diff options
author | Yves-Alexis Perez <corsac@corsac.net> | 2012-06-28 21:16:07 +0200 |
---|---|---|
committer | Yves-Alexis Perez <corsac@corsac.net> | 2012-06-28 21:16:07 +0200 |
commit | b34738ed08c2227300d554b139e2495ca5da97d6 (patch) | |
tree | 62f33b52820f2e49f0e53c0f8c636312037c8054 /src/libstrongswan/plugins/pgp/pgp_cert.c | |
parent | 0a9d51a49042a68daa15b0c74a2b7f152f52606b (diff) | |
download | vyos-strongswan-b34738ed08c2227300d554b139e2495ca5da97d6.tar.gz vyos-strongswan-b34738ed08c2227300d554b139e2495ca5da97d6.zip |
Imported Upstream version 4.6.4
Diffstat (limited to 'src/libstrongswan/plugins/pgp/pgp_cert.c')
-rw-r--r-- | src/libstrongswan/plugins/pgp/pgp_cert.c | 156 |
1 files changed, 64 insertions, 92 deletions
diff --git a/src/libstrongswan/plugins/pgp/pgp_cert.c b/src/libstrongswan/plugins/pgp/pgp_cert.c index 5b21b46d4..70a236855 100644 --- a/src/libstrongswan/plugins/pgp/pgp_cert.c +++ b/src/libstrongswan/plugins/pgp/pgp_cert.c @@ -74,35 +74,26 @@ struct private_pgp_cert_t { }; -/** - * Implementation of certificate_t.get_type - */ -static certificate_type_t get_type(private_pgp_cert_t *this) +METHOD(certificate_t, get_type, certificate_type_t, + private_pgp_cert_t *this) { return CERT_GPG; } -/** - * Implementation of certificate_t.get_subject - */ -static identification_t* get_subject(private_pgp_cert_t *this) +METHOD(certificate_t, get_subject,identification_t*, + private_pgp_cert_t *this) { return this->user_id; } -/** - * Implementation of certificate_t.get_issuer - */ -static identification_t* get_issuer(private_pgp_cert_t *this) +METHOD(certificate_t, get_issuer, identification_t*, + private_pgp_cert_t *this) { return this->user_id; } -/** - * Implementation of certificate_t.has_subject. - */ -static id_match_t has_subject(private_pgp_cert_t *this, - identification_t *subject) +METHOD(certificate_t, has_subject, id_match_t, + private_pgp_cert_t *this, identification_t *subject) { id_match_t match_user_id; @@ -116,46 +107,36 @@ static id_match_t has_subject(private_pgp_cert_t *this, return match_user_id; } -/** - * Implementation of certificate_t.has_subject. - */ -static id_match_t has_issuer(private_pgp_cert_t *this, identification_t *issuer) +METHOD(certificate_t, has_issuer, id_match_t, + private_pgp_cert_t *this, identification_t *issuer) { return ID_MATCH_NONE; } -/** - * Implementation of certificate_t.issued_by - */ -static bool issued_by(private_pgp_cert_t *this, certificate_t *issuer) +METHOD(certificate_t, issued_by,bool, + private_pgp_cert_t *this, certificate_t *issuer) { /* TODO: check signature blobs for a valid signature */ return FALSE; } -/** - * Implementation of certificate_t.get_public_key - */ -static public_key_t* get_public_key(private_pgp_cert_t *this) +METHOD(certificate_t, get_public_key, public_key_t*, + private_pgp_cert_t *this) { this->key->get_ref(this->key); return this->key; } -/** - * Implementation of certificate_t.get_ref - */ -static private_pgp_cert_t* get_ref(private_pgp_cert_t *this) +METHOD(certificate_t, get_ref, certificate_t*, + private_pgp_cert_t *this) { ref_get(&this->ref); - return this; + return &this->public.interface.interface; } -/** - * Implementation of certificate_t.get_validity. - */ -static bool get_validity(private_pgp_cert_t *this, time_t *when, - time_t *not_before, time_t *not_after) +METHOD(certificate_t, get_validity, bool, + private_pgp_cert_t *this, time_t *when, time_t *not_before, + time_t *not_after) { time_t t, until; @@ -187,11 +168,8 @@ static bool get_validity(private_pgp_cert_t *this, time_t *when, return (t >= this->valid && t <= until); } -/** - * Implementation of certificate_t.get_encoding. - */ -static bool get_encoding(private_pgp_cert_t *this, cred_encoding_type_t type, - chunk_t *encoding) +METHOD(certificate_t, get_encoding, bool, + private_pgp_cert_t *this, cred_encoding_type_t type, chunk_t *encoding) { if (type == CERT_PGP_PKT) { @@ -202,10 +180,8 @@ static bool get_encoding(private_pgp_cert_t *this, cred_encoding_type_t type, CRED_PART_PGP_CERT, this->encoding, CRED_PART_END); } -/** - * Implementation of certificate_t.equals. - */ -static bool equals(private_pgp_cert_t *this, certificate_t *other) +METHOD(certificate_t, equals, bool, + private_pgp_cert_t *this, certificate_t *other) { chunk_t encoding; bool equal; @@ -231,10 +207,8 @@ static bool equals(private_pgp_cert_t *this, certificate_t *other) return equal; } -/** - * Implementation of pgp_cert_t.destroy. - */ -static void destroy(private_pgp_cert_t *this) +METHOD(certificate_t, destroy, void, + private_pgp_cert_t *this) { if (ref_put(&this->ref)) { @@ -246,10 +220,8 @@ static void destroy(private_pgp_cert_t *this) } } -/** - * Implementation of pgp_certificate_t.get_fingerprint. - */ -static chunk_t get_fingerprint(private_pgp_cert_t *this) +METHOD(pgp_certificate_t, get_fingerprint, chunk_t, + private_pgp_cert_t *this) { return this->fingerprint; } @@ -259,30 +231,30 @@ static chunk_t get_fingerprint(private_pgp_cert_t *this) */ private_pgp_cert_t *create_empty() { - private_pgp_cert_t *this = malloc_thing(private_pgp_cert_t); - - this->public.interface.interface.get_type = (certificate_type_t (*) (certificate_t*))get_type; - this->public.interface.interface.get_subject = (identification_t* (*) (certificate_t*))get_subject; - this->public.interface.interface.get_issuer = (identification_t* (*) (certificate_t*))get_issuer; - this->public.interface.interface.has_subject = (id_match_t (*) (certificate_t*, identification_t*))has_subject; - this->public.interface.interface.has_issuer = (id_match_t (*) (certificate_t*, identification_t*))has_issuer; - this->public.interface.interface.issued_by = (bool (*) (certificate_t*, certificate_t*))issued_by; - this->public.interface.interface.get_public_key = (public_key_t* (*) (certificate_t*))get_public_key; - this->public.interface.interface.get_validity = (bool (*) (certificate_t*, time_t*, time_t*, time_t*))get_validity; - this->public.interface.interface.get_encoding = (bool (*) (certificate_t*,cred_encoding_type_t,chunk_t*))get_encoding; - this->public.interface.interface.equals = (bool (*)(certificate_t*, certificate_t*))equals; - this->public.interface.interface.get_ref = (certificate_t* (*)(certificate_t*))get_ref; - this->public.interface.interface.destroy = (void (*)(certificate_t*))destroy; - this->public.interface.get_fingerprint = (chunk_t (*)(pgp_certificate_t*))get_fingerprint; - - this->key = NULL; - this->version = 0; - this->created = 0; - this->valid = 0; - this->user_id = NULL; - this->fingerprint = chunk_empty; - this->encoding = chunk_empty; - this->ref = 1; + private_pgp_cert_t *this; + + INIT(this, + .public = { + .interface = { + .interface = { + .get_type = _get_type, + .get_subject = _get_subject, + .get_issuer = _get_issuer, + .has_subject = _has_subject, + .has_issuer = _has_issuer, + .issued_by = _issued_by, + .get_public_key = _get_public_key, + .get_validity = _get_validity, + .get_encoding = _get_encoding, + .equals = _equals, + .get_ref = _get_ref, + .destroy = _destroy, + }, + .get_fingerprint = _get_fingerprint, + }, + }, + .ref = 1, + ); return this; } @@ -314,18 +286,18 @@ static bool parse_public_key(private_pgp_cert_t *this, chunk_t packet) } break; default: - DBG1(DBG_LIB, "PGP packet version V%d not supported", + DBG1(DBG_ASN, "PGP packet version V%d not supported", this->version); return FALSE; } if (this->valid) { - DBG2(DBG_LIB, "L2 - created %T, valid %d days", &this->created, FALSE, + DBG2(DBG_ASN, "L2 - created %T, valid %d days", &this->created, FALSE, this->valid); } else { - DBG2(DBG_LIB, "L2 - created %T, never expires", &this->created, FALSE); + DBG2(DBG_ASN, "L2 - created %T, never expires", &this->created, FALSE); } DESTROY_IF(this->key); this->key = lib->creds->create(lib->creds, CRED_PUBLIC_KEY, KEY_ANY, @@ -346,13 +318,13 @@ static bool parse_public_key(private_pgp_cert_t *this, chunk_t packet) hasher = lib->crypto->create_hasher(lib->crypto, HASH_SHA1); if (hasher == NULL) { - DBG1(DBG_LIB, "no SHA-1 hasher available"); + DBG1(DBG_ASN, "no SHA-1 hasher available"); return FALSE; } hasher->allocate_hash(hasher, pubkey_packet_header, NULL); hasher->allocate_hash(hasher, pubkey_packet, &this->fingerprint); hasher->destroy(hasher); - DBG2(DBG_LIB, "L2 - v4 fingerprint %#B", &this->fingerprint); + DBG2(DBG_ASN, "L2 - v4 fingerprint %#B", &this->fingerprint); } else { @@ -363,7 +335,7 @@ static bool parse_public_key(private_pgp_cert_t *this, chunk_t packet) return FALSE; } this->fingerprint = chunk_clone(this->fingerprint); - DBG2(DBG_LIB, "L2 - v3 fingerprint %#B", &this->fingerprint); + DBG2(DBG_ASN, "L2 - v3 fingerprint %#B", &this->fingerprint); } return TRUE; } @@ -383,7 +355,7 @@ static bool parse_signature(private_pgp_cert_t *this, chunk_t packet) /* we parse only v3 or v4 signature packets */ if (version != 3 && version != 4) { - DBG2(DBG_LIB, "L2 - v%d signature ignored", version); + DBG2(DBG_ASN, "L2 - v%d signature ignored", version); return TRUE; } if (version == 4) @@ -392,7 +364,7 @@ static bool parse_signature(private_pgp_cert_t *this, chunk_t packet) { return FALSE; } - DBG2(DBG_LIB, "L2 - v%d signature of type 0x%02x", version, type); + DBG2(DBG_ASN, "L2 - v%d signature of type 0x%02x", version, type); } else { @@ -405,7 +377,7 @@ static bool parse_signature(private_pgp_cert_t *this, chunk_t packet) { return FALSE; } - DBG2(DBG_LIB, "L2 - v3 signature of type 0x%02x, created %T", type, + DBG2(DBG_ASN, "L2 - v3 signature of type 0x%02x, created %T", type, &created, FALSE); } /* TODO: parse and save signature to a list */ @@ -419,7 +391,7 @@ static bool parse_user_id(private_pgp_cert_t *this, chunk_t packet) { DESTROY_IF(this->user_id); this->user_id = identification_create_from_encoding(ID_KEY_ID, packet); - DBG2(DBG_LIB, "L2 - '%Y'", this->user_id); + DBG2(DBG_ASN, "L2 - '%Y'", this->user_id); return TRUE; } @@ -469,14 +441,14 @@ pgp_cert_t *pgp_cert_load(certificate_type_t type, va_list args) if (!parse_signature(this, packet)) { destroy(this); - return FALSE; + return NULL; } break; case PGP_PKT_USER_ID: if (!parse_user_id(this, packet)) { destroy(this); - return FALSE; + return NULL; } break; default: |