Do not hardwire keys to KEY_RSA

Make the TKM private and public keys more easily extendable by
determining the associated key type dynamically.

3 files changed, 51 insertions, 12 deletions

diff --git a/src/charon-tkm/src/tkm/tkm_private_key.c b/src/charon-tkm/src/tkm/tkm_private_key.c
index 616941454..9e3f96c95 100644
--- a/src/charon-tkm/src/tkm/tkm_private_key.c
+++ b/src/charon-tkm/src/tkm/tkm_private_key.c
@@ -1,6 +1,6 @@
 /*
- * Copyright (C) 2012 Reto Buerki
- * Copyright (C) 2012 Adrian-Ken Rueegsegger
+ * Copyright (C) 2012-2013 Reto Buerki
+ * Copyright (C) 2012-2013 Adrian-Ken Rueegsegger
  * Hochschule fuer Technik Rapperswil
  *
  * This program is free software; you can redistribute it and/or modify it
@@ -40,6 +40,11 @@ struct private_tkm_private_key_t {
 	identification_t *id;
 
 	/**
+	 * Key type.
+	 */
+	key_type_t key_type;
+
+	/**
 	 * Reference count.
 	 */
 	refcount_t ref;
@@ -49,7 +54,7 @@ struct private_tkm_private_key_t {
 METHOD(private_key_t, get_type, key_type_t,
 	private_tkm_private_key_t *this)
 {
-	return KEY_RSA;
+	return this->key_type;
 }
 
 METHOD(private_key_t, sign, bool,
@@ -158,5 +163,25 @@ tkm_private_key_t *tkm_private_key_init(identification_t * const id)
 		.id = id->clone(id),
 	);
 
+	/* get key type from associated public key */
+	certificate_t *cert;
+	cert = lib->credmgr->get_cert(lib->credmgr, CERT_ANY, KEY_ANY, id, FALSE);
+	if (!cert)
+	{
+		destroy(this);
+		return NULL;
+	}
+
+	public_key_t *pubkey = cert->get_public_key(cert);
+	if (!pubkey)
+	{
+		cert->destroy(cert);
+		destroy(this);
+		return NULL;
+	}
+	this->key_type = pubkey->get_type(pubkey);
+	pubkey->destroy(pubkey);
+	cert->destroy(cert);
+
 	return &this->public;
 }
diff --git a/src/charon-tkm/src/tkm/tkm_public_key.c b/src/charon-tkm/src/tkm/tkm_public_key.c
index e3f64ddba..9ebdc29e6 100644
--- a/src/charon-tkm/src/tkm/tkm_public_key.c
+++ b/src/charon-tkm/src/tkm/tkm_public_key.c
@@ -14,6 +14,8 @@
  * for more details.
  */
 
+#include <utils/debug.h>
+
 #include "tkm_public_key.h"
 
 typedef struct private_tkm_public_key_t private_tkm_public_key_t;
@@ -34,6 +36,11 @@ struct private_tkm_public_key_t {
 	chunk_t asn_blob;
 
 	/**
+	 * Key type.
+	 */
+	key_type_t key_type;
+
+	/**
 	 * Reference count.
 	 */
 	refcount_t ref;
@@ -42,7 +49,7 @@ struct private_tkm_public_key_t {
 METHOD(public_key_t, get_type, key_type_t,
 	private_tkm_public_key_t *this)
 {
-	return KEY_RSA;
+	return this->key_type;
 }
 
 METHOD(public_key_t, verify, bool,
@@ -79,9 +86,17 @@ METHOD(public_key_t, get_fingerprint, bool,
 	{
 		return TRUE;
 	}
-	return lib->encoding->encode(lib->encoding, type, this, fp,
-								 CRED_PART_RSA_PUB_ASN1_DER, this->asn_blob,
-								 CRED_PART_END);
+	switch(this->key_type)
+	{
+		case KEY_RSA:
+			return lib->encoding->encode(lib->encoding, type, this, fp,
+										 CRED_PART_RSA_PUB_ASN1_DER,
+										 this->asn_blob, CRED_PART_END);
+		default:
+			DBG1(DBG_LIB, "%N public key not supported, fingerprinting failed",
+				 key_type_names, this->key_type);
+			return FALSE;
+	}
 }
 
 METHOD(public_key_t, get_ref, public_key_t*,
@@ -147,6 +162,7 @@ tkm_public_key_t *tkm_public_key_load(key_type_t type, va_list args)
 		},
 		.ref = 1,
 		.asn_blob = chunk_clone(blob),
+		.key_type = type,
 	);
 
 	return &this->public;
diff --git a/src/charon-tkm/src/tkm/tkm_public_key.h b/src/charon-tkm/src/tkm/tkm_public_key.h
index a469f7524..383c7dd4c 100644
--- a/src/charon-tkm/src/tkm/tkm_public_key.h
+++ b/src/charon-tkm/src/tkm/tkm_public_key.h
@@ -1,6 +1,6 @@
 /*
- * Copyright (C) 2012 Reto Buerki
- * Copyright (C) 2012 Adrian-Ken Rueegsegger
+ * Copyright (C) 2012-2013 Reto Buerki
+ * Copyright (C) 2012-2013 Adrian-Ken Rueegsegger
  * Hochschule fuer Technik Rapperswil
  *
  * This program is free software; you can redistribute it and/or modify it
@@ -35,9 +35,7 @@ struct tkm_public_key_t {
 /**
  * Load a TKM public key.
  *
- * Accepts BUILD_RSA_* components.
- *
- * @param type		type of the key, must be KEY_RSA
+ * @param type		type of the key
  * @param args		builder_part_t argument list
  * @return			loaded key, NULL on failure
  */