From 06a02e2391625a09e194acf1c6d31aecf2266b8f Mon Sep 17 00:00:00 2001
From: Miloslav Trmač <mitr@redhat.com>
Date: Wed, 27 Oct 2010 00:05:26 +0200
Subject: Add "symmetric signature" (really HMAC) support

---
 include/ncrypto/ncrypto.h | 34 ++++++++++++++++++++++++++++++++++
 1 file changed, 34 insertions(+)

(limited to 'include')

diff --git a/include/ncrypto/ncrypto.h b/include/ncrypto/ncrypto.h
index aef6bb4..24d8e8e 100644
--- a/include/ncrypto/ncrypto.h
+++ b/include/ncrypto/ncrypto.h
@@ -183,4 +183,38 @@ CK_RV ncr_symm_cipher_decrypt (struct ncr_symm_cipher_session *sess, void *dest,
 			       size_t *dest_size_ptr, const void *src,
 			       size_t src_size);
 
+ /* Symmetric signatures */
+
+struct ncr_symm_signature_session;
+
+/* Session lifetime management. */
+CK_RV ncr_symm_signature_alloc (struct ncr_symm_signature_session **sess,
+				CK_MECHANISM_TYPE mech);
+CK_RV ncr_symm_signature_free (struct ncr_symm_signature_session *sess);
+/* Use either ncr_symm_signature_sign_{init,update,final} (), or
+   ncr_symm_signature_{sign_init,sign} ().  After finishing such a call
+   sequence, a new sequence can be started within the same session.  Same for
+   verification sequences.
+
+   Symmetric signature mechanisms  tend to use keys of type
+   CKK_GENERIC_SECRET. */
+CK_RV ncr_symm_signature_sign_init (struct ncr_symm_signature_session *sess,
+				    struct ncr_symm_key *key);
+CK_RV ncr_symm_signature_sign_update (struct ncr_symm_signature_session *sess,
+				      const void *data, size_t size);
+CK_RV ncr_symm_signature_sign_final (struct ncr_symm_signature_session *sess,
+				     void *dest, size_t *size_ptr);
+CK_RV ncr_symm_signature_sign (struct ncr_symm_signature_session *sess,
+			       void *dest, size_t *dest_size_ptr,
+			       const void *data, size_t data_size);
+CK_RV ncr_symm_signature_verify_init (struct ncr_symm_signature_session *sess,
+				      struct ncr_symm_key *key);
+CK_RV ncr_symm_signature_verify_update (struct ncr_symm_signature_session *sess,
+					const void *data, size_t size);
+CK_RV ncr_symm_signature_verify_final (struct ncr_symm_signature_session *sess,
+				       const void *signature, size_t size);
+CK_RV ncr_symm_signature_verify (struct ncr_symm_signature_session *sess,
+				 const void *signature, size_t signature_size,
+				 const void *data, size_t data_size);
+
 #endif
-- 
cgit