|
1 /* ocsp_ht.c */ |
|
2 /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL |
|
3 * project 2000. |
|
4 */ |
|
5 /* ==================================================================== |
|
6 * Copyright (c) 2000 The OpenSSL Project. All rights reserved. |
|
7 * |
|
8 * Redistribution and use in source and binary forms, with or without |
|
9 * modification, are permitted provided that the following conditions |
|
10 * are met: |
|
11 * |
|
12 * 1. Redistributions of source code must retain the above copyright |
|
13 * notice, this list of conditions and the following disclaimer. |
|
14 * |
|
15 * 2. Redistributions in binary form must reproduce the above copyright |
|
16 * notice, this list of conditions and the following disclaimer in |
|
17 * the documentation and/or other materials provided with the |
|
18 * distribution. |
|
19 * |
|
20 * 3. All advertising materials mentioning features or use of this |
|
21 * software must display the following acknowledgment: |
|
22 * "This product includes software developed by the OpenSSL Project |
|
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" |
|
24 * |
|
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to |
|
26 * endorse or promote products derived from this software without |
|
27 * prior written permission. For written permission, please contact |
|
28 * licensing@OpenSSL.org. |
|
29 * |
|
30 * 5. Products derived from this software may not be called "OpenSSL" |
|
31 * nor may "OpenSSL" appear in their names without prior written |
|
32 * permission of the OpenSSL Project. |
|
33 * |
|
34 * 6. Redistributions of any form whatsoever must retain the following |
|
35 * acknowledgment: |
|
36 * "This product includes software developed by the OpenSSL Project |
|
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" |
|
38 * |
|
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY |
|
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE |
|
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR |
|
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR |
|
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, |
|
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT |
|
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; |
|
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) |
|
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, |
|
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) |
|
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED |
|
50 * OF THE POSSIBILITY OF SUCH DAMAGE. |
|
51 * ==================================================================== |
|
52 * |
|
53 * This product includes cryptographic software written by Eric Young |
|
54 * (eay@cryptsoft.com). This product includes software written by Tim |
|
55 * Hudson (tjh@cryptsoft.com). |
|
56 * |
|
57 */ |
|
58 /* |
|
59 © Portions copyright (c) 2006 Nokia Corporation. All rights reserved. |
|
60 */ |
|
61 |
|
62 |
|
63 #include <openssl/asn1.h> |
|
64 #include <stdio.h> |
|
65 #include <stdlib.h> |
|
66 #include <ctype.h> |
|
67 #include <string.h> |
|
68 #include <openssl/ocsp.h> |
|
69 #include <openssl/err.h> |
|
70 #include <openssl/buffer.h> |
|
71 #if (defined(SYMBIAN) && (defined(__WINSCW__) || defined(__WINS__))) |
|
72 #include "libcrypto_wsd_macros.h" |
|
73 #include "libcrypto_wsd.h" |
|
74 #endif |
|
75 #ifdef OPENSSL_SYS_SUNOS |
|
76 #define strtoul (unsigned long)strtol |
|
77 #endif /* OPENSSL_SYS_SUNOS */ |
|
78 |
|
79 /* Quick and dirty HTTP OCSP request handler. |
|
80 * Could make this a bit cleverer by adding |
|
81 * support for non blocking BIOs and a few |
|
82 * other refinements. |
|
83 */ |
|
84 #ifdef EMULATOR |
|
85 static const char req_txt[] = |
|
86 "POST %s HTTP/1.0\r\n\ |
|
87 Content-Type: application/ocsp-request\r\n\ |
|
88 Content-Length: %d\r\n\r\n"; |
|
89 #endif |
|
90 |
|
91 |
|
92 EXPORT_C OCSP_RESPONSE *OCSP_sendreq_bio(BIO *b, char *path, OCSP_REQUEST *req) |
|
93 { |
|
94 BIO *mem = NULL; |
|
95 char tmpbuf[1024]; |
|
96 OCSP_RESPONSE *resp = NULL; |
|
97 char *p, *q, *r; |
|
98 int len, retcode; |
|
99 #ifndef EMULATOR |
|
100 static char req_txt[] = |
|
101 "POST %s HTTP/1.0\r\n\ |
|
102 Content-Type: application/ocsp-request\r\n\ |
|
103 Content-Length: %d\r\n\r\n"; |
|
104 #endif |
|
105 |
|
106 len = i2d_OCSP_REQUEST(req, NULL); |
|
107 if(BIO_printf(b, req_txt, path, len) < 0) { |
|
108 OCSPerr(OCSP_F_OCSP_SENDREQ_BIO,OCSP_R_SERVER_WRITE_ERROR); |
|
109 goto err; |
|
110 } |
|
111 if(i2d_OCSP_REQUEST_bio(b, req) <= 0) { |
|
112 OCSPerr(OCSP_F_OCSP_SENDREQ_BIO,OCSP_R_SERVER_WRITE_ERROR); |
|
113 goto err; |
|
114 } |
|
115 if(!(mem = BIO_new(BIO_s_mem()))) goto err; |
|
116 /* Copy response to a memory BIO: socket bios can't do gets! */ |
|
117 while ((len = BIO_read(b, tmpbuf, sizeof tmpbuf))) { |
|
118 if(len < 0) { |
|
119 OCSPerr(OCSP_F_OCSP_SENDREQ_BIO,OCSP_R_SERVER_READ_ERROR); |
|
120 goto err; |
|
121 } |
|
122 BIO_write(mem, tmpbuf, len); |
|
123 } |
|
124 if(BIO_gets(mem, tmpbuf, 512) <= 0) { |
|
125 OCSPerr(OCSP_F_OCSP_SENDREQ_BIO,OCSP_R_SERVER_RESPONSE_PARSE_ERROR); |
|
126 goto err; |
|
127 } |
|
128 /* Parse the HTTP response. This will look like this: |
|
129 * "HTTP/1.0 200 OK". We need to obtain the numeric code and |
|
130 * (optional) informational message. |
|
131 */ |
|
132 |
|
133 /* Skip to first white space (passed protocol info) */ |
|
134 for(p = tmpbuf; *p && !isspace((unsigned char)*p); p++) continue; |
|
135 if(!*p) { |
|
136 OCSPerr(OCSP_F_OCSP_SENDREQ_BIO,OCSP_R_SERVER_RESPONSE_PARSE_ERROR); |
|
137 goto err; |
|
138 } |
|
139 /* Skip past white space to start of response code */ |
|
140 while(*p && isspace((unsigned char)*p)) p++; |
|
141 if(!*p) { |
|
142 OCSPerr(OCSP_F_OCSP_SENDREQ_BIO,OCSP_R_SERVER_RESPONSE_PARSE_ERROR); |
|
143 goto err; |
|
144 } |
|
145 /* Find end of response code: first whitespace after start of code */ |
|
146 for(q = p; *q && !isspace((unsigned char)*q); q++) continue; |
|
147 if(!*q) { |
|
148 OCSPerr(OCSP_F_OCSP_SENDREQ_BIO,OCSP_R_SERVER_RESPONSE_PARSE_ERROR); |
|
149 goto err; |
|
150 } |
|
151 /* Set end of response code and start of message */ |
|
152 *q++ = 0; |
|
153 /* Attempt to parse numeric code */ |
|
154 retcode = strtoul(p, &r, 10); |
|
155 if(*r) goto err; |
|
156 /* Skip over any leading white space in message */ |
|
157 while(*q && isspace((unsigned char)*q)) q++; |
|
158 if(*q) { |
|
159 /* Finally zap any trailing white space in message (include CRLF) */ |
|
160 /* We know q has a non white space character so this is OK */ |
|
161 for(r = q + strlen(q) - 1; isspace((unsigned char)*r); r--) *r = 0; |
|
162 } |
|
163 if(retcode != 200) { |
|
164 OCSPerr(OCSP_F_OCSP_SENDREQ_BIO,OCSP_R_SERVER_RESPONSE_ERROR); |
|
165 if(!*q) { |
|
166 ERR_add_error_data(2, "Code=", p); |
|
167 } |
|
168 else { |
|
169 ERR_add_error_data(4, "Code=", p, ",Reason=", q); |
|
170 } |
|
171 goto err; |
|
172 } |
|
173 /* Find blank line marking beginning of content */ |
|
174 while(BIO_gets(mem, tmpbuf, 512) > 0) |
|
175 { |
|
176 for(p = tmpbuf; *p && isspace((unsigned char)*p); p++) continue; |
|
177 if(!*p) break; |
|
178 } |
|
179 if(*p) { |
|
180 OCSPerr(OCSP_F_OCSP_SENDREQ_BIO,OCSP_R_NO_CONTENT); |
|
181 goto err; |
|
182 } |
|
183 if(!(resp = d2i_OCSP_RESPONSE_bio(mem, NULL))) { |
|
184 OCSPerr(OCSP_F_OCSP_SENDREQ_BIO,ERR_R_NESTED_ASN1_ERROR); |
|
185 goto err; |
|
186 } |
|
187 err: |
|
188 BIO_free(mem); |
|
189 return resp; |
|
190 } |