From c486fa8158721653f5ed4b874e6b1baa49bf7c7c Mon Sep 17 00:00:00 2001 From: Martin Willi Date: Wed, 12 Aug 2009 16:14:26 +0200 Subject: [PATCH] removed obsolete pgp private key parsing, done by libstrongswan --- src/pluto/certs.c | 2 +- src/pluto/pgpcert.c | 118 +++++++++++--------------------------------- src/pluto/pgpcert.h | 2 +- 3 files changed, 30 insertions(+), 92 deletions(-) diff --git a/src/pluto/certs.c b/src/pluto/certs.c index 42bd10557..fcc9ec577 100644 --- a/src/pluto/certs.c +++ b/src/pluto/certs.c @@ -232,7 +232,7 @@ bool load_cert(char *filename, const char *label, cert_t *cert) { pgpcert_t *pgpcert = malloc_thing(pgpcert_t); *pgpcert = pgpcert_empty; - if (parse_pgp(blob, pgpcert, NULL)) + if (parse_pgp(blob, pgpcert)) { cert->type = CERT_PGP; cert->u.pgp = pgpcert; diff --git a/src/pluto/pgpcert.c b/src/pluto/pgpcert.c index 1d5b14b26..a349a02c2 100644 --- a/src/pluto/pgpcert.c +++ b/src/pluto/pgpcert.c @@ -238,59 +238,22 @@ static bool parse_pgp_pubkey_packet(chunk_t *packet, pgpcert_t *cert) return TRUE; } -/* - * Parse OpenPGP secret key packet defined in section 5.5.3 of RFC 4880 - */ -static bool parse_pgp_secretkey_packet(chunk_t *packet, private_key_t **key) -{ - pgp_pubkey_alg_t pubkey_alg; - pgpcert_t cert = pgpcert_empty; - - if (!parse_pgp_pubkey_version_validity(packet, &cert)) - { - return FALSE; - } - - /* public key algorithm - 1 byte */ - pubkey_alg = pgp_length(packet, 1); - DBG(DBG_PARSING, - DBG_log("L3 - public key algorithm:"); - DBG_log(" %N", pgp_pubkey_alg_names, pubkey_alg) - ) - - switch (pubkey_alg) - { - case PGP_PUBKEY_ALG_RSA: - case PGP_PUBKEY_ALG_RSA_SIGN_ONLY: - *key = lib->creds->create(lib->creds, CRED_PRIVATE_KEY, KEY_RSA, - BUILD_BLOB_PGP, *packet, - BUILD_END); - break; - default: - plog(" non RSA private keys not supported"); - return FALSE; - } - return (*key != NULL); -} - -bool parse_pgp(chunk_t blob, pgpcert_t *cert, private_key_t **key) +bool parse_pgp(chunk_t blob, pgpcert_t *cert) { DBG(DBG_PARSING, DBG_log("L0 - PGP file:") ) DBG_cond_dump_chunk(DBG_RAW, "", blob); - if (cert != NULL) - { - /* parse a PGP certificate file */ - cert->certificate = blob; - time(&cert->installed); - } - else if (key == NULL) + if (cert == NULL) { /* should not occur, nothing to parse */ return FALSE; } + + /* parse a PGP certificate file */ + cert->certificate = blob; + time(&cert->installed); while (blob.len > 0) { @@ -330,54 +293,29 @@ bool parse_pgp(chunk_t blob, pgpcert_t *cert, private_key_t **key) ) DBG_cond_dump_chunk(DBG_RAW, "", packet); - if (cert != NULL) + /* parse a PGP certificate */ + switch (packet_type) { - /* parse a PGP certificate */ - switch (packet_type) - { - case PGP_PKT_PUBLIC_KEY: - if (!parse_pgp_pubkey_packet(&packet, cert)) - { - return FALSE; - } - break; - case PGP_PKT_SIGNATURE: - if (!parse_pgp_signature_packet(&packet, cert)) - { - return FALSE; - } - break; - case PGP_PKT_USER_ID: - DBG(DBG_PARSING, - DBG_log("L3 - user ID:"); - DBG_log(" '%.*s'", (int)packet.len, packet.ptr) - ) - break; - default: - break; - } - } - else - { - /* parse a PGP private key file */ - switch (packet_type) - { - case PGP_PKT_SECRET_KEY: - if (!parse_pgp_secretkey_packet(&packet, key)) - { - return FALSE; - } - break; - case PGP_PKT_USER_ID: - DBG(DBG_PARSING, - DBG_log("L3 - user ID:"); - DBG_log(" '%.*s'", (int)packet.len, packet.ptr) - ) - break; - default: - break; - } - + case PGP_PKT_PUBLIC_KEY: + if (!parse_pgp_pubkey_packet(&packet, cert)) + { + return FALSE; + } + break; + case PGP_PKT_SIGNATURE: + if (!parse_pgp_signature_packet(&packet, cert)) + { + return FALSE; + } + break; + case PGP_PKT_USER_ID: + DBG(DBG_PARSING, + DBG_log("L3 - user ID:"); + DBG_log(" '%.*s'", (int)packet.len, packet.ptr) + ) + break; + default: + break; } } } diff --git a/src/pluto/pgpcert.h b/src/pluto/pgpcert.h index 727648391..6611bd987 100644 --- a/src/pluto/pgpcert.h +++ b/src/pluto/pgpcert.h @@ -45,7 +45,7 @@ struct pgpcert { }; extern const pgpcert_t pgpcert_empty; -extern bool parse_pgp(chunk_t blob, pgpcert_t *cert, private_key_t **key); +extern bool parse_pgp(chunk_t blob, pgpcert_t *cert); extern void share_pgpcert(pgpcert_t *cert); extern void select_pgpcert_id(pgpcert_t *cert, struct id *end_id); extern pgpcert_t* add_pgpcert(pgpcert_t *cert);