lib/silccrypt/silcpkcs.h

   1 /*
   2
   3   silcpkcs.h
   4
   5   Author: Pekka Riikonen <priikone@silcnet.org>
   6
   7   Copyright (C) 1997 - 2007 Pekka Riikonen
   8
   9   This program is free software; you can redistribute it and/or modify
  10   it under the terms of the GNU General Public License as published by
  11   the Free Software Foundation; version 2 of the License.
  12
  13   This program is distributed in the hope that it will be useful,
  14   but WITHOUT ANY WARRANTY; without even the implied warranty of
  15   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  16   GNU General Public License for more details.
  17
  18 */
  19
  20 /****h* silccrypt/SILC PKCS Interface
  21  *
  22  * DESCRIPTION
  23  *
  24  * SILC PKCS API provides generic interface for performing various
  25  * public key cryptography related operations with different types of
  26  * public and private keys.  Support for loading and saving of different
  27  * types of public key and private keys are also provided.
  28  *
  29  ***/
  30
  31 #ifndef SILCPKCS_H
  32 #define SILCPKCS_H
  33
  34 /* Forward declarations */
  35 typedef struct SilcPKCSObjectStruct SilcPKCSObject;
  36
  37 /****d* silccrypt/SilcPKCSAPI/SilcPKCSType
  38  *
  39  * NAME
  40  *
  41  *    typedef enum { ... } SilcPKCSType;
  42  *
  43  * DESCRIPTION
  44  *
  45  *    Supported public key cryptosystem types.
  46  *
  47  * SOURCE
  48  */
  49 typedef enum {
  50   SILC_PKCS_SILC    = 1,        /* SILC PKCS */
  51   SILC_PKCS_SSH2    = 2,        /* SSH2 PKCS (not supported) */
  52   SILC_PKCS_X509V3  = 3,        /* X.509v3 PKCS (not supported) */
  53   SILC_PKCS_OPENPGP = 4,        /* OpenPGP PKCS (not supported) */
  54   SILC_PKCS_SPKI    = 5,        /* SPKI PKCS (not supported) */
  55 } SilcPKCSType;
  56 /***/
  57
  58 /****s* silccrypt/SilcPKCSAPI/SilcPublicKey
  59  *
  60  * NAME
  61  *
  62  *    typedef struct { ... } *SilcPublicKey;
  63  *
  64  * DESCRIPTION
  65  *
  66  *    This context represents any kind of PKCS public key.  It can be
  67  *    allocated by silc_pkcs_public_key_alloc and is freed by the
  68  *    silc_pkcs_public_key_free.  The PKCS specific public key context
  69  *    can be retrieved by calling silc_pkcs_get_context.
  70  *
  71  * SOURCE
  72  */
  73 typedef struct {
  74   const SilcPKCSObject *pkcs;   /* PKCS */
  75   void *public_key;             /* PKCS specific public key */
  76 } *SilcPublicKey;
  77 /***/
  78
  79 /****s* silccrypt/SilcPKCSAPI/SilcPrivateKey
  80  *
  81  * NAME
  82  *
  83  *    typedef struct { ... } *SilcPrivateKey;
  84  *
  85  * DESCRIPTION
  86  *
  87  *    This context represents any kind of PKCS private key.
  88  *
  89  * SOURCE
  90  */
  91 typedef struct {
  92   const SilcPKCSObject *pkcs;   /* PKCS */
  93   void *private_key;            /* PKCS specific private key */
  94 } *SilcPrivateKey;
  95 /***/
  96
  97 /****d* silccrypt/SilcPKCSAPI/SilcPKCSFileEncoding
  98  *
  99  * NAME
 100  *
 101  *    typedef enum { ... } SilcPKCSType
 102  *
 103  * DESCRIPTION
 104  *
 105  *    Public and private key file encoding types.
 106  *
 107  * SOURCE
 108  */
 109 typedef enum {
 110   SILC_PKCS_FILE_BIN,           /* Binary encoding */
 111   SILC_PKCS_FILE_BASE64         /* Base64 encoding */
 112 } SilcPKCSFileEncoding;
 113 /***/
 114
 115 /* The PKCS Algorithm object to represent any PKCS algorithm. */
 116 typedef struct {
 117   /* Algorithm name and scheme */
 118   char *name;
 119   char *scheme;
 120
 121   /* Supported hash functions, comma separated list */
 122   char *hash;
 123
 124   /* Generate new key pair. Returns PKCS algorithm specific public key
 125      and private key contexts. */
 126   SilcBool (*generate_key)(SilcUInt32 keylen,
 127                            SilcRng rng,
 128                            void **ret_public_key,
 129                            void **ret_private_key);
 130
 131   /* Public key routines. */
 132   int (*import_public_key)(unsigned char *key,
 133                            SilcUInt32 key_len,
 134                            void **ret_public_key);
 135   unsigned char *(*export_public_key)(void *public_key,
 136                                       SilcUInt32 *ret_len);
 137   SilcUInt32 (*public_key_bitlen)(void *public_key);
 138   void *(*public_key_copy)(void *public_key);
 139   SilcBool (*public_key_compare)(void *key1, void *key2);
 140   void (*public_key_free)(void *public_key);
 141
 142   /* Private key routines */
 143   int (*import_private_key)(unsigned char *key,
 144                             SilcUInt32 key_len,
 145                             void **ret_private_key);
 146   unsigned char *(*export_private_key)(void *private_key,
 147                                        SilcUInt32 *ret_len);
 148   SilcUInt32 (*private_key_bitlen)(void *public_key);
 149   void (*private_key_free)(void *private_key);
 150
 151   /* Encrypt and decrypt operations */
 152   SilcBool (*encrypt)(void *public_key,
 153                       unsigned char *src,
 154                       SilcUInt32 src_len,
 155                       unsigned char *dst,
 156                       SilcUInt32 dst_size,
 157                       SilcUInt32 *ret_dst_len,
 158                       SilcRng rng);
 159   SilcBool (*decrypt)(void *private_key,
 160                       unsigned char *src,
 161                       SilcUInt32 src_len,
 162                       unsigned char *dst,
 163                       SilcUInt32 dst_size,
 164                       SilcUInt32 *ret_dst_len);
 165
 166   /* Signature and verification operations */
 167   SilcBool (*sign)(void *private_key,
 168                    unsigned char *src,
 169                    SilcUInt32 src_len,
 170                    unsigned char *signature,
 171                    SilcUInt32 signature_size,
 172                    SilcUInt32 *ret_signature_len,
 173                    SilcHash hash);
 174   SilcBool (*verify)(void *public_key,
 175                      unsigned char *signature,
 176                      SilcUInt32 signature_len,
 177                      unsigned char *data,
 178                      SilcUInt32 data_len,
 179                      SilcHash hash);
 180 } SilcPKCSAlgorithm;
 181
 182 /* The PKCS (Public Key Cryptosystem) object to represent any PKCS. */
 183 struct SilcPKCSObjectStruct {
 184   /* PKCS type */
 185   SilcPKCSType type;
 186
 187   /* Public key routines */
 188
 189   /* Returns PKCS algorithm context from public key */
 190   const SilcPKCSAlgorithm *(*get_algorithm)(void *public_key);
 191
 192   /* Imports from public key file */
 193   SilcBool (*import_public_key_file)(unsigned char *filedata,
 194                                      SilcUInt32 filedata_len,
 195                                      SilcPKCSFileEncoding encoding,
 196                                      void **ret_public_key);
 197
 198   /* Imports from public key binary data.  Returns the amount of bytes
 199      imported from `key' or 0 on error. */
 200   int (*import_public_key)(unsigned char *key,
 201                            SilcUInt32 key_len,
 202                            void **ret_public_key);
 203
 204   /* Exports public key to file */
 205   unsigned char *(*export_public_key_file)(void *public_key,
 206                                            SilcPKCSFileEncoding encoding,
 207                                            SilcUInt32 *ret_len);
 208
 209   /* Export public key as binary data */
 210   unsigned char *(*export_public_key)(void *public_key,
 211                                       SilcUInt32 *ret_len);
 212
 213   /* Returns key length in bits */
 214   SilcUInt32 (*public_key_bitlen)(void *public_key);
 215
 216   /* Copy public key */
 217   void *(*public_key_copy)(void *public_key);
 218
 219   /* Compares public keys */
 220   SilcBool (*public_key_compare)(void *key1, void *key2);
 221
 222   /* Free public key */
 223   void (*public_key_free)(void *public_key);
 224
 225   /* Private key routines */
 226
 227   /* Imports from private key file */
 228   SilcBool (*import_private_key_file)(unsigned char *filedata,
 229                                       SilcUInt32 filedata_len,
 230                                       const char *passphrase,
 231                                       SilcUInt32 passphrase_len,
 232                                       SilcPKCSFileEncoding encoding,
 233                                       void **ret_private_key);
 234
 235   /* Imports from private key binary data.  Returns the amount of bytes
 236      imported from `key' or 0 on error. */
 237   int (*import_private_key)(unsigned char *key,
 238                             SilcUInt32 key_len,
 239                             void **ret_private_key);
 240
 241   /* Exports private key to file */
 242   unsigned char *(*export_private_key_file)(void *private_key,
 243                                             const char *passphrase,
 244                                             SilcUInt32 passphrase_len,
 245                                             SilcPKCSFileEncoding encoding,
 246                                             SilcRng rng,
 247                                             SilcUInt32 *ret_len);
 248
 249   /* Export private key as binary data */
 250   unsigned char *(*export_private_key)(void *private_key,
 251                                        SilcUInt32 *ret_len);
 252
 253   /* Returns key length in bits */
 254   SilcUInt32 (*private_key_bitlen)(void *private_key);
 255
 256   /* Free private key */
 257   void (*private_key_free)(void *private_key);
 258
 259   /* Encrypt and decrypt operations */
 260   SilcBool (*encrypt)(void *public_key,
 261                       unsigned char *src,
 262                       SilcUInt32 src_len,
 263                       unsigned char *dst,
 264                       SilcUInt32 dst_size,
 265                       SilcUInt32 *ret_dst_len,
 266                       SilcRng rng);
 267   SilcBool (*decrypt)(void *private_key,
 268                       unsigned char *src,
 269                       SilcUInt32 src_len,
 270                       unsigned char *dst,
 271                       SilcUInt32 dst_size,
 272                       SilcUInt32 *ret_dst_len);
 273
 274   /* Signature and verification operations */
 275   SilcBool (*sign)(void *private_key,
 276                    unsigned char *src,
 277                    SilcUInt32 src_len,
 278                    unsigned char *signature,
 279                    SilcUInt32 signature_size,
 280                    SilcUInt32 *ret_signature_len,
 281                    SilcHash hash);
 282   SilcBool (*verify)(void *public_key,
 283                      unsigned char *signature,
 284                      SilcUInt32 signature_len,
 285                      unsigned char *data,
 286                      SilcUInt32 data_len,
 287                      SilcHash hash);
 288 };
 289
 290 /* Marks for all PKCS in. This can be used in silc_pkcs_unregister to
 291    unregister all PKCS at once. */
 292 #define SILC_ALL_PKCS ((SilcPKCSObject *)1)
 293 #define SILC_ALL_PKCS_ALG ((SilcPKCSAlgorithm *)1)
 294
 295 /* Static lists of PKCS and PKCS algorithms. */
 296 extern DLLAPI const SilcPKCSObject silc_default_pkcs[];
 297 extern DLLAPI const SilcPKCSAlgorithm silc_default_pkcs_alg[];
 298
 299 /* Prototypes */
 300
 301 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_register
 302  *
 303  * SYNOPSIS
 304  *
 305  *    SilcBool silc_pkcs_register(const SilcPKCSObject *pkcs);
 306  *
 307  * DESCRIPTION
 308  *
 309  *    Registers a new PKCS into the SILC.  This function is used
 310  *    at the initialization of the SILC.  All registered PKCSs
 311  *    should be unregistered with silc_pkcs_unregister.  The `pkcs' includes
 312  *    the name of the PKCS and member functions for the algorithm.  Usually
 313  *    this function is not called directly.  Instead, application can call
 314  *    the silc_pkcs_register_default to register all PKCSs that are
 315  *    builtin the sources.  Returns FALSE on error.
 316  *
 317  ***/
 318 SilcBool silc_pkcs_register(const SilcPKCSObject *pkcs);
 319
 320 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_unregister
 321  *
 322  * SYNOPSIS
 323  *
 324  *    SilcBool silc_pkcs_unregister(SilcPKCSObject *pkcs);
 325  *
 326  * DESCRIPTION
 327  *
 328  *    Unregister a PKCS from the SILC. Returns FALSE on error.
 329  *
 330  ***/
 331 SilcBool silc_pkcs_unregister(SilcPKCSObject *pkcs);
 332
 333 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_algorithm_register
 334  *
 335  * SYNOPSIS
 336  *
 337  *    SilcBool silc_pkcs_algorithm_register(const SilcPKCSAlgorithm *pkcs);
 338  *
 339  * DESCRIPTION
 340  *
 341  *    Registers a new PKCS Algorithm into the SILC.  This function is used
 342  *    at the initialization of the SILC.  All registered PKCS algorithms
 343  *    should be unregistered with silc_pkcs_unregister.
 344  *
 345  ***/
 346 SilcBool silc_pkcs_algorithm_register(const SilcPKCSAlgorithm *pkcs);
 347
 348 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_algorithm_unregister
 349  *
 350  * SYNOPSIS
 351  *
 352  *    SilcBool silc_pkcs_algorithm_unregister(SilcPKCSAlgorithm *pkcs);
 353  *
 354  * DESCRIPTION
 355  *
 356  *    Unregister a PKCS from the SILC. Returns FALSE on error.
 357  *
 358  ***/
 359 SilcBool silc_pkcs_algorithm_unregister(SilcPKCSAlgorithm *pkcs);
 360
 361 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_register_default
 362  *
 363  * SYNOPSIS
 364  *
 365  *    SilcBool silc_pkcs_register_default(void);
 366  *
 367  * DESCRIPTION
 368  *
 369  *    Registers all the default PKCS (all builtin PKCS) and PKCS algorithms.
 370  *    The application may use this to register the default PKCS if specific
 371  *    PKCS in any specific order is not wanted.  Returns FALSE on error.
 372  *
 373  ***/
 374 SilcBool silc_pkcs_register_default(void);
 375
 376 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_unregister_all
 377  *
 378  * SYNOPSIS
 379  *
 380  *    SilcBool silc_pkcs_unregister_all(void);
 381  *
 382  * DESCRIPTION
 383  *
 384  *    Unregister all PKCS and PKCS algorithms. Returns FALSE on error.
 385  *
 386  ***/
 387 SilcBool silc_pkcs_unregister_all(void);
 388
 389 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_get_supported
 390  *
 391  * SYNOPSIS
 392  *
 393  *    char *silc_pkcs_get_supported(void);
 394  *
 395  * DESCRIPTION
 396  *
 397  *    Returns comma separated list of supported PKCS algorithms.
 398  *
 399  ***/
 400 char *silc_pkcs_get_supported(void);
 401
 402 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_find_pkcs
 403  *
 404  * SYNOPSIS
 405  *
 406  *    const SilcPKCSObject *silc_pkcs_get_pkcs(SilcPKCSType type);
 407  *
 408  * DESCRIPTION
 409  *
 410  *    Finds PKCS context by the PKCS type.
 411  *
 412  ***/
 413 const SilcPKCSObject *silc_pkcs_find_pkcs(SilcPKCSType type);
 414
 415 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_find_algorithm
 416  *
 417  * SYNOPSIS
 418  *
 419  *    const SilcPKCSAlgorithm *silc_pkcs_find_algorithm(const char *algorithm,
 420  *                                                      const char *scheme);
 421  *
 422  * DESCRIPTION
 423  *
 424  *    Finds PKCS algorithm context by the algorithm name `algorithm' and
 425  *    the algorithm scheme `scheme'.  The `scheme' may be NULL.
 426  *
 427  ***/
 428 const SilcPKCSAlgorithm *silc_pkcs_find_algorithm(const char *algorithm,
 429                                                   const char *scheme);
 430
 431 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_get_pkcs
 432  *
 433  * SYNOPSIS
 434  *
 435  *    const SilcPKCSObject *silc_pkcs_get_pkcs(void *key);
 436  *
 437  * DESCRIPTION
 438  *
 439  *    Returns the PKCS object from `key', which may be SilcPublicKey or
 440  *    SilcPrivateKey pointer.
 441  *
 442  ***/
 443 const SilcPKCSObject *silc_pkcs_get_pkcs(void *key);
 444
 445 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_get_algorithm
 446  *
 447  * SYNOPSIS
 448  *
 449  *    const SilcPKCSAlgorithm *silc_pkcs_get_algorithm(void *key);
 450  *
 451  * DESCRIPTION
 452  *
 453  *    Returns the PKCS algorithm object from `key', which may be SilcPublicKey
 454  *    or SilcPrivateKey pointer.
 455  *
 456  ***/
 457 const SilcPKCSAlgorithm *silc_pkcs_get_algorithm(void *key);
 458
 459 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_get_name
 460  *
 461  * SYNOPSIS
 462  *
 463  *    const char *silc_pkcs_get_name(void *key);
 464  *
 465  * DESCRIPTION
 466  *
 467  *    Returns PKCS algorithm name from the `key', which may be SilcPublicKey
 468  *    or SilcPrivateKey pointer.
 469  *
 470  ***/
 471 const char *silc_pkcs_get_name(void *key);
 472
 473 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_get_type
 474  *
 475  * SYNOPSIS
 476  *
 477  *    SilcPKCSType silc_pkcs_get_type(void *key);
 478  *
 479  * DESCRIPTION
 480  *
 481  *    Returns PKCS type from the `key', which may be SilcPublicKey or
 482  *    SilcPrivateKey pointer.
 483  *
 484  ***/
 485 SilcPKCSType silc_pkcs_get_type(void *key);
 486
 487 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_get_context
 488  *
 489  * SYNOPSIS
 490  *
 491  *    void *silc_pkcs_get_context(SilcPKCSType type, SilcPublicKey public_key);
 492  *
 493  * DESCRIPTION
 494  *
 495  *    Returns the internal PKCS `type' specific public key context from the
 496  *    `public_key'.  The caller needs to explicitly type cast it to correct
 497  *    type.  Returns NULL on error.
 498  *
 499  *    For SILC_PKCS_SILC the returned context is SilcSILCPublicKey.
 500  *
 501  ***/
 502 void *silc_pkcs_get_context(SilcPKCSType type, SilcPublicKey public_key);
 503
 504 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_public_key_alloc
 505  *
 506  * SYNOPSIS
 507  *
 508  *    SilcBool silc_pkcs_public_key_alloc(SilcPKCSType type,
 509  *                                        unsigned char *key,
 510  *                                        SilcUInt32 key_len
 511  *                                        SilcPublicKey *ret_public_key);
 512  *
 513  * DESCRIPTION
 514  *
 515  *    Allocates SilcPublicKey of the type of `type' from the key data
 516  *    `key' of length of `key_len' bytes.  Returns FALSE if the `key'
 517  *    is malformed or unsupported public key type.  This function can be
 518  *    used to create public key from any kind of PKCS public keys that
 519  *    the implementation supports.
 520  *
 521  ***/
 522 SilcBool silc_pkcs_public_key_alloc(SilcPKCSType type,
 523                                     unsigned char *key,
 524                                     SilcUInt32 key_len,
 525                                     SilcPublicKey *ret_public_key);
 526
 527 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_public_key_free
 528  *
 529  * SYNOPSIS
 530  *
 531  *    void silc_pkcs_public_key_free(SilcPublicKey public_key);
 532  *
 533  * DESCRIPTION
 534  *
 535  *    Frees the public key.
 536  *
 537  ***/
 538 void silc_pkcs_public_key_free(SilcPublicKey public_key);
 539
 540 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_public_key_export
 541  *
 542  * SYNOPSIS
 543  *
 544  *    unsigned char *silc_pkcs_public_key_encode(SilcPublicKey public_key,
 545  *                                               SilcUInt32 *ret_len);
 546  *
 547  * DESCRIPTION
 548  *
 549  *    Encodes the `public_key' into a binary format and returns it.  Returns
 550  *    NULL on error.  Caller must free the returned buffer.
 551  *
 552  ***/
 553 unsigned char *silc_pkcs_public_key_encode(SilcPublicKey public_key,
 554                                            SilcUInt32 *ret_len);
 555
 556 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_public_key_get_len
 557  *
 558  * SYNOPSIS
 559  *
 560  *    SilcUInt32 silc_pkcs_public_key_get_len(SilcPublicKey public_key);
 561  *
 562  * DESCRIPTION
 563  *
 564  *    Returns the key length in bits from the public key.
 565  *
 566  ***/
 567 SilcUInt32 silc_pkcs_public_key_get_len(SilcPublicKey public_key);
 568
 569 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_public_key_compare
 570  *
 571  * SYNOPSIS
 572  *
 573  *    SilcBool silc_pkcs_public_key_compare(SilcPublicKey key1,
 574  *                                          SilcPublicKey key2);
 575  *
 576  * DESCRIPTION
 577  *
 578  *    Compares two public keys and returns TRUE if they are same key, and
 579  *    FALSE if they are not same.
 580  *
 581  ***/
 582 SilcBool silc_pkcs_public_key_compare(SilcPublicKey key1, SilcPublicKey key2);
 583
 584 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_public_key_copy
 585  *
 586  * SYNOPSIS
 587  *
 588  *    SilcPublicKey silc_pkcs_public_key_copy(SilcPublicKey public_key);
 589  *
 590  * DESCRIPTION
 591  *
 592  *    Copies the public key indicated by `public_key' and returns new
 593  *    allocated public key which is indentical to the `public_key'.
 594  *
 595  ***/
 596 SilcPublicKey silc_pkcs_public_key_copy(SilcPublicKey public_key);
 597
 598 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_private_key_alloc
 599  *
 600  * SYNOPSIS
 601  *
 602  *    SilcBool silc_pkcs_private_key_alloc(SilcPKCSType type,
 603  *                                         unsigned char *key,
 604  *                                         SilcUInt32 key_len,
 605  *                                         SilcPrivateKey *ret_private_key);
 606  *
 607  * DESCRIPTION
 608  *
 609  *    Allocates SilcPrivateKey of the type of `type' from the key data
 610  *    `key' of length of `key_len' bytes.  Returns FALSE if the `key'
 611  *    is malformed or unsupported private key type.
 612  *
 613  ***/
 614 SilcBool silc_pkcs_private_key_alloc(SilcPKCSType type,
 615                                      unsigned char *key,
 616                                      SilcUInt32 key_len,
 617                                      SilcPrivateKey *ret_private_key);
 618
 619 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_private_key_get_len
 620  *
 621  * SYNOPSIS
 622  *
 623  *    SilcUInt32 silc_pkcs_private_key_get_len(SilcPrivateKey private_key);
 624  *
 625  * DESCRIPTION
 626  *
 627  *    Returns the key length in bits from the private key.
 628  *
 629  ***/
 630 SilcUInt32 silc_pkcs_private_key_get_len(SilcPrivateKey private_key);
 631
 632 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_private_key_free
 633  *
 634  * SYNOPSIS
 635  *
 636  *    void silc_pkcs_private_key_free(SilcPrivateKey private_key;
 637  *
 638  * DESCRIPTION
 639  *
 640  *    Frees the private key.
 641  *
 642  ***/
 643 void silc_pkcs_private_key_free(SilcPrivateKey private_key);
 644
 645 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_encrypt
 646  *
 647  * SYNOPSIS
 648  *
 649  *    SilcBool silc_pkcs_encrypt(SilcPublicKey public_key,
 650  *                               unsigned char *src, SilcUInt32 src_len,
 651  *                               unsigned char *dst, SilcUInt32 dst_size,
 652  *                               SilcUInt32 *dst_len);
 653  *
 654  * DESCRIPTION
 655  *
 656  *    Encrypts with the public key. Returns FALSE on error.
 657  *
 658  ***/
 659 SilcBool silc_pkcs_encrypt(SilcPublicKey public_key,
 660                            unsigned char *src, SilcUInt32 src_len,
 661                            unsigned char *dst, SilcUInt32 dst_size,
 662                            SilcUInt32 *dst_len, SilcRng rng);
 663
 664 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_decrypt
 665  *
 666  * SYNOPSIS
 667  *
 668  *    SilcBool silc_pkcs_decrypt(SilcPrivateKey private_key,
 669  *                               unsigned char *src, SilcUInt32 src_len,
 670  *                               unsigned char *dst, SilcUInt32 dst_size,
 671  *                               SilcUInt32 *dst_len);
 672  *
 673  * DESCRIPTION
 674  *
 675  *    Decrypts with the private key.  Returns FALSE on error.
 676  *
 677  ***/
 678 SilcBool silc_pkcs_decrypt(SilcPrivateKey private_key,
 679                            unsigned char *src, SilcUInt32 src_len,
 680                            unsigned char *dst, SilcUInt32 dst_size,
 681                            SilcUInt32 *dst_len);
 682
 683 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_sign
 684  *
 685  * SYNOPSIS
 686  *
 687  *    SilcBool silc_pkcs_sign(SilcPrivateKey private_key,
 688  *                            unsigned char *src, SilcUInt32 src_len,
 689  *                            unsigned char *dst, SilcUInt32 dst_size,
 690  *                            SilcUInt32 *dst_len, SilcHash hash);
 691  *
 692  * DESCRIPTION
 693  *
 694  *    Generates signature with the private key.  Returns FALSE on error.
 695  *    If `hash' is non-NULL the `src' will be hashed before signing.
 696  *
 697  ***/
 698 SilcBool silc_pkcs_sign(SilcPrivateKey private_key,
 699                         unsigned char *src, SilcUInt32 src_len,
 700                         unsigned char *dst, SilcUInt32 dst_size,
 701                         SilcUInt32 *dst_len, SilcHash hash);
 702
 703 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_verify
 704  *
 705  * SYNOPSIS
 706  *
 707  *    SilcBool silc_pkcs_verify(SilcPublicKey public_key,
 708  *                              unsigned char *signature,
 709  *                              SilcUInt32 signature_len,
 710  *                              unsigned char *data,
 711  *                              SilcUInt32 data_len, SilcHash hash);
 712  *
 713  * DESCRIPTION
 714  *
 715  *    Verifies signature.  Returns FALSE on error.  The 'signature' is
 716  *    verified against the 'data'.  If the `hash' is non-NULL then the `data'
 717  *    will hashed before verification.  If the `hash' is NULL, then the
 718  *    hash algorithm to be used is retrieved from the signature.  If it
 719  *    isn't present in the signature the verification is done as is without
 720  *    hashing.
 721  *
 722  ***/
 723 SilcBool silc_pkcs_verify(SilcPublicKey public_key,
 724                           unsigned char *signature,
 725                           SilcUInt32 signature_len,
 726                           unsigned char *data,
 727                           SilcUInt32 data_len, SilcHash hash);
 728
 729 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_load_public_key
 730  *
 731  * SYNOPSIS
 732  *
 733  *    SilcBool silc_pkcs_load_public_key(const char *filename,
 734  *                                       SilcPublicKey *ret_public_key);
 735  *
 736  * DESCRIPTION
 737  *
 738  *    Loads public key from file and allocates new public key.  Returns TRUE
 739  *    if loading was successful.
 740  *
 741  ***/
 742 SilcBool silc_pkcs_load_public_key(const char *filename,
 743                                    SilcPublicKey *ret_public_key);
 744
 745 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_save_public_key
 746  *
 747  * SYNOPSIS
 748  *
 749  *    SilcBool silc_pkcs_save_public_key(const char *filename,
 750  *                                       SilcPublicKey public_key,
 751  *                                       SilcPKCSFileEncoding encoding);
 752  *
 753  * DESCRIPTION
 754  *
 755  *    Saves public key into file with specified encoding.  Returns FALSE
 756  *    on error.
 757  *
 758  ***/
 759 SilcBool silc_pkcs_save_public_key(const char *filename,
 760                                    SilcPublicKey public_key,
 761                                    SilcPKCSFileEncoding encoding);
 762
 763 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_load_private_key
 764  *
 765  * SYNOPSIS
 766  *
 767  *    SilcBool silc_pkcs_load_private_key(const char *filename,
 768  *                                        const unsigned char *passphrase,
 769  *                                        SilcUInt32 passphrase_len,
 770  *                                        SilcPrivateKey *ret_private_key);
 771  *
 772  * DESCRIPTION
 773  *
 774  *    Loads private key from file and allocates new private key.  Returns TRUE
 775  *    if loading was successful.  The `passphrase' is used as decryption
 776  *    key of the private key file, in case it is encrypted.
 777  *
 778  ***/
 779 SilcBool silc_pkcs_load_private_key(const char *filename,
 780                                     const unsigned char *passphrase,
 781                                     SilcUInt32 passphrase_len,
 782                                     SilcPrivateKey *ret_private_key);
 783
 784 /****f* silccrypt/SilcPKCSAPI/silc_pkcs_save_private_key
 785  *
 786  * SYNOPSIS
 787  *
 788  *    SilcBool silc_pkcs_save_private_key(const char *filename,
 789  *                                        SilcPrivateKey private_key,
 790  *                                        const unsigned char *passphrase,
 791  *                                        SilcUInt32 passphrase_len,
 792  *                                        SilcPKCSFileEncoding encoding,
 793  *                                        SilcRng rng);
 794  *
 795  * DESCRIPTION
 796  *
 797  *    Saves private key into file.  The private key is encrypted into
 798  *    the file with the `passphrase' as a key, if PKCS supports encrypted
 799  *    private keys.  Returns FALSE on error.
 800  *
 801  ***/
 802 SilcBool silc_pkcs_save_private_key(const char *filename,
 803                                     SilcPrivateKey private_key,
 804                                     const unsigned char *passphrase,
 805                                     SilcUInt32 passphrase_len,
 806                                     SilcPKCSFileEncoding encoding,
 807                                     SilcRng rng);
 808
 809 #endif  /* !SILCPKCS_H */