fixed aes code, we support now aes128, aes192, aes256 in IKE
[strongswan.git] / src / charon / config / credentials / credential_store.h
1 /**
2 * @file credential_store.h
3 *
4 * @brief Interface credential_store_t.
5 *
6 */
7
8 /*
9 * Copyright (C) 2005 Jan Hutter, Martin Willi
10 * Hochschule fuer Technik Rapperswil
11 *
12 * This program is free software; you can redistribute it and/or modify it
13 * under the terms of the GNU General Public License as published by the
14 * Free Software Foundation; either version 2 of the License, or (at your
15 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
16 *
17 * This program is distributed in the hope that it will be useful, but
18 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
19 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
20 * for more details.
21 */
22
23 #ifndef CREDENTIAL_STORE_H_
24 #define CREDENTIAL_STORE_H_
25
26 #include <types.h>
27 #include <crypto/x509.h>
28 #include <crypto/rsa/rsa_private_key.h>
29 #include <crypto/rsa/rsa_public_key.h>
30 #include <utils/identification.h>
31 #include <utils/logger.h>
32
33
34 typedef struct credential_store_t credential_store_t;
35
36 /**
37 * @brief The interface for a credential_store backend.
38 *
39 * @b Constructors:
40 * - stroke_create()
41 *
42 * @ingroup config
43 */
44 struct credential_store_t {
45
46 /**
47 * @brief Returns the preshared secret of a specific ID.
48 *
49 * The returned chunk must be destroyed by the caller after usage.
50 *
51 * @param this calling object
52 * @param id identification_t object identifiying the secret.
53 * @param[out] preshared_secret the preshared secret will be written there.
54 * @return
55 * - NOT_FOUND if no preshared secrets for specific ID could be found
56 * - SUCCESS
57 *
58 * @todo We should use two IDs to query shared secrets, since we want to use different
59 * keys for different peers...
60 */
61 status_t (*get_shared_secret) (credential_store_t *this, identification_t *id, chunk_t *secret);
62
63 /**
64 * @brief Returns the RSA public key of a specific ID.
65 *
66 * The returned rsa_public_key_t must be destroyed by the caller after usage.
67 *
68 * @param this calling object
69 * @param id identification_t object identifiying the key.
70 * @return public key, or NULL if not found
71 */
72 rsa_public_key_t* (*get_rsa_public_key) (credential_store_t *this, identification_t *id);
73
74 /**
75 * @brief Returns the RSA private key belonging to an RSA public key
76 *
77 * The returned rsa_private_key_t must be destroyed by the caller after usage.
78 *
79 * @param this calling object
80 * @param pubkey public key
81 * @return private key, or NULL if not found
82 */
83 rsa_private_key_t* (*get_rsa_private_key) (credential_store_t *this, rsa_public_key_t *pubkey);
84
85 /**
86 * @brief Is there a matching RSA private key belonging to an RSA public key?
87 *
88 * @param this calling object
89 * @param pubkey public key
90 * @return TRUE if matching private key was found
91 */
92 bool (*has_rsa_private_key) (credential_store_t *this, rsa_public_key_t *pubkey);
93
94 /**
95 * @brief If a certificate does not already exists in the credential store then add it.
96 *
97 * @param this calling object
98 * @param cert certificate to be added
99 * @return pointer to the added or already existing certificate
100 */
101 x509_t* (*add_certificate) (credential_store_t *this, x509_t *cert);
102
103 /**
104 * @brief Lists all certificates kept in the local credential store.
105 *
106 * @param this calling object
107 * @param logger logger to be used
108 * @param utc log dates either in UTC or local time
109 */
110 void (*log_certificates) (credential_store_t *this, logger_t *logger, bool utc);
111
112 /**
113 * @brief Lists all CA certificates kept in the local credential store.
114 *
115 * @param this calling object
116 * @param logger logger to be used
117 * @param utc log dates either in UTC or local time
118 */
119 void (*log_ca_certificates) (credential_store_t *this, logger_t *logger, bool utc);
120
121 /**
122 * @brief Destroys a credential_store_t object.
123 *
124 * @param this calling object
125 */
126 void (*destroy) (credential_store_t *this);
127 };
128
129 #endif /*CREDENTIAL_STORE_H_*/