kernel-netlink: Ignore deprecated candidate source addresses
[strongswan.git] / src / libstrongswan / credentials / builder.h
1 /*
2 * Copyright (C) 2008 Martin Willi
3 * Copyright (C) 2016-2019 Andreas Steffen
4 * HSR Hochschule fuer Technik Rapperswil
5 *
6 * This program is free software; you can redistribute it and/or modify it
7 * under the terms of the GNU General Public License as published by the
8 * Free Software Foundation; either version 2 of the License, or (at your
9 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
10 *
11 * This program is distributed in the hope that it will be useful, but
12 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
13 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14 * for more details.
15 */
16
17 /**
18 * @defgroup builder builder
19 * @{ @ingroup credentials
20 */
21
22 #ifndef BUILDER_H_
23 #define BUILDER_H_
24
25 #include <stdarg.h>
26
27 typedef enum builder_part_t builder_part_t;
28
29 /**
30 * Constructor function to build credentials.
31 *
32 * Any added parts are cloned/refcounted by the builder implementation.
33 * Callers may need to free the passed resources themselves.
34 *
35 * @param subtype constructor specific subtype, e.g. a certificate_type_t
36 * @param args list of builder part types, followed by parts, BUILD_END
37 * @return builder specific credential, NULL on error
38 */
39 typedef void* (*builder_function_t)(int subtype, va_list args);
40
41 #include <library.h>
42
43 /**
44 * Parts to build credentials from.
45 */
46 enum builder_part_t {
47 /** path to a file encoded in any format, char* */
48 BUILD_FROM_FILE,
49 /** unix socket of a ssh/pgp agent, char* */
50 BUILD_AGENT_SOCKET,
51 /** An arbitrary blob of data, chunk_t */
52 BUILD_BLOB,
53 /** DER encoded ASN.1 blob, chunk_t */
54 BUILD_BLOB_ASN1_DER,
55 /** PEM encoded ASN.1/PGP blob, chunk_t */
56 BUILD_BLOB_PEM,
57 /** OpenPGP key blob, chunk_t */
58 BUILD_BLOB_PGP,
59 /** DNS public key blob (RFC 4034, RSA specific RFC 3110), chunk_t */
60 BUILD_BLOB_DNSKEY,
61 /** SSH public key blob (RFC 4253), chunk_t */
62 BUILD_BLOB_SSHKEY,
63 /** parameters from algorithmIdentifier (ASN.1 blob), chunk_t */
64 BUILD_BLOB_ALGID_PARAMS,
65 /** key size in bits, as used for key generation, u_int */
66 BUILD_KEY_SIZE,
67 /** private key to use for signing, private_key_t* */
68 BUILD_SIGNING_KEY,
69 /** certificate used for signing, certificate_t* */
70 BUILD_SIGNING_CERT,
71 /** public key to include, public_key_t* */
72 BUILD_PUBLIC_KEY,
73 /** subject for e.g. certificates, identification_t* */
74 BUILD_SUBJECT,
75 /** additional subject names, linked_list_t* containing identification_t* */
76 BUILD_SUBJECT_ALTNAMES,
77 /** issuer for e.g. certificates, identification_t* */
78 BUILD_ISSUER,
79 /** additional issuer names, linked_list_t* containing identification_t* */
80 BUILD_ISSUER_ALTNAMES,
81 /** notBefore, time_t* */
82 BUILD_NOT_BEFORE_TIME,
83 /** notAfter, time_t* */
84 BUILD_NOT_AFTER_TIME,
85 /** a serial number in binary form, chunk_t */
86 BUILD_SERIAL,
87 /** signature scheme and parameters for signature, signature_params_t* */
88 BUILD_SIGNATURE_SCHEME,
89 /** digest algorithm to be used for signature, hash_algorithm_t */
90 BUILD_DIGEST_ALG,
91 /** encryption algorithm to use, encryption_algorithm_t */
92 BUILD_ENCRYPTION_ALG,
93 /** list of AC group memberships, linked_list_t* with char* */
94 BUILD_AC_GROUP_STRINGS,
95 /** a ca certificate, certificate_t* */
96 BUILD_CA_CERT,
97 /** a certificate, certificate_t* */
98 BUILD_CERT,
99 /** CRL distribution point URIs, x509_cdp_t* */
100 BUILD_CRL_DISTRIBUTION_POINTS,
101 /** OCSP AuthorityInfoAccess locations, linked_list_t* containing char* */
102 BUILD_OCSP_ACCESS_LOCATIONS,
103 /** certificate path length constraint */
104 BUILD_PATHLEN,
105 /** RFC3779 addressBlock, linked_list_t* of traffic_selector_t* */
106 BUILD_ADDRBLOCKS,
107 /** permitted X509 name constraints, linked_list_t* of identification_t* */
108 BUILD_PERMITTED_NAME_CONSTRAINTS,
109 /** excluded X509 name constraints, linked_list_t* of identification_t* */
110 BUILD_EXCLUDED_NAME_CONSTRAINTS,
111 /** certificatePolicy OIDs, linked_list_t* of x509_cert_policy_t* */
112 BUILD_CERTIFICATE_POLICIES,
113 /** policyMapping OIDs, linked_list_t* of x509_policy_mapping_t* */
114 BUILD_POLICY_MAPPINGS,
115 /** requireExplicitPolicy constraint, int */
116 BUILD_POLICY_REQUIRE_EXPLICIT,
117 /** inhibitPolicyMapping constraint, int */
118 BUILD_POLICY_INHIBIT_MAPPING,
119 /** inhibitAnyPolicy constraint, int */
120 BUILD_POLICY_INHIBIT_ANY,
121 /** enforce an additional X509 flag, x509_flag_t */
122 BUILD_X509_FLAG,
123 /** enumerator_t over (chunk_t serial, time_t date, crl_reason_t reason) */
124 BUILD_REVOKED_ENUMERATOR,
125 /** Base CRL serial for a delta CRL, chunk_t, */
126 BUILD_BASE_CRL,
127 /** PKCS#10 challenge password */
128 BUILD_CHALLENGE_PWD,
129 /** PKCS#7 attribute, int oid, chunk_t with ASN1 type encoded value */
130 BUILD_PKCS7_ATTRIBUTE,
131 /** friendly name of a PKCS#11 module, null terminated char* */
132 BUILD_PKCS11_MODULE,
133 /** slot specifier for a token in a PKCS#11 module, int */
134 BUILD_PKCS11_SLOT,
135 /** key ID of a key on a token, chunk_t */
136 BUILD_PKCS11_KEYID,
137 /** modulus (n) of a RSA key, chunk_t */
138 BUILD_RSA_MODULUS,
139 /** public exponent (e) of a RSA key, chunk_t */
140 BUILD_RSA_PUB_EXP,
141 /** private exponent (d) of a RSA key, chunk_t */
142 BUILD_RSA_PRIV_EXP,
143 /** prime 1 (p) of a RSA key (p < q), chunk_t */
144 BUILD_RSA_PRIME1,
145 /** prime 2 (q) of a RSA key (p < q), chunk_t */
146 BUILD_RSA_PRIME2,
147 /** exponent 1 (exp1) of a RSA key, chunk_t */
148 BUILD_RSA_EXP1,
149 /** exponent 2 (exp1) of a RSA key, chunk_t */
150 BUILD_RSA_EXP2,
151 /** coefficient (coeff) of a RSA key, chunk_t */
152 BUILD_RSA_COEFF,
153 /** generate (p) and (q) as safe primes */
154 BUILD_SAFE_PRIMES,
155 /** number of private key shares */
156 BUILD_SHARES,
157 /** minimum number of participating private key shares */
158 BUILD_THRESHOLD,
159 /** EdDSA public key blob */
160 BUILD_EDDSA_PUB,
161 /** DER encoded ASN.1 EdDSA private key */
162 BUILD_EDDSA_PRIV_ASN1_DER,
163 /** OID of an [unsupported] critical extension */
164 BUILD_CRITICAL_EXTENSION,
165 /** end of variable argument builder list */
166 BUILD_END,
167 };
168
169 /**
170 * enum names for build_part_t
171 */
172 extern enum_name_t *builder_part_names;
173
174 #endif /** BUILDER_H_ @}*/