diff options
| author | Martin Willi <martin@strongswan.org> | 2009-08-12 17:27:15 +0200 |
|---|---|---|
| committer | Martin Willi <martin@strongswan.org> | 2009-08-26 11:23:49 +0200 |
| commit | 11aa7e78694463a6cfa20d8a780d37b1435a456f (patch) | |
| tree | d2067abd16a54d60b5e936ae0991d45fff55f5ca /src/pluto | |
| parent | c486fa8158721653f5ed4b874e6b1baa49bf7c7c (diff) | |
| download | strongswan-11aa7e78694463a6cfa20d8a780d37b1435a456f.tar.bz2 strongswan-11aa7e78694463a6cfa20d8a780d37b1435a456f.tar.xz | |
use a pluto specific credential builder to build pluto cert_t's
Diffstat (limited to 'src/pluto')
| -rw-r--r-- | src/pluto/certs.c | 97 |
1 files changed, 79 insertions, 18 deletions
diff --git a/src/pluto/certs.c b/src/pluto/certs.c index fcc9ec577..b004a5094 100644 --- a/src/pluto/certs.c +++ b/src/pluto/certs.c @@ -215,53 +215,114 @@ private_key_t* load_private_key(char* filename, prompt_pass_t *pass, } /** - * Loads a X.509 or OpenPGP certificate + * currently building cert_t */ -bool load_cert(char *filename, const char *label, cert_t *cert) +static cert_t *cert_builder_cert; + +/** + * builder add function + */ +static void add(builder_t *this, builder_part_t part, ...) { - bool pgp = FALSE; - chunk_t blob = chunk_empty; + chunk_t blob; + va_list args; - /* initialize cert struct */ - cert->type = CERT_NONE; - cert->u.x509 = NULL; + va_start(args, part); + blob = va_arg(args, chunk_t); + va_end(args); - if (load_coded_file(filename, NULL, label, &blob, &pgp)) + switch (part) { - if (pgp) + case BUILD_BLOB_PGP: { pgpcert_t *pgpcert = malloc_thing(pgpcert_t); *pgpcert = pgpcert_empty; if (parse_pgp(blob, pgpcert)) { - cert->type = CERT_PGP; - cert->u.pgp = pgpcert; - return TRUE; + cert_builder_cert->type = CERT_PGP; + cert_builder_cert->u.pgp = pgpcert; } else { plog(" error in OpenPGP certificate"); free_pgpcert(pgpcert); - return FALSE; } + break; } - else + case BUILD_BLOB_ASN1_DER: { x509cert_t *x509cert = malloc_thing(x509cert_t); *x509cert = empty_x509cert; if (parse_x509cert(blob, 0, x509cert)) { - cert->type = CERT_X509_SIGNATURE; - cert->u.x509 = x509cert; - return TRUE; + cert_builder_cert->type = CERT_X509_SIGNATURE; + cert_builder_cert->u.x509 = x509cert; } else { plog(" error in X.509 certificate"); free_x509cert(x509cert); - return FALSE; } + break; } + default: + builder_cancel(this); + break; + } +} + +/** + * builder build function + */ +static void *build(builder_t *this) +{ + free(this); + if (cert_builder_cert->type == CERT_NONE) + { + return NULL; + } + return cert_builder_cert; +} + +/** + * certificate builder in cert_t format. + */ +static builder_t *cert_builder(credential_type_t type, int subtype) +{ + builder_t *this; + + if (subtype != 1) + { + return NULL; + } + this = malloc_thing(builder_t); + this->add = add; + this->build = build; + + return this; +} + +/** + * Loads a X.509 or OpenPGP certificate + */ +bool load_cert(char *filename, const char *label, cert_t *cert) +{ + cert_builder_cert = cert; + + cert->type = CERT_NONE; + cert->u.x509 = NULL; + cert->u.pgp = NULL; + + /* hook in builder functions to build pluto specific certificate format */ + lib->creds->add_builder(lib->creds, CRED_PLUTO_CERT, 1, + (builder_constructor_t)cert_builder); + cert = lib->creds->create(lib->creds, CRED_PLUTO_CERT, 1, + BUILD_FROM_FILE, filename, BUILD_END); + lib->creds->remove_builder(lib->creds, + (builder_constructor_t)cert_builder); + if (cert) + { + return TRUE; } return FALSE; } |