support cachecrls=yes
[strongswan.git] / src / libstrongswan / credential_store.h
index e19f147..e3b9468 100755 (executable)
@@ -58,7 +58,25 @@ struct credential_store_t {
         *                                                              - SUCCESS
         *
         */     
-       status_t (*get_shared_key) (credential_store_t *this, identification_t *my_id, identification_t *other_id, chunk_t *shared_key);
+       status_t (*get_shared_key) (credential_store_t *this, identification_t *my_id,
+                                                               identification_t *other_id, chunk_t *shared_key);
+       
+       /**
+        * @brief Returns the EAP secret for two specified IDs.
+        * 
+        * The returned chunk must be destroyed by the caller after usage.
+        * 
+        * @param this                                  calling object
+        * @param my_id                                 my ID identifiying the secret.
+        * @param other_id                              peer ID identifying the secret.
+        * @param[out] eap_key                  the EAP secret will be written here
+        * @return
+        *                                                              - NOT_FOUND     if no preshared secrets for specific ID could be found
+        *                                                              - SUCCESS
+        *
+        */     
+       status_t (*get_eap_key) (credential_store_t *this, identification_t *my_id,
+                                                        identification_t *other_id, chunk_t *eap_key);
        
        /**
         * @brief Returns the RSA public key of a specific ID.
@@ -226,6 +244,15 @@ struct credential_store_t {
        void (*list_crls) (credential_store_t *this, FILE *out, bool utc);
 
        /**
+        * @brief Check if there are any OCSP cert infos
+        *
+        * @param this          calling object
+        * @param out           output stream
+        * @param utc           either utc or local time
+        */
+       void (*list_ocsp) (credential_store_t *this, FILE *out, bool utc);
+
+       /**
         * @brief Loads ca certificates from a default directory.
         *
         * Certificates in both DER and PEM format are accepted
@@ -259,14 +286,14 @@ struct credential_store_t {
         * Currently, all RSA private key files must be in unencrypted form
      * either in DER or PEM format.
         * 
-        * @param this                  calling object
+        * @param this          calling object
         */
        void (*load_secrets) (credential_store_t *this);
 
        /**
         * @brief Destroys a credential_store_t object.
         * 
-        * @param this                                  calling object
+        * @param this          calling object
         */
        void (*destroy) (credential_store_t *this);
 };