moved typedefs to beginning of files to solve some include problems
[strongswan.git] / src / libstrongswan / crypto / signers / signer.h
1 /**
2 * @file signer.h
3 *
4 * @brief Interface for signer_t.
5 *
6 */
7
8 /*
9 * Copyright (C) 2005-2006 Martin Willi
10 * Copyright (C) 2005 Jan Hutter
11 * Hochschule fuer Technik Rapperswil
12 *
13 * This program is free software; you can redistribute it and/or modify it
14 * under the terms of the GNU General Public License as published by the
15 * Free Software Foundation; either version 2 of the License, or (at your
16 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
17 *
18 * This program is distributed in the hope that it will be useful, but
19 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
20 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
21 * for more details.
22 */
23
24 #ifndef SIGNER_H_
25 #define SIGNER_H_
26
27 typedef enum integrity_algorithm_t integrity_algorithm_t;
28 typedef struct signer_t signer_t;
29
30 #include <types.h>
31 #include <definitions.h>
32
33 /**
34 * @brief Integrity algorithm, as in IKEv2 RFC 3.3.2.
35 *
36 * Currently only the following algorithms are implemented and therefore supported:
37 * - AUTH_HMAC_MD5_96
38 * - AUTH_HMAC_SHA1_96
39 *
40 * @ingroup signers
41 */
42 enum integrity_algorithm_t {
43 AUTH_UNDEFINED = 1024,
44 /** Implemented via hmac_signer_t */
45 AUTH_HMAC_MD5_96 = 1,
46 /** Implemented via hmac_signer_t */
47 AUTH_HMAC_SHA1_96 = 2,
48 AUTH_DES_MAC = 3,
49 AUTH_KPDK_MD5 = 4,
50 AUTH_AES_XCBC_96 = 5
51 };
52
53 /**
54 * enum names for integrity_algorithm_t.
55 */
56 extern enum_name_t *integrity_algorithm_names;
57
58 /**
59 * @brief Generig interface for a symmetric signature algorithm.
60 *
61 * @b Constructors:
62 * - signer_create()
63 * - hmac_signer_create()
64 *
65 * @todo Implement more integrity algorithms
66 *
67 * @ingroup signers
68 */
69 struct signer_t {
70 /**
71 * @brief Generate a signature.
72 *
73 * @param this calling object
74 * @param data a chunk containing the data to sign
75 * @param[out] buffer pointer where the signature will be written
76 */
77 void (*get_signature) (signer_t *this, chunk_t data, u_int8_t *buffer);
78
79 /**
80 * @brief Generate a signature and allocate space for it.
81 *
82 * @param this calling object
83 * @param data a chunk containing the data to sign
84 * @param[out] chunk chunk which will hold the allocated signature
85 */
86 void (*allocate_signature) (signer_t *this, chunk_t data, chunk_t *chunk);
87
88 /**
89 * @brief Verify a signature.
90 *
91 * @param this calling object
92 * @param data a chunk containing the data to verify
93 * @param signature a chunk containing the signature
94 * @return TRUE, if signature is valid, FALSE otherwise
95 */
96 bool (*verify_signature) (signer_t *this, chunk_t data, chunk_t signature);
97
98 /**
99 * @brief Get the block size of this signature algorithm.
100 *
101 * @param this calling object
102 * @return block size in bytes
103 */
104 size_t (*get_block_size) (signer_t *this);
105
106 /**
107 * @brief Get the key size of the signature algorithm.
108 *
109 * @param this calling object
110 * @return key size in bytes
111 */
112 size_t (*get_key_size) (signer_t *this);
113
114 /**
115 * @brief Set the key for this object.
116 *
117 * @param this calling object
118 * @param key key to set
119 */
120 void (*set_key) (signer_t *this, chunk_t key);
121
122 /**
123 * @brief Destroys a signer_t object.
124 *
125 * @param this calling object
126 */
127 void (*destroy) (signer_t *this);
128 };
129
130 /**
131 * @brief Creates a new signer_t object.
132 *
133 * @param integrity_algorithm Algorithm to use for signing and verifying.
134 * @return
135 * - signer_t object
136 * - NULL if signer not supported
137 *
138 * @ingroup signers
139 */
140 signer_t *signer_create(integrity_algorithm_t integrity_algorithm);
141
142 #endif /*SIGNER_H_*/