diff options
Diffstat (limited to 'pki/base/tps/src/main/PKCS11Obj.cpp')
-rw-r--r-- | pki/base/tps/src/main/PKCS11Obj.cpp | 491 |
1 files changed, 0 insertions, 491 deletions
diff --git a/pki/base/tps/src/main/PKCS11Obj.cpp b/pki/base/tps/src/main/PKCS11Obj.cpp deleted file mode 100644 index 061dc7a91..000000000 --- a/pki/base/tps/src/main/PKCS11Obj.cpp +++ /dev/null @@ -1,491 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This library is free software; you can redistribute it and/or -// modify it under the terms of the GNU Lesser General Public -// License as published by the Free Software Foundation; -// version 2.1 of the License. -// -// This library is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -// Lesser General Public License for more details. -// -// You should have received a copy of the GNU Lesser General Public -// License along with this library; if not, write to the Free Software -// Foundation, Inc., 51 Franklin Street, Fifth Floor, -// Boston, MA 02110-1301 USA -// -// Copyright (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- - -#include <string.h> -#include "prmem.h" -#include "pk11func.h" -#include "zlib.h" -#include "engine/RA.h" -#include "main/Buffer.h" -#include "main/PKCS11Obj.h" - -#ifdef XP_WIN32 -#define TPS_PUBLIC __declspec(dllexport) -#else /* !XP_WIN32 */ -#define TPS_PUBLIC -#endif /* !XP_WIN32 */ - -PKCS11Obj::PKCS11Obj () -{ - for (int i = 0; i < MAX_OBJECT_SPEC; i++) { - m_objSpec[i] = NULL; - } -} - -PKCS11Obj::~PKCS11Obj () -{ - for (int i = 0; i < MAX_OBJECT_SPEC; i++) { - if (m_objSpec[i] != NULL) { - delete m_objSpec[i]; - m_objSpec[i] = NULL; - } - } -} - -PKCS11Obj *PKCS11Obj::Parse(Buffer *b, int offset) -{ - PKCS11Obj *o = new PKCS11Obj(); - - unsigned short formatVersion = (((BYTE *)*b)[offset + 0] << 8) + - (((BYTE *)*b)[offset + 1]); - o->SetFormatVersion(formatVersion); - unsigned short objectVersion = (((BYTE *)*b)[offset + 2] << 8) + - - (((BYTE *)*b)[offset + 3]); - o->SetObjectVersion(objectVersion); - o->SetCUID(b->substr(offset + 4, 10)); - - unsigned short compressionType = - (((BYTE *)*b)[offset + 14] << 8) + (((BYTE *)*b)[offset + 15]); - unsigned short compressedDataSize = - (((BYTE *)*b)[offset + 16] << 8) + (((BYTE *)*b)[offset + 17]); -#if 0 - unsigned short compressedDataOffset = - (unsigned short)(((unsigned char *)*b)[offset + 18] << 8) + (((unsigned char *)*b)[offset + 19]); -#endif - - Buffer data; - if (compressionType == 0) { /* no compression */ - data = b->substr(offset + 20, compressedDataSize); - } else if (compressionType == 1) { /* zlib */ - Buffer compressedData = b->substr(offset + 20, compressedDataSize); - -#define MAX_UNCOMPRESS_SIZE 20000 - unsigned char buf[MAX_UNCOMPRESS_SIZE]; - int rc = 0; - uLong len = MAX_UNCOMPRESS_SIZE; - rc = uncompress((Bytef*)buf, (uLongf*)&len, - (Bytef*)((BYTE*)compressedData), - (uLong)compressedData.size()); - RA::Debug("PKCS11Obj::Parse","uncompress ret=%d",rc); - data = Buffer(buf,(unsigned int) len); - } else { - /* error */ - } - - - unsigned short objOffset = (((BYTE *)data)[0] << 8) + - ((BYTE *)data)[1]; - unsigned short objCount = (((BYTE *)data)[2] << 8) + - ((BYTE *)data)[3]; - Buffer tokenName = data.substr(5, ((BYTE *)data)[4]); - o->SetTokenName(tokenName); - - RA::Debug("PKCS11Obj::Parse", "objcount = %d", objCount); - - int curpos = (int)objOffset; - int nread = 0; - for (int i = 0; i < objCount; i++) { - RA::Debug("PKCS11Obj::Parse", "working on object %d", i); - ObjectSpec *objSpec = ObjectSpec::Parse(&data, curpos, &nread); - if(!objSpec) - continue; - o->AddObjectSpec(objSpec); - - unsigned long oid = objSpec->GetObjectID(); - char b[2]; - - b[0] = (char)((oid >> 24) & 0xff); - b[1] = (char)((oid >> 16) & 0xff); - - RA::Debug("PKCS11Obj::Parse", "About to parse = %c%c", b[0],b[1]); - - // add corresponding 'C' object for 'c' - if (b[0] == 'c') { - for (int j = 0; j < objSpec->GetAttributeSpecCount(); - j++) { - AttributeSpec *as = objSpec->GetAttributeSpec(j); - if (as->GetAttributeID() == CKA_VALUE) { - if (as->GetType() == (BYTE) 0) { - Buffer cert = as->GetValue(); - - unsigned long certid = - ('C' << 24) + (b[1] << 16); - ObjectSpec *certSpec = - ObjectSpec::ParseFromTokenData( - certid, &cert); - o->AddObjectSpec(certSpec); - - objSpec->RemoveAttributeSpec(j); - break; - } - } - } - - } - - Buffer objSpecData = objSpec->GetData(); - curpos += nread; - } - - return o; -} - - -void PKCS11Obj::SetFormatVersion(unsigned short v) -{ - m_formatVersion = v; -} - -void PKCS11Obj::SetObjectVersion(unsigned short v) -{ - m_objectVersion = v; -} - -unsigned short PKCS11Obj::GetFormatVersion() -{ - return m_formatVersion; -} - -unsigned short PKCS11Obj::GetObjectVersion() -{ - return m_objectVersion; -} - -void PKCS11Obj::SetCUID(Buffer CUID) -{ - m_CUID = CUID; -} - -Buffer PKCS11Obj::GetCUID() -{ - return m_CUID; -} - -void PKCS11Obj::SetTokenName(Buffer tokenName) -{ - m_tokenName = tokenName; -} - -Buffer PKCS11Obj::GetTokenName() -{ - return m_tokenName; -} - -int PKCS11Obj::GetObjectSpecCount() -{ - for (int i = 0; i < MAX_OBJECT_SPEC; i++) { - if (m_objSpec[i] == NULL) { - return i; - } - } - return 0; -} - -ObjectSpec *PKCS11Obj::GetObjectSpec(int p) -{ - if (p < MAX_OBJECT_SPEC) { - if (m_objSpec[p] != NULL) { - return m_objSpec[p]; - } - } - return NULL; -} - -void PKCS11Obj::AddObjectSpec(ObjectSpec *p) -{ - for (int i = 0; i < MAX_OBJECT_SPEC; i++) { - if (m_objSpec[i] == NULL) { - m_objSpec[i] = p; - return; - } else { - // check duplicated - if (p->GetObjectID() == m_objSpec[i]->GetObjectID()) { - delete m_objSpec[i]; - m_objSpec[i] = p; - return; - } - } - } -} - -void PKCS11Obj::RemoveObjectSpec(int p) -{ - if (p < MAX_OBJECT_SPEC) { - if (m_objSpec[p] != NULL) { - delete m_objSpec[p]; - m_objSpec[p] = NULL; - } - // fill hole - int empty = p; - for (int x = p+1; x < MAX_OBJECT_SPEC; x++) { - if (m_objSpec[x] != NULL) { - m_objSpec[empty] = m_objSpec[x]; - m_objSpec[x] = NULL; - empty++; - } - } - } -} - -Buffer PKCS11Obj::GetData() -{ - Buffer data = Buffer(); - - unsigned short objectOffset = m_tokenName.size() + 2 + 3; - data += Buffer(1, (objectOffset >> 8) & 0xff); - data += Buffer(1, objectOffset & 0xff); - unsigned short objectCount = GetObjectSpecCount(); - unsigned short objectCountX = objectCount; - if (objectCountX == 0) { - objectCountX = 0; - } else { - objectCountX = objectCountX - (objectCountX / 4); - } - data += Buffer(1, (objectCountX >> 8) & 0xff); - data += Buffer(1, objectCountX & 0xff); - data += Buffer(1, m_tokenName.size() & 0xff); - data += m_tokenName; - for (int i = 0; i < objectCount; i++) { - ObjectSpec *spec = GetObjectSpec(i); - unsigned long objectID = spec->GetObjectID(); - char c = (char)((objectID >> 24) & 0xff); - unsigned long fixedAttrs = spec->GetFixedAttributes(); - unsigned int xclass = (fixedAttrs & 0x70) >> 4; - char cont_id = (char) ((objectID >> 16) & 0xff); - unsigned int id = (fixedAttrs & 0x0f); - /* locate all certificate objects */ - if (c == 'c' && xclass == CKO_CERTIFICATE) { - - //We need to use the container id, there may be more than one cert - //with the same CKA_ID byte - - id = (unsigned int) (cont_id - '0'); - - /* locate the certificate object */ - for (int u = 0; u < objectCount; u++) { - ObjectSpec *u_spec = GetObjectSpec(u); - unsigned long u_objectID = u_spec->GetObjectID(); - char u_c = (char)((u_objectID >> 24) & 0xff); - unsigned long u_fixedAttrs = - u_spec->GetFixedAttributes(); - unsigned int u_xclass = (u_fixedAttrs & 0x70) >> 4; - unsigned int u_id = (u_fixedAttrs & 0x0f); - if (u_c == 'C' && u_xclass == CKO_CERTIFICATE && u_id == id) { - AttributeSpec * u_attr = - u_spec->GetAttributeSpec(0); - AttributeSpec * n_attr = new AttributeSpec(); - n_attr->SetAttributeID(u_attr->GetAttributeID()); - n_attr->SetType(u_attr->GetType()); - n_attr->SetData(u_attr->GetValue()); - spec->AddAttributeSpec(n_attr); - } - } - - data += spec->GetData(); - - /* locate public object */ - for (int x = 0; x < objectCount; x++) { - ObjectSpec *x_spec = GetObjectSpec(x); - unsigned long x_fixedAttrs = - x_spec->GetFixedAttributes(); - unsigned int x_xclass = (x_fixedAttrs & 0x70) >> 4; - unsigned int x_id = (x_fixedAttrs & 0x0f); - if (x_xclass == CKO_PUBLIC_KEY && x_id == id) { - data += x_spec->GetData(); - } - } - - /* locate private object */ - for (int y = 0; y < objectCount; y++) { - ObjectSpec *y_spec = GetObjectSpec(y); - unsigned long y_fixedAttrs = - y_spec->GetFixedAttributes(); - unsigned int y_xclass = (y_fixedAttrs & 0x70) >> 4; - unsigned int y_id = (y_fixedAttrs & 0x0f); - if (y_xclass == CKO_PRIVATE_KEY && y_id == id) { - data += y_spec->GetData(); - } - } - } - } - - Buffer header = Buffer(); - header += Buffer(1, (m_formatVersion >> 8) & 0xff); - header += Buffer(1, m_formatVersion & 0xff); - header += Buffer(1, (m_objectVersion >> 8) & 0xff); - header += Buffer(1, m_objectVersion & 0xff); - header += m_CUID; - // COMP_NONE = 0x00 - // COMP_ZLIB = 0x01 - unsigned short compressionType = 0x00; - header += Buffer(1, (compressionType >> 8) & 0xff); - header += Buffer(1, compressionType & 0xff); - unsigned short compressedDataSize = data.size(); - header += Buffer(1, (compressedDataSize >> 8) & 0xff); - header += Buffer(1, compressedDataSize & 0xff); - unsigned short compressedDataOffset = 20; - header += Buffer(1, (compressedDataOffset >> 8) & 0xff); - header += Buffer(1, compressedDataOffset & 0xff); - - return header + data; -} - -Buffer PKCS11Obj::GetCompressedData() -{ - Buffer data = Buffer(); - Buffer error = Buffer(0); - - unsigned short objectOffset = m_tokenName.size() + 2 + 3; - data += Buffer(1, (objectOffset >> 8) & 0xff); - data += Buffer(1, objectOffset & 0xff); - unsigned short objectCount = GetObjectSpecCount(); - unsigned short objectCountX = objectCount; - if (objectCountX == 0) { - objectCountX = 0; - } else { - objectCountX = objectCountX - (objectCountX / 4); - } - data += Buffer(1, (objectCountX >> 8) & 0xff); - data += Buffer(1, objectCountX & 0xff); - data += Buffer(1, m_tokenName.size() & 0xff); - data += m_tokenName; - RA::Debug("PKCS11Obj::GetCompressedData", "object count = %d", objectCount); - for (int i = 0; i < objectCount; i++) { - ObjectSpec *spec = GetObjectSpec(i); - unsigned long objectID = spec->GetObjectID(); - RA::Debug("PKCS11Obj::GetCompressedData", "objid = %lu", objectID); - char c = (char)((objectID >> 24) & 0xff); - unsigned long fixedAttrs = spec->GetFixedAttributes(); - unsigned int xclass = (fixedAttrs & 0x70) >> 4; - char cont_id = (char) ((objectID >> 16) & 0xff); - unsigned int id = (fixedAttrs & 0x0f); - - /* locate all certificate objects */ - if (c == 'c' && xclass == CKO_CERTIFICATE) { - - //We need to use the container id, there may be more than one cert - //with the same CKA_ID byte - - id = (unsigned int) (cont_id - '0'); - - /* locate the certificate object */ - for (int u = 0; u < objectCount; u++) { - ObjectSpec *u_spec = GetObjectSpec(u); - unsigned long u_objectID = u_spec->GetObjectID(); - char u_c = (char)((u_objectID >> 24) & 0xff); - unsigned long u_fixedAttrs = - u_spec->GetFixedAttributes(); - unsigned int u_xclass = (u_fixedAttrs & 0x70) >> 4; - unsigned int u_id = (u_fixedAttrs & 0x0f); - char cont_u_id = (char) ((u_objectID >> 16) & 0xff); - if (u_c == 'C' && u_xclass == CKO_CERTIFICATE && u_id == id) { - RA::Debug("PKCS11Obj::GetCompressedData", "located Certificate id = %d cont_u_id = %c", u_id,cont_u_id); - AttributeSpec * u_attr = - u_spec->GetAttributeSpec(0); - AttributeSpec * n_attr = new AttributeSpec(); - n_attr->SetAttributeID(u_attr->GetAttributeID()); - n_attr->SetType(u_attr->GetType()); - n_attr->SetData(u_attr->GetValue()); - spec->AddAttributeSpec(n_attr); - } - } - - /* output certificate attribute object */ - data += spec->GetData(); - - /* locate public object */ - for (int x = 0; x < objectCount; x++) { - ObjectSpec *x_spec = GetObjectSpec(x); - unsigned long x_fixedAttrs = - x_spec->GetFixedAttributes(); - unsigned int x_xclass = (x_fixedAttrs & 0x70) >> 4; - unsigned int x_id = (x_fixedAttrs & 0x0f); - if (x_xclass == CKO_PUBLIC_KEY && x_id == id) { - RA::Debug("PKCS11Obj::GetCompressedData", "located Public Key = %d", x_id); - data += x_spec->GetData(); - } - - } - - /* locate private object */ - for (int y = 0; y < objectCount; y++) { - ObjectSpec *y_spec = GetObjectSpec(y); - unsigned long y_fixedAttrs = - y_spec->GetFixedAttributes(); - unsigned int y_xclass = (y_fixedAttrs & 0x70) >> 4; - unsigned int y_id = (y_fixedAttrs & 0x0f); - if (y_xclass == CKO_PRIVATE_KEY && y_id == id) { - RA::Debug("PKCS11Obj::GetCompressedData", "located Private Key = %d", y_id); - data += y_spec->GetData(); - } - } - } - } - -#define MAX_COMPRESS_SIZE 50000 - char buffer[MAX_COMPRESS_SIZE]; - unsigned long len = MAX_COMPRESS_SIZE ; - - int rc = 0; - - RA::Debug("PKCS11Obj", "before compress length = %d", len); - - BYTE *src_buffer = (BYTE*)data; - - RA::Debug("PKCS11Obj", "sizeof src_buffer = %d", sizeof(src_buffer)); - RA::Debug("PKCS11Obj", "data size = %d", data.size()); - - rc = compress((Bytef*)buffer, (uLongf*)&len, (Bytef*)src_buffer, - (uLong)data.size()); - - - if(rc != Z_OK) { - RA::Debug("PKCS11Obj", "failure compressing data, possibly buffer overrun! Error: %d ",rc); - - return error; - } - - RA::Debug("PKCS11Obj", "after compress length = %d", len); - RA::Debug("PKCS11Obj", "rc = %d", rc); - - Buffer compressedData = Buffer((BYTE*)buffer, len); - - Buffer header = Buffer(); - header += Buffer(1, (m_formatVersion >> 8) & 0xff); - header += Buffer(1, m_formatVersion & 0xff); - header += Buffer(1, (m_objectVersion >> 8) & 0xff); - header += Buffer(1, m_objectVersion & 0xff); - header += m_CUID; - // COMP_NONE = 0x00 - // COMP_ZLIB = 0x01 - unsigned short compressionType = 0x01; - header += Buffer(1, (compressionType >> 8) & 0xff); - header += Buffer(1, compressionType & 0xff); - unsigned short compressedDataSize = compressedData.size(); - header += Buffer(1, (compressedDataSize >> 8) & 0xff); - header += Buffer(1, compressedDataSize & 0xff); - unsigned short compressedDataOffset = 20; - header += Buffer(1, (compressedDataOffset >> 8) & 0xff); - header += Buffer(1, compressedDataOffset & 0xff); - - return header + compressedData; -} - |