X-Git-Url: http://git.silcnet.org/gitweb/?a=blobdiff_plain;f=lib%2Fsilccrypt%2Fsilcpkcs.h;h=eeaa240586c1a6878d280ba68fca094b2c778c68;hb=40f8443d8d3a6577336ee66d18e04d9ac4d956bb;hp=f954542499ebb7261d077db5081cc2ccad0577f1;hpb=413da0f8686910f5e627393157566ae729ca99c4;p=silc.git diff --git a/lib/silccrypt/silcpkcs.h b/lib/silccrypt/silcpkcs.h index f9545424..eeaa2405 100644 --- a/lib/silccrypt/silcpkcs.h +++ b/lib/silccrypt/silcpkcs.h @@ -1,10 +1,10 @@ /* - silcpkcs.h + silcpkcs.h Author: Pekka Riikonen - Copyright (C) 1997 - 2002 Pekka Riikonen + Copyright (C) 1997 - 2005 Pekka Riikonen This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -53,10 +53,33 @@ ***/ typedef struct SilcPKCSStruct *SilcPKCS; +/****d* silccrypt/SilcPKCSAPI/SilcPKCSType + * + * NAME + * + * typedef enum { ... } SilcPKCSType + * + * DESCRIPTION + * + * Public key cryptosystem types. These are defined by the SILC + * Key Exchange protocol. + * + * SOURCE + */ +typedef enum { + SILC_PKCS_SILC = 1, /* SILC PKCS (mandatory) */ + SILC_PKCS_SSH2 = 2, /* SSH2 PKCS (not supported) */ + SILC_PKCS_X509V3 = 3, /* X.509v3 PKCS (not supported) */ + SILC_PKCS_OPENPGP = 4, /* OpenPGP PKCS (not supported) */ + SILC_PKCS_SPKI = 5, /* SPKI PKCS (not supported) */ +} SilcPKCSType; +/***/ + /* The default SILC PKCS (Public Key Cryptosystem) object to represent any PKCS in SILC. */ typedef struct SilcPKCSObjectStruct { char *name; + SilcPKCSType type; int (*init)(void *, SilcUInt32, SilcRng); void (*clear_keys)(void *); unsigned char *(*get_public_key)(void *, SilcUInt32 *); @@ -243,7 +266,7 @@ int silc_##pkcs##_verify(void *context, \ * * SYNOPSIS * - * bool silc_pkcs_register(const SilcPKCSObject *pkcs); + * SilcBool silc_pkcs_register(const SilcPKCSObject *pkcs); * * DESCRIPTION * @@ -256,26 +279,26 @@ int silc_##pkcs##_verify(void *context, \ * builtin the sources. Returns FALSE on error. * ***/ -bool silc_pkcs_register(const SilcPKCSObject *pkcs); +SilcBool silc_pkcs_register(const SilcPKCSObject *pkcs); /****f* silccrypt/SilcPKCSAPI/silc_pkcs_unregister * * SYNOPSIS * - * bool silc_pkcs_unregister(SilcPKCSObject *pkcs); + * SilcBool silc_pkcs_unregister(SilcPKCSObject *pkcs); * * DESCRIPTION * * Unregister a PKCS from the SILC. Returns FALSE on error. * ***/ -bool silc_pkcs_unregister(SilcPKCSObject *pkcs); +SilcBool silc_pkcs_unregister(SilcPKCSObject *pkcs); /****f* silccrypt/SilcPKCSAPI/silc_pkcs_register_default * * SYNOPSIS * - * bool silc_pkcs_register_default(void); + * SilcBool silc_pkcs_register_default(void); * * DESCRIPTION * @@ -284,26 +307,27 @@ bool silc_pkcs_unregister(SilcPKCSObject *pkcs); * order is not wanted. Returns FALSE on error. * ***/ -bool silc_pkcs_register_default(void); +SilcBool silc_pkcs_register_default(void); /****f* silccrypt/SilcPKCSAPI/silc_pkcs_unregister_all * * SYNOPSIS * - * bool silc_pkcs_unregister_all(void); + * SilcBool silc_pkcs_unregister_all(void); * * DESCRIPTION * * Returns FALSE on error. * ***/ -bool silc_pkcs_unregister_all(void); +SilcBool silc_pkcs_unregister_all(void); /****f* silccrypt/SilcPKCSAPI/silc_pkcs_alloc * * SYNOPSIS * - * bool silc_pkcs_alloc(const unsigned char *name, SilcPKCS *new_pkcs); + * SilcBool silc_pkcs_alloc(const unsigned char *name, + * SilcPKCSType type, SilcPKCS *new_pkcs); * * DESCRIPTION * @@ -311,7 +335,8 @@ bool silc_pkcs_unregister_all(void); * to the 'new_pkcs' argument. Returns FALSE on error. * ***/ -bool silc_pkcs_alloc(const unsigned char *name, SilcPKCS *new_pkcs); +SilcBool silc_pkcs_alloc(const unsigned char *name, + SilcPKCSType type, SilcPKCS *new_pkcs); /****f* silccrypt/SilcPKCSAPI/silc_pkcs_free * @@ -330,14 +355,14 @@ void silc_pkcs_free(SilcPKCS pkcs); * * SYNOPSIS * - * bool silc_pkcs_is_supported(const unsigned char *name); + * SilcBool silc_pkcs_is_supported(const unsigned char *name); * * DESCRIPTION * * Returns TRUE if PKCS algorithm `name' is supported. * ***/ -bool silc_pkcs_is_supported(const unsigned char *name); +SilcBool silc_pkcs_is_supported(const unsigned char *name); /****f* silccrypt/SilcPKCSAPI/silc_pkcs_get_supported * @@ -356,16 +381,17 @@ char *silc_pkcs_get_supported(void); * * SYNOPSIS * - * bool silc_pkcs_generate_key(SilcPKCS pkcs, SilcUInt32 bits_key_len, + * SilcBool silc_pkcs_generate_key(SilcPKCS pkcs, SilcUInt32 bits_key_len, * SilcRng rng); * * DESCRIPTION * * Generate new key pair into the `pkcs' context. Returns FALSE on error. + * If the `rng' is NULL global SILC RNG will be used. * ***/ -bool silc_pkcs_generate_key(SilcPKCS pkcs, SilcUInt32 bits_key_len, - SilcRng rng); +SilcBool silc_pkcs_generate_key(SilcPKCS pkcs, SilcUInt32 bits_key_len, + SilcRng rng); /****f* silccrypt/SilcPKCSAPI/silc_pkcs_get_key_len * @@ -375,7 +401,7 @@ bool silc_pkcs_generate_key(SilcPKCS pkcs, SilcUInt32 bits_key_len, * * DESCRIPTION * - * Returns the length of the key. + * Returns the length of the key in bits. * ***/ SilcUInt32 silc_pkcs_get_key_len(SilcPKCS self); @@ -401,8 +427,9 @@ const char *silc_pkcs_get_name(SilcPKCS pkcs); * * DESCRIPTION * - * Returns SILC style public key. The caller must free the returned - * data. + * Returns SILC style public key for the PKCS. Note that this is not + * the SILC Public Key, but the raw public key data from the PKCS. + * The caller must free the returned data. * ***/ unsigned char *silc_pkcs_get_public_key(SilcPKCS pkcs, SilcUInt32 *len); @@ -416,8 +443,9 @@ unsigned char *silc_pkcs_get_public_key(SilcPKCS pkcs, SilcUInt32 *len); * * DESCRIPTION * - * Returns SILC style private key. The caller must free the returned - * data and SHOULD zero the memory area before freeing. + * Returns SILC style private key. Note that this is not SilcPrivateKey + * but the raw private key bits from the PKCS. The caller must free the + * returned data and SHOULD zero the memory area before freeing. * ***/ unsigned char *silc_pkcs_get_private_key(SilcPKCS pkcs, SilcUInt32 *len); @@ -431,7 +459,8 @@ unsigned char *silc_pkcs_get_private_key(SilcPKCS pkcs, SilcUInt32 *len); * * DESCRIPTION * - * Sets public key from SilcPublicKey. Returns the length of the key. + * Sets public key from SilcPublicKey. Returns the length of the key in + * bits. * ***/ SilcUInt32 silc_pkcs_public_key_set(SilcPKCS pkcs, SilcPublicKey public_key); @@ -461,10 +490,12 @@ SilcUInt32 silc_pkcs_public_key_data_set(SilcPKCS pkcs, unsigned char *pk, * * DESCRIPTION * - * Sets private key from SilcPrivateKey. Returns the length of the key. + * Sets private key from SilcPrivateKey. Returns the length of the key + * in bits. * ***/ -SilcUInt32 silc_pkcs_private_key_set(SilcPKCS pkcs, SilcPrivateKey private_key); +SilcUInt32 silc_pkcs_private_key_set(SilcPKCS pkcs, + SilcPrivateKey private_key); /****f* silccrypt/SilcPKCSAPI/silc_pkcs_private_key_data_set * @@ -486,7 +517,7 @@ SilcUInt32 silc_pkcs_private_key_data_set(SilcPKCS pkcs, unsigned char *prv, * * SYNOPSIS * - * bool silc_pkcs_encrypt(SilcPKCS pkcs, unsigned char *src, + * SilcBool silc_pkcs_encrypt(SilcPKCS pkcs, unsigned char *src, * SilcUInt32 src_len, unsigned char *dst, * SilcUInt32 *dst_len); * @@ -495,14 +526,15 @@ SilcUInt32 silc_pkcs_private_key_data_set(SilcPKCS pkcs, unsigned char *prv, * Encrypts. Returns FALSE on error. * ***/ -bool silc_pkcs_encrypt(SilcPKCS pkcs, unsigned char *src, SilcUInt32 src_len, - unsigned char *dst, SilcUInt32 *dst_len); +SilcBool silc_pkcs_encrypt(SilcPKCS pkcs, unsigned char *src, + SilcUInt32 src_len, + unsigned char *dst, SilcUInt32 *dst_len); /****f* silccrypt/SilcPKCSAPI/silc_pkcs_decrypt * * SYNOPSIS * - * bool silc_pkcs_decrypt(SilcPKCS pkcs, unsigned char *src, + * SilcBool silc_pkcs_decrypt(SilcPKCS pkcs, unsigned char *src, * SilcUInt32 src_len, unsigned char *dst, * SilcUInt32 *dst_len); * @@ -511,14 +543,15 @@ bool silc_pkcs_encrypt(SilcPKCS pkcs, unsigned char *src, SilcUInt32 src_len, * Decrypts. Returns FALSE on error. * ***/ -bool silc_pkcs_decrypt(SilcPKCS pkcs, unsigned char *src, SilcUInt32 src_len, - unsigned char *dst, SilcUInt32 *dst_len); +SilcBool silc_pkcs_decrypt(SilcPKCS pkcs, unsigned char *src, + SilcUInt32 src_len, + unsigned char *dst, SilcUInt32 *dst_len); /****f* silccrypt/SilcPKCSAPI/silc_pkcs_sign * * SYNOPSIS * - * bool silc_pkcs_sign(SilcPKCS pkcs, unsigned char *src, + * SilcBool silc_pkcs_sign(SilcPKCS pkcs, unsigned char *src, * SilcUInt32 src_len, unsigned char *dst, * SilcUInt32 *dst_len); * @@ -527,31 +560,32 @@ bool silc_pkcs_decrypt(SilcPKCS pkcs, unsigned char *src, SilcUInt32 src_len, * Generates signature. Returns FALSE on error. * ***/ -bool silc_pkcs_sign(SilcPKCS pkcs, unsigned char *src, SilcUInt32 src_len, - unsigned char *dst, SilcUInt32 *dst_len); +SilcBool silc_pkcs_sign(SilcPKCS pkcs, unsigned char *src, SilcUInt32 src_len, + unsigned char *dst, SilcUInt32 *dst_len); /****f* silccrypt/SilcPKCSAPI/silc_pkcs_verify * * SYNOPSIS * - * bool silc_pkcs_verify(SilcPKCS pkcs, unsigned char *signature, + * SilcBool silc_pkcs_verify(SilcPKCS pkcs, unsigned char *signature, * SilcUInt32 signature_len, unsigned char *data, * SilcUInt32 data_len); * * DESCRIPTION * - * Verifies signature. Returns FALSE on error. + * Verifies signature. Returns FALSE on error. The 'signature' is + * verified against the 'data'. * ***/ -bool silc_pkcs_verify(SilcPKCS pkcs, unsigned char *signature, - SilcUInt32 signature_len, unsigned char *data, - SilcUInt32 data_len); +SilcBool silc_pkcs_verify(SilcPKCS pkcs, unsigned char *signature, + SilcUInt32 signature_len, unsigned char *data, + SilcUInt32 data_len); /****f* silccrypt/SilcPKCSAPI/silc_pkcs_sign_with_hash * * SYNOPSIS * - * bool silc_pkcs_sign_with_hash(SilcPKCS pkcs, SilcHash hash, + * SilcBool silc_pkcs_sign_with_hash(SilcPKCS pkcs, SilcHash hash, * unsigned char *src, SilcUInt32 src_len, * unsigned char *dst, SilcUInt32 *dst_len); * @@ -561,15 +595,15 @@ bool silc_pkcs_verify(SilcPKCS pkcs, unsigned char *signature, * error. * ***/ -bool silc_pkcs_sign_with_hash(SilcPKCS pkcs, SilcHash hash, - unsigned char *src, SilcUInt32 src_len, - unsigned char *dst, SilcUInt32 *dst_len); +SilcBool silc_pkcs_sign_with_hash(SilcPKCS pkcs, SilcHash hash, + unsigned char *src, SilcUInt32 src_len, + unsigned char *dst, SilcUInt32 *dst_len); /****f* silccrypt/SilcPKCSAPI/silc_pkcs_verify_with_hash * * SYNOPSIS * - * bool silc_pkcs_verify_with_hash(SilcPKCS pkcs, SilcHash hash, + * SilcBool silc_pkcs_verify_with_hash(SilcPKCS pkcs, SilcHash hash, * unsigned char *signature, * SilcUInt32 signature_len, * unsigned char *data, @@ -581,11 +615,11 @@ bool silc_pkcs_sign_with_hash(SilcPKCS pkcs, SilcHash hash, * the `signature'. Returns FALSE on error. * ***/ -bool silc_pkcs_verify_with_hash(SilcPKCS pkcs, SilcHash hash, - unsigned char *signature, - SilcUInt32 signature_len, - unsigned char *data, - SilcUInt32 data_len); +SilcBool silc_pkcs_verify_with_hash(SilcPKCS pkcs, SilcHash hash, + unsigned char *signature, + SilcUInt32 signature_len, + unsigned char *data, + SilcUInt32 data_len); /****f* silccrypt/SilcPKCSAPI/silc_pkcs_encode_identifier * @@ -644,8 +678,11 @@ void silc_pkcs_free_identifier(SilcPublicKeyIdentifier identifier); * * DESCRIPTION * - * Allocates SILC style public key formed from sent arguments. All data - * is duplicated. + * Allocates SILC style public key formed from sent arguments. The + * 'name' is the algorithm (PKCS) name, the 'identifier' is the public + * key identifier generated with silc_pkcs_encode_identifier, and the + * 'pk' and 'pk_len' are the raw public key data returned for example + * by silc_pkcs_get_public_key. * ***/ SilcPublicKey silc_pkcs_public_key_alloc(const char *name, @@ -661,7 +698,7 @@ SilcPublicKey silc_pkcs_public_key_alloc(const char *name, * * DESCRIPTION * - * Frees public key. + * Frees public key and all data in it. * ***/ void silc_pkcs_public_key_free(SilcPublicKey public_key); @@ -676,8 +713,9 @@ void silc_pkcs_public_key_free(SilcPublicKey public_key); * * DESCRIPTION * - * Allocates SILC private key formed from sent arguments. All data is - * duplicated. + * Allocates SILC private key formed from sent arguments. The 'name' + * is the algorithm name, and the 'prv' and 'prv_len' are the raw + * private key bits returned by silc_pkcs_get_private_key. * ***/ SilcPrivateKey silc_pkcs_private_key_alloc(const char *name, @@ -692,7 +730,8 @@ SilcPrivateKey silc_pkcs_private_key_alloc(const char *name, * * DESCRIPTION * - * Frees private key. + * Frees private key and all data in it. The private key is zeroed + * before it is freed. * ***/ void silc_pkcs_private_key_free(SilcPrivateKey private_key); @@ -736,7 +775,7 @@ silc_pkcs_public_key_data_encode(unsigned char *pk, SilcUInt32 pk_len, * * SYNOPSIS * - * bool silc_pkcs_public_key_decode(unsigned char *data, + * SilcBool silc_pkcs_public_key_decode(unsigned char *data, * SilcUInt32 data_len, * SilcPublicKey *public_key); * @@ -746,14 +785,14 @@ silc_pkcs_public_key_data_encode(unsigned char *pk, SilcUInt32 pk_len, * successful. Allocates new public key as well. * ***/ -bool silc_pkcs_public_key_decode(unsigned char *data, SilcUInt32 data_len, +SilcBool silc_pkcs_public_key_decode(unsigned char *data, SilcUInt32 data_len, SilcPublicKey *public_key); /****f* silccrypt/SilcPKCSAPI/silc_pkcs_public_key_payload_encode * * SYNOPSIS * - * bool silc_pkcs_public_key_payload_encode(SilcPublicKey public_key); + * SilcBool silc_pkcs_public_key_payload_encode(SilcPublicKey public_key); * * DESCRIPTION * @@ -768,7 +807,7 @@ SilcBuffer silc_pkcs_public_key_payload_encode(SilcPublicKey public_key); * * SYNOPSIS * - * bool silc_pkcs_public_key_payload_decode(unsigned char *data, + * SilcBool silc_pkcs_public_key_payload_decode(unsigned char *data, * SilcUInt32 data_len, * SilcPublicKey *public_key); * @@ -779,7 +818,7 @@ SilcBuffer silc_pkcs_public_key_payload_encode(SilcPublicKey public_key); * cannot be decoded. * ***/ -bool silc_pkcs_public_key_payload_decode(unsigned char *data, +SilcBool silc_pkcs_public_key_payload_decode(unsigned char *data, SilcUInt32 data_len, SilcPublicKey *public_key); @@ -787,7 +826,7 @@ bool silc_pkcs_public_key_payload_decode(unsigned char *data, * * SYNOPSIS * - * bool silc_pkcs_public_key_compare(SilcPublicKey key1, + * SilcBool silc_pkcs_public_key_compare(SilcPublicKey key1, * SilcPublicKey key2); * * DESCRIPTION @@ -796,7 +835,7 @@ bool silc_pkcs_public_key_payload_decode(unsigned char *data, * FALSE if they are not same. * ***/ -bool silc_pkcs_public_key_compare(SilcPublicKey key1, SilcPublicKey key2); +SilcBool silc_pkcs_public_key_compare(SilcPublicKey key1, SilcPublicKey key2); /****f* silccrypt/SilcPKCSAPI/silc_pkcs_public_key_copy * @@ -849,7 +888,7 @@ silc_pkcs_private_key_data_encode(unsigned char *prv, SilcUInt32 prv_len, * * SYNOPSIS * - * bool silc_pkcs_private_key_decode(unsigned char *data, + * SilcBool silc_pkcs_private_key_decode(unsigned char *data, * SilcUInt32 data_len, * SilcPrivateKey *private_key); * @@ -859,14 +898,14 @@ silc_pkcs_private_key_data_encode(unsigned char *prv, SilcUInt32 prv_len, * successful. Allocates new private key as well. * ***/ -bool silc_pkcs_private_key_decode(unsigned char *data, SilcUInt32 data_len, +SilcBool silc_pkcs_private_key_decode(unsigned char *data, SilcUInt32 data_len, SilcPrivateKey *private_key); /****f* silccrypt/SilcPKCSAPI/silc_pkcs_save_public_key * * SYNOPSIS * - * bool silc_pkcs_save_public_key(const char *filename, + * SilcBool silc_pkcs_save_public_key(const char *filename, * SilcPublicKey public_key, * SilcUInt32 encoding); * @@ -875,14 +914,14 @@ bool silc_pkcs_private_key_decode(unsigned char *data, SilcUInt32 data_len, * Saves public key into file. Returns FALSE on error. * ***/ -bool silc_pkcs_save_public_key(const char *filename, SilcPublicKey public_key, +SilcBool silc_pkcs_save_public_key(const char *filename, SilcPublicKey public_key, SilcUInt32 encoding); /****f* silccrypt/SilcPKCSAPI/silc_pkcs_save_public_key_data * * SYNOPSIS * - * bool silc_pkcs_save_public_key_data(const char *filename, + * SilcBool silc_pkcs_save_public_key_data(const char *filename, * unsigned char *data, * SilcUInt32 data_len, * SilcUInt32 encoding); @@ -893,14 +932,14 @@ bool silc_pkcs_save_public_key(const char *filename, SilcPublicKey public_key, * data when calling this function. Returns FALSE on error. * ***/ -bool silc_pkcs_save_public_key_data(const char *filename, unsigned char *data, +SilcBool silc_pkcs_save_public_key_data(const char *filename, unsigned char *data, SilcUInt32 data_len, SilcUInt32 encoding); /****f* silccrypt/SilcPKCSAPI/silc_pkcs_save_private_key * * SYNOPSIS * - * bool silc_pkcs_save_private_key(const char *filename, + * SilcBool silc_pkcs_save_private_key(const char *filename, * SilcPrivateKey private_key, * unsigned char *passphrase, * SilcUInt32 passphrase_len, @@ -913,7 +952,7 @@ bool silc_pkcs_save_public_key_data(const char *filename, unsigned char *data, * is AES with 256 bit key in CBC mode. Returns FALSE on error. * ***/ -bool silc_pkcs_save_private_key(const char *filename, +SilcBool silc_pkcs_save_private_key(const char *filename, SilcPrivateKey private_key, unsigned char *passphrase, SilcUInt32 passphrase_len, @@ -923,7 +962,7 @@ bool silc_pkcs_save_private_key(const char *filename, * * SYNOPSIS * - * bool silc_pkcs_load_public_key(const char *filename, + * SilcBool silc_pkcs_load_public_key(const char *filename, * SilcPublicKey *public_key, * SilcUInt32 encoding); * @@ -933,14 +972,14 @@ bool silc_pkcs_save_private_key(const char *filename, * if loading was successful. * ***/ -bool silc_pkcs_load_public_key(const char *filename, SilcPublicKey *public_key, +SilcBool silc_pkcs_load_public_key(const char *filename, SilcPublicKey *public_key, SilcUInt32 encoding); /****f* silccrypt/SilcPKCSAPI/silc_pkcs_load_private_key * * SYNOPSIS * - * bool silc_pkcs_load_private_key(const char *filename, + * SilcBool silc_pkcs_load_private_key(const char *filename, * SilcPrivateKey *private_key, * unsigned char *passphrase, * SilcUInt32 passphrase_len, @@ -953,7 +992,7 @@ bool silc_pkcs_load_public_key(const char *filename, SilcPublicKey *public_key, * key of the private key file. * ***/ -bool silc_pkcs_load_private_key(const char *filename, +SilcBool silc_pkcs_load_private_key(const char *filename, SilcPrivateKey *private_key, unsigned char *passphrase, SilcUInt32 passphrase_len,