cert.c revision 1.13 
1/*	$OpenBSD: cert.c,v 1.13 2000/03/08 08:42:48 niklas Exp $	*/
2/*	$EOM: cert.c,v 1.15 2000/03/07 23:37:54 ho Exp $	*/
3
4/*
5 * Copyright (c) 1998, 1999 Niels Provos.  All rights reserved.
6 * Copyright (c) 1999, 2000 Niklas Hallqvist.  All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 * 1. Redistributions of source code must retain the above copyright
12 *    notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 *    notice, this list of conditions and the following disclaimer in the
15 *    documentation and/or other materials provided with the distribution.
16 * 3. All advertising materials mentioning features or use of this software
17 *    must display the following acknowledgement:
18 *	This product includes software developed by Ericsson Radio Systems.
19 * 4. The name of the author may not be used to endorse or promote products
20 *    derived from this software without specific prior written permission.
21 *
22 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
23 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
24 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
25 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
26 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
27 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
28 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
29 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
30 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
31 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
32 */
33
34/*
35 * This code was written under funding by Ericsson Radio Systems.
36 */
37
38#include <sys/param.h>
39#include <stdio.h>
40#include <stdlib.h>
41#include <string.h>
42
43#include "sysdep.h"
44
45#ifdef KAME
46#  include <openssl/ssl.h>
47#else
48#  include <ssl/ssl.h>
49#endif
50
51#include "cert.h"
52#include "isakmp_num.h"
53#include "log.h"
54#include "x509.h"
55
56struct cert_handler cert_handler[] = {
57#ifdef USE_X509
58  {
59    ISAKMP_CERTENC_X509_SIG,
60    x509_cert_init, x509_cert_get, x509_cert_validate,
61    x509_cert_insert, x509_cert_free,
62    x509_certreq_validate, x509_certreq_decode, x509_free_aca,
63    x509_cert_obtain, x509_cert_get_key, x509_cert_get_subject
64  }
65#endif
66};
67
68/* Initialize all certificate handlers */
69
70int
71cert_init (void)
72{
73  int i, err = 1;
74
75  for (i = 0; i < sizeof cert_handler / sizeof cert_handler[0]; i++)
76    if (cert_handler[i].cert_init && !(*cert_handler[i].cert_init) ())
77      err = 0;
78
79  return err;
80}
81
82struct cert_handler *
83cert_get (u_int16_t id)
84{
85  int i;
86
87  for (i = 0; i < sizeof cert_handler / sizeof cert_handler[0]; i++)
88    if (id == cert_handler[i].id)
89      return &cert_handler[i];
90  return 0;
91}
92
93/* Decode a CERTREQ and return a parsed structure.  */
94struct certreq_aca *
95certreq_decode (u_int16_t type, u_int8_t *data, u_int32_t datalen)
96{
97  struct cert_handler *handler;
98  struct certreq_aca aca, *ret;
99
100  handler = cert_get (type);
101  if (!handler)
102    return 0;
103
104  aca.id = type;
105  aca.handler = handler;
106
107  if (datalen > 0)
108    {
109      aca.data = handler->certreq_decode (data, datalen);
110      if (!aca.data)
111	return 0;
112    }
113  else
114    aca.data = 0;
115
116  ret = malloc (sizeof aca);
117  if (!ret)
118    {
119      log_error ("certreq_decode: malloc (%d) failed", sizeof aca);
120      handler->free_aca (aca.data);
121      return 0;
122    }
123
124  memcpy (ret, &aca, sizeof aca);
125
126  return ret;
127}
128