X-Git-Url: http://git.silcnet.org/gitweb/?a=blobdiff_plain;f=lib%2Fsilccrypt%2Fsilcpkcs.h;h=2fd34f7490650fb731eda7c30007401524b1f626;hb=e7b6c157b80152bf9fb9266e6bdd93f9fb0db776;hp=b18747fbd1c28892e47d08d8ed485a988743901b;hpb=410642a14d4185abd75715cee3f5177cd55b1ceb;p=silc.git diff --git a/lib/silccrypt/silcpkcs.h b/lib/silccrypt/silcpkcs.h index b18747fb..2fd34f74 100644 --- a/lib/silccrypt/silcpkcs.h +++ b/lib/silccrypt/silcpkcs.h @@ -4,7 +4,7 @@ Author: Pekka Riikonen - Copyright (C) 1997 - 2005 Pekka Riikonen + Copyright (C) 1997 - 2007 Pekka Riikonen This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -32,6 +32,7 @@ #define SILCPKCS_H /* Forward declarations */ +typedef struct SilcPKCSAlgorithmStruct SilcPKCSAlgorithm; typedef struct SilcPKCSObjectStruct SilcPKCSObject; /****d* silccrypt/SilcPKCSAPI/SilcPKCSType @@ -42,17 +43,17 @@ typedef struct SilcPKCSObjectStruct SilcPKCSObject; * * DESCRIPTION * - * Public key cryptosystem types. These are defined by the SILC - * Key Exchange protocol. + * Supported public key cryptosystem types. * * SOURCE */ typedef enum { SILC_PKCS_SILC = 1, /* SILC PKCS */ - SILC_PKCS_SSH2 = 2, /* SSH2 PKCS (not supported) */ - SILC_PKCS_X509V3 = 3, /* X.509v3 PKCS (not supported) */ - SILC_PKCS_OPENPGP = 4, /* OpenPGP PKCS (not supported) */ + SILC_PKCS_SSH2 = 2, /* SSH2 PKCS */ + SILC_PKCS_X509V3 = 3, /* X.509v3 PKCS */ + SILC_PKCS_OPENPGP = 4, /* OpenPGP PKCS */ SILC_PKCS_SPKI = 5, /* SPKI PKCS (not supported) */ + SILC_PKCS_ANY = 0, } SilcPKCSType; /***/ @@ -67,12 +68,13 @@ typedef enum { * This context represents any kind of PKCS public key. It can be * allocated by silc_pkcs_public_key_alloc and is freed by the * silc_pkcs_public_key_free. The PKCS specific public key context - * can be retrieved by calling silc_pkcs_get_context. + * can be retrieved by calling silc_pkcs_public_key_get_pkcs. * * SOURCE */ -typedef struct { - const SilcPKCSObject *pkcs; /* PKCS */ +typedef struct SilcPublicKeyStruct { + SilcPKCSObject *pkcs; /* PKCS */ + const SilcPKCSAlgorithm *alg; /* PKCS algorithm */ void *public_key; /* PKCS specific public key */ } *SilcPublicKey; /***/ @@ -85,12 +87,14 @@ typedef struct { * * DESCRIPTION * - * This context represents any kind of PKCS private key. + * This context represents any kind of PKCS private key. The PKCS specific + * key context can be retrieved by calling silc_pkcs_private_key_get_pkcs. * * SOURCE */ -typedef struct { - const SilcPKCSObject *pkcs; /* PKCS */ +typedef struct SilcPrivateKeyStruct { + SilcPKCSObject *pkcs; /* PKCS */ + const SilcPKCSAlgorithm *alg; /* PKCS algorithm */ void *private_key; /* PKCS specific private key */ } *SilcPrivateKey; /***/ @@ -113,179 +117,92 @@ typedef enum { } SilcPKCSFileEncoding; /***/ -/* The PKCS Algorithm object to represent any PKCS algorithm. */ -typedef struct { - /* Algorithm name and scheme */ - char *name; - char *scheme; - - /* Supported hash functions, comma separated list */ - char *hash; - - /* Generate new key pair. Returns PKCS algorithm specific public key - and private key contexts. */ - SilcBool (*generate_key)(SilcUInt32 keylen, - SilcRng rng, - void **ret_public_key, - void **ret_private_key); - - /* Public key routines */ - SilcBool (*import_public_key)(unsigned char *key, - SilcUInt32 key_len, - void **ret_public_key); - unsigned char *(*export_public_key)(void *public_key, - SilcUInt32 *ret_len); - SilcUInt32 (*public_key_bitlen)(void *public_key); - void *(*public_key_copy)(void *public_key); - SilcBool (*public_key_compare)(void *key1, void *key2); - void (*public_key_free)(void *public_key); - - /* Private key routines */ - SilcBool (*import_private_key)(unsigned char *key, - SilcUInt32 key_len, - void **ret_private_key); - unsigned char *(*export_private_key)(void *private_key, - SilcUInt32 *ret_len); - SilcUInt32 (*private_key_bitlen)(void *public_key); - void (*private_key_free)(void *private_key); - - /* Encrypt and decrypt operations */ - SilcBool (*encrypt)(void *public_key, - unsigned char *src, - SilcUInt32 src_len, - unsigned char *dst, - SilcUInt32 dst_size, - SilcUInt32 *ret_dst_len); - SilcBool (*decrypt)(void *private_key, - unsigned char *src, - SilcUInt32 src_len, - unsigned char *dst, - SilcUInt32 dst_size, - SilcUInt32 *ret_dst_len); - - /* Signature and verification operations */ - SilcBool (*sign)(void *private_key, - unsigned char *src, - SilcUInt32 src_len, - unsigned char *signature, - SilcUInt32 signature_size, - SilcUInt32 *ret_signature_len, - SilcHash hash); - SilcBool (*verify)(void *public_key, - unsigned char *signature, - SilcUInt32 signature_len, - unsigned char *data, - SilcUInt32 data_len, - SilcHash hash); -} SilcPKCSAlgorithm; - -/* The PKCS (Public Key Cryptosystem) object to represent any PKCS. */ -struct SilcPKCSObjectStruct { - /* PKCS type */ - SilcPKCSType type; - - /* Public key routines */ - - /* Returns PKCS algorithm context from public key */ - const SilcPKCSAlgorithm *(*get_algorithm)(void *public_key); - - /* Imports from public key file */ - SilcBool (*import_public_key_file)(unsigned char *filedata, - SilcUInt32 filedata_len, - SilcPKCSFileEncoding encoding, - void **ret_public_key); - - /* Imports from public key binary data */ - SilcBool (*import_public_key)(unsigned char *key, - SilcUInt32 key_len, - void **ret_public_key); - - /* Exports public key to file */ - unsigned char *(*export_public_key_file)(void *public_key, - SilcPKCSFileEncoding encoding, - SilcUInt32 *ret_len); +/****f* silccrypt/SilcPKCSAPI/SilcPKCSEncryptCb + * + * SYNOPSIS + * + * typedef void (*SilcPKCSEncryptCb)(SilcBool success, + * const unsigned char *encrypted, + * SilcUInt32 encrypted_len, + * void *context); + * + * DESCRIPTION + * + * Encryption callback. This callback is given as argument to the + * silc_pkcs_encrypt and the encrypted data is delivered to the caller + * in this callback. The `encrypted' is the encrypted data. If the + * `success' is FALSE the encryption operation failed. + * + ***/ +typedef void (*SilcPKCSEncryptCb)(SilcBool success, + const unsigned char *encrypted, + SilcUInt32 encrypted_len, + void *context); + +/****f* silccrypt/SilcPKCSAPI/SilcPKCSDecryptCb + * + * SYNOPSIS + * + * typedef void (*SilcPKCSDecryptCb)(SilcBool success, + * const unsigned char *decrypted, + * SilcUInt32 decrypted_len, + * void *context); + * + * DESCRIPTION + * + * Decryption callback. This callback is given as argument to the + * silc_pkcs_decrypt and the decrypted data is delivered to the caller + * in this callback. The `decrypted' is the decrypted data. If the + * `success' is FALSE the decryption operation failed. + * + ***/ +typedef void (*SilcPKCSDecryptCb)(SilcBool success, + const unsigned char *decrypted, + SilcUInt32 decrypted_len, + void *context); + +/****f* silccrypt/SilcPKCSAPI/SilcPKCSSignCb + * + * SYNOPSIS + * + * typedef void (*SilcPKCSSignCb)(SilcBool success, + * const unsigned char *signature, + * SilcUInt32 signature_len, + * void *context); + * + * DESCRIPTION + * + * Signature callback. This callback is given as argument to the + * silc_pkcs_sign and the digitally signed data is delivered to the caller + * in this callback. The `signature' is the signature data. If the + * `success' is FALSE the signature operation failed. + * + ***/ +typedef void (*SilcPKCSSignCb)(SilcBool success, + const unsigned char *signature, + SilcUInt32 signature_len, + void *context); + +/****f* silccrypt/SilcPKCSAPI/SilcPKCSVerifyCb + * + * SYNOPSIS + * + * typedef void (*SilcPKCSVerifyCb)(SilcBool success, void *context); + * + * DESCRIPTION + * + * Verification callback. This callback is given as argument to the + * silc_pkcs_verify and the result of the signature verification is + * deliver to the caller in this callback. If the `success' is FALSE + * the signature verification failed. + * + ***/ +typedef void (*SilcPKCSVerifyCb)(SilcBool success, void *context); + +#include "silcpkcs_i.h" - /* Export public key as binary data */ - unsigned char *(*export_public_key)(void *public_key, - SilcUInt32 *ret_len); - - /* Returns key length in bits */ - SilcUInt32 (*public_key_bitlen)(void *public_key); - - /* Copy public key */ - void *(*public_key_copy)(void *public_key); - - /* Compares public keys */ - SilcBool (*public_key_compare)(void *key1, void *key2); - - /* Free public key */ - void (*public_key_free)(void *public_key); - - /* Private key routines */ - - /* Imports from private key file */ - SilcBool (*import_private_key_file)(unsigned char *filedata, - SilcUInt32 filedata_len, - const char *passphrase, - SilcUInt32 passphrase_len, - SilcPKCSFileEncoding encoding, - void **ret_private_key); - - /* Imports from private key binary data */ - SilcBool (*import_private_key)(unsigned char *key, - SilcUInt32 key_len, - void **ret_private_key); - - /* Exports private key to file */ - unsigned char *(*export_private_key_file)(void *private_key, - const char *passphrase, - SilcUInt32 passphrase_len, - SilcPKCSFileEncoding encoding, - SilcRng rng, - SilcUInt32 *ret_len); - - /* Export private key as binary data */ - unsigned char *(*export_private_key)(void *private_key, - SilcUInt32 *ret_len); - - /* Returns key length in bits */ - SilcUInt32 (*private_key_bitlen)(void *private_key); - - /* Free private key */ - void (*private_key_free)(void *private_key); - - /* Encrypt and decrypt operations */ - SilcBool (*encrypt)(void *public_key, - unsigned char *src, - SilcUInt32 src_len, - unsigned char *dst, - SilcUInt32 dst_size, - SilcUInt32 *ret_dst_len); - SilcBool (*decrypt)(void *private_key, - unsigned char *src, - SilcUInt32 src_len, - unsigned char *dst, - SilcUInt32 dst_size, - SilcUInt32 *ret_dst_len); - - /* Signature and verification operations */ - SilcBool (*sign)(void *private_key, - unsigned char *src, - SilcUInt32 src_len, - unsigned char *signature, - SilcUInt32 signature_size, - SilcUInt32 *ret_signature_len, - SilcHash hash); - SilcBool (*verify)(void *public_key, - unsigned char *signature, - SilcUInt32 signature_len, - unsigned char *data, - SilcUInt32 data_len, - SilcHash hash); -}; - -/* Marks for all PKCS in silc. This can be used in silc_pkcs_unregister - to unregister all PKCS at once. */ +/* Marks for all PKCS in. This can be used in silc_pkcs_unregister to + unregister all PKCS at once. */ #define SILC_ALL_PKCS ((SilcPKCSObject *)1) #define SILC_ALL_PKCS_ALG ((SilcPKCSAlgorithm *)1) @@ -303,8 +220,8 @@ extern DLLAPI const SilcPKCSAlgorithm silc_default_pkcs_alg[]; * * DESCRIPTION * - * Registers a new PKCS into the SILC. This function is used - * at the initialization of the SILC. All registered PKCSs + * Registers a new PKCS into the crypto library. This function is used + * at the initialization of an application. All registered PKCSs * should be unregistered with silc_pkcs_unregister. The `pkcs' includes * the name of the PKCS and member functions for the algorithm. Usually * this function is not called directly. Instead, application can call @@ -322,7 +239,7 @@ SilcBool silc_pkcs_register(const SilcPKCSObject *pkcs); * * DESCRIPTION * - * Unregister a PKCS from the SILC. Returns FALSE on error. + * Unregister a PKCS from the crypto library. Returns FALSE on error. * ***/ SilcBool silc_pkcs_unregister(SilcPKCSObject *pkcs); @@ -335,9 +252,9 @@ SilcBool silc_pkcs_unregister(SilcPKCSObject *pkcs); * * DESCRIPTION * - * Registers a new PKCS Algorithm into the SILC. This function is used - * at the initialization of the SILC. All registered PKCS algorithms - * should be unregistered with silc_pkcs_unregister. + * Registers a new PKCS Algorithm into crypto library. This function + * is used at the initialization of an application. All registered PKCS +* algorithms should be unregistered with silc_pkcs_unregister. * ***/ SilcBool silc_pkcs_algorithm_register(const SilcPKCSAlgorithm *pkcs); @@ -350,7 +267,7 @@ SilcBool silc_pkcs_algorithm_register(const SilcPKCSAlgorithm *pkcs); * * DESCRIPTION * - * Unregister a PKCS from the SILC. Returns FALSE on error. + * Unregister a PKCS from the crypto library. Returns FALSE on error. * ***/ SilcBool silc_pkcs_algorithm_unregister(SilcPKCSAlgorithm *pkcs); @@ -429,59 +346,64 @@ const SilcPKCSAlgorithm *silc_pkcs_find_algorithm(const char *algorithm, * * SYNOPSIS * - * const SilcPKCSObject *silc_pkcs_get_pkcs(SilcPublicKey public_key); + * const SilcPKCSObject *silc_pkcs_get_pkcs(void *key); * * DESCRIPTION * - * Returns the PKCS object from `public_key'. + * Returns the PKCS object from `key', which may be SilcPublicKey or + * SilcPrivateKey pointer. * ***/ -const SilcPKCSObject *silc_pkcs_get_pkcs(SilcPublicKey public_key); +const SilcPKCSObject *silc_pkcs_get_pkcs(void *key); /****f* silccrypt/SilcPKCSAPI/silc_pkcs_get_algorithm * * SYNOPSIS * - * const SilcPKCSObject *silc_pkcs_get_algorithm(SilcPublicKey public_key); + * const SilcPKCSAlgorithm *silc_pkcs_get_algorithm(void *key); * * DESCRIPTION * - * Returns the PKCS algorithm object from `public_key'. + * Returns the PKCS algorithm object from `key', which may be SilcPublicKey + * or SilcPrivateKey pointer. * ***/ -const SilcPKCSAlgorithm *silc_pkcs_get_algorithm(SilcPublicKey public_key); +const SilcPKCSAlgorithm *silc_pkcs_get_algorithm(void *key); /****f* silccrypt/SilcPKCSAPI/silc_pkcs_get_name * * SYNOPSIS * - * const char *silc_pkcs_get_name(SilcPublicKey public_key) + * const char *silc_pkcs_get_name(void *key); * * DESCRIPTION * - * Returns PKCS algorithm name from the public key. + * Returns PKCS algorithm name from the `key', which may be SilcPublicKey + * or SilcPrivateKey pointer. * ***/ -const char *silc_pkcs_get_name(SilcPublicKey public_key); +const char *silc_pkcs_get_name(void *key); /****f* silccrypt/SilcPKCSAPI/silc_pkcs_get_type * * SYNOPSIS * - * SilcPKCSType silc_pkcs_get_type(SilcPublicKey public_key); + * SilcPKCSType silc_pkcs_get_type(void *key); * * DESCRIPTION * - * Returns PKCS type from the public key. + * Returns PKCS type from the `key', which may be SilcPublicKey or + * SilcPrivateKey pointer. * ***/ -SilcPKCSType silc_pkcs_get_type(SilcPublicKey public_key); +SilcPKCSType silc_pkcs_get_type(void *key); -/****f* silccrypt/SilcPKCSAPI/silc_pkcs_get_context +/****f* silccrypt/SilcPKCSAPI/silc_pkcs_public_key_get_pkcs * * SYNOPSIS * - * void *silc_pkcs_get_context(SilcPKCSType type, SilcPublicKey public_key); + * void *silc_pkcs_public_key_get_pkcs(SilcPKCSType type, + * SilcPublicKey public_key); * * DESCRIPTION * @@ -490,9 +412,31 @@ SilcPKCSType silc_pkcs_get_type(SilcPublicKey public_key); * type. Returns NULL on error. * * For SILC_PKCS_SILC the returned context is SilcSILCPublicKey. + * For SILC_PKCS_SSH2 the returned context is SilcSshPublicKey. * ***/ -void *silc_pkcs_get_context(SilcPKCSType type, SilcPublicKey public_key); +void *silc_pkcs_public_key_get_pkcs(SilcPKCSType type, + SilcPublicKey public_key); + +/****f* silccrypt/SilcPKCSAPI/silc_pkcs_private_key_get_pkcs + * + * SYNOPSIS + * + * void *silc_pkcs_private_key_get_pkcs(SilcPKCSType type, + * SilcPublicKey public_key); + * + * DESCRIPTION + * + * Returns the internal PKCS `type' specific private key context from the + * `private_key'. The caller needs to explicitly type cast it to correct + * type. Returns NULL on error. + * + * For SILC_PKCS_SILC the returned context is SilcSILCPrivateKey. + * For SILC_PKCS_SSH2 the returned context is SilcSshPrivateKey. + * + ***/ +void *silc_pkcs_private_key_get_pkcs(SilcPKCSType type, + SilcPrivateKey private_key); /****f* silccrypt/SilcPKCSAPI/silc_pkcs_public_key_alloc * @@ -525,7 +469,9 @@ SilcBool silc_pkcs_public_key_alloc(SilcPKCSType type, * * DESCRIPTION * - * Frees the public key. + * Frees the public key. This will also automatically free the underlaying + * PKCS specific public key. All public keys allocated through the + * PKCS API must be freed by calling this function. * ***/ void silc_pkcs_public_key_free(SilcPublicKey public_key); @@ -534,7 +480,8 @@ void silc_pkcs_public_key_free(SilcPublicKey public_key); * * SYNOPSIS * - * unsigned char *silc_pkcs_public_key_encode(SilcPublicKey public_key, + * unsigned char *silc_pkcs_public_key_encode(SilcStack stack, + * SilcPublicKey public_key, * SilcUInt32 *ret_len); * * DESCRIPTION @@ -542,8 +489,13 @@ void silc_pkcs_public_key_free(SilcPublicKey public_key); * Encodes the `public_key' into a binary format and returns it. Returns * NULL on error. Caller must free the returned buffer. * + * If the `stack' is non-NULL the returned buffer is allocated from the + * `stack'. This call will consume `stack' so caller should push the stack + * before calling and then later pop it. + * ***/ -unsigned char *silc_pkcs_public_key_encode(SilcPublicKey public_key, +unsigned char *silc_pkcs_public_key_encode(SilcStack stack, + SilcPublicKey public_key, SilcUInt32 *ret_len); /****f* silccrypt/SilcPKCSAPI/silc_pkcs_public_key_get_len @@ -617,7 +569,7 @@ SilcBool silc_pkcs_private_key_alloc(SilcPKCSType type, * * DESCRIPTION * - * Returns the key length in bits from the public key. + * Returns the key length in bits from the private key. * ***/ SilcUInt32 silc_pkcs_private_key_get_len(SilcPrivateKey private_key); @@ -630,7 +582,9 @@ SilcUInt32 silc_pkcs_private_key_get_len(SilcPrivateKey private_key); * * DESCRIPTION * - * Frees the private key. + * Frees the public key. This will also automatically free the underlaying + * PKCS specific private key. All private keys allocated through the + * PKCS API must be freed by calling this function. * ***/ void silc_pkcs_private_key_free(SilcPrivateKey private_key); @@ -639,100 +593,134 @@ void silc_pkcs_private_key_free(SilcPrivateKey private_key); * * SYNOPSIS * - * SilcBool silc_pkcs_encrypt(SilcPublicKey public_key, - * unsigned char *src, SilcUInt32 src_len, - * unsigned char *dst, SilcUInt32 dst_size, - * SilcUInt32 *dst_len); + * SilcAsyncOperation silc_pkcs_encrypt(SilcPublicKey public_key, + * unsigned char *src, + * SilcUInt32 src_len, SilcRng rng, + * SilcPKCSEncryptCb encrypt_cb, + * void *context); * * DESCRIPTION * - * Encrypts with the public key. Returns FALSE on error. + * Encrypts with the public key. The `encrypt_cb' will be called to + * deliver the encrypted data. The encryption operation may be asynchronous + * if the `public_key' is accelerated public key. If this returns NULL + * the asynchronous operation cannot be controlled. * ***/ -SilcBool silc_pkcs_encrypt(SilcPublicKey public_key, - unsigned char *src, SilcUInt32 src_len, - unsigned char *dst, SilcUInt32 dst_size, - SilcUInt32 *dst_len); +SilcAsyncOperation silc_pkcs_encrypt(SilcPublicKey public_key, + unsigned char *src, + SilcUInt32 src_len, SilcRng rng, + SilcPKCSEncryptCb encrypt_cb, + void *context); /****f* silccrypt/SilcPKCSAPI/silc_pkcs_decrypt * * SYNOPSIS * - * SilcBool silc_pkcs_decrypt(SilcPrivateKey private_key, - * unsigned char *src, SilcUInt32 src_len, - * unsigned char *dst, SilcUInt32 dst_size, - * SilcUInt32 *dst_len); + * SilcAsyncOperation silc_pkcs_decrypt(SilcPrivateKey private_key, + * unsigned char *src, + * SilcUInt32 src_len, + * SilcPKCSDecryptCb decrypt_cb, + * void *context); * * DESCRIPTION * - * Decrypts with the private key. Returns FALSE on error. + * Decrypts with the private key. The `decrypt_cb' will be called to + * deliver the decrypted data. The decryption operation may be asynchronous + * if the `private_key' is accelerated private key. If this returns NULL + * the asynchronous operation cannot be controlled. * ***/ -SilcBool silc_pkcs_decrypt(SilcPrivateKey private_key, - unsigned char *src, SilcUInt32 src_len, - unsigned char *dst, SilcUInt32 dst_size, - SilcUInt32 *dst_len); +SilcAsyncOperation silc_pkcs_decrypt(SilcPrivateKey private_key, + unsigned char *src, SilcUInt32 src_len, + SilcPKCSDecryptCb decrypt_cb, + void *context); /****f* silccrypt/SilcPKCSAPI/silc_pkcs_sign * * SYNOPSIS * - * SilcBool silc_pkcs_sign(SilcPrivateKey private_key, - * unsigned char *src, SilcUInt32 src_len, - * unsigned char *dst, SilcUInt32 dst_size, - * SilcUInt32 *dst_len, SilcHash hash); + * SilcAsyncOperation silc_pkcs_sign(SilcPrivateKey private_key, + * unsigned char *src, + * SilcUInt32 src_len, + * SilcBool compute_hash, + * SilcHash hash, + * SilcRng rng, + * SilcPKCSSignCb sign_cb, + * void *context); * * DESCRIPTION * - * Generates signature with the private key. Returns FALSE on error. - * If `hash' is non-NULL the `src' will be hashed before signing. + * Computes signature with the private key. The `sign_cb' will be called + * to deliver the signature data. If `compute_hash' is TRUE the `hash' + * will be used to compute a message digest over the `src'. The `hash' + * must always be valid. The `rng' should always be provided. The + * signature operation may be asynchronous if the `private_key' is + * accelerated private key. If this returns NULL the asynchronous + * operation cannot be controlled. * ***/ -SilcBool silc_pkcs_sign(SilcPrivateKey private_key, - unsigned char *src, SilcUInt32 src_len, - unsigned char *dst, SilcUInt32 dst_size, - SilcUInt32 *dst_len, SilcHash hash); +SilcAsyncOperation silc_pkcs_sign(SilcPrivateKey private_key, + unsigned char *src, + SilcUInt32 src_len, + SilcBool compute_hash, + SilcHash hash, + SilcRng rng, + SilcPKCSSignCb sign_cb, + void *context); /****f* silccrypt/SilcPKCSAPI/silc_pkcs_verify * * SYNOPSIS * - * SilcBool silc_pkcs_verify(SilcPublicKey public_key, - * unsigned char *signature, - * SilcUInt32 signature_len, - * unsigned char *data, - * SilcUInt32 data_len, SilcHash hash); + * SilcAsyncOperation silc_pkcs_verify(SilcPublicKey public_key, + * unsigned char *signature, + * SilcUInt32 signature_len, + * unsigned char *data, + * SilcUInt32 data_len, + * SilcHash hash, + * SilcPKCSVerifyCb verify_cb, + * void *context); * * DESCRIPTION * - * Verifies signature. Returns FALSE on error. The 'signature' is - * verified against the 'data'. If the `hash' is non-NULL then the `data' - * will hashed before verification. If the `hash' is NULL, then the - * hash algorithm to be used is retrieved from the signature. If it - * isn't present in the signature the verification is done as is without - * hashing. + * Verifies signature. The `verify_cb' will be called to deliver the + * result of the verification process. The 'signature' is verified against + * the 'data'. If the `hash' is non-NULL then the `data' will hashed + * before verification. If the `hash' is NULL, then the hash algorithm + * to be used is retrieved from the signature. If it isn't present in the + * signature the verification is done as is without hashing. The `rng' + * is usually not needed and may be NULL. If this returns NULL the + * asynchronous operation cannot be controlled. * ***/ -SilcBool silc_pkcs_verify(SilcPublicKey public_key, - unsigned char *signature, - SilcUInt32 signature_len, - unsigned char *data, - SilcUInt32 data_len, SilcHash hash); +SilcAsyncOperation silc_pkcs_verify(SilcPublicKey public_key, + unsigned char *signature, + SilcUInt32 signature_len, + unsigned char *data, + SilcUInt32 data_len, + SilcHash hash, + SilcPKCSVerifyCb verify_cb, + void *context); /****f* silccrypt/SilcPKCSAPI/silc_pkcs_load_public_key * * SYNOPSIS * * SilcBool silc_pkcs_load_public_key(const char *filename, + * SilcPKCSType type, * SilcPublicKey *ret_public_key); * * DESCRIPTION * * Loads public key from file and allocates new public key. Returns TRUE - * if loading was successful. + * if loading was successful. If `type' is SILC_PKSC_ANY this attempts + * to automatically detect the public key type. If `type' is some other + * PKCS type, the key is expected to be of that type. * ***/ SilcBool silc_pkcs_load_public_key(const char *filename, + SilcPKCSType type, SilcPublicKey *ret_public_key); /****f* silccrypt/SilcPKCSAPI/silc_pkcs_save_public_key @@ -760,18 +748,23 @@ SilcBool silc_pkcs_save_public_key(const char *filename, * SilcBool silc_pkcs_load_private_key(const char *filename, * const unsigned char *passphrase, * SilcUInt32 passphrase_len, + * SilcPKCSType type, * SilcPrivateKey *ret_private_key); * * DESCRIPTION * * Loads private key from file and allocates new private key. Returns TRUE * if loading was successful. The `passphrase' is used as decryption - * key of the private key file, in case it is encrypted. + * key of the private key file, in case it is encrypted. If `type' is + * SILC_PKSC_ANY this attempts to automatically detect the private key type. + * If `type' is some other PKCS type, the key is expected to be of that + * type. * ***/ SilcBool silc_pkcs_load_private_key(const char *filename, const unsigned char *passphrase, SilcUInt32 passphrase_len, + SilcPKCSType type, SilcPrivateKey *ret_private_key); /****f* silccrypt/SilcPKCSAPI/silc_pkcs_save_private_key @@ -799,4 +792,34 @@ SilcBool silc_pkcs_save_private_key(const char *filename, SilcPKCSFileEncoding encoding, SilcRng rng); +/****f* silccrypt/SilcPKCSAPI/silc_hash_public_key + * + * SYNOPSIS + * + * SilcUInt32 silc_hash_public_key(void *key, void *user_context); + * + * DESCRIPTION + * + * An utility function for hashing public key for SilcHashTable. Give + * this as argument as the hash function for SilcHashTable. + * + ***/ +SilcUInt32 silc_hash_public_key(void *key, void *user_context); + +/****f* silccrypt/SilcPKCSAPI/silc_hash_public_key_compare + * + * SYNOPSIS + * + * SilcBool silc_hash_public_key_compare(void *key1, void *key2, + * void *user_context); + * + * DESCRIPTION + * + * An utility function for comparing public keys for SilcHashTable. Give + * this as argument as the compare function for SilcHashTable. + * + ***/ +SilcBool silc_hash_public_key_compare(void *key1, void *key2, + void *user_context); + #endif /* !SILCPKCS_H */