PKIFXSECCryptoX509.cpp

Go to the documentation of this file.
00001 
00010 #include "PKIFXSECCryptoX509.h"
00011 
00012 #include "PKIFXSECCrypto.h"
00013 #include "PKIFXSECCryptoKeyRSA.h"
00014 #include "PKIFXSECCryptoKeyDSA.h"
00015 #include "PKIFAlgorithm.h"
00016 #include "PKIFBase64.h"
00017 
00018 #include <xsec/enc/XSCrypt/XSCryptCryptoBase64.hpp>
00019 #include <xsec/enc/XSECCryptoException.hpp>
00020 #include <xsec/enc/XSECCryptoUtils.hpp>
00021 #include <xsec/framework/XSECError.hpp>
00022 
00024 
00025 struct PKIFXSECCryptoX509Impl
00026 {
00027     safeBuffer m_encoded;
00028     CPKIFCertificatePtr m_cert;
00029     IPKIFMediatorPtr m_med;
00030 };
00032 
00040 PKIFXSECCryptoX509::PKIFXSECCryptoX509()
00041 :m_impl(new PKIFXSECCryptoX509Impl())
00042 {
00043 }
00044 
00052 PKIFXSECCryptoX509::~PKIFXSECCryptoX509()
00053 {
00054     if(m_impl) delete m_impl;
00055 }
00056 
00066 XSECCryptoKey::KeyType PKIFXSECCryptoX509::getPublicKeyType() const
00067 {
00068     if (!m_impl->m_cert) {
00069         throw XSECCryptoException(XSECCryptoException::X509Error,
00070             "PKIFXSECCryptoX509 - getPublicKeyType called before X509 loaded");
00071     }
00072     // this shouldn't really happen...
00073     CPKIFSubjectPublicKeyInfoPtr spki = m_impl->m_cert->GetSubjectPublicKeyInfo();
00074     if(!spki) return XSECCryptoKey::KEY_NONE;
00075     CPKIFAlgorithm * alg = CPKIFAlgorithm::GetAlg(spki->alg()->oid());
00076     if(!alg) return XSECCryptoKey::KEY_NONE;
00077     // The XML security library only supports RSA and DSA
00078     switch(alg->AsymkeyAlg()) {
00079         case PKIFCRYPTO::RSA:
00080             return XSECCryptoKey::KEY_RSA_PUBLIC;
00081             break;
00082         case PKIFCRYPTO::DSS:
00083             return XSECCryptoKey::KEY_DSA_PUBLIC;
00084             break;
00085     }
00086     return XSECCryptoKey::KEY_NONE;
00087 }
00088 
00096 XSECCryptoKey * PKIFXSECCryptoX509::clonePublicKey() const
00097 {
00098     // ideally, we'd build and validate here. the order of calls will often make that
00099     // impossible, though, so callers are advised to use the PKIFXSECKeyInfoResolver instead.
00100     CPKIFKeyMaterialPtr km(new CPKIFKeyMaterial());
00101     CPKIFBufferPtr encCert = m_impl->m_cert->Encoded();
00102     km->SetCertificate(encCert->GetBuffer(),encCert->GetLength());
00103     XSECCryptoKey * rv = 0;
00104     switch(getPublicKeyType()) {
00105         case XSECCryptoKey::KEY_RSA_PUBLIC:
00106             {
00107                 PKIFXSECCryptoKeyRSA * rsaKey = new PKIFXSECCryptoKeyRSA();
00108                 rsaKey->SetMediator(m_impl->m_med);
00109                 rsaKey->SetKeyMaterial(km);
00110                 rv = rsaKey;
00111                 break;
00112             }
00113         case XSECCryptoKey::KEY_DSA_PUBLIC:
00114             {
00115                 PKIFXSECCryptoKeyDSA * dsaKey = new PKIFXSECCryptoKeyDSA();
00116                 dsaKey->SetMediator(m_impl->m_med);
00117                 dsaKey->SetKeyMaterial(km);
00118                 rv = dsaKey;
00119                 break;
00120             }
00121     }
00122     return rv;
00123 }
00124 
00133 const XMLCh * PKIFXSECCryptoX509::getProviderName() const
00134 {
00135     return pkifProvName();
00136 }
00137 
00145 void PKIFXSECCryptoX509::loadX509Base64Bin(
00147     const char * buf,
00149     unsigned int len)
00150 {
00151     CPKIFBufferPtr derBuf(new CPKIFBuffer());
00152     unsigned char * rawCert = derBuf->AllocateBuffer(len);
00153 
00154     XSCryptCryptoBase64 b64;
00155     b64.decodeInit();
00156     unsigned int rawCertLen = b64.decode((unsigned char *) buf, len, rawCert, len);
00157     rawCertLen += b64.decodeFinish(&rawCert[rawCertLen], len - rawCertLen);
00158 
00159     m_impl->m_cert = CPKIFCertificatePtr(new CPKIFCertificate());
00160     m_impl->m_cert->Decode(rawCert,rawCertLen);
00161 
00162     m_impl->m_encoded.sbStrncpyIn(buf,len);
00163     m_impl->m_encoded.sbMemcpyIn(len,(void*)"\0",1);
00164     m_impl->m_encoded.setBufferType(safeBuffer::BUFFER_CHAR);
00165 }
00166 
00174 void PKIFXSECCryptoX509::SetCertificate(const CPKIFCertificatePtr & cert)
00175 {
00176     m_impl->m_cert = cert;
00177     CPKIFBufferPtr encodedCert = cert->Encoded();
00178     char * b64encoded;
00179     if(!B64Encode(encodedCert->GetBuffer(), encodedCert->GetLength(), &b64encoded))
00180         throw XSECCryptoException(XSECCryptoException::X509Error,
00181             "PKIFXSECCryptoX509 - unable to encode certificate for later");
00182     m_impl->m_encoded.sbStrcpyIn(b64encoded);
00183     delete[] b64encoded;
00184     
00185 }
00186 
00195 safeBuffer & PKIFXSECCryptoX509::getDEREncodingSB(void)
00196 {
00197     return m_impl->m_encoded;
00198 }
00207 const safeBuffer & PKIFXSECCryptoX509::getDEREncodingSB(void) const
00208 {
00209     return m_impl->m_encoded;
00210 }
00211 
00219 void PKIFXSECCryptoX509::SetMediator(
00221     IPKIFMediatorPtr & med)
00222 {
00223     m_impl->m_med = med;
00224 }
00225
Generated on Mon Nov 15 11:15:55 2010 for PublicKeyInfrastructureFramework(PKIF) by  doxygen 1.5.6