SQLite HOWTO » History » Version 7
« Previous -
Version 7/28
(diff) -
Next » -
Current version
Martin Willi, 29.06.2008 16:39
added various keyids
= SQLite HOWTO =
SQLite tables defined in [browser:trunk/testing/hosts/default/etc/ipsec.d/tables.sql tables.sql]
TABLE identities'''type''' defined in [browser:trunk/src/libstrongswan/utils/identification.h#L58 identification.h]
0 | ID_ANY | matches any id | right=''%any'' | |||||
1 | ID_IPV4_ADDR | IPv4 address | right=''192.168.0.1'' | |||||
2 | ID_FQDN | fully qualified domain name | right=''@moon.strongswan.org'' | |||||
3 | ID_RFC822_ADDR | RFC822 email address | right=''carol@strongswan.org'' | |||||
5 | ID_IPV6_ADDR | IPv6 address | right=''fec0::1'' | |||||
9 | ID_DER_ASN1_DN | ASN.1 distinguished name | right=''C=CH, O=Linux strongSwan, CN=moon.strongswan.org'' | |||||
11 | ID_KEY_ID | opaque octet string | right=''@#e5e410876c2ac4bead854942a6de7658303a9fc1'' | |||||
202 | ID_PUBKEY_INFO_SHA1 | SHA-1 hash over subjectPublicKeyInfo | ||||||
203 | ID_PUBKEY_SHA1 | SHA-1 hash over subjectPublicKey |
'''ID_ANY''': scripts/id2sql "%any"
{{{
INSERT INTO identities (
type, data
) VALUES (
0, X''
);
}}}
'''ID_IPV4_ADDR''': scripts/id2sql "192.168.0.1"
{{{
INSERT INTO identities (
type, data
) VALUES (
1, X'c0a80001'
);
}}}
'''ID_FQDN''': scripts/id2sql "@moon.strongswan.org"
{{{
INSERT INTO identities (
type, data
) VALUES (
2, X'6d6f6f6e2e7374726f6e677377616e2e6f7267'
);
}}}
'''ID_RFC822_ADDR''': scripts/id2sql "carol@strongswan.org"
{{{
INSERT INTO identities (
type, data
) VALUES (
3, X'6361726f6c407374726f6e677377616e2e6f7267'
);
}}}
'''ID_IPV6_ADDR''': scripts/id2sql "fec0::1"
{{{
INSERT INTO identities (
type, data
) VALUES (
5, X'fec00000000000000000000000000001'
);
}}}
'''ID_DER_ASN1_DN''': scripts/id2sql "C=CH, O=Linux strongSwan, CN=moon.strongswan.org"
{{{
INSERT INTO identities (
type, data
) VALUES (
9, X'3046310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311c301a060355040313136d6f6f6e2e7374726f6e677377616e2e6f7267'
);
}}}
'''ID_KEY_ID''': scripts/id2sql "@#e5e410876c2ac4bead854942a6de7658303a9fc1"
{{{
INSERT INTO identities (
type, data
) VALUES (
11, X'e5e410876c2ac4bead854942a6de7658303a9fc1'
);
}}}
'''ID_PUBKEY_INFO_SHA1''': scripts/key2keyid moonKey.der
{{{
INSERT INTO identities (
type, data
) VALUES (
202, X'd70dbd46d5133519064f12f100525ead0802ca95'
);
}}}
'''ID_PUBKEY_SHA1''': scripts/key2keyid moonKey.der
{{{
INSERT INTO identities (
type, data
) VALUES (
203, X'e5e410876c2ac4bead854942a6de7658303a9fc1'
);
}}}
'''type''' defined in [browser:trunk/src/libstrongswan/credentials/keys/public_key.h#L37 public_key.h]
1 | KEY_RSA | RSA key in PKCS!#1 format | ||||
2 | KEY_ECDSA | ECDSA key in ANSI X9.62 format |
'''type''' defined in [browser:trunk/src/libstrongswan/credentials/certificates/certificate.h#L35 certificate.h]
1 | CERT_X509 | X.509 certificate | ||||
2 | CERT_X509_CRL | X.509 certificate revocation list | ||||
5 | CERT_X509_AC | X.509 attribute certificate | ||||
6 | CERT_TRUSTED_PUBKEY | trusted public key |
'''keytype''' defined in [browser:trunk/src/libstrongswan/credentials/keys/public_key.h#L37 public_key.h]
TABLE shared_secrets'''type''' defined in [browser:trunk/src/libstrongswan/credentials/keys/shared_key.h#L33 shared_key.h]
1 | SHARED_IKE | : PSK <secret> | ||||
2 | SHARED_EAP | : EAP <secret> | ||||
3 | SHARED_PRIVATE_KEY_PASS | : RSA <keyfile> <secret> | ||||
4 | SHARED_PIN | : PIN <secret> |
'''auth_method''' defined in [browser:trunk/src/charon/config/peer_cfg.h#L87 peer_cfg.h]
1 | CONF_AUTH_PUBKEY | authentication using public key | authby=''rsasig'', authby=''ecdsasig'' | |||||
2 | CONF_AUTH_PSK | authentication using pre-shared secret | authby=''psk'' | |||||
3 | CONF_AUTH_EAP | authentication using EAP | authby=''eap'' |
'''type''' defined in [browser:trunk/src/charon/config/traffic_selector.h#L37 traffic_selector.h]
7 | TS_IPV4_ADDR_RANGE | |||
8 | TS_IPV6_ADDR_RANGE |