libsecurity_smime/Security/cryptohi.h

   1 /*
   2  * crypto.h - public data structures and prototypes for the crypto library
   3  *
   4  * The contents of this file are subject to the Mozilla Public
   5  * License Version 1.1 (the "License"); you may not use this file
   6  * except in compliance with the License. You may obtain a copy of
   7  * the License at http://www.mozilla.org/MPL/
   8  *
   9  * Software distributed under the License is distributed on an "AS
  10  * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
  11  * implied. See the License for the specific language governing
  12  * rights and limitations under the License.
  13  *
  14  * The Original Code is the Netscape security libraries.
  15  *
  16  * The Initial Developer of the Original Code is Netscape
  17  * Communications Corporation.  Portions created by Netscape are
  18  * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
  19  * Rights Reserved.
  20  *
  21  * Contributor(s):
  22  *
  23  * Alternatively, the contents of this file may be used under the
  24  * terms of the GNU General Public License Version 2 or later (the
  25  * "GPL"), in which case the provisions of the GPL are applicable
  26  * instead of those above.  If you wish to allow use of your
  27  * version of this file only under the terms of the GPL and not to
  28  * allow others to use your version of this file under the MPL,
  29  * indicate your decision by deleting the provisions above and
  30  * replace them with the notice and other provisions required by
  31  * the GPL.  If you do not delete the provisions above, a recipient
  32  * may use your version of this file under either the MPL or the
  33  * GPL.
  34  */
  35
  36 #ifndef _CRYPTOHI_H_
  37 #define _CRYPTOHI_H_
  38
  39 #include <security_asn1/seccomon.h>
  40 #include <Security/SecCmsBase.h>
  41
  42
  43 SEC_BEGIN_PROTOS
  44
  45
  46 /****************************************/
  47 /*
  48 ** DER encode/decode DSA signatures
  49 */
  50
  51 /* ANSI X9.57 defines DSA signatures as DER encoded data.  Our DSA code (and
  52  * most of the rest of the world) just generates 40 bytes of raw data.  These
  53  * functions convert between formats.
  54  */
  55 //extern SECStatus DSAU_EncodeDerSig(SecAsn1Item *dest, SecAsn1Item *src);
  56 //extern SecAsn1Item *DSAU_DecodeDerSig(SecAsn1Item *item);
  57
  58 #if USE_CDSA_CRYPTO
  59 /*
  60  * Return a csp handle able to deal with algorithm
  61  */
  62 extern CSSM_CSP_HANDLE SecCspHandleForAlgorithm(CSSM_ALGORITHMS algorithm);
  63
  64 /*
  65  * Return a CSSM_ALGORITHMS for a given SECOidTag or 0 if there is none
  66  */
  67 extern CSSM_ALGORITHMS SECOID_FindyCssmAlgorithmByTag(SECOidTag algTag);
  68 #endif
  69
  70 /****************************************/
  71 /*
  72 ** Signature creation operations
  73 */
  74
  75 /*
  76 ** Sign a single block of data using private key encryption and given
  77 ** signature/hash algorithm.
  78 **      "result" the final signature data (memory is allocated)
  79 **      "buf" the input data to sign
  80 **      "len" the amount of data to sign
  81 **      "pk" the private key to encrypt with
  82 **      "algid" the signature/hash algorithm to sign with
  83 **              (must be compatible with the key type).
  84 */
  85 extern SECStatus SEC_SignData(SecAsn1Item *result, unsigned char *buf, int len,
  86                              SecPrivateKeyRef pk, SECOidTag digAlgTag, SECOidTag sigAlgTag);
  87
  88 /*
  89 ** Sign a pre-digested block of data using private key encryption, encoding
  90 **  The given signature/hash algorithm.
  91 **      "result" the final signature data (memory is allocated)
  92 **      "digest" the digest to sign
  93 **      "pk" the private key to encrypt with
  94 **      "algtag" The algorithm tag to encode (need for RSA only)
  95 */
  96 extern SECStatus SGN_Digest(SecPrivateKeyRef privKey,
  97                 SECOidTag digAlgTag, SECOidTag sigAlgTag, SecAsn1Item *result, SecAsn1Item *digest);
  98
  99 /****************************************/
 100 /*
 101 ** Signature verification operations
 102 */
 103
 104
 105 /*
 106 ** Verify the signature on a block of data for which we already have
 107 ** the digest. The signature data is an RSA private key encrypted
 108 ** block of data formatted according to PKCS#1.
 109 **      "dig" the digest
 110 **      "key" the public key to check the signature with
 111 **      "sig" the encrypted signature data
 112 **      "algid" specifies the signing algorithm to use.  This must match
 113 **          the key type.
 114 **/
 115 extern SECStatus VFY_VerifyDigest(SecAsn1Item *dig, SecPublicKeyRef key,
 116                                   SecAsn1Item *sig, SECOidTag digAlgTag, SECOidTag sigAlgTag, void *wincx);
 117
 118 /*
 119 ** Verify the signature on a block of data. The signature data is an RSA
 120 ** private key encrypted block of data formatted according to PKCS#1.
 121 **      "buf" the input data
 122 **      "len" the length of the input data
 123 **      "key" the public key to check the signature with
 124 **      "sig" the encrypted signature data
 125 **      "algid" specifies the signing algorithm to use.  This must match
 126 **          the key type.
 127 */
 128 extern SECStatus VFY_VerifyData(unsigned char *buf, int len,
 129                                 SecPublicKeyRef key, SecAsn1Item *sig,
 130                                 SECOidTag digAlgTag, SECOidTag sigAlgTag, void *wincx);
 131
 132
 133
 134 extern SECStatus WRAP_PubWrapSymKey(SecPublicKeyRef publickey,
 135                                     SecSymmetricKeyRef bulkkey,
 136                                     SecAsn1Item * encKey);
 137
 138
 139 extern SecSymmetricKeyRef WRAP_PubUnwrapSymKey(SecPrivateKeyRef privkey, const SecAsn1Item *encKey, SECOidTag bulkalgtag);
 140
 141
 142 SEC_END_PROTOS
 143
 144 #endif /* _CRYPTOHI_H_ */