Renamed key_encod{ing,der}_t and constants, prepare for generic credential encoding
This commit is contained in:
parent
24d327ab4d
commit
da9724e6d0
|
@ -37,15 +37,15 @@ int main(int argc, char *argv[])
|
|||
printf("parsed %d bits %N private key.\n",
|
||||
private->get_keysize(private)*8,
|
||||
key_type_names, private->get_type(private));
|
||||
if (private->get_fingerprint(private, KEY_ID_PUBKEY_INFO_SHA1, &chunk))
|
||||
if (private->get_fingerprint(private, KEYID_PUBKEY_INFO_SHA1, &chunk))
|
||||
{
|
||||
printf("subjectPublicKeyInfo keyid: %#B\n", &chunk);
|
||||
}
|
||||
if (private->get_fingerprint(private, KEY_ID_PUBKEY_SHA1, &chunk))
|
||||
if (private->get_fingerprint(private, KEYID_PUBKEY_SHA1, &chunk))
|
||||
{
|
||||
printf("subjectPublicKey keyid: %#B\n", &chunk);
|
||||
}
|
||||
if (private->get_fingerprint(private, KEY_ID_PGPV3, &chunk))
|
||||
if (private->get_fingerprint(private, KEYID_PGPV3, &chunk))
|
||||
{
|
||||
printf("PGP version 3 keyid: %#B\n", &chunk);
|
||||
}
|
||||
|
@ -67,15 +67,15 @@ int main(int argc, char *argv[])
|
|||
printf("parsed %d bits %N public key.\n",
|
||||
public->get_keysize(public)*8,
|
||||
key_type_names, public->get_type(public));
|
||||
if (public->get_fingerprint(public, KEY_ID_PUBKEY_INFO_SHA1, &chunk))
|
||||
if (public->get_fingerprint(public, KEYID_PUBKEY_INFO_SHA1, &chunk))
|
||||
{
|
||||
printf("subjectPublicKeyInfo keyid: %#B\n", &chunk);
|
||||
}
|
||||
if (public->get_fingerprint(public, KEY_ID_PUBKEY_SHA1, &chunk))
|
||||
if (public->get_fingerprint(public, KEYID_PUBKEY_SHA1, &chunk))
|
||||
{
|
||||
printf("subjectPublicKey keyid: %#B\n", &chunk);
|
||||
}
|
||||
if (public->get_fingerprint(public, KEY_ID_PGPV3, &chunk))
|
||||
if (public->get_fingerprint(public, KEYID_PGPV3, &chunk))
|
||||
{
|
||||
printf("PGP version 3 keyid: %#B\n", &chunk);
|
||||
}
|
||||
|
|
|
@ -34,7 +34,7 @@ int main(int argc, char *argv[])
|
|||
BUILD_END);
|
||||
if (private)
|
||||
{
|
||||
if (private->get_fingerprint(private, KEY_ID_PUBKEY_SHA1, &chunk))
|
||||
if (private->get_fingerprint(private, KEYID_PUBKEY_SHA1, &chunk))
|
||||
{
|
||||
printf("%d, X'", ID_KEY_ID);
|
||||
for (n = 0; n < chunk.len; n++)
|
||||
|
@ -58,7 +58,7 @@ int main(int argc, char *argv[])
|
|||
}
|
||||
if (public)
|
||||
{
|
||||
if (public->get_fingerprint(public, KEY_ID_PUBKEY_SHA1, &chunk))
|
||||
if (public->get_fingerprint(public, KEYID_PUBKEY_SHA1, &chunk))
|
||||
{
|
||||
printf("%d, X'", ID_KEY_ID);
|
||||
for (n = 0; n < chunk.len; n++)
|
||||
|
|
|
@ -401,11 +401,11 @@ static void list(private_stroke_ca_t *this, stroke_msg_t *msg, FILE *out)
|
|||
/* list authkey and keyid */
|
||||
if (public)
|
||||
{
|
||||
if (public->get_fingerprint(public, KEY_ID_PUBKEY_SHA1, &chunk))
|
||||
if (public->get_fingerprint(public, KEYID_PUBKEY_SHA1, &chunk))
|
||||
{
|
||||
fprintf(out, " authkey: %#B\n", &chunk);
|
||||
}
|
||||
if (public->get_fingerprint(public, KEY_ID_PUBKEY_INFO_SHA1, &chunk))
|
||||
if (public->get_fingerprint(public, KEYID_PUBKEY_INFO_SHA1, &chunk))
|
||||
{
|
||||
fprintf(out, " keyid: %#B\n", &chunk);
|
||||
}
|
||||
|
|
|
@ -626,7 +626,7 @@ static void list_public_key(public_key_t *public, FILE *out)
|
|||
identification_t *id;
|
||||
auth_cfg_t *auth;
|
||||
|
||||
if (public->get_fingerprint(public, KEY_ID_PUBKEY_SHA1, &keyid))
|
||||
if (public->get_fingerprint(public, KEYID_PUBKEY_SHA1, &keyid))
|
||||
{
|
||||
id = identification_create_from_encoding(ID_KEY_ID, keyid);
|
||||
auth = auth_cfg_create();
|
||||
|
@ -640,11 +640,11 @@ static void list_public_key(public_key_t *public, FILE *out)
|
|||
key_type_names, public->get_type(public),
|
||||
public->get_keysize(public) * 8,
|
||||
private ? ", has private key" : "");
|
||||
if (public->get_fingerprint(public, KEY_ID_PUBKEY_INFO_SHA1, &keyid))
|
||||
if (public->get_fingerprint(public, KEYID_PUBKEY_INFO_SHA1, &keyid))
|
||||
{
|
||||
fprintf(out, " keyid: %#B\n", &keyid);
|
||||
}
|
||||
if (public->get_fingerprint(public, KEY_ID_PUBKEY_SHA1, &keyid))
|
||||
if (public->get_fingerprint(public, KEYID_PUBKEY_SHA1, &keyid))
|
||||
{
|
||||
fprintf(out, " subjkey: %#B\n", &keyid);
|
||||
}
|
||||
|
|
|
@ -41,7 +41,7 @@ bool test_med_db()
|
|||
KEY_ANY, id, NULL);
|
||||
while (enumerator->enumerate(enumerator, &public, &auth))
|
||||
{
|
||||
good = public->get_fingerprint(public, KEY_ID_PUBKEY_SHA1, &found);
|
||||
good = public->get_fingerprint(public, KEYID_PUBKEY_SHA1, &found);
|
||||
if (good)
|
||||
{
|
||||
good = chunk_equals(id->get_encoding(id), found);
|
||||
|
|
|
@ -299,7 +299,7 @@ static void add_certreq(certreq_payload_t **req, certificate_t *cert)
|
|||
{
|
||||
*req = certreq_payload_create_type(CERT_X509);
|
||||
}
|
||||
if (public->get_fingerprint(public, KEY_ID_PUBKEY_INFO_SHA1, &keyid))
|
||||
if (public->get_fingerprint(public, KEYID_PUBKEY_INFO_SHA1, &keyid))
|
||||
{
|
||||
(*req)->add_keyid(*req, keyid);
|
||||
DBG1(DBG_IKE, "sending cert request for \"%Y\"",
|
||||
|
|
|
@ -21,25 +21,25 @@
|
|||
#include <utils/hashtable.h>
|
||||
#include <threading/rwlock.h>
|
||||
|
||||
typedef struct private_key_encoding_t private_key_encoding_t;
|
||||
typedef struct private_cred_encoding_t private_cred_encoding_t;
|
||||
|
||||
/**
|
||||
* Private data of an key_encoding_t object.
|
||||
* Private data of an cred_encoding_t object.
|
||||
*/
|
||||
struct private_key_encoding_t {
|
||||
struct private_cred_encoding_t {
|
||||
|
||||
/**
|
||||
* Public key_encoding_t interface.
|
||||
* Public cred_encoding_t interface.
|
||||
*/
|
||||
key_encoding_t public;
|
||||
cred_encoding_t public;
|
||||
|
||||
/**
|
||||
* cached encodings, a table for each encoding_type_t, containing chunk_t*
|
||||
*/
|
||||
hashtable_t *cache[KEY_ENCODING_MAX];
|
||||
hashtable_t *cache[CRED_ENCODING_MAX];
|
||||
|
||||
/**
|
||||
* Registered encoding fuctions, key_encoder_t
|
||||
* Registered encoding fuctions, cred_encoder_t
|
||||
*/
|
||||
linked_list_t *encoders;
|
||||
|
||||
|
@ -52,7 +52,7 @@ struct private_key_encoding_t {
|
|||
/**
|
||||
* See header.
|
||||
*/
|
||||
bool key_encoding_args(va_list args, ...)
|
||||
bool cred_encoding_args(va_list args, ...)
|
||||
{
|
||||
va_list parts, copy;
|
||||
bool failed = FALSE;
|
||||
|
@ -61,12 +61,12 @@ bool key_encoding_args(va_list args, ...)
|
|||
|
||||
while (!failed)
|
||||
{
|
||||
key_encoding_part_t current, target;
|
||||
cred_encoding_part_t current, target;
|
||||
chunk_t *out, data;
|
||||
|
||||
/* get the part we are looking for */
|
||||
target = va_arg(parts, key_encoding_part_t);
|
||||
if (target == KEY_PART_END)
|
||||
target = va_arg(parts, cred_encoding_part_t);
|
||||
if (target == CRED_PART_END)
|
||||
{
|
||||
break;
|
||||
}
|
||||
|
@ -75,8 +75,8 @@ bool key_encoding_args(va_list args, ...)
|
|||
va_copy(copy, args);
|
||||
while (!failed)
|
||||
{
|
||||
current = va_arg(copy, key_encoding_part_t);
|
||||
if (current == KEY_PART_END)
|
||||
current = va_arg(copy, cred_encoding_part_t);
|
||||
if (current == CRED_PART_END)
|
||||
{
|
||||
failed = TRUE;
|
||||
break;
|
||||
|
@ -111,14 +111,14 @@ static bool equals(void *key1, void *key2)
|
|||
}
|
||||
|
||||
/**
|
||||
* Implementation of key_encoding_t.get_cache
|
||||
* Implementation of cred_encoding_t.get_cache
|
||||
*/
|
||||
static bool get_cache(private_key_encoding_t *this, key_encoding_type_t type,
|
||||
static bool get_cache(private_cred_encoding_t *this, cred_encoding_type_t type,
|
||||
void *cache, chunk_t *encoding)
|
||||
{
|
||||
chunk_t *chunk;
|
||||
|
||||
if (type >= KEY_ENCODING_MAX || type < 0)
|
||||
if (type >= CRED_ENCODING_MAX || type < 0)
|
||||
{
|
||||
return FALSE;
|
||||
}
|
||||
|
@ -133,18 +133,18 @@ static bool get_cache(private_key_encoding_t *this, key_encoding_type_t type,
|
|||
}
|
||||
|
||||
/**
|
||||
* Implementation of key_encoding_t.encode
|
||||
* Implementation of cred_encoding_t.encode
|
||||
*/
|
||||
static bool encode(private_key_encoding_t *this, key_encoding_type_t type,
|
||||
static bool encode(private_cred_encoding_t *this, cred_encoding_type_t type,
|
||||
void *cache, chunk_t *encoding, ...)
|
||||
{
|
||||
enumerator_t *enumerator;
|
||||
va_list args, copy;
|
||||
key_encoder_t encode;
|
||||
cred_encoder_t encode;
|
||||
bool success = FALSE;
|
||||
chunk_t *chunk;
|
||||
|
||||
if (type >= KEY_ENCODING_MAX || type < 0)
|
||||
if (type >= CRED_ENCODING_MAX || type < 0)
|
||||
{
|
||||
return FALSE;
|
||||
}
|
||||
|
@ -187,14 +187,14 @@ static bool encode(private_key_encoding_t *this, key_encoding_type_t type,
|
|||
}
|
||||
|
||||
/**
|
||||
* Implementation of key_encoding_t.cache
|
||||
* Implementation of cred_encoding_t.cache
|
||||
*/
|
||||
static void cache(private_key_encoding_t *this, key_encoding_type_t type,
|
||||
static void cache(private_cred_encoding_t *this, cred_encoding_type_t type,
|
||||
void *cache, chunk_t encoding)
|
||||
{
|
||||
chunk_t *chunk;
|
||||
|
||||
if (type >= KEY_ENCODING_MAX || type < 0)
|
||||
if (type >= CRED_ENCODING_MAX || type < 0)
|
||||
{
|
||||
return free(encoding.ptr);
|
||||
}
|
||||
|
@ -212,15 +212,15 @@ static void cache(private_key_encoding_t *this, key_encoding_type_t type,
|
|||
}
|
||||
|
||||
/**
|
||||
* Implementation of key_encoding_t.clear_cache
|
||||
* Implementation of cred_encoding_t.clear_cache
|
||||
*/
|
||||
static void clear_cache(private_key_encoding_t *this, void *cache)
|
||||
static void clear_cache(private_cred_encoding_t *this, void *cache)
|
||||
{
|
||||
key_encoding_type_t type;
|
||||
cred_encoding_type_t type;
|
||||
chunk_t *chunk;
|
||||
|
||||
this->lock->write_lock(this->lock);
|
||||
for (type = 0; type < KEY_ENCODING_MAX; type++)
|
||||
for (type = 0; type < CRED_ENCODING_MAX; type++)
|
||||
{
|
||||
chunk = this->cache[type]->remove(this->cache[type], cache);
|
||||
if (chunk)
|
||||
|
@ -233,9 +233,9 @@ static void clear_cache(private_key_encoding_t *this, void *cache)
|
|||
}
|
||||
|
||||
/**
|
||||
* Implementation of key_encoding_t.add_encoder
|
||||
* Implementation of cred_encoding_t.add_encoder
|
||||
*/
|
||||
static void add_encoder(private_key_encoding_t *this, key_encoder_t encoder)
|
||||
static void add_encoder(private_cred_encoding_t *this, cred_encoder_t encoder)
|
||||
{
|
||||
this->lock->write_lock(this->lock);
|
||||
this->encoders->insert_last(this->encoders, encoder);
|
||||
|
@ -243,9 +243,9 @@ static void add_encoder(private_key_encoding_t *this, key_encoder_t encoder)
|
|||
}
|
||||
|
||||
/**
|
||||
* Implementation of key_encoding_t.remove_encoder
|
||||
* Implementation of cred_encoding_t.remove_encoder
|
||||
*/
|
||||
static void remove_encoder(private_key_encoding_t *this, key_encoder_t encoder)
|
||||
static void remove_encoder(private_cred_encoding_t *this, cred_encoder_t encoder)
|
||||
{
|
||||
this->lock->write_lock(this->lock);
|
||||
this->encoders->remove(this->encoders, encoder, NULL);
|
||||
|
@ -253,18 +253,18 @@ static void remove_encoder(private_key_encoding_t *this, key_encoder_t encoder)
|
|||
}
|
||||
|
||||
/**
|
||||
* Implementation of key_encoder_t.destroy.
|
||||
* Implementation of cred_encoder_t.destroy.
|
||||
*/
|
||||
static void destroy(private_key_encoding_t *this)
|
||||
static void destroy(private_cred_encoding_t *this)
|
||||
{
|
||||
key_encoding_type_t type;
|
||||
cred_encoding_type_t type;
|
||||
|
||||
for (type = 0; type < KEY_ENCODING_MAX; type++)
|
||||
for (type = 0; type < CRED_ENCODING_MAX; type++)
|
||||
{
|
||||
/* We explicitly do not free remaining encodings. All keys should
|
||||
/* We explicitly do not free remaining encodings. All creds should
|
||||
* have gone now, and they are responsible for cleaning out their
|
||||
* cache entries. Not flushing here allows the leak detective to
|
||||
* complain if a key did not flush cached encodings. */
|
||||
* complain if a credential did not flush cached encodings. */
|
||||
this->cache[type]->destroy(this->cache[type]);
|
||||
}
|
||||
this->encoders->destroy(this->encoders);
|
||||
|
@ -275,20 +275,20 @@ static void destroy(private_key_encoding_t *this)
|
|||
/**
|
||||
* See header
|
||||
*/
|
||||
key_encoding_t *key_encoding_create()
|
||||
cred_encoding_t *cred_encoding_create()
|
||||
{
|
||||
private_key_encoding_t *this = malloc_thing(private_key_encoding_t);
|
||||
key_encoding_type_t type;
|
||||
private_cred_encoding_t *this = malloc_thing(private_cred_encoding_t);
|
||||
cred_encoding_type_t type;
|
||||
|
||||
this->public.encode = (bool(*)(key_encoding_t*, key_encoding_type_t type, void *cache, chunk_t *encoding, ...))encode;
|
||||
this->public.get_cache = (bool(*)(key_encoding_t*, key_encoding_type_t type, void *cache, chunk_t *encoding))get_cache;
|
||||
this->public.cache = (void(*)(key_encoding_t*, key_encoding_type_t type, void *cache, chunk_t encoding))cache;
|
||||
this->public.clear_cache = (void(*)(key_encoding_t*, void *cache))clear_cache;
|
||||
this->public.add_encoder = (void(*)(key_encoding_t*, key_encoder_t encoder))add_encoder;
|
||||
this->public.remove_encoder = (void(*)(key_encoding_t*, key_encoder_t encoder))remove_encoder;
|
||||
this->public.destroy = (void(*)(key_encoding_t*))destroy;
|
||||
this->public.encode = (bool(*)(cred_encoding_t*, cred_encoding_type_t type, void *cache, chunk_t *encoding, ...))encode;
|
||||
this->public.get_cache = (bool(*)(cred_encoding_t*, cred_encoding_type_t type, void *cache, chunk_t *encoding))get_cache;
|
||||
this->public.cache = (void(*)(cred_encoding_t*, cred_encoding_type_t type, void *cache, chunk_t encoding))cache;
|
||||
this->public.clear_cache = (void(*)(cred_encoding_t*, void *cache))clear_cache;
|
||||
this->public.add_encoder = (void(*)(cred_encoding_t*, cred_encoder_t encoder))add_encoder;
|
||||
this->public.remove_encoder = (void(*)(cred_encoding_t*, cred_encoder_t encoder))remove_encoder;
|
||||
this->public.destroy = (void(*)(cred_encoding_t*))destroy;
|
||||
|
||||
for (type = 0; type < KEY_ENCODING_MAX; type++)
|
||||
for (type = 0; type < CRED_ENCODING_MAX; type++)
|
||||
{
|
||||
this->cache[type] = hashtable_create(hash, equals, 8);
|
||||
}
|
||||
|
|
|
@ -14,134 +14,134 @@
|
|||
*/
|
||||
|
||||
/**
|
||||
* @defgroup key_encoding key_encoding
|
||||
* @{ @ingroup keys
|
||||
* @defgroup cred_encoding cred_encoding
|
||||
* @{ @ingroup credentials
|
||||
*/
|
||||
|
||||
#ifndef KEY_ENCODING_H_
|
||||
#define KEY_ENCODING_H_
|
||||
#ifndef CRED_ENCODING_H_
|
||||
#define CRED_ENCODING_H_
|
||||
|
||||
typedef struct key_encoding_t key_encoding_t;
|
||||
typedef enum key_encoding_type_t key_encoding_type_t;
|
||||
typedef enum key_encoding_part_t key_encoding_part_t;
|
||||
typedef struct cred_encoding_t cred_encoding_t;
|
||||
typedef enum cred_encoding_type_t cred_encoding_type_t;
|
||||
typedef enum cred_encoding_part_t cred_encoding_part_t;
|
||||
|
||||
#include <library.h>
|
||||
|
||||
/**
|
||||
* Key encoder function implementing encoding/fingerprinting.
|
||||
* Credential encoder function implementing encoding/fingerprinting.
|
||||
*
|
||||
* The variable argument list takes key_encoding_part_t, followed by part
|
||||
* The variable argument list takes cred_encoding_part_t, followed by part
|
||||
* specific arguments, terminated by KEY_PART_END.
|
||||
*
|
||||
* @param type format to encode the key to
|
||||
* @param args list of (key_encoding_part_t, data)
|
||||
* @param type format to encode the credential to
|
||||
* @param args list of (cred_encoding_part_t, data)
|
||||
* @param encoding encoding result, allocated
|
||||
* @return TRUE if encoding successful
|
||||
*/
|
||||
typedef bool (*key_encoder_t)(key_encoding_type_t type, chunk_t *encoding,
|
||||
va_list args);
|
||||
typedef bool (*cred_encoder_t)(cred_encoding_type_t type, chunk_t *encoding,
|
||||
va_list args);
|
||||
|
||||
/**
|
||||
* Helper function for key_encoder_t implementations to parse argument list.
|
||||
* Helper function for cred_encoder_t implementations to parse argument list.
|
||||
*
|
||||
* Key encoder functions get a variable argument list to parse. To simplify
|
||||
* the job, this function reads the arguments and returns chunks for each
|
||||
* part.
|
||||
* The argument list of this function takes a key_encoding_part_t, followed
|
||||
* by a data pointer receiving the value, terminated by KEY_PART_END.
|
||||
* Credential encoder functions get a variable argument list to parse. To
|
||||
* simplify the job, this function reads the arguments and returns chunks for
|
||||
* each part.
|
||||
* The argument list of this function takes a cred_encoding_part_t, followed
|
||||
* by a data pointer receiving the value, terminated by CRED_PART_END.
|
||||
*
|
||||
* @param args argument list passed to key encoder function
|
||||
* @param ... list of (key_encoding_part_t, data*)
|
||||
* @param args argument list passed to credential encoder function
|
||||
* @param ... list of (cred_encoding_part_t, data*)
|
||||
* @return TRUE if all parts found, FALSE otherwise
|
||||
*/
|
||||
bool key_encoding_args(va_list args, ...);
|
||||
bool cred_encoding_args(va_list args, ...);
|
||||
|
||||
/**
|
||||
* Encoding type of a fingerprint/private-/public-key.
|
||||
* Encoding type of a fingerprint/credential.
|
||||
*
|
||||
* Fingerprints have have the KEY_ID_*, public keys the KEY_PUB_* and
|
||||
* private keys the KEY_PRIV_* prefix.
|
||||
* Fingerprints have have the KEYID_*, public keys the PUBKEY_* and
|
||||
* private keys the PRIVKEY_* prefix.
|
||||
*/
|
||||
enum key_encoding_type_t {
|
||||
enum cred_encoding_type_t {
|
||||
/** SHA1 fingerprint over subjectPublicKeyInfo */
|
||||
KEY_ID_PUBKEY_INFO_SHA1 = 0,
|
||||
KEYID_PUBKEY_INFO_SHA1 = 0,
|
||||
/** SHA1 fingerprint over subjectPublicKey */
|
||||
KEY_ID_PUBKEY_SHA1,
|
||||
KEYID_PUBKEY_SHA1,
|
||||
/** PGPv3 fingerprint */
|
||||
KEY_ID_PGPV3,
|
||||
KEYID_PGPV3,
|
||||
/** PGPv4 fingerprint */
|
||||
KEY_ID_PGPV4,
|
||||
KEYID_PGPV4,
|
||||
|
||||
KEY_ID_MAX,
|
||||
KEYID_MAX,
|
||||
|
||||
/** PKCS#1 and similar ASN.1 key encoding */
|
||||
KEY_PUB_ASN1_DER,
|
||||
KEY_PRIV_ASN1_DER,
|
||||
PUBKEY_ASN1_DER,
|
||||
PRIVKEY_ASN1_DER,
|
||||
/** subjectPublicKeyInfo encoding */
|
||||
KEY_PUB_SPKI_ASN1_DER,
|
||||
PUBKEY_SPKI_ASN1_DER,
|
||||
/** PEM encoded PKCS#1 key */
|
||||
KEY_PUB_PEM,
|
||||
KEY_PRIV_PEM,
|
||||
PUBKEY_PEM,
|
||||
PRIVKEY_PEM,
|
||||
/** PGP key encoding */
|
||||
KEY_PUB_PGP,
|
||||
KEY_PRIV_PGP,
|
||||
PUBKEY_PGP,
|
||||
PRIVKEY_PGP,
|
||||
|
||||
KEY_ENCODING_MAX,
|
||||
CRED_ENCODING_MAX,
|
||||
};
|
||||
|
||||
/**
|
||||
* Parts of a key to encode.
|
||||
* Parts of a credential to encode.
|
||||
*/
|
||||
enum key_encoding_part_t {
|
||||
enum cred_encoding_part_t {
|
||||
/** modulus of a RSA key, n */
|
||||
KEY_PART_RSA_MODULUS,
|
||||
CRED_PART_RSA_MODULUS,
|
||||
/** public exponent of a RSA key, e */
|
||||
KEY_PART_RSA_PUB_EXP,
|
||||
CRED_PART_RSA_PUB_EXP,
|
||||
/** private exponent of a RSA key, d */
|
||||
KEY_PART_RSA_PRIV_EXP,
|
||||
CRED_PART_RSA_PRIV_EXP,
|
||||
/** prime1 a RSA key, p */
|
||||
KEY_PART_RSA_PRIME1,
|
||||
CRED_PART_RSA_PRIME1,
|
||||
/** prime2 a RSA key, q */
|
||||
KEY_PART_RSA_PRIME2,
|
||||
CRED_PART_RSA_PRIME2,
|
||||
/** exponent1 a RSA key, exp1 */
|
||||
KEY_PART_RSA_EXP1,
|
||||
CRED_PART_RSA_EXP1,
|
||||
/** exponent1 a RSA key, exp2 */
|
||||
KEY_PART_RSA_EXP2,
|
||||
CRED_PART_RSA_EXP2,
|
||||
/** coefficient of RSA key, coeff */
|
||||
KEY_PART_RSA_COEFF,
|
||||
CRED_PART_RSA_COEFF,
|
||||
/** a DER encoded RSA public key */
|
||||
KEY_PART_RSA_PUB_ASN1_DER,
|
||||
CRED_PART_RSA_PUB_ASN1_DER,
|
||||
/** a DER encoded RSA private key */
|
||||
KEY_PART_RSA_PRIV_ASN1_DER,
|
||||
CRED_PART_RSA_PRIV_ASN1_DER,
|
||||
/** a DER encoded ECDSA public key */
|
||||
KEY_PART_ECDSA_PUB_ASN1_DER,
|
||||
CRED_PART_ECDSA_PUB_ASN1_DER,
|
||||
/** a DER encoded ECDSA private key */
|
||||
KEY_PART_ECDSA_PRIV_ASN1_DER,
|
||||
CRED_PART_ECDSA_PRIV_ASN1_DER,
|
||||
|
||||
KEY_PART_END,
|
||||
CRED_PART_END,
|
||||
};
|
||||
|
||||
/**
|
||||
* Private/Public key encoding and fingerprinting facility.
|
||||
* Credential encoding and fingerprinting facility.
|
||||
*/
|
||||
struct key_encoding_t {
|
||||
struct cred_encoding_t {
|
||||
|
||||
/**
|
||||
* Encode a key into a format using several key parts, optional caching.
|
||||
* Encode a credential in a format using several parts, optional caching.
|
||||
*
|
||||
* The variable argument list takes key_encoding_part_t, followed by part
|
||||
* specific arguments, terminated by KEY_PART_END.
|
||||
* The variable argument list takes cred_encoding_part_t, followed by part
|
||||
* specific arguments, terminated by CRED_PART_END.
|
||||
* If a cache key is given, the returned encoding points to internal data:
|
||||
* do not free or modify. If no cache key is given, the encoding is
|
||||
* allocated and must be freed by the caller.
|
||||
*
|
||||
* @param type format the key should be encoded to
|
||||
* @param type format the credential should be encoded to
|
||||
* @param cache key to use for caching, NULL to not cache
|
||||
* @param encoding encoding result, allocated if caching disabled
|
||||
* @param ... list of (key_encoding_part_t, data)
|
||||
* @param ... list of (cred_encoding_part_t, data)
|
||||
* @return TRUE if encoding successful
|
||||
*/
|
||||
bool (*encode)(key_encoding_t *this, key_encoding_type_t type, void *cache,
|
||||
bool (*encode)(cred_encoding_t *this, cred_encoding_type_t type, void *cache,
|
||||
chunk_t *encoding, ...);
|
||||
|
||||
/**
|
||||
|
@ -149,55 +149,55 @@ struct key_encoding_t {
|
|||
*
|
||||
* @param cache key used in encode() for caching
|
||||
*/
|
||||
void (*clear_cache)(key_encoding_t *this, void *cache);
|
||||
void (*clear_cache)(cred_encoding_t *this, void *cache);
|
||||
|
||||
/**
|
||||
* Check for a cached encoding.
|
||||
*
|
||||
* @param type format of the key encoding
|
||||
* @param type format of the credential encoding
|
||||
* @param cache key to use for caching, as given to encode()
|
||||
* @param encoding encoding result, internal data
|
||||
* @return TRUE if cache entry found
|
||||
*/
|
||||
bool (*get_cache)(key_encoding_t *this, key_encoding_type_t type,
|
||||
bool (*get_cache)(cred_encoding_t *this, cred_encoding_type_t type,
|
||||
void *cache, chunk_t *encoding);
|
||||
|
||||
/**
|
||||
* Cache a key encoding created externally.
|
||||
* Cache a credential encoding created externally.
|
||||
*
|
||||
* After calling cache(), the passed encoding is owned by the key encoding
|
||||
* After calling cache(), the passed encoding is owned by the cred encoding
|
||||
* facility.
|
||||
*
|
||||
* @param type format of the key encoding
|
||||
* @param type format of the credential encoding
|
||||
* @param cache key to use for caching, as given to encode()
|
||||
* @param encoding encoding to cache, gets owned by this
|
||||
*/
|
||||
void (*cache)(key_encoding_t *this, key_encoding_type_t type, void *cache,
|
||||
void (*cache)(cred_encoding_t *this, cred_encoding_type_t type, void *cache,
|
||||
chunk_t encoding);
|
||||
|
||||
/**
|
||||
* Register a key encoder function.
|
||||
* Register a credential encoder function.
|
||||
*
|
||||
* @param encoder key encoder function to add
|
||||
* @param encoder credential encoder function to add
|
||||
*/
|
||||
void (*add_encoder)(key_encoding_t *this, key_encoder_t encoder);
|
||||
void (*add_encoder)(cred_encoding_t *this, cred_encoder_t encoder);
|
||||
|
||||
/**
|
||||
* Unregister a previously registered key encoder function.
|
||||
* Unregister a previously registered credential encoder function.
|
||||
*
|
||||
* @param encoder key encoder function to remove
|
||||
* @param encoder credential encoder function to remove
|
||||
*/
|
||||
void (*remove_encoder)(key_encoding_t *this, key_encoder_t encoder);
|
||||
void (*remove_encoder)(cred_encoding_t *this, cred_encoder_t encoder);
|
||||
|
||||
/**
|
||||
* Destroy a key_encoding_t.
|
||||
* Destroy a cred_encoding_t.
|
||||
*/
|
||||
void (*destroy)(key_encoding_t *this);
|
||||
void (*destroy)(cred_encoding_t *this);
|
||||
};
|
||||
|
||||
/**
|
||||
* Create a key_encoding instance.
|
||||
* Create a cred_encoding instance.
|
||||
*/
|
||||
key_encoding_t *key_encoding_create();
|
||||
cred_encoding_t *cred_encoding_create();
|
||||
|
||||
#endif /** KEY_ENCODING_H_ @}*/
|
||||
#endif /** CRED_ENCODING_H_ @}*/
|
||||
|
|
|
@ -909,7 +909,7 @@ static private_key_t *get_private_by_cert(private_credential_manager_t *this,
|
|||
public = cert->get_public_key(cert);
|
||||
if (public)
|
||||
{
|
||||
if (public->get_fingerprint(public, KEY_ID_PUBKEY_SHA1, &chunk))
|
||||
if (public->get_fingerprint(public, KEYID_PUBKEY_SHA1, &chunk))
|
||||
{
|
||||
keyid = identification_create_from_encoding(ID_KEY_ID, chunk);
|
||||
private = get_private_by_keyid(this, type, keyid);
|
||||
|
|
|
@ -20,7 +20,7 @@
|
|||
*/
|
||||
bool private_key_equals(private_key_t *this, private_key_t *other)
|
||||
{
|
||||
key_encoding_type_t type;
|
||||
cred_encoding_type_t type;
|
||||
chunk_t a, b;
|
||||
|
||||
if (this == other)
|
||||
|
@ -28,7 +28,7 @@ bool private_key_equals(private_key_t *this, private_key_t *other)
|
|||
return TRUE;
|
||||
}
|
||||
|
||||
for (type = 0; type < KEY_ENCODING_MAX; type++)
|
||||
for (type = 0; type < CRED_ENCODING_MAX; type++)
|
||||
{
|
||||
if (this->get_fingerprint(this, type, &a) &&
|
||||
other->get_fingerprint(other, type, &b))
|
||||
|
@ -44,10 +44,10 @@ bool private_key_equals(private_key_t *this, private_key_t *other)
|
|||
*/
|
||||
bool private_key_belongs_to(private_key_t *private, public_key_t *public)
|
||||
{
|
||||
key_encoding_type_t type;
|
||||
cred_encoding_type_t type;
|
||||
chunk_t a, b;
|
||||
|
||||
for (type = 0; type < KEY_ENCODING_MAX; type++)
|
||||
for (type = 0; type < CRED_ENCODING_MAX; type++)
|
||||
{
|
||||
if (private->get_fingerprint(private, type, &a) &&
|
||||
public->get_fingerprint(public, type, &b))
|
||||
|
@ -63,10 +63,10 @@ bool private_key_belongs_to(private_key_t *private, public_key_t *public)
|
|||
*/
|
||||
bool private_key_has_fingerprint(private_key_t *private, chunk_t fingerprint)
|
||||
{
|
||||
key_encoding_type_t type;
|
||||
cred_encoding_type_t type;
|
||||
chunk_t current;
|
||||
|
||||
for (type = 0; type < KEY_ID_MAX; type++)
|
||||
for (type = 0; type < KEYID_MAX; type++)
|
||||
{
|
||||
if (private->get_fingerprint(private, type, ¤t) &&
|
||||
chunk_equals(current, fingerprint))
|
||||
|
|
|
@ -90,11 +90,11 @@ struct private_key_t {
|
|||
/**
|
||||
* Get the fingerprint of the key.
|
||||
*
|
||||
* @param type type of fingerprint, one of KEY_ID_*
|
||||
* @param type type of fingerprint, one of KEYID_*
|
||||
* @param fp fingerprint, points to internal data
|
||||
* @return TRUE if fingerprint type supported
|
||||
*/
|
||||
bool (*get_fingerprint)(private_key_t *this, key_encoding_type_t type,
|
||||
bool (*get_fingerprint)(private_key_t *this, cred_encoding_type_t type,
|
||||
chunk_t *fp);
|
||||
|
||||
/**
|
||||
|
@ -108,11 +108,11 @@ struct private_key_t {
|
|||
/**
|
||||
* Get the key in an encoded form as a chunk.
|
||||
*
|
||||
* @param type type of the encoding, one of KEY_PRIV_*
|
||||
* @param type type of the encoding, one of PRIVKEY_*
|
||||
* @param encoding encoding of the key, allocated
|
||||
* @return TRUE if encoding supported
|
||||
*/
|
||||
bool (*get_encoding)(private_key_t *this, key_encoding_type_t type,
|
||||
bool (*get_encoding)(private_key_t *this, cred_encoding_type_t type,
|
||||
chunk_t *encoding);
|
||||
|
||||
/**
|
||||
|
|
|
@ -47,7 +47,7 @@ ENUM(signature_scheme_names, SIGN_UNKNOWN, SIGN_ECDSA_521,
|
|||
*/
|
||||
bool public_key_equals(public_key_t *this, public_key_t *other)
|
||||
{
|
||||
key_encoding_type_t type;
|
||||
cred_encoding_type_t type;
|
||||
chunk_t a, b;
|
||||
|
||||
if (this == other)
|
||||
|
@ -55,7 +55,7 @@ bool public_key_equals(public_key_t *this, public_key_t *other)
|
|||
return TRUE;
|
||||
}
|
||||
|
||||
for (type = 0; type < KEY_ENCODING_MAX; type++)
|
||||
for (type = 0; type < CRED_ENCODING_MAX; type++)
|
||||
{
|
||||
if (this->get_fingerprint(this, type, &a) &&
|
||||
other->get_fingerprint(other, type, &b))
|
||||
|
@ -71,10 +71,10 @@ bool public_key_equals(public_key_t *this, public_key_t *other)
|
|||
*/
|
||||
bool public_key_has_fingerprint(public_key_t *public, chunk_t fingerprint)
|
||||
{
|
||||
key_encoding_type_t type;
|
||||
cred_encoding_type_t type;
|
||||
chunk_t current;
|
||||
|
||||
for (type = 0; type < KEY_ID_MAX; type++)
|
||||
for (type = 0; type < KEYID_MAX; type++)
|
||||
{
|
||||
if (public->get_fingerprint(public, type, ¤t) &&
|
||||
chunk_equals(current, fingerprint))
|
||||
|
|
|
@ -23,7 +23,6 @@
|
|||
|
||||
typedef struct public_key_t public_key_t;
|
||||
typedef enum key_type_t key_type_t;
|
||||
typedef enum key_id_type_t key_id_type_t;
|
||||
typedef enum signature_scheme_t signature_scheme_t;
|
||||
|
||||
#include <library.h>
|
||||
|
@ -147,11 +146,11 @@ struct public_key_t {
|
|||
/**
|
||||
* Get the fingerprint of the key.
|
||||
*
|
||||
* @param type type of fingerprint, one of KEY_ID_*
|
||||
* @param type type of fingerprint, one of KEYID_*
|
||||
* @param fp fingerprint, points to internal data
|
||||
* @return TRUE if fingerprint type supported
|
||||
*/
|
||||
bool (*get_fingerprint)(public_key_t *this, key_encoding_type_t type,
|
||||
bool (*get_fingerprint)(public_key_t *this, cred_encoding_type_t type,
|
||||
chunk_t *fp);
|
||||
|
||||
/**
|
||||
|
@ -165,11 +164,11 @@ struct public_key_t {
|
|||
/**
|
||||
* Get the key in an encoded form as a chunk.
|
||||
*
|
||||
* @param type type of the encoding, one of KEY_PRIV_*
|
||||
* @param type type of the encoding, one of PRIVKEY_*
|
||||
* @param encoding encoding of the key, allocated
|
||||
* @return TRUE if encoding supported
|
||||
*/
|
||||
bool (*get_encoding)(public_key_t *this, key_encoding_type_t type,
|
||||
bool (*get_encoding)(public_key_t *this, cred_encoding_type_t type,
|
||||
chunk_t *encoding);
|
||||
|
||||
/**
|
||||
|
|
|
@ -138,7 +138,7 @@ bool library_init(char *settings)
|
|||
this->public.crypto = crypto_factory_create();
|
||||
this->public.creds = credential_factory_create();
|
||||
this->public.credmgr = credential_manager_create();
|
||||
this->public.encoding = key_encoding_create();
|
||||
this->public.encoding = cred_encoding_create();
|
||||
this->public.fetcher = fetcher_manager_create();
|
||||
this->public.db = database_factory_create();
|
||||
this->public.plugins = plugin_loader_create();
|
||||
|
|
|
@ -99,9 +99,9 @@ struct library_t {
|
|||
credential_manager_t *credmgr;
|
||||
|
||||
/**
|
||||
* key encoding registry and factory
|
||||
* Credential encoding registry and factory
|
||||
*/
|
||||
key_encoding_t *encoding;
|
||||
cred_encoding_t *encoding;
|
||||
|
||||
/**
|
||||
* URL fetching facility
|
||||
|
|
|
@ -340,7 +340,7 @@ static public_key_t* get_public_key(private_agent_private_key_t *this)
|
|||
* Implementation of private_key_t.get_encoding
|
||||
*/
|
||||
static bool get_encoding(private_agent_private_key_t *this,
|
||||
key_encoding_type_t type, chunk_t *encoding)
|
||||
cred_encoding_type_t type, chunk_t *encoding)
|
||||
{
|
||||
return FALSE;
|
||||
}
|
||||
|
@ -349,7 +349,7 @@ static bool get_encoding(private_agent_private_key_t *this,
|
|||
* Implementation of private_key_t.get_fingerprint
|
||||
*/
|
||||
static bool get_fingerprint(private_agent_private_key_t *this,
|
||||
key_encoding_type_t type, chunk_t *fp)
|
||||
cred_encoding_type_t type, chunk_t *fp)
|
||||
{
|
||||
chunk_t n, e, key;
|
||||
|
||||
|
@ -363,7 +363,7 @@ static bool get_fingerprint(private_agent_private_key_t *this,
|
|||
n = read_string(&key);
|
||||
|
||||
return lib->encoding->encode(lib->encoding, type, this, fp,
|
||||
KEY_PART_RSA_MODULUS, n, KEY_PART_RSA_PUB_EXP, e, KEY_PART_END);
|
||||
CRED_PART_RSA_MODULUS, n, CRED_PART_RSA_PUB_EXP, e, CRED_PART_END);
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -429,9 +429,9 @@ agent_private_key_t *agent_private_key_open(key_type_t type, va_list args)
|
|||
this->public.interface.get_public_key = (public_key_t* (*)(private_key_t *this))get_public_key;
|
||||
this->public.interface.belongs_to = private_key_belongs_to;
|
||||
this->public.interface.equals = private_key_equals;
|
||||
this->public.interface.get_fingerprint = (bool(*)(private_key_t*, key_encoding_type_t type, chunk_t *fp))get_fingerprint;
|
||||
this->public.interface.get_fingerprint = (bool(*)(private_key_t*, cred_encoding_type_t type, chunk_t *fp))get_fingerprint;
|
||||
this->public.interface.has_fingerprint = (bool(*)(private_key_t*, chunk_t fp))private_key_has_fingerprint;
|
||||
this->public.interface.get_encoding = (bool(*)(private_key_t*, key_encoding_type_t type, chunk_t *encoding))get_encoding;
|
||||
this->public.interface.get_encoding = (bool(*)(private_key_t*, cred_encoding_type_t type, chunk_t *encoding))get_encoding;
|
||||
this->public.interface.get_ref = (private_key_t* (*)(private_key_t *this))get_ref;
|
||||
this->public.interface.destroy = (void (*)(private_key_t *this))destroy;
|
||||
|
||||
|
|
|
@ -308,7 +308,7 @@ static public_key_t* get_public_key(private_gcrypt_rsa_private_key_t *this)
|
|||
* Implementation of private_key_t.get_encoding
|
||||
*/
|
||||
static bool get_encoding(private_gcrypt_rsa_private_key_t *this,
|
||||
key_encoding_type_t type, chunk_t *encoding)
|
||||
cred_encoding_type_t type, chunk_t *encoding)
|
||||
{
|
||||
chunk_t cn, ce, cp, cq, cd, cu, cexp1 = chunk_empty, cexp2 = chunk_empty;
|
||||
gcry_mpi_t p = NULL, q = NULL, d = NULL, exp1, exp2;
|
||||
|
@ -368,11 +368,11 @@ static bool get_encoding(private_gcrypt_rsa_private_key_t *this,
|
|||
cu = gcrypt_rsa_find_token(this->key, "u", NULL);
|
||||
|
||||
success = lib->encoding->encode(lib->encoding, type, NULL, encoding,
|
||||
KEY_PART_RSA_MODULUS, cn,
|
||||
KEY_PART_RSA_PUB_EXP, ce, KEY_PART_RSA_PRIV_EXP, cd,
|
||||
KEY_PART_RSA_PRIME1, cp, KEY_PART_RSA_PRIME2, cq,
|
||||
KEY_PART_RSA_EXP1, cexp1, KEY_PART_RSA_EXP2, cexp2,
|
||||
KEY_PART_RSA_COEFF, cu, KEY_PART_END);
|
||||
CRED_PART_RSA_MODULUS, cn,
|
||||
CRED_PART_RSA_PUB_EXP, ce, CRED_PART_RSA_PRIV_EXP, cd,
|
||||
CRED_PART_RSA_PRIME1, cp, CRED_PART_RSA_PRIME2, cq,
|
||||
CRED_PART_RSA_EXP1, cexp1, CRED_PART_RSA_EXP2, cexp2,
|
||||
CRED_PART_RSA_COEFF, cu, CRED_PART_END);
|
||||
chunk_free(&cn);
|
||||
chunk_free(&ce);
|
||||
chunk_clear(&cd);
|
||||
|
@ -389,7 +389,7 @@ static bool get_encoding(private_gcrypt_rsa_private_key_t *this,
|
|||
* Implementation of private_key_t.get_fingerprint
|
||||
*/
|
||||
static bool get_fingerprint(private_gcrypt_rsa_private_key_t *this,
|
||||
key_encoding_type_t type, chunk_t *fp)
|
||||
cred_encoding_type_t type, chunk_t *fp)
|
||||
{
|
||||
chunk_t n, e;
|
||||
bool success;
|
||||
|
@ -402,8 +402,8 @@ static bool get_fingerprint(private_gcrypt_rsa_private_key_t *this,
|
|||
e = gcrypt_rsa_find_token(this->key, "e", NULL);
|
||||
|
||||
success = lib->encoding->encode(lib->encoding,
|
||||
type, this, fp, KEY_PART_RSA_MODULUS, n,
|
||||
KEY_PART_RSA_PUB_EXP, e, KEY_PART_END);
|
||||
type, this, fp, CRED_PART_RSA_MODULUS, n,
|
||||
CRED_PART_RSA_PUB_EXP, e, CRED_PART_END);
|
||||
chunk_free(&n);
|
||||
chunk_free(&e);
|
||||
return success;
|
||||
|
@ -445,9 +445,9 @@ static private_gcrypt_rsa_private_key_t *gcrypt_rsa_private_key_create_empty()
|
|||
this->public.interface.get_public_key = (public_key_t* (*)(private_key_t *this))get_public_key;
|
||||
this->public.interface.equals = private_key_equals;
|
||||
this->public.interface.belongs_to = private_key_belongs_to;
|
||||
this->public.interface.get_fingerprint = (bool(*)(private_key_t*, key_encoding_type_t type, chunk_t *fp))get_fingerprint;
|
||||
this->public.interface.get_fingerprint = (bool(*)(private_key_t*, cred_encoding_type_t type, chunk_t *fp))get_fingerprint;
|
||||
this->public.interface.has_fingerprint = (bool(*)(private_key_t*, chunk_t fp))private_key_has_fingerprint;
|
||||
this->public.interface.get_encoding = (bool(*)(private_key_t*, key_encoding_type_t type, chunk_t *encoding))get_encoding;
|
||||
this->public.interface.get_encoding = (bool(*)(private_key_t*, cred_encoding_type_t type, chunk_t *encoding))get_encoding;
|
||||
this->public.interface.get_ref = (private_key_t* (*)(private_key_t *this))get_ref;
|
||||
this->public.interface.destroy = (void (*)(private_key_t *this))destroy;
|
||||
|
||||
|
|
|
@ -240,7 +240,7 @@ static size_t get_keysize(private_gcrypt_rsa_public_key_t *this)
|
|||
* Implementation of private_key_t.get_encoding
|
||||
*/
|
||||
static bool get_encoding(private_gcrypt_rsa_public_key_t *this,
|
||||
key_encoding_type_t type, chunk_t *encoding)
|
||||
cred_encoding_type_t type, chunk_t *encoding)
|
||||
{
|
||||
chunk_t n, e;
|
||||
bool success;
|
||||
|
@ -248,8 +248,8 @@ static bool get_encoding(private_gcrypt_rsa_public_key_t *this,
|
|||
n = gcrypt_rsa_find_token(this->key, "n", NULL);
|
||||
e = gcrypt_rsa_find_token(this->key, "e", NULL);
|
||||
success = lib->encoding->encode(lib->encoding, type, NULL, encoding,
|
||||
KEY_PART_RSA_MODULUS, n, KEY_PART_RSA_PUB_EXP, e,
|
||||
KEY_PART_END);
|
||||
CRED_PART_RSA_MODULUS, n, CRED_PART_RSA_PUB_EXP, e,
|
||||
CRED_PART_END);
|
||||
chunk_free(&n);
|
||||
chunk_free(&e);
|
||||
|
||||
|
@ -260,7 +260,7 @@ static bool get_encoding(private_gcrypt_rsa_public_key_t *this,
|
|||
* Implementation of private_key_t.get_fingerprint
|
||||
*/
|
||||
static bool get_fingerprint(private_gcrypt_rsa_public_key_t *this,
|
||||
key_encoding_type_t type, chunk_t *fp)
|
||||
cred_encoding_type_t type, chunk_t *fp)
|
||||
{
|
||||
chunk_t n, e;
|
||||
bool success;
|
||||
|
@ -273,8 +273,8 @@ static bool get_fingerprint(private_gcrypt_rsa_public_key_t *this,
|
|||
e = gcrypt_rsa_find_token(this->key, "e", NULL);
|
||||
|
||||
success = lib->encoding->encode(lib->encoding,
|
||||
type, this, fp, KEY_PART_RSA_MODULUS, n,
|
||||
KEY_PART_RSA_PUB_EXP, e, KEY_PART_END);
|
||||
type, this, fp, CRED_PART_RSA_MODULUS, n,
|
||||
CRED_PART_RSA_PUB_EXP, e, CRED_PART_END);
|
||||
chunk_free(&n);
|
||||
chunk_free(&e);
|
||||
return success;
|
||||
|
@ -338,9 +338,9 @@ gcrypt_rsa_public_key_t *gcrypt_rsa_public_key_load(key_type_t type,
|
|||
this->public.interface.encrypt = (bool (*)(public_key_t *this, chunk_t crypto, chunk_t *plain))encrypt_;
|
||||
this->public.interface.equals = public_key_equals;
|
||||
this->public.interface.get_keysize = (size_t (*) (public_key_t *this))get_keysize;
|
||||
this->public.interface.get_fingerprint = (bool(*)(public_key_t*, key_encoding_type_t type, chunk_t *fp))get_fingerprint;
|
||||
this->public.interface.get_fingerprint = (bool(*)(public_key_t*, cred_encoding_type_t type, chunk_t *fp))get_fingerprint;
|
||||
this->public.interface.has_fingerprint = (bool(*)(public_key_t*, chunk_t fp))public_key_has_fingerprint;
|
||||
this->public.interface.get_encoding = (bool(*)(public_key_t*, key_encoding_type_t type, chunk_t *encoding))get_encoding;
|
||||
this->public.interface.get_encoding = (bool(*)(public_key_t*, cred_encoding_type_t type, chunk_t *encoding))get_encoding;
|
||||
this->public.interface.get_ref = (public_key_t* (*)(public_key_t *this))get_ref;
|
||||
this->public.interface.destroy = (void (*)(public_key_t *this))destroy;
|
||||
|
||||
|
|
|
@ -403,7 +403,7 @@ static bool belongs_to(private_gmp_rsa_private_key_t *this, public_key_t *public
|
|||
* Implementation of private_key_t.get_encoding
|
||||
*/
|
||||
static bool get_encoding(private_gmp_rsa_private_key_t *this,
|
||||
key_encoding_type_t type, chunk_t *encoding)
|
||||
cred_encoding_type_t type, chunk_t *encoding)
|
||||
{
|
||||
chunk_t n, e, d, p, q, exp1, exp2, coeff;
|
||||
bool success;
|
||||
|
@ -418,11 +418,11 @@ static bool get_encoding(private_gmp_rsa_private_key_t *this,
|
|||
coeff = gmp_mpz_to_chunk(this->coeff);
|
||||
|
||||
success = lib->encoding->encode(lib->encoding,
|
||||
type, NULL, encoding, KEY_PART_RSA_MODULUS, n,
|
||||
KEY_PART_RSA_PUB_EXP, e, KEY_PART_RSA_PRIV_EXP, d,
|
||||
KEY_PART_RSA_PRIME1, p, KEY_PART_RSA_PRIME2, q,
|
||||
KEY_PART_RSA_EXP1, exp1, KEY_PART_RSA_EXP2, exp2,
|
||||
KEY_PART_RSA_COEFF, coeff, KEY_PART_END);
|
||||
type, NULL, encoding, CRED_PART_RSA_MODULUS, n,
|
||||
CRED_PART_RSA_PUB_EXP, e, CRED_PART_RSA_PRIV_EXP, d,
|
||||
CRED_PART_RSA_PRIME1, p, CRED_PART_RSA_PRIME2, q,
|
||||
CRED_PART_RSA_EXP1, exp1, CRED_PART_RSA_EXP2, exp2,
|
||||
CRED_PART_RSA_COEFF, coeff, CRED_PART_END);
|
||||
chunk_free(&n);
|
||||
chunk_free(&e);
|
||||
chunk_clear(&d);
|
||||
|
@ -439,7 +439,7 @@ static bool get_encoding(private_gmp_rsa_private_key_t *this,
|
|||
* Implementation of private_key_t.get_fingerprint
|
||||
*/
|
||||
static bool get_fingerprint(private_gmp_rsa_private_key_t *this,
|
||||
key_encoding_type_t type, chunk_t *fp)
|
||||
cred_encoding_type_t type, chunk_t *fp)
|
||||
{
|
||||
chunk_t n, e;
|
||||
bool success;
|
||||
|
@ -452,7 +452,7 @@ static bool get_fingerprint(private_gmp_rsa_private_key_t *this,
|
|||
e = gmp_mpz_to_chunk(this->e);
|
||||
|
||||
success = lib->encoding->encode(lib->encoding, type, this, fp,
|
||||
KEY_PART_RSA_MODULUS, n, KEY_PART_RSA_PUB_EXP, e, KEY_PART_END);
|
||||
CRED_PART_RSA_MODULUS, n, CRED_PART_RSA_PUB_EXP, e, CRED_PART_END);
|
||||
chunk_free(&n);
|
||||
chunk_free(&e);
|
||||
|
||||
|
@ -601,9 +601,9 @@ static private_gmp_rsa_private_key_t *gmp_rsa_private_key_create_empty(void)
|
|||
this->public.interface.get_public_key = (public_key_t* (*) (private_key_t*))get_public_key;
|
||||
this->public.interface.equals = (bool (*) (private_key_t*, private_key_t*))equals;
|
||||
this->public.interface.belongs_to = (bool (*) (private_key_t*, public_key_t*))belongs_to;
|
||||
this->public.interface.get_fingerprint = (bool(*)(private_key_t*, key_encoding_type_t type, chunk_t *fp))get_fingerprint;
|
||||
this->public.interface.get_fingerprint = (bool(*)(private_key_t*, cred_encoding_type_t type, chunk_t *fp))get_fingerprint;
|
||||
this->public.interface.has_fingerprint = (bool(*)(private_key_t*, chunk_t fp))private_key_has_fingerprint;
|
||||
this->public.interface.get_encoding = (bool(*)(private_key_t*, key_encoding_type_t type, chunk_t *encoding))get_encoding;
|
||||
this->public.interface.get_encoding = (bool(*)(private_key_t*, cred_encoding_type_t type, chunk_t *encoding))get_encoding;
|
||||
this->public.interface.get_ref = (private_key_t* (*) (private_key_t*))get_ref;
|
||||
this->public.interface.destroy = (void (*) (private_key_t*))destroy;
|
||||
|
||||
|
|
|
@ -396,7 +396,7 @@ static size_t get_keysize(private_gmp_rsa_public_key_t *this)
|
|||
* Implementation of public_key_t.get_encoding
|
||||
*/
|
||||
static bool get_encoding(private_gmp_rsa_public_key_t *this,
|
||||
key_encoding_type_t type, chunk_t *encoding)
|
||||
cred_encoding_type_t type, chunk_t *encoding)
|
||||
{
|
||||
chunk_t n, e;
|
||||
bool success;
|
||||
|
@ -405,7 +405,7 @@ static bool get_encoding(private_gmp_rsa_public_key_t *this,
|
|||
e = gmp_mpz_to_chunk(this->e);
|
||||
|
||||
success = lib->encoding->encode(lib->encoding, type, NULL, encoding,
|
||||
KEY_PART_RSA_MODULUS, n, KEY_PART_RSA_PUB_EXP, e, KEY_PART_END);
|
||||
CRED_PART_RSA_MODULUS, n, CRED_PART_RSA_PUB_EXP, e, CRED_PART_END);
|
||||
chunk_free(&n);
|
||||
chunk_free(&e);
|
||||
|
||||
|
@ -416,7 +416,7 @@ static bool get_encoding(private_gmp_rsa_public_key_t *this,
|
|||
* Implementation of public_key_t.get_fingerprint
|
||||
*/
|
||||
static bool get_fingerprint(private_gmp_rsa_public_key_t *this,
|
||||
key_encoding_type_t type, chunk_t *fp)
|
||||
cred_encoding_type_t type, chunk_t *fp)
|
||||
{
|
||||
chunk_t n, e;
|
||||
bool success;
|
||||
|
@ -429,7 +429,7 @@ static bool get_fingerprint(private_gmp_rsa_public_key_t *this,
|
|||
e = gmp_mpz_to_chunk(this->e);
|
||||
|
||||
success = lib->encoding->encode(lib->encoding, type, this, fp,
|
||||
KEY_PART_RSA_MODULUS, n, KEY_PART_RSA_PUB_EXP, e, KEY_PART_END);
|
||||
CRED_PART_RSA_MODULUS, n, CRED_PART_RSA_PUB_EXP, e, CRED_PART_END);
|
||||
chunk_free(&n);
|
||||
chunk_free(&e);
|
||||
|
||||
|
@ -497,9 +497,9 @@ gmp_rsa_public_key_t *gmp_rsa_public_key_load(key_type_t type, va_list args)
|
|||
this->public.interface.encrypt = (bool (*) (public_key_t*, chunk_t, chunk_t*))encrypt_;
|
||||
this->public.interface.equals = (bool (*) (public_key_t*, public_key_t*))equals;
|
||||
this->public.interface.get_keysize = (size_t (*) (public_key_t*))get_keysize;
|
||||
this->public.interface.get_fingerprint = (bool(*)(public_key_t*, key_encoding_type_t type, chunk_t *fp))get_fingerprint;
|
||||
this->public.interface.get_fingerprint = (bool(*)(public_key_t*, cred_encoding_type_t type, chunk_t *fp))get_fingerprint;
|
||||
this->public.interface.has_fingerprint = (bool(*)(public_key_t*, chunk_t fp))public_key_has_fingerprint;
|
||||
this->public.interface.get_encoding = (bool(*)(public_key_t*, key_encoding_type_t type, chunk_t *encoding))get_encoding;
|
||||
this->public.interface.get_encoding = (bool(*)(public_key_t*, cred_encoding_type_t type, chunk_t *encoding))get_encoding;
|
||||
this->public.interface.get_ref = (public_key_t* (*) (public_key_t *this))get_ref;
|
||||
this->public.interface.destroy = (void (*) (public_key_t *this))destroy;
|
||||
|
||||
|
|
|
@ -248,7 +248,7 @@ METHOD(certificate_t, issued_by, bool,
|
|||
}
|
||||
if (this->authKeyIdentifier.ptr && key)
|
||||
{
|
||||
if (!key->get_fingerprint(key, KEY_ID_PUBKEY_SHA1, &fingerprint) ||
|
||||
if (!key->get_fingerprint(key, KEYID_PUBKEY_SHA1, &fingerprint) ||
|
||||
!chunk_equals(fingerprint, this->authKeyIdentifier))
|
||||
{
|
||||
return FALSE;
|
||||
|
|
|
@ -51,7 +51,7 @@ struct private_openssl_ec_private_key_t {
|
|||
};
|
||||
|
||||
/* from ec public key */
|
||||
bool openssl_ec_fingerprint(EC_KEY *ec, key_encoding_type_t type, chunk_t *fp);
|
||||
bool openssl_ec_fingerprint(EC_KEY *ec, cred_encoding_type_t type, chunk_t *fp);
|
||||
|
||||
/**
|
||||
* Build a signature as in RFC 4754
|
||||
|
@ -221,7 +221,7 @@ static public_key_t* get_public_key(private_openssl_ec_private_key_t *this)
|
|||
* Implementation of private_key_t.get_fingerprint.
|
||||
*/
|
||||
static bool get_fingerprint(private_openssl_ec_private_key_t *this,
|
||||
key_encoding_type_t type, chunk_t *fingerprint)
|
||||
cred_encoding_type_t type, chunk_t *fingerprint)
|
||||
{
|
||||
return openssl_ec_fingerprint(this->ec, type, fingerprint);
|
||||
}
|
||||
|
@ -230,14 +230,14 @@ static bool get_fingerprint(private_openssl_ec_private_key_t *this,
|
|||
* Implementation of private_key_t.get_encoding.
|
||||
*/
|
||||
static bool get_encoding(private_openssl_ec_private_key_t *this,
|
||||
key_encoding_type_t type, chunk_t *encoding)
|
||||
cred_encoding_type_t type, chunk_t *encoding)
|
||||
{
|
||||
u_char *p;
|
||||
|
||||
switch (type)
|
||||
{
|
||||
case KEY_PRIV_ASN1_DER:
|
||||
case KEY_PRIV_PEM:
|
||||
case PRIVKEY_ASN1_DER:
|
||||
case PRIVKEY_PEM:
|
||||
{
|
||||
bool success = TRUE;
|
||||
|
||||
|
@ -245,13 +245,13 @@ static bool get_encoding(private_openssl_ec_private_key_t *this,
|
|||
p = encoding->ptr;
|
||||
i2d_ECPrivateKey(this->ec, &p);
|
||||
|
||||
if (type == KEY_PRIV_PEM)
|
||||
if (type == PRIVKEY_PEM)
|
||||
{
|
||||
chunk_t asn1_encoding = *encoding;
|
||||
|
||||
success = lib->encoding->encode(lib->encoding, KEY_PRIV_PEM,
|
||||
NULL, encoding, KEY_PART_ECDSA_PRIV_ASN1_DER,
|
||||
asn1_encoding, KEY_PART_END);
|
||||
success = lib->encoding->encode(lib->encoding, PRIVKEY_PEM,
|
||||
NULL, encoding, CRED_PART_ECDSA_PRIV_ASN1_DER,
|
||||
asn1_encoding, CRED_PART_END);
|
||||
chunk_clear(&asn1_encoding);
|
||||
}
|
||||
return success;
|
||||
|
@ -300,9 +300,9 @@ static private_openssl_ec_private_key_t *create_empty(void)
|
|||
this->public.interface.get_public_key = (public_key_t* (*)(private_key_t *this))get_public_key;
|
||||
this->public.interface.equals = private_key_equals;
|
||||
this->public.interface.belongs_to = private_key_belongs_to;
|
||||
this->public.interface.get_fingerprint = (bool(*)(private_key_t*, key_encoding_type_t type, chunk_t *fp))get_fingerprint;
|
||||
this->public.interface.get_fingerprint = (bool(*)(private_key_t*, cred_encoding_type_t type, chunk_t *fp))get_fingerprint;
|
||||
this->public.interface.has_fingerprint = (bool(*)(private_key_t*, chunk_t fp))private_key_has_fingerprint;
|
||||
this->public.interface.get_encoding = (bool(*)(private_key_t*, key_encoding_type_t type, chunk_t *encoding))get_encoding;
|
||||
this->public.interface.get_encoding = (bool(*)(private_key_t*, cred_encoding_type_t type, chunk_t *encoding))get_encoding;
|
||||
this->public.interface.get_ref = (private_key_t* (*)(private_key_t *this))get_ref;
|
||||
this->public.interface.destroy = (void (*)(private_key_t *this))destroy;
|
||||
|
||||
|
|
|
@ -193,7 +193,7 @@ static size_t get_keysize(private_openssl_ec_public_key_t *this)
|
|||
/**
|
||||
* Calculate fingerprint from a EC_KEY, also used in ec private key.
|
||||
*/
|
||||
bool openssl_ec_fingerprint(EC_KEY *ec, key_encoding_type_t type, chunk_t *fp)
|
||||
bool openssl_ec_fingerprint(EC_KEY *ec, cred_encoding_type_t type, chunk_t *fp)
|
||||
{
|
||||
hasher_t *hasher;
|
||||
chunk_t key;
|
||||
|
@ -205,12 +205,12 @@ bool openssl_ec_fingerprint(EC_KEY *ec, key_encoding_type_t type, chunk_t *fp)
|
|||
}
|
||||
switch (type)
|
||||
{
|
||||
case KEY_ID_PUBKEY_SHA1:
|
||||
case KEYID_PUBKEY_SHA1:
|
||||
key = chunk_alloc(i2o_ECPublicKey(ec, NULL));
|
||||
p = key.ptr;
|
||||
i2o_ECPublicKey(ec, &p);
|
||||
break;
|
||||
case KEY_ID_PUBKEY_INFO_SHA1:
|
||||
case KEYID_PUBKEY_INFO_SHA1:
|
||||
key = chunk_alloc(i2d_EC_PUBKEY(ec, NULL));
|
||||
p = key.ptr;
|
||||
i2d_EC_PUBKEY(ec, &p);
|
||||
|
@ -236,7 +236,7 @@ bool openssl_ec_fingerprint(EC_KEY *ec, key_encoding_type_t type, chunk_t *fp)
|
|||
* Implementation of private_key_t.get_fingerprint.
|
||||
*/
|
||||
static bool get_fingerprint(private_openssl_ec_public_key_t *this,
|
||||
key_encoding_type_t type, chunk_t *fingerprint)
|
||||
cred_encoding_type_t type, chunk_t *fingerprint)
|
||||
{
|
||||
return openssl_ec_fingerprint(this->ec, type, fingerprint);
|
||||
}
|
||||
|
@ -245,14 +245,14 @@ static bool get_fingerprint(private_openssl_ec_public_key_t *this,
|
|||
* Implementation of private_key_t.get_encoding.
|
||||
*/
|
||||
static bool get_encoding(private_openssl_ec_public_key_t *this,
|
||||
key_encoding_type_t type, chunk_t *encoding)
|
||||
cred_encoding_type_t type, chunk_t *encoding)
|
||||
{
|
||||
u_char *p;
|
||||
|
||||
switch (type)
|
||||
{
|
||||
case KEY_PUB_SPKI_ASN1_DER:
|
||||
case KEY_PUB_PEM:
|
||||
case PUBKEY_SPKI_ASN1_DER:
|
||||
case PUBKEY_PEM:
|
||||
{
|
||||
bool success = TRUE;
|
||||
|
||||
|
@ -260,13 +260,13 @@ static bool get_encoding(private_openssl_ec_public_key_t *this,
|
|||
p = encoding->ptr;
|
||||
i2d_EC_PUBKEY(this->ec, &p);
|
||||
|
||||
if (type == KEY_PUB_PEM)
|
||||
if (type == PUBKEY_PEM)
|
||||
{
|
||||
chunk_t asn1_encoding = *encoding;
|
||||
|
||||
success = lib->encoding->encode(lib->encoding, KEY_PUB_PEM,
|
||||
NULL, encoding, KEY_PART_ECDSA_PUB_ASN1_DER,
|
||||
asn1_encoding, KEY_PART_END);
|
||||
success = lib->encoding->encode(lib->encoding, PUBKEY_PEM,
|
||||
NULL, encoding, CRED_PART_ECDSA_PUB_ASN1_DER,
|
||||
asn1_encoding, CRED_PART_END);
|
||||
chunk_clear(&asn1_encoding);
|
||||
}
|
||||
return success;
|
||||
|
@ -313,9 +313,9 @@ static private_openssl_ec_public_key_t *create_empty()
|
|||
this->public.interface.encrypt = (bool (*)(public_key_t *this, chunk_t crypto, chunk_t *plain))encrypt_;
|
||||
this->public.interface.get_keysize = (size_t (*) (public_key_t *this))get_keysize;
|
||||
this->public.interface.equals = public_key_equals;
|
||||
this->public.interface.get_fingerprint = (bool(*)(public_key_t*, key_encoding_type_t type, chunk_t *fp))get_fingerprint;
|
||||
this->public.interface.get_fingerprint = (bool(*)(public_key_t*, cred_encoding_type_t type, chunk_t *fp))get_fingerprint;
|
||||
this->public.interface.has_fingerprint = (bool(*)(public_key_t*, chunk_t fp))public_key_has_fingerprint;
|
||||
this->public.interface.get_encoding = (bool(*)(public_key_t*, key_encoding_type_t type, chunk_t *encoding))get_encoding;
|
||||
this->public.interface.get_encoding = (bool(*)(public_key_t*, cred_encoding_type_t type, chunk_t *encoding))get_encoding;
|
||||
this->public.interface.get_ref = (public_key_t* (*)(public_key_t *this))get_ref;
|
||||
this->public.interface.destroy = (void (*)(public_key_t *this))destroy;
|
||||
|
||||
|
|
|
@ -58,7 +58,7 @@ struct private_openssl_rsa_private_key_t {
|
|||
};
|
||||
|
||||
/* implemented in rsa public key */
|
||||
bool openssl_rsa_fingerprint(RSA *rsa, key_encoding_type_t type, chunk_t *fp);
|
||||
bool openssl_rsa_fingerprint(RSA *rsa, cred_encoding_type_t type, chunk_t *fp);
|
||||
|
||||
/**
|
||||
* Build an EMPSA PKCS1 signature described in PKCS#1
|
||||
|
@ -208,7 +208,7 @@ static public_key_t* get_public_key(private_openssl_rsa_private_key_t *this)
|
|||
* Implementation of public_key_t.get_fingerprint.
|
||||
*/
|
||||
static bool get_fingerprint(private_openssl_rsa_private_key_t *this,
|
||||
key_encoding_type_t type, chunk_t *fingerprint)
|
||||
cred_encoding_type_t type, chunk_t *fingerprint)
|
||||
{
|
||||
return openssl_rsa_fingerprint(this->rsa, type, fingerprint);
|
||||
}
|
||||
|
@ -217,7 +217,7 @@ static bool get_fingerprint(private_openssl_rsa_private_key_t *this,
|
|||
* Implementation of public_key_t.get_encoding.
|
||||
*/
|
||||
static bool get_encoding(private_openssl_rsa_private_key_t *this,
|
||||
key_encoding_type_t type, chunk_t *encoding)
|
||||
cred_encoding_type_t type, chunk_t *encoding)
|
||||
{
|
||||
u_char *p;
|
||||
|
||||
|
@ -227,8 +227,8 @@ static bool get_encoding(private_openssl_rsa_private_key_t *this,
|
|||
}
|
||||
switch (type)
|
||||
{
|
||||
case KEY_PRIV_ASN1_DER:
|
||||
case KEY_PRIV_PEM:
|
||||
case PRIVKEY_ASN1_DER:
|
||||
case PRIVKEY_PEM:
|
||||
{
|
||||
bool success = TRUE;
|
||||
|
||||
|
@ -236,13 +236,13 @@ static bool get_encoding(private_openssl_rsa_private_key_t *this,
|
|||
p = encoding->ptr;
|
||||
i2d_RSAPrivateKey(this->rsa, &p);
|
||||
|
||||
if (type == KEY_PRIV_PEM)
|
||||
if (type == PRIVKEY_PEM)
|
||||
{
|
||||
chunk_t asn1_encoding = *encoding;
|
||||
|
||||
success = lib->encoding->encode(lib->encoding, KEY_PRIV_PEM,
|
||||
NULL, encoding, KEY_PART_RSA_PRIV_ASN1_DER,
|
||||
asn1_encoding, KEY_PART_END);
|
||||
success = lib->encoding->encode(lib->encoding, PRIVKEY_PEM,
|
||||
NULL, encoding, CRED_PART_RSA_PRIV_ASN1_DER,
|
||||
asn1_encoding, CRED_PART_END);
|
||||
chunk_clear(&asn1_encoding);
|
||||
}
|
||||
return success;
|
||||
|
@ -291,9 +291,9 @@ static private_openssl_rsa_private_key_t *create_empty(void)
|
|||
this->public.interface.get_public_key = (public_key_t* (*) (private_key_t*))get_public_key;
|
||||
this->public.interface.equals = private_key_equals;
|
||||
this->public.interface.belongs_to = private_key_belongs_to;
|
||||
this->public.interface.get_fingerprint = (bool(*)(private_key_t*, key_encoding_type_t type, chunk_t *fp))get_fingerprint;
|
||||
this->public.interface.get_fingerprint = (bool(*)(private_key_t*, cred_encoding_type_t type, chunk_t *fp))get_fingerprint;
|
||||
this->public.interface.has_fingerprint = (bool(*)(private_key_t*, chunk_t fp))private_key_has_fingerprint;
|
||||
this->public.interface.get_encoding = (bool(*)(private_key_t*, key_encoding_type_t type, chunk_t *encoding))get_encoding;
|
||||
this->public.interface.get_encoding = (bool(*)(private_key_t*, cred_encoding_type_t type, chunk_t *encoding))get_encoding;
|
||||
this->public.interface.get_ref = (private_key_t* (*) (private_key_t*))get_ref;
|
||||
this->public.interface.destroy = (void (*) (private_key_t*))destroy;
|
||||
|
||||
|
|
|
@ -172,7 +172,7 @@ static size_t get_keysize(private_openssl_rsa_public_key_t *this)
|
|||
/**
|
||||
* Calculate fingerprint from a RSA key, also used in rsa private key.
|
||||
*/
|
||||
bool openssl_rsa_fingerprint(RSA *rsa, key_encoding_type_t type, chunk_t *fp)
|
||||
bool openssl_rsa_fingerprint(RSA *rsa, cred_encoding_type_t type, chunk_t *fp)
|
||||
{
|
||||
hasher_t *hasher;
|
||||
chunk_t key;
|
||||
|
@ -184,12 +184,12 @@ bool openssl_rsa_fingerprint(RSA *rsa, key_encoding_type_t type, chunk_t *fp)
|
|||
}
|
||||
switch (type)
|
||||
{
|
||||
case KEY_ID_PUBKEY_SHA1:
|
||||
case KEYID_PUBKEY_SHA1:
|
||||
key = chunk_alloc(i2d_RSAPublicKey(rsa, NULL));
|
||||
p = key.ptr;
|
||||
i2d_RSAPublicKey(rsa, &p);
|
||||
break;
|
||||
case KEY_ID_PUBKEY_INFO_SHA1:
|
||||
case KEYID_PUBKEY_INFO_SHA1:
|
||||
key = chunk_alloc(i2d_RSA_PUBKEY(rsa, NULL));
|
||||
p = key.ptr;
|
||||
i2d_RSA_PUBKEY(rsa, &p);
|
||||
|
@ -215,7 +215,7 @@ bool openssl_rsa_fingerprint(RSA *rsa, key_encoding_type_t type, chunk_t *fp)
|
|||
* Implementation of public_key_t.get_fingerprint.
|
||||
*/
|
||||
static bool get_fingerprint(private_openssl_rsa_public_key_t *this,
|
||||
key_encoding_type_t type, chunk_t *fingerprint)
|
||||
cred_encoding_type_t type, chunk_t *fingerprint)
|
||||
{
|
||||
return openssl_rsa_fingerprint(this->rsa, type, fingerprint);
|
||||
}
|
||||
|
@ -224,14 +224,14 @@ static bool get_fingerprint(private_openssl_rsa_public_key_t *this,
|
|||
* Implementation of public_key_t.get_encoding.
|
||||
*/
|
||||
static bool get_encoding(private_openssl_rsa_public_key_t *this,
|
||||
key_encoding_type_t type, chunk_t *encoding)
|
||||
cred_encoding_type_t type, chunk_t *encoding)
|
||||
{
|
||||
u_char *p;
|
||||
|
||||
switch (type)
|
||||
{
|
||||
case KEY_PUB_SPKI_ASN1_DER:
|
||||
case KEY_PUB_PEM:
|
||||
case PUBKEY_SPKI_ASN1_DER:
|
||||
case PUBKEY_PEM:
|
||||
{
|
||||
bool success = TRUE;
|
||||
|
||||
|
@ -239,18 +239,18 @@ static bool get_encoding(private_openssl_rsa_public_key_t *this,
|
|||
p = encoding->ptr;
|
||||
i2d_RSA_PUBKEY(this->rsa, &p);
|
||||
|
||||
if (type == KEY_PUB_PEM)
|
||||
if (type == PUBKEY_PEM)
|
||||
{
|
||||
chunk_t asn1_encoding = *encoding;
|
||||
|
||||
success = lib->encoding->encode(lib->encoding, KEY_PUB_PEM,
|
||||
NULL, encoding, KEY_PART_RSA_PUB_ASN1_DER,
|
||||
asn1_encoding, KEY_PART_END);
|
||||
success = lib->encoding->encode(lib->encoding, PUBKEY_PEM,
|
||||
NULL, encoding, CRED_PART_RSA_PUB_ASN1_DER,
|
||||
asn1_encoding, CRED_PART_END);
|
||||
chunk_clear(&asn1_encoding);
|
||||
}
|
||||
return success;
|
||||
}
|
||||
case KEY_PUB_ASN1_DER:
|
||||
case PUBKEY_ASN1_DER:
|
||||
{
|
||||
*encoding = chunk_alloc(i2d_RSAPublicKey(this->rsa, NULL));
|
||||
p = encoding->ptr;
|
||||
|
@ -299,9 +299,9 @@ static private_openssl_rsa_public_key_t *create_empty()
|
|||
this->public.interface.encrypt = (bool (*)(public_key_t *this, chunk_t crypto, chunk_t *plain))encrypt_;
|
||||
this->public.interface.equals = public_key_equals;
|
||||
this->public.interface.get_keysize = (size_t (*) (public_key_t *this))get_keysize;
|
||||
this->public.interface.get_fingerprint = (bool(*)(public_key_t*, key_encoding_type_t type, chunk_t *fp))get_fingerprint;
|
||||
this->public.interface.get_fingerprint = (bool(*)(public_key_t*, cred_encoding_type_t type, chunk_t *fp))get_fingerprint;
|
||||
this->public.interface.has_fingerprint = (bool(*)(public_key_t*, chunk_t fp))public_key_has_fingerprint;
|
||||
this->public.interface.get_encoding = (bool(*)(public_key_t*, key_encoding_type_t type, chunk_t *encoding))get_encoding;
|
||||
this->public.interface.get_encoding = (bool(*)(public_key_t*, cred_encoding_type_t type, chunk_t *encoding))get_encoding;
|
||||
this->public.interface.get_ref = (public_key_t* (*)(public_key_t *this))get_ref;
|
||||
this->public.interface.destroy = (void (*)(public_key_t *this))destroy;
|
||||
|
||||
|
|
|
@ -213,7 +213,7 @@ METHOD(x509_t, get_subjectKeyIdentifier, chunk_t,
|
|||
{
|
||||
return this->subjectKeyIdentifier;
|
||||
}
|
||||
if (this->pubkey->get_fingerprint(this->pubkey, KEY_ID_PUBKEY_SHA1,
|
||||
if (this->pubkey->get_fingerprint(this->pubkey, KEYID_PUBKEY_SHA1,
|
||||
&fingerprint))
|
||||
{
|
||||
return fingerprint;
|
||||
|
|
|
@ -20,7 +20,7 @@
|
|||
/**
|
||||
* See header.
|
||||
*/
|
||||
bool pem_encoder_encode(key_encoding_type_t type, chunk_t *encoding,
|
||||
bool pem_encoder_encode(cred_encoding_type_t type, chunk_t *encoding,
|
||||
va_list args)
|
||||
{
|
||||
chunk_t asn1;
|
||||
|
@ -31,57 +31,57 @@ bool pem_encoder_encode(key_encoding_type_t type, chunk_t *encoding,
|
|||
|
||||
switch (type)
|
||||
{
|
||||
case KEY_PUB_PEM:
|
||||
case PUBKEY_PEM:
|
||||
label ="PUBLIC KEY";
|
||||
/* direct PKCS#1 PEM encoding */
|
||||
if (key_encoding_args(args, KEY_PART_RSA_PUB_ASN1_DER,
|
||||
&asn1, KEY_PART_END) ||
|
||||
key_encoding_args(args, KEY_PART_ECDSA_PUB_ASN1_DER,
|
||||
&asn1, KEY_PART_END))
|
||||
if (cred_encoding_args(args, CRED_PART_RSA_PUB_ASN1_DER,
|
||||
&asn1, CRED_PART_END) ||
|
||||
cred_encoding_args(args, CRED_PART_ECDSA_PUB_ASN1_DER,
|
||||
&asn1, CRED_PART_END))
|
||||
{
|
||||
break;
|
||||
}
|
||||
/* indirect PEM encoding from components */
|
||||
if (key_encoding_args(args, KEY_PART_RSA_MODULUS, &n,
|
||||
KEY_PART_RSA_PUB_EXP, &e, KEY_PART_END))
|
||||
if (cred_encoding_args(args, CRED_PART_RSA_MODULUS, &n,
|
||||
CRED_PART_RSA_PUB_EXP, &e, CRED_PART_END))
|
||||
{
|
||||
if (lib->encoding->encode(lib->encoding, KEY_PUB_SPKI_ASN1_DER,
|
||||
NULL, &asn1, KEY_PART_RSA_MODULUS, n,
|
||||
KEY_PART_RSA_PUB_EXP, e, KEY_PART_END))
|
||||
if (lib->encoding->encode(lib->encoding, PUBKEY_SPKI_ASN1_DER,
|
||||
NULL, &asn1, CRED_PART_RSA_MODULUS, n,
|
||||
CRED_PART_RSA_PUB_EXP, e, CRED_PART_END))
|
||||
{
|
||||
to_free = asn1;
|
||||
break;
|
||||
}
|
||||
}
|
||||
return FALSE;
|
||||
case KEY_PRIV_PEM:
|
||||
case PRIVKEY_PEM:
|
||||
label ="RSA PRIVATE KEY";
|
||||
/* direct PKCS#1 PEM encoding */
|
||||
if (key_encoding_args(args, KEY_PART_RSA_PRIV_ASN1_DER,
|
||||
&asn1, KEY_PART_END))
|
||||
if (cred_encoding_args(args, CRED_PART_RSA_PRIV_ASN1_DER,
|
||||
&asn1, CRED_PART_END))
|
||||
{
|
||||
break;
|
||||
}
|
||||
/* indirect PEM encoding from components */
|
||||
if (key_encoding_args(args, KEY_PART_RSA_MODULUS, &n,
|
||||
KEY_PART_RSA_PUB_EXP, &e, KEY_PART_RSA_PRIV_EXP, &d,
|
||||
KEY_PART_RSA_PRIME1, &p, KEY_PART_RSA_PRIME2, &q,
|
||||
KEY_PART_RSA_EXP1, &exp1, KEY_PART_RSA_EXP2, &exp2,
|
||||
KEY_PART_RSA_COEFF, &coeff, KEY_PART_END))
|
||||
if (cred_encoding_args(args, CRED_PART_RSA_MODULUS, &n,
|
||||
CRED_PART_RSA_PUB_EXP, &e, CRED_PART_RSA_PRIV_EXP, &d,
|
||||
CRED_PART_RSA_PRIME1, &p, CRED_PART_RSA_PRIME2, &q,
|
||||
CRED_PART_RSA_EXP1, &exp1, CRED_PART_RSA_EXP2, &exp2,
|
||||
CRED_PART_RSA_COEFF, &coeff, CRED_PART_END))
|
||||
{
|
||||
if (lib->encoding->encode(lib->encoding, KEY_PRIV_ASN1_DER, NULL,
|
||||
&asn1, KEY_PART_RSA_MODULUS, n,
|
||||
KEY_PART_RSA_PUB_EXP, e, KEY_PART_RSA_PRIV_EXP, d,
|
||||
KEY_PART_RSA_PRIME1, p, KEY_PART_RSA_PRIME2, q,
|
||||
KEY_PART_RSA_EXP1, exp1, KEY_PART_RSA_EXP2, exp2,
|
||||
KEY_PART_RSA_COEFF, coeff, KEY_PART_END))
|
||||
if (lib->encoding->encode(lib->encoding, PRIVKEY_ASN1_DER, NULL,
|
||||
&asn1, CRED_PART_RSA_MODULUS, n,
|
||||
CRED_PART_RSA_PUB_EXP, e, CRED_PART_RSA_PRIV_EXP, d,
|
||||
CRED_PART_RSA_PRIME1, p, CRED_PART_RSA_PRIME2, q,
|
||||
CRED_PART_RSA_EXP1, exp1, CRED_PART_RSA_EXP2, exp2,
|
||||
CRED_PART_RSA_COEFF, coeff, CRED_PART_END))
|
||||
{
|
||||
to_free = asn1;
|
||||
break;
|
||||
}
|
||||
}
|
||||
if (key_encoding_args(args, KEY_PART_ECDSA_PRIV_ASN1_DER,
|
||||
&asn1, KEY_PART_END))
|
||||
if (cred_encoding_args(args, CRED_PART_ECDSA_PRIV_ASN1_DER,
|
||||
&asn1, CRED_PART_END))
|
||||
{
|
||||
label ="EC PRIVATE KEY";
|
||||
break;
|
||||
|
|
|
@ -26,7 +26,7 @@
|
|||
/**
|
||||
* Encoding from ASN.1 to PEM format.
|
||||
*/
|
||||
bool pem_encoder_encode(key_encoding_type_t type, chunk_t *encoding,
|
||||
bool pem_encoder_encode(cred_encoding_type_t type, chunk_t *encoding,
|
||||
va_list args);
|
||||
|
||||
#endif /** PEM_ENCODER_H_ @}*/
|
||||
|
|
|
@ -347,7 +347,7 @@ static bool parse_public_key(private_pgp_cert_t *this, chunk_t packet)
|
|||
else
|
||||
{
|
||||
/* V3 fingerprint is computed by public_key_t class */
|
||||
if (!this->key->get_fingerprint(this->key, KEY_ID_PGPV3,
|
||||
if (!this->key->get_fingerprint(this->key, KEYID_PGPV3,
|
||||
&this->fingerprint))
|
||||
{
|
||||
return FALSE;
|
||||
|
|
|
@ -25,8 +25,8 @@ static bool build_v3_fingerprint(chunk_t *encoding, va_list args)
|
|||
hasher_t *hasher;
|
||||
chunk_t n, e;
|
||||
|
||||
if (key_encoding_args(args, KEY_PART_RSA_MODULUS, &n,
|
||||
KEY_PART_RSA_PUB_EXP, &e, KEY_PART_END))
|
||||
if (cred_encoding_args(args, CRED_PART_RSA_MODULUS, &n,
|
||||
CRED_PART_RSA_PUB_EXP, &e, CRED_PART_END))
|
||||
{
|
||||
hasher = lib->crypto->create_hasher(lib->crypto, HASH_MD5);
|
||||
if (!hasher)
|
||||
|
@ -55,12 +55,12 @@ static bool build_v3_fingerprint(chunk_t *encoding, va_list args)
|
|||
/**
|
||||
* See header.
|
||||
*/
|
||||
bool pgp_encoder_encode(key_encoding_type_t type, chunk_t *encoding,
|
||||
va_list args)
|
||||
bool pgp_encoder_encode(cred_encoding_type_t type, chunk_t *encoding,
|
||||
va_list args)
|
||||
{
|
||||
switch (type)
|
||||
{
|
||||
case KEY_ID_PGPV3:
|
||||
case KEYID_PGPV3:
|
||||
return build_v3_fingerprint(encoding, args);
|
||||
default:
|
||||
return FALSE;
|
||||
|
|
|
@ -26,7 +26,7 @@
|
|||
/**
|
||||
* Encoding function for PGP fingerprints.
|
||||
*/
|
||||
bool pgp_encoder_encode(key_encoding_type_t type, chunk_t *encoding,
|
||||
bool pgp_encoder_encode(cred_encoding_type_t type, chunk_t *encoding,
|
||||
va_list args);
|
||||
|
||||
#endif /** PGP_ENCODER_H_ @}*/
|
||||
|
|
|
@ -26,8 +26,8 @@ bool build_pub(chunk_t *encoding, va_list args)
|
|||
{
|
||||
chunk_t n, e;
|
||||
|
||||
if (key_encoding_args(args, KEY_PART_RSA_MODULUS, &n,
|
||||
KEY_PART_RSA_PUB_EXP, &e, KEY_PART_END))
|
||||
if (cred_encoding_args(args, CRED_PART_RSA_MODULUS, &n,
|
||||
CRED_PART_RSA_PUB_EXP, &e, CRED_PART_END))
|
||||
{
|
||||
*encoding = asn1_wrap(ASN1_SEQUENCE, "mm",
|
||||
asn1_wrap(ASN1_INTEGER, "c", n),
|
||||
|
@ -44,8 +44,8 @@ bool build_pub_info(chunk_t *encoding, va_list args)
|
|||
{
|
||||
chunk_t n, e;
|
||||
|
||||
if (key_encoding_args(args, KEY_PART_RSA_MODULUS, &n,
|
||||
KEY_PART_RSA_PUB_EXP, &e, KEY_PART_END))
|
||||
if (cred_encoding_args(args, CRED_PART_RSA_MODULUS, &n,
|
||||
CRED_PART_RSA_PUB_EXP, &e, CRED_PART_END))
|
||||
{
|
||||
*encoding = asn1_wrap(ASN1_SEQUENCE, "mm",
|
||||
asn1_algorithmIdentifier(OID_RSA_ENCRYPTION),
|
||||
|
@ -65,11 +65,11 @@ bool build_priv(chunk_t *encoding, va_list args)
|
|||
{
|
||||
chunk_t n, e, d, p, q, exp1, exp2, coeff;
|
||||
|
||||
if (key_encoding_args(args, KEY_PART_RSA_MODULUS, &n,
|
||||
KEY_PART_RSA_PUB_EXP, &e, KEY_PART_RSA_PRIV_EXP, &d,
|
||||
KEY_PART_RSA_PRIME1, &p, KEY_PART_RSA_PRIME2, &q,
|
||||
KEY_PART_RSA_EXP1, &exp1, KEY_PART_RSA_EXP2, &exp2,
|
||||
KEY_PART_RSA_COEFF, &coeff, KEY_PART_END))
|
||||
if (cred_encoding_args(args, CRED_PART_RSA_MODULUS, &n,
|
||||
CRED_PART_RSA_PUB_EXP, &e, CRED_PART_RSA_PRIV_EXP, &d,
|
||||
CRED_PART_RSA_PRIME1, &p, CRED_PART_RSA_PRIME2, &q,
|
||||
CRED_PART_RSA_EXP1, &exp1, CRED_PART_RSA_EXP2, &exp2,
|
||||
CRED_PART_RSA_COEFF, &coeff, CRED_PART_END))
|
||||
{
|
||||
*encoding = asn1_wrap(ASN1_SEQUENCE, "cmmssssss",
|
||||
ASN1_INTEGER_0,
|
||||
|
@ -138,20 +138,20 @@ static bool build_sha1(chunk_t *encoding, va_list args)
|
|||
/**
|
||||
* See header.
|
||||
*/
|
||||
bool pkcs1_encoder_encode(key_encoding_type_t type, chunk_t *encoding,
|
||||
bool pkcs1_encoder_encode(cred_encoding_type_t type, chunk_t *encoding,
|
||||
va_list args)
|
||||
{
|
||||
switch (type)
|
||||
{
|
||||
case KEY_ID_PUBKEY_INFO_SHA1:
|
||||
case KEYID_PUBKEY_INFO_SHA1:
|
||||
return build_info_sha1(encoding, args);
|
||||
case KEY_ID_PUBKEY_SHA1:
|
||||
case KEYID_PUBKEY_SHA1:
|
||||
return build_sha1(encoding, args);
|
||||
case KEY_PUB_ASN1_DER:
|
||||
case PUBKEY_ASN1_DER:
|
||||
return build_pub(encoding, args);
|
||||
case KEY_PUB_SPKI_ASN1_DER:
|
||||
case PUBKEY_SPKI_ASN1_DER:
|
||||
return build_pub_info(encoding, args);
|
||||
case KEY_PRIV_ASN1_DER:
|
||||
case PRIVKEY_ASN1_DER:
|
||||
return build_priv(encoding, args);
|
||||
default:
|
||||
return FALSE;
|
||||
|
|
|
@ -26,7 +26,7 @@
|
|||
/**
|
||||
* Encoding function for PKCS#1/ASN.1 fingerprints/key formats.
|
||||
*/
|
||||
bool pkcs1_encoder_encode(key_encoding_type_t type, chunk_t *encoding,
|
||||
bool pkcs1_encoder_encode(cred_encoding_type_t type, chunk_t *encoding,
|
||||
va_list args);
|
||||
|
||||
#endif /** PKCS1_ENCODER_H_ @}*/
|
||||
|
|
|
@ -82,10 +82,10 @@ static id_match_t has_subject(private_pubkey_cert_t *this,
|
|||
{
|
||||
if (subject->get_type(subject) == ID_KEY_ID)
|
||||
{
|
||||
key_encoding_type_t type;
|
||||
cred_encoding_type_t type;
|
||||
chunk_t fingerprint;
|
||||
|
||||
for (type = 0; type < KEY_ENCODING_MAX; type++)
|
||||
for (type = 0; type < CRED_ENCODING_MAX; type++)
|
||||
{
|
||||
if (this->key->get_fingerprint(this->key, type, &fingerprint) &&
|
||||
chunk_equals(fingerprint, subject->get_encoding(subject)))
|
||||
|
@ -167,7 +167,7 @@ static chunk_t get_encoding(private_pubkey_cert_t *this)
|
|||
{
|
||||
chunk_t encoding;
|
||||
|
||||
if (this->key->get_encoding(this->key, KEY_PUB_ASN1_DER, &encoding))
|
||||
if (this->key->get_encoding(this->key, PUBKEY_ASN1_DER, &encoding))
|
||||
{
|
||||
return encoding;
|
||||
}
|
||||
|
@ -221,7 +221,7 @@ static pubkey_cert_t *pubkey_cert_create(public_key_t *key)
|
|||
this->ref = 1;
|
||||
this->key = key;
|
||||
this->issuer = identification_create_from_encoding(ID_ANY, chunk_empty);
|
||||
if (key->get_fingerprint(key, KEY_ID_PUBKEY_INFO_SHA1, &fingerprint))
|
||||
if (key->get_fingerprint(key, KEYID_PUBKEY_INFO_SHA1, &fingerprint))
|
||||
{
|
||||
this->subject = identification_create_from_encoding(ID_KEY_ID, fingerprint);
|
||||
}
|
||||
|
|
|
@ -227,7 +227,7 @@ static cert_validation_t check_ocsp(x509_t *subject, x509_t *issuer,
|
|||
/* derive the authorityKeyIdentifier from the issuer's public key */
|
||||
current = &issuer->interface;
|
||||
public = current->get_public_key(current);
|
||||
if (public && public->get_fingerprint(public, KEY_ID_PUBKEY_SHA1, &chunk))
|
||||
if (public && public->get_fingerprint(public, KEYID_PUBKEY_SHA1, &chunk))
|
||||
{
|
||||
keyid = identification_create_from_encoding(ID_KEY_ID, chunk);
|
||||
}
|
||||
|
@ -423,7 +423,7 @@ static cert_validation_t check_crl(x509_t *subject, x509_t *issuer,
|
|||
/* derive the authorityKeyIdentifier from the issuer's public key */
|
||||
current = &issuer->interface;
|
||||
public = current->get_public_key(current);
|
||||
if (public && public->get_fingerprint(public, KEY_ID_PUBKEY_SHA1, &chunk))
|
||||
if (public && public->get_fingerprint(public, KEYID_PUBKEY_SHA1, &chunk))
|
||||
{
|
||||
keyid = identification_create_from_encoding(ID_KEY_ID, chunk);
|
||||
|
||||
|
|
|
@ -568,7 +568,7 @@ static chunk_t build_authorityKeyIdentifier(private_x509_ac_t *this)
|
|||
public = this->signerCert->get_public_key(this->signerCert);
|
||||
if (public)
|
||||
{
|
||||
if (public->get_fingerprint(public, KEY_ID_PUBKEY_SHA1, &keyIdentifier))
|
||||
if (public->get_fingerprint(public, KEYID_PUBKEY_SHA1, &keyIdentifier))
|
||||
{
|
||||
this->authKeyIdentifier = chunk_clone(keyIdentifier);
|
||||
}
|
||||
|
@ -749,7 +749,7 @@ static bool issued_by(private_x509_ac_t *this, certificate_t *issuer)
|
|||
{
|
||||
chunk_t fingerprint;
|
||||
|
||||
if (!key->get_fingerprint(key, KEY_ID_PUBKEY_SHA1, &fingerprint) ||
|
||||
if (!key->get_fingerprint(key, KEYID_PUBKEY_SHA1, &fingerprint) ||
|
||||
!chunk_equals(fingerprint, this->authKeyIdentifier))
|
||||
{
|
||||
return FALSE;
|
||||
|
|
|
@ -1274,7 +1274,7 @@ static chunk_t get_subjectKeyIdentifier(private_x509_cert_t *this)
|
|||
chunk_t fingerprint;
|
||||
|
||||
if (this->public_key->get_fingerprint(this->public_key,
|
||||
KEY_ID_PUBKEY_SHA1, &fingerprint))
|
||||
KEYID_PUBKEY_SHA1, &fingerprint))
|
||||
{
|
||||
return fingerprint;
|
||||
}
|
||||
|
@ -1528,7 +1528,7 @@ static bool generate(private_x509_cert_t *cert, certificate_t *sign_cert,
|
|||
scheme = signature_scheme_from_oid(cert->algorithm);
|
||||
|
||||
if (!cert->public_key->get_encoding(cert->public_key,
|
||||
KEY_PUB_SPKI_ASN1_DER, &key_info))
|
||||
PUBKEY_SPKI_ASN1_DER, &key_info))
|
||||
{
|
||||
return FALSE;
|
||||
}
|
||||
|
@ -1642,7 +1642,7 @@ static bool generate(private_x509_cert_t *cert, certificate_t *sign_cert,
|
|||
chunk_t keyid;
|
||||
|
||||
if (cert->public_key->get_fingerprint(cert->public_key,
|
||||
KEY_ID_PUBKEY_SHA1, &keyid))
|
||||
KEYID_PUBKEY_SHA1, &keyid))
|
||||
{
|
||||
subjectKeyIdentifier = asn1_wrap(ASN1_SEQUENCE, "mm",
|
||||
asn1_build_known_oid(OID_SUBJECT_KEY_ID),
|
||||
|
@ -1656,7 +1656,7 @@ static bool generate(private_x509_cert_t *cert, certificate_t *sign_cert,
|
|||
{
|
||||
chunk_t keyid;
|
||||
|
||||
if (sign_key->get_fingerprint(sign_key, KEY_ID_PUBKEY_SHA1, &keyid))
|
||||
if (sign_key->get_fingerprint(sign_key, KEYID_PUBKEY_SHA1, &keyid))
|
||||
{
|
||||
authKeyIdentifier = asn1_wrap(ASN1_SEQUENCE, "mm",
|
||||
asn1_build_known_oid(OID_AUTHORITY_KEY_ID),
|
||||
|
|
|
@ -401,7 +401,7 @@ METHOD(certificate_t, issued_by, bool,
|
|||
{
|
||||
chunk_t fingerprint;
|
||||
|
||||
if (!key->get_fingerprint(key, KEY_ID_PUBKEY_SHA1, &fingerprint) ||
|
||||
if (!key->get_fingerprint(key, KEYID_PUBKEY_SHA1, &fingerprint) ||
|
||||
!chunk_equals(fingerprint, this->authKeyIdentifier))
|
||||
{
|
||||
return FALSE;
|
||||
|
|
|
@ -153,7 +153,7 @@ static chunk_t build_requestList(private_x509_ocsp_request_t *this)
|
|||
hasher_t *hasher = lib->crypto->create_hasher(lib->crypto, HASH_SHA1);
|
||||
if (hasher)
|
||||
{
|
||||
if (public->get_fingerprint(public, KEY_ID_PUBKEY_SHA1,
|
||||
if (public->get_fingerprint(public, KEYID_PUBKEY_SHA1,
|
||||
&issuerKeyHash))
|
||||
{
|
||||
enumerator_t *enumerator;
|
||||
|
|
|
@ -167,7 +167,7 @@ static cert_validation_t get_status(private_x509_ocsp_response_t *this,
|
|||
{
|
||||
hasher_t *hasher;
|
||||
identification_t *id;
|
||||
key_encoding_type_t type;
|
||||
cred_encoding_type_t type;
|
||||
chunk_t hash, fingerprint;
|
||||
|
||||
/* check serial first, is cheaper */
|
||||
|
@ -188,7 +188,7 @@ static cert_validation_t get_status(private_x509_ocsp_response_t *this,
|
|||
switch (response->hashAlgorithm)
|
||||
{
|
||||
case OID_SHA1:
|
||||
type = KEY_ID_PUBKEY_SHA1;
|
||||
type = KEYID_PUBKEY_SHA1;
|
||||
break;
|
||||
default:
|
||||
public->destroy(public);
|
||||
|
@ -698,7 +698,7 @@ static bool issued_by(private_x509_ocsp_response_t *this, certificate_t *issuer)
|
|||
|
||||
key = issuer->get_public_key(issuer);
|
||||
if (!key ||
|
||||
!key->get_fingerprint(key, KEY_ID_PUBKEY_SHA1, &fingerprint) ||
|
||||
!key->get_fingerprint(key, KEYID_PUBKEY_SHA1, &fingerprint) ||
|
||||
!chunk_equals(fingerprint,
|
||||
this->responderId->get_encoding(this->responderId)))
|
||||
{
|
||||
|
|
|
@ -550,7 +550,7 @@ static bool generate(private_x509_pkcs10_t *cert, private_key_t *sign_key,
|
|||
scheme = signature_scheme_from_oid(cert->algorithm);
|
||||
|
||||
if (!cert->public_key->get_encoding(cert->public_key,
|
||||
KEY_PUB_SPKI_ASN1_DER, &key_info))
|
||||
PUBKEY_SPKI_ASN1_DER, &key_info))
|
||||
{
|
||||
return FALSE;
|
||||
}
|
||||
|
|
|
@ -139,8 +139,8 @@ static bool parse_public_key(private_peer_controller_t *this,
|
|||
return FALSE;
|
||||
}
|
||||
/* TODO: use get_encoding() with an encoding type */
|
||||
if (!public->get_fingerprint(public, KEY_ID_PUBKEY_SHA1, &id) ||
|
||||
!public->get_encoding(public, KEY_PUB_SPKI_ASN1_DER, encoding))
|
||||
if (!public->get_fingerprint(public, KEYID_PUBKEY_SHA1, &id) ||
|
||||
!public->get_encoding(public, PUBKEY_SPKI_ASN1_DER, encoding))
|
||||
{
|
||||
request->setf(request, "error=Encoding public key failed.");
|
||||
return FALSE;
|
||||
|
|
|
@ -20,7 +20,7 @@
|
|||
*/
|
||||
static int gen()
|
||||
{
|
||||
key_encoding_type_t form = KEY_PRIV_ASN1_DER;
|
||||
cred_encoding_type_t form = PRIVKEY_ASN1_DER;
|
||||
key_type_t type = KEY_RSA;
|
||||
u_int size = 0;
|
||||
private_key_t *key;
|
||||
|
|
|
@ -99,11 +99,11 @@ static int keyid()
|
|||
if (type == CRED_PRIVATE_KEY)
|
||||
{
|
||||
private = cred;
|
||||
if (private->get_fingerprint(private, KEY_ID_PUBKEY_SHA1, &id))
|
||||
if (private->get_fingerprint(private, KEYID_PUBKEY_SHA1, &id))
|
||||
{
|
||||
printf("subjectKeyIdentifier: %#B\n", &id);
|
||||
}
|
||||
if (private->get_fingerprint(private, KEY_ID_PUBKEY_INFO_SHA1, &id))
|
||||
if (private->get_fingerprint(private, KEYID_PUBKEY_INFO_SHA1, &id))
|
||||
{
|
||||
printf("subjectPublicKeyInfo hash: %#B\n", &id);
|
||||
}
|
||||
|
@ -112,11 +112,11 @@ static int keyid()
|
|||
else if (type == CRED_PUBLIC_KEY)
|
||||
{
|
||||
public = cred;
|
||||
if (public->get_fingerprint(public, KEY_ID_PUBKEY_SHA1, &id))
|
||||
if (public->get_fingerprint(public, KEYID_PUBKEY_SHA1, &id))
|
||||
{
|
||||
printf("subjectKeyIdentifier: %#B\n", &id);
|
||||
}
|
||||
if (public->get_fingerprint(public, KEY_ID_PUBKEY_INFO_SHA1, &id))
|
||||
if (public->get_fingerprint(public, KEYID_PUBKEY_INFO_SHA1, &id))
|
||||
{
|
||||
printf("subjectPublicKeyInfo hash: %#B\n", &id);
|
||||
}
|
||||
|
@ -131,11 +131,11 @@ static int keyid()
|
|||
fprintf(stderr, "extracting public key from certificate failed");
|
||||
return 1;
|
||||
}
|
||||
if (public->get_fingerprint(public, KEY_ID_PUBKEY_SHA1, &id))
|
||||
if (public->get_fingerprint(public, KEYID_PUBKEY_SHA1, &id))
|
||||
{
|
||||
printf("subjectKeyIdentifier: %#B\n", &id);
|
||||
}
|
||||
if (public->get_fingerprint(public, KEY_ID_PUBKEY_INFO_SHA1, &id))
|
||||
if (public->get_fingerprint(public, KEYID_PUBKEY_INFO_SHA1, &id))
|
||||
{
|
||||
printf("subjectPublicKeyInfo hash: %#B\n", &id);
|
||||
}
|
||||
|
|
|
@ -30,11 +30,11 @@ static void print_pubkey(public_key_t *key)
|
|||
|
||||
printf("pubkey: %N %d bits\n", key_type_names, key->get_type(key),
|
||||
key->get_keysize(key) * 8);
|
||||
if (key->get_fingerprint(key, KEY_ID_PUBKEY_INFO_SHA1, &chunk))
|
||||
if (key->get_fingerprint(key, KEYID_PUBKEY_INFO_SHA1, &chunk))
|
||||
{
|
||||
printf("keyid: %#B\n", &chunk);
|
||||
}
|
||||
if (key->get_fingerprint(key, KEY_ID_PUBKEY_SHA1, &chunk))
|
||||
if (key->get_fingerprint(key, KEYID_PUBKEY_SHA1, &chunk))
|
||||
{
|
||||
printf("subjkey: %#B\n", &chunk);
|
||||
}
|
||||
|
|
|
@ -23,7 +23,7 @@
|
|||
*/
|
||||
static int pub()
|
||||
{
|
||||
key_encoding_type_t form = KEY_PUB_SPKI_ASN1_DER;
|
||||
cred_encoding_type_t form = PUBKEY_SPKI_ASN1_DER;
|
||||
credential_type_t type = CRED_PRIVATE_KEY;
|
||||
int subtype = KEY_RSA;
|
||||
certificate_t *cert;
|
||||
|
|
|
@ -21,20 +21,20 @@
|
|||
/**
|
||||
* Convert a form string to a encoding type
|
||||
*/
|
||||
bool get_form(char *form, key_encoding_type_t *type, bool pub)
|
||||
bool get_form(char *form, cred_encoding_type_t *type, bool pub)
|
||||
{
|
||||
if (streq(form, "der"))
|
||||
{
|
||||
/* der encoded keys usually contain the complete SubjectPublicKeyInfo */
|
||||
*type = pub ? KEY_PUB_SPKI_ASN1_DER : KEY_PRIV_ASN1_DER;
|
||||
*type = pub ? PUBKEY_SPKI_ASN1_DER : PRIVKEY_ASN1_DER;
|
||||
}
|
||||
else if (streq(form, "pem"))
|
||||
{
|
||||
*type = pub ? KEY_PUB_PEM : KEY_PRIV_PEM;
|
||||
*type = pub ? PUBKEY_PEM : PRIVKEY_PEM;
|
||||
}
|
||||
else if (streq(form, "pgp"))
|
||||
{
|
||||
*type = pub ? KEY_PUB_PGP : KEY_PRIV_PGP;
|
||||
*type = pub ? PUBKEY_PGP : PRIVKEY_PGP;
|
||||
}
|
||||
else
|
||||
{
|
||||
|
|
|
@ -29,7 +29,7 @@
|
|||
/**
|
||||
* Convert a form string to a encoding type
|
||||
*/
|
||||
bool get_form(char *form, key_encoding_type_t *type, bool pub);
|
||||
bool get_form(char *form, cred_encoding_type_t *type, bool pub);
|
||||
|
||||
/**
|
||||
* Convert a digest string to a hash algorithm
|
||||
|
|
|
@ -318,11 +318,11 @@ void list_pgp_end_certs(bool utc)
|
|||
key_type_names, key->get_type(key),
|
||||
key->get_keysize(key) * BITS_PER_BYTE,
|
||||
has_private_key(cert)? ", has private key" : "");
|
||||
if (key->get_fingerprint(key, KEY_ID_PUBKEY_INFO_SHA1, &keyid))
|
||||
if (key->get_fingerprint(key, KEYID_PUBKEY_INFO_SHA1, &keyid))
|
||||
{
|
||||
whack_log(RC_COMMENT, " keyid: %#B", &keyid);
|
||||
}
|
||||
if (key->get_fingerprint(key, KEY_ID_PUBKEY_SHA1, &keyid))
|
||||
if (key->get_fingerprint(key, KEYID_PUBKEY_SHA1, &keyid))
|
||||
{
|
||||
whack_log(RC_COMMENT, " subjkey: %#B", &keyid);
|
||||
}
|
||||
|
|
|
@ -424,7 +424,7 @@ static err_t process_txt_rr_body(u_char *str, bool doit,
|
|||
public_key_t *key = gi.key->public_key;
|
||||
|
||||
if (gi.gw_key_present &&
|
||||
key->get_fingerprint(key, KEY_ID_PUBKEY_SHA1, &keyid))
|
||||
key->get_fingerprint(key, KEYID_PUBKEY_SHA1, &keyid))
|
||||
{
|
||||
DBG_log("gateway for %s is %s with key %#B",
|
||||
client_id, gi.gw_id, &keyid);
|
||||
|
|
|
@ -260,7 +260,7 @@ static linked_list_t* collect_rw_ca_candidates(struct msg_digest *md)
|
|||
{
|
||||
new_entry = FALSE;
|
||||
break;
|
||||
}
|
||||
}
|
||||
}
|
||||
enumerator->destroy(enumerator);
|
||||
|
||||
|
@ -1568,7 +1568,7 @@ static bool take_a_crack(struct tac_state *s, pubkey_t *kr)
|
|||
|
||||
s->tried_cnt++;
|
||||
scheme = oakley_to_signature_scheme(s->st->st_oakley.auth);
|
||||
pub_key->get_fingerprint(pub_key, KEY_ID_PUBKEY_INFO_SHA1, &keyid);
|
||||
pub_key->get_fingerprint(pub_key, KEYID_PUBKEY_INFO_SHA1, &keyid);
|
||||
|
||||
if (pub_key->verify(pub_key, scheme, s->hash, s->sig))
|
||||
{
|
||||
|
@ -3542,7 +3542,7 @@ stf_status main_inR2_outI3(struct msg_digest *md)
|
|||
struct state *const st = md->st;
|
||||
pb_stream *const keyex_pbs = &md->chain[ISAKMP_NEXT_KE]->pbs;
|
||||
pb_stream id_pbs; /* ID Payload; also used for hash calculation */
|
||||
|
||||
|
||||
connection_t *c = st->st_connection;
|
||||
certpolicy_t cert_policy = c->spd.this.sendcert;
|
||||
cert_t *mycert = c->spd.this.cert;
|
||||
|
@ -4900,7 +4900,7 @@ static stf_status quick_inI1_outR1_tail(struct verify_oppo_bundle *b,
|
|||
p = rw_instantiate(p, &c->spd.that.host_addr, md->sender_port
|
||||
, his_net, c->spd.that.id);
|
||||
|
||||
/* inherit any virtual IP assigned by a Mode Config exchange */
|
||||
/* inherit any virtual IP assigned by a Mode Config exchange */
|
||||
if (p->spd.that.modecfg && c->spd.that.modecfg &&
|
||||
subnetisaddr(his_net, (ip_address*)vip->get_sockaddr(vip)))
|
||||
{
|
||||
|
|
|
@ -968,7 +968,7 @@ void free_preshared_secrets(void)
|
|||
for (s = secrets; s != NULL; s = ns)
|
||||
{
|
||||
ns = s->next;
|
||||
s->ids->destroy_offset(s->ids, offsetof(identification_t, destroy));
|
||||
s->ids->destroy_offset(s->ids, offsetof(identification_t, destroy));
|
||||
|
||||
switch (s->kind)
|
||||
{
|
||||
|
@ -1238,7 +1238,7 @@ void add_public_key_from_cert(cert_t *cert , time_t until,
|
|||
|
||||
/* insert all subjectAltNames from X.509 certificates */
|
||||
enumerator = x509->create_subjectAltName_enumerator(x509);
|
||||
while (enumerator->enumerate(enumerator, &id))
|
||||
while (enumerator->enumerate(enumerator, &id))
|
||||
{
|
||||
if (id->get_type(id) != ID_ANY)
|
||||
{
|
||||
|
@ -1327,7 +1327,7 @@ void list_public_keys(bool utc)
|
|||
public->get_keysize(public) * BITS_PER_BYTE,
|
||||
&key->until_time, utc,
|
||||
check_expiry(key->until_time, PUBKEY_WARNING_INTERVAL, TRUE));
|
||||
if (public->get_fingerprint(public, KEY_ID_PUBKEY_INFO_SHA1, &keyid))
|
||||
if (public->get_fingerprint(public, KEYID_PUBKEY_INFO_SHA1, &keyid))
|
||||
{
|
||||
whack_log(RC_COMMENT," keyid: %#B", &keyid);
|
||||
}
|
||||
|
|
|
@ -427,11 +427,11 @@ void list_x509cert_chain(const char *caption, cert_t* cert,
|
|||
cert->smartcard ? ", on smartcard" :
|
||||
(has_private_key(cert)? ", has private key" : ""));
|
||||
|
||||
if (key->get_fingerprint(key, KEY_ID_PUBKEY_INFO_SHA1, &keyid))
|
||||
if (key->get_fingerprint(key, KEYID_PUBKEY_INFO_SHA1, &keyid))
|
||||
{
|
||||
whack_log(RC_COMMENT, " keyid: %#B", &keyid);
|
||||
}
|
||||
if (key->get_fingerprint(key, KEY_ID_PUBKEY_SHA1, &subjkey))
|
||||
if (key->get_fingerprint(key, KEYID_PUBKEY_SHA1, &subjkey))
|
||||
{
|
||||
whack_log(RC_COMMENT, " subjkey: %#B", &subjkey);
|
||||
}
|
||||
|
|
|
@ -281,7 +281,7 @@ void scep_generate_transaction_id(public_key_t *key, chunk_t *transID,
|
|||
bool msb_set;
|
||||
u_char *pos;
|
||||
|
||||
key->get_encoding(key, KEY_PUB_ASN1_DER, &keyEncoding);
|
||||
key->get_encoding(key, PUBKEY_ASN1_DER, &keyEncoding);
|
||||
|
||||
keyInfo = asn1_wrap(ASN1_SEQUENCE, "mm",
|
||||
asn1_algorithmIdentifier(OID_RSA_ENCRYPTION),
|
||||
|
|
|
@ -398,7 +398,7 @@ int main(int argc, char **argv)
|
|||
transID = chunk_empty;
|
||||
fingerprint = chunk_empty;
|
||||
encoding = chunk_empty;
|
||||
pkcs10_encoding = chunk_empty;
|
||||
pkcs10_encoding = chunk_empty;
|
||||
issuerAndSubject = chunk_empty;
|
||||
challengePassword = chunk_empty;
|
||||
getCertInitial = chunk_empty;
|
||||
|
@ -900,7 +900,7 @@ int main(int argc, char **argv)
|
|||
DBG(DBG_CONTROL,
|
||||
DBG_log("building pkcs1 object:")
|
||||
)
|
||||
if (!private_key->get_encoding(private_key, KEY_PRIV_ASN1_DER, &pkcs1) ||
|
||||
if (!private_key->get_encoding(private_key, PRIVKEY_ASN1_DER, &pkcs1) ||
|
||||
!chunk_write(pkcs1, path, "pkcs1", 0066, force))
|
||||
{
|
||||
exit_scepclient("could not write pkcs1 file '%s'", path);
|
||||
|
@ -964,7 +964,7 @@ int main(int argc, char **argv)
|
|||
*/
|
||||
{
|
||||
char *path = concatenate_paths(CA_CERT_PATH, file_in_cacert_enc);
|
||||
|
||||
|
||||
x509_ca_enc = lib->creds->create(lib->creds, CRED_CERTIFICATE, CERT_X509,
|
||||
BUILD_FROM_FILE, path, BUILD_END);
|
||||
if (!x509_ca_enc)
|
||||
|
|
Loading…
Reference in New Issue