diff options
Diffstat (limited to 'src/libstrongswan/credentials/keys/public_key.h')
-rw-r--r-- | src/libstrongswan/credentials/keys/public_key.h | 16 |
1 files changed, 9 insertions, 7 deletions
diff --git a/src/libstrongswan/credentials/keys/public_key.h b/src/libstrongswan/credentials/keys/public_key.h index 06c1aa488..877ed20a2 100644 --- a/src/libstrongswan/credentials/keys/public_key.h +++ b/src/libstrongswan/credentials/keys/public_key.h @@ -1,7 +1,7 @@ /* - * Copyright (C) 2015 Tobias Brunner - * Copyright (C) 2007 Martin Willi + * Copyright (C) 2015-2017 Tobias Brunner * Copyright (C) 2014-2017 Andreas Steffen + * Copyright (C) 2007 Martin Willi * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it @@ -28,7 +28,6 @@ typedef enum key_type_t key_type_t; typedef enum signature_scheme_t signature_scheme_t; typedef enum encryption_scheme_t encryption_scheme_t; -#include <library.h> #include <utils/identification.h> #include <credentials/cred_encoding.h> @@ -89,6 +88,8 @@ enum signature_scheme_t { SIGN_RSA_EMSA_PKCS1_SHA3_384, /** EMSA-PKCS1_v1.5 signature as in PKCS#1 using RSA and SHA-3_512 */ SIGN_RSA_EMSA_PKCS1_SHA3_512, + /** EMSA-PSS signature as in PKCS#1 using RSA */ + SIGN_RSA_EMSA_PSS, /** ECDSA with SHA-1 using DER encoding as in RFC 3279 */ SIGN_ECDSA_WITH_SHA1_DER, /** ECDSA with SHA-256 using DER encoding as in RFC 3279 */ @@ -168,12 +169,13 @@ struct public_key_t { /** * Verifies a signature against a chunk of data. * - * @param scheme signature scheme to use for verification, may be default + * @param scheme signature scheme to use for verification + * @param params optional parameters required by the specified scheme * @param data data to check signature against * @param signature signature to check * @return TRUE if signature matches */ - bool (*verify)(public_key_t *this, signature_scheme_t scheme, + bool (*verify)(public_key_t *this, signature_scheme_t scheme, void *params, chunk_t data, chunk_t signature); /** @@ -279,11 +281,11 @@ int signature_scheme_to_oid(signature_scheme_t scheme); /** * Enumerate signature schemes that are appropriate for a key of the given type - * and size|strength. + * and size|strength ordered by increasing strength. * * @param type type of the key * @param size size or strength of the key - * @return enumerator over signature_scheme_t (increasing strength) + * @return enumerator over signature_params_t* (by strength) */ enumerator_t *signature_schemes_for_key(key_type_t type, int size); |