From a8a6d58617f1a3d05d517e38a2ba9d71f32aa082 Mon Sep 17 00:00:00 2001 From: Nikos Mavrogiannopoulos Date: Thu, 1 Nov 2012 18:11:15 +0100 Subject: [PATCH] Added new functions to convert types to strings. --- NEWS | 3 + libdane/Makefile.am | 2 +- libdane/dane-params.c | 147 +++++++++++++++++++++++++++++++++++++++++ libdane/dane.c | 1 + libdane/includes/gnutls/dane.h | 5 +- libdane/libdane.map | 3 + 6 files changed, 159 insertions(+), 2 deletions(-) create mode 100644 libdane/dane-params.c diff --git a/NEWS b/NEWS index d4bda8c5d..ef9265bf7 100644 --- a/NEWS +++ b/NEWS @@ -32,6 +32,9 @@ gnutls_srtp_get_selected_profile: Added gnutls_srtp_get_profile_name: Added gnutls_srtp_get_profile_by_name: Added gnutls_srtp_profile_t: Added +dane_cert_type_name: Added +dane_match_type_name: Added +dane_cert_usage_name: Added GNUTLS_CERT_REVOCATION_DATA_TOO_OLD: Added GNUTLS_CERT_REVOCATION_DATA_INVALID: Added GNUTLS_CERT_UNEXPECTED_OWNER: Added diff --git a/libdane/Makefile.am b/libdane/Makefile.am index 91d18ad08..bffa102fb 100644 --- a/libdane/Makefile.am +++ b/libdane/Makefile.am @@ -40,7 +40,7 @@ libgnutls_dane_la_LDFLAGS = -no-undefined if ENABLE_DANE lib_LTLIBRARIES = libgnutls-dane.la -libgnutls_dane_la_SOURCES = dane.c errors.c libdane.map +libgnutls_dane_la_SOURCES = dane.c dane-params.c errors.c libdane.map libgnutls_dane_la_LIBADD = ../gl/libgnu.la \ ../lib/libgnutls.la diff --git a/libdane/dane-params.c b/libdane/dane-params.c new file mode 100644 index 000000000..53d84730c --- /dev/null +++ b/libdane/dane-params.c @@ -0,0 +1,147 @@ +/* + * Copyright (C) 2012 KU Leuven + * + * Author: Nikos Mavrogiannopoulos + * + * This file is part of libdane. + * + * libdane is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public License + * as published by the Free Software Foundation; either version 3 of + * the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this program. If not, see + * + */ + +#include + +#include +#include +#include +#include +#include +#include +#include +#include +#include + +typedef struct cert_type_entry +{ + const char* name; + dane_cert_type_t type; +} cert_type_entry; + +static const cert_type_entry dane_cert_types[] = +{ + {"X.509", DANE_CERT_X509}, + {"SubjectPublicKeyInfo", DANE_CERT_PK}, + {NULL, 0} +}; + +typedef struct match_type_entry +{ + const char* name; + dane_match_type_t type; +} match_type_entry; + +static const match_type_entry dane_match_types[] = +{ + {"Exact match", DANE_MATCH_EXACT}, + {"SHA2-256 hash", DANE_MATCH_SHA2_256}, + {"SHA2-512 hash", DANE_MATCH_SHA2_512}, + {NULL, 0} +}; + +typedef struct cert_usage_entry +{ + const char* name; + dane_cert_usage_t usage; +} cert_usage_entry; + +static const cert_usage_entry dane_cert_usages[] = +{ + {"CA", DANE_CERT_USAGE_CA}, + {"End-entity", DANE_CERT_USAGE_EE}, + {"Local CA", DANE_CERT_USAGE_LOCAL_CA}, + {"Local end-entity", DANE_CERT_USAGE_LOCAL_EE}, + {NULL, 0} +}; + + + +/** + * dane_cert_type_name: + * @type: is a DANE match type + * + * Convert a #dane_cert_type_t value to a string. + * + * Returns: a string that contains the name of the specified + * type, or %NULL. + **/ +const char* dane_cert_type_name(dane_cert_type_t type) +{ +const cert_type_entry* e = dane_cert_types; + + while(e->name != NULL) + { + if (e->type == type) + return e->name; + e++; + } + + return NULL; +} + +/** + * dane_match_type_name: + * @type: is a DANE match type + * + * Convert a #dane_match_type_t value to a string. + * + * Returns: a string that contains the name of the specified + * type, or %NULL. + **/ +const char* dane_match_type_name(dane_match_type_t type) +{ +const match_type_entry* e = dane_match_types; + + while(e->name != NULL) + { + if (e->type == type) + return e->name; + e++; + } + + return NULL; +} + +/** + * dane_cert_usage_name: + * @type: is a DANE match type + * + * Convert a #dane_cert_usage_t value to a string. + * + * Returns: a string that contains the name of the specified + * type, or %NULL. + **/ +const char* dane_cert_usage_name(dane_cert_usage_t usage) +{ +const cert_usage_entry* e = dane_cert_usages; + + while(e->name != NULL) + { + if (e->usage == usage) + return e->name; + e++; + } + + return NULL; + +} diff --git a/libdane/dane.c b/libdane/dane.c index 052a0faa6..5428a3317 100644 --- a/libdane/dane.c +++ b/libdane/dane.c @@ -601,3 +601,4 @@ unsigned int type; return dane_verify_crt(s, cert_list, cert_list_size, type, hostname, proto, port, sflags, vflags, verify); } + diff --git a/libdane/includes/gnutls/dane.h b/libdane/includes/gnutls/dane.h index 59392dac2..9a08737a6 100644 --- a/libdane/includes/gnutls/dane.h +++ b/libdane/includes/gnutls/dane.h @@ -101,7 +101,7 @@ typedef struct dane_query_st *dane_query_t; typedef enum dane_state_flags_t { DANE_F_IGNORE_LOCAL_RESOLVER = 1, -} dane_verify_flags_t; +} dane_state_flags_t; int dane_state_init (dane_state_t* s, unsigned int flags); void dane_state_deinit (dane_state_t s); @@ -115,6 +115,9 @@ int dane_query_data(dane_query_t q, unsigned int idx, unsigned int *match, gnutls_datum_t * data); void dane_query_deinit(dane_query_t q); +const char* dane_cert_type_name(dane_cert_type_t type); +const char* dane_match_type_name(dane_match_type_t type); +const char* dane_cert_usage_name(dane_cert_usage_t usage); /** * dane_verify_status_t: diff --git a/libdane/libdane.map b/libdane/libdane.map index 0bdd7a0a0..335869c1c 100644 --- a/libdane/libdane.map +++ b/libdane/libdane.map @@ -13,6 +13,9 @@ DANE_0_0 dane_query_deinit; dane_verify_session_crt; dane_verify_crt; + dane_cert_type_name; + dane_match_type_name; + dane_cert_usage_name; local: *; }; -- 2.11.4.GIT