1 /* mechanisms for preshared keys (public, private, and preshared secrets)
2 * Copyright (C) 1998-2002 D. Hugh Redelmeier.
4 * This program is free software; you can redistribute it and/or modify it
5 * under the terms of the GNU General Public License as published by the
6 * Free Software Foundation; either version 2 of the License, or (at your
7 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
9 * This program is distributed in the hope that it will be useful, but
10 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
11 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14 * RCSID $Id: keys.h,v 1.7 2006/01/26 20:10:34 as Exp $
20 #include <gmp.h> /* GNU Multi-Precision library */
25 #ifndef SHARED_SECRETS_FILE
26 # define SHARED_SECRETS_FILE "/etc/ipsec.secrets"
29 const char *shared_secrets_file
;
31 extern void load_preshared_secrets(int whackfd
);
32 extern void free_preshared_secrets(void);
34 struct state
; /* forward declaration */
38 /* PPK_DSS, */ /* not implemented */
43 extern const chunk_t
*get_preshared_secret(const struct connection
*c
);
44 extern err_t
unpack_RSA_public_key(RSA_public_key_t
*rsa
, const chunk_t
*pubkey
);
45 extern const RSA_private_key_t
*get_RSA_private_key(const struct connection
*c
);
46 extern const RSA_private_key_t
*get_x509_private_key(const x509cert_t
*cert
);
48 /* public key machinery */
50 typedef struct pubkey pubkey_t
;
54 unsigned refcnt
; /* reference counted! */
55 enum dns_auth_level dns_auth_level
;
69 typedef struct pubkey_list pubkey_list_t
;
76 extern pubkey_list_t
*pubkeys
; /* keys from ipsec.conf or from certs */
78 extern pubkey_t
*public_key_from_rsa(const RSA_public_key_t
*k
);
79 extern pubkey_list_t
*free_public_keyentry(pubkey_list_t
*p
);
80 extern void free_public_keys(pubkey_list_t
**keys
);
81 extern void free_remembered_public_keys(void);
82 extern void delete_public_keys(const struct id
*id
, enum pubkey_alg alg
83 , chunk_t issuer
, chunk_t serial
);
85 extern pubkey_t
*reference_key(pubkey_t
*pk
);
86 extern void unreference_key(pubkey_t
**pkp
);
89 extern err_t
add_public_key(const struct id
*id
90 , enum dns_auth_level dns_auth_level
93 , pubkey_list_t
**head
);
95 extern bool has_private_key(cert_t cert
);
96 extern void add_x509_public_key(x509cert_t
*cert
, time_t until
97 , enum dns_auth_level dns_auth_level
);
98 extern void add_pgp_public_key(pgpcert_t
*cert
, time_t until
99 , enum dns_auth_level dns_auth_level
);
100 extern void remove_x509_public_key(const x509cert_t
*cert
);
101 extern void list_public_keys(bool utc
);
103 struct gw_info
; /* forward declaration of tag (defined in dnskey.h) */
104 extern void transfer_to_public_keys(struct gw_info
*gateways_from_dns
106 , pubkey_list_t
**keys
107 #endif /* USE_KEYRR */