768afbbdb0db1c561c1dd688c43f6559503f6b5b
[strongswan.git] / src / libcharon / encoding / payloads / cert_payload.h
1 /*
2 * Copyright (C) 2008 Tobias Brunner
3 * Copyright (C) 2005-2007 Martin Willi
4 * Copyright (C) 2005 Jan Hutter
5 * Hochschule fuer Technik Rapperswil
6 *
7 * This program is free software; you can redistribute it and/or modify it
8 * under the terms of the GNU General Public License as published by the
9 * Free Software Foundation; either version 2 of the License, or (at your
10 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
11 *
12 * This program is distributed in the hope that it will be useful, but
13 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
14 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
15 * for more details.
16 */
17
18 /**
19 * @defgroup cert_payload cert_payload
20 * @{ @ingroup payloads
21 */
22
23 #ifndef CERT_PAYLOAD_H_
24 #define CERT_PAYLOAD_H_
25
26 typedef struct cert_payload_t cert_payload_t;
27 typedef enum cert_encoding_t cert_encoding_t;
28
29 #include <library.h>
30 #include <credentials/certificates/certificate.h>
31 #include <encoding/payloads/payload.h>
32
33 /**
34 * Certificate encodings, as in RFC4306
35 */
36 enum cert_encoding_t {
37 ENC_PKCS7_WRAPPED_X509 = 1,
38 ENC_PGP = 2,
39 ENC_DNS_SIGNED_KEY = 3,
40 ENC_X509_SIGNATURE = 4,
41 ENC_KERBEROS_TOKEN = 6,
42 ENC_CRL = 7,
43 ENC_ARL = 8,
44 ENC_SPKI = 9,
45 ENC_X509_ATTRIBUTE = 10,
46 ENC_RAW_RSA_KEY = 11,
47 ENC_X509_HASH_AND_URL = 12,
48 ENC_X509_HASH_AND_URL_BUNDLE = 13,
49 ENC_OCSP_CONTENT = 14, /* from RFC 4806 */
50 };
51
52 /**
53 * Enum names for cert_encoding_t
54 */
55 extern enum_name_t *cert_encoding_names;
56
57 /**
58 * Class representing an IKEv1/IKEv2 CERT payload.
59 */
60 struct cert_payload_t {
61
62 /**
63 * The payload_t interface.
64 */
65 payload_t payload_interface;
66
67 /**
68 * Get the payloads encoded certificate.
69 *
70 * @return certificate copy
71 */
72 certificate_t *(*get_cert)(cert_payload_t *this);
73
74 /**
75 * Get the encoding of the certificate.
76 *
77 * @return encoding
78 */
79 cert_encoding_t (*get_cert_encoding)(cert_payload_t *this);
80
81 /**
82 * Get the hash if this is a hash and URL encoded certificate.
83 *
84 * This function returns internal data, do not free.
85 *
86 * @return hash
87 */
88 chunk_t (*get_hash)(cert_payload_t *this);
89
90 /**
91 * Get the URL if this is a hash and URL encoded certificate.
92 *
93 * This function returns internal data, do not free.
94 *
95 * @return url
96 */
97 char *(*get_url)(cert_payload_t *this);
98
99 /**
100 * Destroys the cert_payload object.
101 */
102 void (*destroy) (cert_payload_t *this);
103 };
104
105 /**
106 * Creates an empty certificate payload.
107 *
108 * @param type payload type (for IKEv1 or IKEv2)
109 * @return cert_payload_t object
110 */
111 cert_payload_t *cert_payload_create(payload_type_t type);
112
113 /**
114 * Creates a certificate payload with an embedded certificate.
115 *
116 * @param type payload type (for IKEv1 or IKEv2)
117 * @param cert certificate to embed
118 * @return cert_payload_t object
119 */
120 cert_payload_t *cert_payload_create_from_cert(payload_type_t type,
121 certificate_t *cert);
122
123 /**
124 * Creates an IKEv2 certificate payload with hash and URL encoding.
125 *
126 * @param hash hash of the DER encoded certificate (get's cloned)
127 * @param url URL to the certificate
128 * @return cert_payload_t object
129 */
130 cert_payload_t *cert_payload_create_from_hash_and_url(chunk_t hash, char *url);
131
132 /**
133 * Creates a custom certificate payload using type and associated data.
134 *
135 * @param type payload type (for IKEv1 or IKEv2)
136 * @param encoding encoding type of certificate
137 * @param data associated data (gets owned)
138 * @return cert_payload_t object
139 */
140 cert_payload_t *cert_payload_create_custom(payload_type_t type,
141 cert_encoding_t encoding, chunk_t data);
142
143 #endif /** CERT_PAYLOAD_H_ @}*/