Do not hardwire keys to KEY_RSA
authorReto Buerki <reet@codelabs.ch>
Wed, 30 Jan 2013 14:36:03 +0000 (15:36 +0100)
committerTobias Brunner <tobias@strongswan.org>
Tue, 19 Mar 2013 14:23:51 +0000 (15:23 +0100)
Make the TKM private and public keys more easily extendable by
determining the associated key type dynamically.

src/charon-tkm/src/tkm/tkm_private_key.c
src/charon-tkm/src/tkm/tkm_public_key.c
src/charon-tkm/src/tkm/tkm_public_key.h

index 6169414..9e3f96c 100644 (file)
@@ -1,6 +1,6 @@
 /*
- * Copyright (C) 2012 Reto Buerki
- * Copyright (C) 2012 Adrian-Ken Rueegsegger
+ * Copyright (C) 2012-2013 Reto Buerki
+ * Copyright (C) 2012-2013 Adrian-Ken Rueegsegger
  * Hochschule fuer Technik Rapperswil
  *
  * This program is free software; you can redistribute it and/or modify it
@@ -40,6 +40,11 @@ struct private_tkm_private_key_t {
        identification_t *id;
 
        /**
+        * Key type.
+        */
+       key_type_t key_type;
+
+       /**
         * Reference count.
         */
        refcount_t ref;
@@ -49,7 +54,7 @@ struct private_tkm_private_key_t {
 METHOD(private_key_t, get_type, key_type_t,
        private_tkm_private_key_t *this)
 {
-       return KEY_RSA;
+       return this->key_type;
 }
 
 METHOD(private_key_t, sign, bool,
@@ -158,5 +163,25 @@ tkm_private_key_t *tkm_private_key_init(identification_t * const id)
                .id = id->clone(id),
        );
 
+       /* get key type from associated public key */
+       certificate_t *cert;
+       cert = lib->credmgr->get_cert(lib->credmgr, CERT_ANY, KEY_ANY, id, FALSE);
+       if (!cert)
+       {
+               destroy(this);
+               return NULL;
+       }
+
+       public_key_t *pubkey = cert->get_public_key(cert);
+       if (!pubkey)
+       {
+               cert->destroy(cert);
+               destroy(this);
+               return NULL;
+       }
+       this->key_type = pubkey->get_type(pubkey);
+       pubkey->destroy(pubkey);
+       cert->destroy(cert);
+
        return &this->public;
 }
index e3f64dd..9ebdc29 100644 (file)
@@ -14,6 +14,8 @@
  * for more details.
  */
 
+#include <utils/debug.h>
+
 #include "tkm_public_key.h"
 
 typedef struct private_tkm_public_key_t private_tkm_public_key_t;
@@ -34,6 +36,11 @@ struct private_tkm_public_key_t {
        chunk_t asn_blob;
 
        /**
+        * Key type.
+        */
+       key_type_t key_type;
+
+       /**
         * Reference count.
         */
        refcount_t ref;
@@ -42,7 +49,7 @@ struct private_tkm_public_key_t {
 METHOD(public_key_t, get_type, key_type_t,
        private_tkm_public_key_t *this)
 {
-       return KEY_RSA;
+       return this->key_type;
 }
 
 METHOD(public_key_t, verify, bool,
@@ -79,9 +86,17 @@ METHOD(public_key_t, get_fingerprint, bool,
        {
                return TRUE;
        }
-       return lib->encoding->encode(lib->encoding, type, this, fp,
-                                                                CRED_PART_RSA_PUB_ASN1_DER, this->asn_blob,
-                                                                CRED_PART_END);
+       switch(this->key_type)
+       {
+               case KEY_RSA:
+                       return lib->encoding->encode(lib->encoding, type, this, fp,
+                                                                                CRED_PART_RSA_PUB_ASN1_DER,
+                                                                                this->asn_blob, CRED_PART_END);
+               default:
+                       DBG1(DBG_LIB, "%N public key not supported, fingerprinting failed",
+                                key_type_names, this->key_type);
+                       return FALSE;
+       }
 }
 
 METHOD(public_key_t, get_ref, public_key_t*,
@@ -147,6 +162,7 @@ tkm_public_key_t *tkm_public_key_load(key_type_t type, va_list args)
                },
                .ref = 1,
                .asn_blob = chunk_clone(blob),
+               .key_type = type,
        );
 
        return &this->public;
index a469f75..383c7dd 100644 (file)
@@ -1,6 +1,6 @@
 /*
- * Copyright (C) 2012 Reto Buerki
- * Copyright (C) 2012 Adrian-Ken Rueegsegger
+ * Copyright (C) 2012-2013 Reto Buerki
+ * Copyright (C) 2012-2013 Adrian-Ken Rueegsegger
  * Hochschule fuer Technik Rapperswil
  *
  * This program is free software; you can redistribute it and/or modify it
@@ -35,9 +35,7 @@ struct tkm_public_key_t {
 /**
  * Load a TKM public key.
  *
- * Accepts BUILD_RSA_* components.
- *
- * @param type         type of the key, must be KEY_RSA
+ * @param type         type of the key
  * @param args         builder_part_t argument list
  * @return                     loaded key, NULL on failure
  */