diff options
Diffstat (limited to 'src')
14 files changed, 83 insertions, 0 deletions
diff --git a/src/libstrongswan/credentials/keys/key_encoding.h b/src/libstrongswan/credentials/keys/key_encoding.h index 3e6945a88..b97d78e09 100644 --- a/src/libstrongswan/credentials/keys/key_encoding.h +++ b/src/libstrongswan/credentials/keys/key_encoding.h @@ -72,6 +72,8 @@ enum key_encoding_type_t { /** PGPv4 fingerprint */ KEY_ID_PGPV4, + KEY_ID_MAX, + /** PKCS#1 and similar ASN.1 key encoding */ KEY_PUB_ASN1_DER, KEY_PRIV_ASN1_DER, diff --git a/src/libstrongswan/credentials/keys/private_key.c b/src/libstrongswan/credentials/keys/private_key.c index 05f01e360..c3b5ac55b 100644 --- a/src/libstrongswan/credentials/keys/private_key.c +++ b/src/libstrongswan/credentials/keys/private_key.c @@ -58,3 +58,22 @@ bool private_key_belongs_to(private_key_t *private, public_key_t *public) return FALSE; } +/** + * See header. + */ +bool private_key_has_fingerprint(private_key_t *private, chunk_t fingerprint) +{ + key_encoding_type_t type; + chunk_t current; + + for (type = 0; type < KEY_ID_MAX; type++) + { + if (private->get_fingerprint(private, type, ¤t) && + chunk_equals(current, fingerprint)) + { + return TRUE; + } + } + return FALSE; +} + diff --git a/src/libstrongswan/credentials/keys/private_key.h b/src/libstrongswan/credentials/keys/private_key.h index 79fc9441b..3e8f7866b 100644 --- a/src/libstrongswan/credentials/keys/private_key.h +++ b/src/libstrongswan/credentials/keys/private_key.h @@ -97,6 +97,14 @@ struct private_key_t { chunk_t *fp); /** + * Check if a key has a given fingerprint of any kind. + * + * @param fp fingerprint to check + * @return TRUE if key has given fingerprint + */ + bool (*has_fingerprint)(private_key_t *this, chunk_t fp); + + /** * Get the key in an encoded form as a chunk. * * @param type type of the encoding, one of KEY_PRIV_* @@ -137,4 +145,13 @@ bool private_key_equals(private_key_t *this, private_key_t *other); */ bool private_key_belongs_to(private_key_t *private, public_key_t *public); +/** + * Generic private key has_fingerprint() implementation, usable by implementors. + * + * @param this key to check fingerprint + * @param fp fingerprint to check + * @return TRUE if key has given fingerprint + */ +bool private_key_has_fingerprint(private_key_t *this, chunk_t fingerprint); + #endif /** PRIVATE_KEY_H_ @}*/ diff --git a/src/libstrongswan/credentials/keys/public_key.c b/src/libstrongswan/credentials/keys/public_key.c index fc2b996eb..ba3036793 100644 --- a/src/libstrongswan/credentials/keys/public_key.c +++ b/src/libstrongswan/credentials/keys/public_key.c @@ -66,6 +66,25 @@ bool public_key_equals(public_key_t *this, public_key_t *other) return FALSE; } +/** + * See header. + */ +bool public_key_has_fingerprint(public_key_t *public, chunk_t fingerprint) +{ + key_encoding_type_t type; + chunk_t current; + + for (type = 0; type < KEY_ID_MAX; type++) + { + if (public->get_fingerprint(public, type, ¤t) && + chunk_equals(current, fingerprint)) + { + return TRUE; + } + } + return FALSE; +} + /* * Defined in header. */ diff --git a/src/libstrongswan/credentials/keys/public_key.h b/src/libstrongswan/credentials/keys/public_key.h index 9ec3eb40c..6a8560f4d 100644 --- a/src/libstrongswan/credentials/keys/public_key.h +++ b/src/libstrongswan/credentials/keys/public_key.h @@ -155,6 +155,14 @@ struct public_key_t { chunk_t *fp); /** + * Check if a key has a given fingerprint of any kind. + * + * @param fp fingerprint to check + * @return TRUE if key has given fingerprint + */ + bool (*has_fingerprint)(public_key_t *this, chunk_t fp); + + /** * Get the key in an encoded form as a chunk. * * @param type type of the encoding, one of KEY_PRIV_* @@ -187,6 +195,15 @@ struct public_key_t { bool public_key_equals(public_key_t *this, public_key_t *other); /** + * Generic public key has_fingerprint() implementation, usable by implementors. + * + * @param this key to check fingerprint + * @param fp fingerprint to check + * @return TRUE if key has given fingerprint + */ +bool public_key_has_fingerprint(public_key_t *this, chunk_t fingerprint); + +/** * Conversion of ASN.1 signature or hash OID to signature scheme. * * @param oid ASN.1 OID diff --git a/src/libstrongswan/plugins/agent/agent_private_key.c b/src/libstrongswan/plugins/agent/agent_private_key.c index 2bc6dea34..d0a2da87f 100644 --- a/src/libstrongswan/plugins/agent/agent_private_key.c +++ b/src/libstrongswan/plugins/agent/agent_private_key.c @@ -428,6 +428,7 @@ agent_private_key_t *agent_private_key_open(key_type_t type, va_list args) this->public.interface.belongs_to = private_key_belongs_to; this->public.interface.equals = private_key_equals; this->public.interface.get_fingerprint = (bool(*)(private_key_t*, key_encoding_type_t type, chunk_t *fp))get_fingerprint; + this->public.interface.has_fingerprint = (bool(*)(private_key_t*, chunk_t fp))private_key_has_fingerprint; this->public.interface.get_encoding = (bool(*)(private_key_t*, key_encoding_type_t type, chunk_t *encoding))get_encoding; this->public.interface.get_ref = (private_key_t* (*)(private_key_t *this))get_ref; this->public.interface.destroy = (void (*)(private_key_t *this))destroy; diff --git a/src/libstrongswan/plugins/gcrypt/gcrypt_rsa_private_key.c b/src/libstrongswan/plugins/gcrypt/gcrypt_rsa_private_key.c index afa609211..cd156961e 100644 --- a/src/libstrongswan/plugins/gcrypt/gcrypt_rsa_private_key.c +++ b/src/libstrongswan/plugins/gcrypt/gcrypt_rsa_private_key.c @@ -444,6 +444,7 @@ static private_gcrypt_rsa_private_key_t *gcrypt_rsa_private_key_create_empty() this->public.interface.equals = private_key_equals; this->public.interface.belongs_to = private_key_belongs_to; this->public.interface.get_fingerprint = (bool(*)(private_key_t*, key_encoding_type_t type, chunk_t *fp))get_fingerprint; + this->public.interface.has_fingerprint = (bool(*)(private_key_t*, chunk_t fp))private_key_has_fingerprint; this->public.interface.get_encoding = (bool(*)(private_key_t*, key_encoding_type_t type, chunk_t *encoding))get_encoding; this->public.interface.get_ref = (private_key_t* (*)(private_key_t *this))get_ref; this->public.interface.destroy = (void (*)(private_key_t *this))destroy; diff --git a/src/libstrongswan/plugins/gcrypt/gcrypt_rsa_public_key.c b/src/libstrongswan/plugins/gcrypt/gcrypt_rsa_public_key.c index 5850ace94..e083fac94 100644 --- a/src/libstrongswan/plugins/gcrypt/gcrypt_rsa_public_key.c +++ b/src/libstrongswan/plugins/gcrypt/gcrypt_rsa_public_key.c @@ -331,6 +331,7 @@ gcrypt_rsa_public_key_t *gcrypt_rsa_public_key_load(key_type_t type, this->public.interface.equals = public_key_equals; this->public.interface.get_keysize = (size_t (*) (public_key_t *this))get_keysize; this->public.interface.get_fingerprint = (bool(*)(public_key_t*, key_encoding_type_t type, chunk_t *fp))get_fingerprint; + this->public.interface.has_fingerprint = (bool(*)(public_key_t*, chunk_t fp))public_key_has_fingerprint; this->public.interface.get_encoding = (bool(*)(public_key_t*, key_encoding_type_t type, chunk_t *encoding))get_encoding; this->public.interface.get_ref = (public_key_t* (*)(public_key_t *this))get_ref; this->public.interface.destroy = (void (*)(public_key_t *this))destroy; diff --git a/src/libstrongswan/plugins/gmp/gmp_rsa_private_key.c b/src/libstrongswan/plugins/gmp/gmp_rsa_private_key.c index 43579e222..1829bd459 100644 --- a/src/libstrongswan/plugins/gmp/gmp_rsa_private_key.c +++ b/src/libstrongswan/plugins/gmp/gmp_rsa_private_key.c @@ -595,6 +595,7 @@ static private_gmp_rsa_private_key_t *gmp_rsa_private_key_create_empty(void) this->public.interface.equals = (bool (*) (private_key_t*, private_key_t*))equals; this->public.interface.belongs_to = (bool (*) (private_key_t*, public_key_t*))belongs_to; this->public.interface.get_fingerprint = (bool(*)(private_key_t*, key_encoding_type_t type, chunk_t *fp))get_fingerprint; + this->public.interface.has_fingerprint = (bool(*)(private_key_t*, chunk_t fp))private_key_has_fingerprint; this->public.interface.get_encoding = (bool(*)(private_key_t*, key_encoding_type_t type, chunk_t *encoding))get_encoding; this->public.interface.get_ref = (private_key_t* (*) (private_key_t*))get_ref; this->public.interface.destroy = (void (*) (private_key_t*))destroy; diff --git a/src/libstrongswan/plugins/gmp/gmp_rsa_public_key.c b/src/libstrongswan/plugins/gmp/gmp_rsa_public_key.c index a3b4a0468..5fea69131 100644 --- a/src/libstrongswan/plugins/gmp/gmp_rsa_public_key.c +++ b/src/libstrongswan/plugins/gmp/gmp_rsa_public_key.c @@ -490,6 +490,7 @@ gmp_rsa_public_key_t *gmp_rsa_public_key_load(key_type_t type, va_list args) this->public.interface.equals = (bool (*) (public_key_t*, public_key_t*))equals; this->public.interface.get_keysize = (size_t (*) (public_key_t*))get_keysize; this->public.interface.get_fingerprint = (bool(*)(public_key_t*, key_encoding_type_t type, chunk_t *fp))get_fingerprint; + this->public.interface.has_fingerprint = (bool(*)(public_key_t*, chunk_t fp))public_key_has_fingerprint; this->public.interface.get_encoding = (bool(*)(public_key_t*, key_encoding_type_t type, chunk_t *encoding))get_encoding; this->public.interface.get_ref = (public_key_t* (*) (public_key_t *this))get_ref; this->public.interface.destroy = (void (*) (public_key_t *this))destroy; diff --git a/src/libstrongswan/plugins/openssl/openssl_ec_private_key.c b/src/libstrongswan/plugins/openssl/openssl_ec_private_key.c index 853314069..89ced5a9a 100644 --- a/src/libstrongswan/plugins/openssl/openssl_ec_private_key.c +++ b/src/libstrongswan/plugins/openssl/openssl_ec_private_key.c @@ -284,6 +284,7 @@ static private_openssl_ec_private_key_t *create_empty(void) this->public.interface.equals = private_key_equals; this->public.interface.belongs_to = private_key_belongs_to; this->public.interface.get_fingerprint = (bool(*)(private_key_t*, key_encoding_type_t type, chunk_t *fp))get_fingerprint; + this->public.interface.has_fingerprint = (bool(*)(private_key_t*, chunk_t fp))private_key_has_fingerprint; this->public.interface.get_encoding = (bool(*)(private_key_t*, key_encoding_type_t type, chunk_t *encoding))get_encoding; this->public.interface.get_ref = (private_key_t* (*)(private_key_t *this))get_ref; this->public.interface.destroy = (void (*)(private_key_t *this))destroy; diff --git a/src/libstrongswan/plugins/openssl/openssl_ec_public_key.c b/src/libstrongswan/plugins/openssl/openssl_ec_public_key.c index f553c263a..f37c736b1 100644 --- a/src/libstrongswan/plugins/openssl/openssl_ec_public_key.c +++ b/src/libstrongswan/plugins/openssl/openssl_ec_public_key.c @@ -297,6 +297,7 @@ static private_openssl_ec_public_key_t *create_empty() this->public.interface.get_keysize = (size_t (*) (public_key_t *this))get_keysize; this->public.interface.equals = public_key_equals; this->public.interface.get_fingerprint = (bool(*)(public_key_t*, key_encoding_type_t type, chunk_t *fp))get_fingerprint; + this->public.interface.has_fingerprint = (bool(*)(public_key_t*, chunk_t fp))public_key_has_fingerprint; this->public.interface.get_encoding = (bool(*)(public_key_t*, key_encoding_type_t type, chunk_t *encoding))get_encoding; this->public.interface.get_ref = (public_key_t* (*)(public_key_t *this))get_ref; this->public.interface.destroy = (void (*)(public_key_t *this))destroy; diff --git a/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c b/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c index eefdfa6f5..078f889a6 100644 --- a/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c +++ b/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c @@ -277,6 +277,7 @@ static private_openssl_rsa_private_key_t *create_empty(void) this->public.interface.equals = private_key_equals; this->public.interface.belongs_to = private_key_belongs_to; this->public.interface.get_fingerprint = (bool(*)(private_key_t*, key_encoding_type_t type, chunk_t *fp))get_fingerprint; + this->public.interface.has_fingerprint = (bool(*)(private_key_t*, chunk_t fp))private_key_has_fingerprint; this->public.interface.get_encoding = (bool(*)(private_key_t*, key_encoding_type_t type, chunk_t *encoding))get_encoding; this->public.interface.get_ref = (private_key_t* (*) (private_key_t*))get_ref; this->public.interface.destroy = (void (*) (private_key_t*))destroy; diff --git a/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c b/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c index 689dc27f6..422262b19 100644 --- a/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c +++ b/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c @@ -287,6 +287,7 @@ static private_openssl_rsa_public_key_t *create_empty() this->public.interface.equals = public_key_equals; this->public.interface.get_keysize = (size_t (*) (public_key_t *this))get_keysize; this->public.interface.get_fingerprint = (bool(*)(public_key_t*, key_encoding_type_t type, chunk_t *fp))get_fingerprint; + this->public.interface.has_fingerprint = (bool(*)(public_key_t*, chunk_t fp))public_key_has_fingerprint; this->public.interface.get_encoding = (bool(*)(public_key_t*, key_encoding_type_t type, chunk_t *encoding))get_encoding; this->public.interface.get_ref = (public_key_t* (*)(public_key_t *this))get_ref; this->public.interface.destroy = (void (*)(public_key_t *this))destroy; |