Credential backends use has_fingerprint() methods to select keys/certificates
authorMartin Willi <martin@strongswan.org>
Mon, 21 Sep 2009 15:03:00 +0000 (17:03 +0200)
committerMartin Willi <martin@strongswan.org>
Mon, 21 Sep 2009 15:03:00 +0000 (17:03 +0200)
src/charon/plugins/load_tester/load_tester_creds.c
src/charon/plugins/nm/nm_creds.c
src/charon/plugins/stroke/stroke_ca.c
src/charon/plugins/stroke/stroke_cred.c

index ec3606c..239a104 100644 (file)
@@ -195,11 +195,7 @@ static enumerator_t* create_private_enumerator(private_load_tester_creds_t *this
        }
        if (id)
        {
-               chunk_t keyid;
-
-               if (!this->private->get_fingerprint(this->private,
-                                                                                       KEY_ID_PUBKEY_SHA1, &keyid) ||
-                       !chunk_equals(keyid, id->get_encoding(id)))
+               if (!this->private->has_fingerprint(this->private, id->get_encoding(id)))
                {
                        return NULL;
                }
@@ -218,7 +214,6 @@ static enumerator_t* create_cert_enumerator(private_load_tester_creds_t *this,
        public_key_t *peer_key, *ca_key;
        u_int32_t serial;
        time_t now;
-       chunk_t keyid;
 
        if (this->ca == NULL)
        {
@@ -239,8 +234,7 @@ static enumerator_t* create_cert_enumerator(private_load_tester_creds_t *this,
        ca_key = this->ca->get_public_key(this->ca);
        if (ca_key)
        {
-               if (ca_key->get_fingerprint(ca_key, KEY_ID_PUBKEY_SHA1, &keyid) &&
-                       chunk_equals(keyid, id->get_encoding(id)))
+               if (ca_key->has_fingerprint(ca_key, id->get_encoding(id)))
                {
                        ca_key->destroy(ca_key);
                        return enumerator_create_single(this->ca, NULL);
index c28b055..4f90fd6 100644 (file)
@@ -127,7 +127,6 @@ static bool cert_filter(cert_data_t *data, certificate_t **in,
 {
        certificate_t *cert = *in;
        public_key_t *public;
-       chunk_t keyid;
 
        public = cert->get_public_key(cert);
        if (!public)
@@ -140,8 +139,7 @@ static bool cert_filter(cert_data_t *data, certificate_t **in,
                return FALSE;
        }
        if (data->id && data->id->get_type(data->id) == ID_KEY_ID &&
-               public->get_fingerprint(public, KEY_ID_PUBKEY_SHA1, &keyid) &&
-               chunk_equals(keyid, data->id->get_encoding(data->id)))
+               public->has_fingerprint(public, data->id->get_encoding(data->id)))
        {
                public->destroy(public);
                *out = cert;
@@ -209,11 +207,8 @@ static enumerator_t* create_private_enumerator(private_nm_creds_t *this,
        }
        if (id && id->get_type(id) != ID_ANY)
        {
-               chunk_t keyid;
-
                if (id->get_type(id) != ID_KEY_ID ||
-                       !this->key->get_fingerprint(this->key, KEY_ID_PUBKEY_SHA1, &keyid) ||
-                       !chunk_equals(keyid, id->get_encoding(id)))
+                       !this->key->has_fingerprint(this->key, id->get_encoding(id)))
                {
                        return NULL;
                }
index 2c3e293..152ef74 100644 (file)
@@ -142,7 +142,6 @@ static void cdp_data_destroy(cdp_data_t *data)
 static enumerator_t *create_inner_cdp(ca_section_t *section, cdp_data_t *data)
 {
        public_key_t *public;
-       chunk_t keyid;
        enumerator_t *enumerator = NULL;
        linked_list_t *list;
 
@@ -164,8 +163,7 @@ static enumerator_t *create_inner_cdp(ca_section_t *section, cdp_data_t *data)
                }
                else
                {
-                       if (public->get_fingerprint(public, KEY_ID_PUBKEY_SHA1, &keyid) &&
-                               chunk_equals(keyid, data->id->get_encoding(data->id)))
+                       if (public->has_fingerprint(public, data->id->get_encoding(data->id)))
                        {
                                enumerator = list->create_enumerator(list);
                        }
index 6055770..8e49b4a 100644 (file)
@@ -107,7 +107,6 @@ static bool private_filter(id_data_t *data,
                                                   private_key_t **in, private_key_t **out)
 {
        private_key_t *key;
-       chunk_t keyid;
 
        key = *in;
        if (data->id == NULL)
@@ -115,8 +114,7 @@ static bool private_filter(id_data_t *data,
                *out = key;
                return TRUE;
        }
-       if (key->get_fingerprint(key, KEY_ID_PUBKEY_SHA1, &keyid) &&
-               chunk_equals(keyid, data->id->get_encoding(data->id)))
+       if (key->has_fingerprint(key, data->id->get_encoding(data->id)))
        {
                *out = key;
                return TRUE;
@@ -149,7 +147,6 @@ static bool certs_filter(id_data_t *data, certificate_t **in, certificate_t **ou
 {
        public_key_t *public;
        certificate_t *cert = *in;
-       chunk_t keyid;
 
        if (data->type != CERT_ANY && data->type != cert->get_type(cert))
        {
@@ -164,8 +161,7 @@ static bool certs_filter(id_data_t *data, certificate_t **in, certificate_t **ou
        public = cert->get_public_key(cert);
        if (public)
        {
-               if (public->get_fingerprint(public, KEY_ID_PUBKEY_SHA1, &keyid) &&
-                       chunk_equals(keyid, data->id->get_encoding(data->id)))
+               if (public->has_fingerprint(public, data->id->get_encoding(data->id)))
                {
                        public->destroy(public);
                        *out = *in;