- moved algorithm definitions from payloads to corresponding transforms
[strongswan.git] / Source / charon / transforms / signers / signer.h
1 /**
2 * @file signer.h
3 *
4 * @brief Interface for signer_t.
5 *
6 */
7
8 /*
9 * Copyright (C) 2005 Jan Hutter, Martin Willi
10 * Hochschule fuer Technik Rapperswil
11 *
12 * This program is free software; you can redistribute it and/or modify it
13 * under the terms of the GNU General Public License as published by the
14 * Free Software Foundation; either version 2 of the License, or (at your
15 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
16 *
17 * This program is distributed in the hope that it will be useful, but
18 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
19 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
20 * for more details.
21 */
22
23 #ifndef SIGNER_H_
24 #define SIGNER_H_
25
26 #include <types.h>
27 #include <definitions.h>
28
29 typedef enum integrity_algorithm_t integrity_algorithm_t;
30
31 /**
32 * @brief Integrity algorithm, as in IKEv2 draft 3.3.2.
33 *
34 */
35 enum integrity_algorithm_t {
36 AUTH_UNDEFINED = 1024,
37 AUTH_HMAC_MD5_96 = 1,
38 AUTH_HMAC_SHA1_96 = 2,
39 AUTH_DES_MAC = 3,
40 AUTH_KPDK_MD5 = 4,
41 AUTH_AES_XCBC_96 = 5
42 };
43
44 /**
45 * string mappings for integrity_algorithm_t
46 */
47 extern mapping_t integrity_algorithm_m[];
48
49
50 typedef struct signer_t signer_t;
51
52 /**
53 * @brief Generig interface for a symmetric signature algorithm.
54 *
55 * @ingroup signers
56 */
57 struct signer_t {
58 /**
59 * @brief Generate a signature.
60 *
61 * @param this calling signer
62 * @param data a chunk containing the data to sign
63 * @param[out] buffer pointer where the signature will be written
64 * @return
65 * - SUCCESS in any case
66 */
67 status_t (*get_signature) (signer_t *this, chunk_t data, u_int8_t *buffer);
68
69 /**
70 * @brief Generate a signature and allocate space for it.
71 *
72 * @param this calling signer
73 * @param data a chunk containing the data to sign
74 * @param[out] chunk chunk which will hold the allocated signature
75 * @return
76 * - SUCCESS in any case
77 * - OUT_OF_RES if space could not be allocated
78 */
79 status_t (*allocate_signature) (signer_t *this, chunk_t data, chunk_t *chunk);
80
81 /**
82 * @brief Verify a signature.
83 *
84 * @param this calling signer
85 * @param data a chunk containing the data to verify
86 * @param signature a chunk containing the signature
87 * @param[out] vaild set to TRUE, if signature is valid, to FALSE otherwise
88 * @return
89 * - SUCCESS in any case
90 */
91 status_t (*verify_signature) (signer_t *this, chunk_t data, chunk_t signature, bool *valid);
92
93 /**
94 * @brief Get the block size of this signature algorithm.
95 *
96 * @param this calling signer
97 * @return block size in bytes
98 */
99 size_t (*get_block_size) (signer_t *this);
100
101 /**
102 * @brief Set the key for this signer.
103 *
104 * @param this calling signer
105 * @param key key to set
106 * @return
107 * - SUCCESS in any case
108 */
109 status_t (*set_key) (signer_t *this, chunk_t key);
110
111 /**
112 * @brief Destroys a signer object.
113 *
114 * @param this signer_t object to destroy
115 * @return
116 * - SUCCESS in any case
117 */
118 status_t (*destroy) (signer_t *this);
119 };
120
121 /**
122 * @brief Creates a new signer_t object.
123 *
124 * @param integrity_algorithm Algorithm to use for signing and verifying.
125 * @return
126 * - signer_t if successfully
127 * - NULL if out of ressources or signer not supported
128 *
129 * @ingroup signers
130 */
131 signer_t *signer_create(integrity_algorithm_t integrity_algorithm);
132
133 #endif /*SIGNER_H_*/