Author: Pekka Riikonen <priikone@silcnet.org>
- Copyright (C) 2005 Pekka Riikonen
+ Copyright (C) 2005 - 2008 Pekka Riikonen
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
*/
-/****h* silcskr/SILC Key Repository
+/****h* silcskr/Key Manager and Repository
*
* DESCRIPTION
*
- * SILC Key Repository
+ * SILC Key manager and repository is a generic public key and certificate
+ * manager which allows fast and versatile ways to store, retrieve and
+ * validate public keys and certificates.
*
* SILC Key Repository is thread safe. Same key repository context can be
* safely used in multi threaded environment.
#ifndef SILCSKR_H
#define SILCSKR_H
-/****s* silcskr/SilcSKRAPI/SilcSKR
+/****s* silcskr/SilcSKR
*
* NAME
*
***/
typedef struct SilcSKRObject *SilcSKR, SilcSKRStruct;
-/****s* silcskr/SilcSKRAPI/SilcSKRFind
+/****s* silcskr/SilcSKRFind
*
* NAME
*
***/
typedef struct SilcSKRFindStruct *SilcSKRFind;
-/****d* silcskr/SilcSKRAPI/SilcSKRKeyUsage
+/****d* silcskr/SilcSKRKeyUsage
*
* NAME
*
*
* Indicates the usage of the key. Keys can be added for different
* reasons and for different purpose to the repository. SilcSKRKeyUsage
- * indicates what for the key exists in the repository. The default
+ * indicates for what reason the key exists in the repository. The default
* usage is SILC_SKR_USAGE_ANY and allows any kind of usage for the key.
* If the usage should be limited then specific usage bitmask can be
* specified when adding the key. When searching keys from the
* SOURCE
*/
typedef enum {
- SILC_SKR_USAGE_ANY = 0x0000, /* Any usage */
- SILC_SKR_USAGE_AUTH = 0x0001, /* Signatures/verification */
- SILC_SKR_USAGE_ENC = 0x0002, /* Encryption/decryption */
- SILC_SKR_USAGE_KEY_AGREEMENT = 0x0004, /* Key agreement protocol */
- SILC_SKR_USAGE_IDENTIFICATION = 0x0008, /* Identifying key owner */
+ SILC_SKR_USAGE_ANY = 0x0000, /* Any usage */
+ SILC_SKR_USAGE_AUTH = 0x0001, /* Signatures/verification */
+ SILC_SKR_USAGE_ENC = 0x0002, /* Encryption/decryption */
+ SILC_SKR_USAGE_KEY_AGREEMENT = 0x0004, /* Key agreement protocol */
+ SILC_SKR_USAGE_IDENTIFICATION = 0x0008, /* Identifying key owner */
+ SILC_SKR_USAGE_SERVICE_AUTHORIZATION = 0x0010, /* Service authorization */
+
+ /* From 0x0100 reserved for private/application use. */
} SilcSKRKeyUsage;
/***/
-/****s* silcskr/SilcSKRAPI/SilcSKRKey
+/****s* silcskr/SilcSKRKey
*
* NAME
*
} *SilcSKRKey;
/***/
-/****d* silcskr/SilcSKRAPI/SilcSKRStatus
- *
- * NAME
- *
- * typedef enum { ... } SilcSKRStatus;
- *
- * DESCRIPTION
- *
- * Indicates the status of the key repository procedures. This is
- * returned to SilcSKRFindCallback function to indicate the status
- * of the finding. This is a bitmask, and more than one status may
- * be set at one time.
- *
- * If there are no errors only SILC_SKR_OK is set. If error occurred
- * then at least SILC_SKR_ERROR is set, and possibly other error
- * status also.
- *
- * SOURCE
- */
-typedef enum {
- SILC_SKR_OK = 0x00000001, /* All is Ok */
- SILC_SKR_ERROR = 0x00000002, /* Generic error status */
- SILC_SKR_ALREADY_EXIST = 0x00000004, /* Key already exist */
- SILC_SKR_NOT_FOUND = 0x00000008, /* No keys were found */
- SILC_SKR_NO_MEMORY = 0x00000010, /* System out of memory */
- SILC_SKR_UNSUPPORTED_TYPE = 0x00000020, /* Unsupported PKCS type */
-} SilcSKRStatus;
-/***/
-
-/****f* silcskr/SilcSKRAPI/SilcSKRFindCallback
+/****f* silcskr/SilcSKRFindCallback
*
* SYNOPSIS
*
* typedef void (*SilcSKRFindCallback)(SilcSKR skr, SilcSKRFind find,
- * SilcSKRStatus status,
- * SilcDList keys, void *context);
+ * SilcResult status, SilcDList keys,
+ * void *context);
*
* DESCRIPTION
*
*
***/
typedef void (*SilcSKRFindCallback)(SilcSKR skr, SilcSKRFind find,
- SilcSKRStatus status,
- SilcDList keys, void *context);
+ SilcResult status, SilcDList keys,
+ void *context);
-/****f* silcskr/SilcSKRAPI/silc_skr_alloc
+/****f* silcskr/silc_skr_alloc
*
* SYNOPSIS
*
- * SilcSKR silc_skr_alloc(SilcSchedule scheduler);
+ * SilcSKR silc_skr_alloc(void);
*
* DESCRIPTION
*
* Allocates key repository context.
*
***/
-SilcSKR silc_skr_alloc(SilcSchedule scheduler);
+SilcSKR silc_skr_alloc(void);
-/****f* silcskr/SilcSKRAPI/silc_skr_free
+/****f* silcskr/silc_skr_free
*
* SYNOPSIS
*
***/
void silc_skr_free(SilcSKR skr);
-/****f* silcskr/SilcSKRAPI/silc_skr_init
+/****f* silcskr/silc_skr_init
*
* SYNOPSIS
*
- * SilcBool silc_skr_init(SilcSKR skr, SilcSchedule scheduler);
+ * SilcBool silc_skr_init(SilcSKR skr);
*
* DESCRIPTION
*
* argument. Returns FALSE if initialization failed.
*
***/
-SilcBool silc_skr_init(SilcSKR skr, SilcSchedule scheduler);
+SilcBool silc_skr_init(SilcSKR skr);
-/****f* silcskr/SilcSKRAPI/silc_skr_uninit
+/****f* silcskr/silc_skr_uninit
*
* SYNOPSIS
*
***/
void silc_skr_uninit(SilcSKR skr);
-/****f* silcskr/SilcSKRAPI/silc_skr_add_public_key
+/****f* silcskr/silc_skr_add_public_key
*
* SYNOPSIS
*
- * SilcSKRStatus silc_skr_add_public_key(SilcSKR skr,
- * SilcPublicKey public_key,
- * SilcSKRKeyUsage usage,
- * void *key_context);
+ * SilcResult silc_skr_add_public_key(SilcSKR skr,
+ * SilcPublicKey public_key,
+ * SilcSKRKeyUsage usage,
+ * void *key_context,
+ * SilcSKRKey *return_key);
*
* DESCRIPTION
*
* repository. To add same key more than once to repository different
* `key_context' must be used each time.
*
- * Returns SILC_SKR_OK if the key was added successfully, and error
+ * Returns an entry of the added public key in the repository to the
+ * `return_key' pointer, if it is non-NULL. The returned entry remains
+ * valid as long as the public key is in the repository, however a
+ * reference may be taken with silc_skr_ref_public_key to assure the
+ * entry remains valid.
+ *
+ * Returns SILC_OK if the key was added successfully, and error
* status if key could not be added, or has been added already.
*
* EXAMPLE
*
* // Add a key to repository
- * if (silc_skr_add_public_key(repository, public_key,
- * SILC_SKR_USAGE_ANY, NULL) != SILC_SKR_OK)
+ * if (silc_skr_add_public_key(repository, pubkey, SILC_SKR_USAGE_ANY,
+ * NULL, NULL) != SILC_OK)
* goto error;
*
***/
-SilcSKRStatus silc_skr_add_public_key(SilcSKR skr,
- SilcPublicKey public_key,
- SilcSKRKeyUsage usage,
- void *key_context);
+SilcResult silc_skr_add_public_key(SilcSKR skr,
+ SilcPublicKey public_key,
+ SilcSKRKeyUsage usage,
+ void *key_context,
+ SilcSKRKey *return_key);
-/****f* silcskr/SilcSKRAPI/silc_skr_add_public_key_simple
+/****f* silcskr/silc_skr_add_public_key_simple
*
* SYNOPSIS
*
- * SilcSKRStatus silc_skr_add_public_key_simple(SilcSKR skr,
- * SilcPublicKey public_key,
- * SilcSKRKeyUsage usage,
- * void *key_context);
+ * SilcResult silc_skr_add_public_key_simple(SilcSKR skr,
+ * SilcPublicKey public_key,
+ * SilcSKRKeyUsage usage,
+ * void *key_context,
+ * SilcSKRKey *return_key);
*
* DESCRIPTION
*
* key with as little memory as possible to the repository, and makes
* it a good way to cheaply store large amounts of public keys.
*
- * Returns SILC_SKR_OK if the key was added successfully, and error
+ * Returns an entry of the added public key in the repository to the
+ * `return_key' pointer, if it is non-NULL. The returned entry remains
+ * valid as long as the public key is in the repository, however a
+ * reference may be taken with silc_skr_ref_public_key to assure the
+ * entry remains valid.
+ *
+ * Returns SILC_OK if the key was added successfully, and error
* status if key could not be added, or has been added already.
*
***/
-SilcSKRStatus silc_skr_add_public_key_simple(SilcSKR skr,
- SilcPublicKey public_key,
- SilcSKRKeyUsage usage,
- void *key_context);
+SilcResult silc_skr_add_public_key_simple(SilcSKR skr,
+ SilcPublicKey public_key,
+ SilcSKRKeyUsage usage,
+ void *key_context,
+ SilcSKRKey *return_key);
+
+/****f* silcskr/silc_skr_del_public_key
+ *
+ * SYNOPSIS
+ *
+ * SilcResult silc_skr_del_public_key(SilcSKR skr,
+ * SilcPublicKey public_key,
+ * void *key_context);
+ *
+ * DESCRIPTION
+ *
+ * Removes and destroyes the public key from the repository. The
+ * public_key will become invalid after this call returns.
+ *
+ * Returns SILC_OK if the key was deleted successfully, and error
+ * status if key could not be deleted, or has been deleted already.
+ *
+ ***/
+SilcResult silc_skr_del_public_key(SilcSKR skr,
+ SilcPublicKey public_key,
+ void *key_context);
+
+/****f* silcskr/silc_skr_ref_public_key
+ *
+ * SYNOPSIS
+ *
+ * void silc_skr_ref_public_key(SilcSKR skr, SilcSKRKey key);
+ *
+ * DESCRIPTION
+ *
+ * Takes a reference of the public key added to repository indicated
+ * by `key'. The reference must be released by calling the function
+ * silc_skr_unref_public_key when it is not needed anymore.
+ *
+ ***/
+void silc_skr_ref_public_key(SilcSKR skr, SilcSKRKey key);
+
+/****f* silcskr/silc_skr_unref_public_key
+ *
+ * SYNOPSIS
+ *
+ * void silc_skr_unref_public_key(SilcSKR skr, SilcSKRKey key);
+ *
+ * DESCRIPTION
+ *
+ * Releases the reference of the public key added to the repository
+ * indicated by `key'. If the released reference is the last reference
+ * to the key it will become invalid after this function returns.
+ *
+ ***/
+void silc_skr_unref_public_key(SilcSKR skr, SilcSKRKey key);
-/****f* silcskr/SilcSKRAPI/silc_skr_find_alloc
+/****f* silcskr/silc_skr_find_alloc
*
* SYNOPSIS
*
***/
SilcSKRFind silc_skr_find_alloc(void);
-/****f* silcskr/SilcSKRAPI/silc_skr_find_free
+/****f* silcskr/silc_skr_find_free
*
* SYNOPSIS
*
***/
void silc_skr_find_free(SilcSKRFind find);
-/****f* silcskr/SilcSKRAPI/silc_skr_find_add_pkcs_type
+/****f* silcskr/silc_skr_find_add_pkcs_type
*
* SYNOPSIS
*
***/
SilcBool silc_skr_find_set_pkcs_type(SilcSKRFind find, SilcPKCSType type);
-/****f* silcskr/SilcSKRAPI/silc_skr_find_set_username
+/****f* silcskr/silc_skr_find_set_username
*
* SYNOPSIS
*
***/
SilcBool silc_skr_find_set_username(SilcSKRFind find, const char *username);
-/****f* silcskr/SilcSKRAPI/silc_skr_find_set_host
+/****f* silcskr/silc_skr_find_set_host
*
* SYNOPSIS
*
***/
SilcBool silc_skr_find_set_host(SilcSKRFind find, const char *host);
-/****f* silcskr/SilcSKRAPI/silc_skr_find_set_realname
+/****f* silcskr/silc_skr_find_set_realname
*
* SYNOPSIS
*
***/
SilcBool silc_skr_find_set_realname(SilcSKRFind find, const char *realname);
-/****f* silcskr/SilcSKRAPI/silc_skr_find_set_email
+/****f* silcskr/silc_skr_find_set_email
*
* SYNOPSIS
*
***/
SilcBool silc_skr_find_set_email(SilcSKRFind find, const char *email);
-/****f* silcskr/SilcSKRAPI/silc_skr_find_set_org
+/****f* silcskr/silc_skr_find_set_org
*
* SYNOPSIS
*
***/
SilcBool silc_skr_find_set_org(SilcSKRFind find, const char *org);
-/****f* silcskr/SilcSKRAPI/silc_skr_find_set_country
+/****f* silcskr/silc_skr_find_set_country
*
* SYNOPSIS
*
***/
SilcBool silc_skr_find_set_country(SilcSKRFind find, const char *country);
-/****f* silcskr/SilcSKRAPI/silc_skr_find_set_public_key
+/****f* silcskr/silc_skr_find_set_public_key
*
* SYNOPSIS
*
SilcBool silc_skr_find_set_public_key(SilcSKRFind find,
SilcPublicKey public_key);
-/****f* silcskr/SilcSKRAPI/silc_skr_find_set_public_key
+/****f* silcskr/silc_skr_find_set_context
*
* SYNOPSIS
*
***/
SilcBool silc_skr_find_set_context(SilcSKRFind find, void *context);
-/****f* silcskr/SilcSKRAPI/silc_skr_find_set_usage
+/****f* silcskr/silc_skr_find_set_usage
*
* SYNOPSIS
*
***/
SilcBool silc_skr_find_set_usage(SilcSKRFind find, SilcSKRKeyUsage usage);
-/****f* silcskr/SilcSKRAPI/silc_skr_find
+/****f* silcskr/silc_skr_find
*
* SYNOPSIS
*
- * SilcAsyncOperation silc_skr_find(SilcSKR skr, SilcSKRFind find,
+ * SilcAsyncOperation silc_skr_find(SilcSKR skr, SilcSchedule schedule,
+ * SilcSKRFind find,
* SilcSKRFindCallback callback,
* void *callback_context);
*
* to return found keys. If this returns NULL the finding was not
* asynchronous, and the `callback' has been called already.
*
+ * EXAMPLE
+ *
+ * SilcSKRFind find;
+ *
+ * // Find all SILC public keys originating from Finland
+ * find = silc_skr_find_alloc();
+ * silc_skr_find_set_pkcs_type(find, SILC_PKCS_SILC);
+ * silc_skr_find_set_country(find, "FI");
+ *
+ * // Find
+ * silc_skr_find(skr, schedule, find, find_callback, cb_context);
+ *
***/
-SilcAsyncOperation silc_skr_find(SilcSKR skr, SilcSKRFind find,
+SilcAsyncOperation silc_skr_find(SilcSKR skr, SilcSchedule schedule,
+ SilcSKRFind find,
SilcSKRFindCallback callback,
void *callback_context);