added create_certificate_iterator() method
[strongswan.git] / src / libstrongswan / crypto / pkcs7.h
1 /**
2 * @file pkcs7.h
3 *
4 * @brief Interface of pkcs7_t.
5 *
6 */
7
8 /*
9 * Copyright (C) 2005 Jan Hutter, Martin Willi
10 * Copyright (C) 2002-2007 Andreas Steffen
11 *
12 * Hochschule fuer Technik Rapperswil, Switzerland
13 *
14 * This program is free software; you can redistribute it and/or modify it
15 * under the terms of the GNU General Public License as published by the
16 * Free Software Foundation; either version 2 of the License, or (at your
17 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
18 *
19 * This program is distributed in the hope that it will be useful, but
20 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
21 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
22 * for more details.
23 *
24 * RCSID $Id$
25 */
26
27 #ifndef _PKCS7_H
28 #define _PKCS7_H
29
30 typedef struct pkcs7_t pkcs7_t;
31
32 #include <library.h>
33 #include <crypto/x509.h>
34 #include <crypto/rsa/rsa_private_key.h>
35 #include <utils/iterator.h>
36
37 /**
38 * @brief PKCS#7 contentInfo object.
39 *
40 * @b Constructors:
41 * -pkcs7_create_from_chunk()
42 *
43 * @ingroup crypto
44 */
45 struct pkcs7_t {
46 /**
47 * @brief Check if the PKCS#7 contentType is data
48 *
49 * @param this calling object
50 * @return TRUE if the contentType is data
51 */
52 bool (*is_data) (pkcs7_t *this);
53
54 /**
55 * @brief Check if the PKCS#7 contentType is signedData
56 *
57 * @param this calling object
58 * @return TRUE if the contentType is signedData
59 */
60 bool (*is_signedData) (pkcs7_t *this);
61
62 /**
63 * @brief Check if the PKCS#7 contentType is envelopedData
64 *
65 * @param this calling object
66 * @return TRUE if the contentType is envelopedData
67 */
68 bool (*is_envelopedData) (pkcs7_t *this);
69
70 /**
71 * @brief Parse a PKCS#7 data content.
72 *
73 * @param this calling object
74 * @return TRUE if parsing was successful
75 */
76 bool (*parse_data) (pkcs7_t *this);
77
78 /**
79 * @brief Parse a PKCS#7 signedData content.
80 *
81 * @param this calling object
82 * @param cacert cacert used to verify the signature
83 * @return TRUE if parsing was successful
84 */
85 bool (*parse_signedData) (pkcs7_t *this, x509_t *cacert);
86
87 /**
88 * @brief Parse a PKCS#7 envelopedData content.
89 *
90 * @param this calling object
91 * @param serialNumber serialNumber of the request
92 * @param key RSA private key used to decrypt the symmetric key
93 * @return TRUE if parsing was successful
94 */
95 bool (*parse_envelopedData) (pkcs7_t *this, chunk_t serialNumber, rsa_private_key_t *key);
96
97 /**
98 * @brief Returns the parsed data object
99 *
100 * @param this calling object
101 * @return chunk containing the data object
102 */
103 chunk_t (*get_data) (pkcs7_t *this);
104
105 /**
106 * @brief Create an iterator for the certificates.
107 *
108 * @param this calling object
109 * @return iterator for the certificates
110 */
111 iterator_t *(*create_certificate_iterator) (pkcs7_t *this);
112
113 /**
114 * @brief Destroys the contentInfo object.
115 *
116 * @param this PKCS#7 contentInfo object to destroy
117 */
118 void (*destroy) (pkcs7_t *this);
119 };
120
121 /**
122 * @brief Read a PKCS#7 contentInfo object from a DER encoded chunk.
123 *
124 * @param chunk chunk containing DER encoded data
125 * @param level ASN.1 parsing start level
126 * @return created pkcs7_contentInfo object, or NULL if invalid.
127 *
128 * @ingroup crypto
129 */
130 pkcs7_t *pkcs7_create_from_chunk(chunk_t chunk, u_int level);
131
132 #endif /* _PKCS7_H */