diff options
author | Andreas Steffen <andreas.steffen@strongswan.org> | 2016-01-05 05:34:12 +0100 |
---|---|---|
committer | Andreas Steffen <andreas.steffen@strongswan.org> | 2016-01-09 07:23:30 +0100 |
commit | 4c38c79452d3b4768792a0d4ba78cf6ba00c7fba (patch) | |
tree | 3afa45e43c017be6d03f6470d447720da3f8e616 /src/swanctl | |
parent | 87371460f660e245bae49d60b5ed26e7b8c8e0b0 (diff) | |
download | strongswan-4c38c79452d3b4768792a0d4ba78cf6ba00c7fba.tar.bz2 strongswan-4c38c79452d3b4768792a0d4ba78cf6ba00c7fba.tar.xz |
vici: list-cert sends subject, not-before and not-after attributes for pubkeys
Diffstat (limited to 'src/swanctl')
-rw-r--r-- | src/swanctl/commands/list_certs.c | 41 |
1 files changed, 36 insertions, 5 deletions
diff --git a/src/swanctl/commands/list_certs.c b/src/swanctl/commands/list_certs.c index 2c314d8b2..e9c964771 100644 --- a/src/swanctl/commands/list_certs.c +++ b/src/swanctl/commands/list_certs.c @@ -58,6 +58,10 @@ CALLBACK(list_cb, void, certificate_t *cert; certificate_type_t type; x509_flag_t flag = X509_NONE; + identification_t *subject = NULL; + time_t not_before = UNDEFINED_TIME; + time_t not_after = UNDEFINED_TIME; + chunk_t t_ch; bool has_privkey; char *str; void *buf; @@ -93,11 +97,38 @@ CALLBACK(list_cb, void, return; } } - - /* Parse certificate data blob */ - cert = lib->creds->create(lib->creds, CRED_CERTIFICATE, type, - BUILD_BLOB_ASN1_DER, chunk_create(buf, len), - BUILD_END); + if (type == CERT_TRUSTED_PUBKEY) + { + str = vici_find_str(res, NULL, "subject"); + if (str) + { + subject = identification_create_from_string(str); + } + str = vici_find_str(res, NULL, "not-before"); + if (str) + { + t_ch = chunk_from_str(str); + not_before = asn1_to_time(&t_ch, ASN1_GENERALIZEDTIME); + } + str = vici_find_str(res, NULL, "not-after"); + if (str) + { + t_ch = chunk_from_str(str); + not_after = asn1_to_time(&t_ch, ASN1_GENERALIZEDTIME); + } + cert = lib->creds->create(lib->creds, CRED_CERTIFICATE, type, + BUILD_BLOB_ASN1_DER, chunk_create(buf, len), + BUILD_NOT_BEFORE_TIME, not_before, + BUILD_NOT_AFTER_TIME, not_after, + BUILD_SUBJECT, subject, BUILD_END); + DESTROY_IF(subject); + } + else + { + cert = lib->creds->create(lib->creds, CRED_CERTIFICATE, type, + BUILD_BLOB_ASN1_DER, chunk_create(buf, len), + BUILD_END); + } if (cert) { if (*format & COMMAND_FORMAT_PEM) |