matrixpki.h

PeerSec Networks MatrixSSL?is an embedded SSL implementation designed for small footprint applicatio

/*
 *	matrixPki.h
 *	Release $Name: MATRIXSSL_1_7_3_OPEN $
 *	
 *	Public header file for MatrixPKI extension
 *	Implementations interacting with the PKI portion of the
 *	matrixssl library should only use the APIs and definitions
 *	used in this file.
 */
/*
 *	Copyright (c) PeerSec Networks, 2002-2005. All Rights Reserved.
 *	The latest version of this code is available at http://www.matrixssl.org
 *
 *	This software is open source; you can redistribute it and/or modify
 *	it under the terms of the GNU General Public License as published by
 *	the Free Software Foundation; either version 2 of the License, or
 *	(at your option) any later version.
 *
 *	This General Public License does NOT permit incorporating this software 
 *	into proprietary programs.  If you are unable to comply with the GPL, a 
 *	commercial license for this software may be purchased from PeerSec Networks
 *	at http://www.peersec.com
 *	
 *	This program is distributed in WITHOUT ANY WARRANTY; without even the 
 *	implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. 
 *	See the GNU General Public License for more details.
 *	
 *	You should have received a copy of the GNU General Public License
 *	along with this program; if not, write to the Free Software
 *	Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
 *	http://www.gnu.org/copyleft/gpl.html
 */
/******************************************************************************/

#ifndef _h_MATRIXPKI
#define _h_MATRIXPKI

#ifdef __cplusplus
extern "C" {
#endif

/*
	Because the set of APIs exposed here is dependent on the package, the
	crypto layer header must be parsed to determine what defines are configured
	(USE_RSA, and USE_X509 specifically)
*/
#include "../../matrixCommon.h"
#include "../crypto/matrixCrypto.h"

#define REQ_FILE_TYPE 0
#define KEY_FILE_TYPE 1
#define CERT_FILE_TYPE 2

/******************************************************************************/
/*
 *	PKI documented APIs
 */
MATRIXPUBLIC int32 matrixPkiOpen();
MATRIXPUBLIC void matrixPkiClose();

#ifdef USE_RSA
/*
	Private key reading and conversions
*/
#ifdef USE_FILE_SYSTEM
MATRIXPUBLIC int32 matrixRsaReadPrivKey(psPool_t *pool, char *fileName,
								  char *password, char **out, int32 *outLen);
#endif /* USE_FILE_SYSTEM */
MATRIXPUBLIC int32 matrixRsaParsePrivKey(psPool_t *pool, unsigned char *keyBuf,
									 int32 keyBufLen, sslRsaKey_t **key);
MATRIXPUBLIC void matrixRsaFreeKey(sslRsaKey_t *key);
MATRIXPUBLIC int32 matrixRsaConvertToPublicKey(psPool_t *pool,
								sslRsaKey_t *privKey, sslRsaKey_t **pubKey);

/*
	USE_X509 adds certificate support
*/
#ifdef USE_X509
MATRIXPUBLIC int32 matrixRsaReadKeysMem(sslKeys_t **keys, char *certBuf,
						int32 certLen, char *privBuf, int32 privLen,
						char *trustedCABuf, int32 trustedCALen);
MATRIXPUBLIC void	matrixRsaFreeKeys(sslKeys_t *keys);

#ifdef USE_FILE_SYSTEM
MATRIXPUBLIC int32	matrixRsaReadKeys(sslKeys_t **keys, char *certFile,
						char *privFile, char *privPass, char *trustedCAFile);
MATRIXPUBLIC int32 matrixRsaReadKeysEx(psPool_t *pool, sslKeys_t **keys,
				char *certFile, char *privFile, char *privPass,
				char *trustedCAFiles);
MATRIXPUBLIC int32 matrixX509ReadCert(psPool_t *pool, char *fileName,
							   unsigned char **out, int32 *outLen);
MATRIXPUBLIC int32 matrixX509ReadPubKey(psPool_t *pool, char *certFile,
								 sslRsaKey_t **key);
#endif /* USE_FILE_SYSTEM */

MATRIXPUBLIC int32 matrixRsaParseKeysMem(psPool_t *pool, sslKeys_t **keys,
			char *certBuf, int32 certLen, char *privBuf, int32 privLen,
			char *trustedCABuf, int32 trustedCALen);
MATRIXPUBLIC int32 matrixX509ParseCert(psPool_t *pool, unsigned char *certBuf, 
							   int32 certlen, sslRsaCert_t **cert);
MATRIXPUBLIC void matrixX509FreeCert(sslRsaCert_t *cert);
MATRIXPUBLIC int32 matrixX509ParsePubKey(psPool_t *pool, char *certBuf,
									int32 certLen, sslRsaKey_t **key);
MATRIXPUBLIC int32 matrixX509ValidateCert(psPool_t *pool,
						sslRsaCert_t *subjectCert, sslRsaCert_t *issuerCert,
						int32 *valid);
MATRIXPUBLIC int32 matrixX509ValidateCertChain(psPool_t *pool,
						sslRsaCert_t *chain, sslRsaCert_t **subjectCert,
						int32 *valid);
MATRIXPUBLIC int32 matrixX509UserValidator(psPool_t *pool, 
						sslRsaCert_t *subjectCert,
						int32 (*certValidator)(sslCertInfo_t *t, void *arg),
						void *arg);
#endif /* USE_X509 */



#endif /* USE_RSA */
/******************************************************************************/

#ifdef __cplusplus
}
#endif

#endif /* _h_MATRIXPKI */

/******************************************************************************/