cert.c revision 1.13
1/* $OpenBSD: cert.c,v 1.13 2000/03/08 08:42:48 niklas Exp $ */ 2/* $EOM: cert.c,v 1.15 2000/03/07 23:37:54 ho Exp $ */ 3 4/* 5 * Copyright (c) 1998, 1999 Niels Provos. All rights reserved. 6 * Copyright (c) 1999, 2000 Niklas Hallqvist. All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 3. All advertising materials mentioning features or use of this software 17 * must display the following acknowledgement: 18 * This product includes software developed by Ericsson Radio Systems. 19 * 4. The name of the author may not be used to endorse or promote products 20 * derived from this software without specific prior written permission. 21 * 22 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 23 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 24 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 25 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 26 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 27 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 28 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 29 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 30 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 31 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 32 */ 33 34/* 35 * This code was written under funding by Ericsson Radio Systems. 36 */ 37 38#include <sys/param.h> 39#include <stdio.h> 40#include <stdlib.h> 41#include <string.h> 42 43#include "sysdep.h" 44 45#ifdef KAME 46# include <openssl/ssl.h> 47#else 48# include <ssl/ssl.h> 49#endif 50 51#include "cert.h" 52#include "isakmp_num.h" 53#include "log.h" 54#include "x509.h" 55 56struct cert_handler cert_handler[] = { 57#ifdef USE_X509 58 { 59 ISAKMP_CERTENC_X509_SIG, 60 x509_cert_init, x509_cert_get, x509_cert_validate, 61 x509_cert_insert, x509_cert_free, 62 x509_certreq_validate, x509_certreq_decode, x509_free_aca, 63 x509_cert_obtain, x509_cert_get_key, x509_cert_get_subject 64 } 65#endif 66}; 67 68/* Initialize all certificate handlers */ 69 70int 71cert_init (void) 72{ 73 int i, err = 1; 74 75 for (i = 0; i < sizeof cert_handler / sizeof cert_handler[0]; i++) 76 if (cert_handler[i].cert_init && !(*cert_handler[i].cert_init) ()) 77 err = 0; 78 79 return err; 80} 81 82struct cert_handler * 83cert_get (u_int16_t id) 84{ 85 int i; 86 87 for (i = 0; i < sizeof cert_handler / sizeof cert_handler[0]; i++) 88 if (id == cert_handler[i].id) 89 return &cert_handler[i]; 90 return 0; 91} 92 93/* Decode a CERTREQ and return a parsed structure. */ 94struct certreq_aca * 95certreq_decode (u_int16_t type, u_int8_t *data, u_int32_t datalen) 96{ 97 struct cert_handler *handler; 98 struct certreq_aca aca, *ret; 99 100 handler = cert_get (type); 101 if (!handler) 102 return 0; 103 104 aca.id = type; 105 aca.handler = handler; 106 107 if (datalen > 0) 108 { 109 aca.data = handler->certreq_decode (data, datalen); 110 if (!aca.data) 111 return 0; 112 } 113 else 114 aca.data = 0; 115 116 ret = malloc (sizeof aca); 117 if (!ret) 118 { 119 log_error ("certreq_decode: malloc (%d) failed", sizeof aca); 120 handler->free_aca (aca.data); 121 return 0; 122 } 123 124 memcpy (ret, &aca, sizeof aca); 125 126 return ret; 127} 128