summaryrefslogtreecommitdiff
path: root/src/libstrongswan/plugins/pgp/pgp_cert.c
diff options
context:
space:
mode:
authorYves-Alexis Perez <corsac@corsac.net>2012-06-28 21:16:07 +0200
committerYves-Alexis Perez <corsac@corsac.net>2012-06-28 21:16:07 +0200
commitb34738ed08c2227300d554b139e2495ca5da97d6 (patch)
tree62f33b52820f2e49f0e53c0f8c636312037c8054 /src/libstrongswan/plugins/pgp/pgp_cert.c
parent0a9d51a49042a68daa15b0c74a2b7f152f52606b (diff)
downloadvyos-strongswan-b34738ed08c2227300d554b139e2495ca5da97d6.tar.gz
vyos-strongswan-b34738ed08c2227300d554b139e2495ca5da97d6.zip
Imported Upstream version 4.6.4
Diffstat (limited to 'src/libstrongswan/plugins/pgp/pgp_cert.c')
-rw-r--r--src/libstrongswan/plugins/pgp/pgp_cert.c156
1 files changed, 64 insertions, 92 deletions
diff --git a/src/libstrongswan/plugins/pgp/pgp_cert.c b/src/libstrongswan/plugins/pgp/pgp_cert.c
index 5b21b46d4..70a236855 100644
--- a/src/libstrongswan/plugins/pgp/pgp_cert.c
+++ b/src/libstrongswan/plugins/pgp/pgp_cert.c
@@ -74,35 +74,26 @@ struct private_pgp_cert_t {
};
-/**
- * Implementation of certificate_t.get_type
- */
-static certificate_type_t get_type(private_pgp_cert_t *this)
+METHOD(certificate_t, get_type, certificate_type_t,
+ private_pgp_cert_t *this)
{
return CERT_GPG;
}
-/**
- * Implementation of certificate_t.get_subject
- */
-static identification_t* get_subject(private_pgp_cert_t *this)
+METHOD(certificate_t, get_subject,identification_t*,
+ private_pgp_cert_t *this)
{
return this->user_id;
}
-/**
- * Implementation of certificate_t.get_issuer
- */
-static identification_t* get_issuer(private_pgp_cert_t *this)
+METHOD(certificate_t, get_issuer, identification_t*,
+ private_pgp_cert_t *this)
{
return this->user_id;
}
-/**
- * Implementation of certificate_t.has_subject.
- */
-static id_match_t has_subject(private_pgp_cert_t *this,
- identification_t *subject)
+METHOD(certificate_t, has_subject, id_match_t,
+ private_pgp_cert_t *this, identification_t *subject)
{
id_match_t match_user_id;
@@ -116,46 +107,36 @@ static id_match_t has_subject(private_pgp_cert_t *this,
return match_user_id;
}
-/**
- * Implementation of certificate_t.has_subject.
- */
-static id_match_t has_issuer(private_pgp_cert_t *this, identification_t *issuer)
+METHOD(certificate_t, has_issuer, id_match_t,
+ private_pgp_cert_t *this, identification_t *issuer)
{
return ID_MATCH_NONE;
}
-/**
- * Implementation of certificate_t.issued_by
- */
-static bool issued_by(private_pgp_cert_t *this, certificate_t *issuer)
+METHOD(certificate_t, issued_by,bool,
+ private_pgp_cert_t *this, certificate_t *issuer)
{
/* TODO: check signature blobs for a valid signature */
return FALSE;
}
-/**
- * Implementation of certificate_t.get_public_key
- */
-static public_key_t* get_public_key(private_pgp_cert_t *this)
+METHOD(certificate_t, get_public_key, public_key_t*,
+ private_pgp_cert_t *this)
{
this->key->get_ref(this->key);
return this->key;
}
-/**
- * Implementation of certificate_t.get_ref
- */
-static private_pgp_cert_t* get_ref(private_pgp_cert_t *this)
+METHOD(certificate_t, get_ref, certificate_t*,
+ private_pgp_cert_t *this)
{
ref_get(&this->ref);
- return this;
+ return &this->public.interface.interface;
}
-/**
- * Implementation of certificate_t.get_validity.
- */
-static bool get_validity(private_pgp_cert_t *this, time_t *when,
- time_t *not_before, time_t *not_after)
+METHOD(certificate_t, get_validity, bool,
+ private_pgp_cert_t *this, time_t *when, time_t *not_before,
+ time_t *not_after)
{
time_t t, until;
@@ -187,11 +168,8 @@ static bool get_validity(private_pgp_cert_t *this, time_t *when,
return (t >= this->valid && t <= until);
}
-/**
- * Implementation of certificate_t.get_encoding.
- */
-static bool get_encoding(private_pgp_cert_t *this, cred_encoding_type_t type,
- chunk_t *encoding)
+METHOD(certificate_t, get_encoding, bool,
+ private_pgp_cert_t *this, cred_encoding_type_t type, chunk_t *encoding)
{
if (type == CERT_PGP_PKT)
{
@@ -202,10 +180,8 @@ static bool get_encoding(private_pgp_cert_t *this, cred_encoding_type_t type,
CRED_PART_PGP_CERT, this->encoding, CRED_PART_END);
}
-/**
- * Implementation of certificate_t.equals.
- */
-static bool equals(private_pgp_cert_t *this, certificate_t *other)
+METHOD(certificate_t, equals, bool,
+ private_pgp_cert_t *this, certificate_t *other)
{
chunk_t encoding;
bool equal;
@@ -231,10 +207,8 @@ static bool equals(private_pgp_cert_t *this, certificate_t *other)
return equal;
}
-/**
- * Implementation of pgp_cert_t.destroy.
- */
-static void destroy(private_pgp_cert_t *this)
+METHOD(certificate_t, destroy, void,
+ private_pgp_cert_t *this)
{
if (ref_put(&this->ref))
{
@@ -246,10 +220,8 @@ static void destroy(private_pgp_cert_t *this)
}
}
-/**
- * Implementation of pgp_certificate_t.get_fingerprint.
- */
-static chunk_t get_fingerprint(private_pgp_cert_t *this)
+METHOD(pgp_certificate_t, get_fingerprint, chunk_t,
+ private_pgp_cert_t *this)
{
return this->fingerprint;
}
@@ -259,30 +231,30 @@ static chunk_t get_fingerprint(private_pgp_cert_t *this)
*/
private_pgp_cert_t *create_empty()
{
- private_pgp_cert_t *this = malloc_thing(private_pgp_cert_t);
-
- this->public.interface.interface.get_type = (certificate_type_t (*) (certificate_t*))get_type;
- this->public.interface.interface.get_subject = (identification_t* (*) (certificate_t*))get_subject;
- this->public.interface.interface.get_issuer = (identification_t* (*) (certificate_t*))get_issuer;
- this->public.interface.interface.has_subject = (id_match_t (*) (certificate_t*, identification_t*))has_subject;
- this->public.interface.interface.has_issuer = (id_match_t (*) (certificate_t*, identification_t*))has_issuer;
- this->public.interface.interface.issued_by = (bool (*) (certificate_t*, certificate_t*))issued_by;
- this->public.interface.interface.get_public_key = (public_key_t* (*) (certificate_t*))get_public_key;
- this->public.interface.interface.get_validity = (bool (*) (certificate_t*, time_t*, time_t*, time_t*))get_validity;
- this->public.interface.interface.get_encoding = (bool (*) (certificate_t*,cred_encoding_type_t,chunk_t*))get_encoding;
- this->public.interface.interface.equals = (bool (*)(certificate_t*, certificate_t*))equals;
- this->public.interface.interface.get_ref = (certificate_t* (*)(certificate_t*))get_ref;
- this->public.interface.interface.destroy = (void (*)(certificate_t*))destroy;
- this->public.interface.get_fingerprint = (chunk_t (*)(pgp_certificate_t*))get_fingerprint;
-
- this->key = NULL;
- this->version = 0;
- this->created = 0;
- this->valid = 0;
- this->user_id = NULL;
- this->fingerprint = chunk_empty;
- this->encoding = chunk_empty;
- this->ref = 1;
+ private_pgp_cert_t *this;
+
+ INIT(this,
+ .public = {
+ .interface = {
+ .interface = {
+ .get_type = _get_type,
+ .get_subject = _get_subject,
+ .get_issuer = _get_issuer,
+ .has_subject = _has_subject,
+ .has_issuer = _has_issuer,
+ .issued_by = _issued_by,
+ .get_public_key = _get_public_key,
+ .get_validity = _get_validity,
+ .get_encoding = _get_encoding,
+ .equals = _equals,
+ .get_ref = _get_ref,
+ .destroy = _destroy,
+ },
+ .get_fingerprint = _get_fingerprint,
+ },
+ },
+ .ref = 1,
+ );
return this;
}
@@ -314,18 +286,18 @@ static bool parse_public_key(private_pgp_cert_t *this, chunk_t packet)
}
break;
default:
- DBG1(DBG_LIB, "PGP packet version V%d not supported",
+ DBG1(DBG_ASN, "PGP packet version V%d not supported",
this->version);
return FALSE;
}
if (this->valid)
{
- DBG2(DBG_LIB, "L2 - created %T, valid %d days", &this->created, FALSE,
+ DBG2(DBG_ASN, "L2 - created %T, valid %d days", &this->created, FALSE,
this->valid);
}
else
{
- DBG2(DBG_LIB, "L2 - created %T, never expires", &this->created, FALSE);
+ DBG2(DBG_ASN, "L2 - created %T, never expires", &this->created, FALSE);
}
DESTROY_IF(this->key);
this->key = lib->creds->create(lib->creds, CRED_PUBLIC_KEY, KEY_ANY,
@@ -346,13 +318,13 @@ static bool parse_public_key(private_pgp_cert_t *this, chunk_t packet)
hasher = lib->crypto->create_hasher(lib->crypto, HASH_SHA1);
if (hasher == NULL)
{
- DBG1(DBG_LIB, "no SHA-1 hasher available");
+ DBG1(DBG_ASN, "no SHA-1 hasher available");
return FALSE;
}
hasher->allocate_hash(hasher, pubkey_packet_header, NULL);
hasher->allocate_hash(hasher, pubkey_packet, &this->fingerprint);
hasher->destroy(hasher);
- DBG2(DBG_LIB, "L2 - v4 fingerprint %#B", &this->fingerprint);
+ DBG2(DBG_ASN, "L2 - v4 fingerprint %#B", &this->fingerprint);
}
else
{
@@ -363,7 +335,7 @@ static bool parse_public_key(private_pgp_cert_t *this, chunk_t packet)
return FALSE;
}
this->fingerprint = chunk_clone(this->fingerprint);
- DBG2(DBG_LIB, "L2 - v3 fingerprint %#B", &this->fingerprint);
+ DBG2(DBG_ASN, "L2 - v3 fingerprint %#B", &this->fingerprint);
}
return TRUE;
}
@@ -383,7 +355,7 @@ static bool parse_signature(private_pgp_cert_t *this, chunk_t packet)
/* we parse only v3 or v4 signature packets */
if (version != 3 && version != 4)
{
- DBG2(DBG_LIB, "L2 - v%d signature ignored", version);
+ DBG2(DBG_ASN, "L2 - v%d signature ignored", version);
return TRUE;
}
if (version == 4)
@@ -392,7 +364,7 @@ static bool parse_signature(private_pgp_cert_t *this, chunk_t packet)
{
return FALSE;
}
- DBG2(DBG_LIB, "L2 - v%d signature of type 0x%02x", version, type);
+ DBG2(DBG_ASN, "L2 - v%d signature of type 0x%02x", version, type);
}
else
{
@@ -405,7 +377,7 @@ static bool parse_signature(private_pgp_cert_t *this, chunk_t packet)
{
return FALSE;
}
- DBG2(DBG_LIB, "L2 - v3 signature of type 0x%02x, created %T", type,
+ DBG2(DBG_ASN, "L2 - v3 signature of type 0x%02x, created %T", type,
&created, FALSE);
}
/* TODO: parse and save signature to a list */
@@ -419,7 +391,7 @@ static bool parse_user_id(private_pgp_cert_t *this, chunk_t packet)
{
DESTROY_IF(this->user_id);
this->user_id = identification_create_from_encoding(ID_KEY_ID, packet);
- DBG2(DBG_LIB, "L2 - '%Y'", this->user_id);
+ DBG2(DBG_ASN, "L2 - '%Y'", this->user_id);
return TRUE;
}
@@ -469,14 +441,14 @@ pgp_cert_t *pgp_cert_load(certificate_type_t type, va_list args)
if (!parse_signature(this, packet))
{
destroy(this);
- return FALSE;
+ return NULL;
}
break;
case PGP_PKT_USER_ID:
if (!parse_user_id(this, packet))
{
destroy(this);
- return FALSE;
+ return NULL;
}
break;
default: