diff options
Diffstat (limited to 'src/libstrongswan/plugins/pubkey')
| -rw-r--r-- | src/libstrongswan/plugins/pubkey/Makefile.am | 3 | ||||
| -rw-r--r-- | src/libstrongswan/plugins/pubkey/Makefile.in | 150 | ||||
| -rw-r--r-- | src/libstrongswan/plugins/pubkey/pubkey_cert.c | 175 | ||||
| -rw-r--r-- | src/libstrongswan/plugins/pubkey/pubkey_cert.h | 10 | ||||
| -rw-r--r-- | src/libstrongswan/plugins/pubkey/pubkey_plugin.c | 11 | ||||
| -rw-r--r-- | src/libstrongswan/plugins/pubkey/pubkey_public_key.c | 184 | ||||
| -rw-r--r-- | src/libstrongswan/plugins/pubkey/pubkey_public_key.h | 34 |
7 files changed, 191 insertions, 376 deletions
diff --git a/src/libstrongswan/plugins/pubkey/Makefile.am b/src/libstrongswan/plugins/pubkey/Makefile.am index 9423e6689..770d77325 100644 --- a/src/libstrongswan/plugins/pubkey/Makefile.am +++ b/src/libstrongswan/plugins/pubkey/Makefile.am @@ -6,8 +6,7 @@ AM_CFLAGS = -rdynamic plugin_LTLIBRARIES = libstrongswan-pubkey.la libstrongswan_pubkey_la_SOURCES = pubkey_plugin.h pubkey_plugin.c \ - pubkey_cert.h pubkey_cert.c\ - pubkey_public_key.h pubkey_public_key.c + pubkey_cert.h pubkey_cert.c libstrongswan_pubkey_la_LDFLAGS = -module -avoid-version diff --git a/src/libstrongswan/plugins/pubkey/Makefile.in b/src/libstrongswan/plugins/pubkey/Makefile.in index a672e2ea8..f95e7b357 100644 --- a/src/libstrongswan/plugins/pubkey/Makefile.in +++ b/src/libstrongswan/plugins/pubkey/Makefile.in @@ -1,8 +1,9 @@ -# Makefile.in generated by automake 1.10.2 from Makefile.am. +# Makefile.in generated by automake 1.11 from Makefile.am. # @configure_input@ # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc. +# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation, +# Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -16,8 +17,9 @@ VPATH = @srcdir@ pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkglibexecdir = $(libexecdir)/@PACKAGE@ am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd install_sh_DATA = $(install_sh) -c -m 644 install_sh_PROGRAM = $(install_sh) -c @@ -35,23 +37,44 @@ host_triplet = @host@ subdir = src/libstrongswan/plugins/pubkey DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/configure.in +am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \ + $(top_srcdir)/m4/config/ltoptions.m4 \ + $(top_srcdir)/m4/config/ltsugar.m4 \ + $(top_srcdir)/m4/config/ltversion.m4 \ + $(top_srcdir)/m4/config/lt~obsolete.m4 \ + $(top_srcdir)/m4/macros/with.m4 \ + $(top_srcdir)/m4/macros/enable-disable.m4 \ + $(top_srcdir)/configure.in am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ $(ACLOCAL_M4) mkinstalldirs = $(install_sh) -d CONFIG_CLEAN_FILES = +CONFIG_CLEAN_VPATH_FILES = am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; am__vpath_adj = case $$p in \ $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ *) f=$$p;; \ esac; -am__strip_dir = `echo $$p | sed -e 's|^.*/||'`; +am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`; +am__install_max = 40 +am__nobase_strip_setup = \ + srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'` +am__nobase_strip = \ + for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||" +am__nobase_list = $(am__nobase_strip_setup); \ + for p in $$list; do echo "$$p $$p"; done | \ + sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \ + $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \ + if (++n[$$2] == $(am__install_max)) \ + { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \ + END { for (dir in files) print dir, files[dir] }' +am__base_list = \ + sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ + sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' am__installdirs = "$(DESTDIR)$(plugindir)" -pluginLTLIBRARIES_INSTALL = $(INSTALL) LTLIBRARIES = $(plugin_LTLIBRARIES) libstrongswan_pubkey_la_LIBADD = -am_libstrongswan_pubkey_la_OBJECTS = pubkey_plugin.lo pubkey_cert.lo \ - pubkey_public_key.lo +am_libstrongswan_pubkey_la_OBJECTS = pubkey_plugin.lo pubkey_cert.lo libstrongswan_pubkey_la_OBJECTS = \ $(am_libstrongswan_pubkey_la_OBJECTS) libstrongswan_pubkey_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \ @@ -60,6 +83,7 @@ libstrongswan_pubkey_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \ DEFAULT_INCLUDES = -I.@am__isrc@ depcomp = $(SHELL) $(top_srcdir)/depcomp am__depfiles_maybe = depfiles +am__mv = mv -f COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ @@ -107,25 +131,22 @@ INSTALL_DATA = @INSTALL_DATA@ INSTALL_PROGRAM = @INSTALL_PROGRAM@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ -IPSEC_ROUTING_TABLE = @IPSEC_ROUTING_TABLE@ -IPSEC_ROUTING_TABLE_PRIO = @IPSEC_ROUTING_TABLE_PRIO@ LD = @LD@ LDFLAGS = @LDFLAGS@ LEX = @LEX@ LEXLIB = @LEXLIB@ LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ -LIBGCRYPT_CFLAGS = @LIBGCRYPT_CFLAGS@ -LIBGCRYPT_CONFIG = @LIBGCRYPT_CONFIG@ -LIBGCRYPT_LIBS = @LIBGCRYPT_LIBS@ LIBOBJS = @LIBOBJS@ LIBS = @LIBS@ LIBTOOL = @LIBTOOL@ -LINUX_HEADERS = @LINUX_HEADERS@ LIPO = @LIPO@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ MAKEINFO = @MAKEINFO@ MKDIR_P = @MKDIR_P@ +MYSQLCFLAG = @MYSQLCFLAG@ +MYSQLCONFIG = @MYSQLCONFIG@ +MYSQLLIB = @MYSQLLIB@ NM = @NM@ NMEDIT = @NMEDIT@ OBJDUMP = @OBJDUMP@ @@ -137,11 +158,14 @@ PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ PACKAGE_NAME = @PACKAGE_NAME@ PACKAGE_STRING = @PACKAGE_STRING@ PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_URL = @PACKAGE_URL@ PACKAGE_VERSION = @PACKAGE_VERSION@ PATH_SEPARATOR = @PATH_SEPARATOR@ PERL = @PERL@ PKG_CONFIG = @PKG_CONFIG@ +PTHREADLIB = @PTHREADLIB@ RANLIB = @RANLIB@ +RTLIB = @RTLIB@ RUBY = @RUBY@ RUBYINCLUDE = @RUBYINCLUDE@ SED = @SED@ @@ -170,9 +194,9 @@ build_cpu = @build_cpu@ build_os = @build_os@ build_vendor = @build_vendor@ builddir = @builddir@ -confdir = @confdir@ datadir = @datadir@ datarootdir = @datarootdir@ +default_pkcs11 = @default_pkcs11@ docdir = @docdir@ dvidir = @dvidir@ exec_prefix = @exec_prefix@ @@ -195,7 +219,7 @@ ipsecuser = @ipsecuser@ libdir = @libdir@ libexecdir = @libexecdir@ libstrongswan_plugins = @libstrongswan_plugins@ -linuxdir = @linuxdir@ +linux_headers = @linux_headers@ localedir = @localedir@ localstatedir = @localstatedir@ lt_ECHO = @lt_ECHO@ @@ -203,6 +227,7 @@ mandir = @mandir@ mkdir_p = @mkdir_p@ nm_CFLAGS = @nm_CFLAGS@ nm_LIBS = @nm_LIBS@ +nm_ca_dir = @nm_ca_dir@ oldincludedir = @oldincludedir@ pdfdir = @pdfdir@ piddir = @piddir@ @@ -211,10 +236,12 @@ pluto_plugins = @pluto_plugins@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ +random_device = @random_device@ resolv_conf = @resolv_conf@ +routing_table = @routing_table@ +routing_table_prio = @routing_table_prio@ sbindir = @sbindir@ sharedstatedir = @sharedstatedir@ -simreader = @simreader@ srcdir = @srcdir@ strongswan_conf = @strongswan_conf@ sysconfdir = @sysconfdir@ @@ -222,14 +249,14 @@ target_alias = @target_alias@ top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ +urandom_device = @urandom_device@ xml_CFLAGS = @xml_CFLAGS@ xml_LIBS = @xml_LIBS@ INCLUDES = -I$(top_srcdir)/src/libstrongswan AM_CFLAGS = -rdynamic plugin_LTLIBRARIES = libstrongswan-pubkey.la libstrongswan_pubkey_la_SOURCES = pubkey_plugin.h pubkey_plugin.c \ - pubkey_cert.h pubkey_cert.c\ - pubkey_public_key.h pubkey_public_key.c + pubkey_cert.h pubkey_cert.c libstrongswan_pubkey_la_LDFLAGS = -module -avoid-version all: all-am @@ -245,9 +272,9 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps) exit 1;; \ esac; \ done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libstrongswan/plugins/pubkey/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --gnu src/libstrongswan/plugins/pubkey/Makefile + echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libstrongswan/plugins/pubkey/Makefile'; \ + $(am__cd) $(top_srcdir) && \ + $(AUTOMAKE) --gnu src/libstrongswan/plugins/pubkey/Makefile .PRECIOUS: Makefile Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status @case '$?' in \ @@ -265,23 +292,28 @@ $(top_srcdir)/configure: $(am__configure_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(ACLOCAL_M4): $(am__aclocal_m4_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(am__aclocal_m4_deps): install-pluginLTLIBRARIES: $(plugin_LTLIBRARIES) @$(NORMAL_INSTALL) test -z "$(plugindir)" || $(MKDIR_P) "$(DESTDIR)$(plugindir)" - @list='$(plugin_LTLIBRARIES)'; for p in $$list; do \ + @list='$(plugin_LTLIBRARIES)'; test -n "$(plugindir)" || list=; \ + list2=; for p in $$list; do \ if test -f $$p; then \ - f=$(am__strip_dir) \ - echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(pluginLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(plugindir)/$$f'"; \ - $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(pluginLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(plugindir)/$$f"; \ + list2="$$list2 $$p"; \ else :; fi; \ - done + done; \ + test -z "$$list2" || { \ + echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 '$(DESTDIR)$(plugindir)'"; \ + $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 "$(DESTDIR)$(plugindir)"; \ + } uninstall-pluginLTLIBRARIES: @$(NORMAL_UNINSTALL) - @list='$(plugin_LTLIBRARIES)'; for p in $$list; do \ - p=$(am__strip_dir) \ - echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f '$(DESTDIR)$(plugindir)/$$p'"; \ - $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f "$(DESTDIR)$(plugindir)/$$p"; \ + @list='$(plugin_LTLIBRARIES)'; test -n "$(plugindir)" || list=; \ + for p in $$list; do \ + $(am__strip_dir) \ + echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f '$(DESTDIR)$(plugindir)/$$f'"; \ + $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f "$(DESTDIR)$(plugindir)/$$f"; \ done clean-pluginLTLIBRARIES: @@ -303,25 +335,24 @@ distclean-compile: @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pubkey_cert.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pubkey_plugin.Plo@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pubkey_public_key.Plo@am__quote@ .c.o: @am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< -@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(COMPILE) -c $< .c.obj: @am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'` -@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'` .c.lo: @am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< -@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo @AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $< @@ -344,7 +375,7 @@ tags: TAGS TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) - tags=; \ + set x; \ here=`pwd`; \ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ @@ -352,29 +383,34 @@ TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ done | \ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ END { if (nonempty) { for (i in files) print i; }; }'`; \ - if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + shift; \ + if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \ test -n "$$unique" || unique=$$empty_fix; \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - $$tags $$unique; \ + if test $$# -gt 0; then \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + "$$@" $$unique; \ + else \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$unique; \ + fi; \ fi ctags: CTAGS CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ $(TAGS_FILES) $(LISP) - tags=; \ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ END { if (nonempty) { for (i in files) print i; }; }'`; \ - test -z "$(CTAGS_ARGS)$$tags$$unique" \ + test -z "$(CTAGS_ARGS)$$unique" \ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ - $$tags $$unique + $$unique GTAGS: here=`$(am__cd) $(top_builddir) && pwd` \ - && cd $(top_srcdir) \ - && gtags -i $(GTAGS_ARGS) $$here + && $(am__cd) $(top_srcdir) \ + && gtags -i $(GTAGS_ARGS) "$$here" distclean-tags: -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags @@ -395,13 +431,17 @@ distdir: $(DISTFILES) if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ if test -d $$d/$$file; then \ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ + if test -d "$(distdir)/$$file"; then \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ + cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ + cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ + test -f "$(distdir)/$$file" \ + || cp -p $$d/$$file "$(distdir)/$$file" \ || exit 1; \ fi; \ done @@ -432,6 +472,7 @@ clean-generic: distclean-generic: -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) + -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) maintainer-clean-generic: @echo "This command is intended for maintainers to use" @@ -453,6 +494,8 @@ dvi-am: html: html-am +html-am: + info: info-am info-am: @@ -461,18 +504,28 @@ install-data-am: install-pluginLTLIBRARIES install-dvi: install-dvi-am +install-dvi-am: + install-exec-am: install-html: install-html-am +install-html-am: + install-info: install-info-am +install-info-am: + install-man: install-pdf: install-pdf-am +install-pdf-am: + install-ps: install-ps-am +install-ps-am: + installcheck-am: maintainer-clean: maintainer-clean-am @@ -511,6 +564,7 @@ uninstall-am: uninstall-pluginLTLIBRARIES mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ tags uninstall uninstall-am uninstall-pluginLTLIBRARIES + # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. .NOEXPORT: diff --git a/src/libstrongswan/plugins/pubkey/pubkey_cert.c b/src/libstrongswan/plugins/pubkey/pubkey_cert.c index 863a8a1d4..f149f6379 100644 --- a/src/libstrongswan/plugins/pubkey/pubkey_cert.c +++ b/src/libstrongswan/plugins/pubkey/pubkey_cert.c @@ -17,11 +17,6 @@ #include <debug.h> -/** - * defined in pubkey_public_key.c - */ -extern public_key_t *pubkey_public_key_load(chunk_t blob); - typedef struct private_pubkey_cert_t private_pubkey_cert_t; /** @@ -33,17 +28,22 @@ struct private_pubkey_cert_t { * public functions */ pubkey_cert_t public; - + /** * wrapped public key */ public_key_t *key; - + /** * dummy issuer id, ID_ANY */ identification_t *issuer; - + + /** + * subject, ID_KEY_ID of the public key + */ + identification_t *subject; + /** * reference count */ @@ -63,7 +63,7 @@ static certificate_type_t get_type(private_pubkey_cert_t *this) */ static identification_t* get_subject(private_pubkey_cert_t *this) { - return this->key->get_id(this->key, ID_PUBKEY_INFO_SHA1); + return this->subject; } /** @@ -80,14 +80,21 @@ static identification_t* get_issuer(private_pubkey_cert_t *this) static id_match_t has_subject(private_pubkey_cert_t *this, identification_t *subject) { - identification_t *id; - - id = this->key->get_id(this->key, subject->get_type(subject)); - if (id) + if (subject->get_type(subject) == ID_KEY_ID) { - return id->matches(id, subject); + key_encoding_type_t type; + chunk_t fingerprint; + + for (type = 0; type < KEY_ENCODING_MAX; type++) + { + if (this->key->get_fingerprint(this->key, type, &fingerprint) && + chunk_equals(fingerprint, subject->get_encoding(subject))) + { + return ID_MATCH_PERFECT; + } + } } - return ID_MATCH_NONE; + return ID_MATCH_NONE; } /** @@ -104,15 +111,19 @@ static id_match_t has_issuer(private_pubkey_cert_t *this, */ static bool equals(private_pubkey_cert_t *this, certificate_t *other) { - if (this == (private_pubkey_cert_t*)other) - { - return TRUE; - } - if (other->get_type(other) != CERT_TRUSTED_PUBKEY) + public_key_t *other_key; + + other_key = other->get_public_key(other); + if (other_key) { - return FALSE; + if (public_key_equals(this->key, other_key)) + { + other_key->destroy(other_key); + return TRUE; + } + other_key->destroy(other_key); } - return other->has_subject(other, this->key->get_id(this->key, ID_PUBKEY_INFO_SHA1)); + return FALSE; } /** @@ -131,6 +142,7 @@ static public_key_t* get_public_key(private_pubkey_cert_t *this) this->key->get_ref(this->key); return this->key; } + /** * Implementation of certificate_t.get_validity. */ @@ -155,13 +167,19 @@ static bool is_newer(certificate_t *this, certificate_t *that) { return FALSE; } - + /** * Implementation of certificate_t.get_encoding. */ static chunk_t get_encoding(private_pubkey_cert_t *this) { - return this->key->get_encoding(this->key); + chunk_t encoding; + + if (this->key->get_encoding(this->key, KEY_PUB_ASN1_DER, &encoding)) + { + return encoding; + } + return chunk_empty; } /** @@ -180,6 +198,7 @@ static void destroy(private_pubkey_cert_t *this) { if (ref_put(&this->ref)) { + this->subject->destroy(this->subject); this->issuer->destroy(this->issuer); this->key->destroy(this->key); free(this); @@ -192,7 +211,8 @@ static void destroy(private_pubkey_cert_t *this) static pubkey_cert_t *pubkey_cert_create(public_key_t *key) { private_pubkey_cert_t *this = malloc_thing(private_pubkey_cert_t); - + chunk_t fingerprint; + this->public.interface.get_type = (certificate_type_t (*)(certificate_t *this))get_type; this->public.interface.get_subject = (identification_t* (*)(certificate_t *this))get_subject; this->public.interface.get_issuer = (identification_t* (*)(certificate_t *this))get_issuer; @@ -206,97 +226,60 @@ static pubkey_cert_t *pubkey_cert_create(public_key_t *key) this->public.interface.equals = (bool (*)(certificate_t*, certificate_t *other))equals; this->public.interface.get_ref = (certificate_t* (*)(certificate_t *this))get_ref; this->public.interface.destroy = (void (*)(certificate_t *this))destroy; - + this->ref = 1; this->key = key; this->issuer = identification_create_from_encoding(ID_ANY, chunk_empty); - - return &this->public; -} - -static pubkey_cert_t *pubkey_cert_create_from_chunk(chunk_t blob) -{ - public_key_t *key = pubkey_public_key_load(chunk_clone(blob)); + if (key->get_fingerprint(key, KEY_ID_PUBKEY_INFO_SHA1, &fingerprint)) + { + this->subject = identification_create_from_encoding(ID_KEY_ID, fingerprint); + } + else + { + this->subject = identification_create_from_encoding(ID_ANY, chunk_empty); + } - return (key)? pubkey_cert_create(key) : NULL; + return &this->public; } -typedef struct private_builder_t private_builder_t; /** - * Builder implementation for key loading + * See header. */ -struct private_builder_t { - /** implements the builder interface */ - builder_t public; - /** loaded public key */ - pubkey_cert_t *key; -}; - -/** - * Implementation of builder_t.build - */ -static pubkey_cert_t *build(private_builder_t *this) +pubkey_cert_t *pubkey_cert_wrap(certificate_type_t type, va_list args) { - pubkey_cert_t *key = this->key; - - free(this); - return key; -} + public_key_t *key = NULL; + chunk_t blob = chunk_empty; -/** - * Implementation of builder_t.add - */ -static void add(private_builder_t *this, builder_part_t part, ...) -{ - if (!this->key) + while (TRUE) { - va_list args; - - switch (part) + switch (va_arg(args, builder_part_t)) { case BUILD_BLOB_ASN1_DER: - { - va_start(args, part); - this->key = pubkey_cert_create_from_chunk(va_arg(args, chunk_t)); - va_end(args); - return; - } + blob = va_arg(args, chunk_t); + continue; case BUILD_PUBLIC_KEY: - { - va_start(args, part); - this->key = pubkey_cert_create(va_arg(args, public_key_t*)); - va_end(args); - return; - } - default: + key = va_arg(args, public_key_t*); + continue; + case BUILD_END: break; + default: + return NULL; } + break; } - if (this->key) + if (key) { - destroy((private_pubkey_cert_t*)this->key); + key->get_ref(key); } - builder_cancel(&this->public); -} - -/** - * Builder construction function - */ -builder_t *pubkey_cert_builder(certificate_type_t type) -{ - private_builder_t *this; - - if (type != CERT_TRUSTED_PUBKEY) + else if (blob.ptr) { - return NULL; + key = lib->creds->create(lib->creds, CRED_PUBLIC_KEY, KEY_ANY, + BUILD_BLOB_ASN1_DER, blob, BUILD_END); } - - this = malloc_thing(private_builder_t); - - this->key = NULL; - this->public.add = (void(*)(builder_t *this, builder_part_t part, ...))add; - this->public.build = (void*(*)(builder_t *this))build; - - return &this->public; + if (key) + { + return pubkey_cert_create(key); + } + return NULL; } diff --git a/src/libstrongswan/plugins/pubkey/pubkey_cert.h b/src/libstrongswan/plugins/pubkey/pubkey_cert.h index 394fc8b98..a2d735342 100644 --- a/src/libstrongswan/plugins/pubkey/pubkey_cert.h +++ b/src/libstrongswan/plugins/pubkey/pubkey_cert.h @@ -21,6 +21,7 @@ #ifndef PUBKEY_CERT_H_ #define PUBKEY_CERT_H_ +#include <credentials/builder.h> #include <credentials/certificates/certificate.h> typedef struct pubkey_cert_t pubkey_cert_t; @@ -37,13 +38,14 @@ struct pubkey_cert_t { }; /** - * Create the builder for a trusted public key. + * Create a trusted public key cert using a public key. * - * The builders add() function takes BUILD_PUBLIC_KEY to enwrap. + * The build accepts a BUILD_PUBLIC_KEY or a BUILD_BLOB_ASN1_DER part. * * @param type type of the certificate, must be CERT_pubkey_cert - * @return builder instance + * @param args builder_part_t argument list + * @return pubkey_cert_t, NULL on failure */ -builder_t *pubkey_cert_builder(certificate_type_t type); +pubkey_cert_t *pubkey_cert_wrap(certificate_type_t type, va_list args); #endif /** PUBKEY_CERT_H_ @}*/ diff --git a/src/libstrongswan/plugins/pubkey/pubkey_plugin.c b/src/libstrongswan/plugins/pubkey/pubkey_plugin.c index 7672e8dc1..ad84eed99 100644 --- a/src/libstrongswan/plugins/pubkey/pubkey_plugin.c +++ b/src/libstrongswan/plugins/pubkey/pubkey_plugin.c @@ -17,7 +17,6 @@ #include <library.h> #include "pubkey_cert.h" -#include "pubkey_public_key.h" typedef struct private_pubkey_plugin_t private_pubkey_plugin_t; @@ -38,9 +37,7 @@ struct private_pubkey_plugin_t { static void destroy(private_pubkey_plugin_t *this) { lib->creds->remove_builder(lib->creds, - (builder_constructor_t)pubkey_cert_builder); - lib->creds->remove_builder(lib->creds, - (builder_constructor_t)pubkey_public_key_builder); + (builder_function_t)pubkey_cert_wrap); free(this); } @@ -50,13 +47,11 @@ static void destroy(private_pubkey_plugin_t *this) plugin_t *plugin_create() { private_pubkey_plugin_t *this = malloc_thing(private_pubkey_plugin_t); - + this->public.plugin.destroy = (void(*)(plugin_t*))destroy; lib->creds->add_builder(lib->creds, CRED_CERTIFICATE, CERT_TRUSTED_PUBKEY, - (builder_constructor_t)pubkey_cert_builder); - lib->creds->add_builder(lib->creds, CRED_PUBLIC_KEY, KEY_ANY, - (builder_constructor_t)pubkey_public_key_builder); + (builder_function_t)pubkey_cert_wrap); return &this->public.plugin; } diff --git a/src/libstrongswan/plugins/pubkey/pubkey_public_key.c b/src/libstrongswan/plugins/pubkey/pubkey_public_key.c deleted file mode 100644 index 6d3ae66ab..000000000 --- a/src/libstrongswan/plugins/pubkey/pubkey_public_key.c +++ /dev/null @@ -1,184 +0,0 @@ -/* - * Copyright (C) 2008 Tobias Brunner - * Copyright (C) 2008 Martin Willi - * Copyright (C) 2000-2008 Andreas Steffen - * Hochschule fuer Technik Rapperswil - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -#include "pubkey_public_key.h" - -#include <debug.h> -#include <asn1/pem.h> -#include <asn1/oid.h> -#include <asn1/asn1.h> -#include <asn1/asn1_parser.h> - -/** - * ASN.1 definition of a subjectPublicKeyInfo structure - */ -static const asn1Object_t pkinfoObjects[] = { - { 0, "subjectPublicKeyInfo",ASN1_SEQUENCE, ASN1_NONE }, /* 0 */ - { 1, "algorithm", ASN1_EOC, ASN1_RAW }, /* 1 */ - { 1, "subjectPublicKey", ASN1_BIT_STRING, ASN1_BODY }, /* 2 */ - { 0, "exit", ASN1_EOC, ASN1_EXIT } -}; -#define PKINFO_SUBJECT_PUBLIC_KEY_ALGORITHM 1 -#define PKINFO_SUBJECT_PUBLIC_KEY 2 - - -/** - * Load a public key from an ASN.1 encoded blob - * Also used by pubkey_cert.c - */ -public_key_t *pubkey_public_key_load(chunk_t blob) -{ - asn1_parser_t *parser; - chunk_t object; - int objectID; - public_key_t *key = NULL; - key_type_t type = KEY_ANY; - - parser = asn1_parser_create(pkinfoObjects, blob); - - while (parser->iterate(parser, &objectID, &object)) - { - switch (objectID) - { - case PKINFO_SUBJECT_PUBLIC_KEY_ALGORITHM: - { - int oid = asn1_parse_algorithmIdentifier(object, - parser->get_level(parser)+1, NULL); - - if (oid == OID_RSA_ENCRYPTION) - { - type = KEY_RSA; - } - else if (oid == OID_EC_PUBLICKEY) - { - /* we need the whole subjectPublicKeyInfo for EC public keys */ - key = lib->creds->create(lib->creds, CRED_PUBLIC_KEY, - KEY_ECDSA, BUILD_BLOB_ASN1_DER, blob, BUILD_END); - goto end; - } - else - { - /* key type not supported */ - goto end; - } - break; - } - case PKINFO_SUBJECT_PUBLIC_KEY: - if (object.len > 0 && *object.ptr == 0x00) - { - /* skip initial bit string octet defining 0 unused bits */ - object = chunk_skip(object, 1); - } - key = lib->creds->create(lib->creds, CRED_PUBLIC_KEY, type, - BUILD_BLOB_ASN1_DER, object, BUILD_END); - break; - } - } - -end: - parser->destroy(parser); - free(blob.ptr); - return key; -} - -typedef struct private_builder_t private_builder_t; -/** - * Builder implementation for key loading - */ -struct private_builder_t { - /** implements the builder interface */ - builder_t public; - /** loaded public key */ - public_key_t *key; -}; - -/** - * Implementation of builder_t.build - */ -static public_key_t *build(private_builder_t *this) -{ - public_key_t *key = this->key; - - free(this); - return key; -} - -/** - * Implementation of builder_t.add - */ -static void add(private_builder_t *this, builder_part_t part, ...) -{ - if (!this->key) - { - va_list args; - chunk_t blob; - - switch (part) - { - case BUILD_BLOB_ASN1_DER: - { - va_start(args, part); - blob = va_arg(args, chunk_t); - this->key = pubkey_public_key_load(chunk_clone(blob)); - va_end(args); - return; - } - case BUILD_BLOB_ASN1_PEM: - { - bool pgp; - char *pem; - - va_start(args, part); - pem = va_arg(args, char *); - blob = chunk_clone(chunk_create(pem, strlen(pem))); - if (pem_to_bin(&blob, chunk_empty, &pgp) == SUCCESS) - { - this->key = pubkey_public_key_load(chunk_clone(blob)); - } - free(blob.ptr); - va_end(args); - return; - } - default: - break; - } - } - DESTROY_IF(this->key); - builder_cancel(&this->public); -} - -/** - * Builder construction function - */ -builder_t *pubkey_public_key_builder(key_type_t type) -{ - private_builder_t *this; - - if (type != KEY_ANY) - { - return NULL; - } - - this = malloc_thing(private_builder_t); - - this->key = NULL; - this->public.add = (void(*)(builder_t *this, builder_part_t part, ...))add; - this->public.build = (void*(*)(builder_t *this))build; - - return &this->public; -} - diff --git a/src/libstrongswan/plugins/pubkey/pubkey_public_key.h b/src/libstrongswan/plugins/pubkey/pubkey_public_key.h deleted file mode 100644 index d3198fab2..000000000 --- a/src/libstrongswan/plugins/pubkey/pubkey_public_key.h +++ /dev/null @@ -1,34 +0,0 @@ -/* - * Copyright (C) 2008 Martin Willi - * Hochschule fuer Technik Rapperswil - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -/** - * @defgroup pubkey_public_key pubkey_public_key - * @{ @ingroup pubkey_p - */ - -#ifndef PUBKEY_PUBLIC_KEY_H_ -#define PUBKEY_PUBLIC_KEY_H_ - -#include <credentials/keys/public_key.h> - -/** - * Create the builder for a generic public key. - * - * @param type type of the key, must be KEY_ANY - * @return builder instance - */ -builder_t *pubkey_public_key_builder(key_type_t type); - -#endif /** PUBKEY_RSA_PUBLIC_KEY_H_ @}*/ |