lib/silccrypt/silcpkcs.h

   1 /*
   2
   3   silcpkcs.h
   4
   5   Author: Pekka Riikonen <priikone@silcnet.org>
   6
   7   Copyright (C) 1997 - 2007 Pekka Riikonen
   8
   9   This program is free software; you can redistribute it and/or modify
  10   it under the terms of the GNU General Public License as published by
  11   the Free Software Foundation; version 2 of the License.
  12
  13   This program is distributed in the hope that it will be useful,
  14   but WITHOUT ANY WARRANTY; without even the implied warranty of
  15   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  16   GNU General Public License for more details.
  17
  18 */
  19
  20 /****h* silccrypt/SILC PKCS Interface
  21  *
  22  * DESCRIPTION
  23  *
  24  * SILC PKCS API provides generic interface for performing various
  25  * public key cryptography related operations with different types of
  26  * public and private keys.  Support for loading and saving of different
  27  * types of public key and private keys are also provided.
  28  *
  29  ***/
  30
  31 #ifndef SILCPKCS_H
  32 #define SILCPKCS_H
  33
  34 /* Forward declarations */
  35 typedef struct SilcPKCSObjectStruct SilcPKCSObject;
  36
  37 /****d* silccrypt/SilcPKCSAPI/SilcPKCSType
  38  *
  39  * NAME
  40  *
  41  *    typedef enum { ... } SilcPKCSType;
  42  *
  43  * DESCRIPTION
  44  *
  45  *    Public key cryptosystem types.  These are defined by the SILC
  46  *    Key Exchange protocol.
  47  *
  48  * SOURCE
  49  */
  50 typedef enum {
  51   SILC_PKCS_SILC    = 1,        /* SILC PKCS */
  52   SILC_PKCS_SSH2    = 2,        /* SSH2 PKCS (not supported) */
  53   SILC_PKCS_X509V3  = 3,        /* X.509v3 PKCS (not supported) */
  54   SILC_PKCS_OPENPGP = 4,        /* OpenPGP PKCS (not supported) */
  55   SILC_PKCS_SPKI    = 5,        /* SPKI PKCS (not supported) */
  56 } SilcPKCSType;
  57 /***/
  58
  59 /****s* silccrypt/SilcPKCSAPI/SilcPublicKey
  60  *
  61  * NAME
  62  *
  63  *    typedef struct { ... } *SilcPublicKey;
  64  *
  65  * DESCRIPTION
  66  *
  67  *    This context represents any kind of PKCS public key.  It can be
  68  *    allocated by silc_pkcs_public_key_alloc and is freed by the
  69  *    silc_pkcs_public_key_free.  The PKCS specific public key context
  70  *    can be retrieved by calling silc_pkcs_get_context.
  71  *
  72  * SOURCE
  73  */
  74 typedef struct {
  75   const SilcPKCSObject *pkcs;   /* PKCS */
  76   void *public_key;             /* PKCS specific public key */
  77 } *SilcPublicKey;
  78 /***/
  79
  80 /****s* silccrypt/SilcPKCSAPI/SilcPrivateKey
  81  *
  82  * NAME
  83  *
  84  *    typedef struct { ... } *SilcPrivateKey;
  85  *
  86  * DESCRIPTION
  87  *
  88  *    This context represents any kind of PKCS private key.
  89  *
  90  * SOURCE
  91  */
  92 typedef struct {
  93   const SilcPKCSObject *pkcs;   /* PKCS */
  94   void *private_key;            /* PKCS specific private key */
  95 } *SilcPrivateKey;
  96 /***/
  97
  98 /****d* silccrypt/SilcPKCSAPI/SilcPKCSFileEncoding
  99  *
 100  * NAME
 101  *
 102  *    typedef enum { ... } SilcPKCSType
 103  *
 104  * DESCRIPTION
 105  *
 106  *    Public and private key file encoding types.
 107  *
 108  * SOURCE
 109  */
 110 typedef enum {
 111   SILC_PKCS_FILE_BIN,           /* Binary encoding */
 112   SILC_PKCS_FILE_BASE64         /* Base64 encoding */
 113 } SilcPKCSFileEncoding;
 114 /***/
 115
 116 /* The PKCS Algorithm object to represent any PKCS algorithm. */
 117 typedef struct {
 118   /* Algorithm name and scheme */
 119   char *name;
 120   char *scheme;
 121
 122   /* Supported hash functions, comma separated list */
 123   char *hash;
 124
 125   /* Generate new key pair. Returns PKCS algorithm specific public key
 126      and private key contexts. */
 127   SilcBool (*generate_key)(SilcUInt32 keylen,
 128                            SilcRng rng,
 129                            void **ret_public_key,
 130                            void **ret_private_key);
 131
 132   /* Public key routines */
 133   SilcBool (*import_public_key)(unsigned char *key,
 134                                 SilcUInt32 key_len,
 135                                 void **ret_public_key);
 136   unsigned char *(*export_public_key)(void *public_key,
 137                                       SilcUInt32 *ret_len);
 138   SilcUInt32 (*public_key_bitlen)(void *public_key);
 139   void *(*public_key_copy)(void *public_key);
 140   SilcBool (*public_key_compare)(void *key1, void *key2);
 141   void (*public_key_free)(void *public_key);
 142
 143   /* Private key routines */
 144   SilcBool (*import_private_key)(unsigned char *key,
 145                                  SilcUInt32 key_len,
 146                                  void **ret_private_key);
 147   unsigned char *(*export_private_key)(void *private_key,
 148                                        SilcUInt32 *ret_len);
 149   SilcUInt32 (*private_key_bitlen)(void *public_key);
 150   void (*private_key_free)(void *private_key);
 151
 152   /* Encrypt and decrypt operations */
 153   SilcBool (*encrypt)(void *public_key,
 154                       unsigned char *src,
 155                       SilcUInt32 src_len,
 156                       unsigned char *dst,
 157                       SilcUInt32 dst_size,
 158                       SilcUInt32 *ret_dst_len,
 159                       SilcRng rng);
 160   SilcBool (*decrypt)(void *private_key,
 161                       unsigned char *src,
 162                       SilcUInt32 src_len,
 163                       unsigned char *dst,
 164                       SilcUInt32 dst_size,
 165                       SilcUInt32 *ret_dst_len);
 166
 167   /* Signature and verification operations */
 168   SilcBool (*sign)(void *private_key,
 169                    unsigned char *src,
 170                    SilcUInt32 src_len,
 171                    unsigned char *signature,
 172                    SilcUInt32 signature_size,
 173                    SilcUInt32 *ret_signature_len,
 174                    SilcHash hash);
 175   SilcBool (*verify)(void *public_key,
 176                      unsigned char *signature,
 177                      SilcUInt32 signature_len,
 178                      unsigned char *data,
 179                      SilcUInt32 data_len,
 180                      SilcHash hash);
 181 } SilcPKCSAlgorithm;
 182
 183 /* The PKCS (Public Key Cryptosystem) object to represent any PKCS. */
 184 struct SilcPKCSObjectStruct {
 185   /* PKCS type */
 186   SilcPKCSType type;
 187
 188   /* Public key routines */
 189
 190   /* Returns PKCS algorithm context from public key */
 191   const SilcPKCSAlgorithm *(*get_algorithm)(void *public_key);
 192
 193   /* Imports from public key file */
 194   SilcBool (*import_public_key_file)(unsigned char *filedata,
 195                                      SilcUInt32 filedata_len,
 196                                      SilcPKCSFileEncoding encoding,
 197                                      void **ret_public_key);
 198
 199   /* Imports from public key binary data */
 200   SilcBool (*import_public_key)(unsigned char *key,
 201                                 SilcUInt32 key_len,
 202                                 void **ret_public_key);
 203
 204   /* Exports public key to file */
 205   unsigned char *(*export_public_key_file)(void *public_key,
 206                                            SilcPKCSFileEncoding encoding,
 207                                            SilcUInt32 *ret_len);
 208
 209   /* Export public key as binary data */
 210   unsigned char *(*export_public_key)(void *public_key,
 211                                       SilcUInt32 *ret_len);
 212
 213   /* Returns key length in bits */
 214   SilcUInt32 (*public_key_bitlen)(void *public_key);
 215
 216   /* Copy public key */
 217   void *(*public_key_copy)(void *public_key);
 218
 219   /* Compares public keys */
 220   SilcBool (*public_key_compare)(void *key1, void *key2);
 221
 222   /* Free public key */
 223   void (*public_key_free)(void *public_key);
 224
 225   /* Private key routines */
 226
 227   /* Imports from private key file */
 228   SilcBool (*import_private_key_file)(unsigned char *filedata,
 229                                       SilcUInt32 filedata_len,
 230                                       const char *passphrase,
 231                                       SilcUInt32 passphrase_len,
 232                                       SilcPKCSFileEncoding encoding,
 233                                       void **ret_private_key);
 234
 235   /* Imports from private key binary data */
 236   SilcBool (*import_private_key)(unsigned char *key,
 237                                  SilcUInt32 key_len,
 238                                  void **ret_private_key);
 239
 240   /* Exports private key to file */
 241   unsigned char *(*export_private_key_file)(void *private_key,
 242                                             const char *passphrase,
 243                                             SilcUInt32 passphrase_len,
 244                                             SilcPKCSFileEncoding encoding,
 245                                             SilcRng rng,
 246                                             SilcUInt32 *ret_len);
 247
 248   /* Export private key as binary data */
 249   unsigned char *(*export_private_key)(void *private_key,
 250                                        SilcUInt32 *ret_len);
 251
 252   /* Returns key length in bits */
 253   SilcUInt32 (*private_key_bitlen)(void *private_key);
 254
 255   /* Free private key */
 256   void (*private_key_free)(void *private_key);
 257
 258   /* Encrypt and decrypt operations */
 259   SilcBool (*encrypt)(void *public_key,
 260                       unsigned char *src,
 261                       SilcUInt32 src_len,
 262                       unsigned char *dst,
 263                       SilcUInt32 dst_size,
 264                       SilcUInt32 *ret_dst_len,
 265                       SilcRng rng);
 266   SilcBool (*decrypt)(void *private_key,
 267                       unsigned char *src,
 268                       SilcUInt32 src_len,
 269                       unsigned char *dst,
 270                       SilcUInt32 dst_size,
 271                       SilcUInt32 *ret_dst_len);
 272
 273   /* Signature and verification operations */
 274   SilcBool (*sign)(void *private_key,
 275                    unsigned char *src,
 276                    SilcUInt32 src_len,
 277                    unsigned char *signature,
 278                    SilcUInt32 signature_size,
 279                    SilcUInt32 *ret_signature_len,
 280                    SilcHash hash);
 281   SilcBool (*verify)(void *public_key,
 282                      unsigned char *signature,
 283                      SilcUInt32 signature_len,
 284                      unsigned char *data,
 285                      SilcUInt32 data_len,
 286                      SilcHash hash);
 287 };
 288
 289 /* Marks for all PKCS in silc. This can be used in silc_pkcs_unregister
 290    to unregister all PKCS at once. */
 291 #define SILC_ALL_PKCS ((SilcPKCSObject *)1)
 292 #define SILC_ALL_PKCS_ALG ((SilcPKCSAlgorithm *)1)
 293
 294 /* Static lists of PKCS and PKCS algorithms. */
 295 extern DLLAPI const SilcPKCSObject silc_default_pkcs[];
 296 extern DLLAPI const SilcPKCSAlgorithm silc_default_pkcs_alg[];
 297
 298 /* Prototypes */
 299
 300 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_register
 301  *
 302  * SYNOPSIS
 303  *
 304  *    SilcBool silc_pkcs_register(const SilcPKCSObject *pkcs);
 305  *
 306  * DESCRIPTION
 307  *
 308  *    Registers a new PKCS into the SILC.  This function is used
 309  *    at the initialization of the SILC.  All registered PKCSs
 310  *    should be unregistered with silc_pkcs_unregister.  The `pkcs' includes
 311  *    the name of the PKCS and member functions for the algorithm.  Usually
 312  *    this function is not called directly.  Instead, application can call
 313  *    the silc_pkcs_register_default to register all PKCSs that are
 314  *    builtin the sources.  Returns FALSE on error.
 315  *
 316  ***/
 317 SilcBool silc_pkcs_register(const SilcPKCSObject *pkcs);
 318
 319 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_unregister
 320  *
 321  * SYNOPSIS
 322  *
 323  *    SilcBool silc_pkcs_unregister(SilcPKCSObject *pkcs);
 324  *
 325  * DESCRIPTION
 326  *
 327  *    Unregister a PKCS from the SILC. Returns FALSE on error.
 328  *
 329  ***/
 330 SilcBool silc_pkcs_unregister(SilcPKCSObject *pkcs);
 331
 332 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_algorithm_register
 333  *
 334  * SYNOPSIS
 335  *
 336  *    SilcBool silc_pkcs_algorithm_register(const SilcPKCSAlgorithm *pkcs);
 337  *
 338  * DESCRIPTION
 339  *
 340  *    Registers a new PKCS Algorithm into the SILC.  This function is used
 341  *    at the initialization of the SILC.  All registered PKCS algorithms
 342  *    should be unregistered with silc_pkcs_unregister.
 343  *
 344  ***/
 345 SilcBool silc_pkcs_algorithm_register(const SilcPKCSAlgorithm *pkcs);
 346
 347 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_algorithm_unregister
 348  *
 349  * SYNOPSIS
 350  *
 351  *    SilcBool silc_pkcs_algorithm_unregister(SilcPKCSAlgorithm *pkcs);
 352  *
 353  * DESCRIPTION
 354  *
 355  *    Unregister a PKCS from the SILC. Returns FALSE on error.
 356  *
 357  ***/
 358 SilcBool silc_pkcs_algorithm_unregister(SilcPKCSAlgorithm *pkcs);
 359
 360 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_register_default
 361  *
 362  * SYNOPSIS
 363  *
 364  *    SilcBool silc_pkcs_register_default(void);
 365  *
 366  * DESCRIPTION
 367  *
 368  *    Registers all the default PKCS (all builtin PKCS) and PKCS algorithms.
 369  *    The application may use this to register the default PKCS if specific
 370  *    PKCS in any specific order is not wanted.  Returns FALSE on error.
 371  *
 372  ***/
 373 SilcBool silc_pkcs_register_default(void);
 374
 375 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_unregister_all
 376  *
 377  * SYNOPSIS
 378  *
 379  *    SilcBool silc_pkcs_unregister_all(void);
 380  *
 381  * DESCRIPTION
 382  *
 383  *    Unregister all PKCS and PKCS algorithms. Returns FALSE on error.
 384  *
 385  ***/
 386 SilcBool silc_pkcs_unregister_all(void);
 387
 388 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_get_supported
 389  *
 390  * SYNOPSIS
 391  *
 392  *    char *silc_pkcs_get_supported(void);
 393  *
 394  * DESCRIPTION
 395  *
 396  *    Returns comma separated list of supported PKCS algorithms.
 397  *
 398  ***/
 399 char *silc_pkcs_get_supported(void);
 400
 401 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_find_pkcs
 402  *
 403  * SYNOPSIS
 404  *
 405  *    const SilcPKCSObject *silc_pkcs_get_pkcs(SilcPKCSType type);
 406  *
 407  * DESCRIPTION
 408  *
 409  *    Finds PKCS context by the PKCS type.
 410  *
 411  ***/
 412 const SilcPKCSObject *silc_pkcs_find_pkcs(SilcPKCSType type);
 413
 414 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_find_algorithm
 415  *
 416  * SYNOPSIS
 417  *
 418  *    const SilcPKCSAlgorithm *silc_pkcs_find_algorithm(const char *algorithm,
 419  *                                                      const char *scheme);
 420  *
 421  * DESCRIPTION
 422  *
 423  *    Finds PKCS algorithm context by the algorithm name `algorithm' and
 424  *    the algorithm scheme `scheme'.  The `scheme' may be NULL.
 425  *
 426  ***/
 427 const SilcPKCSAlgorithm *silc_pkcs_find_algorithm(const char *algorithm,
 428                                                   const char *scheme);
 429
 430 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_get_pkcs
 431  *
 432  * SYNOPSIS
 433  *
 434  *    const SilcPKCSObject *silc_pkcs_get_pkcs(void *key);
 435  *
 436  * DESCRIPTION
 437  *
 438  *    Returns the PKCS object from `key', which may be SilcPublicKey or
 439  *    SilcPrivateKey pointer.
 440  *
 441  ***/
 442 const SilcPKCSObject *silc_pkcs_get_pkcs(void *key);
 443
 444 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_get_algorithm
 445  *
 446  * SYNOPSIS
 447  *
 448  *    const SilcPKCSAlgorithm *silc_pkcs_get_algorithm(void *key);
 449  *
 450  * DESCRIPTION
 451  *
 452  *    Returns the PKCS algorithm object from `key', which may be SilcPublicKey
 453  *    or SilcPrivateKey pointer.
 454  *
 455  ***/
 456 const SilcPKCSAlgorithm *silc_pkcs_get_algorithm(void *key);
 457
 458 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_get_name
 459  *
 460  * SYNOPSIS
 461  *
 462  *    const char *silc_pkcs_get_name(void *key);
 463  *
 464  * DESCRIPTION
 465  *
 466  *    Returns PKCS algorithm name from the `key', which may be SilcPublicKey
 467  *    or SilcPrivateKey pointer.
 468  *
 469  ***/
 470 const char *silc_pkcs_get_name(void *key);
 471
 472 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_get_type
 473  *
 474  * SYNOPSIS
 475  *
 476  *    SilcPKCSType silc_pkcs_get_type(void *key);
 477  *
 478  * DESCRIPTION
 479  *
 480  *    Returns PKCS type from the `key', which may be SilcPublicKey or
 481  *    SilcPrivateKey pointer.
 482  *
 483  ***/
 484 SilcPKCSType silc_pkcs_get_type(void *key);
 485
 486 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_get_context
 487  *
 488  * SYNOPSIS
 489  *
 490  *    void *silc_pkcs_get_context(SilcPKCSType type, SilcPublicKey public_key);
 491  *
 492  * DESCRIPTION
 493  *
 494  *    Returns the internal PKCS `type' specific public key context from the
 495  *    `public_key'.  The caller needs to explicitly type cast it to correct
 496  *    type.  Returns NULL on error.
 497  *
 498  *    For SILC_PKCS_SILC the returned context is SilcSILCPublicKey.
 499  *
 500  ***/
 501 void *silc_pkcs_get_context(SilcPKCSType type, SilcPublicKey public_key);
 502
 503 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_public_key_alloc
 504  *
 505  * SYNOPSIS
 506  *
 507  *    SilcBool silc_pkcs_public_key_alloc(SilcPKCSType type,
 508  *                                        unsigned char *key,
 509  *                                        SilcUInt32 key_len
 510  *                                        SilcPublicKey *ret_public_key);
 511  *
 512  * DESCRIPTION
 513  *
 514  *    Allocates SilcPublicKey of the type of `type' from the key data
 515  *    `key' of length of `key_len' bytes.  Returns FALSE if the `key'
 516  *    is malformed or unsupported public key type.  This function can be
 517  *    used to create public key from any kind of PKCS public keys that
 518  *    the implementation supports.
 519  *
 520  ***/
 521 SilcBool silc_pkcs_public_key_alloc(SilcPKCSType type,
 522                                     unsigned char *key,
 523                                     SilcUInt32 key_len,
 524                                     SilcPublicKey *ret_public_key);
 525
 526 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_public_key_free
 527  *
 528  * SYNOPSIS
 529  *
 530  *    void silc_pkcs_public_key_free(SilcPublicKey public_key);
 531  *
 532  * DESCRIPTION
 533  *
 534  *    Frees the public key.
 535  *
 536  ***/
 537 void silc_pkcs_public_key_free(SilcPublicKey public_key);
 538
 539 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_public_key_export
 540  *
 541  * SYNOPSIS
 542  *
 543  *    unsigned char *silc_pkcs_public_key_encode(SilcPublicKey public_key,
 544  *                                               SilcUInt32 *ret_len);
 545  *
 546  * DESCRIPTION
 547  *
 548  *    Encodes the `public_key' into a binary format and returns it.  Returns
 549  *    NULL on error.  Caller must free the returned buffer.
 550  *
 551  ***/
 552 unsigned char *silc_pkcs_public_key_encode(SilcPublicKey public_key,
 553                                            SilcUInt32 *ret_len);
 554
 555 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_public_key_get_len
 556  *
 557  * SYNOPSIS
 558  *
 559  *    SilcUInt32 silc_pkcs_public_key_get_len(SilcPublicKey public_key);
 560  *
 561  * DESCRIPTION
 562  *
 563  *    Returns the key length in bits from the public key.
 564  *
 565  ***/
 566 SilcUInt32 silc_pkcs_public_key_get_len(SilcPublicKey public_key);
 567
 568 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_public_key_compare
 569  *
 570  * SYNOPSIS
 571  *
 572  *    SilcBool silc_pkcs_public_key_compare(SilcPublicKey key1,
 573  *                                          SilcPublicKey key2);
 574  *
 575  * DESCRIPTION
 576  *
 577  *    Compares two public keys and returns TRUE if they are same key, and
 578  *    FALSE if they are not same.
 579  *
 580  ***/
 581 SilcBool silc_pkcs_public_key_compare(SilcPublicKey key1, SilcPublicKey key2);
 582
 583 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_public_key_copy
 584  *
 585  * SYNOPSIS
 586  *
 587  *    SilcPublicKey silc_pkcs_public_key_copy(SilcPublicKey public_key);
 588  *
 589  * DESCRIPTION
 590  *
 591  *    Copies the public key indicated by `public_key' and returns new
 592  *    allocated public key which is indentical to the `public_key'.
 593  *
 594  ***/
 595 SilcPublicKey silc_pkcs_public_key_copy(SilcPublicKey public_key);
 596
 597 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_private_key_alloc
 598  *
 599  * SYNOPSIS
 600  *
 601  *    SilcBool silc_pkcs_private_key_alloc(SilcPKCSType type,
 602  *                                         unsigned char *key,
 603  *                                         SilcUInt32 key_len,
 604  *                                         SilcPrivateKey *ret_private_key);
 605  *
 606  * DESCRIPTION
 607  *
 608  *    Allocates SilcPrivateKey of the type of `type' from the key data
 609  *    `key' of length of `key_len' bytes.  Returns FALSE if the `key'
 610  *    is malformed or unsupported private key type.
 611  *
 612  ***/
 613 SilcBool silc_pkcs_private_key_alloc(SilcPKCSType type,
 614                                      unsigned char *key,
 615                                      SilcUInt32 key_len,
 616                                      SilcPrivateKey *ret_private_key);
 617
 618 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_private_key_get_len
 619  *
 620  * SYNOPSIS
 621  *
 622  *    SilcUInt32 silc_pkcs_private_key_get_len(SilcPrivateKey private_key);
 623  *
 624  * DESCRIPTION
 625  *
 626  *    Returns the key length in bits from the private key.
 627  *
 628  ***/
 629 SilcUInt32 silc_pkcs_private_key_get_len(SilcPrivateKey private_key);
 630
 631 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_private_key_free
 632  *
 633  * SYNOPSIS
 634  *
 635  *    void silc_pkcs_private_key_free(SilcPrivateKey private_key;
 636  *
 637  * DESCRIPTION
 638  *
 639  *    Frees the private key.
 640  *
 641  ***/
 642 void silc_pkcs_private_key_free(SilcPrivateKey private_key);
 643
 644 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_encrypt
 645  *
 646  * SYNOPSIS
 647  *
 648  *    SilcBool silc_pkcs_encrypt(SilcPublicKey public_key,
 649  *                               unsigned char *src, SilcUInt32 src_len,
 650  *                               unsigned char *dst, SilcUInt32 dst_size,
 651  *                               SilcUInt32 *dst_len);
 652  *
 653  * DESCRIPTION
 654  *
 655  *    Encrypts with the public key. Returns FALSE on error.
 656  *
 657  ***/
 658 SilcBool silc_pkcs_encrypt(SilcPublicKey public_key,
 659                            unsigned char *src, SilcUInt32 src_len,
 660                            unsigned char *dst, SilcUInt32 dst_size,
 661                            SilcUInt32 *dst_len, SilcRng rng);
 662
 663 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_decrypt
 664  *
 665  * SYNOPSIS
 666  *
 667  *    SilcBool silc_pkcs_decrypt(SilcPrivateKey private_key,
 668  *                               unsigned char *src, SilcUInt32 src_len,
 669  *                               unsigned char *dst, SilcUInt32 dst_size,
 670  *                               SilcUInt32 *dst_len);
 671  *
 672  * DESCRIPTION
 673  *
 674  *    Decrypts with the private key.  Returns FALSE on error.
 675  *
 676  ***/
 677 SilcBool silc_pkcs_decrypt(SilcPrivateKey private_key,
 678                            unsigned char *src, SilcUInt32 src_len,
 679                            unsigned char *dst, SilcUInt32 dst_size,
 680                            SilcUInt32 *dst_len);
 681
 682 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_sign
 683  *
 684  * SYNOPSIS
 685  *
 686  *    SilcBool silc_pkcs_sign(SilcPrivateKey private_key,
 687  *                            unsigned char *src, SilcUInt32 src_len,
 688  *                            unsigned char *dst, SilcUInt32 dst_size,
 689  *                            SilcUInt32 *dst_len, SilcHash hash);
 690  *
 691  * DESCRIPTION
 692  *
 693  *    Generates signature with the private key.  Returns FALSE on error.
 694  *    If `hash' is non-NULL the `src' will be hashed before signing.
 695  *
 696  ***/
 697 SilcBool silc_pkcs_sign(SilcPrivateKey private_key,
 698                         unsigned char *src, SilcUInt32 src_len,
 699                         unsigned char *dst, SilcUInt32 dst_size,
 700                         SilcUInt32 *dst_len, SilcHash hash);
 701
 702 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_verify
 703  *
 704  * SYNOPSIS
 705  *
 706  *    SilcBool silc_pkcs_verify(SilcPublicKey public_key,
 707  *                              unsigned char *signature,
 708  *                              SilcUInt32 signature_len,
 709  *                              unsigned char *data,
 710  *                              SilcUInt32 data_len, SilcHash hash);
 711  *
 712  * DESCRIPTION
 713  *
 714  *    Verifies signature.  Returns FALSE on error.  The 'signature' is
 715  *    verified against the 'data'.  If the `hash' is non-NULL then the `data'
 716  *    will hashed before verification.  If the `hash' is NULL, then the
 717  *    hash algorithm to be used is retrieved from the signature.  If it
 718  *    isn't present in the signature the verification is done as is without
 719  *    hashing.
 720  *
 721  ***/
 722 SilcBool silc_pkcs_verify(SilcPublicKey public_key,
 723                           unsigned char *signature,
 724                           SilcUInt32 signature_len,
 725                           unsigned char *data,
 726                           SilcUInt32 data_len, SilcHash hash);
 727
 728 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_load_public_key
 729  *
 730  * SYNOPSIS
 731  *
 732  *    SilcBool silc_pkcs_load_public_key(const char *filename,
 733  *                                       SilcPublicKey *ret_public_key);
 734  *
 735  * DESCRIPTION
 736  *
 737  *    Loads public key from file and allocates new public key.  Returns TRUE
 738  *    if loading was successful.
 739  *
 740  ***/
 741 SilcBool silc_pkcs_load_public_key(const char *filename,
 742                                    SilcPublicKey *ret_public_key);
 743
 744 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_save_public_key
 745  *
 746  * SYNOPSIS
 747  *
 748  *    SilcBool silc_pkcs_save_public_key(const char *filename,
 749  *                                       SilcPublicKey public_key,
 750  *                                       SilcPKCSFileEncoding encoding);
 751  *
 752  * DESCRIPTION
 753  *
 754  *    Saves public key into file with specified encoding.  Returns FALSE
 755  *    on error.
 756  *
 757  ***/
 758 SilcBool silc_pkcs_save_public_key(const char *filename,
 759                                    SilcPublicKey public_key,
 760                                    SilcPKCSFileEncoding encoding);
 761
 762 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_load_private_key
 763  *
 764  * SYNOPSIS
 765  *
 766  *    SilcBool silc_pkcs_load_private_key(const char *filename,
 767  *                                        const unsigned char *passphrase,
 768  *                                        SilcUInt32 passphrase_len,
 769  *                                        SilcPrivateKey *ret_private_key);
 770  *
 771  * DESCRIPTION
 772  *
 773  *    Loads private key from file and allocates new private key.  Returns TRUE
 774  *    if loading was successful.  The `passphrase' is used as decryption
 775  *    key of the private key file, in case it is encrypted.
 776  *
 777  ***/
 778 SilcBool silc_pkcs_load_private_key(const char *filename,
 779                                     const unsigned char *passphrase,
 780                                     SilcUInt32 passphrase_len,
 781                                     SilcPrivateKey *ret_private_key);
 782
 783 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_save_private_key
 784  *
 785  * SYNOPSIS
 786  *
 787  *    SilcBool silc_pkcs_save_private_key(const char *filename,
 788  *                                        SilcPrivateKey private_key,
 789  *                                        const unsigned char *passphrase,
 790  *                                        SilcUInt32 passphrase_len,
 791  *                                        SilcPKCSFileEncoding encoding,
 792  *                                        SilcRng rng);
 793  *
 794  * DESCRIPTION
 795  *
 796  *    Saves private key into file.  The private key is encrypted into
 797  *    the file with the `passphrase' as a key, if PKCS supports encrypted
 798  *    private keys.  Returns FALSE on error.
 799  *
 800  ***/
 801 SilcBool silc_pkcs_save_private_key(const char *filename,
 802                                     SilcPrivateKey private_key,
 803                                     const unsigned char *passphrase,
 804                                     SilcUInt32 passphrase_len,
 805                                     SilcPKCSFileEncoding encoding,
 806                                     SilcRng rng);
 807
 808 #endif  /* !SILCPKCS_H */