bafcd6b8ca9b79de7b2a84c076afea553360bb38
[strongswan.git] / src / libstrongswan / crypto / signers / signer.h
1 /*
2 * Copyright (C) 2005-2006 Martin Willi
3 * Copyright (C) 2005 Jan Hutter
4 * Hochschule fuer Technik Rapperswil
5 *
6 * This program is free software; you can redistribute it and/or modify it
7 * under the terms of the GNU General Public License as published by the
8 * Free Software Foundation; either version 2 of the License, or (at your
9 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
10 *
11 * This program is distributed in the hope that it will be useful, but
12 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
13 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14 * for more details.
15 *
16 * $Id$
17 */
18
19 /**
20 * @defgroup signer signer
21 * @{ @ingroup crypto
22 */
23
24 #ifndef SIGNER_H_
25 #define SIGNER_H_
26
27 typedef enum integrity_algorithm_t integrity_algorithm_t;
28 typedef struct signer_t signer_t;
29
30 #include <library.h>
31
32 /**
33 * Integrity algorithm, as in IKEv2 RFC 3.3.2.
34 *
35 * Algorithms not specified in IKEv2 are allocated in private use space.
36 */
37 enum integrity_algorithm_t {
38 AUTH_UNDEFINED = 1024,
39 /** Implemented via hmac_signer_t */
40 AUTH_HMAC_MD5_96 = 1,
41 /** Implemented via hmac_signer_t */
42 AUTH_HMAC_SHA1_96 = 2,
43 AUTH_DES_MAC = 3,
44 AUTH_KPDK_MD5 = 4,
45 AUTH_AES_XCBC_96 = 5,
46 /** Implemented via hmac_signer_t */
47 AUTH_HMAC_SHA2_256_128 = 12,
48 /** Implemented via hmac_signer_t */
49 AUTH_HMAC_SHA2_384_192 = 13,
50 /** Implemented via hmac_signer_t */
51 AUTH_HMAC_SHA2_512_256 = 14,
52 /** Implemented via hmac_signer_t */
53 AUTH_HMAC_SHA1_128 = 1025,
54 /** Implemented via hmac_signer_t */
55 AUTH_HMAC_MD5_128 = 1026,
56 };
57
58 /**
59 * enum names for integrity_algorithm_t.
60 */
61 extern enum_name_t *integrity_algorithm_names;
62
63 /**
64 * Generig interface for a symmetric signature algorithm.
65 */
66 struct signer_t {
67 /**
68 * Generate a signature.
69 *
70 * If buffer is NULL, data is processed and prepended to a next call until
71 * buffer is a valid pointer.
72 *
73 * @param data a chunk containing the data to sign
74 * @param buffer pointer where the signature will be written
75 */
76 void (*get_signature) (signer_t *this, chunk_t data, u_int8_t *buffer);
77
78 /**
79 * Generate a signature and allocate space for it.
80 *
81 * If chunk is NULL, data is processed and prepended to a next call until
82 * chunk is a valid chunk pointer.
83 *
84 * @param data a chunk containing the data to sign
85 * @param chunk chunk which will hold the allocated signature
86 */
87 void (*allocate_signature) (signer_t *this, chunk_t data, chunk_t *chunk);
88
89 /**
90 * Verify a signature.
91 *
92 * @param data a chunk containing the data to verify
93 * @param signature a chunk containing the signature
94 * @return TRUE, if signature is valid, FALSE otherwise
95 */
96 bool (*verify_signature) (signer_t *this, chunk_t data, chunk_t signature);
97
98 /**
99 * Get the block size of this signature algorithm.
100 *
101 * @return block size in bytes
102 */
103 size_t (*get_block_size) (signer_t *this);
104
105 /**
106 * Get the key size of the signature algorithm.
107 *
108 * @return key size in bytes
109 */
110 size_t (*get_key_size) (signer_t *this);
111
112 /**
113 * Set the key for this object.
114 *
115 * @param key key to set
116 */
117 void (*set_key) (signer_t *this, chunk_t key);
118
119 /**
120 * Destroys a signer_t object.
121 */
122 void (*destroy) (signer_t *this);
123 };
124
125 #endif /*SIGNER_H_ @} */