Annotation of embedaddon/strongswan/src/libstrongswan/credentials/keys/private_key.h, revision 1.1.1.1
1.1 misho 1: /*
2: * Copyright (C) 2017 Tobias Brunner
3: * Copyright (C) 2007 Martin Willi
4: * HSR Hochschule fuer Technik Rapperswil
5: *
6: * This program is free software; you can redistribute it and/or modify it
7: * under the terms of the GNU General Public License as published by the
8: * Free Software Foundation; either version 2 of the License, or (at your
9: * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
10: *
11: * This program is distributed in the hope that it will be useful, but
12: * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
13: * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14: * for more details.
15: */
16:
17: /**
18: * @defgroup private_key private_key
19: * @{ @ingroup keys
20: */
21:
22: #ifndef PRIVATE_KEY_H_
23: #define PRIVATE_KEY_H_
24:
25: typedef struct private_key_t private_key_t;
26:
27: #include <credentials/cred_encoding.h>
28: #include <credentials/keys/public_key.h>
29:
30: /**
31: * Abstract private key interface.
32: */
33: struct private_key_t {
34:
35: /**
36: * Get the key type.
37: *
38: * @return type of the key
39: */
40: key_type_t (*get_type)(private_key_t *this);
41:
42: /**
43: * Get signature schemes supported by this key.
44: *
45: * This is useful for keys that only support certain hash algorithms or
46: * require specific parameters for RSA/PSS signatures.
47: *
48: * @note Implementing this method is optional. If multiple schemes are
49: * returned, they should be ordered by decreasing preference.
50: *
51: * @return enumerator over signature_params_t*
52: */
53: enumerator_t *(*supported_signature_schemes)(private_key_t *this);
54:
55: /**
56: * Create a signature over a chunk of data.
57: *
58: * @param scheme signature scheme to use
59: * @param params optional parameters required by the specified scheme
60: * @param data chunk of data to sign
61: * @param signature where to allocate created signature
62: * @return TRUE if signature created
63: */
64: bool (*sign)(private_key_t *this, signature_scheme_t scheme, void *params,
65: chunk_t data, chunk_t *signature);
66: /**
67: * Decrypt a chunk of data.
68: *
69: * @param scheme expected encryption scheme used
70: * @param crypto chunk containing encrypted data
71: * @param plain where to allocate decrypted data
72: * @return TRUE if data decrypted and plaintext allocated
73: */
74: bool (*decrypt)(private_key_t *this, encryption_scheme_t scheme,
75: chunk_t crypto, chunk_t *plain);
76:
77: /**
78: * Get the strength of the key in bits.
79: *
80: * @return strength of the key in bits
81: */
82: int (*get_keysize) (private_key_t *this);
83:
84: /**
85: * Get the public part from the private key.
86: *
87: * @return public key
88: */
89: public_key_t* (*get_public_key)(private_key_t *this);
90:
91: /**
92: * Check if two private keys are equal.
93: *
94: * @param other other private key
95: * @return TRUE, if equality
96: */
97: bool (*equals) (private_key_t *this, private_key_t *other);
98:
99: /**
100: * Check if a private key belongs to a public key.
101: *
102: * @param public public key
103: * @return TRUE, if keys belong together
104: */
105: bool (*belongs_to) (private_key_t *this, public_key_t *public);
106:
107: /**
108: * Get the fingerprint of the key.
109: *
110: * @param type type of fingerprint, one of KEYID_*
111: * @param fp fingerprint, points to internal data
112: * @return TRUE if fingerprint type supported
113: */
114: bool (*get_fingerprint)(private_key_t *this, cred_encoding_type_t type,
115: chunk_t *fp);
116:
117: /**
118: * Check if a key has a given fingerprint of any kind.
119: *
120: * @param fp fingerprint to check
121: * @return TRUE if key has given fingerprint
122: */
123: bool (*has_fingerprint)(private_key_t *this, chunk_t fp);
124:
125: /**
126: * Get the key in an encoded form as a chunk.
127: *
128: * @param type type of the encoding, one of PRIVKEY_*
129: * @param encoding encoding of the key, allocated
130: * @return TRUE if encoding supported
131: */
132: bool (*get_encoding)(private_key_t *this, cred_encoding_type_t type,
133: chunk_t *encoding);
134:
135: /**
136: * Increase the refcount to this private key.
137: *
138: * @return this, with an increased refcount
139: */
140: private_key_t* (*get_ref)(private_key_t *this);
141:
142: /**
143: * Decrease refcount, destroy private_key if no more references.
144: */
145: void (*destroy)(private_key_t *this);
146: };
147:
148: /**
149: * Generic private key equals() implementation, usable by implementers.
150: *
151: * @param private private key to check
152: * @param other key to compare
153: * @return TRUE if this is equal to other
154: */
155: bool private_key_equals(private_key_t *private, private_key_t *other);
156:
157: /**
158: * Generic private key belongs_to() implementation, usable by implementers.
159: *
160: * @param private private key to check
161: * @param public public key to compare
162: * @return TRUE if this is equal to other
163: */
164: bool private_key_belongs_to(private_key_t *private, public_key_t *public);
165:
166: /**
167: * Generic private key has_fingerprint() implementation, usable by implementers.
168: *
169: * @param private private key to check
170: * @param fingerprint fingerprint to check
171: * @return TRUE if key has given fingerprint
172: */
173: bool private_key_has_fingerprint(private_key_t *private, chunk_t fingerprint);
174:
175: #endif /** PRIVATE_KEY_H_ @}*/
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>