SQLite HOWTO » History » Version 9
Version 8 (Martin Willi, 30.06.2008 08:28) → Version 9/28 (Martin Willi, 30.06.2008 08:28)
h1. = SQLite HOWTO
=
SQLite tables defined in [browser:trunk/testing/hosts/default/etc/ipsec.d/tables.sql tables.sql]
h2.
== TABLE identities
*type* ==
'''type''' defined in [browser:trunk/src/libstrongswan/utils/identification.h#L58 identification.h]
|| 0||ID_ANY ||matches any id ||right=_%any_ ||right=''%any'' ||
|| 1||ID_IPV4_ADDR ||IPv4 address ||right=_192.168.0.1_ ||right=''192.168.0.1'' ||
|| 2||ID_FQDN ||fully qualified domain name ||right=_@moon.strongswan.org_ ||right=''@moon.strongswan.org'' ||
|| 3||ID_RFC822_ADDR ||RFC822 email address ||right=_carol@strongswan.org_ ||right=''carol@strongswan.org'' ||
|| 5||ID_IPV6_ADDR ||IPv6 address ||right=_fec0::1_ ||right=''fec0::1'' ||
|| 9||ID_DER_ASN1_DN ||ASN.1 distinguished name ||right=_C=CH, ||right=''C=CH, O=Linux strongSwan, CN=moon.strongswan.org_|| CN=moon.strongswan.org''||
|| 11||ID_KEY_ID ||opaque octet string ||right=_@#e5e410876c2ac4bead854942a6de7658303a9fc1_ ||right=''@#e5e410876c2ac4bead854942a6de7658303a9fc1'' ||
||202||ID_PUBKEY_INFO_SHA1||SHA-1 hash over subjectPublicKeyInfo|| ||
||203||ID_PUBKEY_SHA1 ||SHA-1 hash over subjectPublicKey || ||
*ID_ANY*: '''ID_ANY''': scripts/id2sql "%any"
<pre>
{{{
INSERT INTO identities (
type, data
) VALUES (
0, X_ X''
);
</pre>
*ID_IPV4_ADDR*: }}}
'''ID_IPV4_ADDR''': scripts/id2sql "192.168.0.1"
<pre>
{{{
INSERT INTO identities (
type, data
) VALUES (
1, X'c0a80001'
);
</pre>
*ID_FQDN*: }}}
'''ID_FQDN''': scripts/id2sql "@moon.strongswan.org"
<pre>
{{{
INSERT INTO identities (
type, data
) VALUES (
2, X'6d6f6f6e2e7374726f6e677377616e2e6f7267'
);
</pre>
*ID_RFC822_ADDR*: }}}
'''ID_RFC822_ADDR''': scripts/id2sql "carol@strongswan.org"
<pre>
{{{
INSERT INTO identities (
type, data
) VALUES (
3, X'6361726f6c407374726f6e677377616e2e6f7267'
);
</pre>
*ID_IPV6_ADDR*: }}}
'''ID_IPV6_ADDR''': scripts/id2sql "fec0::1"
<pre>
{{{
INSERT INTO identities (
type, data
) VALUES (
5, X'fec00000000000000000000000000001'
);
</pre>
*ID_DER_ASN1_DN*: }}}
'''ID_DER_ASN1_DN''': scripts/id2sql "C=CH, O=Linux strongSwan, CN=moon.strongswan.org"
<pre>
{{{
INSERT INTO identities (
type, data
) VALUES (
9, X'3046310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311c301a060355040313136d6f6f6e2e7374726f6e677377616e2e6f7267'
);
</pre>
*ID_KEY_ID*: }}}
'''ID_KEY_ID''': scripts/id2sql "@#e5e410876c2ac4bead854942a6de7658303a9fc1"
<pre>
{{{
INSERT INTO identities (
type, data
) VALUES (
11, X'e5e410876c2ac4bead854942a6de7658303a9fc1'
);
</pre>
*ID_PUBKEY_INFO_SHA1*: }}}
'''ID_PUBKEY_INFO_SHA1''': scripts/key2keyid moonKey.der
<pre>
{{{
INSERT INTO identities (
type, data
) VALUES (
202, X'd70dbd46d5133519064f12f100525ead0802ca95'
);
</pre>
*ID_PUBKEY_SHA1*: }}}
'''ID_PUBKEY_SHA1''': scripts/key2keyid moonKey.der
<pre>
{{{
INSERT INTO identities (
type, data
) VALUES (
203, X'e5e410876c2ac4bead854942a6de7658303a9fc1'
);
</pre>
h2. }}}
== TABLE private_keys
*type* ==
'''type''' defined in [browser:trunk/src/libstrongswan/credentials/keys/public_key.h#L37 public_key.h]
||1||KEY_RSA ||RSA key in PKCS!#1 format ||
||2||KEY_ECDSA||ECDSA key in ANSI X9.62 format||
h2.
== TABLE certificates
*type* ==
'''type''' defined in [browser:trunk/src/libstrongswan/credentials/certificates/certificate.h#L35 certificate.h]
||1||CERT_X509 ||X.509 certificate ||
||2||CERT_X509_CRL ||X.509 certificate revocation list||
||5||CERT_X509_AC ||X.509 attribute certificate ||
||6||CERT_TRUSTED_PUBKEY||trusted public key ||
*keytype* '''keytype''' defined in [browser:trunk/src/libstrongswan/credentials/keys/public_key.h#L37 public_key.h]
h2.
== TABLE shared_secrets
*type* ==
'''type''' defined in [browser:trunk/src/libstrongswan/credentials/keys/shared_key.h#L33 shared_key.h]
||1||SHARED_IKE||: PSK <secret> ||
||2||SHARED_EAP||: EAP <secret> ||
||3||SHARED_PRIVATE_KEY_PASS||: RSA <keyfile> <secret>||
||4||SHARED_PIN||: PIN <secret> ||
h2.
== TABLE peer_configs
*auth_method* ==
'''auth_method''' defined in [browser:trunk/src/charon/config/peer_cfg.h#L87 peer_cfg.h]
||1||CONF_AUTH_PUBKEY||authentication using public key ||authby=_rsasig_, authby=_ecdsasig_|| ||authby=''rsasig'', authby=''ecdsasig''||
||2||CONF_AUTH_PSK ||authentication using pre-shared secret||authby=_psk_ secret||authby=''psk'' ||
||3||CONF_AUTH_EAP ||authentication using EAP ||authby=_eap_ ||authby=''eap'' ||
*eap_type* '''eap_type''' defined in [browser:trunk/src/charon/sa/authenticators/eap/eap_method.h#L50 eap_method.h]
|| 4||EAP_MD5||
||18||EAP_SIM||
||23||EAP_AKA||
h2.
== TABLE traffic_selectors
*type* ==
'''type''' defined in [browser:trunk/src/charon/config/traffic_selector.h#L37 traffic_selector.h]
||7||TS_IPV4_ADDR_RANGE||
||8||TS_IPV6_ADDR_RANGE||