From: Tobias Brunner Date: Thu, 3 Apr 2014 07:21:43 +0000 (+0200) Subject: sshkey: Add support to parse SSH public keys from files with left|rightsigkey X-Git-Tag: 5.2.0rc1~46 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=1cda692110f6853d6da2adae928881d67db94fa9;p=thirdparty%2Fstrongswan.git sshkey: Add support to parse SSH public keys from files with left|rightsigkey --- diff --git a/src/libstrongswan/plugins/sshkey/sshkey_builder.c b/src/libstrongswan/plugins/sshkey/sshkey_builder.c index 652663108b..245e0f9a89 100644 --- a/src/libstrongswan/plugins/sshkey/sshkey_builder.c +++ b/src/libstrongswan/plugins/sshkey/sshkey_builder.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013 Tobias Brunner + * Copyright (C) 2013-2014 Tobias Brunner * Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it @@ -235,3 +235,46 @@ sshkey_public_key_t *sshkey_public_key_load(key_type_t type, va_list args) } return NULL; } + +/** + * See header. + */ +certificate_t *sshkey_certificate_load(certificate_type_t type, va_list args) +{ + certificate_t *cert; + public_key_t *key; + identification_t *subject = NULL; + char *file = NULL; + + while (TRUE) + { + switch (va_arg(args, builder_part_t)) + { + case BUILD_FROM_FILE: + file = va_arg(args, char*); + continue; + case BUILD_SUBJECT: + subject = va_arg(args, identification_t*); + continue; + case BUILD_END: + break; + default: + return NULL; + } + break; + } + if (!file || !subject) + { + return NULL; + } + key = (public_key_t*)load_from_file(file); + if (!key) + { + return NULL; + } + cert = lib->creds->create(lib->creds, CRED_CERTIFICATE, + CERT_TRUSTED_PUBKEY, BUILD_PUBLIC_KEY, key, + BUILD_SUBJECT, subject, BUILD_END); + key->destroy(key); + return cert; +} diff --git a/src/libstrongswan/plugins/sshkey/sshkey_builder.h b/src/libstrongswan/plugins/sshkey/sshkey_builder.h index d138c879b8..7225f5550c 100644 --- a/src/libstrongswan/plugins/sshkey/sshkey_builder.h +++ b/src/libstrongswan/plugins/sshkey/sshkey_builder.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013 Tobias Brunner + * Copyright (C) 2013-2014 Tobias Brunner * Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it @@ -48,4 +48,15 @@ struct sshkey_public_key_t { */ sshkey_public_key_t *sshkey_public_key_load(key_type_t type, va_list args); +/** + * Load a public key in RFC 4253 format as certificate. + * + * Takes a BUILD_FROM_FILE and BUILD_SUBJECT argument. + * + * @param type type of the certificate, must be CERT_TRUSTED_PUBKEY + * @param args builder_part_t argument list + * @return built certificate, NULL on failure + */ +certificate_t *sshkey_certificate_load(certificate_type_t type, va_list args); + #endif /** SSHKEY_BUILDER_H_ @}*/ diff --git a/src/libstrongswan/plugins/sshkey/sshkey_plugin.c b/src/libstrongswan/plugins/sshkey/sshkey_plugin.c index 6409feaf1e..1fde0c6e90 100644 --- a/src/libstrongswan/plugins/sshkey/sshkey_plugin.c +++ b/src/libstrongswan/plugins/sshkey/sshkey_plugin.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013 Tobias Brunner + * Copyright (C) 2013-2014 Tobias Brunner * Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it @@ -44,6 +44,8 @@ METHOD(plugin_t, get_features, int, static plugin_feature_t f[] = { PLUGIN_REGISTER(PUBKEY, sshkey_public_key_load, FALSE), PLUGIN_PROVIDE(PUBKEY, KEY_ANY), + PLUGIN_REGISTER(CERT_DECODE, sshkey_certificate_load, FALSE), + PLUGIN_PROVIDE(CERT_DECODE, CERT_TRUSTED_PUBKEY), }; *features = f; return countof(f);