1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
|
/**
* @file rsa_public_key.h
*
* @brief Interface of rsa_public_key_t.
*
*/
/*
* Copyright (C) 2005 Jan Hutter, Martin Willi
* Hochschule fuer Technik Rapperswil
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
* Free Software Foundation; either version 2 of the License, or (at your
* option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
*
* This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* for more details.
*/
#ifndef RSA_PUBLIC_KEY_H_
#define RSA_PUBLIC_KEY_H_
#include <gmp.h>
#include <types.h>
#include <definitions.h>
typedef struct rsa_public_key_t rsa_public_key_t;
/**
* @brief RSA public key with associated functions.
*
* Currently only supports signature verification using
* the EMSA encoding (see PKCS1)
*
* @b Constructors:
* - rsa_public_key_create_from_chunk()
* - rsa_public_key_create_from_file()
* - rsa_private_key_t.get_public_key()
*
* @see rsa_private_key_t
*
* @todo Implement getkey() and savekey()
*
* @ingroup rsa
*/
struct rsa_public_key_t {
/**
* @brief Verify a EMSA-PKCS1 encodined signature.
*
* Processes the supplied signature with the RSAVP1 function,
* selects the hash algorithm form the resultign ASN1-OID and
* verifies the hash against the supplied data.
*
* @param this rsa_public_key to use
* @param data data to sign
* @param signature signature to verify
* @return
* - SUCCESS, if signature ok
* - INVALID_STATE, if key not set
* - NOT_SUPPORTED, if hash algorithm not supported
* - INVALID_ARG, if signature is not a signature
* - FAILED if signature invalid or unable to verify
*/
status_t (*verify_emsa_pkcs1_signature) (rsa_public_key_t *this, chunk_t data, chunk_t signature);
/**
* @brief Gets the key.
*
* Currently uses a proprietary format which is only inteded
* for testing. This should be replaced with a proper
* ASN1 encoded key format, when charon gets the ASN1
* capabilities.
*
* @param this calling object
* @param key key (in a propriarity format)
* @return
* - SUCCESS
* - INVALID_STATE, if key not set
*/
status_t (*get_key) (rsa_public_key_t *this, chunk_t *key);
/**
* @brief Saves a key to a file.
*
* Not implemented!
*
* @param this calling object
* @param file file to which the key should be written.
* @return NOT_SUPPORTED
*/
status_t (*save_key) (rsa_public_key_t *this, char *file);
/**
* @brief Get the modulus of the key.
*
* @param this calling object
* @return modulus (n) of the key
*/
mpz_t *(*get_modulus) (rsa_public_key_t *this);
/**
* @brief Clone the public key.
*
* @param this public key to clone
* @return clone of this
*/
rsa_public_key_t *(*clone) (rsa_public_key_t *this);
/**
* @brief Destroys the public key.
*
* @param this public key to destroy
*/
void (*destroy) (rsa_public_key_t *this);
};
/**
* @brief Load an RSA public key from a chunk.
*
* Load a key from a chunk, encoded in the more frequently
* used PublicKeyInfo struct (ASN1 DER encoded).
*
* @param chunk chunk containing the DER encoded key
* @return loaded rsa_public_key_t, or NULL
*
* @todo Check OID in PublicKeyInfo
*
* @ingroup rsa
*/
rsa_public_key_t *rsa_public_key_create_from_chunk(chunk_t chunk);
/**
* @brief Load an RSA public key from a file.
*
* Load a key from a file, which is either in binary
* format (DER), or in PEM format.
*
* @param filename filename which holds the key
* @return loaded rsa_public_key_t, or NULL
*
* @todo Implement PEM file loading
*
* @ingroup rsa
*/
rsa_public_key_t *rsa_public_key_create_from_file(char *filename);
#endif /*RSA_PUBLIC_KEY_H_*/
|
