL then the `data' will hashed * before verification. If the `hash' is NULL, then the hash algorithm * to be used is retrieved from the signature. If it isn't present in the - * signature the verification is done as is without hashing. If this - * returns NULL the asynchronous operation cannot be controlled. + * signature the verification is done as is without hashing. The `rng' + * is usually not needed and may be NULL. If this returns NULL the + * asynchronous operation cannot be controlled. * ***/ SilcAsyncOperation silc_pkcs_verify(SilcPublicKey public_key, @@ -673,15 +708,19 @@ SilcAsyncOperation silc_pkcs_verify(SilcPublicKey public_key, * SYNOPSIS * * SilcBool silc_pkcs_load_public_key(const char *filename, + * SilcPKCSType type, * SilcPublicKey *ret_public_key); * * DESCRIPTION * * Loads public key from file and allocates new public key. Returns TRUE - * if loading was successful. + * if loading was successful. If `type' is SILC_PKSC_ANY this attempts + * to automatically detect the public key type. If `type' is some other + * PKCS type, the key is expected to be of that type. * ***/ SilcBool silc_pkcs_load_public_key(const char *filename, + SilcPKCSType type, SilcPublicKey *ret_public_key); /****f* silccrypt/SilcPKCSAPI/silc_pkcs_save_public_key @@ -709,18 +748,23 @@ SilcBool silc_pkcs_save_public_key(const char *filename, * SilcBool silc_pkcs_load_private_key(const char *filename, * const unsigned char *passphrase, * SilcUInt32 passphrase_len, + * SilcPKCSType type, * SilcPrivateKey *ret_private_key); * * DESCRIPTION * * Loads private key from file and allocates new private key. Returns TRUE * if loading was successful. The `passphrase' is used as decryption - * key of the private key file, in case it is encrypted. + * key of the private key file, in case it is encrypted. If `type' is + * SILC_PKSC_ANY this attempts to automatically detect the private key type. + * If `type' is some other PKCS type, the key is expected to be of that + * type. * ***/ SilcBool silc_pkcs_load_private_key(const char *filename, const unsigned char *passphrase, SilcUInt32 passphrase_len, + SilcPKCSType type, SilcPrivateKey *ret_private_key); /****f* silccrypt/SilcPKCSAPI/silc_pkcs_save_private_key