d7cfdd74df5bbd125130786e0915d6e5f602bf55
[strongswan.git] / src / libstrongswan / credentials / keys / private_key.h
1 /*
2 * Copyright (C) 2017 Tobias Brunner
3 * Copyright (C) 2007 Martin Willi
4 * HSR Hochschule fuer Technik Rapperswil
5 *
6 * This program is free software; you can redistribute it and/or modify it
7 * under the terms of the GNU General Public License as published by the
8 * Free Software Foundation; either version 2 of the License, or (at your
9 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
10 *
11 * This program is distributed in the hope that it will be useful, but
12 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
13 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14 * for more details.
15 */
16
17 /**
18 * @defgroup private_key private_key
19 * @{ @ingroup keys
20 */
21
22 #ifndef PRIVATE_KEY_H_
23 #define PRIVATE_KEY_H_
24
25 typedef struct private_key_t private_key_t;
26
27 #include <credentials/cred_encoding.h>
28 #include <credentials/keys/public_key.h>
29
30 /**
31 * Abstract private key interface.
32 */
33 struct private_key_t {
34
35 /**
36 * Get the key type.
37 *
38 * @return type of the key
39 */
40 key_type_t (*get_type)(private_key_t *this);
41
42 /**
43 * Create a signature over a chunk of data.
44 *
45 * @param scheme signature scheme to use
46 * @param params optional parameters required by the specified scheme
47 * @param data chunk of data to sign
48 * @param signature where to allocate created signature
49 * @return TRUE if signature created
50 */
51 bool (*sign)(private_key_t *this, signature_scheme_t scheme, void *params,
52 chunk_t data, chunk_t *signature);
53 /**
54 * Decrypt a chunk of data.
55 *
56 * @param scheme expected encryption scheme used
57 * @param crypto chunk containing encrypted data
58 * @param plain where to allocate decrypted data
59 * @return TRUE if data decrypted and plaintext allocated
60 */
61 bool (*decrypt)(private_key_t *this, encryption_scheme_t scheme,
62 chunk_t crypto, chunk_t *plain);
63
64 /**
65 * Get the strength of the key in bits.
66 *
67 * @return strength of the key in bits
68 */
69 int (*get_keysize) (private_key_t *this);
70
71 /**
72 * Get the public part from the private key.
73 *
74 * @return public key
75 */
76 public_key_t* (*get_public_key)(private_key_t *this);
77
78 /**
79 * Check if two private keys are equal.
80 *
81 * @param other other private key
82 * @return TRUE, if equality
83 */
84 bool (*equals) (private_key_t *this, private_key_t *other);
85
86 /**
87 * Check if a private key belongs to a public key.
88 *
89 * @param public public key
90 * @return TRUE, if keys belong together
91 */
92 bool (*belongs_to) (private_key_t *this, public_key_t *public);
93
94 /**
95 * Get the fingerprint of the key.
96 *
97 * @param type type of fingerprint, one of KEYID_*
98 * @param fp fingerprint, points to internal data
99 * @return TRUE if fingerprint type supported
100 */
101 bool (*get_fingerprint)(private_key_t *this, cred_encoding_type_t type,
102 chunk_t *fp);
103
104 /**
105 * Check if a key has a given fingerprint of any kind.
106 *
107 * @param fp fingerprint to check
108 * @return TRUE if key has given fingerprint
109 */
110 bool (*has_fingerprint)(private_key_t *this, chunk_t fp);
111
112 /**
113 * Get the key in an encoded form as a chunk.
114 *
115 * @param type type of the encoding, one of PRIVKEY_*
116 * @param encoding encoding of the key, allocated
117 * @return TRUE if encoding supported
118 */
119 bool (*get_encoding)(private_key_t *this, cred_encoding_type_t type,
120 chunk_t *encoding);
121
122 /**
123 * Increase the refcount to this private key.
124 *
125 * @return this, with an increased refcount
126 */
127 private_key_t* (*get_ref)(private_key_t *this);
128
129 /**
130 * Decrease refcount, destroy private_key if no more references.
131 */
132 void (*destroy)(private_key_t *this);
133 };
134
135 /**
136 * Generic private key equals() implementation, usable by implementors.
137 *
138 * @param private private key to check
139 * @param other key to compare
140 * @return TRUE if this is equal to other
141 */
142 bool private_key_equals(private_key_t *private, private_key_t *other);
143
144 /**
145 * Generic private key belongs_to() implementation, usable by implementors.
146 *
147 * @param private private key to check
148 * @param public public key to compare
149 * @return TRUE if this is equal to other
150 */
151 bool private_key_belongs_to(private_key_t *private, public_key_t *public);
152
153 /**
154 * Generic private key has_fingerprint() implementation, usable by implementors.
155 *
156 * @param private private key to check
157 * @param fingerprint fingerprint to check
158 * @return TRUE if key has given fingerprint
159 */
160 bool private_key_has_fingerprint(private_key_t *private, chunk_t fingerprint);
161
162 #endif /** PRIVATE_KEY_H_ @}*/