removed obsolete fingerprint identification types

src/libstrongswan/utils/identification.c

@@ -48,12 +48,11 @@ ENUM_BEGIN(id_type_names, ID_ANY, ID_KEY_ID,
 	"ID_DER_ASN1_DN",
 	"ID_DER_ASN1_GN",
 	"ID_KEY_ID");
-ENUM_NEXT(id_type_names, ID_DER_ASN1_GN_URI, ID_CERT_DER_SHA1, ID_KEY_ID,
-	"ID_DER_ASN1_GN_URI",
-	"ID_PUBKEY_INFO_SHA1",
-	"ID_PUBKEY_SHA1",
-	"ID_CERT_DER_SHA1");
-ENUM_END(id_type_names, ID_CERT_DER_SHA1);
+ENUM_NEXT(id_type_names, ID_DER_ASN1_GN_URI, ID_MYID, ID_KEY_ID,
+	"ID_DER_ASN1_GN_URI"
+	"ID_IETF_ATTR_STRING"
+	"ID_MYID");
+ENUM_END(id_type_names, ID_MYID);
 
 /**
  * coding of X.501 distinguished name 
@@ -809,7 +808,8 @@ int identification_printf_hook(char *dst, size_t len, printf_hook_spec_t *spec,
 			snprintf(buf, sizeof(buf), "(ASN.1 general Name");
 			break;
 		case ID_KEY_ID:
-			if (chunk_printable(this->encoded, NULL, '?'))
+			if (chunk_printable(this->encoded, NULL, '?') &&
+				this->encoded.len != HASH_SIZE_SHA1)
 			{	/* fully printable, use ascii version */
 				snprintf(buf, sizeof(buf), "%.*s",
 						 this->encoded.len, this->encoded.ptr);
@@ -819,11 +819,6 @@ int identification_printf_hook(char *dst, size_t len, printf_hook_spec_t *spec,
 				snprintf(buf, sizeof(buf), "%#B", &this->encoded);
 			}
 			break;
-		case ID_PUBKEY_INFO_SHA1:
-		case ID_PUBKEY_SHA1:
-		case ID_CERT_DER_SHA1:
-			snprintf(buf, sizeof(buf), "%#B", &this->encoded);
-			break;
 		default:
 			snprintf(buf, sizeof(buf), "(unknown ID type: %d)", this->type);
 			break;

src/libstrongswan/utils/identification.h

@@ -56,24 +56,24 @@ extern enum_name_t *id_match_names;
  * ID Types in a ID payload.
  */
 enum id_type_t {
-
+	
 	/**
 	 * private type which matches any other id.
 	 */
 	ID_ANY = 0,
-
+	
 	/**
 	 * ID data is a single four (4) octet IPv4 address.
 	 */
 	ID_IPV4_ADDR = 1,
-
+	
 	/**
 	 * ID data is a fully-qualified domain name string.
 	 * An example of a ID_FQDN is "example.com".
 	 * The string MUST not contain any terminators (e.g., NULL, CR, etc.).
 	 */
 	ID_FQDN = 2,
-
+	
 	/**
 	 * ID data is a fully-qualified RFC822 email address string.
 	 * An example of an ID_RFC822_ADDR is "jsmith@example.com".
@@ -81,78 +81,63 @@ enum id_type_t {
 	 */
 	ID_USER_FQDN   = 3,    /* IKEv1 only */
 	ID_RFC822_ADDR = 3,    /* IKEv2 only */
-
+	
 	/**
 	 * ID data is an IPv4 subnet (IKEv1 only)
 	 */
 	ID_IPV4_ADDR_SUBNET = 4,
-
+	
 	/**
 	 * ID data is a single sixteen (16) octet IPv6 address.
 	 */
 	ID_IPV6_ADDR = 5,
-
+	
 	/**
 	 * ID data is an IPv6 subnet (IKEv1 only)
 	 */
 	ID_IPV6_ADDR_SUBNET = 6,
-
+	
 	/**
 	 * ID data is an IPv4 address range (IKEv1 only)
 	 */
 	ID_IPV4_ADDR_RANGE = 7,
-
+	
 	/**
 	 * ID data is an IPv6 address range (IKEv1 only)
 	 */
 	ID_IPV6_ADDR_RANGE = 8,
-
+	
 	/**
 	 * ID data is the binary DER encoding of an ASN.1 X.501 Distinguished Name
 	 */
 	ID_DER_ASN1_DN = 9,
-
+	
 	/**
 	 * ID data is the binary DER encoding of an ASN.1 X.509 GeneralName
 	 */
 	ID_DER_ASN1_GN = 10,
-
+	
 	/**
 	 * ID data is an opaque octet stream which may be used to pass vendor-
 	 * specific information necessary to do certain proprietary
 	 * types of identification.
 	 */
 	ID_KEY_ID = 11,
-
+	
 	/**
 	 * private type which represents a GeneralName of type URI
 	 */
 	ID_DER_ASN1_GN_URI = 201,
 	
-	/**
-	 * SHA1 hash over PKCS#1 subjectPublicKeyInfo
-	 */
-	ID_PUBKEY_INFO_SHA1 = 202,
-	
-	/**
-	 * SHA1 hash over PKCS#1 subjectPublicKey
-	 */
-	ID_PUBKEY_SHA1 = 203,
-	
-	/**
-	 * SHA1 hash of the binary DER encoding of a certificate
-	 */
-	ID_CERT_DER_SHA1 = 204,
-
 	/**
 	 * IETF Attribute Syntax String (RFC 3281)
 	 */
-	ID_IETF_ATTR_STRING = 205,
-
+	ID_IETF_ATTR_STRING = 202,
+	
 	/**
 	 * Private ID used by the pluto daemon for opportunistic encryption
 	 */
-	ID_MYID = 206,
+	ID_MYID = 203,
 };
 
 /**