diff options
Diffstat (limited to 'common/compliance.h')
-rw-r--r-- | common/compliance.h | 97 |
1 files changed, 97 insertions, 0 deletions
diff --git a/common/compliance.h b/common/compliance.h new file mode 100644 index 0000000..e29ff4e --- /dev/null +++ b/common/compliance.h @@ -0,0 +1,97 @@ +/* compliance.h - Definitions for compliance modi + * Copyright (C) 2017 g10 Code GmbH + * Copyright (C) 2017 Bundesamt für Sicherheit in der Informationstechnik + * + * This file is part of GnuPG. + * + * This file is free software; you can redistribute it and/or modify + * it under the terms of either + * + * - the GNU Lesser General Public License as published by the Free + * Software Foundation; either version 3 of the License, or (at + * your option) any later version. + * + * or + * + * - the GNU General Public License as published by the Free + * Software Foundation; either version 2 of the License, or (at + * your option) any later version. + * + * or both in parallel, as here. + * + * This file is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, see <https://www.gnu.org/licenses/>. + */ + +#ifndef GNUPG_COMMON_COMPLIANCE_H +#define GNUPG_COMMON_COMPLIANCE_H + +#include <gcrypt.h> +#include "openpgpdefs.h" + +void gnupg_initialize_compliance (int gnupg_module_name); + +enum gnupg_compliance_mode + { + CO_GNUPG, CO_RFC4880, CO_RFC2440, + CO_PGP6, CO_PGP7, CO_PGP8, CO_DE_VS + }; + +enum pk_use_case + { + PK_USE_ENCRYPTION, PK_USE_DECRYPTION, + PK_USE_SIGNING, PK_USE_VERIFICATION, + }; + +/* Flags to distinguish public key algorithm variants. */ +#define PK_ALGO_FLAG_RSAPSS 1 /* Use rsaPSS padding. */ + + +int gnupg_pk_is_compliant (enum gnupg_compliance_mode compliance, int algo, + unsigned int algo_flags, + gcry_mpi_t key[], unsigned int keylength, + const char *curvename); +int gnupg_pk_is_allowed (enum gnupg_compliance_mode compliance, + enum pk_use_case use, int algo, + unsigned int algo_flags, gcry_mpi_t key[], + unsigned int keylength, const char *curvename); +int gnupg_cipher_is_compliant (enum gnupg_compliance_mode compliance, + cipher_algo_t cipher, + enum gcry_cipher_modes mode); +int gnupg_cipher_is_allowed (enum gnupg_compliance_mode compliance, + int producer, + cipher_algo_t cipher, + enum gcry_cipher_modes mode); +int gnupg_digest_is_compliant (enum gnupg_compliance_mode compliance, + digest_algo_t digest); +int gnupg_digest_is_allowed (enum gnupg_compliance_mode compliance, + int producer, + digest_algo_t digest); +int gnupg_rng_is_compliant (enum gnupg_compliance_mode compliance); +int gnupg_gcrypt_is_compliant (enum gnupg_compliance_mode compliance); + +const char *gnupg_status_compliance_flag (enum gnupg_compliance_mode + compliance); + +struct gnupg_compliance_option +{ + const char *keyword; + int value; +}; + +int gnupg_parse_compliance_option (const char *string, + struct gnupg_compliance_option options[], + size_t length, + int quiet); +const char *gnupg_compliance_option_string (enum gnupg_compliance_mode + compliance); + +void gnupg_set_compliance_extra_info (unsigned int min_rsa); + + +#endif /*GNUPG_COMMON_COMPLIANCE_H*/ |