772586308e8aeb9083d86e9b8566fb751cfe1afd
[strongswan.git] / src / libstrongswan / crypto / hashers / hasher.h
1 /*
2 * Copyright (C) 2012-2015 Tobias Brunner
3 * Copyright (C) 2005-2006 Martin Willi
4 * Copyright (C) 2005 Jan Hutter
5 * Hochschule fuer Technik Rapperswil
6 *
7 * This program is free software; you can redistribute it and/or modify it
8 * under the terms of the GNU General Public License as published by the
9 * Free Software Foundation; either version 2 of the License, or (at your
10 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
11 *
12 * This program is distributed in the hope that it will be useful, but
13 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
14 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
15 * for more details.
16 */
17
18 /**
19 * @defgroup hasher hasher
20 * @{ @ingroup crypto
21 */
22
23 #ifndef HASHER_H_
24 #define HASHER_H_
25
26 typedef enum hash_algorithm_t hash_algorithm_t;
27 typedef struct hasher_t hasher_t;
28
29 #include <library.h>
30 #include <crypto/prfs/prf.h>
31 #include <crypto/signers/signer.h>
32 #include <credentials/keys/public_key.h>
33
34 /**
35 * Hash algorithms as defined for IKEv2 by RFC 7427
36 */
37 enum hash_algorithm_t {
38 HASH_SHA1 = 1,
39 HASH_SHA256 = 2,
40 HASH_SHA384 = 3,
41 HASH_SHA512 = 4,
42 /* use private use range for algorithms not defined/permitted by RFC 7427 */
43 HASH_UNKNOWN = 1024,
44 HASH_MD2 = 1025,
45 HASH_MD4 = 1026,
46 HASH_MD5 = 1027,
47 HASH_SHA224 = 1028,
48 };
49
50 #define HASH_SIZE_MD2 16
51 #define HASH_SIZE_MD4 16
52 #define HASH_SIZE_MD5 16
53 #define HASH_SIZE_SHA1 20
54 #define HASH_SIZE_SHA224 28
55 #define HASH_SIZE_SHA256 32
56 #define HASH_SIZE_SHA384 48
57 #define HASH_SIZE_SHA512 64
58
59 /**
60 * enum names for hash_algorithm_t.
61 */
62 extern enum_name_t *hash_algorithm_names;
63
64 /**
65 * Short names for hash_algorithm_names
66 */
67 extern enum_name_t *hash_algorithm_short_names;
68
69 /**
70 * Generic interface for all hash functions.
71 */
72 struct hasher_t {
73
74 /**
75 * Hash data and write it in the buffer.
76 *
77 * If the parameter hash is NULL, no result is written back
78 * and more data can be appended to already hashed data.
79 * If not, the result is written back and the hasher is reset.
80 *
81 * The hash output parameter must hold at least
82 * hash_t.get_block_size() bytes.
83 *
84 * @param data data to hash
85 * @param hash pointer where the hash will be written
86 * @return TRUE if hash created successfully
87 */
88 bool (*get_hash)(hasher_t *this, chunk_t data,
89 u_int8_t *hash) __attribute__((warn_unused_result));
90
91 /**
92 * Hash data and allocate space for the hash.
93 *
94 * If the parameter hash is NULL, no result is written back
95 * and more data can be appended to already hashed data.
96 * If not, the result is written back and the hasher is reset.
97 *
98 * @param data chunk with data to hash
99 * @param hash chunk which will hold allocated hash
100 * @return TRUE if hash allocated successfully
101 */
102 bool (*allocate_hash)(hasher_t *this, chunk_t data,
103 chunk_t *hash) __attribute__((warn_unused_result));
104
105 /**
106 * Get the size of the resulting hash.
107 *
108 * @return hash size in bytes
109 */
110 size_t (*get_hash_size)(hasher_t *this);
111
112 /**
113 * Resets the hasher's state.
114 *
115 * @return TRUE if hasher reset successfully
116 */
117 bool (*reset)(hasher_t *this) __attribute__((warn_unused_result));
118
119 /**
120 * Destroys a hasher object.
121 */
122 void (*destroy)(hasher_t *this);
123 };
124
125 /**
126 * Conversion of ASN.1 OID to hash algorithm.
127 *
128 * @param oid ASN.1 OID
129 * @return hash algorithm, HASH_UNKNOWN if OID unsupported
130 */
131 hash_algorithm_t hasher_algorithm_from_oid(int oid);
132
133 /**
134 * Conversion of PRF algorithm to hash algorithm (if based on one).
135 *
136 * @param alg prf algorithm
137 * @return hash algorithm, HASH_UNKNOWN if not based on a hash
138 */
139 hash_algorithm_t hasher_algorithm_from_prf(pseudo_random_function_t alg);
140
141 /**
142 * Conversion of integrity algorithm to hash algorithm (if based on one).
143 *
144 * If length is not NULL the length of the resulting signature is returned,
145 * which might be smaller than the output size of the underlying hash.
146 *
147 * @param alg integrity algorithm
148 * @param length returns signature length, if not NULL
149 * @return hash algorithm, HASH_UNKNOWN if not based on a hash
150 */
151 hash_algorithm_t hasher_algorithm_from_integrity(integrity_algorithm_t alg,
152 size_t *length);
153
154 /**
155 * Conversion of hash algorithm to integrity algorithm (if based on a hash).
156 *
157 * @param alg hash algorithm
158 * @param length length of the signature
159 * @return integrity algorithm, AUTH_UNDEFINED if none is known
160 * based on the given hash function
161 */
162 integrity_algorithm_t hasher_algorithm_to_integrity(hash_algorithm_t alg,
163 size_t length);
164
165 /**
166 * Check if the given algorithm may be used for IKEv2 signature authentication.
167 *
168 * @param alg hash algorithm
169 * @return TRUE if algorithm may be used, FALSE otherwise
170 */
171 bool hasher_algorithm_for_ikev2(hash_algorithm_t alg);
172
173 /**
174 * Conversion of hash algorithm into ASN.1 OID.
175 *
176 * @param alg hash algorithm
177 * @return ASN.1 OID, or OID_UNKNOW
178 */
179 int hasher_algorithm_to_oid(hash_algorithm_t alg);
180
181 /**
182 * Conversion of hash signature algorithm into ASN.1 OID.
183 *
184 * @param alg hash algorithm
185 * @param key public key type
186 * @return ASN.1 OID if, or OID_UNKNOW
187 */
188 int hasher_signature_algorithm_to_oid(hash_algorithm_t alg, key_type_t key);
189
190 /**
191 * Determine the hash algorithm associated with a given signature scheme.
192 *
193 * @param scheme signature scheme
194 * @return hash algorithm (could be HASH_UNKNOWN)
195 */
196 hash_algorithm_t hasher_from_signature_scheme(signature_scheme_t scheme);
197
198 #endif /** HASHER_H_ @}*/