src/libstrongswan/credentials/sets/mem_cred.h

   1 /*
   2  * Copyright (C) 2010-2013 Tobias Brunner
   3  * Hochschule fuer Technik Rapperswil
   4  * Copyright (C) 2010 Martin Willi
   5  * Copyright (C) 2010 revosec AG
   6  *
   7  * This program is free software; you can redistribute it and/or modify it
   8  * under the terms of the GNU General Public License as published by the
   9  * Free Software Foundation; either version 2 of the License, or (at your
  10  * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
  11  *
  12  * This program is distributed in the hope that it will be useful, but
  13  * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
  14  * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  15  * for more details.
  16  */
  17
  18 /**
  19  * @defgroup mem_cred mem_cred
  20  * @{ @ingroup sets
  21  */
  22
  23 #ifndef MEM_CRED_H_
  24 #define MEM_CRED_H_
  25
  26 typedef struct mem_cred_t mem_cred_t;
  27
  28 #include <credentials/credential_set.h>
  29 #include <credentials/certificates/crl.h>
  30 #include <collections/linked_list.h>
  31
  32 /**
  33  * Generic in-memory credential set.
  34  */
  35 struct mem_cred_t {
  36
  37         /**
  38          * Implements credential_set_t.
  39          */
  40         credential_set_t set;
  41
  42         /**
  43          * Add a certificate to the credential set.
  44          *
  45          * @param trusted               TRUE to serve certificate as trusted
  46          * @param cert                  certificate, reference gets owned by set
  47          */
  48         void (*add_cert)(mem_cred_t *this, bool trusted, certificate_t *cert);
  49
  50         /**
  51          * Add a certificate to the credential set, returning a reference to it or
  52          * to a cached duplicate.
  53          *
  54          * @param trusted               TRUE to serve certificate as trusted
  55          * @param cert                  certificate, reference gets owned by set
  56          * @return                              reference to cert or a previously cached duplicate
  57          */
  58         certificate_t *(*add_cert_ref)(mem_cred_t *this, bool trusted,
  59                                                                    certificate_t *cert);
  60
  61         /**
  62          * Get an existing reference to the same certificate.
  63          *
  64          * Searches for the same certficate in the set, and returns a reference
  65          * to it, destroying the passed certificate. If the passed certificate
  66          * is not found, it is just returned.
  67          *
  68          * @param cert                  certificate to look up
  69          * @return                              the same certificate, potentially different instance
  70          */
  71         certificate_t* (*get_cert_ref)(mem_cred_t *this, certificate_t *cert);
  72
  73         /**
  74          * Add an X.509 CRL to the credential set.
  75          *
  76          * @param crl                   CRL, gets owned by set
  77          * @return                              TRUE, if the CRL is newer than an existing one (or
  78          *                                              new at all)
  79          */
  80         bool (*add_crl)(mem_cred_t *this, crl_t *crl);
  81
  82         /**
  83          * Add a private key to the credential set.
  84          *
  85          * @param key                   key, reference gets owned by set
  86          */
  87         void (*add_key)(mem_cred_t *this, private_key_t *key);
  88
  89         /**
  90          * Add a shared key to the credential set.
  91          *
  92          * @param shared                shared key to add, gets owned by set
  93          * @param ...                   NULL terminated list of owners (identification_t*)
  94          */
  95         void (*add_shared)(mem_cred_t *this, shared_key_t *shared, ...);
  96
  97         /**
  98          * Add a shared key to the credential set.
  99          *
 100          * @param shared                shared key to add, gets owned by set
 101          * @param owners                list of owners (identification_t*), gets owned
 102          */
 103         void (*add_shared_list)(mem_cred_t *this, shared_key_t *shared,
 104                                                         linked_list_t *owners);
 105         /**
 106          * Add a certificate distribution point to the set.
 107          *
 108          * @param type                  type of the certificate
 109          * @param id                    certificate ID CDP has a cert for, gets cloned
 110          * @param uri                   CDP URI, gets strduped
 111          */
 112         void (*add_cdp)(mem_cred_t *this, certificate_type_t type,
 113                                         identification_t *id, char *uri);
 114
 115         /**
 116          * Replace all secrets (private and shared keys) in this credential set
 117          * with those of another.
 118          *
 119          * @param other                 credential set to get secrets from
 120          * @param clone                 TRUE to clone secrets, FALSE to adopt them (they
 121          *                                              get removed from the other set)
 122          */
 123         void (*replace_secrets)(mem_cred_t *this, mem_cred_t *other, bool clone);
 124
 125         /**
 126          * Clear all credentials from the credential set.
 127          */
 128         void (*clear)(mem_cred_t *this);
 129
 130         /**
 131          * Clear the secrets (private and shared keys, not the certificates) from
 132          * the credential set.
 133          */
 134         void (*clear_secrets)(mem_cred_t *this);
 135
 136         /**
 137          * Destroy a mem_cred_t.
 138          */
 139         void (*destroy)(mem_cred_t *this);
 140 };
 141
 142 /**
 143  * Create a mem_cred instance.
 144  */
 145 mem_cred_t *mem_cred_create();
 146
 147 #endif /** MEM_CRED_H_ @}*/