#ifndef SIGNER_H_
#define SIGNER_H_
-#include <types.h>
-#include <definitions.h>
-
typedef enum integrity_algorithm_t integrity_algorithm_t;
+typedef struct signer_t signer_t;
+
+#include <library.h>
/**
* @brief Integrity algorithm, as in IKEv2 RFC 3.3.2.
- *
- * Currently only the following algorithms are implemented and therefore supported:
- * - AUTH_HMAC_MD5_96
- * - AUTH_HMAC_SHA1_96
- *
+ *
+ * Algorithms not specified in IKEv2 are allocated in private use space.
+ *
* @ingroup signers
*/
enum integrity_algorithm_t {
AUTH_HMAC_SHA1_96 = 2,
AUTH_DES_MAC = 3,
AUTH_KPDK_MD5 = 4,
- AUTH_AES_XCBC_96 = 5
+ AUTH_AES_XCBC_96 = 5,
+ /** Implemented via hmac_signer_t */
+ AUTH_HMAC_SHA2_256_128 = 12,
+ /** Implemented via hmac_signer_t */
+ AUTH_HMAC_SHA2_384_192 = 13,
+ /** Implemented via hmac_signer_t */
+ AUTH_HMAC_SHA2_512_256 = 14,
+ /** Implemented via hmac_signer_t */
+ AUTH_HMAC_SHA1_128 = 1025,
};
/**
*/
extern enum_name_t *integrity_algorithm_names;
-
-typedef struct signer_t signer_t;
-
/**
* @brief Generig interface for a symmetric signature algorithm.
- *
+ *
* @b Constructors:
* - signer_create()
* - hmac_signer_create()
- *
+ *
* @todo Implement more integrity algorithms
- *
+ *
* @ingroup signers
*/
struct signer_t {
/**
* @brief Generate a signature.
+ *
+ * If buffer is NULL, data is processed and prepended to a next call until
+ * buffer is a valid pointer.
*
* @param this calling object
* @param data a chunk containing the data to sign
/**
* @brief Generate a signature and allocate space for it.
+ *
+ * If chunk is NULL, data is processed and prepended to a next call until
+ * chunk is a valid chunk pointer.
*
* @param this calling object
* @param data a chunk containing the data to sign
projects / strongswan.git / blobdiff