2 * crypto.h - public data structures and prototypes for the crypto library
4 * The contents of this file are subject to the Mozilla Public
5 * License Version 1.1 (the "License"); you may not use this file
6 * except in compliance with the License. You may obtain a copy of
7 * the License at http://www.mozilla.org/MPL/
9 * Software distributed under the License is distributed on an "AS
10 * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
11 * implied. See the License for the specific language governing
12 * rights and limitations under the License.
14 * The Original Code is the Netscape security libraries.
16 * The Initial Developer of the Original Code is Netscape
17 * Communications Corporation. Portions created by Netscape are
18 * Copyright (C) 1994-2000 Netscape Communications Corporation. All
23 * Alternatively, the contents of this file may be used under the
24 * terms of the GNU General Public License Version 2 or later (the
25 * "GPL"), in which case the provisions of the GPL are applicable
26 * instead of those above. If you wish to allow use of your
27 * version of this file only under the terms of the GPL and not to
28 * allow others to use your version of this file under the MPL,
29 * indicate your decision by deleting the provisions above and
30 * replace them with the notice and other provisions required by
31 * the GPL. If you do not delete the provisions above, a recipient
32 * may use your version of this file under either the MPL or the
39 #include <security_asn1/seccomon.h>
40 #include <Security/SecCmsBase.h>
46 /****************************************/
48 ** DER encode/decode DSA signatures
51 /* ANSI X9.57 defines DSA signatures as DER encoded data. Our DSA code (and
52 * most of the rest of the world) just generates 40 bytes of raw data. These
53 * functions convert between formats.
55 //extern SECStatus DSAU_EncodeDerSig(SECItem *dest, SECItem *src);
56 //extern SECItem *DSAU_DecodeDerSig(SECItem *item);
59 * Return a csp handle able to deal with algorithm
61 extern CSSM_CSP_HANDLE
SecCspHandleForAlgorithm(CSSM_ALGORITHMS algorithm
);
64 * Return a CSSM_ALGORITHMS for a given SECOidTag or 0 if there is none
66 extern CSSM_ALGORITHMS
SECOID_FindyCssmAlgorithmByTag(SECOidTag algTag
);
69 /****************************************/
71 ** Signature creation operations
75 ** Sign a single block of data using private key encryption and given
76 ** signature/hash algorithm.
77 ** "result" the final signature data (memory is allocated)
78 ** "buf" the input data to sign
79 ** "len" the amount of data to sign
80 ** "pk" the private key to encrypt with
81 ** "algid" the signature/hash algorithm to sign with
82 ** (must be compatible with the key type).
84 extern SECStatus
SEC_SignData(SECItem
*result
, unsigned char *buf
, int len
,
85 SecPrivateKeyRef pk
, SECOidTag digAlgTag
, SECOidTag sigAlgTag
);
88 ** Sign a pre-digested block of data using private key encryption, encoding
89 ** The given signature/hash algorithm.
90 ** "result" the final signature data (memory is allocated)
91 ** "digest" the digest to sign
92 ** "pk" the private key to encrypt with
93 ** "algtag" The algorithm tag to encode (need for RSA only)
95 extern SECStatus
SGN_Digest(SecPrivateKeyRef privKey
,
96 SECOidTag digAlgTag
, SECOidTag sigAlgTag
, SECItem
*result
, SECItem
*digest
);
98 /****************************************/
100 ** Signature verification operations
105 ** Verify the signature on a block of data for which we already have
106 ** the digest. The signature data is an RSA private key encrypted
107 ** block of data formatted according to PKCS#1.
109 ** "key" the public key to check the signature with
110 ** "sig" the encrypted signature data
111 ** "algid" specifies the signing algorithm to use. This must match
114 extern SECStatus
VFY_VerifyDigest(SECItem
*dig
, SecPublicKeyRef key
,
115 SECItem
*sig
, SECOidTag digAlgTag
, SECOidTag sigAlgTag
, void *wincx
);
118 ** Verify the signature on a block of data. The signature data is an RSA
119 ** private key encrypted block of data formatted according to PKCS#1.
120 ** "buf" the input data
121 ** "len" the length of the input data
122 ** "key" the public key to check the signature with
123 ** "sig" the encrypted signature data
124 ** "algid" specifies the signing algorithm to use. This must match
127 extern SECStatus
VFY_VerifyData(unsigned char *buf
, int len
,
128 SecPublicKeyRef key
, SECItem
*sig
,
129 SECOidTag digAlgTag
, SECOidTag sigAlgTag
, void *wincx
);
133 extern SECStatus
WRAP_PubWrapSymKey(SecPublicKeyRef publickey
,
134 SecSymmetricKeyRef bulkkey
,
135 CSSM_DATA_PTR encKey
);
138 extern SecSymmetricKeyRef
WRAP_PubUnwrapSymKey(SecPrivateKeyRef privkey
, CSSM_DATA_PTR encKey
, SECOidTag bulkalgtag
);
143 #endif /* _CRYPTOHI_H_ */