1/* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 22/* 23 * Copyright (c) 2010, Oracle and/or its affiliates. All rights reserved. 24 */ 25 26/** 27 * \file KMSAgentPKICommon.cpp 28 */ 29#include <stdio.h> 30 31#include "SYSCommon.h" 32#include "KMSAgentPKICommon.h" 33#include "KMSAgentStringUtilities.h" 34 35#include "KMSAgent_direct.h" 36 37 38////////////////////////////////////////////////////////////////////// 39// Construction/Destruction 40////////////////////////////////////////////////////////////////////// 41 42CPKI::CPKI() 43{ 44 m_iKeyLength = DEFAULT_KEY_SIZE; 45 46 // used for CA 47 m_pCACertificate = NULL; 48 m_pCAPrivateKey = NULL; 49} 50 51// BEN - make these 52// global lengths 53int iLength1 = 0; 54int iLength2 = 0; 55 56// THIS CAN'T BE STACK DATA - TOO BIG 57static unsigned char aTempBuffer[MAX_CERT_SIZE + MAX_KEY_SIZE]; 58#ifdef METAWARE 59static char aNotherTempBuffer[50]; 60#endif 61 62// used by StoreAgentPKI - KMSAgentStorage.cpp 63 64bool CPKI::ExportCertAndKeyToFile( 65 CCertificate* const i_pCertificate, 66 CPrivateKey* const i_pPrivateKey, 67 const char* const i_pcFileName, 68 const char* const i_sPassphrase, 69 EnumPKIFileFormat i_eFileFormat ) 70{ 71 FATAL_ASSERT( i_pCertificate && i_pPrivateKey && i_pcFileName ); 72 73 74 memset( aTempBuffer, 0, MAX_CERT_SIZE + MAX_KEY_SIZE ); 75 76#ifdef KMSUSERPKCS12 77 if ( i_eFileFormat == FILE_FORMAT_PKCS12 ) 78 { 79 if ( !i_pCertificate->SavePKCS12(aTempBuffer, 80 MAX_CERT_SIZE, 81 &iLength1, 82 i_pPrivateKey, 83 (char*)i_sPassphrase ) ) 84 { 85 return false; 86 } 87 } else { 88#endif 89 90 // Overloaded Save method implemented in KMSAgentPKICert.cpp 91 // this method saves Certificate to the temporary buffer, not a file 92 // but a side effect is to get the actual file length 93 if ( !i_pCertificate->Save(aTempBuffer, 94 MAX_CERT_SIZE, 95 &iLength1, /* returned - actual length 96 written */ 97 i_eFileFormat) ) 98 { 99 return false; 100 } 101 102 // Overloaded Save method implemented in KMSAgentPKIKey.cpp 103 // this method saves keys to the temporary buffer, not a file, 104 // but a side effect is to get the actual file length 105 if ( !i_pPrivateKey->Save(aTempBuffer + iLength1, 106 MAX_KEY_SIZE, 107 &iLength2, /* returned - actual length 108 written */ 109 i_sPassphrase, 110 i_eFileFormat) ) 111 { 112 return false; 113 } 114 115#ifdef KMSUSERPKCS12 116 } 117#endif 118 119 // now write the temporary buffer to a file 120 myFILE* pFile = fopen( i_pcFileName, "wb" ); 121 if ( pFile == NULL ) 122 { 123 return false; 124 } 125 126#ifdef KMSUSERPKCS12 127#ifdef K_SOLARIS_PLATFORM 128 int fd = fileno(pFile); 129 130 /* Make sure this file is read/write for the OWNER only! */ 131 (void) fchmod(fd, 0600); 132#endif 133#endif 134 135#ifdef METAWARE 136 // write out the two file lengths 137 snprintf(aNotherTempBuffer, sizeof(aNotherTempBuffer), "iLength1=%x\n", iLength1); 138 fputs((const char*)aNotherTempBuffer, pFile); 139 140 snprintf(aNotherTempBuffer, sizeof(aNotherTempBuffer), "iLength2=%x\n", iLength2); 141 fputs((const char*)aNotherTempBuffer, pFile); 142#endif 143 144 int iBytesWritten = fwrite( (const char*)aTempBuffer, // from 145 1, // size 146 iLength1+iLength2, // actual file length 147 pFile ); // to-file 148 149 fclose( pFile ); 150 151 return ( iBytesWritten == (iLength1+iLength2) ); 152} 153 154 155CPKI::~CPKI() 156{ 157 // empty 158} 159 160