Simple Cryptographic Program Interface (Crypto API)
RFC 2628
| Document | Type |
RFC - Informational
(June 1999; No errata)
Was draft-smyslov-crypto-api (individual)
|
|
|---|---|---|---|
| Last updated | 2013-03-02 | ||
| Stream | Legacy | ||
| Formats | plain text pdf html bibtex | ||
| Stream | Legacy state | (None) | |
| Consensus Boilerplate | Unknown | ||
| RFC Editor Note | (None) | ||
| IESG | IESG state | RFC 2628 (Informational) | |
| Telechat date | |||
| Responsible AD | (None) | ||
| Send notices to | (None) | ||
Network Working Group V. Smyslov
Request for Comments: 2628 TWS
Category: Informational June 1999
Simple Cryptographic Program Interface (Crypto API)
Status of this Memo
This memo provides information for the Internet community. It does
not specify an Internet standard of any kind. Distribution of this
memo is unlimited.
Copyright Notice
Copyright (C) The Internet Society (1999). All Rights Reserved.
Abstract
This document describes a simple Application Program Interface to
cryptographic functions. The main purpose of such an interface is to
separate cryptographic libraries from internet applications, thus
allowing an independent development of both. It can be used in
various internet applications such as [IPsec], [ISAKMP], [IKE],
[TLS].
Table of Contents
1. Introduction. . . . . . . . . . . . . . . . . . . . . . . . . . 2
1.1. Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . 2
1.2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 2
1.3. Objectives of Development . . . . . . . . . . . . . . . . . . 3
2. Cryptoplugin Structure. . . . . . . . . . . . . . . . . . . . . 3
3. Program Interface . . . . . . . . . . . . . . . . . . . . . . . 4
3.1. Cryptoplugin Initialization Function. . . . . . . . . . . . . 4
3.1.1. Description of CryptoPluginInfo structure . . . . . . . . . 6
3.1.2. Description of CryptoAlgInfo structure. . . . . . . . . . . 6
3.2. Cryptoplugin Deinitialization Function. . . . . . . . . . . . 9
3.3. Cryptographic Context Opening Function. . . . . . . . . . . . 10
3.4. Cryptographic Context Reopening Function. . . . . . . . . . . 11
3.5. Cryptographic Context Closing Function. . . . . . . . . . . . 12
3.6. Key Verification Function . . . . . . . . . . . . . . . . . . 12
3.7. Data Transformation Function. . . . . . . . . . . . . . . . . 13
3.7.1. For CRYPTO_TYPE_ENCRYPT Algorithm Type. . . . . . . . . . . 13
3.7.2. For CRYPTO_TYPE_DECRYPT Algorithm Type. . . . . . . . . . . 14
3.7.3. For CRYPTO_TYPE_SIGN Algorithm Type . . . . . . . . . . . . 15
3.7.4. For CRYPTO_TYPE_VERIFY Algorithm Type . . . . . . . . . . . 17
3.7.5. For CRYPTO_TYPE_COMPRESS Algorithm Type . . . . . . . . . . 18
Smyslov Informational [Page 1]
RFC 2628 Crypto API June 1999
3.7.6. For CRYPTO_TYPE_UNCOMPRESS Algorithm Type . . . . . . . . . 18
3.7.7. For CRYPTO_TYPE_HASH Algorithm Type . . . . . . . . . . . . 19
3.7.8. For CRYPTO_TYPE_RANDOM Algorithm Type. . . . . . . . . . . 21
3.8. Cryptographic Context Control Function. . . . . . . . . . . . 22
4. Cryptoplugin Registration Procedure . . . . . . . . . . . . . . 23
5. Security Considerations . . . . . . . . . . . . . . . . . . . . 23
6. References. . . . . . . . . . . . . . . . . . . . . . . . . . . 23
7. Author's Address . . . . . . . . . . . . . . . . . . . . . . . 24
Appendix A. The interface specification as a C header file . . . . 25
Full Copyright Statement . . . . . . . . . . . . . . . . . . . . . 30
1. Introduction
1.1. Summary
Nowadays internet applications that require cryptographic functions
at the level of operating system kernel, use the method that assumes
the libraries must be compiled/linked together with the module
(driver) which provides product functionality. For the sake of
possibility of independent development of the cryptographic modules
and in order to provide a simple, effective and universal (suitable
for application and as well kernel level of operating system)
solution this specification offers the method to extract encrypting
algorithms to the separate cryptographic modules.
This document describes simple open interface (Crypto API) to
external cryptographic libraries optimized both for the application
and kernel level of the operating system.
1.2. Terminology
Cryptoplugin
Operation system unit (driver, shared library, module) that
provides cryptographic functions via well-defined (but OS-
specific) interface.
Cryptolibrary
Part of cryptoplugin that provides its cryptographic functionality
via Crypto API.
Wrapper
Part of cryptoplugin that provides interfaces translation between
Crypto API and OS-specific interface.
Smyslov Informational [Page 2]
RFC 2628 Crypto API June 1999
Definition of all cryptography related terms can be found in
[Schneier].
1.3. Objectives of Development
The objectives of Simple CryptoAPI development are as follows:
1) To extract program implementations of encryption, one-way hash
function, digital signature and random numbers generation
Show full document text