Annotation of embedaddon/strongswan/src/libstrongswan/credentials/builder.h, revision 1.1.1.1
1.1 misho 1: /*
2: * Copyright (C) 2008 Martin Willi
3: * Copyright (C) 2016-2019 Andreas Steffen
4: * HSR Hochschule fuer Technik Rapperswil
5: *
6: * This program is free software; you can redistribute it and/or modify it
7: * under the terms of the GNU General Public License as published by the
8: * Free Software Foundation; either version 2 of the License, or (at your
9: * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
10: *
11: * This program is distributed in the hope that it will be useful, but
12: * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
13: * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14: * for more details.
15: */
16:
17: /**
18: * @defgroup builder builder
19: * @{ @ingroup credentials
20: */
21:
22: #ifndef BUILDER_H_
23: #define BUILDER_H_
24:
25: #include <stdarg.h>
26:
27: typedef enum builder_part_t builder_part_t;
28:
29: /**
30: * Constructor function to build credentials.
31: *
32: * Any added parts are cloned/refcounted by the builder implementation.
33: * Callers may need to free the passed resources themselves.
34: *
35: * @param subtype constructor specific subtype, e.g. a certificate_type_t
36: * @param args list of builder part types, followed by parts, BUILD_END
37: * @return builder specific credential, NULL on error
38: */
39: typedef void* (*builder_function_t)(int subtype, va_list args);
40:
41: #include <library.h>
42:
43: /**
44: * Parts to build credentials from.
45: */
46: enum builder_part_t {
47: /** path to a file encoded in any format, char* */
48: BUILD_FROM_FILE,
49: /** unix socket of a ssh/pgp agent, char* */
50: BUILD_AGENT_SOCKET,
51: /** An arbitrary blob of data, chunk_t */
52: BUILD_BLOB,
53: /** DER encoded ASN.1 blob, chunk_t */
54: BUILD_BLOB_ASN1_DER,
55: /** PEM encoded ASN.1/PGP blob, chunk_t */
56: BUILD_BLOB_PEM,
57: /** OpenPGP key blob, chunk_t */
58: BUILD_BLOB_PGP,
59: /** DNS public key blob (RFC 4034, RSA specific RFC 3110), chunk_t */
60: BUILD_BLOB_DNSKEY,
61: /** SSH public key blob (RFC 4253), chunk_t */
62: BUILD_BLOB_SSHKEY,
63: /** parameters from algorithmIdentifier (ASN.1 blob), chunk_t */
64: BUILD_BLOB_ALGID_PARAMS,
65: /** key size in bits, as used for key generation, u_int */
66: BUILD_KEY_SIZE,
67: /** private key to use for signing, private_key_t* */
68: BUILD_SIGNING_KEY,
69: /** certificate used for signing, certificate_t* */
70: BUILD_SIGNING_CERT,
71: /** public key to include, public_key_t* */
72: BUILD_PUBLIC_KEY,
73: /** subject for e.g. certificates, identification_t* */
74: BUILD_SUBJECT,
75: /** additional subject names, linked_list_t* containing identification_t* */
76: BUILD_SUBJECT_ALTNAMES,
77: /** issuer for e.g. certificates, identification_t* */
78: BUILD_ISSUER,
79: /** additional issuer names, linked_list_t* containing identification_t* */
80: BUILD_ISSUER_ALTNAMES,
81: /** notBefore, time_t* */
82: BUILD_NOT_BEFORE_TIME,
83: /** notAfter, time_t* */
84: BUILD_NOT_AFTER_TIME,
85: /** a serial number in binary form, chunk_t */
86: BUILD_SERIAL,
87: /** signature scheme and parameters for signature, signature_params_t* */
88: BUILD_SIGNATURE_SCHEME,
89: /** digest algorithm to be used for signature, hash_algorithm_t */
90: BUILD_DIGEST_ALG,
91: /** encryption algorithm to use, encryption_algorithm_t */
92: BUILD_ENCRYPTION_ALG,
93: /** list of AC group memberships, linked_list_t* with char* */
94: BUILD_AC_GROUP_STRINGS,
95: /** a ca certificate, certificate_t* */
96: BUILD_CA_CERT,
97: /** a certificate, certificate_t* */
98: BUILD_CERT,
99: /** CRL distribution point URIs, x509_cdp_t* */
100: BUILD_CRL_DISTRIBUTION_POINTS,
101: /** OCSP AuthorityInfoAccess locations, linked_list_t* containing char* */
102: BUILD_OCSP_ACCESS_LOCATIONS,
103: /** certificate path length constraint */
104: BUILD_PATHLEN,
105: /** RFC3779 addressBlock, linked_list_t* of traffic_selector_t* */
106: BUILD_ADDRBLOCKS,
107: /** permitted X509 name constraints, linked_list_t* of identification_t* */
108: BUILD_PERMITTED_NAME_CONSTRAINTS,
109: /** excluded X509 name constraints, linked_list_t* of identification_t* */
110: BUILD_EXCLUDED_NAME_CONSTRAINTS,
111: /** certificatePolicy OIDs, linked_list_t* of x509_cert_policy_t* */
112: BUILD_CERTIFICATE_POLICIES,
113: /** policyMapping OIDs, linked_list_t* of x509_policy_mapping_t* */
114: BUILD_POLICY_MAPPINGS,
115: /** requireExplicitPolicy constraint, int */
116: BUILD_POLICY_REQUIRE_EXPLICIT,
117: /** inhibitPolicyMapping constraint, int */
118: BUILD_POLICY_INHIBIT_MAPPING,
119: /** inhibitAnyPolicy constraint, int */
120: BUILD_POLICY_INHIBIT_ANY,
121: /** enforce an additional X509 flag, x509_flag_t */
122: BUILD_X509_FLAG,
123: /** enumerator_t over (chunk_t serial, time_t date, crl_reason_t reason) */
124: BUILD_REVOKED_ENUMERATOR,
125: /** Base CRL serial for a delta CRL, chunk_t, */
126: BUILD_BASE_CRL,
127: /** PKCS#10 challenge password */
128: BUILD_CHALLENGE_PWD,
129: /** PKCS#7 attribute, int oid, chunk_t with ASN1 type encoded value */
130: BUILD_PKCS7_ATTRIBUTE,
131: /** friendly name of a PKCS#11 module, null terminated char* */
132: BUILD_PKCS11_MODULE,
133: /** slot specifier for a token in a PKCS#11 module, int */
134: BUILD_PKCS11_SLOT,
135: /** key ID of a key on a token, chunk_t */
136: BUILD_PKCS11_KEYID,
137: /** modulus (n) of a RSA key, chunk_t */
138: BUILD_RSA_MODULUS,
139: /** public exponent (e) of a RSA key, chunk_t */
140: BUILD_RSA_PUB_EXP,
141: /** private exponent (d) of a RSA key, chunk_t */
142: BUILD_RSA_PRIV_EXP,
143: /** prime 1 (p) of a RSA key (p < q), chunk_t */
144: BUILD_RSA_PRIME1,
145: /** prime 2 (q) of a RSA key (p < q), chunk_t */
146: BUILD_RSA_PRIME2,
147: /** exponent 1 (exp1) of a RSA key, chunk_t */
148: BUILD_RSA_EXP1,
149: /** exponent 2 (exp1) of a RSA key, chunk_t */
150: BUILD_RSA_EXP2,
151: /** coefficient (coeff) of a RSA key, chunk_t */
152: BUILD_RSA_COEFF,
153: /** generate (p) and (q) as safe primes */
154: BUILD_SAFE_PRIMES,
155: /** number of private key shares */
156: BUILD_SHARES,
157: /** minimum number of participating private key shares */
158: BUILD_THRESHOLD,
159: /** EdDSA public key blob */
160: BUILD_EDDSA_PUB,
161: /** DER encoded ASN.1 EdDSA private key */
162: BUILD_EDDSA_PRIV_ASN1_DER,
163: /** OID of an [unsupported] critical extension */
164: BUILD_CRITICAL_EXTENSION,
165: /** end of variable argument builder list */
166: BUILD_END,
167: };
168:
169: /**
170: * enum names for build_part_t
171: */
172: extern enum_name_t *builder_part_names;
173:
174: #endif /** BUILDER_H_ @}*/
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to builder.h CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / strongswan / src / libstrongswan / credentials