1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
|
/*
* Copyright (C) 2017 Tobias Brunner
* HSR Hochschule fuer Technik Rapperswil
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
* Free Software Foundation; either version 2 of the License, or (at your
* option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
*
* This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* for more details.
*/
/**
* @defgroup signature_params signature_params
* @{ @ingroup keys
*/
#ifndef SIGNATURE_PARAMS_H_
#define SIGNATURE_PARAMS_H_
typedef struct signature_params_t signature_params_t;
typedef struct rsa_pss_params_t rsa_pss_params_t;
#include <crypto/hashers/hasher.h>
/**
* Signature scheme with parameters
*/
struct signature_params_t {
/** Signature scheme */
signature_scheme_t scheme;
/** Parameters, depending on scheme */
void *params;
};
/**
* Compare two signature schemes and their parameters
*
* @param a first scheme
* @param b second scheme
* @return TRUE if schemes and parameters are equal
*/
bool signature_params_equal(signature_params_t *a, signature_params_t *b);
/**
* Compare two signature schemes and their parameters
*
* @param c constraint
* @param s scheme
* @return TRUE if scheme complies to constraint
*/
bool signature_params_comply(signature_params_t *c, signature_params_t *s);
/**
* Clone the given scheme and parameters, if any
*
* @return cloned object
*/
signature_params_t *signature_params_clone(signature_params_t *this);
/**
* Destroy the given scheme and parameters, if any
*/
void signature_params_destroy(signature_params_t *this);
/**
* Clear the given parameters, if any, sets the scheme to SIGN_UNKNOWN
*/
void signature_params_clear(signature_params_t *this);
/**
* Parse an ASN.1 algorithmIdentifier with parameters denoting a signature
* scheme.
*
* @param asn1 ASN.1 encoded RSASSA-PSS-params
* @param level0 current level of the ASN.1 parser
* @param params parsed parameters
* @return TRUE if successfully parsed
*/
bool signature_params_parse(chunk_t asn1, int level0,
signature_params_t *params);
/**
* Build ASN.1 algorithmIdentifier with parameters denoting a signature scheme.
*
* @param params signature scheme and parameters to encode
* @param asn1 ASN.1 encoded algorithmIdentifier (allocated)
* @return TRUE if successfully built
*/
bool signature_params_build(signature_params_t *params, chunk_t *asn1);
/**
* Parameters for SIGN_RSA_EMSA_PSS signature scheme
*/
struct rsa_pss_params_t {
/** Hash algorithm */
hash_algorithm_t hash;
/** Hash for the MGF1 function */
hash_algorithm_t mgf1_hash;
/** Salt length, use RSA_PSS_SALT_LEN_DEFAULT for length equal to hash */
ssize_t salt_len;
/** Salt value, for unit tests (not all implementations support this) */
chunk_t salt;
#define RSA_PSS_SALT_LEN_DEFAULT -1
};
/**
* Parse the given ASN.1 algorithm identifier params
*
* @param asn1 ASN.1 encoded RSASSA-PSS-params
* @param level0 current level of the ASN.1 parser
* @param params parsed parameters
* @return TRUE if successfully parsed
*/
bool rsa_pss_params_parse(chunk_t asn1, int level0, rsa_pss_params_t *params);
/**
* Build ASN.1 algorithm identifier params
*
* @param params parameters to encode
* @param asn1 ASN.1 encoded RSASSA-PSS-params (allocated)
* @return TRUE if successfully built
*/
bool rsa_pss_params_build(rsa_pss_params_t *params, chunk_t *asn1);
#endif /** SIGNATURE_PARAMS_H_ @}*/
|
