lib/silccrypt/silcpkcs.h

   1 /*
   2
   3   silcpkcs.h
   4
   5   Author: Pekka Riikonen <priikone@silcnet.org>
   6
   7   Copyright (C) 1997 - 2006 Pekka Riikonen
   8
   9   This program is free software; you can redistribute it and/or modify
  10   it under the terms of the GNU General Public License as published by
  11   the Free Software Foundation; version 2 of the License.
  12
  13   This program is distributed in the hope that it will be useful,
  14   but WITHOUT ANY WARRANTY; without even the implied warranty of
  15   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  16   GNU General Public License for more details.
  17
  18 */
  19
  20 /****h* silccrypt/SILC PKCS Interface
  21  *
  22  * DESCRIPTION
  23  *
  24  * SILC PKCS API provides generic interface for performing various
  25  * public key cryptography related operations with different types of
  26  * public and private keys.  Support for loading and saving of different
  27  * types of public key and private keys are also provided.
  28  *
  29  ***/
  30
  31 #ifndef SILCPKCS_H
  32 #define SILCPKCS_H
  33
  34 /* Forward declarations */
  35 typedef struct SilcPKCSObjectStruct SilcPKCSObject;
  36
  37 /****d* silccrypt/SilcPKCSAPI/SilcPKCSType
  38  *
  39  * NAME
  40  *
  41  *    typedef enum { ... } SilcPKCSType;
  42  *
  43  * DESCRIPTION
  44  *
  45  *    Public key cryptosystem types.  These are defined by the SILC
  46  *    Key Exchange protocol.
  47  *
  48  * SOURCE
  49  */
  50 typedef enum {
  51   SILC_PKCS_SILC    = 1,        /* SILC PKCS */
  52   SILC_PKCS_SSH2    = 2,        /* SSH2 PKCS (not supported) */
  53   SILC_PKCS_X509V3  = 3,        /* X.509v3 PKCS (not supported) */
  54   SILC_PKCS_OPENPGP = 4,        /* OpenPGP PKCS (not supported) */
  55   SILC_PKCS_SPKI    = 5,        /* SPKI PKCS (not supported) */
  56 } SilcPKCSType;
  57 /***/
  58
  59 /****s* silccrypt/SilcPKCSAPI/SilcPublicKey
  60  *
  61  * NAME
  62  *
  63  *    typedef struct { ... } *SilcPublicKey;
  64  *
  65  * DESCRIPTION
  66  *
  67  *    This context represents any kind of PKCS public key.  It can be
  68  *    allocated by silc_pkcs_public_key_alloc and is freed by the
  69  *    silc_pkcs_public_key_free.  The PKCS specific public key context
  70  *    can be retrieved by calling silc_pkcs_get_context.
  71  *
  72  * SOURCE
  73  */
  74 typedef struct {
  75   const SilcPKCSObject *pkcs;   /* PKCS */
  76   void *public_key;             /* PKCS specific public key */
  77 } *SilcPublicKey;
  78 /***/
  79
  80 /****s* silccrypt/SilcPKCSAPI/SilcPrivateKey
  81  *
  82  * NAME
  83  *
  84  *    typedef struct { ... } *SilcPrivateKey;
  85  *
  86  * DESCRIPTION
  87  *
  88  *    This context represents any kind of PKCS private key.
  89  *
  90  * SOURCE
  91  */
  92 typedef struct {
  93   const SilcPKCSObject *pkcs;   /* PKCS */
  94   void *private_key;            /* PKCS specific private key */
  95 } *SilcPrivateKey;
  96 /***/
  97
  98 /****d* silccrypt/SilcPKCSAPI/SilcPKCSFileEncoding
  99  *
 100  * NAME
 101  *
 102  *    typedef enum { ... } SilcPKCSType
 103  *
 104  * DESCRIPTION
 105  *
 106  *    Public and private key file encoding types.
 107  *
 108  * SOURCE
 109  */
 110 typedef enum {
 111   SILC_PKCS_FILE_BIN,           /* Binary encoding */
 112   SILC_PKCS_FILE_BASE64         /* Base64 encoding */
 113 } SilcPKCSFileEncoding;
 114 /***/
 115
 116 /* The PKCS Algorithm object to represent any PKCS algorithm. */
 117 typedef struct {
 118   /* Algorithm name and scheme */
 119   char *name;
 120   char *scheme;
 121
 122   /* Supported hash functions, comma separated list */
 123   char *hash;
 124
 125   /* Generate new key pair. Returns PKCS algorithm specific public key
 126      and private key contexts. */
 127   SilcBool (*generate_key)(SilcUInt32 keylen,
 128                            SilcRng rng,
 129                            void **ret_public_key,
 130                            void **ret_private_key);
 131
 132   /* Public key routines */
 133   SilcBool (*import_public_key)(unsigned char *key,
 134                                 SilcUInt32 key_len,
 135                                 void **ret_public_key);
 136   unsigned char *(*export_public_key)(void *public_key,
 137                                       SilcUInt32 *ret_len);
 138   SilcUInt32 (*public_key_bitlen)(void *public_key);
 139   void *(*public_key_copy)(void *public_key);
 140   SilcBool (*public_key_compare)(void *key1, void *key2);
 141   void (*public_key_free)(void *public_key);
 142
 143   /* Private key routines */
 144   SilcBool (*import_private_key)(unsigned char *key,
 145                                  SilcUInt32 key_len,
 146                                  void **ret_private_key);
 147   unsigned char *(*export_private_key)(void *private_key,
 148                                        SilcUInt32 *ret_len);
 149   SilcUInt32 (*private_key_bitlen)(void *public_key);
 150   void (*private_key_free)(void *private_key);
 151
 152   /* Encrypt and decrypt operations */
 153   SilcBool (*encrypt)(void *public_key,
 154                       unsigned char *src,
 155                       SilcUInt32 src_len,
 156                       unsigned char *dst,
 157                       SilcUInt32 dst_size,
 158                       SilcUInt32 *ret_dst_len);
 159   SilcBool (*decrypt)(void *private_key,
 160                       unsigned char *src,
 161                       SilcUInt32 src_len,
 162                       unsigned char *dst,
 163                       SilcUInt32 dst_size,
 164                       SilcUInt32 *ret_dst_len);
 165
 166   /* Signature and verification operations */
 167   SilcBool (*sign)(void *private_key,
 168                    unsigned char *src,
 169                    SilcUInt32 src_len,
 170                    unsigned char *signature,
 171                    SilcUInt32 signature_size,
 172                    SilcUInt32 *ret_signature_len,
 173                    SilcHash hash);
 174   SilcBool (*verify)(void *public_key,
 175                      unsigned char *signature,
 176                      SilcUInt32 signature_len,
 177                      unsigned char *data,
 178                      SilcUInt32 data_len,
 179                      SilcHash hash);
 180 } SilcPKCSAlgorithm;
 181
 182 /* The PKCS (Public Key Cryptosystem) object to represent any PKCS. */
 183 struct SilcPKCSObjectStruct {
 184   /* PKCS type */
 185   SilcPKCSType type;
 186
 187   /* Public key routines */
 188
 189   /* Returns PKCS algorithm context from public key */
 190   const SilcPKCSAlgorithm *(*get_algorithm)(void *public_key);
 191
 192   /* Imports from public key file */
 193   SilcBool (*import_public_key_file)(unsigned char *filedata,
 194                                      SilcUInt32 filedata_len,
 195                                      SilcPKCSFileEncoding encoding,
 196                                      void **ret_public_key);
 197
 198   /* Imports from public key binary data */
 199   SilcBool (*import_public_key)(unsigned char *key,
 200                                 SilcUInt32 key_len,
 201                                 void **ret_public_key);
 202
 203   /* Exports public key to file */
 204   unsigned char *(*export_public_key_file)(void *public_key,
 205                                            SilcPKCSFileEncoding encoding,
 206                                            SilcUInt32 *ret_len);
 207
 208   /* Export public key as binary data */
 209   unsigned char *(*export_public_key)(void *public_key,
 210                                       SilcUInt32 *ret_len);
 211
 212   /* Returns key length in bits */
 213   SilcUInt32 (*public_key_bitlen)(void *public_key);
 214
 215   /* Copy public key */
 216   void *(*public_key_copy)(void *public_key);
 217
 218   /* Compares public keys */
 219   SilcBool (*public_key_compare)(void *key1, void *key2);
 220
 221   /* Free public key */
 222   void (*public_key_free)(void *public_key);
 223
 224   /* Private key routines */
 225
 226   /* Imports from private key file */
 227   SilcBool (*import_private_key_file)(unsigned char *filedata,
 228                                       SilcUInt32 filedata_len,
 229                                       const char *passphrase,
 230                                       SilcUInt32 passphrase_len,
 231                                       SilcPKCSFileEncoding encoding,
 232                                       void **ret_private_key);
 233
 234   /* Imports from private key binary data */
 235   SilcBool (*import_private_key)(unsigned char *key,
 236                                  SilcUInt32 key_len,
 237                                  void **ret_private_key);
 238
 239   /* Exports private key to file */
 240   unsigned char *(*export_private_key_file)(void *private_key,
 241                                             const char *passphrase,
 242                                             SilcUInt32 passphrase_len,
 243                                             SilcPKCSFileEncoding encoding,
 244                                             SilcRng rng,
 245                                             SilcUInt32 *ret_len);
 246
 247   /* Export private key as binary data */
 248   unsigned char *(*export_private_key)(void *private_key,
 249                                        SilcUInt32 *ret_len);
 250
 251   /* Returns key length in bits */
 252   SilcUInt32 (*private_key_bitlen)(void *private_key);
 253
 254   /* Free private key */
 255   void (*private_key_free)(void *private_key);
 256
 257   /* Encrypt and decrypt operations */
 258   SilcBool (*encrypt)(void *public_key,
 259                       unsigned char *src,
 260                       SilcUInt32 src_len,
 261                       unsigned char *dst,
 262                       SilcUInt32 dst_size,
 263                       SilcUInt32 *ret_dst_len);
 264   SilcBool (*decrypt)(void *private_key,
 265                       unsigned char *src,
 266                       SilcUInt32 src_len,
 267                       unsigned char *dst,
 268                       SilcUInt32 dst_size,
 269                       SilcUInt32 *ret_dst_len);
 270
 271   /* Signature and verification operations */
 272   SilcBool (*sign)(void *private_key,
 273                    unsigned char *src,
 274                    SilcUInt32 src_len,
 275                    unsigned char *signature,
 276                    SilcUInt32 signature_size,
 277                    SilcUInt32 *ret_signature_len,
 278                    SilcHash hash);
 279   SilcBool (*verify)(void *public_key,
 280                      unsigned char *signature,
 281                      SilcUInt32 signature_len,
 282                      unsigned char *data,
 283                      SilcUInt32 data_len,
 284                      SilcHash hash);
 285 };
 286
 287 /* Marks for all PKCS in silc. This can be used in silc_pkcs_unregister
 288    to unregister all PKCS at once. */
 289 #define SILC_ALL_PKCS ((SilcPKCSObject *)1)
 290 #define SILC_ALL_PKCS_ALG ((SilcPKCSAlgorithm *)1)
 291
 292 /* Static lists of PKCS and PKCS algorithms. */
 293 extern DLLAPI const SilcPKCSObject silc_default_pkcs[];
 294 extern DLLAPI const SilcPKCSAlgorithm silc_default_pkcs_alg[];
 295
 296 /* Prototypes */
 297
 298 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_register
 299  *
 300  * SYNOPSIS
 301  *
 302  *    SilcBool silc_pkcs_register(const SilcPKCSObject *pkcs);
 303  *
 304  * DESCRIPTION
 305  *
 306  *    Registers a new PKCS into the SILC.  This function is used
 307  *    at the initialization of the SILC.  All registered PKCSs
 308  *    should be unregistered with silc_pkcs_unregister.  The `pkcs' includes
 309  *    the name of the PKCS and member functions for the algorithm.  Usually
 310  *    this function is not called directly.  Instead, application can call
 311  *    the silc_pkcs_register_default to register all PKCSs that are
 312  *    builtin the sources.  Returns FALSE on error.
 313  *
 314  ***/
 315 SilcBool silc_pkcs_register(const SilcPKCSObject *pkcs);
 316
 317 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_unregister
 318  *
 319  * SYNOPSIS
 320  *
 321  *    SilcBool silc_pkcs_unregister(SilcPKCSObject *pkcs);
 322  *
 323  * DESCRIPTION
 324  *
 325  *    Unregister a PKCS from the SILC. Returns FALSE on error.
 326  *
 327  ***/
 328 SilcBool silc_pkcs_unregister(SilcPKCSObject *pkcs);
 329
 330 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_algorithm_register
 331  *
 332  * SYNOPSIS
 333  *
 334  *    SilcBool silc_pkcs_algorithm_register(const SilcPKCSAlgorithm *pkcs);
 335  *
 336  * DESCRIPTION
 337  *
 338  *    Registers a new PKCS Algorithm into the SILC.  This function is used
 339  *    at the initialization of the SILC.  All registered PKCS algorithms
 340  *    should be unregistered with silc_pkcs_unregister.
 341  *
 342  ***/
 343 SilcBool silc_pkcs_algorithm_register(const SilcPKCSAlgorithm *pkcs);
 344
 345 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_algorithm_unregister
 346  *
 347  * SYNOPSIS
 348  *
 349  *    SilcBool silc_pkcs_algorithm_unregister(SilcPKCSAlgorithm *pkcs);
 350  *
 351  * DESCRIPTION
 352  *
 353  *    Unregister a PKCS from the SILC. Returns FALSE on error.
 354  *
 355  ***/
 356 SilcBool silc_pkcs_algorithm_unregister(SilcPKCSAlgorithm *pkcs);
 357
 358 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_register_default
 359  *
 360  * SYNOPSIS
 361  *
 362  *    SilcBool silc_pkcs_register_default(void);
 363  *
 364  * DESCRIPTION
 365  *
 366  *    Registers all the default PKCS (all builtin PKCS) and PKCS algorithms.
 367  *    The application may use this to register the default PKCS if specific
 368  *    PKCS in any specific order is not wanted.  Returns FALSE on error.
 369  *
 370  ***/
 371 SilcBool silc_pkcs_register_default(void);
 372
 373 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_unregister_all
 374  *
 375  * SYNOPSIS
 376  *
 377  *    SilcBool silc_pkcs_unregister_all(void);
 378  *
 379  * DESCRIPTION
 380  *
 381  *    Unregister all PKCS and PKCS algorithms. Returns FALSE on error.
 382  *
 383  ***/
 384 SilcBool silc_pkcs_unregister_all(void);
 385
 386 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_get_supported
 387  *
 388  * SYNOPSIS
 389  *
 390  *    char *silc_pkcs_get_supported(void);
 391  *
 392  * DESCRIPTION
 393  *
 394  *    Returns comma separated list of supported PKCS algorithms.
 395  *
 396  ***/
 397 char *silc_pkcs_get_supported(void);
 398
 399 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_find_pkcs
 400  *
 401  * SYNOPSIS
 402  *
 403  *    const SilcPKCSObject *silc_pkcs_get_pkcs(SilcPKCSType type);
 404  *
 405  * DESCRIPTION
 406  *
 407  *    Finds PKCS context by the PKCS type.
 408  *
 409  ***/
 410 const SilcPKCSObject *silc_pkcs_find_pkcs(SilcPKCSType type);
 411
 412 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_find_algorithm
 413  *
 414  * SYNOPSIS
 415  *
 416  *    const SilcPKCSAlgorithm *silc_pkcs_find_algorithm(const char *algorithm,
 417  *                                                      const char *scheme);
 418  *
 419  * DESCRIPTION
 420  *
 421  *    Finds PKCS algorithm context by the algorithm name `algorithm' and
 422  *    the algorithm scheme `scheme'.  The `scheme' may be NULL.
 423  *
 424  ***/
 425 const SilcPKCSAlgorithm *silc_pkcs_find_algorithm(const char *algorithm,
 426                                                   const char *scheme);
 427
 428 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_get_pkcs
 429  *
 430  * SYNOPSIS
 431  *
 432  *    const SilcPKCSObject *silc_pkcs_get_pkcs(void *key);
 433  *
 434  * DESCRIPTION
 435  *
 436  *    Returns the PKCS object from `key', which may be SilcPublicKey or
 437  *    SilcPrivateKey pointer.
 438  *
 439  ***/
 440 const SilcPKCSObject *silc_pkcs_get_pkcs(void *key);
 441
 442 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_get_algorithm
 443  *
 444  * SYNOPSIS
 445  *
 446  *    const SilcPKCSAlgorithm *silc_pkcs_get_algorithm(void *key);
 447  *
 448  * DESCRIPTION
 449  *
 450  *    Returns the PKCS algorithm object from `key', which may be SilcPublicKey
 451  *    or SilcPrivateKey pointer.
 452  *
 453  ***/
 454 const SilcPKCSAlgorithm *silc_pkcs_get_algorithm(void *key);
 455
 456 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_get_name
 457  *
 458  * SYNOPSIS
 459  *
 460  *    const char *silc_pkcs_get_name(void *key);
 461  *
 462  * DESCRIPTION
 463  *
 464  *    Returns PKCS algorithm name from the `key', which may be SilcPublicKey
 465  *    or SilcPrivateKey pointer.
 466  *
 467  ***/
 468 const char *silc_pkcs_get_name(void *key);
 469
 470 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_get_type
 471  *
 472  * SYNOPSIS
 473  *
 474  *    SilcPKCSType silc_pkcs_get_type(void *key);
 475  *
 476  * DESCRIPTION
 477  *
 478  *    Returns PKCS type from the `key', which may be SilcPublicKey or
 479  *    SilcPrivateKey pointer.
 480  *
 481  ***/
 482 SilcPKCSType silc_pkcs_get_type(void *key);
 483
 484 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_get_context
 485  *
 486  * SYNOPSIS
 487  *
 488  *    void *silc_pkcs_get_context(SilcPKCSType type, SilcPublicKey public_key);
 489  *
 490  * DESCRIPTION
 491  *
 492  *    Returns the internal PKCS `type' specific public key context from the
 493  *    `public_key'.  The caller needs to explicitly type cast it to correct
 494  *    type.  Returns NULL on error.
 495  *
 496  *    For SILC_PKCS_SILC the returned context is SilcSILCPublicKey.
 497  *
 498  ***/
 499 void *silc_pkcs_get_context(SilcPKCSType type, SilcPublicKey public_key);
 500
 501 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_public_key_alloc
 502  *
 503  * SYNOPSIS
 504  *
 505  *    SilcBool silc_pkcs_public_key_alloc(SilcPKCSType type,
 506  *                                        unsigned char *key,
 507  *                                        SilcUInt32 key_len
 508  *                                        SilcPublicKey *ret_public_key);
 509  *
 510  * DESCRIPTION
 511  *
 512  *    Allocates SilcPublicKey of the type of `type' from the key data
 513  *    `key' of length of `key_len' bytes.  Returns FALSE if the `key'
 514  *    is malformed or unsupported public key type.  This function can be
 515  *    used to create public key from any kind of PKCS public keys that
 516  *    the implementation supports.
 517  *
 518  ***/
 519 SilcBool silc_pkcs_public_key_alloc(SilcPKCSType type,
 520                                     unsigned char *key,
 521                                     SilcUInt32 key_len,
 522                                     SilcPublicKey *ret_public_key);
 523
 524 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_public_key_free
 525  *
 526  * SYNOPSIS
 527  *
 528  *    void silc_pkcs_public_key_free(SilcPublicKey public_key);
 529  *
 530  * DESCRIPTION
 531  *
 532  *    Frees the public key.
 533  *
 534  ***/
 535 void silc_pkcs_public_key_free(SilcPublicKey public_key);
 536
 537 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_public_key_export
 538  *
 539  * SYNOPSIS
 540  *
 541  *    unsigned char *silc_pkcs_public_key_encode(SilcPublicKey public_key,
 542  *                                               SilcUInt32 *ret_len);
 543  *
 544  * DESCRIPTION
 545  *
 546  *    Encodes the `public_key' into a binary format and returns it.  Returns
 547  *    NULL on error.  Caller must free the returned buffer.
 548  *
 549  ***/
 550 unsigned char *silc_pkcs_public_key_encode(SilcPublicKey public_key,
 551                                            SilcUInt32 *ret_len);
 552
 553 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_public_key_get_len
 554  *
 555  * SYNOPSIS
 556  *
 557  *    SilcUInt32 silc_pkcs_public_key_get_len(SilcPublicKey public_key);
 558  *
 559  * DESCRIPTION
 560  *
 561  *    Returns the key length in bits from the public key.
 562  *
 563  ***/
 564 SilcUInt32 silc_pkcs_public_key_get_len(SilcPublicKey public_key);
 565
 566 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_public_key_compare
 567  *
 568  * SYNOPSIS
 569  *
 570  *    SilcBool silc_pkcs_public_key_compare(SilcPublicKey key1,
 571  *                                          SilcPublicKey key2);
 572  *
 573  * DESCRIPTION
 574  *
 575  *    Compares two public keys and returns TRUE if they are same key, and
 576  *    FALSE if they are not same.
 577  *
 578  ***/
 579 SilcBool silc_pkcs_public_key_compare(SilcPublicKey key1, SilcPublicKey key2);
 580
 581 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_public_key_copy
 582  *
 583  * SYNOPSIS
 584  *
 585  *    SilcPublicKey silc_pkcs_public_key_copy(SilcPublicKey public_key);
 586  *
 587  * DESCRIPTION
 588  *
 589  *    Copies the public key indicated by `public_key' and returns new
 590  *    allocated public key which is indentical to the `public_key'.
 591  *
 592  ***/
 593 SilcPublicKey silc_pkcs_public_key_copy(SilcPublicKey public_key);
 594
 595 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_private_key_alloc
 596  *
 597  * SYNOPSIS
 598  *
 599  *    SilcBool silc_pkcs_private_key_alloc(SilcPKCSType type,
 600  *                                         unsigned char *key,
 601  *                                         SilcUInt32 key_len,
 602  *                                         SilcPrivateKey *ret_private_key);
 603  *
 604  * DESCRIPTION
 605  *
 606  *    Allocates SilcPrivateKey of the type of `type' from the key data
 607  *    `key' of length of `key_len' bytes.  Returns FALSE if the `key'
 608  *    is malformed or unsupported private key type.
 609  *
 610  ***/
 611 SilcBool silc_pkcs_private_key_alloc(SilcPKCSType type,
 612                                      unsigned char *key,
 613                                      SilcUInt32 key_len,
 614                                      SilcPrivateKey *ret_private_key);
 615
 616 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_private_key_get_len
 617  *
 618  * SYNOPSIS
 619  *
 620  *    SilcUInt32 silc_pkcs_private_key_get_len(SilcPrivateKey private_key);
 621  *
 622  * DESCRIPTION
 623  *
 624  *    Returns the key length in bits from the private key.
 625  *
 626  ***/
 627 SilcUInt32 silc_pkcs_private_key_get_len(SilcPrivateKey private_key);
 628
 629 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_private_key_free
 630  *
 631  * SYNOPSIS
 632  *
 633  *    void silc_pkcs_private_key_free(SilcPrivateKey private_key;
 634  *
 635  * DESCRIPTION
 636  *
 637  *    Frees the private key.
 638  *
 639  ***/
 640 void silc_pkcs_private_key_free(SilcPrivateKey private_key);
 641
 642 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_encrypt
 643  *
 644  * SYNOPSIS
 645  *
 646  *    SilcBool silc_pkcs_encrypt(SilcPublicKey public_key,
 647  *                               unsigned char *src, SilcUInt32 src_len,
 648  *                               unsigned char *dst, SilcUInt32 dst_size,
 649  *                               SilcUInt32 *dst_len);
 650  *
 651  * DESCRIPTION
 652  *
 653  *    Encrypts with the public key. Returns FALSE on error.
 654  *
 655  ***/
 656 SilcBool silc_pkcs_encrypt(SilcPublicKey public_key,
 657                            unsigned char *src, SilcUInt32 src_len,
 658                            unsigned char *dst, SilcUInt32 dst_size,
 659                            SilcUInt32 *dst_len);
 660
 661 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_decrypt
 662  *
 663  * SYNOPSIS
 664  *
 665  *    SilcBool silc_pkcs_decrypt(SilcPrivateKey private_key,
 666  *                               unsigned char *src, SilcUInt32 src_len,
 667  *                               unsigned char *dst, SilcUInt32 dst_size,
 668  *                               SilcUInt32 *dst_len);
 669  *
 670  * DESCRIPTION
 671  *
 672  *    Decrypts with the private key.  Returns FALSE on error.
 673  *
 674  ***/
 675 SilcBool silc_pkcs_decrypt(SilcPrivateKey private_key,
 676                            unsigned char *src, SilcUInt32 src_len,
 677                            unsigned char *dst, SilcUInt32 dst_size,
 678                            SilcUInt32 *dst_len);
 679
 680 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_sign
 681  *
 682  * SYNOPSIS
 683  *
 684  *    SilcBool silc_pkcs_sign(SilcPrivateKey private_key,
 685  *                            unsigned char *src, SilcUInt32 src_len,
 686  *                            unsigned char *dst, SilcUInt32 dst_size,
 687  *                            SilcUInt32 *dst_len, SilcHash hash);
 688  *
 689  * DESCRIPTION
 690  *
 691  *    Generates signature with the private key.  Returns FALSE on error.
 692  *    If `hash' is non-NULL the `src' will be hashed before signing.
 693  *
 694  ***/
 695 SilcBool silc_pkcs_sign(SilcPrivateKey private_key,
 696                         unsigned char *src, SilcUInt32 src_len,
 697                         unsigned char *dst, SilcUInt32 dst_size,
 698                         SilcUInt32 *dst_len, SilcHash hash);
 699
 700 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_verify
 701  *
 702  * SYNOPSIS
 703  *
 704  *    SilcBool silc_pkcs_verify(SilcPublicKey public_key,
 705  *                              unsigned char *signature,
 706  *                              SilcUInt32 signature_len,
 707  *                              unsigned char *data,
 708  *                              SilcUInt32 data_len, SilcHash hash);
 709  *
 710  * DESCRIPTION
 711  *
 712  *    Verifies signature.  Returns FALSE on error.  The 'signature' is
 713  *    verified against the 'data'.  If the `hash' is non-NULL then the `data'
 714  *    will hashed before verification.  If the `hash' is NULL, then the
 715  *    hash algorithm to be used is retrieved from the signature.  If it
 716  *    isn't present in the signature the verification is done as is without
 717  *    hashing.
 718  *
 719  ***/
 720 SilcBool silc_pkcs_verify(SilcPublicKey public_key,
 721                           unsigned char *signature,
 722                           SilcUInt32 signature_len,
 723                           unsigned char *data,
 724                           SilcUInt32 data_len, SilcHash hash);
 725
 726 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_load_public_key
 727  *
 728  * SYNOPSIS
 729  *
 730  *    SilcBool silc_pkcs_load_public_key(const char *filename,
 731  *                                       SilcPublicKey *ret_public_key);
 732  *
 733  * DESCRIPTION
 734  *
 735  *    Loads public key from file and allocates new public key.  Returns TRUE
 736  *    if loading was successful.
 737  *
 738  ***/
 739 SilcBool silc_pkcs_load_public_key(const char *filename,
 740                                    SilcPublicKey *ret_public_key);
 741
 742 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_save_public_key
 743  *
 744  * SYNOPSIS
 745  *
 746  *    SilcBool silc_pkcs_save_public_key(const char *filename,
 747  *                                       SilcPublicKey public_key,
 748  *                                       SilcPKCSFileEncoding encoding);
 749  *
 750  * DESCRIPTION
 751  *
 752  *    Saves public key into file with specified encoding.  Returns FALSE
 753  *    on error.
 754  *
 755  ***/
 756 SilcBool silc_pkcs_save_public_key(const char *filename,
 757                                    SilcPublicKey public_key,
 758                                    SilcPKCSFileEncoding encoding);
 759
 760 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_load_private_key
 761  *
 762  * SYNOPSIS
 763  *
 764  *    SilcBool silc_pkcs_load_private_key(const char *filename,
 765  *                                        const unsigned char *passphrase,
 766  *                                        SilcUInt32 passphrase_len,
 767  *                                        SilcPrivateKey *ret_private_key);
 768  *
 769  * DESCRIPTION
 770  *
 771  *    Loads private key from file and allocates new private key.  Returns TRUE
 772  *    if loading was successful.  The `passphrase' is used as decryption
 773  *    key of the private key file, in case it is encrypted.
 774  *
 775  ***/
 776 SilcBool silc_pkcs_load_private_key(const char *filename,
 777                                     const unsigned char *passphrase,
 778                                     SilcUInt32 passphrase_len,
 779                                     SilcPrivateKey *ret_private_key);
 780
 781 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_save_private_key
 782  *
 783  * SYNOPSIS
 784  *
 785  *    SilcBool silc_pkcs_save_private_key(const char *filename,
 786  *                                        SilcPrivateKey private_key,
 787  *                                        const unsigned char *passphrase,
 788  *                                        SilcUInt32 passphrase_len,
 789  *                                        SilcPKCSFileEncoding encoding,
 790  *                                        SilcRng rng);
 791  *
 792  * DESCRIPTION
 793  *
 794  *    Saves private key into file.  The private key is encrypted into
 795  *    the file with the `passphrase' as a key, if PKCS supports encrypted
 796  *    private keys.  Returns FALSE on error.
 797  *
 798  ***/
 799 SilcBool silc_pkcs_save_private_key(const char *filename,
 800                                     SilcPrivateKey private_key,
 801                                     const unsigned char *passphrase,
 802                                     SilcUInt32 passphrase_len,
 803                                     SilcPKCSFileEncoding encoding,
 804                                     SilcRng rng);
 805
 806 #endif  /* !SILCPKCS_H */