diff options
| author | Andreas Steffen <andreas.steffen@strongswan.org> | 2009-06-05 21:14:31 +0200 |
|---|---|---|
| committer | Martin Willi <martin@strongswan.org> | 2009-06-09 11:03:32 +0200 |
| commit | 8b799d55ce5b0cf48b6d1dd0c3ca6a1474234ed6 (patch) | |
| tree | 6933a085f303dd3e232683cbdb9a25b99078b187 /src/scepclient/scep.c | |
| parent | b00fbdb55a1054b35270051722cdcd8c059a337a (diff) | |
| download | strongswan-8b799d55ce5b0cf48b6d1dd0c3ca6a1474234ed6.tar.bz2 strongswan-8b799d55ce5b0cf48b6d1dd0c3ca6a1474234ed6.tar.xz | |
pluto and scepclient use private and public key plugins of libstrongswan
Diffstat (limited to 'src/scepclient/scep.c')
| -rw-r--r-- | src/scepclient/scep.c | 47 |
1 files changed, 27 insertions, 20 deletions
diff --git a/src/scepclient/scep.c b/src/scepclient/scep.c index dd16dff1b..a788c6f41 100644 --- a/src/scepclient/scep.c +++ b/src/scepclient/scep.c @@ -34,7 +34,6 @@ #include "../pluto/constants.h" #include "../pluto/defs.h" -#include "../pluto/pkcs1.h" #include "../pluto/fetch.h" #include "../pluto/log.h" @@ -266,35 +265,43 @@ end: * Generates a unique fingerprint of the pkcs10 request * by computing an MD5 hash over it */ -void scep_generate_pkcs10_fingerprint(chunk_t pkcs10, chunk_t *fingerprint) +chunk_t scep_generate_pkcs10_fingerprint(chunk_t pkcs10) { - char buf[HASH_SIZE_MD5]; - chunk_t digest = { buf, sizeof(buf) }; - - /* the fingerprint is the MD5 hash in hexadecimal format */ - compute_digest(pkcs10, OID_MD5, &digest); - fingerprint->len = 2*digest.len; - fingerprint->ptr = malloc(fingerprint->len + 1); - datatot(digest.ptr, digest.len, 16, fingerprint->ptr, fingerprint->len + 1); + char digest_buf[HASH_SIZE_MD5]; + chunk_t digest = chunk_from_buf(digest_buf); + hasher_t *hasher; + + hasher = lib->crypto->create_hasher(lib->crypto, HASH_MD5); + hasher->get_hash(hasher, pkcs10, digest_buf); + hasher->destroy(hasher); + + return chunk_to_hex(digest, NULL, FALSE); } /** * Generate a transaction id as the MD5 hash of an public key * the transaction id is also used as a unique serial number */ -void scep_generate_transaction_id(const RSA_public_key_t *rsak, - chunk_t *transID, chunk_t *serialNumber) +void scep_generate_transaction_id(public_key_t *key, chunk_t *transID, + chunk_t *serialNumber) { - char buf[HASH_SIZE_MD5]; - - chunk_t digest = { buf, sizeof(buf) }; - chunk_t public_key = pkcs1_build_publicKeyInfo(rsak); - + char digest_buf[HASH_SIZE_MD5]; + chunk_t digest = chunk_from_buf(digest_buf); + chunk_t keyEncoding, keyInfo; + hasher_t *hasher; bool msb_set; u_char *pos; + + keyEncoding = key->get_encoding(key); + + keyInfo = asn1_wrap(ASN1_SEQUENCE, "cm", + asn1_algorithmIdentifier(OID_RSA_ENCRYPTION), + asn1_bitstring("m", keyEncoding)); - compute_digest(public_key, OID_MD5, &digest); - free(public_key.ptr); + hasher = lib->crypto->create_hasher(lib->crypto, HASH_MD5); + hasher->get_hash(hasher, keyInfo, digest_buf); + hasher->destroy(hasher); + free(keyInfo.ptr); /* is the most significant bit of the digest set? */ msb_set = (*digest.ptr & 0x80) == 0x80; @@ -376,7 +383,7 @@ chunk_t scep_senderNonce_attribute(void) chunk_t scep_build_request(chunk_t data, chunk_t transID, scep_msg_t msg, const x509cert_t *enc_cert, int enc_alg, const x509cert_t *signer_cert, int digest_alg, - const RSA_private_key_t *private_key) + private_key_t *private_key) { chunk_t envelopedData, attributes, request; |