METHOD(cert_payload_t, get_cert, certificate_t*,
private_cert_payload_t *this)
{
- if (this->encoding != ENC_X509_SIGNATURE)
+ int type;
+
+ switch (this->encoding)
{
- return NULL;
+ case ENC_X509_SIGNATURE:
+ type = CERT_X509;
+ break;
+ case ENC_CRL:
+ type = CERT_X509_CRL;
+ break;
+ default:
+ return NULL;
}
- return lib->creds->create(lib->creds, CRED_CERTIFICATE, CERT_X509,
- BUILD_BLOB_ASN1_DER, this->data,
- BUILD_END);
+ return lib->creds->create(lib->creds, CRED_CERTIFICATE, type,
+ BUILD_BLOB_ASN1_DER, this->data, BUILD_END);
}
METHOD(cert_payload_t, get_hash, chunk_t,
}
break;
}
+ case ENC_CRL:
+ cert = cert_payload->get_cert(cert_payload);
+ if (cert)
+ {
+ DBG1(DBG_IKE, "received CRL \"%Y\"",
+ cert->get_subject(cert));
+ auth->add(auth, AUTH_HELPER_REVOCATION_CERT, cert);
+ }
+ break;
case ENC_PKCS7_WRAPPED_X509:
case ENC_PGP:
case ENC_DNS_SIGNED_KEY:
case ENC_KERBEROS_TOKEN:
- case ENC_CRL:
case ENC_ARL:
case ENC_SPKI:
case ENC_X509_ATTRIBUTE: