Revision 209f52cb
| b/src/pluto/certs.c | ||
|---|---|---|
| 248 | 248 |
} |
| 249 | 249 |
|
| 250 | 250 |
/** |
| 251 |
* Get a X.509 certificate with a given issuer found at a certain position |
|
| 252 |
*/ |
|
| 253 |
cert_t* get_x509cert(identification_t *issuer, chunk_t keyid, cert_t *chain) |
|
| 254 |
{
|
|
| 255 |
cert_t *cert = chain ? chain->next : certs; |
|
| 256 |
|
|
| 257 |
while (cert) |
|
| 258 |
{
|
|
| 259 |
certificate_t *certificate = cert->cert; |
|
| 260 |
x509_t *x509 = (x509_t*)certificate; |
|
| 261 |
chunk_t authKeyID = x509->get_authKeyIdentifier(x509); |
|
| 262 |
|
|
| 263 |
if (keyid.ptr ? same_keyid(keyid, authKeyID) : |
|
| 264 |
certificate->has_issuer(certificate, issuer)) |
|
| 265 |
{
|
|
| 266 |
return cert; |
|
| 267 |
} |
|
| 268 |
cert = cert->next; |
|
| 269 |
} |
|
| 270 |
return NULL; |
|
| 271 |
} |
|
| 272 |
|
|
| 273 |
/** |
|
| 251 | 274 |
* List all PGP end certificates in a chained list |
| 252 | 275 |
*/ |
| 253 | 276 |
void list_pgp_end_certs(bool utc) |
| b/src/pluto/certs.h | ||
|---|---|---|
| 75 | 75 |
extern void cert_share(cert_t *cert); |
| 76 | 76 |
extern void cert_release(cert_t *cert); |
| 77 | 77 |
extern void cert_list(bool utc); |
| 78 |
extern cert_t* get_x509cert(identification_t *issuer, chunk_t keyid, cert_t* chain); |
|
| 78 | 79 |
|
| 79 | 80 |
#endif /* _CERTS_H */ |
| 80 | 81 |
|
| b/src/pluto/x509.c | ||
|---|---|---|
| 55 | 55 |
} |
| 56 | 56 |
|
| 57 | 57 |
/** |
| 58 |
* Get a X.509 certificate with a given issuer found at a certain position |
|
| 59 |
*/ |
|
| 60 |
cert_t* get_x509cert(identification_t *issuer, chunk_t keyid, cert_t *chain) |
|
| 61 |
{
|
|
| 62 |
cert_t *cert = chain->next; |
|
| 63 |
|
|
| 64 |
while (cert) |
|
| 65 |
{
|
|
| 66 |
certificate_t *certificate = cert->cert; |
|
| 67 |
x509_t *x509 = (x509_t*)certificate; |
|
| 68 |
chunk_t authKeyID = x509->get_authKeyIdentifier(x509); |
|
| 69 |
|
|
| 70 |
if (keyid.ptr ? same_keyid(keyid, authKeyID) : |
|
| 71 |
certificate->has_issuer(certificate, issuer)) |
|
| 72 |
{
|
|
| 73 |
return cert; |
|
| 74 |
} |
|
| 75 |
cert = cert->next; |
|
| 76 |
} |
|
| 77 |
return NULL; |
|
| 78 |
} |
|
| 79 |
|
|
| 80 |
/** |
|
| 81 | 58 |
* Stores a chained list of end certs and CA certs |
| 82 | 59 |
*/ |
| 83 | 60 |
void store_x509certs(linked_list_t *certs, bool strict) |
| b/src/pluto/x509.h | ||
|---|---|---|
| 32 | 32 |
extern chunk_t x509_build_signature(chunk_t tbs, int algorithm, |
| 33 | 33 |
private_key_t *key, bool bit_string); |
| 34 | 34 |
extern bool verify_x509cert(cert_t *cert, bool strict, time_t *until); |
| 35 |
extern cert_t* get_x509cert(identification_t *issuer, chunk_t keyid, cert_t* chain); |
|
| 36 | 35 |
extern void store_x509certs(linked_list_t *certs, bool strict); |
| 37 | 36 |
extern void list_x509cert_chain(const char *caption, cert_t* cert, |
| 38 | 37 |
x509_flag_t flags, bool utc); |
Also available in: Unified diff