summaryrefslogtreecommitdiff
path: root/src/libstrongswan/crypto/signers/signer.h
blob: f67c38f073eb02d5f097dd80ce1ca7c2d70e98b8 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
/*
 * Copyright (C) 2005-2006 Martin Willi
 * Copyright (C) 2005 Jan Hutter
 * Hochschule fuer Technik Rapperswil
 *
 * This program is free software; you can redistribute it and/or modify it
 * under the terms of the GNU General Public License as published by the
 * Free Software Foundation; either version 2 of the License, or (at your
 * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
 *
 * This program is distributed in the hope that it will be useful, but
 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
 * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
 * for more details.
 *
 * $Id: signer.h 3589 2008-03-13 14:14:44Z martin $
 */
 
/**
 * @defgroup signer signer
 * @{ @ingroup crypto
 */

#ifndef SIGNER_H_
#define SIGNER_H_

typedef enum integrity_algorithm_t integrity_algorithm_t;
typedef struct signer_t signer_t;

#include <library.h>

/**
 * Integrity algorithm, as in IKEv2 RFC 3.3.2.
 *
 * Algorithms not specified in IKEv2 are allocated in private use space.
 */
enum integrity_algorithm_t {
	AUTH_UNDEFINED = 1024,
	/** Implemented via hmac_signer_t */
	AUTH_HMAC_MD5_96 = 1,
	/** Implemented via hmac_signer_t */
	AUTH_HMAC_SHA1_96 = 2,
	AUTH_DES_MAC = 3,
	AUTH_KPDK_MD5 = 4,
	AUTH_AES_XCBC_96 = 5,
	/** Implemented via hmac_signer_t */
	AUTH_HMAC_SHA2_256_128 = 12,
	/** Implemented via hmac_signer_t */
	AUTH_HMAC_SHA2_384_192 = 13,
	/** Implemented via hmac_signer_t */
	AUTH_HMAC_SHA2_512_256 = 14,
	/** Implemented via hmac_signer_t */
	AUTH_HMAC_SHA1_128 = 1025,
};

/**
 * enum names for integrity_algorithm_t.
 */
extern enum_name_t *integrity_algorithm_names;

/**
 * Generig interface for a symmetric signature algorithm.
 */
struct signer_t {
	/**
	 * Generate a signature.
	 *
	 * If buffer is NULL, data is processed and prepended to a next call until
	 * buffer is a valid pointer.
	 * 
	 * @param data		a chunk containing the data to sign
	 * @param buffer	pointer where the signature will be written
	 */
	void (*get_signature) (signer_t *this, chunk_t data, u_int8_t *buffer);
	
	/**
	 * Generate a signature and allocate space for it.
	 *
	 * If chunk is NULL, data is processed and prepended to a next call until
	 * chunk is a valid chunk pointer.
	 * 
	 * @param data		a chunk containing the data to sign
	 * @param chunk		chunk which will hold the allocated signature
	 */
	void (*allocate_signature) (signer_t *this, chunk_t data, chunk_t *chunk);
	
	/**
	 * Verify a signature.
	 * 
	 * @param data		a chunk containing the data to verify
	 * @param signature	a chunk containing the signature
	 * @return			TRUE, if signature is valid, FALSE otherwise
	 */
	bool (*verify_signature) (signer_t *this, chunk_t data, chunk_t signature);
	
	/**
	 * Get the block size of this signature algorithm.
	 * 
	 * @return			block size in bytes
	 */
	size_t (*get_block_size) (signer_t *this);
	
	/**
	 * Get the key size of the signature algorithm.
	 * 
	 * @return			key size in bytes
	 */
	size_t (*get_key_size) (signer_t *this);
	
	/**
	 * Set the key for this object.
	 * 
	 * @param key		key to set
	 */
	void (*set_key) (signer_t *this, chunk_t key);
	
	/**
	 * Destroys a signer_t object.
	 */
	void (*destroy) (signer_t *this);
};

#endif /*SIGNER_H_ @} */