Moved data structures to new collections subfolder
[strongswan.git] / src / libstrongswan / crypto / pkcs7.h
1 /*
2 * Copyright (C) 2005 Jan Hutter, Martin Willi
3 * Copyright (C) 2002-2008 Andreas Steffen
4 * Hochschule fuer Technik Rapperswil, Switzerland
5 *
6 * This program is free software; you can redistribute it and/or modify it
7 * under the terms of the GNU General Public License as published by the
8 * Free Software Foundation; either version 2 of the License, or (at your
9 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
10 *
11 * This program is distributed in the hope that it will be useful, but
12 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
13 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14 * for more details.
15 */
16
17 /**
18 * @defgroup pkcs7 pkcs7
19 * @{ @ingroup crypto
20 */
21
22 #ifndef PKCS7_H_
23 #define PKCS7_H_
24
25 typedef struct pkcs7_t pkcs7_t;
26
27 #include <library.h>
28 #include <credentials/keys/private_key.h>
29 #include <crypto/pkcs9.h>
30 #include <crypto/crypters/crypter.h>
31 #include <collections/enumerator.h>
32
33 /**
34 * PKCS#7 contentInfo object.
35 */
36 struct pkcs7_t {
37
38 /**
39 * Check if the PKCS#7 contentType is data
40 *
41 * @return TRUE if the contentType is data
42 */
43 bool (*is_data) (pkcs7_t *this);
44
45 /**
46 * Check if the PKCS#7 contentType is signedData
47 *
48 * @return TRUE if the contentType is signedData
49 */
50 bool (*is_signedData) (pkcs7_t *this);
51
52 /**
53 * Check if the PKCS#7 contentType is envelopedData
54 *
55 * @return TRUE if the contentType is envelopedData
56 */
57 bool (*is_envelopedData) (pkcs7_t *this);
58
59 /**
60 * Parse a PKCS#7 data content.
61 *
62 * @return TRUE if parsing was successful
63 */
64 bool (*parse_data) (pkcs7_t *this);
65
66 /**
67 * Parse a PKCS#7 signedData content. The contained PKCS#7 data is parsed
68 * and verified.
69 *
70 * @param cacert cacert used to verify the signature
71 * @return TRUE if parsing was successful
72 */
73 bool (*parse_signedData) (pkcs7_t *this, certificate_t *cacert);
74
75 /**
76 * Parse a PKCS#7 envelopedData content.
77 *
78 * @param serialNumber serialNumber of the request
79 * @param key private key used to decrypt the symmetric key
80 * @return TRUE if parsing was successful
81 */
82 bool (*parse_envelopedData) (pkcs7_t *this, chunk_t serialNumber,
83 private_key_t *key);
84
85 /**
86 * Returns the parsed data object
87 *
88 * @return chunk containing the data object
89 */
90 chunk_t (*get_data) (pkcs7_t *this);
91
92 /**
93 * Returns the a DER-encoded contentInfo object
94 *
95 * @return chunk containing the contentInfo object
96 */
97 chunk_t (*get_contentInfo) (pkcs7_t *this);
98
99 /**
100 * Create an enumerator for the certificates.
101 *
102 * @return enumerator for the certificates
103 */
104 enumerator_t *(*create_certificate_enumerator) (pkcs7_t *this);
105
106 /**
107 * Add a certificate.
108 *
109 * @param cert certificate to be included (gets adopted)
110 */
111 void (*set_certificate) (pkcs7_t *this, certificate_t *cert);
112
113 /**
114 * Add authenticated attributes.
115 *
116 * @param attributes attributes to be included (gets adopted)
117 */
118 void (*set_attributes) (pkcs7_t *this, pkcs9_t *attributes);
119
120 /**
121 * Get attributes.
122 *
123 * @return attributes (internal data)
124 */
125 pkcs9_t *(*get_attributes) (pkcs7_t *this);
126
127 /**
128 * Build a data object
129 *
130 * @return TRUE if build was successful
131 */
132 bool (*build_data) (pkcs7_t *this);
133
134 /**
135 * Build an envelopedData object
136 *
137 * @param cert receivers's certificate
138 * @param alg encryption algorithm
139 * @param key_size key size to use
140 * @return TRUE if build was successful
141 */
142 bool (*build_envelopedData) (pkcs7_t *this, certificate_t *cert,
143 encryption_algorithm_t alg, size_t key_size);
144
145 /**
146 * Build an signedData object
147 *
148 * @param key signer's private key
149 * @param alg digest algorithm used for signature
150 * @return TRUE if build was successful
151 */
152 bool (*build_signedData) (pkcs7_t *this, private_key_t *key,
153 hash_algorithm_t alg);
154
155 /**
156 * Destroys the contentInfo object.
157 */
158 void (*destroy) (pkcs7_t *this);
159 };
160
161 /**
162 * Read a PKCS#7 contentInfo object from a DER encoded chunk.
163 *
164 * @param chunk chunk containing DER encoded data
165 * @param level ASN.1 parsing start level
166 * @return created pkcs7_contentInfo object, or NULL if invalid.
167 */
168 pkcs7_t *pkcs7_create_from_chunk(chunk_t chunk, u_int level);
169
170 /**
171 * Create a PKCS#7 contentInfo object
172 *
173 * @param data chunk containing data
174 * @return created pkcs7_contentInfo object.
175 */
176 pkcs7_t *pkcs7_create_from_data(chunk_t data);
177
178 #endif /** PKCS7_H_ @}*/