2 * Copyright (C) 2017 Tobias Brunner
3 * Copyright (C) 2007 Martin Willi
4 * HSR Hochschule fuer Technik Rapperswil
6 * This program is free software; you can redistribute it and/or modify it
7 * under the terms of the GNU General Public License as published by the
8 * Free Software Foundation; either version 2 of the License, or (at your
9 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
11 * This program is distributed in the hope that it will be useful, but
12 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
13 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
18 * @defgroup private_key private_key
22 #ifndef PRIVATE_KEY_H_
23 #define PRIVATE_KEY_H_
25 typedef struct private_key_t private_key_t
;
27 #include <credentials/cred_encoding.h>
28 #include <credentials/keys/public_key.h>
31 * Abstract private key interface.
33 struct private_key_t
{
38 * @return type of the key
40 key_type_t (*get_type
)(private_key_t
*this);
43 * Get signature schemes supported by this key.
45 * This is useful for keys that only support certain hash algorithms or
46 * require specific parameters for RSA/PSS signatures.
48 * @note Implementing this method is optional. If multiple schemes are
49 * returned, they should be ordered by decreasing preference.
51 * @return enumerator over signature_params_t*
53 enumerator_t
*(*supported_signature_schemes
)(private_key_t
*this);
56 * Create a signature over a chunk of data.
58 * @param scheme signature scheme to use
59 * @param params optional parameters required by the specified scheme
60 * @param data chunk of data to sign
61 * @param signature where to allocate created signature
62 * @return TRUE if signature created
64 bool (*sign
)(private_key_t
*this, signature_scheme_t scheme
, void *params
,
65 chunk_t data
, chunk_t
*signature
);
67 * Decrypt a chunk of data.
69 * @param scheme expected encryption scheme used
70 * @param crypto chunk containing encrypted data
71 * @param plain where to allocate decrypted data
72 * @return TRUE if data decrypted and plaintext allocated
74 bool (*decrypt
)(private_key_t
*this, encryption_scheme_t scheme
,
75 chunk_t crypto
, chunk_t
*plain
);
78 * Get the strength of the key in bits.
80 * @return strength of the key in bits
82 int (*get_keysize
) (private_key_t
*this);
85 * Get the public part from the private key.
89 public_key_t
* (*get_public_key
)(private_key_t
*this);
92 * Check if two private keys are equal.
94 * @param other other private key
95 * @return TRUE, if equality
97 bool (*equals
) (private_key_t
*this, private_key_t
*other
);
100 * Check if a private key belongs to a public key.
102 * @param public public key
103 * @return TRUE, if keys belong together
105 bool (*belongs_to
) (private_key_t
*this, public_key_t
*public);
108 * Get the fingerprint of the key.
110 * @param type type of fingerprint, one of KEYID_*
111 * @param fp fingerprint, points to internal data
112 * @return TRUE if fingerprint type supported
114 bool (*get_fingerprint
)(private_key_t
*this, cred_encoding_type_t type
,
118 * Check if a key has a given fingerprint of any kind.
120 * @param fp fingerprint to check
121 * @return TRUE if key has given fingerprint
123 bool (*has_fingerprint
)(private_key_t
*this, chunk_t fp
);
126 * Get the key in an encoded form as a chunk.
128 * @param type type of the encoding, one of PRIVKEY_*
129 * @param encoding encoding of the key, allocated
130 * @return TRUE if encoding supported
132 bool (*get_encoding
)(private_key_t
*this, cred_encoding_type_t type
,
136 * Increase the refcount to this private key.
138 * @return this, with an increased refcount
140 private_key_t
* (*get_ref
)(private_key_t
*this);
143 * Decrease refcount, destroy private_key if no more references.
145 void (*destroy
)(private_key_t
*this);
149 * Generic private key equals() implementation, usable by implementers.
151 * @param private private key to check
152 * @param other key to compare
153 * @return TRUE if this is equal to other
155 bool private_key_equals(private_key_t
*private, private_key_t
*other
);
158 * Generic private key belongs_to() implementation, usable by implementers.
160 * @param private private key to check
161 * @param public public key to compare
162 * @return TRUE if this is equal to other
164 bool private_key_belongs_to(private_key_t
*private, public_key_t
*public);
167 * Generic private key has_fingerprint() implementation, usable by implementers.
169 * @param private private key to check
170 * @param fingerprint fingerprint to check
171 * @return TRUE if key has given fingerprint
173 bool private_key_has_fingerprint(private_key_t
*private, chunk_t fingerprint
);
175 #endif /** PRIVATE_KEY_H_ @}*/