NameConstraints.cpp

Go to the documentation of this file.
00001 
00009 #include "NameConstraints.h"
00010 #include "OID.h"
00011 #include "Buffer.h"
00012 #include "GeneralSubtree.h"
00013 #include "ToolkitUtils.h"
00014 #include "PKIFNameMemoryHelper.h"
00015 #include "Name.h"
00016 
00017 #include "ASN1Helper.h"
00018 #include "PKIX1Implicit88.h"
00019 #include "PKIX1Explicit88.h"
00020 
00021 #include "boost/cstdint.hpp"
00022 #include "boost/numeric/conversion/cast.hpp"
00023 #include "boost/asio/ip/address_v4.hpp"
00024 #include "boost/asio/ip/address_v6.hpp"
00025 
00026 using boost::asio::ip::address_v4;
00027 using boost::asio::ip::address_v6;
00028 
00029 using namespace boost;
00030 using namespace boost::asio;
00031 
00032 using boost::numeric_cast;
00033 using boost::bad_numeric_cast;
00034 using namespace std;
00035 
00036 string DecIP(CPKIFBufferPtr& encodedIP);
00037 void FreeList(DList* asn1rtdlist);
00039 
00040 struct CPKIFNameConstraintsImpl
00041 {
00042     CPKIFGeneralSubtreeListPtr m_perm;
00043     CPKIFGeneralSubtreeListPtr m_excl;
00044     CPKIFBufferPtr m_value;
00045     bool m_extModified;
00046 };
00047 
00049 
00050 char CPKIFNameConstraints::extOID[] =           "2.5.29.30";
00051 
00059 CPKIFNameConstraints::CPKIFNameConstraints()
00060   :m_impl (new CPKIFNameConstraintsImpl)
00061 {
00062 }
00070 CPKIFGeneralSubtreeListPtr CPKIFNameConstraints::GetPermitted() const 
00071 {
00072     return m_impl->m_perm;
00073 }
00081 void CPKIFNameConstraints::SetPermitted(CPKIFGeneralSubtreeListPtr& perm)  
00082 {
00083     m_impl->m_perm = perm;
00084     m_impl->m_extModified = true;
00085 }
00093 CPKIFGeneralSubtreeListPtr CPKIFNameConstraints::GetExcluded() const 
00094 {
00095     return m_impl->m_excl;
00096 }
00104 void CPKIFNameConstraints::SetExcluded(CPKIFGeneralSubtreeListPtr &excl)  
00105 {
00106     m_impl->m_excl = excl;
00107     m_impl->m_extModified = true;
00108 }
00117 //CPKIFNameConstraints::CPKIFNameConstraints(
00118 //  //![in] Reference to an internal structure representation of the extension containing information used to construct the object
00119 //  const CACX509V3Extension& ext) 
00120 //  : CPKIFX509Extension(ext), m_impl (new CPKIFNameConstraintsImpl)
00121 //{
00122 //  CACASNWRAPPER_CREATE(CACX509V3NameConstraints, objPDU);
00123 //  objPDU.Decode(ext.extnValue.data, ext.extnValue.numocts);
00124 //
00125 //  if(objPDU->m.permittedSubtreesPresent)
00126 //  {
00127 //      CPKIFGeneralSubtreeListPtr tmpGSList(new CPKIFGeneralSubtreeList);
00128 //      DListNode* cur = objPDU->permittedSubtrees.head;
00129 //      for(unsigned int ii = 0; ii < objPDU->permittedSubtrees.count; ++ii)
00130 //      {
00131 //          CPKIFGeneralSubtreePtr tmpGS(new CPKIFGeneralSubtree(*(CACX509V3GeneralSubtree*)cur->data));
00132 //          tmpGSList->push_back(tmpGS);
00133 //
00134 //          cur = cur->next;
00135 //      }
00136 //      m_impl->m_perm = tmpGSList;
00137 //  }
00138 //
00139 //  if(objPDU->m.excludedSubtreesPresent)
00140 //  {
00141 //      CPKIFGeneralSubtreeListPtr tmpGSList(new CPKIFGeneralSubtreeList);
00142 //      DListNode* cur = objPDU->excludedSubtrees.head;
00143 //      for(unsigned int ii = 0; ii < objPDU->excludedSubtrees.count; ++ii)
00144 //      {
00145 //          CPKIFGeneralSubtreePtr tmpGS(new CPKIFGeneralSubtree(*(CACX509V3GeneralSubtree*)cur->data));
00146 //          tmpGSList->push_back(tmpGS);
00147 //
00148 //          cur = cur->next;
00149 //      }
00150 //      m_impl->m_excl = tmpGSList;
00151 //  }
00152 //}
00153 
00162 CPKIFNameConstraints::CPKIFNameConstraints(
00163     const bool& criticality,
00164     const CPKIFBufferPtr& ext) 
00165   : CPKIFX509Extension (criticality, ext), m_impl (new CPKIFNameConstraintsImpl)
00166 {
00167     CACASNWRAPPER_CREATE(CACX509V3NameConstraints, objPDU);
00168     objPDU.Decode(ext->GetBuffer(), ext->GetLength());
00169 
00170     if(objPDU->m.permittedSubtreesPresent)
00171     {
00172         CPKIFGeneralSubtreeListPtr tmpGSList(new CPKIFGeneralSubtreeList);
00173         DListNode* cur = objPDU->permittedSubtrees.head;
00174         for(unsigned int ii = 0; ii < objPDU->permittedSubtrees.count; ++ii)
00175         {
00176             ASN1OpenType* openType = (ASN1OpenType*)cur->data;
00177 
00178             CPKIFBufferPtr tmpBuffer(new CPKIFBuffer(openType->data, openType->numocts));
00179 
00180             //CPKIFGeneralSubtreePtr tmpGS(new CPKIFGeneralSubtree(*(CACX509V3GeneralSubtree*)cur->data));
00181             CPKIFGeneralSubtreePtr tmpGS(new CPKIFGeneralSubtree(tmpBuffer));
00182             tmpGSList->push_back(tmpGS);
00183 
00184             cur = cur->next;
00185         }
00186         m_impl->m_perm = tmpGSList;
00187     }
00188 
00189     if(objPDU->m.excludedSubtreesPresent)
00190     {
00191         CPKIFGeneralSubtreeListPtr tmpGSList(new CPKIFGeneralSubtreeList);
00192         DListNode* cur = objPDU->excludedSubtrees.head;
00193         for(unsigned int ii = 0; ii < objPDU->excludedSubtrees.count; ++ii)
00194         {
00195             ASN1OpenType* openType = (ASN1OpenType*)cur->data;
00196             CPKIFBufferPtr tmpBuffer(new CPKIFBuffer(openType->data, openType->numocts));
00197             //CPKIFGeneralSubtreePtr tmpGS(new CPKIFGeneralSubtree(*(CACX509V3GeneralSubtree*)cur->data));
00198             CPKIFGeneralSubtreePtr tmpGS(new CPKIFGeneralSubtree(tmpBuffer));
00199             tmpGSList->push_back(tmpGS);
00200 
00201             cur = cur->next;
00202         }
00203         m_impl->m_excl = tmpGSList;
00204     }
00205 
00206     m_impl->m_value = ext;
00207     m_impl->m_extModified = false;
00208 }
00209 
00217 CPKIFNameConstraints::~CPKIFNameConstraints()
00218 {
00219     if(m_impl)
00220     {
00221         delete m_impl;
00222         m_impl = 0;
00223     }
00224 }
00232 const CPKIFOIDPtr CPKIFNameConstraints::oid() const
00233 {
00234     //added static variable for copying instead of string creation each call
00235     static CPKIFOID staticOID(extOID);
00236     //CPKIFOIDPtr tmp(new CPKIFOID(new std::string(extOID)));
00237     static CPKIFOIDPtr tmp(new CPKIFOID(staticOID));
00238     return tmp;
00239 }
00240 
00248 CPKIFBufferPtr CPKIFNameConstraints::value() const 
00249 {
00250     if(m_impl->m_value == (CPKIFBuffer*)NULL || m_impl->m_extModified)
00251     {
00252         CACASNWRAPPER_CREATE(CACX509V3NameConstraints, objPDU);
00253         CACX509V3NameConstraints nameConst; 
00254         memset(&nameConst, 0, sizeof(CACX509V3NameConstraints));
00255 
00256         if(m_impl->m_perm != (CPKIFGeneralSubtreeList*)NULL && !m_impl->m_perm->empty())
00257         {
00258             nameConst.m.permittedSubtreesPresent = 1;
00259 
00260             DListNode* cur = NULL;
00261             CPKIFGeneralSubtreeList::iterator pos;
00262             CPKIFGeneralSubtreeList::iterator end = m_impl->m_perm->end();
00263             for(pos = m_impl->m_perm->begin(); pos != end; ++pos)
00264             {
00265                 
00266                 if(NULL == cur)
00267                 {
00268                     NEW_NODE(cur)
00269                 }
00270                 else
00271                 {
00272                     NEW_NEXT_AND_ADVANCE(cur)
00273                 }
00274 
00275                 CACASNWRAPPER_CREATE(CACX509V3GeneralSubtree, objGenSubtree);
00276                 CACX509V3GeneralSubtree permSubtree;
00277 
00278                 permSubtree.minimum = (*pos)->GetMin();
00279                 if((*pos)->GetMax() == -1)
00280                     permSubtree.m.maximumPresent = 0;
00281                 else
00282                 {
00283                     permSubtree.maximum = (*pos)->GetMax();
00284                     permSubtree.m.maximumPresent = 1;
00285                 }
00286                 CPKIFGeneralNamePtr base = (*pos)->GetBase();
00287 
00288                 CACASNWRAPPER_CREATE(CACX509V3GeneralName, objGenName);
00289                 CPKIFBufferPtr tmp;
00290                 switch(base->GetType())
00291                 {
00292                     case CPKIFGeneralName::RFC822:
00293                     {
00294                         tmp = base->Encoded(); //GetEncGenNameFromStr((unsigned char *)(base->rfc822Name()), CPKIFGeneralName::RFC822);
00295                             
00296                         objGenName.Decode(tmp->GetBuffer(), tmp->GetLength());
00297                         permSubtree.base = *(objGenName.data());
00298                     }
00299                     break;
00300                     case CPKIFGeneralName::DNSNAME:
00301                     {
00302                         tmp = base->Encoded(); //GetEncGenNameFromStr((unsigned char *)(base->dnsName()), CPKIFGeneralName::DNSNAME);
00303                         objGenName.Decode(tmp->GetBuffer(), tmp->GetLength());
00304                         permSubtree.base = *(objGenName.data());
00305                     }
00306                     break;
00307                     case CPKIFGeneralName::DIRECTORYNAME:
00308                     {       
00309                         tmp = base->Encoded(); //GetEncGenNameFromStr((unsigned char *)(base->directoryName()->ToString()), CPKIFGeneralName::DIRECTORYNAME);
00310                         objGenName.Decode(tmp->GetBuffer(), tmp->GetLength());
00311                         permSubtree.base = *(objGenName.data());
00312                     }
00313                     break;
00314                     case CPKIFGeneralName::URI:
00315                     {
00316                         tmp = base->Encoded(); //GetEncGenNameFromStr((unsigned char *)(base->uri()), CPKIFGeneralName::URI);
00317                         objGenName.Decode(tmp->GetBuffer(), tmp->GetLength());
00318                         permSubtree.base = *(objGenName.data());
00319                     }
00320                     break;
00321                     case CPKIFGeneralName::IPADDRESS:
00322                     {
00323                         CPKIFBufferPtr ip = base->ipAddress();
00324                         string ipStr = DecIP(ip);
00325                         tmp = base->Encoded(); //GetEncGenNameFromStr((unsigned char *)(ipStr.c_str()), CPKIFGeneralName::IPADDRESS);
00326                         objGenName.Decode(tmp->GetBuffer(), tmp->GetLength());
00327                         permSubtree.base = *(objGenName.data());
00328                     }
00329                     break;
00330                 }
00331 
00332                 ASN1OpenType* data2 = objGenSubtree.Encode(&permSubtree);
00333 
00334                 cur->data = new ASN1OpenType;
00335                 ((ASN1OpenType*)cur->data)->data = new unsigned char[data2->numocts];
00336                 memcpy((void*)((ASN1OpenType*)cur->data)->data, data2->data, data2->numocts);
00337                 ((ASN1OpenType*)cur->data)->numocts = data2->numocts;
00338 
00339                 SET_HEAD_TAIL_INCREMENT(nameConst.permittedSubtrees, cur)
00340 
00341                 delete data2;
00342             }
00343         }
00344         if(m_impl->m_excl != (CPKIFGeneralSubtreeList*)NULL && !m_impl->m_excl->empty())
00345         {
00346             nameConst.m.excludedSubtreesPresent = 1;
00347 
00348             DListNode* cur = NULL;
00349             CPKIFGeneralSubtreeList::iterator pos;
00350             CPKIFGeneralSubtreeList::iterator end = m_impl->m_excl->end();
00351             for(pos = m_impl->m_excl->begin(); pos != end; ++pos)
00352             {
00353                 
00354                 if(NULL == cur)
00355                 {
00356                     NEW_NODE(cur)
00357                 }
00358                 else
00359                 {
00360                     NEW_NEXT_AND_ADVANCE(cur)
00361                 }
00362 
00363                 CACASNWRAPPER_CREATE(CACX509V3GeneralSubtree, objGenSubtree);
00364                 CACX509V3GeneralSubtree exclSubtree;
00365 
00366                 exclSubtree.minimum = (*pos)->GetMin();
00367                 if((*pos)->GetMax() == -1)
00368                     exclSubtree.m.maximumPresent = 0;
00369                 else
00370                 {
00371                     exclSubtree.maximum = (*pos)->GetMax();
00372                     exclSubtree.m.maximumPresent = 1;
00373                 }
00374 
00375                 CPKIFGeneralNamePtr base = (*pos)->GetBase();
00376 
00377                 CACASNWRAPPER_CREATE(CACX509V3GeneralName, objGenName);
00378                 CPKIFBufferPtr tmp(new CPKIFBuffer());
00379                 switch(base->GetType())
00380                 {
00381                     case CPKIFGeneralName::RFC822:
00382                     {
00383                         tmp = base->Encoded(); //GetEncGenNameFromStr((unsigned char *)(base->rfc822Name()), CPKIFGeneralName::RFC822);
00384                             
00385                         objGenName.Decode(tmp->GetBuffer(), tmp->GetLength());
00386                         exclSubtree.base = *(objGenName.data());
00387                     }
00388                     break;
00389                     case CPKIFGeneralName::DNSNAME:
00390                     {
00391                         tmp = base->Encoded(); //GetEncGenNameFromStr((unsigned char *)(base->dnsName()), CPKIFGeneralName::DNSNAME);
00392                         objGenName.Decode(tmp->GetBuffer(), tmp->GetLength());
00393                         exclSubtree.base = *(objGenName.data());
00394                     }
00395                     break;
00396                     case CPKIFGeneralName::DIRECTORYNAME:
00397                     {       
00398                         tmp = base->Encoded(); //GetEncGenNameFromStr((unsigned char *)(base->directoryName()->ToString()), CPKIFGeneralName::DIRECTORYNAME);
00399                         objGenName.Decode(tmp->GetBuffer(), tmp->GetLength());
00400                         exclSubtree.base = *(objGenName.data());
00401                     }
00402                     break;
00403                     case CPKIFGeneralName::URI:
00404                     {
00405                         tmp = base->Encoded(); //GetEncGenNameFromStr((unsigned char *)(base->uri()), CPKIFGeneralName::URI);
00406                         objGenName.Decode(tmp->GetBuffer(), tmp->GetLength());
00407                         exclSubtree.base = *(objGenName.data());
00408                     }
00409                     break;
00410                     case CPKIFGeneralName::IPADDRESS:
00411                     {
00412                         CPKIFBufferPtr ip = base->ipAddress();
00413                         string ipStr = DecIP(ip);
00414                         tmp = base->Encoded(); //GetEncGenNameFromStr((unsigned char *)(ipStr.c_str()), CPKIFGeneralName::IPADDRESS);
00415                         objGenName.Decode(tmp->GetBuffer(), tmp->GetLength());
00416                         exclSubtree.base = *(objGenName.data());
00417                     }
00418                     break;
00419                 }
00420 
00421                 ASN1OpenType* data2 = objGenSubtree.Encode(&exclSubtree);
00422 
00423                 cur->data = new ASN1OpenType;
00424                 ((ASN1OpenType*)cur->data)->data = new unsigned char[data2->numocts];
00425                 memcpy((void*)((ASN1OpenType*)cur->data)->data, data2->data, data2->numocts);
00426                 ((ASN1OpenType*)cur->data)->numocts = data2->numocts;
00427 
00428                 SET_HEAD_TAIL_INCREMENT(nameConst.excludedSubtrees, cur)
00429 
00430                 delete data2;
00431             }
00432         }
00433         ASN1OpenType* extEncoded = objPDU.Encode(&nameConst);
00434         CPKIFBufferPtr tmp(new CPKIFBuffer(extEncoded->data, extEncoded->numocts));
00435 
00436         m_impl->m_value = tmp;
00437 
00438         FreeList(&nameConst.excludedSubtrees);
00439         FreeList(&nameConst.permittedSubtrees);
00440         delete extEncoded;
00441         m_impl->m_extModified = false;
00442     }
00443 
00444     return m_impl->m_value;
00445 }
00446 
00454 string DecIP(
00456     CPKIFBufferPtr& encodedIP)
00457 {
00458     string rv = "";
00459     if(encodedIP->GetLength() == 32)
00460     {   
00461         try {
00462             ip::address_v6::bytes_type bytesAddr;
00463             memcpy(bytesAddr.c_array(), encodedIP->GetBuffer(),encodedIP->GetLength()/2);
00464             ip::address_v6 addr(bytesAddr);
00465             rv = addr.to_string();
00466 
00467             rv+="/";
00468 
00469             ip::address_v6::bytes_type bytesMask;
00470             memcpy(bytesMask.c_array(), encodedIP->GetBuffer()+encodedIP->GetLength()/2,encodedIP->GetLength()/2);
00471             ip::address_v6 mask(bytesMask);
00472             string sMask = mask.to_string();
00473 
00474             rv +=sMask;
00475         } catch(std::exception &) {
00476             throw;
00477         }
00478 
00479     }
00480     else if(encodedIP->GetLength() == 8)
00481     {
00482         ip::address_v4::bytes_type bytesAddr;
00483         memcpy(bytesAddr.c_array(), encodedIP->GetBuffer(),encodedIP->GetLength()/2);
00484         ip::address_v4 addr(bytesAddr);
00485         rv = addr.to_string();
00486 
00487         rv+="/";
00488 
00489         ip::address_v4::bytes_type bytesMask;
00490         memcpy(bytesMask.c_array(), encodedIP->GetBuffer()+encodedIP->GetLength()/2,encodedIP->GetLength()/2);
00491         ip::address_v4 mask(bytesMask);
00492         string sMask = mask.to_string();
00493 
00494         rv +=sMask;
00495     }
00496     return rv;
00497 
00498 }
00499 
00500 CAC_API std::ostream& operator<<(std::ostream & os, const CPKIFNameConstraintsPtr & extension)
00501 {
00502     return operator<<(os,*extension);
00503 }
00504 
00505 CAC_API std::ostream& operator<<(std::ostream & os, const CPKIFNameConstraints & extension)
00506 {
00507     CPKIFGeneralSubtreesPtr perm = extension.GetPermitted();
00508     bool output = false;
00509     if(perm)
00510     {
00511         output = true;
00512         os << "Permitted Subtrees: " << endl;
00513         CPKIFGeneralSubtrees::iterator pos;
00514         CPKIFGeneralSubtrees::iterator end = perm->end();
00515         int count = 1;
00516         for(pos = perm->begin(); pos != end; ++pos)
00517         {
00518             os << endl;
00519             int max = (*pos)->GetMax();
00520             int min = (*pos)->GetMin();
00521             if(max == -1)
00522                 os << "\t[" << count <<"] (" << min << "..Max): " << endl;
00523             else
00524                 os << "\t[" << count <<"] (" << min << ".." << max << "):" << endl;
00525             CPKIFGeneralNamePtr gn = (*pos)->GetBase();
00526             if(gn) os << gn;
00527             count++;
00528         }
00529     }
00530     CPKIFGeneralSubtreesPtr excl = extension.GetExcluded();
00531     if(excl)
00532     {
00533         if(output) os << endl;
00534         os << "Excluded Subtrees";
00535         CPKIFGeneralSubtrees::iterator pos;
00536         CPKIFGeneralSubtrees::iterator end = excl->end();
00537         int count = 1;
00538         for(pos = excl->begin(); pos != end; ++pos)
00539         {
00540             os << endl;
00541             int max = (*pos)->GetMax();
00542             int min = (*pos)->GetMin();
00543             if(max == -1)
00544                 os << "\t[" << count <<"] (" << min << "..Max): " << endl;
00545             else
00546                 os << "\t[" << count <<"] (" << min << ".." << max << "):" << endl;
00547             CPKIFGeneralNamePtr gn = (*pos)->GetBase();
00548             if(gn) os << "\t\t" << gn;
00549             count++;
00550         }
00551     }
00552     return os;
00553 }
Generated on Mon Nov 15 11:15:51 2010 for PublicKeyInfrastructureFramework(PKIF) by  doxygen 1.5.6