strongSwan

= SQLite HOWTO =

SQLite tables defined in [browser:trunk/testing/hosts/default/etc/ipsec.d/tables.sql tables.sql]

TABLE identities

'''type''' defined in [browser:trunk/src/libstrongswan/utils/identification.h#L58 identification.h]

	0		ID_ANY		matches any id		right=''%any''
	1		ID_IPV4_ADDR		IPv4 address		right=''192.168.0.1''
	2		ID_FQDN		fully qualified domain name		right=''@moon.strongswan.org''
	3		ID_RFC822_ADDR		RFC822 email address		right=''carol@strongswan.org''
	5		ID_IPV6_ADDR		IPv6 address		right=''fec0::1''
	9		ID_DER_ASN1_DN		ASN.1 distinguished name		right=''C=CH, O=Linux strongSwan, CN=moon.strongswan.org''
	11		ID_KEY_ID		opaque octet string		right=''@#e5e410876c2ac4bead854942a6de7658303a9fc1''
	202		ID_PUBKEY_INFO_SHA1		SHA-1 hash over subjectPublicKeyInfo
	203		ID_PUBKEY_SHA1		SHA-1 hash over subjectPublicKey

'''ID_ANY''': scripts/id2sql "%any"

{{{
INSERT INTO identities (
type, data
) VALUES (
0, X''
);
}}}

'''ID_IPV4_ADDR''': scripts/id2sql "192.168.0.1"

{{{
INSERT INTO identities (
type, data
) VALUES (
1, X'c0a80001'
);
}}}

'''ID_FQDN''': scripts/id2sql "@moon.strongswan.org"

{{{
INSERT INTO identities (
type, data
) VALUES (
2, X'6d6f6f6e2e7374726f6e677377616e2e6f7267'
);
}}}

'''ID_RFC822_ADDR''': scripts/id2sql "carol@strongswan.org"

{{{
INSERT INTO identities (
type, data
) VALUES (
3, X'6361726f6c407374726f6e677377616e2e6f7267'
);
}}}

'''ID_IPV6_ADDR''': scripts/id2sql "fec0::1"

{{{
INSERT INTO identities (
type, data
) VALUES (
5, X'fec00000000000000000000000000001'
);
}}}

'''ID_DER_ASN1_DN''': scripts/id2sql "C=CH, O=Linux strongSwan, CN=moon.strongswan.org"

{{{
INSERT INTO identities (
type, data
) VALUES (
9, X'3046310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311c301a060355040313136d6f6f6e2e7374726f6e677377616e2e6f7267'
);
}}}

'''ID_KEY_ID''': scripts/id2sql "@#e5e410876c2ac4bead854942a6de7658303a9fc1"

{{{
INSERT INTO identities (
type, data
) VALUES (
11, X'e5e410876c2ac4bead854942a6de7658303a9fc1'
);
}}}

'''ID_PUBKEY_INFO_SHA1''': scripts/key2keyid moonKey.der

{{{
INSERT INTO identities (
type, data
) VALUES (
202, X'd70dbd46d5133519064f12f100525ead0802ca95'
);
}}}

'''ID_PUBKEY_SHA1''': scripts/key2keyid moonKey.der

{{{
INSERT INTO identities (
type, data
) VALUES (
203, X'e5e410876c2ac4bead854942a6de7658303a9fc1'
);
}}}

TABLE private_keys

'''type''' defined in [browser:trunk/src/libstrongswan/credentials/keys/public_key.h#L37 public_key.h]

	1		KEY_RSA		RSA key in PKCS!#1 format
	2		KEY_ECDSA		ECDSA key in ANSI X9.62 format

TABLE certificates

'''type''' defined in [browser:trunk/src/libstrongswan/credentials/certificates/certificate.h#L35 certificate.h]

	1		CERT_X509		X.509 certificate
	2		CERT_X509_CRL		X.509 certificate revocation list
	5		CERT_X509_AC		X.509 attribute certificate
	6		CERT_TRUSTED_PUBKEY		trusted public key

'''keytype''' defined in [browser:trunk/src/libstrongswan/credentials/keys/public_key.h#L37 public_key.h]

TABLE shared_secrets

'''type''' defined in [browser:trunk/src/libstrongswan/credentials/keys/shared_key.h#L33 shared_key.h]

	1		SHARED_IKE		: PSK <secret>
	2		SHARED_EAP		: EAP <secret>
	3		SHARED_PRIVATE_KEY_PASS		: RSA <keyfile> <secret>
	4		SHARED_PIN		: PIN <secret>

TABLE peer_configs

'''auth_method''' defined in [browser:trunk/src/charon/config/peer_cfg.h#L87 peer_cfg.h]

	1		CONF_AUTH_PUBKEY		authentication using public key		authby=''rsasig'', authby=''ecdsasig''
	2		CONF_AUTH_PSK		authentication using pre-shared secret		authby=''psk''
	3		CONF_AUTH_EAP		authentication using EAP		authby=''eap''

TABLE traffic_selectors

'''type''' defined in [browser:trunk/src/charon/config/traffic_selector.h#L37 traffic_selector.h]

	7		TS_IPV4_ADDR_RANGE
	8		TS_IPV6_ADDR_RANGE