ec0c6320b96c6faa635fe5c6428f224858cc24bf
[strongswan.git] / src / libstrongswan / crypto / hashers / hasher.h
1 /*
2 * Copyright (C) 2016-2017 Andreas Steffen
3 * Copyright (C) 2012-2015 Tobias Brunner
4 * Copyright (C) 2005-2006 Martin Willi
5 * Copyright (C) 2005 Jan Hutter
6 * HSR Hochschule fuer Technik Rapperswil
7 *
8 * This program is free software; you can redistribute it and/or modify it
9 * under the terms of the GNU General Public License as published by the
10 * Free Software Foundation; either version 2 of the License, or (at your
11 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
12 *
13 * This program is distributed in the hope that it will be useful, but
14 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
15 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
16 * for more details.
17 */
18
19 /**
20 * @defgroup hasher hasher
21 * @{ @ingroup crypto
22 */
23
24 #ifndef HASHER_H_
25 #define HASHER_H_
26
27 typedef enum hash_algorithm_t hash_algorithm_t;
28 typedef struct hasher_t hasher_t;
29
30 #include <library.h>
31 #include <crypto/prfs/prf.h>
32 #include <crypto/signers/signer.h>
33 #include <credentials/keys/public_key.h>
34
35 /**
36 * Hash algorithms as defined for IKEv2
37 */
38 enum hash_algorithm_t {
39 /* RFC 7427 */
40 HASH_SHA1 = 1,
41 HASH_SHA256 = 2,
42 HASH_SHA384 = 3,
43 HASH_SHA512 = 4,
44 /* draft-ietf-ipsecme-eddsa (RFC TBA) */
45 HASH_IDENTITY = 5,
46 /* use private use range for algorithms not defined/permitted by RFC 7427 */
47 HASH_UNKNOWN = 1024,
48 HASH_MD2 = 1025,
49 HASH_MD4 = 1026,
50 HASH_MD5 = 1027,
51 HASH_SHA224 = 1028,
52 HASH_SHA3_224 = 1029,
53 HASH_SHA3_256 = 1030,
54 HASH_SHA3_384 = 1031,
55 HASH_SHA3_512 = 1032
56 };
57
58 #define HASH_SIZE_MD2 16
59 #define HASH_SIZE_MD4 16
60 #define HASH_SIZE_MD5 16
61 #define HASH_SIZE_SHA1 20
62 #define HASH_SIZE_SHA224 28
63 #define HASH_SIZE_SHA256 32
64 #define HASH_SIZE_SHA384 48
65 #define HASH_SIZE_SHA512 64
66
67 /**
68 * enum names for hash_algorithm_t.
69 */
70 extern enum_name_t *hash_algorithm_names;
71
72 /**
73 * Short names for hash_algorithm_names
74 */
75 extern enum_name_t *hash_algorithm_short_names;
76
77 /**
78 * Generic interface for all hash functions.
79 */
80 struct hasher_t {
81
82 /**
83 * Hash data and write it in the buffer.
84 *
85 * If the parameter hash is NULL, no result is written back
86 * and more data can be appended to already hashed data.
87 * If not, the result is written back and the hasher is reset.
88 *
89 * The hash output parameter must hold at least
90 * hash_t.get_block_size() bytes.
91 *
92 * @param data data to hash
93 * @param hash pointer where the hash will be written
94 * @return TRUE if hash created successfully
95 */
96 bool (*get_hash)(hasher_t *this, chunk_t data,
97 uint8_t *hash) __attribute__((warn_unused_result));
98
99 /**
100 * Hash data and allocate space for the hash.
101 *
102 * If the parameter hash is NULL, no result is written back
103 * and more data can be appended to already hashed data.
104 * If not, the result is written back and the hasher is reset.
105 *
106 * @param data chunk with data to hash
107 * @param hash chunk which will hold allocated hash
108 * @return TRUE if hash allocated successfully
109 */
110 bool (*allocate_hash)(hasher_t *this, chunk_t data,
111 chunk_t *hash) __attribute__((warn_unused_result));
112
113 /**
114 * Get the size of the resulting hash.
115 *
116 * @return hash size in bytes
117 */
118 size_t (*get_hash_size)(hasher_t *this);
119
120 /**
121 * Resets the hasher's state.
122 *
123 * @return TRUE if hasher reset successfully
124 */
125 bool (*reset)(hasher_t *this) __attribute__((warn_unused_result));
126
127 /**
128 * Destroys a hasher object.
129 */
130 void (*destroy)(hasher_t *this);
131 };
132
133 /**
134 * Conversion of ASN.1 OID to hash algorithm.
135 *
136 * @param oid ASN.1 OID
137 * @return hash algorithm, HASH_UNKNOWN if OID unsupported
138 */
139 hash_algorithm_t hasher_algorithm_from_oid(int oid);
140
141 /**
142 * Conversion of PRF algorithm to hash algorithm (if based on one).
143 *
144 * @param alg prf algorithm
145 * @return hash algorithm, HASH_UNKNOWN if not based on a hash
146 */
147 hash_algorithm_t hasher_algorithm_from_prf(pseudo_random_function_t alg);
148
149 /**
150 * Conversion of integrity algorithm to hash algorithm (if based on one).
151 *
152 * If length is not NULL the length of the resulting signature is returned,
153 * which might be smaller than the output size of the underlying hash.
154 *
155 * @param alg integrity algorithm
156 * @param length returns signature length, if not NULL
157 * @return hash algorithm, HASH_UNKNOWN if not based on a hash
158 */
159 hash_algorithm_t hasher_algorithm_from_integrity(integrity_algorithm_t alg,
160 size_t *length);
161
162 /**
163 * Conversion of hash algorithm to integrity algorithm (if based on a hash).
164 *
165 * @param alg hash algorithm
166 * @param length length of the signature
167 * @return integrity algorithm, AUTH_UNDEFINED if none is known
168 * based on the given hash function
169 */
170 integrity_algorithm_t hasher_algorithm_to_integrity(hash_algorithm_t alg,
171 size_t length);
172
173 /**
174 * Check if the given algorithm may be used for IKEv2 signature authentication.
175 *
176 * @param alg hash algorithm
177 * @return TRUE if algorithm may be used, FALSE otherwise
178 */
179 bool hasher_algorithm_for_ikev2(hash_algorithm_t alg);
180
181 /**
182 * Conversion of hash algorithm into ASN.1 OID.
183 *
184 * @param alg hash algorithm
185 * @return ASN.1 OID, or OID_UNKNOW
186 */
187 int hasher_algorithm_to_oid(hash_algorithm_t alg);
188
189 /**
190 * Conversion of hash signature algorithm into ASN.1 OID.
191 *
192 * @param alg hash algorithm
193 * @param key public key type
194 * @return ASN.1 OID if, or OID_UNKNOW
195 */
196 int hasher_signature_algorithm_to_oid(hash_algorithm_t alg, key_type_t key);
197
198 /**
199 * Determine the hash algorithm associated with a given signature scheme.
200 *
201 * @param scheme signature scheme
202 * @return hash algorithm (could be HASH_UNKNOWN)
203 */
204 hash_algorithm_t hasher_from_signature_scheme(signature_scheme_t scheme);
205
206 #endif /** HASHER_H_ @}*/