diff options
Diffstat (limited to 'src/swanctl')
| -rw-r--r-- | src/swanctl/Makefile.am | 3 | ||||
| -rw-r--r-- | src/swanctl/commands/load_creds.c | 23 | ||||
| -rw-r--r-- | src/swanctl/swanctl.h | 18 |
3 files changed, 38 insertions, 6 deletions
diff --git a/src/swanctl/Makefile.am b/src/swanctl/Makefile.am index 0000c4cb3..5b6b8e4be 100644 --- a/src/swanctl/Makefile.am +++ b/src/swanctl/Makefile.am @@ -64,10 +64,13 @@ install-data-local: swanctl.conf test -e "$(DESTDIR)$(swanctldir)/x509" || $(INSTALL) -d "$(DESTDIR)$(swanctldir)/x509" || true test -e "$(DESTDIR)$(swanctldir)/x509ca" || $(INSTALL) -d "$(DESTDIR)$(swanctldir)/x509ca" || true test -e "$(DESTDIR)$(swanctldir)/x509aa" || $(INSTALL) -d "$(DESTDIR)$(swanctldir)/x509aa" || true + test -e "$(DESTDIR)$(swanctldir)/x509ocsp" || $(INSTALL) -d "$(DESTDIR)$(swanctldir)/x509ocsp" || true test -e "$(DESTDIR)$(swanctldir)/x509crl" || $(INSTALL) -d "$(DESTDIR)$(swanctldir)/x509crl" || true test -e "$(DESTDIR)$(swanctldir)/x509ac" || $(INSTALL) -d "$(DESTDIR)$(swanctldir)/x509ac" || true + test -e "$(DESTDIR)$(swanctldir)/pubkey" || $(INSTALL) -d "$(DESTDIR)$(swanctldir)/pubkey" || true test -e "$(DESTDIR)$(swanctldir)/rsa" || $(INSTALL) -d -m 750 "$(DESTDIR)$(swanctldir)/rsa" || true test -e "$(DESTDIR)$(swanctldir)/ecdsa" || $(INSTALL) -d -m 750 "$(DESTDIR)$(swanctldir)/ecdsa" || true + test -e "$(DESTDIR)$(swanctldir)/bliss" || $(INSTALL) -d -m 750 "$(DESTDIR)$(swanctldir)/bliss" || true test -e "$(DESTDIR)$(swanctldir)/pkcs8" || $(INSTALL) -d -m 750 "$(DESTDIR)$(swanctldir)/pkcs8" || true test -e "$(DESTDIR)$(swanctldir)/pkcs12" || $(INSTALL) -d -m 750 "$(DESTDIR)$(swanctldir)/pkcs12" || true test -e "$(DESTDIR)$(swanctldir)/swanctl.conf" || $(INSTALL) -m 640 $(srcdir)/swanctl.conf $(DESTDIR)$(swanctldir)/swanctl.conf || true diff --git a/src/swanctl/commands/load_creds.c b/src/swanctl/commands/load_creds.c index d2ebc22eb..d27b0fbf3 100644 --- a/src/swanctl/commands/load_creds.c +++ b/src/swanctl/commands/load_creds.c @@ -2,6 +2,9 @@ * Copyright (C) 2014 Martin Willi * Copyright (C) 2014 revosec AG * + * Copyright (C) 2015 Andreas Steffen + * HSR Hochschule fuer Technik Rapperswil + * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the * Free Software Foundation; either version 2 of the License, or (at your @@ -171,6 +174,9 @@ static bool load_key_anytype(vici_conn_t *conn, command_format_options_t format, case KEY_ECDSA: loaded = load_key(conn, format, path, "ecdsa", encoding); break; + case KEY_BLISS: + loaded = load_key(conn, format, path, "bliss", encoding); + break; default: fprintf(stderr, "unsupported key type in '%s'\n", path); break; @@ -237,6 +243,7 @@ static bool determine_credtype(char *type, credential_type_t *credtype, { "pkcs8", CRED_PRIVATE_KEY, KEY_ANY, }, { "rsa", CRED_PRIVATE_KEY, KEY_RSA, }, { "ecdsa", CRED_PRIVATE_KEY, KEY_ECDSA, }, + { "bliss", CRED_PRIVATE_KEY, KEY_BLISS, }, { "pkcs12", CRED_CONTAINER, CONTAINER_PKCS12, }, }; int i; @@ -548,6 +555,7 @@ static bool load_secret(vici_conn_t *conn, settings_t *cfg, "ike", "rsa", "ecdsa", + "bliss", "pkcs8", "pkcs12", }; @@ -672,14 +680,17 @@ int load_creds_cfg(vici_conn_t *conn, command_format_options_t format, } } - load_certs(conn, format, "x509", SWANCTL_X509DIR); - load_certs(conn, format, "x509ca", SWANCTL_X509CADIR); - load_certs(conn, format, "x509aa", SWANCTL_X509AADIR); - load_certs(conn, format, "x509crl", SWANCTL_X509CRLDIR); - load_certs(conn, format, "x509ac", SWANCTL_X509ACDIR); + load_certs(conn, format, "x509", SWANCTL_X509DIR); + load_certs(conn, format, "x509ca", SWANCTL_X509CADIR); + load_certs(conn, format, "x509aa", SWANCTL_X509AADIR); + load_certs(conn, format, "x509crl", SWANCTL_X509CRLDIR); + load_certs(conn, format, "x509ac", SWANCTL_X509ACDIR); + load_certs(conn, format, "x509ocsp", SWANCTL_X509OCSPDIR); + load_certs(conn, format, "pubkey", SWANCTL_PUBKEYDIR); - load_keys(conn, format, noprompt, cfg, "rsa", SWANCTL_RSADIR); + load_keys(conn, format, noprompt, cfg, "rsa", SWANCTL_RSADIR); load_keys(conn, format, noprompt, cfg, "ecdsa", SWANCTL_ECDSADIR); + load_keys(conn, format, noprompt, cfg, "bliss", SWANCTL_BLISSDIR); load_keys(conn, format, noprompt, cfg, "pkcs8", SWANCTL_PKCS8DIR); load_containers(conn, format, noprompt, cfg, "pkcs12", SWANCTL_PKCS12DIR); diff --git a/src/swanctl/swanctl.h b/src/swanctl/swanctl.h index cb570cd34..560e89513 100644 --- a/src/swanctl/swanctl.h +++ b/src/swanctl/swanctl.h @@ -2,6 +2,9 @@ * Copyright (C) 2014 Martin Willi * Copyright (C) 2014 revosec AG * + * Copyright (C) 2015 Andreas Steffen + * HSR Hochschule fuer Technik Rapperswil + * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the * Free Software Foundation; either version 2 of the License, or (at your @@ -42,6 +45,11 @@ #define SWANCTL_X509AADIR SWANCTLDIR "/x509aa" /** + * Directory for X.509 OCSP Signer certs + */ +#define SWANCTL_X509OCSPDIR SWANCTLDIR "/x509ocsp" + +/** * Directory for X.509 CRLs */ #define SWANCTL_X509CRLDIR SWANCTLDIR "/x509crl" @@ -52,6 +60,11 @@ #define SWANCTL_X509ACDIR SWANCTLDIR "/x509ac" /** + * Directory for raw public keys + */ +#define SWANCTL_PUBKEYDIR SWANCTLDIR "/pubkey" + +/** * Directory for RSA private keys */ #define SWANCTL_RSADIR SWANCTLDIR "/rsa" @@ -62,6 +75,11 @@ #define SWANCTL_ECDSADIR SWANCTLDIR "/ecdsa" /** + * Directory for BLISS private keys + */ +#define SWANCTL_BLISSDIR SWANCTLDIR "/bliss" + +/** * Directory for PKCS#8 encoded private keys */ #define SWANCTL_PKCS8DIR SWANCTLDIR "/pkcs8" |