updated Doxyfile
[strongswan.git] / src / libstrongswan / credentials / keys / public_key.h
1 /*
2 * Copyright (C) 2007 Martin Willi
3 * Hochschule fuer Technik Rapperswil
4 *
5 * This program is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License as published by the
7 * Free Software Foundation; either version 2 of the License, or (at your
8 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
9 *
10 * This program is distributed in the hope that it will be useful, but
11 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
12 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
13 * for more details.
14 *
15 * $Id$
16 */
17
18 /**
19 * @defgroup public_key public_key
20 * @{ @ingroup keys
21 */
22
23 #ifndef PUBLIC_KEY_H_
24 #define PUBLIC_KEY_H_
25
26 typedef struct public_key_t public_key_t;
27 typedef enum key_type_t key_type_t;
28 typedef enum key_id_type_t key_id_type_t;
29 typedef enum signature_scheme_t signature_scheme_t;
30
31 #include <library.h>
32 #include <utils/identification.h>
33
34 /**
35 * Type of a key pair, the used crypto system
36 */
37 enum key_type_t {
38 /** key type wildcard */
39 KEY_ANY,
40 /** RSA crypto system as in PKCS#1 */
41 KEY_RSA,
42 /** ECDSA as in ANSI X9.62 */
43 KEY_ECDSA,
44 /** DSS, ElGamal, ... */
45 };
46
47 /**
48 * Enum names for key_type_t
49 */
50 extern enum_name_t *key_type_names;
51
52 /**
53 * Signature scheme for signature creation
54 *
55 * EMSA-PKCS1 signatures are from the PKCS#1 standard. They include
56 * the ASN1-OID of the used hash algorithm.
57 */
58 enum signature_scheme_t {
59 /** default scheme of that underlying crypto system */
60 SIGN_DEFAULT,
61 /** EMSA-PKCS1 with MD5 */
62 SIGN_RSA_EMSA_PKCS1_MD5,
63 /** EMSA-PKCS1 signature as in PKCS#1 standard using SHA1 as hash. */
64 SIGN_RSA_EMSA_PKCS1_SHA1,
65 /** EMSA-PKCS1 signature as in PKCS#1 standard using SHA256 as hash. */
66 SIGN_RSA_EMSA_PKCS1_SHA256,
67 /** EMSA-PKCS1 signature as in PKCS#1 standard using SHA384 as hash. */
68 SIGN_RSA_EMSA_PKCS1_SHA384,
69 /** EMSA-PKCS1 signature as in PKCS#1 standard using SHA512 as hash. */
70 SIGN_RSA_EMSA_PKCS1_SHA512,
71 /** ECDSA using SHA-1 as hash. */
72 SIGN_ECDSA_WITH_SHA1,
73 /** ECDSA with SHA-256 on the P-256 curve as in RFC 4754 */
74 SIGN_ECDSA_256,
75 /** ECDSA with SHA-384 on the P-384 curve as in RFC 4754 */
76 SIGN_ECDSA_384,
77 /** ECDSA with SHA-512 on the P-521 curve as in RFC 4754 */
78 SIGN_ECDSA_521,
79 };
80
81 /**
82 * Enum names for signature_scheme_t
83 */
84 extern enum_name_t *signature_scheme_names;
85
86 /**
87 * Abstract interface of a public key.
88 */
89 struct public_key_t {
90
91 /**
92 * Get the key type.
93 *
94 * @return type of the key
95 */
96 key_type_t (*get_type)(public_key_t *this);
97
98 /**
99 * Verifies a signature against a chunk of data.
100 *
101 * @param scheme signature scheme to use for verification, may be default
102 * @param data data to check signature against
103 * @param signature signature to check
104 * @return TRUE if signature matches
105 */
106 bool (*verify)(public_key_t *this, signature_scheme_t scheme,
107 chunk_t data, chunk_t signature);
108
109 /**
110 * Encrypt a chunk of data.
111 *
112 * @param crypto chunk containing plaintext data
113 * @param plain where to allocate encrypted data
114 * @return TRUE if data successfully encrypted
115 */
116 bool (*encrypt)(public_key_t *this, chunk_t crypto, chunk_t *plain);
117
118 /**
119 * Get the strength of the key in bytes.
120 *
121 * @return strength of the key in bytes
122 */
123 size_t (*get_keysize) (public_key_t *this);
124
125 /**
126 * Get a unique key identifier, such as a hash over the key.
127 *
128 * @param type type of the key ID to get
129 * @return unique ID of the key as identification_t, or NULL
130 */
131 identification_t* (*get_id) (public_key_t *this, id_type_t type);
132
133 /**
134 * Get an encoded form of the key.
135 *
136 * @todo Do we need a encoding type specification?
137 *
138 * @return allocated chunk containing encoded key
139 */
140 chunk_t (*get_encoding)(public_key_t *this);
141
142 /**
143 * Increase the refcount of the key.
144 *
145 * @return this with an increased refcount
146 */
147 public_key_t* (*get_ref)(public_key_t *this);
148
149 /**
150 * Destroy a public_key instance.
151 */
152 void (*destroy)(public_key_t *this);
153 };
154
155 #endif /** PUBLIC_KEY_H_ @}*/