aboutsummaryrefslogtreecommitdiffstats
path: root/src/libstrongswan/credentials
diff options
context:
space:
mode:
Diffstat (limited to 'src/libstrongswan/credentials')
-rw-r--r--src/libstrongswan/credentials/keys/signature_params.c64
-rw-r--r--src/libstrongswan/credentials/keys/signature_params.h21
2 files changed, 85 insertions, 0 deletions
diff --git a/src/libstrongswan/credentials/keys/signature_params.c b/src/libstrongswan/credentials/keys/signature_params.c
index 79453b4ad..6b4d22e7b 100644
--- a/src/libstrongswan/credentials/keys/signature_params.c
+++ b/src/libstrongswan/credentials/keys/signature_params.c
@@ -159,6 +159,70 @@ void signature_params_clear(signature_params_t *this)
}
}
+/*
+ * Described in header
+ */
+bool signature_params_parse(chunk_t asn1, int level0,
+ signature_params_t *params)
+{
+ chunk_t parameters = chunk_empty;
+ int oid;
+
+ oid = asn1_parse_algorithmIdentifier(asn1, level0, &parameters);
+ params->scheme = signature_scheme_from_oid(oid);
+ switch (params->scheme)
+ {
+ case SIGN_UNKNOWN:
+ return FALSE;
+ case SIGN_RSA_EMSA_PSS:
+ {
+ rsa_pss_params_t *pss = malloc_thing(rsa_pss_params_t);
+
+ if (!rsa_pss_params_parse(parameters, level0+1, pss))
+ {
+ DBG1(DBG_IKE, "failed parsing RSASSA-PSS parameters");
+ free(pss);
+ return FALSE;
+ }
+ params->params = pss;
+ break;
+ }
+ default:
+ params->params = NULL;
+ break;
+ }
+ return TRUE;
+}
+
+/*
+ * Described in header
+ */
+bool signature_params_build(signature_params_t *params, chunk_t *asn1)
+{
+ chunk_t parameters = chunk_empty;
+ int oid;
+
+ oid = signature_scheme_to_oid(params->scheme);
+ if (oid == OID_UNKNOWN)
+ {
+ return FALSE;
+ }
+ if (params->scheme == SIGN_RSA_EMSA_PSS &&
+ !rsa_pss_params_build(params->params, &parameters))
+ {
+ return FALSE;
+ }
+ if (parameters.len)
+ {
+ *asn1 = asn1_algorithmIdentifier_params(oid, parameters);
+ }
+ else
+ {
+ *asn1 = asn1_algorithmIdentifier(oid);
+ }
+ return TRUE;
+}
+
/**
* ASN.1 definition of RSASSA-PSS-params
*/
diff --git a/src/libstrongswan/credentials/keys/signature_params.h b/src/libstrongswan/credentials/keys/signature_params.h
index 4cde94c8f..6934c5e88 100644
--- a/src/libstrongswan/credentials/keys/signature_params.h
+++ b/src/libstrongswan/credentials/keys/signature_params.h
@@ -72,6 +72,27 @@ void signature_params_destroy(signature_params_t *this);
void signature_params_clear(signature_params_t *this);
/**
+ * Parse an ASN.1 algorithmIdentifier with parameters denoting a signature
+ * scheme.
+ *
+ * @param asn1 ASN.1 encoded RSASSA-PSS-params
+ * @param level0 current level of the ASN.1 parser
+ * @param params parsed parameters
+ * @return TRUE if successfully parsed
+ */
+bool signature_params_parse(chunk_t asn1, int level0,
+ signature_params_t *params);
+
+/**
+ * Build ASN.1 algorithmIdentifier with parameters denoting a signature scheme.
+ *
+ * @param params signature scheme and parameters to encode
+ * @param asn1 ASN.1 encoded algorithmIdentifier (allocated)
+ * @return TRUE if successfully built
+ */
+bool signature_params_build(signature_params_t *params, chunk_t *asn1);
+
+/**
* Parameters for SIGN_RSA_EMSA_PSS signature scheme
*/
struct rsa_pss_params_t {
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-23 04:46:08 +0000