/**
* create a shared key
*/
-static private_shared_key_t *shared_key_create(shared_key_type_t type, chunk_t key)
+static private_shared_key_t *private_shared_key_create(shared_key_type_t type, chunk_t key)
{
private_shared_key_t *this = malloc_thing(private_shared_key_t);
cert->destroy(cert);
return NULL;
}
-
- /* set cert flags to flag but keep X509_SELF_SIGNED property */
- x509->set_flags(x509, flag | (flags & X509_SELF_SIGNED));
/* check validity */
{
{
if (current->equals(current, cert))
{
- x509_flag_t flags = x509->get_flags(x509);
- x509_t *x509c = (x509_t*)current;
-
- /* cert already in queue - add flags and discard */
- x509c->set_flags(x509c, flags | x509c->get_flags(x509c));
+ /* cert already in queue */
cert->destroy(cert);
cert = current;
new = FALSE;
snprintf(path, sizeof(path), "%s/%s", CERTIFICATE_DIR, filename);
}
- x509 = load_cert(path, X509_PEER);
+ x509 = load_cert(path, 0);
if (x509)
{
DBG1(DBG_CFG, "line %d: malformed secret: %s", line_nr, ugh);
goto error;
}
- shared_key = shared_key_create(type, secret);
+ shared_key = private_shared_key_create(type, secret);
DBG1(DBG_CFG, " loaded %N secret for %s", shared_key_type_names, type,
ids.len > 0 ? (char*)ids.ptr : "%any");
DBG4(DBG_CFG, " secret:", secret);
x509_t *x509 = (x509_t*)cert;
x509_flag_t x509_flags = x509->get_flags(x509);
- if (x509_flags & flags)
+ /* list only if flag is set, or flags == 0 (ignoring self-signed) */
+ if ((x509_flags & flags) || (flags == (x509_flags & ~X509_SELF_SIGNED)))
{
enumerator_t *enumerator;
identification_t *altName;
id = public->get_id(public, ID_PUBKEY_SHA1);
keyid = public->get_id(public, ID_PUBKEY_INFO_SHA1);
- if (flags & X509_PEER)
- {
- private = charon->credentials->get_private(
+ private = charon->credentials->get_private(
charon->credentials,
- public->get_type(public), id, NULL);
- }
+ public->get_type(public), keyid, NULL);
fprintf(out, " pubkey: %N %d bits%s\n",
key_type_names, public->get_type(public),
public->get_keysize(public) * 8,
if (msg->list.flags & LIST_CERTS)
{
stroke_list_certs("X.509 End Entity Certificates",
- X509_PEER, msg->list.utc, out);
+ 0, msg->list.utc, out);
}
if (msg->list.flags & LIST_CACERTS)
{
stroke_list_certs("X.509 CA Certificates",
- X509_CA, msg->list.utc, out);
+ X509_CA, msg->list.utc, out);
}
if (msg->list.flags & LIST_OCSPCERTS)
{
stroke_list_certs("X.509 OCSP Signer Certificates",
- X509_OCSP_SIGNER, msg->list.utc, out);
+ X509_OCSP_SIGNER, msg->list.utc, out);
}
if (msg->list.flags & LIST_AACERTS)
{
stroke_list_certs("X.509 AA Certificates",
- X509_AA, msg->list.utc, out);
+ X509_AA, msg->list.utc, out);
}
if (msg->list.flags & LIST_ACERTS)
{
"PIN",
);
+typedef struct private_shared_key_t private_shared_key_t;
+
+/**
+ * private data of shared_key
+ */
+struct private_shared_key_t {
+
+ /**
+ * public functions
+ */
+ shared_key_t public;
+
+ /**
+ * type of this shared key
+ */
+ shared_key_type_t type;
+
+ /**
+ * associated shared key data
+ */
+ chunk_t key;
+
+ /**
+ * reference counter
+ */
+ refcount_t ref;
+};
+
+/**
+ * Implements shared_key_t.get_type
+ */
+static shared_key_type_t get_type(private_shared_key_t *this)
+{
+ return this->type;
+}
+
+/**
+ * Implements shared_key_t.get_key
+ */
+static chunk_t get_key(private_shared_key_t *this)
+{
+ return this->key;
+}
+
+/**
+ * Implements shared_key_t.get_ref
+ */
+static shared_key_t* get_ref(private_shared_key_t *this)
+{
+ ref_get(&this->ref);
+ return &this->public;
+}
+
+/**
+ * Implementation of shared_key_t.destroy
+ */
+static void destroy(private_shared_key_t *this)
+{
+ if (ref_put(&this->ref))
+ {
+ free(this->key.ptr);
+ free(this);
+ }
+}
+
+/*
+ * see header file
+ */
+shared_key_t *shared_key_create(shared_key_type_t type, chunk_t key)
+{
+ private_shared_key_t *this = malloc_thing(private_shared_key_t);
+
+ this->public.get_type = (shared_key_type_t (*)(shared_key_t *this))get_type;
+ this->public.get_key = (chunk_t (*)(shared_key_t *this))get_key;
+ this->public.get_ref = (shared_key_t* (*)(shared_key_t *this))get_ref;
+ this->public.destroy = (void(*)(shared_key_t*))destroy;
+
+ this->type = type;
+ this->key = key;
+ this->ref = 1;
+
+ return &this->public;
+}
+