Annotation of embedaddon/strongswan/src/libstrongswan/credentials/certificates/certificate.c, revision 1.1.1.2
1.1 misho 1: /*
1.1.1.2 ! misho 2: * Copyright (C) 2020 Tobias Brunner
1.1 misho 3: * Copyright (C) 2007 Martin Willi
4: * Copyright (C) 2015 Andreas Steffen
5: * HSR Hochschule fuer Technik Rapperswil
6: *
7: * This program is free software; you can redistribute it and/or modify it
8: * under the terms of the GNU General Public License as published by the
9: * Free Software Foundation; either version 2 of the License, or (at your
10: * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
11: *
12: * This program is distributed in the hope that it will be useful, but
13: * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
14: * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
15: * for more details.
16: */
17:
18: #include "certificate.h"
19:
20: #include <utils/debug.h>
21: #include <credentials/certificates/x509.h>
22:
23: ENUM(certificate_type_names, CERT_ANY, CERT_GPG,
24: "ANY",
25: "X509",
26: "X509_CRL",
27: "OCSP_REQUEST",
28: "OCSP_RESPONSE",
29: "X509_AC",
30: "PUBKEY",
31: "PKCS10_REQUEST",
32: "PGP",
33: );
34:
35: ENUM(cert_validation_names, VALIDATION_GOOD, VALIDATION_REVOKED,
36: "GOOD",
37: "SKIPPED",
38: "STALE",
39: "FAILED",
40: "ON_HOLD",
41: "REVOKED",
42: );
43:
44: /**
45: * See header
46: */
47: bool certificate_is_newer(certificate_t *this, certificate_t *other)
48: {
49: time_t this_update, that_update;
50: char *type = "certificate";
51: bool newer;
52:
53: if (this->get_type(this) == CERT_X509_CRL)
54: {
55: type = "crl";
56: }
57: this->get_validity(this, NULL, &this_update, NULL);
58: other->get_validity(other, NULL, &that_update, NULL);
59: newer = this_update > that_update;
60: DBG1(DBG_LIB, " %s from %T is %s - existing %s from %T %s",
61: type, &this_update, FALSE, newer ? "newer" : "not newer",
62: type, &that_update, FALSE, newer ? "replaced" : "retained");
63: return newer;
64: }
1.1.1.2 ! misho 65:
! 66: /*
! 67: * Described in header
! 68: */
! 69: bool certificate_matches(certificate_t *cert, certificate_type_t type,
! 70: key_type_t key, identification_t *id)
! 71: {
! 72: public_key_t *public;
! 73:
! 74: if (type != CERT_ANY && type != cert->get_type(cert))
! 75: {
! 76: return FALSE;
! 77: }
! 78: public = cert->get_public_key(cert);
! 79: if (public)
! 80: {
! 81: if (key == KEY_ANY || key == public->get_type(public))
! 82: {
! 83: if (id && public->has_fingerprint(public, id->get_encoding(id)))
! 84: {
! 85: public->destroy(public);
! 86: return TRUE;
! 87: }
! 88: }
! 89: else
! 90: {
! 91: public->destroy(public);
! 92: return FALSE;
! 93: }
! 94: public->destroy(public);
! 95: }
! 96: else if (key != KEY_ANY)
! 97: {
! 98: return FALSE;
! 99: }
! 100: return !id || cert->has_subject(cert, id);
! 101: }
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to certificate.c CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / strongswan / src / libstrongswan / credentials / certificates