+/*\r
+ * Copyright 2006 The Apache Software Foundation.\r
+ *\r
+ * Licensed under the Apache License, Version 2.0 (the "License");\r
+ * you may not use this file except in compliance with the License.\r
+ * You may obtain a copy of the License at\r
+ *\r
+ * http://www.apache.org/licenses/LICENSE-2.0\r
+ *\r
+ * Unless required by applicable law or agreed to in writing, software\r
+ * distributed under the License is distributed on an "AS IS" BASIS,\r
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\r
+ * See the License for the specific language governing permissions and\r
+ * limitations under the License.\r
+ */\r
+\r
+/**\r
+ * OpenSSLCryptoX509CRL.cpp\r
+ * \r
+ * OpenSSL-based class for handling X.509 CRLs\r
+ */\r
+\r
+#include "internal.h"\r
+#include "security/impl/OpenSSLCryptoX509CRL.h"\r
+\r
+#include <xsec/framework/XSECError.hpp>\r
+#include <xsec/enc/XSECCryptoException.hpp>\r
+#include <xsec/enc/XSCrypt/XSCryptCryptoBase64.hpp>\r
+\r
+#include <xercesc/util/Janitor.hpp>\r
+\r
+XSEC_USING_XERCES(ArrayJanitor);\r
+XSEC_USING_XERCES(Janitor);\r
+\r
+using namespace xmltooling;\r
+\r
+OpenSSLCryptoX509CRL::~OpenSSLCryptoX509CRL()\r
+{\r
+ if (mp_X509CRL)\r
+ X509_CRL_free(mp_X509CRL);\r
+}\r
+\r
+OpenSSLCryptoX509CRL::OpenSSLCryptoX509CRL(X509_CRL* x) {\r
+\r
+ // Build this from an existing X509_CRL structure\r
+\r
+ mp_X509CRL = X509_CRL_dup(x);\r
+ \r
+ // Now need to create the DER encoding\r
+\r
+ BIO* b64 = BIO_new(BIO_f_base64());\r
+ BIO* bmem = BIO_new(BIO_s_mem());\r
+\r
+ BIO_set_mem_eof_return(bmem, 0);\r
+ b64 = BIO_push(b64, bmem);\r
+\r
+ // Translate X509 to Base64\r
+\r
+ i2d_X509_CRL_bio(b64, x);\r
+\r
+ BIO_flush(b64);\r
+\r
+ char buf[1024];\r
+ unsigned int l;\r
+ \r
+ m_DERX509CRL.sbStrcpyIn("");\r
+\r
+ while ((l = BIO_read(bmem, buf, 1023)) > 0) {\r
+ buf[l] = '\0';\r
+ m_DERX509CRL.sbStrcatIn(buf);\r
+ }\r
+\r
+ BIO_free_all(b64);\r
+}\r
+\r
+void OpenSSLCryptoX509CRL::loadX509CRLBase64Bin(const char* buf, unsigned int len) {\r
+\r
+ // Free anything currently held.\r
+ \r
+ if (mp_X509CRL)\r
+ X509_CRL_free(mp_X509CRL);\r
+ \r
+ int bufLen = len;\r
+ unsigned char* outBuf;\r
+ XSECnew(outBuf, unsigned char[len + 1]);\r
+ ArrayJanitor<unsigned char> j_outBuf(outBuf);\r
+\r
+ XSCryptCryptoBase64 *b64;\r
+ XSECnew(b64, XSCryptCryptoBase64);\r
+ Janitor<XSCryptCryptoBase64> j_b64(b64);\r
+\r
+ b64->decodeInit();\r
+ bufLen = b64->decode((unsigned char *) buf, len, outBuf, len);\r
+ bufLen += b64->decodeFinish(&outBuf[bufLen], len-bufLen);\r
+\r
+ if (bufLen > 0) {\r
+#if defined(XSEC_OPENSSL_D2IX509_CONST_BUFFER)\r
+ mp_X509CRL= d2i_X509_CRL(NULL, (const unsigned char **) (&outBuf), bufLen);\r
+#else\r
+ mp_X509CRL= d2i_X509_CRL(NULL, &outBuf, bufLen);\r
+#endif\r
+ }\r
+\r
+ // Check to see if we have a CRL....\r
+ if (mp_X509CRL == NULL) {\r
+ throw XSECCryptoException(XSECCryptoException::X509Error,\r
+ "OpenSSL:X509CRL - Error translating Base64 DER encoding into OpenSSL X509 CRL structure");\r
+ }\r
+\r
+ m_DERX509CRL.sbStrcpyIn(buf);\r
+\r
+}\r