Annotation of embedaddon/strongswan/src/libstrongswan/credentials/sets/mem_cred.h, revision 1.1
1.1 ! misho 1: /*
! 2: * Copyright (C) 2010-2016 Tobias Brunner
! 3: * HSR Hochschule fuer Technik Rapperswil
! 4: *
! 5: * Copyright (C) 2010 Martin Willi
! 6: * Copyright (C) 2010 revosec AG
! 7: *
! 8: * This program is free software; you can redistribute it and/or modify it
! 9: * under the terms of the GNU General Public License as published by the
! 10: * Free Software Foundation; either version 2 of the License, or (at your
! 11: * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
! 12: *
! 13: * This program is distributed in the hope that it will be useful, but
! 14: * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
! 15: * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
! 16: * for more details.
! 17: */
! 18:
! 19: /**
! 20: * @defgroup mem_cred mem_cred
! 21: * @{ @ingroup sets
! 22: */
! 23:
! 24: #ifndef MEM_CRED_H_
! 25: #define MEM_CRED_H_
! 26:
! 27: typedef struct mem_cred_t mem_cred_t;
! 28:
! 29: #include <credentials/credential_set.h>
! 30: #include <credentials/certificates/crl.h>
! 31: #include <collections/linked_list.h>
! 32:
! 33: /**
! 34: * Generic in-memory credential set.
! 35: */
! 36: struct mem_cred_t {
! 37:
! 38: /**
! 39: * Implements credential_set_t.
! 40: */
! 41: credential_set_t set;
! 42:
! 43: /**
! 44: * Add a certificate to the credential set.
! 45: *
! 46: * @param trusted TRUE to serve certificate as trusted
! 47: * @param cert certificate, reference gets owned by set
! 48: */
! 49: void (*add_cert)(mem_cred_t *this, bool trusted, certificate_t *cert);
! 50:
! 51: /**
! 52: * Add a certificate to the credential set, returning a reference to it or
! 53: * to a cached duplicate.
! 54: *
! 55: * @param trusted TRUE to serve certificate as trusted
! 56: * @param cert certificate, reference gets owned by set
! 57: * @return reference to cert or a previously cached duplicate
! 58: */
! 59: certificate_t *(*add_cert_ref)(mem_cred_t *this, bool trusted,
! 60: certificate_t *cert);
! 61:
! 62: /**
! 63: * Get an existing reference to the same certificate.
! 64: *
! 65: * Searches for the same certificate in the set, and returns a reference
! 66: * to it, destroying the passed certificate. If the passed certificate
! 67: * is not found, it is just returned.
! 68: *
! 69: * @param cert certificate to look up
! 70: * @return the same certificate, potentially different instance
! 71: */
! 72: certificate_t* (*get_cert_ref)(mem_cred_t *this, certificate_t *cert);
! 73:
! 74: /**
! 75: * Add an X.509 CRL to the credential set.
! 76: *
! 77: * @param crl CRL, gets owned by set
! 78: * @return TRUE, if the CRL is newer than an existing one (or
! 79: * new at all)
! 80: */
! 81: bool (*add_crl)(mem_cred_t *this, crl_t *crl);
! 82:
! 83: /**
! 84: * Add a private key to the credential set.
! 85: *
! 86: * @param key key, reference gets owned by set
! 87: */
! 88: void (*add_key)(mem_cred_t *this, private_key_t *key);
! 89:
! 90: /**
! 91: * Remove a private key from the credential set.
! 92: *
! 93: * @param fp fingerprint of the key to remove
! 94: * @return TRUE if the key was found and removed
! 95: */
! 96: bool (*remove_key)(mem_cred_t *this, chunk_t fp);
! 97:
! 98: /**
! 99: * Add a shared key to the credential set.
! 100: *
! 101: * @param shared shared key to add, gets owned by set
! 102: * @param ... NULL terminated list of owners (identification_t*)
! 103: */
! 104: void (*add_shared)(mem_cred_t *this, shared_key_t *shared, ...);
! 105:
! 106: /**
! 107: * Add a shared key to the credential set.
! 108: *
! 109: * @param shared shared key to add, gets owned by set
! 110: * @param owners list of owners (identification_t*), gets owned
! 111: */
! 112: void (*add_shared_list)(mem_cred_t *this, shared_key_t *shared,
! 113: linked_list_t *owners);
! 114:
! 115: /**
! 116: * Add a shared key to the credential set, associated with the given unique
! 117: * identifier.
! 118: *
! 119: * If a shared key with the same id already exists it is replaced.
! 120: *
! 121: * @param id unique identifier of this key (cloned)
! 122: * @param shared shared key to add, gets owned by set
! 123: * @param ... NULL terminated list of owners (identification_t*)
! 124: */
! 125: void (*add_shared_unique)(mem_cred_t *this, char *id, shared_key_t *shared,
! 126: linked_list_t *owners);
! 127:
! 128: /**
! 129: * Remove a shared key by its unique identifier.
! 130: *
! 131: * @param id unique identifier of this key
! 132: */
! 133: void (*remove_shared_unique)(mem_cred_t *this, char *id);
! 134:
! 135: /**
! 136: * Create an enumerator over the unique identifiers of shared keys.
! 137: *
! 138: * @return enumerator over char*
! 139: */
! 140: enumerator_t *(*create_unique_shared_enumerator)(mem_cred_t *this);
! 141:
! 142: /**
! 143: * Add a certificate distribution point to the set.
! 144: *
! 145: * @param type type of the certificate
! 146: * @param id certificate ID CDP has a cert for, gets cloned
! 147: * @param uri CDP URI, gets strduped
! 148: */
! 149: void (*add_cdp)(mem_cred_t *this, certificate_type_t type,
! 150: identification_t *id, char *uri);
! 151:
! 152: /**
! 153: * Replace all certificates in this credential set with those of another.
! 154: *
! 155: * @param other credential set to get certificates from
! 156: * @param clone TRUE to clone certs, FALSE to adopt them (they
! 157: * get removed from the other set)
! 158: */
! 159: void (*replace_certs)(mem_cred_t *this, mem_cred_t *other, bool clone);
! 160:
! 161: /**
! 162: * Replace all secrets (private and shared keys) in this credential set
! 163: * with those of another.
! 164: *
! 165: * @param other credential set to get secrets from
! 166: * @param clone TRUE to clone secrets, FALSE to adopt them (they
! 167: * get removed from the other set)
! 168: */
! 169: void (*replace_secrets)(mem_cred_t *this, mem_cred_t *other, bool clone);
! 170:
! 171: /**
! 172: * Clear all credentials from the credential set.
! 173: */
! 174: void (*clear)(mem_cred_t *this);
! 175:
! 176: /**
! 177: * Clear the secrets (private and shared keys, not the certificates) from
! 178: * the credential set.
! 179: */
! 180: void (*clear_secrets)(mem_cred_t *this);
! 181:
! 182: /**
! 183: * Destroy a mem_cred_t.
! 184: */
! 185: void (*destroy)(mem_cred_t *this);
! 186: };
! 187:
! 188: /**
! 189: * Create a mem_cred instance.
! 190: */
! 191: mem_cred_t *mem_cred_create();
! 192:
! 193: #endif /** MEM_CRED_H_ @}*/
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to mem_cred.h CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / strongswan / src / libstrongswan / credentials / sets