diff options
| author | Andreas Steffen <andreas.steffen@strongswan.org> | 2009-06-20 12:09:36 +0200 |
|---|---|---|
| committer | Andreas Steffen <andreas.steffen@strongswan.org> | 2009-06-20 12:09:36 +0200 |
| commit | 71e725d3253b134dc697d8729fe0727860e406a1 (patch) | |
| tree | b00f07ee490518fb9972f844a5b73bdd1c2c4988 /src/scepclient/scepclient.c | |
| parent | c4963c92acda0f69ec9bd3e14b6444cc87600654 (diff) | |
| download | strongswan-71e725d3253b134dc697d8729fe0727860e406a1.tar.bz2 strongswan-71e725d3253b134dc697d8729fe0727860e406a1.tar.xz | |
use get_proposal_token() for algorithm selection
Diffstat (limited to 'src/scepclient/scepclient.c')
| -rw-r--r-- | src/scepclient/scepclient.c | 50 |
1 files changed, 15 insertions, 35 deletions
diff --git a/src/scepclient/scepclient.c b/src/scepclient/scepclient.c index 0e7ae3e40..1139cc25a 100644 --- a/src/scepclient/scepclient.c +++ b/src/scepclient/scepclient.c @@ -41,6 +41,8 @@ #include <asn1/oid.h> #include <utils/optionsfrom.h> #include <utils/enumerator.h> +#include <crypto/crypters/crypter.h> +#include <crypto/proposal/proposal_keywords.h> #include <credentials/keys/private_key.h> #include <credentials/keys/public_key.h> @@ -246,9 +248,8 @@ usage(const char *message) " --password (-p) <pw> challenge password\n" " - if pw is '%%prompt', password gets prompted for\n" " --algorithm (-a) <algo> use specified algorithm for PKCS#7 encryption\n" - " <algo> = des-cbc | 3des-cbc (default) | \n" - " aes128-cbc | aes192-cbc | aes256-cbc | \n" - " camellia128-cbc | camellia192-cbc | camellia256-cbc\n" + " <algo> = des | 3des (default) | aes128| aes192 | \n" + " aes256 | camellia128 | camellia192 | camellia256\n" "\n" "Options for enrollment (cert):\n" " --url (-u) <url> url of the SCEP server\n" @@ -698,43 +699,22 @@ int main(int argc, char **argv) continue; case 'a': /*--algorithm */ - if (strcaseeq("des-cbc", optarg)) - { - pkcs7_symmetric_cipher = OID_DES_CBC; - } - else if (strcaseeq("3des-cbc", optarg)) - { - pkcs7_symmetric_cipher = OID_3DES_EDE_CBC; - } - else if (strcaseeq("aes128-cbc", optarg)) - { - pkcs7_symmetric_cipher = OID_AES128_CBC; - } - else if (strcaseeq("aes192-cbc", optarg)) - { - pkcs7_symmetric_cipher = OID_AES192_CBC; - } - else if (strcaseeq("aes256-cbc", optarg)) - { - pkcs7_symmetric_cipher = OID_AES256_CBC; - } - else if (strcaseeq("camellia128-cbc", optarg)) - { - pkcs7_symmetric_cipher = OID_CAMELLIA128_CBC; - } - else if (strcaseeq("camellia192-cbc", optarg)) - { - pkcs7_symmetric_cipher = OID_CAMELLIA192_CBC; - } - else if (strcaseeq("camellia256-cbc", optarg)) + { + const proposal_token_t *token; + + token = proposal_get_token(optarg, strlen(optarg)); + if (token == NULL || token->type != ENCRYPTION_ALGORITHM) { - pkcs7_symmetric_cipher = OID_CAMELLIA256_CBC; + usage("invalid algorithm specified"); } - else + pkcs7_symmetric_cipher = encryption_algorithm_to_oid( + token->algorithm, token->keysize); + if (pkcs7_symmetric_cipher == OID_UNKNOWN) { - usage("invalid encryption algorithm specified"); + usage("unsupported encryption algorithm specified"); } continue; + } #ifdef DEBUG case 'A': /* --debug-all */ base_debugging |= DBG_ALL; |