diff options
Diffstat (limited to 'src/libstrongswan')
| -rw-r--r-- | src/libstrongswan/credentials/certificates/certificate.h | 10 | ||||
| -rw-r--r-- | src/libstrongswan/credentials/cred_encoding.h | 21 | ||||
| -rw-r--r-- | src/libstrongswan/plugins/openssl/openssl_crl.c | 17 | ||||
| -rw-r--r-- | src/libstrongswan/plugins/openssl/openssl_x509.c | 18 | ||||
| -rw-r--r-- | src/libstrongswan/plugins/pgp/pgp_cert.c | 18 | ||||
| -rw-r--r-- | src/libstrongswan/plugins/pubkey/pubkey_cert.c | 13 | ||||
| -rw-r--r-- | src/libstrongswan/plugins/revocation/revocation_validator.c | 7 | ||||
| -rw-r--r-- | src/libstrongswan/plugins/x509/x509_ac.c | 18 | ||||
| -rw-r--r-- | src/libstrongswan/plugins/x509/x509_cert.c | 18 | ||||
| -rw-r--r-- | src/libstrongswan/plugins/x509/x509_crl.c | 17 | ||||
| -rw-r--r-- | src/libstrongswan/plugins/x509/x509_ocsp_request.c | 26 | ||||
| -rw-r--r-- | src/libstrongswan/plugins/x509/x509_ocsp_response.c | 18 | ||||
| -rw-r--r-- | src/libstrongswan/plugins/x509/x509_pkcs10.c | 18 |
13 files changed, 166 insertions, 53 deletions
diff --git a/src/libstrongswan/credentials/certificates/certificate.h b/src/libstrongswan/credentials/certificates/certificate.h index dcb5f3692..43bfe3dc1 100644 --- a/src/libstrongswan/credentials/certificates/certificate.h +++ b/src/libstrongswan/credentials/certificates/certificate.h @@ -28,6 +28,7 @@ typedef enum cert_validation_t cert_validation_t; #include <library.h> #include <utils/identification.h> #include <credentials/keys/public_key.h> +#include <credentials/cred_encoding.h> /** * Kind of a certificate_t @@ -163,11 +164,14 @@ struct certificate_t { time_t *not_before, time_t *not_after); /** - * Get the certificate in an encoded form. + * Get the certificate in an encoded form as a chunk. * - * @return allocated chunk of encoded cert + * @param type type of the encoding, one of CERT_* + * @param encoding encoding of the key, allocated + * @return TRUE if encoding supported */ - chunk_t (*get_encoding)(certificate_t *this); + bool (*get_encoding)(certificate_t *this, cred_encoding_type_t type, + chunk_t *encoding); /** * Check if two certificates are equal. diff --git a/src/libstrongswan/credentials/cred_encoding.h b/src/libstrongswan/credentials/cred_encoding.h index 04104fdad..e2d69691e 100644 --- a/src/libstrongswan/credentials/cred_encoding.h +++ b/src/libstrongswan/credentials/cred_encoding.h @@ -86,6 +86,13 @@ enum cred_encoding_type_t { PUBKEY_PGP, PRIVKEY_PGP, + /** ASN.1 DER encoded certificate */ + CERT_ASN1_DER, + /** PEM encoded certificate */ + CERT_PEM, + /** PGP Packet encoded certificate */ + CERT_PGP_PKT, + CRED_ENCODING_MAX, }; @@ -117,6 +124,20 @@ enum cred_encoding_part_t { CRED_PART_ECDSA_PUB_ASN1_DER, /** a DER encoded ECDSA private key */ CRED_PART_ECDSA_PRIV_ASN1_DER, + /** a DER encoded X509 certificate */ + CRED_PART_X509_ASN1_DER, + /** a DER encoded X509 CRL */ + CRED_PART_X509_CRL_ASN1_DER, + /** a DER encoded X509 OCSP request */ + CRED_PART_X509_OCSP_REQ_ASN1_DER, + /** a DER encoded X509 OCSP response */ + CRED_PART_X509_OCSP_RES_ASN1_DER, + /** a DER encoded X509 attribute certificate */ + CRED_PART_X509_AC_ASN1_DER, + /** a DER encoded PKCS10 certificate request */ + CRED_PART_PKCS10_ASN1_DER, + /** a PGP encoded certificate */ + CRED_PART_PGP_CERT, CRED_PART_END, }; diff --git a/src/libstrongswan/plugins/openssl/openssl_crl.c b/src/libstrongswan/plugins/openssl/openssl_crl.c index 3fe604a8a..5645d72d7 100644 --- a/src/libstrongswan/plugins/openssl/openssl_crl.c +++ b/src/libstrongswan/plugins/openssl/openssl_crl.c @@ -296,10 +296,16 @@ METHOD(certificate_t, get_validity, bool, return t <= this->nextUpdate; } -METHOD(certificate_t, get_encoding, chunk_t, - private_openssl_crl_t *this) +METHOD(certificate_t, get_encoding, bool, + private_openssl_crl_t *this, cred_encoding_type_t type, chunk_t *encoding) { - return chunk_clone(this->encoding); + if (type == CERT_ASN1_DER) + { + *encoding = chunk_clone(this->encoding); + return TRUE; + } + return lib->encoding->encode(lib->encoding, type, NULL, encoding, + CRED_PART_X509_CRL_ASN1_DER, this->encoding, CRED_PART_END); } METHOD(certificate_t, equals, bool, @@ -317,7 +323,10 @@ METHOD(certificate_t, equals, bool, return chunk_equals(this->encoding, ((private_openssl_crl_t*)other)->encoding); } - encoding = other->get_encoding(other); + if (!other->get_encoding(other, CERT_ASN1_DER, &encoding)) + { + return FALSE; + } equal = chunk_equals(this->encoding, encoding); free(encoding.ptr); return equal; diff --git a/src/libstrongswan/plugins/openssl/openssl_x509.c b/src/libstrongswan/plugins/openssl/openssl_x509.c index b6a839408..1c9bb699e 100644 --- a/src/libstrongswan/plugins/openssl/openssl_x509.c +++ b/src/libstrongswan/plugins/openssl/openssl_x509.c @@ -393,12 +393,19 @@ METHOD(certificate_t, get_validity, bool, return (t >= this->notBefore && t <= this->notAfter); } -METHOD(certificate_t, get_encoding, chunk_t, - private_openssl_x509_t *this) +METHOD(certificate_t, get_encoding, bool, + private_openssl_x509_t *this, cred_encoding_type_t type, chunk_t *encoding) { - return chunk_clone(this->encoding); + if (type == CERT_ASN1_DER) + { + *encoding = chunk_clone(this->encoding); + return TRUE; + } + return lib->encoding->encode(lib->encoding, type, NULL, encoding, + CRED_PART_X509_ASN1_DER, this->encoding, CRED_PART_END); } + METHOD(certificate_t, equals, bool, private_openssl_x509_t *this, certificate_t *other) { @@ -418,7 +425,10 @@ METHOD(certificate_t, equals, bool, encoding = ((private_openssl_x509_t*)other)->encoding; return chunk_equals(this->encoding, encoding); } - encoding = other->get_encoding(other); + if (!other->get_encoding(other, CERT_ASN1_DER, &encoding)) + { + return FALSE; + } equal = chunk_equals(this->encoding, encoding); free(encoding.ptr); return equal; diff --git a/src/libstrongswan/plugins/pgp/pgp_cert.c b/src/libstrongswan/plugins/pgp/pgp_cert.c index ab0b24e82..5b21b46d4 100644 --- a/src/libstrongswan/plugins/pgp/pgp_cert.c +++ b/src/libstrongswan/plugins/pgp/pgp_cert.c @@ -190,9 +190,16 @@ static bool get_validity(private_pgp_cert_t *this, time_t *when, /** * Implementation of certificate_t.get_encoding. */ -static chunk_t get_encoding(private_pgp_cert_t *this) +static bool get_encoding(private_pgp_cert_t *this, cred_encoding_type_t type, + chunk_t *encoding) { - return chunk_clone(this->encoding); + if (type == CERT_PGP_PKT) + { + *encoding = chunk_clone(this->encoding); + return TRUE; + } + return lib->encoding->encode(lib->encoding, type, NULL, encoding, + CRED_PART_PGP_CERT, this->encoding, CRED_PART_END); } /** @@ -215,7 +222,10 @@ static bool equals(private_pgp_cert_t *this, certificate_t *other) { /* skip allocation if we have the same implementation */ return chunk_equals(this->encoding, ((private_pgp_cert_t*)other)->encoding); } - encoding = other->get_encoding(other); + if (!other->get_encoding(other, CERT_PGP_PKT, &encoding)) + { + return FALSE; + } equal = chunk_equals(this->encoding, encoding); free(encoding.ptr); return equal; @@ -259,7 +269,7 @@ private_pgp_cert_t *create_empty() this->public.interface.interface.issued_by = (bool (*) (certificate_t*, certificate_t*))issued_by; this->public.interface.interface.get_public_key = (public_key_t* (*) (certificate_t*))get_public_key; this->public.interface.interface.get_validity = (bool (*) (certificate_t*, time_t*, time_t*, time_t*))get_validity; - this->public.interface.interface.get_encoding = (chunk_t (*) (certificate_t*))get_encoding; + this->public.interface.interface.get_encoding = (bool (*) (certificate_t*,cred_encoding_type_t,chunk_t*))get_encoding; this->public.interface.interface.equals = (bool (*)(certificate_t*, certificate_t*))equals; this->public.interface.interface.get_ref = (certificate_t* (*)(certificate_t*))get_ref; this->public.interface.interface.destroy = (void (*)(certificate_t*))destroy; diff --git a/src/libstrongswan/plugins/pubkey/pubkey_cert.c b/src/libstrongswan/plugins/pubkey/pubkey_cert.c index f2dcd71a1..c50189a8b 100644 --- a/src/libstrongswan/plugins/pubkey/pubkey_cert.c +++ b/src/libstrongswan/plugins/pubkey/pubkey_cert.c @@ -163,15 +163,10 @@ static bool get_validity(private_pubkey_cert_t *this, time_t *when, /** * Implementation of certificate_t.get_encoding. */ -static chunk_t get_encoding(private_pubkey_cert_t *this) +static bool get_encoding(private_pubkey_cert_t *this, cred_encoding_type_t type, + chunk_t *encoding) { - chunk_t encoding; - - if (this->key->get_encoding(this->key, PUBKEY_ASN1_DER, &encoding)) - { - return encoding; - } - return chunk_empty; + return this->key->get_encoding(this->key, PUBKEY_ASN1_DER, encoding); } /** @@ -213,7 +208,7 @@ static pubkey_cert_t *pubkey_cert_create(public_key_t *key) this->public.interface.issued_by = (bool (*)(certificate_t *this, certificate_t *issuer))issued_by; this->public.interface.get_public_key = (public_key_t* (*)(certificate_t *this))get_public_key; this->public.interface.get_validity = (bool (*)(certificate_t*, time_t *when, time_t *, time_t*))get_validity; - this->public.interface.get_encoding = (chunk_t (*)(certificate_t*))get_encoding; + this->public.interface.get_encoding = (bool (*)(certificate_t*,cred_encoding_type_t,chunk_t*))get_encoding; this->public.interface.equals = (bool (*)(certificate_t*, certificate_t *other))equals; this->public.interface.get_ref = (certificate_t* (*)(certificate_t *this))get_ref; this->public.interface.destroy = (void (*)(certificate_t *this))destroy; diff --git a/src/libstrongswan/plugins/revocation/revocation_validator.c b/src/libstrongswan/plugins/revocation/revocation_validator.c index 2893c7cf2..29d2bc128 100644 --- a/src/libstrongswan/plugins/revocation/revocation_validator.c +++ b/src/libstrongswan/plugins/revocation/revocation_validator.c @@ -58,7 +58,12 @@ static certificate_t *fetch_ocsp(char *url, certificate_t *subject, return NULL; } - send = request->get_encoding(request); + if (!request->get_encoding(request, CERT_ASN1_DER, &send)) + { + DBG1(DBG_CFG, "encoding ocsp request failed"); + request->destroy(request); + return NULL; + } request->destroy(request); DBG1(DBG_CFG, " requesting ocsp status from '%s' ...", url); diff --git a/src/libstrongswan/plugins/x509/x509_ac.c b/src/libstrongswan/plugins/x509/x509_ac.c index 45b5cdff4..ba0357cc4 100644 --- a/src/libstrongswan/plugins/x509/x509_ac.c +++ b/src/libstrongswan/plugins/x509/x509_ac.c @@ -815,9 +815,16 @@ static bool get_validity(private_x509_ac_t *this, time_t *when, /** * Implementation of certificate_t.get_encoding. */ -static chunk_t get_encoding(private_x509_ac_t *this) +static bool get_encoding(private_x509_ac_t *this, cred_encoding_type_t type, + chunk_t *encoding) { - return chunk_clone(this->encoding); + if (type == CERT_ASN1_DER) + { + *encoding = chunk_clone(this->encoding); + return TRUE; + } + return lib->encoding->encode(lib->encoding, type, NULL, encoding, + CRED_PART_X509_AC_ASN1_DER, this->encoding, CRED_PART_END); } /** @@ -836,7 +843,10 @@ static bool equals(private_x509_ac_t *this, certificate_t *other) { /* skip allocation if we have the same implementation */ return chunk_equals(this->encoding, ((private_x509_ac_t*)other)->encoding); } - encoding = other->get_encoding(other); + if (!other->get_encoding(other, CERT_ASN1_DER, &encoding)) + { + return FALSE; + } equal = chunk_equals(this->encoding, encoding); free(encoding.ptr); return equal; @@ -885,7 +895,7 @@ static private_x509_ac_t *create_empty(void) this->public.interface.certificate.issued_by = (bool (*)(certificate_t *this, certificate_t *issuer))issued_by; this->public.interface.certificate.get_public_key = (public_key_t* (*)(certificate_t *this))get_public_key; this->public.interface.certificate.get_validity = (bool(*)(certificate_t*, time_t *when, time_t *, time_t*))get_validity; - this->public.interface.certificate.get_encoding = (chunk_t(*)(certificate_t*))get_encoding; + this->public.interface.certificate.get_encoding = (bool(*)(certificate_t*,cred_encoding_type_t,chunk_t*))get_encoding; this->public.interface.certificate.equals = (bool(*)(certificate_t*, certificate_t *other))equals; this->public.interface.certificate.get_ref = (certificate_t* (*)(certificate_t *this))get_ref; this->public.interface.certificate.destroy = (void (*)(certificate_t *this))destroy; diff --git a/src/libstrongswan/plugins/x509/x509_cert.c b/src/libstrongswan/plugins/x509/x509_cert.c index e64c9f0a7..92b576aa5 100644 --- a/src/libstrongswan/plugins/x509/x509_cert.c +++ b/src/libstrongswan/plugins/x509/x509_cert.c @@ -1221,9 +1221,16 @@ static bool get_validity(private_x509_cert_t *this, time_t *when, /** * Implementation of certificate_t.get_encoding. */ -static chunk_t get_encoding(private_x509_cert_t *this) +static bool get_encoding(private_x509_cert_t *this, cred_encoding_type_t type, + chunk_t *encoding) { - return chunk_clone(this->encoding); + if (type == CERT_ASN1_DER) + { + *encoding = chunk_clone(this->encoding); + return TRUE; + } + return lib->encoding->encode(lib->encoding, type, NULL, encoding, + CRED_PART_X509_ASN1_DER, this->encoding, CRED_PART_END); } /** @@ -1246,7 +1253,10 @@ static bool equals(private_x509_cert_t *this, certificate_t *other) { /* skip allocation if we have the same implementation */ return chunk_equals(this->encoding, ((private_x509_cert_t*)other)->encoding); } - encoding = other->get_encoding(other); + if (!other->get_encoding(other, CERT_ASN1_DER, &encoding)) + { + return FALSE; + } equal = chunk_equals(this->encoding, encoding); free(encoding.ptr); return equal; @@ -1376,7 +1386,7 @@ static private_x509_cert_t* create_empty(void) this->public.interface.interface.issued_by = (bool (*) (certificate_t*, certificate_t*))issued_by; this->public.interface.interface.get_public_key = (public_key_t* (*) (certificate_t*))get_public_key; this->public.interface.interface.get_validity = (bool (*) (certificate_t*, time_t*, time_t*, time_t*))get_validity; - this->public.interface.interface.get_encoding = (chunk_t (*) (certificate_t*))get_encoding; + this->public.interface.interface.get_encoding = (bool (*) (certificate_t*,cred_encoding_type_t,chunk_t*))get_encoding; this->public.interface.interface.equals = (bool (*)(certificate_t*, certificate_t*))equals; this->public.interface.interface.get_ref = (certificate_t* (*)(certificate_t*))get_ref; this->public.interface.interface.destroy = (void (*)(certificate_t*))destroy; diff --git a/src/libstrongswan/plugins/x509/x509_crl.c b/src/libstrongswan/plugins/x509/x509_crl.c index 88d901a83..4bd0470d3 100644 --- a/src/libstrongswan/plugins/x509/x509_crl.c +++ b/src/libstrongswan/plugins/x509/x509_crl.c @@ -457,10 +457,16 @@ METHOD(certificate_t, get_validity, bool, return (t <= this->nextUpdate); } -METHOD(certificate_t, get_encoding, chunk_t, - private_x509_crl_t *this) +METHOD(certificate_t, get_encoding, bool, + private_x509_crl_t *this, cred_encoding_type_t type, chunk_t *encoding) { - return chunk_clone(this->encoding); + if (type == CERT_ASN1_DER) + { + *encoding = chunk_clone(this->encoding); + return TRUE; + } + return lib->encoding->encode(lib->encoding, type, NULL, encoding, + CRED_PART_X509_CRL_ASN1_DER, this->encoding, CRED_PART_END); } METHOD(certificate_t, equals, bool, @@ -477,7 +483,10 @@ METHOD(certificate_t, equals, bool, { /* skip allocation if we have the same implementation */ return chunk_equals(this->encoding, ((private_x509_crl_t*)other)->encoding); } - encoding = other->get_encoding(other); + if (!other->get_encoding(other, CERT_ASN1_DER, &encoding)) + { + return FALSE; + } equal = chunk_equals(this->encoding, encoding); free(encoding.ptr); return equal; diff --git a/src/libstrongswan/plugins/x509/x509_ocsp_request.c b/src/libstrongswan/plugins/x509/x509_ocsp_request.c index 99e07891c..ea02cbab5 100644 --- a/src/libstrongswan/plugins/x509/x509_ocsp_request.c +++ b/src/libstrongswan/plugins/x509/x509_ocsp_request.c @@ -250,7 +250,7 @@ static chunk_t build_optionalSignature(private_x509_ocsp_request_t *this, { int oid; signature_scheme_t scheme; - chunk_t certs, signature; + chunk_t certs, signature, encoding; switch (this->key->get_type(this->key)) { @@ -274,11 +274,11 @@ static chunk_t build_optionalSignature(private_x509_ocsp_request_t *this, DBG1(DBG_LIB, "creating OCSP signature failed, skipped"); return chunk_empty; } - if (this->cert) + if (this->cert && + this->cert->get_encoding(this->cert, CERT_ASN1_DER, &encoding)) { certs = asn1_wrap(ASN1_CONTEXT_C_0, "m", - asn1_wrap(ASN1_SEQUENCE, "m", - this->cert->get_encoding(this->cert))); + asn1_wrap(ASN1_SEQUENCE, "m", encoding)); } return asn1_wrap(ASN1_CONTEXT_C_0, "m", asn1_wrap(ASN1_SEQUENCE, "cmm", @@ -413,9 +413,16 @@ static bool get_validity(private_x509_ocsp_request_t *this, time_t *when, /** * Implementation of certificate_t.get_encoding. */ -static chunk_t get_encoding(private_x509_ocsp_request_t *this) +static bool get_encoding(private_x509_ocsp_request_t *this, + cred_encoding_type_t type, chunk_t *encoding) { - return chunk_clone(this->encoding); + if (type == CERT_ASN1_DER) + { + *encoding = chunk_clone(this->encoding); + return TRUE; + } + return lib->encoding->encode(lib->encoding, type, NULL, encoding, + CRED_PART_X509_OCSP_REQ_ASN1_DER, this->encoding, CRED_PART_END); } /** @@ -438,7 +445,10 @@ static bool equals(private_x509_ocsp_request_t *this, certificate_t *other) { /* skip allocation if we have the same implementation */ return chunk_equals(this->encoding, ((private_x509_ocsp_request_t*)other)->encoding); } - encoding = other->get_encoding(other); + if (!other->get_encoding(other, CERT_ASN1_DER, &encoding)) + { + return FALSE; + } equal = chunk_equals(this->encoding, encoding); free(encoding.ptr); return equal; @@ -486,7 +496,7 @@ static private_x509_ocsp_request_t *create_empty() this->public.interface.interface.issued_by = (bool (*)(certificate_t *this, certificate_t *issuer))issued_by; this->public.interface.interface.get_public_key = (public_key_t* (*)(certificate_t *this))get_public_key; this->public.interface.interface.get_validity = (bool(*)(certificate_t*, time_t *when, time_t *, time_t*))get_validity; - this->public.interface.interface.get_encoding = (chunk_t(*)(certificate_t*))get_encoding; + this->public.interface.interface.get_encoding = (bool(*)(certificate_t*,cred_encoding_type_t,chunk_t*))get_encoding; this->public.interface.interface.equals = (bool(*)(certificate_t*, certificate_t *other))equals; this->public.interface.interface.get_ref = (certificate_t* (*)(certificate_t *this))get_ref; this->public.interface.interface.destroy = (void (*)(certificate_t *this))destroy; diff --git a/src/libstrongswan/plugins/x509/x509_ocsp_response.c b/src/libstrongswan/plugins/x509/x509_ocsp_response.c index cbaf77673..829f47f81 100644 --- a/src/libstrongswan/plugins/x509/x509_ocsp_response.c +++ b/src/libstrongswan/plugins/x509/x509_ocsp_response.c @@ -766,9 +766,16 @@ static bool get_validity(private_x509_ocsp_response_t *this, time_t *when, /** * Implementation of certificate_t.get_encoding. */ -static chunk_t get_encoding(private_x509_ocsp_response_t *this) +static bool get_encoding(private_x509_ocsp_response_t *this, + cred_encoding_type_t type, chunk_t *encoding) { - return chunk_clone(this->encoding); + if (type == CERT_ASN1_DER) + { + *encoding = chunk_clone(this->encoding); + return TRUE; + } + return lib->encoding->encode(lib->encoding, type, NULL, encoding, + CRED_PART_X509_OCSP_RES_ASN1_DER, this->encoding, CRED_PART_END); } /** @@ -791,7 +798,10 @@ static bool equals(private_x509_ocsp_response_t *this, certificate_t *other) { /* skip allocation if we have the same implementation */ return chunk_equals(this->encoding, ((private_x509_ocsp_response_t*)other)->encoding); } - encoding = other->get_encoding(other); + if (!other->get_encoding(other, CERT_ASN1_DER, &encoding)) + { + return FALSE; + } equal = chunk_equals(this->encoding, encoding); free(encoding.ptr); return equal; @@ -838,7 +848,7 @@ static x509_ocsp_response_t *load(chunk_t blob) this->public.interface.certificate.issued_by = (bool (*)(certificate_t *this, certificate_t *issuer))issued_by; this->public.interface.certificate.get_public_key = (public_key_t* (*)(certificate_t *this))get_public_key; this->public.interface.certificate.get_validity = (bool(*)(certificate_t*, time_t *when, time_t *, time_t*))get_validity; - this->public.interface.certificate.get_encoding = (chunk_t(*)(certificate_t*))get_encoding; + this->public.interface.certificate.get_encoding = (bool(*)(certificate_t*,cred_encoding_type_t,chunk_t*))get_encoding; this->public.interface.certificate.equals = (bool(*)(certificate_t*, certificate_t *other))equals; this->public.interface.certificate.get_ref = (certificate_t* (*)(certificate_t *this))get_ref; this->public.interface.certificate.destroy = (void (*)(certificate_t *this))destroy; diff --git a/src/libstrongswan/plugins/x509/x509_pkcs10.c b/src/libstrongswan/plugins/x509/x509_pkcs10.c index ec2233a55..bfb0ca621 100644 --- a/src/libstrongswan/plugins/x509/x509_pkcs10.c +++ b/src/libstrongswan/plugins/x509/x509_pkcs10.c @@ -191,9 +191,16 @@ static bool get_validity(private_x509_pkcs10_t *this, time_t *when, /** * Implementation of certificate_t.get_encoding. */ -static chunk_t get_encoding(private_x509_pkcs10_t *this) +static bool get_encoding(private_x509_pkcs10_t *this, cred_encoding_type_t type, + chunk_t *encoding) { - return chunk_clone(this->encoding); + if (type == CERT_ASN1_DER) + { + *encoding = chunk_clone(this->encoding); + return TRUE; + } + return lib->encoding->encode(lib->encoding, type, NULL, encoding, + CRED_PART_PKCS10_ASN1_DER, this->encoding, CRED_PART_END); } /** @@ -216,7 +223,10 @@ static bool equals(private_x509_pkcs10_t *this, certificate_t *other) { /* skip allocation if we have the same implementation */ return chunk_equals(this->encoding, ((private_x509_pkcs10_t*)other)->encoding); } - encoding = other->get_encoding(other); + if (!other->get_encoding(other, CERT_ASN1_DER, &encoding)) + { + return FALSE; + } equal = chunk_equals(this->encoding, encoding); free(encoding.ptr); return equal; @@ -504,7 +514,7 @@ static private_x509_pkcs10_t* create_empty(void) this->public.interface.interface.issued_by = (bool (*) (certificate_t*, certificate_t*))issued_by; this->public.interface.interface.get_public_key = (public_key_t* (*) (certificate_t*))get_public_key; this->public.interface.interface.get_validity = (bool (*) (certificate_t*, time_t*, time_t*, time_t*))get_validity; - this->public.interface.interface.get_encoding = (chunk_t (*) (certificate_t*))get_encoding; + this->public.interface.interface.get_encoding = (bool (*) (certificate_t*,cred_encoding_type_t,chunk_t*))get_encoding; this->public.interface.interface.equals = (bool (*)(certificate_t*, certificate_t*))equals; this->public.interface.interface.get_ref = (certificate_t* (*)(certificate_t*))get_ref; this->public.interface.interface.destroy = (void (*)(certificate_t*))destroy; |