ims-volte-vowifi
/
strongswan
9
0
Fork 0
Code Pull Requests Releases Activity

Renamed key_encod{ing,der}_t and constants, prepare for generic credential encoding

This commit is contained in:
Martin Willi 2010-07-13 11:28:04 +02:00
parent 24d327ab4d
commit da9724e6d0
55 changed files with 358 additions and 359 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
scripts/key2keyid.c
View File

@ -37,15 +37,15 @@ int main(int argc, char *argv[])
printf("parsed %d bits %N private key.\n",
private->get_keysize(private)*8,
key_type_names, private->get_type(private));
if (private->get_fingerprint(private, KEY_ID_PUBKEY_INFO_SHA1, &chunk))
if (private->get_fingerprint(private, KEYID_PUBKEY_INFO_SHA1, &chunk))
{
printf("subjectPublicKeyInfo keyid: %#B\n", &chunk);
}
if (private->get_fingerprint(private, KEY_ID_PUBKEY_SHA1, &chunk))
if (private->get_fingerprint(private, KEYID_PUBKEY_SHA1, &chunk))
{
printf("subjectPublicKey keyid: %#B\n", &chunk);
}
if (private->get_fingerprint(private, KEY_ID_PGPV3, &chunk))
if (private->get_fingerprint(private, KEYID_PGPV3, &chunk))
{
printf("PGP version 3 keyid: %#B\n", &chunk);
}
@ -67,15 +67,15 @@ int main(int argc, char *argv[])
printf("parsed %d bits %N public key.\n",
public->get_keysize(public)*8,
key_type_names, public->get_type(public));
if (public->get_fingerprint(public, KEY_ID_PUBKEY_INFO_SHA1, &chunk))
if (public->get_fingerprint(public, KEYID_PUBKEY_INFO_SHA1, &chunk))
{
printf("subjectPublicKeyInfo keyid: %#B\n", &chunk);
}
if (public->get_fingerprint(public, KEY_ID_PUBKEY_SHA1, &chunk))
if (public->get_fingerprint(public, KEYID_PUBKEY_SHA1, &chunk))
{
printf("subjectPublicKey keyid: %#B\n", &chunk);
}
if (public->get_fingerprint(public, KEY_ID_PGPV3, &chunk))
if (public->get_fingerprint(public, KEYID_PGPV3, &chunk))
{
printf("PGP version 3 keyid: %#B\n", &chunk);
}

4
scripts/keyid2sql.c
View File

@ -34,7 +34,7 @@ int main(int argc, char *argv[])
BUILD_END);
if (private)
{
if (private->get_fingerprint(private, KEY_ID_PUBKEY_SHA1, &chunk))
if (private->get_fingerprint(private, KEYID_PUBKEY_SHA1, &chunk))
{
printf("%d, X'", ID_KEY_ID);
for (n = 0; n < chunk.len; n++)
@ -58,7 +58,7 @@ int main(int argc, char *argv[])
}
if (public)
{
if (public->get_fingerprint(public, KEY_ID_PUBKEY_SHA1, &chunk))
if (public->get_fingerprint(public, KEYID_PUBKEY_SHA1, &chunk))
{
printf("%d, X'", ID_KEY_ID);
for (n = 0; n < chunk.len; n++)

4
src/libcharon/plugins/stroke/stroke_ca.c
View File

@ -401,11 +401,11 @@ static void list(private_stroke_ca_t *this, stroke_msg_t *msg, FILE *out)
/* list authkey and keyid */
if (public)
{
if (public->get_fingerprint(public, KEY_ID_PUBKEY_SHA1, &chunk))
if (public->get_fingerprint(public, KEYID_PUBKEY_SHA1, &chunk))
{
fprintf(out, " authkey: %#B\n", &chunk);
}
if (public->get_fingerprint(public, KEY_ID_PUBKEY_INFO_SHA1, &chunk))
if (public->get_fingerprint(public, KEYID_PUBKEY_INFO_SHA1, &chunk))
{
fprintf(out, " keyid: %#B\n", &chunk);
}

6
src/libcharon/plugins/stroke/stroke_list.c
View File

@ -626,7 +626,7 @@ static void list_public_key(public_key_t *public, FILE *out)
identification_t *id;
auth_cfg_t *auth;
if (public->get_fingerprint(public, KEY_ID_PUBKEY_SHA1, &keyid))
if (public->get_fingerprint(public, KEYID_PUBKEY_SHA1, &keyid))
{
id = identification_create_from_encoding(ID_KEY_ID, keyid);
auth = auth_cfg_create();
@ -640,11 +640,11 @@ static void list_public_key(public_key_t *public, FILE *out)
key_type_names, public->get_type(public),
public->get_keysize(public) * 8,
private ? ", has private key" : "");
if (public->get_fingerprint(public, KEY_ID_PUBKEY_INFO_SHA1, &keyid))
if (public->get_fingerprint(public, KEYID_PUBKEY_INFO_SHA1, &keyid))
{
fprintf(out, " keyid: %#B\n", &keyid);
}
if (public->get_fingerprint(public, KEY_ID_PUBKEY_SHA1, &keyid))
if (public->get_fingerprint(public, KEYID_PUBKEY_SHA1, &keyid))
{
fprintf(out, " subjkey: %#B\n", &keyid);
}

2
src/libcharon/plugins/unit_tester/tests/test_med_db.c
View File

@ -41,7 +41,7 @@ bool test_med_db()
KEY_ANY, id, NULL);
while (enumerator->enumerate(enumerator, &public, &auth))
{
good = public->get_fingerprint(public, KEY_ID_PUBKEY_SHA1, &found);
good = public->get_fingerprint(public, KEYID_PUBKEY_SHA1, &found);
if (good)
{
good = chunk_equals(id->get_encoding(id), found);

2
src/libcharon/sa/tasks/ike_cert_pre.c
View File

@ -299,7 +299,7 @@ static void add_certreq(certreq_payload_t **req, certificate_t *cert)
{
*req = certreq_payload_create_type(CERT_X509);
}
if (public->get_fingerprint(public, KEY_ID_PUBKEY_INFO_SHA1, &keyid))
if (public->get_fingerprint(public, KEYID_PUBKEY_INFO_SHA1, &keyid))
{
(*req)->add_keyid(*req, keyid);
DBG1(DBG_IKE, "sending cert request for \"%Y\"",

96
src/libstrongswan/credentials/cred_encoding.c
View File

@ -21,25 +21,25 @@
#include <utils/hashtable.h>
#include <threading/rwlock.h>
typedef struct private_key_encoding_t private_key_encoding_t;
typedef struct private_cred_encoding_t private_cred_encoding_t;
/**
* Private data of an key_encoding_t object.
* Private data of an cred_encoding_t object.
*/
struct private_key_encoding_t {
struct private_cred_encoding_t {
/**
* Public key_encoding_t interface.
* Public cred_encoding_t interface.
*/
key_encoding_t public;
cred_encoding_t public;
/**
* cached encodings, a table for each encoding_type_t, containing chunk_t*
*/
hashtable_t *cache[KEY_ENCODING_MAX];
hashtable_t *cache[CRED_ENCODING_MAX];
/**
* Registered encoding fuctions, key_encoder_t
* Registered encoding fuctions, cred_encoder_t
*/
linked_list_t *encoders;
@ -52,7 +52,7 @@ struct private_key_encoding_t {
/**
* See header.
*/
bool key_encoding_args(va_list args, ...)
bool cred_encoding_args(va_list args, ...)
{
va_list parts, copy;
bool failed = FALSE;
@ -61,12 +61,12 @@ bool key_encoding_args(va_list args, ...)
while (!failed)
{
key_encoding_part_t current, target;
cred_encoding_part_t current, target;
chunk_t *out, data;
/* get the part we are looking for */
target = va_arg(parts, key_encoding_part_t);
if (target == KEY_PART_END)
target = va_arg(parts, cred_encoding_part_t);
if (target == CRED_PART_END)
{
break;
}
@ -75,8 +75,8 @@ bool key_encoding_args(va_list args, ...)
va_copy(copy, args);
while (!failed)
{
current = va_arg(copy, key_encoding_part_t);
if (current == KEY_PART_END)
current = va_arg(copy, cred_encoding_part_t);
if (current == CRED_PART_END)
{
failed = TRUE;
break;
@ -111,14 +111,14 @@ static bool equals(void *key1, void *key2)
}
/**
* Implementation of key_encoding_t.get_cache
* Implementation of cred_encoding_t.get_cache
*/
static bool get_cache(private_key_encoding_t *this, key_encoding_type_t type,
static bool get_cache(private_cred_encoding_t *this, cred_encoding_type_t type,
void *cache, chunk_t *encoding)
{
chunk_t *chunk;
if (type >= KEY_ENCODING_MAX || type < 0)
if (type >= CRED_ENCODING_MAX || type < 0)
{
return FALSE;
}
@ -133,18 +133,18 @@ static bool get_cache(private_key_encoding_t *this, key_encoding_type_t type,
}
/**
* Implementation of key_encoding_t.encode
* Implementation of cred_encoding_t.encode
*/
static bool encode(private_key_encoding_t *this, key_encoding_type_t type,
static bool encode(private_cred_encoding_t *this, cred_encoding_type_t type,
void *cache, chunk_t *encoding, ...)
{
enumerator_t *enumerator;
va_list args, copy;
key_encoder_t encode;
cred_encoder_t encode;
bool success = FALSE;
chunk_t *chunk;
if (type >= KEY_ENCODING_MAX || type < 0)
if (type >= CRED_ENCODING_MAX || type < 0)
{
return FALSE;
}
@ -187,14 +187,14 @@ static bool encode(private_key_encoding_t *this, key_encoding_type_t type,
}
/**
* Implementation of key_encoding_t.cache
* Implementation of cred_encoding_t.cache
*/
static void cache(private_key_encoding_t *this, key_encoding_type_t type,
static void cache(private_cred_encoding_t *this, cred_encoding_type_t type,
void *cache, chunk_t encoding)
{
chunk_t *chunk;
if (type >= KEY_ENCODING_MAX || type < 0)
if (type >= CRED_ENCODING_MAX || type < 0)
{
return free(encoding.ptr);
}
@ -212,15 +212,15 @@ static void cache(private_key_encoding_t *this, key_encoding_type_t type,
}
/**
* Implementation of key_encoding_t.clear_cache
* Implementation of cred_encoding_t.clear_cache
*/
static void clear_cache(private_key_encoding_t *this, void *cache)
static void clear_cache(private_cred_encoding_t *this, void *cache)
{
key_encoding_type_t type;
cred_encoding_type_t type;
chunk_t *chunk;
this->lock->write_lock(this->lock);
for (type = 0; type < KEY_ENCODING_MAX; type++)
for (type = 0; type < CRED_ENCODING_MAX; type++)
{
chunk = this->cache[type]->remove(this->cache[type], cache);
if (chunk)
@ -233,9 +233,9 @@ static void clear_cache(private_key_encoding_t *this, void *cache)
}
/**
* Implementation of key_encoding_t.add_encoder
* Implementation of cred_encoding_t.add_encoder
*/
static void add_encoder(private_key_encoding_t *this, key_encoder_t encoder)
static void add_encoder(private_cred_encoding_t *this, cred_encoder_t encoder)
{
this->lock->write_lock(this->lock);
this->encoders->insert_last(this->encoders, encoder);
@ -243,9 +243,9 @@ static void add_encoder(private_key_encoding_t *this, key_encoder_t encoder)
}
/**
* Implementation of key_encoding_t.remove_encoder
* Implementation of cred_encoding_t.remove_encoder
*/
static void remove_encoder(private_key_encoding_t *this, key_encoder_t encoder)
static void remove_encoder(private_cred_encoding_t *this, cred_encoder_t encoder)
{
this->lock->write_lock(this->lock);
this->encoders->remove(this->encoders, encoder, NULL);
@ -253,18 +253,18 @@ static void remove_encoder(private_key_encoding_t *this, key_encoder_t encoder)
}
/**
* Implementation of key_encoder_t.destroy.
* Implementation of cred_encoder_t.destroy.
*/
static void destroy(private_key_encoding_t *this)
static void destroy(private_cred_encoding_t *this)
{
key_encoding_type_t type;
cred_encoding_type_t type;
for (type = 0; type < KEY_ENCODING_MAX; type++)
for (type = 0; type < CRED_ENCODING_MAX; type++)
{
/* We explicitly do not free remaining encodings. All keys should
/* We explicitly do not free remaining encodings. All creds should
* have gone now, and they are responsible for cleaning out their
* cache entries. Not flushing here allows the leak detective to
* complain if a key did not flush cached encodings. */
* complain if a credential did not flush cached encodings. */
this->cache[type]->destroy(this->cache[type]);
}
this->encoders->destroy(this->encoders);
@ -275,20 +275,20 @@ static void destroy(private_key_encoding_t *this)
/**
* See header
*/
key_encoding_t *key_encoding_create()
cred_encoding_t *cred_encoding_create()
{
private_key_encoding_t *this = malloc_thing(private_key_encoding_t);
key_encoding_type_t type;
private_cred_encoding_t *this = malloc_thing(private_cred_encoding_t);
cred_encoding_type_t type;
this->public.encode = (bool(*)(key_encoding_t*, key_encoding_type_t type, void *cache, chunk_t *encoding, ...))encode;
this->public.get_cache = (bool(*)(key_encoding_t*, key_encoding_type_t type, void *cache, chunk_t *encoding))get_cache;
this->public.cache = (void(*)(key_encoding_t*, key_encoding_type_t type, void *cache, chunk_t encoding))cache;
this->public.clear_cache = (void(*)(key_encoding_t*, void *cache))clear_cache;
this->public.add_encoder = (void(*)(key_encoding_t*, key_encoder_t encoder))add_encoder;
this->public.remove_encoder = (void(*)(key_encoding_t*, key_encoder_t encoder))remove_encoder;
this->public.destroy = (void(*)(key_encoding_t*))destroy;
this->public.encode = (bool(*)(cred_encoding_t*, cred_encoding_type_t type, void *cache, chunk_t *encoding, ...))encode;
this->public.get_cache = (bool(*)(cred_encoding_t*, cred_encoding_type_t type, void *cache, chunk_t *encoding))get_cache;
this->public.cache = (void(*)(cred_encoding_t*, cred_encoding_type_t type, void *cache, chunk_t encoding))cache;
this->public.clear_cache = (void(*)(cred_encoding_t*, void *cache))clear_cache;
this->public.add_encoder = (void(*)(cred_encoding_t*, cred_encoder_t encoder))add_encoder;
this->public.remove_encoder = (void(*)(cred_encoding_t*, cred_encoder_t encoder))remove_encoder;
this->public.destroy = (void(*)(cred_encoding_t*))destroy;
for (type = 0; type < KEY_ENCODING_MAX; type++)
for (type = 0; type < CRED_ENCODING_MAX; type++)
{
this->cache[type] = hashtable_create(hash, equals, 8);
}

160
src/libstrongswan/credentials/cred_encoding.h
View File

@ -14,134 +14,134 @@
*/
/**
* @defgroup key_encoding key_encoding
* @{ @ingroup keys
* @defgroup cred_encoding cred_encoding
* @{ @ingroup credentials
*/
#ifndef KEY_ENCODING_H_
#define KEY_ENCODING_H_
#ifndef CRED_ENCODING_H_
#define CRED_ENCODING_H_
typedef struct key_encoding_t key_encoding_t;
typedef enum key_encoding_type_t key_encoding_type_t;
typedef enum key_encoding_part_t key_encoding_part_t;
typedef struct cred_encoding_t cred_encoding_t;
typedef enum cred_encoding_type_t cred_encoding_type_t;
typedef enum cred_encoding_part_t cred_encoding_part_t;
#include <library.h>
/**
* Key encoder function implementing encoding/fingerprinting.
* Credential encoder function implementing encoding/fingerprinting.
*
* The variable argument list takes key_encoding_part_t, followed by part
* The variable argument list takes cred_encoding_part_t, followed by part
* specific arguments, terminated by KEY_PART_END.
*
* @param type format to encode the key to
* @param args list of (key_encoding_part_t, data)
* @param type format to encode the credential to
* @param args list of (cred_encoding_part_t, data)
* @param encoding encoding result, allocated
* @return TRUE if encoding successful
*/
typedef bool (*key_encoder_t)(key_encoding_type_t type, chunk_t *encoding,
va_list args);
typedef bool (*cred_encoder_t)(cred_encoding_type_t type, chunk_t *encoding,
va_list args);
/**
* Helper function for key_encoder_t implementations to parse argument list.
* Helper function for cred_encoder_t implementations to parse argument list.
*
* Key encoder functions get a variable argument list to parse. To simplify
* the job, this function reads the arguments and returns chunks for each
* part.
* The argument list of this function takes a key_encoding_part_t, followed
* by a data pointer receiving the value, terminated by KEY_PART_END.
* Credential encoder functions get a variable argument list to parse. To
* simplify the job, this function reads the arguments and returns chunks for
* each part.
* The argument list of this function takes a cred_encoding_part_t, followed
* by a data pointer receiving the value, terminated by CRED_PART_END.
*
* @param args argument list passed to key encoder function
* @param ... list of (key_encoding_part_t, data*)
* @param args argument list passed to credential encoder function
* @param ... list of (cred_encoding_part_t, data*)
* @return TRUE if all parts found, FALSE otherwise
*/
bool key_encoding_args(va_list args, ...);
bool cred_encoding_args(va_list args, ...);
/**
* Encoding type of a fingerprint/private-/public-key.
* Encoding type of a fingerprint/credential.
*
* Fingerprints have have the KEY_ID_*, public keys the KEY_PUB_* and
* private keys the KEY_PRIV_* prefix.
* Fingerprints have have the KEYID_*, public keys the PUBKEY_* and
* private keys the PRIVKEY_* prefix.
*/
enum key_encoding_type_t {
enum cred_encoding_type_t {
/** SHA1 fingerprint over subjectPublicKeyInfo */
KEY_ID_PUBKEY_INFO_SHA1 = 0,
KEYID_PUBKEY_INFO_SHA1 = 0,
/** SHA1 fingerprint over subjectPublicKey */
KEY_ID_PUBKEY_SHA1,
KEYID_PUBKEY_SHA1,
/** PGPv3 fingerprint */
KEY_ID_PGPV3,
KEYID_PGPV3,
/** PGPv4 fingerprint */
KEY_ID_PGPV4,
KEYID_PGPV4,
KEY_ID_MAX,
KEYID_MAX,
/** PKCS#1 and similar ASN.1 key encoding */
KEY_PUB_ASN1_DER,
KEY_PRIV_ASN1_DER,
PUBKEY_ASN1_DER,
PRIVKEY_ASN1_DER,
/** subjectPublicKeyInfo encoding */
KEY_PUB_SPKI_ASN1_DER,
PUBKEY_SPKI_ASN1_DER,
/** PEM encoded PKCS#1 key */
KEY_PUB_PEM,
KEY_PRIV_PEM,
PUBKEY_PEM,
PRIVKEY_PEM,
/** PGP key encoding */
KEY_PUB_PGP,
KEY_PRIV_PGP,
PUBKEY_PGP,
PRIVKEY_PGP,
KEY_ENCODING_MAX,
CRED_ENCODING_MAX,
};
/**
* Parts of a key to encode.
* Parts of a credential to encode.
*/
enum key_encoding_part_t {
enum cred_encoding_part_t {
/** modulus of a RSA key, n */
KEY_PART_RSA_MODULUS,
CRED_PART_RSA_MODULUS,
/** public exponent of a RSA key, e */
KEY_PART_RSA_PUB_EXP,
CRED_PART_RSA_PUB_EXP,
/** private exponent of a RSA key, d */
KEY_PART_RSA_PRIV_EXP,
CRED_PART_RSA_PRIV_EXP,
/** prime1 a RSA key, p */
KEY_PART_RSA_PRIME1,
CRED_PART_RSA_PRIME1,
/** prime2 a RSA key, q */
KEY_PART_RSA_PRIME2,
CRED_PART_RSA_PRIME2,
/** exponent1 a RSA key, exp1 */
KEY_PART_RSA_EXP1,
CRED_PART_RSA_EXP1,
/** exponent1 a RSA key, exp2 */
KEY_PART_RSA_EXP2,
CRED_PART_RSA_EXP2,
/** coefficient of RSA key, coeff */
KEY_PART_RSA_COEFF,
CRED_PART_RSA_COEFF,
/** a DER encoded RSA public key */
KEY_PART_RSA_PUB_ASN1_DER,
CRED_PART_RSA_PUB_ASN1_DER,
/** a DER encoded RSA private key */
KEY_PART_RSA_PRIV_ASN1_DER,
CRED_PART_RSA_PRIV_ASN1_DER,
/** a DER encoded ECDSA public key */
KEY_PART_ECDSA_PUB_ASN1_DER,
CRED_PART_ECDSA_PUB_ASN1_DER,
/** a DER encoded ECDSA private key */
KEY_PART_ECDSA_PRIV_ASN1_DER,
CRED_PART_ECDSA_PRIV_ASN1_DER,
KEY_PART_END,
CRED_PART_END,
};
/**
* Private/Public key encoding and fingerprinting facility.
* Credential encoding and fingerprinting facility.
*/
struct key_encoding_t {
struct cred_encoding_t {
/**
* Encode a key into a format using several key parts, optional caching.
* Encode a credential in a format using several parts, optional caching.
*
* The variable argument list takes key_encoding_part_t, followed by part
* specific arguments, terminated by KEY_PART_END.
* The variable argument list takes cred_encoding_part_t, followed by part
* specific arguments, terminated by CRED_PART_END.
* If a cache key is given, the returned encoding points to internal data:
* do not free or modify. If no cache key is given, the encoding is
* allocated and must be freed by the caller.
*
* @param type format the key should be encoded to
* @param type format the credential should be encoded to
* @param cache key to use for caching, NULL to not cache
* @param encoding encoding result, allocated if caching disabled
* @param ... list of (key_encoding_part_t, data)
* @param ... list of (cred_encoding_part_t, data)
* @return TRUE if encoding successful
*/
bool (*encode)(key_encoding_t *this, key_encoding_type_t type, void *cache,
bool (*encode)(cred_encoding_t *this, cred_encoding_type_t type, void *cache,
chunk_t *encoding, ...);
/**
@ -149,55 +149,55 @@ struct key_encoding_t {
*
* @param cache key used in encode() for caching
*/
void (*clear_cache)(key_encoding_t *this, void *cache);
void (*clear_cache)(cred_encoding_t *this, void *cache);
/**
* Check for a cached encoding.
*
* @param type format of the key encoding
* @param type format of the credential encoding
* @param cache key to use for caching, as given to encode()
* @param encoding encoding result, internal data
* @return TRUE if cache entry found
*/
bool (*get_cache)(key_encoding_t *this, key_encoding_type_t type,
bool (*get_cache)(cred_encoding_t *this, cred_encoding_type_t type,
void *cache, chunk_t *encoding);
/**
* Cache a key encoding created externally.
* Cache a credential encoding created externally.
*
* After calling cache(), the passed encoding is owned by the key encoding
* After calling cache(), the passed encoding is owned by the cred encoding
* facility.
*
* @param type format of the key encoding
* @param type format of the credential encoding
* @param cache key to use for caching, as given to encode()
* @param encoding encoding to cache, gets owned by this
*/
void (*cache)(key_encoding_t *this, key_encoding_type_t type, void *cache,
void (*cache)(cred_encoding_t *this, cred_encoding_type_t type, void *cache,
chunk_t encoding);
/**
* Register a key encoder function.
* Register a credential encoder function.
*
* @param encoder key encoder function to add
* @param encoder credential encoder function to add
*/
void (*add_encoder)(key_encoding_t *this, key_encoder_t encoder);
void (*add_encoder)(cred_encoding_t *this, cred_encoder_t encoder);
/**
* Unregister a previously registered key encoder function.
* Unregister a previously registered credential encoder function.
*
* @param encoder key encoder function to remove
* @param encoder credential encoder function to remove
*/
void (*remove_encoder)(key_encoding_t *this, key_encoder_t encoder);
void (*remove_encoder)(cred_encoding_t *this, cred_encoder_t encoder);
/**
* Destroy a key_encoding_t.
* Destroy a cred_encoding_t.
*/
void (*destroy)(key_encoding_t *this);
void (*destroy)(cred_encoding_t *this);
};
/**
* Create a key_encoding instance.
* Create a cred_encoding instance.
*/
key_encoding_t *key_encoding_create();
cred_encoding_t *cred_encoding_create();
#endif /** KEY_ENCODING_H_ @}*/
#endif /** CRED_ENCODING_H_ @}*/

2
src/libstrongswan/credentials/credential_manager.c
View File

@ -909,7 +909,7 @@ static private_key_t *get_private_by_cert(private_credential_manager_t *this,
public = cert->get_public_key(cert);
if (public)
{
if (public->get_fingerprint(public, KEY_ID_PUBKEY_SHA1, &chunk))
if (public->get_fingerprint(public, KEYID_PUBKEY_SHA1, &chunk))
{
keyid = identification_create_from_encoding(ID_KEY_ID, chunk);
private = get_private_by_keyid(this, type, keyid);

12
src/libstrongswan/credentials/keys/private_key.c
View File

@ -20,7 +20,7 @@
*/
bool private_key_equals(private_key_t *this, private_key_t *other)
{
key_encoding_type_t type;
cred_encoding_type_t type;
chunk_t a, b;
if (this == other)
@ -28,7 +28,7 @@ bool private_key_equals(private_key_t *this, private_key_t *other)
return TRUE;
}
for (type = 0; type < KEY_ENCODING_MAX; type++)
for (type = 0; type < CRED_ENCODING_MAX; type++)
{
if (this->get_fingerprint(this, type, &a) &&
other->get_fingerprint(other, type, &b))
@ -44,10 +44,10 @@ bool private_key_equals(private_key_t *this, private_key_t *other)
*/
bool private_key_belongs_to(private_key_t *private, public_key_t *public)
{
key_encoding_type_t type;
cred_encoding_type_t type;
chunk_t a, b;
for (type = 0; type < KEY_ENCODING_MAX; type++)
for (type = 0; type < CRED_ENCODING_MAX; type++)
{
if (private->get_fingerprint(private, type, &a) &&
public->get_fingerprint(public, type, &b))
@ -63,10 +63,10 @@ bool private_key_belongs_to(private_key_t *private, public_key_t *public)
*/
bool private_key_has_fingerprint(private_key_t *private, chunk_t fingerprint)
{
key_encoding_type_t type;
cred_encoding_type_t type;
chunk_t current;
for (type = 0; type < KEY_ID_MAX; type++)
for (type = 0; type < KEYID_MAX; type++)
{
if (private->get_fingerprint(private, type, &current) &&
chunk_equals(current, fingerprint))

8
src/libstrongswan/credentials/keys/private_key.h
View File

@ -90,11 +90,11 @@ struct private_key_t {
/**
* Get the fingerprint of the key.
*
* @param type type of fingerprint, one of KEY_ID_*
* @param type type of fingerprint, one of KEYID_*
* @param fp fingerprint, points to internal data
* @return TRUE if fingerprint type supported
*/
bool (*get_fingerprint)(private_key_t *this, key_encoding_type_t type,
bool (*get_fingerprint)(private_key_t *this, cred_encoding_type_t type,
chunk_t *fp);
/**
@ -108,11 +108,11 @@ struct private_key_t {
/**
* Get the key in an encoded form as a chunk.
*
* @param type type of the encoding, one of KEY_PRIV_*
* @param type type of the encoding, one of PRIVKEY_*
* @param encoding encoding of the key, allocated
* @return TRUE if encoding supported
*/
bool (*get_encoding)(private_key_t *this, key_encoding_type_t type,
bool (*get_encoding)(private_key_t *this, cred_encoding_type_t type,
chunk_t *encoding);
/**

8
src/libstrongswan/credentials/keys/public_key.c
View File

@ -47,7 +47,7 @@ ENUM(signature_scheme_names, SIGN_UNKNOWN, SIGN_ECDSA_521,
*/
bool public_key_equals(public_key_t *this, public_key_t *other)
{
key_encoding_type_t type;
cred_encoding_type_t type;
chunk_t a, b;
if (this == other)
@ -55,7 +55,7 @@ bool public_key_equals(public_key_t *this, public_key_t *other)
return TRUE;
}
for (type = 0; type < KEY_ENCODING_MAX; type++)
for (type = 0; type < CRED_ENCODING_MAX; type++)
{
if (this->get_fingerprint(this, type, &a) &&
other->get_fingerprint(other, type, &b))
@ -71,10 +71,10 @@ bool public_key_equals(public_key_t *this, public_key_t *other)
*/
bool public_key_has_fingerprint(public_key_t *public, chunk_t fingerprint)
{
key_encoding_type_t type;
cred_encoding_type_t type;
chunk_t current;
for (type = 0; type < KEY_ID_MAX; type++)
for (type = 0; type < KEYID_MAX; type++)
{
if (public->get_fingerprint(public, type, &current) &&
chunk_equals(current, fingerprint))

9
src/libstrongswan/credentials/keys/public_key.h
View File

@ -23,7 +23,6 @@
typedef struct public_key_t public_key_t;
typedef enum key_type_t key_type_t;
typedef enum key_id_type_t key_id_type_t;
typedef enum signature_scheme_t signature_scheme_t;
#include <library.h>
@ -147,11 +146,11 @@ struct public_key_t {
/**
* Get the fingerprint of the key.
*
* @param type type of fingerprint, one of KEY_ID_*
* @param type type of fingerprint, one of KEYID_*
* @param fp fingerprint, points to internal data
* @return TRUE if fingerprint type supported
*/
bool (*get_fingerprint)(public_key_t *this, key_encoding_type_t type,
bool (*get_fingerprint)(public_key_t *this, cred_encoding_type_t type,
chunk_t *fp);
/**
@ -165,11 +164,11 @@ struct public_key_t {
/**
* Get the key in an encoded form as a chunk.
*
* @param type type of the encoding, one of KEY_PRIV_*
* @param type type of the encoding, one of PRIVKEY_*
* @param encoding encoding of the key, allocated
* @return TRUE if encoding supported
*/
bool (*get_encoding)(public_key_t *this, key_encoding_type_t type,
bool (*get_encoding)(public_key_t *this, cred_encoding_type_t type,
chunk_t *encoding);
/**

2
src/libstrongswan/library.c
View File

@ -138,7 +138,7 @@ bool library_init(char *settings)
this->public.crypto = crypto_factory_create();
this->public.creds = credential_factory_create();
this->public.credmgr = credential_manager_create();
this->public.encoding = key_encoding_create();
this->public.encoding = cred_encoding_create();
this->public.fetcher = fetcher_manager_create();
this->public.db = database_factory_create();
this->public.plugins = plugin_loader_create();

4
src/libstrongswan/library.h
View File

@ -99,9 +99,9 @@ struct library_t {
credential_manager_t *credmgr;
/**
* key encoding registry and factory
* Credential encoding registry and factory
*/
key_encoding_t *encoding;
cred_encoding_t *encoding;
/**
* URL fetching facility

10
src/libstrongswan/plugins/agent/agent_private_key.c
View File

@ -340,7 +340,7 @@ static public_key_t* get_public_key(private_agent_private_key_t *this)
* Implementation of private_key_t.get_encoding
*/
static bool get_encoding(private_agent_private_key_t *this,
key_encoding_type_t type, chunk_t *encoding)
cred_encoding_type_t type, chunk_t *encoding)
{
return FALSE;
}
@ -349,7 +349,7 @@ static bool get_encoding(private_agent_private_key_t *this,
* Implementation of private_key_t.get_fingerprint
*/
static bool get_fingerprint(private_agent_private_key_t *this,
key_encoding_type_t type, chunk_t *fp)
cred_encoding_type_t type, chunk_t *fp)
{
chunk_t n, e, key;
@ -363,7 +363,7 @@ static bool get_fingerprint(private_agent_private_key_t *this,
n = read_string(&key);
return lib->encoding->encode(lib->encoding, type, this, fp,
KEY_PART_RSA_MODULUS, n, KEY_PART_RSA_PUB_EXP, e, KEY_PART_END);
CRED_PART_RSA_MODULUS, n, CRED_PART_RSA_PUB_EXP, e, CRED_PART_END);
}
/**
@ -429,9 +429,9 @@ agent_private_key_t *agent_private_key_open(key_type_t type, va_list args)
this->public.interface.get_public_key = (public_key_t* (*)(private_key_t *this))get_public_key;
this->public.interface.belongs_to = private_key_belongs_to;
this->public.interface.equals = private_key_equals;
this->public.interface.get_fingerprint = (bool(*)(private_key_t*, key_encoding_type_t type, chunk_t *fp))get_fingerprint;
this->public.interface.get_fingerprint = (bool(*)(private_key_t*, cred_encoding_type_t type, chunk_t *fp))get_fingerprint;
this->public.interface.has_fingerprint = (bool(*)(private_key_t*, chunk_t fp))private_key_has_fingerprint;
this->public.interface.get_encoding = (bool(*)(private_key_t*, key_encoding_type_t type, chunk_t *encoding))get_encoding;
this->public.interface.get_encoding = (bool(*)(private_key_t*, cred_encoding_type_t type, chunk_t *encoding))get_encoding;
this->public.interface.get_ref = (private_key_t* (*)(private_key_t *this))get_ref;
this->public.interface.destroy = (void (*)(private_key_t *this))destroy;

22
src/libstrongswan/plugins/gcrypt/gcrypt_rsa_private_key.c
View File

@ -308,7 +308,7 @@ static public_key_t* get_public_key(private_gcrypt_rsa_private_key_t *this)
* Implementation of private_key_t.get_encoding
*/
static bool get_encoding(private_gcrypt_rsa_private_key_t *this,
key_encoding_type_t type, chunk_t *encoding)
cred_encoding_type_t type, chunk_t *encoding)
{
chunk_t cn, ce, cp, cq, cd, cu, cexp1 = chunk_empty, cexp2 = chunk_empty;
gcry_mpi_t p = NULL, q = NULL, d = NULL, exp1, exp2;
@ -368,11 +368,11 @@ static bool get_encoding(private_gcrypt_rsa_private_key_t *this,
cu = gcrypt_rsa_find_token(this->key, "u", NULL);
success = lib->encoding->encode(lib->encoding, type, NULL, encoding,
KEY_PART_RSA_MODULUS, cn,
KEY_PART_RSA_PUB_EXP, ce, KEY_PART_RSA_PRIV_EXP, cd,
KEY_PART_RSA_PRIME1, cp, KEY_PART_RSA_PRIME2, cq,
KEY_PART_RSA_EXP1, cexp1, KEY_PART_RSA_EXP2, cexp2,
KEY_PART_RSA_COEFF, cu, KEY_PART_END);
CRED_PART_RSA_MODULUS, cn,
CRED_PART_RSA_PUB_EXP, ce, CRED_PART_RSA_PRIV_EXP, cd,
CRED_PART_RSA_PRIME1, cp, CRED_PART_RSA_PRIME2, cq,
CRED_PART_RSA_EXP1, cexp1, CRED_PART_RSA_EXP2, cexp2,
CRED_PART_RSA_COEFF, cu, CRED_PART_END);
chunk_free(&cn);
chunk_free(&ce);
chunk_clear(&cd);
@ -389,7 +389,7 @@ static bool get_encoding(private_gcrypt_rsa_private_key_t *this,
* Implementation of private_key_t.get_fingerprint
*/
static bool get_fingerprint(private_gcrypt_rsa_private_key_t *this,
key_encoding_type_t type, chunk_t *fp)
cred_encoding_type_t type, chunk_t *fp)
{
chunk_t n, e;
bool success;
@ -402,8 +402,8 @@ static bool get_fingerprint(private_gcrypt_rsa_private_key_t *this,
e = gcrypt_rsa_find_token(this->key, "e", NULL);
success = lib->encoding->encode(lib->encoding,
type, this, fp, KEY_PART_RSA_MODULUS, n,
KEY_PART_RSA_PUB_EXP, e, KEY_PART_END);
type, this, fp, CRED_PART_RSA_MODULUS, n,
CRED_PART_RSA_PUB_EXP, e, CRED_PART_END);
chunk_free(&n);
chunk_free(&e);
return success;
@ -445,9 +445,9 @@ static private_gcrypt_rsa_private_key_t *gcrypt_rsa_private_key_create_empty()
this->public.interface.get_public_key = (public_key_t* (*)(private_key_t *this))get_public_key;
this->public.interface.equals = private_key_equals;
this->public.interface.belongs_to = private_key_belongs_to;
this->public.interface.get_fingerprint = (bool(*)(private_key_t*, key_encoding_type_t type, chunk_t *fp))get_fingerprint;
this->public.interface.get_fingerprint = (bool(*)(private_key_t*, cred_encoding_type_t type, chunk_t *fp))get_fingerprint;
this->public.interface.has_fingerprint = (bool(*)(private_key_t*, chunk_t fp))private_key_has_fingerprint;
this->public.interface.get_encoding = (bool(*)(private_key_t*, key_encoding_type_t type, chunk_t *encoding))get_encoding;
this->public.interface.get_encoding = (bool(*)(private_key_t*, cred_encoding_type_t type, chunk_t *encoding))get_encoding;
this->public.interface.get_ref = (private_key_t* (*)(private_key_t *this))get_ref;
this->public.interface.destroy = (void (*)(private_key_t *this))destroy;

16
src/libstrongswan/plugins/gcrypt/gcrypt_rsa_public_key.c
View File

@ -240,7 +240,7 @@ static size_t get_keysize(private_gcrypt_rsa_public_key_t *this)
* Implementation of private_key_t.get_encoding
*/
static bool get_encoding(private_gcrypt_rsa_public_key_t *this,
key_encoding_type_t type, chunk_t *encoding)
cred_encoding_type_t type, chunk_t *encoding)
{
chunk_t n, e;
bool success;
@ -248,8 +248,8 @@ static bool get_encoding(private_gcrypt_rsa_public_key_t *this,
n = gcrypt_rsa_find_token(this->key, "n", NULL);
e = gcrypt_rsa_find_token(this->key, "e", NULL);
success = lib->encoding->encode(lib->encoding, type, NULL, encoding,
KEY_PART_RSA_MODULUS, n, KEY_PART_RSA_PUB_EXP, e,
KEY_PART_END);
CRED_PART_RSA_MODULUS, n, CRED_PART_RSA_PUB_EXP, e,
CRED_PART_END);
chunk_free(&n);
chunk_free(&e);
@ -260,7 +260,7 @@ static bool get_encoding(private_gcrypt_rsa_public_key_t *this,
* Implementation of private_key_t.get_fingerprint
*/
static bool get_fingerprint(private_gcrypt_rsa_public_key_t *this,
key_encoding_type_t type, chunk_t *fp)
cred_encoding_type_t type, chunk_t *fp)
{
chunk_t n, e;
bool success;
@ -273,8 +273,8 @@ static bool get_fingerprint(private_gcrypt_rsa_public_key_t *this,
e = gcrypt_rsa_find_token(this->key, "e", NULL);
success = lib->encoding->encode(lib->encoding,
type, this, fp, KEY_PART_RSA_MODULUS, n,
KEY_PART_RSA_PUB_EXP, e, KEY_PART_END);
type, this, fp, CRED_PART_RSA_MODULUS, n,
CRED_PART_RSA_PUB_EXP, e, CRED_PART_END);
chunk_free(&n);
chunk_free(&e);
return success;
@ -338,9 +338,9 @@ gcrypt_rsa_public_key_t *gcrypt_rsa_public_key_load(key_type_t type,
this->public.interface.encrypt = (bool (*)(public_key_t *this, chunk_t crypto, chunk_t *plain))encrypt_;
this->public.interface.equals = public_key_equals;
this->public.interface.get_keysize = (size_t (*) (public_key_t *this))get_keysize;
this->public.interface.get_fingerprint = (bool(*)(public_key_t*, key_encoding_type_t type, chunk_t *fp))get_fingerprint;
this->public.interface.get_fingerprint = (bool(*)(public_key_t*, cred_encoding_type_t type, chunk_t *fp))get_fingerprint;
this->public.interface.has_fingerprint = (bool(*)(public_key_t*, chunk_t fp))public_key_has_fingerprint;
this->public.interface.get_encoding = (bool(*)(public_key_t*, key_encoding_type_t type, chunk_t *encoding))get_encoding;
this->public.interface.get_encoding = (bool(*)(public_key_t*, cred_encoding_type_t type, chunk_t *encoding))get_encoding;
this->public.interface.get_ref = (public_key_t* (*)(public_key_t *this))get_ref;
this->public.interface.destroy = (void (*)(public_key_t *this))destroy;

20
src/libstrongswan/plugins/gmp/gmp_rsa_private_key.c
View File

@ -403,7 +403,7 @@ static bool belongs_to(private_gmp_rsa_private_key_t *this, public_key_t *public
* Implementation of private_key_t.get_encoding
*/
static bool get_encoding(private_gmp_rsa_private_key_t *this,
key_encoding_type_t type, chunk_t *encoding)
cred_encoding_type_t type, chunk_t *encoding)
{
chunk_t n, e, d, p, q, exp1, exp2, coeff;
bool success;
@ -418,11 +418,11 @@ static bool get_encoding(private_gmp_rsa_private_key_t *this,
coeff = gmp_mpz_to_chunk(this->coeff);
success = lib->encoding->encode(lib->encoding,
type, NULL, encoding, KEY_PART_RSA_MODULUS, n,
KEY_PART_RSA_PUB_EXP, e, KEY_PART_RSA_PRIV_EXP, d,
KEY_PART_RSA_PRIME1, p, KEY_PART_RSA_PRIME2, q,
KEY_PART_RSA_EXP1, exp1, KEY_PART_RSA_EXP2, exp2,
KEY_PART_RSA_COEFF, coeff, KEY_PART_END);
type, NULL, encoding, CRED_PART_RSA_MODULUS, n,
CRED_PART_RSA_PUB_EXP, e, CRED_PART_RSA_PRIV_EXP, d,
CRED_PART_RSA_PRIME1, p, CRED_PART_RSA_PRIME2, q,
CRED_PART_RSA_EXP1, exp1, CRED_PART_RSA_EXP2, exp2,
CRED_PART_RSA_COEFF, coeff, CRED_PART_END);
chunk_free(&n);
chunk_free(&e);
chunk_clear(&d);
@ -439,7 +439,7 @@ static bool get_encoding(private_gmp_rsa_private_key_t *this,
* Implementation of private_key_t.get_fingerprint
*/
static bool get_fingerprint(private_gmp_rsa_private_key_t *this,
key_encoding_type_t type, chunk_t *fp)
cred_encoding_type_t type, chunk_t *fp)
{
chunk_t n, e;
bool success;
@ -452,7 +452,7 @@ static bool get_fingerprint(private_gmp_rsa_private_key_t *this,
e = gmp_mpz_to_chunk(this->e);
success = lib->encoding->encode(lib->encoding, type, this, fp,
KEY_PART_RSA_MODULUS, n, KEY_PART_RSA_PUB_EXP, e, KEY_PART_END);
CRED_PART_RSA_MODULUS, n, CRED_PART_RSA_PUB_EXP, e, CRED_PART_END);
chunk_free(&n);
chunk_free(&e);
@ -601,9 +601,9 @@ static private_gmp_rsa_private_key_t *gmp_rsa_private_key_create_empty(void)
this->public.interface.get_public_key = (public_key_t* (*) (private_key_t*))get_public_key;
this->public.interface.equals = (bool (*) (private_key_t*, private_key_t*))equals;
this->public.interface.belongs_to = (bool (*) (private_key_t*, public_key_t*))belongs_to;
this->public.interface.get_fingerprint = (bool(*)(private_key_t*, key_encoding_type_t type, chunk_t *fp))get_fingerprint;
this->public.interface.get_fingerprint = (bool(*)(private_key_t*, cred_encoding_type_t type, chunk_t *fp))get_fingerprint;
this->public.interface.has_fingerprint = (bool(*)(private_key_t*, chunk_t fp))private_key_has_fingerprint;
this->public.interface.get_encoding = (bool(*)(private_key_t*, key_encoding_type_t type, chunk_t *encoding))get_encoding;
this->public.interface.get_encoding = (bool(*)(private_key_t*, cred_encoding_type_t type, chunk_t *encoding))get_encoding;
this->public.interface.get_ref = (private_key_t* (*) (private_key_t*))get_ref;
this->public.interface.destroy = (void (*) (private_key_t*))destroy;

12
src/libstrongswan/plugins/gmp/gmp_rsa_public_key.c
View File

@ -396,7 +396,7 @@ static size_t get_keysize(private_gmp_rsa_public_key_t *this)
* Implementation of public_key_t.get_encoding
*/
static bool get_encoding(private_gmp_rsa_public_key_t *this,
key_encoding_type_t type, chunk_t *encoding)
cred_encoding_type_t type, chunk_t *encoding)
{
chunk_t n, e;
bool success;
@ -405,7 +405,7 @@ static bool get_encoding(private_gmp_rsa_public_key_t *this,
e = gmp_mpz_to_chunk(this->e);
success = lib->encoding->encode(lib->encoding, type, NULL, encoding,
KEY_PART_RSA_MODULUS, n, KEY_PART_RSA_PUB_EXP, e, KEY_PART_END);
CRED_PART_RSA_MODULUS, n, CRED_PART_RSA_PUB_EXP, e, CRED_PART_END);
chunk_free(&n);
chunk_free(&e);
@ -416,7 +416,7 @@ static bool get_encoding(private_gmp_rsa_public_key_t *this,
* Implementation of public_key_t.get_fingerprint
*/
static bool get_fingerprint(private_gmp_rsa_public_key_t *this,
key_encoding_type_t type, chunk_t *fp)
cred_encoding_type_t type, chunk_t *fp)
{
chunk_t n, e;
bool success;
@ -429,7 +429,7 @@ static bool get_fingerprint(private_gmp_rsa_public_key_t *this,
e = gmp_mpz_to_chunk(this->e);
success = lib->encoding->encode(lib->encoding, type, this, fp,
KEY_PART_RSA_MODULUS, n, KEY_PART_RSA_PUB_EXP, e, KEY_PART_END);
CRED_PART_RSA_MODULUS, n, CRED_PART_RSA_PUB_EXP, e, CRED_PART_END);
chunk_free(&n);
chunk_free(&e);
@ -497,9 +497,9 @@ gmp_rsa_public_key_t *gmp_rsa_public_key_load(key_type_t type, va_list args)
this->public.interface.encrypt = (bool (*) (public_key_t*, chunk_t, chunk_t*))encrypt_;
this->public.interface.equals = (bool (*) (public_key_t*, public_key_t*))equals;
this->public.interface.get_keysize = (size_t (*) (public_key_t*))get_keysize;
this->public.interface.get_fingerprint = (bool(*)(public_key_t*, key_encoding_type_t type, chunk_t *fp))get_fingerprint;
this->public.interface.get_fingerprint = (bool(*)(public_key_t*, cred_encoding_type_t type, chunk_t *fp))get_fingerprint;
this->public.interface.has_fingerprint = (bool(*)(public_key_t*, chunk_t fp))public_key_has_fingerprint;
this->public.interface.get_encoding = (bool(*)(public_key_t*, key_encoding_type_t type, chunk_t *encoding))get_encoding;
this->public.interface.get_encoding = (bool(*)(public_key_t*, cred_encoding_type_t type, chunk_t *encoding))get_encoding;
this->public.interface.get_ref = (public_key_t* (*) (public_key_t *this))get_ref;
this->public.interface.destroy = (void (*) (public_key_t *this))destroy;

2
src/libstrongswan/plugins/openssl/openssl_crl.c
View File

@ -248,7 +248,7 @@ METHOD(certificate_t, issued_by, bool,
}
if (this->authKeyIdentifier.ptr && key)
{
if (!key->get_fingerprint(key, KEY_ID_PUBKEY_SHA1, &fingerprint) ||
if (!key->get_fingerprint(key, KEYID_PUBKEY_SHA1, &fingerprint) ||
!chunk_equals(fingerprint, this->authKeyIdentifier))
{
return FALSE;

22
src/libstrongswan/plugins/openssl/openssl_ec_private_key.c
View File

@ -51,7 +51,7 @@ struct private_openssl_ec_private_key_t {
};
/* from ec public key */
bool openssl_ec_fingerprint(EC_KEY *ec, key_encoding_type_t type, chunk_t *fp);
bool openssl_ec_fingerprint(EC_KEY *ec, cred_encoding_type_t type, chunk_t *fp);
/**
* Build a signature as in RFC 4754
@ -221,7 +221,7 @@ static public_key_t* get_public_key(private_openssl_ec_private_key_t *this)
* Implementation of private_key_t.get_fingerprint.
*/
static bool get_fingerprint(private_openssl_ec_private_key_t *this,
key_encoding_type_t type, chunk_t *fingerprint)
cred_encoding_type_t type, chunk_t *fingerprint)
{
return openssl_ec_fingerprint(this->ec, type, fingerprint);
}
@ -230,14 +230,14 @@ static bool get_fingerprint(private_openssl_ec_private_key_t *this,
* Implementation of private_key_t.get_encoding.
*/
static bool get_encoding(private_openssl_ec_private_key_t *this,
key_encoding_type_t type, chunk_t *encoding)
cred_encoding_type_t type, chunk_t *encoding)
{
u_char *p;
switch (type)
{
case KEY_PRIV_ASN1_DER:
case KEY_PRIV_PEM:
case PRIVKEY_ASN1_DER:
case PRIVKEY_PEM:
{
bool success = TRUE;
@ -245,13 +245,13 @@ static bool get_encoding(private_openssl_ec_private_key_t *this,
p = encoding->ptr;
i2d_ECPrivateKey(this->ec, &p);
if (type == KEY_PRIV_PEM)
if (type == PRIVKEY_PEM)
{
chunk_t asn1_encoding = *encoding;
success = lib->encoding->encode(lib->encoding, KEY_PRIV_PEM,
NULL, encoding, KEY_PART_ECDSA_PRIV_ASN1_DER,
asn1_encoding, KEY_PART_END);
success = lib->encoding->encode(lib->encoding, PRIVKEY_PEM,
NULL, encoding, CRED_PART_ECDSA_PRIV_ASN1_DER,
asn1_encoding, CRED_PART_END);
chunk_clear(&asn1_encoding);
}
return success;
@ -300,9 +300,9 @@ static private_openssl_ec_private_key_t *create_empty(void)
this->public.interface.get_public_key = (public_key_t* (*)(private_key_t *this))get_public_key;
this->public.interface.equals = private_key_equals;
this->public.interface.belongs_to = private_key_belongs_to;
this->public.interface.get_fingerprint = (bool(*)(private_key_t*, key_encoding_type_t type, chunk_t *fp))get_fingerprint;
this->public.interface.get_fingerprint = (bool(*)(private_key_t*, cred_encoding_type_t type, chunk_t *fp))get_fingerprint;
this->public.interface.has_fingerprint = (bool(*)(private_key_t*, chunk_t fp))private_key_has_fingerprint;
this->public.interface.get_encoding = (bool(*)(private_key_t*, key_encoding_type_t type, chunk_t *encoding))get_encoding;
this->public.interface.get_encoding = (bool(*)(private_key_t*, cred_encoding_type_t type, chunk_t *encoding))get_encoding;
this->public.interface.get_ref = (private_key_t* (*)(private_key_t *this))get_ref;
this->public.interface.destroy = (void (*)(private_key_t *this))destroy;

26
src/libstrongswan/plugins/openssl/openssl_ec_public_key.c
View File

@ -193,7 +193,7 @@ static size_t get_keysize(private_openssl_ec_public_key_t *this)
/**
* Calculate fingerprint from a EC_KEY, also used in ec private key.
*/
bool openssl_ec_fingerprint(EC_KEY *ec, key_encoding_type_t type, chunk_t *fp)
bool openssl_ec_fingerprint(EC_KEY *ec, cred_encoding_type_t type, chunk_t *fp)
{
hasher_t *hasher;
chunk_t key;
@ -205,12 +205,12 @@ bool openssl_ec_fingerprint(EC_KEY *ec, key_encoding_type_t type, chunk_t *fp)
}
switch (type)
{
case KEY_ID_PUBKEY_SHA1:
case KEYID_PUBKEY_SHA1:
key = chunk_alloc(i2o_ECPublicKey(ec, NULL));
p = key.ptr;
i2o_ECPublicKey(ec, &p);
break;
case KEY_ID_PUBKEY_INFO_SHA1:
case KEYID_PUBKEY_INFO_SHA1:
key = chunk_alloc(i2d_EC_PUBKEY(ec, NULL));
p = key.ptr;
i2d_EC_PUBKEY(ec, &p);
@ -236,7 +236,7 @@ bool openssl_ec_fingerprint(EC_KEY *ec, key_encoding_type_t type, chunk_t *fp)
* Implementation of private_key_t.get_fingerprint.
*/
static bool get_fingerprint(private_openssl_ec_public_key_t *this,
key_encoding_type_t type, chunk_t *fingerprint)
cred_encoding_type_t type, chunk_t *fingerprint)
{
return openssl_ec_fingerprint(this->ec, type, fingerprint);
}
@ -245,14 +245,14 @@ static bool get_fingerprint(private_openssl_ec_public_key_t *this,
* Implementation of private_key_t.get_encoding.
*/
static bool get_encoding(private_openssl_ec_public_key_t *this,
key_encoding_type_t type, chunk_t *encoding)
cred_encoding_type_t type, chunk_t *encoding)
{
u_char *p;
switch (type)
{
case KEY_PUB_SPKI_ASN1_DER:
case KEY_PUB_PEM:
case PUBKEY_SPKI_ASN1_DER:
case PUBKEY_PEM:
{
bool success = TRUE;
@ -260,13 +260,13 @@ static bool get_encoding(private_openssl_ec_public_key_t *this,
p = encoding->ptr;
i2d_EC_PUBKEY(this->ec, &p);
if (type == KEY_PUB_PEM)
if (type == PUBKEY_PEM)
{
chunk_t asn1_encoding = *encoding;
success = lib->encoding->encode(lib->encoding, KEY_PUB_PEM,
NULL, encoding, KEY_PART_ECDSA_PUB_ASN1_DER,
asn1_encoding, KEY_PART_END);
success = lib->encoding->encode(lib->encoding, PUBKEY_PEM,
NULL, encoding, CRED_PART_ECDSA_PUB_ASN1_DER,
asn1_encoding, CRED_PART_END);
chunk_clear(&asn1_encoding);
}
return success;
@ -313,9 +313,9 @@ static private_openssl_ec_public_key_t *create_empty()
this->public.interface.encrypt = (bool (*)(public_key_t *this, chunk_t crypto, chunk_t *plain))encrypt_;
this->public.interface.get_keysize = (size_t (*) (public_key_t *this))get_keysize;
this->public.interface.equals = public_key_equals;
this->public.interface.get_fingerprint = (bool(*)(public_key_t*, key_encoding_type_t type, chunk_t *fp))get_fingerprint;
this->public.interface.get_fingerprint = (bool(*)(public_key_t*, cred_encoding_type_t type, chunk_t *fp))get_fingerprint;
this->public.interface.has_fingerprint = (bool(*)(public_key_t*, chunk_t fp))public_key_has_fingerprint;
this->public.interface.get_encoding = (bool(*)(public_key_t*, key_encoding_type_t type, chunk_t *encoding))get_encoding;
this->public.interface.get_encoding = (bool(*)(public_key_t*, cred_encoding_type_t type, chunk_t *encoding))get_encoding;
this->public.interface.get_ref = (public_key_t* (*)(public_key_t *this))get_ref;
this->public.interface.destroy = (void (*)(public_key_t *this))destroy;

22
src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c
View File

@ -58,7 +58,7 @@ struct private_openssl_rsa_private_key_t {
};
/* implemented in rsa public key */
bool openssl_rsa_fingerprint(RSA *rsa, key_encoding_type_t type, chunk_t *fp);
bool openssl_rsa_fingerprint(RSA *rsa, cred_encoding_type_t type, chunk_t *fp);
/**
* Build an EMPSA PKCS1 signature described in PKCS#1
@ -208,7 +208,7 @@ static public_key_t* get_public_key(private_openssl_rsa_private_key_t *this)
* Implementation of public_key_t.get_fingerprint.
*/
static bool get_fingerprint(private_openssl_rsa_private_key_t *this,
key_encoding_type_t type, chunk_t *fingerprint)
cred_encoding_type_t type, chunk_t *fingerprint)
{
return openssl_rsa_fingerprint(this->rsa, type, fingerprint);
}
@ -217,7 +217,7 @@ static bool get_fingerprint(private_openssl_rsa_private_key_t *this,
* Implementation of public_key_t.get_encoding.
*/
static bool get_encoding(private_openssl_rsa_private_key_t *this,
key_encoding_type_t type, chunk_t *encoding)
cred_encoding_type_t type, chunk_t *encoding)
{
u_char *p;
@ -227,8 +227,8 @@ static bool get_encoding(private_openssl_rsa_private_key_t *this,
}
switch (type)
{
case KEY_PRIV_ASN1_DER:
case KEY_PRIV_PEM:
case PRIVKEY_ASN1_DER:
case PRIVKEY_PEM:
{
bool success = TRUE;
@ -236,13 +236,13 @@ static bool get_encoding(private_openssl_rsa_private_key_t *this,
p = encoding->ptr;
i2d_RSAPrivateKey(this->rsa, &p);
if (type == KEY_PRIV_PEM)
if (type == PRIVKEY_PEM)
{
chunk_t asn1_encoding = *encoding;
success = lib->encoding->encode(lib->encoding, KEY_PRIV_PEM,
NULL, encoding, KEY_PART_RSA_PRIV_ASN1_DER,
asn1_encoding, KEY_PART_END);
success = lib->encoding->encode(lib->encoding, PRIVKEY_PEM,
NULL, encoding, CRED_PART_RSA_PRIV_ASN1_DER,
asn1_encoding, CRED_PART_END);
chunk_clear(&asn1_encoding);
}
return success;
@ -291,9 +291,9 @@ static private_openssl_rsa_private_key_t *create_empty(void)
this->public.interface.get_public_key = (public_key_t* (*) (private_key_t*))get_public_key;
this->public.interface.equals = private_key_equals;
this->public.interface.belongs_to = private_key_belongs_to;
this->public.interface.get_fingerprint = (bool(*)(private_key_t*, key_encoding_type_t type, chunk_t *fp))get_fingerprint;
this->public.interface.get_fingerprint = (bool(*)(private_key_t*, cred_encoding_type_t type, chunk_t *fp))get_fingerprint;
this->public.interface.has_fingerprint = (bool(*)(private_key_t*, chunk_t fp))private_key_has_fingerprint;
this->public.interface.get_encoding = (bool(*)(private_key_t*, key_encoding_type_t type, chunk_t *encoding))get_encoding;
this->public.interface.get_encoding = (bool(*)(private_key_t*, cred_encoding_type_t type, chunk_t *encoding))get_encoding;
this->public.interface.get_ref = (private_key_t* (*) (private_key_t*))get_ref;
this->public.interface.destroy = (void (*) (private_key_t*))destroy;

28
src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c
View File

@ -172,7 +172,7 @@ static size_t get_keysize(private_openssl_rsa_public_key_t *this)
/**
* Calculate fingerprint from a RSA key, also used in rsa private key.
*/
bool openssl_rsa_fingerprint(RSA *rsa, key_encoding_type_t type, chunk_t *fp)
bool openssl_rsa_fingerprint(RSA *rsa, cred_encoding_type_t type, chunk_t *fp)
{
hasher_t *hasher;
chunk_t key;
@ -184,12 +184,12 @@ bool openssl_rsa_fingerprint(RSA *rsa, key_encoding_type_t type, chunk_t *fp)
}
switch (type)
{
case KEY_ID_PUBKEY_SHA1:
case KEYID_PUBKEY_SHA1:
key = chunk_alloc(i2d_RSAPublicKey(rsa, NULL));
p = key.ptr;
i2d_RSAPublicKey(rsa, &p);
break;
case KEY_ID_PUBKEY_INFO_SHA1:
case KEYID_PUBKEY_INFO_SHA1:
key = chunk_alloc(i2d_RSA_PUBKEY(rsa, NULL));
p = key.ptr;
i2d_RSA_PUBKEY(rsa, &p);
@ -215,7 +215,7 @@ bool openssl_rsa_fingerprint(RSA *rsa, key_encoding_type_t type, chunk_t *fp)
* Implementation of public_key_t.get_fingerprint.
*/
static bool get_fingerprint(private_openssl_rsa_public_key_t *this,
key_encoding_type_t type, chunk_t *fingerprint)
cred_encoding_type_t type, chunk_t *fingerprint)
{
return openssl_rsa_fingerprint(this->rsa, type, fingerprint);
}
@ -224,14 +224,14 @@ static bool get_fingerprint(private_openssl_rsa_public_key_t *this,
* Implementation of public_key_t.get_encoding.
*/
static bool get_encoding(private_openssl_rsa_public_key_t *this,
key_encoding_type_t type, chunk_t *encoding)
cred_encoding_type_t type, chunk_t *encoding)
{
u_char *p;
switch (type)
{
case KEY_PUB_SPKI_ASN1_DER:
case KEY_PUB_PEM:
case PUBKEY_SPKI_ASN1_DER:
case PUBKEY_PEM:
{
bool success = TRUE;
@ -239,18 +239,18 @@ static bool get_encoding(private_openssl_rsa_public_key_t *this,
p = encoding->ptr;
i2d_RSA_PUBKEY(this->rsa, &p);
if (type == KEY_PUB_PEM)
if (type == PUBKEY_PEM)
{
chunk_t asn1_encoding = *encoding;
success = lib->encoding->encode(lib->encoding, KEY_PUB_PEM,
NULL, encoding, KEY_PART_RSA_PUB_ASN1_DER,
asn1_encoding, KEY_PART_END);
success = lib->encoding->encode(lib->encoding, PUBKEY_PEM,
NULL, encoding, CRED_PART_RSA_PUB_ASN1_DER,
asn1_encoding, CRED_PART_END);
chunk_clear(&asn1_encoding);
}
return success;
}
case KEY_PUB_ASN1_DER:
case PUBKEY_ASN1_DER:
{
*encoding = chunk_alloc(i2d_RSAPublicKey(this->rsa, NULL));
p = encoding->ptr;
@ -299,9 +299,9 @@ static private_openssl_rsa_public_key_t *create_empty()
this->public.interface.encrypt = (bool (*)(public_key_t *this, chunk_t crypto, chunk_t *plain))encrypt_;
this->public.interface.equals = public_key_equals;
this->public.interface.get_keysize = (size_t (*) (public_key_t *this))get_keysize;
this->public.interface.get_fingerprint = (bool(*)(public_key_t*, key_encoding_type_t type, chunk_t *fp))get_fingerprint;
this->public.interface.get_fingerprint = (bool(*)(public_key_t*, cred_encoding_type_t type, chunk_t *fp))get_fingerprint;
this->public.interface.has_fingerprint = (bool(*)(public_key_t*, chunk_t fp))public_key_has_fingerprint;
this->public.interface.get_encoding = (bool(*)(public_key_t*, key_encoding_type_t type, chunk_t *encoding))get_encoding;
this->public.interface.get_encoding = (bool(*)(public_key_t*, cred_encoding_type_t type, chunk_t *encoding))get_encoding;
this->public.interface.get_ref = (public_key_t* (*)(public_key_t *this))get_ref;
this->public.interface.destroy = (void (*)(public_key_t *this))destroy;

2
src/libstrongswan/plugins/openssl/openssl_x509.c
View File

@ -213,7 +213,7 @@ METHOD(x509_t, get_subjectKeyIdentifier, chunk_t,
{
return this->subjectKeyIdentifier;
}
if (this->pubkey->get_fingerprint(this->pubkey, KEY_ID_PUBKEY_SHA1,
if (this->pubkey->get_fingerprint(this->pubkey, KEYID_PUBKEY_SHA1,
&fingerprint))
{
return fingerprint;

54
src/libstrongswan/plugins/pem/pem_encoder.c
View File

@ -20,7 +20,7 @@
/**
* See header.
*/
bool pem_encoder_encode(key_encoding_type_t type, chunk_t *encoding,
bool pem_encoder_encode(cred_encoding_type_t type, chunk_t *encoding,
va_list args)
{
chunk_t asn1;
@ -31,57 +31,57 @@ bool pem_encoder_encode(key_encoding_type_t type, chunk_t *encoding,
switch (type)
{
case KEY_PUB_PEM:
case PUBKEY_PEM:
label ="PUBLIC KEY";
/* direct PKCS#1 PEM encoding */
if (key_encoding_args(args, KEY_PART_RSA_PUB_ASN1_DER,
&asn1, KEY_PART_END) ||
key_encoding_args(args, KEY_PART_ECDSA_PUB_ASN1_DER,
&asn1, KEY_PART_END))
if (cred_encoding_args(args, CRED_PART_RSA_PUB_ASN1_DER,
&asn1, CRED_PART_END) ||
cred_encoding_args(args, CRED_PART_ECDSA_PUB_ASN1_DER,
&asn1, CRED_PART_END))
{
break;
}
/* indirect PEM encoding from components */
if (key_encoding_args(args, KEY_PART_RSA_MODULUS, &n,
KEY_PART_RSA_PUB_EXP, &e, KEY_PART_END))
if (cred_encoding_args(args, CRED_PART_RSA_MODULUS, &n,
CRED_PART_RSA_PUB_EXP, &e, CRED_PART_END))
{
if (lib->encoding->encode(lib->encoding, KEY_PUB_SPKI_ASN1_DER,
NULL, &asn1, KEY_PART_RSA_MODULUS, n,
KEY_PART_RSA_PUB_EXP, e, KEY_PART_END))
if (lib->encoding->encode(lib->encoding, PUBKEY_SPKI_ASN1_DER,
NULL, &asn1, CRED_PART_RSA_MODULUS, n,
CRED_PART_RSA_PUB_EXP, e, CRED_PART_END))
{
to_free = asn1;
break;
}
}
return FALSE;
case KEY_PRIV_PEM:
case PRIVKEY_PEM:
label ="RSA PRIVATE KEY";
/* direct PKCS#1 PEM encoding */
if (key_encoding_args(args, KEY_PART_RSA_PRIV_ASN1_DER,
&asn1, KEY_PART_END))
if (cred_encoding_args(args, CRED_PART_RSA_PRIV_ASN1_DER,
&asn1, CRED_PART_END))
{
break;
}
/* indirect PEM encoding from components */
if (key_encoding_args(args, KEY_PART_RSA_MODULUS, &n,
KEY_PART_RSA_PUB_EXP, &e, KEY_PART_RSA_PRIV_EXP, &d,
KEY_PART_RSA_PRIME1, &p, KEY_PART_RSA_PRIME2, &q,
KEY_PART_RSA_EXP1, &exp1, KEY_PART_RSA_EXP2, &exp2,
KEY_PART_RSA_COEFF, &coeff, KEY_PART_END))
if (cred_encoding_args(args, CRED_PART_RSA_MODULUS, &n,
CRED_PART_RSA_PUB_EXP, &e, CRED_PART_RSA_PRIV_EXP, &d,
CRED_PART_RSA_PRIME1, &p, CRED_PART_RSA_PRIME2, &q,
CRED_PART_RSA_EXP1, &exp1, CRED_PART_RSA_EXP2, &exp2,
CRED_PART_RSA_COEFF, &coeff, CRED_PART_END))
{
if (lib->encoding->encode(lib->encoding, KEY_PRIV_ASN1_DER, NULL,
&asn1, KEY_PART_RSA_MODULUS, n,
KEY_PART_RSA_PUB_EXP, e, KEY_PART_RSA_PRIV_EXP, d,
KEY_PART_RSA_PRIME1, p, KEY_PART_RSA_PRIME2, q,
KEY_PART_RSA_EXP1, exp1, KEY_PART_RSA_EXP2, exp2,
KEY_PART_RSA_COEFF, coeff, KEY_PART_END))
if (lib->encoding->encode(lib->encoding, PRIVKEY_ASN1_DER, NULL,
&asn1, CRED_PART_RSA_MODULUS, n,
CRED_PART_RSA_PUB_EXP, e, CRED_PART_RSA_PRIV_EXP, d,
CRED_PART_RSA_PRIME1, p, CRED_PART_RSA_PRIME2, q,
CRED_PART_RSA_EXP1, exp1, CRED_PART_RSA_EXP2, exp2,
CRED_PART_RSA_COEFF, coeff, CRED_PART_END))
{
to_free = asn1;
break;
}
}
if (key_encoding_args(args, KEY_PART_ECDSA_PRIV_ASN1_DER,
&asn1, KEY_PART_END))
if (cred_encoding_args(args, CRED_PART_ECDSA_PRIV_ASN1_DER,
&asn1, CRED_PART_END))
{
label ="EC PRIVATE KEY";
break;

2
src/libstrongswan/plugins/pem/pem_encoder.h
View File

@ -26,7 +26,7 @@
/**
* Encoding from ASN.1 to PEM format.
*/
bool pem_encoder_encode(key_encoding_type_t type, chunk_t *encoding,
bool pem_encoder_encode(cred_encoding_type_t type, chunk_t *encoding,
va_list args);
#endif /** PEM_ENCODER_H_ @}*/

2
src/libstrongswan/plugins/pgp/pgp_cert.c
View File

@ -347,7 +347,7 @@ static bool parse_public_key(private_pgp_cert_t *this, chunk_t packet)
else
{
/* V3 fingerprint is computed by public_key_t class */
if (!this->key->get_fingerprint(this->key, KEY_ID_PGPV3,
if (!this->key->get_fingerprint(this->key, KEYID_PGPV3,
&this->fingerprint))
{
return FALSE;

10
src/libstrongswan/plugins/pgp/pgp_encoder.c
View File

@ -25,8 +25,8 @@ static bool build_v3_fingerprint(chunk_t *encoding, va_list args)
hasher_t *hasher;
chunk_t n, e;
if (key_encoding_args(args, KEY_PART_RSA_MODULUS, &n,
KEY_PART_RSA_PUB_EXP, &e, KEY_PART_END))
if (cred_encoding_args(args, CRED_PART_RSA_MODULUS, &n,
CRED_PART_RSA_PUB_EXP, &e, CRED_PART_END))
{
hasher = lib->crypto->create_hasher(lib->crypto, HASH_MD5);
if (!hasher)
@ -55,12 +55,12 @@ static bool build_v3_fingerprint(chunk_t *encoding, va_list args)
/**
* See header.
*/
bool pgp_encoder_encode(key_encoding_type_t type, chunk_t *encoding,
va_list args)
bool pgp_encoder_encode(cred_encoding_type_t type, chunk_t *encoding,
va_list args)
{
switch (type)
{
case KEY_ID_PGPV3:
case KEYID_PGPV3:
return build_v3_fingerprint(encoding, args);
default:
return FALSE;

2
src/libstrongswan/plugins/pgp/pgp_encoder.h
View File

@ -26,7 +26,7 @@
/**
* Encoding function for PGP fingerprints.
*/
bool pgp_encoder_encode(key_encoding_type_t type, chunk_t *encoding,
bool pgp_encoder_encode(cred_encoding_type_t type, chunk_t *encoding,
va_list args);
#endif /** PGP_ENCODER_H_ @}*/

30
src/libstrongswan/plugins/pkcs1/pkcs1_encoder.c
View File

@ -26,8 +26,8 @@ bool build_pub(chunk_t *encoding, va_list args)
{
chunk_t n, e;
if (key_encoding_args(args, KEY_PART_RSA_MODULUS, &n,
KEY_PART_RSA_PUB_EXP, &e, KEY_PART_END))
if (cred_encoding_args(args, CRED_PART_RSA_MODULUS, &n,
CRED_PART_RSA_PUB_EXP, &e, CRED_PART_END))
{
*encoding = asn1_wrap(ASN1_SEQUENCE, "mm",
asn1_wrap(ASN1_INTEGER, "c", n),
@ -44,8 +44,8 @@ bool build_pub_info(chunk_t *encoding, va_list args)
{
chunk_t n, e;
if (key_encoding_args(args, KEY_PART_RSA_MODULUS, &n,
KEY_PART_RSA_PUB_EXP, &e, KEY_PART_END))
if (cred_encoding_args(args, CRED_PART_RSA_MODULUS, &n,
CRED_PART_RSA_PUB_EXP, &e, CRED_PART_END))
{
*encoding = asn1_wrap(ASN1_SEQUENCE, "mm",
asn1_algorithmIdentifier(OID_RSA_ENCRYPTION),
@ -65,11 +65,11 @@ bool build_priv(chunk_t *encoding, va_list args)
{
chunk_t n, e, d, p, q, exp1, exp2, coeff;
if (key_encoding_args(args, KEY_PART_RSA_MODULUS, &n,
KEY_PART_RSA_PUB_EXP, &e, KEY_PART_RSA_PRIV_EXP, &d,
KEY_PART_RSA_PRIME1, &p, KEY_PART_RSA_PRIME2, &q,
KEY_PART_RSA_EXP1, &exp1, KEY_PART_RSA_EXP2, &exp2,
KEY_PART_RSA_COEFF, &coeff, KEY_PART_END))
if (cred_encoding_args(args, CRED_PART_RSA_MODULUS, &n,
CRED_PART_RSA_PUB_EXP, &e, CRED_PART_RSA_PRIV_EXP, &d,
CRED_PART_RSA_PRIME1, &p, CRED_PART_RSA_PRIME2, &q,
CRED_PART_RSA_EXP1, &exp1, CRED_PART_RSA_EXP2, &exp2,
CRED_PART_RSA_COEFF, &coeff, CRED_PART_END))
{
*encoding = asn1_wrap(ASN1_SEQUENCE, "cmmssssss",
ASN1_INTEGER_0,
@ -138,20 +138,20 @@ static bool build_sha1(chunk_t *encoding, va_list args)
/**
* See header.
*/
bool pkcs1_encoder_encode(key_encoding_type_t type, chunk_t *encoding,
bool pkcs1_encoder_encode(cred_encoding_type_t type, chunk_t *encoding,
va_list args)
{
switch (type)
{
case KEY_ID_PUBKEY_INFO_SHA1:
case KEYID_PUBKEY_INFO_SHA1:
return build_info_sha1(encoding, args);
case KEY_ID_PUBKEY_SHA1:
case KEYID_PUBKEY_SHA1:
return build_sha1(encoding, args);
case KEY_PUB_ASN1_DER:
case PUBKEY_ASN1_DER:
return build_pub(encoding, args);
case KEY_PUB_SPKI_ASN1_DER:
case PUBKEY_SPKI_ASN1_DER:
return build_pub_info(encoding, args);
case KEY_PRIV_ASN1_DER:
case PRIVKEY_ASN1_DER:
return build_priv(encoding, args);
default:
return FALSE;

2
src/libstrongswan/plugins/pkcs1/pkcs1_encoder.h
View File

@ -26,7 +26,7 @@
/**
* Encoding function for PKCS#1/ASN.1 fingerprints/key formats.
*/
bool pkcs1_encoder_encode(key_encoding_type_t type, chunk_t *encoding,
bool pkcs1_encoder_encode(cred_encoding_type_t type, chunk_t *encoding,
va_list args);
#endif /** PKCS1_ENCODER_H_ @}*/

8
src/libstrongswan/plugins/pubkey/pubkey_cert.c
View File

@ -82,10 +82,10 @@ static id_match_t has_subject(private_pubkey_cert_t *this,
{
if (subject->get_type(subject) == ID_KEY_ID)
{
key_encoding_type_t type;
cred_encoding_type_t type;
chunk_t fingerprint;
for (type = 0; type < KEY_ENCODING_MAX; type++)
for (type = 0; type < CRED_ENCODING_MAX; type++)
{
if (this->key->get_fingerprint(this->key, type, &fingerprint) &&
chunk_equals(fingerprint, subject->get_encoding(subject)))
@ -167,7 +167,7 @@ static chunk_t get_encoding(private_pubkey_cert_t *this)
{
chunk_t encoding;
if (this->key->get_encoding(this->key, KEY_PUB_ASN1_DER, &encoding))
if (this->key->get_encoding(this->key, PUBKEY_ASN1_DER, &encoding))
{
return encoding;
}
@ -221,7 +221,7 @@ static pubkey_cert_t *pubkey_cert_create(public_key_t *key)
this->ref = 1;
this->key = key;
this->issuer = identification_create_from_encoding(ID_ANY, chunk_empty);
if (key->get_fingerprint(key, KEY_ID_PUBKEY_INFO_SHA1, &fingerprint))
if (key->get_fingerprint(key, KEYID_PUBKEY_INFO_SHA1, &fingerprint))
{
this->subject = identification_create_from_encoding(ID_KEY_ID, fingerprint);
}

4
src/libstrongswan/plugins/revocation/revocation_validator.c
View File

@ -227,7 +227,7 @@ static cert_validation_t check_ocsp(x509_t *subject, x509_t *issuer,
/* derive the authorityKeyIdentifier from the issuer's public key */
current = &issuer->interface;
public = current->get_public_key(current);
if (public && public->get_fingerprint(public, KEY_ID_PUBKEY_SHA1, &chunk))
if (public && public->get_fingerprint(public, KEYID_PUBKEY_SHA1, &chunk))
{
keyid = identification_create_from_encoding(ID_KEY_ID, chunk);
}
@ -423,7 +423,7 @@ static cert_validation_t check_crl(x509_t *subject, x509_t *issuer,
/* derive the authorityKeyIdentifier from the issuer's public key */
current = &issuer->interface;
public = current->get_public_key(current);
if (public && public->get_fingerprint(public, KEY_ID_PUBKEY_SHA1, &chunk))
if (public && public->get_fingerprint(public, KEYID_PUBKEY_SHA1, &chunk))
{
keyid = identification_create_from_encoding(ID_KEY_ID, chunk);

4
src/libstrongswan/plugins/x509/x509_ac.c
View File

@ -568,7 +568,7 @@ static chunk_t build_authorityKeyIdentifier(private_x509_ac_t *this)
public = this->signerCert->get_public_key(this->signerCert);
if (public)
{
if (public->get_fingerprint(public, KEY_ID_PUBKEY_SHA1, &keyIdentifier))
if (public->get_fingerprint(public, KEYID_PUBKEY_SHA1, &keyIdentifier))
{
this->authKeyIdentifier = chunk_clone(keyIdentifier);
}
@ -749,7 +749,7 @@ static bool issued_by(private_x509_ac_t *this, certificate_t *issuer)
{
chunk_t fingerprint;
if (!key->get_fingerprint(key, KEY_ID_PUBKEY_SHA1, &fingerprint) ||
if (!key->get_fingerprint(key, KEYID_PUBKEY_SHA1, &fingerprint) ||
!chunk_equals(fingerprint, this->authKeyIdentifier))
{
return FALSE;

8
src/libstrongswan/plugins/x509/x509_cert.c
View File

@ -1274,7 +1274,7 @@ static chunk_t get_subjectKeyIdentifier(private_x509_cert_t *this)
chunk_t fingerprint;
if (this->public_key->get_fingerprint(this->public_key,
KEY_ID_PUBKEY_SHA1, &fingerprint))
KEYID_PUBKEY_SHA1, &fingerprint))
{
return fingerprint;
}
@ -1528,7 +1528,7 @@ static bool generate(private_x509_cert_t *cert, certificate_t *sign_cert,
scheme = signature_scheme_from_oid(cert->algorithm);
if (!cert->public_key->get_encoding(cert->public_key,
KEY_PUB_SPKI_ASN1_DER, &key_info))
PUBKEY_SPKI_ASN1_DER, &key_info))
{
return FALSE;
}
@ -1642,7 +1642,7 @@ static bool generate(private_x509_cert_t *cert, certificate_t *sign_cert,
chunk_t keyid;
if (cert->public_key->get_fingerprint(cert->public_key,
KEY_ID_PUBKEY_SHA1, &keyid))
KEYID_PUBKEY_SHA1, &keyid))
{
subjectKeyIdentifier = asn1_wrap(ASN1_SEQUENCE, "mm",
asn1_build_known_oid(OID_SUBJECT_KEY_ID),
@ -1656,7 +1656,7 @@ static bool generate(private_x509_cert_t *cert, certificate_t *sign_cert,
{
chunk_t keyid;
if (sign_key->get_fingerprint(sign_key, KEY_ID_PUBKEY_SHA1, &keyid))
if (sign_key->get_fingerprint(sign_key, KEYID_PUBKEY_SHA1, &keyid))
{
authKeyIdentifier = asn1_wrap(ASN1_SEQUENCE, "mm",
asn1_build_known_oid(OID_AUTHORITY_KEY_ID),

2
src/libstrongswan/plugins/x509/x509_crl.c
View File

@ -401,7 +401,7 @@ METHOD(certificate_t, issued_by, bool,
{
chunk_t fingerprint;
if (!key->get_fingerprint(key, KEY_ID_PUBKEY_SHA1, &fingerprint) ||
if (!key->get_fingerprint(key, KEYID_PUBKEY_SHA1, &fingerprint) ||
!chunk_equals(fingerprint, this->authKeyIdentifier))
{
return FALSE;

2
src/libstrongswan/plugins/x509/x509_ocsp_request.c
View File

@ -153,7 +153,7 @@ static chunk_t build_requestList(private_x509_ocsp_request_t *this)
hasher_t *hasher = lib->crypto->create_hasher(lib->crypto, HASH_SHA1);
if (hasher)
{
if (public->get_fingerprint(public, KEY_ID_PUBKEY_SHA1,
if (public->get_fingerprint(public, KEYID_PUBKEY_SHA1,
&issuerKeyHash))
{
enumerator_t *enumerator;

6
src/libstrongswan/plugins/x509/x509_ocsp_response.c
View File

@ -167,7 +167,7 @@ static cert_validation_t get_status(private_x509_ocsp_response_t *this,
{
hasher_t *hasher;
identification_t *id;
key_encoding_type_t type;
cred_encoding_type_t type;
chunk_t hash, fingerprint;
/* check serial first, is cheaper */
@ -188,7 +188,7 @@ static cert_validation_t get_status(private_x509_ocsp_response_t *this,
switch (response->hashAlgorithm)
{
case OID_SHA1:
type = KEY_ID_PUBKEY_SHA1;
type = KEYID_PUBKEY_SHA1;
break;
default:
public->destroy(public);
@ -698,7 +698,7 @@ static bool issued_by(private_x509_ocsp_response_t *this, certificate_t *issuer)
key = issuer->get_public_key(issuer);
if (!key ||
!key->get_fingerprint(key, KEY_ID_PUBKEY_SHA1, &fingerprint) ||
!key->get_fingerprint(key, KEYID_PUBKEY_SHA1, &fingerprint) ||
!chunk_equals(fingerprint,
this->responderId->get_encoding(this->responderId)))
{

2
src/libstrongswan/plugins/x509/x509_pkcs10.c
View File

@ -550,7 +550,7 @@ static bool generate(private_x509_pkcs10_t *cert, private_key_t *sign_key,
scheme = signature_scheme_from_oid(cert->algorithm);
if (!cert->public_key->get_encoding(cert->public_key,
KEY_PUB_SPKI_ASN1_DER, &key_info))
PUBKEY_SPKI_ASN1_DER, &key_info))
{
return FALSE;
}

4
src/medsrv/controller/peer_controller.c
View File

@ -139,8 +139,8 @@ static bool parse_public_key(private_peer_controller_t *this,
return FALSE;
}
/* TODO: use get_encoding() with an encoding type */
if (!public->get_fingerprint(public, KEY_ID_PUBKEY_SHA1, &id) ||
!public->get_encoding(public, KEY_PUB_SPKI_ASN1_DER, encoding))
if (!public->get_fingerprint(public, KEYID_PUBKEY_SHA1, &id) ||
!public->get_encoding(public, PUBKEY_SPKI_ASN1_DER, encoding))
{
request->setf(request, "error=Encoding public key failed.");
return FALSE;

2
src/pki/commands/gen.c
View File

@ -20,7 +20,7 @@
*/
static int gen()
{
key_encoding_type_t form = KEY_PRIV_ASN1_DER;
cred_encoding_type_t form = PRIVKEY_ASN1_DER;
key_type_t type = KEY_RSA;
u_int size = 0;
private_key_t *key;

12
src/pki/commands/keyid.c
View File

@ -99,11 +99,11 @@ static int keyid()
if (type == CRED_PRIVATE_KEY)
{
private = cred;
if (private->get_fingerprint(private, KEY_ID_PUBKEY_SHA1, &id))
if (private->get_fingerprint(private, KEYID_PUBKEY_SHA1, &id))
{
printf("subjectKeyIdentifier: %#B\n", &id);
}
if (private->get_fingerprint(private, KEY_ID_PUBKEY_INFO_SHA1, &id))
if (private->get_fingerprint(private, KEYID_PUBKEY_INFO_SHA1, &id))
{
printf("subjectPublicKeyInfo hash: %#B\n", &id);
}
@ -112,11 +112,11 @@ static int keyid()
else if (type == CRED_PUBLIC_KEY)
{
public = cred;
if (public->get_fingerprint(public, KEY_ID_PUBKEY_SHA1, &id))
if (public->get_fingerprint(public, KEYID_PUBKEY_SHA1, &id))
{
printf("subjectKeyIdentifier: %#B\n", &id);
}
if (public->get_fingerprint(public, KEY_ID_PUBKEY_INFO_SHA1, &id))
if (public->get_fingerprint(public, KEYID_PUBKEY_INFO_SHA1, &id))
{
printf("subjectPublicKeyInfo hash: %#B\n", &id);
}
@ -131,11 +131,11 @@ static int keyid()
fprintf(stderr, "extracting public key from certificate failed");
return 1;
}
if (public->get_fingerprint(public, KEY_ID_PUBKEY_SHA1, &id))
if (public->get_fingerprint(public, KEYID_PUBKEY_SHA1, &id))
{
printf("subjectKeyIdentifier: %#B\n", &id);
}
if (public->get_fingerprint(public, KEY_ID_PUBKEY_INFO_SHA1, &id))
if (public->get_fingerprint(public, KEYID_PUBKEY_INFO_SHA1, &id))
{
printf("subjectPublicKeyInfo hash: %#B\n", &id);
}

4
src/pki/commands/print.c
View File

@ -30,11 +30,11 @@ static void print_pubkey(public_key_t *key)
printf("pubkey: %N %d bits\n", key_type_names, key->get_type(key),
key->get_keysize(key) * 8);
if (key->get_fingerprint(key, KEY_ID_PUBKEY_INFO_SHA1, &chunk))
if (key->get_fingerprint(key, KEYID_PUBKEY_INFO_SHA1, &chunk))
{
printf("keyid: %#B\n", &chunk);
}
if (key->get_fingerprint(key, KEY_ID_PUBKEY_SHA1, &chunk))
if (key->get_fingerprint(key, KEYID_PUBKEY_SHA1, &chunk))
{
printf("subjkey: %#B\n", &chunk);
}

2
src/pki/commands/pub.c
View File

@ -23,7 +23,7 @@
*/
static int pub()
{
key_encoding_type_t form = KEY_PUB_SPKI_ASN1_DER;
cred_encoding_type_t form = PUBKEY_SPKI_ASN1_DER;
credential_type_t type = CRED_PRIVATE_KEY;
int subtype = KEY_RSA;
certificate_t *cert;

8
src/pki/pki.c
View File

@ -21,20 +21,20 @@
/**
* Convert a form string to a encoding type
*/
bool get_form(char *form, key_encoding_type_t *type, bool pub)
bool get_form(char *form, cred_encoding_type_t *type, bool pub)
{
if (streq(form, "der"))
{
/* der encoded keys usually contain the complete SubjectPublicKeyInfo */
*type = pub ? KEY_PUB_SPKI_ASN1_DER : KEY_PRIV_ASN1_DER;
*type = pub ? PUBKEY_SPKI_ASN1_DER : PRIVKEY_ASN1_DER;
}
else if (streq(form, "pem"))
{
*type = pub ? KEY_PUB_PEM : KEY_PRIV_PEM;
*type = pub ? PUBKEY_PEM : PRIVKEY_PEM;
}
else if (streq(form, "pgp"))
{
*type = pub ? KEY_PUB_PGP : KEY_PRIV_PGP;
*type = pub ? PUBKEY_PGP : PRIVKEY_PGP;
}
else
{

2
src/pki/pki.h
View File

@ -29,7 +29,7 @@
/**
* Convert a form string to a encoding type
*/
bool get_form(char *form, key_encoding_type_t *type, bool pub);
bool get_form(char *form, cred_encoding_type_t *type, bool pub);
/**
* Convert a digest string to a hash algorithm

4
src/pluto/certs.c
View File

@ -318,11 +318,11 @@ void list_pgp_end_certs(bool utc)
key_type_names, key->get_type(key),
key->get_keysize(key) * BITS_PER_BYTE,
has_private_key(cert)? ", has private key" : "");
if (key->get_fingerprint(key, KEY_ID_PUBKEY_INFO_SHA1, &keyid))
if (key->get_fingerprint(key, KEYID_PUBKEY_INFO_SHA1, &keyid))
{
whack_log(RC_COMMENT, " keyid: %#B", &keyid);
}
if (key->get_fingerprint(key, KEY_ID_PUBKEY_SHA1, &keyid))
if (key->get_fingerprint(key, KEYID_PUBKEY_SHA1, &keyid))
{
whack_log(RC_COMMENT, " subjkey: %#B", &keyid);
}

2
src/pluto/dnskey.c
View File

@ -424,7 +424,7 @@ static err_t process_txt_rr_body(u_char *str, bool doit,
public_key_t *key = gi.key->public_key;
if (gi.gw_key_present &&
key->get_fingerprint(key, KEY_ID_PUBKEY_SHA1, &keyid))
key->get_fingerprint(key, KEYID_PUBKEY_SHA1, &keyid))
{
DBG_log("gateway for %s is %s with key %#B",
client_id, gi.gw_id, &keyid);

8
src/pluto/ipsec_doi.c
View File

@ -260,7 +260,7 @@ static linked_list_t* collect_rw_ca_candidates(struct msg_digest *md)
{
new_entry = FALSE;
break;
}
}
}
enumerator->destroy(enumerator);
@ -1568,7 +1568,7 @@ static bool take_a_crack(struct tac_state *s, pubkey_t *kr)
s->tried_cnt++;
scheme = oakley_to_signature_scheme(s->st->st_oakley.auth);
pub_key->get_fingerprint(pub_key, KEY_ID_PUBKEY_INFO_SHA1, &keyid);
pub_key->get_fingerprint(pub_key, KEYID_PUBKEY_INFO_SHA1, &keyid);
if (pub_key->verify(pub_key, scheme, s->hash, s->sig))
{
@ -3542,7 +3542,7 @@ stf_status main_inR2_outI3(struct msg_digest *md)
struct state *const st = md->st;
pb_stream *const keyex_pbs = &md->chain[ISAKMP_NEXT_KE]->pbs;
pb_stream id_pbs; /* ID Payload; also used for hash calculation */
connection_t *c = st->st_connection;
certpolicy_t cert_policy = c->spd.this.sendcert;
cert_t *mycert = c->spd.this.cert;
@ -4900,7 +4900,7 @@ static stf_status quick_inI1_outR1_tail(struct verify_oppo_bundle *b,
p = rw_instantiate(p, &c->spd.that.host_addr, md->sender_port
, his_net, c->spd.that.id);
/* inherit any virtual IP assigned by a Mode Config exchange */
/* inherit any virtual IP assigned by a Mode Config exchange */
if (p->spd.that.modecfg && c->spd.that.modecfg &&
subnetisaddr(his_net, (ip_address*)vip->get_sockaddr(vip)))
{

6
src/pluto/keys.c
View File

@ -968,7 +968,7 @@ void free_preshared_secrets(void)
for (s = secrets; s != NULL; s = ns)
{
ns = s->next;
s->ids->destroy_offset(s->ids, offsetof(identification_t, destroy));
s->ids->destroy_offset(s->ids, offsetof(identification_t, destroy));
switch (s->kind)
{
@ -1238,7 +1238,7 @@ void add_public_key_from_cert(cert_t *cert , time_t until,
/* insert all subjectAltNames from X.509 certificates */
enumerator = x509->create_subjectAltName_enumerator(x509);
while (enumerator->enumerate(enumerator, &id))
while (enumerator->enumerate(enumerator, &id))
{
if (id->get_type(id) != ID_ANY)
{
@ -1327,7 +1327,7 @@ void list_public_keys(bool utc)
public->get_keysize(public) * BITS_PER_BYTE,
&key->until_time, utc,
check_expiry(key->until_time, PUBKEY_WARNING_INTERVAL, TRUE));
if (public->get_fingerprint(public, KEY_ID_PUBKEY_INFO_SHA1, &keyid))
if (public->get_fingerprint(public, KEYID_PUBKEY_INFO_SHA1, &keyid))
{
whack_log(RC_COMMENT," keyid: %#B", &keyid);
}

4
src/pluto/x509.c
View File

@ -427,11 +427,11 @@ void list_x509cert_chain(const char *caption, cert_t* cert,
cert->smartcard ? ", on smartcard" :
(has_private_key(cert)? ", has private key" : ""));
if (key->get_fingerprint(key, KEY_ID_PUBKEY_INFO_SHA1, &keyid))
if (key->get_fingerprint(key, KEYID_PUBKEY_INFO_SHA1, &keyid))
{
whack_log(RC_COMMENT, " keyid: %#B", &keyid);
}
if (key->get_fingerprint(key, KEY_ID_PUBKEY_SHA1, &subjkey))
if (key->get_fingerprint(key, KEYID_PUBKEY_SHA1, &subjkey))
{
whack_log(RC_COMMENT, " subjkey: %#B", &subjkey);
}

2
src/scepclient/scep.c
View File

@ -281,7 +281,7 @@ void scep_generate_transaction_id(public_key_t *key, chunk_t *transID,
bool msb_set;
u_char *pos;
key->get_encoding(key, KEY_PUB_ASN1_DER, &keyEncoding);
key->get_encoding(key, PUBKEY_ASN1_DER, &keyEncoding);
keyInfo = asn1_wrap(ASN1_SEQUENCE, "mm",
asn1_algorithmIdentifier(OID_RSA_ENCRYPTION),

6
src/scepclient/scepclient.c
View File

@ -398,7 +398,7 @@ int main(int argc, char **argv)
transID = chunk_empty;
fingerprint = chunk_empty;
encoding = chunk_empty;
pkcs10_encoding = chunk_empty;
pkcs10_encoding = chunk_empty;
issuerAndSubject = chunk_empty;
challengePassword = chunk_empty;
getCertInitial = chunk_empty;
@ -900,7 +900,7 @@ int main(int argc, char **argv)
DBG(DBG_CONTROL,
DBG_log("building pkcs1 object:")
)
if (!private_key->get_encoding(private_key, KEY_PRIV_ASN1_DER, &pkcs1) ||
if (!private_key->get_encoding(private_key, PRIVKEY_ASN1_DER, &pkcs1) ||
!chunk_write(pkcs1, path, "pkcs1", 0066, force))
{
exit_scepclient("could not write pkcs1 file '%s'", path);
@ -964,7 +964,7 @@ int main(int argc, char **argv)
*/
{
char *path = concatenate_paths(CA_CERT_PATH, file_in_cacert_enc);
x509_ca_enc = lib->creds->create(lib->creds, CRED_CERTIFICATE, CERT_X509,
BUILD_FROM_FILE, path, BUILD_END);
if (!x509_ca_enc)