summaryrefslogtreecommitdiff
path: root/src/libstrongswan/credentials/containers/container.h
blob: fc5c09041370ff2bc2502b8208b0314c447387fb (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
/*
 * Copyright (C) 2012 Martin Willi
 * Copyright (C) 2012 revosec AG
 *
 * This program is free software; you can redistribute it and/or modify it
 * under the terms of the GNU General Public License as published by the
 * Free Software Foundation; either version 2 of the License, or (at your
 * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
 *
 * This program is distributed in the hope that it will be useful, but
 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
 * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
 * for more details.
 */

/**
 * @defgroup container container
 * @{ @ingroup containers
 */

#ifndef CONTAINER_H_
#define CONTAINER_H_

typedef struct container_t container_t;
typedef enum container_type_t container_type_t;

#include <utils/chunk.h>
#include <collections/enumerator.h>

/**
 * Type of the container.
 */
enum container_type_t {
	/** Any kind of PKCS7/CMS container */
	CONTAINER_PKCS7,
	/** PKCS7/CMS plain "data" */
	CONTAINER_PKCS7_DATA,
	/** PKCS7/CMS "signed-data" */
	CONTAINER_PKCS7_SIGNED_DATA,
	/** PKCS7/CMS "enveloped-data" */
	CONTAINER_PKCS7_ENVELOPED_DATA,
};

/**
 * Enum names for container_type_t
 */
extern enum_name_t *container_type_names;

/**
 * Generic interface for cryptographic containers.
 */
struct container_t {

	/**
	 * Get the type of the container.
	 *
	 * @return		container type
	 */
	container_type_t (*get_type)(container_t *this);

	/**
	 * Create an enumerator over trustchains for valid container signatures.
	 *
	 * @return		enumerator over auth_cfg_t*
	 */
	enumerator_t* (*create_signature_enumerator)(container_t *this);

	/**
	 * Get signed/decrypted data wrapped in this container.
	 *
	 * This function does not verify any associated signatures, use
	 * create_signature_enumerator() to verify them.
	 *
	 * @param data	allocated data wrapped in this container
	 * @return		TRUE if data decrypted successfully
	 */
	bool (*get_data)(container_t *this, chunk_t *data);

	/**
	 * Get the encoding of the full signed/encrypted container.
	 *
	 * @param data	allocated container encoding
	 * @return		TRUE if encodign successful
	 */
	bool (*get_encoding)(container_t *this, chunk_t *encoding);

	/**
	 * Destroy a container_t.
	 */
	void (*destroy)(container_t *this);
};

#endif /** CONTAINER_H_ @}*/