PKIFCNGCAPI.h

Go to the documentation of this file.

#ifndef __PKIFCNGCAPI_H__
#define __PKIFCNGCAPI_H__

#include "PKIFdll.h"
#include "IPKIFCryptoKeyID.h"
#include "IPKIFCAPISource.h"
#include "IPKIFCryptoKeyAgree.h"
#include "components.h"

#include <wincrypt.h>
#include <bitset>


struct CPKIFCNGCAPIImpl;
FD_LIST_PTR(CPKIFCredential);
FD_SMART_PTR(CPKIFKeyUsage);

class CAC_API CPKIFCNGCAPI : public IPKIFColleague, public IPKIFCryptoKeyID, public IPKIFCAPISource, public IPKIFCryptoKeyAgree
{
    friend struct CPKIFCNGCAPIImpl;
public:
    CPKIFCNGCAPI(const char* provider = NULL, int provType = 0, int sysStoRegLoc = CERT_SYSTEM_STORE_CURRENT_USER);
    virtual ~CPKIFCNGCAPI(void);

    //IPKIFColleague functions
    void Initialize();

    //Miscellaneous functions
    void GetKeyList(CPKIFCredentialList& v,std::bitset<9>* = NULL);
    void GetKeyList(CPKIFCredentialList& v, CPKIFKeyUsagePtr& ku);

    //key management
    bool OwnsKey(const CPKIFCredential& keyID) const;
    CPKIFCredentialPtr MakeKeyID(const std::string& asciiHexKeyID);

    //functions that operate on key handles
    void Sign(const CPKIFCredential& key, unsigned char* pHashData, int nHashDataLen, unsigned char* pSignature, int* nSignatureLen, PKIFCRYPTO::HASH_ALG hashAlg);
    void Decrypt(const CPKIFCredential& key, unsigned char* pData, int nDataLen, unsigned char* pResult, int* pnResultLen);
    void Encrypt(const CPKIFCredential& key, unsigned char* pData, int nDataLen, unsigned char* pResult, int* pnResultLen);
    bool Verify(const CPKIFCredential& key, unsigned char* pHashData, int nHashDataLen, unsigned char* pSignature, int nSignatureLen, PKIFCRYPTO::HASH_ALG hashAlg);

    IPKIFCryptContext* CryptInit(CPKIFCredentialPtr& key, bool pad = true);
    void Decrypt(IPKIFCryptContext* cryptContext, unsigned char* pData, int nDataLen, unsigned char* pResult, int* pnResultLen, bool final);
    void Encrypt(IPKIFCryptContext* cryptContext, unsigned char* pData, int nDataLen, unsigned char* pResult, int* pnResultLen, bool final);

    //IPKIFCryptoKeyAgree methods
    // ephemeral-static or static-static key agreement
    virtual IPKIFKeyAgreeContextPtr SecretAgree(CPKIFCredentialPtr& myPrivateKey, const CPKIFCertificatePtr& theirCert, 
        const CPKIFAlgorithm * alg);
    virtual IPKIFKeyAgreeContextPtr SecretAgree(CPKIFCredentialPtr& myPrivateKey, const CPKIFBufferPtr& theirPublicKey, 
        const CPKIFAlgorithm * alg);

    // (single-pass only) authenticated key agreement
    // originator interfaces
    virtual IPKIFKeyAgreeContextPtr SecretAgree(const CPKIFCredentialPtr& myPrivateKey, CPKIFCredentialPtr & ephemeralKeyPair,
        const CPKIFCertificatePtr& theirCert, const CPKIFAlgorithm * alg);
    virtual IPKIFKeyAgreeContextPtr SecretAgree(const CPKIFCredentialPtr& myPrivateKey, CPKIFCredentialPtr & ephemeralKeyPair,
        const CPKIFBufferPtr& theirPublicKey, const CPKIFAlgorithm * alg);
    // recipient interfaces
    virtual IPKIFKeyAgreeContextPtr SecretAgree(const CPKIFCredentialPtr& myPrivateKey, const CPKIFBufferPtr& ephemeralPublicKey, 
        const CPKIFCertificatePtr& theirCert, const CPKIFAlgorithm * alg);
    virtual IPKIFKeyAgreeContextPtr SecretAgree(const CPKIFCredentialPtr& myPrivateKey, const CPKIFBufferPtr& ephemeralPublicKey, 
        const CPKIFBufferPtr& theirPublicKey, const CPKIFAlgorithm * alg);
    
    virtual CPKIFKeyMaterialPtr DeriveKey(const IPKIFKeyAgreeContextPtr & context, unsigned long keyLen);


private:
    CPKIFCNGCAPI(const CPKIFCNGCAPI& copy);
    CPKIFCNGCAPI& operator=(const CPKIFCNGCAPI& rhs); //added 4/6/2004
    
    enum { thisComponent = TOOLKIT_CRYPTO_CAPI };
    
    struct CPKIFCNGCAPIImpl *m_impl;

};
DECLARE_SMART_POINTERS(CPKIFCNGCAPI);

#endif