edtk.h

加解密包

#ifndef HEADER_EDTK_H
#define HEADER_EDTK_H

#ifdef __cplusplus
extern "C" {
#endif
  typedef struct EDtkSSL_t EDtkSSL;

  /* Function: EDtkInit
   * Description: initialize the tooltik.
   * Return value:
   *   1 : successful.
   *   0 : failed.
   */
  int EDtkInit();
  
  /* Function: EDtkEncrypt
   * Description: encrypt and sign a message
   * Parameters:
   *   msg     : a buffer of data to be encrypted.
   *   m_len   : the size of MSG.
   *   out     : the buffer for encrypted data.
   *   o_len   : the pointer of the size of OUT.
   *             A real size will be returned.
   *   pubkey  : the public key to encrypt MSG in PEM format.
   *   pub_len : the length of PUBKEY.
   *             (-1, unspecified.)
   *   privkey : the private key to sign MSG in PEM format.
   *   priv_len: the length of PRIVKEY.
   *             (-1, unspecified.)
   *   passin  : the password for PRIVKEY.
   * Return value:
   *   1 : successful.
   *   0 : failed.
   * 
   */
  int EDtkEncrypt(const unsigned char *msg, int m_len,
                  unsigned char *out, int *o_len,
                  const char *pubkey, int pub_len,
                  const char *privkey, int priv_len,
                  const char *passin);
                  
  /* Function: EDtkDecrypt
   * Description: decrypt and verify a message
   * Parameters:
   *   msg     : a buffer of data to be decrypted.
   *   m_len   : the size of MSG.
   *   out     : the buffer for decrypted data.
   *   o_len   : the pointer of the size of OUT.
   *             A real size will be returned.
   *   pubkey  : the public key to verify MSG in PEM format.
   *   pub_len : the length of PUBKEY.
   *             (-1, unspecified.)
   *   privkey : the private key to decrypt MSG in PEM format.
   *   priv_len: the length of PRIVKEY.
   *             (-1, unspecified.)
   *   passin  : the password for PRIVKEY.
   * Return value:
   *   1 : successful.
   *   0 : failed.
   * 
   */
  int EDtkDecrypt(const unsigned char *msg, int m_len,
                  unsigned char *out, int *o_len,
                  const char *pubkey, int pub_len,
                  const char *privkey, int priv_len,
                  const char *passin);

  /* Function: EDtkVerifyPrivateKey
   * Description: verify the password for a private key
   * Parameters:
   *   privkey : the private key in PEM format.
   *   priv_len: the length of PRIVKEY.
   *             (-1, unspecified.)
   *   passin  : the password for PRIVKEY.
   * Return value:
   *   1 : successful.
   *   0 : failed.
   */
  int EDtkVerifyPrivateKey(const char *privkey, int priv_len,
                           const char *passin);


  /* Function: EDtkChangePassword
   * Description: change the password for a private key
   * Parameters:
   *   privkey : the private key in PEM format.
   *   priv_len: the length of PRIVKEY.
   *             (-1, unspecified.)
   *   passin  : the password for PRIVKEY.
   *   newpass : the new password for PRIVKEY.
   *   out     : the pointer to the new private key in PEM format.
   *             Must be freed by EDtkFree.             
   *   o_len   : the pointer of the size of OUT.
   * Return value:
   *   1 : successful.
   *   0 : failed.
   */
  int EDtkChangePassword(const char *privkey, int priv_len,
                         const char *passin, const char *newpass,
                         unsigned char **out, int *o_len);

  /* Function: EDtkBase64Encode
   * Description: encode a buffer in base64
   * Parameters:
   *   in      : the input buffer.
   *   in_len  : the length of IN.
   *   out     : the pointer to the output buffer.
   *             Must be freed by EDtkFree.             
   *   o_len   : the pointer of the size of OUT.
   * Return value:
   *   1 : successful.
   *   0 : failed.
   */
  int EDtkBase64Encode(const unsigned char *in, int len,
                       char **out, int *o_len);

  /* Function: EDtkBase64Decode
   * Description: decode a buffer in base64
   * Parameters:
   *   in      : the input buffer.
   *   in_len  : the length of IN.
   *   out     : the pointer to the output buffer.
   *             Must be freed by EDtkFree.             
   *   o_len   : the pointer of the size of OUT.
   * Return value:
   *   1 : successful.
   *   0 : failed.
   */
  int EDtkBase64Decode(const char *in, int len,
                       unsigned char **out, int *o_len);

  /* Function: EDtk3DESEncrypt
   * Description: encrypt a buffer in 3DES
   * Parameters:
   *   in      : the input buffer.
   *   in_len  : the length of IN.
   *   out     : the pointer to the output buffer.
   *             Must be freed by EDtkFree.             
   *   o_len   : the pointer of the size of OUT.
   *   password: the password.
   * Return value:
   *   1 : successful.
   *   0 : failed.
   */
  int EDtk3DESEncrypt(const unsigned char *in, int len,
                      char **out, int *o_len,
                      char* password);

  /* Function: EDtk3DESDecrypt
   * Description: decrypt a buffer in 3DES
   * Parameters:
   *   in      : the input buffer.
   *   in_len  : the length of IN.
   *   out     : the pointer to the output buffer.
   *             Must be freed by EDtkFree.             
   *   o_len   : the pointer of the size of OUT.
   *   password: the password.
   * Return value:
   *   1 : successful.
   *   0 : failed.
   */
  int EDtk3DESDecrypt(const char *in, int len,
                      unsigned char **out, int *o_len,
                      char* password);

  /* Function: EDtk3DESEncryptFile
   * Description: encrypt a file in 3DES
   * Parameters:
   *   in      : the input FILE ptr.
   *   out     : the output FILE ptr.
   *   password: the password.
   * Return value:
   *   1 : successful.
   *   0 : failed.
   */
  int EDtk3DESEncryptFile(FILE *in, FILE *out, char* password);

  /* Function: EDtk3DESDecryptFile
   * Description: decrypt a file in 3DES
   * Parameters:
   *   in      : the input FILE ptr.
   *   out     : the output FILE ptr.
   *   password: the password.
   * Return value:
   *   1 : successful.
   *   0 : failed.
   */
  int EDtk3DESDecryptFile(FILE *in, FILE *out, char* password);

  /* Function: EDtkFree
   * Description: Free a pointer
   * Parameters:
   *   p       : the pointer
   * Return value:
   *   1 : successful.
   *   0 : failed.
   */
  int EDtkFree(void*p);

  /* Function: EDtkFinish
   * Description: finish the tooltik.
   * Return value:
   *   1 : successful.
   *   0 : failed.
   */
  int EDtkFinish();

  /* Function: EDtkLoadCertificate
   * Description : Load a certificate from memory buffer.
   * Parameters:
   *   buf   : the input buffer.
   *   len   : the length of BUF.
   * Return value:
   *   NULL      : failed.
   *   Otherwise : the certificate, which must free by EDtkFreeCertificate.
   */
  struct x509_st *EDtkLoadCertificate(char*buf,int len);

  /* Function: EDtkFreeCertificate
   * Description : Free a certificate.
   * Parameters:
   *   cert  : the certificate.
   * Return value:
   *   0      : failed.
   *   1      : successful.
   */
  int EDtkFreeCertificate(struct x509_st *cert);

  /* Function: EDtkCertificateSubject
   * Description : Get subject (Common name, etc) of a certificate.
   * Parameters:
   *   cert   : the certificate.
   * Return value:
   *   NULL      : failed.
   *   Otherwise : the pointer to the subject,
   *               which must free by EDtkFree.
   */
  char *EDtkCertificateSubject(struct x509_st *cert);

  /* Function: EDtkCertificateNotBefore
   * Description : Get start time of a certificate.
   * Parameters:
   *   cert   : the certificate.
   * Return value:
   *   NULL      : failed.
   *   Otherwise : the time in ASN1 format (YYYYMMDDhhmmssZ),
   *               which must free by EDtkFree.
   */
  char *EDtkCertificateNotBefore(struct x509_st *cert);

  /* Function: EDtkCertificateNotAfter
   * Description : Get expiration time of a certificate.
   * Parameters:
   *   cert   : the certificate.
   * Return value:
   *   NULL      : failed.
   *   Otherwise : the time in ASN1 format (YYYYMMDDhhmmssZ),
   *               which must free by EDtkFree.
   */
  char *EDtkCertificateNotAfter(struct x509_st *cert);

  /* Function: EDtkCertificateEXpireInDays
   * Description : Get days to expiration date of certificate.
   * Parameters:
   *   cert   : the certificate.
   * Return value:
   *   negtive : the certificate is expired.
   *   0       : today is the expiration day.
   *   positive: days to expiration date of certificate.
   */
  int EDtkCertificateExpireInDays(struct x509_st *cert);

  /* Function: EDtkCertificateVerify
   * Description : Verify a certificate
   * Parameters:
   *   cert   : the certificate.
   *   cacert : the certificate of CA.
   * Return value:
   *   0 : failed.
   *   1 : successful.
   */
  int EDtkCertificateVerify(struct x509_st *cert, struct x509_st *cacert);
  
  /* Function: EDtkDigestSHA1
   * Description : Digest DATA
   * Parameters:
   *   data   : the input data.
   *   count  : the length of DATA.
   *   md     : the output hash. Size should be 20 or more.
   *   size   : the point to the actual output length of MD.
   * Return value:
   *   0      : failed.
   *   1      : successful.
   */
  int EDtkDigestSHA1(void *data, unsigned int count, unsigned char *md, unsigned *size);

  /* Function: EDtkSign
   * Description : Sign a message.
   * Parameters:
   *   msg    : the message data.
   *   m_len  : the length of MSG.
   *   out    : the output data.
   *   o_len  : the pointer to the length of output data.
   *   privkey : the private key to sign MSG in PEM format.
   *   priv_len: the length of PRIVKEY.
   *             (-1, unspecified.)
   *   passin  : the password for PRIVKEY.
   * Return value:
   *   0      : failed.
   *   1      : successful.
   */
  int EDtkSign(const unsigned char *msg, int m_len,
               unsigned char *out, int *o_len,
               char *privkey, unsigned int priv_len, char *passin);

  /* Function: EDtkVerify
   * Description : Verify a message.
   * Parameters:
   *   msg    : the message data.
   *   m_len  : the length of MSG.
   *   sign   : the signature data.
   *   s_len  : the length of signature data.
   *   pubkey : the public key.
   *   pub_len: the length of PUBKEY.
   *             (-1, unspecified.)
   * Return value:
   *   0      : failed.
   *   1      : successful.
   */
  int EDtkVerify(const unsigned char *msg, int m_len,
                 unsigned char *sign, int s_len,
                 char *pubkey, unsigned int pub_len);


  /* Function: EDtkPBEsalt
   * Description : Generate random DATA
   * Parameters:
   *   salt      : the pointer to the random data;
   *             which must free by EDtkFree.
   * Return value:
   *   0      : failed.
   *   1      : successful.
   */
  int EDtkPBEsalt(unsigned char **salt);

  /* Function: EDtkFixedsalt
   * Description : Generate fixed DATA
   * Parameters:
   *   salt      : the pointer to the fixed data;
   *             which must free by EDtkFree.
   * Return value:
   *   0      : failed.
   *   1      : successful.
   */
  int EDtkFixedsalt(unsigned char **salt);

  /* Function: EDtkPBEhash
   * Description : Digest DATA
   * Parameters:
   *   in      : the input data.
   *   in_len  : the length of DATA.
   *   iv      : the random data, generated by EDtkPBEiv;
   *   out     : the pointer to output data.
   *             which must free by EDtkFree.
   *   o_len   : the pointer to the actual output length.
   * Return value:
   *   0      : failed.
   *   1      : successful.
   */
  int EDtkPBEhash(const char *in, int in_len,
                  const unsigned char *iv, 
                  unsigned char **out, int *o_len);

  struct x509_st *EDtkLoadCertificateFile(const char*url);
  struct evp_pkey_st *EDtkLoadPrivateKeyFile(const char*url, const char *pass);
  struct X509_crl_st *EDtkLoadCRLFile(const char*url);
  struct stack_st *EDtkNewStack();

  int EDtkFreePrivateKey(struct evp_pkey_st*);
  int EDtkFreeCRL(struct X509_crl_st *crl);
  void EDtkFreeStack(struct stack_st *certs);

  int EDtkCertificateVerifyCRL(struct x509_st *cert, struct x509_st *cacert,
                               struct X509_crl_st * crl);
  int EDtkAddCertificate(struct stack_st* certs,struct x509_st *cert);
  int EDtkFileEncrypt(const char *in,
                      const char *out,
                      struct evp_pkey_st * pkey,
                      struct x509_st * signcert,
                      struct stack_st *recips,
                      struct stack_st *certs);
  int EDtkFileDecrypt(const char *in, const char *out,
                      struct evp_pkey_st *pkey, struct x509_st *cert);
  int EDtkFileInfo(const char *in);
  EDtkSSL *EDtkSSLnew(struct x509_st *cert, struct evp_pkey_st *pkey,
                      const char *cafile, const char*capath);
  int EDtkSSLbind(EDtkSSL* self, int port);
  int EDtkSSLaccept(EDtkSSL* self, EDtkSSL* another);
  int EDtkSSLconnect(EDtkSSL* self, char *host, int port);
  int EDtkSSLclose(EDtkSSL* self);
  int EDtkSSLread(EDtkSSL* self,char *buf,size_t size);
  int EDtkSSLwrite(EDtkSSL* self,const char *buf, size_t size);

  void EDtk_print_errors_fp(FILE *fp);
#ifdef  __cplusplus
}
#endif
#endif