diff options
Diffstat (limited to 'Source/lib/crypto/certificate.c')
| -rwxr-xr-x | Source/lib/crypto/certificate.c | 231 |
1 files changed, 0 insertions, 231 deletions
diff --git a/Source/lib/crypto/certificate.c b/Source/lib/crypto/certificate.c deleted file mode 100755 index 34c82e853..000000000 --- a/Source/lib/crypto/certificate.c +++ /dev/null @@ -1,231 +0,0 @@ -/** - * @file certificate.c - * - * @brief Implementation of certificate_t. - * - */ - -/* - * Copyright (C) 2006 Martin Willi - * Hochschule fuer Technik Rapperswil - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -#include <gmp.h> -#include <sys/stat.h> -#include <unistd.h> - -#include "certificate.h" - -#include <daemon.h> -#include <asn1/der_decoder.h> - - -typedef struct private_certificate_t private_certificate_t; - -/** - * Private data of a certificate_t object. - */ -struct private_certificate_t { - /** - * Public interface for this signer. - */ - certificate_t public; - - u_int version; - - u_int serial; - - chunk_t sign_alg; - - time_t not_before; - - time_t not_after; - - chunk_t pubkey; - - chunk_t pubkey_alg; - - bool has_issuer_uid; - chunk_t issuer_uid; - - bool has_subject_uid; - chunk_t subject_uid; - - chunk_t tbs_cert; - chunk_t signature; - - rsa_public_key_t *public_key; -}; - -#define OSET(x) offsetof(private_certificate_t, x) - -/** - * Rules for de-/encoding of a certificate from/in ASN1 - */ -static asn1_rule_t certificate_rules[] = { - {ASN1_SEQUENCE, 0, 0, 0 }, /* certificate */ - { ASN1_SEQUENCE, ASN1_RAW, OSET(tbs_cert), 0 }, /* tbsCertificate */ - { ASN1_TAG_E_0, ASN1_DEFAULT, OSET(version), 0 }, /* EXPLICIT */ - { ASN1_INTEGER, ASN1_DEFAULT, OSET(version), 0 }, /* version DEFAULT v1(0) */ - { ASN1_INTEGER, 0, OSET(serial), 0 }, /* serialNumber */ - { ASN1_SEQUENCE, 0, 0, 0 }, /* signature */ - { ASN1_OID, 0, OSET(sign_alg), 0 }, /* algorithm-oid */ - { ASN1_NULL, 0, 0, 0 }, /* parameters */ - { ASN1_END, 0, 0, 0 }, /* signature */ - { ASN1_SEQUENCE, ASN1_OF, 0, 0 }, /* issuer */ -// { ASN1_SET, ASN1_OF, 0, 0, }, /* RelativeDistinguishedName */ -// { ASN1_SEQUENCE, 0, 0, 0, }, /* AttributeTypeAndValue */ -// { ASN1_OID, 0, 0, 0 }, /* AttributeType */ -// { ASN1_ANY, 0, 0, 0 }, /* AttributeValue */ -// { ASN1_END, 0, 0, 0 }, /* AttributeTypeAndValue */ -// { ASN1_END, 0, 0, 0 }, /* RelativeDistinguishedName */ - { ASN1_END, 0, 0, 0 }, /* issuer */ - { ASN1_SEQUENCE, 0, 0, 0 }, /* validity */ - { ASN1_CHOICE, 0, 0, 0 }, /* notBefore */ - { ASN1_UTCTIME, 0, OSET(not_before), 0 }, /* utcTime */ - { ASN1_GENERALIZEDTIME, 0, OSET(not_before), 0 }, /* generalTime */ - { ASN1_END, 0, 0, 0 }, /* notBefore */ - { ASN1_CHOICE, 0, 0, 0 }, /* notAfter */ - { ASN1_UTCTIME, 0, OSET(not_after), 0 }, /* utcTime */ - { ASN1_GENERALIZEDTIME, 0, OSET(not_after), 0 }, /* generalTime */ - { ASN1_END, 0, 0, 0 }, /* notAfter */ - { ASN1_END, 0, 0, 0 }, /* validity */ - { ASN1_SEQUENCE, ASN1_OF, 0, 0 }, /* subject */ -// { ASN1_SET, ASN1_OF, 0, 0, }, /* RelativeDistinguishedName */ -// { ASN1_SEQUENCE, 0, 0, 0, }, /* AttributeTypeAndValue */ -// { ASN1_OID, 0, 0, 0 }, /* AttributeType */ -// { ASN1_ANY, 0, 0, 0 }, /* AttributeValue */ -// { ASN1_END, 0, 0, 0 }, /* AttributeTypeAndValue */ -// { ASN1_END, 0, 0, 0 }, /* RelativeDistinguishedName */ - { ASN1_END, 0, 0, 0 }, /* subject */ - { ASN1_SEQUENCE, 0, 0, 0 }, /* subjectPublicKeyInfo */ - { ASN1_SEQUENCE, 0, 0, 0 }, /* algorithm */ - { ASN1_OID, 0, OSET(pubkey_alg), 0 }, /* algorithm-oid */ - { ASN1_NULL, 0, 0, 0 }, /* parameters */ - { ASN1_END, 0, 0, 0 }, /* algorithm */ - { ASN1_BITSTRING, 0, OSET(pubkey), 0 }, /* subjectPublicKey */ - { ASN1_END, 0, 0, 0 }, /* subjectPublicKeyInfo */ - { ASN1_TAG_I_1, ASN1_OPTIONAL, 0, OSET(has_issuer_uid)}, /* IMPLICIT */ - { ASN1_BITSTRING, ASN1_OPTIONAL, OSET(issuer_uid), 0 }, /* issuerUniqueID OPTIONAL */ - { ASN1_TAG_I_2, ASN1_OPTIONAL, 0, OSET(has_subject_uid)},/* IMPLICIT */ - { ASN1_BITSTRING, ASN1_OPTIONAL, OSET(subject_uid), 0 }, /* subjectUniqueID OPTIONAL */ - { ASN1_TAG_E_3, ASN1_OPTIONAL, 0, 0 }, /* EXPLICIT */ - { ASN1_SEQUENCE, ASN1_OF|ASN1_OPTIONAL, 0, 0 }, /* extensions OPTIONAL */ -// { ASN1_SEQUENCE, 0, 0, 0, }, /* extension */ -// { ASN1_OID, 0, 0, 0 }, /* extnID */ -// { ASN1_BOOLEAN, ASN1_DEFAULT, 0, FALSE }, /* critical */ -// { ASN1_OCTETSTRING, 0, 0, 0, }, /* extnValue */ -// { ASN1_END, 0, 0, 0, }, /* extension */ - { ASN1_END, 0, 0, 0, }, /* extensions */ - { ASN1_END, 0, 0, 0 }, /* tbsCertificate */ - { ASN1_SEQUENCE, 0, 0, 0 }, /* signatureAlgorithm */ - { ASN1_OID, 0, OSET(sign_alg), 0 }, /* algorithm-oid */ - { ASN1_NULL, 0, 0, 0 }, /* parameters */ - { ASN1_END, 0, 0, 0 }, /* signatureAlgorithm */ - { ASN1_BITSTRING, 0, OSET(signature), 0 }, /* signatureValue */ - {ASN1_END, 0, 0, 0 }, /* certificate */ -}; - -/** - * Implementation of certificate.get_public_key. - */ -static rsa_public_key_t *get_public_key(private_certificate_t *this) -{ - return this->public_key->clone(this->public_key); -} - -/** - * Implementation of certificate.destroy. - */ -static void destroy(private_certificate_t *this) -{ - this->public_key->destroy(this->public_key); - free(this->pubkey.ptr); - free(this->signature.ptr); - free(this->tbs_cert.ptr); - free(this); -} - -/* - * Described in header. - */ -certificate_t *certificate_create_from_chunk(chunk_t chunk) -{ - private_certificate_t *this = malloc_thing(private_certificate_t); - der_decoder_t *dd; - - /* public functions */ - this->public.get_public_key = (rsa_public_key_t *(*) (certificate_t*))get_public_key; - this->public.destroy = (void (*) (certificate_t*))destroy; - - /* initialize */ - this->pubkey = CHUNK_INITIALIZER; - this->signature = CHUNK_INITIALIZER; - this->tbs_cert = CHUNK_INITIALIZER; - - dd = der_decoder_create(certificate_rules); - - if (dd->decode(dd, chunk, this) != SUCCESS) - { - free(this); - dd->destroy(dd); - return NULL; - } - dd->destroy(dd); - - this->public_key = rsa_public_key_create_from_chunk(this->pubkey); - if (this->public_key == NULL) - { - free(this->pubkey.ptr); - free(this); - return NULL; - } - - return &this->public; -} - -/* - * Described in header. - */ -certificate_t *certificate_create_from_file(char *filename) -{ - struct stat stb; - FILE *file; - char *buffer; - chunk_t chunk; - - if (stat(filename, &stb) == -1) - { - return NULL; - } - - buffer = alloca(stb.st_size); - - file = fopen(filename, "r"); - if (file == NULL) - { - return NULL; - } - - if (fread(buffer, stb.st_size, 1, file) == -1) - { - fclose(file); - return NULL; - } - fclose(file); - - chunk.ptr = buffer; - chunk.len = stb.st_size; - - return certificate_create_from_chunk(chunk); -} |