x509.cpp revision 3a1349858045a27f445c3647a586cd14a4e1254d
/* $Id$ */
/** @file
* IPRT - X509 functions.
*/
/*
* Copyright (C) 2014 Oracle Corporation
*
* This file is part of VirtualBox Open Source Edition (OSE), as
* available from http://www.virtualbox.org. This file is free software;
* General Public License (GPL) as published by the Free Software
* Foundation, in version 2 as it comes in the "COPYING" file of the
* VirtualBox OSE distribution. VirtualBox OSE is distributed in the
* hope that it will be useful, but WITHOUT ANY WARRANTY of any kind.
*
* The contents of this file may alternatively be used under the terms
* of the Common Development and Distribution License Version 1.0
* (CDDL) only, as it comes in the "COPYING.CDDL" file of the
* VirtualBox OSE distribution, in which case the provisions of the
* CDDL are applicable instead of those of the GPL.
*
* You may elect to license modified versions of this file under the
* terms and conditions of either the GPL or the CDDL or both.
*/
/*******************************************************************************
* Header Files *
*******************************************************************************/
#include <iprt/x509-branch-collision.h>
#include <iprt/manifest.h>
/**
* Preparation before start to work with openssl
*
* @returns IPRT status code.
*/
RTDECL(int) RTX509PrepareOpenSSL(void)
{
return VINF_SUCCESS;
}
/**
* Read X509 certificate from the given memory buffer into the internal
* structure.
*
* @returns IPRT status code.
*
* @param pvBuf String representation containing X509
* certificate in PEM format.
* @param cbBuf The amount of data @a pvBuf points to.
* @param ppOutCert Where to store the pointer to the structure where
* the info about X509 certificate will be stored.
*/
{
if (!pBio)
return VERR_NO_MEMORY;
}
/**
* Convert X509 certificate from string to binary representation
*
* @returns iprt status code.
*
* @param pvBuf string representation
* containing X509 certificate
* in PEM format
* @param pOutSignature memory buffer where the binary
* representation will be stored
* @param lengthOfSignature length of X509 certificate in
* binary representation
*/
static int RTX509ConvertCertificateToBinary(void *pvBuf, unsigned char** pOutSignature, unsigned int* lengthOfSignature)
{
int rc = VINF_SUCCESS;
if (RT_FAILURE(rc))
{
*pOutSignature = NULL;
}
return rc;
}
/**
* Convert digest from string to binary representation
*
* @returns iprt status code.
*
* @param digest string representation
* @param pOutDigest memory buffer where the binary
* representation will be stored
* @param digestType Type of digest
* @param lengthOfDigest length of digest in binary
* representation
*/
static int RTConvertDigestToBinary(const char* digest,
unsigned char** pOutDigest,
unsigned int* lengthOfDigest)
{
int rc = VINF_SUCCESS;
if(digestType == RTDIGESTTYPE_SHA1)
{
}
else if(digestType == RTDIGESTTYPE_SHA256)
{
}
else
{
}
if (RT_FAILURE(rc))
{
if(*pOutDigest != NULL)
*pOutDigest = NULL;
}
return rc;
}
RTDECL(int) RTRSAVerify(void *pvBuf, unsigned int cbSize, const char* pManifestDigestIn, RTDIGESTTYPE digestType)
{
int rc = VINF_SUCCESS;
unsigned char* pSignatureRSA = NULL;
unsigned char* pManifestDigestOut = NULL;
while(1)
{
unsigned int siglen = 0;
if (RT_FAILURE(rc))
{
/*pSignatureRSA isn't allocated in this case, thus there is no need to free it*/
break;
}
unsigned int diglen = 0;
if (RT_FAILURE(rc))
{
/*pManifestDigestOut isn't allocated in this case, thus there is no need to free it*/
break;
}
if (RT_FAILURE(rc))
{
/*memory for certificate isn't allocated in this case, thus there is no need to free it*/
break;
}
{
break;
}
{
break;
}
rsa_key);
if (rc != 1)
{
}
break;
}//end while(1)
if(rsa_key)
if(evp_key)
if(certificate)
if (pManifestDigestOut)
if (pSignatureRSA)
return rc;
}
/**
* Get X509 certificate basic constraints
*
* @returns iprt status code.
*
* @param pvBuf string representation
* containing X509 certificate
* in PEM format
* @param cbSize The amount of data (in bytes)
* @param pBasicConstraintsOut memory buffer where the
* extracted basic constraints
* will be stored in string
* representation
*/
static int RTX509GetBasicConstraints(void *pvBuf, unsigned int cbSize, unsigned char** pBasicConstraintsOut)
{
int rc = VINF_SUCCESS;
for (;;)
{
if(loc == -1)
{
break;
}
if(!ext)
{
break;
}
if(!extdata)
{
break;
}
{
break;
}
// now bptr contains the strings of the key_usage
// take care that bptr->data is NOT NULL terminated, so add '\0'
break;
}
if(certificate)
return rc;
}
{
int rc = VINF_SUCCESS;
unsigned char* strBasicConstraints = NULL;
while(1)
{
if (RT_FAILURE(rc))
{
break;
}
if (RT_FAILURE(rc))
{
break;
}
{
int ki=0;
{
if(ki>0)
{
/* if it's needed will do something with the verified certificate */
}
else
}
else
{
}
}
else
{
}
break;
}
if(certificate)
if(evp_key)
return rc;
}
{
unsigned long err = ERR_get_error();
return err;
}