Implement TKM-specific credential set
[strongswan.git] / src / charon-tkm / src / tkm / tkm_private_key.c
1 /*
2 * Copyright (C) 2012 Reto Buerki
3 * Copyright (C) 2012 Adrian-Ken Rueegsegger
4 * Hochschule fuer Technik Rapperswil
5 *
6 * This program is free software; you can redistribute it and/or modify it
7 * under the terms of the GNU General Public License as published by the
8 * Free Software Foundation; either version 2 of the License, or (at your
9 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
10 *
11 * This program is distributed in the hope that it will be useful, but
12 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
13 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14 * for more details.
15 */
16
17 #include <utils/debug.h>
18 #include <tkm/constants.h>
19 #include <tkm/client.h>
20
21 #include "tkm_utils.h"
22 #include "tkm_types.h"
23 #include "tkm_private_key.h"
24
25 typedef struct private_tkm_private_key_t private_tkm_private_key_t;
26
27 /**
28 * Private data of a tkm_private_key_t object.
29 */
30 struct private_tkm_private_key_t {
31
32 /**
33 * Public interface for this signer.
34 */
35 tkm_private_key_t public;
36
37 /**
38 * Key ID.
39 */
40 identification_t *id;
41
42 /**
43 * Reference count.
44 */
45 refcount_t ref;
46
47 };
48
49 METHOD(private_key_t, get_type, key_type_t,
50 private_tkm_private_key_t *this)
51 {
52 return KEY_RSA;
53 }
54
55 METHOD(private_key_t, sign, bool,
56 private_tkm_private_key_t *this, signature_scheme_t scheme,
57 chunk_t data, chunk_t *signature)
58 {
59 signature_type sig;
60 init_message_type msg;
61
62 if (data.ptr == NULL)
63 {
64 DBG1(DBG_LIB, "unable to get signature information");
65 return FALSE;
66 }
67 sign_info_t sign = *(sign_info_t *)(data.ptr);
68
69 chunk_to_sequence(&sign.init_message, &msg, sizeof(init_message_type));
70 const isa_id_type isa_id = sign.isa_id;
71 chunk_free(&sign.init_message);
72
73 if (ike_isa_sign(isa_id, 1, msg, &sig) != TKM_OK)
74 {
75 DBG1(DBG_LIB, "signature operation failed");
76 return FALSE;
77 }
78
79 sequence_to_chunk(sig.data, sig.size, signature);
80 return TRUE;
81 }
82
83 METHOD(private_key_t, decrypt, bool,
84 private_tkm_private_key_t *this, encryption_scheme_t scheme,
85 chunk_t crypto, chunk_t *plain)
86 {
87 return FALSE;
88 }
89
90 METHOD(private_key_t, get_keysize, int,
91 private_tkm_private_key_t *this)
92 {
93 return 0;
94 }
95
96 METHOD(private_key_t, get_public_key, public_key_t*,
97 private_tkm_private_key_t *this)
98 {
99 return NULL;
100 }
101
102 METHOD(private_key_t, get_encoding, bool,
103 private_tkm_private_key_t *this, cred_encoding_type_t type,
104 chunk_t *encoding)
105 {
106 return FALSE;
107 }
108
109 METHOD(private_key_t, get_fingerprint, bool,
110 private_tkm_private_key_t *this, cred_encoding_type_t type, chunk_t *fp)
111 {
112 *fp = this->id->get_encoding(this->id);
113 return TRUE;
114 }
115
116 METHOD(private_key_t, get_ref, private_key_t*,
117 private_tkm_private_key_t *this)
118 {
119 ref_get(&this->ref);
120 return &this->public.key;
121 }
122
123 METHOD(private_key_t, destroy, void,
124 private_tkm_private_key_t *this)
125 {
126 if (ref_put(&this->ref))
127 {
128 this->id->destroy(this->id);
129 free(this);
130 }
131 }
132
133 /**
134 * See header.
135 */
136 tkm_private_key_t *tkm_private_key_init(identification_t * const id)
137 {
138 private_tkm_private_key_t *this;
139
140 INIT(this,
141 .public = {
142 .key = {
143 .get_type = _get_type,
144 .sign = _sign,
145 .decrypt = _decrypt,
146 .get_keysize = _get_keysize,
147 .get_public_key = _get_public_key,
148 .equals = private_key_equals,
149 .belongs_to = private_key_belongs_to,
150 .get_fingerprint = _get_fingerprint,
151 .has_fingerprint = private_key_has_fingerprint,
152 .get_encoding = _get_encoding,
153 .get_ref = _get_ref,
154 .destroy = _destroy,
155 },
156 },
157 .ref = 1,
158 .id = id->clone(id),
159 );
160
161 return &this->public;
162 }