1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
|
/*
* Copyright (C) 2008 Martin Willi
* Hochschule fuer Technik Rapperswil
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
* Free Software Foundation; either version 2 of the License, or (at your
* option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
*
* This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* for more details.
*/
/**
* @defgroup builder builder
* @{ @ingroup credentials
*/
#ifndef BUILDER_H_
#define BUILDER_H_
typedef struct builder_t builder_t;
typedef enum builder_part_t builder_part_t;
/**
* Constructor function which creates a new builder instance.
*
* @param subtype constructor specific subtype, e.g. certificate_type_t
* @return builder to construct a instance of type
*/
typedef builder_t* (*builder_constructor_t)(int subtype);
#include <library.h>
/**
* Parts to build credentials from.
*/
enum builder_part_t {
/** path to a file containing an ASN1 blob, char* */
BUILD_FROM_FILE,
/** unix socket of a ssh/pgp agent, char* */
BUILD_AGENT_SOCKET,
/** DER encoded ASN1 blob, chunk_t */
BUILD_BLOB_ASN1_DER,
/** PEM encoded ASN1 blob, null terminated char* */
BUILD_BLOB_ASN1_PEM,
/** key size in bits, as used for key generation, u_int */
BUILD_KEY_SIZE,
/** private key to use for signing, private_key_t* */
BUILD_SIGNING_KEY,
/** certificate used for signing, certificate_t* */
BUILD_SIGNING_CERT,
/** public key to include, public_key_t* */
BUILD_PUBLIC_KEY,
/** subject for e.g. certificates, identification_t* */
BUILD_SUBJECT,
/** additional subject name, identification_t* */
BUILD_SUBJECT_ALTNAME,
/** issuer for e.g. certificates, identification_t* */
BUILD_ISSUER,
/** additional issuer name, identification_t* */
BUILD_ISSUER_ALTNAME,
/** notBefore, time_t* */
BUILD_NOT_BEFORE_TIME,
/** notAfter, time_t* */
BUILD_NOT_AFTER_TIME,
/** a serial number in binary form, chunk_t */
BUILD_SERIAL,
/** a comma-separated list of ietf group attributes, char* */
BUILD_IETF_GROUP_ATTR,
/** a ca certificate, certificate_t* */
BUILD_CA_CERT,
/** a certificate, certificate_t* */
BUILD_CERT,
/** enforce an additional X509 flag, x509_flag_t */
BUILD_X509_FLAG,
/** key ID of a key on a smartcard, null terminated char* ([slot:]keyid) */
BUILD_SMARTCARD_KEYID,
/** pin to access a key on a smartcard, null terminated char* */
BUILD_SMARTCARD_PIN,
/** end of variable argument builder list */
BUILD_END,
};
/**
* enum names for build_part_t
*/
extern enum_name_t *builder_part_names;
/**
* Credential construction API.
*
* The builder allows the construction of credentials in a generic and
* flexible way.
*/
struct builder_t {
/**
* Add a part to the construct.
*
* Any added parts are cloned/refcounted by the builder implementation, a
* caller may need to free the passed ressources themself.
*
* @param part kind of part
* @param ... part specific variable argument
*/
void (*add)(builder_t *this, builder_part_t part, ...);
/**
* Build the construct with all supplied parts.
*
* Once build() is called, the builder gets destroyed.
*
* @return specific interface, as requested with constructor.
*/
void* (*build)(builder_t *this);
};
/**
* Helper macro to cancel a build in a builder
*/
#define builder_cancel(builder) { (builder)->add = (void*)nop; \
(builder)->build = (void*)builder_free; }
/**
* Helper function for a cancelled build.
*/
void* builder_free(builder_t *this);
#endif /** BUILDER_H_ @}*/
|