|
1 /** |
|
2 * XMLSec library |
|
3 * |
|
4 * X509 support |
|
5 * |
|
6 * |
|
7 * This is free software; see Copyright file in the source |
|
8 * distribution for preciese wording. |
|
9 * |
|
10 * Copyright (C) 2002-2003 Aleksey Sanin <aleksey@aleksey.com> |
|
11 * Portion Copyright © 2009 Nokia Corporation and/or its subsidiary(-ies). All rights reserved. |
|
12 */ |
|
13 //#include "globals.h" |
|
14 #include "xmlsecc_config.h" |
|
15 #ifndef XMLSEC_NO_X509 |
|
16 #include "xmlsecc_globals.h" |
|
17 |
|
18 #include <stdlib.h> |
|
19 #include <stdio.h> |
|
20 #include <string.h> |
|
21 #include <ctype.h> |
|
22 #include <errno.h> |
|
23 #include <time.h> |
|
24 |
|
25 #include <libxml2_tree.h> |
|
26 #include <libxml2_globals.h> |
|
27 |
|
28 #include "xmlsec_xmlsec.h" |
|
29 #include "xmlsec_xmltree.h" |
|
30 #include "xmlsec_keys.h" |
|
31 #include "xmlsec_keyinfo.h" |
|
32 #include "xmlsec_keysmngr.h" |
|
33 #include "xmlsec_x509.h" |
|
34 #include "xmlsec_base64.h" |
|
35 #include "xmlsec_errors.h" |
|
36 |
|
37 #include "xmlsecc_crypto.h" |
|
38 #include "xmlsecc_evp.h" |
|
39 #include "xmlsecc_x509.h" |
|
40 |
|
41 /************************************************************************* |
|
42 * |
|
43 * X509 utility functions |
|
44 * |
|
45 ************************************************************************/ |
|
46 static int xmlSecSymbianCryptoX509DataNodeRead (xmlSecKeyDataPtr data, |
|
47 xmlNodePtr node, |
|
48 xmlSecKeyInfoCtxPtr keyInfoCtx); |
|
49 static int xmlSecSymbianCryptoX509CertificateNodeRead (xmlSecKeyDataPtr data, |
|
50 xmlNodePtr node, |
|
51 xmlSecKeyInfoCtxPtr keyInfoCtx); |
|
52 static int xmlSecSymbianCryptoX509CertificateNodeWrite (X509* cert, |
|
53 xmlNodePtr node, |
|
54 xmlSecKeyInfoCtxPtr keyInfoCtx); |
|
55 static int xmlSecSymbianCryptoX509SubjectNameNodeRead (xmlSecKeyDataPtr data, |
|
56 xmlNodePtr node, |
|
57 xmlSecKeyInfoCtxPtr keyInfoCtx); |
|
58 static int xmlSecSymbianCryptoX509SubjectNameNodeWrite (X509* cert, |
|
59 xmlNodePtr node, |
|
60 xmlSecKeyInfoCtxPtr keyInfoCtx); |
|
61 static int xmlSecSymbianCryptoX509IssuerSerialNodeRead (xmlSecKeyDataPtr data, |
|
62 xmlNodePtr node, |
|
63 xmlSecKeyInfoCtxPtr keyInfoCtx); |
|
64 static int xmlSecSymbianCryptoX509IssuerSerialNodeWrite (X509* cert, |
|
65 xmlNodePtr node, |
|
66 xmlSecKeyInfoCtxPtr keyInfoCtx); |
|
67 static int xmlSecSymbianCryptoX509SKINodeRead (xmlSecKeyDataPtr data, |
|
68 xmlNodePtr node, |
|
69 xmlSecKeyInfoCtxPtr keyInfoCtx); |
|
70 static int xmlSecSymbianCryptoX509SKINodeWrite (X509* cert, |
|
71 xmlNodePtr node, |
|
72 xmlSecKeyInfoCtxPtr keyInfoCtx); |
|
73 static int xmlSecSymbianCryptoX509CRLNodeRead (xmlSecKeyDataPtr data, |
|
74 xmlNodePtr node, |
|
75 xmlSecKeyInfoCtxPtr keyInfoCtx); |
|
76 static int xmlSecSymbianCryptoX509CRLNodeWrite (X509_CRL* crl, |
|
77 xmlNodePtr node, |
|
78 xmlSecKeyInfoCtxPtr keyInfoCtx); |
|
79 static int xmlSecSymbianCryptoKeyDataX509VerifyAndExtractKey(xmlSecKeyDataPtr data, |
|
80 xmlSecKeyPtr key, |
|
81 xmlSecKeyInfoCtxPtr keyInfoCtx); |
|
82 static X509* xmlSecSymbianCryptoX509CertDerRead (const xmlSecByte* buf, |
|
83 xmlSecSize size); |
|
84 static X509* xmlSecSymbianCryptoX509CertBase64DerRead (xmlChar* buf); |
|
85 static xmlChar* xmlSecSymbianCryptoX509CertBase64DerWrite (X509* cert, |
|
86 int base64LineWrap); |
|
87 static X509_CRL* xmlSecSymbianCryptoX509CrlDerRead (xmlSecByte* buf, |
|
88 xmlSecSize size); |
|
89 static X509_CRL* xmlSecSymbianCryptoX509CrlBase64DerRead (xmlChar* buf); |
|
90 static xmlChar* xmlSecSymbianCryptoX509CrlBase64DerWrite (X509_CRL* crl, |
|
91 int base64LineWrap); |
|
92 static xmlChar* xmlSecSymbianCryptoX509NameWrite (X509_NAME* nm); |
|
93 #ifdef XMLSEC_FUTURE_SUPPORT |
|
94 static xmlChar* xmlSecSymbianCryptoASN1IntegerWrite (ASN1_INTEGER *asni); |
|
95 #endif //XMLSEC_FUTURE_SUPPORT |
|
96 static xmlChar* xmlSecSymbianCryptoX509SKIWrite (X509* cert); |
|
97 static void xmlSecSymbianCryptoX509CertDebugDump (X509* cert, |
|
98 FILE* output); |
|
99 static void xmlSecSymbianCryptoX509CertDebugXmlDump (X509* cert, |
|
100 FILE* output); |
|
101 #ifdef XMLSEC_FUTURE_SUPPORT |
|
102 static int xmlSecSymbianCryptoX509CertGetTime (ASN1_TIME* t, |
|
103 time_t* res); |
|
104 #endif //XMLSEC_FUTURE_SUPPORT |
|
105 /************************************************************************* |
|
106 * |
|
107 * Support for SymbianCertStore |
|
108 * |
|
109 *************************************************************************/ |
|
110 static int XmlSecCertStoreFlag = 0; |
|
111 |
|
112 // --------------------------------------------------------------------------- |
|
113 // Set SymbianCertStore flag. |
|
114 // --------------------------------------------------------------------------- |
|
115 // |
|
116 EXPORT_C |
|
117 void xmlSecSetCertStoreFlag() |
|
118 { |
|
119 XmlSecCertStoreFlag = 1; |
|
120 } |
|
121 |
|
122 // --------------------------------------------------------------------------- |
|
123 // Reset SymbianCertStore flag. |
|
124 // --------------------------------------------------------------------------- |
|
125 // |
|
126 EXPORT_C |
|
127 void xmlSecResetCertStoreFlag() |
|
128 { |
|
129 XmlSecCertStoreFlag = 0; |
|
130 } |
|
131 // --------------------------------------------------------------------------- |
|
132 // Check SymbianCertStore flag. |
|
133 // --------------------------------------------------------------------------- |
|
134 // |
|
135 EXPORT_C |
|
136 int xmlSecCheckCertStoreFlag() |
|
137 { |
|
138 return XmlSecCertStoreFlag; |
|
139 } |
|
140 /************************************************************************* |
|
141 * |
|
142 * Internal SymbianCrypto X509 data CTX |
|
143 * |
|
144 ************************************************************************/ |
|
145 typedef struct _xmlSecSymbianCryptoX509DataCtx xmlSecSymbianCryptoX509DataCtx, |
|
146 *xmlSecSymbianCryptoX509DataCtxPtr; |
|
147 struct _xmlSecSymbianCryptoX509DataCtx { |
|
148 X509* keyCert; |
|
149 STACK_OF(X509)* certsList; |
|
150 STACK_OF(X509_CRL)* crlsList; |
|
151 }; |
|
152 /************************************************************************** |
|
153 * |
|
154 * <dsig:X509Data> processing |
|
155 * |
|
156 * |
|
157 * The X509Data Element (http://www.w3.org/TR/xmldsig-core/#sec-X509Data) |
|
158 * |
|
159 * An X509Data element within KeyInfo contains one or more identifiers of keys |
|
160 * or X509 certificates (or certificates' identifiers or a revocation list). |
|
161 * The content of X509Data is: |
|
162 * |
|
163 * 1. At least one element, from the following set of element types; any of these may appear together or more than once iff (if and only if) each instance describes or is related to the same certificate: |
|
164 * 2. |
|
165 * * The X509IssuerSerial element, which contains an X.509 issuer |
|
166 * distinguished name/serial number pair that SHOULD be compliant |
|
167 * with RFC2253 [LDAP-DN], |
|
168 * * The X509SubjectName element, which contains an X.509 subject |
|
169 * distinguished name that SHOULD be compliant with RFC2253 [LDAP-DN], |
|
170 * * The X509SKI element, which contains the base64 encoded plain (i.e. |
|
171 * non-DER-encoded) value of a X509 V.3 SubjectKeyIdentifier extension. |
|
172 * * The X509Certificate element, which contains a base64-encoded [X509v3] |
|
173 * certificate, and |
|
174 * * Elements from an external namespace which accompanies/complements any |
|
175 * of the elements above. |
|
176 * * The X509CRL element, which contains a base64-encoded certificate |
|
177 * revocation list (CRL) [X509v3]. |
|
178 * |
|
179 * Any X509IssuerSerial, X509SKI, and X509SubjectName elements that appear |
|
180 * MUST refer to the certificate or certificates containing the validation key. |
|
181 * All such elements that refer to a particular individual certificate MUST be |
|
182 * grouped inside a single X509Data element and if the certificate to which |
|
183 * they refer appears, it MUST also be in that X509Data element. |
|
184 * |
|
185 * Any X509IssuerSerial, X509SKI, and X509SubjectName elements that relate to |
|
186 * the same key but different certificates MUST be grouped within a single |
|
187 * KeyInfo but MAY occur in multiple X509Data elements. |
|
188 * |
|
189 * All certificates appearing in an X509Data element MUST relate to the |
|
190 * validation key by either containing it or being part of a certification |
|
191 * chain that terminates in a certificate containing the validation key. |
|
192 * |
|
193 * No ordering is implied by the above constraints. |
|
194 * |
|
195 * Note, there is no direct provision for a PKCS#7 encoded "bag" of |
|
196 * certificates or CRLs. However, a set of certificates and CRLs can occur |
|
197 * within an X509Data element and multiple X509Data elements can occur in a |
|
198 * KeyInfo. Whenever multiple certificates occur in an X509Data element, at |
|
199 * least one such certificate must contain the public key which verifies the |
|
200 * signature. |
|
201 * |
|
202 * Schema Definition |
|
203 * |
|
204 * <element name="X509Data" type="ds:X509DataType"/> |
|
205 * <complexType name="X509DataType"> |
|
206 * <sequence maxOccurs="unbounded"> |
|
207 * <choice> |
|
208 * <element name="X509IssuerSerial" type="ds:X509IssuerSerialType"/> |
|
209 * <element name="X509SKI" type="base64Binary"/> |
|
210 * <element name="X509SubjectName" type="string"/> |
|
211 * <element name="X509Certificate" type="base64Binary"/> |
|
212 * <element name="X509CRL" type="base64Binary"/> |
|
213 * <any namespace="##other" processContents="lax"/> |
|
214 * </choice> |
|
215 * </sequence> |
|
216 * </complexType> |
|
217 * <complexType name="X509IssuerSerialType"> |
|
218 * <sequence> |
|
219 * <element name="X509IssuerName" type="string"/> |
|
220 * <element name="X509SerialNumber" type="integer"/> |
|
221 * </sequence> |
|
222 * </complexType> |
|
223 * |
|
224 * DTD |
|
225 * |
|
226 * <!ELEMENT X509Data ((X509IssuerSerial | X509SKI | X509SubjectName | |
|
227 * X509Certificate | X509CRL)+ %X509.ANY;)> |
|
228 * <!ELEMENT X509IssuerSerial (X509IssuerName, X509SerialNumber) > |
|
229 * <!ELEMENT X509IssuerName (#PCDATA) > |
|
230 * <!ELEMENT X509SubjectName (#PCDATA) > |
|
231 * <!ELEMENT X509SerialNumber (#PCDATA) > |
|
232 * <!ELEMENT X509SKI (#PCDATA) > |
|
233 * <!ELEMENT X509Certificate (#PCDATA) > |
|
234 * <!ELEMENT X509CRL (#PCDATA) > |
|
235 * |
|
236 * ----------------------------------------------------------------------- |
|
237 * |
|
238 * xmlSecSymbianCryptoX509DataCtx is located after xmlSecTransform |
|
239 * |
|
240 *************************************************************************/ |
|
241 #define xmlSecSymbianCryptoX509DataSize \ |
|
242 (sizeof(xmlSecKeyData) + sizeof(xmlSecSymbianCryptoX509DataCtx)) |
|
243 #define xmlSecSymbianCryptoX509DataGetCtx(data) \ |
|
244 ((xmlSecSymbianCryptoX509DataCtxPtr)(((xmlSecByte*)(data)) + sizeof(xmlSecKeyData))) |
|
245 |
|
246 static int xmlSecSymbianCryptoKeyDataX509Initialize (xmlSecKeyDataPtr data); |
|
247 static int xmlSecSymbianCryptoKeyDataX509Duplicate (xmlSecKeyDataPtr dst, |
|
248 xmlSecKeyDataPtr src); |
|
249 static void xmlSecSymbianCryptoKeyDataX509Finalize (xmlSecKeyDataPtr data); |
|
250 static int xmlSecSymbianCryptoKeyDataX509XmlRead (xmlSecKeyDataId id, |
|
251 xmlSecKeyPtr key, |
|
252 xmlNodePtr node, |
|
253 xmlSecKeyInfoCtxPtr keyInfoCtx); |
|
254 static int xmlSecSymbianCryptoKeyDataX509XmlWrite (xmlSecKeyDataId id, |
|
255 xmlSecKeyPtr key, |
|
256 xmlNodePtr node, |
|
257 xmlSecKeyInfoCtxPtr keyInfoCtx); |
|
258 static xmlSecKeyDataType xmlSecSymbianCryptoKeyDataX509GetType (xmlSecKeyDataPtr data); |
|
259 static const xmlChar* xmlSecSymbianCryptoKeyDataX509GetIdentifier (xmlSecKeyDataPtr data); |
|
260 |
|
261 static void xmlSecSymbianCryptoKeyDataX509DebugDump (xmlSecKeyDataPtr data, |
|
262 FILE* output); |
|
263 static void xmlSecSymbianCryptoKeyDataX509DebugXmlDump (xmlSecKeyDataPtr data, |
|
264 FILE* output); |
|
265 |
|
266 |
|
267 |
|
268 static xmlSecKeyDataKlass xmlSecSymbianCryptoKeyDataX509Klass = { |
|
269 sizeof(xmlSecKeyDataKlass), |
|
270 xmlSecSymbianCryptoX509DataSize, |
|
271 |
|
272 /* data */ |
|
273 xmlSecNameX509Data, |
|
274 xmlSecKeyDataUsageKeyInfoNode | xmlSecKeyDataUsageRetrievalMethodNodeXml, |
|
275 /* xmlSecKeyDataUsage usage; */ |
|
276 xmlSecHrefX509Data, /* const xmlChar* href; */ |
|
277 xmlSecNodeX509Data, /* const xmlChar* dataNodeName; */ |
|
278 xmlSecDSigNs, /* const xmlChar* dataNodeNs; */ |
|
279 |
|
280 /* constructors/destructor */ |
|
281 xmlSecSymbianCryptoKeyDataX509Initialize, /* xmlSecKeyDataInitializeMethod initialize; */ |
|
282 xmlSecSymbianCryptoKeyDataX509Duplicate, /* xmlSecKeyDataDuplicateMethod duplicate; */ |
|
283 xmlSecSymbianCryptoKeyDataX509Finalize, /* xmlSecKeyDataFinalizeMethod finalize; */ |
|
284 NULL, /* xmlSecKeyDataGenerateMethod generate; */ |
|
285 |
|
286 /* get info */ |
|
287 xmlSecSymbianCryptoKeyDataX509GetType, /* xmlSecKeyDataGetTypeMethod getType; */ |
|
288 NULL, /* xmlSecKeyDataGetSizeMethod getSize; */ |
|
289 xmlSecSymbianCryptoKeyDataX509GetIdentifier, /* xmlSecKeyDataGetIdentifier getIdentifier; */ |
|
290 |
|
291 /* read/write */ |
|
292 xmlSecSymbianCryptoKeyDataX509XmlRead, /* xmlSecKeyDataXmlReadMethod xmlRead; */ |
|
293 xmlSecSymbianCryptoKeyDataX509XmlWrite, /* xmlSecKeyDataXmlWriteMethod xmlWrite; */ |
|
294 NULL, /* xmlSecKeyDataBinReadMethod binRead; */ |
|
295 NULL, /* xmlSecKeyDataBinWriteMethod binWrite; */ |
|
296 |
|
297 /* debug */ |
|
298 xmlSecSymbianCryptoKeyDataX509DebugDump, /* xmlSecKeyDataDebugDumpMethod debugDump; */ |
|
299 xmlSecSymbianCryptoKeyDataX509DebugXmlDump, /* xmlSecKeyDataDebugDumpMethod debugXmlDump; */ |
|
300 |
|
301 /* reserved for the future */ |
|
302 NULL, /* void* reserved0; */ |
|
303 NULL, /* void* reserved1; */ |
|
304 }; |
|
305 |
|
306 /** |
|
307 * xmlSecSymbianCryptoKeyDataX509GetKlass: |
|
308 * |
|
309 * The SymbianCrypto X509 key data klass (http://www.w3.org/TR/xmldsig-core/#sec-X509Data). |
|
310 * |
|
311 * Returns the X509 data klass. |
|
312 */ |
|
313 EXPORT_C |
|
314 xmlSecKeyDataId |
|
315 xmlSecSymbianCryptoKeyDataX509GetKlass(void) { |
|
316 return(&xmlSecSymbianCryptoKeyDataX509Klass); |
|
317 } |
|
318 |
|
319 /** |
|
320 * xmlSecSymbianCryptoKeyDataX509GetKeyCert: |
|
321 * @data: the pointer to X509 key data. |
|
322 * |
|
323 * Gets the certificate from which the key was extracted. |
|
324 * |
|
325 * Returns the key's certificate or NULL if key data was not used for key |
|
326 * extraction or an error occurs. |
|
327 */ |
|
328 EXPORT_C |
|
329 X509* |
|
330 xmlSecSymbianCryptoKeyDataX509GetKeyCert(xmlSecKeyDataPtr data) { |
|
331 xmlSecSymbianCryptoX509DataCtxPtr ctx; |
|
332 |
|
333 xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecSymbianCryptoKeyDataX509Id), NULL); |
|
334 |
|
335 ctx = xmlSecSymbianCryptoX509DataGetCtx(data); |
|
336 xmlSecAssert2(ctx, NULL); |
|
337 |
|
338 return(ctx->keyCert); |
|
339 } |
|
340 |
|
341 /** |
|
342 * xmlSecSymbianCryptoKeyDataX509AdoptKeyCert: |
|
343 * @data: the pointer to X509 key data. |
|
344 * @cert: the pointer to SymbianCrypto X509 certificate. |
|
345 * |
|
346 * Sets the key's certificate in @data. |
|
347 * |
|
348 * Returns 0 on success or a negative value if an error occurs. |
|
349 */ |
|
350 EXPORT_C |
|
351 int |
|
352 xmlSecSymbianCryptoKeyDataX509AdoptKeyCert(xmlSecKeyDataPtr data, X509* cert) { |
|
353 xmlSecSymbianCryptoX509DataCtxPtr ctx; |
|
354 |
|
355 xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecSymbianCryptoKeyDataX509Id), -1); |
|
356 xmlSecAssert2(cert, -1); |
|
357 |
|
358 ctx = xmlSecSymbianCryptoX509DataGetCtx(data); |
|
359 xmlSecAssert2(ctx, -1); |
|
360 |
|
361 if(ctx->keyCert) { |
|
362 X509_free(ctx->keyCert); |
|
363 } |
|
364 ctx->keyCert = cert; |
|
365 return(0); |
|
366 } |
|
367 |
|
368 /** |
|
369 * xmlSecSymbianCryptoKeyDataX509AdoptCert: |
|
370 * @data: the pointer to X509 key data. |
|
371 * @cert: the pointer to SymbianCrypto X509 certificate. |
|
372 * |
|
373 * Adds certificate to the X509 key data. |
|
374 * |
|
375 * Returns 0 on success or a negative value if an error occurs. |
|
376 */ |
|
377 EXPORT_C |
|
378 int |
|
379 xmlSecSymbianCryptoKeyDataX509AdoptCert(xmlSecKeyDataPtr data, X509* cert) { |
|
380 xmlSecSymbianCryptoX509DataCtxPtr ctx; |
|
381 int ret; |
|
382 |
|
383 xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecSymbianCryptoKeyDataX509Id), -1); |
|
384 xmlSecAssert2(cert, -1); |
|
385 |
|
386 ctx = xmlSecSymbianCryptoX509DataGetCtx(data); |
|
387 xmlSecAssert2(ctx, -1); |
|
388 /* |
|
389 if(ctx->certsList == NULL) { |
|
390 ctx->certsList = sk_X509_new_null(); |
|
391 if(ctx->certsList == NULL) { |
|
392 xmlSecError(XMLSEC_ERRORS_HERE, |
|
393 xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)), |
|
394 "sk_X509_new_null", |
|
395 XMLSEC_ERRORS_R_CRYPTO_FAILED, |
|
396 XMLSEC_ERRORS_NO_MESSAGE); |
|
397 return(-1); |
|
398 } |
|
399 } |
|
400 |
|
401 ret = sk_X509_push(ctx->certsList, cert); |
|
402 if(ret < 1) { |
|
403 xmlSecError(XMLSEC_ERRORS_HERE, |
|
404 xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)), |
|
405 "sk_X509_push", |
|
406 XMLSEC_ERRORS_R_CRYPTO_FAILED, |
|
407 XMLSEC_ERRORS_NO_MESSAGE); |
|
408 return(-1); |
|
409 } |
|
410 */ |
|
411 return(0); |
|
412 } |
|
413 |
|
414 /** |
|
415 * xmlSecSymbianCryptoKeyDataX509GetCert: |
|
416 * @data: the pointer to X509 key data. |
|
417 * @pos: the desired certificate position. |
|
418 * |
|
419 * Gets a certificate from X509 key data. |
|
420 * |
|
421 * Returns the pointer to certificate or NULL if @pos is larger than the |
|
422 * number of certificates in @data or an error occurs. |
|
423 */ |
|
424 EXPORT_C |
|
425 X509* |
|
426 xmlSecSymbianCryptoKeyDataX509GetCert(xmlSecKeyDataPtr data, xmlSecSize pos) { |
|
427 xmlSecSymbianCryptoX509DataCtxPtr ctx; |
|
428 |
|
429 xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecSymbianCryptoKeyDataX509Id), NULL); |
|
430 |
|
431 ctx = xmlSecSymbianCryptoX509DataGetCtx(data); |
|
432 xmlSecAssert2(ctx, NULL); |
|
433 xmlSecAssert2(ctx->certsList, NULL); |
|
434 |
|
435 return NULL; |
|
436 } |
|
437 |
|
438 /** |
|
439 * xmlSecSymbianCryptoKeyDataX509GetCertsSize: |
|
440 * @data: the pointer to X509 key data. |
|
441 * |
|
442 * Gets the number of certificates in @data. |
|
443 * |
|
444 * Returns te number of certificates in @data. |
|
445 */ |
|
446 EXPORT_C |
|
447 xmlSecSize |
|
448 xmlSecSymbianCryptoKeyDataX509GetCertsSize(xmlSecKeyDataPtr data) { |
|
449 xmlSecSymbianCryptoX509DataCtxPtr ctx; |
|
450 |
|
451 xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecSymbianCryptoKeyDataX509Id), 0); |
|
452 |
|
453 ctx = xmlSecSymbianCryptoX509DataGetCtx(data); |
|
454 xmlSecAssert2(ctx, 0); |
|
455 |
|
456 return 0; |
|
457 } |
|
458 |
|
459 /** |
|
460 * xmlSecSymbianCryptoKeyDataX509AdoptCrl: |
|
461 * @data: the pointer to X509 key data. |
|
462 * @crl: the pointer to SymbianCrypto X509 CRL. |
|
463 * |
|
464 * Adds CRL to the X509 key data. |
|
465 * |
|
466 * Returns 0 on success or a negative value if an error occurs. |
|
467 */ |
|
468 EXPORT_C |
|
469 int |
|
470 xmlSecSymbianCryptoKeyDataX509AdoptCrl(xmlSecKeyDataPtr data, X509_CRL* crl) { |
|
471 xmlSecSymbianCryptoX509DataCtxPtr ctx; |
|
472 int ret; |
|
473 |
|
474 xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecSymbianCryptoKeyDataX509Id), -1); |
|
475 xmlSecAssert2(crl, -1); |
|
476 |
|
477 ctx = xmlSecSymbianCryptoX509DataGetCtx(data); |
|
478 xmlSecAssert2(ctx, -1); |
|
479 /* |
|
480 if(ctx->crlsList == NULL) { |
|
481 ctx->crlsList = sk_X509_CRL_new_null(); |
|
482 if(ctx->crlsList == NULL) { |
|
483 xmlSecError(XMLSEC_ERRORS_HERE, |
|
484 xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)), |
|
485 "sk_X509_CRL_new_null", |
|
486 XMLSEC_ERRORS_R_CRYPTO_FAILED, |
|
487 XMLSEC_ERRORS_NO_MESSAGE); |
|
488 return(-1); |
|
489 } |
|
490 } |
|
491 |
|
492 ret = sk_X509_CRL_push(ctx->crlsList, crl); |
|
493 if(ret < 1) { |
|
494 xmlSecError(XMLSEC_ERRORS_HERE, |
|
495 xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)), |
|
496 "sk_X509_CRL_push", |
|
497 XMLSEC_ERRORS_R_CRYPTO_FAILED, |
|
498 XMLSEC_ERRORS_NO_MESSAGE); |
|
499 return(-1); |
|
500 } |
|
501 */ |
|
502 return(0); |
|
503 } |
|
504 |
|
505 /** |
|
506 * xmlSecSymbianCryptoKeyDataX509GetCrl: |
|
507 * @data: the pointer to X509 key data. |
|
508 * @pos: the desired CRL position. |
|
509 * |
|
510 * Gets a CRL from X509 key data. |
|
511 * |
|
512 * Returns the pointer to CRL or NULL if @pos is larger than the |
|
513 * number of CRLs in @data or an error occurs. |
|
514 */ |
|
515 EXPORT_C |
|
516 X509_CRL* |
|
517 xmlSecSymbianCryptoKeyDataX509GetCrl(xmlSecKeyDataPtr data, xmlSecSize pos) { |
|
518 xmlSecSymbianCryptoX509DataCtxPtr ctx; |
|
519 |
|
520 xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecSymbianCryptoKeyDataX509Id), NULL); |
|
521 |
|
522 ctx = xmlSecSymbianCryptoX509DataGetCtx(data); |
|
523 xmlSecAssert2(ctx, NULL); |
|
524 |
|
525 xmlSecAssert2(ctx->crlsList, NULL); |
|
526 |
|
527 return NULL; |
|
528 } |
|
529 |
|
530 /** |
|
531 * xmlSecSymbianCryptoKeyDataX509GetCrlsSize: |
|
532 * @data: the pointer to X509 key data. |
|
533 * |
|
534 * Gets the number of CRLs in @data. |
|
535 * |
|
536 * Returns te number of CRLs in @data. |
|
537 */ |
|
538 EXPORT_C |
|
539 xmlSecSize |
|
540 xmlSecSymbianCryptoKeyDataX509GetCrlsSize(xmlSecKeyDataPtr data) { |
|
541 xmlSecSymbianCryptoX509DataCtxPtr ctx; |
|
542 |
|
543 xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecSymbianCryptoKeyDataX509Id), 0); |
|
544 |
|
545 ctx = xmlSecSymbianCryptoX509DataGetCtx(data); |
|
546 xmlSecAssert2(ctx, 0); |
|
547 |
|
548 return 0; |
|
549 } |
|
550 |
|
551 static int |
|
552 xmlSecSymbianCryptoKeyDataX509Initialize(xmlSecKeyDataPtr data) { |
|
553 xmlSecSymbianCryptoX509DataCtxPtr ctx; |
|
554 |
|
555 xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecSymbianCryptoKeyDataX509Id), -1); |
|
556 |
|
557 ctx = xmlSecSymbianCryptoX509DataGetCtx(data); |
|
558 xmlSecAssert2(ctx, -1); |
|
559 |
|
560 memset(ctx, 0, sizeof(xmlSecSymbianCryptoX509DataCtx)); |
|
561 return(0); |
|
562 } |
|
563 |
|
564 static int |
|
565 xmlSecSymbianCryptoKeyDataX509Duplicate(xmlSecKeyDataPtr dst, xmlSecKeyDataPtr src) { |
|
566 X509* certSrc; |
|
567 X509* certDst = NULL; |
|
568 X509_CRL* crlSrc; |
|
569 X509_CRL* crlDst = NULL; |
|
570 xmlSecSize size, pos; |
|
571 int ret; |
|
572 |
|
573 xmlSecAssert2(xmlSecKeyDataCheckId(dst, xmlSecSymbianCryptoKeyDataX509Id), -1); |
|
574 xmlSecAssert2(xmlSecKeyDataCheckId(src, xmlSecSymbianCryptoKeyDataX509Id), -1); |
|
575 |
|
576 /* copy certsList */ |
|
577 size = xmlSecSymbianCryptoKeyDataX509GetCertsSize(src); |
|
578 for(pos = 0; pos < size; ++pos) { |
|
579 certSrc = xmlSecSymbianCryptoKeyDataX509GetCert(src, pos); |
|
580 if(!certSrc) { |
|
581 xmlSecError(XMLSEC_ERRORS_HERE, |
|
582 xmlSecErrorsSafeString(xmlSecKeyDataGetName(src)), |
|
583 "xmlSecSymbianCryptoKeyDataX509GetCert", |
|
584 XMLSEC_ERRORS_R_XMLSEC_FAILED, |
|
585 "pos=%d", pos); |
|
586 return(-1); |
|
587 } |
|
588 |
|
589 if(!certDst) { |
|
590 xmlSecError(XMLSEC_ERRORS_HERE, |
|
591 xmlSecErrorsSafeString(xmlSecKeyDataGetName(dst)), |
|
592 "X509_dup", |
|
593 XMLSEC_ERRORS_R_CRYPTO_FAILED, |
|
594 XMLSEC_ERRORS_NO_MESSAGE); |
|
595 return(-1); |
|
596 } |
|
597 |
|
598 ret = xmlSecSymbianCryptoKeyDataX509AdoptCert(dst, certDst); |
|
599 if(ret < 0) { |
|
600 xmlSecError(XMLSEC_ERRORS_HERE, |
|
601 xmlSecErrorsSafeString(xmlSecKeyDataGetName(dst)), |
|
602 "xmlSecSymbianCryptoKeyDataX509AdoptCert", |
|
603 XMLSEC_ERRORS_R_XMLSEC_FAILED, |
|
604 XMLSEC_ERRORS_NO_MESSAGE); |
|
605 return(-1); |
|
606 } |
|
607 } |
|
608 |
|
609 /* copy crls */ |
|
610 size = xmlSecSymbianCryptoKeyDataX509GetCrlsSize(src); |
|
611 for(pos = 0; pos < size; ++pos) { |
|
612 crlSrc = xmlSecSymbianCryptoKeyDataX509GetCrl(src, pos); |
|
613 if(!crlSrc) { |
|
614 xmlSecError(XMLSEC_ERRORS_HERE, |
|
615 xmlSecErrorsSafeString(xmlSecKeyDataGetName(src)), |
|
616 "xmlSecSymbianCryptoKeyDataX509GetCrl", |
|
617 XMLSEC_ERRORS_R_XMLSEC_FAILED, |
|
618 "pos=%d", pos); |
|
619 return(-1); |
|
620 } |
|
621 |
|
622 if(!crlDst) { |
|
623 xmlSecError(XMLSEC_ERRORS_HERE, |
|
624 xmlSecErrorsSafeString(xmlSecKeyDataGetName(dst)), |
|
625 "X509_CRL_dup", |
|
626 XMLSEC_ERRORS_R_CRYPTO_FAILED, |
|
627 XMLSEC_ERRORS_NO_MESSAGE); |
|
628 return(-1); |
|
629 } |
|
630 |
|
631 ret = xmlSecSymbianCryptoKeyDataX509AdoptCrl(dst, crlDst); |
|
632 if(ret < 0) { |
|
633 xmlSecError(XMLSEC_ERRORS_HERE, |
|
634 xmlSecErrorsSafeString(xmlSecKeyDataGetName(dst)), |
|
635 "xmlSecSymbianCryptoKeyDataX509AdoptCrl", |
|
636 XMLSEC_ERRORS_R_XMLSEC_FAILED, |
|
637 XMLSEC_ERRORS_NO_MESSAGE); |
|
638 return(-1); |
|
639 } |
|
640 } |
|
641 |
|
642 /* copy key cert if exist */ |
|
643 certSrc = xmlSecSymbianCryptoKeyDataX509GetKeyCert(src); |
|
644 if(certSrc) { |
|
645 if(!certDst) { |
|
646 xmlSecError(XMLSEC_ERRORS_HERE, |
|
647 xmlSecErrorsSafeString(xmlSecKeyDataGetName(dst)), |
|
648 "X509_dup", |
|
649 XMLSEC_ERRORS_R_CRYPTO_FAILED, |
|
650 XMLSEC_ERRORS_NO_MESSAGE); |
|
651 return(-1); |
|
652 } |
|
653 ret = xmlSecSymbianCryptoKeyDataX509AdoptKeyCert(dst, certDst); |
|
654 if(ret < 0) { |
|
655 xmlSecError(XMLSEC_ERRORS_HERE, |
|
656 xmlSecErrorsSafeString(xmlSecKeyDataGetName(dst)), |
|
657 "xmlSecSymbianCryptoKeyDataX509AdoptKeyCert", |
|
658 XMLSEC_ERRORS_R_XMLSEC_FAILED, |
|
659 XMLSEC_ERRORS_NO_MESSAGE); |
|
660 return(-1); |
|
661 } |
|
662 } |
|
663 return(0); |
|
664 } |
|
665 |
|
666 static void |
|
667 xmlSecSymbianCryptoKeyDataX509Finalize(xmlSecKeyDataPtr data) { |
|
668 xmlSecSymbianCryptoX509DataCtxPtr ctx; |
|
669 |
|
670 xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecSymbianCryptoKeyDataX509Id)); |
|
671 |
|
672 ctx = xmlSecSymbianCryptoX509DataGetCtx(data); |
|
673 xmlSecAssert(ctx); |
|
674 |
|
675 if(ctx->certsList) { |
|
676 |
|
677 } |
|
678 if(ctx->crlsList) { |
|
679 |
|
680 } |
|
681 if(ctx->keyCert) { |
|
682 X509_free(ctx->keyCert); |
|
683 } |
|
684 memset(ctx, 0, sizeof(xmlSecSymbianCryptoX509DataCtx)); |
|
685 } |
|
686 |
|
687 static int |
|
688 xmlSecSymbianCryptoKeyDataX509XmlRead(xmlSecKeyDataId id, xmlSecKeyPtr key, |
|
689 xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) { |
|
690 xmlSecKeyDataPtr data; |
|
691 int ret; |
|
692 |
|
693 xmlSecAssert2(id == xmlSecSymbianCryptoKeyDataX509Id, -1); |
|
694 xmlSecAssert2(key, -1); |
|
695 xmlSecAssert2(node, -1); |
|
696 xmlSecAssert2(keyInfoCtx, -1); |
|
697 |
|
698 data = xmlSecKeyEnsureData(key, id); |
|
699 if(!data) { |
|
700 xmlSecError(XMLSEC_ERRORS_HERE, |
|
701 xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)), |
|
702 "xmlSecKeyEnsureData", |
|
703 XMLSEC_ERRORS_R_XMLSEC_FAILED, |
|
704 XMLSEC_ERRORS_NO_MESSAGE); |
|
705 return(-1); |
|
706 } |
|
707 |
|
708 ret = xmlSecSymbianCryptoX509DataNodeRead(data, node, keyInfoCtx); |
|
709 if(ret < 0) { |
|
710 xmlSecError(XMLSEC_ERRORS_HERE, |
|
711 xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)), |
|
712 "xmlSecSymbianCryptoX509DataNodeRead", |
|
713 XMLSEC_ERRORS_R_XMLSEC_FAILED, |
|
714 XMLSEC_ERRORS_NO_MESSAGE); |
|
715 return(-1); |
|
716 } |
|
717 |
|
718 if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_DONT_VERIFY_CERTS) == 0) { |
|
719 ret = xmlSecSymbianCryptoKeyDataX509VerifyAndExtractKey(data, key, keyInfoCtx); |
|
720 if(ret < 0) { |
|
721 xmlSecError(XMLSEC_ERRORS_HERE, |
|
722 xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)), |
|
723 "xmlSecSymbianCryptoKeyDataX509VerifyAndExtractKey", |
|
724 XMLSEC_ERRORS_R_XMLSEC_FAILED, |
|
725 XMLSEC_ERRORS_NO_MESSAGE); |
|
726 return(-1); |
|
727 } |
|
728 } |
|
729 return(0); |
|
730 } |
|
731 |
|
732 static int |
|
733 xmlSecSymbianCryptoKeyDataX509XmlWrite(xmlSecKeyDataId id, xmlSecKeyPtr key, |
|
734 xmlNodePtr node, xmlSecKeyInfoCtxPtr keyInfoCtx) { |
|
735 xmlSecKeyDataPtr data; |
|
736 X509* cert; |
|
737 X509_CRL* crl; |
|
738 xmlSecSize size, pos = 0; |
|
739 int content; |
|
740 int ret; |
|
741 |
|
742 xmlSecAssert2(id == xmlSecSymbianCryptoKeyDataX509Id, -1); |
|
743 xmlSecAssert2(key, -1); |
|
744 xmlSecAssert2(node, -1); |
|
745 xmlSecAssert2(keyInfoCtx, -1); |
|
746 |
|
747 content = xmlSecX509DataGetNodeContent (node, 1, keyInfoCtx); |
|
748 if (content < 0) { |
|
749 xmlSecError(XMLSEC_ERRORS_HERE, |
|
750 xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)), |
|
751 "xmlSecX509DataGetNodeContent", |
|
752 XMLSEC_ERRORS_R_XMLSEC_FAILED, |
|
753 "content=%d", content); |
|
754 return(-1); |
|
755 } else if(content == 0) { |
|
756 /* by default we are writing certificates and crls */ |
|
757 content = XMLSEC_X509DATA_DEFAULT; |
|
758 } |
|
759 |
|
760 /* get x509 data */ |
|
761 data = xmlSecKeyGetData(key, id); |
|
762 if(!data) { |
|
763 /* no x509 data in the key */ |
|
764 return(0); |
|
765 } |
|
766 |
|
767 /* write certs */ |
|
768 |
|
769 // for(pos = 0; pos < size; ++pos) { |
|
770 cert = xmlSecSymbianCryptoKeyDataX509GetKeyCert(data); |
|
771 if(!cert) { |
|
772 xmlSecError(XMLSEC_ERRORS_HERE, |
|
773 xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)), |
|
774 "xmlSecSymbianCryptoKeyDataX509GetCert", |
|
775 XMLSEC_ERRORS_R_XMLSEC_FAILED, |
|
776 "pos=%d", pos); |
|
777 return(-1); |
|
778 } |
|
779 |
|
780 if((content & XMLSEC_X509DATA_CERTIFICATE_NODE) != 0) { |
|
781 ret = xmlSecSymbianCryptoX509CertificateNodeWrite(cert, node, keyInfoCtx); |
|
782 if(ret < 0) { |
|
783 xmlSecError(XMLSEC_ERRORS_HERE, |
|
784 xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)), |
|
785 "xmlSecSymbianCryptoX509CertificateNodeWrite", |
|
786 XMLSEC_ERRORS_R_XMLSEC_FAILED, |
|
787 "pos=%d", pos); |
|
788 return(-1); |
|
789 } |
|
790 } |
|
791 |
|
792 if((content & XMLSEC_X509DATA_SUBJECTNAME_NODE) != 0) { |
|
793 ret = xmlSecSymbianCryptoX509SubjectNameNodeWrite(cert, node, keyInfoCtx); |
|
794 if(ret < 0) { |
|
795 xmlSecError(XMLSEC_ERRORS_HERE, |
|
796 xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)), |
|
797 "xmlSecSymbianCryptoX509SubjectNameNodeWrite", |
|
798 XMLSEC_ERRORS_R_XMLSEC_FAILED, |
|
799 "pos=%d", pos); |
|
800 return(-1); |
|
801 } |
|
802 } |
|
803 |
|
804 if((content & XMLSEC_X509DATA_ISSUERSERIAL_NODE) != 0) { |
|
805 ret = xmlSecSymbianCryptoX509IssuerSerialNodeWrite(cert, node, keyInfoCtx); |
|
806 if(ret < 0) { |
|
807 xmlSecError(XMLSEC_ERRORS_HERE, |
|
808 xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)), |
|
809 "xmlSecSymbianCryptoX509IssuerSerialNodeWrite", |
|
810 XMLSEC_ERRORS_R_XMLSEC_FAILED, |
|
811 "pos=%d", pos); |
|
812 return(-1); |
|
813 } |
|
814 } |
|
815 |
|
816 if((content & XMLSEC_X509DATA_SKI_NODE) != 0) { |
|
817 ret = xmlSecSymbianCryptoX509SKINodeWrite(cert, node, keyInfoCtx); |
|
818 if(ret < 0) { |
|
819 xmlSecError(XMLSEC_ERRORS_HERE, |
|
820 xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)), |
|
821 "xmlSecSymbianCryptoX509SKINodeWrite", |
|
822 XMLSEC_ERRORS_R_XMLSEC_FAILED, |
|
823 "pos=%d", pos); |
|
824 return(-1); |
|
825 } |
|
826 } |
|
827 |
|
828 // } // for(pos = 0; pos < size; ++pos) |
|
829 |
|
830 /* write crls if needed */ |
|
831 if((content & XMLSEC_X509DATA_CRL_NODE) != 0) { |
|
832 size = xmlSecSymbianCryptoKeyDataX509GetCrlsSize(data); |
|
833 for(pos = 0; pos < size; ++pos) { |
|
834 crl = xmlSecSymbianCryptoKeyDataX509GetCrl(data, pos); |
|
835 if(!crl) { |
|
836 xmlSecError(XMLSEC_ERRORS_HERE, |
|
837 xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)), |
|
838 "xmlSecSymbianCryptoKeyDataX509GetCrl", |
|
839 XMLSEC_ERRORS_R_XMLSEC_FAILED, |
|
840 "pos=%d", pos); |
|
841 return(-1); |
|
842 } |
|
843 |
|
844 ret = xmlSecSymbianCryptoX509CRLNodeWrite(crl, node, keyInfoCtx); |
|
845 if(ret < 0) { |
|
846 xmlSecError(XMLSEC_ERRORS_HERE, |
|
847 xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)), |
|
848 "xmlSecSymbianCryptoX509CRLNodeWrite", |
|
849 XMLSEC_ERRORS_R_XMLSEC_FAILED, |
|
850 "pos=%d", pos); |
|
851 return(-1); |
|
852 } |
|
853 } |
|
854 } |
|
855 |
|
856 return(0); |
|
857 } |
|
858 |
|
859 |
|
860 static xmlSecKeyDataType |
|
861 xmlSecSymbianCryptoKeyDataX509GetType(xmlSecKeyDataPtr data) { |
|
862 xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecSymbianCryptoKeyDataX509Id), |
|
863 xmlSecKeyDataTypeUnknown); |
|
864 |
|
865 return(xmlSecKeyDataTypeUnknown); |
|
866 } |
|
867 |
|
868 static const xmlChar* |
|
869 xmlSecSymbianCryptoKeyDataX509GetIdentifier(xmlSecKeyDataPtr data) { |
|
870 xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecSymbianCryptoKeyDataX509Id), NULL); |
|
871 |
|
872 return(NULL); |
|
873 } |
|
874 |
|
875 static void |
|
876 xmlSecSymbianCryptoKeyDataX509DebugDump(xmlSecKeyDataPtr data, FILE* output) { |
|
877 X509* cert; |
|
878 xmlSecSize size, pos; |
|
879 |
|
880 xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecSymbianCryptoKeyDataX509Id)); |
|
881 xmlSecAssert(output); |
|
882 |
|
883 fprintf(output, "=== X509 Data:\n"); |
|
884 cert = xmlSecSymbianCryptoKeyDataX509GetKeyCert(data); |
|
885 if(cert) { |
|
886 fprintf(output, "==== Key Certificate:\n"); |
|
887 xmlSecSymbianCryptoX509CertDebugDump(cert, output); |
|
888 } |
|
889 |
|
890 size = xmlSecSymbianCryptoKeyDataX509GetCertsSize(data); |
|
891 for(pos = 0; pos < size; ++pos) { |
|
892 cert = xmlSecSymbianCryptoKeyDataX509GetCert(data, pos); |
|
893 if(!cert) { |
|
894 xmlSecError(XMLSEC_ERRORS_HERE, |
|
895 xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)), |
|
896 "xmlSecSymbianCryptoKeyDataX509GetCert", |
|
897 XMLSEC_ERRORS_R_XMLSEC_FAILED, |
|
898 "pos=%d", pos); |
|
899 return; |
|
900 } |
|
901 fprintf(output, "==== Certificate:\n"); |
|
902 xmlSecSymbianCryptoX509CertDebugDump(cert, output); |
|
903 } |
|
904 |
|
905 /* we don't print out crls */ |
|
906 } |
|
907 |
|
908 static void |
|
909 xmlSecSymbianCryptoKeyDataX509DebugXmlDump(xmlSecKeyDataPtr data, FILE* output) { |
|
910 X509* cert; |
|
911 xmlSecSize size, pos; |
|
912 |
|
913 xmlSecAssert(xmlSecKeyDataCheckId(data, xmlSecSymbianCryptoKeyDataX509Id)); |
|
914 xmlSecAssert(output); |
|
915 |
|
916 fprintf(output, "<X509Data>\n"); |
|
917 cert = xmlSecSymbianCryptoKeyDataX509GetKeyCert(data); |
|
918 if(cert) { |
|
919 fprintf(output, "<KeyCertificate>\n"); |
|
920 xmlSecSymbianCryptoX509CertDebugXmlDump(cert, output); |
|
921 fprintf(output, "</KeyCertificate>\n"); |
|
922 } |
|
923 |
|
924 size = xmlSecSymbianCryptoKeyDataX509GetCertsSize(data); |
|
925 for(pos = 0; pos < size; ++pos) { |
|
926 cert = xmlSecSymbianCryptoKeyDataX509GetCert(data, pos); |
|
927 if(!cert) { |
|
928 xmlSecError(XMLSEC_ERRORS_HERE, |
|
929 xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)), |
|
930 "xmlSecSymbianCryptoKeyDataX509GetCert", |
|
931 XMLSEC_ERRORS_R_XMLSEC_FAILED, |
|
932 "pos=%d", pos); |
|
933 return; |
|
934 } |
|
935 fprintf(output, "<Certificate>\n"); |
|
936 xmlSecSymbianCryptoX509CertDebugXmlDump(cert, output); |
|
937 fprintf(output, "</Certificate>\n"); |
|
938 } |
|
939 |
|
940 /* we don't print out crls */ |
|
941 fprintf(output, "</X509Data>\n"); |
|
942 } |
|
943 |
|
944 static int |
|
945 xmlSecSymbianCryptoX509DataNodeRead(xmlSecKeyDataPtr data, |
|
946 xmlNodePtr node, |
|
947 xmlSecKeyInfoCtxPtr keyInfoCtx) { |
|
948 xmlNodePtr cur; |
|
949 int ret; |
|
950 |
|
951 xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecSymbianCryptoKeyDataX509Id), -1); |
|
952 xmlSecAssert2(node, -1); |
|
953 xmlSecAssert2(keyInfoCtx, -1); |
|
954 |
|
955 for(cur = xmlSecGetNextElementNode(node->children); |
|
956 cur; |
|
957 cur = xmlSecGetNextElementNode(cur->next)) { |
|
958 |
|
959 ret = 0; |
|
960 if(xmlSecCheckNodeName(cur, xmlSecNodeX509Certificate, xmlSecDSigNs)) { |
|
961 ret = xmlSecSymbianCryptoX509CertificateNodeRead(data, cur, keyInfoCtx); |
|
962 } else if(xmlSecCheckNodeName(cur, xmlSecNodeX509SubjectName, xmlSecDSigNs)) { |
|
963 ret = xmlSecSymbianCryptoX509SubjectNameNodeRead(data, cur, keyInfoCtx); |
|
964 } else if(xmlSecCheckNodeName(cur, xmlSecNodeX509IssuerSerial, xmlSecDSigNs)) { |
|
965 ret = xmlSecSymbianCryptoX509IssuerSerialNodeRead(data, cur, keyInfoCtx); |
|
966 } else if(xmlSecCheckNodeName(cur, xmlSecNodeX509SKI, xmlSecDSigNs)) { |
|
967 ret = xmlSecSymbianCryptoX509SKINodeRead(data, cur, keyInfoCtx); |
|
968 } else if(xmlSecCheckNodeName(cur, xmlSecNodeX509CRL, xmlSecDSigNs)) { |
|
969 ret = xmlSecSymbianCryptoX509CRLNodeRead(data, cur, keyInfoCtx); |
|
970 } else if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_UNKNOWN_CHILD) != 0) { |
|
971 /* laxi schema validation: ignore unknown nodes */ |
|
972 xmlSecError(XMLSEC_ERRORS_HERE, |
|
973 xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)), |
|
974 xmlSecErrorsSafeString(xmlSecNodeGetName(cur)), |
|
975 XMLSEC_ERRORS_R_UNEXPECTED_NODE, |
|
976 XMLSEC_ERRORS_NO_MESSAGE); |
|
977 return(-1); |
|
978 } |
|
979 if(ret < 0) { |
|
980 xmlSecError(XMLSEC_ERRORS_HERE, |
|
981 xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)), |
|
982 xmlSecErrorsSafeString(xmlSecNodeGetName(cur)), |
|
983 XMLSEC_ERRORS_R_XMLSEC_FAILED, |
|
984 "read node failed"); |
|
985 return(-1); |
|
986 } |
|
987 } |
|
988 return(0); |
|
989 } |
|
990 |
|
991 static int |
|
992 xmlSecSymbianCryptoX509CertificateNodeRead(xmlSecKeyDataPtr data, |
|
993 xmlNodePtr node, |
|
994 xmlSecKeyInfoCtxPtr keyInfoCtx) { |
|
995 xmlChar *content; |
|
996 X509* cert; |
|
997 int ret; |
|
998 |
|
999 xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecSymbianCryptoKeyDataX509Id), -1); |
|
1000 xmlSecAssert2(node, -1); |
|
1001 xmlSecAssert2(keyInfoCtx, -1); |
|
1002 |
|
1003 content = xmlNodeGetContent(node); |
|
1004 if((!content) || (xmlSecIsEmptyString(content) == 1)) { |
|
1005 if(content) { |
|
1006 xmlFree(content); |
|
1007 } |
|
1008 if ( OOM_FLAG ) |
|
1009 return(-1); |
|
1010 if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_STOP_ON_EMPTY_NODE) != 0) { |
|
1011 xmlSecError(XMLSEC_ERRORS_HERE, |
|
1012 xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)), |
|
1013 xmlSecErrorsSafeString(xmlSecNodeGetName(node)), |
|
1014 XMLSEC_ERRORS_R_INVALID_NODE_CONTENT, |
|
1015 XMLSEC_ERRORS_NO_MESSAGE); |
|
1016 return(-1); |
|
1017 } |
|
1018 return(0); |
|
1019 } |
|
1020 |
|
1021 cert = xmlSecSymbianCryptoX509CertBase64DerRead(content); |
|
1022 if(!cert) { |
|
1023 xmlSecError(XMLSEC_ERRORS_HERE, |
|
1024 xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)), |
|
1025 "xmlSecSymbianCryptoX509CertBase64DerRead", |
|
1026 XMLSEC_ERRORS_R_XMLSEC_FAILED, |
|
1027 XMLSEC_ERRORS_NO_MESSAGE); |
|
1028 xmlFree(content); |
|
1029 return(-1); |
|
1030 } |
|
1031 |
|
1032 ret = xmlSecSymbianCryptoKeyDataX509AdoptKeyCert(data, cert); |
|
1033 if(ret < 0) { |
|
1034 xmlSecError(XMLSEC_ERRORS_HERE, |
|
1035 xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)), |
|
1036 "xmlSecSymbianCryptoKeyDataX509AdoptKeyCert", |
|
1037 XMLSEC_ERRORS_R_XMLSEC_FAILED, |
|
1038 XMLSEC_ERRORS_NO_MESSAGE); |
|
1039 X509_free(cert); |
|
1040 xmlFree(content); |
|
1041 return(-1); |
|
1042 } |
|
1043 |
|
1044 xmlFree(content); |
|
1045 return(0); |
|
1046 } |
|
1047 |
|
1048 static int |
|
1049 xmlSecSymbianCryptoX509CertificateNodeWrite(X509* cert, |
|
1050 xmlNodePtr node, |
|
1051 xmlSecKeyInfoCtxPtr keyInfoCtx) { |
|
1052 xmlChar* buf; |
|
1053 xmlNodePtr cur; |
|
1054 |
|
1055 xmlSecAssert2(cert, -1); |
|
1056 xmlSecAssert2(node, -1); |
|
1057 xmlSecAssert2(keyInfoCtx, -1); |
|
1058 |
|
1059 /* set base64 lines size from context */ |
|
1060 buf = xmlSecSymbianCryptoX509CertBase64DerWrite(cert, keyInfoCtx->base64LineSize); |
|
1061 if(!buf) { |
|
1062 xmlSecError(XMLSEC_ERRORS_HERE, |
|
1063 NULL, |
|
1064 "xmlSecSymbianCryptoX509CertBase64DerWrite", |
|
1065 XMLSEC_ERRORS_R_XMLSEC_FAILED, |
|
1066 XMLSEC_ERRORS_NO_MESSAGE); |
|
1067 return(-1); |
|
1068 } |
|
1069 |
|
1070 cur = xmlSecAddChild(node, xmlSecNodeX509Certificate, xmlSecDSigNs); |
|
1071 if(!cur) { |
|
1072 xmlSecError(XMLSEC_ERRORS_HERE, |
|
1073 NULL, |
|
1074 "xmlSecAddChild", |
|
1075 XMLSEC_ERRORS_R_XMLSEC_FAILED, |
|
1076 "node=%s", |
|
1077 xmlSecErrorsSafeString(xmlSecNodeX509Certificate)); |
|
1078 xmlFree(buf); |
|
1079 return(-1); |
|
1080 } |
|
1081 |
|
1082 xmlNodeSetContent(cur, xmlSecStringCR); |
|
1083 if ( OOM_FLAG ) |
|
1084 { |
|
1085 xmlUnlinkNode(cur); |
|
1086 xmlFreeNode(cur); |
|
1087 xmlFree(buf); |
|
1088 return(-1); |
|
1089 } |
|
1090 xmlNodeSetContent(cur, buf); |
|
1091 if ( OOM_FLAG ) |
|
1092 { |
|
1093 xmlUnlinkNode(cur); |
|
1094 xmlFreeNode(cur); |
|
1095 xmlFree(buf); |
|
1096 return(-1); |
|
1097 } |
|
1098 xmlFree(buf); |
|
1099 return(0); |
|
1100 } |
|
1101 |
|
1102 static int |
|
1103 xmlSecSymbianCryptoX509SubjectNameNodeRead(xmlSecKeyDataPtr data, |
|
1104 xmlNodePtr node, |
|
1105 xmlSecKeyInfoCtxPtr keyInfoCtx) { |
|
1106 xmlSecKeyDataStorePtr x509Store; |
|
1107 xmlChar* subject; |
|
1108 X509* cert; |
|
1109 X509* cert2 = NULL; |
|
1110 int ret; |
|
1111 |
|
1112 xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecSymbianCryptoKeyDataX509Id), -1); |
|
1113 xmlSecAssert2(node, -1); |
|
1114 xmlSecAssert2(keyInfoCtx, -1); |
|
1115 xmlSecAssert2(keyInfoCtx->keysMngr, -1); |
|
1116 |
|
1117 x509Store = xmlSecKeysMngrGetDataStore(keyInfoCtx->keysMngr, xmlSecSymbianCryptoX509StoreId); |
|
1118 if(!x509Store) { |
|
1119 xmlSecError(XMLSEC_ERRORS_HERE, |
|
1120 xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)), |
|
1121 "xmlSecKeysMngrGetDataStore", |
|
1122 XMLSEC_ERRORS_R_XMLSEC_FAILED, |
|
1123 XMLSEC_ERRORS_NO_MESSAGE); |
|
1124 return(-1); |
|
1125 } |
|
1126 |
|
1127 subject = xmlNodeGetContent(node); |
|
1128 if((!subject) || (xmlSecIsEmptyString(subject) == 1)) { |
|
1129 if(subject) { |
|
1130 xmlFree(subject); |
|
1131 } |
|
1132 if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_STOP_ON_EMPTY_NODE) != 0) { |
|
1133 xmlSecError(XMLSEC_ERRORS_HERE, |
|
1134 xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)), |
|
1135 xmlSecErrorsSafeString(xmlSecNodeGetName(node)), |
|
1136 XMLSEC_ERRORS_R_INVALID_NODE_CONTENT, |
|
1137 XMLSEC_ERRORS_NO_MESSAGE); |
|
1138 return(-1); |
|
1139 } |
|
1140 return(0); |
|
1141 } |
|
1142 |
|
1143 cert = xmlSecSymbianCryptoX509StoreFindCert(x509Store, subject, NULL, NULL, NULL, keyInfoCtx); |
|
1144 if(!cert){ |
|
1145 xmlFree(subject); |
|
1146 |
|
1147 if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_UNKNOWN_CERT) != 0) { |
|
1148 xmlSecError(XMLSEC_ERRORS_HERE, |
|
1149 xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)), |
|
1150 NULL, |
|
1151 XMLSEC_ERRORS_R_CERT_NOT_FOUND, |
|
1152 "subject=%s", |
|
1153 xmlSecErrorsSafeString(subject)); |
|
1154 return(-1); |
|
1155 } |
|
1156 return(0); |
|
1157 } |
|
1158 |
|
1159 if(!cert2) { |
|
1160 xmlSecError(XMLSEC_ERRORS_HERE, |
|
1161 xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)), |
|
1162 "X509_dup", |
|
1163 XMLSEC_ERRORS_R_CRYPTO_FAILED, |
|
1164 XMLSEC_ERRORS_NO_MESSAGE); |
|
1165 xmlFree(subject); |
|
1166 return(-1); |
|
1167 } |
|
1168 |
|
1169 ret = xmlSecSymbianCryptoKeyDataX509AdoptCert(data, cert2); |
|
1170 if(ret < 0) { |
|
1171 xmlSecError(XMLSEC_ERRORS_HERE, |
|
1172 xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)), |
|
1173 "xmlSecSymbianCryptoKeyDataX509AdoptCert", |
|
1174 XMLSEC_ERRORS_R_XMLSEC_FAILED, |
|
1175 XMLSEC_ERRORS_NO_MESSAGE); |
|
1176 xmlFree(subject); |
|
1177 return(-1); |
|
1178 } |
|
1179 |
|
1180 xmlFree(subject); |
|
1181 return(0); |
|
1182 } |
|
1183 |
|
1184 static int |
|
1185 xmlSecSymbianCryptoX509SubjectNameNodeWrite(X509* cert, |
|
1186 xmlNodePtr node, |
|
1187 xmlSecKeyInfoCtxPtr keyInfoCtx ATTRIBUTE_UNUSED) { |
|
1188 xmlChar* buf = NULL; |
|
1189 xmlNodePtr cur = NULL; |
|
1190 |
|
1191 xmlSecAssert2(cert, -1); |
|
1192 xmlSecAssert2(node, -1); |
|
1193 |
|
1194 if(!buf) { |
|
1195 xmlSecError(XMLSEC_ERRORS_HERE, |
|
1196 NULL, |
|
1197 "xmlSecSymbianCryptoX509NameWrite(X509_get_subject_name)", |
|
1198 XMLSEC_ERRORS_R_XMLSEC_FAILED, |
|
1199 XMLSEC_ERRORS_NO_MESSAGE); |
|
1200 return(-1); |
|
1201 } |
|
1202 |
|
1203 cur = xmlSecAddChild(node, xmlSecNodeX509SubjectName, xmlSecDSigNs); |
|
1204 if(!cur) { |
|
1205 xmlSecError(XMLSEC_ERRORS_HERE, |
|
1206 NULL, |
|
1207 "xmlSecAddChild", |
|
1208 XMLSEC_ERRORS_R_XMLSEC_FAILED, |
|
1209 "node=%s", |
|
1210 xmlSecErrorsSafeString(xmlSecNodeX509SubjectName)); |
|
1211 xmlFree(buf); |
|
1212 return(-1); |
|
1213 } |
|
1214 xmlNodeSetContent(cur, buf); |
|
1215 xmlFree(buf); |
|
1216 return(0); |
|
1217 } |
|
1218 |
|
1219 static int |
|
1220 xmlSecSymbianCryptoX509IssuerSerialNodeRead(xmlSecKeyDataPtr data, |
|
1221 xmlNodePtr node, |
|
1222 xmlSecKeyInfoCtxPtr keyInfoCtx) { |
|
1223 xmlSecKeyDataStorePtr x509Store; |
|
1224 xmlNodePtr cur; |
|
1225 xmlChar *issuerName; |
|
1226 xmlChar *issuerSerial; |
|
1227 X509* cert; |
|
1228 X509* cert2 = NULL; |
|
1229 int ret; |
|
1230 |
|
1231 xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecSymbianCryptoKeyDataX509Id), -1); |
|
1232 xmlSecAssert2(node, -1); |
|
1233 xmlSecAssert2(keyInfoCtx, -1); |
|
1234 xmlSecAssert2(keyInfoCtx->keysMngr, -1); |
|
1235 |
|
1236 x509Store = xmlSecKeysMngrGetDataStore(keyInfoCtx->keysMngr, xmlSecSymbianCryptoX509StoreId); |
|
1237 if(!x509Store) { |
|
1238 xmlSecError(XMLSEC_ERRORS_HERE, |
|
1239 xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)), |
|
1240 "xmlSecKeysMngrGetDataStore", |
|
1241 XMLSEC_ERRORS_R_XMLSEC_FAILED, |
|
1242 XMLSEC_ERRORS_NO_MESSAGE); |
|
1243 return(-1); |
|
1244 } |
|
1245 |
|
1246 cur = xmlSecGetNextElementNode(node->children); |
|
1247 if(!cur) { |
|
1248 if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_STOP_ON_EMPTY_NODE) != 0) { |
|
1249 xmlSecError(XMLSEC_ERRORS_HERE, |
|
1250 xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)), |
|
1251 xmlSecErrorsSafeString(xmlSecNodeX509IssuerName), |
|
1252 XMLSEC_ERRORS_R_NODE_NOT_FOUND, |
|
1253 "node=%s", |
|
1254 xmlSecErrorsSafeString(xmlSecNodeGetName(cur))); |
|
1255 return(-1); |
|
1256 } |
|
1257 return(0); |
|
1258 } |
|
1259 |
|
1260 /* the first is required node X509IssuerName */ |
|
1261 if(!xmlSecCheckNodeName(cur, xmlSecNodeX509IssuerName, xmlSecDSigNs)) { |
|
1262 xmlSecError(XMLSEC_ERRORS_HERE, |
|
1263 xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)), |
|
1264 xmlSecErrorsSafeString(xmlSecNodeX509IssuerName), |
|
1265 XMLSEC_ERRORS_R_NODE_NOT_FOUND, |
|
1266 "node=%s", |
|
1267 xmlSecErrorsSafeString(xmlSecNodeGetName(cur))); |
|
1268 return(-1); |
|
1269 } |
|
1270 issuerName = xmlNodeGetContent(cur); |
|
1271 if(!issuerName) { |
|
1272 xmlSecError(XMLSEC_ERRORS_HERE, |
|
1273 xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)), |
|
1274 xmlSecErrorsSafeString(xmlSecNodeGetName(cur)), |
|
1275 XMLSEC_ERRORS_R_INVALID_NODE_CONTENT, |
|
1276 "node=%s", |
|
1277 xmlSecErrorsSafeString(xmlSecNodeX509IssuerName)); |
|
1278 return(-1); |
|
1279 } |
|
1280 cur = xmlSecGetNextElementNode(cur->next); |
|
1281 |
|
1282 /* next is required node X509SerialNumber */ |
|
1283 if((!cur) || !xmlSecCheckNodeName(cur, xmlSecNodeX509SerialNumber, xmlSecDSigNs)) { |
|
1284 xmlSecError(XMLSEC_ERRORS_HERE, |
|
1285 xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)), |
|
1286 xmlSecErrorsSafeString(xmlSecNodeGetName(cur)), |
|
1287 XMLSEC_ERRORS_R_NODE_NOT_FOUND, |
|
1288 "node=%s", |
|
1289 xmlSecErrorsSafeString(xmlSecNodeX509SerialNumber)); |
|
1290 xmlFree(issuerName); |
|
1291 return(-1); |
|
1292 } |
|
1293 issuerSerial = xmlNodeGetContent(cur); |
|
1294 if(!issuerSerial) { |
|
1295 xmlSecError(XMLSEC_ERRORS_HERE, |
|
1296 xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)), |
|
1297 xmlSecErrorsSafeString(xmlSecNodeX509SerialNumber), |
|
1298 XMLSEC_ERRORS_R_INVALID_NODE_CONTENT, |
|
1299 "node=%s", |
|
1300 xmlSecErrorsSafeString(xmlSecNodeGetName(cur))); |
|
1301 xmlFree(issuerName); |
|
1302 return(-1); |
|
1303 } |
|
1304 cur = xmlSecGetNextElementNode(cur->next); |
|
1305 |
|
1306 if(cur) { |
|
1307 xmlSecError(XMLSEC_ERRORS_HERE, |
|
1308 xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)), |
|
1309 xmlSecErrorsSafeString(xmlSecNodeGetName(cur)), |
|
1310 XMLSEC_ERRORS_R_UNEXPECTED_NODE, |
|
1311 XMLSEC_ERRORS_NO_MESSAGE); |
|
1312 xmlFree(issuerSerial); |
|
1313 xmlFree(issuerName); |
|
1314 return(-1); |
|
1315 } |
|
1316 |
|
1317 cert = xmlSecSymbianCryptoX509StoreFindCert(x509Store, |
|
1318 NULL, |
|
1319 issuerName, |
|
1320 issuerSerial, |
|
1321 NULL, |
|
1322 keyInfoCtx); |
|
1323 if(!cert){ |
|
1324 xmlFree(issuerSerial); |
|
1325 xmlFree(issuerName); |
|
1326 |
|
1327 if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_UNKNOWN_CERT) != 0) { |
|
1328 xmlSecError(XMLSEC_ERRORS_HERE, |
|
1329 xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)), |
|
1330 NULL, |
|
1331 XMLSEC_ERRORS_R_CERT_NOT_FOUND, |
|
1332 "issuerName=%s;issuerSerial=%s", |
|
1333 xmlSecErrorsSafeString(issuerName), |
|
1334 xmlSecErrorsSafeString(issuerSerial)); |
|
1335 return(-1); |
|
1336 } |
|
1337 return(0); |
|
1338 } |
|
1339 |
|
1340 if(!cert2) { |
|
1341 xmlSecError(XMLSEC_ERRORS_HERE, |
|
1342 xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)), |
|
1343 "X509_dup", |
|
1344 XMLSEC_ERRORS_R_CRYPTO_FAILED, |
|
1345 XMLSEC_ERRORS_NO_MESSAGE); |
|
1346 xmlFree(issuerSerial); |
|
1347 xmlFree(issuerName); |
|
1348 return(-1); |
|
1349 } |
|
1350 |
|
1351 ret = xmlSecSymbianCryptoKeyDataX509AdoptCert(data, cert2); |
|
1352 if(ret < 0) { |
|
1353 xmlSecError(XMLSEC_ERRORS_HERE, |
|
1354 xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)), |
|
1355 "xmlSecSymbianCryptoKeyDataX509AdoptCert", |
|
1356 XMLSEC_ERRORS_R_XMLSEC_FAILED, |
|
1357 XMLSEC_ERRORS_NO_MESSAGE); |
|
1358 xmlFree(issuerSerial); |
|
1359 xmlFree(issuerName); |
|
1360 return(-1); |
|
1361 } |
|
1362 |
|
1363 xmlFree(issuerSerial); |
|
1364 xmlFree(issuerName); |
|
1365 return(0); |
|
1366 } |
|
1367 |
|
1368 static int |
|
1369 xmlSecSymbianCryptoX509IssuerSerialNodeWrite(X509* cert, |
|
1370 xmlNodePtr node, |
|
1371 xmlSecKeyInfoCtxPtr keyInfoCtx ATTRIBUTE_UNUSED) { |
|
1372 xmlNodePtr cur; |
|
1373 xmlNodePtr issuerNameNode; |
|
1374 xmlNodePtr issuerNumberNode; |
|
1375 xmlChar* buf = NULL; |
|
1376 |
|
1377 xmlSecAssert2(cert, -1); |
|
1378 xmlSecAssert2(node, -1); |
|
1379 |
|
1380 /* create xml nodes */ |
|
1381 cur = xmlSecAddChild(node, xmlSecNodeX509IssuerSerial, xmlSecDSigNs); |
|
1382 if(!cur) { |
|
1383 xmlSecError(XMLSEC_ERRORS_HERE, |
|
1384 NULL, |
|
1385 "xmlSecAddChild", |
|
1386 XMLSEC_ERRORS_R_XMLSEC_FAILED, |
|
1387 "node=%s", |
|
1388 xmlSecErrorsSafeString(xmlSecNodeX509IssuerSerial)); |
|
1389 return(-1); |
|
1390 } |
|
1391 |
|
1392 issuerNameNode = xmlSecAddChild(cur, xmlSecNodeX509IssuerName, xmlSecDSigNs); |
|
1393 if(!issuerNameNode) { |
|
1394 xmlSecError(XMLSEC_ERRORS_HERE, |
|
1395 NULL, |
|
1396 "xmlSecAddChild", |
|
1397 XMLSEC_ERRORS_R_XMLSEC_FAILED, |
|
1398 "node=%s", |
|
1399 xmlSecErrorsSafeString(xmlSecNodeX509IssuerName)); |
|
1400 return(-1); |
|
1401 } |
|
1402 |
|
1403 issuerNumberNode = xmlSecAddChild(cur, xmlSecNodeX509SerialNumber, xmlSecDSigNs); |
|
1404 if(!issuerNumberNode) { |
|
1405 xmlSecError(XMLSEC_ERRORS_HERE, |
|
1406 NULL, |
|
1407 "xmlSecAddChild", |
|
1408 XMLSEC_ERRORS_R_XMLSEC_FAILED, |
|
1409 "node=%s", |
|
1410 xmlSecErrorsSafeString(xmlSecNodeX509SerialNumber)); |
|
1411 return(-1); |
|
1412 } |
|
1413 |
|
1414 /* write data */ |
|
1415 if(!buf) { |
|
1416 xmlSecError(XMLSEC_ERRORS_HERE, |
|
1417 NULL, |
|
1418 "xmlSecSymbianCryptoX509NameWrite(X509_get_issuer_name)", |
|
1419 XMLSEC_ERRORS_R_XMLSEC_FAILED, |
|
1420 XMLSEC_ERRORS_NO_MESSAGE); |
|
1421 return(-1); |
|
1422 } |
|
1423 xmlNodeSetContent(issuerNameNode, buf); |
|
1424 xmlFree(buf); |
|
1425 |
|
1426 if(!buf) { |
|
1427 xmlSecError(XMLSEC_ERRORS_HERE, |
|
1428 NULL, |
|
1429 "xmlSecSymbianCryptoASN1IntegerWrite(X509_get_serialNumber)", |
|
1430 XMLSEC_ERRORS_R_XMLSEC_FAILED, |
|
1431 XMLSEC_ERRORS_NO_MESSAGE); |
|
1432 return(-1); |
|
1433 } |
|
1434 xmlNodeSetContent(issuerNumberNode, buf); |
|
1435 xmlFree(buf); |
|
1436 |
|
1437 return(0); |
|
1438 } |
|
1439 |
|
1440 |
|
1441 static int |
|
1442 xmlSecSymbianCryptoX509SKINodeRead(xmlSecKeyDataPtr data, |
|
1443 xmlNodePtr node, |
|
1444 xmlSecKeyInfoCtxPtr keyInfoCtx) { |
|
1445 xmlSecKeyDataStorePtr x509Store; |
|
1446 xmlChar* ski; |
|
1447 X509* cert; |
|
1448 X509* cert2 = NULL; |
|
1449 int ret; |
|
1450 |
|
1451 xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecSymbianCryptoKeyDataX509Id), -1); |
|
1452 xmlSecAssert2(node, -1); |
|
1453 xmlSecAssert2(keyInfoCtx, -1); |
|
1454 xmlSecAssert2(keyInfoCtx->keysMngr, -1); |
|
1455 |
|
1456 x509Store = xmlSecKeysMngrGetDataStore(keyInfoCtx->keysMngr, xmlSecSymbianCryptoX509StoreId); |
|
1457 if(!x509Store) { |
|
1458 xmlSecError(XMLSEC_ERRORS_HERE, |
|
1459 xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)), |
|
1460 "xmlSecKeysMngrGetDataStore", |
|
1461 XMLSEC_ERRORS_R_XMLSEC_FAILED, |
|
1462 XMLSEC_ERRORS_NO_MESSAGE); |
|
1463 return(-1); |
|
1464 } |
|
1465 |
|
1466 ski = xmlNodeGetContent(node); |
|
1467 if((!ski) || (xmlSecIsEmptyString(ski) == 1)) { |
|
1468 if(ski) { |
|
1469 xmlFree(ski); |
|
1470 } |
|
1471 if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_STOP_ON_EMPTY_NODE) != 0) { |
|
1472 xmlSecError(XMLSEC_ERRORS_HERE, |
|
1473 xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)), |
|
1474 xmlSecErrorsSafeString(xmlSecNodeGetName(node)), |
|
1475 XMLSEC_ERRORS_R_INVALID_NODE_CONTENT, |
|
1476 "node=%s", |
|
1477 xmlSecErrorsSafeString(xmlSecNodeX509SKI)); |
|
1478 return(-1); |
|
1479 } |
|
1480 return(0); |
|
1481 } |
|
1482 |
|
1483 cert = xmlSecSymbianCryptoX509StoreFindCert(x509Store, NULL, NULL, NULL, ski, keyInfoCtx); |
|
1484 if(!cert){ |
|
1485 xmlFree(ski); |
|
1486 |
|
1487 if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_UNKNOWN_CERT) != 0) { |
|
1488 xmlSecError(XMLSEC_ERRORS_HERE, |
|
1489 xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)), |
|
1490 NULL, |
|
1491 XMLSEC_ERRORS_R_CERT_NOT_FOUND, |
|
1492 "ski=%s", |
|
1493 xmlSecErrorsSafeString(ski)); |
|
1494 return(-1); |
|
1495 } |
|
1496 return(0); |
|
1497 } |
|
1498 |
|
1499 if(!cert2) { |
|
1500 xmlSecError(XMLSEC_ERRORS_HERE, |
|
1501 xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)), |
|
1502 "X509_dup", |
|
1503 XMLSEC_ERRORS_R_CRYPTO_FAILED, |
|
1504 XMLSEC_ERRORS_NO_MESSAGE); |
|
1505 xmlFree(ski); |
|
1506 return(-1); |
|
1507 } |
|
1508 |
|
1509 ret = xmlSecSymbianCryptoKeyDataX509AdoptCert(data, cert2); |
|
1510 if(ret < 0) { |
|
1511 xmlSecError(XMLSEC_ERRORS_HERE, |
|
1512 xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)), |
|
1513 "xmlSecSymbianCryptoKeyDataX509AdoptCert", |
|
1514 XMLSEC_ERRORS_R_XMLSEC_FAILED, |
|
1515 XMLSEC_ERRORS_NO_MESSAGE); |
|
1516 xmlFree(ski); |
|
1517 return(-1); |
|
1518 } |
|
1519 |
|
1520 xmlFree(ski); |
|
1521 return(0); |
|
1522 } |
|
1523 |
|
1524 static int |
|
1525 xmlSecSymbianCryptoX509SKINodeWrite(X509* cert, |
|
1526 xmlNodePtr node, |
|
1527 xmlSecKeyInfoCtxPtr keyInfoCtx ATTRIBUTE_UNUSED) { |
|
1528 xmlChar *buf = NULL; |
|
1529 xmlNodePtr cur = NULL; |
|
1530 |
|
1531 xmlSecAssert2(cert, -1); |
|
1532 xmlSecAssert2(node, -1); |
|
1533 |
|
1534 buf = xmlSecSymbianCryptoX509SKIWrite(cert); |
|
1535 if(!buf) { |
|
1536 xmlSecError(XMLSEC_ERRORS_HERE, |
|
1537 NULL, |
|
1538 "xmlSecSymbianCryptoX509SKIWrite", |
|
1539 XMLSEC_ERRORS_R_XMLSEC_FAILED, |
|
1540 XMLSEC_ERRORS_NO_MESSAGE); |
|
1541 return(-1); |
|
1542 } |
|
1543 |
|
1544 cur = xmlSecAddChild(node, xmlSecNodeX509SKI, xmlSecDSigNs); |
|
1545 if(!cur) { |
|
1546 xmlSecError(XMLSEC_ERRORS_HERE, |
|
1547 NULL, |
|
1548 "xmlSecAddChild", |
|
1549 XMLSEC_ERRORS_R_XMLSEC_FAILED, |
|
1550 "new_node=%s", |
|
1551 xmlSecErrorsSafeString(xmlSecNodeX509SKI)); |
|
1552 xmlFree(buf); |
|
1553 return(-1); |
|
1554 } |
|
1555 xmlNodeSetContent(cur, buf); |
|
1556 xmlFree(buf); |
|
1557 |
|
1558 return(0); |
|
1559 } |
|
1560 |
|
1561 static int |
|
1562 xmlSecSymbianCryptoX509CRLNodeRead(xmlSecKeyDataPtr data, |
|
1563 xmlNodePtr node, |
|
1564 xmlSecKeyInfoCtxPtr keyInfoCtx) { |
|
1565 xmlChar *content; |
|
1566 X509_CRL* crl; |
|
1567 int ret; |
|
1568 |
|
1569 xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecSymbianCryptoKeyDataX509Id), -1); |
|
1570 xmlSecAssert2(node, -1); |
|
1571 xmlSecAssert2(keyInfoCtx, -1); |
|
1572 |
|
1573 content = xmlNodeGetContent(node); |
|
1574 if((!content) || (xmlSecIsEmptyString(content) == 1)) { |
|
1575 if(content) { |
|
1576 xmlFree(content); |
|
1577 } |
|
1578 if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_STOP_ON_EMPTY_NODE) != 0) { |
|
1579 xmlSecError(XMLSEC_ERRORS_HERE, |
|
1580 xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)), |
|
1581 xmlSecErrorsSafeString(xmlSecNodeGetName(node)), |
|
1582 XMLSEC_ERRORS_R_INVALID_NODE_CONTENT, |
|
1583 XMLSEC_ERRORS_NO_MESSAGE); |
|
1584 return(-1); |
|
1585 } |
|
1586 return(0); |
|
1587 } |
|
1588 |
|
1589 crl = xmlSecSymbianCryptoX509CrlBase64DerRead(content); |
|
1590 if(!crl) { |
|
1591 xmlSecError(XMLSEC_ERRORS_HERE, |
|
1592 xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)), |
|
1593 "xmlSecSymbianCryptoX509CrlBase64DerRead", |
|
1594 XMLSEC_ERRORS_R_XMLSEC_FAILED, |
|
1595 XMLSEC_ERRORS_NO_MESSAGE); |
|
1596 xmlFree(content); |
|
1597 return(-1); |
|
1598 } |
|
1599 |
|
1600 ret = xmlSecSymbianCryptoKeyDataX509AdoptCrl(data, crl); |
|
1601 if(ret < 0) { |
|
1602 xmlSecError(XMLSEC_ERRORS_HERE, |
|
1603 xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)), |
|
1604 "xmlSecSymbianCryptoKeyDataX509AdoptCrl", |
|
1605 XMLSEC_ERRORS_R_XMLSEC_FAILED, |
|
1606 XMLSEC_ERRORS_NO_MESSAGE); |
|
1607 X509_crl_free(crl); |
|
1608 xmlFree(content); |
|
1609 return(-1); |
|
1610 } |
|
1611 |
|
1612 xmlFree(content); |
|
1613 return(0); |
|
1614 } |
|
1615 |
|
1616 static int |
|
1617 xmlSecSymbianCryptoX509CRLNodeWrite(X509_CRL* crl, |
|
1618 xmlNodePtr node, |
|
1619 xmlSecKeyInfoCtxPtr keyInfoCtx) { |
|
1620 xmlChar* buf = NULL; |
|
1621 xmlNodePtr cur = NULL; |
|
1622 |
|
1623 xmlSecAssert2(crl, -1); |
|
1624 xmlSecAssert2(node, -1); |
|
1625 xmlSecAssert2(keyInfoCtx, -1); |
|
1626 |
|
1627 /* set base64 lines size from context */ |
|
1628 buf = xmlSecSymbianCryptoX509CrlBase64DerWrite(crl, keyInfoCtx->base64LineSize); |
|
1629 if(!buf) { |
|
1630 xmlSecError(XMLSEC_ERRORS_HERE, |
|
1631 NULL, |
|
1632 "xmlSecSymbianCryptoX509CrlBase64DerWrite", |
|
1633 XMLSEC_ERRORS_R_XMLSEC_FAILED, |
|
1634 XMLSEC_ERRORS_NO_MESSAGE); |
|
1635 return(-1); |
|
1636 } |
|
1637 |
|
1638 cur = xmlSecAddChild(node, xmlSecNodeX509CRL, xmlSecDSigNs); |
|
1639 if(!cur) { |
|
1640 xmlSecError(XMLSEC_ERRORS_HERE, |
|
1641 NULL, |
|
1642 "xmlSecAddChild", |
|
1643 XMLSEC_ERRORS_R_XMLSEC_FAILED, |
|
1644 "new_node=%s", |
|
1645 xmlSecErrorsSafeString(xmlSecNodeX509CRL)); |
|
1646 xmlFree(buf); |
|
1647 return(-1); |
|
1648 } |
|
1649 xmlNodeSetContent(cur, xmlSecStringCR); |
|
1650 xmlNodeSetContent(cur, buf); |
|
1651 xmlFree(buf); |
|
1652 |
|
1653 return(0); |
|
1654 } |
|
1655 |
|
1656 static int |
|
1657 xmlSecSymbianCryptoKeyDataX509VerifyAndExtractKey(xmlSecKeyDataPtr data, xmlSecKeyPtr key, |
|
1658 xmlSecKeyInfoCtxPtr keyInfoCtx) { |
|
1659 xmlSecSymbianCryptoX509DataCtxPtr ctx; |
|
1660 xmlSecKeyDataStorePtr x509Store; |
|
1661 int ret; |
|
1662 |
|
1663 xmlSecAssert2(xmlSecKeyDataCheckId(data, xmlSecSymbianCryptoKeyDataX509Id), -1); |
|
1664 xmlSecAssert2(key, -1); |
|
1665 xmlSecAssert2(keyInfoCtx, -1); |
|
1666 xmlSecAssert2(keyInfoCtx->keysMngr, -1); |
|
1667 |
|
1668 ctx = xmlSecSymbianCryptoX509DataGetCtx(data); |
|
1669 xmlSecAssert2(ctx, -1); |
|
1670 |
|
1671 x509Store = xmlSecKeysMngrGetDataStore(keyInfoCtx->keysMngr, xmlSecSymbianCryptoX509StoreId); |
|
1672 if(!x509Store) { |
|
1673 xmlSecError(XMLSEC_ERRORS_HERE, |
|
1674 xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)), |
|
1675 "xmlSecKeysMngrGetDataStore", |
|
1676 XMLSEC_ERRORS_R_XMLSEC_FAILED, |
|
1677 XMLSEC_ERRORS_NO_MESSAGE); |
|
1678 return(-1); |
|
1679 } |
|
1680 |
|
1681 // do not use list first |
|
1682 //if((ctx->keyCert == NULL) && (ctx->certsList != NULL) && (xmlSecKeyGetValue(key) == NULL)) { |
|
1683 if((ctx->keyCert) && (!xmlSecKeyGetValue(key)) ) { |
|
1684 X509* cert; |
|
1685 |
|
1686 ret = xmlSecSymbianCryptoX509StoreKeyCertVerify(x509Store, ctx->keyCert); |
|
1687 if(ret == 0) { |
|
1688 xmlSecKeyDataPtr keyValue; |
|
1689 /* |
|
1690 ctx->keyCert = X509_dup(cert); |
|
1691 if(ctx->keyCert == NULL) { |
|
1692 xmlSecError(XMLSEC_ERRORS_HERE, |
|
1693 xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)), |
|
1694 "X509_dup", |
|
1695 XMLSEC_ERRORS_R_CRYPTO_FAILED, |
|
1696 XMLSEC_ERRORS_NO_MESSAGE); |
|
1697 return(-1); |
|
1698 } |
|
1699 */ |
|
1700 keyValue = xmlSecSymbianCryptoX509CertGetKey(ctx->keyCert); |
|
1701 if(!keyValue) { |
|
1702 xmlSecError(XMLSEC_ERRORS_HERE, |
|
1703 xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)), |
|
1704 "xmlSecSymbianCryptoX509CertGetKey", |
|
1705 XMLSEC_ERRORS_R_XMLSEC_FAILED, |
|
1706 XMLSEC_ERRORS_NO_MESSAGE); |
|
1707 return(-1); |
|
1708 } |
|
1709 |
|
1710 /* verify that the key matches our expectations */ |
|
1711 if(xmlSecKeyReqMatchKeyValue(&(keyInfoCtx->keyReq), keyValue) != 1) { |
|
1712 xmlSecError(XMLSEC_ERRORS_HERE, |
|
1713 xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)), |
|
1714 "xmlSecKeyReqMatchKeyValue", |
|
1715 XMLSEC_ERRORS_R_XMLSEC_FAILED, |
|
1716 XMLSEC_ERRORS_NO_MESSAGE); |
|
1717 xmlSecKeyDataDestroy(keyValue); |
|
1718 return(-1); |
|
1719 } |
|
1720 |
|
1721 ret = xmlSecKeySetValue(key, keyValue); |
|
1722 if(ret < 0) { |
|
1723 xmlSecError(XMLSEC_ERRORS_HERE, |
|
1724 xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)), |
|
1725 "xmlSecKeySetValue", |
|
1726 XMLSEC_ERRORS_R_XMLSEC_FAILED, |
|
1727 XMLSEC_ERRORS_NO_MESSAGE); |
|
1728 xmlSecKeyDataDestroy(keyValue); |
|
1729 return(-1); |
|
1730 } |
|
1731 /* |
|
1732 if((X509_get_notBefore(ctx->keyCert) != NULL) && (X509_get_notAfter(ctx->keyCert) != NULL)) { |
|
1733 ret = xmlSecSymbianCryptoX509CertGetTime(X509_get_notBefore(ctx->keyCert), &(key->notValidBefore)); |
|
1734 if(ret < 0) { |
|
1735 xmlSecError(XMLSEC_ERRORS_HERE, |
|
1736 xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)), |
|
1737 "xmlSecSymbianCryptoX509CertGetTime", |
|
1738 XMLSEC_ERRORS_R_XMLSEC_FAILED, |
|
1739 "notValidBefore"); |
|
1740 return(-1); |
|
1741 } |
|
1742 |
|
1743 ret = xmlSecSymbianCryptoX509CertGetTime(X509_get_notAfter(ctx->keyCert), &(key->notValidAfter)); |
|
1744 if(ret < 0) { |
|
1745 xmlSecError(XMLSEC_ERRORS_HERE, |
|
1746 xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)), |
|
1747 "xmlSecSymbianCryptoX509CertGetTime", |
|
1748 XMLSEC_ERRORS_R_XMLSEC_FAILED, |
|
1749 "notValidAfter"); |
|
1750 return(-1); |
|
1751 } |
|
1752 } else { |
|
1753 key->notValidBefore = key->notValidAfter = 0; |
|
1754 } |
|
1755 */ |
|
1756 ret = X509_test_validityPeriod(ctx->keyCert); |
|
1757 if(ret != 1) { |
|
1758 xmlSecError(XMLSEC_ERRORS_HERE, |
|
1759 xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)), |
|
1760 "xmlSecSymbianCryptoX509CertGetTime", |
|
1761 XMLSEC_ERRORS_R_XMLSEC_FAILED, |
|
1762 "x509_test_validityPeriod"); |
|
1763 return(-1); |
|
1764 } |
|
1765 else |
|
1766 { |
|
1767 key->notValidBefore = key->notValidAfter = 0; |
|
1768 } |
|
1769 |
|
1770 |
|
1771 } else if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_INVALID_CERT) != 0) { |
|
1772 xmlSecError(XMLSEC_ERRORS_HERE, |
|
1773 xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)), |
|
1774 NULL, |
|
1775 XMLSEC_ERRORS_R_CERT_NOT_FOUND, |
|
1776 XMLSEC_ERRORS_NO_MESSAGE); |
|
1777 return(-1); |
|
1778 } |
|
1779 else if (ret != 0) |
|
1780 { |
|
1781 xmlSecError(XMLSEC_ERRORS_HERE, |
|
1782 xmlSecErrorsSafeString(xmlSecKeyDataGetName(data)), |
|
1783 NULL, |
|
1784 XMLSEC_ERRORS_R_CERT_NOT_FOUND, |
|
1785 XMLSEC_ERRORS_NO_MESSAGE); |
|
1786 return(-1); |
|
1787 } |
|
1788 } |
|
1789 return(0); |
|
1790 } |
|
1791 |
|
1792 #ifdef HAVE_TIMEGM |
|
1793 extern time_t timegm (struct tm *tm); |
|
1794 #else /* HAVE_TIMEGM */ |
|
1795 #ifdef WIN32 |
|
1796 #define timegm(tm) (mktime(tm) - _timezone) |
|
1797 #else /* WIN32 */ |
|
1798 /* Absolutely not the best way but it's the only ANSI compatible way I know. |
|
1799 * If you system has a native struct tm --> GMT time_t conversion function |
|
1800 * (like timegm) use it instead. |
|
1801 */ |
|
1802 static time_t |
|
1803 my_timegm(struct tm *t) { |
|
1804 time_t tl, tb; |
|
1805 struct tm *tg; |
|
1806 |
|
1807 tl = mktime (t); |
|
1808 if(tl == -1) { |
|
1809 t->tm_hour--; |
|
1810 tl = mktime (t); |
|
1811 if (tl == -1) { |
|
1812 return -1; |
|
1813 } |
|
1814 tl += 3600; |
|
1815 } |
|
1816 tg = gmtime (&tl); |
|
1817 tg->tm_isdst = 0; |
|
1818 tb = mktime (tg); |
|
1819 if (tb == -1) { |
|
1820 tg->tm_hour--; |
|
1821 tb = mktime (tg); |
|
1822 if (tb == -1) { |
|
1823 return -1; |
|
1824 } |
|
1825 tb += 3600; |
|
1826 } |
|
1827 return (tl - (tb - tl)); |
|
1828 } |
|
1829 |
|
1830 #define timegm(tm) my_timegm(tm) |
|
1831 #endif /* WIN32 */ |
|
1832 #endif /* HAVE_TIMEGM */ |
|
1833 |
|
1834 #ifdef XMLSEC_FUTURE_SUPPORT |
|
1835 static int |
|
1836 xmlSecSymbianCryptoX509CertGetTime(ASN1_TIME* t, time_t* res) { |
|
1837 struct tm tm; |
|
1838 int offset; |
|
1839 |
|
1840 xmlSecAssert2(t, -1); |
|
1841 xmlSecAssert2(res, -1); |
|
1842 |
|
1843 (*res) = 0; |
|
1844 #ifndef XMLSEC_OPENSSL_096 |
|
1845 if(!ASN1_TIME_check(t)) { |
|
1846 xmlSecError(XMLSEC_ERRORS_HERE, |
|
1847 NULL, |
|
1848 "ASN1_TIME_check", |
|
1849 XMLSEC_ERRORS_R_CRYPTO_FAILED, |
|
1850 XMLSEC_ERRORS_NO_MESSAGE); |
|
1851 return(-1); |
|
1852 } |
|
1853 #endif /* XMLSEC_OPENSSL_096 */ |
|
1854 |
|
1855 memset(&tm, 0, sizeof(tm)); |
|
1856 |
|
1857 #define g2(p) (((p)[0]-'0')*10+(p)[1]-'0') |
|
1858 if(t->type == V_ASN1_UTCTIME) { |
|
1859 xmlSecAssert2(t->length > 12, -1); |
|
1860 |
|
1861 |
|
1862 /* this code is copied from OpenSSL asn1/a_utctm.c file */ |
|
1863 tm.tm_year = g2(t->data); |
|
1864 if(tm.tm_year < 50) { |
|
1865 tm.tm_year += 100; |
|
1866 } |
|
1867 tm.tm_mon = g2(t->data + 2) - 1; |
|
1868 tm.tm_mday = g2(t->data + 4); |
|
1869 tm.tm_hour = g2(t->data + 6); |
|
1870 tm.tm_min = g2(t->data + 8); |
|
1871 tm.tm_sec = g2(t->data + 10); |
|
1872 if(t->data[12] == 'Z') { |
|
1873 offset = 0; |
|
1874 } else { |
|
1875 xmlSecAssert2(t->length > 16, -1); |
|
1876 |
|
1877 offset = g2(t->data + 13) * 60 + g2(t->data + 15); |
|
1878 if(t->data[12] == '-') { |
|
1879 offset = -offset; |
|
1880 } |
|
1881 } |
|
1882 tm.tm_isdst = -1; |
|
1883 } else { |
|
1884 xmlSecAssert2(t->length > 14, -1); |
|
1885 |
|
1886 tm.tm_year = g2(t->data) * 100 + g2(t->data + 2); |
|
1887 tm.tm_mon = g2(t->data + 4) - 1; |
|
1888 tm.tm_mday = g2(t->data + 6); |
|
1889 tm.tm_hour = g2(t->data + 8); |
|
1890 tm.tm_min = g2(t->data + 10); |
|
1891 tm.tm_sec = g2(t->data + 12); |
|
1892 if(t->data[14] == 'Z') { |
|
1893 offset = 0; |
|
1894 } else { |
|
1895 xmlSecAssert2(t->length > 18, -1); |
|
1896 |
|
1897 offset = g2(t->data + 15) * 60 + g2(t->data + 17); |
|
1898 if(t->data[14] == '-') { |
|
1899 offset = -offset; |
|
1900 } |
|
1901 } |
|
1902 tm.tm_isdst = -1; |
|
1903 } |
|
1904 #undef g2 |
|
1905 (*res) = timegm(&tm) - offset * 60; |
|
1906 return(0); |
|
1907 } |
|
1908 |
|
1909 #endif //XMLSEC_FUTURE_SUPPORT |
|
1910 /** |
|
1911 * xmlSecSymbianCryptoX509CertGetKey: |
|
1912 * @cert: the certificate. |
|
1913 * |
|
1914 * Extracts public key from the @cert. |
|
1915 * |
|
1916 * Returns public key value or NULL if an error occurs. |
|
1917 */ |
|
1918 EXPORT_C |
|
1919 xmlSecKeyDataPtr |
|
1920 xmlSecSymbianCryptoX509CertGetKey(X509* cert) { |
|
1921 xmlSecKeyDataPtr data; |
|
1922 EVP_PKEY *pKey = NULL; |
|
1923 |
|
1924 xmlSecAssert2(cert, NULL); |
|
1925 |
|
1926 pKey = X509_get_pubkey(cert); |
|
1927 if(!pKey) { |
|
1928 xmlSecError(XMLSEC_ERRORS_HERE, |
|
1929 NULL, |
|
1930 "X509_get_pubkey", |
|
1931 XMLSEC_ERRORS_R_CRYPTO_FAILED, |
|
1932 XMLSEC_ERRORS_NO_MESSAGE); |
|
1933 return(NULL); |
|
1934 } |
|
1935 |
|
1936 data = xmlSecSymbianCryptoEvpKeyAdopt(pKey); |
|
1937 if(!data) { |
|
1938 xmlSecError(XMLSEC_ERRORS_HERE, |
|
1939 NULL, |
|
1940 "xmlSecSymbianCryptoEvpKeyAdopt", |
|
1941 XMLSEC_ERRORS_R_XMLSEC_FAILED, |
|
1942 XMLSEC_ERRORS_NO_MESSAGE); |
|
1943 sc_pkey_free(pKey); |
|
1944 return(NULL); |
|
1945 } |
|
1946 |
|
1947 return(data); |
|
1948 } |
|
1949 |
|
1950 static X509* |
|
1951 xmlSecSymbianCryptoX509CertBase64DerRead(xmlChar* buf) { |
|
1952 int ret; |
|
1953 |
|
1954 xmlSecAssert2(buf, NULL); |
|
1955 |
|
1956 /* usual trick with base64 decoding "in-place" */ |
|
1957 ret = xmlSecBase64Decode(buf, (xmlSecByte*)buf, xmlStrlen(buf)); |
|
1958 if(ret < 0) { |
|
1959 xmlSecError(XMLSEC_ERRORS_HERE, |
|
1960 NULL, |
|
1961 "xmlSecBase64Decode", |
|
1962 XMLSEC_ERRORS_R_XMLSEC_FAILED, |
|
1963 XMLSEC_ERRORS_NO_MESSAGE); |
|
1964 return(NULL); |
|
1965 } |
|
1966 |
|
1967 return(xmlSecSymbianCryptoX509CertDerRead((xmlSecByte*)buf, ret)); |
|
1968 } |
|
1969 |
|
1970 static X509* |
|
1971 xmlSecSymbianCryptoX509CertDerRead(const xmlSecByte* buf, xmlSecSize size) { |
|
1972 X509 *cert = NULL; |
|
1973 BIO *mem = NULL; |
|
1974 int ret; |
|
1975 |
|
1976 xmlSecAssert2(buf, NULL); |
|
1977 xmlSecAssert2(size > 0, NULL); |
|
1978 |
|
1979 mem = BIO_new(); |
|
1980 if(!mem) { |
|
1981 xmlSecError(XMLSEC_ERRORS_HERE, |
|
1982 NULL, |
|
1983 "BIO_new", |
|
1984 XMLSEC_ERRORS_R_CRYPTO_FAILED, |
|
1985 "BIO_s_mem"); |
|
1986 return(NULL); |
|
1987 } |
|
1988 |
|
1989 ret = BIO_write(mem, buf, size); |
|
1990 if(ret < 0) { |
|
1991 xmlSecError(XMLSEC_ERRORS_HERE, |
|
1992 NULL, |
|
1993 "BIO_write", |
|
1994 XMLSEC_ERRORS_R_CRYPTO_FAILED, |
|
1995 "size=%d", size); |
|
1996 BIO_free(mem); |
|
1997 return(NULL); |
|
1998 } |
|
1999 |
|
2000 cert = d2i_X509_bio(mem); |
|
2001 if(!cert) { |
|
2002 xmlSecError(XMLSEC_ERRORS_HERE, |
|
2003 NULL, |
|
2004 "d2i_X509_bio", |
|
2005 XMLSEC_ERRORS_R_CRYPTO_FAILED, |
|
2006 XMLSEC_ERRORS_NO_MESSAGE); |
|
2007 BIO_free(mem); |
|
2008 return(NULL); |
|
2009 } |
|
2010 |
|
2011 BIO_free(mem); |
|
2012 |
|
2013 return(cert); |
|
2014 } |
|
2015 |
|
2016 static xmlChar* |
|
2017 xmlSecSymbianCryptoX509CertBase64DerWrite(X509* cert, int base64LineWrap) { |
|
2018 xmlChar *res = NULL; |
|
2019 xmlSecByte *p = NULL; |
|
2020 long size; |
|
2021 |
|
2022 xmlSecAssert2(cert, NULL); |
|
2023 |
|
2024 res = xmlSecBase64Encode((const xmlSecByte*)cert->der, cert->derlen, base64LineWrap); |
|
2025 if(!res) { |
|
2026 xmlSecError(XMLSEC_ERRORS_HERE, |
|
2027 NULL, |
|
2028 "xmlSecBase64Encode", |
|
2029 XMLSEC_ERRORS_R_XMLSEC_FAILED, |
|
2030 XMLSEC_ERRORS_NO_MESSAGE); |
|
2031 return(NULL); |
|
2032 } |
|
2033 |
|
2034 return(res); |
|
2035 } |
|
2036 |
|
2037 static X509_CRL* |
|
2038 xmlSecSymbianCryptoX509CrlBase64DerRead(xmlChar* buf) { |
|
2039 int ret; |
|
2040 |
|
2041 xmlSecAssert2(buf, NULL); |
|
2042 |
|
2043 /* usual trick with base64 decoding "in-place" */ |
|
2044 ret = xmlSecBase64Decode(buf, (xmlSecByte*)buf, xmlStrlen(buf)); |
|
2045 if(ret < 0) { |
|
2046 xmlSecError(XMLSEC_ERRORS_HERE, |
|
2047 NULL, |
|
2048 "xmlSecBase64Decode", |
|
2049 XMLSEC_ERRORS_R_XMLSEC_FAILED, |
|
2050 XMLSEC_ERRORS_NO_MESSAGE); |
|
2051 return(NULL); |
|
2052 } |
|
2053 |
|
2054 return(xmlSecSymbianCryptoX509CrlDerRead((xmlSecByte*)buf, ret)); |
|
2055 } |
|
2056 |
|
2057 static X509_CRL* |
|
2058 xmlSecSymbianCryptoX509CrlDerRead(xmlSecByte* buf, xmlSecSize size) { |
|
2059 X509_CRL *crl = NULL; |
|
2060 |
|
2061 xmlSecAssert2(buf, NULL); |
|
2062 xmlSecAssert2(size > 0, NULL); |
|
2063 |
|
2064 return(crl); |
|
2065 } |
|
2066 |
|
2067 static xmlChar* |
|
2068 xmlSecSymbianCryptoX509CrlBase64DerWrite(X509_CRL* crl, int base64LineWrap) { |
|
2069 xmlChar *res = NULL; |
|
2070 xmlSecByte *p = NULL; |
|
2071 long size; |
|
2072 |
|
2073 xmlSecAssert2(crl, NULL); |
|
2074 #ifdef XMLSEC_FUTURE_SUPPORT |
|
2075 mem = BIO_new(BIO_s_mem()); |
|
2076 if(!mem) { |
|
2077 xmlSecError(XMLSEC_ERRORS_HERE, |
|
2078 NULL, |
|
2079 "BIO_new", |
|
2080 XMLSEC_ERRORS_R_CRYPTO_FAILED, |
|
2081 "BIO_s_mem"); |
|
2082 return(NULL); |
|
2083 } |
|
2084 |
|
2085 i2d_X509_CRL_bio(mem, crl); |
|
2086 BIO_flush(mem); |
|
2087 |
|
2088 size = BIO_get_mem_data(mem, &p); |
|
2089 if((size <= 0) || (!p)){ |
|
2090 xmlSecError(XMLSEC_ERRORS_HERE, |
|
2091 NULL, |
|
2092 "BIO_get_mem_data", |
|
2093 XMLSEC_ERRORS_R_CRYPTO_FAILED, |
|
2094 XMLSEC_ERRORS_NO_MESSAGE); |
|
2095 BIO_free_all(mem); |
|
2096 return(NULL); |
|
2097 } |
|
2098 |
|
2099 res = xmlSecBase64Encode(p, size, base64LineWrap); |
|
2100 if(!res) { |
|
2101 xmlSecError(XMLSEC_ERRORS_HERE, |
|
2102 NULL, |
|
2103 "xmlSecBase64Encode", |
|
2104 XMLSEC_ERRORS_R_XMLSEC_FAILED, |
|
2105 XMLSEC_ERRORS_NO_MESSAGE); |
|
2106 BIO_free_all(mem); |
|
2107 return(NULL); |
|
2108 } |
|
2109 |
|
2110 BIO_free_all(mem); |
|
2111 |
|
2112 #endif |
|
2113 return(res); |
|
2114 } |
|
2115 |
|
2116 static xmlChar* |
|
2117 xmlSecSymbianCryptoX509NameWrite(X509_NAME* nm) { |
|
2118 xmlChar *res = NULL; |
|
2119 long size; |
|
2120 |
|
2121 xmlSecAssert2(nm, NULL); |
|
2122 #ifdef XMLSEC_FUTURE_SUPPORT |
|
2123 mem = BIO_new(BIO_s_mem()); |
|
2124 if(!mem) { |
|
2125 xmlSecError(XMLSEC_ERRORS_HERE, |
|
2126 NULL, |
|
2127 "BIO_new", |
|
2128 XMLSEC_ERRORS_R_CRYPTO_FAILED, |
|
2129 "BIO_s_mem"); |
|
2130 return(NULL); |
|
2131 } |
|
2132 |
|
2133 if (X509_NAME_print_ex(mem, nm, 0, XN_FLAG_RFC2253) <=0) { |
|
2134 xmlSecError(XMLSEC_ERRORS_HERE, |
|
2135 NULL, |
|
2136 "X509_NAME_print_ex", |
|
2137 XMLSEC_ERRORS_R_CRYPTO_FAILED, |
|
2138 XMLSEC_ERRORS_NO_MESSAGE); |
|
2139 BIO_free_all(mem); |
|
2140 return(NULL); |
|
2141 } |
|
2142 |
|
2143 BIO_flush(mem); |
|
2144 |
|
2145 size = BIO_pending(mem); |
|
2146 res = xmlMalloc(size + 1); |
|
2147 if(!res) { |
|
2148 xmlSecError(XMLSEC_ERRORS_HERE, |
|
2149 NULL, |
|
2150 "xmlMalloc", |
|
2151 XMLSEC_ERRORS_R_MALLOC_FAILED, |
|
2152 XMLSEC_ERRORS_NO_MESSAGE); |
|
2153 BIO_free_all(mem); |
|
2154 return(NULL); |
|
2155 } |
|
2156 |
|
2157 size = BIO_read(mem, res, size); |
|
2158 res[size] = '\0'; |
|
2159 |
|
2160 BIO_free_all(mem); |
|
2161 #endif |
|
2162 return(res); |
|
2163 } |
|
2164 |
|
2165 #ifdef XMLSEC_FUTURE_SUPPORT |
|
2166 static xmlChar* |
|
2167 xmlSecSymbianCryptoASN1IntegerWrite(ASN1_INTEGER *asni) { |
|
2168 xmlChar *res = NULL; |
|
2169 BIGNUM *bn; |
|
2170 char *p; |
|
2171 |
|
2172 xmlSecAssert2(asni, NULL); |
|
2173 bn = ASN1_INTEGER_to_BN(asni, NULL); |
|
2174 if(!bn) { |
|
2175 xmlSecError(XMLSEC_ERRORS_HERE, |
|
2176 NULL, |
|
2177 "ASN1_INTEGER_to_BN", |
|
2178 XMLSEC_ERRORS_R_CRYPTO_FAILED, |
|
2179 XMLSEC_ERRORS_NO_MESSAGE); |
|
2180 return(NULL); |
|
2181 } |
|
2182 |
|
2183 p = BN_bn2dec(bn); |
|
2184 if (!p) { |
|
2185 xmlSecError(XMLSEC_ERRORS_HERE, |
|
2186 NULL, |
|
2187 "BN_bn2dec", |
|
2188 XMLSEC_ERRORS_R_CRYPTO_FAILED, |
|
2189 XMLSEC_ERRORS_NO_MESSAGE); |
|
2190 BN_free(bn); |
|
2191 return(NULL); |
|
2192 } |
|
2193 BN_free(bn); |
|
2194 bn = NULL; |
|
2195 |
|
2196 /* SymbianCrypto and LibXML2 can have different memory callbacks, i.e. |
|
2197 when data is allocated in SymbianCrypto should be freed with SymbianCrypto |
|
2198 method, not with LibXML2 method. |
|
2199 */ |
|
2200 res = xmlCharStrdup(p); |
|
2201 if(!res) { |
|
2202 xmlSecError(XMLSEC_ERRORS_HERE, |
|
2203 NULL, |
|
2204 "xmlCharStrdup", |
|
2205 XMLSEC_ERRORS_R_MALLOC_FAILED, |
|
2206 XMLSEC_ERRORS_NO_MESSAGE); |
|
2207 OPENSSL_free(p); |
|
2208 return(NULL); |
|
2209 } |
|
2210 OPENSSL_free(p); |
|
2211 p = NULL; |
|
2212 return(res); |
|
2213 } |
|
2214 #endif //XMLSEC_FUTURE_SUPPORT |
|
2215 |
|
2216 static xmlChar* |
|
2217 xmlSecSymbianCryptoX509SKIWrite(X509* cert) { |
|
2218 xmlChar *res = NULL; |
|
2219 int index; |
|
2220 #ifdef XMLSEC_FUTURE_SUPPORT |
|
2221 X509_EXTENSION *ext; |
|
2222 ASN1_OCTET_STRING *keyId; |
|
2223 |
|
2224 xmlSecAssert2(cert, NULL); |
|
2225 |
|
2226 index = X509_get_ext_by_NID(cert, NID_subject_key_identifier, -1); |
|
2227 if (index < 0) { |
|
2228 xmlSecError(XMLSEC_ERRORS_HERE, |
|
2229 NULL, |
|
2230 "Certificate without SubjectKeyIdentifier extension", |
|
2231 XMLSEC_ERRORS_R_CRYPTO_FAILED, |
|
2232 XMLSEC_ERRORS_NO_MESSAGE); |
|
2233 return(NULL); |
|
2234 } |
|
2235 |
|
2236 ext = X509_get_ext(cert, index); |
|
2237 if (!ext) { |
|
2238 xmlSecError(XMLSEC_ERRORS_HERE, |
|
2239 NULL, |
|
2240 "X509_get_ext", |
|
2241 XMLSEC_ERRORS_R_CRYPTO_FAILED, |
|
2242 XMLSEC_ERRORS_NO_MESSAGE); |
|
2243 return(NULL); |
|
2244 } |
|
2245 |
|
2246 keyId = X509V3_EXT_d2i(ext); |
|
2247 if (!keyId) { |
|
2248 xmlSecError(XMLSEC_ERRORS_HERE, |
|
2249 NULL, |
|
2250 "X509V3_EXT_d2i", |
|
2251 XMLSEC_ERRORS_R_CRYPTO_FAILED, |
|
2252 XMLSEC_ERRORS_NO_MESSAGE); |
|
2253 M_ASN1_OCTET_STRING_free(keyId); |
|
2254 return(NULL); |
|
2255 } |
|
2256 |
|
2257 res = xmlSecBase64Encode(M_ASN1_STRING_data(keyId), M_ASN1_STRING_length(keyId), 0); |
|
2258 if(!res) { |
|
2259 xmlSecError(XMLSEC_ERRORS_HERE, |
|
2260 NULL, |
|
2261 "xmlSecBase64Encode", |
|
2262 XMLSEC_ERRORS_R_XMLSEC_FAILED, |
|
2263 XMLSEC_ERRORS_NO_MESSAGE); |
|
2264 M_ASN1_OCTET_STRING_free(keyId); |
|
2265 return(NULL); |
|
2266 } |
|
2267 M_ASN1_OCTET_STRING_free(keyId); |
|
2268 #endif //XMLSEC_FUTURE_SUPPORT |
|
2269 return(res); |
|
2270 } |
|
2271 |
|
2272 static void |
|
2273 xmlSecSymbianCryptoX509CertDebugDump(X509* cert, FILE* output) { |
|
2274 char buf[1024]; |
|
2275 #ifdef XMLSEC_FUTURE_SUPPORT |
|
2276 BIGNUM *bn = NULL; |
|
2277 |
|
2278 xmlSecAssert(cert); |
|
2279 xmlSecAssert(output); |
|
2280 |
|
2281 fprintf(output, "==== Subject Name: %s\n", |
|
2282 X509_NAME_oneline(X509_get_subject_name(cert), buf, sizeof(buf))); |
|
2283 fprintf(output, "==== Issuer Name: %s\n", |
|
2284 X509_NAME_oneline(X509_get_issuer_name(cert), buf, sizeof(buf))); |
|
2285 fprintf(output, "==== Issuer Serial: "); |
|
2286 bn = ASN1_INTEGER_to_BN(X509_get_serialNumber(cert),NULL); |
|
2287 if(bn) { |
|
2288 BN_print_fp(output, bn); |
|
2289 BN_free(bn); |
|
2290 fprintf(output, "\n"); |
|
2291 } else { |
|
2292 fprintf(output, "unknown\n"); |
|
2293 } |
|
2294 #endif //XMLSEC_FUTURE_SUPPORT |
|
2295 } |
|
2296 |
|
2297 |
|
2298 static void |
|
2299 xmlSecSymbianCryptoX509CertDebugXmlDump(X509* cert, FILE* output) { |
|
2300 char buf[1024]; |
|
2301 #ifdef XMLSEC_FUTURE_SUPPORT |
|
2302 BIGNUM *bn = NULL; |
|
2303 |
|
2304 xmlSecAssert(cert); |
|
2305 xmlSecAssert(output); |
|
2306 |
|
2307 fprintf(output, "=== X509 Certificate\n"); |
|
2308 fprintf(output, "==== Subject Name: %s\n", |
|
2309 X509_NAME_oneline(X509_get_subject_name(cert), buf, sizeof(buf))); |
|
2310 fprintf(output, "==== Issuer Name: %s\n", |
|
2311 X509_NAME_oneline(X509_get_issuer_name(cert), buf, sizeof(buf))); |
|
2312 fprintf(output, "==== Issuer Serial: "); |
|
2313 bn = ASN1_INTEGER_to_BN(X509_get_serialNumber(cert),NULL); |
|
2314 if(bn) { |
|
2315 BN_print_fp(output, bn); |
|
2316 BN_free(bn); |
|
2317 fprintf(output, "\n"); |
|
2318 } else { |
|
2319 fprintf(output, "unknown\n"); |
|
2320 } |
|
2321 #endif //XMLSEC_FUTURE_SUPPORT |
|
2322 } |
|
2323 |
|
2324 |
|
2325 /************************************************************************** |
|
2326 * |
|
2327 * Raw X509 Certificate processing |
|
2328 * |
|
2329 * |
|
2330 *************************************************************************/ |
|
2331 static int xmlSecSymbianCryptoKeyDataRawX509CertBinRead (xmlSecKeyDataId id, |
|
2332 xmlSecKeyPtr key, |
|
2333 const xmlSecByte* buf, |
|
2334 xmlSecSize bufSize, |
|
2335 xmlSecKeyInfoCtxPtr keyInfoCtx); |
|
2336 |
|
2337 static xmlSecKeyDataKlass xmlSecSymbianCryptoKeyDataRawX509CertKlass = { |
|
2338 sizeof(xmlSecKeyDataKlass), |
|
2339 sizeof(xmlSecKeyData), |
|
2340 |
|
2341 /* data */ |
|
2342 xmlSecNameRawX509Cert, |
|
2343 xmlSecKeyDataUsageRetrievalMethodNodeBin, |
|
2344 /* xmlSecKeyDataUsage usage; */ |
|
2345 xmlSecHrefRawX509Cert, /* const xmlChar* href; */ |
|
2346 NULL, /* const xmlChar* dataNodeName; */ |
|
2347 xmlSecDSigNs, /* const xmlChar* dataNodeNs; */ |
|
2348 |
|
2349 /* constructors/destructor */ |
|
2350 NULL, /* xmlSecKeyDataInitializeMethod initialize; */ |
|
2351 NULL, /* xmlSecKeyDataDuplicateMethod duplicate; */ |
|
2352 NULL, /* xmlSecKeyDataFinalizeMethod finalize; */ |
|
2353 NULL, /* xmlSecKeyDataGenerateMethod generate; */ |
|
2354 |
|
2355 /* get info */ |
|
2356 NULL, /* xmlSecKeyDataGetTypeMethod getType; */ |
|
2357 NULL, /* xmlSecKeyDataGetSizeMethod getSize; */ |
|
2358 NULL, /* xmlSecKeyDataGetIdentifier getIdentifier; */ |
|
2359 |
|
2360 /* read/write */ |
|
2361 NULL, /* xmlSecKeyDataXmlReadMethod xmlRead; */ |
|
2362 NULL, /* xmlSecKeyDataXmlWriteMethod xmlWrite; */ |
|
2363 xmlSecSymbianCryptoKeyDataRawX509CertBinRead, /* xmlSecKeyDataBinReadMethod binRead; */ |
|
2364 NULL, /* xmlSecKeyDataBinWriteMethod binWrite; */ |
|
2365 |
|
2366 /* debug */ |
|
2367 NULL, /* xmlSecKeyDataDebugDumpMethod debugDump; */ |
|
2368 NULL, /* xmlSecKeyDataDebugDumpMethod debugXmlDump; */ |
|
2369 |
|
2370 /* reserved for the future */ |
|
2371 NULL, /* void* reserved0; */ |
|
2372 NULL, /* void* reserved1; */ |
|
2373 }; |
|
2374 |
|
2375 /** |
|
2376 * xmlSecSymbianCryptoKeyDataRawX509CertGetKlass: |
|
2377 * |
|
2378 * The raw X509 certificates key data klass. |
|
2379 * |
|
2380 * Returns raw X509 certificates key data klass. |
|
2381 */ |
|
2382 EXPORT_C |
|
2383 xmlSecKeyDataId |
|
2384 xmlSecSymbianCryptoKeyDataRawX509CertGetKlass(void) { |
|
2385 return(&xmlSecSymbianCryptoKeyDataRawX509CertKlass); |
|
2386 } |
|
2387 |
|
2388 static int |
|
2389 xmlSecSymbianCryptoKeyDataRawX509CertBinRead(xmlSecKeyDataId id, xmlSecKeyPtr key, |
|
2390 const xmlSecByte* buf, xmlSecSize bufSize, |
|
2391 xmlSecKeyInfoCtxPtr keyInfoCtx) { |
|
2392 xmlSecKeyDataPtr data; |
|
2393 X509* cert; |
|
2394 int ret; |
|
2395 |
|
2396 xmlSecAssert2(id == xmlSecSymbianCryptoKeyDataRawX509CertId, -1); |
|
2397 xmlSecAssert2(key, -1); |
|
2398 xmlSecAssert2(buf, -1); |
|
2399 xmlSecAssert2(bufSize > 0, -1); |
|
2400 xmlSecAssert2(keyInfoCtx, -1); |
|
2401 |
|
2402 cert = xmlSecSymbianCryptoX509CertDerRead(buf, bufSize); |
|
2403 if(!cert) { |
|
2404 xmlSecError(XMLSEC_ERRORS_HERE, |
|
2405 NULL, |
|
2406 "xmlSecSymbianCryptoX509CertDerRead", |
|
2407 XMLSEC_ERRORS_R_XMLSEC_FAILED, |
|
2408 XMLSEC_ERRORS_NO_MESSAGE); |
|
2409 return(-1); |
|
2410 } |
|
2411 |
|
2412 data = xmlSecKeyEnsureData(key, xmlSecSymbianCryptoKeyDataX509Id); |
|
2413 if(!data) { |
|
2414 xmlSecError(XMLSEC_ERRORS_HERE, |
|
2415 xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)), |
|
2416 "xmlSecKeyEnsureData", |
|
2417 XMLSEC_ERRORS_R_XMLSEC_FAILED, |
|
2418 XMLSEC_ERRORS_NO_MESSAGE); |
|
2419 X509_free(cert); |
|
2420 return(-1); |
|
2421 } |
|
2422 |
|
2423 ret = xmlSecSymbianCryptoKeyDataX509AdoptCert(data, cert); |
|
2424 if(ret < 0) { |
|
2425 xmlSecError(XMLSEC_ERRORS_HERE, |
|
2426 xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)), |
|
2427 "xmlSecSymbianCryptoKeyDataX509AdoptCert", |
|
2428 XMLSEC_ERRORS_R_XMLSEC_FAILED, |
|
2429 XMLSEC_ERRORS_NO_MESSAGE); |
|
2430 X509_free(cert); |
|
2431 return(-1); |
|
2432 } |
|
2433 |
|
2434 ret = xmlSecSymbianCryptoKeyDataX509VerifyAndExtractKey(data, key, keyInfoCtx); |
|
2435 if(ret < 0) { |
|
2436 xmlSecError(XMLSEC_ERRORS_HERE, |
|
2437 xmlSecErrorsSafeString(xmlSecKeyDataKlassGetName(id)), |
|
2438 "xmlSecSymbianCryptoKeyDataX509VerifyAndExtractKey", |
|
2439 XMLSEC_ERRORS_R_XMLSEC_FAILED, |
|
2440 XMLSEC_ERRORS_NO_MESSAGE); |
|
2441 return(-1); |
|
2442 } |
|
2443 return(0); |
|
2444 } |
|
2445 |
|
2446 |
|
2447 #endif /* XMLSEC_NO_X509 */ |
|
2448 |