diff options
author | Tobias Brunner <tobias@strongswan.org> | 2017-05-12 09:10:15 +0200 |
---|---|---|
committer | Tobias Brunner <tobias@strongswan.org> | 2017-05-23 16:41:02 +0200 |
commit | 605a98c7ce108e8083502364292cce87c0a72b51 (patch) | |
tree | a0ebe87a036e751225e89bb5d720d8b61d2ae2a6 /src/libcharon | |
parent | 6a8a44be88b079ace805cddb08544af5e2b27ddd (diff) | |
download | strongswan-605a98c7ce108e8083502364292cce87c0a72b51.tar.bz2 strongswan-605a98c7ce108e8083502364292cce87c0a72b51.tar.xz |
vici: Return key ID from load-key command
We already do this for load-token and this should simplify client
implementations.
Diffstat (limited to 'src/libcharon')
-rw-r--r-- | src/libcharon/plugins/vici/README.md | 3 | ||||
-rw-r--r-- | src/libcharon/plugins/vici/vici_cred.c | 14 |
2 files changed, 13 insertions, 4 deletions
diff --git a/src/libcharon/plugins/vici/README.md b/src/libcharon/plugins/vici/README.md index 9bda949d0..f47f80cad 100644 --- a/src/libcharon/plugins/vici/README.md +++ b/src/libcharon/plugins/vici/README.md @@ -480,11 +480,12 @@ Load a certificate into the daemon. Load a private key into the daemon. { - type = <private key type, RSA|ECDSA> + type = <private key type, rsa|ecdsa|bliss|any> data = <PEM or DER encoded key data> } => { success = <yes or no> errmsg = <error string on failure> + id = <hex-encoded SHA-1 key identifier of the public key on success> } ### unload-key() ### diff --git a/src/libcharon/plugins/vici/vici_cred.c b/src/libcharon/plugins/vici/vici_cred.c index 6c7c194c2..5d8bf2f05 100644 --- a/src/libcharon/plugins/vici/vici_cred.c +++ b/src/libcharon/plugins/vici/vici_cred.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2015-2016 Andreas Steffen - * Copyright (C) 2016 Tobias Brunner + * Copyright (C) 2016-2017 Tobias Brunner * HSR Hochschule fuer Technik Rapperswil * * Copyright (C) 2014 Martin Willi @@ -206,9 +206,10 @@ CALLBACK(load_cert, vici_message_t*, CALLBACK(load_key, vici_message_t*, private_vici_cred_t *this, char *name, u_int id, vici_message_t *message) { + vici_builder_t *builder; key_type_t type; private_key_t *key; - chunk_t data; + chunk_t data, fp; char *str; str = message->get_str(message, NULL, "type"); @@ -248,12 +249,19 @@ CALLBACK(load_key, vici_message_t*, return create_reply("parsing %N private key failed", key_type_names, type); } + if (!key->get_fingerprint(key, KEYID_PUBKEY_SHA1, &fp)) + { + return create_reply("failed to get key id"); + } DBG1(DBG_CFG, "loaded %N private key", key_type_names, type); + builder = vici_builder_create(); + builder->add_kv(builder, "success", "yes"); + builder->add_kv(builder, "id", "%+B", &fp); this->creds->add_key(this->creds, key); - return create_reply(NULL); + return builder->finalize(builder); } CALLBACK(unload_key, vici_message_t*, |