5 Author: Pekka Riikonen <priikone@silcnet.org>
7 Copyright (C) 1997 - 2003 Pekka Riikonen
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; version 2 of the License.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
23 /****h* silccrypt/SILC PKCS Interface
27 * This is the interface for public key cryptosystems, and various
28 * utility functions related to public keys and private keys. This
29 * interface also defines the actual PKCS objects, public keys and
30 * private keys. The interface is generic PKCS interface, which has
31 * capability of supporting any kind of public key algorithm. This
32 * interface also implements the SILC Public Key and routines for
33 * encoding and decoding SILC Public Key (as defined by the SILC
34 * protocol specification). Interface or encrypting, decrypting,
35 * producing digital signatures and verifying digital signatures are
36 * also defined in this header.
40 /****s* silccrypt/SilcPKCSAPI/SilcPKCS
44 * typedef struct SilcPKCSStruct *SilcPKCS;
48 * This context is the actual PKCS context and is allocated
49 * by silc_pkcs_alloc and given as argument usually to all
50 * silc_pkcs_* functions. It is freed by the silc_pkcs_free
54 typedef struct SilcPKCSStruct *SilcPKCS;
56 /****d* silccrypt/SilcPKCSAPI/SilcPKCSType
60 * typedef enum { ... } SilcPKCSType
64 * Public key cryptosystem types. These are defined by the SILC
65 * Key Exchange protocol.
70 SILC_PKCS_SILC = 1, /* SILC PKCS (mandatory) */
71 SILC_PKCS_SSH2 = 2, /* SSH2 PKCS (not supported) */
72 SILC_PKCS_X509V3 = 3, /* X.509v3 PKCS (not supported) */
73 SILC_PKCS_OPENPGP = 4, /* OpenPGP PKCS (not supported) */
74 SILC_PKCS_SPKI = 5, /* SPKI PKCS (not supported) */
78 /* The default SILC PKCS (Public Key Cryptosystem) object to represent
80 typedef struct SilcPKCSObjectStruct {
83 int (*init)(void *, SilcUInt32, SilcRng);
84 void (*clear_keys)(void *);
85 unsigned char *(*get_public_key)(void *, SilcUInt32 *);
86 unsigned char *(*get_private_key)(void *, SilcUInt32 *);
87 SilcUInt32 (*set_public_key)(void *, unsigned char *, SilcUInt32);
88 SilcUInt32 (*set_private_key)(void *, unsigned char *, SilcUInt32);
89 SilcUInt32 (*context_len)();
90 int (*encrypt)(void *, unsigned char *, SilcUInt32,
91 unsigned char *, SilcUInt32 *);
92 int (*decrypt)(void *, unsigned char *, SilcUInt32,
93 unsigned char *, SilcUInt32 *);
94 int (*sign)(void *, unsigned char *, SilcUInt32,
95 unsigned char *, SilcUInt32 *);
96 int (*verify)(void *, unsigned char *, SilcUInt32,
97 unsigned char *, SilcUInt32);
100 /****s* silccrypt/SilcPKCSAPI/SilcPublicKey
104 * typedef struct { ... } *SilcPublicKey, SilcPublicKeyStruct;
108 * SILC style public key object. Public key is read from file to this
109 * object. Public keys received from network must be in this format as
110 * well. The format is defined by the SILC protocol specification.
111 * This object is allocated by silc_pkcs_public_key_alloc and freed
112 * by silc_pkcs_public_key_free. The object is given as argument to
113 * all silc_pkcs_public_key_* functions.
118 SilcUInt16 pk_type; /* Public key type (SilcSKEPKType) */
124 } *SilcPublicKey, SilcPublicKeyStruct;
127 /****s* silccrypt/SilcPKCSAPI/SilcPublicKeyIdentifier
131 * typedef struct { ... } *SilcPublicKeyIdentifier,
132 * SilcPublicKeyIdentifierStruct;
136 * Decoded SILC Public Key identifier. Note that some of the fields
137 * may be NULL. This context is allocated by the function
138 * silc_pkcs_decode_identifier and freed by silc_pkcs_free_identifier.
139 * The identifier in SilcPublicKey is the `identifier' field, which
140 * can be given as argument to silc_pkcs_decode_identifier.
151 } *SilcPublicKeyIdentifier, SilcPublicKeyIdentifierStruct;
154 /****s* silccrypt/SilcPKCSAPI/SilcPrivateKey
158 * typedef struct { ... } *SilcPrivateKey, SilcPrivateKeyStruct;
162 * SILC style private key object. Public key is read from file to this
163 * object. This object is allocated by silc_pkcs_private_key_alloc and
164 * freed by silc_pkcs_private_key_free. The object is given as argument
165 * to all silc_pkcs_private_key_* functions.
172 } *SilcPrivateKey, SilcPrivateKeyStruct;
174 /* Public and private key file headers */
175 #define SILC_PKCS_PUBLIC_KEYFILE_BEGIN "-----BEGIN SILC PUBLIC KEY-----\n"
176 #define SILC_PKCS_PUBLIC_KEYFILE_END "\n-----END SILC PUBLIC KEY-----\n"
177 #define SILC_PKCS_PRIVATE_KEYFILE_BEGIN "-----BEGIN SILC PRIVATE KEY-----\n"
178 #define SILC_PKCS_PRIVATE_KEYFILE_END "\n-----END SILC PRIVATE KEY-----\n"
180 /* Public and private key file encoding types */
181 #define SILC_PKCS_FILE_BIN 0
182 #define SILC_PKCS_FILE_PEM 1
184 /* Marks for all PKCS in silc. This can be used in silc_pkcs_unregister
185 to unregister all PKCS at once. */
186 #define SILC_ALL_PKCS ((SilcPKCSObject *)1)
188 /* Static list of PKCS for silc_pkcs_register_default(). */
189 extern DLLAPI const SilcPKCSObject silc_default_pkcs[];
191 /* Default PKXS in the SILC protocol */
192 #define SILC_DEFAULT_PKCS "rsa"
196 /* Macros used to implement the SILC PKCS API */
198 /* XXX: This needs slight redesigning. These needs to be made even
199 more generic. I don't like that the actual prime generation is done
200 in PKCS_API_INIT. The primes used in key generation should be sent
201 as argument to the init function. By doing this we would achieve
202 that PKCS could be used as SIM's. The only requirement would be
203 that they are compiled against GMP (well, actually even that would
204 not be a requirement, but the most generic case anyway). The new init
205 would look something like this:
207 #define SILC_PKCS_API_INIT(pkcs) \
208 inline int silc_##pkcs##_init(void *context, SilcUInt32 keylen, \
211 Now we wouldn't have to send the SilcRng object since the primes are
212 provided as arguments. To send them as void * they could actually be
213 used as in anyway for real (MP_INT (SilcMPInt) or even something else
214 (the pointer could be kludged to be something else in the module))
215 (Plus, the SilcRng object management in prime generation would be
216 simpler and better what it is now (in silcprimegen.c, that is)).
219 #define SILC_PKCS_API_INIT(pkcs) \
220 int silc_##pkcs##_init(void *context, SilcUInt32 keylen, \
222 #define SILC_PKCS_API_CLEAR_KEYS(pkcs) \
223 void silc_##pkcs##_clear_keys(void *context)
224 #define SILC_PKCS_API_GET_PUBLIC_KEY(pkcs) \
225 unsigned char *silc_##pkcs##_get_public_key(void *context, \
227 #define SILC_PKCS_API_GET_PRIVATE_KEY(pkcs) \
228 unsigned char *silc_##pkcs##_get_private_key(void *context, \
230 #define SILC_PKCS_API_SET_PUBLIC_KEY(pkcs) \
231 SilcUInt32 silc_##pkcs##_set_public_key(void *context, unsigned char *key_data, \
233 #define SILC_PKCS_API_SET_PRIVATE_KEY(pkcs) \
234 SilcUInt32 silc_##pkcs##_set_private_key(void *context, unsigned char *key_data, \
236 #define SILC_PKCS_API_CONTEXT_LEN(pkcs) \
237 SilcUInt32 silc_##pkcs##_context_len()
238 #define SILC_PKCS_API_ENCRYPT(pkcs) \
239 int silc_##pkcs##_encrypt(void *context, \
240 unsigned char *src, \
241 SilcUInt32 src_len, \
242 unsigned char *dst, \
244 #define SILC_PKCS_API_DECRYPT(pkcs) \
245 int silc_##pkcs##_decrypt(void *context, \
246 unsigned char *src, \
247 SilcUInt32 src_len, \
248 unsigned char *dst, \
250 #define SILC_PKCS_API_SIGN(pkcs) \
251 int silc_##pkcs##_sign(void *context, \
252 unsigned char *src, \
253 SilcUInt32 src_len, \
254 unsigned char *dst, \
256 #define SILC_PKCS_API_VERIFY(pkcs) \
257 int silc_##pkcs##_verify(void *context, \
258 unsigned char *signature, \
259 SilcUInt32 signature_len, \
260 unsigned char *data, \
265 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_register
269 * SilcBool silc_pkcs_register(const SilcPKCSObject *pkcs);
273 * Registers a new PKCS into the SILC. This function is used
274 * at the initialization of the SILC. All registered PKCSs
275 * should be unregistered with silc_pkcs_unregister. The `pkcs' includes
276 * the name of the PKCS and member functions for the algorithm. Usually
277 * this function is not called directly. Instead, application can call
278 * the silc_pkcs_register_default to register all PKCSs that are
279 * builtin the sources. Returns FALSE on error.
282 SilcBool silc_pkcs_register(const SilcPKCSObject *pkcs);
284 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_unregister
288 * SilcBool silc_pkcs_unregister(SilcPKCSObject *pkcs);
292 * Unregister a PKCS from the SILC. Returns FALSE on error.
295 SilcBool silc_pkcs_unregister(SilcPKCSObject *pkcs);
297 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_register_default
301 * SilcBool silc_pkcs_register_default(void);
305 * Registers all the default PKCS (all builtin PKCS). The application may
306 * use this to register the default PKCS if specific PKCS in any specific
307 * order is not wanted. Returns FALSE on error.
310 SilcBool silc_pkcs_register_default(void);
312 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_unregister_all
316 * SilcBool silc_pkcs_unregister_all(void);
320 * Returns FALSE on error.
323 SilcBool silc_pkcs_unregister_all(void);
325 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_alloc
329 * SilcBool silc_pkcs_alloc(const unsigned char *name,
330 * SilcPKCSType type, SilcPKCS *new_pkcs);
334 * Allocates a new SilcPKCS object. The new allocated object is returned
335 * to the 'new_pkcs' argument. Returns FALSE on error.
338 SilcBool silc_pkcs_alloc(const unsigned char *name,
339 SilcPKCSType type, SilcPKCS *new_pkcs);
341 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_free
345 * void silc_pkcs_free(SilcPKCS pkcs);
349 * Frees the PKCS object.
352 void silc_pkcs_free(SilcPKCS pkcs);
354 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_is_supported
358 * SilcBool silc_pkcs_is_supported(const unsigned char *name);
362 * Returns TRUE if PKCS algorithm `name' is supported.
365 SilcBool silc_pkcs_is_supported(const unsigned char *name);
367 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_get_supported
371 * char *silc_pkcs_get_supported(void);
375 * Returns comma separated list of supported PKCS algorithms.
378 char *silc_pkcs_get_supported(void);
380 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_generate_key
384 * SilcBool silc_pkcs_generate_key(SilcPKCS pkcs, SilcUInt32 bits_key_len,
389 * Generate new key pair into the `pkcs' context. Returns FALSE on error.
390 * If the `rng' is NULL global SILC RNG will be used.
393 SilcBool silc_pkcs_generate_key(SilcPKCS pkcs, SilcUInt32 bits_key_len,
396 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_get_key_len
400 * SilcUInt32 silc_pkcs_get_key_len(SilcPKCS self);
404 * Returns the length of the key in bits.
407 SilcUInt32 silc_pkcs_get_key_len(SilcPKCS self);
409 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_get_name
413 * const char *silc_pkcs_get_name(SilcPKCS pkcs);
420 const char *silc_pkcs_get_name(SilcPKCS pkcs);
422 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_get_public_key
426 * unsigned char *silc_pkcs_get_public_key(SilcPKCS pkcs, SilcUInt32 *len);
430 * Returns SILC style public key for the PKCS. Note that this is not
431 * the SILC Public Key, but the raw public key data from the PKCS.
432 * The caller must free the returned data.
435 unsigned char *silc_pkcs_get_public_key(SilcPKCS pkcs, SilcUInt32 *len);
437 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_get_private_key
441 * unsigned char *silc_pkcs_get_private_key(SilcPKCS pkcs,
446 * Returns SILC style private key. Note that this is not SilcPrivateKey
447 * but the raw private key bits from the PKCS. The caller must free the
448 * returned data and SHOULD zero the memory area before freeing.
451 unsigned char *silc_pkcs_get_private_key(SilcPKCS pkcs, SilcUInt32 *len);
453 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_public_key_set
457 * SilcUInt32 silc_pkcs_public_key_set(SilcPKCS pkcs,
458 * SilcPublicKey public_key);
462 * Sets public key from SilcPublicKey. Returns the length of the key in
466 SilcUInt32 silc_pkcs_public_key_set(SilcPKCS pkcs, SilcPublicKey public_key);
468 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_public_key_data_set
472 * SilcUInt32 silc_pkcs_public_key_data_set(SilcPKCS pkcs,
474 * SilcUInt32 pk_len);
478 * Sets public key from data. Returns the length of the key.
481 SilcUInt32 silc_pkcs_public_key_data_set(SilcPKCS pkcs, unsigned char *pk,
484 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_private_key_set
488 * SilcUInt32 silc_pkcs_private_key_set(SilcPKCS pkcs,
489 * SilcPrivateKey private_key);
493 * Sets private key from SilcPrivateKey. Returns the length of the key
497 SilcUInt32 silc_pkcs_private_key_set(SilcPKCS pkcs,
498 SilcPrivateKey private_key);
500 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_private_key_data_set
504 * SilcUInt32 silc_pkcs_private_key_data_set(SilcPKCS pkcs,
505 * unsigned char *prv,
506 * SilcUInt32 prv_len);
510 * Sets private key from data. Returns the length of the key.
513 SilcUInt32 silc_pkcs_private_key_data_set(SilcPKCS pkcs, unsigned char *prv,
516 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_encrypt
520 * SilcBool silc_pkcs_encrypt(SilcPKCS pkcs, unsigned char *src,
521 * SilcUInt32 src_len, unsigned char *dst,
522 * SilcUInt32 *dst_len);
526 * Encrypts. Returns FALSE on error.
529 SilcBool silc_pkcs_encrypt(SilcPKCS pkcs, unsigned char *src, SilcUInt32 src_len,
530 unsigned char *dst, SilcUInt32 *dst_len);
532 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_decrypt
536 * SilcBool silc_pkcs_decrypt(SilcPKCS pkcs, unsigned char *src,
537 * SilcUInt32 src_len, unsigned char *dst,
538 * SilcUInt32 *dst_len);
542 * Decrypts. Returns FALSE on error.
545 SilcBool silc_pkcs_decrypt(SilcPKCS pkcs, unsigned char *src, SilcUInt32 src_len,
546 unsigned char *dst, SilcUInt32 *dst_len);
548 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_sign
552 * SilcBool silc_pkcs_sign(SilcPKCS pkcs, unsigned char *src,
553 * SilcUInt32 src_len, unsigned char *dst,
554 * SilcUInt32 *dst_len);
558 * Generates signature. Returns FALSE on error.
561 SilcBool silc_pkcs_sign(SilcPKCS pkcs, unsigned char *src, SilcUInt32 src_len,
562 unsigned char *dst, SilcUInt32 *dst_len);
564 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_verify
568 * SilcBool silc_pkcs_verify(SilcPKCS pkcs, unsigned char *signature,
569 * SilcUInt32 signature_len, unsigned char *data,
570 * SilcUInt32 data_len);
574 * Verifies signature. Returns FALSE on error. The 'signature' is
575 * verified against the 'data'.
578 SilcBool silc_pkcs_verify(SilcPKCS pkcs, unsigned char *signature,
579 SilcUInt32 signature_len, unsigned char *data,
580 SilcUInt32 data_len);
582 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_sign_with_hash
586 * SilcBool silc_pkcs_sign_with_hash(SilcPKCS pkcs, SilcHash hash,
587 * unsigned char *src, SilcUInt32 src_len,
588 * unsigned char *dst, SilcUInt32 *dst_len);
592 * Generates signature with hash. The hash is signed. Returns FALSE on
596 SilcBool silc_pkcs_sign_with_hash(SilcPKCS pkcs, SilcHash hash,
597 unsigned char *src, SilcUInt32 src_len,
598 unsigned char *dst, SilcUInt32 *dst_len);
600 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_verify_with_hash
604 * SilcBool silc_pkcs_verify_with_hash(SilcPKCS pkcs, SilcHash hash,
605 * unsigned char *signature,
606 * SilcUInt32 signature_len,
607 * unsigned char *data,
608 * SilcUInt32 data_len);
612 * Verifies signature with hash. The `data' is hashed and verified against
613 * the `signature'. Returns FALSE on error.
616 SilcBool silc_pkcs_verify_with_hash(SilcPKCS pkcs, SilcHash hash,
617 unsigned char *signature,
618 SilcUInt32 signature_len,
620 SilcUInt32 data_len);
622 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_encode_identifier
626 * char *silc_pkcs_encode_identifier(char *username, char *host,
627 * char *realname, char *email,
628 * char *org, char *country);
632 * Encodes and returns SILC public key identifier. If some of the
633 * arguments is NULL those are not encoded into the identifier string.
634 * Protocol says that at least username and host must be provided.
637 char *silc_pkcs_encode_identifier(char *username, char *host, char *realname,
638 char *email, char *org, char *country);
640 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_decode_identifier
644 * SilcPublicKeyIdentifier silc_pkcs_decode_identifier(char *identifier);
648 * Decodes the provided `identifier' and returns allocated context for
652 SilcPublicKeyIdentifier silc_pkcs_decode_identifier(char *identifier);
654 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_free_identifier
658 * void silc_pkcs_free_identifier(SilcPublicKeyIdentifier identifier);
662 * Frees decoded public key identifier context. Call this to free the
663 * context returned by the silc_pkcs_decode_identifier.
666 void silc_pkcs_free_identifier(SilcPublicKeyIdentifier identifier);
668 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_public_key_alloc
672 * SilcPublicKey silc_pkcs_public_key_alloc(const char *name,
673 * const char *identifier,
674 * const unsigned char *pk,
675 * SilcUInt32 pk_len);
679 * Allocates SILC style public key formed from sent arguments. The
680 * 'name' is the algorithm (PKCS) name, the 'identifier' is the public
681 * key identifier generated with silc_pkcs_encode_identifier, and the
682 * 'pk' and 'pk_len' are the raw public key data returned for example
683 * by silc_pkcs_get_public_key.
686 SilcPublicKey silc_pkcs_public_key_alloc(const char *name,
687 const char *identifier,
688 const unsigned char *pk,
691 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_public_key_free
695 * void silc_pkcs_public_key_free(SilcPublicKey public_key);
699 * Frees public key and all data in it.
702 void silc_pkcs_public_key_free(SilcPublicKey public_key);
704 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_private_key_alloc
708 * SilcPrivateKey silc_pkcs_private_key_alloc(const char *name,
709 * const unsigned char *prv,
710 * SilcUInt32 prv_len);
714 * Allocates SILC private key formed from sent arguments. The 'name'
715 * is the algorithm name, and the 'prv' and 'prv_len' are the raw
716 * private key bits returned by silc_pkcs_get_private_key.
719 SilcPrivateKey silc_pkcs_private_key_alloc(const char *name,
720 const unsigned char *prv,
723 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_private_key_free
727 * void silc_pkcs_private_key_free(SilcPrivateKey private_key);
731 * Frees private key and all data in it. The private key is zeroed
732 * before it is freed.
735 void silc_pkcs_private_key_free(SilcPrivateKey private_key);
737 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_public_key_encode
742 * silc_pkcs_public_key_encode(SilcPublicKey public_key, SilcUInt32 *len);
746 * Encodes SILC style public key from SilcPublicKey. Returns the encoded
751 silc_pkcs_public_key_encode(SilcPublicKey public_key, SilcUInt32 *len);
753 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_public_key_data_encode
758 * silc_pkcs_public_key_data_encode(unsigned char *pk, SilcUInt32 pk_len,
759 * char *pkcs, char *identifier,
764 * Encodes SILC style public key. Returns the encoded data.
768 silc_pkcs_public_key_data_encode(unsigned char *pk, SilcUInt32 pk_len,
769 char *pkcs, char *identifier,
772 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_public_key_decode
776 * SilcBool silc_pkcs_public_key_decode(unsigned char *data,
777 * SilcUInt32 data_len,
778 * SilcPublicKey *public_key);
782 * Decodes SILC style public key. Returns TRUE if the decoding was
783 * successful. Allocates new public key as well.
786 SilcBool silc_pkcs_public_key_decode(unsigned char *data, SilcUInt32 data_len,
787 SilcPublicKey *public_key);
789 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_public_key_payload_encode
793 * SilcBool silc_pkcs_public_key_payload_encode(SilcPublicKey public_key);
797 * Encodes the Public Key Payload from the public key indicated by
798 * `public_key' of type of `pk_type'. The type is SilcSKEPKType.
799 * Returns the encoded payload buffer.
802 SilcBuffer silc_pkcs_public_key_payload_encode(SilcPublicKey public_key);
804 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_public_key_payload_decode
808 * SilcBool silc_pkcs_public_key_payload_decode(unsigned char *data,
809 * SilcUInt32 data_len,
810 * SilcPublicKey *public_key);
814 * Decodes Public Key Payload from `data' of `data_len' bytes in length
815 * data buffer into `public_key' pointer. Returns FALSE if the payload
819 SilcBool silc_pkcs_public_key_payload_decode(unsigned char *data,
821 SilcPublicKey *public_key);
823 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_public_key_compare
827 * SilcBool silc_pkcs_public_key_compare(SilcPublicKey key1,
828 * SilcPublicKey key2);
832 * Compares two public keys and returns TRUE if they are same key, and
833 * FALSE if they are not same.
836 SilcBool silc_pkcs_public_key_compare(SilcPublicKey key1, SilcPublicKey key2);
838 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_public_key_copy
842 * SilcPublicKey silc_pkcs_public_key_copy(SilcPublicKey public_key);
846 * Copies the public key indicated by `public_key' and returns new allocated
847 * public key which is indentical to the `public_key'.
850 SilcPublicKey silc_pkcs_public_key_copy(SilcPublicKey public_key);
852 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_private_key_encode
857 * silc_pkcs_private_key_encode(SilcPrivateKey private_key,
862 * Encodes SILC private key from SilcPrivateKey. Returns the encoded data.
866 silc_pkcs_private_key_encode(SilcPrivateKey private_key, SilcUInt32 *len);
868 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_private_key_data_encode
873 * silc_pkcs_private_key_data_encode(unsigned char *prv, SilcUInt32 prv_len,
874 * char *pkcs, SilcUInt32 *len);
878 * Encodes SILC private key. Returns the encoded data.
882 silc_pkcs_private_key_data_encode(unsigned char *prv, SilcUInt32 prv_len,
883 char *pkcs, SilcUInt32 *len);
885 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_private_key_decode
889 * SilcBool silc_pkcs_private_key_decode(unsigned char *data,
890 * SilcUInt32 data_len,
891 * SilcPrivateKey *private_key);
895 * Decodes SILC style private key. Returns TRUE if the decoding was
896 * successful. Allocates new private key as well.
899 SilcBool silc_pkcs_private_key_decode(unsigned char *data, SilcUInt32 data_len,
900 SilcPrivateKey *private_key);
902 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_save_public_key
906 * SilcBool silc_pkcs_save_public_key(const char *filename,
907 * SilcPublicKey public_key,
908 * SilcUInt32 encoding);
912 * Saves public key into file. Returns FALSE on error.
915 SilcBool silc_pkcs_save_public_key(const char *filename, SilcPublicKey public_key,
916 SilcUInt32 encoding);
918 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_save_public_key_data
922 * SilcBool silc_pkcs_save_public_key_data(const char *filename,
923 * unsigned char *data,
924 * SilcUInt32 data_len,
925 * SilcUInt32 encoding);
929 * Saves public key into file. The public key is already encoded as
930 * data when calling this function. Returns FALSE on error.
933 SilcBool silc_pkcs_save_public_key_data(const char *filename, unsigned char *data,
934 SilcUInt32 data_len, SilcUInt32 encoding);
936 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_save_private_key
940 * SilcBool silc_pkcs_save_private_key(const char *filename,
941 * SilcPrivateKey private_key,
942 * unsigned char *passphrase,
943 * SilcUInt32 passphrase_len,
944 * SilcUInt32 encoding);
948 * Saves private key into file. The private key is encrypted into
949 * the file with the `passphrase' as a key. The encryption algorithm
950 * is AES with 256 bit key in CBC mode. Returns FALSE on error.
953 SilcBool silc_pkcs_save_private_key(const char *filename,
954 SilcPrivateKey private_key,
955 unsigned char *passphrase,
956 SilcUInt32 passphrase_len,
957 SilcUInt32 encoding);
959 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_load_public_key
963 * SilcBool silc_pkcs_load_public_key(const char *filename,
964 * SilcPublicKey *public_key,
965 * SilcUInt32 encoding);
969 * Loads public key from file and allocates new public key. Returns TRUE
970 * if loading was successful.
973 SilcBool silc_pkcs_load_public_key(const char *filename, SilcPublicKey *public_key,
974 SilcUInt32 encoding);
976 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_load_private_key
980 * SilcBool silc_pkcs_load_private_key(const char *filename,
981 * SilcPrivateKey *private_key,
982 * unsigned char *passphrase,
983 * SilcUInt32 passphrase_len,
984 * SilcUInt32 encoding);
988 * Loads private key from file and allocates new private key. Returns TRUE
989 * if loading was successful. The `passphrase' is used as decryption
990 * key of the private key file.
993 SilcBool silc_pkcs_load_private_key(const char *filename,
994 SilcPrivateKey *private_key,
995 unsigned char *passphrase,
996 SilcUInt32 passphrase_len,
997 SilcUInt32 encoding);
999 #endif /* !SILCPKCS_H */