5 Author: Pekka Riikonen <priikone@silcnet.org>
7 Copyright (C) 1997 - 2005 Pekka Riikonen
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; version 2 of the License.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
23 /****h* silccrypt/SILC PKCS Interface
27 * This is the interface for public key cryptosystems, and various
28 * utility functions related to public keys and private keys. This
29 * interface also defines the actual PKCS objects, public keys and
30 * private keys. The interface is generic PKCS interface, which has
31 * capability of supporting any kind of public key algorithm. This
32 * interface also implements the SILC Public Key and routines for
33 * encoding and decoding SILC Public Key (as defined by the SILC
34 * protocol specification). Interface or encrypting, decrypting,
35 * producing digital signatures and verifying digital signatures are
36 * also defined in this header.
40 /****s* silccrypt/SilcPKCSAPI/SilcPKCS
44 * typedef struct SilcPKCSStruct *SilcPKCS;
48 * This context is the actual PKCS context and is allocated
49 * by silc_pkcs_alloc and given as argument usually to all
50 * silc_pkcs_* functions. It is freed by the silc_pkcs_free
54 typedef struct SilcPKCSStruct *SilcPKCS;
56 /****d* silccrypt/SilcPKCSAPI/SilcPKCSType
60 * typedef enum { ... } SilcPKCSType
64 * Public key cryptosystem types. These are defined by the SILC
65 * Key Exchange protocol.
70 SILC_PKCS_SILC = 1, /* SILC PKCS (mandatory) */
71 SILC_PKCS_SSH2 = 2, /* SSH2 PKCS (not supported) */
72 SILC_PKCS_X509V3 = 3, /* X.509v3 PKCS (not supported) */
73 SILC_PKCS_OPENPGP = 4, /* OpenPGP PKCS (not supported) */
74 SILC_PKCS_SPKI = 5, /* SPKI PKCS (not supported) */
78 /* The default SILC PKCS (Public Key Cryptosystem) object to represent
80 typedef struct SilcPKCSObjectStruct {
83 int (*init)(void *, SilcUInt32, SilcRng);
84 void (*clear_keys)(void *);
85 unsigned char *(*get_public_key)(void *, SilcUInt32 *);
86 unsigned char *(*get_private_key)(void *, SilcUInt32 *);
87 SilcUInt32 (*set_public_key)(void *, unsigned char *, SilcUInt32);
88 SilcUInt32 (*set_private_key)(void *, unsigned char *, SilcUInt32);
89 SilcUInt32 (*context_len)();
90 int (*encrypt)(void *, unsigned char *, SilcUInt32,
91 unsigned char *, SilcUInt32 *);
92 int (*decrypt)(void *, unsigned char *, SilcUInt32,
93 unsigned char *, SilcUInt32 *);
94 int (*sign)(void *, unsigned char *, SilcUInt32,
95 unsigned char *, SilcUInt32 *);
96 int (*verify)(void *, unsigned char *, SilcUInt32,
97 unsigned char *, SilcUInt32);
100 /****s* silccrypt/SilcPKCSAPI/SilcPublicKey
104 * typedef struct { ... } *SilcPublicKey, SilcPublicKeyStruct;
108 * SILC style public key object. Public key is read from file to this
109 * object. Public keys received from network must be in this format as
110 * well. The format is defined by the SILC protocol specification.
111 * This object is allocated by silc_pkcs_public_key_alloc and freed
112 * by silc_pkcs_public_key_free. The object is given as argument to
113 * all silc_pkcs_public_key_* functions.
118 SilcUInt16 pk_type; /* Public key type (SilcSKEPKType) */
124 } *SilcPublicKey, SilcPublicKeyStruct;
127 /****s* silccrypt/SilcPKCSAPI/SilcPublicKeyIdentifier
131 * typedef struct { ... } *SilcPublicKeyIdentifier,
132 * SilcPublicKeyIdentifierStruct;
136 * Decoded SILC Public Key identifier. Note that some of the fields
137 * may be NULL. This context is allocated by the function
138 * silc_pkcs_decode_identifier and freed by silc_pkcs_free_identifier.
139 * The identifier in SilcPublicKey is the `identifier' field, which
140 * can be given as argument to silc_pkcs_decode_identifier.
151 } *SilcPublicKeyIdentifier, SilcPublicKeyIdentifierStruct;
154 /****s* silccrypt/SilcPKCSAPI/SilcPrivateKey
158 * typedef struct { ... } *SilcPrivateKey, SilcPrivateKeyStruct;
162 * SILC style private key object. Public key is read from file to this
163 * object. This object is allocated by silc_pkcs_private_key_alloc and
164 * freed by silc_pkcs_private_key_free. The object is given as argument
165 * to all silc_pkcs_private_key_* functions.
172 } *SilcPrivateKey, SilcPrivateKeyStruct;
174 /* Public and private key file headers */
175 #define SILC_PKCS_PUBLIC_KEYFILE_BEGIN "-----BEGIN SILC PUBLIC KEY-----\n"
176 #define SILC_PKCS_PUBLIC_KEYFILE_END "\n-----END SILC PUBLIC KEY-----\n"
177 #define SILC_PKCS_PRIVATE_KEYFILE_BEGIN "-----BEGIN SILC PRIVATE KEY-----\n"
178 #define SILC_PKCS_PRIVATE_KEYFILE_END "\n-----END SILC PRIVATE KEY-----\n"
180 /* Public and private key file encoding types */
181 #define SILC_PKCS_FILE_BIN 0
182 #define SILC_PKCS_FILE_PEM 1
184 /* Marks for all PKCS in silc. This can be used in silc_pkcs_unregister
185 to unregister all PKCS at once. */
186 #define SILC_ALL_PKCS ((SilcPKCSObject *)1)
188 /* Static list of PKCS for silc_pkcs_register_default(). */
189 extern DLLAPI const SilcPKCSObject silc_default_pkcs[];
191 /* Default PKXS in the SILC protocol */
192 #define SILC_DEFAULT_PKCS "rsa"
196 /* Macros used to implement the SILC PKCS API */
198 /* XXX: This needs slight redesigning. These needs to be made even
199 more generic. I don't like that the actual prime generation is done
200 in PKCS_API_INIT. The primes used in key generation should be sent
201 as argument to the init function. By doing this we would achieve
202 that PKCS could be used as SIM's. The only requirement would be
203 that they are compiled against GMP (well, actually even that would
204 not be a requirement, but the most generic case anyway). The new init
205 would look something like this:
207 #define SILC_PKCS_API_INIT(pkcs) \
208 inline int silc_##pkcs##_init(void *context, SilcUInt32 keylen, \
211 Now we wouldn't have to send the SilcRng object since the primes are
212 provided as arguments. To send them as void * they could actually be
213 used as in anyway for real (MP_INT (SilcMPInt) or even something else
214 (the pointer could be kludged to be something else in the module))
215 (Plus, the SilcRng object management in prime generation would be
216 simpler and better what it is now (in silcprimegen.c, that is)).
219 #define SILC_PKCS_API_INIT(pkcs) \
220 int silc_##pkcs##_init(void *context, SilcUInt32 keylen, \
222 #define SILC_PKCS_API_CLEAR_KEYS(pkcs) \
223 void silc_##pkcs##_clear_keys(void *context)
224 #define SILC_PKCS_API_GET_PUBLIC_KEY(pkcs) \
225 unsigned char *silc_##pkcs##_get_public_key(void *context, \
227 #define SILC_PKCS_API_GET_PRIVATE_KEY(pkcs) \
228 unsigned char *silc_##pkcs##_get_private_key(void *context, \
230 #define SILC_PKCS_API_SET_PUBLIC_KEY(pkcs) \
231 SilcUInt32 silc_##pkcs##_set_public_key(void *context, unsigned char *key_data, \
233 #define SILC_PKCS_API_SET_PRIVATE_KEY(pkcs) \
234 SilcUInt32 silc_##pkcs##_set_private_key(void *context, unsigned char *key_data, \
236 #define SILC_PKCS_API_CONTEXT_LEN(pkcs) \
237 SilcUInt32 silc_##pkcs##_context_len()
238 #define SILC_PKCS_API_ENCRYPT(pkcs) \
239 int silc_##pkcs##_encrypt(void *context, \
240 unsigned char *src, \
241 SilcUInt32 src_len, \
242 unsigned char *dst, \
244 #define SILC_PKCS_API_DECRYPT(pkcs) \
245 int silc_##pkcs##_decrypt(void *context, \
246 unsigned char *src, \
247 SilcUInt32 src_len, \
248 unsigned char *dst, \
250 #define SILC_PKCS_API_SIGN(pkcs) \
251 int silc_##pkcs##_sign(void *context, \
252 unsigned char *src, \
253 SilcUInt32 src_len, \
254 unsigned char *dst, \
256 #define SILC_PKCS_API_VERIFY(pkcs) \
257 int silc_##pkcs##_verify(void *context, \
258 unsigned char *signature, \
259 SilcUInt32 signature_len, \
260 unsigned char *data, \
265 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_register
269 * SilcBool silc_pkcs_register(const SilcPKCSObject *pkcs);
273 * Registers a new PKCS into the SILC. This function is used
274 * at the initialization of the SILC. All registered PKCSs
275 * should be unregistered with silc_pkcs_unregister. The `pkcs' includes
276 * the name of the PKCS and member functions for the algorithm. Usually
277 * this function is not called directly. Instead, application can call
278 * the silc_pkcs_register_default to register all PKCSs that are
279 * builtin the sources. Returns FALSE on error.
282 SilcBool silc_pkcs_register(const SilcPKCSObject *pkcs);
284 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_unregister
288 * SilcBool silc_pkcs_unregister(SilcPKCSObject *pkcs);
292 * Unregister a PKCS from the SILC. Returns FALSE on error.
295 SilcBool silc_pkcs_unregister(SilcPKCSObject *pkcs);
297 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_register_default
301 * SilcBool silc_pkcs_register_default(void);
305 * Registers all the default PKCS (all builtin PKCS). The application may
306 * use this to register the default PKCS if specific PKCS in any specific
307 * order is not wanted. Returns FALSE on error.
310 SilcBool silc_pkcs_register_default(void);
312 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_unregister_all
316 * SilcBool silc_pkcs_unregister_all(void);
320 * Returns FALSE on error.
323 SilcBool silc_pkcs_unregister_all(void);
325 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_alloc
329 * SilcBool silc_pkcs_alloc(const unsigned char *name,
330 * SilcPKCSType type, SilcPKCS *new_pkcs);
334 * Allocates a new SilcPKCS object. The new allocated object is returned
335 * to the 'new_pkcs' argument. Returns FALSE on error.
338 SilcBool silc_pkcs_alloc(const unsigned char *name,
339 SilcPKCSType type, SilcPKCS *new_pkcs);
341 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_free
345 * void silc_pkcs_free(SilcPKCS pkcs);
349 * Frees the PKCS object.
352 void silc_pkcs_free(SilcPKCS pkcs);
354 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_is_supported
358 * SilcBool silc_pkcs_is_supported(const unsigned char *name);
362 * Returns TRUE if PKCS algorithm `name' is supported.
365 SilcBool silc_pkcs_is_supported(const unsigned char *name);
367 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_get_supported
371 * char *silc_pkcs_get_supported(void);
375 * Returns comma separated list of supported PKCS algorithms.
378 char *silc_pkcs_get_supported(void);
380 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_generate_key
384 * SilcBool silc_pkcs_generate_key(SilcPKCS pkcs, SilcUInt32 bits_key_len,
389 * Generate new key pair into the `pkcs' context. Returns FALSE on error.
390 * If the `rng' is NULL global SILC RNG will be used.
393 SilcBool silc_pkcs_generate_key(SilcPKCS pkcs, SilcUInt32 bits_key_len,
396 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_get_key_len
400 * SilcUInt32 silc_pkcs_get_key_len(SilcPKCS self);
404 * Returns the length of the key in bits.
407 SilcUInt32 silc_pkcs_get_key_len(SilcPKCS self);
409 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_get_name
413 * const char *silc_pkcs_get_name(SilcPKCS pkcs);
420 const char *silc_pkcs_get_name(SilcPKCS pkcs);
422 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_get_public_key
426 * unsigned char *silc_pkcs_get_public_key(SilcPKCS pkcs, SilcUInt32 *len);
430 * Returns SILC style public key for the PKCS. Note that this is not
431 * the SILC Public Key, but the raw public key data from the PKCS.
432 * The caller must free the returned data.
435 unsigned char *silc_pkcs_get_public_key(SilcPKCS pkcs, SilcUInt32 *len);
437 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_get_private_key
441 * unsigned char *silc_pkcs_get_private_key(SilcPKCS pkcs,
446 * Returns SILC style private key. Note that this is not SilcPrivateKey
447 * but the raw private key bits from the PKCS. The caller must free the
448 * returned data and SHOULD zero the memory area before freeing.
451 unsigned char *silc_pkcs_get_private_key(SilcPKCS pkcs, SilcUInt32 *len);
453 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_public_key_set
457 * SilcUInt32 silc_pkcs_public_key_set(SilcPKCS pkcs,
458 * SilcPublicKey public_key);
462 * Sets public key from SilcPublicKey. Returns the length of the key in
466 SilcUInt32 silc_pkcs_public_key_set(SilcPKCS pkcs, SilcPublicKey public_key);
468 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_public_key_data_set
472 * SilcUInt32 silc_pkcs_public_key_data_set(SilcPKCS pkcs,
474 * SilcUInt32 pk_len);
478 * Sets public key from data. Returns the length of the key.
481 SilcUInt32 silc_pkcs_public_key_data_set(SilcPKCS pkcs, unsigned char *pk,
484 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_private_key_set
488 * SilcUInt32 silc_pkcs_private_key_set(SilcPKCS pkcs,
489 * SilcPrivateKey private_key);
493 * Sets private key from SilcPrivateKey. Returns the length of the key
497 SilcUInt32 silc_pkcs_private_key_set(SilcPKCS pkcs,
498 SilcPrivateKey private_key);
500 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_private_key_data_set
504 * SilcUInt32 silc_pkcs_private_key_data_set(SilcPKCS pkcs,
505 * unsigned char *prv,
506 * SilcUInt32 prv_len);
510 * Sets private key from data. Returns the length of the key.
513 SilcUInt32 silc_pkcs_private_key_data_set(SilcPKCS pkcs, unsigned char *prv,
516 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_encrypt
520 * SilcBool silc_pkcs_encrypt(SilcPKCS pkcs, unsigned char *src,
521 * SilcUInt32 src_len, unsigned char *dst,
522 * SilcUInt32 *dst_len);
526 * Encrypts. Returns FALSE on error.
529 SilcBool silc_pkcs_encrypt(SilcPKCS pkcs, unsigned char *src,
531 unsigned char *dst, SilcUInt32 *dst_len);
533 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_decrypt
537 * SilcBool silc_pkcs_decrypt(SilcPKCS pkcs, unsigned char *src,
538 * SilcUInt32 src_len, unsigned char *dst,
539 * SilcUInt32 *dst_len);
543 * Decrypts. Returns FALSE on error.
546 SilcBool silc_pkcs_decrypt(SilcPKCS pkcs, unsigned char *src,
548 unsigned char *dst, SilcUInt32 *dst_len);
550 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_sign
554 * SilcBool silc_pkcs_sign(SilcPKCS pkcs, unsigned char *src,
555 * SilcUInt32 src_len, unsigned char *dst,
556 * SilcUInt32 *dst_len);
560 * Generates signature. Returns FALSE on error.
563 SilcBool silc_pkcs_sign(SilcPKCS pkcs, unsigned char *src, SilcUInt32 src_len,
564 unsigned char *dst, SilcUInt32 *dst_len);
566 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_verify
570 * SilcBool silc_pkcs_verify(SilcPKCS pkcs, unsigned char *signature,
571 * SilcUInt32 signature_len, unsigned char *data,
572 * SilcUInt32 data_len);
576 * Verifies signature. Returns FALSE on error. The 'signature' is
577 * verified against the 'data'.
580 SilcBool silc_pkcs_verify(SilcPKCS pkcs, unsigned char *signature,
581 SilcUInt32 signature_len, unsigned char *data,
582 SilcUInt32 data_len);
584 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_sign_with_hash
588 * SilcBool silc_pkcs_sign_with_hash(SilcPKCS pkcs, SilcHash hash,
589 * unsigned char *src, SilcUInt32 src_len,
590 * unsigned char *dst, SilcUInt32 *dst_len);
594 * Generates signature with hash. The hash is signed. Returns FALSE on
598 SilcBool silc_pkcs_sign_with_hash(SilcPKCS pkcs, SilcHash hash,
599 unsigned char *src, SilcUInt32 src_len,
600 unsigned char *dst, SilcUInt32 *dst_len);
602 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_verify_with_hash
606 * SilcBool silc_pkcs_verify_with_hash(SilcPKCS pkcs, SilcHash hash,
607 * unsigned char *signature,
608 * SilcUInt32 signature_len,
609 * unsigned char *data,
610 * SilcUInt32 data_len);
614 * Verifies signature with hash. The `data' is hashed and verified against
615 * the `signature'. Returns FALSE on error.
618 SilcBool silc_pkcs_verify_with_hash(SilcPKCS pkcs, SilcHash hash,
619 unsigned char *signature,
620 SilcUInt32 signature_len,
622 SilcUInt32 data_len);
624 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_encode_identifier
628 * char *silc_pkcs_encode_identifier(char *username, char *host,
629 * char *realname, char *email,
630 * char *org, char *country);
634 * Encodes and returns SILC public key identifier. If some of the
635 * arguments is NULL those are not encoded into the identifier string.
636 * Protocol says that at least username and host must be provided.
639 char *silc_pkcs_encode_identifier(char *username, char *host, char *realname,
640 char *email, char *org, char *country);
642 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_decode_identifier
646 * SilcPublicKeyIdentifier silc_pkcs_decode_identifier(char *identifier);
650 * Decodes the provided `identifier' and returns allocated context for
654 SilcPublicKeyIdentifier silc_pkcs_decode_identifier(char *identifier);
656 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_free_identifier
660 * void silc_pkcs_free_identifier(SilcPublicKeyIdentifier identifier);
664 * Frees decoded public key identifier context. Call this to free the
665 * context returned by the silc_pkcs_decode_identifier.
668 void silc_pkcs_free_identifier(SilcPublicKeyIdentifier identifier);
670 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_public_key_alloc
674 * SilcPublicKey silc_pkcs_public_key_alloc(const char *name,
675 * const char *identifier,
676 * const unsigned char *pk,
677 * SilcUInt32 pk_len);
681 * Allocates SILC style public key formed from sent arguments. The
682 * 'name' is the algorithm (PKCS) name, the 'identifier' is the public
683 * key identifier generated with silc_pkcs_encode_identifier, and the
684 * 'pk' and 'pk_len' are the raw public key data returned for example
685 * by silc_pkcs_get_public_key.
688 SilcPublicKey silc_pkcs_public_key_alloc(const char *name,
689 const char *identifier,
690 const unsigned char *pk,
693 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_public_key_free
697 * void silc_pkcs_public_key_free(SilcPublicKey public_key);
701 * Frees public key and all data in it.
704 void silc_pkcs_public_key_free(SilcPublicKey public_key);
706 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_private_key_alloc
710 * SilcPrivateKey silc_pkcs_private_key_alloc(const char *name,
711 * const unsigned char *prv,
712 * SilcUInt32 prv_len);
716 * Allocates SILC private key formed from sent arguments. The 'name'
717 * is the algorithm name, and the 'prv' and 'prv_len' are the raw
718 * private key bits returned by silc_pkcs_get_private_key.
721 SilcPrivateKey silc_pkcs_private_key_alloc(const char *name,
722 const unsigned char *prv,
725 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_private_key_free
729 * void silc_pkcs_private_key_free(SilcPrivateKey private_key);
733 * Frees private key and all data in it. The private key is zeroed
734 * before it is freed.
737 void silc_pkcs_private_key_free(SilcPrivateKey private_key);
739 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_public_key_encode
744 * silc_pkcs_public_key_encode(SilcPublicKey public_key, SilcUInt32 *len);
748 * Encodes SILC style public key from SilcPublicKey. Returns the encoded
753 silc_pkcs_public_key_encode(SilcPublicKey public_key, SilcUInt32 *len);
755 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_public_key_data_encode
760 * silc_pkcs_public_key_data_encode(unsigned char *pk, SilcUInt32 pk_len,
761 * char *pkcs, char *identifier,
766 * Encodes SILC style public key. Returns the encoded data.
770 silc_pkcs_public_key_data_encode(unsigned char *pk, SilcUInt32 pk_len,
771 char *pkcs, char *identifier,
774 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_public_key_decode
778 * SilcBool silc_pkcs_public_key_decode(unsigned char *data,
779 * SilcUInt32 data_len,
780 * SilcPublicKey *public_key);
784 * Decodes SILC style public key. Returns TRUE if the decoding was
785 * successful. Allocates new public key as well.
788 SilcBool silc_pkcs_public_key_decode(unsigned char *data, SilcUInt32 data_len,
789 SilcPublicKey *public_key);
791 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_public_key_payload_encode
795 * SilcBool silc_pkcs_public_key_payload_encode(SilcPublicKey public_key);
799 * Encodes the Public Key Payload from the public key indicated by
800 * `public_key' of type of `pk_type'. The type is SilcSKEPKType.
801 * Returns the encoded payload buffer.
804 SilcBuffer silc_pkcs_public_key_payload_encode(SilcPublicKey public_key);
806 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_public_key_payload_decode
810 * SilcBool silc_pkcs_public_key_payload_decode(unsigned char *data,
811 * SilcUInt32 data_len,
812 * SilcPublicKey *public_key);
816 * Decodes Public Key Payload from `data' of `data_len' bytes in length
817 * data buffer into `public_key' pointer. Returns FALSE if the payload
821 SilcBool silc_pkcs_public_key_payload_decode(unsigned char *data,
823 SilcPublicKey *public_key);
825 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_public_key_compare
829 * SilcBool silc_pkcs_public_key_compare(SilcPublicKey key1,
830 * SilcPublicKey key2);
834 * Compares two public keys and returns TRUE if they are same key, and
835 * FALSE if they are not same.
838 SilcBool silc_pkcs_public_key_compare(SilcPublicKey key1, SilcPublicKey key2);
840 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_public_key_copy
844 * SilcPublicKey silc_pkcs_public_key_copy(SilcPublicKey public_key);
848 * Copies the public key indicated by `public_key' and returns new allocated
849 * public key which is indentical to the `public_key'.
852 SilcPublicKey silc_pkcs_public_key_copy(SilcPublicKey public_key);
854 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_private_key_encode
859 * silc_pkcs_private_key_encode(SilcPrivateKey private_key,
864 * Encodes SILC private key from SilcPrivateKey. Returns the encoded data.
868 silc_pkcs_private_key_encode(SilcPrivateKey private_key, SilcUInt32 *len);
870 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_private_key_data_encode
875 * silc_pkcs_private_key_data_encode(unsigned char *prv, SilcUInt32 prv_len,
876 * char *pkcs, SilcUInt32 *len);
880 * Encodes SILC private key. Returns the encoded data.
884 silc_pkcs_private_key_data_encode(unsigned char *prv, SilcUInt32 prv_len,
885 char *pkcs, SilcUInt32 *len);
887 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_private_key_decode
891 * SilcBool silc_pkcs_private_key_decode(unsigned char *data,
892 * SilcUInt32 data_len,
893 * SilcPrivateKey *private_key);
897 * Decodes SILC style private key. Returns TRUE if the decoding was
898 * successful. Allocates new private key as well.
901 SilcBool silc_pkcs_private_key_decode(unsigned char *data, SilcUInt32 data_len,
902 SilcPrivateKey *private_key);
904 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_save_public_key
908 * SilcBool silc_pkcs_save_public_key(const char *filename,
909 * SilcPublicKey public_key,
910 * SilcUInt32 encoding);
914 * Saves public key into file. Returns FALSE on error.
917 SilcBool silc_pkcs_save_public_key(const char *filename, SilcPublicKey public_key,
918 SilcUInt32 encoding);
920 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_save_public_key_data
924 * SilcBool silc_pkcs_save_public_key_data(const char *filename,
925 * unsigned char *data,
926 * SilcUInt32 data_len,
927 * SilcUInt32 encoding);
931 * Saves public key into file. The public key is already encoded as
932 * data when calling this function. Returns FALSE on error.
935 SilcBool silc_pkcs_save_public_key_data(const char *filename, unsigned char *data,
936 SilcUInt32 data_len, SilcUInt32 encoding);
938 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_save_private_key
942 * SilcBool silc_pkcs_save_private_key(const char *filename,
943 * SilcPrivateKey private_key,
944 * unsigned char *passphrase,
945 * SilcUInt32 passphrase_len,
946 * SilcUInt32 encoding);
950 * Saves private key into file. The private key is encrypted into
951 * the file with the `passphrase' as a key. The encryption algorithm
952 * is AES with 256 bit key in CBC mode. Returns FALSE on error.
955 SilcBool silc_pkcs_save_private_key(const char *filename,
956 SilcPrivateKey private_key,
957 unsigned char *passphrase,
958 SilcUInt32 passphrase_len,
959 SilcUInt32 encoding);
961 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_load_public_key
965 * SilcBool silc_pkcs_load_public_key(const char *filename,
966 * SilcPublicKey *public_key,
967 * SilcUInt32 encoding);
971 * Loads public key from file and allocates new public key. Returns TRUE
972 * if loading was successful.
975 SilcBool silc_pkcs_load_public_key(const char *filename, SilcPublicKey *public_key,
976 SilcUInt32 encoding);
978 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_load_private_key
982 * SilcBool silc_pkcs_load_private_key(const char *filename,
983 * SilcPrivateKey *private_key,
984 * unsigned char *passphrase,
985 * SilcUInt32 passphrase_len,
986 * SilcUInt32 encoding);
990 * Loads private key from file and allocates new private key. Returns TRUE
991 * if loading was successful. The `passphrase' is used as decryption
992 * key of the private key file.
995 SilcBool silc_pkcs_load_private_key(const char *filename,
996 SilcPrivateKey *private_key,
997 unsigned char *passphrase,
998 SilcUInt32 passphrase_len,
999 SilcUInt32 encoding);
1001 #endif /* !SILCPKCS_H */