2 * Copyright 2006 The Apache Software Foundation.
\r
4 * Licensed under the Apache License, Version 2.0 (the "License");
\r
5 * you may not use this file except in compliance with the License.
\r
6 * You may obtain a copy of the License at
\r
8 * http://www.apache.org/licenses/LICENSE-2.0
\r
10 * Unless required by applicable law or agreed to in writing, software
\r
11 * distributed under the License is distributed on an "AS IS" BASIS,
\r
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
\r
13 * See the License for the specific language governing permissions and
\r
14 * limitations under the License.
\r
18 * OpenSSLCryptoX509CRL.cpp
\r
20 * OpenSSL-based class for handling X.509 CRLs
\r
23 #include "internal.h"
\r
24 #include "security/impl/OpenSSLCryptoX509CRL.h"
\r
26 #include <xsec/framework/XSECError.hpp>
\r
27 #include <xsec/enc/XSECCryptoException.hpp>
\r
28 #include <xsec/enc/XSCrypt/XSCryptCryptoBase64.hpp>
\r
30 #include <xercesc/util/Janitor.hpp>
\r
32 XSEC_USING_XERCES(ArrayJanitor);
\r
33 XSEC_USING_XERCES(Janitor);
\r
35 using namespace xmltooling;
\r
37 OpenSSLCryptoX509CRL::~OpenSSLCryptoX509CRL()
\r
40 X509_CRL_free(mp_X509CRL);
\r
43 OpenSSLCryptoX509CRL::OpenSSLCryptoX509CRL(X509_CRL* x) {
\r
45 // Build this from an existing X509_CRL structure
\r
47 mp_X509CRL = X509_CRL_dup(x);
\r
49 // Now need to create the DER encoding
\r
51 BIO* b64 = BIO_new(BIO_f_base64());
\r
52 BIO* bmem = BIO_new(BIO_s_mem());
\r
54 BIO_set_mem_eof_return(bmem, 0);
\r
55 b64 = BIO_push(b64, bmem);
\r
57 // Translate X509 to Base64
\r
59 i2d_X509_CRL_bio(b64, x);
\r
66 m_DERX509CRL.sbStrcpyIn("");
\r
68 while ((l = BIO_read(bmem, buf, 1023)) > 0) {
\r
70 m_DERX509CRL.sbStrcatIn(buf);
\r
76 void OpenSSLCryptoX509CRL::loadX509CRLBase64Bin(const char* buf, unsigned int len) {
\r
78 // Free anything currently held.
\r
81 X509_CRL_free(mp_X509CRL);
\r
84 unsigned char* outBuf;
\r
85 XSECnew(outBuf, unsigned char[len + 1]);
\r
86 ArrayJanitor<unsigned char> j_outBuf(outBuf);
\r
88 XSCryptCryptoBase64 *b64;
\r
89 XSECnew(b64, XSCryptCryptoBase64);
\r
90 Janitor<XSCryptCryptoBase64> j_b64(b64);
\r
93 bufLen = b64->decode((unsigned char *) buf, len, outBuf, len);
\r
94 bufLen += b64->decodeFinish(&outBuf[bufLen], len-bufLen);
\r
97 #if defined(XSEC_OPENSSL_D2IX509_CONST_BUFFER)
\r
98 mp_X509CRL= d2i_X509_CRL(NULL, (const unsigned char **) (&outBuf), bufLen);
\r
100 mp_X509CRL= d2i_X509_CRL(NULL, &outBuf, bufLen);
\r
104 // Check to see if we have a CRL....
\r
105 if (mp_X509CRL == NULL) {
\r
106 throw XSECCryptoException(XSECCryptoException::X509Error,
\r
107 "OpenSSL:X509CRL - Error translating Base64 DER encoding into OpenSSL X509 CRL structure");
\r
110 m_DERX509CRL.sbStrcpyIn(buf);
\r