sshkey: Add support to parse SSH public keys from files with left|rightsigkey

diff --git a/src/libstrongswan/plugins/sshkey/sshkey_builder.c b/src/libstrongswan/plugins/sshkey/sshkey_builder.c
index 6526631..245e0f9 100644 (file)
--- a/src/libstrongswan/plugins/sshkey/sshkey_builder.c
+++ b/src/libstrongswan/plugins/sshkey/sshkey_builder.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2013 Tobias Brunner
+ * Copyright (C) 2013-2014 Tobias Brunner
  * Hochschule fuer Technik Rapperswil
  *
  * This program is free software; you can redistribute it and/or modify it
@@ -235,3 +235,46 @@ sshkey_public_key_t *sshkey_public_key_load(key_type_t type, va_list args)
        }
        return NULL;
 }
+
+/**
+ * See header.
+ */
+certificate_t *sshkey_certificate_load(certificate_type_t type, va_list args)
+{
+       certificate_t *cert;
+       public_key_t *key;
+       identification_t *subject = NULL;
+       char *file = NULL;
+
+       while (TRUE)
+       {
+               switch (va_arg(args, builder_part_t))
+               {
+                       case BUILD_FROM_FILE:
+                               file = va_arg(args, char*);
+                               continue;
+                       case BUILD_SUBJECT:
+                               subject = va_arg(args, identification_t*);
+                               continue;
+                       case BUILD_END:
+                               break;
+                       default:
+                               return NULL;
+               }
+               break;
+       }
+       if (!file || !subject)
+       {
+               return NULL;
+       }
+       key = (public_key_t*)load_from_file(file);
+       if (!key)
+       {
+               return NULL;
+       }
+       cert = lib->creds->create(lib->creds, CRED_CERTIFICATE,
+                                                         CERT_TRUSTED_PUBKEY, BUILD_PUBLIC_KEY, key,
+                                                         BUILD_SUBJECT, subject, BUILD_END);
+       key->destroy(key);
+       return cert;
+}

diff --git a/src/libstrongswan/plugins/sshkey/sshkey_builder.h b/src/libstrongswan/plugins/sshkey/sshkey_builder.h
index d138c87..7225f55 100644 (file)
--- a/src/libstrongswan/plugins/sshkey/sshkey_builder.h
+++ b/src/libstrongswan/plugins/sshkey/sshkey_builder.h
@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2013 Tobias Brunner
+ * Copyright (C) 2013-2014 Tobias Brunner
  * Hochschule fuer Technik Rapperswil
  *
  * This program is free software; you can redistribute it and/or modify it
@@ -48,4 +48,15 @@ struct sshkey_public_key_t {
  */
 sshkey_public_key_t *sshkey_public_key_load(key_type_t type, va_list args);
 
+/**
+ * Load a public key in RFC 4253 format as certificate.
+ *
+ * Takes a BUILD_FROM_FILE and BUILD_SUBJECT argument.
+ *
+ * @param type         type of the certificate, must be CERT_TRUSTED_PUBKEY
+ * @param args         builder_part_t argument list
+ * @return                     built certificate, NULL on failure
+ */
+certificate_t *sshkey_certificate_load(certificate_type_t type, va_list args);
+
 #endif /** SSHKEY_BUILDER_H_ @}*/

diff --git a/src/libstrongswan/plugins/sshkey/sshkey_plugin.c b/src/libstrongswan/plugins/sshkey/sshkey_plugin.c
index 6409fea..1fde0c6 100644 (file)
--- a/src/libstrongswan/plugins/sshkey/sshkey_plugin.c
+++ b/src/libstrongswan/plugins/sshkey/sshkey_plugin.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2013 Tobias Brunner
+ * Copyright (C) 2013-2014 Tobias Brunner
  * Hochschule fuer Technik Rapperswil
  *
  * This program is free software; you can redistribute it and/or modify it
@@ -44,6 +44,8 @@ METHOD(plugin_t, get_features, int,
        static plugin_feature_t f[] = {
                PLUGIN_REGISTER(PUBKEY, sshkey_public_key_load, FALSE),
                        PLUGIN_PROVIDE(PUBKEY, KEY_ANY),
+               PLUGIN_REGISTER(CERT_DECODE, sshkey_certificate_load, FALSE),
+                       PLUGIN_PROVIDE(CERT_DECODE, CERT_TRUSTED_PUBKEY),
        };
        *features = f;
        return countof(f);