[svn-upgrade] new version strongswan (4.4.1)

1 files changed, 17 insertions, 16 deletions

diff --git a/src/libstrongswan/plugins/x509/x509_pkcs10.c b/src/libstrongswan/plugins/x509/x509_pkcs10.c
index 1009ec931..bfb0ca621 100644
--- a/src/libstrongswan/plugins/x509/x509_pkcs10.c
+++ b/src/libstrongswan/plugins/x509/x509_pkcs10.c
@@ -189,19 +189,18 @@ static bool get_validity(private_x509_pkcs10_t *this, time_t *when,
 }
 
 /**
- * Implementation of certificate_t.is_newer.
- */
-static bool is_newer(certificate_t *this, certificate_t *that)
-{
-	return FALSE;
-}
-
-/**
  * Implementation of certificate_t.get_encoding.
  */
-static chunk_t get_encoding(private_x509_pkcs10_t *this)
+static bool get_encoding(private_x509_pkcs10_t *this, cred_encoding_type_t type,
+						 chunk_t *encoding)
 {
-	return chunk_clone(this->encoding);
+	if (type == CERT_ASN1_DER)
+	{
+		*encoding = chunk_clone(this->encoding);
+		return TRUE;
+	}
+	return lib->encoding->encode(lib->encoding, type, NULL, encoding,
+					CRED_PART_PKCS10_ASN1_DER, this->encoding, CRED_PART_END);
 }
 
 /**
@@ -224,7 +223,10 @@ static bool equals(private_x509_pkcs10_t *this, certificate_t *other)
 	{	/* skip allocation if we have the same implementation */
 		return chunk_equals(this->encoding, ((private_x509_pkcs10_t*)other)->encoding);
 	}
-	encoding = other->get_encoding(other);
+	if (!other->get_encoding(other, CERT_ASN1_DER, &encoding))
+	{
+		return FALSE;
+	}
 	equal = chunk_equals(this->encoding, encoding);
 	free(encoding.ptr);
 	return equal;
@@ -357,7 +359,7 @@ static bool parse_challengePassword(private_x509_pkcs10_t *this, chunk_t blob, i
  */
 static const asn1Object_t certificationRequestObjects[] = {
 	{ 0, "certificationRequest",       ASN1_SEQUENCE,    ASN1_OBJ  }, /*  0 */
-	{ 1,   "certificationRequestInfo", ASN1_SEQUENCE,    ASN1_OBJ  }, /*  1 */

+	{ 1,   "certificationRequestInfo", ASN1_SEQUENCE,    ASN1_OBJ  }, /*  1 */
 	{ 2,     "version",                ASN1_INTEGER,     ASN1_BODY }, /*  2 */
 	{ 2,     "subject",                ASN1_SEQUENCE,    ASN1_OBJ  }, /*  3 */
 	{ 2,     "subjectPublicKeyInfo",   ASN1_SEQUENCE,    ASN1_RAW  }, /*  4 */
@@ -369,7 +371,7 @@ static const asn1Object_t certificationRequestObjects[] = {
 	{ 4,         "end loop",           ASN1_EOC,         ASN1_END  }, /* 10 */
 	{ 2,     "end loop",               ASN1_EOC,         ASN1_END  }, /* 11 */
 	{ 1,   "signatureAlgorithm",       ASN1_EOC,         ASN1_RAW  }, /* 12 */
-	{ 1,    "signature",               ASN1_BIT_STRING,  ASN1_BODY }, /* 13 */

+	{ 1,    "signature",               ASN1_BIT_STRING,  ASN1_BODY }, /* 13 */
 	{ 0, "exit",                       ASN1_EOC,         ASN1_EXIT }
 };
 #define PKCS10_CERT_REQUEST_INFO		 1
@@ -512,8 +514,7 @@ static private_x509_pkcs10_t* create_empty(void)
 	this->public.interface.interface.issued_by = (bool (*) (certificate_t*, certificate_t*))issued_by;
 	this->public.interface.interface.get_public_key = (public_key_t* (*) (certificate_t*))get_public_key;
 	this->public.interface.interface.get_validity = (bool (*) (certificate_t*, time_t*, time_t*, time_t*))get_validity;
-	this->public.interface.interface.is_newer = (bool (*) (certificate_t*,certificate_t*))is_newer;
-	this->public.interface.interface.get_encoding = (chunk_t (*) (certificate_t*))get_encoding;
+	this->public.interface.interface.get_encoding = (bool (*) (certificate_t*,cred_encoding_type_t,chunk_t*))get_encoding;
 	this->public.interface.interface.equals = (bool (*)(certificate_t*, certificate_t*))equals;
 	this->public.interface.interface.get_ref = (certificate_t* (*)(certificate_t*))get_ref;
 	this->public.interface.interface.destroy = (void (*)(certificate_t*))destroy;
@@ -559,7 +560,7 @@ static bool generate(private_x509_pkcs10_t *cert, private_key_t *sign_key,
 	scheme = signature_scheme_from_oid(cert->algorithm);
 
 	if (!cert->public_key->get_encoding(cert->public_key,
-										KEY_PUB_SPKI_ASN1_DER, &key_info))
+										PUBKEY_SPKI_ASN1_DER, &key_info))
 	{
 		return FALSE;
 	}