signature-params: Add helper struct for signature scheme and parameters
[strongswan.git] / src / libstrongswan / credentials / keys / signature_params.h
1 /*
2 * Copyright (C) 2017 Tobias Brunner
3 * HSR Hochschule fuer Technik Rapperswil
4 *
5 * This program is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License as published by the
7 * Free Software Foundation; either version 2 of the License, or (at your
8 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
9 *
10 * This program is distributed in the hope that it will be useful, but
11 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
12 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
13 * for more details.
14 */
15
16 /**
17 * @defgroup signature_params signature_params
18 * @{ @ingroup keys
19 */
20
21 #ifndef SIGNATURE_PARAMS_H_
22 #define SIGNATURE_PARAMS_H_
23
24 typedef struct signature_params_t signature_params_t;
25 typedef struct rsa_pss_params_t rsa_pss_params_t;
26
27 #include <crypto/hashers/hasher.h>
28
29 /**
30 * Signature scheme with parameters
31 */
32 struct signature_params_t {
33 /** Signature scheme */
34 signature_scheme_t scheme;
35 /** Parameters, depending on scheme */
36 void *params;
37 };
38
39 /**
40 * Compare two signature schemes and their parameters
41 *
42 * @param a first scheme
43 * @param b second scheme
44 * @return TRUE if schemes and parameters are equal
45 */
46 bool signature_params_equal(signature_params_t *a, signature_params_t *b);
47
48 /**
49 * Compare two signature schemes and their parameters
50 *
51 * @param c constraint
52 * @param s scheme
53 * @return TRUE if scheme complies to constraint
54 */
55 bool signature_params_comply(signature_params_t *c, signature_params_t *s);
56
57 /**
58 * Clone the given scheme and parameters, if any
59 *
60 * @return cloned object
61 */
62 signature_params_t *signature_params_clone(signature_params_t *this);
63
64 /**
65 * Destroy the given scheme and parameters, if any
66 */
67 void signature_params_destroy(signature_params_t *this);
68
69 /**
70 * Clear the given parameters, if any, sets the scheme to SIGN_UNKNOWN
71 */
72 void signature_params_clear(signature_params_t *this);
73
74 /**
75 * Parameters for SIGN_RSA_EMSA_PSS signature scheme
76 */
77 struct rsa_pss_params_t {
78 /** Hash algorithm */
79 hash_algorithm_t hash;
80 /** Hash for the MGF1 function */
81 hash_algorithm_t mgf1_hash;
82 /** Salt length, use RSA_PSS_SALT_LEN_DEFAULT for length equal to hash */
83 ssize_t salt_len;
84 /** Salt value, for unit tests (not all implementations support this) */
85 chunk_t salt;
86 #define RSA_PSS_SALT_LEN_DEFAULT -1
87 };
88
89 /**
90 * Parse the given ASN.1 algorithm identifier params
91 *
92 * @param asn1 ASN.1 encoded RSASSA-PSS-params
93 * @param level0 current level of the ASN.1 parser
94 * @param params parsed parameters
95 * @return TRUE if successfully parsed
96 */
97 bool rsa_pss_params_parse(chunk_t asn1, int level0, rsa_pss_params_t *params);
98
99 /**
100 * Build ASN.1 algorithm identifier params
101 *
102 * @param params parameters to encode
103 * @param asn1 ASN.1 encoded RSASSA-PSS-params (allocated)
104 * @return TRUE if successfully built
105 */
106 bool rsa_pss_params_build(rsa_pss_params_t *params, chunk_t *asn1);
107
108 #endif /** SIGNATURE_PARAMS_H_ @}*/