1 files changed, 150 insertions, 0 deletions

diff --git a/src/pluto/builder.c b/src/pluto/builder.c
new file mode 100644
index 000000000..0cba32bcf
--- /dev/null
+++ b/src/pluto/builder.c
@@ -0,0 +1,150 @@
+/* Pluto certificate/CRL/AC builder hooks.
+ * Copyright (C) 2002-2009 Andreas Steffen
+ * Copyright (C) 2009 Martin Willi
+ * HSR Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+#include "builder.h"
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+#include <unistd.h>
+#include <time.h>
+
+#include <freeswan.h>
+
+#include <library.h>
+#include <credentials/certificates/certificate.h>
+
+#include "constants.h"
+#include "defs.h"
+#include "log.h"
+#include "certs.h"
+#include "crl.h"
+
+/**
+ * Load a certificate
+ */
+static cert_t *builder_load_cert(certificate_type_t type, va_list args)
+{
+	x509_flag_t flags = 0;
+	chunk_t blob = chunk_empty;
+	bool pgp = FALSE;
+
+	while (TRUE)
+	{
+		switch (va_arg(args, builder_part_t))
+		{
+			case BUILD_BLOB_PGP:
+				pgp = TRUE;
+				/* FALL */
+			case BUILD_BLOB_ASN1_DER:
+				blob = va_arg(args, chunk_t);
+				continue;
+			case BUILD_X509_FLAG:
+				flags |= va_arg(args, x509_flag_t);
+				continue;
+			case BUILD_END:
+				break;
+			default:
+				return NULL;
+		}
+		break;
+	}
+	if (blob.ptr)
+	{
+		cert_t *cert = malloc_thing(cert_t);
+
+		*cert = cert_empty;
+
+		if (pgp)
+		{
+			cert->cert = lib->creds->create(lib->creds,
+							  			   CRED_CERTIFICATE, CERT_GPG,
+							  			   BUILD_BLOB_PGP, blob,
+							  			   BUILD_END);
+		}
+		else
+		{
+			cert->cert = lib->creds->create(lib->creds,
+							  			   CRED_CERTIFICATE, CERT_X509,
+							  			   BUILD_BLOB_ASN1_DER, blob,
+										   BUILD_X509_FLAG, flags,
+							  			   BUILD_END);
+		}
+		if (cert->cert)
+		{
+			return cert;
+		}
+		plog("  error in X.509 certificate");
+		cert_free(cert);
+	}
+	return NULL;
+}
+
+/**
+ * Load a CRL
+ */
+static x509crl_t *builder_load_crl(certificate_type_t type, va_list args)
+{
+	chunk_t blob = chunk_empty;
+	x509crl_t *crl;
+
+	while (TRUE)
+	{
+		switch (va_arg(args, builder_part_t))
+		{
+			case BUILD_BLOB_ASN1_DER:
+				blob = va_arg(args, chunk_t);
+				continue;
+			case BUILD_END:
+				break;
+			default:
+				return NULL;
+		}
+		break;
+	}
+	if (blob.ptr)
+	{
+		crl = malloc_thing(x509crl_t);
+		crl->next = NULL;
+		crl->distributionPoints = linked_list_create();
+		crl->crl = lib->creds->create(lib->creds,
+							  		  CRED_CERTIFICATE, CERT_X509_CRL,
+							  		  BUILD_BLOB_ASN1_DER, blob,
+							  		  BUILD_END);
+		if (crl->crl)
+		{
+			return crl;
+		}
+		plog("  error in X.509 crl");
+		free_crl(crl);
+	}
+	return NULL;
+}
+
+void init_builder(void)
+{
+	lib->creds->add_builder(lib->creds, CRED_CERTIFICATE, CERT_PLUTO_CERT,
+							(builder_function_t)builder_load_cert);
+	lib->creds->add_builder(lib->creds, CRED_CERTIFICATE, CERT_PLUTO_CRL,
+							(builder_function_t)builder_load_crl);
+}
+
+void free_builder(void)
+{
+	lib->creds->remove_builder(lib->creds, (builder_function_t)builder_load_cert);
+	lib->creds->remove_builder(lib->creds, (builder_function_t)builder_load_crl);
+}
+