xmltooling/security/impl/OpenSSLCryptoX509CRL.cpp

   1 /*
   2  * Copyright 2001-2007 The Apache Software Foundation.
   3  *
   4  * Licensed under the Apache License, Version 2.0 (the "License");
   5  * you may not use this file except in compliance with the License.
   6  * You may obtain a copy of the License at
   7  *
   8  *     http://www.apache.org/licenses/LICENSE-2.0
   9  *
  10  * Unless required by applicable law or agreed to in writing, software
  11  * distributed under the License is distributed on an "AS IS" BASIS,
  12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  13  * See the License for the specific language governing permissions and
  14  * limitations under the License.
  15  */
  16
  17 /**
  18  * OpenSSLCryptoX509CRL.cpp
  19  *
  20  * OpenSSL-based class for handling X.509 CRLs
  21  */
  22
  23 #include "internal.h"
  24 #include "security/OpenSSLCryptoX509CRL.h"
  25
  26 #include <xsec/framework/XSECError.hpp>
  27 #include <xsec/enc/XSECCryptoException.hpp>
  28 #include <xsec/enc/XSCrypt/XSCryptCryptoBase64.hpp>
  29
  30 #include <xercesc/util/Janitor.hpp>
  31
  32 XSEC_USING_XERCES(ArrayJanitor);
  33 XSEC_USING_XERCES(Janitor);
  34
  35 using namespace xmltooling;
  36
  37 OpenSSLCryptoX509CRL::~OpenSSLCryptoX509CRL()
  38 {
  39         if (mp_X509CRL)
  40                 X509_CRL_free(mp_X509CRL);
  41 }
  42
  43 OpenSSLCryptoX509CRL::OpenSSLCryptoX509CRL(X509_CRL* x) {
  44
  45         // Build this from an existing X509_CRL structure
  46
  47         mp_X509CRL = X509_CRL_dup(x);
  48
  49         // Now need to create the DER encoding
  50
  51         BIO* b64 = BIO_new(BIO_f_base64());
  52         BIO* bmem = BIO_new(BIO_s_mem());
  53
  54         BIO_set_mem_eof_return(bmem, 0);
  55         b64 = BIO_push(b64, bmem);
  56
  57         // Translate X509 to Base64
  58
  59         i2d_X509_CRL_bio(b64, x);
  60
  61         BIO_flush(b64);
  62
  63         char buf[1024];
  64         unsigned int l;
  65
  66         m_DERX509CRL.sbStrcpyIn("");
  67
  68         while ((l = BIO_read(bmem, buf, 1023)) > 0) {
  69                 buf[l] = '\0';
  70                 m_DERX509CRL.sbStrcatIn(buf);
  71         }
  72
  73         BIO_free_all(b64);
  74 }
  75
  76 void OpenSSLCryptoX509CRL::loadX509CRLBase64Bin(const char* buf, unsigned int len) {
  77
  78         // Free anything currently held.
  79
  80         if (mp_X509CRL)
  81                 X509_CRL_free(mp_X509CRL);
  82
  83         int bufLen = len;
  84         unsigned char* outBuf;
  85         XSECnew(outBuf, unsigned char[len + 1]);
  86         ArrayJanitor<unsigned char> j_outBuf(outBuf);
  87
  88         XSCryptCryptoBase64 *b64;
  89         XSECnew(b64, XSCryptCryptoBase64);
  90         Janitor<XSCryptCryptoBase64> j_b64(b64);
  91
  92         b64->decodeInit();
  93         bufLen = b64->decode((unsigned char *) buf, len, outBuf, len);
  94         bufLen += b64->decodeFinish(&outBuf[bufLen], len-bufLen);
  95
  96         if (bufLen > 0) {
  97 #if defined(XSEC_OPENSSL_D2IX509_CONST_BUFFER)
  98                 mp_X509CRL=  d2i_X509_CRL(NULL, (const unsigned char **) (&outBuf), bufLen);
  99 #else
 100                 mp_X509CRL=  d2i_X509_CRL(NULL, &outBuf, bufLen);
 101 #endif
 102         }
 103
 104         // Check to see if we have a CRL....
 105         if (mp_X509CRL == NULL) {
 106                 throw XSECCryptoException(XSECCryptoException::X509Error,
 107                 "OpenSSL:X509CRL - Error translating Base64 DER encoding into OpenSSL X509 CRL structure");
 108         }
 109
 110         m_DERX509CRL.sbStrcpyIn(buf);
 111
 112 }