updated mediation database to public key authentication
added mysql table definition, test data testcase
This commit is contained in:
parent
e29ebcb1af
commit
489e3da0ea
|
@ -5,6 +5,7 @@ AM_CFLAGS = -rdynamic
|
||||||
|
|
||||||
plugin_LTLIBRARIES = libcharon-med-db.la
|
plugin_LTLIBRARIES = libcharon-med-db.la
|
||||||
libcharon_med_db_la_SOURCES = med_db_plugin.h med_db_plugin.c \
|
libcharon_med_db_la_SOURCES = med_db_plugin.h med_db_plugin.c \
|
||||||
med_db_creds.h med_db_creds.c
|
med_db_creds.h med_db_creds.c \
|
||||||
|
med_db_pubkey.h med_db_pubkey.c
|
||||||
libcharon_med_db_la_LDFLAGS = -module
|
libcharon_med_db_la_LDFLAGS = -module
|
||||||
|
|
||||||
|
|
|
@ -16,6 +16,7 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include "med_db_creds.h"
|
#include "med_db_creds.h"
|
||||||
|
#include "med_db_pubkey.h"
|
||||||
|
|
||||||
#include <daemon.h>
|
#include <daemon.h>
|
||||||
#include <library.h>
|
#include <library.h>
|
||||||
|
@ -40,84 +41,88 @@ struct private_med_db_creds_t {
|
||||||
};
|
};
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* data passed between enumerate calls
|
* enumerator over certificates
|
||||||
*/
|
*/
|
||||||
typedef struct {
|
typedef struct {
|
||||||
/** current shared key */
|
/** implements enumerator */
|
||||||
shared_key_t *current;
|
enumerator_t public;
|
||||||
} data_t;
|
/** inner SQL enumerator */
|
||||||
|
enumerator_t *inner;
|
||||||
typedef struct private_shared_key_t private_shared_key_t;
|
/** currently enumerated cert */
|
||||||
/**
|
certificate_t *current;
|
||||||
* shared key implementation
|
/** type of requested key */
|
||||||
*/
|
key_type_t type;
|
||||||
struct private_shared_key_t {
|
} cert_enumerator_t;
|
||||||
/** implements shared_key_t*/
|
|
||||||
shared_key_t public;
|
|
||||||
/** data of the key */
|
|
||||||
chunk_t key;
|
|
||||||
/** reference counter */
|
|
||||||
refcount_t ref;
|
|
||||||
};
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Destroy allocated data_t struct
|
* Implementation of cert_enumerator_t.public.enumerate
|
||||||
*/
|
*/
|
||||||
static void data_destroy(data_t *this)
|
static bool cert_enumerator_enumerate(cert_enumerator_t *this,
|
||||||
|
certificate_t **cert)
|
||||||
|
{
|
||||||
|
public_key_t *public;
|
||||||
|
chunk_t chunk;
|
||||||
|
|
||||||
|
DESTROY_IF(this->current);
|
||||||
|
while (this->inner->enumerate(this->inner, &chunk))
|
||||||
|
{
|
||||||
|
public = lib->creds->create(lib->creds, CRED_PUBLIC_KEY, KEY_ANY,
|
||||||
|
BUILD_BLOB_ASN1_DER, chunk_clone(chunk),
|
||||||
|
BUILD_END);
|
||||||
|
if (public)
|
||||||
|
{
|
||||||
|
if (this->type == KEY_ANY || this->type == public->get_type(public))
|
||||||
|
{
|
||||||
|
*cert = this->current = (certificate_t*)med_db_pubkey_create(public);
|
||||||
|
return TRUE;
|
||||||
|
}
|
||||||
|
public->destroy(public);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
this->current = NULL;
|
||||||
|
return FALSE;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Implementation of cert_enumerator_t.public.destroy
|
||||||
|
*/
|
||||||
|
static void cert_enumerator_destroy(cert_enumerator_t *this)
|
||||||
{
|
{
|
||||||
DESTROY_IF(this->current);
|
DESTROY_IF(this->current);
|
||||||
|
this->inner->destroy(this->inner);
|
||||||
free(this);
|
free(this);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* filter for enumerator, returns for each SQL result a shared key and match
|
* Implementation of credential_set_t.create_cert_enumerator.
|
||||||
*/
|
*/
|
||||||
static bool filter(data_t *this, chunk_t *chunk, shared_key_t **out,
|
static enumerator_t* create_cert_enumerator(private_med_db_creds_t *this,
|
||||||
void **unused1, id_match_t *match_me,
|
certificate_type_t cert, key_type_t key,
|
||||||
void **unused2, id_match_t *match_other)
|
identification_t *id, bool trusted)
|
||||||
{
|
{
|
||||||
DESTROY_IF(this->current);
|
cert_enumerator_t *e;
|
||||||
this->current = shared_key_create(SHARED_IKE, *chunk);
|
|
||||||
*out = this->current;
|
|
||||||
/* we have unique matches only, but do not compare own ID */
|
|
||||||
if (match_me)
|
|
||||||
{
|
|
||||||
*match_me = ID_MATCH_ANY;
|
|
||||||
}
|
|
||||||
if (match_other)
|
|
||||||
{
|
|
||||||
*match_other = ID_MATCH_PERFECT;
|
|
||||||
}
|
|
||||||
return TRUE;
|
|
||||||
}
|
|
||||||
|
|
||||||
|
if ((cert != CERT_TRUSTED_PUBKEY && cert != CERT_ANY) ||
|
||||||
/**
|
id == NULL || id->get_type(id) != ID_KEY_ID)
|
||||||
* Implements credential_set_t.create_shared_enumerator
|
|
||||||
*/
|
|
||||||
static enumerator_t* create_shared_enumerator(private_med_db_creds_t *this,
|
|
||||||
shared_key_type_t type, identification_t *me,
|
|
||||||
identification_t *other)
|
|
||||||
{
|
|
||||||
enumerator_t *enumerator;
|
|
||||||
data_t *data;
|
|
||||||
|
|
||||||
if (type != SHARED_IKE)
|
|
||||||
{
|
{
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
enumerator = this->db->query(this->db,
|
|
||||||
"SELECT Psk FROM Peer WHERE PeerId = ?",
|
e = malloc_thing(cert_enumerator_t);
|
||||||
DB_BLOB, other->get_encoding(other),
|
e->current = NULL;
|
||||||
DB_BLOB);
|
e->type = key;
|
||||||
if (enumerator)
|
e->public.enumerate = (void*)cert_enumerator_enumerate;
|
||||||
|
e->public.destroy = (void*)cert_enumerator_destroy;
|
||||||
|
e->inner = this->db->query(this->db,
|
||||||
|
"SELECT PublicKey FROM Peer WHERE KeyId = ?",
|
||||||
|
DB_BLOB, id->get_encoding(id),
|
||||||
|
DB_BLOB);
|
||||||
|
if (!e->inner)
|
||||||
{
|
{
|
||||||
data = malloc_thing(data_t);
|
free(e);
|
||||||
data->current = NULL;
|
return NULL;
|
||||||
return enumerator_create_filter(enumerator, (void*)filter,
|
|
||||||
data, (void*)data_destroy);
|
|
||||||
}
|
}
|
||||||
return NULL;
|
return &e->public;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -136,8 +141,8 @@ med_db_creds_t *med_db_creds_create(database_t *db)
|
||||||
private_med_db_creds_t *this = malloc_thing(private_med_db_creds_t);
|
private_med_db_creds_t *this = malloc_thing(private_med_db_creds_t);
|
||||||
|
|
||||||
this->public.set.create_private_enumerator = (void*)return_null;
|
this->public.set.create_private_enumerator = (void*)return_null;
|
||||||
this->public.set.create_cert_enumerator = (void*)return_null;
|
this->public.set.create_cert_enumerator = (void*)create_cert_enumerator;
|
||||||
this->public.set.create_shared_enumerator = (void*)create_shared_enumerator;
|
this->public.set.create_shared_enumerator = (void*)return_null;
|
||||||
this->public.set.create_cdp_enumerator = (void*)return_null;
|
this->public.set.create_cdp_enumerator = (void*)return_null;
|
||||||
|
|
||||||
this->public.destroy = (void (*)(med_db_creds_t*))destroy;
|
this->public.destroy = (void (*)(med_db_creds_t*))destroy;
|
||||||
|
|
|
@ -51,6 +51,7 @@ static void destroy(private_med_db_plugin_t *this)
|
||||||
{
|
{
|
||||||
charon->credentials->remove_set(charon->credentials, &this->creds->set);
|
charon->credentials->remove_set(charon->credentials, &this->creds->set);
|
||||||
this->creds->destroy(this->creds);
|
this->creds->destroy(this->creds);
|
||||||
|
this->db->destroy(this->db);
|
||||||
free(this);
|
free(this);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -64,7 +65,8 @@ plugin_t *plugin_create()
|
||||||
|
|
||||||
this->public.plugin.destroy = (void(*)(plugin_t*))destroy;
|
this->public.plugin.destroy = (void(*)(plugin_t*))destroy;
|
||||||
|
|
||||||
uri = lib->settings->get_str(lib->settings, "plugins.med_db.database", NULL);
|
uri = lib->settings->get_str(lib->settings,
|
||||||
|
"charon.plugins.med_db.database", NULL);
|
||||||
if (!uri)
|
if (!uri)
|
||||||
{
|
{
|
||||||
DBG1(DBG_CFG, "mediation database URI not defined, skipped");
|
DBG1(DBG_CFG, "mediation database URI not defined, skipped");
|
||||||
|
@ -72,6 +74,7 @@ plugin_t *plugin_create()
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
this->db = lib->db->create(lib->db, uri);
|
||||||
if (this->db == NULL)
|
if (this->db == NULL)
|
||||||
{
|
{
|
||||||
DBG1(DBG_CFG, "opening mediation server database failed");
|
DBG1(DBG_CFG, "opening mediation server database failed");
|
||||||
|
|
|
@ -0,0 +1,211 @@
|
||||||
|
/*
|
||||||
|
* Copyright (C) 2008 Martin Willi
|
||||||
|
* Hochschule fuer Technik Rapperswil
|
||||||
|
*
|
||||||
|
* This program is free software; you can redistribute it and/or modify it
|
||||||
|
* under the terms of the GNU General Public License as published by the
|
||||||
|
* Free Software Foundation; either version 2 of the License, or (at your
|
||||||
|
* option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
|
||||||
|
*
|
||||||
|
* This program is distributed in the hope that it will be useful, but
|
||||||
|
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
|
||||||
|
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
|
||||||
|
* for more details.
|
||||||
|
*
|
||||||
|
* $Id$
|
||||||
|
*/
|
||||||
|
|
||||||
|
#include "med_db_pubkey.h"
|
||||||
|
|
||||||
|
typedef struct private_med_db_pubkey_t private_med_db_pubkey_t;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* private data of med_db_pubkey
|
||||||
|
*/
|
||||||
|
struct private_med_db_pubkey_t {
|
||||||
|
|
||||||
|
/**
|
||||||
|
* public functions
|
||||||
|
*/
|
||||||
|
med_db_pubkey_t public;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* wrapped public key
|
||||||
|
*/
|
||||||
|
public_key_t *key;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* dummy issuer id, ID_ANY
|
||||||
|
*/
|
||||||
|
identification_t *issuer;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* reference count
|
||||||
|
*/
|
||||||
|
refcount_t ref;
|
||||||
|
};
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Implementation of certificate_t.get_type
|
||||||
|
*/
|
||||||
|
static certificate_type_t get_type(private_med_db_pubkey_t *this)
|
||||||
|
{
|
||||||
|
return CERT_TRUSTED_PUBKEY;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Implementation of certificate_t.get_subject
|
||||||
|
*/
|
||||||
|
static identification_t* get_subject(private_med_db_pubkey_t *this)
|
||||||
|
{
|
||||||
|
return this->key->get_id(this->key, ID_PUBKEY_SHA1);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Implementation of certificate_t.get_issuer
|
||||||
|
*/
|
||||||
|
static identification_t* get_issuer(private_med_db_pubkey_t *this)
|
||||||
|
{
|
||||||
|
return this->issuer;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Implementation of certificate_t.has_subject.
|
||||||
|
*/
|
||||||
|
static id_match_t has_subject(private_med_db_pubkey_t *this,
|
||||||
|
identification_t *subject)
|
||||||
|
{
|
||||||
|
identification_t *id;
|
||||||
|
|
||||||
|
id = this->key->get_id(this->key, subject->get_type(subject));
|
||||||
|
if (id)
|
||||||
|
{
|
||||||
|
return id->matches(id, subject);
|
||||||
|
}
|
||||||
|
return ID_MATCH_NONE;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Implementation of certificate_t.has_subject.
|
||||||
|
*/
|
||||||
|
static id_match_t has_issuer(private_med_db_pubkey_t *this,
|
||||||
|
identification_t *issuer)
|
||||||
|
{
|
||||||
|
return ID_MATCH_NONE;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Implementation of certificate_t.equals.
|
||||||
|
*/
|
||||||
|
static bool equals(private_med_db_pubkey_t *this, certificate_t *other)
|
||||||
|
{
|
||||||
|
if (this == (private_med_db_pubkey_t*)other)
|
||||||
|
{
|
||||||
|
return TRUE;
|
||||||
|
}
|
||||||
|
if (other->get_type(other) != CERT_TRUSTED_PUBKEY)
|
||||||
|
{
|
||||||
|
return FALSE;
|
||||||
|
}
|
||||||
|
return other->has_subject(other, this->key->get_id(this->key, ID_PUBKEY_SHA1));
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Implementation of certificate_t.issued_by
|
||||||
|
*/
|
||||||
|
static bool issued_by(private_med_db_pubkey_t *this, certificate_t *issuer)
|
||||||
|
{
|
||||||
|
return equals(this, issuer);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Implementation of certificate_t.get_public_key
|
||||||
|
*/
|
||||||
|
static public_key_t* get_public_key(private_med_db_pubkey_t *this)
|
||||||
|
{
|
||||||
|
this->key->get_ref(this->key);
|
||||||
|
return this->key;
|
||||||
|
}
|
||||||
|
/**
|
||||||
|
* Implementation of certificate_t.get_validity.
|
||||||
|
*/
|
||||||
|
static bool get_validity(private_med_db_pubkey_t *this, time_t *when,
|
||||||
|
time_t *not_before, time_t *not_after)
|
||||||
|
{
|
||||||
|
if (not_before)
|
||||||
|
{
|
||||||
|
*not_before = 0;
|
||||||
|
}
|
||||||
|
if (not_after)
|
||||||
|
{
|
||||||
|
*not_after = ~0;
|
||||||
|
}
|
||||||
|
return TRUE;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Implementation of certificate_t.is_newer.
|
||||||
|
*/
|
||||||
|
static bool is_newer(certificate_t *this, certificate_t *that)
|
||||||
|
{
|
||||||
|
return FALSE;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Implementation of certificate_t.get_encoding.
|
||||||
|
*/
|
||||||
|
static chunk_t get_encoding(private_med_db_pubkey_t *this)
|
||||||
|
{
|
||||||
|
return this->key->get_encoding(this->key);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Implementation of certificate_t.get_ref
|
||||||
|
*/
|
||||||
|
static private_med_db_pubkey_t* get_ref(private_med_db_pubkey_t *this)
|
||||||
|
{
|
||||||
|
ref_get(&this->ref);
|
||||||
|
return this;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Implementation of med_db_pubkey_t.destroy
|
||||||
|
*/
|
||||||
|
static void destroy(private_med_db_pubkey_t *this)
|
||||||
|
{
|
||||||
|
if (ref_put(&this->ref))
|
||||||
|
{
|
||||||
|
this->issuer->destroy(this->issuer);
|
||||||
|
this->key->destroy(this->key);
|
||||||
|
free(this);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* see header file
|
||||||
|
*/
|
||||||
|
med_db_pubkey_t *med_db_pubkey_create(public_key_t *key)
|
||||||
|
{
|
||||||
|
private_med_db_pubkey_t *this = malloc_thing(private_med_db_pubkey_t);
|
||||||
|
|
||||||
|
this->public.interface.get_type = (certificate_type_t (*)(certificate_t *this))get_type;
|
||||||
|
this->public.interface.get_subject = (identification_t* (*)(certificate_t *this))get_subject;
|
||||||
|
this->public.interface.get_issuer = (identification_t* (*)(certificate_t *this))get_issuer;
|
||||||
|
this->public.interface.has_subject = (id_match_t (*)(certificate_t*, identification_t *subject))has_subject;
|
||||||
|
this->public.interface.has_issuer = (id_match_t (*)(certificate_t*, identification_t *issuer))has_issuer;
|
||||||
|
this->public.interface.issued_by = (bool (*)(certificate_t *this, certificate_t *issuer))issued_by;
|
||||||
|
this->public.interface.get_public_key = (public_key_t* (*)(certificate_t *this))get_public_key;
|
||||||
|
this->public.interface.get_validity = (bool (*)(certificate_t*, time_t *when, time_t *, time_t*))get_validity;
|
||||||
|
this->public.interface.is_newer = (bool (*)(certificate_t*,certificate_t*))is_newer;
|
||||||
|
this->public.interface.get_encoding = (chunk_t (*)(certificate_t*))get_encoding;
|
||||||
|
this->public.interface.equals = (bool (*)(certificate_t*, certificate_t *other))equals;
|
||||||
|
this->public.interface.get_ref = (certificate_t* (*)(certificate_t *this))get_ref;
|
||||||
|
this->public.interface.destroy = (void (*)(certificate_t *this))destroy;
|
||||||
|
|
||||||
|
this->ref = 1;
|
||||||
|
this->key = key;
|
||||||
|
this->issuer = identification_create_from_encoding(ID_ANY, chunk_empty);
|
||||||
|
|
||||||
|
return &this->public;
|
||||||
|
}
|
||||||
|
|
|
@ -0,0 +1,52 @@
|
||||||
|
/*
|
||||||
|
* Copyright (C) 2008 Martin Willi
|
||||||
|
* Hochschule fuer Technik Rapperswil
|
||||||
|
*
|
||||||
|
* This program is free software; you can redistribute it and/or modify it
|
||||||
|
* under the terms of the GNU General Public License as published by the
|
||||||
|
* Free Software Foundation; either version 2 of the License, or (at your
|
||||||
|
* option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
|
||||||
|
*
|
||||||
|
* This program is distributed in the hope that it will be useful, but
|
||||||
|
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
|
||||||
|
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
|
||||||
|
* for more details.
|
||||||
|
*
|
||||||
|
* $Id$
|
||||||
|
*/
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @defgroup med_db_pubkey med_db_pubkey
|
||||||
|
* @{ @ingroup med_db
|
||||||
|
*/
|
||||||
|
|
||||||
|
#ifndef MED_DB_PUBKEY_H_
|
||||||
|
#define MED_DB_PUBKEY_H_
|
||||||
|
|
||||||
|
#include <credentials/keys/public_key.h>
|
||||||
|
#include <credentials/certificates/certificate.h>
|
||||||
|
|
||||||
|
typedef struct med_db_pubkey_t med_db_pubkey_t;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* A trusted public key wrapped into certificate of type CERT_TRUSTED_PUBKEY.
|
||||||
|
*/
|
||||||
|
struct med_db_pubkey_t {
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Implements certificate_t.
|
||||||
|
*/
|
||||||
|
certificate_t interface;
|
||||||
|
};
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Create a wrapped public key instance using a public_key.
|
||||||
|
*
|
||||||
|
* The certifcate uses the public_key ID as subject.
|
||||||
|
*
|
||||||
|
* @param key public key to wrap
|
||||||
|
* @return public key implementing certificate interface
|
||||||
|
*/
|
||||||
|
med_db_pubkey_t *med_db_pubkey_create(public_key_t *key);
|
||||||
|
|
||||||
|
#endif /* MED_DB_PUBKEY_H_ @}*/
|
|
@ -0,0 +1,12 @@
|
||||||
|
|
||||||
|
CREATE TABLE IF NOT EXISTS `Peer` (
|
||||||
|
`IdPeer` int(10) unsigned NOT NULL auto_increment,
|
||||||
|
`IdUser` int(10) unsigned NOT NULL,
|
||||||
|
`Alias` varchar(30) collate utf8_unicode_ci NOT NULL,
|
||||||
|
`KeyId` varbinary(20) NOT NULL,
|
||||||
|
`PublicKey` blob NOT NULL,
|
||||||
|
PRIMARY KEY (`IdPeer`),
|
||||||
|
KEY `KeyId` (`KeyId`),
|
||||||
|
KEY `IdUser` (`IdUser`)
|
||||||
|
) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci;
|
||||||
|
|
|
@ -0,0 +1,9 @@
|
||||||
|
|
||||||
|
INSERT INTO `Peer` (
|
||||||
|
`IdPeer`, `IdUser`, `Alias`, `KeyId`, `PublicKey`
|
||||||
|
) VALUES (
|
||||||
|
1, 0, 'sidv150',
|
||||||
|
X'ed90e64feca21f4b6897992422e0de21b9d62629',
|
||||||
|
X'30820122300d06092a864886f70d01010105000382010f003082010a0282010100cd946c229f7d52b21da1cb5384e7dcaf6529f760534a56355efd49e87a9c6f1ddd5ff303bd7eb49c23de03adc487456f41eb5f92947bdc8ff8dbe443f8d112e0da2c98145e7c4d1cd15cddd08577f4d4f3d0a2e1da3c08c94cd819758751931e7a9724cc43d73a11b8e176a268b4cdbbf3995cb09723abc9bfc477c25e714a4661a84c078be7404d8986be55f20437e3a6b278a3cc89aec085941f1a1aafaf4b22ae146fe4684d5567dc30658a32087d01b98515070cb1653311cb6102f82a83c638c2a79985dbb9600752e9cbc272014a5c547b4ab59130c3a948658bff794b6f202cf95939ffa73b10521f05c060cecb15f8597ed95d72b9e405ee31f1b5d90203010001'
|
||||||
|
);
|
||||||
|
|
|
@ -13,6 +13,7 @@ libcharon_unit_tester_la_SOURCES = unit_tester.c unit_tester.h \
|
||||||
tests/test_mysql.c \
|
tests/test_mysql.c \
|
||||||
tests/test_sqlite.c \
|
tests/test_sqlite.c \
|
||||||
tests/test_mutex.c \
|
tests/test_mutex.c \
|
||||||
tests/test_rsa_gen.c
|
tests/test_rsa_gen.c \
|
||||||
|
tests/test_med_db.c
|
||||||
libcharon_unit_tester_la_LDFLAGS = -module
|
libcharon_unit_tester_la_LDFLAGS = -module
|
||||||
|
|
||||||
|
|
|
@ -31,4 +31,5 @@ DEFINE_TEST("MySQL operations", test_mysql, FALSE)
|
||||||
DEFINE_TEST("SQLite operations", test_sqlite, FALSE)
|
DEFINE_TEST("SQLite operations", test_sqlite, FALSE)
|
||||||
DEFINE_TEST("mutex primitive", test_mutex, FALSE)
|
DEFINE_TEST("mutex primitive", test_mutex, FALSE)
|
||||||
DEFINE_TEST("RSA key generation", test_rsa_gen, FALSE)
|
DEFINE_TEST("RSA key generation", test_rsa_gen, FALSE)
|
||||||
DEFINE_TEST("RSA subjectPublicKeyInfo loading", test_rsa_load_any, TRUE)
|
DEFINE_TEST("RSA subjectPublicKeyInfo loading", test_rsa_load_any, FALSE)
|
||||||
|
DEFINE_TEST("Mediation database key fetch", test_med_db, TRUE)
|
||||||
|
|
|
@ -0,0 +1,52 @@
|
||||||
|
/*
|
||||||
|
* Copyright (C) 2008 Martin Willi
|
||||||
|
* Hochschule fuer Technik Rapperswil
|
||||||
|
*
|
||||||
|
* This program is free software; you can redistribute it and/or modify it
|
||||||
|
* under the terms of the GNU General Public License as published by the
|
||||||
|
* Free Software Foundation; either version 2 of the License, or (at your
|
||||||
|
* option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
|
||||||
|
*
|
||||||
|
* This program is distributed in the hope that it will be useful, but
|
||||||
|
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
|
||||||
|
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
|
||||||
|
* for more details.
|
||||||
|
*/
|
||||||
|
|
||||||
|
#include <library.h>
|
||||||
|
#include <daemon.h>
|
||||||
|
#include <utils/enumerator.h>
|
||||||
|
|
||||||
|
#include <unistd.h>
|
||||||
|
|
||||||
|
/*******************************************************************************
|
||||||
|
* fetch public key from mediation database
|
||||||
|
******************************************************************************/
|
||||||
|
|
||||||
|
bool test_med_db()
|
||||||
|
{
|
||||||
|
char keyid_buf[] = {
|
||||||
|
0xed,0x90,0xe6,0x4f,0xec,0xa2,0x1f,0x4b,
|
||||||
|
0x68,0x97,0x99,0x24,0x22,0xe0,0xde,0x21,
|
||||||
|
0xb9,0xd6,0x26,0x29
|
||||||
|
};
|
||||||
|
chunk_t keyid = chunk_from_buf(keyid_buf);
|
||||||
|
identification_t *id, *found;
|
||||||
|
enumerator_t *enumerator;
|
||||||
|
auth_info_t *auth;
|
||||||
|
public_key_t *public;
|
||||||
|
bool good = FALSE;
|
||||||
|
|
||||||
|
id = identification_create_from_encoding(ID_KEY_ID, keyid);
|
||||||
|
enumerator = charon->credentials->create_public_enumerator(
|
||||||
|
charon->credentials, KEY_ANY, id, NULL);
|
||||||
|
while (enumerator->enumerate(enumerator, &public, &auth))
|
||||||
|
{
|
||||||
|
found = public->get_id(public, ID_PUBKEY_SHA1);
|
||||||
|
good = chunk_equals(id->get_encoding(id), found->get_encoding(found));
|
||||||
|
}
|
||||||
|
enumerator->destroy(enumerator);
|
||||||
|
id->destroy(id);
|
||||||
|
return TRUE;
|
||||||
|
}
|
||||||
|
|
Loading…
Reference in New Issue