diff options
author | Valery Febvre <vfebvre at easter-eggs.com> | 2004-09-27 13:42:01 +0000 |
---|---|---|
committer | Valery Febvre <vfebvre at easter-eggs.com> | 2004-09-27 13:42:01 +0000 |
commit | 75ae196125a102836645d5d82425da866e87c6f9 (patch) | |
tree | e633a0bf0230623ffa8bc3b666afaf4b62ff9fc3 /lasso | |
parent | b3c622637861ab602c77cece5b94015b67ab36f9 (diff) | |
download | lasso-75ae196125a102836645d5d82425da866e87c6f9.tar.gz lasso-75ae196125a102836645d5d82425da866e87c6f9.tar.xz lasso-75ae196125a102836645d5d82425da866e87c6f9.zip |
Added lasso_load_certs_from_pem_certs_chain_file() function
Diffstat (limited to 'lasso')
-rw-r--r-- | lasso/xml/tools.c | 91 | ||||
-rw-r--r-- | lasso/xml/tools.h | 44 |
2 files changed, 113 insertions, 22 deletions
diff --git a/lasso/xml/tools.c b/lasso/xml/tools.c index 24829e4d..60e8ef94 100644 --- a/lasso/xml/tools.c +++ b/lasso/xml/tools.c @@ -168,7 +168,7 @@ lasso_get_current_time() * lasso_get_pem_file_type: * @pem_file: a pem file * - * Gets the type of the pem file. + * Gets the type of a pem file. * * Return value: the pem file type **/ @@ -180,6 +180,8 @@ lasso_get_pem_file_type(const gchar *pem_file) X509 *cert; guint type = lassoPemFileTypeUnknown; + g_return_val_if_fail(pem_file != NULL, LASSO_PARAM_ERROR_INVALID_VALUE); + bio = BIO_new_file(pem_file, "rb"); if (bio == NULL) { message(G_LOG_LEVEL_CRITICAL, "Failed to open %s pem file\n", @@ -229,6 +231,8 @@ lasso_get_public_key_from_pem_cert_file(const gchar *pem_cert_file) xmlSecKeyDataPtr data; xmlSecKeyPtr key = NULL; + g_return_val_if_fail(pem_cert_file != NULL, NULL); + /* load pem certificate from file */ fd = fopen(pem_cert_file, "r"); if (fd == NULL) { @@ -261,6 +265,91 @@ lasso_get_public_key_from_pem_cert_file(const gchar *pem_cert_file) } /** + * lasso_load_certs_from_pem_certs_chain_file: + * @pem_certs_chain_file: a CA certificate chain file + * + * Creates a keys manager and loads inside all the CA certificates of + * @pem_certs_chain_file. Caller is responsible for freeing it with + * #xmlSecKeysMngrDestroy function. + * + * Return value: a newly allocated keys manager or NULL if an error occurs. + **/ +xmlSecKeysMngrPtr +lasso_load_certs_from_pem_certs_chain_file(const gchar* pem_certs_chain_file) +{ + xmlSecKeysMngrPtr keys_mngr; + GIOChannel *gioc; + GIOStatus gios; + gchar *line; + gsize len, pos; + GString *cert = NULL; + gint ret; + + g_return_val_if_fail(pem_certs_chain_file != NULL, NULL); + + /* create keys manager */ + keys_mngr = xmlSecKeysMngrCreate(); + if (keys_mngr == NULL) { + message(G_LOG_LEVEL_CRITICAL, + lasso_strerror(LASSO_DS_ERROR_KEYS_MNGR_CREATION_FAILED)); + return NULL; + } + /* initialize keys manager */ + if (xmlSecCryptoAppDefaultKeysMngrInit(keys_mngr) < 0) { + message(G_LOG_LEVEL_CRITICAL, + lasso_strerror(LASSO_DS_ERROR_KEYS_MNGR_INIT_FAILED)); + xmlSecKeysMngrDestroy(keys_mngr); + return NULL; + } + + gioc = g_io_channel_new_file(pem_certs_chain_file, "r", NULL); + while (gios = g_io_channel_read_line(gioc, &line, &len, &pos, NULL) == G_IO_STATUS_NORMAL) { + if (g_strstr_len(line, 64, "BEGIN CERTIFICATE") != NULL) { + cert = g_string_new(line); + } + else if (g_strstr_len(line, 64, "END CERTIFICATE") != NULL) { + g_string_append(cert, line); + /* load the new certificate found in the keys manager */ + ret = xmlSecCryptoAppKeysMngrCertLoadMemory(keys_mngr, + (const xmlSecByte*) cert->str, + (xmlSecSize) cert->len, + xmlSecKeyDataFormatPem, + xmlSecKeyDataTypeTrusted); + g_string_free(cert, TRUE); + cert = NULL; + if (ret < 0) { + goto error; + } + } + else if (cert != NULL && line != NULL && line[0] != '\0') { + g_string_append(cert, line); + } + else { + debug("Empty line found in the CA certificate chain file") + } + /* free last line read */ + if (line != NULL) { + g_free(line); + line = NULL; + } + } + goto done; + + error: + if (line != NULL) { + g_free(line); + line = NULL; + } + xmlSecKeysMngrDestroy(keys_mngr); + keys_mngr = NULL; + + done: + g_io_channel_shutdown(gioc, TRUE, NULL); + + return keys_mngr; +} + +/** * lasso_query_get_value: * @query: a query (an url-encoded node) * @param: the parameter diff --git a/lasso/xml/tools.h b/lasso/xml/tools.h index e505be21..79ae0cf6 100644 --- a/lasso/xml/tools.h +++ b/lasso/xml/tools.h @@ -50,40 +50,42 @@ typedef enum { lassoPemFileTypeCert } lassoPemFileType; -LASSO_EXPORT xmlChar* lasso_build_random_sequence (guint8 size); +LASSO_EXPORT xmlChar* lasso_build_random_sequence (guint8 size); -LASSO_EXPORT xmlChar* lasso_build_unique_id (guint8 size); +LASSO_EXPORT xmlChar* lasso_build_unique_id (guint8 size); -LASSO_EXPORT xmlChar* lasso_doc_get_node_content (xmlDocPtr doc, - const xmlChar *name); +LASSO_EXPORT xmlChar* lasso_doc_get_node_content (xmlDocPtr doc, + const xmlChar *name); -LASSO_EXPORT xmlChar* lasso_g_ptr_array_index (GPtrArray *a, - guint i); +LASSO_EXPORT xmlChar* lasso_g_ptr_array_index (GPtrArray *a, + guint i); -LASSO_EXPORT gchar* lasso_get_current_time (void); +LASSO_EXPORT gchar* lasso_get_current_time (void); -LASSO_EXPORT GPtrArray* lasso_query_get_value (const gchar *query, - const xmlChar *param); +LASSO_EXPORT GPtrArray* lasso_query_get_value (const gchar *query, + const xmlChar *param); -LASSO_EXPORT lassoPemFileType lasso_get_pem_file_type (const gchar *pem_file); +LASSO_EXPORT lassoPemFileType lasso_get_pem_file_type (const gchar *pem_file); -LASSO_EXPORT xmlSecKeyPtr lasso_get_public_key_from_pem_cert_file (const gchar *pem_cert_file); +LASSO_EXPORT xmlSecKeyPtr lasso_get_public_key_from_pem_cert_file (const gchar *pem_cert_file); -LASSO_EXPORT GData* lasso_query_to_dict (const gchar *query); +LASSO_EXPORT xmlSecKeysMngrPtr lasso_load_certs_from_pem_certs_chain_file (const gchar* pem_certs_chain_file); -LASSO_EXPORT int lasso_query_verify_signature (const gchar *query, - const xmlChar *sender_public_key_file, - const xmlChar *recipient_private_key_file); +LASSO_EXPORT GData* lasso_query_to_dict (const gchar *query); -LASSO_EXPORT xmlChar* lasso_sha1 (xmlChar *str); +LASSO_EXPORT int lasso_query_verify_signature (const gchar *query, + const xmlChar *sender_public_key_file, + const xmlChar *recipient_private_key_file); -LASSO_EXPORT xmlChar* lasso_str_escape (xmlChar *str); +LASSO_EXPORT xmlChar* lasso_sha1 (xmlChar *str); -LASSO_EXPORT xmlDocPtr lasso_str_sign (xmlChar *str, - lassoSignatureMethod sign_method, - const char *private_key_file); +LASSO_EXPORT xmlChar* lasso_str_escape (xmlChar *str); -LASSO_EXPORT xmlChar* lasso_str_unescape (xmlChar *str); +LASSO_EXPORT xmlDocPtr lasso_str_sign (xmlChar *str, + lassoSignatureMethod sign_method, + const char *private_key_file); + +LASSO_EXPORT xmlChar* lasso_str_unescape (xmlChar *str); #ifdef __cplusplus } |