src/libstrongswan/credentials/sets/mem_cred.h

   1 /*
   2  * Copyright (C) 2010-2013 Tobias Brunner
   3  * Hochschule fuer Technik Rapperswil
   4  * Copyright (C) 2010 Martin Willi
   5  * Copyright (C) 2010 revosec AG
   6  *
   7  * This program is free software; you can redistribute it and/or modify it
   8  * under the terms of the GNU General Public License as published by the
   9  * Free Software Foundation; either version 2 of the License, or (at your
  10  * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
  11  *
  12  * This program is distributed in the hope that it will be useful, but
  13  * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
  14  * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  15  * for more details.
  16  */
  17
  18 /**
  19  * @defgroup mem_cred mem_cred
  20  * @{ @ingroup sets
  21  */
  22
  23 #ifndef MEM_CRED_H_
  24 #define MEM_CRED_H_
  25
  26 typedef struct mem_cred_t mem_cred_t;
  27
  28 #include <credentials/credential_set.h>
  29 #include <credentials/certificates/crl.h>
  30 #include <collections/linked_list.h>
  31
  32 /**
  33  * Generic in-memory credential set.
  34  */
  35 struct mem_cred_t {
  36
  37         /**
  38          * Implements credential_set_t.
  39          */
  40         credential_set_t set;
  41
  42         /**
  43          * Add a certificate to the credential set.
  44          *
  45          * @param trusted               TRUE to serve certificate as trusted
  46          * @param cert                  certificate, reference gets owned by set
  47          */
  48         void (*add_cert)(mem_cred_t *this, bool trusted, certificate_t *cert);
  49
  50         /**
  51          * Add a certificate to the credential set, returning a reference to it or
  52          * to a cached duplicate.
  53          *
  54          * @param trusted               TRUE to serve certificate as trusted
  55          * @param cert                  certificate, reference gets owned by set
  56          * @return                              reference to cert or a previously cached duplicate
  57          */
  58         certificate_t *(*add_cert_ref)(mem_cred_t *this, bool trusted,
  59                                                                    certificate_t *cert);
  60
  61         /**
  62          * Add an X.509 CRL to the credential set.
  63          *
  64          * @param crl                   CRL, gets owned by set
  65          * @return                              TRUE, if the CRL is newer than an existing one (or
  66          *                                              new at all)
  67          */
  68         bool (*add_crl)(mem_cred_t *this, crl_t *crl);
  69
  70         /**
  71          * Add a private key to the credential set.
  72          *
  73          * @param key                   key, reference gets owned by set
  74          */
  75         void (*add_key)(mem_cred_t *this, private_key_t *key);
  76
  77         /**
  78          * Add a shared key to the credential set.
  79          *
  80          * @param shared                shared key to add, gets owned by set
  81          * @param ...                   NULL terminated list of owners (identification_t*)
  82          */
  83         void (*add_shared)(mem_cred_t *this, shared_key_t *shared, ...);
  84
  85         /**
  86          * Add a shared key to the credential set.
  87          *
  88          * @param shared                shared key to add, gets owned by set
  89          * @param owners                list of owners (identification_t*), gets owned
  90          */
  91         void (*add_shared_list)(mem_cred_t *this, shared_key_t *shared,
  92                                                         linked_list_t *owners);
  93         /**
  94          * Add a certificate distribution point to the set.
  95          *
  96          * @param type                  type of the certificate
  97          * @param id                    certificate ID CDP has a cert for, gets cloned
  98          * @param uri                   CDP URI, gets strduped
  99          */
 100         void (*add_cdp)(mem_cred_t *this, certificate_type_t type,
 101                                         identification_t *id, char *uri);
 102
 103         /**
 104          * Replace all secrets (private and shared keys) in this credential set
 105          * with those of another.
 106          *
 107          * @param other                 credential set to get secrets from
 108          * @param clone                 TRUE to clone secrets, FALSE to adopt them (they
 109          *                                              get removed from the other set)
 110          */
 111         void (*replace_secrets)(mem_cred_t *this, mem_cred_t *other, bool clone);
 112
 113         /**
 114          * Clear all credentials from the credential set.
 115          */
 116         void (*clear)(mem_cred_t *this);
 117
 118         /**
 119          * Clear the secrets (private and shared keys, not the certificates) from
 120          * the credential set.
 121          */
 122         void (*clear_secrets)(mem_cred_t *this);
 123
 124         /**
 125          * Destroy a mem_cred_t.
 126          */
 127         void (*destroy)(mem_cred_t *this);
 128 };
 129
 130 /**
 131  * Create a mem_cred instance.
 132  */
 133 mem_cred_t *mem_cred_create();
 134
 135 #endif /** MEM_CRED_H_ @}*/