2 * Copyright 2001-2010 The Apache Software Foundation.
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
18 * OpenSSLCryptoX509CRL.cpp
20 * OpenSSL-based class for handling X.509 CRLs.
24 #include "security/OpenSSLCryptoX509CRL.h"
26 #include <xsec/framework/XSECError.hpp>
27 #include <xsec/enc/XSECCryptoException.hpp>
28 #include <xsec/enc/XSCrypt/XSCryptCryptoBase64.hpp>
30 #include <xercesc/util/Janitor.hpp>
32 XSEC_USING_XERCES(ArrayJanitor);
33 XSEC_USING_XERCES(Janitor);
35 using namespace xmltooling;
37 OpenSSLCryptoX509CRL::OpenSSLCryptoX509CRL() : mp_X509CRL(nullptr), m_DERX509CRL("")
41 OpenSSLCryptoX509CRL::~OpenSSLCryptoX509CRL()
44 X509_CRL_free(mp_X509CRL);
47 OpenSSLCryptoX509CRL::OpenSSLCryptoX509CRL(X509_CRL* x) {
49 // Build this from an existing X509_CRL structure
51 mp_X509CRL = X509_CRL_dup(x);
53 // Now need to create the DER encoding
55 BIO* b64 = BIO_new(BIO_f_base64());
56 BIO* bmem = BIO_new(BIO_s_mem());
58 BIO_set_mem_eof_return(bmem, 0);
59 b64 = BIO_push(b64, bmem);
61 // Translate X509 to Base64
63 i2d_X509_CRL_bio(b64, x);
70 m_DERX509CRL.sbStrcpyIn("");
72 while ((l = BIO_read(bmem, buf, 1023)) > 0) {
74 m_DERX509CRL.sbStrcatIn(buf);
80 const XMLCh* OpenSSLCryptoX509CRL::getProviderName() const
82 return DSIGConstants::s_unicodeStrPROVOpenSSL;
85 void OpenSSLCryptoX509CRL::loadX509CRLBase64Bin(const char* buf, unsigned int len)
88 // Free anything currently held.
91 X509_CRL_free(mp_X509CRL);
94 unsigned char* outBuf;
95 XSECnew(outBuf, unsigned char[len + 1]);
96 ArrayJanitor<unsigned char> j_outBuf(outBuf);
98 XSCryptCryptoBase64 *b64;
99 XSECnew(b64, XSCryptCryptoBase64);
100 Janitor<XSCryptCryptoBase64> j_b64(b64);
103 bufLen = b64->decode((unsigned char *) buf, len, outBuf, len);
104 bufLen += b64->decodeFinish(&outBuf[bufLen], len-bufLen);
107 #if defined(XSEC_OPENSSL_D2IX509_CONST_BUFFER)
108 mp_X509CRL= d2i_X509_CRL(nullptr, (const unsigned char **) (&outBuf), bufLen);
110 mp_X509CRL= d2i_X509_CRL(nullptr, &outBuf, bufLen);
114 // Check to see if we have a CRL....
115 if (mp_X509CRL == nullptr) {
116 throw XSECCryptoException(XSECCryptoException::X509Error,
117 "OpenSSL:X509CRL - Error translating Base64 DER encoding into OpenSSL X509 CRL structure");
120 m_DERX509CRL.sbStrcpyIn(buf);
124 safeBuffer& OpenSSLCryptoX509CRL::getDEREncodingSB()
129 X509_CRL* OpenSSLCryptoX509CRL::getOpenSSLX509CRL()
134 XSECCryptoX509CRL* OpenSSLCryptoX509CRL::clone() const
136 OpenSSLCryptoX509CRL* copy = new OpenSSLCryptoX509CRL();
137 copy->mp_X509CRL = X509_CRL_dup(mp_X509CRL);
138 copy->m_DERX509CRL = m_DERX509CRL;