From: Pekka Riikonen Date: Sat, 21 Jul 2007 13:00:37 +0000 (+0000) Subject: Added RNG to PKCS API and PKCS Alg API. X-Git-Tag: 1.2.beta1~160 X-Git-Url: http://git.silcnet.org/gitweb/?p=crypto.git;a=commitdiff_plain;h=cec0db037b3c560a95bd43a7b39f27859ff3d014 Added RNG to PKCS API and PKCS Alg API. --- diff --git a/lib/silccrypt/Makefile.ad b/lib/silccrypt/Makefile.ad index 49fbb776..e4cb4950 100644 --- a/lib/silccrypt/Makefile.ad +++ b/lib/silccrypt/Makefile.ad @@ -35,11 +35,13 @@ libsilccrypt_la_SOURCES = \ md5.c \ $(SILC_AES_S) \ rsa.c \ + dsa.c \ sha1.c \ sha256.c \ twofish.c \ blowfish.c \ cast5.c \ + des.c \ silccrypto.c \ silccipher.c \ silchash.c \ diff --git a/lib/silccrypt/silcpk.c b/lib/silccrypt/silcpk.c index 939eeaaf..89ec4845 100644 --- a/lib/silccrypt/silcpk.c +++ b/lib/silccrypt/silcpk.c @@ -324,12 +324,12 @@ SILC_PKCS_IMPORT_PUBLIC_KEY_FILE(silc_pkcs_silc_import_public_key_file) /* Check start of file and remove header from the data. */ len = strlen(SILC_PKCS_PUBLIC_KEYFILE_BEGIN); if (filedata_len < len + strlen(SILC_PKCS_PUBLIC_KEYFILE_END)) { - SILC_LOG_ERROR(("Malformed SILC public key header")); + SILC_LOG_DEBUG(("Malformed SILC public key header")); return FALSE; } for (i = 0; i < len; i++) { if (*filedata != SILC_PKCS_PUBLIC_KEYFILE_BEGIN[i]) { - SILC_LOG_ERROR(("Malformed SILC public key header")); + SILC_LOG_DEBUG(("Malformed SILC public key header")); return FALSE; } filedata++; @@ -349,7 +349,7 @@ SILC_PKCS_IMPORT_PUBLIC_KEY_FILE(silc_pkcs_silc_import_public_key_file) break; } - ret = silc_pkcs_silc_import_public_key(pkcs, filedata, filedata_len, + ret = silc_pkcs_silc_import_public_key(pkcs, NULL, filedata, filedata_len, ret_public_key, ret_alg); silc_free(data); @@ -360,7 +360,6 @@ SILC_PKCS_IMPORT_PUBLIC_KEY_FILE(silc_pkcs_silc_import_public_key_file) SILC_PKCS_IMPORT_PUBLIC_KEY(silc_pkcs_silc_import_public_key) { - const SilcPKCSAlgorithm *alg; SilcBufferStruct buf, alg_key; SilcSILCPublicKey silc_pubkey = NULL; SilcAsn1 asn1 = NULL; @@ -846,12 +845,12 @@ SILC_PKCS_IMPORT_PRIVATE_KEY_FILE(silc_pkcs_silc_import_private_key_file) /* Check start of file and remove header from the data. */ len = strlen(SILC_PKCS_PRIVATE_KEYFILE_BEGIN); if (filedata_len < len + strlen(SILC_PKCS_PRIVATE_KEYFILE_END)) { - SILC_LOG_ERROR(("Malformed SILC private key header")); + SILC_LOG_DEBUG(("Malformed SILC private key header")); return FALSE; } for (i = 0; i < len; i++) { if (*filedata != SILC_PKCS_PRIVATE_KEYFILE_BEGIN[i]) { - SILC_LOG_ERROR(("Malformed SILC private key header")); + SILC_LOG_DEBUG(("Malformed SILC private key header")); return FALSE; } filedata++; @@ -963,8 +962,8 @@ SILC_PKCS_IMPORT_PRIVATE_KEY_FILE(silc_pkcs_silc_import_private_key_file) silc_cipher_free(aes); /* Import the private key */ - ret = silc_pkcs_silc_import_private_key(pkcs, filedata, len, ret_private_key, - ret_alg); + ret = silc_pkcs_silc_import_private_key(pkcs, NULL, filedata, + len, ret_private_key, ret_alg); silc_free(data); @@ -980,7 +979,6 @@ SILC_PKCS_IMPORT_PRIVATE_KEY_FILE(silc_pkcs_silc_import_private_key_file) SILC_PKCS_IMPORT_PRIVATE_KEY(silc_pkcs_silc_import_private_key) { SilcBufferStruct buf; - const SilcPKCSAlgorithm *alg; SilcBufferStruct alg_key; SilcSILCPrivateKey silc_privkey = NULL; SilcAsn1 asn1 = NULL; @@ -1636,7 +1634,7 @@ SILC_PKCS_SIGN(silc_pkcs_silc_sign) return silc_privkey->pkcs->sign(silc_privkey->pkcs, silc_privkey->private_key, src, src_len, - compute_hash, hash, + compute_hash, hash, rng, sign_cb, context); } @@ -1654,6 +1652,6 @@ SILC_PKCS_VERIFY(silc_pkcs_silc_verify) return silc_pubkey->pkcs->verify(silc_pubkey->pkcs, silc_pubkey->public_key, signature, signature_len, - data, data_len, hash, + data, data_len, hash, rng, verify_cb, context); } diff --git a/lib/silccrypt/silcpk.h b/lib/silccrypt/silcpk.h index 181bfa6f..93a4bc66 100644 --- a/lib/silccrypt/silcpk.h +++ b/lib/silccrypt/silcpk.h @@ -64,7 +64,7 @@ typedef struct SilcPublicKeyIdentifierObject { * * This structure defines the SILC protocol style public key. User * doesn't have to access this structure usually, except when access to - * the identifier is required. The silc_pkcs_get_context for the + * the identifier is required. The silc_pkcs_public_key_get_pkcs for the * PKCS type SILC_PKCS_SILC returns this context. * * SOURCE diff --git a/lib/silccrypt/silcpkcs.c b/lib/silccrypt/silcpkcs.c index ebd6f16a..c43f089b 100644 --- a/lib/silccrypt/silcpkcs.c +++ b/lib/silccrypt/silcpkcs.c @@ -21,6 +21,10 @@ #include "silc.h" #include "silcpk_i.h" #include "silcpkcs1_i.h" +#include "dsa.h" +#ifdef SILC_DIST_SSH +#include "silcssh_pkcs.h" +#endif /* SILC_DIST_SSH */ #ifndef SILC_SYMBIAN /* Dynamically registered list of PKCS. */ @@ -60,6 +64,32 @@ const SilcPKCSObject silc_default_pkcs[] = silc_pkcs_silc_verify, }, +#ifdef SILC_DIST_SSH + /* SSH2 PKCS */ + { + SILC_PKCS_SSH2, + silc_pkcs_ssh_get_algorithm, + silc_pkcs_ssh_import_public_key_file, + silc_pkcs_ssh_import_public_key, + silc_pkcs_ssh_export_public_key_file, + silc_pkcs_ssh_export_public_key, + silc_pkcs_ssh_public_key_bitlen, + silc_pkcs_ssh_public_key_copy, + silc_pkcs_ssh_public_key_compare, + silc_pkcs_ssh_public_key_free, + silc_pkcs_ssh_import_private_key_file, + silc_pkcs_ssh_import_private_key, + silc_pkcs_ssh_export_private_key_file, + silc_pkcs_ssh_export_private_key, + silc_pkcs_ssh_private_key_bitlen, + silc_pkcs_ssh_private_key_free, + silc_pkcs_ssh_encrypt, + silc_pkcs_ssh_decrypt, + silc_pkcs_ssh_sign, + silc_pkcs_ssh_verify, + }, +#endif /* SILC_DIST_SSH */ + { 0, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL @@ -113,6 +143,74 @@ const SilcPKCSAlgorithm silc_default_pkcs_alg[] = silc_pkcs1_verify }, + /* DSS */ + { + "dsa", + "dss", + "sha1", + silc_dsa_generate_key, + silc_dsa_import_public_key, + silc_dsa_export_public_key, + silc_dsa_public_key_bitlen, + silc_dsa_public_key_copy, + silc_dsa_public_key_compare, + silc_dsa_public_key_free, + silc_dsa_import_private_key, + silc_dsa_export_private_key, + silc_dsa_private_key_bitlen, + silc_dsa_private_key_free, + silc_dsa_encrypt, + silc_dsa_decrypt, + silc_dsa_sign, + silc_dsa_verify + }, + +#ifdef SILC_DIST_SSH + /* PKCS #1, Version 1.5 without hash OIDs, SSH2 style public keys */ + { + "rsa", + "ssh", + "sha1", + silc_pkcs1_generate_key, + silc_ssh_rsa_import_public_key, + silc_ssh_rsa_export_public_key, + silc_pkcs1_public_key_bitlen, + silc_pkcs1_public_key_copy, + silc_pkcs1_public_key_compare, + silc_pkcs1_public_key_free, + silc_pkcs1_import_private_key, + silc_pkcs1_export_private_key, + silc_pkcs1_private_key_bitlen, + silc_pkcs1_private_key_free, + silc_pkcs1_encrypt, + silc_pkcs1_decrypt, + silc_pkcs1_sign, + silc_pkcs1_verify + }, + + /* DSS, SSH2 style public keys */ + { + "dsa", + "ssh", + "sha1", + silc_dsa_generate_key, + silc_ssh_dsa_import_public_key, + silc_ssh_dsa_export_public_key, + silc_dsa_public_key_bitlen, + silc_dsa_public_key_copy, + silc_dsa_public_key_compare, + silc_dsa_public_key_free, + silc_dsa_import_private_key, + silc_dsa_export_private_key, + silc_dsa_private_key_bitlen, + silc_dsa_private_key_free, + silc_dsa_encrypt, + silc_dsa_decrypt, + silc_dsa_sign, + silc_dsa_verify + }, +#endif /* SILC_DIST_SSH */ + { NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, @@ -472,7 +570,7 @@ SilcBool silc_pkcs_public_key_alloc(SilcPKCSType type, } /* Import the PKCS public key */ - if (!pkcs->import_public_key(pkcs, key, key_len, + if (!pkcs->import_public_key(pkcs, NULL, key, key_len, &public_key->public_key, &public_key->alg)) { silc_free(public_key); @@ -512,13 +610,23 @@ SilcUInt32 silc_pkcs_public_key_get_len(SilcPublicKey public_key) /* Returns internal PKCS public key context */ -void *silc_pkcs_get_context(SilcPKCSType type, SilcPublicKey public_key) +void *silc_pkcs_public_key_get_pkcs(SilcPKCSType type, + SilcPublicKey public_key) { if (public_key->pkcs->type != type) return NULL; return public_key->public_key; } +/* Returns internal PKCS private key context */ + +void *silc_pkcs_private_key_get_pkcs(SilcPKCSType type, + SilcPrivateKey private_key) +{ + if (private_key->pkcs->type != type) + return NULL; + return private_key->private_key; +} /* Allocates new private key from key data */ @@ -546,7 +654,7 @@ SilcBool silc_pkcs_private_key_alloc(SilcPKCSType type, } /* Import the PKCS private key */ - if (!pkcs->import_private_key(pkcs, key, key_len, + if (!pkcs->import_private_key(pkcs, NULL, key, key_len, &private_key->private_key, &private_key->alg)) { silc_free(private_key); @@ -607,12 +715,13 @@ SilcAsyncOperation silc_pkcs_sign(SilcPrivateKey private_key, SilcUInt32 src_len, SilcBool compute_hash, SilcHash hash, + SilcRng rng, SilcPKCSSignCb sign_cb, void *context) { return private_key->pkcs->sign(private_key->pkcs, private_key->private_key, src, src_len, - compute_hash, hash, sign_cb, context); + compute_hash, hash, rng, sign_cb, context); } /* Verifies signature */ @@ -623,12 +732,13 @@ SilcAsyncOperation silc_pkcs_verify(SilcPublicKey public_key, unsigned char *data, SilcUInt32 data_len, SilcHash hash, + SilcRng rng, SilcPKCSVerifyCb verify_cb, void *context) { return public_key->pkcs->verify(public_key->pkcs, public_key->public_key, signature, - signature_len, data, data_len, hash, + signature_len, data, data_len, hash, rng, verify_cb, context); } @@ -667,12 +777,12 @@ SilcPublicKey silc_pkcs_public_key_copy(SilcPublicKey public_key) /* Loads any kind of public key */ SilcBool silc_pkcs_load_public_key(const char *filename, + SilcPKCSType type, SilcPublicKey *ret_public_key) { unsigned char *data; SilcUInt32 data_len; SilcPublicKey public_key; - SilcPKCSType type; SILC_LOG_DEBUG(("Loading public key file '%s'", filename)); @@ -680,8 +790,10 @@ SilcBool silc_pkcs_load_public_key(const char *filename, return FALSE; data = silc_file_readfile(filename, &data_len, NULL); - if (!data) + if (!data) { + SILC_LOG_ERROR(("No such file: %s", filename)); return FALSE; + } /* Allocate public key context */ *ret_public_key = public_key = silc_calloc(1, sizeof(*public_key)); @@ -690,11 +802,41 @@ SilcBool silc_pkcs_load_public_key(const char *filename, return FALSE; } - /* Try loading all types until one succeeds. */ - for (type = SILC_PKCS_SILC; type <= SILC_PKCS_SPKI; type++) { + if (type == SILC_PKCS_ANY) { + /* Try loading all types until one succeeds. */ + for (type = SILC_PKCS_SILC; type <= SILC_PKCS_SPKI; type++) { + public_key->pkcs = (SilcPKCSObject *)silc_pkcs_find_pkcs(type); + if (!public_key->pkcs) + continue; + + if (public_key->pkcs->import_public_key_file(public_key->pkcs, + data, data_len, + SILC_PKCS_FILE_BASE64, + &public_key->public_key, + &public_key->alg)) { + silc_free(data); + return TRUE; + } + + if (public_key->pkcs->import_public_key_file(public_key->pkcs, + data, data_len, + SILC_PKCS_FILE_BIN, + &public_key->public_key, + &public_key->alg)) { + silc_free(data); + return TRUE; + } + } + } else { + /* Load specific type */ public_key->pkcs = (SilcPKCSObject *)silc_pkcs_find_pkcs(type); - if (!public_key->pkcs) - continue; + if (!public_key->pkcs) { + silc_free(data); + silc_free(public_key); + *ret_public_key = NULL; + SILC_LOG_ERROR(("Unsupported public key type")); + return FALSE; + } if (public_key->pkcs->import_public_key_file(public_key->pkcs, data, data_len, @@ -718,6 +860,7 @@ SilcBool silc_pkcs_load_public_key(const char *filename, silc_free(data); silc_free(public_key); *ret_public_key = NULL; + SILC_LOG_ERROR(("Unsupported public key type")); return FALSE; } @@ -760,12 +903,12 @@ SilcBool silc_pkcs_save_public_key(const char *filename, SilcBool silc_pkcs_load_private_key(const char *filename, const unsigned char *passphrase, SilcUInt32 passphrase_len, + SilcPKCSType type, SilcPrivateKey *ret_private_key) { unsigned char *data; SilcUInt32 data_len; SilcPrivateKey private_key; - SilcPKCSType type; SILC_LOG_DEBUG(("Loading private key file '%s'", filename)); @@ -773,8 +916,10 @@ SilcBool silc_pkcs_load_private_key(const char *filename, return FALSE; data = silc_file_readfile(filename, &data_len, NULL); - if (!data) + if (!data) { + SILC_LOG_ERROR(("No such file: %s", filename)); return FALSE; + } /* Allocate private key context */ *ret_private_key = private_key = silc_calloc(1, sizeof(*private_key)); @@ -783,11 +928,47 @@ SilcBool silc_pkcs_load_private_key(const char *filename, return FALSE; } - /* Try loading all types until one succeeds. */ - for (type = SILC_PKCS_SILC; type <= SILC_PKCS_SPKI; type++) { + if (type == SILC_PKCS_ANY) { + /* Try loading all types until one succeeds. */ + for (type = SILC_PKCS_SILC; type <= SILC_PKCS_SPKI; type++) { + private_key->pkcs = (SilcPKCSObject *)silc_pkcs_find_pkcs(type); + if (!private_key->pkcs) + continue; + + if (private_key->pkcs->import_private_key_file( + private_key->pkcs, + data, data_len, + passphrase, + passphrase_len, + SILC_PKCS_FILE_BIN, + &private_key->private_key, + &private_key->alg)) { + silc_free(data); + return TRUE; + } + + if (private_key->pkcs->import_private_key_file( + private_key->pkcs, + data, data_len, + passphrase, + passphrase_len, + SILC_PKCS_FILE_BASE64, + &private_key->private_key, + &private_key->alg)) { + silc_free(data); + return TRUE; + } + } + } else { + /* Load specific type */ private_key->pkcs = (SilcPKCSObject *)silc_pkcs_find_pkcs(type); - if (!private_key->pkcs) - continue; + if (!private_key->pkcs) { + silc_free(data); + silc_free(private_key); + *ret_private_key = NULL; + SILC_LOG_ERROR(("Unsupported private key type")); + return FALSE; + } if (private_key->pkcs->import_private_key_file( private_key->pkcs, diff --git a/lib/silccrypt/silcpkcs.h b/lib/silccrypt/silcpkcs.h index 47a898b9..fa3230ee 100644 --- a/lib/silccrypt/silcpkcs.h +++ b/lib/silccrypt/silcpkcs.h @@ -49,10 +49,11 @@ typedef struct SilcPKCSObjectStruct SilcPKCSObject; */ typedef enum { SILC_PKCS_SILC = 1, /* SILC PKCS */ - SILC_PKCS_SSH2 = 2, /* SSH2 PKCS (not supported) */ - SILC_PKCS_X509V3 = 3, /* X.509v3 PKCS (not supported) */ - SILC_PKCS_OPENPGP = 4, /* OpenPGP PKCS (not supported) */ + SILC_PKCS_SSH2 = 2, /* SSH2 PKCS */ + SILC_PKCS_X509V3 = 3, /* X.509v3 PKCS */ + SILC_PKCS_OPENPGP = 4, /* OpenPGP PKCS */ SILC_PKCS_SPKI = 5, /* SPKI PKCS (not supported) */ + SILC_PKCS_ANY = 0, } SilcPKCSType; /***/ @@ -67,7 +68,7 @@ typedef enum { * This context represents any kind of PKCS public key. It can be * allocated by silc_pkcs_public_key_alloc and is freed by the * silc_pkcs_public_key_free. The PKCS specific public key context - * can be retrieved by calling silc_pkcs_get_context. + * can be retrieved by calling silc_pkcs_public_key_get_pkcs. * * SOURCE */ @@ -86,7 +87,8 @@ typedef struct SilcPublicKeyStruct { * * DESCRIPTION * - * This context represents any kind of PKCS private key. + * This context represents any kind of PKCS private key. The PKCS specific + * key context can be retrieved by calling silc_pkcs_private_key_get_pkcs. * * SOURCE */ @@ -396,11 +398,12 @@ const char *silc_pkcs_get_name(void *key); ***/ SilcPKCSType silc_pkcs_get_type(void *key); -/****f* silccrypt/SilcPKCSAPI/silc_pkcs_get_context +/****f* silccrypt/SilcPKCSAPI/silc_pkcs_public_key_get_pkcs * * SYNOPSIS * - * void *silc_pkcs_get_context(SilcPKCSType type, SilcPublicKey public_key); + * void *silc_pkcs_public_key_get_pkcs(SilcPKCSType type, + * SilcPublicKey public_key); * * DESCRIPTION * @@ -409,9 +412,31 @@ SilcPKCSType silc_pkcs_get_type(void *key); * type. Returns NULL on error. * * For SILC_PKCS_SILC the returned context is SilcSILCPublicKey. + * For SILC_PKCS_SSH2 the returned context is SilcSshPublicKey. * ***/ -void *silc_pkcs_get_context(SilcPKCSType type, SilcPublicKey public_key); +void *silc_pkcs_public_key_get_pkcs(SilcPKCSType type, + SilcPublicKey public_key); + +/****f* silccrypt/SilcPKCSAPI/silc_pkcs_private_key_get_pkcs + * + * SYNOPSIS + * + * void *silc_pkcs_private_key_get_pkcs(SilcPKCSType type, + * SilcPublicKey public_key); + * + * DESCRIPTION + * + * Returns the internal PKCS `type' specific private key context from the + * `private_key'. The caller needs to explicitly type cast it to correct + * type. Returns NULL on error. + * + * For SILC_PKCS_SILC the returned context is SilcSILCPrivateKey. + * For SILC_PKCS_SSH2 the returned context is SilcSshPrivateKey. + * + ***/ +void *silc_pkcs_private_key_get_pkcs(SilcPKCSType type, + SilcPrivateKey private_key); /****f* silccrypt/SilcPKCSAPI/silc_pkcs_public_key_alloc * @@ -616,6 +641,7 @@ SilcAsyncOperation silc_pkcs_decrypt(SilcPrivateKey private_key, * SilcUInt32 src_len, * SilcBool compute_hash, * SilcHash hash, + * SilcRng rng, * SilcPKCSSignCb sign_cb, * void *context); * @@ -624,9 +650,10 @@ SilcAsyncOperation silc_pkcs_decrypt(SilcPrivateKey private_key, * Computes signature with the private key. The `sign_cb' will be called * to deliver the signature data. If `compute_hash' is TRUE the `hash' * will be used to compute a message digest over the `src'. The `hash' - * must always be valid. The signature operation may be asynchronous if - * the `private_key' is accelerated private key. If this returns NULL the - * asynchronous operation cannot be controlled. + * must always be valid. The `rng' should always be provided. The + * signature operation may be asynchronous if the `private_key' is + * accelerated private key. If this returns NULL the asynchronous + * operation cannot be controlled. * ***/ SilcAsyncOperation silc_pkcs_sign(SilcPrivateKey private_key, @@ -634,6 +661,7 @@ SilcAsyncOperation silc_pkcs_sign(SilcPrivateKey private_key, SilcUInt32 src_len, SilcBool compute_hash, SilcHash hash, + SilcRng rng, SilcPKCSSignCb sign_cb, void *context); @@ -647,6 +675,7 @@ SilcAsyncOperation silc_pkcs_sign(SilcPrivateKey private_key, * unsigned char *data, * SilcUInt32 data_len, * SilcHash hash, + * SilcRng rng, * SilcPKCSVerifyCb verify_cb, * void *context); * @@ -657,8 +686,10 @@ SilcAsyncOperation silc_pkcs_sign(SilcPrivateKey private_key, * the 'data'. If the `hash' is non-NULL then the `data' will hashed * before verification. If the `hash' is NULL, then the hash algorithm * to be used is retrieved from the signature. If it isn't present in the - * signature the verification is done as is without hashing. If this - * returns NULL the asynchronous operation cannot be controlled. + * signature the verification is done as is without hashing. The `rng' + * is usually not needed, however some algorithms might need it so it is + * wise to provide it. If this returns NULL the asynchronous operation + * cannot be controlled. * ***/ SilcAsyncOperation silc_pkcs_verify(SilcPublicKey public_key, @@ -667,6 +698,7 @@ SilcAsyncOperation silc_pkcs_verify(SilcPublicKey public_key, unsigned char *data, SilcUInt32 data_len, SilcHash hash, + SilcRng rng, SilcPKCSVerifyCb verify_cb, void *context); @@ -675,15 +707,19 @@ SilcAsyncOperation silc_pkcs_verify(SilcPublicKey public_key, * SYNOPSIS * * SilcBool silc_pkcs_load_public_key(const char *filename, + * SilcPKCSType type, * SilcPublicKey *ret_public_key); * * DESCRIPTION * * Loads public key from file and allocates new public key. Returns TRUE - * if loading was successful. + * if loading was successful. If `type' is SILC_PKSC_ANY this attempts + * to automatically detect the public key type. If `type' is some other + * PKCS type, the key is expected to be of that type. * ***/ SilcBool silc_pkcs_load_public_key(const char *filename, + SilcPKCSType type, SilcPublicKey *ret_public_key); /****f* silccrypt/SilcPKCSAPI/silc_pkcs_save_public_key @@ -711,18 +747,23 @@ SilcBool silc_pkcs_save_public_key(const char *filename, * SilcBool silc_pkcs_load_private_key(const char *filename, * const unsigned char *passphrase, * SilcUInt32 passphrase_len, + * SilcPKCSType type, * SilcPrivateKey *ret_private_key); * * DESCRIPTION * * Loads private key from file and allocates new private key. Returns TRUE * if loading was successful. The `passphrase' is used as decryption - * key of the private key file, in case it is encrypted. + * key of the private key file, in case it is encrypted. If `type' is + * SILC_PKSC_ANY this attempts to automatically detect the private key type. + * If `type' is some other PKCS type, the key is expected to be of that + * type. * ***/ SilcBool silc_pkcs_load_private_key(const char *filename, const unsigned char *passphrase, SilcUInt32 passphrase_len, + SilcPKCSType type, SilcPrivateKey *ret_private_key); /****f* silccrypt/SilcPKCSAPI/silc_pkcs_save_private_key diff --git a/lib/silccrypt/silcpkcs_i.h b/lib/silccrypt/silcpkcs_i.h index 1321f0a3..62df5108 100644 --- a/lib/silccrypt/silcpkcs_i.h +++ b/lib/silccrypt/silcpkcs_i.h @@ -34,7 +34,7 @@ #define SILC_PKCS_ALG_IMPORT_PUBLIC_KEY(name) \ int name(const struct SilcPKCSAlgorithmStruct *pkcs, \ - void *key, SilcUInt32 key_len, \ + void *key, SilcUInt32 key_len, \ void **ret_public_key) #define SILC_PKCS_ALG_EXPORT_PUBLIC_KEY(name) \ @@ -60,7 +60,8 @@ #define SILC_PKCS_ALG_IMPORT_PRIVATE_KEY(name) \ int name(const struct SilcPKCSAlgorithmStruct *pkcs, \ - void *key, SilcUInt32 key_len, void **ret_private_key) + void *key, SilcUInt32 key_len, \ + void **ret_private_key) #define SILC_PKCS_ALG_EXPORT_PRIVATE_KEY(name) \ unsigned char *name(const struct SilcPKCSAlgorithmStruct *pkcs, \ @@ -99,6 +100,7 @@ SilcUInt32 src_len, \ SilcBool compute_hash, \ SilcHash hash, \ + SilcRng rng, \ SilcPKCSSignCb sign_cb, \ void *context) @@ -110,6 +112,7 @@ unsigned char *data, \ SilcUInt32 data_len, \ SilcHash hash, \ + SilcRng rng, \ SilcPKCSVerifyCb verify_cb, \ void *context) @@ -189,9 +192,10 @@ struct SilcPKCSAlgorithmStruct { SilcPKCSFileEncoding encoding, void **ret_public_key, \ const struct SilcPKCSAlgorithmStruct **ret_alg) -#define SILC_PKCS_IMPORT_PUBLIC_KEY(name) \ - int name(const struct SilcPKCSObjectStruct *pkcs, void *key, \ - SilcUInt32 key_len, void **ret_public_key, \ +#define SILC_PKCS_IMPORT_PUBLIC_KEY(name) \ + int name(const struct SilcPKCSObjectStruct *pkcs, \ + const struct SilcPKCSAlgorithmStruct *alg, \ + void *key, SilcUInt32 key_len, void **ret_public_key, \ const struct SilcPKCSAlgorithmStruct **ret_alg) #define SILC_PKCS_EXPORT_PUBLIC_KEY_FILE(name) \ @@ -225,9 +229,10 @@ struct SilcPKCSAlgorithmStruct { SilcPKCSFileEncoding encoding, void **ret_private_key, \ const struct SilcPKCSAlgorithmStruct **ret_alg) -#define SILC_PKCS_IMPORT_PRIVATE_KEY(name) \ - int name(const struct SilcPKCSObjectStruct *pkcs, void *key, \ - SilcUInt32 key_len, void **ret_private_key, \ +#define SILC_PKCS_IMPORT_PRIVATE_KEY(name) \ + int name(const struct SilcPKCSObjectStruct *pkcs, \ + const struct SilcPKCSAlgorithmStruct *alg, \ + void *key, SilcUInt32 key_len, void **ret_private_key, \ const struct SilcPKCSAlgorithmStruct **ret_alg) #define SILC_PKCS_EXPORT_PRIVATE_KEY_FILE(name) \ @@ -271,6 +276,7 @@ struct SilcPKCSAlgorithmStruct { SilcUInt32 src_len, \ SilcBool compute_hash, \ SilcHash hash, \ + SilcRng rng, \ SilcPKCSSignCb sign_cb, \ void *context) @@ -282,6 +288,7 @@ struct SilcPKCSAlgorithmStruct { unsigned char *data, \ SilcUInt32 data_len, \ SilcHash hash, \ + SilcRng rng, \ SilcPKCSVerifyCb verify_cb, \ void *context) @@ -352,4 +359,8 @@ struct SilcPKCSObjectStruct { SILC_PKCS_VERIFY((*verify)); }; +/* Backwards support for PKCS API */ + +#define silc_pkcs_get_context silc_pkcs_public_key_get_pkcs + #endif /* SILCPKCS_I_H */ diff --git a/lib/silccrypt/tests/Makefile.am b/lib/silccrypt/tests/Makefile.am index 01825872..96479a2c 100644 --- a/lib/silccrypt/tests/Makefile.am +++ b/lib/silccrypt/tests/Makefile.am @@ -26,7 +26,9 @@ bin_PROGRAMS = test_sha1 \ test_aes \ test_twofish \ test_cast5 \ - test_silcpkcs + test_des \ + test_silcpkcs \ + test_dsa test_sha1_SOURCES = test_sha1.c test_sha256_SOURCES = test_sha256.c @@ -38,8 +40,10 @@ test_hmacmd5_SOURCES = test_hmacmd5.c test_aes_SOURCES = test_aes.c test_twofish_SOURCES = test_twofish.c test_cast5_SOURCES = test_cast5.c +test_des_SOURCES = test_des.c test_silcpkcs_SOURCES = test_silcpkcs.c +test_dsa_SOURCES = test_dsa.c LIBS = $(SILC_COMMON_LIBS) LDADD = -L.. -L../.. -lsilc