aboutsummaryrefslogtreecommitdiffstats
path: root/src/libstrongswan/plugins
diff options
context:
space:
mode:
Diffstat (limited to 'src/libstrongswan/plugins')
-rw-r--r--src/libstrongswan/plugins/agent/agent_private_key.c6
-rw-r--r--src/libstrongswan/plugins/fips_prf/fips_prf.c3
-rw-r--r--src/libstrongswan/plugins/x509/x509_ac.c21
-rw-r--r--src/libstrongswan/plugins/x509/x509_cert.c15
-rw-r--r--src/libstrongswan/plugins/x509/x509_ocsp_request.c18
-rw-r--r--src/libstrongswan/plugins/x509/x509_ocsp_response.c18
6 files changed, 30 insertions, 51 deletions
diff --git a/src/libstrongswan/plugins/agent/agent_private_key.c b/src/libstrongswan/plugins/agent/agent_private_key.c
index 1c48d706c..2bc6dea34 100644
--- a/src/libstrongswan/plugins/agent/agent_private_key.c
+++ b/src/libstrongswan/plugins/agent/agent_private_key.c
@@ -161,7 +161,7 @@ static bool read_key(private_agent_private_key_t *this, public_key_t *pubkey)
{
int len, count;
char buf[2048];
- chunk_t blob = chunk_from_buf(buf), key, type, n;
+ chunk_t blob, key, type, n;
len = htonl(1);
buf[0] = SSH_AGENT_ID_REQUEST;
@@ -172,6 +172,7 @@ static bool read_key(private_agent_private_key_t *this, public_key_t *pubkey)
return FALSE;
}
+ blob = chunk_create(buf, sizeof(buf));
blob.len = read(this->socket, blob.ptr, blob.len);
if (blob.len < sizeof(u_int32_t) + sizeof(u_char) ||
@@ -226,7 +227,7 @@ static bool sign(private_agent_private_key_t *this, signature_scheme_t scheme,
{
u_int32_t len, flags;
char buf[2048];
- chunk_t blob = chunk_from_buf(buf);
+ chunk_t blob;
if (scheme != SIGN_RSA_EMSA_PKCS1_SHA1)
{
@@ -267,6 +268,7 @@ static bool sign(private_agent_private_key_t *this, signature_scheme_t scheme,
return FALSE;
}
+ blob = chunk_create(buf, sizeof(buf));
blob.len = read(this->socket, blob.ptr, blob.len);
if (blob.len < sizeof(u_int32_t) + sizeof(u_char) ||
read_uint32(&blob) != blob.len ||
diff --git a/src/libstrongswan/plugins/fips_prf/fips_prf.c b/src/libstrongswan/plugins/fips_prf/fips_prf.c
index ba8158367..123d2a244 100644
--- a/src/libstrongswan/plugins/fips_prf/fips_prf.c
+++ b/src/libstrongswan/plugins/fips_prf/fips_prf.c
@@ -114,7 +114,6 @@ static void get_bytes(private_fips_prf_t *this, chunk_t seed, u_int8_t w[])
u_int8_t sum[this->b];
u_int8_t *xkey = this->key;
u_int8_t one[this->b];
- chunk_t xval_chunk = chunk_from_buf(xval);
memset(one, 0, this->b);
one[this->b - 1] = 0x01;
@@ -129,7 +128,7 @@ static void get_bytes(private_fips_prf_t *this, chunk_t seed, u_int8_t w[])
add_mod(this->b, xkey, xseed, xval);
DBG3("XVAL %b", xval, this->b);
/* b. wi = G(t, XVAL ) */
- this->g(this, xval_chunk, &w[i * this->b]);
+ this->g(this, chunk_create(xval, this->b), &w[i * this->b]);
DBG3("w[%d] %b", i, &w[i * this->b], this->b);
/* c. XKEY = (1 + XKEY + wi) mod 2b */
add_mod(this->b, xkey, &w[i * this->b], sum);
diff --git a/src/libstrongswan/plugins/x509/x509_ac.c b/src/libstrongswan/plugins/x509/x509_ac.c
index 0b73a3791..fbb8189a6 100644
--- a/src/libstrongswan/plugins/x509/x509_ac.c
+++ b/src/libstrongswan/plugins/x509/x509_ac.c
@@ -153,30 +153,21 @@ struct private_x509_ac_t {
refcount_t ref;
};
-static u_char ASN1_group_oid_str[] = {
+static chunk_t ASN1_group_oid = chunk_from_chars(
0x06, 0x08,
0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x0a ,0x04
-};
-
-static const chunk_t ASN1_group_oid = chunk_from_buf(ASN1_group_oid_str);
-
-static u_char ASN1_authorityKeyIdentifier_oid_str[] = {
+);
+static chunk_t ASN1_authorityKeyIdentifier_oid = chunk_from_chars(
0x06, 0x03,
0x55, 0x1d, 0x23
-};
-
-static const chunk_t ASN1_authorityKeyIdentifier_oid =
- chunk_from_buf(ASN1_authorityKeyIdentifier_oid_str);
-
-static u_char ASN1_noRevAvail_ext_str[] = {
+);
+static chunk_t ASN1_noRevAvail_ext = chunk_from_chars(
0x30, 0x09,
0x06, 0x03,
0x55, 0x1d, 0x38,
0x04, 0x02,
0x05, 0x00
-};
-
-static const chunk_t ASN1_noRevAvail_ext = chunk_from_buf(ASN1_noRevAvail_ext_str);
+);
/**
* declaration of function implemented in x509_cert.c
diff --git a/src/libstrongswan/plugins/x509/x509_cert.c b/src/libstrongswan/plugins/x509/x509_cert.c
index 0d9411fc0..a4bd628c8 100644
--- a/src/libstrongswan/plugins/x509/x509_cert.c
+++ b/src/libstrongswan/plugins/x509/x509_cert.c
@@ -171,10 +171,9 @@ struct private_x509_cert_t {
refcount_t ref;
};
-static u_char ASN1_sAN_oid_buf[] = {
+static const chunk_t ASN1_subjectAltName_oid = chunk_from_chars(
0x06, 0x03, 0x55, 0x1D, 0x11
-};
-static const chunk_t ASN1_subjectAltName_oid = chunk_from_buf(ASN1_sAN_oid_buf);
+);
/**
* ASN.1 definition of a basicConstraints extension
@@ -1341,16 +1340,16 @@ static bool generate(private_x509_cert_t *cert, certificate_t *sign_cert,
if (cert->flags & X509_CA)
{
- chunk_t yes, keyid;
+ chunk_t keyid;
- yes = chunk_alloca(1);
- yes.ptr[0] = 0xFF;
basicConstraints = asn1_wrap(ASN1_SEQUENCE, "mmm",
asn1_build_known_oid(OID_BASIC_CONSTRAINTS),
- asn1_wrap(ASN1_BOOLEAN, "c", yes),
+ asn1_wrap(ASN1_BOOLEAN, "c",
+ chunk_from_chars(0xFF)),
asn1_wrap(ASN1_OCTET_STRING, "m",
asn1_wrap(ASN1_SEQUENCE, "m",
- asn1_wrap(ASN1_BOOLEAN, "c", yes))));
+ asn1_wrap(ASN1_BOOLEAN, "c",
+ chunk_from_chars(0xFF)))));
/* add subjectKeyIdentifier to CA certificates */
if (cert->public_key->get_fingerprint(cert->public_key,
KEY_ID_PUBKEY_SHA1, &keyid))
diff --git a/src/libstrongswan/plugins/x509/x509_ocsp_request.c b/src/libstrongswan/plugins/x509/x509_ocsp_request.c
index e0d9905f1..f86f87751 100644
--- a/src/libstrongswan/plugins/x509/x509_ocsp_request.c
+++ b/src/libstrongswan/plugins/x509/x509_ocsp_request.c
@@ -81,29 +81,23 @@ struct private_x509_ocsp_request_t {
refcount_t ref;
};
-static u_char ASN1_nonce_oid_str[] = {
+static const chunk_t ASN1_nonce_oid = chunk_from_chars(
0x06, 0x09,
0x2B, 0x06,
0x01, 0x05, 0x05, 0x07, 0x30, 0x01, 0x02
-};
-
-static u_char ASN1_response_oid_str[] = {
+);
+static const chunk_t ASN1_response_oid = chunk_from_chars(
0x06, 0x09,
0x2B, 0x06,
0x01, 0x05, 0x05, 0x07, 0x30, 0x01, 0x04
-};
-
-static u_char ASN1_response_content_str[] = {
+);
+static const chunk_t ASN1_response_content = chunk_from_chars(
0x04, 0x0D,
0x30, 0x0B,
0x06, 0x09,
0x2B, 0x06,
0x01, 0x05, 0x05, 0x07, 0x30, 0x01, 0x01
-};
-
-static const chunk_t ASN1_nonce_oid = chunk_from_buf(ASN1_nonce_oid_str);
-static const chunk_t ASN1_response_oid = chunk_from_buf(ASN1_response_oid_str);
-static const chunk_t ASN1_response_content = chunk_from_buf(ASN1_response_content_str);
+);
/**
* build requestorName
diff --git a/src/libstrongswan/plugins/x509/x509_ocsp_response.c b/src/libstrongswan/plugins/x509/x509_ocsp_response.c
index 2b60df323..02713ad33 100644
--- a/src/libstrongswan/plugins/x509/x509_ocsp_response.c
+++ b/src/libstrongswan/plugins/x509/x509_ocsp_response.c
@@ -130,29 +130,23 @@ typedef struct {
#define OCSP_BASIC_RESPONSE_VERSION 1
/* some OCSP specific prefabricated ASN.1 constants */
-static u_char ASN1_nonce_oid_str[] = {
+static const chunk_t ASN1_nonce_oid = chunk_from_chars(
0x06, 0x09,
0x2B, 0x06,
0x01, 0x05, 0x05, 0x07, 0x30, 0x01, 0x02
-};
-
-static u_char ASN1_response_oid_str[] = {
+);
+static const chunk_t ASN1_response_oid = chunk_from_chars(
0x06, 0x09,
0x2B, 0x06,
0x01, 0x05, 0x05, 0x07, 0x30, 0x01, 0x04
-};
-
-static u_char ASN1_response_content_str[] = {
+);
+static const chunk_t ASN1_response_content = chunk_from_chars(
0x04, 0x0D,
0x30, 0x0B,
0x06, 0x09,
0x2B, 0x06,
0x01, 0x05, 0x05, 0x07, 0x30, 0x01, 0x01
-};
-
-static const chunk_t ASN1_nonce_oid = chunk_from_buf(ASN1_nonce_oid_str);
-static const chunk_t ASN1_response_oid = chunk_from_buf(ASN1_response_oid_str);
-static const chunk_t ASN1_response_content = chunk_from_buf(ASN1_response_content_str);
+);
/**
* Implementaiton of ocsp_response_t.get_status
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-25 17:12:07 +0000