summaryrefslogtreecommitdiff
path: root/src/libstrongswan/crypto/rsa/rsa_private_key.h
blob: 9ec07704eacd3f0cfd1ff5944a7325bd202851f7 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
/**
 * @file rsa_private_key.h
 * 
 * @brief Interface of rsa_private_key_t.
 * 
 */

/*
 * Copyright (C) 2005-2006 Martin Willi
 * Copyright (C) 2005 Jan Hutter
 * Hochschule fuer Technik Rapperswil
 *
 * This program is free software; you can redistribute it and/or modify it
 * under the terms of the GNU General Public License as published by the
 * Free Software Foundation; either version 2 of the License, or (at your
 * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
 *
 * This program is distributed in the hope that it will be useful, but
 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
 * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
 * for more details.
 */

#ifndef RSA_PRIVATE_KEY_H_
#define RSA_PRIVATE_KEY_H_

typedef struct rsa_private_key_t rsa_private_key_t;

#include <library.h>
#include <crypto/rsa/rsa_public_key.h>
#include <crypto/hashers/hasher.h>

/**
 * @brief RSA private key with associated functions.
 *
 * Currently only supports signing using EMSA encoding.
 *
 * @b Constructors:
 *  - rsa_private_key_create()
 *  - rsa_private_key_create_from_chunk()
 *  - rsa_private_key_create_from_file()
 * 
 * @see rsa_public_key_t
 *
 * @todo Implement get_key(), save_key(), get_public_key()
 *
 * @ingroup rsa
 */
struct rsa_private_key_t {

	/**
	 * @brief Build a signature over a chunk using EMSA-PKCS1 encoding.
	 * 
	 * This signature creates a hash using the specified hash algorithm, concatenates
	 * it with an ASN1-OID of the hash algorithm and runs the RSASP1 function
	 * on it.
	 * 
	 * @param this				calling object
	 * @param hash_algorithm	hash algorithm to use for hashing
	 * @param data				data to sign
	 * @param[out] signature	allocated signature
	 * @return
	 * 							- SUCCESS
	 * 							- INVALID_STATE, if key not set
	 * 							- NOT_SUPPORTED, if hash algorithm not supported
	 */
	status_t (*build_emsa_pkcs1_signature) (rsa_private_key_t *this, hash_algorithm_t hash_algorithm, chunk_t data, chunk_t *signature);
	
	/**
	 * @brief Gets the key.
	 * 
	 * UNIMPLEMENTED!
	 * 
	 * @param this				calling object
	 * @param key				key (in a propriarity format)
	 * @return					
	 * 							- SUCCESS
	 * 							- INVALID_STATE, if key not set
	 */
	status_t (*get_key) (rsa_private_key_t *this, chunk_t *key);
	
	/**
	 * @brief Saves a key to a file.
	 * 
	 * Not implemented!
	 * 
	 * @param this				calling object
	 * @param file				file to which the key should be written.
	 * @return					NOT_SUPPORTED
	 */
	status_t (*save_key) (rsa_private_key_t *this, char *file);
	
	/**
	 * @brief Generate a new key.
	 * 
	 * Generates a new private_key with specified key size
	 * 
	 * @param this				calling object
	 * @param key_size			size of the key in bits
	 * @return					
	 * 							- SUCCESS
	 * 							- INVALID_ARG if key_size invalid
	 */
	status_t (*generate_key) (rsa_private_key_t *this, size_t key_size);
	
	/**
	 * @brief Create a rsa_public_key_t with the public
	 * parts of the key.
	 * 
	 * @param this				calling object
	 * @return					public_key
	 */
	rsa_public_key_t *(*get_public_key) (rsa_private_key_t *this);
	
	/**
	 * @brief Check if a private key belongs to a public key.
	 * 
	 * Compares the public part of the private key with the
	 * public key, return TRUE if it equals.
	 * 
	 * @param this				private key
	 * @param public			public key
	 * @return					TRUE, if keys belong together
	 */
	bool (*belongs_to) (rsa_private_key_t *this, rsa_public_key_t *public);
	
	/**
	 * @brief Clone the private key.
	 * 
	 * @param this				private key to clone
	 * @return					clone of this
	 */
	rsa_private_key_t *(*clone) (rsa_private_key_t *this);
	
	/**
	 * @brief Destroys the private key.
	 * 
	 * @param this				private key to destroy
	 */
	void (*destroy) (rsa_private_key_t *this);
};

/**
 * @brief Generate a new RSA key with specified key length.
 * 
 * @param key_size			size of the key in bits
 * @return 					generated rsa_private_key_t.
 * 
 * @ingroup rsa
 */
rsa_private_key_t *rsa_private_key_create(size_t key_size);

/**
 * @brief Load an RSA private key from a chunk.
 * 
 * Load a key from a chunk, encoded as described in PKCS#1
 * (ASN1 DER encoded).
 * 
 * @param chunk				chunk containing the DER encoded key
 * @return 					loaded rsa_private_key_t, or NULL
 * 
 * @ingroup rsa
 */
rsa_private_key_t *rsa_private_key_create_from_chunk(chunk_t chunk);

/**
 * @brief Load an RSA private key from a file.
 * 
 * Load a key from a file, which is either in a unencrypted binary
 * format (DER), or in a (encrypted) PEM format. The supplied 
 * passphrase is used to decrypt an ecrypted key.
 * 
 * @param filename			filename which holds the key
 * @param passphrase		optional passphase for decryption, can be NULL
 * @return 					loaded rsa_private_key_t, or NULL
 * 
 * @todo Implement PEM file loading
 * @todo Implement key decryption
 * 
 * @ingroup rsa
 */
rsa_private_key_t *rsa_private_key_create_from_file(char *filename, chunk_t *passphrase);

#endif /*RSA_PRIVATE_KEY_H_*/