signature-params: Optionally pass a specific salt value when signing
[strongswan.git] / src / libstrongswan / credentials / keys / signature_params.h
1 /*
2 * Copyright (C) 2017 Tobias Brunner
3 * HSR Hochschule fuer Technik Rapperswil
4 *
5 * This program is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License as published by the
7 * Free Software Foundation; either version 2 of the License, or (at your
8 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
9 *
10 * This program is distributed in the hope that it will be useful, but
11 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
12 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
13 * for more details.
14 */
15
16 /**
17 * @defgroup signature_params signature_params
18 * @{ @ingroup keys
19 */
20
21 #ifndef SIGNATURE_PARAMS_H_
22 #define SIGNATURE_PARAMS_H_
23
24 typedef struct rsa_pss_params_t rsa_pss_params_t;
25
26 #include <crypto/hashers/hasher.h>
27
28 /**
29 * Parameters for SIGN_RSA_EMSA_PSS signature scheme
30 */
31 struct rsa_pss_params_t {
32 /** Hash algorithm */
33 hash_algorithm_t hash;
34 /** Hash for the MGF1 function */
35 hash_algorithm_t mgf1_hash;
36 /** Salt length, use RSA_PSS_SALT_LEN_DEFAULT for length equal to hash */
37 ssize_t salt_len;
38 /** Salt value, for unit tests (not all implementations support this) */
39 chunk_t salt;
40 #define RSA_PSS_SALT_LEN_DEFAULT -1
41 };
42
43 /**
44 * Parse the given ASN.1 algorithm identifier params
45 *
46 * @param asn1 ASN.1 encoded RSASSA-PSS-params
47 * @param level0 current level of the ASN.1 parser
48 * @param params parsed parameters
49 * @return TRUE if successfully parsed
50 */
51 bool rsa_pss_params_parse(chunk_t asn1, int level0, rsa_pss_params_t *params);
52
53 /**
54 * Build ASN.1 algorithm identifier params
55 *
56 * @param params parameters to encode
57 * @param asn1 ASN.1 encoded RSASSA-PSS-params (allocated)
58 * @return TRUE if successfully built
59 */
60 bool rsa_pss_params_build(rsa_pss_params_t *params, chunk_t *asn1);
61
62 #endif /** SIGNATURE_PARAMS_H_ @}*/