Mercurial > trustbridge

view common/certhelp.c @ 1306:845048d4a69f

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
(issue159) Use user specific appdata directory for nss list with simple rights. Using the ProgramData folder with resticted access rights failed in case the process was not elevated.
author Andre Heinecke <andre.heinecke@intevation.de>
date Mon, 13 Oct 2014 12:31:37 +0200
parents 265583011f24
children
line wrap: on
line source
/* Copyright (C) 2014 by Bundesamt für Sicherheit in der Informationstechnik
 * Software engineering by Intevation GmbH
 *
 * This file is Free Software under the GNU GPL (v>=2)
 * and comes with ABSOLUTELY NO WARRANTY!
 * See LICENSE.txt for details.
 */
#include <stdlib.h>

#include "certhelp.h"
#include "logging.h"
#include "errorcodes.h"
#include "strhelp.h"

char *
get_oid_valstr(x509_name *namebuf, unsigned char *oid)
{
  char *str = NULL;
  size_t oid_len = strlen((char *)oid);
  while ( namebuf != NULL )
    {
      if ( (namebuf->oid.len == oid_len) &&
           (memcmp(namebuf->oid.p, oid, oid_len) == 0) )
        {
          str = xstrndup((char *)namebuf->val.p, namebuf->val.len);
          break;
        }
      namebuf = namebuf->next;
    }
  return str;
}

char *
x509_parse_subject(unsigned char *derdata, size_t derlen,
                   unsigned char *oid)
{
  x509_crt chain;
  char *str;

  x509_crt_init(&chain);
  if (x509_crt_parse_der(&chain, derdata, derlen) != 0)
    {
      ERRORPRINTF("Could not parse certificate!\n");
      return NULL;
    }
  else
    {
      str = get_oid_valstr(&(chain.subject), oid);
      x509_crt_free(&chain);
    }
  return str;
}

#ifdef WIN32
PCCERT_CONTEXT
b64_to_cert_context(char *b64_data, size_t b64_size)
{
  size_t buf_size = 0;
  char *buf = NULL;
  PCCERT_CONTEXT pCert = NULL;
  int ret = -1;

  ret = str_base64_decode (&buf, &buf_size, b64_data, b64_size);

  if (ret != 0)
    {
      ERRORPRINTF ("decoding certificate failed\n");
      return NULL;
    }

  pCert = CertCreateContext (CERT_STORE_CERTIFICATE_CONTEXT,
                             X509_ASN_ENCODING | PKCS_7_ASN_ENCODING,
                             (const PBYTE) buf,
                             (DWORD) buf_size,
                             0,
                             NULL);
  free (buf); /* Windows has a copy */

  if (pCert == NULL)
    {
      char *error = getLastErrorMsg();
      if (error)
        {
          ERRORPRINTF ("Failed to create cert context: %s \n", error);
          free (error);
        }
      return NULL;
    }
  return pCert;
}
#endif
http://wald.intevation.org/projects/trustbridge/