PKIFX509Extensions2.cpp

Go to the documentation of this file.
00001 
00009 #include "PKIFX509Extensions2.h"
00010 #include "PKIFException.h"
00011 #include "IPKIFColleague.h"
00012 #include "NameConstraintsFactory.h"
00013 #include "ToolkitUtils.h"
00014 #include "PKIFCommonErrors.h"
00015 #include "ASN1Helper.h"
00016 
00017 #include "AuthorityKeyIdentifierFactory.h"
00018 #include "SubjectKeyIdentifierFactory.h"
00019 #include "KeyUsageFactory.h"
00020 #include "ExtendedKeyUsageFactory.h"
00021 #include "PrivateKeyUsageFactory.h"
00022 #include "PolicyInformationSetFactory.h"
00023 #include "PolicyMappingsFactory.h"
00024 #include "SubjectAltNameFactory.h"
00025 #include "IssuerAltNameFactory.h"
00026 #include "BasicConstraintsFactory.h"
00027 #include "PolicyConstraintsFactory.h"
00028 #include "InhibitAnyPolicyFactory.h"
00029 #include "CRLNumberFactory.h"
00030 #include "CRLReasonFactory.h"
00031 #include "HoldInstructionCodeFactory.h"
00032 #include "InvalidityDateFactory.h"
00033 #include "CRLStreamIdentifierFactory.h"
00034 #include "CRLDistributionPointsFactory.h"
00035 #include "IssuingDistributionPointFactory.h"
00036 #include "CertificateIssuerFactory.h"
00037 #include "DeltaCRLIndicatorFactory.h"
00038 #include "FreshestCRLFactory.h"
00039 #include "AuthorityInfoAccessFactory.h"
00040 #include "SubjectInfoAccessFactory.h"
00041 #include "Buffer.h"
00042 #include "OID.h"
00043 #include "X509Extension.h"
00044 #include "ScopeGuard.h"
00045 
00046 #ifdef _WIN32
00047 #ifdef _DEBUG
00048 #include "crtdbg.h"
00049 #endif //_DEBUG
00050 #endif //_WIN32
00051 
00052 #include <map>
00053 #include "boost/thread/recursive_mutex.hpp"
00054 using namespace std;
00056 
00057 CPKIFX509ExtensionMediator2 * CPKIFX509ExtensionMediator2::m_hInstance = 0;
00058 
00059 struct CPKIFX509ExtensionMediator2Impl
00060 {
00061     std::vector<IPKIFColleague*> m_vModules;
00062     std::vector<IPKIFColleague*> m_vModulesToDelete;
00063     boost::recursive_mutex m_me;
00064 };
00065 
00067 
00074 CPKIFX509ExtensionMediator2 * CPKIFX509ExtensionMediator2::GetInstance(void)
00075 {
00076     if(m_hInstance) return m_hInstance;
00077     m_hInstance = new CPKIFX509ExtensionMediator2();
00078     m_hInstance->InitializeMediator(0);
00079     return m_hInstance;
00080 }
00081 
00089 CPKIFX509ExtensionMediator2::CPKIFX509ExtensionMediator2(void)
00090   :m_impl (new CPKIFX509ExtensionMediator2Impl)
00091 {
00092 }
00093 
00101 CPKIFX509ExtensionMediator2::~CPKIFX509ExtensionMediator2(void)
00102 {
00103     if(m_impl)
00104     {
00105         try
00106         {
00107             //6/2/2004
00108             //replaced FreeAdditionalModules call with Terminate
00109             //clean up any modules that were added using AddColleague
00110             //FreeAdditionalModules(m_impl->m_vModulesToDelete, this);
00111             Terminate();
00112         }
00113         catch(...)
00114         {
00115             _ASSERT(false);
00116         }
00117 
00118         delete m_impl;
00119         m_impl = 0;
00120     }
00121     // if the singleton's being deleted, set the pointer so that
00122     // GetInstance() will create a new one
00123     if(m_hInstance == this) // this should really always be true if this d'tor is invoked
00124     {
00125         m_hInstance = 0;
00126     }
00127 }
00128 
00136 void CPKIFX509ExtensionMediator2::Terminate()
00137 {
00138     m_impl->m_vModules.clear();
00139     FreeAdditionalModules(m_impl->m_vModulesToDelete, this);
00140 }
00141 
00179 void CPKIFX509ExtensionMediator2::InitializeMediator(
00181     std::vector<CPKIFException*>* errorInfo)
00182 {
00183     LOG_STRING_DEBUG("Initializing CPKIFX509ExtensionMediator2 mediator", thisComponent, 0, this);
00184 
00185     if(!m_impl->m_vModules.empty()) {
00186         throw CPKIFException(thisComponent, COMMON_ALREADY_INITIALIZED, "This instance has already been initialized.  Call Terminate prior to re-initializing.");
00187     }
00188     //populate the m_impl->m_vModules vector with any modules that were configured at compile-time
00189     //error information will be collected in the errorInfo parameter if desired
00190     /*if(NULL != errorInfo)
00191         PopulateVectorFunc(m_modules, this, m_impl->m_vModules, *errorInfo);//functon was templated 
00192     else
00193     {
00194         std::vector<CPKIFException*> ei;
00195         PopulateVectorFunc(m_modules, this, m_impl->m_vModules, ei);//function was templated
00196     }*/
00197 
00198     IPKIFColleague *x1 = new CPKIFAuthorityKeyIdentifierFactory(); 
00199     x1->Initialize();
00200     x1->AddParent(this);
00201     m_impl->m_vModules.push_back(x1);
00202     m_impl->m_vModulesToDelete.push_back(x1);
00203 
00204     IPKIFColleague *x2 = new CPKIFSubjectKeyIdentifierFactory();
00205     x2->Initialize();
00206     x2->AddParent(this);
00207     m_impl->m_vModules.push_back(x2);
00208     m_impl->m_vModulesToDelete.push_back(x2);
00209 
00210     IPKIFColleague *x3 = new CPKIFKeyUsageFactory(); 
00211     x3->Initialize();
00212     x3->AddParent(this);
00213     m_impl->m_vModules.push_back(x3);
00214     m_impl->m_vModulesToDelete.push_back(x3);
00215 
00216     IPKIFColleague *x4 = new CPKIFExtendedKeyUsageFactory();
00217     x4->Initialize();
00218     x4->AddParent(this);
00219     m_impl->m_vModules.push_back(x4);
00220     m_impl->m_vModulesToDelete.push_back(x4);
00221 
00222     IPKIFColleague *x5 = new CPKIFPrivateKeyUsageFactory();
00223     x5->Initialize();
00224     x5->AddParent(this);
00225     m_impl->m_vModules.push_back(x5);
00226     m_impl->m_vModulesToDelete.push_back(x5);
00227 
00228     IPKIFColleague *x6 = new CPKIFPolicyInformationSetFactory();
00229     x6->Initialize();
00230     x6->AddParent(this);
00231     m_impl->m_vModules.push_back(x6);
00232     m_impl->m_vModulesToDelete.push_back(x6);
00233 
00234     IPKIFColleague *x7 = new CPKIFPolicyMappingsFactory();
00235     x7->Initialize();
00236     x7->AddParent(this);
00237     m_impl->m_vModules.push_back(x7);
00238     m_impl->m_vModulesToDelete.push_back(x7);
00239 
00240     IPKIFColleague *x8 = new CPKIFSubjectAltNameFactory(); 
00241     x8->Initialize();
00242     x8->AddParent(this);
00243     m_impl->m_vModules.push_back(x8);
00244     m_impl->m_vModulesToDelete.push_back(x8);
00245 
00246     IPKIFColleague *x9 = new CPKIFIssuerAltNameFactory(); 
00247     x9->Initialize();
00248     x9->AddParent(this);
00249     m_impl->m_vModules.push_back(x9);
00250     m_impl->m_vModulesToDelete.push_back(x9);
00251 
00252     IPKIFColleague *x10 = new CPKIFBasicConstraintsFactory(); 
00253     x10->Initialize();
00254     x10->AddParent(this);
00255     m_impl->m_vModules.push_back(x10);
00256     m_impl->m_vModulesToDelete.push_back(x10);
00257 
00258     IPKIFColleague *x11 = new CPKIFNameConstraintsFactory(); 
00259     x11->Initialize();
00260     x11->AddParent(this);
00261     m_impl->m_vModules.push_back(x11);
00262     m_impl->m_vModulesToDelete.push_back(x11);
00263 
00264     IPKIFColleague *x12 = new CPKIFPolicyConstraintsFactory(); 
00265     x12->Initialize();
00266     x12->AddParent(this);
00267     m_impl->m_vModules.push_back(x12);
00268     m_impl->m_vModulesToDelete.push_back(x12);
00269 
00270     IPKIFColleague *x13 = new CPKIFInhibitAnyPolicyFactory(); 
00271     x13->Initialize();
00272     x13->AddParent(this);
00273     m_impl->m_vModules.push_back(x13);
00274     m_impl->m_vModulesToDelete.push_back(x13);
00275 
00276     IPKIFColleague *x14 = new CPKIFCRLNumberFactory(); 
00277     x14->Initialize();
00278     x14->AddParent(this);
00279     m_impl->m_vModules.push_back(x14);
00280     m_impl->m_vModulesToDelete.push_back(x14);
00281 
00282     IPKIFColleague *x15 = new CPKIFCRLReasonFactory(); 
00283     x15->Initialize();
00284     x15->AddParent(this);
00285     m_impl->m_vModules.push_back(x15);
00286     m_impl->m_vModulesToDelete.push_back(x15);
00287 
00288     IPKIFColleague *x16 = new CPKIFHoldInstructionCodeFactory(); 
00289     x16->Initialize();
00290     x16->AddParent(this);
00291     m_impl->m_vModules.push_back(x16);
00292     m_impl->m_vModulesToDelete.push_back(x16);
00293 
00294     IPKIFColleague *x17 = new CPKIFInvalidityDateFactory();
00295     x17->Initialize();
00296     x17->AddParent(this);
00297     m_impl->m_vModules.push_back(x17);
00298     m_impl->m_vModulesToDelete.push_back(x17);
00299 
00300     IPKIFColleague *x18 = new CPKIFCRLStreamIdentifierFactory();    
00301     x18->Initialize();
00302     x18->AddParent(this);
00303     m_impl->m_vModules.push_back(x18);
00304     m_impl->m_vModulesToDelete.push_back(x18);
00305 
00306     IPKIFColleague *x19 = new CPKIFCRLDistributionPointsFactory(); 
00307     x19->Initialize();
00308     x19->AddParent(this);
00309     m_impl->m_vModules.push_back(x19);
00310     m_impl->m_vModulesToDelete.push_back(x19);
00311 
00312     IPKIFColleague *x20 = new CPKIFIssuingDistributionPointFactory(); 
00313     x20->Initialize();
00314     x20->AddParent(this);
00315     m_impl->m_vModules.push_back(x20);
00316     m_impl->m_vModulesToDelete.push_back(x20);
00317 
00318     IPKIFColleague *x21 = new CPKIFCertificateIssuerFactory(); 
00319     x21->Initialize();
00320     x21->AddParent(this);
00321     m_impl->m_vModules.push_back(x21);
00322     m_impl->m_vModulesToDelete.push_back(x21);
00323 
00324     IPKIFColleague *x22 = new CPKIFDeltaCRLIndicatorFactory(); 
00325     x22->Initialize();
00326     x22->AddParent(this);
00327     m_impl->m_vModules.push_back(x22);
00328     m_impl->m_vModulesToDelete.push_back(x22);
00329 
00330     IPKIFColleague *x23 = new CPKIFFreshestCRLFactory();    
00331     x23->Initialize();
00332     x23->AddParent(this);
00333     m_impl->m_vModules.push_back(x23);
00334     m_impl->m_vModulesToDelete.push_back(x23);
00335 
00336     IPKIFColleague *x24 = new CPKIFAuthorityInfoAccessFactory();
00337     x24->Initialize();
00338     x24->AddParent(this);
00339     m_impl->m_vModules.push_back(x24);
00340     m_impl->m_vModulesToDelete.push_back(x24);
00341 
00342     IPKIFColleague *x25 = new CPKIFSubjectInfoAccessFactory();
00343     x25->Initialize();
00344     x25->AddParent(this);
00345     m_impl->m_vModules.push_back(x25);
00346     m_impl->m_vModulesToDelete.push_back(x25);
00347 }
00348 
00356 //CPKIFX509ExtensionPtr CPKIFX509ExtensionMediator2::GetExtension(
00357 //  //![in] A refernce to a CACX509V3Extension object.
00358 //  CACX509V3Extension& refExtension)
00359 //{
00360 //  CPKIFOID oid(refExtension.extnID);
00361 //
00362 //  vector<IPKIFColleague*>::iterator pos;
00363 //  vector<IPKIFColleague*>::iterator end = m_impl->m_vModules.end();
00364 //  ICACExtensionFactory* ext = NULL;
00365 //  for(pos = m_impl->m_vModules.begin(); pos != end; ++pos)
00366 //  {
00367 //      ext = dynamic_cast<ICACExtensionFactory*>(*pos);
00368 //      if(NULL != ext && oid == ext->refOID())
00369 //      {
00370 //          try
00371 //          {
00372 //              CPKIFX509ExtensionPtr tmp = ext->create(refExtension); 
00373 //              return tmp;
00374 //          }
00375 //          catch(...)
00376 //          {
00377 //              //do nothing - if the extension is non-critical we'll let it pass
00378 //              //otherwise it will die in path validation
00379 //              std::string reason("Failed to parse a certificate extension: ");
00380 //              reason.append(oid.ToString());
00381 //              LOG_STRING_FATAL(reason.c_str(), thisComponent, ASN1_DECODE_ERROR, this);
00382 //              break;
00383 //          }
00384 //      }
00385 //  }
00386 //
00387 //  CPKIFX509ExtensionPtr tmpExtPtr(new CPKIFX509Extension(refExtension));
00388 //  return tmpExtPtr;
00389 //}
00397 void CPKIFX509ExtensionMediator2::ParseExtensions(
00399     CPKIFBufferPtr& buf,
00401     vector<CPKIFX509ExtensionPtr>& exts)
00402 {
00403     if (!buf || buf->GetLength () == 0)
00404         return;
00405     
00406     // Decode the asn1 data into a list of extensions
00407     CACASNWRAPPER_CREATE(CACX509V3Extensions, extsWrapper);
00408     CACX509V3Extensions *extsPtr = extsWrapper.Decode(buf->GetBuffer(), buf->GetLength());
00409 
00410     if (extsPtr->count == 0)
00411       return;
00412 
00413     // Build a colleague look-up table
00414     std::map<std::string, ICACExtensionFactory*> OIDMap;
00415     std::string *OIDStrings = new std::string[m_impl->m_vModules.size ()];  
00416     int index = 0;
00417 
00418     vector<IPKIFColleague*>::iterator pos;
00419     vector<IPKIFColleague*>::iterator end = m_impl->m_vModules.end();
00420     for(pos = m_impl->m_vModules.begin(); pos != end; ++pos)
00421     {
00422         ICACExtensionFactory *ext = dynamic_cast<ICACExtensionFactory*>(*pos);
00423         
00424         if (ext)
00425         {
00426             OIDStrings[index] = ext->refOID();
00427             OIDMap[OIDStrings[index]] = ext;
00428             ++index;
00429         }
00430     }
00431 
00432     //iterate over the list of extensions and populate the extensions vector
00433     DListNode* cur = extsPtr->head;
00434     for(unsigned int i = 0; i < extsPtr->count; ++i)
00435     {
00436         CACX509V3Extension *ext = static_cast<CACX509V3Extension*>(cur->data);
00437         CPKIFOIDPtr cpkifOIDPtr (new CPKIFOID (ext->extnID.subid, ext->extnID.numids));
00438         std::string OID = cpkifOIDPtr->ToString();
00439         std::map<std::string, ICACExtensionFactory*>::iterator itr = OIDMap.find (OID);
00440 
00441         // We first have to create the buffer to hold the data and it's length.
00442         CPKIFBufferPtr extensionBufPtr(new CPKIFBuffer (ext->extnValue.data, ext->extnValue.numocts));
00443         bool criticality = false;
00444 
00445         if(FALSE == ext->critical)
00446           criticality = false;
00447         else
00448           criticality = true;
00449 
00450         if (itr != OIDMap.end ()) 
00451         {
00452             // Use the colleague to parse the extension
00453             try
00454             {
00455                 CPKIFX509ExtensionPtr anExtPtr = (*itr).second->create (criticality, extensionBufPtr);
00456                 exts.push_back (anExtPtr);
00457             }
00458             catch(...)
00459             {
00460                 //This was added to get around the problem of parsing busted policy extensions
00461 
00462                 if(!criticality)
00463                 {
00464                     // instantiate default extension
00465                     CPKIFX509ExtensionPtr anExtPtr (new CPKIFX509Extension (cpkifOIDPtr, criticality, extensionBufPtr));
00466                     exts.push_back (anExtPtr); 
00467                 }
00468             }
00469         } 
00470         else 
00471         { 
00472             // instantiate default extension
00473             CPKIFX509ExtensionPtr anExtPtr (new CPKIFX509Extension (cpkifOIDPtr, criticality, extensionBufPtr));
00474             exts.push_back (anExtPtr); 
00475         }
00476 
00477         cur = cur->next;
00478     }  
00479 
00480     delete [] OIDStrings;
00481 }
00489 void CPKIFX509ExtensionMediator2::AddColleague(
00491     IPKIFColleague* module,
00493     bool transferOwnership)
00494 {
00495     LOG_STRING_DEBUG("CPKIFX509ExtensionMediator2::AddColleague(IPKIFColleague* module, bool transferOwnership)", TOOLKIT_PATH_MEDIATOR, 0, this);
00496 
00497     //CCACSynchronizedObject so(m_impl->m_md);
00498     boost::recursive_mutex::scoped_lock(m_impl->m_me);
00499     if(NULL == module)
00500         return;
00501 
00502     //if the module throws an exception let the caller catch it
00503     module->Initialize();
00504     module->AddParent(this);//added 3/12/2003 CRW
00505 
00506     try
00507     {
00508         //set upa n array of pointers that we will need to delete
00509         if(transferOwnership)
00510             m_impl->m_vModulesToDelete.push_back(module);
00511 
00512         //create a guard on the vector so if the push onto the primary vector fails we can
00513         //pop the one off of m_impl->m_vModulesToDelete
00514         ScopeGuard guard = MakeObjGuard(m_impl->m_vModulesToDelete, &vector<IPKIFColleague*>::pop_back);
00515         m_impl->m_vModules.push_back(module);
00516         guard.Dismiss();
00517     }
00518     catch(...)
00519     {
00520         throw;
00521     }
00522 }
00530 void CPKIFX509ExtensionMediator2::CPKIFX509ExtensionMediator2Destructor()
00531 {
00532     if(m_hInstance) {
00533         delete m_hInstance;
00534         m_hInstance = 0;
00535     }
00536 }
00537 
00547 class CPKIFX509ExtensionMediator2Cleaner
00548 {
00549     public:
00550         ~CPKIFX509ExtensionMediator2Cleaner()
00551         {
00552             CPKIFX509ExtensionMediator2::CPKIFX509ExtensionMediator2Destructor();
00553         }
00554 } CPKIFX509ExtensionMediator2CleanerInstance;
Generated on Mon Nov 15 11:15:55 2010 for PublicKeyInfrastructureFramework(PKIF) by  doxygen 1.5.6