X-Git-Url: https://git.saurik.com/apple/security.git/blobdiff_plain/80e2389990082500d76eb566d4946be3e786c3ef..d8f41ccd20de16f8ebe2ccc84d47bf1cb2b26bbb:/Security/libsecurity_smime/lib/cryptohi.h diff --git a/Security/libsecurity_smime/lib/cryptohi.h b/Security/libsecurity_smime/lib/cryptohi.h new file mode 100644 index 00000000..f140c4ca --- /dev/null +++ b/Security/libsecurity_smime/lib/cryptohi.h @@ -0,0 +1,143 @@ +/* + * crypto.h - public data structures and prototypes for the crypto library + * + * The contents of this file are subject to the Mozilla Public + * License Version 1.1 (the "License"); you may not use this file + * except in compliance with the License. You may obtain a copy of + * the License at http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS + * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or + * implied. See the License for the specific language governing + * rights and limitations under the License. + * + * The Original Code is the Netscape security libraries. + * + * The Initial Developer of the Original Code is Netscape + * Communications Corporation. Portions created by Netscape are + * Copyright (C) 1994-2000 Netscape Communications Corporation. All + * Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the + * terms of the GNU General Public License Version 2 or later (the + * "GPL"), in which case the provisions of the GPL are applicable + * instead of those above. If you wish to allow use of your + * version of this file only under the terms of the GPL and not to + * allow others to use your version of this file under the MPL, + * indicate your decision by deleting the provisions above and + * replace them with the notice and other provisions required by + * the GPL. If you do not delete the provisions above, a recipient + * may use your version of this file under either the MPL or the + * GPL. + */ + +#ifndef _CRYPTOHI_H_ +#define _CRYPTOHI_H_ + +#include +#include + + +SEC_BEGIN_PROTOS + + +/****************************************/ +/* +** DER encode/decode DSA signatures +*/ + +/* ANSI X9.57 defines DSA signatures as DER encoded data. Our DSA code (and + * most of the rest of the world) just generates 40 bytes of raw data. These + * functions convert between formats. + */ +//extern SECStatus DSAU_EncodeDerSig(SECItem *dest, SECItem *src); +//extern SECItem *DSAU_DecodeDerSig(SECItem *item); + +/* + * Return a csp handle able to deal with algorithm + */ +extern CSSM_CSP_HANDLE SecCspHandleForAlgorithm(CSSM_ALGORITHMS algorithm); + +/* + * Return a CSSM_ALGORITHMS for a given SECOidTag or 0 if there is none + */ +extern CSSM_ALGORITHMS SECOID_FindyCssmAlgorithmByTag(SECOidTag algTag); + + +/****************************************/ +/* +** Signature creation operations +*/ + +/* +** Sign a single block of data using private key encryption and given +** signature/hash algorithm. +** "result" the final signature data (memory is allocated) +** "buf" the input data to sign +** "len" the amount of data to sign +** "pk" the private key to encrypt with +** "algid" the signature/hash algorithm to sign with +** (must be compatible with the key type). +*/ +extern SECStatus SEC_SignData(SECItem *result, unsigned char *buf, int len, + SecPrivateKeyRef pk, SECOidTag digAlgTag, SECOidTag sigAlgTag); + +/* +** Sign a pre-digested block of data using private key encryption, encoding +** The given signature/hash algorithm. +** "result" the final signature data (memory is allocated) +** "digest" the digest to sign +** "pk" the private key to encrypt with +** "algtag" The algorithm tag to encode (need for RSA only) +*/ +extern SECStatus SGN_Digest(SecPrivateKeyRef privKey, + SECOidTag digAlgTag, SECOidTag sigAlgTag, SECItem *result, SECItem *digest); + +/****************************************/ +/* +** Signature verification operations +*/ + + +/* +** Verify the signature on a block of data for which we already have +** the digest. The signature data is an RSA private key encrypted +** block of data formatted according to PKCS#1. +** "dig" the digest +** "key" the public key to check the signature with +** "sig" the encrypted signature data +** "algid" specifies the signing algorithm to use. This must match +** the key type. +**/ +extern SECStatus VFY_VerifyDigest(SECItem *dig, SecPublicKeyRef key, + SECItem *sig, SECOidTag digAlgTag, SECOidTag sigAlgTag, void *wincx); + +/* +** Verify the signature on a block of data. The signature data is an RSA +** private key encrypted block of data formatted according to PKCS#1. +** "buf" the input data +** "len" the length of the input data +** "key" the public key to check the signature with +** "sig" the encrypted signature data +** "algid" specifies the signing algorithm to use. This must match +** the key type. +*/ +extern SECStatus VFY_VerifyData(unsigned char *buf, int len, + SecPublicKeyRef key, SECItem *sig, + SECOidTag digAlgTag, SECOidTag sigAlgTag, void *wincx); + + + +extern SECStatus WRAP_PubWrapSymKey(SecPublicKeyRef publickey, + SecSymmetricKeyRef bulkkey, + CSSM_DATA_PTR encKey); + + +extern SecSymmetricKeyRef WRAP_PubUnwrapSymKey(SecPrivateKeyRef privkey, CSSM_DATA_PTR encKey, SECOidTag bulkalgtag); + + +SEC_END_PROTOS + +#endif /* _CRYPTOHI_H_ */