1 /* ocsp_ht.c */

     2 /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL

     3  * project 2000.

     4  */

     5 /* ====================================================================

     6  * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.

     7  *

     8  * Redistribution and use in source and binary forms, with or without

     9  * modification, are permitted provided that the following conditions

    10  * are met:

    11  *

    12  * 1. Redistributions of source code must retain the above copyright

    13  *    notice, this list of conditions and the following disclaimer. 

    14  *

    15  * 2. Redistributions in binary form must reproduce the above copyright

    16  *    notice, this list of conditions and the following disclaimer in

    17  *    the documentation and/or other materials provided with the

    18  *    distribution.

    19  *

    20  * 3. All advertising materials mentioning features or use of this

    21  *    software must display the following acknowledgment:

    22  *    "This product includes software developed by the OpenSSL Project

    23  *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"

    24  *

    25  * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to

    26  *    endorse or promote products derived from this software without

    27  *    prior written permission. For written permission, please contact

    28  *    licensing@OpenSSL.org.

    29  *

    30  * 5. Products derived from this software may not be called "OpenSSL"

    31  *    nor may "OpenSSL" appear in their names without prior written

    32  *    permission of the OpenSSL Project.

    33  *

    34  * 6. Redistributions of any form whatsoever must retain the following

    35  *    acknowledgment:

    36  *    "This product includes software developed by the OpenSSL Project

    37  *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"

    38  *

    39  * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY

    40  * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE

    41  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR

    42  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR

    43  * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,

    44  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT

    45  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;

    46  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)

    47  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,

    48  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)

    49  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED

    50  * OF THE POSSIBILITY OF SUCH DAMAGE.

    51  * ====================================================================

    52  *

    53  * This product includes cryptographic software written by Eric Young

    54  * (eay@cryptsoft.com).  This product includes software written by Tim

    55  * Hudson (tjh@cryptsoft.com).

    56  *

    57  */

    58  /*

    59  © Portions copyright (c) 2006 Nokia Corporation.  All rights reserved.

    60  */

    61 

    62 

    63 #include <openssl/asn1.h>

    64 #include <stdio.h>

    65 #include <stdlib.h>

    66 #include <ctype.h>

    67 #include <string.h>

    68 #include <openssl/ocsp.h>

    69 #include <openssl/err.h>

    70 #include <openssl/buffer.h>

    71 #if (defined(SYMBIAN) && (defined(__WINSCW__) || defined(__WINS__)))

    72 #include "libcrypto_wsd_macros.h"

    73 #include "libcrypto_wsd.h"

    74 #endif

    75 #ifdef OPENSSL_SYS_SUNOS

    76 #define strtoul (unsigned long)strtol

    77 #endif /* OPENSSL_SYS_SUNOS */

    78 

    79 /* Quick and dirty HTTP OCSP request handler.

    80  * Could make this a bit cleverer by adding

    81  * support for non blocking BIOs and a few

    82  * other refinements.

    83  */

    84 #ifdef EMULATOR	

    85 	static const char req_txt[] =

    86 "POST %s HTTP/1.0\r\n\

    87 Content-Type: application/ocsp-request\r\n\

    88 Content-Length: %d\r\n\r\n";

    89 #endif

    90  

    91 

    92 EXPORT_C OCSP_RESPONSE *OCSP_sendreq_bio(BIO *b, char *path, OCSP_REQUEST *req)

    93 {

    94 	BIO *mem = NULL;

    95 	char tmpbuf[1024];

    96 	OCSP_RESPONSE *resp = NULL;

    97 	char *p, *q, *r;

    98 	int len, retcode;

    99 #ifndef EMULATOR	

   100 	static char req_txt[] =

   101 "POST %s HTTP/1.0\r\n\

   102 Content-Type: application/ocsp-request\r\n\

   103 Content-Length: %d\r\n\r\n";

   104 #endif

   105 

   106 	len = i2d_OCSP_REQUEST(req, NULL);

   107 	if(BIO_printf(b, req_txt, path, len) < 0) {

   108 		OCSPerr(OCSP_F_OCSP_SENDREQ_BIO,OCSP_R_SERVER_WRITE_ERROR);

   109 		goto err;

   110 	}

   111 	if(i2d_OCSP_REQUEST_bio(b, req) <= 0) {

   112 		OCSPerr(OCSP_F_OCSP_SENDREQ_BIO,OCSP_R_SERVER_WRITE_ERROR);

   113 		goto err;

   114 	}

   115 	if(!(mem = BIO_new(BIO_s_mem()))) goto err;

   116 	/* Copy response to a memory BIO: socket bios can't do gets! */

   117 	while ((len = BIO_read(b, tmpbuf, sizeof tmpbuf))) {

   118 		if(len < 0) {

   119 			OCSPerr(OCSP_F_OCSP_SENDREQ_BIO,OCSP_R_SERVER_READ_ERROR);

   120 			goto err;

   121 		}

   122 		BIO_write(mem, tmpbuf, len);

   123 	}

   124 	if(BIO_gets(mem, tmpbuf, 512) <= 0) {

   125 		OCSPerr(OCSP_F_OCSP_SENDREQ_BIO,OCSP_R_SERVER_RESPONSE_PARSE_ERROR);

   126 		goto err;

   127 	}

   128 	/* Parse the HTTP response. This will look like this:

   129 	 * "HTTP/1.0 200 OK". We need to obtain the numeric code and

   130          * (optional) informational message.

   131 	 */

   132 

   133 	/* Skip to first white space (passed protocol info) */

   134 	for(p = tmpbuf; *p && !isspace((unsigned char)*p); p++) continue;

   135 	if(!*p) {

   136 		OCSPerr(OCSP_F_OCSP_SENDREQ_BIO,OCSP_R_SERVER_RESPONSE_PARSE_ERROR);

   137 		goto err;

   138 	}

   139 	/* Skip past white space to start of response code */

   140 	while(*p && isspace((unsigned char)*p)) p++;

   141 	if(!*p) {

   142 		OCSPerr(OCSP_F_OCSP_SENDREQ_BIO,OCSP_R_SERVER_RESPONSE_PARSE_ERROR);

   143 		goto err;

   144 	}

   145 	/* Find end of response code: first whitespace after start of code */

   146 	for(q = p; *q && !isspace((unsigned char)*q); q++) continue;

   147 	if(!*q) {

   148 		OCSPerr(OCSP_F_OCSP_SENDREQ_BIO,OCSP_R_SERVER_RESPONSE_PARSE_ERROR);

   149 		goto err;

   150 	}

   151 	/* Set end of response code and start of message */ 

   152 	*q++ = 0;

   153 	/* Attempt to parse numeric code */

   154 	retcode = strtoul(p, &r, 10);

   155 	if(*r) goto err;

   156 	/* Skip over any leading white space in message */

   157 	while(*q && isspace((unsigned char)*q))  q++;

   158 	if(*q) {

   159 	/* Finally zap any trailing white space in message (include CRLF) */

   160 	/* We know q has a non white space character so this is OK */

   161 		for(r = q + strlen(q) - 1; isspace((unsigned char)*r); r--) *r = 0;

   162 	}

   163 	if(retcode != 200) {

   164 		OCSPerr(OCSP_F_OCSP_SENDREQ_BIO,OCSP_R_SERVER_RESPONSE_ERROR);

   165 		if(!*q) { 

   166 			ERR_add_error_data(2, "Code=", p);

   167 		}

   168 		else {

   169 			ERR_add_error_data(4, "Code=", p, ",Reason=", q);

   170 		}

   171 		goto err;

   172 	}

   173 	/* Find blank line marking beginning of content */	

   174 	while(BIO_gets(mem, tmpbuf, 512) > 0)

   175 	{

   176 		for(p = tmpbuf; *p && isspace((unsigned char)*p); p++) continue;

   177 		if(!*p) break;

   178 	}

   179 	if(*p) {

   180 		OCSPerr(OCSP_F_OCSP_SENDREQ_BIO,OCSP_R_NO_CONTENT);

   181 		goto err;

   182 	}

   183 	if(!(resp = d2i_OCSP_RESPONSE_bio(mem, NULL))) {

   184 		OCSPerr(OCSP_F_OCSP_SENDREQ_BIO,ERR_R_NESTED_ASN1_ERROR);

   185 		goto err;

   186 	}

   187 	err:

   188 	BIO_free(mem);

   189 	return resp;

   190 }