Simple Cryptographic Program Interface (Crypto API)
RFC 2628
Document | Type |
RFC - Informational
(June 1999; No errata)
Was draft-smyslov-crypto-api (individual)
|
|
---|---|---|---|
Author | Valery Smyslov | ||
Last updated | 2013-03-02 | ||
Stream | Legacy | ||
Formats | plain text html pdf htmlized bibtex | ||
Stream | Legacy state | (None) | |
Consensus Boilerplate | Unknown | ||
RFC Editor Note | (None) | ||
IESG | IESG state | RFC 2628 (Informational) | |
Telechat date | |||
Responsible AD | (None) | ||
Send notices to | (None) |
Network Working Group V. Smyslov Request for Comments: 2628 TWS Category: Informational June 1999 Simple Cryptographic Program Interface (Crypto API) Status of this Memo This memo provides information for the Internet community. It does not specify an Internet standard of any kind. Distribution of this memo is unlimited. Copyright Notice Copyright (C) The Internet Society (1999). All Rights Reserved. Abstract This document describes a simple Application Program Interface to cryptographic functions. The main purpose of such an interface is to separate cryptographic libraries from internet applications, thus allowing an independent development of both. It can be used in various internet applications such as [IPsec], [ISAKMP], [IKE], [TLS]. Table of Contents 1. Introduction. . . . . . . . . . . . . . . . . . . . . . . . . . 2 1.1. Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 1.2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 2 1.3. Objectives of Development . . . . . . . . . . . . . . . . . . 3 2. Cryptoplugin Structure. . . . . . . . . . . . . . . . . . . . . 3 3. Program Interface . . . . . . . . . . . . . . . . . . . . . . . 4 3.1. Cryptoplugin Initialization Function. . . . . . . . . . . . . 4 3.1.1. Description of CryptoPluginInfo structure . . . . . . . . . 6 3.1.2. Description of CryptoAlgInfo structure. . . . . . . . . . . 6 3.2. Cryptoplugin Deinitialization Function. . . . . . . . . . . . 9 3.3. Cryptographic Context Opening Function. . . . . . . . . . . . 10 3.4. Cryptographic Context Reopening Function. . . . . . . . . . . 11 3.5. Cryptographic Context Closing Function. . . . . . . . . . . . 12 3.6. Key Verification Function . . . . . . . . . . . . . . . . . . 12 3.7. Data Transformation Function. . . . . . . . . . . . . . . . . 13 3.7.1. For CRYPTO_TYPE_ENCRYPT Algorithm Type. . . . . . . . . . . 13 3.7.2. For CRYPTO_TYPE_DECRYPT Algorithm Type. . . . . . . . . . . 14 3.7.3. For CRYPTO_TYPE_SIGN Algorithm Type . . . . . . . . . . . . 15 3.7.4. For CRYPTO_TYPE_VERIFY Algorithm Type . . . . . . . . . . . 17 3.7.5. For CRYPTO_TYPE_COMPRESS Algorithm Type . . . . . . . . . . 18 Smyslov Informational [Page 1] RFC 2628 Crypto API June 1999 3.7.6. For CRYPTO_TYPE_UNCOMPRESS Algorithm Type . . . . . . . . . 18 3.7.7. For CRYPTO_TYPE_HASH Algorithm Type . . . . . . . . . . . . 19 3.7.8. For CRYPTO_TYPE_RANDOM Algorithm Type. . . . . . . . . . . 21 3.8. Cryptographic Context Control Function. . . . . . . . . . . . 22 4. Cryptoplugin Registration Procedure . . . . . . . . . . . . . . 23 5. Security Considerations . . . . . . . . . . . . . . . . . . . . 23 6. References. . . . . . . . . . . . . . . . . . . . . . . . . . . 23 7. Author's Address . . . . . . . . . . . . . . . . . . . . . . . 24 Appendix A. The interface specification as a C header file . . . . 25 Full Copyright Statement . . . . . . . . . . . . . . . . . . . . . 30 1. Introduction 1.1. Summary Nowadays internet applications that require cryptographic functions at the level of operating system kernel, use the method that assumes the libraries must be compiled/linked together with the module (driver) which provides product functionality. For the sake of possibility of independent development of the cryptographic modules and in order to provide a simple, effective and universal (suitable for application and as well kernel level of operating system) solution this specification offers the method to extract encrypting algorithms to the separate cryptographic modules. This document describes simple open interface (Crypto API) to external cryptographic libraries optimized both for the application and kernel level of the operating system. 1.2. Terminology Cryptoplugin Operation system unit (driver, shared library, module) that provides cryptographic functions via well-defined (but OS- specific) interface. Cryptolibrary Part of cryptoplugin that provides its cryptographic functionality via Crypto API. Wrapper Part of cryptoplugin that provides interfaces translation between Crypto API and OS-specific interface. Smyslov Informational [Page 2] RFC 2628 Crypto API June 1999 Definition of all cryptography related terms can be found in [Schneier]. 1.3. Objectives of Development The objectives of Simple CryptoAPI development are as follows: 1) To extract program implementations of encryption, one-way hash function, digital signature and random numbers generationShow full document text