4 * @brief Interface for signer_t.
9 * Copyright (C) 2005 Jan Hutter, Martin Willi
10 * Hochschule fuer Technik Rapperswil
12 * This program is free software; you can redistribute it and/or modify it
13 * under the terms of the GNU General Public License as published by the
14 * Free Software Foundation; either version 2 of the License, or (at your
15 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
17 * This program is distributed in the hope that it will be useful, but
18 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
19 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
27 #include <definitions.h>
29 typedef enum integrity_algorithm_t integrity_algorithm_t
;
32 * @brief Integrity algorithm, as in IKEv2 RFC 3.3.2.
34 * Currently only the following algorithms are implemented and therefore supported:
40 enum integrity_algorithm_t
{
41 AUTH_UNDEFINED
= 1024,
43 * Implemented in class hmac_signer_t.
47 * Implemented in class hmac_signer_t.
49 AUTH_HMAC_SHA1_96
= 2,
56 * String mappings for integrity_algorithm_t.
58 extern mapping_t integrity_algorithm_m
[];
61 typedef struct signer_t signer_t
;
64 * @brief Generig interface for a symmetric signature algorithm.
68 * - hmac_signer_create()
70 * @todo Implement more integrity algorithms
76 * @brief Generate a signature.
78 * @param this calling object
79 * @param data a chunk containing the data to sign
80 * @param[out] buffer pointer where the signature will be written
82 void (*get_signature
) (signer_t
*this, chunk_t data
, u_int8_t
*buffer
);
85 * @brief Generate a signature and allocate space for it.
87 * @param this calling object
88 * @param data a chunk containing the data to sign
89 * @param[out] chunk chunk which will hold the allocated signature
91 void (*allocate_signature
) (signer_t
*this, chunk_t data
, chunk_t
*chunk
);
94 * @brief Verify a signature.
96 * @param this calling object
97 * @param data a chunk containing the data to verify
98 * @param signature a chunk containing the signature
99 * @return TRUE, if signature is valid, FALSE otherwise
101 bool (*verify_signature
) (signer_t
*this, chunk_t data
, chunk_t signature
);
104 * @brief Get the block size of this signature algorithm.
106 * @param this calling object
107 * @return block size in bytes
109 size_t (*get_block_size
) (signer_t
*this);
112 * @brief Get the key size of the signature algorithm.
114 * @param this calling object
115 * @return key size in bytes
117 size_t (*get_key_size
) (signer_t
*this);
120 * @brief Set the key for this object.
122 * @param this calling object
123 * @param key key to set
125 void (*set_key
) (signer_t
*this, chunk_t key
);
128 * @brief Destroys a signer_t object.
130 * @param this calling object
132 void (*destroy
) (signer_t
*this);
136 * @brief Creates a new signer_t object.
138 * @param integrity_algorithm Algorithm to use for signing and verifying.
141 * - NULL if signer not supported
145 signer_t
*signer_create(integrity_algorithm_t integrity_algorithm
);