Do not hardwire keys to KEY_RSA

Make the TKM private and public keys more easily extendable by
determining the associated key type dynamically.

diff --git a/src/charon-tkm/src/tkm/tkm_private_key.c b/src/charon-tkm/src/tkm/tkm_private_key.c
index 61694145499d354622400835f71d25fa03415244..9e3f96c950241993e34f3a885c98640e74b8d960 100644 (file)
--- a/src/charon-tkm/src/tkm/tkm_private_key.c
+++ b/src/charon-tkm/src/tkm/tkm_private_key.c
@@ -1,6 +1,6 @@
 /*
- * Copyright (C) 2012 Reto Buerki
- * Copyright (C) 2012 Adrian-Ken Rueegsegger
+ * Copyright (C) 2012-2013 Reto Buerki
+ * Copyright (C) 2012-2013 Adrian-Ken Rueegsegger
  * Hochschule fuer Technik Rapperswil
  *
  * This program is free software; you can redistribute it and/or modify it
@@ -39,6 +39,11 @@ struct private_tkm_private_key_t {
         */
        identification_t *id;
 
+       /**
+        * Key type.
+        */
+       key_type_t key_type;
+
        /**
         * Reference count.
         */
@@ -49,7 +54,7 @@ struct private_tkm_private_key_t {
 METHOD(private_key_t, get_type, key_type_t,
        private_tkm_private_key_t *this)
 {
-       return KEY_RSA;
+       return this->key_type;
 }
 
 METHOD(private_key_t, sign, bool,
@@ -158,5 +163,25 @@ tkm_private_key_t *tkm_private_key_init(identification_t * const id)
                .id = id->clone(id),
        );
 
+       /* get key type from associated public key */
+       certificate_t *cert;
+       cert = lib->credmgr->get_cert(lib->credmgr, CERT_ANY, KEY_ANY, id, FALSE);
+       if (!cert)
+       {
+               destroy(this);
+               return NULL;
+       }
+
+       public_key_t *pubkey = cert->get_public_key(cert);
+       if (!pubkey)
+       {
+               cert->destroy(cert);
+               destroy(this);
+               return NULL;
+       }
+       this->key_type = pubkey->get_type(pubkey);
+       pubkey->destroy(pubkey);
+       cert->destroy(cert);
+
        return &this->public;
 }

diff --git a/src/charon-tkm/src/tkm/tkm_public_key.c b/src/charon-tkm/src/tkm/tkm_public_key.c
index e3f64ddba6941086b2f014b1d66eaf7f9bd54d47..9ebdc29e6ad39492c80a3d2754eb9673395119bf 100644 (file)
--- a/src/charon-tkm/src/tkm/tkm_public_key.c
+++ b/src/charon-tkm/src/tkm/tkm_public_key.c
@@ -14,6 +14,8 @@
  * for more details.
  */
 
+#include <utils/debug.h>
+
 #include "tkm_public_key.h"
 
 typedef struct private_tkm_public_key_t private_tkm_public_key_t;
@@ -33,6 +35,11 @@ struct private_tkm_public_key_t {
         */
        chunk_t asn_blob;
 
+       /**
+        * Key type.
+        */
+       key_type_t key_type;
+
        /**
         * Reference count.
         */
@@ -42,7 +49,7 @@ struct private_tkm_public_key_t {
 METHOD(public_key_t, get_type, key_type_t,
        private_tkm_public_key_t *this)
 {
-       return KEY_RSA;
+       return this->key_type;
 }
 
 METHOD(public_key_t, verify, bool,
@@ -79,9 +86,17 @@ METHOD(public_key_t, get_fingerprint, bool,
        {
                return TRUE;
        }
-       return lib->encoding->encode(lib->encoding, type, this, fp,
-                                                                CRED_PART_RSA_PUB_ASN1_DER, this->asn_blob,
-                                                                CRED_PART_END);
+       switch(this->key_type)
+       {
+               case KEY_RSA:
+                       return lib->encoding->encode(lib->encoding, type, this, fp,
+                                                                                CRED_PART_RSA_PUB_ASN1_DER,
+                                                                                this->asn_blob, CRED_PART_END);
+               default:
+                       DBG1(DBG_LIB, "%N public key not supported, fingerprinting failed",
+                                key_type_names, this->key_type);
+                       return FALSE;
+       }
 }
 
 METHOD(public_key_t, get_ref, public_key_t*,
@@ -147,6 +162,7 @@ tkm_public_key_t *tkm_public_key_load(key_type_t type, va_list args)
                },
                .ref = 1,
                .asn_blob = chunk_clone(blob),
+               .key_type = type,
        );
 
        return &this->public;

diff --git a/src/charon-tkm/src/tkm/tkm_public_key.h b/src/charon-tkm/src/tkm/tkm_public_key.h
index a469f7524ff8daf2649ebc32365ec1d98114f59d..383c7dd4c41682dda30bcc150f590193cdbde102 100644 (file)
--- a/src/charon-tkm/src/tkm/tkm_public_key.h
+++ b/src/charon-tkm/src/tkm/tkm_public_key.h
@@ -1,6 +1,6 @@
 /*
- * Copyright (C) 2012 Reto Buerki
- * Copyright (C) 2012 Adrian-Ken Rueegsegger
+ * Copyright (C) 2012-2013 Reto Buerki
+ * Copyright (C) 2012-2013 Adrian-Ken Rueegsegger
  * Hochschule fuer Technik Rapperswil
  *
  * This program is free software; you can redistribute it and/or modify it
@@ -35,9 +35,7 @@ struct tkm_public_key_t {
 /**
  * Load a TKM public key.
  *
- * Accepts BUILD_RSA_* components.
- *
- * @param type         type of the key, must be KEY_RSA
+ * @param type         type of the key
  * @param args         builder_part_t argument list
  * @return                     loaded key, NULL on failure
  */