[apple/security.git] / libsecurity_smime / lib / cryptohi.h

/*
 * crypto.h - public data structures and prototypes for the crypto library
 *
 * The contents of this file are subject to the Mozilla Public
 * License Version 1.1 (the "License"); you may not use this file
 * except in compliance with the License. You may obtain a copy of
 * the License at http://www.mozilla.org/MPL/
 * 
 * Software distributed under the License is distributed on an "AS
 * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
 * implied. See the License for the specific language governing
 * rights and limitations under the License.
 * 
 * The Original Code is the Netscape security libraries.
 * 
 * The Initial Developer of the Original Code is Netscape
 * Communications Corporation.  Portions created by Netscape are 
 * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
 * Rights Reserved.
 * 
 * Contributor(s):
 * 
 * Alternatively, the contents of this file may be used under the
 * terms of the GNU General Public License Version 2 or later (the
 * "GPL"), in which case the provisions of the GPL are applicable 
 * instead of those above.  If you wish to allow use of your 
 * version of this file only under the terms of the GPL and not to
 * allow others to use your version of this file under the MPL,
 * indicate your decision by deleting the provisions above and
 * replace them with the notice and other provisions required by
 * the GPL.  If you do not delete the provisions above, a recipient
 * may use your version of this file under either the MPL or the
 * GPL.
 */

#ifndef _CRYPTOHI_H_
#define _CRYPTOHI_H_

#include <security_asn1/seccomon.h>
#include <Security/SecCmsBase.h>


SEC_BEGIN_PROTOS


/****************************************/
/*
** DER encode/decode DSA signatures
*/

/* ANSI X9.57 defines DSA signatures as DER encoded data.  Our DSA code (and
 * most of the rest of the world) just generates 40 bytes of raw data.  These
 * functions convert between formats.
 */
//extern SECStatus DSAU_EncodeDerSig(SECItem *dest, SECItem *src);
//extern SECItem *DSAU_DecodeDerSig(SECItem *item);

/*
 * Return a csp handle able to deal with algorithm
 */
extern CSSM_CSP_HANDLE SecCspHandleForAlgorithm(CSSM_ALGORITHMS algorithm);

/*
 * Return a CSSM_ALGORITHMS for a given SECOidTag or 0 if there is none
 */
extern CSSM_ALGORITHMS SECOID_FindyCssmAlgorithmByTag(SECOidTag algTag);


/****************************************/
/*
** Signature creation operations
*/

/*
** Sign a single block of data using private key encryption and given
** signature/hash algorithm.
**	"result" the final signature data (memory is allocated)
**	"buf" the input data to sign
**	"len" the amount of data to sign
**	"pk" the private key to encrypt with
**	"algid" the signature/hash algorithm to sign with 
**		(must be compatible with the key type).
*/
extern SECStatus SEC_SignData(SECItem *result, unsigned char *buf, int len,
			     SecPrivateKeyRef pk, SECOidTag digAlgTag, SECOidTag sigAlgTag);

/*
** Sign a pre-digested block of data using private key encryption, encoding
**  The given signature/hash algorithm.
**	"result" the final signature data (memory is allocated)
**	"digest" the digest to sign
**	"pk" the private key to encrypt with
**	"algtag" The algorithm tag to encode (need for RSA only)
*/
extern SECStatus SGN_Digest(SecPrivateKeyRef privKey,
                SECOidTag digAlgTag, SECOidTag sigAlgTag, SECItem *result, SECItem *digest);

/****************************************/
/*
** Signature verification operations
*/


/*
** Verify the signature on a block of data for which we already have
** the digest. The signature data is an RSA private key encrypted
** block of data formatted according to PKCS#1.
** 	"dig" the digest
** 	"key" the public key to check the signature with
** 	"sig" the encrypted signature data
**	"algid" specifies the signing algorithm to use.  This must match
**	    the key type.
**/
extern SECStatus VFY_VerifyDigest(SECItem *dig, SecPublicKeyRef key,
				  SECItem *sig, SECOidTag digAlgTag, SECOidTag sigAlgTag, void *wincx);

/*
** Verify the signature on a block of data. The signature data is an RSA
** private key encrypted block of data formatted according to PKCS#1.
** 	"buf" the input data
** 	"len" the length of the input data
** 	"key" the public key to check the signature with
** 	"sig" the encrypted signature data
**	"algid" specifies the signing algorithm to use.  This must match
**	    the key type.
*/
extern SECStatus VFY_VerifyData(unsigned char *buf, int len,
				SecPublicKeyRef key, SECItem *sig,
				SECOidTag digAlgTag, SECOidTag sigAlgTag, void *wincx);


extern SECStatus WRAP_PubWrapSymKey(SecPublicKeyRef publickey,
				    SecSymmetricKeyRef bulkkey,
				    CSSM_DATA_PTR encKey);


extern SecSymmetricKeyRef WRAP_PubUnwrapSymKey(SecPrivateKeyRef privkey, CSSM_DATA_PTR encKey, SECOidTag bulkalgtag);


SEC_END_PROTOS

#endif /* _CRYPTOHI_H_ */
Commit	Line	Data
b1ab9ed8 A	1	/*
	2	* crypto.h - public data structures and prototypes for the crypto library
	3	*
	4	* The contents of this file are subject to the Mozilla Public
	5	* License Version 1.1 (the "License"); you may not use this file
	6	* except in compliance with the License. You may obtain a copy of
	7	* the License at http://www.mozilla.org/MPL/
	8	*
	9	* Software distributed under the License is distributed on an "AS
	10	* IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
	11	* implied. See the License for the specific language governing
	12	* rights and limitations under the License.
	13	*
	14	* The Original Code is the Netscape security libraries.
	15	*
	16	* The Initial Developer of the Original Code is Netscape
	17	* Communications Corporation. Portions created by Netscape are
	18	* Copyright (C) 1994-2000 Netscape Communications Corporation. All
	19	* Rights Reserved.
	20	*
	21	* Contributor(s):
	22	*
	23	* Alternatively, the contents of this file may be used under the
	24	* terms of the GNU General Public License Version 2 or later (the
	25	* "GPL"), in which case the provisions of the GPL are applicable
	26	* instead of those above. If you wish to allow use of your
	27	* version of this file only under the terms of the GPL and not to
	28	* allow others to use your version of this file under the MPL,
	29	* indicate your decision by deleting the provisions above and
	30	* replace them with the notice and other provisions required by
	31	* the GPL. If you do not delete the provisions above, a recipient
	32	* may use your version of this file under either the MPL or the
	33	* GPL.
	34	*/
	35
	36	#ifndef _CRYPTOHI_H_
	37	#define _CRYPTOHI_H_
	38
	39	#include <security_asn1/seccomon.h>
	40	#include <Security/SecCmsBase.h>
	41
	42
	43	SEC_BEGIN_PROTOS
	44
	45
	46	/****************************************/
	47	/*
	48	** DER encode/decode DSA signatures
	49	*/
	50
	51	/* ANSI X9.57 defines DSA signatures as DER encoded data. Our DSA code (and
	52	* most of the rest of the world) just generates 40 bytes of raw data. These
	53	* functions convert between formats.
	54	*/
	55	//extern SECStatus DSAU_EncodeDerSig(SECItem dest, SECItem src);
	56	//extern SECItem DSAU_DecodeDerSig(SECItem item);
	57
	58	/*
	59	* Return a csp handle able to deal with algorithm
	60	*/
	61	extern CSSM_CSP_HANDLE SecCspHandleForAlgorithm(CSSM_ALGORITHMS algorithm);
	62
	63	/*
	64	* Return a CSSM_ALGORITHMS for a given SECOidTag or 0 if there is none
65	*/
66	extern CSSM_ALGORITHMS SECOID_FindyCssmAlgorithmByTag(SECOidTag algTag);
67
68
69	/****************************************/
70	/*
71	** Signature creation operations
72	*/
73
74	/*
75	** Sign a single block of data using private key encryption and given
76	** signature/hash algorithm.
77	** "result" the final signature data (memory is allocated)
78	** "buf" the input data to sign
79	** "len" the amount of data to sign
80	** "pk" the private key to encrypt with
81	** "algid" the signature/hash algorithm to sign with
82	** (must be compatible with the key type).
83	*/
84	extern SECStatus SEC_SignData(SECItem result, unsigned char buf, int len,
85	SecPrivateKeyRef pk, SECOidTag digAlgTag, SECOidTag sigAlgTag);
86
87	/*
88	** Sign a pre-digested block of data using private key encryption, encoding
89	** The given signature/hash algorithm.
90	** "result" the final signature data (memory is allocated)
91	** "digest" the digest to sign
92	** "pk" the private key to encrypt with
93	** "algtag" The algorithm tag to encode (need for RSA only)
94	*/
95	extern SECStatus SGN_Digest(SecPrivateKeyRef privKey,
96	SECOidTag digAlgTag, SECOidTag sigAlgTag, SECItem result, SECItem digest);
97
98	/****************************************/
99	/*
100	** Signature verification operations
101	*/
102
103
104	/*
105	** Verify the signature on a block of data for which we already have
106	** the digest. The signature data is an RSA private key encrypted
107	** block of data formatted according to PKCS#1.
108	** "dig" the digest
109	** "key" the public key to check the signature with
110	** "sig" the encrypted signature data
111	** "algid" specifies the signing algorithm to use. This must match
112	** the key type.
113	**/
114	extern SECStatus VFY_VerifyDigest(SECItem *dig, SecPublicKeyRef key,
115	SECItem sig, SECOidTag digAlgTag, SECOidTag sigAlgTag, void wincx);
116
117	/*
118	** Verify the signature on a block of data. The signature data is an RSA
119	** private key encrypted block of data formatted according to PKCS#1.
120	** "buf" the input data
121	** "len" the length of the input data
122	** "key" the public key to check the signature with
123	** "sig" the encrypted signature data
124	** "algid" specifies the signing algorithm to use. This must match
125	** the key type.
126	*/
127	extern SECStatus VFY_VerifyData(unsigned char *buf, int len,
128	SecPublicKeyRef key, SECItem *sig,
129	SECOidTag digAlgTag, SECOidTag sigAlgTag, void *wincx);
130
131
132
133	extern SECStatus WRAP_PubWrapSymKey(SecPublicKeyRef publickey,
134	SecSymmetricKeyRef bulkkey,
135	CSSM_DATA_PTR encKey);
136
137
138	extern SecSymmetricKeyRef WRAP_PubUnwrapSymKey(SecPrivateKeyRef privkey, CSSM_DATA_PTR encKey, SECOidTag bulkalgtag);
139
140
141	SEC_END_PROTOS
142
143	#endif /* _CRYPTOHI_H_ */