Mercurial > trustbridge
annotate common/certhelp.c @ 1288:265583011f24
(issue123) Add possibility to open native certificate dialog
This is currently only implemented for windows.
author | Andre Heinecke <andre.heinecke@intevation.de> |
---|---|
date | Mon, 29 Sep 2014 13:12:58 +0200 |
parents | 17e1c8f37d72 |
children |
rev | line source |
---|---|
404 | 1 /* Copyright (C) 2014 by Bundesamt für Sicherheit in der Informationstechnik |
2 * Software engineering by Intevation GmbH | |
3 * | |
4 * This file is Free Software under the GNU GPL (v>=2) | |
5 * and comes with ABSOLUTELY NO WARRANTY! | |
6 * See LICENSE.txt for details. | |
7 */ | |
259
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
8 #include <stdlib.h> |
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
9 |
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
10 #include "certhelp.h" |
260 | 11 #include "logging.h" |
259
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
12 #include "errorcodes.h" |
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
13 #include "strhelp.h" |
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
14 |
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
15 char * |
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
16 get_oid_valstr(x509_name *namebuf, unsigned char *oid) |
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
17 { |
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
18 char *str = NULL; |
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
19 size_t oid_len = strlen((char *)oid); |
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
20 while ( namebuf != NULL ) |
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
21 { |
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
22 if ( (namebuf->oid.len == oid_len) && |
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
23 (memcmp(namebuf->oid.p, oid, oid_len) == 0) ) |
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
24 { |
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
25 str = xstrndup((char *)namebuf->val.p, namebuf->val.len); |
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
26 break; |
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
27 } |
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
28 namebuf = namebuf->next; |
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
29 } |
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
30 return str; |
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
31 } |
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
32 |
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
33 char * |
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
34 x509_parse_subject(unsigned char *derdata, size_t derlen, |
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
35 unsigned char *oid) |
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
36 { |
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
37 x509_crt chain; |
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
38 char *str; |
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
39 |
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
40 x509_crt_init(&chain); |
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
41 if (x509_crt_parse_der(&chain, derdata, derlen) != 0) |
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
42 { |
332
81a205fc651e
Do not exit on error
Andre Heinecke <aheinecke@intevation.de>
parents:
260
diff
changeset
|
43 ERRORPRINTF("Could not parse certificate!\n"); |
81a205fc651e
Do not exit on error
Andre Heinecke <aheinecke@intevation.de>
parents:
260
diff
changeset
|
44 return NULL; |
259
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
45 } |
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
46 else |
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
47 { |
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
48 str = get_oid_valstr(&(chain.subject), oid); |
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
49 x509_crt_free(&chain); |
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
50 } |
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
51 return str; |
20d515604daa
Added new module with helper functions to parse certs.
Sascha Wilde <wilde@intevation.de>
parents:
diff
changeset
|
52 } |
1288
265583011f24
(issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
53 |
265583011f24
(issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
54 #ifdef WIN32 |
265583011f24
(issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
55 PCCERT_CONTEXT |
265583011f24
(issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
56 b64_to_cert_context(char *b64_data, size_t b64_size) |
265583011f24
(issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
57 { |
265583011f24
(issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
58 size_t buf_size = 0; |
265583011f24
(issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
59 char *buf = NULL; |
265583011f24
(issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
60 PCCERT_CONTEXT pCert = NULL; |
265583011f24
(issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
61 int ret = -1; |
265583011f24
(issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
62 |
265583011f24
(issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
63 ret = str_base64_decode (&buf, &buf_size, b64_data, b64_size); |
265583011f24
(issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
64 |
265583011f24
(issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
65 if (ret != 0) |
265583011f24
(issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
66 { |
265583011f24
(issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
67 ERRORPRINTF ("decoding certificate failed\n"); |
265583011f24
(issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
68 return NULL; |
265583011f24
(issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
69 } |
265583011f24
(issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
70 |
265583011f24
(issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
71 pCert = CertCreateContext (CERT_STORE_CERTIFICATE_CONTEXT, |
265583011f24
(issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
72 X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, |
265583011f24
(issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
73 (const PBYTE) buf, |
265583011f24
(issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
74 (DWORD) buf_size, |
265583011f24
(issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
75 0, |
265583011f24
(issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
76 NULL); |
265583011f24
(issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
77 free (buf); /* Windows has a copy */ |
265583011f24
(issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
78 |
265583011f24
(issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
79 if (pCert == NULL) |
265583011f24
(issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
80 { |
265583011f24
(issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
81 char *error = getLastErrorMsg(); |
265583011f24
(issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
82 if (error) |
265583011f24
(issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
83 { |
265583011f24
(issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
84 ERRORPRINTF ("Failed to create cert context: %s \n", error); |
265583011f24
(issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
85 free (error); |
265583011f24
(issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
86 } |
265583011f24
(issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
87 return NULL; |
265583011f24
(issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
88 } |
265583011f24
(issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
89 return pCert; |
265583011f24
(issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
90 } |
265583011f24
(issue123) Add possibility to open native certificate dialog
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
91 #endif |