Annotation of embedaddon/strongswan/src/libstrongswan/credentials/keys/signature_params.h, revision 1.1.1.1
1.1 misho 1: /*
2: * Copyright (C) 2017-2018 Tobias Brunner
3: * HSR Hochschule fuer Technik Rapperswil
4: *
5: * This program is free software; you can redistribute it and/or modify it
6: * under the terms of the GNU General Public License as published by the
7: * Free Software Foundation; either version 2 of the License, or (at your
8: * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
9: *
10: * This program is distributed in the hope that it will be useful, but
11: * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
12: * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
13: * for more details.
14: */
15:
16: /**
17: * @defgroup signature_params signature_params
18: * @{ @ingroup keys
19: */
20:
21: #ifndef SIGNATURE_PARAMS_H_
22: #define SIGNATURE_PARAMS_H_
23:
24: typedef struct signature_params_t signature_params_t;
25: typedef struct rsa_pss_params_t rsa_pss_params_t;
26:
27: #include <crypto/hashers/hasher.h>
28:
29: /**
30: * Signature scheme with parameters
31: */
32: struct signature_params_t {
33: /** Signature scheme */
34: signature_scheme_t scheme;
35: /** Parameters, depending on scheme */
36: void *params;
37: };
38:
39: /**
40: * Compare two signature schemes and their parameters
41: *
42: * @param a first scheme
43: * @param b second scheme
44: * @return TRUE if schemes and parameters are equal
45: */
46: bool signature_params_equal(signature_params_t *a, signature_params_t *b);
47:
48: /**
49: * Compare two signature schemes and their parameters
50: *
51: * @param c constraint
52: * @param s scheme
53: * @return TRUE if scheme complies to constraint
54: */
55: bool signature_params_comply(signature_params_t *c, signature_params_t *s);
56:
57: /**
58: * Clone the given scheme and parameters, if any
59: *
60: * @return cloned object
61: */
62: signature_params_t *signature_params_clone(signature_params_t *this);
63:
64: /**
65: * Destroy the given scheme and parameters, if any
66: */
67: void signature_params_destroy(signature_params_t *this);
68:
69: /**
70: * Clear the given parameters, if any, sets the scheme to SIGN_UNKNOWN
71: */
72: void signature_params_clear(signature_params_t *this);
73:
74: /**
75: * Parse an ASN.1 algorithmIdentifier with parameters denoting a signature
76: * scheme.
77: *
78: * @param asn1 ASN.1 encoded RSASSA-PSS-params
79: * @param level0 current level of the ASN.1 parser
80: * @param params parsed parameters
81: * @return TRUE if successfully parsed
82: */
83: bool signature_params_parse(chunk_t asn1, int level0,
84: signature_params_t *params);
85:
86: /**
87: * Build ASN.1 algorithmIdentifier with parameters denoting a signature scheme.
88: *
89: * @param params signature scheme and parameters to encode
90: * @param asn1 ASN.1 encoded algorithmIdentifier (allocated)
91: * @return TRUE if successfully built
92: */
93: bool signature_params_build(signature_params_t *params, chunk_t *asn1);
94:
95: /**
96: * Parameters for SIGN_RSA_EMSA_PSS signature scheme
97: */
98: struct rsa_pss_params_t {
99: /** Hash algorithm */
100: hash_algorithm_t hash;
101: /** Hash for the MGF1 function */
102: hash_algorithm_t mgf1_hash;
103: /** Salt length, use the constants below for special lengths resolved
104: * via rsa_pss_params_set_salt_len() */
105: ssize_t salt_len;
106: /** Salt value, for unit tests (not all implementations support this) */
107: chunk_t salt;
108: /** Use a salt length equal to the length of the hash */
109: #define RSA_PSS_SALT_LEN_DEFAULT -1
110: /** Use the maximum salt length depending on the hash and key length */
111: #define RSA_PSS_SALT_LEN_MAX -2
112: };
113:
114: /**
115: * Parse the given ASN.1 algorithm identifier params
116: *
117: * @param asn1 ASN.1 encoded RSASSA-PSS-params
118: * @param level0 current level of the ASN.1 parser
119: * @param params parsed parameters
120: * @return TRUE if successfully parsed
121: */
122: bool rsa_pss_params_parse(chunk_t asn1, int level0, rsa_pss_params_t *params);
123:
124: /**
125: * Build ASN.1 algorithm identifier params
126: *
127: * @param params parameters to encode
128: * @param asn1 ASN.1 encoded RSASSA-PSS-params (allocated)
129: * @return TRUE if successfully built
130: */
131: bool rsa_pss_params_build(rsa_pss_params_t *params, chunk_t *asn1);
132:
133: /**
134: * Determine and set the salt length for the given params in case constants
135: * are used
136: *
137: * @param params parameters to update
138: * @param modbits RSA modulus length in bits (required if RSA_PSS_SALT_LEN_MAX
139: * is used)
140: * @return salt length to use, negative on error
141: */
142: bool rsa_pss_params_set_salt_len(rsa_pss_params_t *params, size_t modbits);
143:
144: #endif /** SIGNATURE_PARAMS_H_ @}*/
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>