~ubuntu-branches/ubuntu/oneiric/osptoolkit/oneiric

« back to all changes in this revision

Viewing changes to src/ospx509.c

Committer: Bazaar Package Importer
Author(s): TransNexus, Inc.
Date: 2007-12-30 20:37:26 UTC
Revision ID: james.westby@ubuntu.com-20071230203726-dysah2e93yqd3vbp

Tags: upstream-3.4.2

Import upstream version 3.4.2

files added:

LICENSE.txt

README.txt

RELNOTES.txt

bin/.rnd

bin/enroll.sh

bin/openssl.cnf

bin/test.cfg

crypto

crypto/openssl

crypto/openssl/README.txt

enroll

enroll/Makefile

enroll/enroll.dsp

enroll/enroll.mak

enroll/osptnep.c

enroll/osptnep.h

enroll/osptnepdatatypes.h

enroll/osptnepenroll.c

enroll/osptnepenroll.h

enroll/osptneperrno.h

enroll/osptnepinit.c

enroll/osptnepinit.h

enroll/osptneputil.c

enroll/osptneputil.h

include

include/osp

include/osp/osp.h

include/osp/ospaltinfo.h

include/osp/ospasn1.h

include/osp/ospasn1ids.h

include/osp/ospaudit.h

include/osp/ospauthcnf.h

include/osp/ospauthind.h

include/osp/ospauthreq.h

include/osp/ospauthrsp.h

include/osp/ospb64.h

include/osp/ospbfr.h

include/osp/ospcallid.h

include/osp/ospcapcnf.h

include/osp/ospcapind.h

include/osp/ospciscoext.h

include/osp/ospcode.h

include/osp/ospcomm.h

include/osp/ospconfig.h

include/osp/ospcrypto.h

include/osp/ospcryptowrap.h

include/osp/ospcustomdebug.h

include/osp/ospdatatypes.h

include/osp/ospdebug.h

include/osp/ospdest.h

include/osp/osperrno.h

include/osp/ospfail.h

include/osp/osphttp.h

include/osp/ospinit.h

include/osp/osplibversion.h

include/osp/osplist.h

include/osp/ospmime.h

include/osp/ospmsg.h

include/osp/ospmsgattr.h

include/osp/ospmsgdesc.h

include/osp/ospmsgelem.h

include/osp/ospmsginfo.h

include/osp/ospmsgpart.h

include/osp/ospmsgque.h

include/osp/osposincl.h

include/osp/ospossys.h

include/osp/ospostime.h

include/osp/osppkcs1.h

include/osp/osppkcs7.h

include/osp/osppkcs8.h

include/osp/ospprovider.h

include/osp/ospproviderapi.h

include/osp/ospreauthreq.h

include/osp/ospreauthrsp.h

include/osp/ospsecurity.h

include/osp/ospsocket.h

include/osp/ospssl.h

include/osp/ospsslsess.h

include/osp/ospstatistics.h

include/osp/ospstatus.h

include/osp/osptnaudit.h

include/osp/osptnlog.h

include/osp/osptnprobe.h

include/osp/osptoken.h

include/osp/osptokeninfo.h

include/osp/osptrans.h

include/osp/osptransapi.h

include/osp/osptransids.h

include/osp/ospusage.h

include/osp/ospusagecnf.h

include/osp/ospusageind.h

include/osp/osputils.h

include/osp/ospx500.h

include/osp/ospx509.h

include/osp/ospxml.h

include/osp/ospxmlattr.h

include/osp/ospxmldoc.h

include/osp/ospxmlelem.h

include/osp/ospxmltype.h

lib/README.txt

src/Makefile

src/osp.def

src/osp.dsp

src/osp.dsw

src/ospaltinfo.c

src/ospasn1.c

src/ospasn1ids.c

src/ospasn1object.c

src/ospasn1parse.c

src/ospasn1primitives.c

src/ospaudit.c

src/ospauthcnf.c

src/ospauthind.c

src/ospauthreq.c

src/ospauthrsp.c

src/ospb64.c

src/ospbfr.c

src/ospcallid.c

src/ospcapcnf.c

src/ospcapind.c

src/ospcflags.inc

src/ospciscoext.c

src/ospcomm.c

src/ospcrypto.c

src/ospcryptowrap.c

src/ospdest.c

src/ospfail.c

src/osphttp.c

src/ospinit.c

src/osplist.c

src/ospmime.c

src/ospmsgattr.c

src/ospmsgdesc.c

src/ospmsgelem.c

src/ospmsginfo.c

src/ospmsgque.c

src/ospmsgutil.c

src/ospnossl.c

src/ospopenssl.c

src/ospostime.c

src/osppkcs1.c

src/osppkcs7.c

src/osppkcs8.c

src/ospprovider.c

src/ospproviderapi.c

src/ospreauthreq.c

src/ospreauthrsp.c

src/ospsecssl.c

src/ospsecurity.c

src/ospsocket.c

src/ospssl.c

src/ospstatistics.c

src/ospstatus.c

src/osptnaudit.c

src/osptnlog.c

src/osptnprobe.c

src/osptoken.c

src/osptokeninfo.c

src/osptrans.c

src/osptransapi.c

src/osptransids.c

src/ospusage.c

src/ospusagecnf.c

src/ospusageind.c

src/osputils.c

src/ospx509.c

src/ospxml.c

src/ospxmlattr.c

src/ospxmlelem.c

src/ospxmlenc.c

src/ospxmlparse.c

src/ospxmltype.c

src/ospxmlutil.c

test

test/Makefile

test/nonblocking.c

test/nonblocking.h

test/syncque.c

test/syncque.h

test/test_app.c

test/test_app.dsp

Show diffs side-by-side

added added

removed removed

src/ospx509.c

/**************************************************************************

*** ***

*** This software is property of TransNexus, Inc. ***

*** This software is freely available under license from TransNexus. ***

*** The license terms and conditions for free use of this software by ***

*** third parties are defined in the OSP Toolkit Software License ***

*** Agreement (LICENSE.txt). Any use of this software by third ***

*** parties, which does not comply with the terms and conditions of the ***

*** OSP Toolkit Software License Agreement is prohibited without ***

*** the prior, express, written consent of TransNexus, Inc. ***

*** ***

*** Thank you for using the OSP ToolKit(TM). Please report any bugs, ***

*** suggestions or feedback to support@transnexus.com ***

*** ***

**************************************************************************/

* ospx509.c - Member functions for X509 Certificate object.

#include "osp/osp.h"

#include "osp/ospasn1.h"

#include "osp/osppkcs1.h"

#include "osp/ospx509.h"

#include "osp/ospx500.h"

#include "osp/osptnlog.h"

#include "osp/ospostime.h"

#include "osp/ospcrypto.h"

/* ---------------------------------------------------------*/

/* Member functions */

/* ---------------------------------------------------------*/

#define PROVIDERDOMAIN "transnexus.com"

#define PROVIDERINFO "transnexus.com %ld %ld"

int

OSPPX509CertGetCustDeviceId(

OSPTASN1OBJECT *ospvCertificate,

unsigned long *ospvCustomerId,

unsigned long *ospvDeviceId)

{

int errorcode = OSPC_ERR_NO_ERROR;

OSPTASN1ELEMENTINFO *eInfo = OSPC_OSNULL;

char *domainName = PROVIDERDOMAIN;

unsigned domainNameLength = sizeof(PROVIDERDOMAIN)-1;

unsigned dataLength = 0;

char *data = OSPC_OSNULL;

char *cptr = OSPC_OSNULL;

char *lcptr = OSPC_OSNULL;

char *pname = OSPC_OSNULL;

char *value = OSPC_OSNULL;

*ospvCustomerId = 0;

*ospvDeviceId = 0;

/* Get the subject element */

errorcode = OSPPX509CertTestContext(ospvCertificate);

if (errorcode == OSPC_ERR_NO_ERROR)

{

/* Get pointer to parse result that is head of subject name */

errorcode = OSPPASN1ObjectGetElementByDataRef(ospvCertificate, &eInfo,

OSPEDRID_CERT_SUBJECT);

if (errorcode == OSPC_ERR_NO_ERROR)

{

errorcode = OSPPASN1ElementGetElementData(eInfo,

(unsigned char **)&value,&dataLength);

}

if (errorcode == OSPC_ERR_NO_ERROR)

{

OSPM_MALLOC(data, char, dataLength+1);

if (data == OSPC_OSNULL)

{

errorcode = OSPC_ERR_X509_UNABLE_TO_ALLOCATE_SPACE;

OSPM_DBGERRORLOG(errorcode, "Unable to allocate space");

}

if (errorcode == OSPC_ERR_NO_ERROR)

{

OSPM_MEMCPY(data, value, dataLength);

data[dataLength] = '\0';

}

100

101

if (errorcode == OSPC_ERR_NO_ERROR)

102

{

103

/* Search for the string in domainName */

104

for (cptr = data; *cptr; cptr++)

105

{

106

/* Looking for a [ */

107

if (*cptr != '[')

108

{

109

/* Not found */

110

continue;

111

}

112

113

/* Found a [, is it followed by the domain name? */

114

cptr++;

115

if (strncmp(cptr, domainName, domainNameLength))

116

{

117

/* Nope */

118

continue;

119

}

120

121

/* Domain Name Found, we ARE in the parameter OU element */

122

pname = OSPM_STRTOK((char *)cptr, " ", &lcptr); /* Skip domainname */

123

while(pname)

124

{

125

/* Get the next parameter name */

126

pname = OSPM_STRTOK((char *)OSPC_OSNULL, " :]", &lcptr);

127

if (pname == OSPC_OSNULL)

128

{

129

/* Parameter was not found, done */

130

break;

131

}

132

133

/* Have a parameter name, get the value */

134

value = OSPM_STRTOK((char *)OSPC_OSNULL, " :]", &lcptr);

135

if (value == OSPC_OSNULL)

136

{

137

/* Badly formed paramter value pair, done */

138

break;

139

}

140

141

/* We have a parameter and a value - which one? */

142

if (!strncmp(pname, "GWID", 4))

143

{

144

/* Found a gateway id */

145

*ospvDeviceId = atol(value);

146

continue;

147

}

148

149

if (!strncmp(pname, "CSID", 4))

150

{

151

/* Found a customer id */

152

*ospvCustomerId = atol(value);

153

continue;

154

}

155

}

156

157

break;

158

}

159

160

}

161

OSPPASN1ElementDelete(&eInfo, 0);

162

OSPM_FREE(data);

163

164

return errorcode;

165

}

166

167

168

int

169

OSPPX509CertCheckCertificateData(

170

OSPTASN1OBJECT *ospvCertInfo,

171

OSPTASN1OBJECT *ospvSignerPublicKey)

172

{

173

int errorcode = OSPC_ERR_NO_ERROR;

174

175

unsigned char *tbsCertificate = OSPC_OSNULL;

176

unsigned int tbsCertificateLength = 0;

177

OSPTASN1OBJECT *signature = OSPC_OSNULL;

178

/* OSPTASN1OBJECT *publicKey = OSPC_OSNULL; */

179

OSPTASN1OBJECT *certInfo = OSPC_OSNULL;

180

OSPTASN1ELEMENTINFO *elementInfo = OSPC_OSNULL;

181

char currentDate[OSPC_TIMESTRINGSIZE] = "";

182

char notBeforeString[OSPC_TIMESTRINGSIZE] = "";

183

char notAfterString[OSPC_TIMESTRINGSIZE] = "";

184

OSPTTIME currentTime = 0;

185

char *century = OSPC_OSNULL;

186

unsigned char *date = OSPC_OSNULL;

187

unsigned int dateLength = 0;

188

unsigned char *certificate = OSPC_OSNULL;

189

unsigned int certificateLength = 0;

190

191

errorcode = OSPPASN1ObjectGetElementInfo(ospvCertInfo, &elementInfo);

192

193

memset(&notBeforeString,0,sizeof(notBeforeString));

194

memset(&notAfterString,0,sizeof(notAfterString));

195

196

if (errorcode == OSPC_ERR_NO_ERROR)

197

{

198

/* Reparse the certificate */

199

errorcode = OSPPASN1ElementGetElementData(elementInfo,

200

&certificate, &certificateLength);

201

202

if (errorcode == OSPC_ERR_NO_ERROR)

203

{

204

errorcode = OSPPX509CertCreate(certificate, &certInfo);

205

}

206

}

207

208

209

/* To validate the certificate you need to verify the certificate

210

signature using teh TBSCertificate portion of the certificate being

211

validated. You also need to compre the not-before and not-after dates

212

against the current date.

213

214

if (errorcode == OSPC_ERR_NO_ERROR)

215

{

216

/* Check the certificate's signature */

217

if (errorcode == OSPC_ERR_NO_ERROR)

218

{

219

/* Get the "to be signed" part of the certificate */

220

errorcode = OSPPASN1ObjectGetElementByDataRef(certInfo,

221

&elementInfo, OSPEDRID_CERT_TBSCERTIFICATE);

222

223

if (errorcode == OSPC_ERR_NO_ERROR)

224

{

225

errorcode = OSPPASN1ElementGetElementData(elementInfo,

226

&tbsCertificate,

227

&tbsCertificateLength);

228

}

229

}

230

231

if (errorcode == OSPC_ERR_NO_ERROR)

232

{

233

/* Get the signature from certificate */

234

errorcode = OSPPASN1ObjectCopyElementObject(&signature,

235

certInfo, OSPEDRID_CERT_SIGNATURE);

236

}

237

238

if (errorcode == OSPC_ERR_NO_ERROR)

239

{

240

errorcode = OSPPCryptoVerify( signature, ospvSignerPublicKey,

241

tbsCertificate, tbsCertificateLength);

242

}

243

244

OSPM_FREE(tbsCertificate);

245

OSPPASN1ElementDelete(&(signature->ParseResults->ElementInfo),0);

246

OSPPASN1ObjectDelete(&signature);

247

248

/* OSPPASN1ElementDelete(&(publicKey->ParseResults->ElementInfo),0); */

249

/* OSPPASN1ObjectDelete(&publicKey); */

250

}

251

252

if (errorcode == OSPC_ERR_NO_ERROR)

253

{

254

/* Signature must be good. Check validity dates */

255

256

/* Get the current time - don't need milliseconds */

257

errorcode = OSPPOSTimeGetTime(&currentTime,

258

(unsigned int *)OSPC_OSNULL);

259

260

if (errorcode == OSPC_ERR_NO_ERROR)

261

{

262

/* Format the current time in YYYYMMDDhhmmssZ format */

263

errorcode = OSPPOSTimeFormatGMTTime(currentTime, "%Y%m%d%H%M%SZ",

264

currentDate);

265

}

266

267

if (errorcode == OSPC_ERR_NO_ERROR)

268

{

269

if(elementInfo)

270

{

271

OSPM_FREE(elementInfo);

272

}

273

/* Get the Not before time from the certificate */

274

errorcode = OSPPASN1ObjectGetElementByDataRef(certInfo,

275

&elementInfo, OSPEDRID_CERT_NOTBEFORE);

276

277

if (errorcode == OSPC_ERR_NO_ERROR)

278

{

279

errorcode = OSPPASN1ElementGetContentData(elementInfo,

280

&date, &dateLength);

281

if (errorcode == OSPC_ERR_NO_ERROR)

282

{

283

if (dateLength != 13)

284

{

285

errorcode = OSPC_ERR_X509_INVALID_DATE;

286

OSPM_DBGERRORLOG(errorcode,

287

"Date is not 13 characters long");

288

}

289

else

290

{

291

/* Format the not before date */

292

century = (OSPM_MEMCMP(date, "49", 2) > 0)? "19" : "20";

293

OSPM_STRCPY(notBeforeString,century);

294

OSPM_STRNCAT(notBeforeString,(char *)date,13);

295

/*OSPM_SPRINTF(notBeforeString,"%s%13s.13s", century, date);*/

296

}

297

}

298

}

299

}

300

301

if (errorcode == OSPC_ERR_NO_ERROR)

302

{

303

if(elementInfo) /* !!! PS */

304

{

305

OSPM_FREE(elementInfo->Element);

306

elementInfo->ElementLength = 0;

307

OSPM_FREE(elementInfo);

308

}

309

/* Get the Not after time from the certificate */

310

errorcode = OSPPASN1ObjectGetElementByDataRef( certInfo,

311

&elementInfo, OSPEDRID_CERT_NOTAFTER);

312

313

if (errorcode == OSPC_ERR_NO_ERROR)

314

{

315

errorcode = OSPPASN1ElementGetContentData(elementInfo,

316

&date, &dateLength);

317

if (errorcode == OSPC_ERR_NO_ERROR)

318

{

319

if (dateLength != 13)

320

{

321

errorcode = OSPC_ERR_X509_INVALID_DATE;

322

OSPM_DBGERRORLOG(errorcode,

323

"Date is not 13 characters long");

324

}

325

else

326

{

327

/* Format the not after date */

328

century = (OSPM_MEMCMP(date, "49", 2) > 0)? "19" : "20";

329

OSPM_STRCPY(notAfterString,century);

330

OSPM_STRNCAT(notAfterString,(char *)date,13);

331

/*OSPM_SPRINTF(notAfterString,"%s%13s.13s", century, date);*/

332

}

333

}

334

}

335

if(elementInfo) /* !!! PS */

336

{

337

OSPM_FREE(elementInfo->Element);

338

elementInfo->ElementLength = 0;

339

OSPM_FREE(elementInfo);

340

}

341

}

342

343

if (errorcode == OSPC_ERR_NO_ERROR)

344

{

345

/* At this time, Only UTC times are supported. Format is

346

YYMMDDHHMMSSZ. Accorting to X509, if YY is less than 50, then the

347

century is 2000. If date is greater than 50, century is 1900.

348

After 2050, generalized time will be used (not supported), and that

349

will eliminate the problem since centurey is explicit in date. */

350

351

if ((OSPM_MEMCMP(currentDate,notBeforeString,

352

strlen(currentDate))<0) ||

353

(OSPM_MEMCMP(currentDate,notAfterString,

354

strlen(currentDate))>0))

355

{

356

errorcode = OSPC_ERR_X509_CERTIFICATE_EXPIRED;

357

#ifdef IGNOREOUTOFDATEERR

358

errorcode = OSPC_ERR_NOERROR;

359

#endif

360

OSPM_DBGERRORLOG(errorcode,

361

"Current date is outside certificate validity dates");

362

}

363

}

364

}

365

366

OSPPASN1ObjectDelete(&certInfo);

367

return errorcode;

368

} /* OSPPX509CertCheckCertificateData */

369

370

371

372

int

373

OSPPX509CertValidateCertificate(

374

OSPTASN1OBJECT *ospvTestCertificate,

375

OSPTASN1OBJECT *ospvAuthorityCertificates[],

376

unsigned int ospvNumberOfAuthorityCertificates,

377

int *ospvParentCertificateIndex)

378

{

379

int errorcode = OSPC_ERR_NO_ERROR;

380

OSPTASN1OBJECT *publicKey = OSPC_OSNULL;

381

unsigned int i = 0;

382

383

384

/* Loop through Authority Certificates to find issuer for testCert */

385

for (i = 0;

386

(errorcode == OSPC_ERR_NO_ERROR || errorcode == OSPC_ERR_X509_CA_NOT_FOUND) &&

387

(i < ospvNumberOfAuthorityCertificates); i ++)

388

{

389

/* Test ca certificate against test certificate */

390

errorcode = OSPPX509CertIsParentCertificate(

391

ospvAuthorityCertificates[i],

392

ospvTestCertificate);

393

394

if (errorcode != OSPC_ERR_X509_CA_NOT_FOUND)

395

{

396

/* Found the ca for the test certificate or a serious error */

397

break;

398

}

399

400

}

401

402

if (errorcode == OSPC_ERR_NO_ERROR)

403

{

404

/* Get the public key from certificate */

405

errorcode = OSPPASN1ObjectCopyElementObject(&publicKey,

406

ospvAuthorityCertificates[i],

407

OSPEDRID_CERT_SUBJPUBKEYINFO);

408

}

409

410

if (errorcode == OSPC_ERR_NO_ERROR)

411

{

412

/* Check the test certificate to see if it is signed/not expired */

413

errorcode = OSPPX509CertCheckCertificateData(ospvTestCertificate,

414

publicKey);

415

}

416

417

if (errorcode == OSPC_ERR_NO_ERROR)

418

{

419

/* Is authority certificate self signed? */

420

if (OSPPX509CertIsParentCertificate(ospvAuthorityCertificates[i],

421

ospvAuthorityCertificates[i]))

422

{

423

/* Yes - is is a Self Signed Certificate */

424

/* Check ca certificate (self signed) to make sure it is valid */

425

errorcode = OSPPX509CertCheckCertificateData(

426

ospvAuthorityCertificates[i],

427

publicKey);

428

}

429

else

430

{

431

432

/* Nope, not self signed - continue down chain or return index

433

of ca certificate */

434

if (ospvParentCertificateIndex == OSPC_OSNULL)

435

{

436

/* Validate Certificate Chain */

437

errorcode = OSPPX509CertValidateCertificate(

438

ospvAuthorityCertificates[i],

439

ospvAuthorityCertificates,

440

ospvNumberOfAuthorityCertificates,

441

OSPC_OSNULL);

442

}

443

}

444

}

445

if(OSPC_OSNULL!=publicKey) /* !!! PS */

446

{

447

OSPPASN1ElementDelete(&(publicKey->ParseResults->ElementInfo),0);

448

OSPPASN1ObjectDelete(&publicKey);

449

}

450

451

452

if (errorcode == OSPC_ERR_NO_ERROR)

453

{

454

/* If supposed to return index, then set it here */

455

if (ospvParentCertificateIndex != OSPC_OSNULL)

456

{

457

*ospvParentCertificateIndex = i;

458

}

459

}

460

461

return errorcode;

462

}

463

464

int

465

OSPPX509CertIsParentCertificate(

466

OSPTASN1OBJECT *ospvParentCertificate,

467

OSPTASN1OBJECT *ospvTestCertificate)

468

{

469

int errorcode = OSPC_ERR_NO_ERROR;

470

OSPTASN1OBJECT *parentCertInfo = OSPC_OSNULL;

471

OSPTASN1OBJECT *testCertInfo = OSPC_OSNULL;

472

OSPTASN1ELEMENTINFO *elementInfo1 = OSPC_OSNULL; /* !!! PS */

473

OSPTASN1ELEMENTINFO *elementInfo2 = OSPC_OSNULL; /* !!! PS */

474

unsigned char *certificate = OSPC_OSNULL;

475

unsigned int certificateLength = 0;

476

unsigned char *subjectName = OSPC_OSNULL;

477

unsigned int subjectNameLength = 0;

478

unsigned char *issuerName = OSPC_OSNULL;

479

unsigned int issuerNameLength = 0;

480

481

/* Reparse the superior certificate */

482

errorcode = OSPPASN1ObjectGetElementInfo(ospvParentCertificate,

483

&elementInfo1);

484

485

if (errorcode == OSPC_ERR_NO_ERROR)

486

{

487

/* Reparse the certificate */

488

errorcode = OSPPASN1ElementGetElementData(elementInfo1,

489

&certificate, &certificateLength);

490

491

if (errorcode == OSPC_ERR_NO_ERROR)

492

{

493

errorcode = OSPPX509CertCreate(certificate, &parentCertInfo);

494

}

495

496

/* Reparse the test certificate */

497

if (errorcode == OSPC_ERR_NO_ERROR)

498

{

499

errorcode = OSPPASN1ObjectGetElementInfo(ospvTestCertificate,

500

&elementInfo1);

501

}

502

503

if (errorcode == OSPC_ERR_NO_ERROR)

504

{

505

/* Reparse the certificate */

506

errorcode = OSPPASN1ElementGetElementData(elementInfo1,

507

&certificate, &certificateLength);

508

509

if (errorcode == OSPC_ERR_NO_ERROR)

510

{

511

errorcode = OSPPX509CertCreate(certificate, &testCertInfo);

512

}

513

}

514

}

515

516

if (errorcode == OSPC_ERR_NO_ERROR)

517

{

518

/* Get the parent certificate subject name */

519

errorcode = OSPPASN1ObjectGetElementByDataRef(parentCertInfo,

520

&elementInfo1,

521

OSPEDRID_CERT_SUBJECT);

522

if (errorcode == OSPC_ERR_NO_ERROR)

523

{

524

errorcode = OSPPASN1ElementGetElementData(elementInfo1,

525

&subjectName, &subjectNameLength);

526

527

}

528

}

529

530

if (errorcode == OSPC_ERR_NO_ERROR)

531

{

532

/* Get the test certificate issuer name */

533

errorcode = OSPPASN1ObjectGetElementByDataRef(testCertInfo,

534

&elementInfo2,

535

OSPEDRID_CERT_ISSUER);

536

if (errorcode == OSPC_ERR_NO_ERROR)

537

{

538

errorcode = OSPPASN1ElementGetElementData(elementInfo2,

539

&issuerName, &issuerNameLength);

540

541

}

542

}

543

544

if (errorcode == OSPC_ERR_NO_ERROR)

545

{

546

/* Now we have both Names. For now, assume they are formatted

547

exactly the same on both certificates. Should be able to do a

548

memcmp to make sure they are the same. If there is a possibility of

549

encoding differences (possible?) then it might be necessary to

550

add code to take each name apart and search and compare elements. */

551

552

errorcode = OSPC_ERR_X509_CA_NOT_FOUND;

553

if (issuerNameLength == subjectNameLength)

554

{

555

if (OSPM_MEMCMP(issuerName, subjectName, issuerNameLength) == 0)

556

{

557

errorcode = OSPC_ERR_NO_ERROR;

558

}

559

}

560

}

561

562

if(OSPC_OSNULL!=elementInfo1) /* !!! PS */

563

{

564

OSPPASN1ElementDelete(&elementInfo1,0);

565

}

566

if(OSPC_OSNULL!=elementInfo2) /* !!! PS */

567

{

568

OSPPASN1ElementDelete(&elementInfo2,0);

569

}

570

OSPPASN1ObjectDelete(&parentCertInfo);

571

OSPPASN1ObjectDelete(&testCertInfo);

572

return errorcode;

573

} /* OSPPX509CertIsParentCertificate */

574

575

576

int

577

OSPPX509CertGetCertificate(

578

OSPTASN1OBJECT *ospvCertInfo,

579

unsigned char **ospvCertificate,

580

unsigned int *ospvCertificateLength)

581

{

582

int errorcode = OSPC_ERR_NO_ERROR;

583

OSPTASN1ELEMENTINFO *eInfo = OSPC_OSNULL;

584

585

*ospvCertificate = OSPC_OSNULL;

586

*ospvCertificateLength = 0;

587

588

errorcode = OSPPX509CertGetElement( ospvCertInfo,

589

OSPEDRID_CERTIFICATE,

590

&eInfo);

591

if (eInfo != OSPC_OSNULL)

592

{

593

*ospvCertificate = eInfo->Element;

594

*ospvCertificateLength = eInfo->ElementLength;

595

}

596

597

return errorcode;

598

}

599

600

601

602

int

603

OSPPX509CertGetElement(

604

OSPTASN1OBJECT *ospvCertInfo, /* In - X509 Cert Context */

605

OSPEASN1DATAREFID ospvDataRefId,

606

OSPTASN1ELEMENTINFO **ospvElementInfo)

607

{

608

int errorcode = OSPC_ERR_NO_ERROR;

609

OSPTASN1ELEMENTINFO *foundElement = OSPC_OSNULL;

610

611

errorcode = OSPPX509CertTestContext(ospvCertInfo);

612

if ( errorcode == OSPC_ERR_NO_ERROR)

613

{

614

errorcode = OSPPASN1ElementGet(ospvDataRefId,

615

ospvCertInfo->ParseResults, &foundElement);

616

}

617

618

*ospvElementInfo = foundElement;

619

620

return errorcode;

621

}

622

623

624

int

625

OSPPX509CertTestContext(

626

OSPTASN1OBJECT *ospvCertInfo)

627

{

628

int errorcode = OSPC_ERR_NO_ERROR;

629

630

if (ospvCertInfo == OSPC_OSNULL)

631

{

632

errorcode = OSPC_ERR_X509_INVALID_CONTEXT;

633

OSPM_PRINTTOERR((stderr,"X509 CertInfo context is null pointer\n"));

634

}

635

636

return errorcode;

637

}

638

639

640

641

int

642

OSPPX509CertCreate(

643

unsigned char *ospvEncodedCertificate,

644

OSPTASN1OBJECT **ospvCert)

645

{

646

int errorcode = OSPC_ERR_NO_ERROR;

647

648

OSPM_MALLOC(*ospvCert, OSPTASN1OBJECT, sizeof(OSPTASN1OBJECT));

649

if (*ospvCert == OSPC_OSNULL)

650

{

651

errorcode = OSPC_ERR_CERT_MALLOC_FAILED;

652

OSPM_DBGERRORLOG(errorcode,

653

"malloc of new X509 Certificate failed");

654

}

655

else

656

{

657

OSPM_MEMSET(*ospvCert, 0, sizeof(OSPTASN1OBJECT));

658

}

659

660

if (errorcode == OSPC_ERR_NO_ERROR)

661

{

662

errorcode = OSPPX509CertSetCertificate(*ospvCert,

663

ospvEncodedCertificate);

664

}

665

666

return errorcode;

667

}

668

669

670

int

671

OSPPX509CertSetCertificate(

672

OSPTASN1OBJECT *ospvCert,

673

unsigned char *ospvEncodedCertificate)

674

{

675

int errorcode = OSPC_ERR_NO_ERROR;

676

OSPTASN1ELEMENTINFO *eInfo = OSPC_OSNULL;

677

OSPTASN1PARSERESULT *parseResults = OSPC_OSNULL;

678

679

errorcode = OSPPX509CertTestContext(ospvCert);

680

681

if (errorcode == OSPC_ERR_NO_ERROR)

682

{

683

/* Get rid of the old certificate data */

684

OSPPASN1ElementDelete(&(ospvCert->ElementInfo),0);

685

OSPPASN1ElementParseDelete(&(ospvCert->ParseResults));

686

}

687

688

if (errorcode == OSPC_ERR_NO_ERROR)

689

{

690

errorcode = OSPPASN1ElementDecode(ospvEncodedCertificate, &eInfo, 0);

691

}

692

693

if (errorcode == OSPC_ERR_NO_ERROR)

694

{

695

errorcode = OSPPASN1ElementParse( eInfo, OSPEPTID_CERTIFICATE,

696

OSPC_OSNULL,

697

&parseResults,

698

OSPC_ASN1_DATAREFID_CERTIFICATE);

699

}

700

701

if (errorcode == OSPC_ERR_NO_ERROR)

702

{

703

ospvCert->ElementInfo = eInfo;

704

ospvCert->ParseResults = parseResults;

705

}

706

else

707

{

708

if (eInfo)

709

{

710

OSPPASN1ElementDelete(&eInfo,0);

711

}

712

713

if (parseResults)

714

{

715

PTPResultsDelete(&parseResults);

716

}

717

}

718

719

720

return errorcode;

721

}

722

723

int

724

OSPPX509CertDelete(

725

OSPTASN1OBJECT **ospvCert)

726

{

727

int errorcode = OSPC_ERR_NO_ERROR;

728

729

errorcode = OSPPX509CertTestContext(*ospvCert);

730

if (errorcode == OSPC_ERR_NO_ERROR)

731

{

732

/* Get rid of the old certificate data */

733

OSPPASN1ObjectDelete(ospvCert);

734

}

735

return(errorcode);

736

}

737

Older »