diff options
Diffstat (limited to 'src/libstrongswan/crypto/pkcs7.h')
| -rw-r--r-- | src/libstrongswan/crypto/pkcs7.h | 85 |
1 files changed, 81 insertions, 4 deletions
diff --git a/src/libstrongswan/crypto/pkcs7.h b/src/libstrongswan/crypto/pkcs7.h index c8434225a..74bd25361 100644 --- a/src/libstrongswan/crypto/pkcs7.h +++ b/src/libstrongswan/crypto/pkcs7.h @@ -7,7 +7,7 @@ /* * Copyright (C) 2005 Jan Hutter, Martin Willi - * Copyright (C) 2002-2007 Andreas Steffen + * Copyright (C) 2002-2008 Andreas Steffen * * Hochschule fuer Technik Rapperswil, Switzerland * @@ -21,7 +21,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: pkcs7.h 3302 2007-10-12 21:57:20Z andreas $ + * RCSID $Id: pkcs7.h 3437 2008-02-01 22:26:01Z andreas $ */ #ifndef _PKCS7_H @@ -31,7 +31,9 @@ typedef struct pkcs7_t pkcs7_t; #include <library.h> #include <crypto/x509.h> +#include <crypto/pkcs9.h> #include <crypto/rsa/rsa_private_key.h> +#include <crypto/crypters/crypter.h> #include <utils/iterator.h> /** @@ -39,6 +41,7 @@ typedef struct pkcs7_t pkcs7_t; * * @b Constructors: * -pkcs7_create_from_chunk() + * -pkcs7_create_from_data() * * @ingroup crypto */ @@ -103,14 +106,66 @@ struct pkcs7_t { chunk_t (*get_data) (pkcs7_t *this); /** + * @brief Returns the a DER-encoded contentInfo object + * + * @param this calling object + * @return chunk containing the contentInfo object + */ + chunk_t (*get_contentInfo) (pkcs7_t *this); + + /** * @brief Create an iterator for the certificates. * - * @param this calling object - * @return iterator for the certificates + * @param this calling object + * @return iterator for the certificates */ iterator_t *(*create_certificate_iterator) (pkcs7_t *this); /** + * @brief Add a certificate. + * + * @param this calling object + * @param cert certificate to be included + */ + void (*set_certificate) (pkcs7_t *this, x509_t *cert); + + /** + * @brief Add authenticated attributes. + * + * @param this calling object + * @param attributes attributes to be included + */ + void (*set_attributes) (pkcs7_t *this, pkcs9_t *attributes); + + /** + * @brief Build a data object + * + * @param this PKCS#7 data to be built + * @return TRUE if build was successful + */ + bool (*build_data) (pkcs7_t *this); + + /** + * @brief Build an envelopedData object + * + * @param this PKCS#7 data object to envelop + * @param cert receivers's certificate + * @param alg encryption algorithm + * @return TRUE if build was successful + */ + bool (*build_envelopedData) (pkcs7_t *this, x509_t *cert, encryption_algorithm_t alg); + + /** + * @brief Build an signedData object + * + * @param this PKCS#7 data object to sign + * @param key signer's RSA private key + * @param alg digest algorithm used for signature + * @return TRUE if build was successful + */ + bool (*build_signedData) (pkcs7_t *this, rsa_private_key_t *key, hash_algorithm_t alg); + + /** * @brief Destroys the contentInfo object. * * @param this PKCS#7 contentInfo object to destroy @@ -129,4 +184,26 @@ struct pkcs7_t { */ pkcs7_t *pkcs7_create_from_chunk(chunk_t chunk, u_int level); +/** + * @brief Create a PKCS#7 contentInfo object + * + * @param chunk chunk containing data + * @return created pkcs7_contentInfo object. + * + * @ingroup crypto + */ +pkcs7_t *pkcs7_create_from_data(chunk_t data); + +/** + * @brief Read a X.509 certificate from a DER encoded file. + * + * @param filename file containing DER encoded data + * @param label label describing kind of PKCS#7 file + * @return created pkcs7_t object, or NULL if invalid. + * + * @ingroup crypto + */ +pkcs7_t *pkcs7_create_from_file(const char *filename, const char *label); + + #endif /* _PKCS7_H */ |