scepclient uses pkcs10 from libstrongswan

2 files changed, 0 insertions, 277 deletions

diff --git a/src/scepclient/pkcs10.c b/src/scepclient/pkcs10.c
deleted file mode 100644
index 04196777c..000000000
--- a/src/scepclient/pkcs10.c
+++ /dev/null
@@ -1,216 +0,0 @@
-/**
- * @file pkcs10.c
- * @brief Functions to build PKCS#10 requests
- *
- * Contains functions to build DER encoded pkcs#10 certificate requests
- */
-
-/* Copyright (C) 2005 Jan Hutter, Martin Willi
- * Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * for more details.
- */
-
-#include <stdlib.h>
-#include <string.h>
-#include <sys/socket.h>
-#include <netinet/in.h>
-#include <arpa/inet.h>
-
-#include <freeswan.h>
-#include <asn1/asn1.h>
-#include <asn1/oid.h>
-
-#include "../pluto/constants.h"
-#include "../pluto/defs.h"
-#include "../pluto/log.h"
-#include "../pluto/x509.h"
-
-#include "pkcs10.h"
-
-/* some pre-coded OIDs */
-static chunk_t ASN1_challengePassword_oid = chunk_from_chars(
-	0x06,0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x07
-);
-static const chunk_t ASN1_extensionRequest_oid = chunk_from_chars(
-	0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x0E
-);
-
-/**
- * Adds a subjectAltName in DER-coded form to a linked list
- *
- * @param[in]       subjectAltNames linked list of subjectAltNames
- * @param[in]       kind            type of the subjectAltName (which is a generalName)
- * @param[in]       value           value of the subjectAltName as an ASCII string
- */
-void pkcs10_add_subjectAltName(linked_list_t *subjectAltNames,
-							   generalNames_t kind, char *value)
-{
-	generalName_t *gn;
-	asn1_t asn1_type = ASN1_EOC;
-	chunk_t name = { value, strlen(value) };
-
-	switch (kind)
-	{
-	case GN_RFC822_NAME:
-		asn1_type = ASN1_CONTEXT_S_1;
-		break;
-	case GN_DNS_NAME:
-		asn1_type = ASN1_CONTEXT_S_2;
-		break;
-	case GN_IP_ADDRESS:
-		{
-			struct in_addr addr;
-
-			/* convert an ASCII dotted IPv4 address (e.g. 123.456.78.90)
-			 * to a byte representation in network order
-			 */
-			if (!inet_aton(value, &addr))
-			{
-				fprintf(stderr, "error in IPv4 subjectAltName\n");
-				return;
-			}
-			asn1_type = ASN1_CONTEXT_S_7;
-			name.ptr = (u_char *) &addr.s_addr;
-			name.len = sizeof(addr.s_addr);
-			break;
-		}
-	default:
-		break;
-	}
-
-	gn = malloc_thing(generalName_t);
-	gn->kind = kind;
-	gn->name = asn1_simple_object(asn1_type, name);
-	gn->next = *subjectAltNames;
-	*subjectAltNames = gn;
-}
-
-/**
- * Builds the requestInfoAttributes of the certificationRequestInfo-field
- *
- * challenge password ans subjectAltNames are only included,
- * when avaiable in given #pkcs10_t structure
- *
- * @param[in]   pkcs10          Pointer to a #pkcs10_t structure
- * @return                      1 if succeeded, 0 otherwise
- */
-static chunk_t build_req_info_attributes(pkcs10_t* pkcs10)
-{
-
-	chunk_t subjectAltNames   = chunk_empty;
-	chunk_t challengePassword = chunk_empty;
-
-	if (pkcs10->subjectAltNames != NULL)
-	{
-
-		subjectAltNames = asn1_wrap(ASN1_SEQUENCE, "cm"
-				, ASN1_extensionRequest_oid
-				, asn1_wrap(ASN1_SET, "m"
-					, asn1_wrap(ASN1_SEQUENCE, "m"
-						, build_subjectAltNames(pkcs10->subjectAltNames)
-					  )
-				  )
-			);
-	}
-
-	if (pkcs10->challengePassword.len > 0)
-	{
-		asn1_t type = asn1_is_printablestring(pkcs10->challengePassword)
-					  ? ASN1_PRINTABLESTRING : ASN1_T61STRING;
-
-		challengePassword = asn1_wrap(ASN1_SEQUENCE, "cm"
-				, ASN1_challengePassword_oid
-				, asn1_wrap(ASN1_SET, "m"
-					, asn1_simple_object(type, pkcs10->challengePassword)
-				  )
-			);
-	}
-
-	return asn1_wrap(ASN1_CONTEXT_C_0, "mm"
-				, subjectAltNames
-				, challengePassword);
-}
-
-/**
- * Builds a DER-code pkcs#10 certificate request
- *
- * @param[in]   pkcs10          pointer to a pkcs10_t struct
- * @return                      DER-code pkcs10 request
- */
-static chunk_t pkcs10_build_request(pkcs10_t *pkcs10, int signature_alg)
-{
-	chunk_t key = chunk_empty;
-
-	pkcs10->public_key->get_encoding(pkcs10->public_key, KEY_PUB_ASN1_DER, &key);
-
-	chunk_t keyInfo = asn1_wrap(ASN1_SEQUENCE, "mm",
-							asn1_algorithmIdentifier(OID_RSA_ENCRYPTION),
-							asn1_bitstring("m", key));
-
-	chunk_t cert_req_info = asn1_wrap(ASN1_SEQUENCE, "ccmm",
-								ASN1_INTEGER_0,
-								pkcs10->subject,
-								keyInfo,
-								build_req_info_attributes(pkcs10));
-
-	chunk_t signature = x509_build_signature(cert_req_info, signature_alg,
-											 pkcs10->private_key, TRUE);
-
-	return asn1_wrap(ASN1_SEQUENCE, "mmm",
-				cert_req_info,
-				asn1_algorithmIdentifier(signature_alg),
-				signature);
-}
-
-/**
- * Creates a pkcs#10 certificate request object
- *
- * To create a certificate request, the RSA key and the
- * names to be included as subject in the certificate request
- * (e.g. commonName, organization) are needed. An optional challenge
- * password or some subjectAltNames may be included.
- *
- * @param[in]   key                     rsakey of type #rsakey_t
- * @param[in]   subject                 DER-coded subject distinguished name
- * @param[in]   challengePassword       challenge password or chunk_empty
- * @param[in]   subjectAltNames         linked list of subjectAltNames or NULL
- * @return                              pointer to a #pkcs10_t object
- */
-pkcs10_t* pkcs10_build(private_key_t *private, public_key_t *public,
-					   chunk_t subject, chunk_t challengePassword,
-					   linked_list_t *subjectAltNames, int signature_alg)
-{
-	pkcs10_t *pkcs10 = malloc_thing(pkcs10_t);
-
-	pkcs10->subject = subject;
-	pkcs10->private_key = private;
-	pkcs10->public_key = public;
-	pkcs10->challengePassword = challengePassword;
-	pkcs10->subjectAltNames = subjectAltNames;
-
-	pkcs10->request = pkcs10_build_request(pkcs10, signature_alg);
-	return pkcs10;
-}
-
-/**
- * Frees the resources used by an #pkcs10_t object
- *
- * @param[in]   pkcs10          #pkcs10_t to free
- */
-void pkcs10_free(pkcs10_t *pkcs10)
-{
-	if (pkcs10 != NULL)
-	{
-		free(pkcs10->request.ptr);
-		free(pkcs10);
-	}
-}
diff --git a/src/scepclient/pkcs10.h b/src/scepclient/pkcs10.h
deleted file mode 100644
index a4d892576..000000000
--- a/src/scepclient/pkcs10.h
+++ /dev/null
@@ -1,61 +0,0 @@
-/**
- * @file pkcs10.h
- * @brief Functions to build PKCS#10 Request's
- *
- * Contains functions to build DER encoded pkcs#10 certificate requests
- */
-
-/*
- * Copyright (C) 2005 Jan Hutter, Martin Willi
- * Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * for more details.
- */
-
-#ifndef _PKCS10_H
-#define _PKCS10_H
-
-#include <utils/linked_list.h>
-#include <credentials/keys/private_key.h>
-#include <credentials/keys/public_key.h>
-
-#include "../pluto/defs.h"
-#include "../pluto/x509.h"
-
-typedef struct pkcs10_struct pkcs10_t;
-
-/**
- * @brief type representating a pkcs#10 request.
- *
- * A pkcs#10 request contains a distinguished name, an optional
- * challenge password, a public key and optional subjectAltNames.
- *
- * The RSA private key is needed to compute the signature of the given request
- */
-struct pkcs10_struct {
-	private_key_t  *private_key;
-	public_key_t   *public_key;
-	chunk_t         request;
-	chunk_t         subject;
-	chunk_t         challengePassword;
-	linked_list_t  *subjectAltNames;
-};
-
-extern const pkcs10_t empty_pkcs10;
-
-extern void pkcs10_add_subjectAltName(linked_list_t *subjectAltNames,
-									  generalNames_t kind, char *value);
-extern pkcs10_t* pkcs10_build(private_key_t *private, public_key_t *public,
-							  chunk_t subject, chunk_t challengePassword,
-							  linked_list_t *subjectAltNames, int signature_alg);
-extern void pkcs10_free(pkcs10_t *pkcs10);
-
-#endif /* _PKCS10_H */