summaryrefslogtreecommitdiff
path: root/src/libstrongswan/plugins/x509/x509_pkcs10.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/libstrongswan/plugins/x509/x509_pkcs10.c')
-rw-r--r--src/libstrongswan/plugins/x509/x509_pkcs10.c146
1 files changed, 60 insertions, 86 deletions
diff --git a/src/libstrongswan/plugins/x509/x509_pkcs10.c b/src/libstrongswan/plugins/x509/x509_pkcs10.c
index 7b488484e..ca08db2c6 100644
--- a/src/libstrongswan/plugins/x509/x509_pkcs10.c
+++ b/src/libstrongswan/plugins/x509/x509_pkcs10.c
@@ -104,34 +104,26 @@ struct private_x509_pkcs10_t {
extern void x509_parse_generalNames(chunk_t blob, int level0, bool implicit, linked_list_t *list);
extern chunk_t x509_build_subjectAltNames(linked_list_t *list);
-/**
- * Implementation of certificate_t.get_type.
- */
-static certificate_type_t get_type(private_x509_pkcs10_t *this)
+METHOD(certificate_t, get_type, certificate_type_t,
+ private_x509_pkcs10_t *this)
{
return CERT_PKCS10_REQUEST;
}
-/**
- * Implementation of certificate_t.get_subject and get_issuer.
- */
-static identification_t* get_subject(private_x509_pkcs10_t *this)
+METHOD(certificate_t, get_subject, identification_t*,
+ private_x509_pkcs10_t *this)
{
return this->subject;
}
-/**
- * Implementation of certificate_t.has_subject and has_issuer.
- */
-static id_match_t has_subject(private_x509_pkcs10_t *this, identification_t *subject)
+METHOD(certificate_t, has_subject, id_match_t,
+ private_x509_pkcs10_t *this, identification_t *subject)
{
return this->subject->matches(this->subject, subject);
}
-/**
- * Implementation of certificate_t.issued_by.
- */
-static bool issued_by(private_x509_pkcs10_t *this, certificate_t *issuer)
+METHOD(certificate_t, issued_by, bool,
+ private_x509_pkcs10_t *this, certificate_t *issuer)
{
public_key_t *key;
signature_scheme_t scheme;
@@ -162,20 +154,16 @@ static bool issued_by(private_x509_pkcs10_t *this, certificate_t *issuer)
this->signature);
}
-/**
- * Implementation of certificate_t.get_public_key.
- */
-static public_key_t* get_public_key(private_x509_pkcs10_t *this)
+METHOD(certificate_t, get_public_key, public_key_t*,
+ private_x509_pkcs10_t *this)
{
this->public_key->get_ref(this->public_key);
return this->public_key;
}
-/**
- * Implementation of certificate_t.get_validity.
- */
-static bool get_validity(private_x509_pkcs10_t *this, time_t *when,
- time_t *not_before, time_t *not_after)
+METHOD(certificate_t, get_validity, bool,
+ private_x509_pkcs10_t *this, time_t *when, time_t *not_before,
+ time_t *not_after)
{
if (not_before)
{
@@ -188,11 +176,8 @@ static bool get_validity(private_x509_pkcs10_t *this, time_t *when,
return TRUE;
}
-/**
- * Implementation of certificate_t.get_encoding.
- */
-static bool get_encoding(private_x509_pkcs10_t *this, cred_encoding_type_t type,
- chunk_t *encoding)
+METHOD(certificate_t, get_encoding, bool,
+ private_x509_pkcs10_t *this, cred_encoding_type_t type, chunk_t *encoding)
{
if (type == CERT_ASN1_DER)
{
@@ -203,10 +188,8 @@ static bool get_encoding(private_x509_pkcs10_t *this, cred_encoding_type_t type,
CRED_PART_PKCS10_ASN1_DER, this->encoding, CRED_PART_END);
}
-/**
- * Implementation of certificate_t.equals.
- */
-static bool equals(private_x509_pkcs10_t *this, certificate_t *other)
+METHOD(certificate_t, equals, bool,
+ private_x509_pkcs10_t *this, certificate_t *other)
{
chunk_t encoding;
bool equal;
@@ -232,27 +215,21 @@ static bool equals(private_x509_pkcs10_t *this, certificate_t *other)
return equal;
}
-/**
- * Implementation of certificate_t.get_ref
- */
-static private_x509_pkcs10_t* get_ref(private_x509_pkcs10_t *this)
+METHOD(certificate_t, get_ref, certificate_t*,
+ private_x509_pkcs10_t *this)
{
ref_get(&this->ref);
- return this;
+ return &this->public.interface.interface;
}
-/**
- * Implementation of certificate_t.get_challengePassword.
- */
-static chunk_t get_challengePassword(private_x509_pkcs10_t *this)
+METHOD(pkcs10_t, get_challengePassword, chunk_t,
+ private_x509_pkcs10_t *this)
{
return this->challengePassword;
}
-/**
- * Implementation of pkcs10_t.create_subjectAltName_enumerator.
- */
-static enumerator_t* create_subjectAltName_enumerator(private_x509_pkcs10_t *this)
+METHOD(pkcs10_t, create_subjectAltName_enumerator, enumerator_t*,
+ private_x509_pkcs10_t *this)
{
return this->subjectAltNames->create_enumerator(this->subjectAltNames);
}
@@ -299,7 +276,7 @@ static bool parse_extension_request(private_x509_pkcs10_t *this, chunk_t blob, i
break;
case PKCS10_EXTN_CRITICAL:
critical = object.len && *object.ptr;
- DBG2(DBG_LIB, " %s", critical ? "TRUE" : "FALSE");
+ DBG2(DBG_ASN, " %s", critical ? "TRUE" : "FALSE");
break;
case PKCS10_EXTN_VALUE:
{
@@ -332,25 +309,25 @@ static bool parse_challengePassword(private_x509_pkcs10_t *this, chunk_t blob, i
if (blob.len < 2)
{
- DBG1(DBG_LIB, "L%d - challengePassword: ASN.1 object smaller "
+ DBG1(DBG_ASN, "L%d - challengePassword: ASN.1 object smaller "
"than 2 octets", level);
return FALSE;
}
tag = *blob.ptr;
if (tag < ASN1_UTF8STRING || tag > ASN1_IA5STRING)
{
- DBG1(DBG_LIB, "L%d - challengePassword: ASN.1 object is not "
+ DBG1(DBG_ASN, "L%d - challengePassword: ASN.1 object is not "
"a character string", level);
return FALSE;
}
if (asn1_length(&blob) == ASN1_INVALID_LENGTH)
{
- DBG1(DBG_LIB, "L%d - challengePassword: ASN.1 object has an "
+ DBG1(DBG_ASN, "L%d - challengePassword: ASN.1 object has an "
"invalid length", level);
return FALSE;
}
- DBG2(DBG_LIB, "L%d - challengePassword:", level);
- DBG4(DBG_LIB, " '%.*s'", blob.len, blob.ptr);
+ DBG2(DBG_ASN, "L%d - challengePassword:", level);
+ DBG4(DBG_ASN, " '%.*s'", blob.len, blob.ptr);
return TRUE;
}
@@ -408,14 +385,14 @@ static bool parse_certificate_request(private_x509_pkcs10_t *this)
case PKCS10_VERSION:
if (object.len > 0 && *object.ptr != 0)
{
- DBG1(DBG_LIB, "PKCS#10 certificate request format is "
+ DBG1(DBG_ASN, "PKCS#10 certificate request format is "
"not version 1");
goto end;
}
break;
case PKCS10_SUBJECT:
this->subject = identification_create_from_encoding(ID_DER_ASN1_DN, object);
- DBG2(DBG_LIB, " '%Y'", this->subject);
+ DBG2(DBG_ASN, " '%Y'", this->subject);
break;
case PKCS10_SUBJECT_PUBLIC_KEY_INFO:
this->public_key = lib->creds->create(lib->creds, CRED_PUBLIC_KEY,
@@ -477,10 +454,8 @@ end:
return success;
}
-/**
- * Implementation of certificate_t.destroy
- */
-static void destroy(private_x509_pkcs10_t *this)
+METHOD(certificate_t, destroy, void,
+ private_x509_pkcs10_t *this)
{
if (ref_put(&this->ref))
{
@@ -504,33 +479,32 @@ static void destroy(private_x509_pkcs10_t *this)
*/
static private_x509_pkcs10_t* create_empty(void)
{
- private_x509_pkcs10_t *this = malloc_thing(private_x509_pkcs10_t);
-
- this->public.interface.interface.get_type = (certificate_type_t (*) (certificate_t*))get_type;
- this->public.interface.interface.get_subject = (identification_t* (*) (certificate_t*))get_subject;
- this->public.interface.interface.get_issuer = (identification_t* (*) (certificate_t*))get_subject;
- this->public.interface.interface.has_subject = (id_match_t (*) (certificate_t*, identification_t*))has_subject;
- this->public.interface.interface.has_issuer = (id_match_t (*) (certificate_t*, identification_t*))has_subject;
- this->public.interface.interface.issued_by = (bool (*) (certificate_t*, certificate_t*))issued_by;
- this->public.interface.interface.get_public_key = (public_key_t* (*) (certificate_t*))get_public_key;
- this->public.interface.interface.get_validity = (bool (*) (certificate_t*, time_t*, time_t*, time_t*))get_validity;
- this->public.interface.interface.get_encoding = (bool (*) (certificate_t*,cred_encoding_type_t,chunk_t*))get_encoding;
- this->public.interface.interface.equals = (bool (*)(certificate_t*, certificate_t*))equals;
- this->public.interface.interface.get_ref = (certificate_t* (*)(certificate_t*))get_ref;
- this->public.interface.interface.destroy = (void (*)(certificate_t*))destroy;
- this->public.interface.get_challengePassword = (chunk_t (*)(pkcs10_t*))get_challengePassword;
- this->public.interface.create_subjectAltName_enumerator = (enumerator_t* (*)(pkcs10_t*))create_subjectAltName_enumerator;
-
- this->encoding = chunk_empty;
- this->certificationRequestInfo = chunk_empty;
- this->subject = NULL;
- this->public_key = NULL;
- this->subjectAltNames = linked_list_create();
- this->challengePassword = chunk_empty;
- this->signature = chunk_empty;
- this->ref = 1;
- this->self_signed = FALSE;
- this->parsed = FALSE;
+ private_x509_pkcs10_t *this;
+
+ INIT(this,
+ .public = {
+ .interface = {
+ .interface = {
+ .get_type = _get_type,
+ .get_subject = _get_subject,
+ .get_issuer = _get_subject,
+ .has_subject = _has_subject,
+ .has_issuer = _has_subject,
+ .issued_by = _issued_by,
+ .get_public_key = _get_public_key,
+ .get_validity = _get_validity,
+ .get_encoding = _get_encoding,
+ .equals = _equals,
+ .get_ref = _get_ref,
+ .destroy = _destroy,
+ },
+ .get_challengePassword = _get_challengePassword,
+ .create_subjectAltName_enumerator = _create_subjectAltName_enumerator,
+ },
+ },
+ .subjectAltNames = linked_list_create(),
+ .ref = 1,
+ );
return this;
}
generated by cgit v1.2.3 (git 2.39.1) at 2024-09-20 14:46:18 +0000