Updated pluto to the new builder API
[strongswan.git] / src / pluto / builder.c
1 /* Pluto certificate/CRL/AC builder hooks.
2 * Copyright (C) 2002-2009 Andreas Steffen
3 * Copyright (C) 2009 Martin Willi
4 * HSR Hochschule fuer Technik Rapperswil
5 *
6 * This program is free software; you can redistribute it and/or modify it
7 * under the terms of the GNU General Public License as published by the
8 * Free Software Foundation; either version 2 of the License, or (at your
9 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
10 *
11 * This program is distributed in the hope that it will be useful, but
12 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
13 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14 * for more details.
15 */
16
17 #include "builder.h"
18
19 #include <stdlib.h>
20 #include <stdio.h>
21 #include <string.h>
22 #include <unistd.h>
23
24 #include <freeswan.h>
25
26 #include <library.h>
27 #include <credentials/certificates/certificate.h>
28
29 #include "constants.h"
30 #include "defs.h"
31 #include "log.h"
32 #include "id.h"
33 #include "certs.h"
34 #include "ac.h"
35 #include "crl.h"
36
37 /**
38 * Load a certificate
39 */
40 static cert_t *builder_load_cert(certificate_type_t type, va_list args)
41 {
42 chunk_t blob;
43 bool pgp = FALSE;
44
45 while (TRUE)
46 {
47 switch (va_arg(args, builder_part_t))
48 {
49 case BUILD_BLOB_PGP:
50 pgp = TRUE;
51 /* FALL */
52 case BUILD_BLOB_ASN1_DER:
53 blob = va_arg(args, chunk_t);
54 continue;
55 case BUILD_END:
56 break;
57 default:
58 return NULL;
59 }
60 }
61 if (blob.ptr)
62 {
63 if (pgp)
64 {
65 pgpcert_t *pgpcert = malloc_thing(pgpcert_t);
66 *pgpcert = pgpcert_empty;
67 if (parse_pgp(chunk_clone(blob), pgpcert))
68 {
69 cert_t *cert = malloc_thing(cert_t);
70 *cert = cert_empty;
71 cert->type = CERT_PGP;
72 cert->u.pgp = pgpcert;
73 return cert;
74 }
75 plog(" error in OpenPGP certificate");
76 free_pgpcert(pgpcert);
77 }
78 else
79 {
80 x509cert_t *x509cert = malloc_thing(x509cert_t);
81 *x509cert = empty_x509cert;
82 if (parse_x509cert(chunk_clone(blob), 0, x509cert))
83 {
84 cert_t *cert = malloc_thing(cert_t);
85 *cert = cert_empty;
86 cert->type = CERT_X509_SIGNATURE;
87 cert->u.x509 = x509cert;
88 return cert;
89 }
90 plog(" error in X.509 certificate");
91 free_x509cert(x509cert);
92 }
93 }
94 return NULL;
95 }
96
97 /**
98 * Load a attribute certificate
99 */
100 static x509acert_t *builder_load_ac(certificate_type_t type, va_list args)
101 {
102 chunk_t blob = chunk_empty;
103 x509acert_t *ac;
104
105 while (TRUE)
106 {
107 switch (va_arg(args, builder_part_t))
108 {
109 case BUILD_BLOB_ASN1_DER:
110 blob = va_arg(args, chunk_t);
111 continue;
112 case BUILD_END:
113 break;
114 default:
115 return NULL;
116 }
117 }
118 if (blob.ptr)
119 {
120 ac = malloc_thing(x509acert_t);
121 *ac = empty_ac;
122 if (parse_ac(chunk_clone(blob), ac) &&
123 verify_x509acert(ac, FALSE))
124 {
125 return ac;
126 }
127 plog(" error in X.509 AC");
128 free_acert(ac);
129 }
130 return NULL;
131 }
132
133 /**
134 * Load a CRL
135 */
136 static x509crl_t *builder_load_crl(certificate_type_t type, va_list args)
137 {
138 chunk_t blob;
139 x509crl_t *crl;
140
141 while (TRUE)
142 {
143 switch (va_arg(args, builder_part_t))
144 {
145 case BUILD_BLOB_ASN1_DER:
146 blob = va_arg(args, chunk_t);
147 continue;
148 case BUILD_END:
149 break;
150 default:
151 return NULL;
152 }
153 }
154 if (blob.ptr)
155 {
156 crl = malloc_thing(x509crl_t);
157 *crl = empty_x509crl;
158 if (parse_x509crl(chunk_clone(blob), 0, crl))
159 {
160 return crl;
161 }
162 plog(" error in X.509 crl");
163 free_crl(crl);
164 }
165 return NULL;
166 }
167
168 void init_builder(void)
169 {
170 lib->creds->add_builder(lib->creds, CRED_CERTIFICATE, CERT_PLUTO_CERT,
171 (builder_function_t)builder_load_cert);
172 lib->creds->add_builder(lib->creds, CRED_CERTIFICATE, CERT_PLUTO_AC,
173 (builder_function_t)builder_load_ac);
174 lib->creds->add_builder(lib->creds, CRED_CERTIFICATE, CERT_PLUTO_CRL,
175 (builder_function_t)builder_load_crl);
176 }
177
178 void free_builder(void)
179 {
180 lib->creds->remove_builder(lib->creds, (builder_function_t)builder_load_cert);
181 lib->creds->remove_builder(lib->creds, (builder_function_t)builder_load_ac);
182 lib->creds->remove_builder(lib->creds, (builder_function_t)builder_load_crl);
183 }
184