diff options
Diffstat (limited to 'src/libcharon/plugins/vici/vici_query.c')
| -rw-r--r-- | src/libcharon/plugins/vici/vici_query.c | 26 |
1 files changed, 25 insertions, 1 deletions
diff --git a/src/libcharon/plugins/vici/vici_query.c b/src/libcharon/plugins/vici/vici_query.c index 99cd3481f..512c2ba7b 100644 --- a/src/libcharon/plugins/vici/vici_query.c +++ b/src/libcharon/plugins/vici/vici_query.c @@ -52,6 +52,7 @@ #endif #include <daemon.h> +#include <asn1/asn1.h> #include <credentials/certificates/certificate.h> #include <credentials/certificates/x509.h> @@ -866,8 +867,10 @@ static void enum_others(private_vici_query_t *this, u_int id, enumerator_t *enumerator; certificate_t *cert; vici_builder_t *b; - chunk_t encoding; + chunk_t encoding, t_ch; cred_encoding_type_t encoding_type; + identification_t *subject; + time_t not_before, not_after; encoding_type = (type == CERT_TRUSTED_PUBKEY) ? PUBKEY_SPKI_ASN1_DER : CERT_ASN1_DER; @@ -886,6 +889,27 @@ static void enum_others(private_vici_query_t *this, u_int id, b->add(b, VICI_KEY_VALUE, "data", encoding); free(encoding.ptr); + if (type == CERT_TRUSTED_PUBKEY) + { + subject = cert->get_subject(cert); + if (subject->get_type(subject) != ID_KEY_ID) + { + b->add_kv(b, "subject", "%Y", cert->get_subject(cert)); + } + cert->get_validity(cert, NULL, ¬_before, ¬_after); + if (not_before != UNDEFINED_TIME) + { + t_ch = asn1_from_time(¬_before, ASN1_GENERALIZEDTIME); + b->add(b, VICI_KEY_VALUE, "not-before", chunk_skip(t_ch, 2)); + chunk_free(&t_ch); + } + if (not_after != UNDEFINED_TIME) + { + t_ch = asn1_from_time(¬_after, ASN1_GENERALIZEDTIME); + b->add(b, VICI_KEY_VALUE, "not-after", chunk_skip(t_ch, 2)); + chunk_free(&t_ch); + } + } this->dispatcher->raise_event(this->dispatcher, "list-cert", id, b->finalize(b)); } |