aboutsummaryrefslogtreecommitdiffstats
path: root/src/charon-cmd/cmd/cmd_creds.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/charon-cmd/cmd/cmd_creds.c')
-rw-r--r--src/charon-cmd/cmd/cmd_creds.c44
1 files changed, 43 insertions, 1 deletions
diff --git a/src/charon-cmd/cmd/cmd_creds.c b/src/charon-cmd/cmd/cmd_creds.c
index 4626c6dbe..526ff7c9c 100644
--- a/src/charon-cmd/cmd/cmd_creds.c
+++ b/src/charon-cmd/cmd/cmd_creds.c
@@ -22,6 +22,7 @@
#include <utils/debug.h>
#include <credentials/sets/mem_cred.h>
+#include <credentials/containers/pkcs12.h>
#include <credentials/sets/callback_cred.h>
typedef struct private_cmd_creds_t private_cmd_creds_t;
@@ -70,6 +71,7 @@ static shared_key_t* callback_shared(private_cmd_creds_t *this,
identification_t *me, identification_t *other,
id_match_t *match_me, id_match_t *match_other)
{
+ shared_key_t *shared;
char *label, *pwd;
if (this->prompted)
@@ -104,7 +106,10 @@ static shared_key_t* callback_shared(private_cmd_creds_t *this,
{
*match_other = ID_MATCH_PERFECT;
}
- return shared_key_create(type, chunk_clone(chunk_from_str(pwd)));
+ shared = shared_key_create(type, chunk_clone(chunk_from_str(pwd)));
+ /* cache password in case it is required more than once */
+ this->creds->add_shared(this->creds, shared, NULL);
+ return shared->get_ref(shared);
}
/**
@@ -182,6 +187,40 @@ static void load_agent(private_cmd_creds_t *this)
this->creds->add_key(this->creds, privkey);
}
+/**
+ * Load a PKCS#12 file from path
+ */
+static void load_pkcs12(private_cmd_creds_t *this, char *path)
+{
+ enumerator_t *enumerator;
+ certificate_t *cert;
+ private_key_t *key;
+ container_t *container;
+ pkcs12_t *pkcs12;
+
+ container = lib->creds->create(lib->creds, CRED_CONTAINER, CONTAINER_PKCS12,
+ BUILD_FROM_FILE, path, BUILD_END);
+ if (!container)
+ {
+ DBG1(DBG_CFG, "loading PKCS#12 file '%s' failed", path);
+ exit(1);
+ }
+ pkcs12 = (pkcs12_t*)container;
+ enumerator = pkcs12->create_cert_enumerator(pkcs12);
+ while (enumerator->enumerate(enumerator, &cert))
+ {
+ this->creds->add_cert(this->creds, TRUE, cert->get_ref(cert));
+ }
+ enumerator->destroy(enumerator);
+ enumerator = pkcs12->create_key_enumerator(pkcs12);
+ while (enumerator->enumerate(enumerator, &key))
+ {
+ this->creds->add_key(this->creds, key->get_ref(key));
+ }
+ enumerator->destroy(enumerator);
+ container->destroy(container);
+}
+
METHOD(cmd_creds_t, handle, bool,
private_cmd_creds_t *this, cmd_option_type_t opt, char *arg)
{
@@ -193,6 +232,9 @@ METHOD(cmd_creds_t, handle, bool,
case CMD_OPT_RSA:
load_key(this, KEY_RSA, arg);
break;
+ case CMD_OPT_PKCS12:
+ load_pkcs12(this, arg);
+ break;
case CMD_OPT_IDENTITY:
this->identity = arg;
break;