diff options
| author | Rene Mayrhofer <rene@mayrhofer.eu.org> | 2009-06-23 11:25:24 +0000 |
|---|---|---|
| committer | Rene Mayrhofer <rene@mayrhofer.eu.org> | 2009-06-23 11:25:24 +0000 |
| commit | 41787e147279ff0695e9d759487266a60b80867b (patch) | |
| tree | 8f28566c8fd7106c80d2536d2df540dbb4499cc5 /src/libstrongswan/plugins/x509/x509_ocsp_response.c | |
| parent | c3e7f611ea8273c6b3909cb006ade4903a74aad0 (diff) | |
| download | vyos-strongswan-41787e147279ff0695e9d759487266a60b80867b.tar.gz vyos-strongswan-41787e147279ff0695e9d759487266a60b80867b.zip | |
[svn-upgrade] Integrating new upstream version, strongswan (4.3.2)
Diffstat (limited to 'src/libstrongswan/plugins/x509/x509_ocsp_response.c')
| -rw-r--r-- | src/libstrongswan/plugins/x509/x509_ocsp_response.c | 38 |
1 files changed, 9 insertions, 29 deletions
diff --git a/src/libstrongswan/plugins/x509/x509_ocsp_response.c b/src/libstrongswan/plugins/x509/x509_ocsp_response.c index 6bb59d8e6..1b3187258 100644 --- a/src/libstrongswan/plugins/x509/x509_ocsp_response.c +++ b/src/libstrongswan/plugins/x509/x509_ocsp_response.c @@ -13,8 +13,6 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. - * - * $Id: x509_ocsp_response.c 4936 2009-03-12 18:07:32Z tobias $ */ #include "x509_ocsp_response.h" @@ -523,12 +521,12 @@ static bool parse_basicOCSPResponse(private_x509_ocsp_response_t *this, case BASIC_RESPONSE_ID_BY_NAME: this->responderId = identification_create_from_encoding( ID_DER_ASN1_DN, object); - DBG2(" '%D'", this->responderId); + DBG2(" '%Y'", this->responderId); break; case BASIC_RESPONSE_ID_BY_KEY: this->responderId = identification_create_from_encoding( ID_PUBKEY_INFO_SHA1, object); - DBG2(" '%D'", this->responderId); + DBG2(" '%Y'", this->responderId); break; case BASIC_RESPONSE_PRODUCED_AT: this->producedAt = asn1_to_time(&object, ASN1_GENERALIZEDTIME); @@ -726,32 +724,14 @@ static bool issued_by(private_x509_ocsp_response_t *this, certificate_t *issuer) { return FALSE; } - /* TODO: generic OID to scheme mapper? */ - switch (this->signatureAlgorithm) - { - case OID_MD5_WITH_RSA: - scheme = SIGN_RSA_EMSA_PKCS1_MD5; - break; - case OID_SHA1_WITH_RSA: - scheme = SIGN_RSA_EMSA_PKCS1_SHA1; - break; - case OID_SHA256_WITH_RSA: - scheme = SIGN_RSA_EMSA_PKCS1_SHA256; - break; - case OID_SHA384_WITH_RSA: - scheme = SIGN_RSA_EMSA_PKCS1_SHA384; - break; - case OID_SHA512_WITH_RSA: - scheme = SIGN_RSA_EMSA_PKCS1_SHA512; - break; - case OID_ECDSA_WITH_SHA1: - scheme = SIGN_ECDSA_WITH_SHA1; - break; - default: - return FALSE; - } + + /* get the public key of the issuer */ key = issuer->get_public_key(issuer); - if (key == NULL) + + /* determine signature scheme */ + scheme = signature_scheme_from_oid(this->signatureAlgorithm); + + if (scheme == SIGN_UNKNOWN || key == NULL) { return FALSE; } |