Mercurial > trustbridge
annotate common/listutil.c @ 1086:93325618ac7b
(issue117) Set verify callback to abort the handshake earlier if the certificate does not match.
author | Andre Heinecke <andre.heinecke@intevation.de> |
---|---|
date | Fri, 12 Sep 2014 13:09:02 +0200 |
parents | edbf5e5e88f4 |
children | fd7d04bb37cb |
rev | line source |
---|---|
404 | 1 /* Copyright (C) 2014 by Bundesamt für Sicherheit in der Informationstechnik |
2 * Software engineering by Intevation GmbH | |
3 * | |
4 * This file is Free Software under the GNU GPL (v>=2) | |
5 * and comes with ABSOLUTELY NO WARRANTY! | |
6 * See LICENSE.txt for details. | |
7 */ | |
4
9849250f50f2
Start implementation of certificatelist parser
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
8 #include "listutil.h" |
9849250f50f2
Start implementation of certificatelist parser
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
9 |
9849250f50f2
Start implementation of certificatelist parser
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
10 #include <stdio.h> |
9849250f50f2
Start implementation of certificatelist parser
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
11 #include <stdlib.h> |
9849250f50f2
Start implementation of certificatelist parser
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
12 #include <errno.h> |
9849250f50f2
Start implementation of certificatelist parser
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
13 #include <fcntl.h> |
9849250f50f2
Start implementation of certificatelist parser
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
14 #include <unistd.h> |
9849250f50f2
Start implementation of certificatelist parser
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
15 #include <sys/types.h> |
9849250f50f2
Start implementation of certificatelist parser
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
16 #include <sys/stat.h> |
7
992c0ec57660
Add unit tests make CertificateList work.
Andre Heinecke <aheinecke@intevation.de>
parents:
4
diff
changeset
|
17 #include <string.h> |
4
9849250f50f2
Start implementation of certificatelist parser
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
18 |
1081
edbf5e5e88f4
(issue118) Extend verify_binary to carry an open file
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
19 #ifdef WIN32 |
edbf5e5e88f4
(issue118) Extend verify_binary to carry an open file
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
20 #include <share.h> |
edbf5e5e88f4
(issue118) Extend verify_binary to carry an open file
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
21 #endif |
edbf5e5e88f4
(issue118) Extend verify_binary to carry an open file
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
22 |
286
881ce5126f07
Add helper function to get all certificates in a list
Andre Heinecke <aheinecke@intevation.de>
parents:
178
diff
changeset
|
23 #include "strhelp.h" |
630
aa48ea7ead1f
Include logging in listutil (fixes linux build)
Andre Heinecke <andre.heinecke@intevation.de>
parents:
626
diff
changeset
|
24 #include "logging.h" |
286
881ce5126f07
Add helper function to get all certificates in a list
Andre Heinecke <aheinecke@intevation.de>
parents:
178
diff
changeset
|
25 |
359
f6ce186cebc2
If DO_RELEASE_BUILD is set use pubkey-release and test with it
Andre Heinecke <andre.heinecke@intevation.de>
parents:
292
diff
changeset
|
26 #ifdef RELEASE_BUILD |
28
e783fd99a9eb
Add public key parsing
Andre Heinecke <aheinecke@intevation.de>
parents:
22
diff
changeset
|
27 #include "pubkey-release.h" |
e783fd99a9eb
Add public key parsing
Andre Heinecke <aheinecke@intevation.de>
parents:
22
diff
changeset
|
28 #else |
e783fd99a9eb
Add public key parsing
Andre Heinecke <aheinecke@intevation.de>
parents:
22
diff
changeset
|
29 #include "pubkey-test.h" |
e783fd99a9eb
Add public key parsing
Andre Heinecke <aheinecke@intevation.de>
parents:
22
diff
changeset
|
30 #endif |
e783fd99a9eb
Add public key parsing
Andre Heinecke <aheinecke@intevation.de>
parents:
22
diff
changeset
|
31 |
e783fd99a9eb
Add public key parsing
Andre Heinecke <aheinecke@intevation.de>
parents:
22
diff
changeset
|
32 #pragma GCC diagnostic ignored "-Wconversion" |
e783fd99a9eb
Add public key parsing
Andre Heinecke <aheinecke@intevation.de>
parents:
22
diff
changeset
|
33 /* Polarssl mh.h contains a conversion which gcc warns about */ |
e783fd99a9eb
Add public key parsing
Andre Heinecke <aheinecke@intevation.de>
parents:
22
diff
changeset
|
34 #include <polarssl/pk.h> |
31
37fc66967517
Implement signature verification wiht polarssl
Andre Heinecke <aheinecke@intevation.de>
parents:
28
diff
changeset
|
35 #include <polarssl/base64.h> |
37fc66967517
Implement signature verification wiht polarssl
Andre Heinecke <aheinecke@intevation.de>
parents:
28
diff
changeset
|
36 #include <polarssl/sha256.h> |
28
e783fd99a9eb
Add public key parsing
Andre Heinecke <aheinecke@intevation.de>
parents:
22
diff
changeset
|
37 #pragma GCC diagnostic pop |
e783fd99a9eb
Add public key parsing
Andre Heinecke <aheinecke@intevation.de>
parents:
22
diff
changeset
|
38 |
178
b0579d4fa186
Made macro MAX_FILESIZE saver with brackets. A perror debugging line.
Bernhard Reiter <bernhard@intevation.de>
parents:
93
diff
changeset
|
39 #define MAX_FILESIZE (MAX_LINE_LENGTH * MAX_LINES) |
4
9849250f50f2
Start implementation of certificatelist parser
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
40 |
31
37fc66967517
Implement signature verification wiht polarssl
Andre Heinecke <aheinecke@intevation.de>
parents:
28
diff
changeset
|
41 #define READ_FILE_UNREADABLE -1 |
37fc66967517
Implement signature verification wiht polarssl
Andre Heinecke <aheinecke@intevation.de>
parents:
28
diff
changeset
|
42 #define READ_FILE_TOO_LARGE -2 |
37fc66967517
Implement signature verification wiht polarssl
Andre Heinecke <aheinecke@intevation.de>
parents:
28
diff
changeset
|
43 #define READ_FILE_NO_MEMORY -3 |
37fc66967517
Implement signature verification wiht polarssl
Andre Heinecke <aheinecke@intevation.de>
parents:
28
diff
changeset
|
44 #define READ_FILE_READ_FAILED -4 |
86
6f1a73575c99
Check input parameters
Andre Heinecke <aheinecke@intevation.de>
parents:
68
diff
changeset
|
45 #define READ_FILE_INVALID_CALL -5 |
769
44257ecdae6d
Make Read File public
Andre Heinecke <andre.heinecke@intevation.de>
parents:
630
diff
changeset
|
46 int |
44257ecdae6d
Make Read File public
Andre Heinecke <andre.heinecke@intevation.de>
parents:
630
diff
changeset
|
47 read_file(const char *file_name, char **data, size_t *size, |
1081
edbf5e5e88f4
(issue118) Extend verify_binary to carry an open file
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
48 const size_t max_size, FILE **fptr) |
4
9849250f50f2
Start implementation of certificatelist parser
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
49 { |
905
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
50 FILE *f; |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
51 long file_size; |
86
6f1a73575c99
Check input parameters
Andre Heinecke <aheinecke@intevation.de>
parents:
68
diff
changeset
|
52 |
905
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
53 if (!file_name || !data || !size || !max_size) |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
54 { |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
55 return READ_FILE_INVALID_CALL; |
4
9849250f50f2
Start implementation of certificatelist parser
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
56 } |
1081
edbf5e5e88f4
(issue118) Extend verify_binary to carry an open file
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
57 #ifdef WIN32 |
edbf5e5e88f4
(issue118) Extend verify_binary to carry an open file
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
58 { |
edbf5e5e88f4
(issue118) Extend verify_binary to carry an open file
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
59 wchar_t *wFilename = utf8_to_wchar(file_name, strlen(file_name)); |
edbf5e5e88f4
(issue118) Extend verify_binary to carry an open file
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
60 if (!wFilename) |
edbf5e5e88f4
(issue118) Extend verify_binary to carry an open file
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
61 { |
edbf5e5e88f4
(issue118) Extend verify_binary to carry an open file
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
62 return READ_FILE_UNREADABLE; |
edbf5e5e88f4
(issue118) Extend verify_binary to carry an open file
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
63 } |
edbf5e5e88f4
(issue118) Extend verify_binary to carry an open file
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
64 /* We open and write protect the file here so that |
edbf5e5e88f4
(issue118) Extend verify_binary to carry an open file
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
65 as long as the file is open we can be sure that |
edbf5e5e88f4
(issue118) Extend verify_binary to carry an open file
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
66 it was not modified and can use it in subsequent |
edbf5e5e88f4
(issue118) Extend verify_binary to carry an open file
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
67 calls based on the filename. */ |
edbf5e5e88f4
(issue118) Extend verify_binary to carry an open file
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
68 f = _wfsopen(wFilename, L"rb", _SH_DENYWR); |
edbf5e5e88f4
(issue118) Extend verify_binary to carry an open file
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
69 xfree(wFilename); |
edbf5e5e88f4
(issue118) Extend verify_binary to carry an open file
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
70 } |
edbf5e5e88f4
(issue118) Extend verify_binary to carry an open file
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
71 #else |
905
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
72 f = fopen(file_name, "rb"); |
1081
edbf5e5e88f4
(issue118) Extend verify_binary to carry an open file
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
73 #endif |
905
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
74 if (f == NULL) |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
75 return READ_FILE_UNREADABLE; |
4
9849250f50f2
Start implementation of certificatelist parser
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
76 |
905
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
77 fseek(f, 0, SEEK_END); |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
78 file_size = ftell(f); |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
79 if (file_size <= 0) |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
80 { |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
81 fclose(f); |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
82 return READ_FILE_UNREADABLE; |
38
fc6241283474
Fix resource leak when file too large
Andre Heinecke <aheinecke@intevation.de>
parents:
31
diff
changeset
|
83 } |
31
37fc66967517
Implement signature verification wiht polarssl
Andre Heinecke <aheinecke@intevation.de>
parents:
28
diff
changeset
|
84 |
905
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
85 fseek(f, 0, SEEK_SET); |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
86 |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
87 if (file_size + 1 == 0) |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
88 { |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
89 fclose(f); |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
90 return READ_FILE_TOO_LARGE; |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
91 } |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
92 *size = (size_t) file_size; |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
93 |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
94 if (*size > max_size) |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
95 { |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
96 fclose(f); |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
97 return READ_FILE_TOO_LARGE; |
4
9849250f50f2
Start implementation of certificatelist parser
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
98 } |
9849250f50f2
Start implementation of certificatelist parser
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
99 |
905
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
100 *data = (char *) malloc( *size + 1 ); |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
101 if (*data == NULL) |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
102 { |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
103 fclose(f); |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
104 return READ_FILE_NO_MEMORY; |
4
9849250f50f2
Start implementation of certificatelist parser
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
105 } |
9849250f50f2
Start implementation of certificatelist parser
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
106 |
905
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
107 if (fread(*data, 1, *size, f) != *size) |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
108 { |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
109 free(*data); |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
110 fclose(f); |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
111 return READ_FILE_READ_FAILED; |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
112 } |
4
9849250f50f2
Start implementation of certificatelist parser
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
113 |
1081
edbf5e5e88f4
(issue118) Extend verify_binary to carry an open file
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
114 if (fptr) |
edbf5e5e88f4
(issue118) Extend verify_binary to carry an open file
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
115 { |
edbf5e5e88f4
(issue118) Extend verify_binary to carry an open file
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
116 *fptr = f; |
edbf5e5e88f4
(issue118) Extend verify_binary to carry an open file
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
117 } |
edbf5e5e88f4
(issue118) Extend verify_binary to carry an open file
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
118 else |
edbf5e5e88f4
(issue118) Extend verify_binary to carry an open file
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
119 { |
edbf5e5e88f4
(issue118) Extend verify_binary to carry an open file
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
120 fclose(f); |
edbf5e5e88f4
(issue118) Extend verify_binary to carry an open file
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
121 } |
4
9849250f50f2
Start implementation of certificatelist parser
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
122 |
905
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
123 (*data)[*size] = '\0'; |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
124 |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
125 return 0; |
4
9849250f50f2
Start implementation of certificatelist parser
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
126 } |
9849250f50f2
Start implementation of certificatelist parser
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
127 |
68
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
66
diff
changeset
|
128 int verify_list(const char *data, const size_t size) |
4
9849250f50f2
Start implementation of certificatelist parser
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
129 { |
905
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
130 int ret = -1; |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
131 pk_context pub_key_ctx; |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
132 char *p; |
770
7861950f7637
Make RSA Keysize definiable
Andre Heinecke <andre.heinecke@intevation.de>
parents:
769
diff
changeset
|
133 |
905
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
134 /* Modulus / 8 are the necessary bytes. */ |
770
7861950f7637
Make RSA Keysize definiable
Andre Heinecke <andre.heinecke@intevation.de>
parents:
769
diff
changeset
|
135 #ifndef TRUSTBRIDGE_RSA_KEY_SIZE |
7861950f7637
Make RSA Keysize definiable
Andre Heinecke <andre.heinecke@intevation.de>
parents:
769
diff
changeset
|
136 # error "Key size undefined" |
7861950f7637
Make RSA Keysize definiable
Andre Heinecke <andre.heinecke@intevation.de>
parents:
769
diff
changeset
|
137 #endif |
905
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
138 const size_t sig_b64_size = TRUSTBRIDGE_RSA_KEY_SIZE / 8 * 4 / 3; |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
139 size_t sig_size = TRUSTBRIDGE_RSA_KEY_SIZE / 8; |
31
37fc66967517
Implement signature verification wiht polarssl
Andre Heinecke <aheinecke@intevation.de>
parents:
28
diff
changeset
|
140 |
905
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
141 char signature_b64[sig_b64_size + 1]; |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
142 unsigned char signature[sig_size]; |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
143 /* Hash algroithm is sha256 */ |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
144 unsigned char hash[32]; |
31
37fc66967517
Implement signature verification wiht polarssl
Andre Heinecke <aheinecke@intevation.de>
parents:
28
diff
changeset
|
145 |
905
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
146 if (!data || !size) |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
147 { |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
148 return -1; |
93
0798b9e35725
Check parameters in verify list
Andre Heinecke <aheinecke@intevation.de>
parents:
92
diff
changeset
|
149 } |
0798b9e35725
Check parameters in verify list
Andre Heinecke <aheinecke@intevation.de>
parents:
92
diff
changeset
|
150 |
905
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
151 /* Fetch the signature from the first line od data */ |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
152 p = strchr(data, '\r'); |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
153 if (p == 0 || (unsigned int)(p - (data + 2)) != sig_b64_size) |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
154 { |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
155 /* printf("Invalid data. Signature might be too long.\n"); */ |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
156 return -1; |
31
37fc66967517
Implement signature verification wiht polarssl
Andre Heinecke <aheinecke@intevation.de>
parents:
28
diff
changeset
|
157 } |
905
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
158 strncpy(signature_b64, data + 2, sig_b64_size); |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
159 signature_b64[sig_b64_size] = '\0'; |
31
37fc66967517
Implement signature verification wiht polarssl
Andre Heinecke <aheinecke@intevation.de>
parents:
28
diff
changeset
|
160 |
905
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
161 ret = base64_decode(signature, &sig_size, |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
162 (unsigned char *)signature_b64, sig_b64_size); |
31
37fc66967517
Implement signature verification wiht polarssl
Andre Heinecke <aheinecke@intevation.de>
parents:
28
diff
changeset
|
163 |
905
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
164 if (ret != 0 || sig_size != TRUSTBRIDGE_RSA_KEY_SIZE / 8) |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
165 { |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
166 /* printf("failed to decode signature\n"); */ |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
167 return -1; |
31
37fc66967517
Implement signature verification wiht polarssl
Andre Heinecke <aheinecke@intevation.de>
parents:
28
diff
changeset
|
168 } |
37fc66967517
Implement signature verification wiht polarssl
Andre Heinecke <aheinecke@intevation.de>
parents:
28
diff
changeset
|
169 |
905
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
170 /* Hash is calculated over the data without the first line. |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
171 * linebreaks are \r\n so the first char of the new line is |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
172 * p+2 */ |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
173 p += 2; |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
174 /* Size of the data to hash is the size - signature line |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
175 * signature line is sig_b64_size - "S:" and - "\r\n" so -4*/ |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
176 sha256((unsigned char *)p, size - sig_b64_size - 4, hash, 0); |
28
e783fd99a9eb
Add public key parsing
Andre Heinecke <aheinecke@intevation.de>
parents:
22
diff
changeset
|
177 |
905
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
178 pk_init(&pub_key_ctx); |
28
e783fd99a9eb
Add public key parsing
Andre Heinecke <aheinecke@intevation.de>
parents:
22
diff
changeset
|
179 |
905
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
180 ret = pk_parse_public_key(&pub_key_ctx, public_key_pem, |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
181 public_key_pem_size); |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
182 if (ret != 0) |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
183 { |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
184 ERRORPRINTF ("pk_parse_public_key failed with -0x%04x\n\n", -ret); |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
185 pk_free(&pub_key_ctx); |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
186 return ret; |
28
e783fd99a9eb
Add public key parsing
Andre Heinecke <aheinecke@intevation.de>
parents:
22
diff
changeset
|
187 } |
e783fd99a9eb
Add public key parsing
Andre Heinecke <aheinecke@intevation.de>
parents:
22
diff
changeset
|
188 |
905
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
189 ret = pk_verify(&pub_key_ctx, POLARSSL_MD_SHA256, hash, 0, |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
190 signature, sig_size); |
31
37fc66967517
Implement signature verification wiht polarssl
Andre Heinecke <aheinecke@intevation.de>
parents:
28
diff
changeset
|
191 |
905
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
192 if (ret != 0) |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
193 { |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
194 ERRORPRINTF ("pk_verify failed with -0x%04x\n\n", -ret); |
31
37fc66967517
Implement signature verification wiht polarssl
Andre Heinecke <aheinecke@intevation.de>
parents:
28
diff
changeset
|
195 } |
905
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
196 pk_free(&pub_key_ctx); |
31
37fc66967517
Implement signature verification wiht polarssl
Andre Heinecke <aheinecke@intevation.de>
parents:
28
diff
changeset
|
197 |
905
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
198 return ret; |
28
e783fd99a9eb
Add public key parsing
Andre Heinecke <aheinecke@intevation.de>
parents:
22
diff
changeset
|
199 } |
e783fd99a9eb
Add public key parsing
Andre Heinecke <aheinecke@intevation.de>
parents:
22
diff
changeset
|
200 |
e783fd99a9eb
Add public key parsing
Andre Heinecke <aheinecke@intevation.de>
parents:
22
diff
changeset
|
201 list_status_t read_and_verify_list(const char *file_name, char **data, |
e783fd99a9eb
Add public key parsing
Andre Heinecke <aheinecke@intevation.de>
parents:
22
diff
changeset
|
202 size_t *size) |
e783fd99a9eb
Add public key parsing
Andre Heinecke <aheinecke@intevation.de>
parents:
22
diff
changeset
|
203 { |
905
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
204 list_status_t retval = UnknownError; |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
205 *data = NULL; |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
206 *size = 0; |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
207 int ret = 0; |
4
9849250f50f2
Start implementation of certificatelist parser
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
208 |
1081
edbf5e5e88f4
(issue118) Extend verify_binary to carry an open file
Andre Heinecke <andre.heinecke@intevation.de>
parents:
905
diff
changeset
|
209 ret = read_file(file_name, data, size, MAX_FILESIZE, NULL); |
905
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
210 |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
211 /* printf ("Ret: %i \n", ret); */ |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
212 if (ret != 0) |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
213 { |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
214 if (ret == READ_FILE_TOO_LARGE) |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
215 { |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
216 return TooLarge; |
31
37fc66967517
Implement signature verification wiht polarssl
Andre Heinecke <aheinecke@intevation.de>
parents:
28
diff
changeset
|
217 } |
905
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
218 if (ret == READ_FILE_UNREADABLE) |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
219 { |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
220 /* TODO: work with errno ? */ |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
221 /* errsv = errno; */ |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
222 /* perror("read_and_verify_list(), READ_FILE_UNREADABLE:"); */ |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
223 return SeekFailed; |
31
37fc66967517
Implement signature verification wiht polarssl
Andre Heinecke <aheinecke@intevation.de>
parents:
28
diff
changeset
|
224 } |
905
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
225 if (ret == READ_FILE_READ_FAILED) |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
226 { |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
227 /* TODO: work with ferror() or feof() ? */ |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
228 return ReadFailed; |
31
37fc66967517
Implement signature verification wiht polarssl
Andre Heinecke <aheinecke@intevation.de>
parents:
28
diff
changeset
|
229 } |
905
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
230 return UnknownError; |
4
9849250f50f2
Start implementation of certificatelist parser
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
231 } |
9849250f50f2
Start implementation of certificatelist parser
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
232 |
905
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
233 if (!*data || !*size) |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
234 { |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
235 /* File is probably empty */ |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
236 return UnknownError; |
4
9849250f50f2
Start implementation of certificatelist parser
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
237 } |
9849250f50f2
Start implementation of certificatelist parser
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
238 |
905
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
239 if (**data != 'S') |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
240 { |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
241 retval = InvalidFormat; |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
242 } |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
243 else |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
244 { |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
245 ret = verify_list (*data, *size); |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
246 if (ret == 0) |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
247 { |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
248 /* Hooray */ |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
249 return Valid; |
31
37fc66967517
Implement signature verification wiht polarssl
Andre Heinecke <aheinecke@intevation.de>
parents:
28
diff
changeset
|
250 } |
905
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
251 if (ret == -1) |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
252 { |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
253 /* our error */ |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
254 retval = InvalidFormat; |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
255 } |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
256 else |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
257 { |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
258 retval = InvalidSignature; |
31
37fc66967517
Implement signature verification wiht polarssl
Andre Heinecke <aheinecke@intevation.de>
parents:
28
diff
changeset
|
259 } |
37fc66967517
Implement signature verification wiht polarssl
Andre Heinecke <aheinecke@intevation.de>
parents:
28
diff
changeset
|
260 } |
9
2ad9a96518e3
Actually parse all elements in the list
Andre Heinecke <aheinecke@intevation.de>
parents:
7
diff
changeset
|
261 |
905
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
262 if (retval != Valid && *data) |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
263 { |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
264 free(*data); |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
265 *data = NULL; |
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
266 *size = 0; |
4
9849250f50f2
Start implementation of certificatelist parser
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
267 } |
905
698b6a9bd75e
Fix coding style for C code
Andre Heinecke <andre.heinecke@intevation.de>
parents:
770
diff
changeset
|
268 return retval; |
4
9849250f50f2
Start implementation of certificatelist parser
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
269 } |
9849250f50f2
Start implementation of certificatelist parser
Andre Heinecke <aheinecke@intevation.de>
parents:
diff
changeset
|
270 |
286
881ce5126f07
Add helper function to get all certificates in a list
Andre Heinecke <aheinecke@intevation.de>
parents:
178
diff
changeset
|
271 char ** |
881ce5126f07
Add helper function to get all certificates in a list
Andre Heinecke <aheinecke@intevation.de>
parents:
178
diff
changeset
|
272 get_certs_from_list (char *data, const size_t size) |
881ce5126f07
Add helper function to get all certificates in a list
Andre Heinecke <aheinecke@intevation.de>
parents:
178
diff
changeset
|
273 { |
881ce5126f07
Add helper function to get all certificates in a list
Andre Heinecke <aheinecke@intevation.de>
parents:
178
diff
changeset
|
274 char *cur = data; |
881ce5126f07
Add helper function to get all certificates in a list
Andre Heinecke <aheinecke@intevation.de>
parents:
178
diff
changeset
|
275 char **retval = NULL; |
68
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
66
diff
changeset
|
276 |
286
881ce5126f07
Add helper function to get all certificates in a list
Andre Heinecke <aheinecke@intevation.de>
parents:
178
diff
changeset
|
277 if (!data || !size) |
881ce5126f07
Add helper function to get all certificates in a list
Andre Heinecke <aheinecke@intevation.de>
parents:
178
diff
changeset
|
278 { |
626
f595fcbe3e76
Replace "normal printfs" with DEBUG / ERROR printf macros
Andre Heinecke <andre.heinecke@intevation.de>
parents:
404
diff
changeset
|
279 ERRORPRINTF ("Invalid call to get_certs_to_remove \n"); |
286
881ce5126f07
Add helper function to get all certificates in a list
Andre Heinecke <aheinecke@intevation.de>
parents:
178
diff
changeset
|
280 return NULL; |
68
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
66
diff
changeset
|
281 } |
286
881ce5126f07
Add helper function to get all certificates in a list
Andre Heinecke <aheinecke@intevation.de>
parents:
178
diff
changeset
|
282 |
881ce5126f07
Add helper function to get all certificates in a list
Andre Heinecke <aheinecke@intevation.de>
parents:
178
diff
changeset
|
283 while (cur) |
881ce5126f07
Add helper function to get all certificates in a list
Andre Heinecke <aheinecke@intevation.de>
parents:
178
diff
changeset
|
284 { |
881ce5126f07
Add helper function to get all certificates in a list
Andre Heinecke <aheinecke@intevation.de>
parents:
178
diff
changeset
|
285 char *next = strchr(cur, '\n'); |
881ce5126f07
Add helper function to get all certificates in a list
Andre Heinecke <aheinecke@intevation.de>
parents:
178
diff
changeset
|
286 if (strlen(cur) > 3 && (cur[0] == 'I' || cur[0] == 'R') && |
881ce5126f07
Add helper function to get all certificates in a list
Andre Heinecke <aheinecke@intevation.de>
parents:
178
diff
changeset
|
287 next - cur > 4) |
881ce5126f07
Add helper function to get all certificates in a list
Andre Heinecke <aheinecke@intevation.de>
parents:
178
diff
changeset
|
288 { |
292
57867a523dcf
Do not cut off the last character of the line. (next-cur does not include \n)
Andre Heinecke <aheinecke@intevation.de>
parents:
286
diff
changeset
|
289 size_t len = (size_t) (next - cur - 3); |
286
881ce5126f07
Add helper function to get all certificates in a list
Andre Heinecke <aheinecke@intevation.de>
parents:
178
diff
changeset
|
290 /* Remove I: or R: at the beginning and \r\n at the end */ |
881ce5126f07
Add helper function to get all certificates in a list
Andre Heinecke <aheinecke@intevation.de>
parents:
178
diff
changeset
|
291 strv_append(&retval, cur + 2, len); |
881ce5126f07
Add helper function to get all certificates in a list
Andre Heinecke <aheinecke@intevation.de>
parents:
178
diff
changeset
|
292 } |
881ce5126f07
Add helper function to get all certificates in a list
Andre Heinecke <aheinecke@intevation.de>
parents:
178
diff
changeset
|
293 cur = next ? (next + 1) : NULL; |
881ce5126f07
Add helper function to get all certificates in a list
Andre Heinecke <aheinecke@intevation.de>
parents:
178
diff
changeset
|
294 } |
881ce5126f07
Add helper function to get all certificates in a list
Andre Heinecke <aheinecke@intevation.de>
parents:
178
diff
changeset
|
295 return retval; |
68
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
66
diff
changeset
|
296 } |
8ffbb48528ae
Add certificate installation for windows
Andre Heinecke <aheinecke@intevation.de>
parents:
66
diff
changeset
|
297 |