diff options
Diffstat (limited to 'src/pluto/keys.h')
| -rw-r--r-- | src/pluto/keys.h | 79 |
1 files changed, 36 insertions, 43 deletions
diff --git a/src/pluto/keys.h b/src/pluto/keys.h index b06e536a5..8bc94d839 100644 --- a/src/pluto/keys.h +++ b/src/pluto/keys.h @@ -1,5 +1,6 @@ /* mechanisms for preshared keys (public, private, and preshared secrets) * Copyright (C) 1998-2002 D. Hugh Redelmeier. + * Copyright (C) 2009 Andreas Steffen, Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the @@ -10,16 +11,14 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. - * - * RCSID $Id: keys.h 3252 2007-10-06 21:24:50Z andreas $ */ #ifndef _KEYS_H #define _KEYS_H -#include <gmp.h> /* GNU Multi-Precision library */ +#include <credentials/keys/private_key.h> +#include <credentials/keys/public_key.h> -#include "pkcs1.h" #include "certs.h" #ifndef SHARED_SECRETS_FILE @@ -32,11 +31,10 @@ extern void load_preshared_secrets(int whackfd); extern void free_preshared_secrets(void); enum PrivateKeyKind { - PPK_PSK, - /* PPK_DSS, */ /* not implemented */ - PPK_RSA, - PPK_XAUTH, - PPK_PIN + PPK_PSK, + PPK_PUBKEY, + PPK_XAUTH, + PPK_PIN }; extern void xauth_defaults(void); @@ -45,69 +43,64 @@ extern void xauth_defaults(void); struct connection; extern const chunk_t *get_preshared_secret(const struct connection *c); -extern err_t unpack_RSA_public_key(RSA_public_key_t *rsa, const chunk_t *pubkey); -extern const RSA_private_key_t *get_RSA_private_key(const struct connection *c); -extern const RSA_private_key_t *get_x509_private_key(const x509cert_t *cert); +extern private_key_t *get_private_key(const struct connection *c); +extern private_key_t *get_x509_private_key(const x509cert_t *cert); /* public key machinery */ typedef struct pubkey pubkey_t; struct pubkey { - struct id id; - unsigned refcnt; /* reference counted! */ - enum dns_auth_level dns_auth_level; - char *dns_sig; - time_t installed_time - , last_tried_time - , last_worked_time - , until_time; - chunk_t issuer; - chunk_t serial; - enum pubkey_alg alg; - union { - RSA_public_key_t rsa; - } u; + struct id id; + unsigned refcnt; /* reference counted! */ + enum dns_auth_level dns_auth_level; + char *dns_sig; + time_t installed_time + , last_tried_time + , last_worked_time + , until_time; + chunk_t issuer; + chunk_t serial; + public_key_t *public_key; }; typedef struct pubkey_list pubkey_list_t; struct pubkey_list { - pubkey_t *key; - pubkey_list_t *next; + pubkey_t *key; + pubkey_list_t *next; }; -extern pubkey_list_t *pubkeys; /* keys from ipsec.conf or from certs */ +extern pubkey_list_t *pubkeys; /* keys from ipsec.conf or from certs */ -extern pubkey_t *public_key_from_rsa(const RSA_public_key_t *k); +extern pubkey_t *public_key_from_rsa(public_key_t *key); extern pubkey_list_t *free_public_keyentry(pubkey_list_t *p); extern void free_public_keys(pubkey_list_t **keys); extern void free_remembered_public_keys(void); -extern void delete_public_keys(const struct id *id, enum pubkey_alg alg - , chunk_t issuer, chunk_t serial); - +extern void delete_public_keys(const struct id *id, key_type_t type, + chunk_t issuer, chunk_t serial); extern pubkey_t *reference_key(pubkey_t *pk); extern void unreference_key(pubkey_t **pkp); -extern err_t add_public_key(const struct id *id - , enum dns_auth_level dns_auth_level - , enum pubkey_alg alg - , const chunk_t *key - , pubkey_list_t **head); +extern bool add_public_key(const struct id *id, + enum dns_auth_level dns_auth_level, + enum pubkey_alg alg, + chunk_t rfc3110_key, + pubkey_list_t **head); extern bool has_private_key(cert_t cert); extern void add_x509_public_key(x509cert_t *cert, time_t until - , enum dns_auth_level dns_auth_level); + , enum dns_auth_level dns_auth_level); extern void add_pgp_public_key(pgpcert_t *cert, time_t until - , enum dns_auth_level dns_auth_level); + , enum dns_auth_level dns_auth_level); extern void remove_x509_public_key(const x509cert_t *cert); extern void list_public_keys(bool utc); -struct gw_info; /* forward declaration of tag (defined in dnskey.h) */ +struct gw_info; /* forward declaration of tag (defined in dnskey.h) */ extern void transfer_to_public_keys(struct gw_info *gateways_from_dns #ifdef USE_KEYRR - , pubkey_list_t **keys + , pubkey_list_t **keys #endif /* USE_KEYRR */ - ); + ); #endif /* _KEYS_H */ |