diff options
| author | Tobias Brunner <tobias@strongswan.org> | 2015-03-04 13:56:50 +0100 |
|---|---|---|
| committer | Tobias Brunner <tobias@strongswan.org> | 2015-03-04 13:56:50 +0100 |
| commit | 0a8268d0f173bbddf20dc69a077d2abf3ce0d3e4 (patch) | |
| tree | df0c6d792ad540ef1a340bcc3ad5fbf4875f0df0 /src/libstrongswan/crypto/hashers/hash_algorithm_set.h | |
| parent | dd0ebb54837298c869389d36a0b42eefdb893dd6 (diff) | |
| parent | 3f1ef3a678159e1523f38a3e50ccb55afc4461a4 (diff) | |
| download | strongswan-0a8268d0f173bbddf20dc69a077d2abf3ce0d3e4.tar.bz2 strongswan-0a8268d0f173bbddf20dc69a077d2abf3ce0d3e4.tar.xz | |
Merge branch 'ikev2-signature-authentication'
This adds support for RFC 7427 signature authentication in IKEv2,
enabling the use of stronger signature schemes (e.g. RSA with SHA-2)
for IKE authentication.
Public key constraints defined in `rightauth` are now also checked
against IKEv2 signature schemes (may be disabled via strongswan.conf).
Fixes #863.
Diffstat (limited to 'src/libstrongswan/crypto/hashers/hash_algorithm_set.h')
| -rw-r--r-- | src/libstrongswan/crypto/hashers/hash_algorithm_set.h | 76 |
1 files changed, 76 insertions, 0 deletions
diff --git a/src/libstrongswan/crypto/hashers/hash_algorithm_set.h b/src/libstrongswan/crypto/hashers/hash_algorithm_set.h new file mode 100644 index 000000000..00e90cc2e --- /dev/null +++ b/src/libstrongswan/crypto/hashers/hash_algorithm_set.h @@ -0,0 +1,76 @@ +/* + * Copyright (C) 2015 Tobias Brunner + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +/** + * @defgroup hash_algorithm_set hash_algorithm_set + * @{ @ingroup crypto + */ + +#ifndef HASH_ALGORITHM_SET_H_ +#define HASH_ALGORITHM_SET_H_ + +typedef struct hash_algorithm_set_t hash_algorithm_set_t; + +#include <library.h> +#include <crypto/hashers/hasher.h> + +/** + * A set of hash algorithms + */ +struct hash_algorithm_set_t { + + /** + * Add the given algorithm to the set. + * + * @param alg hash algorithm + */ + void (*add)(hash_algorithm_set_t *this, hash_algorithm_t alg); + + /** + * Check if the given algorithm is contained in the set. + * + * @param alg hash algorithm + * @return TRUE if contained in set + */ + bool (*contains)(hash_algorithm_set_t *this, hash_algorithm_t alg); + + /** + * Number of hash algorithms contained in the set. + * + * @return number of algorithms + */ + int (*count)(hash_algorithm_set_t *this); + + /** + * Enumerate the algorithms contained in the set. + * + * @return enumerator over hash_algorithm_t (sorted by identifier) + */ + enumerator_t *(*create_enumerator)(hash_algorithm_set_t *this); + + /** + * Destroy a hash_algorithm_set_t instance + */ + void (*destroy)(hash_algorithm_set_t *this); +}; + +/** + * Create a set of hash algorithms. + * + * @return hash_algorithm_set_t instance + */ +hash_algorithm_set_t *hash_algorithm_set_create(); + +#endif /** HASH_ALGORITHM_SET_H_ @}*/ |