lib/silccrypt/silcpkcs.h

   1 /*
   2
   3   silcpkcs.h
   4
   5   Author: Pekka Riikonen <priikone@silcnet.org>
   6
   7   Copyright (C) 1997 - 2005 Pekka Riikonen
   8
   9   This program is free software; you can redistribute it and/or modify
  10   it under the terms of the GNU General Public License as published by
  11   the Free Software Foundation; version 2 of the License.
  12
  13   This program is distributed in the hope that it will be useful,
  14   but WITHOUT ANY WARRANTY; without even the implied warranty of
  15   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  16   GNU General Public License for more details.
  17
  18 */
  19
  20 /****h* silccrypt/SILC PKCS Interface
  21  *
  22  * DESCRIPTION
  23  *
  24  * SILC PKCS API provides generic interface for performing various
  25  * public key cryptography related operations with different types of
  26  * public and private keys.  Support for loading and saving of different
  27  * types of public key and private keys are also provided.
  28  *
  29  ***/
  30
  31 #ifndef SILCPKCS_H
  32 #define SILCPKCS_H
  33
  34 /* Forward declarations */
  35 typedef struct SilcPKCSObjectStruct SilcPKCSObject;
  36
  37 /****d* silccrypt/SilcPKCSAPI/SilcPKCSType
  38  *
  39  * NAME
  40  *
  41  *    typedef enum { ... } SilcPKCSType;
  42  *
  43  * DESCRIPTION
  44  *
  45  *    Public key cryptosystem types.  These are defined by the SILC
  46  *    Key Exchange protocol.
  47  *
  48  * SOURCE
  49  */
  50 typedef enum {
  51   SILC_PKCS_SILC    = 1,        /* SILC PKCS */
  52   SILC_PKCS_SSH2    = 2,        /* SSH2 PKCS (not supported) */
  53   SILC_PKCS_X509V3  = 3,        /* X.509v3 PKCS (not supported) */
  54   SILC_PKCS_OPENPGP = 4,        /* OpenPGP PKCS (not supported) */
  55   SILC_PKCS_SPKI    = 5,        /* SPKI PKCS (not supported) */
  56 } SilcPKCSType;
  57 /***/
  58
  59 /****s* silccrypt/SilcPKCSAPI/SilcPublicKey
  60  *
  61  * NAME
  62  *
  63  *    typedef struct { ... } *SilcPublicKey;
  64  *
  65  * DESCRIPTION
  66  *
  67  *    This context represents any kind of PKCS public key.  It can be
  68  *    allocated by silc_pkcs_public_key_alloc and is freed by the
  69  *    silc_pkcs_public_key_free.  The PKCS specific public key context
  70  *    can be retrieved by calling silc_pkcs_get_context.
  71  *
  72  * SOURCE
  73  */
  74 typedef struct {
  75   const SilcPKCSObject *pkcs;   /* PKCS */
  76   void *public_key;             /* PKCS specific public key */
  77 } *SilcPublicKey;
  78 /***/
  79
  80 /****s* silccrypt/SilcPKCSAPI/SilcPrivateKey
  81  *
  82  * NAME
  83  *
  84  *    typedef struct { ... } *SilcPrivateKey;
  85  *
  86  * DESCRIPTION
  87  *
  88  *    This context represents any kind of PKCS private key.
  89  *
  90  * SOURCE
  91  */
  92 typedef struct {
  93   const SilcPKCSObject *pkcs;   /* PKCS */
  94   void *private_key;            /* PKCS specific private key */
  95 } *SilcPrivateKey;
  96 /***/
  97
  98 /****d* silccrypt/SilcPKCSAPI/SilcPKCSFileEncoding
  99  *
 100  * NAME
 101  *
 102  *    typedef enum { ... } SilcPKCSType
 103  *
 104  * DESCRIPTION
 105  *
 106  *    Public and private key file encoding types.
 107  *
 108  * SOURCE
 109  */
 110 typedef enum {
 111   SILC_PKCS_FILE_BIN,           /* Binary encoding */
 112   SILC_PKCS_FILE_BASE64         /* Base64 encoding */
 113 } SilcPKCSFileEncoding;
 114 /***/
 115
 116 /* The PKCS Algorithm object to represent any PKCS algorithm. */
 117 typedef struct {
 118   /* Algorithm name and scheme */
 119   char *name;
 120   char *scheme;
 121
 122   /* Supported hash functions, comma separated list */
 123   char *hash;
 124
 125   /* Generate new key pair. Returns PKCS algorithm specific public key
 126      and private key contexts. */
 127   SilcBool (*generate_key)(SilcUInt32 keylen,
 128                            SilcRng rng,
 129                            void **ret_public_key,
 130                            void **ret_private_key);
 131
 132   /* Public key routines */
 133   SilcBool (*import_public_key)(unsigned char *key,
 134                                 SilcUInt32 key_len,
 135                                 void **ret_public_key);
 136   unsigned char *(*export_public_key)(void *public_key,
 137                                       SilcUInt32 *ret_len);
 138   SilcUInt32 (*public_key_bitlen)(void *public_key);
 139   void *(*public_key_copy)(void *public_key);
 140   SilcBool (*public_key_compare)(void *key1, void *key2);
 141   void (*public_key_free)(void *public_key);
 142
 143   /* Private key routines */
 144   SilcBool (*import_private_key)(unsigned char *key,
 145                                  SilcUInt32 key_len,
 146                                  void **ret_private_key);
 147   unsigned char *(*export_private_key)(void *private_key,
 148                                        SilcUInt32 *ret_len);
 149   SilcUInt32 (*private_key_bitlen)(void *public_key);
 150   void (*private_key_free)(void *private_key);
 151
 152   /* Encrypt and decrypt operations */
 153   SilcBool (*encrypt)(void *public_key,
 154                       unsigned char *src,
 155                       SilcUInt32 src_len,
 156                       unsigned char *dst,
 157                       SilcUInt32 dst_size,
 158                       SilcUInt32 *ret_dst_len);
 159   SilcBool (*decrypt)(void *private_key,
 160                       unsigned char *src,
 161                       SilcUInt32 src_len,
 162                       unsigned char *dst,
 163                       SilcUInt32 dst_size,
 164                       SilcUInt32 *ret_dst_len);
 165
 166   /* Signature and verification operations */
 167   SilcBool (*sign)(void *private_key,
 168                    unsigned char *src,
 169                    SilcUInt32 src_len,
 170                    unsigned char *signature,
 171                    SilcUInt32 signature_size,
 172                    SilcUInt32 *ret_signature_len,
 173                    SilcHash hash);
 174   SilcBool (*verify)(void *public_key,
 175                      unsigned char *signature,
 176                      SilcUInt32 signature_len,
 177                      unsigned char *data,
 178                      SilcUInt32 data_len,
 179                      SilcHash hash);
 180 } SilcPKCSAlgorithm;
 181
 182 /* The PKCS (Public Key Cryptosystem) object to represent any PKCS. */
 183 struct SilcPKCSObjectStruct {
 184   /* PKCS type */
 185   SilcPKCSType type;
 186
 187   /* Public key routines */
 188
 189   /* Returns PKCS algorithm context from public key */
 190   const SilcPKCSAlgorithm *(*get_algorithm)(void *public_key);
 191
 192   /* Imports from public key file */
 193   SilcBool (*import_public_key_file)(unsigned char *filedata,
 194                                      SilcUInt32 filedata_len,
 195                                      SilcPKCSFileEncoding encoding,
 196                                      void **ret_public_key);
 197
 198   /* Imports from public key binary data */
 199   SilcBool (*import_public_key)(unsigned char *key,
 200                                 SilcUInt32 key_len,
 201                                 void **ret_public_key);
 202
 203   /* Exports public key to file */
 204   unsigned char *(*export_public_key_file)(void *public_key,
 205                                            SilcPKCSFileEncoding encoding,
 206                                            SilcUInt32 *ret_len);
 207
 208   /* Export public key as binary data */
 209   unsigned char *(*export_public_key)(void *public_key,
 210                                       SilcUInt32 *ret_len);
 211
 212   /* Returns key length in bits */
 213   SilcUInt32 (*public_key_bitlen)(void *public_key);
 214
 215   /* Copy public key */
 216   void *(*public_key_copy)(void *public_key);
 217
 218   /* Compares public keys */
 219   SilcBool (*public_key_compare)(void *key1, void *key2);
 220
 221   /* Free public key */
 222   void (*public_key_free)(void *public_key);
 223
 224   /* Private key routines */
 225
 226   /* Imports from private key file */
 227   SilcBool (*import_private_key_file)(unsigned char *filedata,
 228                                       SilcUInt32 filedata_len,
 229                                       const char *passphrase,
 230                                       SilcUInt32 passphrase_len,
 231                                       SilcPKCSFileEncoding encoding,
 232                                       void **ret_private_key);
 233
 234   /* Imports from private key binary data */
 235   SilcBool (*import_private_key)(unsigned char *key,
 236                                  SilcUInt32 key_len,
 237                                  void **ret_private_key);
 238
 239   /* Exports private key to file */
 240   unsigned char *(*export_private_key_file)(void *private_key,
 241                                             const char *passphrase,
 242                                             SilcUInt32 passphrase_len,
 243                                             SilcPKCSFileEncoding encoding,
 244                                             SilcRng rng,
 245                                             SilcUInt32 *ret_len);
 246
 247   /* Export private key as binary data */
 248   unsigned char *(*export_private_key)(void *private_key,
 249                                        SilcUInt32 *ret_len);
 250
 251   /* Returns key length in bits */
 252   SilcUInt32 (*private_key_bitlen)(void *private_key);
 253
 254   /* Free private key */
 255   void (*private_key_free)(void *private_key);
 256
 257   /* Encrypt and decrypt operations */
 258   SilcBool (*encrypt)(void *public_key,
 259                       unsigned char *src,
 260                       SilcUInt32 src_len,
 261                       unsigned char *dst,
 262                       SilcUInt32 dst_size,
 263                       SilcUInt32 *ret_dst_len);
 264   SilcBool (*decrypt)(void *private_key,
 265                       unsigned char *src,
 266                       SilcUInt32 src_len,
 267                       unsigned char *dst,
 268                       SilcUInt32 dst_size,
 269                       SilcUInt32 *ret_dst_len);
 270
 271   /* Signature and verification operations */
 272   SilcBool (*sign)(void *private_key,
 273                    unsigned char *src,
 274                    SilcUInt32 src_len,
 275                    unsigned char *signature,
 276                    SilcUInt32 signature_size,
 277                    SilcUInt32 *ret_signature_len,
 278                    SilcHash hash);
 279   SilcBool (*verify)(void *public_key,
 280                      unsigned char *signature,
 281                      SilcUInt32 signature_len,
 282                      unsigned char *data,
 283                      SilcUInt32 data_len,
 284                      SilcHash hash);
 285 };
 286
 287 /* Marks for all PKCS in silc. This can be used in silc_pkcs_unregister
 288    to unregister all PKCS at once. */
 289 #define SILC_ALL_PKCS ((SilcPKCSObject *)1)
 290 #define SILC_ALL_PKCS_ALG ((SilcPKCSAlgorithm *)1)
 291
 292 /* Static lists of PKCS and PKCS algorithms. */
 293 extern DLLAPI const SilcPKCSObject silc_default_pkcs[];
 294 extern DLLAPI const SilcPKCSAlgorithm silc_default_pkcs_alg[];
 295
 296 /* Prototypes */
 297
 298 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_register
 299  *
 300  * SYNOPSIS
 301  *
 302  *    SilcBool silc_pkcs_register(const SilcPKCSObject *pkcs);
 303  *
 304  * DESCRIPTION
 305  *
 306  *    Registers a new PKCS into the SILC.  This function is used
 307  *    at the initialization of the SILC.  All registered PKCSs
 308  *    should be unregistered with silc_pkcs_unregister.  The `pkcs' includes
 309  *    the name of the PKCS and member functions for the algorithm.  Usually
 310  *    this function is not called directly.  Instead, application can call
 311  *    the silc_pkcs_register_default to register all PKCSs that are
 312  *    builtin the sources.  Returns FALSE on error.
 313  *
 314  ***/
 315 SilcBool silc_pkcs_register(const SilcPKCSObject *pkcs);
 316
 317 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_unregister
 318  *
 319  * SYNOPSIS
 320  *
 321  *    SilcBool silc_pkcs_unregister(SilcPKCSObject *pkcs);
 322  *
 323  * DESCRIPTION
 324  *
 325  *    Unregister a PKCS from the SILC. Returns FALSE on error.
 326  *
 327  ***/
 328 SilcBool silc_pkcs_unregister(SilcPKCSObject *pkcs);
 329
 330 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_algorithm_register
 331  *
 332  * SYNOPSIS
 333  *
 334  *    SilcBool silc_pkcs_algorithm_register(const SilcPKCSAlgorithm *pkcs);
 335  *
 336  * DESCRIPTION
 337  *
 338  *    Registers a new PKCS Algorithm into the SILC.  This function is used
 339  *    at the initialization of the SILC.  All registered PKCS algorithms
 340  *    should be unregistered with silc_pkcs_unregister.
 341  *
 342  ***/
 343 SilcBool silc_pkcs_algorithm_register(const SilcPKCSAlgorithm *pkcs);
 344
 345 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_algorithm_unregister
 346  *
 347  * SYNOPSIS
 348  *
 349  *    SilcBool silc_pkcs_algorithm_unregister(SilcPKCSAlgorithm *pkcs);
 350  *
 351  * DESCRIPTION
 352  *
 353  *    Unregister a PKCS from the SILC. Returns FALSE on error.
 354  *
 355  ***/
 356 SilcBool silc_pkcs_algorithm_unregister(SilcPKCSAlgorithm *pkcs);
 357
 358 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_register_default
 359  *
 360  * SYNOPSIS
 361  *
 362  *    SilcBool silc_pkcs_register_default(void);
 363  *
 364  * DESCRIPTION
 365  *
 366  *    Registers all the default PKCS (all builtin PKCS) and PKCS algorithms.
 367  *    The application may use this to register the default PKCS if specific
 368  *    PKCS in any specific order is not wanted.  Returns FALSE on error.
 369  *
 370  ***/
 371 SilcBool silc_pkcs_register_default(void);
 372
 373 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_unregister_all
 374  *
 375  * SYNOPSIS
 376  *
 377  *    SilcBool silc_pkcs_unregister_all(void);
 378  *
 379  * DESCRIPTION
 380  *
 381  *    Unregister all PKCS and PKCS algorithms. Returns FALSE on error.
 382  *
 383  ***/
 384 SilcBool silc_pkcs_unregister_all(void);
 385
 386 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_get_supported
 387  *
 388  * SYNOPSIS
 389  *
 390  *    char *silc_pkcs_get_supported(void);
 391  *
 392  * DESCRIPTION
 393  *
 394  *    Returns comma separated list of supported PKCS algorithms.
 395  *
 396  ***/
 397 char *silc_pkcs_get_supported(void);
 398
 399 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_find_pkcs
 400  *
 401  * SYNOPSIS
 402  *
 403  *    const SilcPKCSObject *silc_pkcs_get_pkcs(SilcPKCSType type);
 404  *
 405  * DESCRIPTION
 406  *
 407  *    Finds PKCS context by the PKCS type.
 408  *
 409  ***/
 410 const SilcPKCSObject *silc_pkcs_find_pkcs(SilcPKCSType type);
 411
 412 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_find_algorithm
 413  *
 414  * SYNOPSIS
 415  *
 416  *    const SilcPKCSAlgorithm *silc_pkcs_find_algorithm(const char *algorithm,
 417  *                                                      const char *scheme);
 418  *
 419  * DESCRIPTION
 420  *
 421  *    Finds PKCS algorithm context by the algorithm name `algorithm' and
 422  *    the algorithm scheme `scheme'.  The `scheme' may be NULL.
 423  *
 424  ***/
 425 const SilcPKCSAlgorithm *silc_pkcs_find_algorithm(const char *algorithm,
 426                                                   const char *scheme);
 427
 428 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_get_pkcs
 429  *
 430  * SYNOPSIS
 431  *
 432  *    const SilcPKCSObject *silc_pkcs_get_pkcs(SilcPublicKey public_key);
 433  *
 434  * DESCRIPTION
 435  *
 436  *    Returns the PKCS object from `public_key'.
 437  *
 438  ***/
 439 const SilcPKCSObject *silc_pkcs_get_pkcs(SilcPublicKey public_key);
 440
 441 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_get_algorithm
 442  *
 443  * SYNOPSIS
 444  *
 445  *    const SilcPKCSObject *silc_pkcs_get_algorithm(SilcPublicKey public_key);
 446  *
 447  * DESCRIPTION
 448  *
 449  *    Returns the PKCS algorithm object from `public_key'.
 450  *
 451  ***/
 452 const SilcPKCSAlgorithm *silc_pkcs_get_algorithm(SilcPublicKey public_key);
 453
 454 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_get_name
 455  *
 456  * SYNOPSIS
 457  *
 458  *    const char *silc_pkcs_get_name(SilcPublicKey public_key)
 459  *
 460  * DESCRIPTION
 461  *
 462  *    Returns PKCS algorithm name from the public key.
 463  *
 464  ***/
 465 const char *silc_pkcs_get_name(SilcPublicKey public_key);
 466
 467 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_get_type
 468  *
 469  * SYNOPSIS
 470  *
 471  *    SilcPKCSType silc_pkcs_get_type(SilcPublicKey public_key);
 472  *
 473  * DESCRIPTION
 474  *
 475  *    Returns PKCS type from the public key.
 476  *
 477  ***/
 478 SilcPKCSType silc_pkcs_get_type(SilcPublicKey public_key);
 479
 480 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_get_context
 481  *
 482  * SYNOPSIS
 483  *
 484  *    void *silc_pkcs_get_context(SilcPKCSType type, SilcPublicKey public_key);
 485  *
 486  * DESCRIPTION
 487  *
 488  *    Returns the internal PKCS `type' specific public key context from the
 489  *    `public_key'.  The caller needs to explicitly type cast it to correct
 490  *    type.  Returns NULL on error.
 491  *
 492  *    For SILC_PKCS_SILC the returned context is SilcSILCPublicKey.
 493  *
 494  ***/
 495 void *silc_pkcs_get_context(SilcPKCSType type, SilcPublicKey public_key);
 496
 497 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_public_key_alloc
 498  *
 499  * SYNOPSIS
 500  *
 501  *    SilcBool silc_pkcs_public_key_alloc(SilcPKCSType type,
 502  *                                        unsigned char *key,
 503  *                                        SilcUInt32 key_len
 504  *                                        SilcPublicKey *ret_public_key);
 505  *
 506  * DESCRIPTION
 507  *
 508  *    Allocates SilcPublicKey of the type of `type' from the key data
 509  *    `key' of length of `key_len' bytes.  Returns FALSE if the `key'
 510  *    is malformed or unsupported public key type.  This function can be
 511  *    used to create public key from any kind of PKCS public keys that
 512  *    the implementation supports.
 513  *
 514  ***/
 515 SilcBool silc_pkcs_public_key_alloc(SilcPKCSType type,
 516                                     unsigned char *key,
 517                                     SilcUInt32 key_len,
 518                                     SilcPublicKey *ret_public_key);
 519
 520 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_public_key_free
 521  *
 522  * SYNOPSIS
 523  *
 524  *    void silc_pkcs_public_key_free(SilcPublicKey public_key);
 525  *
 526  * DESCRIPTION
 527  *
 528  *    Frees the public key.
 529  *
 530  ***/
 531 void silc_pkcs_public_key_free(SilcPublicKey public_key);
 532
 533 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_public_key_export
 534  *
 535  * SYNOPSIS
 536  *
 537  *    unsigned char *silc_pkcs_public_key_encode(SilcPublicKey public_key,
 538  *                                               SilcUInt32 *ret_len);
 539  *
 540  * DESCRIPTION
 541  *
 542  *    Encodes the `public_key' into a binary format and returns it.  Returns
 543  *    NULL on error.  Caller must free the returned buffer.
 544  *
 545  ***/
 546 unsigned char *silc_pkcs_public_key_encode(SilcPublicKey public_key,
 547                                            SilcUInt32 *ret_len);
 548
 549 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_public_key_get_len
 550  *
 551  * SYNOPSIS
 552  *
 553  *    SilcUInt32 silc_pkcs_public_key_get_len(SilcPublicKey public_key);
 554  *
 555  * DESCRIPTION
 556  *
 557  *    Returns the key length in bits from the public key.
 558  *
 559  ***/
 560 SilcUInt32 silc_pkcs_public_key_get_len(SilcPublicKey public_key);
 561
 562 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_public_key_compare
 563  *
 564  * SYNOPSIS
 565  *
 566  *    SilcBool silc_pkcs_public_key_compare(SilcPublicKey key1,
 567  *                                          SilcPublicKey key2);
 568  *
 569  * DESCRIPTION
 570  *
 571  *    Compares two public keys and returns TRUE if they are same key, and
 572  *    FALSE if they are not same.
 573  *
 574  ***/
 575 SilcBool silc_pkcs_public_key_compare(SilcPublicKey key1, SilcPublicKey key2);
 576
 577 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_public_key_copy
 578  *
 579  * SYNOPSIS
 580  *
 581  *    SilcPublicKey silc_pkcs_public_key_copy(SilcPublicKey public_key);
 582  *
 583  * DESCRIPTION
 584  *
 585  *    Copies the public key indicated by `public_key' and returns new
 586  *    allocated public key which is indentical to the `public_key'.
 587  *
 588  ***/
 589 SilcPublicKey silc_pkcs_public_key_copy(SilcPublicKey public_key);
 590
 591 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_private_key_alloc
 592  *
 593  * SYNOPSIS
 594  *
 595  *    SilcBool silc_pkcs_private_key_alloc(SilcPKCSType type,
 596  *                                         unsigned char *key,
 597  *                                         SilcUInt32 key_len,
 598  *                                         SilcPrivateKey *ret_private_key);
 599  *
 600  * DESCRIPTION
 601  *
 602  *    Allocates SilcPrivateKey of the type of `type' from the key data
 603  *    `key' of length of `key_len' bytes.  Returns FALSE if the `key'
 604  *    is malformed or unsupported private key type.
 605  *
 606  ***/
 607 SilcBool silc_pkcs_private_key_alloc(SilcPKCSType type,
 608                                      unsigned char *key,
 609                                      SilcUInt32 key_len,
 610                                      SilcPrivateKey *ret_private_key);
 611
 612 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_private_key_get_len
 613  *
 614  * SYNOPSIS
 615  *
 616  *    SilcUInt32 silc_pkcs_private_key_get_len(SilcPrivateKey private_key);
 617  *
 618  * DESCRIPTION
 619  *
 620  *    Returns the key length in bits from the public key.
 621  *
 622  ***/
 623 SilcUInt32 silc_pkcs_private_key_get_len(SilcPrivateKey private_key);
 624
 625 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_private_key_free
 626  *
 627  * SYNOPSIS
 628  *
 629  *    void silc_pkcs_private_key_free(SilcPrivateKey private_key;
 630  *
 631  * DESCRIPTION
 632  *
 633  *    Frees the private key.
 634  *
 635  ***/
 636 void silc_pkcs_private_key_free(SilcPrivateKey private_key);
 637
 638 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_encrypt
 639  *
 640  * SYNOPSIS
 641  *
 642  *    SilcBool silc_pkcs_encrypt(SilcPublicKey public_key,
 643  *                               unsigned char *src, SilcUInt32 src_len,
 644  *                               unsigned char *dst, SilcUInt32 dst_size,
 645  *                               SilcUInt32 *dst_len);
 646  *
 647  * DESCRIPTION
 648  *
 649  *    Encrypts with the public key. Returns FALSE on error.
 650  *
 651  ***/
 652 SilcBool silc_pkcs_encrypt(SilcPublicKey public_key,
 653                            unsigned char *src, SilcUInt32 src_len,
 654                            unsigned char *dst, SilcUInt32 dst_size,
 655                            SilcUInt32 *dst_len);
 656
 657 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_decrypt
 658  *
 659  * SYNOPSIS
 660  *
 661  *    SilcBool silc_pkcs_decrypt(SilcPrivateKey private_key,
 662  *                               unsigned char *src, SilcUInt32 src_len,
 663  *                               unsigned char *dst, SilcUInt32 dst_size,
 664  *                               SilcUInt32 *dst_len);
 665  *
 666  * DESCRIPTION
 667  *
 668  *    Decrypts with the private key.  Returns FALSE on error.
 669  *
 670  ***/
 671 SilcBool silc_pkcs_decrypt(SilcPrivateKey private_key,
 672                            unsigned char *src, SilcUInt32 src_len,
 673                            unsigned char *dst, SilcUInt32 dst_size,
 674                            SilcUInt32 *dst_len);
 675
 676 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_sign
 677  *
 678  * SYNOPSIS
 679  *
 680  *    SilcBool silc_pkcs_sign(SilcPrivateKey private_key,
 681  *                            unsigned char *src, SilcUInt32 src_len,
 682  *                            unsigned char *dst, SilcUInt32 dst_size,
 683  *                            SilcUInt32 *dst_len, SilcHash hash);
 684  *
 685  * DESCRIPTION
 686  *
 687  *    Generates signature with the private key.  Returns FALSE on error.
 688  *    If `hash' is non-NULL the `src' will be hashed before signing.
 689  *
 690  ***/
 691 SilcBool silc_pkcs_sign(SilcPrivateKey private_key,
 692                         unsigned char *src, SilcUInt32 src_len,
 693                         unsigned char *dst, SilcUInt32 dst_size,
 694                         SilcUInt32 *dst_len, SilcHash hash);
 695
 696 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_verify
 697  *
 698  * SYNOPSIS
 699  *
 700  *    SilcBool silc_pkcs_verify(SilcPublicKey public_key,
 701  *                              unsigned char *signature,
 702  *                              SilcUInt32 signature_len,
 703  *                              unsigned char *data,
 704  *                              SilcUInt32 data_len, SilcHash hash);
 705  *
 706  * DESCRIPTION
 707  *
 708  *    Verifies signature.  Returns FALSE on error.  The 'signature' is
 709  *    verified against the 'data'.  If the `hash' is non-NULL then the `data'
 710  *    will hashed before verification.  If the `hash' is NULL, then the
 711  *    hash algorithm to be used is retrieved from the signature.  If it
 712  *    isn't present in the signature the verification is done as is without
 713  *    hashing.
 714  *
 715  ***/
 716 SilcBool silc_pkcs_verify(SilcPublicKey public_key,
 717                           unsigned char *signature,
 718                           SilcUInt32 signature_len,
 719                           unsigned char *data,
 720                           SilcUInt32 data_len, SilcHash hash);
 721
 722 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_load_public_key
 723  *
 724  * SYNOPSIS
 725  *
 726  *    SilcBool silc_pkcs_load_public_key(const char *filename,
 727  *                                       SilcPublicKey *ret_public_key);
 728  *
 729  * DESCRIPTION
 730  *
 731  *    Loads public key from file and allocates new public key.  Returns TRUE
 732  *    if loading was successful.
 733  *
 734  ***/
 735 SilcBool silc_pkcs_load_public_key(const char *filename,
 736                                    SilcPublicKey *ret_public_key);
 737
 738 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_save_public_key
 739  *
 740  * SYNOPSIS
 741  *
 742  *    SilcBool silc_pkcs_save_public_key(const char *filename,
 743  *                                       SilcPublicKey public_key,
 744  *                                       SilcPKCSFileEncoding encoding);
 745  *
 746  * DESCRIPTION
 747  *
 748  *    Saves public key into file with specified encoding.  Returns FALSE
 749  *    on error.
 750  *
 751  ***/
 752 SilcBool silc_pkcs_save_public_key(const char *filename,
 753                                    SilcPublicKey public_key,
 754                                    SilcPKCSFileEncoding encoding);
 755
 756 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_load_private_key
 757  *
 758  * SYNOPSIS
 759  *
 760  *    SilcBool silc_pkcs_load_private_key(const char *filename,
 761  *                                        const unsigned char *passphrase,
 762  *                                        SilcUInt32 passphrase_len,
 763  *                                        SilcPrivateKey *ret_private_key);
 764  *
 765  * DESCRIPTION
 766  *
 767  *    Loads private key from file and allocates new private key.  Returns TRUE
 768  *    if loading was successful.  The `passphrase' is used as decryption
 769  *    key of the private key file, in case it is encrypted.
 770  *
 771  ***/
 772 SilcBool silc_pkcs_load_private_key(const char *filename,
 773                                     const unsigned char *passphrase,
 774                                     SilcUInt32 passphrase_len,
 775                                     SilcPrivateKey *ret_private_key);
 776
 777 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_save_private_key
 778  *
 779  * SYNOPSIS
 780  *
 781  *    SilcBool silc_pkcs_save_private_key(const char *filename,
 782  *                                        SilcPrivateKey private_key,
 783  *                                        const unsigned char *passphrase,
 784  *                                        SilcUInt32 passphrase_len,
 785  *                                        SilcPKCSFileEncoding encoding,
 786  *                                        SilcRng rng);
 787  *
 788  * DESCRIPTION
 789  *
 790  *    Saves private key into file.  The private key is encrypted into
 791  *    the file with the `passphrase' as a key, if PKCS supports encrypted
 792  *    private keys.  Returns FALSE on error.
 793  *
 794  ***/
 795 SilcBool silc_pkcs_save_private_key(const char *filename,
 796                                     SilcPrivateKey private_key,
 797                                     const unsigned char *passphrase,
 798                                     SilcUInt32 passphrase_len,
 799                                     SilcPKCSFileEncoding encoding,
 800                                     SilcRng rng);
 801
 802 #endif  /* !SILCPKCS_H */