/*
- silcpkcs.h
+ silcpkcs.h
Author: Pekka Riikonen <priikone@silcnet.org>
- Copyright (C) 1997 - 2002 Pekka Riikonen
+ Copyright (C) 1997 - 2005 Pekka Riikonen
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
***/
typedef struct SilcPKCSStruct *SilcPKCS;
+/****d* silccrypt/SilcPKCSAPI/SilcPKCSType
+ *
+ * NAME
+ *
+ * typedef enum { ... } SilcPKCSType
+ *
+ * DESCRIPTION
+ *
+ * Public key cryptosystem types. These are defined by the SILC
+ * Key Exchange protocol.
+ *
+ * SOURCE
+ */
+typedef enum {
+ SILC_PKCS_SILC = 1, /* SILC PKCS (mandatory) */
+ SILC_PKCS_SSH2 = 2, /* SSH2 PKCS (not supported) */
+ SILC_PKCS_X509V3 = 3, /* X.509v3 PKCS (not supported) */
+ SILC_PKCS_OPENPGP = 4, /* OpenPGP PKCS (not supported) */
+ SILC_PKCS_SPKI = 5, /* SPKI PKCS (not supported) */
+} SilcPKCSType;
+/***/
+
/* The default SILC PKCS (Public Key Cryptosystem) object to represent
any PKCS in SILC. */
typedef struct SilcPKCSObjectStruct {
char *name;
+ SilcPKCSType type;
int (*init)(void *, SilcUInt32, SilcRng);
void (*clear_keys)(void *);
unsigned char *(*get_public_key)(void *, SilcUInt32 *);
*
* SYNOPSIS
*
- * bool silc_pkcs_register(const SilcPKCSObject *pkcs);
+ * SilcBool silc_pkcs_register(const SilcPKCSObject *pkcs);
*
* DESCRIPTION
*
* builtin the sources. Returns FALSE on error.
*
***/
-bool silc_pkcs_register(const SilcPKCSObject *pkcs);
+SilcBool silc_pkcs_register(const SilcPKCSObject *pkcs);
/****f* silccrypt/SilcPKCSAPI/silc_pkcs_unregister
*
* SYNOPSIS
*
- * bool silc_pkcs_unregister(SilcPKCSObject *pkcs);
+ * SilcBool silc_pkcs_unregister(SilcPKCSObject *pkcs);
*
* DESCRIPTION
*
* Unregister a PKCS from the SILC. Returns FALSE on error.
*
***/
-bool silc_pkcs_unregister(SilcPKCSObject *pkcs);
+SilcBool silc_pkcs_unregister(SilcPKCSObject *pkcs);
/****f* silccrypt/SilcPKCSAPI/silc_pkcs_register_default
*
* SYNOPSIS
*
- * bool silc_pkcs_register_default(void);
+ * SilcBool silc_pkcs_register_default(void);
*
* DESCRIPTION
*
* order is not wanted. Returns FALSE on error.
*
***/
-bool silc_pkcs_register_default(void);
+SilcBool silc_pkcs_register_default(void);
/****f* silccrypt/SilcPKCSAPI/silc_pkcs_unregister_all
*
* SYNOPSIS
*
- * bool silc_pkcs_unregister_all(void);
+ * SilcBool silc_pkcs_unregister_all(void);
*
* DESCRIPTION
*
* Returns FALSE on error.
*
***/
-bool silc_pkcs_unregister_all(void);
+SilcBool silc_pkcs_unregister_all(void);
/****f* silccrypt/SilcPKCSAPI/silc_pkcs_alloc
*
* SYNOPSIS
*
- * bool silc_pkcs_alloc(const unsigned char *name, SilcPKCS *new_pkcs);
+ * SilcBool silc_pkcs_alloc(const unsigned char *name,
+ * SilcPKCSType type, SilcPKCS *new_pkcs);
*
* DESCRIPTION
*
* to the 'new_pkcs' argument. Returns FALSE on error.
*
***/
-bool silc_pkcs_alloc(const unsigned char *name, SilcPKCS *new_pkcs);
+SilcBool silc_pkcs_alloc(const unsigned char *name,
+ SilcPKCSType type, SilcPKCS *new_pkcs);
/****f* silccrypt/SilcPKCSAPI/silc_pkcs_free
*
*
* SYNOPSIS
*
- * bool silc_pkcs_is_supported(const unsigned char *name);
+ * SilcBool silc_pkcs_is_supported(const unsigned char *name);
*
* DESCRIPTION
*
* Returns TRUE if PKCS algorithm `name' is supported.
*
***/
-bool silc_pkcs_is_supported(const unsigned char *name);
+SilcBool silc_pkcs_is_supported(const unsigned char *name);
/****f* silccrypt/SilcPKCSAPI/silc_pkcs_get_supported
*
*
* SYNOPSIS
*
- * bool silc_pkcs_generate_key(SilcPKCS pkcs, SilcUInt32 bits_key_len,
+ * SilcBool silc_pkcs_generate_key(SilcPKCS pkcs, SilcUInt32 bits_key_len,
* SilcRng rng);
*
* DESCRIPTION
*
* Generate new key pair into the `pkcs' context. Returns FALSE on error.
+ * If the `rng' is NULL global SILC RNG will be used.
*
***/
-bool silc_pkcs_generate_key(SilcPKCS pkcs, SilcUInt32 bits_key_len,
- SilcRng rng);
+SilcBool silc_pkcs_generate_key(SilcPKCS pkcs, SilcUInt32 bits_key_len,
+ SilcRng rng);
/****f* silccrypt/SilcPKCSAPI/silc_pkcs_get_key_len
*
*
* DESCRIPTION
*
- * Returns the length of the key.
+ * Returns the length of the key in bits.
*
***/
SilcUInt32 silc_pkcs_get_key_len(SilcPKCS self);
*
* DESCRIPTION
*
- * Returns SILC style public key. The caller must free the returned
- * data.
+ * Returns SILC style public key for the PKCS. Note that this is not
+ * the SILC Public Key, but the raw public key data from the PKCS.
+ * The caller must free the returned data.
*
***/
unsigned char *silc_pkcs_get_public_key(SilcPKCS pkcs, SilcUInt32 *len);
*
* DESCRIPTION
*
- * Returns SILC style private key. The caller must free the returned
- * data and SHOULD zero the memory area before freeing.
+ * Returns SILC style private key. Note that this is not SilcPrivateKey
+ * but the raw private key bits from the PKCS. The caller must free the
+ * returned data and SHOULD zero the memory area before freeing.
*
***/
unsigned char *silc_pkcs_get_private_key(SilcPKCS pkcs, SilcUInt32 *len);
*
* DESCRIPTION
*
- * Sets public key from SilcPublicKey. Returns the length of the key.
+ * Sets public key from SilcPublicKey. Returns the length of the key in
+ * bits.
*
***/
SilcUInt32 silc_pkcs_public_key_set(SilcPKCS pkcs, SilcPublicKey public_key);
*
* DESCRIPTION
*
- * Sets private key from SilcPrivateKey. Returns the length of the key.
+ * Sets private key from SilcPrivateKey. Returns the length of the key
+ * in bits.
*
***/
-SilcUInt32 silc_pkcs_private_key_set(SilcPKCS pkcs, SilcPrivateKey private_key);
+SilcUInt32 silc_pkcs_private_key_set(SilcPKCS pkcs,
+ SilcPrivateKey private_key);
/****f* silccrypt/SilcPKCSAPI/silc_pkcs_private_key_data_set
*
*
* SYNOPSIS
*
- * bool silc_pkcs_encrypt(SilcPKCS pkcs, unsigned char *src,
+ * SilcBool silc_pkcs_encrypt(SilcPKCS pkcs, unsigned char *src,
* SilcUInt32 src_len, unsigned char *dst,
* SilcUInt32 *dst_len);
*
* Encrypts. Returns FALSE on error.
*
***/
-bool silc_pkcs_encrypt(SilcPKCS pkcs, unsigned char *src, SilcUInt32 src_len,
- unsigned char *dst, SilcUInt32 *dst_len);
+SilcBool silc_pkcs_encrypt(SilcPKCS pkcs, unsigned char *src,
+ SilcUInt32 src_len,
+ unsigned char *dst, SilcUInt32 *dst_len);
/****f* silccrypt/SilcPKCSAPI/silc_pkcs_decrypt
*
* SYNOPSIS
*
- * bool silc_pkcs_decrypt(SilcPKCS pkcs, unsigned char *src,
+ * SilcBool silc_pkcs_decrypt(SilcPKCS pkcs, unsigned char *src,
* SilcUInt32 src_len, unsigned char *dst,
* SilcUInt32 *dst_len);
*
* Decrypts. Returns FALSE on error.
*
***/
-bool silc_pkcs_decrypt(SilcPKCS pkcs, unsigned char *src, SilcUInt32 src_len,
- unsigned char *dst, SilcUInt32 *dst_len);
+SilcBool silc_pkcs_decrypt(SilcPKCS pkcs, unsigned char *src,
+ SilcUInt32 src_len,
+ unsigned char *dst, SilcUInt32 *dst_len);
/****f* silccrypt/SilcPKCSAPI/silc_pkcs_sign
*
* SYNOPSIS
*
- * bool silc_pkcs_sign(SilcPKCS pkcs, unsigned char *src,
+ * SilcBool silc_pkcs_sign(SilcPKCS pkcs, unsigned char *src,
* SilcUInt32 src_len, unsigned char *dst,
* SilcUInt32 *dst_len);
*
* Generates signature. Returns FALSE on error.
*
***/
-bool silc_pkcs_sign(SilcPKCS pkcs, unsigned char *src, SilcUInt32 src_len,
- unsigned char *dst, SilcUInt32 *dst_len);
+SilcBool silc_pkcs_sign(SilcPKCS pkcs, unsigned char *src, SilcUInt32 src_len,
+ unsigned char *dst, SilcUInt32 *dst_len);
/****f* silccrypt/SilcPKCSAPI/silc_pkcs_verify
*
* SYNOPSIS
*
- * bool silc_pkcs_verify(SilcPKCS pkcs, unsigned char *signature,
+ * SilcBool silc_pkcs_verify(SilcPKCS pkcs, unsigned char *signature,
* SilcUInt32 signature_len, unsigned char *data,
* SilcUInt32 data_len);
*
* DESCRIPTION
*
- * Verifies signature. Returns FALSE on error.
+ * Verifies signature. Returns FALSE on error. The 'signature' is
+ * verified against the 'data'.
*
***/
-bool silc_pkcs_verify(SilcPKCS pkcs, unsigned char *signature,
- SilcUInt32 signature_len, unsigned char *data,
- SilcUInt32 data_len);
+SilcBool silc_pkcs_verify(SilcPKCS pkcs, unsigned char *signature,
+ SilcUInt32 signature_len, unsigned char *data,
+ SilcUInt32 data_len);
/****f* silccrypt/SilcPKCSAPI/silc_pkcs_sign_with_hash
*
* SYNOPSIS
*
- * bool silc_pkcs_sign_with_hash(SilcPKCS pkcs, SilcHash hash,
+ * SilcBool silc_pkcs_sign_with_hash(SilcPKCS pkcs, SilcHash hash,
* unsigned char *src, SilcUInt32 src_len,
* unsigned char *dst, SilcUInt32 *dst_len);
*
* error.
*
***/
-bool silc_pkcs_sign_with_hash(SilcPKCS pkcs, SilcHash hash,
- unsigned char *src, SilcUInt32 src_len,
- unsigned char *dst, SilcUInt32 *dst_len);
+SilcBool silc_pkcs_sign_with_hash(SilcPKCS pkcs, SilcHash hash,
+ unsigned char *src, SilcUInt32 src_len,
+ unsigned char *dst, SilcUInt32 *dst_len);
/****f* silccrypt/SilcPKCSAPI/silc_pkcs_verify_with_hash
*
* SYNOPSIS
*
- * bool silc_pkcs_verify_with_hash(SilcPKCS pkcs, SilcHash hash,
+ * SilcBool silc_pkcs_verify_with_hash(SilcPKCS pkcs, SilcHash hash,
* unsigned char *signature,
* SilcUInt32 signature_len,
* unsigned char *data,
* the `signature'. Returns FALSE on error.
*
***/
-bool silc_pkcs_verify_with_hash(SilcPKCS pkcs, SilcHash hash,
- unsigned char *signature,
- SilcUInt32 signature_len,
- unsigned char *data,
- SilcUInt32 data_len);
+SilcBool silc_pkcs_verify_with_hash(SilcPKCS pkcs, SilcHash hash,
+ unsigned char *signature,
+ SilcUInt32 signature_len,
+ unsigned char *data,
+ SilcUInt32 data_len);
/****f* silccrypt/SilcPKCSAPI/silc_pkcs_encode_identifier
*
*
* DESCRIPTION
*
- * Allocates SILC style public key formed from sent arguments. All data
- * is duplicated.
+ * Allocates SILC style public key formed from sent arguments. The
+ * 'name' is the algorithm (PKCS) name, the 'identifier' is the public
+ * key identifier generated with silc_pkcs_encode_identifier, and the
+ * 'pk' and 'pk_len' are the raw public key data returned for example
+ * by silc_pkcs_get_public_key.
*
***/
SilcPublicKey silc_pkcs_public_key_alloc(const char *name,
*
* DESCRIPTION
*
- * Frees public key.
+ * Frees public key and all data in it.
*
***/
void silc_pkcs_public_key_free(SilcPublicKey public_key);
*
* DESCRIPTION
*
- * Allocates SILC private key formed from sent arguments. All data is
- * duplicated.
+ * Allocates SILC private key formed from sent arguments. The 'name'
+ * is the algorithm name, and the 'prv' and 'prv_len' are the raw
+ * private key bits returned by silc_pkcs_get_private_key.
*
***/
SilcPrivateKey silc_pkcs_private_key_alloc(const char *name,
*
* DESCRIPTION
*
- * Frees private key.
+ * Frees private key and all data in it. The private key is zeroed
+ * before it is freed.
*
***/
void silc_pkcs_private_key_free(SilcPrivateKey private_key);
*
* SYNOPSIS
*
- * bool silc_pkcs_public_key_decode(unsigned char *data,
+ * SilcBool silc_pkcs_public_key_decode(unsigned char *data,
* SilcUInt32 data_len,
* SilcPublicKey *public_key);
*
* successful. Allocates new public key as well.
*
***/
-bool silc_pkcs_public_key_decode(unsigned char *data, SilcUInt32 data_len,
+SilcBool silc_pkcs_public_key_decode(unsigned char *data, SilcUInt32 data_len,
SilcPublicKey *public_key);
/****f* silccrypt/SilcPKCSAPI/silc_pkcs_public_key_payload_encode
*
* SYNOPSIS
*
- * bool silc_pkcs_public_key_payload_encode(SilcPublicKey public_key);
+ * SilcBool silc_pkcs_public_key_payload_encode(SilcPublicKey public_key);
*
* DESCRIPTION
*
*
* SYNOPSIS
*
- * bool silc_pkcs_public_key_payload_decode(unsigned char *data,
+ * SilcBool silc_pkcs_public_key_payload_decode(unsigned char *data,
* SilcUInt32 data_len,
* SilcPublicKey *public_key);
*
* cannot be decoded.
*
***/
-bool silc_pkcs_public_key_payload_decode(unsigned char *data,
+SilcBool silc_pkcs_public_key_payload_decode(unsigned char *data,
SilcUInt32 data_len,
SilcPublicKey *public_key);
*
* SYNOPSIS
*
- * bool silc_pkcs_public_key_compare(SilcPublicKey key1,
+ * SilcBool silc_pkcs_public_key_compare(SilcPublicKey key1,
* SilcPublicKey key2);
*
* DESCRIPTION
* FALSE if they are not same.
*
***/
-bool silc_pkcs_public_key_compare(SilcPublicKey key1, SilcPublicKey key2);
+SilcBool silc_pkcs_public_key_compare(SilcPublicKey key1, SilcPublicKey key2);
/****f* silccrypt/SilcPKCSAPI/silc_pkcs_public_key_copy
*
*
* SYNOPSIS
*
- * bool silc_pkcs_private_key_decode(unsigned char *data,
+ * SilcBool silc_pkcs_private_key_decode(unsigned char *data,
* SilcUInt32 data_len,
* SilcPrivateKey *private_key);
*
* successful. Allocates new private key as well.
*
***/
-bool silc_pkcs_private_key_decode(unsigned char *data, SilcUInt32 data_len,
+SilcBool silc_pkcs_private_key_decode(unsigned char *data, SilcUInt32 data_len,
SilcPrivateKey *private_key);
/****f* silccrypt/SilcPKCSAPI/silc_pkcs_save_public_key
*
* SYNOPSIS
*
- * bool silc_pkcs_save_public_key(const char *filename,
+ * SilcBool silc_pkcs_save_public_key(const char *filename,
* SilcPublicKey public_key,
* SilcUInt32 encoding);
*
* Saves public key into file. Returns FALSE on error.
*
***/
-bool silc_pkcs_save_public_key(const char *filename, SilcPublicKey public_key,
+SilcBool silc_pkcs_save_public_key(const char *filename, SilcPublicKey public_key,
SilcUInt32 encoding);
/****f* silccrypt/SilcPKCSAPI/silc_pkcs_save_public_key_data
*
* SYNOPSIS
*
- * bool silc_pkcs_save_public_key_data(const char *filename,
+ * SilcBool silc_pkcs_save_public_key_data(const char *filename,
* unsigned char *data,
* SilcUInt32 data_len,
* SilcUInt32 encoding);
* data when calling this function. Returns FALSE on error.
*
***/
-bool silc_pkcs_save_public_key_data(const char *filename, unsigned char *data,
+SilcBool silc_pkcs_save_public_key_data(const char *filename, unsigned char *data,
SilcUInt32 data_len, SilcUInt32 encoding);
/****f* silccrypt/SilcPKCSAPI/silc_pkcs_save_private_key
*
* SYNOPSIS
*
- * bool silc_pkcs_save_private_key(const char *filename,
+ * SilcBool silc_pkcs_save_private_key(const char *filename,
* SilcPrivateKey private_key,
* unsigned char *passphrase,
* SilcUInt32 passphrase_len,
* is AES with 256 bit key in CBC mode. Returns FALSE on error.
*
***/
-bool silc_pkcs_save_private_key(const char *filename,
+SilcBool silc_pkcs_save_private_key(const char *filename,
SilcPrivateKey private_key,
unsigned char *passphrase,
SilcUInt32 passphrase_len,
*
* SYNOPSIS
*
- * bool silc_pkcs_load_public_key(const char *filename,
+ * SilcBool silc_pkcs_load_public_key(const char *filename,
* SilcPublicKey *public_key,
* SilcUInt32 encoding);
*
* if loading was successful.
*
***/
-bool silc_pkcs_load_public_key(const char *filename, SilcPublicKey *public_key,
+SilcBool silc_pkcs_load_public_key(const char *filename, SilcPublicKey *public_key,
SilcUInt32 encoding);
/****f* silccrypt/SilcPKCSAPI/silc_pkcs_load_private_key
*
* SYNOPSIS
*
- * bool silc_pkcs_load_private_key(const char *filename,
+ * SilcBool silc_pkcs_load_private_key(const char *filename,
* SilcPrivateKey *private_key,
* unsigned char *passphrase,
* SilcUInt32 passphrase_len,
* key of the private key file.
*
***/
-bool silc_pkcs_load_private_key(const char *filename,
+SilcBool silc_pkcs_load_private_key(const char *filename,
SilcPrivateKey *private_key,
unsigned char *passphrase,
SilcUInt32 passphrase_len,
projects / silc.git / blobdiff