xmltooling/security/impl/OpenSSLCryptoX509CRL.cpp

   1 /*\r
   2  * Copyright 2006 The Apache Software Foundation.\r
   3  *\r
   4  * Licensed under the Apache License, Version 2.0 (the "License");\r
   5  * you may not use this file except in compliance with the License.\r
   6  * You may obtain a copy of the License at\r
   7  *\r
   8  *     http://www.apache.org/licenses/LICENSE-2.0\r
   9  *\r
  10  * Unless required by applicable law or agreed to in writing, software\r
  11  * distributed under the License is distributed on an "AS IS" BASIS,\r
  12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\r
  13  * See the License for the specific language governing permissions and\r
  14  * limitations under the License.\r
  15  */\r
  16 \r
  17 /**\r
  18  * OpenSSLCryptoX509CRL.cpp\r
  19  * \r
  20  * OpenSSL-based class for handling X.509 CRLs\r
  21  */\r
  22 \r
  23 #include "internal.h"\r
  24 #include "security/OpenSSLCryptoX509CRL.h"\r
  25 \r
  26 #include <xsec/framework/XSECError.hpp>\r
  27 #include <xsec/enc/XSECCryptoException.hpp>\r
  28 #include <xsec/enc/XSCrypt/XSCryptCryptoBase64.hpp>\r
  29 \r
  30 #include <xercesc/util/Janitor.hpp>\r
  31 \r
  32 XSEC_USING_XERCES(ArrayJanitor);\r
  33 XSEC_USING_XERCES(Janitor);\r
  34 \r
  35 using namespace xmltooling;\r
  36 \r
  37 OpenSSLCryptoX509CRL::~OpenSSLCryptoX509CRL()\r
  38 {\r
  39         if (mp_X509CRL)\r
  40                 X509_CRL_free(mp_X509CRL);\r
  41 }\r
  42 \r
  43 OpenSSLCryptoX509CRL::OpenSSLCryptoX509CRL(X509_CRL* x) {\r
  44 \r
  45         // Build this from an existing X509_CRL structure\r
  46 \r
  47         mp_X509CRL = X509_CRL_dup(x);\r
  48         \r
  49         // Now need to create the DER encoding\r
  50 \r
  51         BIO* b64 = BIO_new(BIO_f_base64());\r
  52         BIO* bmem = BIO_new(BIO_s_mem());\r
  53 \r
  54         BIO_set_mem_eof_return(bmem, 0);\r
  55         b64 = BIO_push(b64, bmem);\r
  56 \r
  57         // Translate X509 to Base64\r
  58 \r
  59         i2d_X509_CRL_bio(b64, x);\r
  60 \r
  61         BIO_flush(b64);\r
  62 \r
  63         char buf[1024];\r
  64         unsigned int l;\r
  65         \r
  66         m_DERX509CRL.sbStrcpyIn("");\r
  67 \r
  68         while ((l = BIO_read(bmem, buf, 1023)) > 0) {\r
  69                 buf[l] = '\0';\r
  70                 m_DERX509CRL.sbStrcatIn(buf);\r
  71         }\r
  72 \r
  73         BIO_free_all(b64);\r
  74 }\r
  75 \r
  76 void OpenSSLCryptoX509CRL::loadX509CRLBase64Bin(const char* buf, unsigned int len) {\r
  77 \r
  78         // Free anything currently held.\r
  79         \r
  80         if (mp_X509CRL)\r
  81                 X509_CRL_free(mp_X509CRL);\r
  82         \r
  83         int bufLen = len;\r
  84         unsigned char* outBuf;\r
  85         XSECnew(outBuf, unsigned char[len + 1]);\r
  86         ArrayJanitor<unsigned char> j_outBuf(outBuf);\r
  87 \r
  88         XSCryptCryptoBase64 *b64;\r
  89         XSECnew(b64, XSCryptCryptoBase64);\r
  90         Janitor<XSCryptCryptoBase64> j_b64(b64);\r
  91 \r
  92         b64->decodeInit();\r
  93         bufLen = b64->decode((unsigned char *) buf, len, outBuf, len);\r
  94         bufLen += b64->decodeFinish(&outBuf[bufLen], len-bufLen);\r
  95 \r
  96         if (bufLen > 0) {\r
  97 #if defined(XSEC_OPENSSL_D2IX509_CONST_BUFFER)\r
  98                 mp_X509CRL=  d2i_X509_CRL(NULL, (const unsigned char **) (&outBuf), bufLen);\r
  99 #else\r
 100                 mp_X509CRL=  d2i_X509_CRL(NULL, &outBuf, bufLen);\r
 101 #endif\r
 102         }\r
 103 \r
 104         // Check to see if we have a CRL....\r
 105         if (mp_X509CRL == NULL) {\r
 106                 throw XSECCryptoException(XSECCryptoException::X509Error,\r
 107                 "OpenSSL:X509CRL - Error translating Base64 DER encoding into OpenSSL X509 CRL structure");\r
 108         }\r
 109 \r
 110         m_DERX509CRL.sbStrcpyIn(buf);\r
 111 \r
 112 }\r