[thirdparty/strongswan.git] / src / libstrongswan / plugins / openssl / openssl_util.h

/*
 * Copyright (C) 2008 Tobias Brunner
 * Hochschule fuer Technik Rapperswil
 *
 * This program is free software; you can redistribute it and/or modify it
 * under the terms of the GNU General Public License as published by the
 * Free Software Foundation; either version 2 of the License, or (at your
 * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
 *
 * This program is distributed in the hope that it will be useful, but
 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
 * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
 * for more details.
 */

/**
 * @defgroup openssl_util openssl_util
 * @{ @ingroup openssl_p
 */

#ifndef OPENSSL_UTIL_H_
#define OPENSSL_UTIL_H_

#include <library.h>
#include <openssl/bn.h>
#include <openssl/asn1.h>

/**
 * Returns the length in bytes of a field element
 */
#define EC_FIELD_ELEMENT_LEN(group) ((EC_GROUP_get_degree(group) + 7) / 8)

/**
 * Creates a hash of a given type of a chunk of data.
 *
 * Note: this function allocates memory for the hash
 *
 * @param hash_type	NID of the hash
 * @param data		the chunk of data to hash
 * @param hash		chunk that contains the hash
 * @return			TRUE on success, FALSE otherwise
 */
bool openssl_hash_chunk(int hash_type, chunk_t data, chunk_t *hash);

/**
 * Concatenates two bignums into a chunk, thereby enfocing the length of
 * a single BIGNUM, if necessary, by pre-pending it with zeros.
 *
 * Note: this function allocates memory for the chunk
 *
 * @param len		the length of a single BIGNUM
 * @param a			first BIGNUM
 * @param b			second BIGNUM
 * @param chunk		resulting chunk
 * @return			TRUE on success, FALSE otherwise
 */
bool openssl_bn_cat(int len, BIGNUM *a, BIGNUM *b, chunk_t *chunk);

/**
 * Splits a chunk into two bignums of equal binary length.
 *
 * @param chunk		a chunk that contains the two BIGNUMs
 * @param a			first BIGNUM
 * @param b			second BIGNUM
 * @return			TRUE on success, FALSE otherwise
 */
bool openssl_bn_split(chunk_t chunk, BIGNUM *a, BIGNUM *b);


/**
 * Allocate a chunk using the i2d function of a given object
 *
 * @param type		type of the object
 * @param obj		object to convert to DER
 * @returns			allocated chunk of the object, or chunk_empty
 */
#define openssl_i2chunk(type, obj) ({ \
					unsigned char *ptr = NULL; \
					int len = i2d_##type(obj, &ptr); \
					len < 0 ? chunk_empty : chunk_create(ptr, len);})

/**
 * Convert an OpenSSL ASN1_OBJECT to a chunk.
 *
 * @param asn1		asn1 object to convert
 * @return			chunk, pointing into asn1 object
 */
chunk_t openssl_asn1_obj2chunk(ASN1_OBJECT *asn1);

/**
 * Convert an OpenSSL ASN1_STRING to a chunk.
 *
 * @param asn1		asn1 string to convert
 * @return			chunk, pointing into asn1 string
 */
chunk_t openssl_asn1_str2chunk(ASN1_STRING *asn1);

/**
 * Convert an openssl X509_NAME to a identification_t of type ID_DER_ASN1_DN.
 *
 * @param name		name to convert
 * @return			identification_t, NULL on error
 */
identification_t *openssl_x509_name2id(X509_NAME *name);

/**
 * Check if an ASN1 oid is a an OID known by libstrongswan.
 *
 * @param obj		openssl ASN1 object
 * @returns			OID, as defined in <asn1/oid.h>
 */
int openssl_asn1_known_oid(ASN1_OBJECT *obj);

/**
 * Convert an OpenSSL ASN1_TIME to a time_t.
 *
 * @param time		openssl ASN1_TIME
 * @returns			time_t, 0 on error
 */
time_t openssl_asn1_to_time(ASN1_TIME *time);

#endif /** OPENSSL_UTIL_H_ @}*/
Commit	Line	Data
ea0823df TB	1	/*
	2	* Copyright (C) 2008 Tobias Brunner
	3	* Hochschule fuer Technik Rapperswil
	4	*
	5	* This program is free software; you can redistribute it and/or modify it
	6	* under the terms of the GNU General Public License as published by the
	7	* Free Software Foundation; either version 2 of the License, or (at your
	8	* option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
	9	*
	10	* This program is distributed in the hope that it will be useful, but
	11	* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
	12	* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
	13	* for more details.
ea0823df TB	14	*/
	15
	16	/**
	17	* @defgroup openssl_util openssl_util
	18	* @{ @ingroup openssl_p
	19	*/
	20
	21	#ifndef OPENSSL_UTIL_H_
	22	#define OPENSSL_UTIL_H_
	23
	24	#include <library.h>
	25	#include <openssl/bn.h>
5728c6aa	26	#include <openssl/asn1.h>
ea0823df TB	27
	28	/**
	29	* Returns the length in bytes of a field element
	30	*/
	31	#define EC_FIELD_ELEMENT_LEN(group) ((EC_GROUP_get_degree(group) + 7) / 8)
	32
	33	/**
	34	* Creates a hash of a given type of a chunk of data.
7daf5226	35	*
ea0823df	36	* Note: this function allocates memory for the hash
7daf5226	37	*
ea0823df TB	38	* @param hash_type NID of the hash
	39	* @param data the chunk of data to hash
	40	* @param hash chunk that contains the hash
83b23011	41	* @return TRUE on success, FALSE otherwise
ea0823df TB	42	*/
	43	bool openssl_hash_chunk(int hash_type, chunk_t data, chunk_t *hash);
	44
	45	/**
	46	* Concatenates two bignums into a chunk, thereby enfocing the length of
	47	* a single BIGNUM, if necessary, by pre-pending it with zeros.
7daf5226	48	*
ea0823df	49	* Note: this function allocates memory for the chunk
7daf5226	50	*
ea0823df TB	51	* @param len the length of a single BIGNUM
	52	* @param a first BIGNUM
	53	* @param b second BIGNUM
	54	* @param chunk resulting chunk
	55	* @return TRUE on success, FALSE otherwise
	56	*/
	57	bool openssl_bn_cat(int len, BIGNUM a, BIGNUM b, chunk_t *chunk);
	58
	59	/**
	60	* Splits a chunk into two bignums of equal binary length.
7daf5226	61	*
ea0823df TB	62	* @param chunk a chunk that contains the two BIGNUMs
	63	* @param a first BIGNUM
	64	* @param b second BIGNUM
	65	* @return TRUE on success, FALSE otherwise
	66	*/
	67	bool openssl_bn_split(chunk_t chunk, BIGNUM a, BIGNUM b);
	68
5728c6aa MW	69
	70	/**
	71	* Allocate a chunk using the i2d function of a given object
	72	*
83b23011 TB	73	* @param type type of the object
83b23011 TB	74	* @param obj object to convert to DER
5728c6aa MW	75	* @returns allocated chunk of the object, or chunk_empty
	76	*/
	77	#define openssl_i2chunk(type, obj) ({ \
	78	unsigned char *ptr = NULL; \
	79	int len = i2d_##type(obj, &ptr); \
	80	len < 0 ? chunk_empty : chunk_create(ptr, len);})
	81
	82	/**
	83	* Convert an OpenSSL ASN1_OBJECT to a chunk.
	84	*
	85	* @param asn1 asn1 object to convert
	86	* @return chunk, pointing into asn1 object
	87	*/
	88	chunk_t openssl_asn1_obj2chunk(ASN1_OBJECT *asn1);
	89
	90	/**
	91	* Convert an OpenSSL ASN1_STRING to a chunk.
	92	*
	93	* @param asn1 asn1 string to convert
	94	* @return chunk, pointing into asn1 string
	95	*/
	96	chunk_t openssl_asn1_str2chunk(ASN1_STRING *asn1);
	97
	98	/**
	99	* Convert an openssl X509_NAME to a identification_t of type ID_DER_ASN1_DN.
	100	*
	101	* @param name name to convert
	102	* @return identification_t, NULL on error
	103	*/
	104	identification_t openssl_x509_name2id(X509_NAME name);
	105
	106	/**
	107	* Check if an ASN1 oid is a an OID known by libstrongswan.
	108	*
83b23011	109	* @param obj openssl ASN1 object
5728c6aa MW	110	* @returns OID, as defined in <asn1/oid.h>
	111	*/
	112	int openssl_asn1_known_oid(ASN1_OBJECT *obj);
	113
	114	/**
	115	* Convert an OpenSSL ASN1_TIME to a time_t.
	116	*
	117	* @param time openssl ASN1_TIME
	118	* @returns time_t, 0 on error
	119	*/
	120	time_t openssl_asn1_to_time(ASN1_TIME *time);
	121
1490ff4d	122	#endif /** OPENSSL_UTIL_H_ @}*/