Project

General

Profile

SQLite HOWTO » History » Version 7

« Previous - Version 7/28 (diff) - Next » - Current version
Martin Willi, 29.06.2008 16:39
added various keyids


= SQLite HOWTO =

SQLite tables defined in [browser:trunk/testing/hosts/default/etc/ipsec.d/tables.sql tables.sql]

TABLE identities

'''type''' defined in [browser:trunk/src/libstrongswan/utils/identification.h#L58 identification.h]

0 ID_ANY matches any id right=''%any''
1 ID_IPV4_ADDR IPv4 address right=''192.168.0.1''
2 ID_FQDN fully qualified domain name right=''@moon.strongswan.org''
3 ID_RFC822_ADDR RFC822 email address right=''''
5 ID_IPV6_ADDR IPv6 address right=''fec0::1''
9 ID_DER_ASN1_DN ASN.1 distinguished name right=''C=CH, O=Linux strongSwan, CN=moon.strongswan.org''
11 ID_KEY_ID opaque octet string right=''@#e5e410876c2ac4bead854942a6de7658303a9fc1''
202 ID_PUBKEY_INFO_SHA1 SHA-1 hash over subjectPublicKeyInfo
203 ID_PUBKEY_SHA1 SHA-1 hash over subjectPublicKey

'''ID_ANY''': scripts/id2sql "%any"

{{{
INSERT INTO identities (
type, data
) VALUES (
0, X''
);
}}}

'''ID_IPV4_ADDR''': scripts/id2sql "192.168.0.1"

{{{
INSERT INTO identities (
type, data
) VALUES (
1, X'c0a80001'
);
}}}

'''ID_FQDN''': scripts/id2sql "@moon.strongswan.org"

{{{
INSERT INTO identities (
type, data
) VALUES (
2, X'6d6f6f6e2e7374726f6e677377616e2e6f7267'
);
}}}

'''ID_RFC822_ADDR''': scripts/id2sql ""

{{{
INSERT INTO identities (
type, data
) VALUES (
3, X'6361726f6c407374726f6e677377616e2e6f7267'
);
}}}

'''ID_IPV6_ADDR''': scripts/id2sql "fec0::1"

{{{
INSERT INTO identities (
type, data
) VALUES (
5, X'fec00000000000000000000000000001'
);
}}}

'''ID_DER_ASN1_DN''': scripts/id2sql "C=CH, O=Linux strongSwan, CN=moon.strongswan.org"

{{{
INSERT INTO identities (
type, data
) VALUES (
9, X'3046310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311c301a060355040313136d6f6f6e2e7374726f6e677377616e2e6f7267'
);
}}}

'''ID_KEY_ID''': scripts/id2sql "@#e5e410876c2ac4bead854942a6de7658303a9fc1"

{{{
INSERT INTO identities (
type, data
) VALUES (
11, X'e5e410876c2ac4bead854942a6de7658303a9fc1'
);
}}}

'''ID_PUBKEY_INFO_SHA1''': scripts/key2keyid moonKey.der

{{{
INSERT INTO identities (
type, data
) VALUES (
202, X'd70dbd46d5133519064f12f100525ead0802ca95'
);
}}}

'''ID_PUBKEY_SHA1''': scripts/key2keyid moonKey.der

{{{
INSERT INTO identities (
type, data
) VALUES (
203, X'e5e410876c2ac4bead854942a6de7658303a9fc1'
);
}}}

TABLE private_keys

'''type''' defined in [browser:trunk/src/libstrongswan/credentials/keys/public_key.h#L37 public_key.h]

1 KEY_RSA RSA key in PKCS!#1 format
2 KEY_ECDSA ECDSA key in ANSI X9.62 format
TABLE certificates

'''type''' defined in [browser:trunk/src/libstrongswan/credentials/certificates/certificate.h#L35 certificate.h]

1 CERT_X509 X.509 certificate
2 CERT_X509_CRL X.509 certificate revocation list
5 CERT_X509_AC X.509 attribute certificate
6 CERT_TRUSTED_PUBKEY trusted public key

'''keytype''' defined in [browser:trunk/src/libstrongswan/credentials/keys/public_key.h#L37 public_key.h]

TABLE shared_secrets

'''type''' defined in [browser:trunk/src/libstrongswan/credentials/keys/shared_key.h#L33 shared_key.h]

1 SHARED_IKE : PSK <secret>
2 SHARED_EAP : EAP <secret>
3 SHARED_PRIVATE_KEY_PASS : RSA <keyfile> <secret>
4 SHARED_PIN : PIN <secret>
TABLE peer_configs

'''auth_method''' defined in [browser:trunk/src/charon/config/peer_cfg.h#L87 peer_cfg.h]

1 CONF_AUTH_PUBKEY authentication using public key authby=''rsasig'', authby=''ecdsasig''
2 CONF_AUTH_PSK authentication using pre-shared secret authby=''psk''
3 CONF_AUTH_EAP authentication using EAP authby=''eap''
TABLE traffic_selectors

'''type''' defined in [browser:trunk/src/charon/config/traffic_selector.h#L37 traffic_selector.h]

7 TS_IPV4_ADDR_RANGE
8 TS_IPV6_ADDR_RANGE