pki: Add a helper function parse traffic selectors from CIDR subnets or ranges

2 files changed, 31 insertions, 0 deletions

diff --git a/src/pki/pki.c b/src/pki/pki.c
index 472704945..00fffefa6 100644
--- a/src/pki/pki.c
+++ b/src/pki/pki.c
@@ -258,6 +258,28 @@ hash_algorithm_t get_default_digest(private_key_t *private)
 	return alg == HASH_UNKNOWN ? HASH_SHA256 : alg;
 }
 
+/*
+ * Described in header
+ */
+traffic_selector_t* parse_ts(char *str)
+{
+	ts_type_t type = TS_IPV4_ADDR_RANGE;
+	char *to, from[64];
+
+	if (strchr(str, ':'))
+	{
+		type = TS_IPV6_ADDR_RANGE;
+	}
+	to = strchr(str, '-');
+	if (to)
+	{
+		snprintf(from, sizeof(from), "%.*s", to - str, str);
+		to++;
+		return traffic_selector_create_from_string(0, type, from, 0, to, 65535);
+	}
+	return traffic_selector_create_from_cidr(str, 0, 0, 65535);
+}
+
 /**
  * Callback credential set pki uses
  */
diff --git a/src/pki/pki.h b/src/pki/pki.h
index 017e61df6..54be59f8f 100644
--- a/src/pki/pki.h
+++ b/src/pki/pki.h
@@ -26,6 +26,7 @@
 #include "command.h"
 
 #include <library.h>
+#include <selectors/traffic_selector.h>
 #include <credentials/keys/private_key.h>
 
 /**
@@ -63,4 +64,12 @@ void set_file_mode(FILE *stream, cred_encoding_type_t enc);
  */
 hash_algorithm_t get_default_digest(private_key_t *private);
 
+/**
+ * Create a traffic selector from a CIDR or range string.
+ *
+ * @param str		input string, either a.b.c.d/e or a.b.c.d-e.f.g.h
+ * @return			traffic selector, NULL on error
+ */
+traffic_selector_t* parse_ts(char *str);
+
 #endif /** PKI_H_ @}*/