diff options
| author | Martin Willi <martin@revosec.ch> | 2010-07-13 11:28:04 +0200 |
|---|---|---|
| committer | Martin Willi <martin@revosec.ch> | 2010-07-13 11:29:35 +0200 |
| commit | da9724e6d0fe82db4191a2d15919b365f0f210b0 (patch) | |
| tree | 1c36b8e3771a0ba0faa4ef8c80df93b43b9a87b5 | |
| parent | 24d327ab4dd1dde77572b23794e958684d363a40 (diff) | |
| download | strongswan-da9724e6d0fe82db4191a2d15919b365f0f210b0.tar.bz2 strongswan-da9724e6d0fe82db4191a2d15919b365f0f210b0.tar.xz | |
Renamed key_encod{ing,der}_t and constants, prepare for generic credential encoding
55 files changed, 360 insertions, 361 deletions
diff --git a/scripts/key2keyid.c b/scripts/key2keyid.c index 36a81b3f1..551d031c6 100644 --- a/scripts/key2keyid.c +++ b/scripts/key2keyid.c @@ -37,15 +37,15 @@ int main(int argc, char *argv[]) printf("parsed %d bits %N private key.\n", private->get_keysize(private)*8, key_type_names, private->get_type(private)); - if (private->get_fingerprint(private, KEY_ID_PUBKEY_INFO_SHA1, &chunk)) + if (private->get_fingerprint(private, KEYID_PUBKEY_INFO_SHA1, &chunk)) { printf("subjectPublicKeyInfo keyid: %#B\n", &chunk); } - if (private->get_fingerprint(private, KEY_ID_PUBKEY_SHA1, &chunk)) + if (private->get_fingerprint(private, KEYID_PUBKEY_SHA1, &chunk)) { printf("subjectPublicKey keyid: %#B\n", &chunk); } - if (private->get_fingerprint(private, KEY_ID_PGPV3, &chunk)) + if (private->get_fingerprint(private, KEYID_PGPV3, &chunk)) { printf("PGP version 3 keyid: %#B\n", &chunk); } @@ -67,15 +67,15 @@ int main(int argc, char *argv[]) printf("parsed %d bits %N public key.\n", public->get_keysize(public)*8, key_type_names, public->get_type(public)); - if (public->get_fingerprint(public, KEY_ID_PUBKEY_INFO_SHA1, &chunk)) + if (public->get_fingerprint(public, KEYID_PUBKEY_INFO_SHA1, &chunk)) { printf("subjectPublicKeyInfo keyid: %#B\n", &chunk); } - if (public->get_fingerprint(public, KEY_ID_PUBKEY_SHA1, &chunk)) + if (public->get_fingerprint(public, KEYID_PUBKEY_SHA1, &chunk)) { printf("subjectPublicKey keyid: %#B\n", &chunk); } - if (public->get_fingerprint(public, KEY_ID_PGPV3, &chunk)) + if (public->get_fingerprint(public, KEYID_PGPV3, &chunk)) { printf("PGP version 3 keyid: %#B\n", &chunk); } diff --git a/scripts/keyid2sql.c b/scripts/keyid2sql.c index 2d17c273d..e37303c08 100644 --- a/scripts/keyid2sql.c +++ b/scripts/keyid2sql.c @@ -34,7 +34,7 @@ int main(int argc, char *argv[]) BUILD_END); if (private) { - if (private->get_fingerprint(private, KEY_ID_PUBKEY_SHA1, &chunk)) + if (private->get_fingerprint(private, KEYID_PUBKEY_SHA1, &chunk)) { printf("%d, X'", ID_KEY_ID); for (n = 0; n < chunk.len; n++) @@ -58,7 +58,7 @@ int main(int argc, char *argv[]) } if (public) { - if (public->get_fingerprint(public, KEY_ID_PUBKEY_SHA1, &chunk)) + if (public->get_fingerprint(public, KEYID_PUBKEY_SHA1, &chunk)) { printf("%d, X'", ID_KEY_ID); for (n = 0; n < chunk.len; n++) diff --git a/src/libcharon/plugins/stroke/stroke_ca.c b/src/libcharon/plugins/stroke/stroke_ca.c index b0d986707..b1cf5b2b5 100644 --- a/src/libcharon/plugins/stroke/stroke_ca.c +++ b/src/libcharon/plugins/stroke/stroke_ca.c @@ -401,11 +401,11 @@ static void list(private_stroke_ca_t *this, stroke_msg_t *msg, FILE *out) /* list authkey and keyid */ if (public) { - if (public->get_fingerprint(public, KEY_ID_PUBKEY_SHA1, &chunk)) + if (public->get_fingerprint(public, KEYID_PUBKEY_SHA1, &chunk)) { fprintf(out, " authkey: %#B\n", &chunk); } - if (public->get_fingerprint(public, KEY_ID_PUBKEY_INFO_SHA1, &chunk)) + if (public->get_fingerprint(public, KEYID_PUBKEY_INFO_SHA1, &chunk)) { fprintf(out, " keyid: %#B\n", &chunk); } diff --git a/src/libcharon/plugins/stroke/stroke_list.c b/src/libcharon/plugins/stroke/stroke_list.c index 3a2e97b15..a6de35466 100644 --- a/src/libcharon/plugins/stroke/stroke_list.c +++ b/src/libcharon/plugins/stroke/stroke_list.c @@ -626,7 +626,7 @@ static void list_public_key(public_key_t *public, FILE *out) identification_t *id; auth_cfg_t *auth; - if (public->get_fingerprint(public, KEY_ID_PUBKEY_SHA1, &keyid)) + if (public->get_fingerprint(public, KEYID_PUBKEY_SHA1, &keyid)) { id = identification_create_from_encoding(ID_KEY_ID, keyid); auth = auth_cfg_create(); @@ -640,11 +640,11 @@ static void list_public_key(public_key_t *public, FILE *out) key_type_names, public->get_type(public), public->get_keysize(public) * 8, private ? ", has private key" : ""); - if (public->get_fingerprint(public, KEY_ID_PUBKEY_INFO_SHA1, &keyid)) + if (public->get_fingerprint(public, KEYID_PUBKEY_INFO_SHA1, &keyid)) { fprintf(out, " keyid: %#B\n", &keyid); } - if (public->get_fingerprint(public, KEY_ID_PUBKEY_SHA1, &keyid)) + if (public->get_fingerprint(public, KEYID_PUBKEY_SHA1, &keyid)) { fprintf(out, " subjkey: %#B\n", &keyid); } diff --git a/src/libcharon/plugins/unit_tester/tests/test_med_db.c b/src/libcharon/plugins/unit_tester/tests/test_med_db.c index cc4278ce3..ae1d08e15 100644 --- a/src/libcharon/plugins/unit_tester/tests/test_med_db.c +++ b/src/libcharon/plugins/unit_tester/tests/test_med_db.c @@ -41,7 +41,7 @@ bool test_med_db() KEY_ANY, id, NULL); while (enumerator->enumerate(enumerator, &public, &auth)) { - good = public->get_fingerprint(public, KEY_ID_PUBKEY_SHA1, &found); + good = public->get_fingerprint(public, KEYID_PUBKEY_SHA1, &found); if (good) { good = chunk_equals(id->get_encoding(id), found); diff --git a/src/libcharon/sa/tasks/ike_cert_pre.c b/src/libcharon/sa/tasks/ike_cert_pre.c index 23412f63e..1c0c54727 100644 --- a/src/libcharon/sa/tasks/ike_cert_pre.c +++ b/src/libcharon/sa/tasks/ike_cert_pre.c @@ -299,7 +299,7 @@ static void add_certreq(certreq_payload_t **req, certificate_t *cert) { *req = certreq_payload_create_type(CERT_X509); } - if (public->get_fingerprint(public, KEY_ID_PUBKEY_INFO_SHA1, &keyid)) + if (public->get_fingerprint(public, KEYID_PUBKEY_INFO_SHA1, &keyid)) { (*req)->add_keyid(*req, keyid); DBG1(DBG_IKE, "sending cert request for \"%Y\"", diff --git a/src/libstrongswan/credentials/cred_encoding.c b/src/libstrongswan/credentials/cred_encoding.c index 2969b3e08..edd76205b 100644 --- a/src/libstrongswan/credentials/cred_encoding.c +++ b/src/libstrongswan/credentials/cred_encoding.c @@ -21,25 +21,25 @@ #include <utils/hashtable.h> #include <threading/rwlock.h> -typedef struct private_key_encoding_t private_key_encoding_t; +typedef struct private_cred_encoding_t private_cred_encoding_t; /** - * Private data of an key_encoding_t object. + * Private data of an cred_encoding_t object. */ -struct private_key_encoding_t { +struct private_cred_encoding_t { /** - * Public key_encoding_t interface. + * Public cred_encoding_t interface. */ - key_encoding_t public; + cred_encoding_t public; /** * cached encodings, a table for each encoding_type_t, containing chunk_t* */ - hashtable_t *cache[KEY_ENCODING_MAX]; + hashtable_t *cache[CRED_ENCODING_MAX]; /** - * Registered encoding fuctions, key_encoder_t + * Registered encoding fuctions, cred_encoder_t */ linked_list_t *encoders; @@ -52,7 +52,7 @@ struct private_key_encoding_t { /** * See header. */ -bool key_encoding_args(va_list args, ...) +bool cred_encoding_args(va_list args, ...) { va_list parts, copy; bool failed = FALSE; @@ -61,12 +61,12 @@ bool key_encoding_args(va_list args, ...) while (!failed) { - key_encoding_part_t current, target; + cred_encoding_part_t current, target; chunk_t *out, data; /* get the part we are looking for */ - target = va_arg(parts, key_encoding_part_t); - if (target == KEY_PART_END) + target = va_arg(parts, cred_encoding_part_t); + if (target == CRED_PART_END) { break; } @@ -75,8 +75,8 @@ bool key_encoding_args(va_list args, ...) va_copy(copy, args); while (!failed) { - current = va_arg(copy, key_encoding_part_t); - if (current == KEY_PART_END) + current = va_arg(copy, cred_encoding_part_t); + if (current == CRED_PART_END) { failed = TRUE; break; @@ -111,14 +111,14 @@ static bool equals(void *key1, void *key2) } /** - * Implementation of key_encoding_t.get_cache + * Implementation of cred_encoding_t.get_cache */ -static bool get_cache(private_key_encoding_t *this, key_encoding_type_t type, +static bool get_cache(private_cred_encoding_t *this, cred_encoding_type_t type, void *cache, chunk_t *encoding) { chunk_t *chunk; - if (type >= KEY_ENCODING_MAX || type < 0) + if (type >= CRED_ENCODING_MAX || type < 0) { return FALSE; } @@ -133,18 +133,18 @@ static bool get_cache(private_key_encoding_t *this, key_encoding_type_t type, } /** - * Implementation of key_encoding_t.encode + * Implementation of cred_encoding_t.encode */ -static bool encode(private_key_encoding_t *this, key_encoding_type_t type, +static bool encode(private_cred_encoding_t *this, cred_encoding_type_t type, void *cache, chunk_t *encoding, ...) { enumerator_t *enumerator; va_list args, copy; - key_encoder_t encode; + cred_encoder_t encode; bool success = FALSE; chunk_t *chunk; - if (type >= KEY_ENCODING_MAX || type < 0) + if (type >= CRED_ENCODING_MAX || type < 0) { return FALSE; } @@ -187,14 +187,14 @@ static bool encode(private_key_encoding_t *this, key_encoding_type_t type, } /** - * Implementation of key_encoding_t.cache + * Implementation of cred_encoding_t.cache */ -static void cache(private_key_encoding_t *this, key_encoding_type_t type, +static void cache(private_cred_encoding_t *this, cred_encoding_type_t type, void *cache, chunk_t encoding) { chunk_t *chunk; - if (type >= KEY_ENCODING_MAX || type < 0) + if (type >= CRED_ENCODING_MAX || type < 0) { return free(encoding.ptr); } @@ -212,15 +212,15 @@ static void cache(private_key_encoding_t *this, key_encoding_type_t type, } /** - * Implementation of key_encoding_t.clear_cache + * Implementation of cred_encoding_t.clear_cache */ -static void clear_cache(private_key_encoding_t *this, void *cache) +static void clear_cache(private_cred_encoding_t *this, void *cache) { - key_encoding_type_t type; + cred_encoding_type_t type; chunk_t *chunk; this->lock->write_lock(this->lock); - for (type = 0; type < KEY_ENCODING_MAX; type++) + for (type = 0; type < CRED_ENCODING_MAX; type++) { chunk = this->cache[type]->remove(this->cache[type], cache); if (chunk) @@ -233,9 +233,9 @@ static void clear_cache(private_key_encoding_t *this, void *cache) } /** - * Implementation of key_encoding_t.add_encoder + * Implementation of cred_encoding_t.add_encoder */ -static void add_encoder(private_key_encoding_t *this, key_encoder_t encoder) +static void add_encoder(private_cred_encoding_t *this, cred_encoder_t encoder) { this->lock->write_lock(this->lock); this->encoders->insert_last(this->encoders, encoder); @@ -243,9 +243,9 @@ static void add_encoder(private_key_encoding_t *this, key_encoder_t encoder) } /** - * Implementation of key_encoding_t.remove_encoder + * Implementation of cred_encoding_t.remove_encoder */ -static void remove_encoder(private_key_encoding_t *this, key_encoder_t encoder) +static void remove_encoder(private_cred_encoding_t *this, cred_encoder_t encoder) { this->lock->write_lock(this->lock); this->encoders->remove(this->encoders, encoder, NULL); @@ -253,18 +253,18 @@ static void remove_encoder(private_key_encoding_t *this, key_encoder_t encoder) } /** - * Implementation of key_encoder_t.destroy. + * Implementation of cred_encoder_t.destroy. */ -static void destroy(private_key_encoding_t *this) +static void destroy(private_cred_encoding_t *this) { - key_encoding_type_t type; + cred_encoding_type_t type; - for (type = 0; type < KEY_ENCODING_MAX; type++) + for (type = 0; type < CRED_ENCODING_MAX; type++) { - /* We explicitly do not free remaining encodings. All keys should + /* We explicitly do not free remaining encodings. All creds should * have gone now, and they are responsible for cleaning out their * cache entries. Not flushing here allows the leak detective to - * complain if a key did not flush cached encodings. */ + * complain if a credential did not flush cached encodings. */ this->cache[type]->destroy(this->cache[type]); } this->encoders->destroy(this->encoders); @@ -275,20 +275,20 @@ static void destroy(private_key_encoding_t *this) /** * See header */ -key_encoding_t *key_encoding_create() +cred_encoding_t *cred_encoding_create() { - private_key_encoding_t *this = malloc_thing(private_key_encoding_t); - key_encoding_type_t type; - - this->public.encode = (bool(*)(key_encoding_t*, key_encoding_type_t type, void *cache, chunk_t *encoding, ...))encode; - this->public.get_cache = (bool(*)(key_encoding_t*, key_encoding_type_t type, void *cache, chunk_t *encoding))get_cache; - this->public.cache = (void(*)(key_encoding_t*, key_encoding_type_t type, void *cache, chunk_t encoding))cache; - this->public.clear_cache = (void(*)(key_encoding_t*, void *cache))clear_cache; - this->public.add_encoder = (void(*)(key_encoding_t*, key_encoder_t encoder))add_encoder; - this->public.remove_encoder = (void(*)(key_encoding_t*, key_encoder_t encoder))remove_encoder; - this->public.destroy = (void(*)(key_encoding_t*))destroy; - - for (type = 0; type < KEY_ENCODING_MAX; type++) + private_cred_encoding_t *this = malloc_thing(private_cred_encoding_t); + cred_encoding_type_t type; + + this->public.encode = (bool(*)(cred_encoding_t*, cred_encoding_type_t type, void *cache, chunk_t *encoding, ...))encode; + this->public.get_cache = (bool(*)(cred_encoding_t*, cred_encoding_type_t type, void *cache, chunk_t *encoding))get_cache; + this->public.cache = (void(*)(cred_encoding_t*, cred_encoding_type_t type, void *cache, chunk_t encoding))cache; + this->public.clear_cache = (void(*)(cred_encoding_t*, void *cache))clear_cache; + this->public.add_encoder = (void(*)(cred_encoding_t*, cred_encoder_t encoder))add_encoder; + this->public.remove_encoder = (void(*)(cred_encoding_t*, cred_encoder_t encoder))remove_encoder; + this->public.destroy = (void(*)(cred_encoding_t*))destroy; + + for (type = 0; type < CRED_ENCODING_MAX; type++) { this->cache[type] = hashtable_create(hash, equals, 8); } diff --git a/src/libstrongswan/credentials/cred_encoding.h b/src/libstrongswan/credentials/cred_encoding.h index d8435f4b4..04104fdad 100644 --- a/src/libstrongswan/credentials/cred_encoding.h +++ b/src/libstrongswan/credentials/cred_encoding.h @@ -14,134 +14,134 @@ */ /** - * @defgroup key_encoding key_encoding - * @{ @ingroup keys + * @defgroup cred_encoding cred_encoding + * @{ @ingroup credentials */ -#ifndef KEY_ENCODING_H_ -#define KEY_ENCODING_H_ +#ifndef CRED_ENCODING_H_ +#define CRED_ENCODING_H_ -typedef struct key_encoding_t key_encoding_t; -typedef enum key_encoding_type_t key_encoding_type_t; -typedef enum key_encoding_part_t key_encoding_part_t; +typedef struct cred_encoding_t cred_encoding_t; +typedef enum cred_encoding_type_t cred_encoding_type_t; +typedef enum cred_encoding_part_t cred_encoding_part_t; #include <library.h> /** - * Key encoder function implementing encoding/fingerprinting. + * Credential encoder function implementing encoding/fingerprinting. * - * The variable argument list takes key_encoding_part_t, followed by part + * The variable argument list takes cred_encoding_part_t, followed by part * specific arguments, terminated by KEY_PART_END. * - * @param type format to encode the key to - * @param args list of (key_encoding_part_t, data) + * @param type format to encode the credential to + * @param args list of (cred_encoding_part_t, data) * @param encoding encoding result, allocated * @return TRUE if encoding successful */ -typedef bool (*key_encoder_t)(key_encoding_type_t type, chunk_t *encoding, - va_list args); +typedef bool (*cred_encoder_t)(cred_encoding_type_t type, chunk_t *encoding, + va_list args); /** - * Helper function for key_encoder_t implementations to parse argument list. + * Helper function for cred_encoder_t implementations to parse argument list. * - * Key encoder functions get a variable argument list to parse. To simplify - * the job, this function reads the arguments and returns chunks for each - * part. - * The argument list of this function takes a key_encoding_part_t, followed - * by a data pointer receiving the value, terminated by KEY_PART_END. + * Credential encoder functions get a variable argument list to parse. To + * simplify the job, this function reads the arguments and returns chunks for + * each part. + * The argument list of this function takes a cred_encoding_part_t, followed + * by a data pointer receiving the value, terminated by CRED_PART_END. * - * @param args argument list passed to key encoder function - * @param ... list of (key_encoding_part_t, data*) + * @param args argument list passed to credential encoder function + * @param ... list of (cred_encoding_part_t, data*) * @return TRUE if all parts found, FALSE otherwise */ -bool key_encoding_args(va_list args, ...); +bool cred_encoding_args(va_list args, ...); /** - * Encoding type of a fingerprint/private-/public-key. + * Encoding type of a fingerprint/credential. * - * Fingerprints have have the KEY_ID_*, public keys the KEY_PUB_* and - * private keys the KEY_PRIV_* prefix. + * Fingerprints have have the KEYID_*, public keys the PUBKEY_* and + * private keys the PRIVKEY_* prefix. */ -enum key_encoding_type_t { +enum cred_encoding_type_t { /** SHA1 fingerprint over subjectPublicKeyInfo */ - KEY_ID_PUBKEY_INFO_SHA1 = 0, + KEYID_PUBKEY_INFO_SHA1 = 0, /** SHA1 fingerprint over subjectPublicKey */ - KEY_ID_PUBKEY_SHA1, + KEYID_PUBKEY_SHA1, /** PGPv3 fingerprint */ - KEY_ID_PGPV3, + KEYID_PGPV3, /** PGPv4 fingerprint */ - KEY_ID_PGPV4, + KEYID_PGPV4, - KEY_ID_MAX, + KEYID_MAX, /** PKCS#1 and similar ASN.1 key encoding */ - KEY_PUB_ASN1_DER, - KEY_PRIV_ASN1_DER, + PUBKEY_ASN1_DER, + PRIVKEY_ASN1_DER, /** subjectPublicKeyInfo encoding */ - KEY_PUB_SPKI_ASN1_DER, + PUBKEY_SPKI_ASN1_DER, /** PEM encoded PKCS#1 key */ - KEY_PUB_PEM, - KEY_PRIV_PEM, + PUBKEY_PEM, + PRIVKEY_PEM, /** PGP key encoding */ - KEY_PUB_PGP, - KEY_PRIV_PGP, + PUBKEY_PGP, + PRIVKEY_PGP, - KEY_ENCODING_MAX, + CRED_ENCODING_MAX, }; /** - * Parts of a key to encode. + * Parts of a credential to encode. */ -enum key_encoding_part_t { +enum cred_encoding_part_t { /** modulus of a RSA key, n */ - KEY_PART_RSA_MODULUS, + CRED_PART_RSA_MODULUS, /** public exponent of a RSA key, e */ - KEY_PART_RSA_PUB_EXP, + CRED_PART_RSA_PUB_EXP, /** private exponent of a RSA key, d */ - KEY_PART_RSA_PRIV_EXP, + CRED_PART_RSA_PRIV_EXP, /** prime1 a RSA key, p */ - KEY_PART_RSA_PRIME1, + CRED_PART_RSA_PRIME1, /** prime2 a RSA key, q */ - KEY_PART_RSA_PRIME2, + CRED_PART_RSA_PRIME2, /** exponent1 a RSA key, exp1 */ - KEY_PART_RSA_EXP1, + CRED_PART_RSA_EXP1, /** exponent1 a RSA key, exp2 */ - KEY_PART_RSA_EXP2, + CRED_PART_RSA_EXP2, /** coefficient of RSA key, coeff */ - KEY_PART_RSA_COEFF, + CRED_PART_RSA_COEFF, /** a DER encoded RSA public key */ - KEY_PART_RSA_PUB_ASN1_DER, + CRED_PART_RSA_PUB_ASN1_DER, /** a DER encoded RSA private key */ - KEY_PART_RSA_PRIV_ASN1_DER, + CRED_PART_RSA_PRIV_ASN1_DER, /** a DER encoded ECDSA public key */ - KEY_PART_ECDSA_PUB_ASN1_DER, + CRED_PART_ECDSA_PUB_ASN1_DER, /** a DER encoded ECDSA private key */ - KEY_PART_ECDSA_PRIV_ASN1_DER, + CRED_PART_ECDSA_PRIV_ASN1_DER, - KEY_PART_END, + CRED_PART_END, }; /** - * Private/Public key encoding and fingerprinting facility. + * Credential encoding and fingerprinting facility. */ -struct key_encoding_t { +struct cred_encoding_t { /** - * Encode a key into a format using several key parts, optional caching. + * Encode a credential in a format using several parts, optional caching. * - * The variable argument list takes key_encoding_part_t, followed by part - * specific arguments, terminated by KEY_PART_END. + * The variable argument list takes cred_encoding_part_t, followed by part + * specific arguments, terminated by CRED_PART_END. * If a cache key is given, the returned encoding points to internal data: * do not free or modify. If no cache key is given, the encoding is * allocated and must be freed by the caller. * - * @param type format the key should be encoded to + * @param type format the credential should be encoded to * @param cache key to use for caching, NULL to not cache * @param encoding encoding result, allocated if caching disabled - * @param ... list of (key_encoding_part_t, data) + * @param ... list of (cred_encoding_part_t, data) * @return TRUE if encoding successful */ - bool (*encode)(key_encoding_t *this, key_encoding_type_t type, void *cache, + bool (*encode)(cred_encoding_t *this, cred_encoding_type_t type, void *cache, chunk_t *encoding, ...); /** @@ -149,55 +149,55 @@ struct key_encoding_t { * * @param cache key used in encode() for caching */ - void (*clear_cache)(key_encoding_t *this, void *cache); + void (*clear_cache)(cred_encoding_t *this, void *cache); /** * Check for a cached encoding. * - * @param type format of the key encoding + * @param type format of the credential encoding * @param cache key to use for caching, as given to encode() * @param encoding encoding result, internal data * @return TRUE if cache entry found */ - bool (*get_cache)(key_encoding_t *this, key_encoding_type_t type, + bool (*get_cache)(cred_encoding_t *this, cred_encoding_type_t type, void *cache, chunk_t *encoding); /** - * Cache a key encoding created externally. + * Cache a credential encoding created externally. * - * After calling cache(), the passed encoding is owned by the key encoding + * After calling cache(), the passed encoding is owned by the cred encoding * facility. * - * @param type format of the key encoding + * @param type format of the credential encoding * @param cache key to use for caching, as given to encode() * @param encoding encoding to cache, gets owned by this */ - void (*cache)(key_encoding_t *this, key_encoding_type_t type, void *cache, + void (*cache)(cred_encoding_t *this, cred_encoding_type_t type, void *cache, chunk_t encoding); /** - * Register a key encoder function. + * Register a credential encoder function. * - * @param encoder key encoder function to add + * @param encoder credential encoder function to add */ - void (*add_encoder)(key_encoding_t *this, key_encoder_t encoder); + void (*add_encoder)(cred_encoding_t *this, cred_encoder_t encoder); /** - * Unregister a previously registered key encoder function. + * Unregister a previously registered credential encoder function. * - * @param encoder key encoder function to remove + * @param encoder credential encoder function to remove */ - void (*remove_encoder)(key_encoding_t *this, key_encoder_t encoder); + void (*remove_encoder)(cred_encoding_t *this, cred_encoder_t encoder); /** - * Destroy a key_encoding_t. + * Destroy a cred_encoding_t. */ - void (*destroy)(key_encoding_t *this); + void (*destroy)(cred_encoding_t *this); }; /** - * Create a key_encoding instance. + * Create a cred_encoding instance. */ -key_encoding_t *key_encoding_create(); +cred_encoding_t *cred_encoding_create(); -#endif /** KEY_ENCODING_H_ @}*/ +#endif /** CRED_ENCODING_H_ @}*/ diff --git a/src/libstrongswan/credentials/credential_manager.c b/src/libstrongswan/credentials/credential_manager.c index 3b671c71f..46c36c941 100644 --- a/src/libstrongswan/credentials/credential_manager.c +++ b/src/libstrongswan/credentials/credential_manager.c @@ -909,7 +909,7 @@ static private_key_t *get_private_by_cert(private_credential_manager_t *this, public = cert->get_public_key(cert); if (public) { - if (public->get_fingerprint(public, KEY_ID_PUBKEY_SHA1, &chunk)) + if (public->get_fingerprint(public, KEYID_PUBKEY_SHA1, &chunk)) { keyid = identification_create_from_encoding(ID_KEY_ID, chunk); private = get_private_by_keyid(this, type, keyid); diff --git a/src/libstrongswan/credentials/keys/private_key.c b/src/libstrongswan/credentials/keys/private_key.c index c3b5ac55b..8292af495 100644 --- a/src/libstrongswan/credentials/keys/private_key.c +++ b/src/libstrongswan/credentials/keys/private_key.c @@ -20,7 +20,7 @@ */ bool private_key_equals(private_key_t *this, private_key_t *other) { - key_encoding_type_t type; + cred_encoding_type_t type; chunk_t a, b; if (this == other) @@ -28,7 +28,7 @@ bool private_key_equals(private_key_t *this, private_key_t *other) return TRUE; } - for (type = 0; type < KEY_ENCODING_MAX; type++) + for (type = 0; type < CRED_ENCODING_MAX; type++) { if (this->get_fingerprint(this, type, &a) && other->get_fingerprint(other, type, &b)) @@ -44,10 +44,10 @@ bool private_key_equals(private_key_t *this, private_key_t *other) */ bool private_key_belongs_to(private_key_t *private, public_key_t *public) { - key_encoding_type_t type; + cred_encoding_type_t type; chunk_t a, b; - for (type = 0; type < KEY_ENCODING_MAX; type++) + for (type = 0; type < CRED_ENCODING_MAX; type++) { if (private->get_fingerprint(private, type, &a) && public->get_fingerprint(public, type, &b)) @@ -63,10 +63,10 @@ bool private_key_belongs_to(private_key_t *private, public_key_t *public) */ bool private_key_has_fingerprint(private_key_t *private, chunk_t fingerprint) { - key_encoding_type_t type; + cred_encoding_type_t type; chunk_t current; - for (type = 0; type < KEY_ID_MAX; type++) + for (type = 0; type < KEYID_MAX; type++) { if (private->get_fingerprint(private, type, ¤t) && chunk_equals(current, fingerprint)) diff --git a/src/libstrongswan/credentials/keys/private_key.h b/src/libstrongswan/credentials/keys/private_key.h index 0ff186f02..27f4ab098 100644 --- a/src/libstrongswan/credentials/keys/private_key.h +++ b/src/libstrongswan/credentials/keys/private_key.h @@ -90,11 +90,11 @@ struct private_key_t { /** * Get the fingerprint of the key. * - * @param type type of fingerprint, one of KEY_ID_* + * @param type type of fingerprint, one of KEYID_* * @param fp fingerprint, points to internal data * @return TRUE if fingerprint type supported */ - bool (*get_fingerprint)(private_key_t *this, key_encoding_type_t type, + bool (*get_fingerprint)(private_key_t *this, cred_encoding_type_t type, chunk_t *fp); /** @@ -108,11 +108,11 @@ struct private_key_t { /** * Get the key in an encoded form as a chunk. * - * @param type type of the encoding, one of KEY_PRIV_* + * @param type type of the encoding, one of PRIVKEY_* * @param encoding encoding of the key, allocated * @return TRUE if encoding supported */ - bool (*get_encoding)(private_key_t *this, key_encoding_type_t type, + bool (*get_encoding)(private_key_t *this, cred_encoding_type_t type, chunk_t *encoding); /** diff --git a/src/libstrongswan/credentials/keys/public_key.c b/src/libstrongswan/credentials/keys/public_key.c index ba3036793..ce342de33 100644 --- a/src/libstrongswan/credentials/keys/public_key.c +++ b/src/libstrongswan/credentials/keys/public_key.c @@ -47,7 +47,7 @@ ENUM(signature_scheme_names, SIGN_UNKNOWN, SIGN_ECDSA_521, */ bool public_key_equals(public_key_t *this, public_key_t *other) { - key_encoding_type_t type; + cred_encoding_type_t type; chunk_t a, b; if (this == other) @@ -55,7 +55,7 @@ bool public_key_equals(public_key_t *this, public_key_t *other) return TRUE; } - for (type = 0; type < KEY_ENCODING_MAX; type++) + for (type = 0; type < CRED_ENCODING_MAX; type++) { if (this->get_fingerprint(this, type, &a) && other->get_fingerprint(other, type, &b)) @@ -71,10 +71,10 @@ bool public_key_equals(public_key_t *this, public_key_t *other) */ bool public_key_has_fingerprint(public_key_t *public, chunk_t fingerprint) { - key_encoding_type_t type; + cred_encoding_type_t type; chunk_t current; - for (type = 0; type < KEY_ID_MAX; type++) + for (type = 0; type < KEYID_MAX; type++) { if (public->get_fingerprint(public, type, ¤t) && chunk_equals(current, fingerprint)) diff --git a/src/libstrongswan/credentials/keys/public_key.h b/src/libstrongswan/credentials/keys/public_key.h index 33ad9418e..ff827a189 100644 --- a/src/libstrongswan/credentials/keys/public_key.h +++ b/src/libstrongswan/credentials/keys/public_key.h @@ -23,7 +23,6 @@ typedef struct public_key_t public_key_t; typedef enum key_type_t key_type_t; -typedef enum key_id_type_t key_id_type_t; typedef enum signature_scheme_t signature_scheme_t; #include <library.h> @@ -147,11 +146,11 @@ struct public_key_t { /** * Get the fingerprint of the key. * - * @param type type of fingerprint, one of KEY_ID_* + * @param type type of fingerprint, one of KEYID_* * @param fp fingerprint, points to internal data * @return TRUE if fingerprint type supported */ - bool (*get_fingerprint)(public_key_t *this, key_encoding_type_t type, + bool (*get_fingerprint)(public_key_t *this, cred_encoding_type_t type, chunk_t *fp); /** @@ -165,11 +164,11 @@ struct public_key_t { /** * Get the key in an encoded form as a chunk. * - * @param type type of the encoding, one of KEY_PRIV_* + * @param type type of the encoding, one of PRIVKEY_* * @param encoding encoding of the key, allocated * @return TRUE if encoding supported */ - bool (*get_encoding)(public_key_t *this, key_encoding_type_t type, + bool (*get_encoding)(public_key_t *this, cred_encoding_type_t type, chunk_t *encoding); /** diff --git a/src/libstrongswan/library.c b/src/libstrongswan/library.c index 06b0ecc22..b61bdf7a0 100644 --- a/src/libstrongswan/library.c +++ b/src/libstrongswan/library.c @@ -138,7 +138,7 @@ bool library_init(char *settings) this->public.crypto = crypto_factory_create(); this->public.creds = credential_factory_create(); this->public.credmgr = credential_manager_create(); - this->public.encoding = key_encoding_create(); + this->public.encoding = cred_encoding_create(); this->public.fetcher = fetcher_manager_create(); this->public.db = database_factory_create(); this->public.plugins = plugin_loader_create(); diff --git a/src/libstrongswan/library.h b/src/libstrongswan/library.h index f9300cefc..cd5dfb479 100644 --- a/src/libstrongswan/library.h +++ b/src/libstrongswan/library.h @@ -99,9 +99,9 @@ struct library_t { credential_manager_t *credmgr; /** - * key encoding registry and factory + * Credential encoding registry and factory */ - key_encoding_t *encoding; + cred_encoding_t *encoding; /** * URL fetching facility diff --git a/src/libstrongswan/plugins/agent/agent_private_key.c b/src/libstrongswan/plugins/agent/agent_private_key.c index 4247f849e..51ddbecc6 100644 --- a/src/libstrongswan/plugins/agent/agent_private_key.c +++ b/src/libstrongswan/plugins/agent/agent_private_key.c @@ -340,7 +340,7 @@ static public_key_t* get_public_key(private_agent_private_key_t *this) * Implementation of private_key_t.get_encoding */ static bool get_encoding(private_agent_private_key_t *this, - key_encoding_type_t type, chunk_t *encoding) + cred_encoding_type_t type, chunk_t *encoding) { return FALSE; } @@ -349,7 +349,7 @@ static bool get_encoding(private_agent_private_key_t *this, * Implementation of private_key_t.get_fingerprint */ static bool get_fingerprint(private_agent_private_key_t *this, - key_encoding_type_t type, chunk_t *fp) + cred_encoding_type_t type, chunk_t *fp) { chunk_t n, e, key; @@ -363,7 +363,7 @@ static bool get_fingerprint(private_agent_private_key_t *this, n = read_string(&key); return lib->encoding->encode(lib->encoding, type, this, fp, - KEY_PART_RSA_MODULUS, n, KEY_PART_RSA_PUB_EXP, e, KEY_PART_END); + CRED_PART_RSA_MODULUS, n, CRED_PART_RSA_PUB_EXP, e, CRED_PART_END); } /** @@ -429,9 +429,9 @@ agent_private_key_t *agent_private_key_open(key_type_t type, va_list args) this->public.interface.get_public_key = (public_key_t* (*)(private_key_t *this))get_public_key; this->public.interface.belongs_to = private_key_belongs_to; this->public.interface.equals = private_key_equals; - this->public.interface.get_fingerprint = (bool(*)(private_key_t*, key_encoding_type_t type, chunk_t *fp))get_fingerprint; + this->public.interface.get_fingerprint = (bool(*)(private_key_t*, cred_encoding_type_t type, chunk_t *fp))get_fingerprint; this->public.interface.has_fingerprint = (bool(*)(private_key_t*, chunk_t fp))private_key_has_fingerprint; - this->public.interface.get_encoding = (bool(*)(private_key_t*, key_encoding_type_t type, chunk_t *encoding))get_encoding; + this->public.interface.get_encoding = (bool(*)(private_key_t*, cred_encoding_type_t type, chunk_t *encoding))get_encoding; this->public.interface.get_ref = (private_key_t* (*)(private_key_t *this))get_ref; this->public.interface.destroy = (void (*)(private_key_t *this))destroy; diff --git a/src/libstrongswan/plugins/gcrypt/gcrypt_rsa_private_key.c b/src/libstrongswan/plugins/gcrypt/gcrypt_rsa_private_key.c index 2cb13c5f3..b8e86aba0 100644 --- a/src/libstrongswan/plugins/gcrypt/gcrypt_rsa_private_key.c +++ b/src/libstrongswan/plugins/gcrypt/gcrypt_rsa_private_key.c @@ -308,7 +308,7 @@ static public_key_t* get_public_key(private_gcrypt_rsa_private_key_t *this) * Implementation of private_key_t.get_encoding */ static bool get_encoding(private_gcrypt_rsa_private_key_t *this, - key_encoding_type_t type, chunk_t *encoding) + cred_encoding_type_t type, chunk_t *encoding) { chunk_t cn, ce, cp, cq, cd, cu, cexp1 = chunk_empty, cexp2 = chunk_empty; gcry_mpi_t p = NULL, q = NULL, d = NULL, exp1, exp2; @@ -368,11 +368,11 @@ static bool get_encoding(private_gcrypt_rsa_private_key_t *this, cu = gcrypt_rsa_find_token(this->key, "u", NULL); success = lib->encoding->encode(lib->encoding, type, NULL, encoding, - KEY_PART_RSA_MODULUS, cn, - KEY_PART_RSA_PUB_EXP, ce, KEY_PART_RSA_PRIV_EXP, cd, - KEY_PART_RSA_PRIME1, cp, KEY_PART_RSA_PRIME2, cq, - KEY_PART_RSA_EXP1, cexp1, KEY_PART_RSA_EXP2, cexp2, - KEY_PART_RSA_COEFF, cu, KEY_PART_END); + CRED_PART_RSA_MODULUS, cn, + CRED_PART_RSA_PUB_EXP, ce, CRED_PART_RSA_PRIV_EXP, cd, + CRED_PART_RSA_PRIME1, cp, CRED_PART_RSA_PRIME2, cq, + CRED_PART_RSA_EXP1, cexp1, CRED_PART_RSA_EXP2, cexp2, + CRED_PART_RSA_COEFF, cu, CRED_PART_END); chunk_free(&cn); chunk_free(&ce); chunk_clear(&cd); @@ -389,7 +389,7 @@ static bool get_encoding(private_gcrypt_rsa_private_key_t *this, * Implementation of private_key_t.get_fingerprint */ static bool get_fingerprint(private_gcrypt_rsa_private_key_t *this, - key_encoding_type_t type, chunk_t *fp) + cred_encoding_type_t type, chunk_t *fp) { chunk_t n, e; bool success; @@ -402,8 +402,8 @@ static bool get_fingerprint(private_gcrypt_rsa_private_key_t *this, e = gcrypt_rsa_find_token(this->key, "e", NULL); success = lib->encoding->encode(lib->encoding, - type, this, fp, KEY_PART_RSA_MODULUS, n, - KEY_PART_RSA_PUB_EXP, e, KEY_PART_END); + type, this, fp, CRED_PART_RSA_MODULUS, n, + CRED_PART_RSA_PUB_EXP, e, CRED_PART_END); chunk_free(&n); chunk_free(&e); return success; @@ -445,9 +445,9 @@ static private_gcrypt_rsa_private_key_t *gcrypt_rsa_private_key_create_empty() this->public.interface.get_public_key = (public_key_t* (*)(private_key_t *this))get_public_key; this->public.interface.equals = private_key_equals; this->public.interface.belongs_to = private_key_belongs_to; - this->public.interface.get_fingerprint = (bool(*)(private_key_t*, key_encoding_type_t type, chunk_t *fp))get_fingerprint; + this->public.interface.get_fingerprint = (bool(*)(private_key_t*, cred_encoding_type_t type, chunk_t *fp))get_fingerprint; this->public.interface.has_fingerprint = (bool(*)(private_key_t*, chunk_t fp))private_key_has_fingerprint; - this->public.interface.get_encoding = (bool(*)(private_key_t*, key_encoding_type_t type, chunk_t *encoding))get_encoding; + this->public.interface.get_encoding = (bool(*)(private_key_t*, cred_encoding_type_t type, chunk_t *encoding))get_encoding; this->public.interface.get_ref = (private_key_t* (*)(private_key_t *this))get_ref; this->public.interface.destroy = (void (*)(private_key_t *this))destroy; diff --git a/src/libstrongswan/plugins/gcrypt/gcrypt_rsa_public_key.c b/src/libstrongswan/plugins/gcrypt/gcrypt_rsa_public_key.c index 5fd15d9a3..80a91b976 100644 --- a/src/libstrongswan/plugins/gcrypt/gcrypt_rsa_public_key.c +++ b/src/libstrongswan/plugins/gcrypt/gcrypt_rsa_public_key.c @@ -240,7 +240,7 @@ static size_t get_keysize(private_gcrypt_rsa_public_key_t *this) * Implementation of private_key_t.get_encoding */ static bool get_encoding(private_gcrypt_rsa_public_key_t *this, - key_encoding_type_t type, chunk_t *encoding) + cred_encoding_type_t type, chunk_t *encoding) { chunk_t n, e; bool success; @@ -248,8 +248,8 @@ static bool get_encoding(private_gcrypt_rsa_public_key_t *this, n = gcrypt_rsa_find_token(this->key, "n", NULL); e = gcrypt_rsa_find_token(this->key, "e", NULL); success = lib->encoding->encode(lib->encoding, type, NULL, encoding, - KEY_PART_RSA_MODULUS, n, KEY_PART_RSA_PUB_EXP, e, - KEY_PART_END); + CRED_PART_RSA_MODULUS, n, CRED_PART_RSA_PUB_EXP, e, + CRED_PART_END); chunk_free(&n); chunk_free(&e); @@ -260,7 +260,7 @@ static bool get_encoding(private_gcrypt_rsa_public_key_t *this, * Implementation of private_key_t.get_fingerprint */ static bool get_fingerprint(private_gcrypt_rsa_public_key_t *this, - key_encoding_type_t type, chunk_t *fp) + cred_encoding_type_t type, chunk_t *fp) { chunk_t n, e; bool success; @@ -273,8 +273,8 @@ static bool get_fingerprint(private_gcrypt_rsa_public_key_t *this, e = gcrypt_rsa_find_token(this->key, "e", NULL); success = lib->encoding->encode(lib->encoding, - type, this, fp, KEY_PART_RSA_MODULUS, n, - KEY_PART_RSA_PUB_EXP, e, KEY_PART_END); + type, this, fp, CRED_PART_RSA_MODULUS, n, + CRED_PART_RSA_PUB_EXP, e, CRED_PART_END); chunk_free(&n); chunk_free(&e); return success; @@ -338,9 +338,9 @@ gcrypt_rsa_public_key_t *gcrypt_rsa_public_key_load(key_type_t type, this->public.interface.encrypt = (bool (*)(public_key_t *this, chunk_t crypto, chunk_t *plain))encrypt_; this->public.interface.equals = public_key_equals; this->public.interface.get_keysize = (size_t (*) (public_key_t *this))get_keysize; - this->public.interface.get_fingerprint = (bool(*)(public_key_t*, key_encoding_type_t type, chunk_t *fp))get_fingerprint; + this->public.interface.get_fingerprint = (bool(*)(public_key_t*, cred_encoding_type_t type, chunk_t *fp))get_fingerprint; this->public.interface.has_fingerprint = (bool(*)(public_key_t*, chunk_t fp))public_key_has_fingerprint; - this->public.interface.get_encoding = (bool(*)(public_key_t*, key_encoding_type_t type, chunk_t *encoding))get_encoding; + this->public.interface.get_encoding = (bool(*)(public_key_t*, cred_encoding_type_t type, chunk_t *encoding))get_encoding; this->public.interface.get_ref = (public_key_t* (*)(public_key_t *this))get_ref; this->public.interface.destroy = (void (*)(public_key_t *this))destroy; diff --git a/src/libstrongswan/plugins/gmp/gmp_rsa_private_key.c b/src/libstrongswan/plugins/gmp/gmp_rsa_private_key.c index f70b0b545..cc9985320 100644 --- a/src/libstrongswan/plugins/gmp/gmp_rsa_private_key.c +++ b/src/libstrongswan/plugins/gmp/gmp_rsa_private_key.c @@ -403,7 +403,7 @@ static bool belongs_to(private_gmp_rsa_private_key_t *this, public_key_t *public * Implementation of private_key_t.get_encoding */ static bool get_encoding(private_gmp_rsa_private_key_t *this, - key_encoding_type_t type, chunk_t *encoding) + cred_encoding_type_t type, chunk_t *encoding) { chunk_t n, e, d, p, q, exp1, exp2, coeff; bool success; @@ -418,11 +418,11 @@ static bool get_encoding(private_gmp_rsa_private_key_t *this, coeff = gmp_mpz_to_chunk(this->coeff); success = lib->encoding->encode(lib->encoding, - type, NULL, encoding, KEY_PART_RSA_MODULUS, n, - KEY_PART_RSA_PUB_EXP, e, KEY_PART_RSA_PRIV_EXP, d, - KEY_PART_RSA_PRIME1, p, KEY_PART_RSA_PRIME2, q, - KEY_PART_RSA_EXP1, exp1, KEY_PART_RSA_EXP2, exp2, - KEY_PART_RSA_COEFF, coeff, KEY_PART_END); + type, NULL, encoding, CRED_PART_RSA_MODULUS, n, + CRED_PART_RSA_PUB_EXP, e, CRED_PART_RSA_PRIV_EXP, d, + CRED_PART_RSA_PRIME1, p, CRED_PART_RSA_PRIME2, q, + CRED_PART_RSA_EXP1, exp1, CRED_PART_RSA_EXP2, exp2, + CRED_PART_RSA_COEFF, coeff, CRED_PART_END); chunk_free(&n); chunk_free(&e); chunk_clear(&d); @@ -439,7 +439,7 @@ static bool get_encoding(private_gmp_rsa_private_key_t *this, * Implementation of private_key_t.get_fingerprint */ static bool get_fingerprint(private_gmp_rsa_private_key_t *this, - key_encoding_type_t type, chunk_t *fp) + cred_encoding_type_t type, chunk_t *fp) { chunk_t n, e; bool success; @@ -452,7 +452,7 @@ static bool get_fingerprint(private_gmp_rsa_private_key_t *this, e = gmp_mpz_to_chunk(this->e); success = lib->encoding->encode(lib->encoding, type, this, fp, - KEY_PART_RSA_MODULUS, n, KEY_PART_RSA_PUB_EXP, e, KEY_PART_END); + CRED_PART_RSA_MODULUS, n, CRED_PART_RSA_PUB_EXP, e, CRED_PART_END); chunk_free(&n); chunk_free(&e); @@ -601,9 +601,9 @@ static private_gmp_rsa_private_key_t *gmp_rsa_private_key_create_empty(void) this->public.interface.get_public_key = (public_key_t* (*) (private_key_t*))get_public_key; this->public.interface.equals = (bool (*) (private_key_t*, private_key_t*))equals; this->public.interface.belongs_to = (bool (*) (private_key_t*, public_key_t*))belongs_to; - this->public.interface.get_fingerprint = (bool(*)(private_key_t*, key_encoding_type_t type, chunk_t *fp))get_fingerprint; + this->public.interface.get_fingerprint = (bool(*)(private_key_t*, cred_encoding_type_t type, chunk_t *fp))get_fingerprint; this->public.interface.has_fingerprint = (bool(*)(private_key_t*, chunk_t fp))private_key_has_fingerprint; - this->public.interface.get_encoding = (bool(*)(private_key_t*, key_encoding_type_t type, chunk_t *encoding))get_encoding; + this->public.interface.get_encoding = (bool(*)(private_key_t*, cred_encoding_type_t type, chunk_t *encoding))get_encoding; this->public.interface.get_ref = (private_key_t* (*) (private_key_t*))get_ref; this->public.interface.destroy = (void (*) (private_key_t*))destroy; diff --git a/src/libstrongswan/plugins/gmp/gmp_rsa_public_key.c b/src/libstrongswan/plugins/gmp/gmp_rsa_public_key.c index 98dbb1922..c114ae80d 100644 --- a/src/libstrongswan/plugins/gmp/gmp_rsa_public_key.c +++ b/src/libstrongswan/plugins/gmp/gmp_rsa_public_key.c @@ -396,7 +396,7 @@ static size_t get_keysize(private_gmp_rsa_public_key_t *this) * Implementation of public_key_t.get_encoding */ static bool get_encoding(private_gmp_rsa_public_key_t *this, - key_encoding_type_t type, chunk_t *encoding) + cred_encoding_type_t type, chunk_t *encoding) { chunk_t n, e; bool success; @@ -405,7 +405,7 @@ static bool get_encoding(private_gmp_rsa_public_key_t *this, e = gmp_mpz_to_chunk(this->e); success = lib->encoding->encode(lib->encoding, type, NULL, encoding, - KEY_PART_RSA_MODULUS, n, KEY_PART_RSA_PUB_EXP, e, KEY_PART_END); + CRED_PART_RSA_MODULUS, n, CRED_PART_RSA_PUB_EXP, e, CRED_PART_END); chunk_free(&n); chunk_free(&e); @@ -416,7 +416,7 @@ static bool get_encoding(private_gmp_rsa_public_key_t *this, * Implementation of public_key_t.get_fingerprint */ static bool get_fingerprint(private_gmp_rsa_public_key_t *this, - key_encoding_type_t type, chunk_t *fp) + cred_encoding_type_t type, chunk_t *fp) { chunk_t n, e; bool success; @@ -429,7 +429,7 @@ static bool get_fingerprint(private_gmp_rsa_public_key_t *this, e = gmp_mpz_to_chunk(this->e); success = lib->encoding->encode(lib->encoding, type, this, fp, - KEY_PART_RSA_MODULUS, n, KEY_PART_RSA_PUB_EXP, e, KEY_PART_END); + CRED_PART_RSA_MODULUS, n, CRED_PART_RSA_PUB_EXP, e, CRED_PART_END); chunk_free(&n); chunk_free(&e); @@ -497,9 +497,9 @@ gmp_rsa_public_key_t *gmp_rsa_public_key_load(key_type_t type, va_list args) this->public.interface.encrypt = (bool (*) (public_key_t*, chunk_t, chunk_t*))encrypt_; this->public.interface.equals = (bool (*) (public_key_t*, public_key_t*))equals; this->public.interface.get_keysize = (size_t (*) (public_key_t*))get_keysize; - this->public.interface.get_fingerprint = (bool(*)(public_key_t*, key_encoding_type_t type, chunk_t *fp))get_fingerprint; + this->public.interface.get_fingerprint = (bool(*)(public_key_t*, cred_encoding_type_t type, chunk_t *fp))get_fingerprint; this->public.interface.has_fingerprint = (bool(*)(public_key_t*, chunk_t fp))public_key_has_fingerprint; - this->public.interface.get_encoding = (bool(*)(public_key_t*, key_encoding_type_t type, chunk_t *encoding))get_encoding; + this->public.interface.get_encoding = (bool(*)(public_key_t*, cred_encoding_type_t type, chunk_t *encoding))get_encoding; this->public.interface.get_ref = (public_key_t* (*) (public_key_t *this))get_ref; this->public.interface.destroy = (void (*) (public_key_t *this))destroy; diff --git a/src/libstrongswan/plugins/openssl/openssl_crl.c b/src/libstrongswan/plugins/openssl/openssl_crl.c index fa0a1733d..3fe604a8a 100644 --- a/src/libstrongswan/plugins/openssl/openssl_crl.c +++ b/src/libstrongswan/plugins/openssl/openssl_crl.c @@ -248,7 +248,7 @@ METHOD(certificate_t, issued_by, bool, } if (this->authKeyIdentifier.ptr && key) { - if (!key->get_fingerprint(key, KEY_ID_PUBKEY_SHA1, &fingerprint) || + if (!key->get_fingerprint(key, KEYID_PUBKEY_SHA1, &fingerprint) || !chunk_equals(fingerprint, this->authKeyIdentifier)) { return FALSE; diff --git a/src/libstrongswan/plugins/openssl/openssl_ec_private_key.c b/src/libstrongswan/plugins/openssl/openssl_ec_private_key.c index ca9fa6d79..281155913 100644 --- a/src/libstrongswan/plugins/openssl/openssl_ec_private_key.c +++ b/src/libstrongswan/plugins/openssl/openssl_ec_private_key.c @@ -51,7 +51,7 @@ struct private_openssl_ec_private_key_t { }; /* from ec public key */ -bool openssl_ec_fingerprint(EC_KEY *ec, key_encoding_type_t type, chunk_t *fp); +bool openssl_ec_fingerprint(EC_KEY *ec, cred_encoding_type_t type, chunk_t *fp); /** * Build a signature as in RFC 4754 @@ -221,7 +221,7 @@ static public_key_t* get_public_key(private_openssl_ec_private_key_t *this) * Implementation of private_key_t.get_fingerprint. */ static bool get_fingerprint(private_openssl_ec_private_key_t *this, - key_encoding_type_t type, chunk_t *fingerprint) + cred_encoding_type_t type, chunk_t *fingerprint) { return openssl_ec_fingerprint(this->ec, type, fingerprint); } @@ -230,14 +230,14 @@ static bool get_fingerprint(private_openssl_ec_private_key_t *this, * Implementation of private_key_t.get_encoding. */ static bool get_encoding(private_openssl_ec_private_key_t *this, - key_encoding_type_t type, chunk_t *encoding) + cred_encoding_type_t type, chunk_t *encoding) { u_char *p; switch (type) { - case KEY_PRIV_ASN1_DER: - case KEY_PRIV_PEM: + case PRIVKEY_ASN1_DER: + case PRIVKEY_PEM: { bool success = TRUE; @@ -245,13 +245,13 @@ static bool get_encoding(private_openssl_ec_private_key_t *this, p = encoding->ptr; i2d_ECPrivateKey(this->ec, &p); - if (type == KEY_PRIV_PEM) + if (type == PRIVKEY_PEM) { chunk_t asn1_encoding = *encoding; - success = lib->encoding->encode(lib->encoding, KEY_PRIV_PEM, - NULL, encoding, KEY_PART_ECDSA_PRIV_ASN1_DER, - asn1_encoding, KEY_PART_END); + success = lib->encoding->encode(lib->encoding, PRIVKEY_PEM, + NULL, encoding, CRED_PART_ECDSA_PRIV_ASN1_DER, + asn1_encoding, CRED_PART_END); chunk_clear(&asn1_encoding); } return success; @@ -300,9 +300,9 @@ static private_openssl_ec_private_key_t *create_empty(void) this->public.interface.get_public_key = (public_key_t* (*)(private_key_t *this))get_public_key; this->public.interface.equals = private_key_equals; this->public.interface.belongs_to = private_key_belongs_to; - this->public.interface.get_fingerprint = (bool(*)(private_key_t*, key_encoding_type_t type, chunk_t *fp))get_fingerprint; + this->public.interface.get_fingerprint = (bool(*)(private_key_t*, cred_encoding_type_t type, chunk_t *fp))get_fingerprint; this->public.interface.has_fingerprint = (bool(*)(private_key_t*, chunk_t fp))private_key_has_fingerprint; - this->public.interface.get_encoding = (bool(*)(private_key_t*, key_encoding_type_t type, chunk_t *encoding))get_encoding; + this->public.interface.get_encoding = (bool(*)(private_key_t*, cred_encoding_type_t type, chunk_t *encoding))get_encoding; this->public.interface.get_ref = (private_key_t* (*)(private_key_t *this))get_ref; this->public.interface.destroy = (void (*)(private_key_t *this))destroy; diff --git a/src/libstrongswan/plugins/openssl/openssl_ec_public_key.c b/src/libstrongswan/plugins/openssl/openssl_ec_public_key.c index 8895f8218..def36c92f 100644 --- a/src/libstrongswan/plugins/openssl/openssl_ec_public_key.c +++ b/src/libstrongswan/plugins/openssl/openssl_ec_public_key.c @@ -193,7 +193,7 @@ static size_t get_keysize(private_openssl_ec_public_key_t *this) /** * Calculate fingerprint from a EC_KEY, also used in ec private key. */ -bool openssl_ec_fingerprint(EC_KEY *ec, key_encoding_type_t type, chunk_t *fp) +bool openssl_ec_fingerprint(EC_KEY *ec, cred_encoding_type_t type, chunk_t *fp) { hasher_t *hasher; chunk_t key; @@ -205,12 +205,12 @@ bool openssl_ec_fingerprint(EC_KEY *ec, key_encoding_type_t type, chunk_t *fp) } switch (type) { - case KEY_ID_PUBKEY_SHA1: + case KEYID_PUBKEY_SHA1: key = chunk_alloc(i2o_ECPublicKey(ec, NULL)); p = key.ptr; i2o_ECPublicKey(ec, &p); break; - case KEY_ID_PUBKEY_INFO_SHA1: + case KEYID_PUBKEY_INFO_SHA1: key = chunk_alloc(i2d_EC_PUBKEY(ec, NULL)); p = key.ptr; i2d_EC_PUBKEY(ec, &p); @@ -236,7 +236,7 @@ bool openssl_ec_fingerprint(EC_KEY *ec, key_encoding_type_t type, chunk_t *fp) * Implementation of private_key_t.get_fingerprint. */ static bool get_fingerprint(private_openssl_ec_public_key_t *this, - key_encoding_type_t type, chunk_t *fingerprint) + cred_encoding_type_t type, chunk_t *fingerprint) { return openssl_ec_fingerprint(this->ec, type, fingerprint); } @@ -245,14 +245,14 @@ static bool get_fingerprint(private_openssl_ec_public_key_t *this, * Implementation of private_key_t.get_encoding. */ static bool get_encoding(private_openssl_ec_public_key_t *this, - key_encoding_type_t type, chunk_t *encoding) + cred_encoding_type_t type, chunk_t *encoding) { u_char *p; switch (type) { - case KEY_PUB_SPKI_ASN1_DER: - case KEY_PUB_PEM: + case PUBKEY_SPKI_ASN1_DER: + case PUBKEY_PEM: { bool success = TRUE; @@ -260,13 +260,13 @@ static bool get_encoding(private_openssl_ec_public_key_t *this, p = encoding->ptr; i2d_EC_PUBKEY(this->ec, &p); - if (type == KEY_PUB_PEM) + if (type == PUBKEY_PEM) { chunk_t asn1_encoding = *encoding; - success = lib->encoding->encode(lib->encoding, KEY_PUB_PEM, - NULL, encoding, KEY_PART_ECDSA_PUB_ASN1_DER, - asn1_encoding, KEY_PART_END); + success = lib->encoding->encode(lib->encoding, PUBKEY_PEM, + NULL, encoding, CRED_PART_ECDSA_PUB_ASN1_DER, + asn1_encoding, CRED_PART_END); chunk_clear(&asn1_encoding); } return success; @@ -313,9 +313,9 @@ static private_openssl_ec_public_key_t *create_empty() this->public.interface.encrypt = (bool (*)(public_key_t *this, chunk_t crypto, chunk_t *plain))encrypt_; this->public.interface.get_keysize = (size_t (*) (public_key_t *this))get_keysize; this->public.interface.equals = public_key_equals; - this->public.interface.get_fingerprint = (bool(*)(public_key_t*, key_encoding_type_t type, chunk_t *fp))get_fingerprint; + this->public.interface.get_fingerprint = (bool(*)(public_key_t*, cred_encoding_type_t type, chunk_t *fp))get_fingerprint; this->public.interface.has_fingerprint = (bool(*)(public_key_t*, chunk_t fp))public_key_has_fingerprint; - this->public.interface.get_encoding = (bool(*)(public_key_t*, key_encoding_type_t type, chunk_t *encoding))get_encoding; + this->public.interface.get_encoding = (bool(*)(public_key_t*, cred_encoding_type_t type, chunk_t *encoding))get_encoding; this->public.interface.get_ref = (public_key_t* (*)(public_key_t *this))get_ref; this->public.interface.destroy = (void (*)(public_key_t *this))destroy; diff --git a/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c b/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c index 9f1238474..5817ade9e 100644 --- a/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c +++ b/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c @@ -58,7 +58,7 @@ struct private_openssl_rsa_private_key_t { }; /* implemented in rsa public key */ -bool openssl_rsa_fingerprint(RSA *rsa, key_encoding_type_t type, chunk_t *fp); +bool openssl_rsa_fingerprint(RSA *rsa, cred_encoding_type_t type, chunk_t *fp); /** * Build an EMPSA PKCS1 signature described in PKCS#1 @@ -208,7 +208,7 @@ static public_key_t* get_public_key(private_openssl_rsa_private_key_t *this) * Implementation of public_key_t.get_fingerprint. */ static bool get_fingerprint(private_openssl_rsa_private_key_t *this, - key_encoding_type_t type, chunk_t *fingerprint) + cred_encoding_type_t type, chunk_t *fingerprint) { return openssl_rsa_fingerprint(this->rsa, type, fingerprint); } @@ -217,7 +217,7 @@ static bool get_fingerprint(private_openssl_rsa_private_key_t *this, * Implementation of public_key_t.get_encoding. */ static bool get_encoding(private_openssl_rsa_private_key_t *this, - key_encoding_type_t type, chunk_t *encoding) + cred_encoding_type_t type, chunk_t *encoding) { u_char *p; @@ -227,8 +227,8 @@ static bool get_encoding(private_openssl_rsa_private_key_t *this, } switch (type) { - case KEY_PRIV_ASN1_DER: - case KEY_PRIV_PEM: + case PRIVKEY_ASN1_DER: + case PRIVKEY_PEM: { bool success = TRUE; @@ -236,13 +236,13 @@ static bool get_encoding(private_openssl_rsa_private_key_t *this, p = encoding->ptr; i2d_RSAPrivateKey(this->rsa, &p); - if (type == KEY_PRIV_PEM) + if (type == PRIVKEY_PEM) { chunk_t asn1_encoding = *encoding; - success = lib->encoding->encode(lib->encoding, KEY_PRIV_PEM, - NULL, encoding, KEY_PART_RSA_PRIV_ASN1_DER, - asn1_encoding, KEY_PART_END); + success = lib->encoding->encode(lib->encoding, PRIVKEY_PEM, + NULL, encoding, CRED_PART_RSA_PRIV_ASN1_DER, + asn1_encoding, CRED_PART_END); chunk_clear(&asn1_encoding); } return success; @@ -291,9 +291,9 @@ static private_openssl_rsa_private_key_t *create_empty(void) this->public.interface.get_public_key = (public_key_t* (*) (private_key_t*))get_public_key; this->public.interface.equals = private_key_equals; this->public.interface.belongs_to = private_key_belongs_to; - this->public.interface.get_fingerprint = (bool(*)(private_key_t*, key_encoding_type_t type, chunk_t *fp))get_fingerprint; + this->public.interface.get_fingerprint = (bool(*)(private_key_t*, cred_encoding_type_t type, chunk_t *fp))get_fingerprint; this->public.interface.has_fingerprint = (bool(*)(private_key_t*, chunk_t fp))private_key_has_fingerprint; - this->public.interface.get_encoding = (bool(*)(private_key_t*, key_encoding_type_t type, chunk_t *encoding))get_encoding; + this->public.interface.get_encoding = (bool(*)(private_key_t*, cred_encoding_type_t type, chunk_t *encoding))get_encoding; this->public.interface.get_ref = (private_key_t* (*) (private_key_t*))get_ref; this->public.interface.destroy = (void (*) (private_key_t*))destroy; diff --git a/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c b/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c index 7d88a23d4..6ac61a65c 100644 --- a/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c +++ b/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c @@ -172,7 +172,7 @@ static size_t get_keysize(private_openssl_rsa_public_key_t *this) /** * Calculate fingerprint from a RSA key, also used in rsa private key. */ -bool openssl_rsa_fingerprint(RSA *rsa, key_encoding_type_t type, chunk_t *fp) +bool openssl_rsa_fingerprint(RSA *rsa, cred_encoding_type_t type, chunk_t *fp) { hasher_t *hasher; chunk_t key; @@ -184,12 +184,12 @@ bool openssl_rsa_fingerprint(RSA *rsa, key_encoding_type_t type, chunk_t *fp) } switch (type) { - case KEY_ID_PUBKEY_SHA1: + case KEYID_PUBKEY_SHA1: key = chunk_alloc(i2d_RSAPublicKey(rsa, NULL)); p = key.ptr; i2d_RSAPublicKey(rsa, &p); break; - case KEY_ID_PUBKEY_INFO_SHA1: + case KEYID_PUBKEY_INFO_SHA1: key = chunk_alloc(i2d_RSA_PUBKEY(rsa, NULL)); p = key.ptr; i2d_RSA_PUBKEY(rsa, &p); @@ -215,7 +215,7 @@ bool openssl_rsa_fingerprint(RSA *rsa, key_encoding_type_t type, chunk_t *fp) * Implementation of public_key_t.get_fingerprint. */ static bool get_fingerprint(private_openssl_rsa_public_key_t *this, - key_encoding_type_t type, chunk_t *fingerprint) + cred_encoding_type_t type, chunk_t *fingerprint) { return openssl_rsa_fingerprint(this->rsa, type, fingerprint); } @@ -224,14 +224,14 @@ static bool get_fingerprint(private_openssl_rsa_public_key_t *this, * Implementation of public_key_t.get_encoding. */ static bool get_encoding(private_openssl_rsa_public_key_t *this, - key_encoding_type_t type, chunk_t *encoding) + cred_encoding_type_t type, chunk_t *encoding) { u_char *p; switch (type) { - case KEY_PUB_SPKI_ASN1_DER: - case KEY_PUB_PEM: + case PUBKEY_SPKI_ASN1_DER: + case PUBKEY_PEM: { bool success = TRUE; @@ -239,18 +239,18 @@ static bool get_encoding(private_openssl_rsa_public_key_t *this, p = encoding->ptr; i2d_RSA_PUBKEY(this->rsa, &p); - if (type == KEY_PUB_PEM) + if (type == PUBKEY_PEM) { chunk_t asn1_encoding = *encoding; - success = lib->encoding->encode(lib->encoding, KEY_PUB_PEM, - NULL, encoding, KEY_PART_RSA_PUB_ASN1_DER, - asn1_encoding, KEY_PART_END); + success = lib->encoding->encode(lib->encoding, PUBKEY_PEM, + NULL, encoding, CRED_PART_RSA_PUB_ASN1_DER, + asn1_encoding, CRED_PART_END); chunk_clear(&asn1_encoding); } return success; } - case KEY_PUB_ASN1_DER: + case PUBKEY_ASN1_DER: { *encoding = chunk_alloc(i2d_RSAPublicKey(this->rsa, NULL)); p = encoding->ptr; @@ -299,9 +299,9 @@ static private_openssl_rsa_public_key_t *create_empty() this->public.interface.encrypt = (bool (*)(public_key_t *this, chunk_t crypto, chunk_t *plain))encrypt_; this->public.interface.equals = public_key_equals; this->public.interface.get_keysize = (size_t (*) (public_key_t *this))get_keysize; - this->public.interface.get_fingerprint = (bool(*)(public_key_t*, key_encoding_type_t type, chunk_t *fp))get_fingerprint; + this->public.interface.get_fingerprint = (bool(*)(public_key_t*, cred_encoding_type_t type, chunk_t *fp))get_fingerprint; this->public.interface.has_fingerprint = (bool(*)(public_key_t*, chunk_t fp))public_key_has_fingerprint; - this->public.interface.get_encoding = (bool(*)(public_key_t*, key_encoding_type_t type, chunk_t *encoding))get_encoding; + this->public.interface.get_encoding = (bool(*)(public_key_t*, cred_encoding_type_t type, chunk_t *encoding))get_encoding; this->public.interface.get_ref = (public_key_t* (*)(public_key_t *this))get_ref; this->public.interface.destroy = (void (*)(public_key_t *this))destroy; diff --git a/src/libstrongswan/plugins/openssl/openssl_x509.c b/src/libstrongswan/plugins/openssl/openssl_x509.c index 93264e76c..b6a839408 100644 --- a/src/libstrongswan/plugins/openssl/openssl_x509.c +++ b/src/libstrongswan/plugins/openssl/openssl_x509.c @@ -213,7 +213,7 @@ METHOD(x509_t, get_subjectKeyIdentifier, chunk_t, { return this->subjectKeyIdentifier; } - if (this->pubkey->get_fingerprint(this->pubkey, KEY_ID_PUBKEY_SHA1, + if (this->pubkey->get_fingerprint(this->pubkey, KEYID_PUBKEY_SHA1, &fingerprint)) { return fingerprint; diff --git a/src/libstrongswan/plugins/pem/pem_encoder.c b/src/libstrongswan/plugins/pem/pem_encoder.c index 13c99a958..213201636 100644 --- a/src/libstrongswan/plugins/pem/pem_encoder.c +++ b/src/libstrongswan/plugins/pem/pem_encoder.c @@ -20,7 +20,7 @@ /** * See header. */ -bool pem_encoder_encode(key_encoding_type_t type, chunk_t *encoding, +bool pem_encoder_encode(cred_encoding_type_t type, chunk_t *encoding, va_list args) { chunk_t asn1; @@ -31,57 +31,57 @@ bool pem_encoder_encode(key_encoding_type_t type, chunk_t *encoding, switch (type) { - case KEY_PUB_PEM: + case PUBKEY_PEM: label ="PUBLIC KEY"; /* direct PKCS#1 PEM encoding */ - if (key_encoding_args(args, KEY_PART_RSA_PUB_ASN1_DER, - &asn1, KEY_PART_END) || - key_encoding_args(args, KEY_PART_ECDSA_PUB_ASN1_DER, - &asn1, KEY_PART_END)) + if (cred_encoding_args(args, CRED_PART_RSA_PUB_ASN1_DER, + &asn1, CRED_PART_END) || + cred_encoding_args(args, CRED_PART_ECDSA_PUB_ASN1_DER, + &asn1, CRED_PART_END)) { break; } /* indirect PEM encoding from components */ - if (key_encoding_args(args, KEY_PART_RSA_MODULUS, &n, - KEY_PART_RSA_PUB_EXP, &e, KEY_PART_END)) + if (cred_encoding_args(args, CRED_PART_RSA_MODULUS, &n, + CRED_PART_RSA_PUB_EXP, &e, CRED_PART_END)) { - if (lib->encoding->encode(lib->encoding, KEY_PUB_SPKI_ASN1_DER, - NULL, &asn1, KEY_PART_RSA_MODULUS, n, - KEY_PART_RSA_PUB_EXP, e, KEY_PART_END)) + if (lib->encoding->encode(lib->encoding, PUBKEY_SPKI_ASN1_DER, + NULL, &asn1, CRED_PART_RSA_MODULUS, n, + CRED_PART_RSA_PUB_EXP, e, CRED_PART_END)) { to_free = asn1; break; } } return FALSE; - case KEY_PRIV_PEM: + case PRIVKEY_PEM: label ="RSA PRIVATE KEY"; /* direct PKCS#1 PEM encoding */ - if (key_encoding_args(args, KEY_PART_RSA_PRIV_ASN1_DER, - &asn1, KEY_PART_END)) + if (cred_encoding_args(args, CRED_PART_RSA_PRIV_ASN1_DER, + &asn1, CRED_PART_END)) { break; } /* indirect PEM encoding from components */ - if (key_encoding_args(args, KEY_PART_RSA_MODULUS, &n, - KEY_PART_RSA_PUB_EXP, &e, KEY_PART_RSA_PRIV_EXP, &d, - KEY_PART_RSA_PRIME1, &p, KEY_PART_RSA_PRIME2, &q, - KEY_PART_RSA_EXP1, &exp1, KEY_PART_RSA_EXP2, &exp2, - KEY_PART_RSA_COEFF, &coeff, KEY_PART_END)) + if (cred_encoding_args(args, CRED_PART_RSA_MODULUS, &n, + CRED_PART_RSA_PUB_EXP, &e, CRED_PART_RSA_PRIV_EXP, &d, + CRED_PART_RSA_PRIME1, &p, CRED_PART_RSA_PRIME2, &q, + CRED_PART_RSA_EXP1, &exp1, CRED_PART_RSA_EXP2, &exp2, + CRED_PART_RSA_COEFF, &coeff, CRED_PART_END)) { - if (lib->encoding->encode(lib->encoding, KEY_PRIV_ASN1_DER, NULL, - &asn1, KEY_PART_RSA_MODULUS, n, - KEY_PART_RSA_PUB_EXP, e, KEY_PART_RSA_PRIV_EXP, d, - KEY_PART_RSA_PRIME1, p, KEY_PART_RSA_PRIME2, q, - KEY_PART_RSA_EXP1, exp1, KEY_PART_RSA_EXP2, exp2, - KEY_PART_RSA_COEFF, coeff, KEY_PART_END)) + if (lib->encoding->encode(lib->encoding, PRIVKEY_ASN1_DER, NULL, + &asn1, CRED_PART_RSA_MODULUS, n, + CRED_PART_RSA_PUB_EXP, e, CRED_PART_RSA_PRIV_EXP, d, + CRED_PART_RSA_PRIME1, p, CRED_PART_RSA_PRIME2, q, + CRED_PART_RSA_EXP1, exp1, CRED_PART_RSA_EXP2, exp2, + CRED_PART_RSA_COEFF, coeff, CRED_PART_END)) { to_free = asn1; break; } } - if (key_encoding_args(args, KEY_PART_ECDSA_PRIV_ASN1_DER, - &asn1, KEY_PART_END)) + if (cred_encoding_args(args, CRED_PART_ECDSA_PRIV_ASN1_DER, + &asn1, CRED_PART_END)) { label ="EC PRIVATE KEY"; break; diff --git a/src/libstrongswan/plugins/pem/pem_encoder.h b/src/libstrongswan/plugins/pem/pem_encoder.h index b9c1014dd..d8f05dd73 100644 --- a/src/libstrongswan/plugins/pem/pem_encoder.h +++ b/src/libstrongswan/plugins/pem/pem_encoder.h @@ -26,7 +26,7 @@ /** * Encoding from ASN.1 to PEM format. */ -bool pem_encoder_encode(key_encoding_type_t type, chunk_t *encoding, +bool pem_encoder_encode(cred_encoding_type_t type, chunk_t *encoding, va_list args); #endif /** PEM_ENCODER_H_ @}*/ diff --git a/src/libstrongswan/plugins/pgp/pgp_cert.c b/src/libstrongswan/plugins/pgp/pgp_cert.c index c4bdff69d..ab0b24e82 100644 --- a/src/libstrongswan/plugins/pgp/pgp_cert.c +++ b/src/libstrongswan/plugins/pgp/pgp_cert.c @@ -347,7 +347,7 @@ static bool parse_public_key(private_pgp_cert_t *this, chunk_t packet) else { /* V3 fingerprint is computed by public_key_t class */ - if (!this->key->get_fingerprint(this->key, KEY_ID_PGPV3, + if (!this->key->get_fingerprint(this->key, KEYID_PGPV3, &this->fingerprint)) { return FALSE; diff --git a/src/libstrongswan/plugins/pgp/pgp_encoder.c b/src/libstrongswan/plugins/pgp/pgp_encoder.c index d5c3df590..9043cdb9f 100644 --- a/src/libstrongswan/plugins/pgp/pgp_encoder.c +++ b/src/libstrongswan/plugins/pgp/pgp_encoder.c @@ -25,8 +25,8 @@ static bool build_v3_fingerprint(chunk_t *encoding, va_list args) hasher_t *hasher; chunk_t n, e; - if (key_encoding_args(args, KEY_PART_RSA_MODULUS, &n, - KEY_PART_RSA_PUB_EXP, &e, KEY_PART_END)) + if (cred_encoding_args(args, CRED_PART_RSA_MODULUS, &n, + CRED_PART_RSA_PUB_EXP, &e, CRED_PART_END)) { hasher = lib->crypto->create_hasher(lib->crypto, HASH_MD5); if (!hasher) @@ -55,12 +55,12 @@ static bool build_v3_fingerprint(chunk_t *encoding, va_list args) /** * See header. */ -bool pgp_encoder_encode(key_encoding_type_t type, chunk_t *encoding, - va_list args) +bool pgp_encoder_encode(cred_encoding_type_t type, chunk_t *encoding, + va_list args) { switch (type) { - case KEY_ID_PGPV3: + case KEYID_PGPV3: return build_v3_fingerprint(encoding, args); default: return FALSE; diff --git a/src/libstrongswan/plugins/pgp/pgp_encoder.h b/src/libstrongswan/plugins/pgp/pgp_encoder.h index cda3dc4ae..b5bc2af44 100644 --- a/src/libstrongswan/plugins/pgp/pgp_encoder.h +++ b/src/libstrongswan/plugins/pgp/pgp_encoder.h @@ -26,7 +26,7 @@ /** * Encoding function for PGP fingerprints. */ -bool pgp_encoder_encode(key_encoding_type_t type, chunk_t *encoding, +bool pgp_encoder_encode(cred_encoding_type_t type, chunk_t *encoding, va_list args); #endif /** PGP_ENCODER_H_ @}*/ diff --git a/src/libstrongswan/plugins/pkcs1/pkcs1_encoder.c b/src/libstrongswan/plugins/pkcs1/pkcs1_encoder.c index e46062d97..6957b2ad1 100644 --- a/src/libstrongswan/plugins/pkcs1/pkcs1_encoder.c +++ b/src/libstrongswan/plugins/pkcs1/pkcs1_encoder.c @@ -26,8 +26,8 @@ bool build_pub(chunk_t *encoding, va_list args) { chunk_t n, e; - if (key_encoding_args(args, KEY_PART_RSA_MODULUS, &n, - KEY_PART_RSA_PUB_EXP, &e, KEY_PART_END)) + if (cred_encoding_args(args, CRED_PART_RSA_MODULUS, &n, + CRED_PART_RSA_PUB_EXP, &e, CRED_PART_END)) { *encoding = asn1_wrap(ASN1_SEQUENCE, "mm", asn1_wrap(ASN1_INTEGER, "c", n), @@ -44,8 +44,8 @@ bool build_pub_info(chunk_t *encoding, va_list args) { chunk_t n, e; - if (key_encoding_args(args, KEY_PART_RSA_MODULUS, &n, - KEY_PART_RSA_PUB_EXP, &e, KEY_PART_END)) + if (cred_encoding_args(args, CRED_PART_RSA_MODULUS, &n, + CRED_PART_RSA_PUB_EXP, &e, CRED_PART_END)) { *encoding = asn1_wrap(ASN1_SEQUENCE, "mm", asn1_algorithmIdentifier(OID_RSA_ENCRYPTION), @@ -65,11 +65,11 @@ bool build_priv(chunk_t *encoding, va_list args) { chunk_t n, e, d, p, q, exp1, exp2, coeff; - if (key_encoding_args(args, KEY_PART_RSA_MODULUS, &n, - KEY_PART_RSA_PUB_EXP, &e, KEY_PART_RSA_PRIV_EXP, &d, - KEY_PART_RSA_PRIME1, &p, KEY_PART_RSA_PRIME2, &q, - KEY_PART_RSA_EXP1, &exp1, KEY_PART_RSA_EXP2, &exp2, - KEY_PART_RSA_COEFF, &coeff, KEY_PART_END)) + if (cred_encoding_args(args, CRED_PART_RSA_MODULUS, &n, + CRED_PART_RSA_PUB_EXP, &e, CRED_PART_RSA_PRIV_EXP, &d, + CRED_PART_RSA_PRIME1, &p, CRED_PART_RSA_PRIME2, &q, + CRED_PART_RSA_EXP1, &exp1, CRED_PART_RSA_EXP2, &exp2, + CRED_PART_RSA_COEFF, &coeff, CRED_PART_END)) { *encoding = asn1_wrap(ASN1_SEQUENCE, "cmmssssss", ASN1_INTEGER_0, @@ -138,20 +138,20 @@ static bool build_sha1(chunk_t *encoding, va_list args) /** * See header. */ -bool pkcs1_encoder_encode(key_encoding_type_t type, chunk_t *encoding, +bool pkcs1_encoder_encode(cred_encoding_type_t type, chunk_t *encoding, va_list args) { switch (type) { - case KEY_ID_PUBKEY_INFO_SHA1: + case KEYID_PUBKEY_INFO_SHA1: return build_info_sha1(encoding, args); - case KEY_ID_PUBKEY_SHA1: + case KEYID_PUBKEY_SHA1: return build_sha1(encoding, args); - case KEY_PUB_ASN1_DER: + case PUBKEY_ASN1_DER: return build_pub(encoding, args); - case KEY_PUB_SPKI_ASN1_DER: + case PUBKEY_SPKI_ASN1_DER: return build_pub_info(encoding, args); - case KEY_PRIV_ASN1_DER: + case PRIVKEY_ASN1_DER: return build_priv(encoding, args); default: return FALSE; diff --git a/src/libstrongswan/plugins/pkcs1/pkcs1_encoder.h b/src/libstrongswan/plugins/pkcs1/pkcs1_encoder.h index a3653cdd8..2eec736f1 100644 --- a/src/libstrongswan/plugins/pkcs1/pkcs1_encoder.h +++ b/src/libstrongswan/plugins/pkcs1/pkcs1_encoder.h @@ -26,7 +26,7 @@ /** * Encoding function for PKCS#1/ASN.1 fingerprints/key formats. */ -bool pkcs1_encoder_encode(key_encoding_type_t type, chunk_t *encoding, +bool pkcs1_encoder_encode(cred_encoding_type_t type, chunk_t *encoding, va_list args); #endif /** PKCS1_ENCODER_H_ @}*/ diff --git a/src/libstrongswan/plugins/pubkey/pubkey_cert.c b/src/libstrongswan/plugins/pubkey/pubkey_cert.c index fc2d6d321..f2dcd71a1 100644 --- a/src/libstrongswan/plugins/pubkey/pubkey_cert.c +++ b/src/libstrongswan/plugins/pubkey/pubkey_cert.c @@ -82,10 +82,10 @@ static id_match_t has_subject(private_pubkey_cert_t *this, { if (subject->get_type(subject) == ID_KEY_ID) { - key_encoding_type_t type; + cred_encoding_type_t type; chunk_t fingerprint; - for (type = 0; type < KEY_ENCODING_MAX; type++) + for (type = 0; type < CRED_ENCODING_MAX; type++) { if (this->key->get_fingerprint(this->key, type, &fingerprint) && chunk_equals(fingerprint, subject->get_encoding(subject))) @@ -167,7 +167,7 @@ static chunk_t get_encoding(private_pubkey_cert_t *this) { chunk_t encoding; - if (this->key->get_encoding(this->key, KEY_PUB_ASN1_DER, &encoding)) + if (this->key->get_encoding(this->key, PUBKEY_ASN1_DER, &encoding)) { return encoding; } @@ -221,7 +221,7 @@ static pubkey_cert_t *pubkey_cert_create(public_key_t *key) this->ref = 1; this->key = key; this->issuer = identification_create_from_encoding(ID_ANY, chunk_empty); - if (key->get_fingerprint(key, KEY_ID_PUBKEY_INFO_SHA1, &fingerprint)) + if (key->get_fingerprint(key, KEYID_PUBKEY_INFO_SHA1, &fingerprint)) { this->subject = identification_create_from_encoding(ID_KEY_ID, fingerprint); } diff --git a/src/libstrongswan/plugins/revocation/revocation_validator.c b/src/libstrongswan/plugins/revocation/revocation_validator.c index e7802d428..2893c7cf2 100644 --- a/src/libstrongswan/plugins/revocation/revocation_validator.c +++ b/src/libstrongswan/plugins/revocation/revocation_validator.c @@ -227,7 +227,7 @@ static cert_validation_t check_ocsp(x509_t *subject, x509_t *issuer, /* derive the authorityKeyIdentifier from the issuer's public key */ current = &issuer->interface; public = current->get_public_key(current); - if (public && public->get_fingerprint(public, KEY_ID_PUBKEY_SHA1, &chunk)) + if (public && public->get_fingerprint(public, KEYID_PUBKEY_SHA1, &chunk)) { keyid = identification_create_from_encoding(ID_KEY_ID, chunk); } @@ -423,7 +423,7 @@ static cert_validation_t check_crl(x509_t *subject, x509_t *issuer, /* derive the authorityKeyIdentifier from the issuer's public key */ current = &issuer->interface; public = current->get_public_key(current); - if (public && public->get_fingerprint(public, KEY_ID_PUBKEY_SHA1, &chunk)) + if (public && public->get_fingerprint(public, KEYID_PUBKEY_SHA1, &chunk)) { keyid = identification_create_from_encoding(ID_KEY_ID, chunk); diff --git a/src/libstrongswan/plugins/x509/x509_ac.c b/src/libstrongswan/plugins/x509/x509_ac.c index 402679472..45b5cdff4 100644 --- a/src/libstrongswan/plugins/x509/x509_ac.c +++ b/src/libstrongswan/plugins/x509/x509_ac.c @@ -568,7 +568,7 @@ static chunk_t build_authorityKeyIdentifier(private_x509_ac_t *this) public = this->signerCert->get_public_key(this->signerCert); if (public) { - if (public->get_fingerprint(public, KEY_ID_PUBKEY_SHA1, &keyIdentifier)) + if (public->get_fingerprint(public, KEYID_PUBKEY_SHA1, &keyIdentifier)) { this->authKeyIdentifier = chunk_clone(keyIdentifier); } @@ -749,7 +749,7 @@ static bool issued_by(private_x509_ac_t *this, certificate_t *issuer) { chunk_t fingerprint; - if (!key->get_fingerprint(key, KEY_ID_PUBKEY_SHA1, &fingerprint) || + if (!key->get_fingerprint(key, KEYID_PUBKEY_SHA1, &fingerprint) || !chunk_equals(fingerprint, this->authKeyIdentifier)) { return FALSE; diff --git a/src/libstrongswan/plugins/x509/x509_cert.c b/src/libstrongswan/plugins/x509/x509_cert.c index 8a164f1bd..e64c9f0a7 100644 --- a/src/libstrongswan/plugins/x509/x509_cert.c +++ b/src/libstrongswan/plugins/x509/x509_cert.c @@ -1274,7 +1274,7 @@ static chunk_t get_subjectKeyIdentifier(private_x509_cert_t *this) chunk_t fingerprint; if (this->public_key->get_fingerprint(this->public_key, - KEY_ID_PUBKEY_SHA1, &fingerprint)) + KEYID_PUBKEY_SHA1, &fingerprint)) { return fingerprint; } @@ -1528,7 +1528,7 @@ static bool generate(private_x509_cert_t *cert, certificate_t *sign_cert, scheme = signature_scheme_from_oid(cert->algorithm); if (!cert->public_key->get_encoding(cert->public_key, - KEY_PUB_SPKI_ASN1_DER, &key_info)) + PUBKEY_SPKI_ASN1_DER, &key_info)) { return FALSE; } @@ -1642,7 +1642,7 @@ static bool generate(private_x509_cert_t *cert, certificate_t *sign_cert, chunk_t keyid; if (cert->public_key->get_fingerprint(cert->public_key, - KEY_ID_PUBKEY_SHA1, &keyid)) + KEYID_PUBKEY_SHA1, &keyid)) { subjectKeyIdentifier = asn1_wrap(ASN1_SEQUENCE, "mm", asn1_build_known_oid(OID_SUBJECT_KEY_ID), @@ -1656,7 +1656,7 @@ static bool generate(private_x509_cert_t *cert, certificate_t *sign_cert, { chunk_t keyid; - if (sign_key->get_fingerprint(sign_key, KEY_ID_PUBKEY_SHA1, &keyid)) + if (sign_key->get_fingerprint(sign_key, KEYID_PUBKEY_SHA1, &keyid)) { authKeyIdentifier = asn1_wrap(ASN1_SEQUENCE, "mm", asn1_build_known_oid(OID_AUTHORITY_KEY_ID), diff --git a/src/libstrongswan/plugins/x509/x509_crl.c b/src/libstrongswan/plugins/x509/x509_crl.c index 1b0e1af8a..88d901a83 100644 --- a/src/libstrongswan/plugins/x509/x509_crl.c +++ b/src/libstrongswan/plugins/x509/x509_crl.c @@ -401,7 +401,7 @@ METHOD(certificate_t, issued_by, bool, { chunk_t fingerprint; - if (!key->get_fingerprint(key, KEY_ID_PUBKEY_SHA1, &fingerprint) || + if (!key->get_fingerprint(key, KEYID_PUBKEY_SHA1, &fingerprint) || !chunk_equals(fingerprint, this->authKeyIdentifier)) { return FALSE; diff --git a/src/libstrongswan/plugins/x509/x509_ocsp_request.c b/src/libstrongswan/plugins/x509/x509_ocsp_request.c index c835d5dc8..99e07891c 100644 --- a/src/libstrongswan/plugins/x509/x509_ocsp_request.c +++ b/src/libstrongswan/plugins/x509/x509_ocsp_request.c @@ -153,7 +153,7 @@ static chunk_t build_requestList(private_x509_ocsp_request_t *this) hasher_t *hasher = lib->crypto->create_hasher(lib->crypto, HASH_SHA1); if (hasher) { - if (public->get_fingerprint(public, KEY_ID_PUBKEY_SHA1, + if (public->get_fingerprint(public, KEYID_PUBKEY_SHA1, &issuerKeyHash)) { enumerator_t *enumerator; diff --git a/src/libstrongswan/plugins/x509/x509_ocsp_response.c b/src/libstrongswan/plugins/x509/x509_ocsp_response.c index 6f8d17aa0..cbaf77673 100644 --- a/src/libstrongswan/plugins/x509/x509_ocsp_response.c +++ b/src/libstrongswan/plugins/x509/x509_ocsp_response.c @@ -167,7 +167,7 @@ static cert_validation_t get_status(private_x509_ocsp_response_t *this, { hasher_t *hasher; identification_t *id; - key_encoding_type_t type; + cred_encoding_type_t type; chunk_t hash, fingerprint; /* check serial first, is cheaper */ @@ -188,7 +188,7 @@ static cert_validation_t get_status(private_x509_ocsp_response_t *this, switch (response->hashAlgorithm) { case OID_SHA1: - type = KEY_ID_PUBKEY_SHA1; + type = KEYID_PUBKEY_SHA1; break; default: public->destroy(public); @@ -698,7 +698,7 @@ static bool issued_by(private_x509_ocsp_response_t *this, certificate_t *issuer) key = issuer->get_public_key(issuer); if (!key || - !key->get_fingerprint(key, KEY_ID_PUBKEY_SHA1, &fingerprint) || + !key->get_fingerprint(key, KEYID_PUBKEY_SHA1, &fingerprint) || !chunk_equals(fingerprint, this->responderId->get_encoding(this->responderId))) { diff --git a/src/libstrongswan/plugins/x509/x509_pkcs10.c b/src/libstrongswan/plugins/x509/x509_pkcs10.c index 73352fd7c..ec2233a55 100644 --- a/src/libstrongswan/plugins/x509/x509_pkcs10.c +++ b/src/libstrongswan/plugins/x509/x509_pkcs10.c @@ -550,7 +550,7 @@ static bool generate(private_x509_pkcs10_t *cert, private_key_t *sign_key, scheme = signature_scheme_from_oid(cert->algorithm); if (!cert->public_key->get_encoding(cert->public_key, - KEY_PUB_SPKI_ASN1_DER, &key_info)) + PUBKEY_SPKI_ASN1_DER, &key_info)) { return FALSE; } diff --git a/src/medsrv/controller/peer_controller.c b/src/medsrv/controller/peer_controller.c index e1e4661e0..5948fcfb7 100755 --- a/src/medsrv/controller/peer_controller.c +++ b/src/medsrv/controller/peer_controller.c @@ -139,8 +139,8 @@ static bool parse_public_key(private_peer_controller_t *this, return FALSE; } /* TODO: use get_encoding() with an encoding type */ - if (!public->get_fingerprint(public, KEY_ID_PUBKEY_SHA1, &id) || - !public->get_encoding(public, KEY_PUB_SPKI_ASN1_DER, encoding)) + if (!public->get_fingerprint(public, KEYID_PUBKEY_SHA1, &id) || + !public->get_encoding(public, PUBKEY_SPKI_ASN1_DER, encoding)) { request->setf(request, "error=Encoding public key failed."); return FALSE; diff --git a/src/pki/commands/gen.c b/src/pki/commands/gen.c index b2769da54..0a6571153 100644 --- a/src/pki/commands/gen.c +++ b/src/pki/commands/gen.c @@ -20,7 +20,7 @@ */ static int gen() { - key_encoding_type_t form = KEY_PRIV_ASN1_DER; + cred_encoding_type_t form = PRIVKEY_ASN1_DER; key_type_t type = KEY_RSA; u_int size = 0; private_key_t *key; diff --git a/src/pki/commands/keyid.c b/src/pki/commands/keyid.c index c15c1193e..6d2f7b915 100644 --- a/src/pki/commands/keyid.c +++ b/src/pki/commands/keyid.c @@ -99,11 +99,11 @@ static int keyid() if (type == CRED_PRIVATE_KEY) { private = cred; - if (private->get_fingerprint(private, KEY_ID_PUBKEY_SHA1, &id)) + if (private->get_fingerprint(private, KEYID_PUBKEY_SHA1, &id)) { printf("subjectKeyIdentifier: %#B\n", &id); } - if (private->get_fingerprint(private, KEY_ID_PUBKEY_INFO_SHA1, &id)) + if (private->get_fingerprint(private, KEYID_PUBKEY_INFO_SHA1, &id)) { printf("subjectPublicKeyInfo hash: %#B\n", &id); } @@ -112,11 +112,11 @@ static int keyid() else if (type == CRED_PUBLIC_KEY) { public = cred; - if (public->get_fingerprint(public, KEY_ID_PUBKEY_SHA1, &id)) + if (public->get_fingerprint(public, KEYID_PUBKEY_SHA1, &id)) { printf("subjectKeyIdentifier: %#B\n", &id); } - if (public->get_fingerprint(public, KEY_ID_PUBKEY_INFO_SHA1, &id)) + if (public->get_fingerprint(public, KEYID_PUBKEY_INFO_SHA1, &id)) { printf("subjectPublicKeyInfo hash: %#B\n", &id); } @@ -131,11 +131,11 @@ static int keyid() fprintf(stderr, "extracting public key from certificate failed"); return 1; } - if (public->get_fingerprint(public, KEY_ID_PUBKEY_SHA1, &id)) + if (public->get_fingerprint(public, KEYID_PUBKEY_SHA1, &id)) { printf("subjectKeyIdentifier: %#B\n", &id); } - if (public->get_fingerprint(public, KEY_ID_PUBKEY_INFO_SHA1, &id)) + if (public->get_fingerprint(public, KEYID_PUBKEY_INFO_SHA1, &id)) { printf("subjectPublicKeyInfo hash: %#B\n", &id); } diff --git a/src/pki/commands/print.c b/src/pki/commands/print.c index a86a9236d..6d5462783 100644 --- a/src/pki/commands/print.c +++ b/src/pki/commands/print.c @@ -30,11 +30,11 @@ static void print_pubkey(public_key_t *key) printf("pubkey: %N %d bits\n", key_type_names, key->get_type(key), key->get_keysize(key) * 8); - if (key->get_fingerprint(key, KEY_ID_PUBKEY_INFO_SHA1, &chunk)) + if (key->get_fingerprint(key, KEYID_PUBKEY_INFO_SHA1, &chunk)) { printf("keyid: %#B\n", &chunk); } - if (key->get_fingerprint(key, KEY_ID_PUBKEY_SHA1, &chunk)) + if (key->get_fingerprint(key, KEYID_PUBKEY_SHA1, &chunk)) { printf("subjkey: %#B\n", &chunk); } diff --git a/src/pki/commands/pub.c b/src/pki/commands/pub.c index de0444c1a..68831362b 100644 --- a/src/pki/commands/pub.c +++ b/src/pki/commands/pub.c @@ -23,7 +23,7 @@ */ static int pub() { - key_encoding_type_t form = KEY_PUB_SPKI_ASN1_DER; + cred_encoding_type_t form = PUBKEY_SPKI_ASN1_DER; credential_type_t type = CRED_PRIVATE_KEY; int subtype = KEY_RSA; certificate_t *cert; diff --git a/src/pki/pki.c b/src/pki/pki.c index 0912d5051..49174047d 100644 --- a/src/pki/pki.c +++ b/src/pki/pki.c @@ -21,20 +21,20 @@ /** * Convert a form string to a encoding type */ -bool get_form(char *form, key_encoding_type_t *type, bool pub) +bool get_form(char *form, cred_encoding_type_t *type, bool pub) { if (streq(form, "der")) { /* der encoded keys usually contain the complete SubjectPublicKeyInfo */ - *type = pub ? KEY_PUB_SPKI_ASN1_DER : KEY_PRIV_ASN1_DER; + *type = pub ? PUBKEY_SPKI_ASN1_DER : PRIVKEY_ASN1_DER; } else if (streq(form, "pem")) { - *type = pub ? KEY_PUB_PEM : KEY_PRIV_PEM; + *type = pub ? PUBKEY_PEM : PRIVKEY_PEM; } else if (streq(form, "pgp")) { - *type = pub ? KEY_PUB_PGP : KEY_PRIV_PGP; + *type = pub ? PUBKEY_PGP : PRIVKEY_PGP; } else { diff --git a/src/pki/pki.h b/src/pki/pki.h index 01b103c8f..9867eb5e0 100644 --- a/src/pki/pki.h +++ b/src/pki/pki.h @@ -29,7 +29,7 @@ /** * Convert a form string to a encoding type */ -bool get_form(char *form, key_encoding_type_t *type, bool pub); +bool get_form(char *form, cred_encoding_type_t *type, bool pub); /** * Convert a digest string to a hash algorithm diff --git a/src/pluto/certs.c b/src/pluto/certs.c index 8bce4c5c2..24e8ffb27 100644 --- a/src/pluto/certs.c +++ b/src/pluto/certs.c @@ -318,11 +318,11 @@ void list_pgp_end_certs(bool utc) key_type_names, key->get_type(key), key->get_keysize(key) * BITS_PER_BYTE, has_private_key(cert)? ", has private key" : ""); - if (key->get_fingerprint(key, KEY_ID_PUBKEY_INFO_SHA1, &keyid)) + if (key->get_fingerprint(key, KEYID_PUBKEY_INFO_SHA1, &keyid)) { whack_log(RC_COMMENT, " keyid: %#B", &keyid); } - if (key->get_fingerprint(key, KEY_ID_PUBKEY_SHA1, &keyid)) + if (key->get_fingerprint(key, KEYID_PUBKEY_SHA1, &keyid)) { whack_log(RC_COMMENT, " subjkey: %#B", &keyid); } diff --git a/src/pluto/dnskey.c b/src/pluto/dnskey.c index ec56b8530..4f8e4ebf4 100644 --- a/src/pluto/dnskey.c +++ b/src/pluto/dnskey.c @@ -424,7 +424,7 @@ static err_t process_txt_rr_body(u_char *str, bool doit, public_key_t *key = gi.key->public_key; if (gi.gw_key_present && - key->get_fingerprint(key, KEY_ID_PUBKEY_SHA1, &keyid)) + key->get_fingerprint(key, KEYID_PUBKEY_SHA1, &keyid)) { DBG_log("gateway for %s is %s with key %#B", client_id, gi.gw_id, &keyid); diff --git a/src/pluto/ipsec_doi.c b/src/pluto/ipsec_doi.c index 6bcfbeaa4..f2a5de780 100644 --- a/src/pluto/ipsec_doi.c +++ b/src/pluto/ipsec_doi.c @@ -260,7 +260,7 @@ static linked_list_t* collect_rw_ca_candidates(struct msg_digest *md) { new_entry = FALSE; break; - } + } } enumerator->destroy(enumerator); @@ -1568,7 +1568,7 @@ static bool take_a_crack(struct tac_state *s, pubkey_t *kr) s->tried_cnt++; scheme = oakley_to_signature_scheme(s->st->st_oakley.auth); - pub_key->get_fingerprint(pub_key, KEY_ID_PUBKEY_INFO_SHA1, &keyid); + pub_key->get_fingerprint(pub_key, KEYID_PUBKEY_INFO_SHA1, &keyid); if (pub_key->verify(pub_key, scheme, s->hash, s->sig)) { @@ -3542,7 +3542,7 @@ stf_status main_inR2_outI3(struct msg_digest *md) struct state *const st = md->st; pb_stream *const keyex_pbs = &md->chain[ISAKMP_NEXT_KE]->pbs; pb_stream id_pbs; /* ID Payload; also used for hash calculation */ - + connection_t *c = st->st_connection; certpolicy_t cert_policy = c->spd.this.sendcert; cert_t *mycert = c->spd.this.cert; @@ -4900,7 +4900,7 @@ static stf_status quick_inI1_outR1_tail(struct verify_oppo_bundle *b, p = rw_instantiate(p, &c->spd.that.host_addr, md->sender_port , his_net, c->spd.that.id); - /* inherit any virtual IP assigned by a Mode Config exchange */ + /* inherit any virtual IP assigned by a Mode Config exchange */ if (p->spd.that.modecfg && c->spd.that.modecfg && subnetisaddr(his_net, (ip_address*)vip->get_sockaddr(vip))) { diff --git a/src/pluto/keys.c b/src/pluto/keys.c index 0a0930abd..6db757ba7 100644 --- a/src/pluto/keys.c +++ b/src/pluto/keys.c @@ -968,7 +968,7 @@ void free_preshared_secrets(void) for (s = secrets; s != NULL; s = ns) { ns = s->next; - s->ids->destroy_offset(s->ids, offsetof(identification_t, destroy)); + s->ids->destroy_offset(s->ids, offsetof(identification_t, destroy)); switch (s->kind) { @@ -1238,7 +1238,7 @@ void add_public_key_from_cert(cert_t *cert , time_t until, /* insert all subjectAltNames from X.509 certificates */ enumerator = x509->create_subjectAltName_enumerator(x509); - while (enumerator->enumerate(enumerator, &id)) + while (enumerator->enumerate(enumerator, &id)) { if (id->get_type(id) != ID_ANY) { @@ -1327,7 +1327,7 @@ void list_public_keys(bool utc) public->get_keysize(public) * BITS_PER_BYTE, &key->until_time, utc, check_expiry(key->until_time, PUBKEY_WARNING_INTERVAL, TRUE)); - if (public->get_fingerprint(public, KEY_ID_PUBKEY_INFO_SHA1, &keyid)) + if (public->get_fingerprint(public, KEYID_PUBKEY_INFO_SHA1, &keyid)) { whack_log(RC_COMMENT," keyid: %#B", &keyid); } diff --git a/src/pluto/x509.c b/src/pluto/x509.c index 0a29830ea..1c26d733a 100644 --- a/src/pluto/x509.c +++ b/src/pluto/x509.c @@ -427,11 +427,11 @@ void list_x509cert_chain(const char *caption, cert_t* cert, cert->smartcard ? ", on smartcard" : (has_private_key(cert)? ", has private key" : "")); - if (key->get_fingerprint(key, KEY_ID_PUBKEY_INFO_SHA1, &keyid)) + if (key->get_fingerprint(key, KEYID_PUBKEY_INFO_SHA1, &keyid)) { whack_log(RC_COMMENT, " keyid: %#B", &keyid); } - if (key->get_fingerprint(key, KEY_ID_PUBKEY_SHA1, &subjkey)) + if (key->get_fingerprint(key, KEYID_PUBKEY_SHA1, &subjkey)) { whack_log(RC_COMMENT, " subjkey: %#B", &subjkey); } diff --git a/src/scepclient/scep.c b/src/scepclient/scep.c index 598705636..29f6eab70 100644 --- a/src/scepclient/scep.c +++ b/src/scepclient/scep.c @@ -281,7 +281,7 @@ void scep_generate_transaction_id(public_key_t *key, chunk_t *transID, bool msb_set; u_char *pos; - key->get_encoding(key, KEY_PUB_ASN1_DER, &keyEncoding); + key->get_encoding(key, PUBKEY_ASN1_DER, &keyEncoding); keyInfo = asn1_wrap(ASN1_SEQUENCE, "mm", asn1_algorithmIdentifier(OID_RSA_ENCRYPTION), diff --git a/src/scepclient/scepclient.c b/src/scepclient/scepclient.c index 385f6f328..2952b0591 100644 --- a/src/scepclient/scepclient.c +++ b/src/scepclient/scepclient.c @@ -398,7 +398,7 @@ int main(int argc, char **argv) transID = chunk_empty; fingerprint = chunk_empty; encoding = chunk_empty; - pkcs10_encoding = chunk_empty; + pkcs10_encoding = chunk_empty; issuerAndSubject = chunk_empty; challengePassword = chunk_empty; getCertInitial = chunk_empty; @@ -900,7 +900,7 @@ int main(int argc, char **argv) DBG(DBG_CONTROL, DBG_log("building pkcs1 object:") ) - if (!private_key->get_encoding(private_key, KEY_PRIV_ASN1_DER, &pkcs1) || + if (!private_key->get_encoding(private_key, PRIVKEY_ASN1_DER, &pkcs1) || !chunk_write(pkcs1, path, "pkcs1", 0066, force)) { exit_scepclient("could not write pkcs1 file '%s'", path); @@ -964,7 +964,7 @@ int main(int argc, char **argv) */ { char *path = concatenate_paths(CA_CERT_PATH, file_in_cacert_enc); - + x509_ca_enc = lib->creds->create(lib->creds, CRED_CERTIFICATE, CERT_X509, BUILD_FROM_FILE, path, BUILD_END); if (!x509_ca_enc) |