certificate_t->issued_by takes an argument to receive signature scheme
[strongswan.git] / src / libstrongswan / credentials / sets / ocsp_response_wrapper.c
1 /*
2 * Copyright (C) 2008 Martin Willi
3 * Hochschule fuer Technik Rapperswil
4 *
5 * This program is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License as published by the
7 * Free Software Foundation; either version 2 of the License, or (at your
8 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
9 *
10 * This program is distributed in the hope that it will be useful, but
11 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
12 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
13 * for more details.
14 */
15
16 #include "ocsp_response_wrapper.h"
17
18 typedef struct private_ocsp_response_wrapper_t private_ocsp_response_wrapper_t;
19
20 /**
21 * private data of ocsp_response_wrapper
22 */
23 struct private_ocsp_response_wrapper_t {
24
25 /**
26 * public functions
27 */
28 ocsp_response_wrapper_t public;
29
30 /**
31 * wrapped OCSP response
32 */
33 ocsp_response_t *response;
34 };
35
36 /**
37 * enumerator for ocsp_response_wrapper_t.create_cert_enumerator()
38 */
39 typedef struct {
40 /** implements enumerator_t */
41 enumerator_t public;
42 /** enumerator over ocsp response */
43 enumerator_t *inner;
44 /** type of cert */
45 certificate_type_t cert;
46 /** type of key */
47 key_type_t key;
48 /** filtering identity */
49 identification_t *id;
50 } wrapper_enumerator_t;
51
52 /**
53 * enumerate function wrapper_enumerator_t
54 */
55 static bool enumerate(wrapper_enumerator_t *this, certificate_t **cert)
56 {
57 certificate_t *current;
58 public_key_t *public;
59
60 while (this->inner->enumerate(this->inner, &current))
61 {
62 if (this->cert != CERT_ANY && this->cert != current->get_type(current))
63 { /* CERT type requested, but does not match */
64 continue;
65 }
66 public = current->get_public_key(current);
67 if (this->key != KEY_ANY && !public)
68 { /* key type requested, but no public key */
69 DESTROY_IF(public);
70 continue;
71 }
72 if (this->key != KEY_ANY && public && this->key != public->get_type(public))
73 { /* key type requested, but public key has another type */
74 DESTROY_IF(public);
75 continue;
76 }
77 DESTROY_IF(public);
78 if (this->id && !current->has_subject(current, this->id))
79 { /* subject requested, but does not match */
80 continue;
81 }
82 *cert = current;
83 return TRUE;
84 }
85 return FALSE;
86 }
87
88 /**
89 * destroy function for wrapper_enumerator_t
90 */
91 static void enumerator_destroy(wrapper_enumerator_t *this)
92 {
93 this->inner->destroy(this->inner);
94 free(this);
95 }
96
97 METHOD(credential_set_t, create_enumerator, enumerator_t*,
98 private_ocsp_response_wrapper_t *this,certificate_type_t cert,
99 key_type_t key, identification_t *id, bool trusted)
100 {
101 wrapper_enumerator_t *enumerator;
102
103 if (trusted)
104 {
105 return NULL;
106 }
107
108 enumerator = malloc_thing(wrapper_enumerator_t);
109 enumerator->cert = cert;
110 enumerator->key = key;
111 enumerator->id = id;
112 enumerator->inner = this->response->create_cert_enumerator(this->response);
113 enumerator->public.enumerate = (void*)enumerate;
114 enumerator->public.destroy = (void*)enumerator_destroy;
115 return &enumerator->public;
116 }
117
118 METHOD(ocsp_response_wrapper_t, destroy, void,
119 private_ocsp_response_wrapper_t *this)
120 {
121 free(this);
122 }
123
124 /*
125 * see header file
126 */
127 ocsp_response_wrapper_t *ocsp_response_wrapper_create(ocsp_response_t *response)
128 {
129 private_ocsp_response_wrapper_t *this;
130
131 INIT(this,
132 .public = {
133 .set = {
134 .create_cert_enumerator = _create_enumerator,
135 .create_private_enumerator = (void*)return_null,
136 .create_shared_enumerator = (void*)return_null,
137 .create_cdp_enumerator = (void*)return_null,
138 .cache_cert = (void*)nop,
139 },
140 .destroy = _destroy,
141 },
142 .response = response,
143 );
144
145 return &this->public;
146 }