1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
|
/*
* Copyright (C) 2007 Martin Willi
* Hochschule fuer Technik Rapperswil
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
* Free Software Foundation; either version 2 of the License, or (at your
* option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
*
* This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* for more details.
*/
/**
* @defgroup private_key private_key
* @{ @ingroup keys
*/
#ifndef PRIVATE_KEY_H_
#define PRIVATE_KEY_H_
typedef struct private_key_t private_key_t;
#include <utils/identification.h>
#include <credentials/keys/public_key.h>
/**
* Abstract private key interface.
*/
struct private_key_t {
/**
* Get the key type.
*
* @return type of the key
*/
key_type_t (*get_type)(private_key_t *this);
/**
* Create a signature over a chunk of data.
*
* @param scheme signature scheme to use
* @param data chunk of data to sign
* @param signature where to allocate created signature
* @return TRUE if signature created
*/
bool (*sign)(private_key_t *this, signature_scheme_t scheme,
chunk_t data, chunk_t *signature);
/**
* Decrypt a chunk of data.
*
* @param crypto chunk containing encrypted data
* @param plain where to allocate decrypted data
* @return TRUE if data decrypted and plaintext allocated
*/
bool (*decrypt)(private_key_t *this, chunk_t crypto, chunk_t *plain);
/**
* Get the strength of the key in bytes.
*
* @return strength of the key in bytes
*/
size_t (*get_keysize) (private_key_t *this);
/**
* Get a unique key identifier, such as a hash over the public key.
*
* @param type type of the key ID to get
* @return unique ID of the key as identification_t, or NULL
*/
identification_t* (*get_id) (private_key_t *this, id_type_t type);
/**
* Get the public part from the private key.
*
* @return public key
*/
public_key_t* (*get_public_key)(private_key_t *this);
/**
* Check if two private keys are equal.
*
* @param other other private key
* @return TRUE, if equality
*/
bool (*equals) (private_key_t *this, private_key_t *other);
/**
* Check if a private key belongs to a public key.
*
* @param public public key
* @return TRUE, if keys belong together
*/
bool (*belongs_to) (private_key_t *this, public_key_t *public);
/**
* Get an encoded form of the private key.
*
* @todo Do we need a encoding type specification?
*
* @return allocated chunk containing encoded private key
*/
chunk_t (*get_encoding)(private_key_t *this);
/**
* Increase the refcount to this private key.
*
* @return this, with an increased refcount
*/
private_key_t* (*get_ref)(private_key_t *this);
/**
* Decrease refcount, destroy private_key if no more references.
*/
void (*destroy)(private_key_t *this);
};
#endif /** PRIVATE_KEY_H_ @}*/
|
