#include <certificate-impl.h>
#include <ckm/ckm-type.h>
#include <openssl/evp.h>
+#include <token.h>
#define EVP_SUCCESS 1 // DO NOTCHANGE THIS VALUE
#define EVP_FAIL 0 // DO NOTCHANGE THIS VALUE
namespace SW {
namespace Internals {
+// During initialization, FIPS_MODE and the entropy source are set
+// and system certificates are loaded to memory.
+// FIPS_MODE - ON, OFF(Default)
+// entropy source - /dev/random,/dev/urandom(Default)
int initialize();
-void createKeyPairRSA(const int size,
- KeyImpl &createdPrivateKey,
- KeyImpl &createdPublicKey);
-
-void createKeyPairDSA(const int size,
- KeyImpl &createdPrivateKey,
- KeyImpl &createdPublicKey);
-
-void createKeyPairECDSA(ElipticCurve type1,
- KeyImpl &createdPrivateKey,
- KeyImpl &createdPublicKey);
+TokenPair createKeyPairRSA(CryptoBackend backendId, const int size);
+TokenPair createKeyPairDSA(CryptoBackend backendId, const int size);
+TokenPair createKeyPairECDSA(CryptoBackend backendId, ElipticCurve type1);
+Token createKeyAES(CryptoBackend backendId, const int sizeBits);
+
+TokenPair generateAKey(CryptoBackend backendId, const CryptoAlgorithm &algorithm);
+Token generateSKey(CryptoBackend backendId, const CryptoAlgorithm &algorithm);
+
+RawBuffer symmetricEncrypt(const RawBuffer &key,
+ const CryptoAlgorithm &alg,
+ const RawBuffer &data);
+RawBuffer symmetricDecrypt(const RawBuffer &key,
+ const CryptoAlgorithm &alg,
+ const RawBuffer &cipher);
+
+std::pair<RawBuffer, RawBuffer> encryptDataAesGcm(const RawBuffer &key,
+ const RawBuffer &data,
+ const RawBuffer &iv,
+ int tagSizeBits);
+
+RawBuffer decryptDataAesGcm(const RawBuffer &key,
+ const RawBuffer &data,
+ const RawBuffer &iv,
+ const RawBuffer &tag);
+
+RawBuffer encryptDataAesCbc(const RawBuffer &key,
+ const RawBuffer &data,
+ const RawBuffer &iv);
+
+RawBuffer decryptDataAesCbc(const RawBuffer &key,
+ const RawBuffer &data,
+ const RawBuffer &iv);
RawBuffer sign(EVP_PKEY *pkey,
const CryptoAlgorithm &alg,