Simple Cryptographic Program Interface (Crypto API)
RFC 2628

Document Type RFC - Informational (June 1999; No errata)
Was draft-smyslov-crypto-api (individual)
Last updated 2013-03-02
Stream Legacy
Formats plain text pdf html bibtex
Stream Legacy state (None)
Consensus Boilerplate Unknown
RFC Editor Note (None)
IESG IESG state RFC 2628 (Informational)
Telechat date
Responsible AD (None)
Send notices to (None)
Network Working Group                                         V. Smyslov
Request for Comments: 2628                                           TWS
Category: Informational                                        June 1999

          Simple Cryptographic Program Interface (Crypto API)

Status of this Memo

   This memo provides information for the Internet community.  It does
   not specify an Internet standard of any kind.  Distribution of this
   memo is unlimited.

Copyright Notice

   Copyright (C) The Internet Society (1999).  All Rights Reserved.

Abstract

   This document describes a simple Application Program Interface to
   cryptographic functions. The main purpose of such an interface is to
   separate cryptographic libraries from internet applications, thus
   allowing an independent development of both. It can be used in
   various internet applications such as [IPsec], [ISAKMP], [IKE],
   [TLS].

Table of Contents

   1. Introduction. . . . . . . . . . . . . . . . . . . . . . . . . .  2
   1.1. Summary . . . . . . . . . . . . . . . . . . . . . . . . . . .  2
   1.2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . .  2
   1.3. Objectives of Development . . . . . . . . . . . . . . . . . .  3
   2. Cryptoplugin Structure. . . . . . . . . . . . . . . . . . . . .  3
   3. Program Interface . . . . . . . . . . . . . . . . . . . . . . .  4
   3.1. Cryptoplugin Initialization Function. . . . . . . . . . . . .  4
   3.1.1. Description of CryptoPluginInfo structure . . . . . . . . .  6
   3.1.2. Description of CryptoAlgInfo structure. . . . . . . . . . .  6
   3.2. Cryptoplugin Deinitialization Function. . . . . . . . . . . .  9
   3.3. Cryptographic Context Opening Function. . . . . . . . . . . . 10
   3.4. Cryptographic Context Reopening Function. . . . . . . . . . . 11
   3.5. Cryptographic Context Closing Function. . . . . . . . . . . . 12
   3.6. Key Verification Function . . . . . . . . . . . . . . . . . . 12
   3.7. Data Transformation Function. . . . . . . . . . . . . . . . . 13
   3.7.1. For CRYPTO_TYPE_ENCRYPT Algorithm Type. . . . . . . . . . . 13
   3.7.2. For CRYPTO_TYPE_DECRYPT Algorithm Type. . . . . . . . . . . 14
   3.7.3. For CRYPTO_TYPE_SIGN Algorithm Type . . . . . . . . . . . . 15
   3.7.4. For CRYPTO_TYPE_VERIFY Algorithm Type . . . . . . . . . . . 17
   3.7.5. For CRYPTO_TYPE_COMPRESS Algorithm Type . . . . . . . . . . 18

Smyslov                      Informational                      [Page 1]
RFC 2628                       Crypto API                      June 1999

   3.7.6. For CRYPTO_TYPE_UNCOMPRESS Algorithm Type . . . . . . . . . 18
   3.7.7. For CRYPTO_TYPE_HASH Algorithm Type . . . . . . . . . . . . 19
   3.7.8. For CRYPTO_TYPE_RANDOM Algorithm Type.  . . . . . . . . . . 21
   3.8. Cryptographic Context Control Function. . . . . . . . . . . . 22
   4. Cryptoplugin Registration Procedure . . . . . . . . . . . . . . 23
   5. Security Considerations . . . . . . . . . . . . . . . . . . . . 23
   6. References. . . . . . . . . . . . . . . . . . . . . . . . . . . 23
   7. Author's Address  . . . . . . . . . . . . . . . . . . . . . . . 24
   Appendix A. The interface specification as a C header file . . . . 25
   Full Copyright Statement . . . . . . . . . . . . . . . . . . . . . 30

1. Introduction

1.1. Summary

   Nowadays internet applications that require cryptographic functions
   at the level of operating system kernel, use the method that assumes
   the libraries must be compiled/linked together with the module
   (driver) which provides product functionality. For the sake of
   possibility of independent development of the cryptographic modules
   and in order to provide a simple, effective and universal (suitable
   for application and as well kernel level of operating system)
   solution this specification offers the method to extract encrypting
   algorithms to the separate cryptographic modules.

   This document describes simple open interface (Crypto API) to
   external cryptographic libraries optimized both for the application
   and kernel level of the operating system.

1.2. Terminology

   Cryptoplugin

      Operation system unit (driver, shared library, module) that
      provides cryptographic functions via well-defined (but OS-
      specific) interface.

   Cryptolibrary

      Part of cryptoplugin that provides its cryptographic functionality
      via Crypto API.

   Wrapper

      Part of cryptoplugin that provides interfaces translation between
      Crypto API and OS-specific interface.

Smyslov                      Informational                      [Page 2]
RFC 2628                       Crypto API                      June 1999

   Definition of all cryptography related terms can be found in
   [Schneier].

1.3. Objectives of Development

   The objectives of Simple CryptoAPI development are as follows:

      1) To extract program implementations of encryption, one-way hash
         function, digital signature and random numbers generation
Show full document text