Return to signature_params.h CVS log | Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / strongswan / src / libstrongswan / credentials / keys |
1.1 misho 1: /* 2: * Copyright (C) 2017-2018 Tobias Brunner 3: * HSR Hochschule fuer Technik Rapperswil 4: * 5: * This program is free software; you can redistribute it and/or modify it 6: * under the terms of the GNU General Public License as published by the 7: * Free Software Foundation; either version 2 of the License, or (at your 8: * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. 9: * 10: * This program is distributed in the hope that it will be useful, but 11: * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY 12: * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 13: * for more details. 14: */ 15: 16: /** 17: * @defgroup signature_params signature_params 18: * @{ @ingroup keys 19: */ 20: 21: #ifndef SIGNATURE_PARAMS_H_ 22: #define SIGNATURE_PARAMS_H_ 23: 24: typedef struct signature_params_t signature_params_t; 25: typedef struct rsa_pss_params_t rsa_pss_params_t; 26: 27: #include <crypto/hashers/hasher.h> 28: 29: /** 30: * Signature scheme with parameters 31: */ 32: struct signature_params_t { 33: /** Signature scheme */ 34: signature_scheme_t scheme; 35: /** Parameters, depending on scheme */ 36: void *params; 37: }; 38: 39: /** 40: * Compare two signature schemes and their parameters 41: * 42: * @param a first scheme 43: * @param b second scheme 44: * @return TRUE if schemes and parameters are equal 45: */ 46: bool signature_params_equal(signature_params_t *a, signature_params_t *b); 47: 48: /** 49: * Compare two signature schemes and their parameters 50: * 51: * @param c constraint 52: * @param s scheme 53: * @return TRUE if scheme complies to constraint 54: */ 55: bool signature_params_comply(signature_params_t *c, signature_params_t *s); 56: 57: /** 58: * Clone the given scheme and parameters, if any 59: * 60: * @return cloned object 61: */ 62: signature_params_t *signature_params_clone(signature_params_t *this); 63: 64: /** 65: * Destroy the given scheme and parameters, if any 66: */ 67: void signature_params_destroy(signature_params_t *this); 68: 69: /** 70: * Clear the given parameters, if any, sets the scheme to SIGN_UNKNOWN 71: */ 72: void signature_params_clear(signature_params_t *this); 73: 74: /** 75: * Parse an ASN.1 algorithmIdentifier with parameters denoting a signature 76: * scheme. 77: * 78: * @param asn1 ASN.1 encoded RSASSA-PSS-params 79: * @param level0 current level of the ASN.1 parser 80: * @param params parsed parameters 81: * @return TRUE if successfully parsed 82: */ 83: bool signature_params_parse(chunk_t asn1, int level0, 84: signature_params_t *params); 85: 86: /** 87: * Build ASN.1 algorithmIdentifier with parameters denoting a signature scheme. 88: * 89: * @param params signature scheme and parameters to encode 90: * @param asn1 ASN.1 encoded algorithmIdentifier (allocated) 91: * @return TRUE if successfully built 92: */ 93: bool signature_params_build(signature_params_t *params, chunk_t *asn1); 94: 95: /** 96: * Parameters for SIGN_RSA_EMSA_PSS signature scheme 97: */ 98: struct rsa_pss_params_t { 99: /** Hash algorithm */ 100: hash_algorithm_t hash; 101: /** Hash for the MGF1 function */ 102: hash_algorithm_t mgf1_hash; 103: /** Salt length, use the constants below for special lengths resolved 104: * via rsa_pss_params_set_salt_len() */ 105: ssize_t salt_len; 106: /** Salt value, for unit tests (not all implementations support this) */ 107: chunk_t salt; 108: /** Use a salt length equal to the length of the hash */ 109: #define RSA_PSS_SALT_LEN_DEFAULT -1 110: /** Use the maximum salt length depending on the hash and key length */ 111: #define RSA_PSS_SALT_LEN_MAX -2 112: }; 113: 114: /** 115: * Parse the given ASN.1 algorithm identifier params 116: * 117: * @param asn1 ASN.1 encoded RSASSA-PSS-params 118: * @param level0 current level of the ASN.1 parser 119: * @param params parsed parameters 120: * @return TRUE if successfully parsed 121: */ 122: bool rsa_pss_params_parse(chunk_t asn1, int level0, rsa_pss_params_t *params); 123: 124: /** 125: * Build ASN.1 algorithm identifier params 126: * 127: * @param params parameters to encode 128: * @param asn1 ASN.1 encoded RSASSA-PSS-params (allocated) 129: * @return TRUE if successfully built 130: */ 131: bool rsa_pss_params_build(rsa_pss_params_t *params, chunk_t *asn1); 132: 133: /** 134: * Determine and set the salt length for the given params in case constants 135: * are used 136: * 137: * @param params parameters to update 138: * @param modbits RSA modulus length in bits (required if RSA_PSS_SALT_LEN_MAX 139: * is used) 140: * @return salt length to use, negative on error 141: */ 142: bool rsa_pss_params_set_salt_len(rsa_pss_params_t *params, size_t modbits); 143: 144: #endif /** SIGNATURE_PARAMS_H_ @}*/