src/libstrongswan/credentials/builder.h

   1 /*
   2  * Copyright (C) 2008 Martin Willi
   3  * Hochschule fuer Technik Rapperswil
   4  *
   5  * This program is free software; you can redistribute it and/or modify it
   6  * under the terms of the GNU General Public License as published by the
   7  * Free Software Foundation; either version 2 of the License, or (at your
   8  * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
   9  *
  10  * This program is distributed in the hope that it will be useful, but
  11  * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
  12  * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  13  * for more details.
  14  */
  15
  16 /**
  17  * @defgroup builder builder
  18  * @{ @ingroup credentials
  19  */
  20
  21 #ifndef BUILDER_H_
  22 #define BUILDER_H_
  23
  24 #include <stdarg.h>
  25
  26 typedef enum builder_part_t builder_part_t;
  27
  28 /**
  29  * Constructor function to build credentials.
  30  *
  31  * Any added parts are cloned/refcounted by the builder implementation.
  32  * Callers may need to free the passed resources themselves.
  33  *
  34  * @param subtype       constructor specific subtype, e.g. a certificate_type_t
  35  * @param args          list of builder part types, followed by parts, BUILD_END
  36  * @return                      builder specific credential, NULL on error
  37  */
  38 typedef void* (*builder_function_t)(int subtype, va_list args);
  39
  40 #include <library.h>
  41
  42 /**
  43  * Parts to build credentials from.
  44  */
  45 enum builder_part_t {
  46         /** path to a file encoded in any format, char* */
  47         BUILD_FROM_FILE,
  48         /** unix socket of a ssh/pgp agent, char* */
  49         BUILD_AGENT_SOCKET,
  50         /** An arbitrary blob of data, chunk_t */
  51         BUILD_BLOB,
  52         /** DER encoded ASN.1 blob, chunk_t */
  53         BUILD_BLOB_ASN1_DER,
  54         /** PEM encoded ASN.1/PGP blob, chunk_t */
  55         BUILD_BLOB_PEM,
  56         /** OpenPGP key blob, chunk_t */
  57         BUILD_BLOB_PGP,
  58         /** DNS public key blob (RFC 4034, RSA specifc RFC 3110), chunk_t */
  59         BUILD_BLOB_DNSKEY,
  60         /** SSH public key blob (RFC 4253), chunk_t */
  61         BUILD_BLOB_SSHKEY,
  62         /** parameters from algorithmIdentifier (ASN.1 blob), chunk_t */
  63         BUILD_BLOB_ALGID_PARAMS,
  64         /** key size in bits, as used for key generation, u_int */
  65         BUILD_KEY_SIZE,
  66         /** private key to use for signing, private_key_t* */
  67         BUILD_SIGNING_KEY,
  68         /** certificate used for signing, certificate_t* */
  69         BUILD_SIGNING_CERT,
  70         /** public key to include, public_key_t* */
  71         BUILD_PUBLIC_KEY,
  72         /** subject for e.g. certificates, identification_t* */
  73         BUILD_SUBJECT,
  74         /** additional subject names, linked_list_t* containing identification_t* */
  75         BUILD_SUBJECT_ALTNAMES,
  76         /** issuer for e.g. certificates, identification_t* */
  77         BUILD_ISSUER,
  78         /** additional issuer names, linked_list_t* containing identification_t* */
  79         BUILD_ISSUER_ALTNAMES,
  80         /** notBefore, time_t* */
  81         BUILD_NOT_BEFORE_TIME,
  82         /** notAfter, time_t* */
  83         BUILD_NOT_AFTER_TIME,
  84         /** a serial number in binary form, chunk_t */
  85         BUILD_SERIAL,
  86         /** digest algorithm to be used for signature, hash_algorithm_t */
  87         BUILD_DIGEST_ALG,
  88         /** encryption algorithm to use, encryption_algorithm_t */
  89         BUILD_ENCRYPTION_ALG,
  90         /** a comma-separated list of ietf group attributes, char* */
  91         BUILD_IETF_GROUP_ATTR,
  92         /** a ca certificate, certificate_t* */
  93         BUILD_CA_CERT,
  94         /** a certificate, certificate_t* */
  95         BUILD_CERT,
  96         /** CRL distribution point URIs, x509_cdp_t* */
  97         BUILD_CRL_DISTRIBUTION_POINTS,
  98         /** OCSP AuthorityInfoAccess locations, linked_list_t* containing char* */
  99         BUILD_OCSP_ACCESS_LOCATIONS,
 100         /** certificate path length constraint */
 101         BUILD_PATHLEN,
 102         /** permitted X509 name constraints, linked_list_t* of identification_t* */
 103         BUILD_PERMITTED_NAME_CONSTRAINTS,
 104         /** excluded X509 name constraints, linked_list_t* of identification_t* */
 105         BUILD_EXCLUDED_NAME_CONSTRAINTS,
 106         /** certificatePolicy OIDs, linked_list_t* of x509_cert_policy_t* */
 107         BUILD_CERTIFICATE_POLICIES,
 108         /** policyMapping OIDs, linked_list_t* of x509_policy_mapping_t* */
 109         BUILD_POLICY_MAPPINGS,
 110         /** requireExplicitPolicy constraint, int */
 111         BUILD_POLICY_REQUIRE_EXPLICIT,
 112         /** inhibitPolicyMapping constraint, int */
 113         BUILD_POLICY_INHIBIT_MAPPING,
 114         /** inhibitAnyPolicy constraint, int */
 115         BUILD_POLICY_INHIBIT_ANY,
 116         /** enforce an additional X509 flag, x509_flag_t */
 117         BUILD_X509_FLAG,
 118         /** enumerator_t over (chunk_t serial, time_t date, crl_reason_t reason) */
 119         BUILD_REVOKED_ENUMERATOR,
 120         /** Base CRL serial for a delta CRL, chunk_t, */
 121         BUILD_BASE_CRL,
 122         /** PKCS#10 challenge password */
 123         BUILD_CHALLENGE_PWD,
 124         /** PKCS#7 attribute, int oid, chunk_t with ASN1 type encoded value */
 125         BUILD_PKCS7_ATTRIBUTE,
 126         /** friendly name of a PKCS#11 module, null terminated char* */
 127         BUILD_PKCS11_MODULE,
 128         /** slot specifier for a token in a PKCS#11 module, int */
 129         BUILD_PKCS11_SLOT,
 130         /** key ID of a key on a token, chunk_t */
 131         BUILD_PKCS11_KEYID,
 132         /** modulus (n) of a RSA key, chunk_t */
 133         BUILD_RSA_MODULUS,
 134         /** public exponent (e) of a RSA key, chunk_t */
 135         BUILD_RSA_PUB_EXP,
 136         /** private exponent (d) of a RSA key, chunk_t */
 137         BUILD_RSA_PRIV_EXP,
 138         /** prime 1 (p) of a RSA key (p < q), chunk_t */
 139         BUILD_RSA_PRIME1,
 140         /** prime 2 (q) of a RSA key (p < q), chunk_t */
 141         BUILD_RSA_PRIME2,
 142         /** exponent 1 (exp1) of a RSA key, chunk_t */
 143         BUILD_RSA_EXP1,
 144         /** exponent 2 (exp1) of a RSA key, chunk_t */
 145         BUILD_RSA_EXP2,
 146         /** coefficient (coeff) of a RSA key, chunk_t */
 147         BUILD_RSA_COEFF,
 148         /** generate (p) and (q) as safe primes */
 149         BUILD_SAFE_PRIMES,
 150         /** number of private key shares */
 151         BUILD_SHARES,
 152         /** minimum number of participating private key shares */
 153         BUILD_THRESHOLD,
 154         /** end of variable argument builder list */
 155         BUILD_END,
 156 };
 157
 158 /**
 159  * enum names for build_part_t
 160  */
 161 extern enum_name_t *builder_part_names;
 162
 163 #endif /** BUILDER_H_ @}*/