summaryrefslogtreecommitdiff
path: root/src/openac/build.c
diff options
context:
space:
mode:
authorRene Mayrhofer <rene@mayrhofer.eu.org>2008-07-09 21:02:41 +0000
committerRene Mayrhofer <rene@mayrhofer.eu.org>2008-07-09 21:02:41 +0000
commitdb67c87db3c9089ea8d2e14f617bf3d9e2af261f (patch)
tree665c0caea83d34c11c1517c4c57137bb58cba6fb /src/openac/build.c
parent1c088a8b6237ec67f63c23f97a0f2dc4e99af869 (diff)
downloadvyos-strongswan-db67c87db3c9089ea8d2e14f617bf3d9e2af261f.tar.gz
vyos-strongswan-db67c87db3c9089ea8d2e14f617bf3d9e2af261f.zip
[svn-upgrade] Integrating new upstream version, strongswan (4.2.4)
Diffstat (limited to 'src/openac/build.c')
-rw-r--r--src/openac/build.c193
1 files changed, 0 insertions, 193 deletions
diff --git a/src/openac/build.c b/src/openac/build.c
deleted file mode 100644
index 40c8b7964..000000000
--- a/src/openac/build.c
+++ /dev/null
@@ -1,193 +0,0 @@
-/* Build a X.509 attribute certificate
- * Copyright (C) 2002 Ueli Galizzi, Ariane Seiler
- * Copyright (C) 2004,2007 Andreas Steffen
- * Hochschule fuer Technik Rapperswil, Switzerland
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- *
- * RCSID $Id: build.c 3424 2008-01-22 10:34:44Z andreas $
- */
-
-#include <stdlib.h>
-#include <string.h>
-#include <stdio.h>
-
-#include <asn1/oid.h>
-#include <asn1/asn1.h>
-#include <crypto/ietf_attr_list.h>
-#include <utils/identification.h>
-
-#include "build.h"
-
-static u_char ASN1_group_oid_str[] = {
- 0x06, 0x08,
- 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x0a ,0x04
-};
-
-static const chunk_t ASN1_group_oid = chunk_from_buf(ASN1_group_oid_str);
-
-static u_char ASN1_authorityKeyIdentifier_oid_str[] = {
- 0x06, 0x03,
- 0x55, 0x1d, 0x23
-};
-
-static const chunk_t ASN1_authorityKeyIdentifier_oid =
- chunk_from_buf(ASN1_authorityKeyIdentifier_oid_str);
-
-static u_char ASN1_noRevAvail_ext_str[] = {
- 0x30, 0x09,
- 0x06, 0x03,
- 0x55, 0x1d, 0x38,
- 0x04, 0x02,
- 0x05, 0x00
-};
-
-static const chunk_t ASN1_noRevAvail_ext = chunk_from_buf(ASN1_noRevAvail_ext_str);
-
-/**
- * build directoryName
- */
-static chunk_t build_directoryName(asn1_t tag, chunk_t name)
-{
- return asn1_wrap(tag, "m",
- asn1_simple_object(ASN1_CONTEXT_C_4, name));
-}
-
-/**
- * build holder
- */
-static chunk_t build_holder(void)
-{
- identification_t *issuer = usercert->get_issuer(usercert);
- identification_t *subject = usercert->get_subject(usercert);
-
- return asn1_wrap(ASN1_SEQUENCE, "mm",
- asn1_wrap(ASN1_CONTEXT_C_0, "mm",
- build_directoryName(ASN1_SEQUENCE, issuer->get_encoding(issuer)),
- asn1_simple_object(ASN1_INTEGER, usercert->get_serialNumber(usercert))
- ),
- build_directoryName(ASN1_CONTEXT_C_1, subject->get_encoding(subject)));
-}
-
-/**
- * build v2Form
- */
-static chunk_t build_v2_form(void)
-{
- identification_t *subject = signercert->get_subject(signercert);
-
- return asn1_wrap(ASN1_CONTEXT_C_0, "m",
- build_directoryName(ASN1_SEQUENCE, subject->get_encoding(subject)));
-}
-
-/**
- * build attrCertValidityPeriod
- */
-static chunk_t build_attr_cert_validity(void)
-{
- return asn1_wrap(ASN1_SEQUENCE, "mm",
- timetoasn1(&notBefore, ASN1_GENERALIZEDTIME),
- timetoasn1(&notAfter, ASN1_GENERALIZEDTIME));
-}
-
-
-/**
- * build attribute type
- */
-static chunk_t build_attribute_type(const chunk_t type, chunk_t content)
-{
- return asn1_wrap(ASN1_SEQUENCE, "cm",
- type,
- asn1_wrap(ASN1_SET, "m", content));
-}
-
-/**
- * build attributes
- */
-static chunk_t build_attributes(void)
-{
- return asn1_wrap(ASN1_SEQUENCE, "m",
- build_attribute_type(ASN1_group_oid, ietfAttr_list_encode(groups)));
-}
-
-/**
- * build authorityKeyIdentifier
- */
-static chunk_t build_authorityKeyID(x509_t *signer)
-{
- identification_t *issuer = signer->get_issuer(signer);
- chunk_t subjectKeyID = signer->get_subjectKeyID(signer);
-
- chunk_t keyIdentifier = (subjectKeyID.ptr == NULL)
- ? chunk_empty
- : asn1_simple_object(ASN1_CONTEXT_S_0, subjectKeyID);
-
- chunk_t authorityCertIssuer = build_directoryName(ASN1_CONTEXT_C_1,
- issuer->get_encoding(issuer));
-
- chunk_t authorityCertSerialNumber = asn1_simple_object(ASN1_CONTEXT_S_2,
- signer->get_serialNumber(signer));
-
- return asn1_wrap(ASN1_SEQUENCE, "cm",
- ASN1_authorityKeyIdentifier_oid,
- asn1_wrap(ASN1_OCTET_STRING, "m",
- asn1_wrap(ASN1_SEQUENCE, "mmm",
- keyIdentifier,
- authorityCertIssuer,
- authorityCertSerialNumber
- )
- )
- );
-}
-
-/**
- * build extensions
- */
-static chunk_t build_extensions(void)
-{
- return asn1_wrap(ASN1_SEQUENCE, "mc",
- build_authorityKeyID(signercert),
- ASN1_noRevAvail_ext);
-}
-
-/**
- * build attributeCertificateInfo
- */
-static chunk_t build_attr_cert_info(void)
-{
- return asn1_wrap(ASN1_SEQUENCE, "cmmcmmmm",
- ASN1_INTEGER_1,
- build_holder(),
- build_v2_form(),
- asn1_algorithmIdentifier(OID_SHA1_WITH_RSA),
- asn1_simple_object(ASN1_INTEGER, serial),
- build_attr_cert_validity(),
- build_attributes(),
- build_extensions());
-}
-
-
-/**
- * build an X.509 attribute certificate
- */
-chunk_t build_attr_cert(void)
-{
- chunk_t signatureValue;
- chunk_t attributeCertificateInfo = build_attr_cert_info();
-
- signerkey->build_emsa_pkcs1_signature(signerkey, HASH_SHA1,
- attributeCertificateInfo, &signatureValue);
-
- return asn1_wrap(ASN1_SEQUENCE, "mcm",
- attributeCertificateInfo,
- asn1_algorithmIdentifier(OID_SHA1_WITH_RSA),
- asn1_bitstring("m", signatureValue));
-}