view common/certhelp.c @ 1119:5349e2354c48

(issue54) Merge branch runafterinstall There is now an NSIS Plugin that executes the Software after installation using COM in the shell of the current user. With the way over the shell there is no inheritance / token management required. As it is impossible to drop all privileges of a token granted by UAC and still be able to reelevate the Token again with another RunAs call later this round trip over the Shell was necessary.
author Andre Heinecke <andre.heinecke@intevation.de>
date Tue, 16 Sep 2014 19:48:22 +0200
parents 17e1c8f37d72
children 265583011f24
line wrap: on
line source
/* Copyright (C) 2014 by Bundesamt für Sicherheit in der Informationstechnik
 * Software engineering by Intevation GmbH
 *
 * This file is Free Software under the GNU GPL (v>=2)
 * and comes with ABSOLUTELY NO WARRANTY!
 * See LICENSE.txt for details.
 */
#include <stdlib.h>

#include "certhelp.h"
#include "logging.h"
#include "errorcodes.h"
#include "strhelp.h"

char *
get_oid_valstr(x509_name *namebuf, unsigned char *oid)
{
  char *str = NULL;
  size_t oid_len = strlen((char *)oid);
  while ( namebuf != NULL )
    {
      if ( (namebuf->oid.len == oid_len) &&
           (memcmp(namebuf->oid.p, oid, oid_len) == 0) )
        {
          str = xstrndup((char *)namebuf->val.p, namebuf->val.len);
          break;
        }
      namebuf = namebuf->next;
    }
  return str;
}

char *
x509_parse_subject(unsigned char *derdata, size_t derlen,
                   unsigned char *oid)
{
  x509_crt chain;
  char *str;

  x509_crt_init(&chain);
  if (x509_crt_parse_der(&chain, derdata, derlen) != 0)
    {
      ERRORPRINTF("Could not parse certificate!\n");
      return NULL;
    }
  else
    {
      str = get_oid_valstr(&(chain.subject), oid);
      x509_crt_free(&chain);
    }
  return str;
}

http://wald.intevation.org/projects/trustbridge/