Mercurial > trustbridge
annotate common/certhelp.c @ 1371:23df332b2a4c
(issue179) Read install signature timestamp from config
This also changes the way the sigDt is propgated to the
MainWindow. It no longer uses the settings but hands
it over as a parameter directly.
| author | Andre Heinecke <andre.heinecke@intevation.de> |
|---|---|
| date | Mon, 24 Nov 2014 15:48:49 +0100 |
| parents | 265583011f24 |
| children |
| rev | line source |
|---|---|
| 404 | 1 /* Copyright (C) 2014 by Bundesamt für Sicherheit in der Informationstechnik |
| 2 * Software engineering by Intevation GmbH | |
| 3 * | |
| 4 * This file is Free Software under the GNU GPL (v>=2) | |
| 5 * and comes with ABSOLUTELY NO WARRANTY! | |
| 6 * See LICENSE.txt for details. | |
| 7 */ | |
|
259
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
8 #include <stdlib.h> |
|
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
9 |
|
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
10 #include "certhelp.h" |
| 260 | 11 #include "logging.h" |
|
259
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
12 #include "errorcodes.h" |
|
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
13 #include "strhelp.h" |
|
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
14 |
|
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
15 char * |
|
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
16 get_oid_valstr(x509_name *namebuf, unsigned char *oid) |
|
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
17 { |
|
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
18 char *str = NULL; |
|
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
19 size_t oid_len = strlen((char *)oid); |
|
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
20 while ( namebuf != NULL ) |
|
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
21 { |
|
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
22 if ( (namebuf->oid.len == oid_len) && |
|
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
23 (memcmp(namebuf->oid.p, oid, oid_len) == 0) ) |
|
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
24 { |
|
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
25 str = xstrndup((char *)namebuf->val.p, namebuf->val.len); |
|
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
26 break; |
|
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
27 } |
|
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
28 namebuf = namebuf->next; |
|
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
29 } |
|
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
30 return str; |
|
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
31 } |
|
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
32 |
|
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
33 char * |
|
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
34 x509_parse_subject(unsigned char *derdata, size_t derlen, |
|
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
35 unsigned char *oid) |
|
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
36 { |
|
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
37 x509_crt chain; |
|
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
38 char *str; |
|
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
39 |
|
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
40 x509_crt_init(&chain); |
|
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
41 if (x509_crt_parse_der(&chain, derdata, derlen) != 0) |
|
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
42 { |
|
332
81a205fc651e
Do not exit on error
Andre Heinecke <aheinecke@intevation.de>
parents:
260
diff
changeset
|
43 ERRORPRINTF("Could not parse certificate!\n"); |
|
81a205fc651e
Do not exit on error
Andre Heinecke <aheinecke@intevation.de>
parents:
260
diff
changeset
|
44 return NULL; |
|
259
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
45 } |
|
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
46 else |
|
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
47 { |
|
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
48 str = get_oid_valstr(&(chain.subject), oid); |
|
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
49 x509_crt_free(&chain); |
|
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
50 } |
|
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
51 return str; |
|
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
52 } |
|
1288
265583011f24
(issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
53 |
|
265583011f24
(issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
54 #ifdef WIN32 |
|
265583011f24
(issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
55 PCCERT_CONTEXT |
|
265583011f24
(issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
56 b64_to_cert_context(char *b64_data, size_t b64_size) |
|
265583011f24
(issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
57 { |
|
265583011f24
(issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
58 size_t buf_size = 0; |
|
265583011f24
(issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
59 char *buf = NULL; |
|
265583011f24
(issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
60 PCCERT_CONTEXT pCert = NULL; |
|
265583011f24
(issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
61 int ret = -1; |
|
265583011f24
(issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
62 |
|
265583011f24
(issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
63 ret = str_base64_decode (&buf, &buf_size, b64_data, b64_size); |
|
265583011f24
(issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
64 |
|
265583011f24
(issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
65 if (ret != 0) |
|
265583011f24
(issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
66 { |
|
265583011f24
(issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
67 ERRORPRINTF ("decoding certificate failed\n"); |
|
265583011f24
(issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
68 return NULL; |
|
265583011f24
(issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
69 } |
|
265583011f24
(issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
70 |
|
265583011f24
(issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
71 pCert = CertCreateContext (CERT_STORE_CERTIFICATE_CONTEXT, |
|
265583011f24
(issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
72 X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, |
|
265583011f24
(issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
73 (const PBYTE) buf, |
|
265583011f24
(issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
74 (DWORD) buf_size, |
|
265583011f24
(issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
75 0, |
|
265583011f24
(issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
76 NULL); |
|
265583011f24
(issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
77 free (buf); /* Windows has a copy */ |
|
265583011f24
(issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
78 |
|
265583011f24
(issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
79 if (pCert == NULL) |
|
265583011f24
(issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
80 { |
|
265583011f24
(issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
81 char *error = getLastErrorMsg(); |
|
265583011f24
(issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
82 if (error) |
|
265583011f24
(issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
83 { |
|
265583011f24
(issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
84 ERRORPRINTF ("Failed to create cert context: %s \n", error); |
|
265583011f24
(issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
85 free (error); |
|
265583011f24
(issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
86 } |
|
265583011f24
(issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
87 return NULL; |
|
265583011f24
(issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
88 } |
|
265583011f24
(issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
89 return pCert; |
|
265583011f24
(issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
90 } |
|
265583011f24
(issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
91 #endif |