From: Tobias Brunner <tobias@strongswan.org>
Date: Fri, 12 May 2017 07:10:15 +0000 (+0200)
Subject: vici: Return key ID from load-key command
X-Git-Tag: 5.5.3~40
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=605a98c7ce108e8083502364292cce87c0a72b51;p=thirdparty%2Fstrongswan.git

vici: Return key ID from load-key command

We already do this for load-token and this should simplify client
implementations.
---

diff --git a/src/libcharon/plugins/vici/README.md b/src/libcharon/plugins/vici/README.md
index 9bda949d00..f47f80cad8 100644
--- a/src/libcharon/plugins/vici/README.md
+++ b/src/libcharon/plugins/vici/README.md
@@ -480,11 +480,12 @@ Load a certificate into the daemon.
 Load a private key into the daemon.
 
 	{
-		type = <private key type, RSA|ECDSA>
+		type = <private key type, rsa|ecdsa|bliss|any>
 		data = <PEM or DER encoded key data>
 	} => {
 		success = <yes or no>
 		errmsg = <error string on failure>
+		id = <hex-encoded SHA-1 key identifier of the public key on success>
 	}
 
 ### unload-key() ###
diff --git a/src/libcharon/plugins/vici/vici_cred.c b/src/libcharon/plugins/vici/vici_cred.c
index 6c7c194c2d..5d8bf2f056 100644
--- a/src/libcharon/plugins/vici/vici_cred.c
+++ b/src/libcharon/plugins/vici/vici_cred.c
@@ -1,6 +1,6 @@
 /*
  * Copyright (C) 2015-2016 Andreas Steffen
- * Copyright (C) 2016 Tobias Brunner
+ * Copyright (C) 2016-2017 Tobias Brunner
  * HSR Hochschule fuer Technik Rapperswil
  *
  * Copyright (C) 2014 Martin Willi
@@ -206,9 +206,10 @@ CALLBACK(load_cert, vici_message_t*,
 CALLBACK(load_key, vici_message_t*,
 	private_vici_cred_t *this, char *name, u_int id, vici_message_t *message)
 {
+	vici_builder_t *builder;
 	key_type_t type;
 	private_key_t *key;
-	chunk_t data;
+	chunk_t data, fp;
 	char *str;
 
 	str = message->get_str(message, NULL, "type");
@@ -248,12 +249,19 @@ CALLBACK(load_key, vici_message_t*,
 		return create_reply("parsing %N private key failed",
 							key_type_names, type);
 	}
+	if (!key->get_fingerprint(key, KEYID_PUBKEY_SHA1, &fp))
+	{
+		return create_reply("failed to get key id");
+	}
 
 	DBG1(DBG_CFG, "loaded %N private key", key_type_names, type);
 
+	builder = vici_builder_create();
+	builder->add_kv(builder, "success", "yes");
+	builder->add_kv(builder, "id", "%+B", &fp);
 	this->creds->add_key(this->creds, key);
 
-	return create_reply(NULL);
+	return builder->finalize(builder);
 }
 
 CALLBACK(unload_key, vici_message_t*,