5a084cdb07c731cfdc96b75933a171c2ff5f7512
[strongswan.git] / src / charon / encoding / payloads / cert_payload.h
1 /*
2 * Copyright (C) 2008 Tobias Brunner
3 * Copyright (C) 2005-2007 Martin Willi
4 * Copyright (C) 2005 Jan Hutter
5 * Hochschule fuer Technik Rapperswil
6 *
7 * This program is free software; you can redistribute it and/or modify it
8 * under the terms of the GNU General Public License as published by the
9 * Free Software Foundation; either version 2 of the License, or (at your
10 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
11 *
12 * This program is distributed in the hope that it will be useful, but
13 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
14 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
15 * for more details.
16 *
17 * $Id$
18 */
19
20 /**
21 * @defgroup cert_payload cert_payload
22 * @{ @ingroup payloads
23 */
24
25 #ifndef CERT_PAYLOAD_H_
26 #define CERT_PAYLOAD_H_
27
28 typedef struct cert_payload_t cert_payload_t;
29 typedef enum cert_encoding_t cert_encoding_t;
30
31 #include <library.h>
32 #include <credentials/certificates/certificate.h>
33 #include <encoding/payloads/payload.h>
34
35 /**
36 * Length of a cert payload without the cert data in bytes.
37 */
38 #define CERT_PAYLOAD_HEADER_LENGTH 5
39
40 /**
41 * Certifcate encodings, as in RFC4306
42 */
43 enum cert_encoding_t {
44 ENC_PKCS7_WRAPPED_X509 = 1,
45 ENC_PGP = 2,
46 ENC_DNS_SIGNED_KEY = 3,
47 ENC_X509_SIGNATURE = 4,
48 ENC_KERBEROS_TOKEN = 6,
49 ENC_CRL = 7,
50 ENC_ARL = 8,
51 ENC_SPKI = 9,
52 ENC_X509_ATTRIBUTE = 10,
53 ENC_RAW_RSA_KEY = 11,
54 ENC_X509_HASH_AND_URL = 12,
55 ENC_X509_HASH_AND_URL_BUNDLE = 13,
56 ENC_OCSP_CONTENT = 14, /* from RFC 4806 */
57 };
58
59 /**
60 * Enum names for cert_encoding_t
61 */
62 extern enum_name_t *cert_encoding_names;
63
64 /**
65 * Class representing an IKEv2 CERT payload.
66 *
67 * The CERT payload format is described in RFC section 3.6.
68 */
69 struct cert_payload_t {
70
71 /**
72 * The payload_t interface.
73 */
74 payload_t payload_interface;
75
76 /**
77 * Get the playoads encoded certifcate.
78 *
79 * @return certifcate copy
80 */
81 certificate_t *(*get_cert)(cert_payload_t *this);
82
83 /**
84 * Get the encoding of the certificate.
85 *
86 * @return encoding
87 */
88 cert_encoding_t (*get_cert_encoding)(cert_payload_t *this);
89
90 /**
91 * Get the hash if this is a hash and URL encoded certificate.
92 *
93 * This function returns internal data, do not free.
94 *
95 * @return hash
96 */
97 chunk_t (*get_hash)(cert_payload_t *this);
98
99 /**
100 * Get the URL if this is a hash and URL encoded certificate.
101 *
102 * This function returns internal data, do not free.
103 *
104 * @return url
105 */
106 char *(*get_url)(cert_payload_t *this);
107
108
109 /**
110 * Destroys the cert_payload object.
111 */
112 void (*destroy) (cert_payload_t *this);
113 };
114
115 /**
116 * Creates an empty certificate payload.
117 *
118 * @param cert certificate to embed
119 * @return cert_payload_t object
120 */
121 cert_payload_t *cert_payload_create(void);
122
123 /**
124 * Creates a certificate payload with an embedded certificate.
125 *
126 * @param cert certificate to embed
127 * @return cert_payload_t object
128 */
129 cert_payload_t *cert_payload_create_from_cert(certificate_t *cert);
130
131 /**
132 * Creates a certificate payload with hash and URL encoding of a certificate.
133 *
134 * @param hash hash of the DER encoded certificate (get's cloned)
135 * @param url the URL to locate the certificate (get's cloned)
136 * @return cert_payload_t object
137 */
138 cert_payload_t *cert_payload_create_from_hash_and_url(chunk_t hash, char *url);
139
140 #endif /* CERT_PAYLOAD_H_ @} */