Imported Upstream version 5.0.3

6 files changed, 173 insertions, 9 deletions

diff --git a/src/libstrongswan/plugins/dnskey/Makefile.am b/src/libstrongswan/plugins/dnskey/Makefile.am
index fbba95e0a..0f2e554c1 100644
--- a/src/libstrongswan/plugins/dnskey/Makefile.am
+++ b/src/libstrongswan/plugins/dnskey/Makefile.am
@@ -11,6 +11,7 @@ endif
 
 libstrongswan_dnskey_la_SOURCES = \
 	dnskey_plugin.h dnskey_plugin.c \
-	dnskey_builder.h dnskey_builder.c
+	dnskey_builder.h dnskey_builder.c \
+	dnskey_encoder.h dnskey_encoder.c
 
 libstrongswan_dnskey_la_LDFLAGS = -module -avoid-version
diff --git a/src/libstrongswan/plugins/dnskey/Makefile.in b/src/libstrongswan/plugins/dnskey/Makefile.in
index d49cac8a7..c30dcb530 100644
--- a/src/libstrongswan/plugins/dnskey/Makefile.in
+++ b/src/libstrongswan/plugins/dnskey/Makefile.in
@@ -1,4 +1,4 @@
-# Makefile.in generated by automake 1.11.3 from Makefile.am.
+# Makefile.in generated by automake 1.11.6 from Makefile.am.
 # @configure_input@
 
 # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
@@ -16,6 +16,23 @@
 @SET_MAKE@
 
 VPATH = @srcdir@
+am__make_dryrun = \
+  { \
+    am__dry=no; \
+    case $$MAKEFLAGS in \
+      *\\[\ \	]*) \
+        echo 'am--echo: ; @echo "AM"  OK' | $(MAKE) -f - 2>/dev/null \
+          | grep '^AM OK$$' >/dev/null || am__dry=yes;; \
+      *) \
+        for am__flg in $$MAKEFLAGS; do \
+          case $$am__flg in \
+            *=*|--*) ;; \
+            *n*) am__dry=yes; break;; \
+          esac; \
+        done;; \
+    esac; \
+    test $$am__dry = yes; \
+  }
 pkgdatadir = $(datadir)/@PACKAGE@
 pkgincludedir = $(includedir)/@PACKAGE@
 pkglibdir = $(libdir)/@PACKAGE@
@@ -83,7 +100,7 @@ am__installdirs = "$(DESTDIR)$(plugindir)"
 LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES)
 libstrongswan_dnskey_la_LIBADD =
 am_libstrongswan_dnskey_la_OBJECTS = dnskey_plugin.lo \
-	dnskey_builder.lo
+	dnskey_builder.lo dnskey_encoder.lo
 libstrongswan_dnskey_la_OBJECTS =  \
 	$(am_libstrongswan_dnskey_la_OBJECTS)
 libstrongswan_dnskey_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \
@@ -107,6 +124,11 @@ LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
 	$(LDFLAGS) -o $@
 SOURCES = $(libstrongswan_dnskey_la_SOURCES)
 DIST_SOURCES = $(libstrongswan_dnskey_la_SOURCES)
+am__can_run_installinfo = \
+  case $$AM_UPDATE_INFO_DIR in \
+    n|no|NO) false;; \
+    *) (install-info --version) >/dev/null 2>&1;; \
+  esac
 ETAGS = etags
 CTAGS = ctags
 DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
@@ -123,6 +145,8 @@ BTLIB = @BTLIB@
 CC = @CC@
 CCDEPMODE = @CCDEPMODE@
 CFLAGS = @CFLAGS@
+CHECK_CFLAGS = @CHECK_CFLAGS@
+CHECK_LIBS = @CHECK_LIBS@
 CPP = @CPP@
 CPPFLAGS = @CPPFLAGS@
 CYGPATH_W = @CYGPATH_W@
@@ -139,6 +163,7 @@ EGREP = @EGREP@
 EXEEXT = @EXEEXT@
 FGREP = @FGREP@
 GPERF = @GPERF@
+GPRBUILD = @GPRBUILD@
 GREP = @GREP@
 INSTALL = @INSTALL@
 INSTALL_DATA = @INSTALL_DATA@
@@ -207,8 +232,6 @@ am__quote = @am__quote@
 am__tar = @am__tar@
 am__untar = @am__untar@
 attest_plugins = @attest_plugins@
-axis2c_CFLAGS = @axis2c_CFLAGS@
-axis2c_LIBS = @axis2c_LIBS@
 bindir = @bindir@
 build = @build@
 build_alias = @build_alias@
@@ -264,7 +287,6 @@ nm_ca_dir = @nm_ca_dir@
 nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
 openac_plugins = @openac_plugins@
-p_plugins = @p_plugins@
 pcsclite_CFLAGS = @pcsclite_CFLAGS@
 pcsclite_LIBS = @pcsclite_LIBS@
 pdfdir = @pdfdir@
@@ -304,7 +326,8 @@ AM_CFLAGS = -rdynamic
 @MONOLITHIC_FALSE@plugin_LTLIBRARIES = libstrongswan-dnskey.la
 libstrongswan_dnskey_la_SOURCES = \
 	dnskey_plugin.h dnskey_plugin.c \
-	dnskey_builder.h dnskey_builder.c
+	dnskey_builder.h dnskey_builder.c \
+	dnskey_encoder.h dnskey_encoder.c
 
 libstrongswan_dnskey_la_LDFLAGS = -module -avoid-version
 all: all-am
@@ -352,7 +375,6 @@ clean-noinstLTLIBRARIES:
 	done
 install-pluginLTLIBRARIES: $(plugin_LTLIBRARIES)
 	@$(NORMAL_INSTALL)
-	test -z "$(plugindir)" || $(MKDIR_P) "$(DESTDIR)$(plugindir)"
 	@list='$(plugin_LTLIBRARIES)'; test -n "$(plugindir)" || list=; \
 	list2=; for p in $$list; do \
 	  if test -f $$p; then \
@@ -360,6 +382,8 @@ install-pluginLTLIBRARIES: $(plugin_LTLIBRARIES)
 	  else :; fi; \
 	done; \
 	test -z "$$list2" || { \
+	  echo " $(MKDIR_P) '$(DESTDIR)$(plugindir)'"; \
+	  $(MKDIR_P) "$(DESTDIR)$(plugindir)" || exit 1; \
 	  echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 '$(DESTDIR)$(plugindir)'"; \
 	  $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 "$(DESTDIR)$(plugindir)"; \
 	}
@@ -391,6 +415,7 @@ distclean-compile:
 	-rm -f *.tab.c
 
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/dnskey_builder.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/dnskey_encoder.Plo@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/dnskey_plugin.Plo@am__quote@
 
 .c.o:
diff --git a/src/libstrongswan/plugins/dnskey/dnskey_builder.c b/src/libstrongswan/plugins/dnskey/dnskey_builder.c
index b8a451500..71040437d 100644
--- a/src/libstrongswan/plugins/dnskey/dnskey_builder.c
+++ b/src/libstrongswan/plugins/dnskey/dnskey_builder.c
@@ -39,8 +39,14 @@ enum dnskey_algorithm_t {
 	DNSKEY_ALG_RSA_MD5 = 1,
 	DNSKEY_ALG_DH = 2,
 	DNSKEY_ALG_DSA = 3,
-	DNSKEY_ALG_ECC = 4,
 	DNSKEY_ALG_RSA_SHA1 = 5,
+	DNSKEY_ALG_DSA_NSEC3_SHA1 = 6,
+	DNSKEY_ALG_RSA_SHA1_NSEC3_SHA1 = 7,
+	DNSKEY_ALG_RSA_SHA256 = 8,
+	DNSKEY_ALG_RSA_SHA512 = 10,
+	DNSKEY_ALG_ECC_GOST = 12,
+	DNSKEY_ALG_ECDSA_P256_SHA256 = 13,
+	DNSKEY_ALG_ECDSA_P384_SHA384 = 14
 };
 
 /**
@@ -59,7 +65,11 @@ static dnskey_public_key_t *parse_public_key(chunk_t blob)
 
 	switch (rr->algorithm)
 	{
+		case DNSKEY_ALG_RSA_MD5:
 		case DNSKEY_ALG_RSA_SHA1:
+		case DNSKEY_ALG_RSA_SHA1_NSEC3_SHA1:
+		case DNSKEY_ALG_RSA_SHA256:
+		case DNSKEY_ALG_RSA_SHA512:
 			return lib->creds->create(lib->creds, CRED_PUBLIC_KEY, KEY_RSA,
 									  BUILD_BLOB_DNSKEY, blob, BUILD_END);
 		default:
diff --git a/src/libstrongswan/plugins/dnskey/dnskey_encoder.c b/src/libstrongswan/plugins/dnskey/dnskey_encoder.c
new file mode 100644
index 000000000..3214f3899
--- /dev/null
+++ b/src/libstrongswan/plugins/dnskey/dnskey_encoder.c
@@ -0,0 +1,91 @@
+/*
+ * Copyright (C) 2013 Andreas Steffen
+ * HSR Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+#include "dnskey_encoder.h"
+
+#include <utils/debug.h>
+
+/**
+ * Encode an RSA public key in DNSKEY format (RFC 3110)
+ */
+static bool build_pub(chunk_t *encoding, va_list args)
+{
+	chunk_t n, e, pubkey;
+	size_t exp_len;
+	u_char *pos;
+
+	if (cred_encoding_args(args, CRED_PART_RSA_MODULUS, &n,
+						   CRED_PART_RSA_PUB_EXP, &e, CRED_PART_END))
+	{
+		/* remove leading zeros in exponent and modulus */
+		while (*e.ptr == 0)
+		{
+			e = chunk_skip(e, 1);
+		}
+		while (*n.ptr == 0)
+		{
+			n = chunk_skip(n, 1);
+		}
+
+		if (e.len < 256)
+		{
+			/* exponent length fits into a single octet */
+			exp_len = 1;
+			pubkey = chunk_alloc(exp_len + e.len + n.len);
+			pubkey.ptr[0] = (char)e.len;
+		}
+		else if (e.len < 65536)
+		{
+			/* exponent length fits into two octets preceded by zero octet */
+			exp_len = 3;
+			pubkey = chunk_alloc(exp_len + e.len + n.len);
+			pubkey.ptr[0] = 0x00;
+			htoun16(pubkey.ptr + 1, e.len);
+		}
+		else
+		{
+			/* exponent length is too large */
+			return FALSE;
+		}
+
+		/* copy exponent and modulus and convert to base64 format */
+		pos = pubkey.ptr + exp_len;
+		memcpy(pos, e.ptr, e.len);
+		pos += e.len;
+		memcpy(pos, n.ptr, n.len);
+		*encoding = chunk_to_base64(pubkey, NULL);
+		chunk_free(&pubkey);
+
+		return TRUE;
+	}
+	return FALSE;
+}
+
+/**
+ * See header.
+ */
+bool dnskey_encoder_encode(cred_encoding_type_t type, chunk_t *encoding,
+						   va_list args)
+{
+	switch (type)
+	{
+		case PUBKEY_DNSKEY:
+			return build_pub(encoding, args);
+		default:
+			return FALSE;
+	}
+}
+
+
diff --git a/src/libstrongswan/plugins/dnskey/dnskey_encoder.h b/src/libstrongswan/plugins/dnskey/dnskey_encoder.h
new file mode 100644
index 000000000..127260308
--- /dev/null
+++ b/src/libstrongswan/plugins/dnskey/dnskey_encoder.h
@@ -0,0 +1,32 @@
+/*
+ * Copyright (C) 2013 Andreas Steffen
+ * HSR Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+/**
+ * @defgroup dnskey_encoder dnskey_encoder
+ * @{ @ingroup dnskey_p
+ */
+
+#ifndef DNSKEY_ENCODER_H_
+#define DNSKEY_ENCODER_H_
+
+#include <credentials/cred_encoding.h>
+
+/**
+ * Encoding function for DNSKEY (RFC 3110) public key format.
+ */
+bool dnskey_encoder_encode(cred_encoding_type_t type, chunk_t *encoding,
+						  va_list args);
+
+#endif /** DNSKEY_ENCODER_H_ @}*/
diff --git a/src/libstrongswan/plugins/dnskey/dnskey_plugin.c b/src/libstrongswan/plugins/dnskey/dnskey_plugin.c
index b6863e8e3..9a4f6252f 100644
--- a/src/libstrongswan/plugins/dnskey/dnskey_plugin.c
+++ b/src/libstrongswan/plugins/dnskey/dnskey_plugin.c
@@ -17,6 +17,7 @@
 
 #include <library.h>
 #include "dnskey_builder.h"
+#include "dnskey_encoder.h"
 
 typedef struct private_dnskey_plugin_t private_dnskey_plugin_t;
 
@@ -53,6 +54,8 @@ METHOD(plugin_t, get_features, int,
 METHOD(plugin_t, destroy, void,
 	private_dnskey_plugin_t *this)
 {
+	lib->encoding->remove_encoder(lib->encoding, dnskey_encoder_encode);
+
 	free(this);
 }
 
@@ -73,6 +76,8 @@ plugin_t *dnskey_plugin_create()
 		},
 	);
 
+	lib->encoding->add_encoder(lib->encoding, dnskey_encoder_encode);
+
 	return &this->public.plugin;
 }