aboutsummaryrefslogtreecommitdiffstats
path: root/src/libstrongswan/plugins/x509
diff options
context:
space:
mode:
Diffstat (limited to 'src/libstrongswan/plugins/x509')
-rw-r--r--src/libstrongswan/plugins/x509/x509_ac.c18
-rw-r--r--src/libstrongswan/plugins/x509/x509_cert.c18
-rw-r--r--src/libstrongswan/plugins/x509/x509_crl.c17
-rw-r--r--src/libstrongswan/plugins/x509/x509_ocsp_request.c26
-rw-r--r--src/libstrongswan/plugins/x509/x509_ocsp_response.c18
-rw-r--r--src/libstrongswan/plugins/x509/x509_pkcs10.c18
6 files changed, 87 insertions, 28 deletions
diff --git a/src/libstrongswan/plugins/x509/x509_ac.c b/src/libstrongswan/plugins/x509/x509_ac.c
index 45b5cdff4..ba0357cc4 100644
--- a/src/libstrongswan/plugins/x509/x509_ac.c
+++ b/src/libstrongswan/plugins/x509/x509_ac.c
@@ -815,9 +815,16 @@ static bool get_validity(private_x509_ac_t *this, time_t *when,
/**
* Implementation of certificate_t.get_encoding.
*/
-static chunk_t get_encoding(private_x509_ac_t *this)
+static bool get_encoding(private_x509_ac_t *this, cred_encoding_type_t type,
+ chunk_t *encoding)
{
- return chunk_clone(this->encoding);
+ if (type == CERT_ASN1_DER)
+ {
+ *encoding = chunk_clone(this->encoding);
+ return TRUE;
+ }
+ return lib->encoding->encode(lib->encoding, type, NULL, encoding,
+ CRED_PART_X509_AC_ASN1_DER, this->encoding, CRED_PART_END);
}
/**
@@ -836,7 +843,10 @@ static bool equals(private_x509_ac_t *this, certificate_t *other)
{ /* skip allocation if we have the same implementation */
return chunk_equals(this->encoding, ((private_x509_ac_t*)other)->encoding);
}
- encoding = other->get_encoding(other);
+ if (!other->get_encoding(other, CERT_ASN1_DER, &encoding))
+ {
+ return FALSE;
+ }
equal = chunk_equals(this->encoding, encoding);
free(encoding.ptr);
return equal;
@@ -885,7 +895,7 @@ static private_x509_ac_t *create_empty(void)
this->public.interface.certificate.issued_by = (bool (*)(certificate_t *this, certificate_t *issuer))issued_by;
this->public.interface.certificate.get_public_key = (public_key_t* (*)(certificate_t *this))get_public_key;
this->public.interface.certificate.get_validity = (bool(*)(certificate_t*, time_t *when, time_t *, time_t*))get_validity;
- this->public.interface.certificate.get_encoding = (chunk_t(*)(certificate_t*))get_encoding;
+ this->public.interface.certificate.get_encoding = (bool(*)(certificate_t*,cred_encoding_type_t,chunk_t*))get_encoding;
this->public.interface.certificate.equals = (bool(*)(certificate_t*, certificate_t *other))equals;
this->public.interface.certificate.get_ref = (certificate_t* (*)(certificate_t *this))get_ref;
this->public.interface.certificate.destroy = (void (*)(certificate_t *this))destroy;
diff --git a/src/libstrongswan/plugins/x509/x509_cert.c b/src/libstrongswan/plugins/x509/x509_cert.c
index e64c9f0a7..92b576aa5 100644
--- a/src/libstrongswan/plugins/x509/x509_cert.c
+++ b/src/libstrongswan/plugins/x509/x509_cert.c
@@ -1221,9 +1221,16 @@ static bool get_validity(private_x509_cert_t *this, time_t *when,
/**
* Implementation of certificate_t.get_encoding.
*/
-static chunk_t get_encoding(private_x509_cert_t *this)
+static bool get_encoding(private_x509_cert_t *this, cred_encoding_type_t type,
+ chunk_t *encoding)
{
- return chunk_clone(this->encoding);
+ if (type == CERT_ASN1_DER)
+ {
+ *encoding = chunk_clone(this->encoding);
+ return TRUE;
+ }
+ return lib->encoding->encode(lib->encoding, type, NULL, encoding,
+ CRED_PART_X509_ASN1_DER, this->encoding, CRED_PART_END);
}
/**
@@ -1246,7 +1253,10 @@ static bool equals(private_x509_cert_t *this, certificate_t *other)
{ /* skip allocation if we have the same implementation */
return chunk_equals(this->encoding, ((private_x509_cert_t*)other)->encoding);
}
- encoding = other->get_encoding(other);
+ if (!other->get_encoding(other, CERT_ASN1_DER, &encoding))
+ {
+ return FALSE;
+ }
equal = chunk_equals(this->encoding, encoding);
free(encoding.ptr);
return equal;
@@ -1376,7 +1386,7 @@ static private_x509_cert_t* create_empty(void)
this->public.interface.interface.issued_by = (bool (*) (certificate_t*, certificate_t*))issued_by;
this->public.interface.interface.get_public_key = (public_key_t* (*) (certificate_t*))get_public_key;
this->public.interface.interface.get_validity = (bool (*) (certificate_t*, time_t*, time_t*, time_t*))get_validity;
- this->public.interface.interface.get_encoding = (chunk_t (*) (certificate_t*))get_encoding;
+ this->public.interface.interface.get_encoding = (bool (*) (certificate_t*,cred_encoding_type_t,chunk_t*))get_encoding;
this->public.interface.interface.equals = (bool (*)(certificate_t*, certificate_t*))equals;
this->public.interface.interface.get_ref = (certificate_t* (*)(certificate_t*))get_ref;
this->public.interface.interface.destroy = (void (*)(certificate_t*))destroy;
diff --git a/src/libstrongswan/plugins/x509/x509_crl.c b/src/libstrongswan/plugins/x509/x509_crl.c
index 88d901a83..4bd0470d3 100644
--- a/src/libstrongswan/plugins/x509/x509_crl.c
+++ b/src/libstrongswan/plugins/x509/x509_crl.c
@@ -457,10 +457,16 @@ METHOD(certificate_t, get_validity, bool,
return (t <= this->nextUpdate);
}
-METHOD(certificate_t, get_encoding, chunk_t,
- private_x509_crl_t *this)
+METHOD(certificate_t, get_encoding, bool,
+ private_x509_crl_t *this, cred_encoding_type_t type, chunk_t *encoding)
{
- return chunk_clone(this->encoding);
+ if (type == CERT_ASN1_DER)
+ {
+ *encoding = chunk_clone(this->encoding);
+ return TRUE;
+ }
+ return lib->encoding->encode(lib->encoding, type, NULL, encoding,
+ CRED_PART_X509_CRL_ASN1_DER, this->encoding, CRED_PART_END);
}
METHOD(certificate_t, equals, bool,
@@ -477,7 +483,10 @@ METHOD(certificate_t, equals, bool,
{ /* skip allocation if we have the same implementation */
return chunk_equals(this->encoding, ((private_x509_crl_t*)other)->encoding);
}
- encoding = other->get_encoding(other);
+ if (!other->get_encoding(other, CERT_ASN1_DER, &encoding))
+ {
+ return FALSE;
+ }
equal = chunk_equals(this->encoding, encoding);
free(encoding.ptr);
return equal;
diff --git a/src/libstrongswan/plugins/x509/x509_ocsp_request.c b/src/libstrongswan/plugins/x509/x509_ocsp_request.c
index 99e07891c..ea02cbab5 100644
--- a/src/libstrongswan/plugins/x509/x509_ocsp_request.c
+++ b/src/libstrongswan/plugins/x509/x509_ocsp_request.c
@@ -250,7 +250,7 @@ static chunk_t build_optionalSignature(private_x509_ocsp_request_t *this,
{
int oid;
signature_scheme_t scheme;
- chunk_t certs, signature;
+ chunk_t certs, signature, encoding;
switch (this->key->get_type(this->key))
{
@@ -274,11 +274,11 @@ static chunk_t build_optionalSignature(private_x509_ocsp_request_t *this,
DBG1(DBG_LIB, "creating OCSP signature failed, skipped");
return chunk_empty;
}
- if (this->cert)
+ if (this->cert &&
+ this->cert->get_encoding(this->cert, CERT_ASN1_DER, &encoding))
{
certs = asn1_wrap(ASN1_CONTEXT_C_0, "m",
- asn1_wrap(ASN1_SEQUENCE, "m",
- this->cert->get_encoding(this->cert)));
+ asn1_wrap(ASN1_SEQUENCE, "m", encoding));
}
return asn1_wrap(ASN1_CONTEXT_C_0, "m",
asn1_wrap(ASN1_SEQUENCE, "cmm",
@@ -413,9 +413,16 @@ static bool get_validity(private_x509_ocsp_request_t *this, time_t *when,
/**
* Implementation of certificate_t.get_encoding.
*/
-static chunk_t get_encoding(private_x509_ocsp_request_t *this)
+static bool get_encoding(private_x509_ocsp_request_t *this,
+ cred_encoding_type_t type, chunk_t *encoding)
{
- return chunk_clone(this->encoding);
+ if (type == CERT_ASN1_DER)
+ {
+ *encoding = chunk_clone(this->encoding);
+ return TRUE;
+ }
+ return lib->encoding->encode(lib->encoding, type, NULL, encoding,
+ CRED_PART_X509_OCSP_REQ_ASN1_DER, this->encoding, CRED_PART_END);
}
/**
@@ -438,7 +445,10 @@ static bool equals(private_x509_ocsp_request_t *this, certificate_t *other)
{ /* skip allocation if we have the same implementation */
return chunk_equals(this->encoding, ((private_x509_ocsp_request_t*)other)->encoding);
}
- encoding = other->get_encoding(other);
+ if (!other->get_encoding(other, CERT_ASN1_DER, &encoding))
+ {
+ return FALSE;
+ }
equal = chunk_equals(this->encoding, encoding);
free(encoding.ptr);
return equal;
@@ -486,7 +496,7 @@ static private_x509_ocsp_request_t *create_empty()
this->public.interface.interface.issued_by = (bool (*)(certificate_t *this, certificate_t *issuer))issued_by;
this->public.interface.interface.get_public_key = (public_key_t* (*)(certificate_t *this))get_public_key;
this->public.interface.interface.get_validity = (bool(*)(certificate_t*, time_t *when, time_t *, time_t*))get_validity;
- this->public.interface.interface.get_encoding = (chunk_t(*)(certificate_t*))get_encoding;
+ this->public.interface.interface.get_encoding = (bool(*)(certificate_t*,cred_encoding_type_t,chunk_t*))get_encoding;
this->public.interface.interface.equals = (bool(*)(certificate_t*, certificate_t *other))equals;
this->public.interface.interface.get_ref = (certificate_t* (*)(certificate_t *this))get_ref;
this->public.interface.interface.destroy = (void (*)(certificate_t *this))destroy;
diff --git a/src/libstrongswan/plugins/x509/x509_ocsp_response.c b/src/libstrongswan/plugins/x509/x509_ocsp_response.c
index cbaf77673..829f47f81 100644
--- a/src/libstrongswan/plugins/x509/x509_ocsp_response.c
+++ b/src/libstrongswan/plugins/x509/x509_ocsp_response.c
@@ -766,9 +766,16 @@ static bool get_validity(private_x509_ocsp_response_t *this, time_t *when,
/**
* Implementation of certificate_t.get_encoding.
*/
-static chunk_t get_encoding(private_x509_ocsp_response_t *this)
+static bool get_encoding(private_x509_ocsp_response_t *this,
+ cred_encoding_type_t type, chunk_t *encoding)
{
- return chunk_clone(this->encoding);
+ if (type == CERT_ASN1_DER)
+ {
+ *encoding = chunk_clone(this->encoding);
+ return TRUE;
+ }
+ return lib->encoding->encode(lib->encoding, type, NULL, encoding,
+ CRED_PART_X509_OCSP_RES_ASN1_DER, this->encoding, CRED_PART_END);
}
/**
@@ -791,7 +798,10 @@ static bool equals(private_x509_ocsp_response_t *this, certificate_t *other)
{ /* skip allocation if we have the same implementation */
return chunk_equals(this->encoding, ((private_x509_ocsp_response_t*)other)->encoding);
}
- encoding = other->get_encoding(other);
+ if (!other->get_encoding(other, CERT_ASN1_DER, &encoding))
+ {
+ return FALSE;
+ }
equal = chunk_equals(this->encoding, encoding);
free(encoding.ptr);
return equal;
@@ -838,7 +848,7 @@ static x509_ocsp_response_t *load(chunk_t blob)
this->public.interface.certificate.issued_by = (bool (*)(certificate_t *this, certificate_t *issuer))issued_by;
this->public.interface.certificate.get_public_key = (public_key_t* (*)(certificate_t *this))get_public_key;
this->public.interface.certificate.get_validity = (bool(*)(certificate_t*, time_t *when, time_t *, time_t*))get_validity;
- this->public.interface.certificate.get_encoding = (chunk_t(*)(certificate_t*))get_encoding;
+ this->public.interface.certificate.get_encoding = (bool(*)(certificate_t*,cred_encoding_type_t,chunk_t*))get_encoding;
this->public.interface.certificate.equals = (bool(*)(certificate_t*, certificate_t *other))equals;
this->public.interface.certificate.get_ref = (certificate_t* (*)(certificate_t *this))get_ref;
this->public.interface.certificate.destroy = (void (*)(certificate_t *this))destroy;
diff --git a/src/libstrongswan/plugins/x509/x509_pkcs10.c b/src/libstrongswan/plugins/x509/x509_pkcs10.c
index ec2233a55..bfb0ca621 100644
--- a/src/libstrongswan/plugins/x509/x509_pkcs10.c
+++ b/src/libstrongswan/plugins/x509/x509_pkcs10.c
@@ -191,9 +191,16 @@ static bool get_validity(private_x509_pkcs10_t *this, time_t *when,
/**
* Implementation of certificate_t.get_encoding.
*/
-static chunk_t get_encoding(private_x509_pkcs10_t *this)
+static bool get_encoding(private_x509_pkcs10_t *this, cred_encoding_type_t type,
+ chunk_t *encoding)
{
- return chunk_clone(this->encoding);
+ if (type == CERT_ASN1_DER)
+ {
+ *encoding = chunk_clone(this->encoding);
+ return TRUE;
+ }
+ return lib->encoding->encode(lib->encoding, type, NULL, encoding,
+ CRED_PART_PKCS10_ASN1_DER, this->encoding, CRED_PART_END);
}
/**
@@ -216,7 +223,10 @@ static bool equals(private_x509_pkcs10_t *this, certificate_t *other)
{ /* skip allocation if we have the same implementation */
return chunk_equals(this->encoding, ((private_x509_pkcs10_t*)other)->encoding);
}
- encoding = other->get_encoding(other);
+ if (!other->get_encoding(other, CERT_ASN1_DER, &encoding))
+ {
+ return FALSE;
+ }
equal = chunk_equals(this->encoding, encoding);
free(encoding.ptr);
return equal;
@@ -504,7 +514,7 @@ static private_x509_pkcs10_t* create_empty(void)
this->public.interface.interface.issued_by = (bool (*) (certificate_t*, certificate_t*))issued_by;
this->public.interface.interface.get_public_key = (public_key_t* (*) (certificate_t*))get_public_key;
this->public.interface.interface.get_validity = (bool (*) (certificate_t*, time_t*, time_t*, time_t*))get_validity;
- this->public.interface.interface.get_encoding = (chunk_t (*) (certificate_t*))get_encoding;
+ this->public.interface.interface.get_encoding = (bool (*) (certificate_t*,cred_encoding_type_t,chunk_t*))get_encoding;
this->public.interface.interface.equals = (bool (*)(certificate_t*, certificate_t*))equals;
this->public.interface.interface.get_ref = (certificate_t* (*)(certificate_t*))get_ref;
this->public.interface.interface.destroy = (void (*)(certificate_t*))destroy;
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-22 09:45:02 +0000