]> git.saurik.com Git - apple/security.git/blob - OSX/libsecurity_smime/lib/cryptohi.h
Security-57740.1.18.tar.gz
[apple/security.git] / OSX / libsecurity_smime / lib / cryptohi.h
1 /*
2 * crypto.h - public data structures and prototypes for the crypto library
3 *
4 * The contents of this file are subject to the Mozilla Public
5 * License Version 1.1 (the "License"); you may not use this file
6 * except in compliance with the License. You may obtain a copy of
7 * the License at http://www.mozilla.org/MPL/
8 *
9 * Software distributed under the License is distributed on an "AS
10 * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
11 * implied. See the License for the specific language governing
12 * rights and limitations under the License.
13 *
14 * The Original Code is the Netscape security libraries.
15 *
16 * The Initial Developer of the Original Code is Netscape
17 * Communications Corporation. Portions created by Netscape are
18 * Copyright (C) 1994-2000 Netscape Communications Corporation. All
19 * Rights Reserved.
20 *
21 * Contributor(s):
22 *
23 * Alternatively, the contents of this file may be used under the
24 * terms of the GNU General Public License Version 2 or later (the
25 * "GPL"), in which case the provisions of the GPL are applicable
26 * instead of those above. If you wish to allow use of your
27 * version of this file only under the terms of the GPL and not to
28 * allow others to use your version of this file under the MPL,
29 * indicate your decision by deleting the provisions above and
30 * replace them with the notice and other provisions required by
31 * the GPL. If you do not delete the provisions above, a recipient
32 * may use your version of this file under either the MPL or the
33 * GPL.
34 */
35
36 #ifndef _CRYPTOHI_H_
37 #define _CRYPTOHI_H_
38
39 #include <security_asn1/seccomon.h>
40 #include <Security/SecCmsBase.h>
41
42
43 SEC_BEGIN_PROTOS
44
45
46 /****************************************/
47 /*
48 ** DER encode/decode DSA signatures
49 */
50
51 /* ANSI X9.57 defines DSA signatures as DER encoded data. Our DSA code (and
52 * most of the rest of the world) just generates 40 bytes of raw data. These
53 * functions convert between formats.
54 */
55 //extern SECStatus DSAU_EncodeDerSig(SECItem *dest, SECItem *src);
56 //extern SECItem *DSAU_DecodeDerSig(SECItem *item);
57
58 /*
59 * Return a csp handle able to deal with algorithm
60 */
61 extern CSSM_CSP_HANDLE SecCspHandleForAlgorithm(CSSM_ALGORITHMS algorithm);
62
63 /*
64 * Return a CSSM_ALGORITHMS for a given SECOidTag or 0 if there is none
65 */
66 extern CSSM_ALGORITHMS SECOID_FindyCssmAlgorithmByTag(SECOidTag algTag);
67
68
69 /****************************************/
70 /*
71 ** Signature creation operations
72 */
73
74 /*
75 ** Sign a single block of data using private key encryption and given
76 ** signature/hash algorithm.
77 ** "result" the final signature data (memory is allocated)
78 ** "buf" the input data to sign
79 ** "len" the amount of data to sign
80 ** "pk" the private key to encrypt with
81 ** "algid" the signature/hash algorithm to sign with
82 ** (must be compatible with the key type).
83 */
84 extern SECStatus SEC_SignData(SECItem *result, unsigned char *buf, int len,
85 SecPrivateKeyRef pk, SECOidTag digAlgTag, SECOidTag sigAlgTag);
86
87 /*
88 ** Sign a pre-digested block of data using private key encryption, encoding
89 ** The given signature/hash algorithm.
90 ** "result" the final signature data (memory is allocated)
91 ** "digest" the digest to sign
92 ** "pk" the private key to encrypt with
93 ** "algtag" The algorithm tag to encode (need for RSA only)
94 */
95 extern SECStatus SGN_Digest(SecPrivateKeyRef privKey,
96 SECOidTag digAlgTag, SECOidTag sigAlgTag, SECItem *result, SECItem *digest);
97
98 /****************************************/
99 /*
100 ** Signature verification operations
101 */
102
103
104 /*
105 ** Verify the signature on a block of data for which we already have
106 ** the digest. The signature data is an RSA private key encrypted
107 ** block of data formatted according to PKCS#1.
108 ** "dig" the digest
109 ** "key" the public key to check the signature with
110 ** "sig" the encrypted signature data
111 ** "algid" specifies the signing algorithm to use. This must match
112 ** the key type.
113 **/
114 extern SECStatus VFY_VerifyDigest(SECItem *dig, SecPublicKeyRef key,
115 SECItem *sig, SECOidTag digAlgTag, SECOidTag sigAlgTag, void *wincx);
116
117 /*
118 ** Verify the signature on a block of data. The signature data is an RSA
119 ** private key encrypted block of data formatted according to PKCS#1.
120 ** "buf" the input data
121 ** "len" the length of the input data
122 ** "key" the public key to check the signature with
123 ** "sig" the encrypted signature data
124 ** "algid" specifies the signing algorithm to use. This must match
125 ** the key type.
126 */
127 extern SECStatus VFY_VerifyData(unsigned char *buf, int len,
128 SecPublicKeyRef key, SECItem *sig,
129 SECOidTag digAlgTag, SECOidTag sigAlgTag, void *wincx);
130
131
132
133 extern SECStatus WRAP_PubWrapSymKey(SecPublicKeyRef publickey,
134 SecSymmetricKeyRef bulkkey,
135 CSSM_DATA_PTR encKey);
136
137
138 extern SecSymmetricKeyRef WRAP_PubUnwrapSymKey(SecPrivateKeyRef privkey, CSSM_DATA_PTR encKey, SECOidTag bulkalgtag);
139
140 CFStringRef SECOID_CopyKeyTypeByTag(SECOidTag tag);
141
142 /*
143 * NULL wrap a ref key to raw key in default format.
144 * The utility of this function is that it rescues the actual data content
145 * of the SecSymmetricKeyRef so that we can encrypt it.
146 */
147 OSStatus cmsNullWrapKey(SecKeyRef refKey, CSSM_KEY_PTR rawKey);
148
149 SEC_END_PROTOS
150
151 #endif /* _CRYPTOHI_H_ */