Return to cert_payload.h CVS log | Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / strongswan / src / libcharon / encoding / payloads |
1.1 misho 1: /* 2: * Copyright (C) 2008 Tobias Brunner 3: * Copyright (C) 2005-2007 Martin Willi 4: * Copyright (C) 2005 Jan Hutter 5: * HSR Hochschule fuer Technik Rapperswil 6: * 7: * This program is free software; you can redistribute it and/or modify it 8: * under the terms of the GNU General Public License as published by the 9: * Free Software Foundation; either version 2 of the License, or (at your 10: * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. 11: * 12: * This program is distributed in the hope that it will be useful, but 13: * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY 14: * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 15: * for more details. 16: */ 17: 18: /** 19: * @defgroup cert_payload cert_payload 20: * @{ @ingroup payloads 21: */ 22: 23: #ifndef CERT_PAYLOAD_H_ 24: #define CERT_PAYLOAD_H_ 25: 26: typedef struct cert_payload_t cert_payload_t; 27: typedef enum cert_encoding_t cert_encoding_t; 28: 29: #include <library.h> 30: #include <credentials/certificates/certificate.h> 31: #include <credentials/containers/container.h> 32: #include <encoding/payloads/payload.h> 33: 34: /** 35: * Certificate encodings, as in RFC4306 36: */ 37: enum cert_encoding_t { 38: ENC_PKCS7_WRAPPED_X509 = 1, 39: ENC_PGP = 2, 40: ENC_DNS_SIGNED_KEY = 3, 41: ENC_X509_SIGNATURE = 4, 42: ENC_KERBEROS_TOKEN = 6, 43: ENC_CRL = 7, 44: ENC_ARL = 8, 45: ENC_SPKI = 9, 46: ENC_X509_ATTRIBUTE = 10, 47: ENC_RAW_RSA_KEY = 11, 48: ENC_X509_HASH_AND_URL = 12, 49: ENC_X509_HASH_AND_URL_BUNDLE = 13, 50: ENC_OCSP_CONTENT = 14, /* from RFC 4806 */ 51: }; 52: 53: /** 54: * Enum names for cert_encoding_t 55: */ 56: extern enum_name_t *cert_encoding_names; 57: 58: /** 59: * Class representing an IKEv1/IKEv2 CERT payload. 60: */ 61: struct cert_payload_t { 62: 63: /** 64: * The payload_t interface. 65: */ 66: payload_t payload_interface; 67: 68: /** 69: * Get the payloads encoded certificate. 70: * 71: * @return certificate copy 72: */ 73: certificate_t *(*get_cert)(cert_payload_t *this); 74: 75: /** 76: * Get the payloads certificate container. 77: * 78: * @return container copy 79: */ 80: container_t *(*get_container)(cert_payload_t *this); 81: 82: /** 83: * Get the encoding of the certificate. 84: * 85: * @return encoding 86: */ 87: cert_encoding_t (*get_cert_encoding)(cert_payload_t *this); 88: 89: /** 90: * Get the hash if this is a hash and URL encoded certificate. 91: * 92: * This function returns internal data, do not free. 93: * 94: * @return hash 95: */ 96: chunk_t (*get_hash)(cert_payload_t *this); 97: 98: /** 99: * Get the URL if this is a hash and URL encoded certificate. 100: * 101: * This function returns internal data, do not free. 102: * 103: * @return url 104: */ 105: char *(*get_url)(cert_payload_t *this); 106: 107: /** 108: * Destroys the cert_payload object. 109: */ 110: void (*destroy) (cert_payload_t *this); 111: }; 112: 113: /** 114: * Creates an empty certificate payload. 115: * 116: * @param type payload type (for IKEv1 or IKEv2) 117: * @return cert_payload_t object 118: */ 119: cert_payload_t *cert_payload_create(payload_type_t type); 120: 121: /** 122: * Creates a certificate payload with an embedded certificate. 123: * 124: * @param type payload type (for IKEv1 or IKEv2) 125: * @param cert certificate to embed 126: * @return cert_payload_t object 127: */ 128: cert_payload_t *cert_payload_create_from_cert(payload_type_t type, 129: certificate_t *cert); 130: 131: /** 132: * Creates an IKEv2 certificate payload with hash and URL encoding. 133: * 134: * @param hash hash of the DER encoded certificate (gets cloned) 135: * @param url URL to the certificate 136: * @return cert_payload_t object 137: */ 138: cert_payload_t *cert_payload_create_from_hash_and_url(chunk_t hash, char *url); 139: 140: /** 141: * Creates a custom certificate payload using type and associated data. 142: * 143: * @param type payload type (for IKEv1 or IKEv2) 144: * @param encoding encoding type of certificate 145: * @param data associated data (gets owned) 146: * @return cert_payload_t object 147: */ 148: cert_payload_t *cert_payload_create_custom(payload_type_t type, 149: cert_encoding_t encoding, chunk_t data); 150: 151: #endif /** CERT_PAYLOAD_H_ @}*/