00001
00009 #if defined(__GNUG__) && !defined(NO_GCC_PRAGMA) && defined(PKIFRESOURCES_ALLOW_GCC_PRAGMA)
00010 #pragma implementation "PathDumpDialog.cpp"
00011 #endif
00012
00013
00014 #include "PKIFdll.h"
00015
00016 #include "wx/wxprec.h"
00017
00018 #ifdef __BORLANDC__
00019 #pragma hdrstop
00020 #endif
00021
00022 #include "PathDumpDialog.h"
00023 #include "RevocationSource.h"
00024 #include "IPKIFTrustAnchor.h"
00025 #include "PKIFCryptUtils.h"
00026
00027 #include "PKIFAlgorithm.h"
00028
00029 #ifdef __INCLUDE_SCVP_SUPPORT__
00030 #include "PKIFSCVP.h"
00031 #include "PKIFCMS.h"
00032 #include "PKIFTSP.h"
00033 #include "PKIFERS.h"
00034 #endif
00035
00036 #include "PRStringUtils.h"
00037
00038 #include <sstream>
00039 #include <iterator>
00040 using namespace std;
00041 using namespace boost;
00042
00043
00052 CPKIFBufferPtr GetThumbprint(
00054 const unsigned char* cert, int certLen)
00055 {
00056 CPKIFBufferPtr empty;
00057 if(cert == NULL || 0 == certLen)
00058 return empty;
00059
00060 IPKIFCryptoMisc* misc = GetPlatformCryptoMisc();
00061 if(NULL == misc)
00062 return empty;
00063
00064 unsigned char sha1Buffer[20];
00065 int length = 20;
00066 try
00067 {
00068 IPKIFHashContext* hash = misc->HashInit(PKIFCRYPTO::SHA1);
00069 misc->HashUpdate(hash, (unsigned char*)cert, certLen);
00070 misc->HashFinal(hash, sha1Buffer, &length);
00071 delete hash;
00072 }
00073 catch(...)
00074 {
00075 return empty;
00076 }
00077
00078 CPKIFBufferPtr newBuf(new CPKIFBuffer);
00079 unsigned char* asciiVal = newBuf->AllocateBuffer(41);
00080 btoa((char*)sha1Buffer, (char*)asciiVal, 20);
00081 return newBuf;
00082 }
00091 CPKIFBufferPtr GetThumbprint(
00093 CPKIFCertificatePtr& cert)
00094 {
00095 CPKIFBufferPtr empty;
00096 if(!cert)
00097 return empty;
00098
00099 CPKIFBufferPtr encCert = cert->Encoded();
00100 return GetThumbprint(encCert->GetBuffer(), encCert->GetLength());
00101 }
00110 CPKIFBufferPtr GetThumbprint(
00112 CPKIFCRLPtr& crl)
00113 {
00114 CPKIFBufferPtr empty;
00115 if(!crl)
00116 return empty;
00117
00118 CPKIFBufferPtr encCrl = crl->Encoded();
00119 return GetThumbprint(encCrl->GetBuffer(), encCrl->GetLength());
00120 }
00129 CPKIFBufferPtr GetThumbprint(
00131 CPKIFOCSPResponsePtr& ocsp)
00132 {
00133 CPKIFBufferPtr empty;
00134 if(!ocsp)
00135 return empty;
00136
00137 CPKIFBufferPtr encOcsp = ocsp->Encoded();
00138 return GetThumbprint(encOcsp->GetBuffer(), encOcsp->GetLength());
00139 }
00140
00141 #ifdef __INCLUDE_SCVP_SUPPORT__
00142
00150 CPKIFBufferPtr GetThumbprint(
00152 CPKIFEvidenceRecordPtr& er)
00153 {
00154 CPKIFBufferPtr empty;
00155 if(!er)
00156 return empty;
00157
00158 CPKIFBufferPtr encEr = er->Encode();
00159 return GetThumbprint(encEr->GetBuffer(), encEr->GetLength());
00160 }
00161
00162
00163
00164 extern CPKIFOIDPtr g_idSwbErsPkcCert2;
00165 extern CPKIFOIDPtr g_idSwbErsPartialCertPath2;
00166 extern CPKIFOIDPtr g_idSwbErsRevocationInfo2;
00167 extern CPKIFOIDPtr g_id_swb_pkc_revocation_info2;
00168 extern CPKIFOIDPtr g_idSwbPartialCertPath2;
00176 void LogTimestampDetails(
00177 CPKIFContentInfoPtr& ci,
00178 ostream* o,
00179 CPKIFTimestampVerifierPtr& tv)
00180 {
00181 if(!o || !ci)
00182 return;
00183
00184 CPKIFBufferPtr contents = ci->GetContent();
00185 try
00186 {
00187 CPKIFSignedData sd;
00188 sd.Decode(contents);
00189
00190 CPKIFSignerInfoPtr si = sd.GetSignersInfo(0);
00191
00192
00193
00194 CPKIFEncapsulatedContentInfoPtr ecip = sd.GetEncapsulatedContent();
00195
00196 CPKIFBufferPtr tstBuf = ecip->GetContent();
00197
00198 CPKIFTSTInfo tstInfo;
00199 tstInfo.Decode(tstBuf);
00200
00201 CPKIFTimePtr time = tstInfo.GetGeneralizedTime();
00202 *o << "\t\t\t+Generated at " << time->GetTime() << endl;
00203
00204 CPKIFMessageImprintPtr mi = tstInfo.GetMessageImprint();
00205 CPKIFAlgorithmIdentifierPtr hashAlgId = mi->GetHashAlgorithm();
00206 CPKIFOIDPtr hashAlgOid = hashAlgId->oid();
00207 CPKIFAlgorithm* ai = CPKIFAlgorithm::GetAlg(hashAlgOid);
00208 if(ai)
00209 {
00210 *o << "\t\t\t+Message digest algorithm: " << ai->Description().c_str() << endl;
00211 }
00212 else
00213 {
00214 *o << "\t\t\t+Message digest algorithm: unrecognized" << endl;
00215 }
00216
00217 if(tv)
00218 {
00219 CPKIFCertificatePtr tsaCert = tv->GetTSACertificate();
00220 if(tsaCert)
00221 *o << "\t\t\t+Generated by " << tsaCert->Subject()->ToString() << endl;
00222 }
00223 else
00224 {
00225 *o << "\t\t\t+NOT VERIFIED" << endl;
00226 }
00227 }
00228 catch(...)
00229 {
00230 *o << "Unexpected exception logging timestamp details." << endl;
00231 }
00232 }
00240 void LogEvidenceRecordDetails(
00241 CPKIFEvidenceRecordPtr& er,
00242 ostream* o,
00243 SeqResultsPtr& sr)
00244 {
00245 if(!o || !er)
00246 return;
00247
00248 CPKIFArchiveTimestampSequencePtr seq = er->GetArchiveTimestampSequence();
00249 if(!seq)
00250 return;
00251
00252 int seqResultIndex = 0;
00253 int seqCount = seq->size();
00254 CPKIFArchiveTimestampSequence::reverse_iterator seqPos;
00255 CPKIFArchiveTimestampSequence::reverse_iterator seqEnd = seq->rend();
00256 for(seqPos = seq->rbegin(); seqPos != seqEnd; ++seqPos, ++seqResultIndex)
00257 {
00258 *o << "\t+Archive Timestamp #" << seqCount-- << endl;
00259 ChainResultsPtr cr;
00260 if(sr && sr->size() >= seqCount)
00261 cr = (*sr)[seqResultIndex];
00262 CPKIFArchiveTimestampChainPtr chain = (*seqPos);
00263
00264 int chainResultIndex = 0;
00265 int chainCount = chain->size();
00266 CPKIFArchiveTimestampChain::reverse_iterator chainPos;
00267 CPKIFArchiveTimestampChain::reverse_iterator chainEnd = chain->rend();
00268 for(chainPos = chain->rbegin(); chainPos != chainEnd; ++chainPos, ++chainResultIndex)
00269 {
00270 *o << "\t\t*Archive Timestamp #" << chainCount-- << endl;
00271 CPKIFContentInfoPtr ci = (*chainPos)->GetTimestamp();
00272
00273 CPKIFTimestampVerifierPtr tv;
00274 if(cr && cr->size() >= chainCount)
00275 tv = (*cr)[chainResultIndex];
00276 LogTimestampDetails(ci, o, tv);
00277 }
00278 }
00279
00280 }
00288 void LogEvidenceRecordDetailsForTargetCertificate(
00289 CPKIFBufferPtr& pkcCertWB_ER,
00290 ostream* o,
00291 SeqResultsPtr& pkcCertWB_ER_SR)
00292 {
00293 if(!pkcCertWB_ER || 0 == pkcCertWB_ER->GetLength() || NULL == pkcCertWB_ER->GetBuffer())
00294 {
00295 *o << "- Evidence record for target certificate requested but not returned" << endl;
00296 }
00297 else
00298 {
00299 CPKIFEvidenceRecordPtr er(new CPKIFEvidenceRecord);
00300 er->Decode(pkcCertWB_ER);
00301
00302 *o << "- Evidence record for target certificate" << endl;
00303
00304 LogEvidenceRecordDetails(er, o, pkcCertWB_ER_SR);
00305 }
00306 }
00314 void LogEvidenceRecordDetailsForPartialPath(
00315 CPKIFBufferPtr& partialPathWB_ER,
00316 CPKIFBufferPtr& partialPathWB,
00317 ostream* o,
00318 SeqResultsPtr& partialPathWB_ER_SR)
00319 {
00320 if(!partialPathWB_ER || 0 == partialPathWB_ER->GetLength() || NULL == partialPathWB_ER->GetBuffer())
00321 {
00322 *o << "- Evidence record for partial certification path requested but not returned" << endl;
00323 }
00324 else
00325 {
00326 CPKIFCertBundle certBundle;
00327 certBundle.Decode(partialPathWB);
00328
00329 CPKIFEvidenceRecordPtr er(new CPKIFEvidenceRecord);
00330 er->Decode(partialPathWB_ER);
00331
00332 *o << "- Evidence record for partial certification path" << endl;
00333
00334 LogEvidenceRecordDetails(er, o, partialPathWB_ER_SR);
00335 }
00336 }
00344 void LogEvidenceRecordDetailsForRevInfo(
00345 CPKIFBufferPtr& revInfoWB_ER,
00346 CPKIFBufferPtr& revInfoWB,
00347 ostream* o,
00348 vector<SeqResultsPtr>& revInfoWB_ER_SR)
00349 {
00350 if(!revInfoWB_ER || 0 == revInfoWB_ER->GetLength() || NULL == revInfoWB_ER->GetBuffer())
00351 {
00352 *o << "- Evidence record for revocation information requested but not returned" << endl;
00353 }
00354 else
00355 {
00356 CPKIFRevocationInfoListPtr revInfos;
00357 revInfos = GetRevInfos(revInfoWB);
00358
00359 if(revInfos)
00360 {
00361 CPKIFEvidenceRecordBundle er;
00362 er.Decode(revInfoWB_ER);
00363
00364 CPKIFEvidenceRecordListPtr ers(new CPKIFEvidenceRecordList);
00365 er.GetERList(ers);
00366
00367 if(!ers || revInfos->size() != ers->size())
00368 return;
00369
00370 CPKIFRevocationInfoList::iterator begin = revInfos->begin();
00371 CPKIFRevocationInfoList::iterator pos;
00372 CPKIFRevocationInfoList::iterator end = revInfos->end();
00373 for(pos = revInfos->begin(); pos != end; ++pos)
00374 {
00375 CPKIFCRLPtr crl;
00376 if(REVINFOTYPE_CRL == (*pos)->GetRevInfoType())
00377 crl = (*pos)->GetCRL();
00378 else if(REVINFOTYPE_DELTACRL == (*pos)->GetRevInfoType())
00379 crl = (*pos)->GetDeltaCRL();
00380 else
00381 continue;
00382
00383 *o << "Evidence record for CRL issued by " << crl->Issuer()->ToString() << endl;
00384 CPKIFEvidenceRecordPtr er = (*ers)[distance(begin, pos)];
00385
00386 if(revInfoWB_ER_SR.size() > distance(begin, pos))
00387 LogEvidenceRecordDetails(er, o, revInfoWB_ER_SR[distance(begin, pos)]);
00388 else
00389 {
00390 SeqResultsPtr emptySR;
00391 LogEvidenceRecordDetails(er, o, emptySR);
00392 }
00393 }
00394 }
00395 }
00396 }
00404 void LogEvidenceRecordWantBackDetails(
00405 CPKIFReplyWantBack_ExtDataHandlerPtr& erwb,
00406 ostream* o)
00407 {
00408 if(!o || !erwb)
00409 return;
00410
00411 *o << endl;
00412 *o << "---------------------------------------------------------------------------------------" << endl;
00413 *o << "Details of evidence records from SCVP replyWantBacks" << endl;
00414 *o << "\t" << "SCVP responder: " << erwb->m_scvpResponder.c_str() << endl;
00415 *o << "---------------------------------------------------------------------------------------" << endl;
00416
00417
00418
00419 CPKIFBufferPtr revInfoWB_ER, partialPathWB_ER, pkcCertWB_ER;
00420 CPKIFBufferPtr revInfoWB, partialPathWB;
00421 SeqResultsPtr partialPathWB_ER_SR, pkcCertWB_ER_SR;
00422 vector<SeqResultsPtr> revInfoWB_ER_SR;
00423
00424 std::vector<std::pair<CPKIFReplyWantBackPtr, std::vector<SeqResultsPtr> > >::iterator pos;
00425 std::vector<std::pair<CPKIFReplyWantBackPtr, std::vector<SeqResultsPtr> > >::iterator end = erwb->m_wantBacks.end();
00426 for(pos = erwb->m_wantBacks.begin(); pos != end; ++pos)
00427 {
00428 CPKIFOIDPtr posOid = (*pos).first->GetWB();
00429
00430 if(*g_id_swb_pkc_revocation_info2 == *posOid)
00431 {
00432 revInfoWB = (*pos).first->GetValue();
00433 }
00434 else if(*g_idSwbPartialCertPath2 == *posOid)
00435 {
00436 partialPathWB = (*pos).first->GetValue();
00437 }
00438 else if(*g_idSwbErsPkcCert2 == *posOid)
00439 {
00440 pkcCertWB_ER = (*pos).first->GetValue();
00441 if(!(*pos).second.empty())
00442 pkcCertWB_ER_SR = (*pos).second.front();
00443 }
00444 else if(*g_idSwbErsPartialCertPath2 == *posOid)
00445 {
00446 partialPathWB_ER = (*pos).first->GetValue();
00447 if(!(*pos).second.empty())
00448 partialPathWB_ER_SR = (*pos).second.front();
00449 }
00450 else if(*g_idSwbErsRevocationInfo2 == *posOid)
00451 {
00452 revInfoWB_ER = (*pos).first->GetValue();
00453 if(!(*pos).second.empty())
00454 copy((*pos).second.begin(), (*pos).second.end(), back_inserter(revInfoWB_ER_SR));
00455 }
00456 }
00457
00458 if(pkcCertWB_ER)
00459 LogEvidenceRecordDetailsForTargetCertificate(pkcCertWB_ER, o, pkcCertWB_ER_SR);
00460 if(partialPathWB_ER && partialPathWB)
00461 LogEvidenceRecordDetailsForPartialPath(partialPathWB_ER, partialPathWB, o, partialPathWB_ER_SR);
00462 if(revInfoWB_ER && revInfoWB)
00463 LogEvidenceRecordDetailsForRevInfo(revInfoWB_ER, revInfoWB, o, revInfoWB_ER_SR);
00464 }
00472 void DumpEvidenceRecordDetailsForTargetCertificate(
00473 CPKIFBufferPtr& pkcCertWB_ER,
00474 wxString targetDirectory,
00475 SeqResultsPtr& pkcCertWB_ER_SR)
00476 {
00477 if(!pkcCertWB_ER || 0 == pkcCertWB_ER->GetLength() || NULL == pkcCertWB_ER->GetBuffer())
00478 {
00479 return;
00480 }
00481 else
00482 {
00483 CPKIFBufferPtr thumbprint = GetThumbprint(pkcCertWB_ER->GetBuffer(), pkcCertWB_ER->GetLength());
00484 if(thumbprint && 0 != thumbprint->GetLength()) {
00485 wxString file = targetDirectory;
00486 file.append(wxString((char*)thumbprint->GetBuffer(),wxConvUTF8));
00487 file.append(wxT(".targetCert.er"));
00488 WriteBufferToFile(string(file.mb_str()),pkcCertWB_ER);
00489 }
00490 }
00491 }
00499 void DumpEvidenceRecordDetailsForPartialPath(
00500 CPKIFBufferPtr& partialPathWB_ER,
00501 CPKIFBufferPtr& partialPathWB,
00502 wxString targetDirectory,
00503 SeqResultsPtr& partialPathWB_ER_SR)
00504 {
00505 if(!partialPathWB_ER || 0 == partialPathWB_ER->GetLength() || NULL == partialPathWB_ER->GetBuffer())
00506 {
00507 return;
00508 }
00509 else
00510 {
00511 {
00512 CPKIFBufferPtr thumbprint = GetThumbprint(partialPathWB->GetBuffer(), partialPathWB->GetLength());
00513 if(thumbprint && 0 != thumbprint->GetLength()) {
00514 wxString file = targetDirectory;
00515 file.append(wxString((char*)thumbprint->GetBuffer(),wxConvUTF8));
00516 file.append(wxT(".partialPath"));
00517 WriteBufferToFile(string(file.mb_str()),partialPathWB);
00518 }
00519 }
00520
00521 {
00522 CPKIFBufferPtr thumbprint = GetThumbprint(partialPathWB_ER->GetBuffer(), partialPathWB_ER->GetLength());
00523 if(thumbprint && 0 != thumbprint->GetLength()) {
00524 wxString file = targetDirectory;
00525 file.append(wxString((char*)thumbprint->GetBuffer(),wxConvUTF8));
00526 file.append(wxT(".partialPath.er"));
00527 WriteBufferToFile(string(file.mb_str()),partialPathWB_ER);
00528 }
00529 }
00530 }
00531 }
00539 void DumpEvidenceRecordDetailsForRevInfo(
00540 CPKIFBufferPtr& revInfoWB_ER,
00541 CPKIFBufferPtr& revInfoWB,
00542 wxString targetDirectory,
00543 vector<SeqResultsPtr>& revInfoWB_ER_SR)
00544 {
00545 if(!revInfoWB_ER || 0 == revInfoWB_ER->GetLength() || NULL == revInfoWB_ER->GetBuffer())
00546 {
00547 return;
00548 }
00549 else
00550 {
00551 CPKIFRevocationInfoListPtr revInfos;
00552 revInfos = GetRevInfos(revInfoWB);
00553
00554 if(revInfos)
00555 {
00556 CPKIFEvidenceRecordBundle er;
00557 er.Decode(revInfoWB_ER);
00558
00559 CPKIFEvidenceRecordListPtr ers(new CPKIFEvidenceRecordList);
00560 er.GetERList(ers);
00561
00562 if(!ers || revInfos->size() != ers->size())
00563 return;
00564
00565 CPKIFRevocationInfoList::iterator begin = revInfos->begin();
00566 CPKIFRevocationInfoList::iterator pos;
00567 CPKIFRevocationInfoList::iterator end = revInfos->end();
00568 for(pos = revInfos->begin(); pos != end; ++pos)
00569 {
00570 CPKIFCRLPtr crl;
00571 if(REVINFOTYPE_CRL == (*pos)->GetRevInfoType())
00572 crl = (*pos)->GetCRL();
00573 else if(REVINFOTYPE_DELTACRL == (*pos)->GetRevInfoType())
00574 crl = (*pos)->GetDeltaCRL();
00575 else
00576 continue;
00577
00578 CPKIFBufferPtr thumbprint = GetThumbprint(crl);
00579 if(thumbprint && 0 != thumbprint->GetLength()) {
00580 ostringstream oss;
00581 oss << targetDirectory.c_str() << distance(begin, pos) << ".FromRevInfoWB." << thumbprint->GetBuffer() << ".crl" << ends;
00582 CPKIFBufferPtr crlbuf = crl->Encoded();
00583 WriteBufferToFile(oss.str(),crlbuf);
00584 }
00585
00586 CPKIFEvidenceRecordPtr er = (*ers)[distance(begin, pos)];
00587
00588 CPKIFBufferPtr thumbprintER = GetThumbprint(er);
00589 if(thumbprintER && 0 != thumbprintER->GetLength()) {
00590 ostringstream oss;
00591 oss << targetDirectory.c_str() << distance(begin, pos) << ".FromRevInfoWB." << thumbprintER->GetBuffer() << ".er" << ends;
00592 CPKIFBufferPtr erbuf = er->Encode();
00593 WriteBufferToFile(oss.str(),erbuf);
00594 }
00595 }
00596 }
00597 }
00598 }
00599
00600 #endif
00601
00602
00603
00604
00605
00606
00607
00608
00609
00610
00611 BEGIN_EVENT_TABLE(PathDumpDialog,wxDialog)
00612 EVT_BUTTON( ID_BUTTON_DUMP, PathDumpDialog::OnDumpAll )
00613 EVT_BUTTON( PKIFR_ID_DUMP_SAVE_CERTS, PathDumpDialog::OnSaveCerts )
00614 EVT_BUTTON( PKIFR_ID_DUMP_SAVE_LOG, PathDumpDialog::OnSaveLog )
00615 EVT_BUTTON( PKIFR_ID_DUMP_SAVE_REV, PathDumpDialog::OnDumpRevInfo )
00616 END_EVENT_TABLE()
00624 PathDumpDialog::PathDumpDialog( wxWindow *parent, wxWindowID id, const wxString &title,
00625 const wxPoint &position, const wxSize& size, long style ) :
00626 wxDialog( parent, id, title, position, size, style )
00627 {
00628
00629 PathDumpLayout( this, TRUE );
00630 }
00631
00632
00640 void AddCertDetailsToManifest(
00642 ostringstream& manifestContents,
00644 const char* certfile,
00646 CPKIFCertificatePtr& rootCert)
00647 {
00648 manifestContents << certfile << endl;
00649 manifestContents << "Issuer DN: " << rootCert->Issuer()->ToString() << endl;
00650 manifestContents << "Serial Number: " << rootCert->SerialNumber() << endl;
00651 manifestContents << "Subject DN: " << rootCert->Subject()->ToString() << endl;
00652 manifestContents << endl;
00653 }
00661 void AddCrlDetailsToManifest(
00663 ostringstream& manifestContents,
00665 const char* crlfile,
00667 CPKIFCRLPtr& crl)
00668 {
00669 manifestContents << crlfile << endl;
00670 manifestContents << "Issuer DN: " << crl->Issuer()->ToString() << endl;
00671 manifestContents << "This Update: " << crl->ThisUpdate()->GetTime() << endl;
00672 CPKIFTimePtr nextUpdate = crl->NextUpdate();
00673 if(nextUpdate != (CPKIFTime*)NULL)
00674 {
00675 manifestContents << "Next Update: " << nextUpdate->GetTime() << endl;
00676 }
00677 manifestContents << endl;
00678 }
00686 void AddOcspDetailsToManifest(
00688 ostringstream& manifestContents,
00690 const char* ocspfile,
00692 CPKIFOCSPResponsePtr& ocspResponse)
00693 {
00694 manifestContents << ocspfile << endl;
00695 CPKIFResponseBytesPtr rb = ocspResponse->GetResponseBytes();
00696
00697 CPKIFBasicOCSPResponse bor;
00698 bor.Decode(rb->GetResponse());
00699 CPKIFResponseDataPtr rd = bor.GetResponseData();
00700 CPKIFResponderIDPtr rid = rd->GetResponderID();
00701 if(CPKIFResponderID::NAME == rid->GetChoice())
00702 manifestContents << "Responder name: " << rid->GetName()->ToString() << endl;
00703 else if(CPKIFResponderID::KEYHASH == rid->GetChoice())
00704 {
00705 unsigned char * ascval = new unsigned char[rid->GetHash()->GetLength()*2 + 1];
00706 btoa((const char*)rid->GetHash()->GetBuffer(), (char *)ascval, rid->GetHash()->GetLength());
00707 manifestContents << "Responder key ID: " << ascval << endl;
00708 delete ascval;
00709 }
00710 manifestContents << endl;
00711 }
00712
00713 void WriteCertsFromOcspResponseToFile(CPKIFBufferPtr& respThumbprint, CPKIFOCSPResponsePtr& resp, wxString& curDirectory, ostringstream& manifestContents)
00714 {
00715 if(!respThumbprint || !resp)
00716 return;
00717
00718 CPKIFResponseBytesPtr responseBytes = resp->GetResponseBytes();
00719 if(!responseBytes)
00720 return;
00721
00722 CPKIFOIDPtr oid = responseBytes->GetResponseType();
00723 if(!oid || !(*g_ocspBasic == responseBytes->GetResponseType()))
00724 return;
00725
00726 CPKIFBufferPtr responseBuf = responseBytes->GetResponse();
00727 if(!responseBuf)
00728 return;
00729
00730
00731 CPKIFBasicOCSPResponsePtr tmpBasicOCSPResponse(new CPKIFBasicOCSPResponse);
00732
00733 CPKIFCertificateList certs;
00734 try
00735 {
00736 tmpBasicOCSPResponse->Decode(responseBuf);
00737 tmpBasicOCSPResponse->GetCerts(certs);
00738 }
00739 catch(...)
00740 {
00741 return;
00742 }
00743
00744 if(certs.empty())
00745 return;
00746
00747 CPKIFCertificateList::iterator certsBegin = certs.begin();
00748 CPKIFCertificateList::iterator pos;
00749 CPKIFCertificateList::iterator end = certs.end();
00750 for(pos = certs.begin(); pos != end; ++pos)
00751 {
00752 CPKIFBufferPtr thumbprint = GetThumbprint(*pos);
00753 if(thumbprint && 0 != thumbprint->GetLength())
00754 {
00755 ostringstream oss;
00756 oss << curDirectory.mb_str()<< distance(certsBegin, pos) <<".ocspCert." << respThumbprint->GetBuffer() << "." << thumbprint->GetBuffer() << ".der" << ends;
00757
00758 CPKIFBufferPtr certbuf = (*pos)->Encoded();
00759 WriteBufferToFile(oss.str(),certbuf);
00760
00761 AddCertDetailsToManifest(manifestContents, oss.str().c_str(), *pos);
00762 }
00763 }
00764 }
00765
00773 void PathDumpDialog::OnDumpAll( wxCommandEvent &event )
00774 {
00775 wxString oldDirectory;
00776
00777
00778
00779 if(!m_path)
00780 {
00781 wxMessageBox(wxT("No path was constructed. There is nothing to dump."));
00782 return;
00783 }
00784
00785 wxString curDirectory = wxDirSelector(wxT("Select a directory into which a dump will be taken"), oldDirectory);
00786 if(wxT("")!= curDirectory)
00787 {
00788
00789
00790
00791 wxChar last = curDirectory[curDirectory.size()-1];
00792 if(wxT('/') != last && wxT('\\') != last)
00793 curDirectory.append(wxT("/"));
00794 }
00795 else
00796 {
00797 return;
00798 }
00799
00800 wxString logFile = curDirectory;
00801 logFile.Append("PathLog.txt");
00802
00803 wxString val = GetPathDumpDetails()->GetValue();
00804 if(!val.IsEmpty())
00805 {
00806 CPKIFBufferPtr certbuf(new CPKIFBuffer((unsigned char*)val.mb_str(), val.Length()));
00807 WriteBufferToFile(string(logFile.mb_str()),certbuf);
00808 }
00809
00810
00811
00812 IPKIFTrustAnchorPtr root;
00813 m_path->GetTrustRoot(root);
00814 if(!root)
00815 return;
00816
00817 const CPKIFTrustRoot* taPtr = dynamic_cast<const CPKIFTrustRoot*>(&(*(root)));
00818 CPKIFCertificatePtr rootCert;
00819 if(taPtr)
00820 {
00821 if(taPtr) taPtr->GetCert(rootCert);
00822 }
00823
00824 CPKIFCertificateNodeList path;
00825 m_path->GetPath(path);
00826
00827 ostringstream manifestContents;
00828
00829 if(rootCert) {
00830 CPKIFBufferPtr thumbprint = GetThumbprint(rootCert);
00831 if(thumbprint && 0 != thumbprint->GetLength()) {
00832 wxString certfile = curDirectory;
00833 certfile.append(wxT("ta."));
00834 certfile.append(wxString((const char *)thumbprint->GetBuffer(),wxConvUTF8));
00835 certfile.append(wxT(".der"));
00836 CPKIFBufferPtr certbuf = rootCert->Encoded();
00837 WriteBufferToFile(string(certfile.mb_str()),certbuf);
00838
00839 AddCertDetailsToManifest(manifestContents, certfile.mb_str(), rootCert);
00840 }
00841 }
00842
00843 CPKIFCertificateNodeList::iterator pathBegin = path.begin();
00844 CPKIFCertificateNodeList::iterator i;
00845 for(i = path.begin(); i != path.end(); ++i)
00846 {
00847
00848 CPKIFCertificatePtr cert = (*i)->GetCert();
00849 if(cert) {
00850 CPKIFBufferPtr thumbprint = GetThumbprint(cert);
00851 if(thumbprint && 0 != thumbprint->GetLength()) {
00852 ostringstream oss;
00853 if(path.end() != i+1)
00854 oss << curDirectory.c_str()<< distance(pathBegin, i) <<".ca." << thumbprint->GetBuffer() << ".der" << ends;
00855 else
00856 oss << curDirectory.c_str()<< distance(pathBegin, i) <<".ee." << thumbprint->GetBuffer() << ".der" << ends;
00857 CPKIFBufferPtr certbuf = cert->Encoded();
00858 WriteBufferToFile(oss.str(),certbuf);
00859 AddCertDetailsToManifest(manifestContents, oss.str().c_str(), cert);
00860 }
00861 }
00862
00863
00864 CPKIFCertStatusPtr stat = (*i)->GetStatus();
00865 if(!stat) continue;
00866 RevocationSourceList rsl;
00867 stat->GetRevocationSources(rsl);
00868 RevocationSourceList::iterator rslBegin = rsl.begin();
00869 RevocationSourceList::iterator ii;
00870 for(ii = rsl.begin(); ii != rsl.end(); ++ii)
00871 {
00872 IPKIFRevSourceInfoPtr rsip = (*ii)->m_sourceInfo;
00873 if(!rsip) continue;
00874 switch( (*ii)->m_sourceType )
00875 {
00876 case REVSOURCE_CRL:
00877 {
00878 CPKIFCRLInfoPtr crlInfo = RevInfoCast<CPKIFCRLInfo>(rsip);
00879 if(!crlInfo) continue;
00880 CPKIFCRLList crls;
00881 crlInfo->GetCRLs(crls);
00882 CPKIFCRLList::iterator iii;
00883 for(iii = crls.begin(); iii != crls.end(); ++iii)
00884 {
00885 CPKIFBufferPtr thumbprint = GetThumbprint((*iii));
00886 if(thumbprint && 0 != thumbprint->GetLength()) {
00887 ostringstream oss;
00888 oss << curDirectory.c_str() << distance(pathBegin, i) << ".ca."<< distance(rslBegin, ii) << "." << thumbprint->GetBuffer() << ".crl" << ends;
00889 CPKIFBufferPtr crlbuf = (*iii)->Encoded();
00890 WriteBufferToFile(oss.str(),crlbuf);
00891 AddCrlDetailsToManifest(manifestContents, oss.str().c_str(), (*iii));
00892 }
00893 }
00894 }
00895 break;
00896 case REVSOURCE_OCSP:
00897 {
00898 CPKIFOCSPInfoPtr ocspInfo = RevInfoCast<CPKIFOCSPInfo>(rsip);
00899 if(!ocspInfo) continue;
00900 CPKIFOCSPResponsePtr resp = ocspInfo->GetOCSPResponse();
00901 if(!resp) continue;
00902 CPKIFBufferPtr thumbprint = GetThumbprint(resp);
00903 if(thumbprint && 0 != thumbprint->GetLength()) {
00904 ostringstream oss;
00905 oss << curDirectory.c_str() << distance(pathBegin, i) << ".ca." << distance(rslBegin, ii) << "." << thumbprint->GetBuffer() << ".ocsp" << ends;
00906 CPKIFBufferPtr ocspbuf = resp->Encoded();
00907 WriteBufferToFile(oss.str(),ocspbuf);
00908 AddOcspDetailsToManifest(manifestContents, oss.str().c_str(), resp);
00909
00910 WriteCertsFromOcspResponseToFile(thumbprint, resp, curDirectory, manifestContents);
00911 }
00912 }
00913 break;
00914 default:
00915 break;
00916 }
00917
00918 }
00919 }
00920
00921 ostringstream oss;
00922 oss << curDirectory.c_str() << "PathManifest.txt" << ends;
00923 CPKIFBufferPtr manifestBuf(new CPKIFBuffer(false, (unsigned char*)manifestContents.str().c_str(), manifestContents.str().length()));
00924 WriteBufferToFile(oss.str(),manifestBuf);
00925
00926
00927 #ifdef __INCLUDE_SCVP_SUPPORT__
00928
00929 if(!m_pvr)
00930 return;
00931
00932 IPKIFExtHandlerDataPtr edh = m_pvr->GetExtHandlerData("PKIFSCVP_WantBacks");
00933 if(edh)
00934 {
00935 CPKIFReplyWantBack_ExtDataHandlerPtr erwb = dynamic_pointer_cast<CPKIFReplyWantBack_ExtDataHandler, IPKIFExtHandlerData>(edh);
00936 if(erwb)
00937 {
00938 CPKIFBufferPtr revInfoWB_ER, partialPathWB_ER, pkcCertWB_ER;
00939 CPKIFBufferPtr revInfoWB, partialPathWB;
00940 SeqResultsPtr partialPathWB_ER_SR, pkcCertWB_ER_SR;
00941 vector<SeqResultsPtr> revInfoWB_ER_SR;
00942
00943 std::vector<std::pair<CPKIFReplyWantBackPtr, std::vector<SeqResultsPtr> > >::iterator pos;
00944 std::vector<std::pair<CPKIFReplyWantBackPtr, std::vector<SeqResultsPtr> > >::iterator end = erwb->m_wantBacks.end();
00945 for(pos = erwb->m_wantBacks.begin(); pos != end; ++pos)
00946 {
00947 CPKIFOIDPtr posOid = (*pos).first->GetWB();
00948
00949 if(*g_id_swb_pkc_revocation_info2 == *posOid)
00950 {
00951 revInfoWB = (*pos).first->GetValue();
00952 }
00953 else if(*g_idSwbPartialCertPath2 == *posOid)
00954 {
00955 partialPathWB = (*pos).first->GetValue();
00956 }
00957 else if(*g_idSwbErsPkcCert2 == *posOid)
00958 {
00959 pkcCertWB_ER = (*pos).first->GetValue();
00960 if(!(*pos).second.empty())
00961 pkcCertWB_ER_SR = (*pos).second.front();
00962 }
00963 else if(*g_idSwbErsPartialCertPath2 == *posOid)
00964 {
00965 partialPathWB_ER = (*pos).first->GetValue();
00966 if(!(*pos).second.empty())
00967 partialPathWB_ER_SR = (*pos).second.front();
00968 }
00969 else if(*g_idSwbErsRevocationInfo2 == *posOid)
00970 {
00971 revInfoWB_ER = (*pos).first->GetValue();
00972 if(!(*pos).second.empty())
00973 copy((*pos).second.begin(), (*pos).second.end(), back_inserter(revInfoWB_ER_SR));
00974 }
00975 }
00976
00977 if(pkcCertWB_ER)
00978 DumpEvidenceRecordDetailsForTargetCertificate(pkcCertWB_ER, curDirectory, pkcCertWB_ER_SR);
00979 if(partialPathWB_ER && partialPathWB)
00980 DumpEvidenceRecordDetailsForPartialPath(partialPathWB_ER, partialPathWB, curDirectory, partialPathWB_ER_SR);
00981 if(revInfoWB_ER && revInfoWB)
00982 DumpEvidenceRecordDetailsForRevInfo(revInfoWB_ER, revInfoWB, curDirectory, revInfoWB_ER_SR);
00983 }
00984 }
00985
00986 #endif
00987 }
00988
00996 void PathDumpDialog::OnDumpRevInfo( wxCommandEvent &event )
00997 {
00998 SaveRIToDisk();
00999 }
01007 void PathDumpDialog::OnSaveCerts( wxCommandEvent &event )
01008 {
01009 SavePathToDisk();
01010 }
01011
01012 void PathDumpDialog::OnSaveLog( wxCommandEvent &event )
01013 {
01014 SaveLogToDisk();
01015 }
01016
01024 int PathDumpDialog::DumpPath(
01026 CPKIFCertificatePathPtr path,
01027 const char* appInfo,
01029 bool bPrepareOnly)
01030 {
01031 if(path) {
01032 m_path = path;
01033 CPKIFPathLogger logger;
01034 ostringstream os;
01035 if(appInfo)
01036 logger.LogPath(*path,appInfo,&os);
01037 else
01038 logger.LogPath(*path,"PKIF Resources",&os);
01039 GetPathDumpDetails()->SetValue(wxString(os.str().c_str(),wxConvUTF8));
01040 } else {
01041 GetPathDumpDetails()->SetValue(wxT("No path was constructed."));
01042 GetDumpSaveCerts()->Enable(false);
01043 }
01044 CPKIFCertificateNodeList foundpath;
01045 m_path->GetPath(foundpath);
01046 IPKIFTrustAnchorPtr root;
01047 m_path->GetTrustRoot(root);
01048 if(!foundpath.size() && !root) {
01049 GetDumpSaveCerts()->Enable(false);
01050 }
01051 Layout();
01052 if(!bPrepareOnly)
01053 return ShowModal();
01054 else
01055 return 0;
01056 }
01064 int PathDumpDialog::DumpResults(
01066 CPKIFCertificatePathPtr path,
01068 CPKIFPathValidationResultsPtr pvr,
01069 const char* appInfo,
01071 bool bPrepareOnly)
01072 {
01073 if(!pvr) return DumpPath(path, appInfo, bPrepareOnly);
01074 m_path = path;
01075 m_pvr = pvr;
01076 ostringstream os;
01077 CPKIFPathLogger logger;
01078 if(appInfo)
01079 logger.LogValidationResults(*pvr,*path,appInfo,&os);
01080 else
01081 logger.LogValidationResults(*pvr,*path,"PKIThing",&os);
01082
01083 #ifdef __INCLUDE_SCVP_SUPPORT__
01084
01085
01086
01087
01088
01089 IPKIFExtHandlerDataPtr edh = pvr->GetExtHandlerData("PKIFSCVP_WantBacks");
01090 if(edh)
01091 {
01092 CPKIFReplyWantBack_ExtDataHandlerPtr erwb = dynamic_pointer_cast<CPKIFReplyWantBack_ExtDataHandler, IPKIFExtHandlerData>(edh);
01093 if(erwb)
01094 {
01095 LogEvidenceRecordWantBackDetails(erwb, &os);
01096 }
01097 }
01098
01099 #endif
01100
01101 GetPathDumpDetails()->SetValue(wxString(os.str().c_str(),wxConvUTF8));
01102 Layout();
01103 if(!bPrepareOnly)
01104 return ShowModal();
01105 else
01106 return 0;
01107 }
01115 void PathDumpDialog::SavePathToDisk(void)
01116 {
01117 IPKIFTrustAnchorPtr root;
01118 m_path->GetTrustRoot(root);
01119 const CPKIFTrustRoot* taPtr = dynamic_cast<const CPKIFTrustRoot*>(&(*(root)));
01120 CPKIFCertificatePtr rootCert;
01121 if(taPtr)
01122 {
01123 if(taPtr) taPtr->GetCert(rootCert);
01124 }
01125
01126 CPKIFCertificateNodeList path;
01127 m_path->GetPath(path);
01128
01129 if(rootCert) {
01130 wxString prompt;
01131 prompt.Printf(wxT("Save certificate for %s As:"),WXCASTCHARS(rootCert->Subject()->ToString()));
01132 wxString tafile = wxFileSelector(prompt,0,0,wxT(".der"),wxT("*.der"),wxSAVE);
01133 if(tafile != wxT("")) {
01134 CPKIFBufferPtr certbuf = rootCert->Encoded();
01135 WriteBufferToFile(string(tafile.mb_str()),certbuf);
01136 }
01137 }
01138
01139 CPKIFCertificateNodeList::iterator i;
01140 for(i = path.begin(); i != path.end(); ++i)
01141 {
01142 CPKIFCertificatePtr cert = (*i)->GetCert();
01143 if(cert) {
01144 wxString prompt;
01145 prompt.Printf(wxT("Save certificate for %s As:"),WXCASTCHARS(cert->Subject()->ToString()));
01146 wxString certfile = wxFileSelector(prompt,0,0,wxT(".der"),wxT("*.der"),wxSAVE);
01147 if(certfile != wxT("")) {
01148 CPKIFBufferPtr certbuf = cert->Encoded();
01149 WriteBufferToFile(string(certfile.mb_str()),certbuf);
01150 }
01151 }
01152 }
01153 }
01154
01155 void PathDumpDialog::SaveLogToDisk(void)
01156 {
01157 wxString logFile = wxFileSelector(wxT("Save log as"),0,0,wxT(".txt"),wxT("*.txt"),wxSAVE);
01158 if(logFile != wxT(""))
01159 {
01160 wxString val = GetPathDumpDetails()->GetValue();
01161 if(!val.IsEmpty())
01162 {
01163 CPKIFBufferPtr certbuf(new CPKIFBuffer((unsigned char*)val.mb_str(), val.Length()));
01164 WriteBufferToFile(string(logFile.mb_str()),certbuf);
01165 }
01166 }
01167 }
01168
01176 void PathDumpDialog::SaveRIToDisk(void)
01177 {
01178 CPKIFCertificateNodeList path;
01179 m_path->GetPath(path);
01180 CPKIFCertificateNodeList::iterator i;
01181 for(i = path.begin(); i != path.end(); ++i)
01182 {
01183 CPKIFCertStatusPtr stat = (*i)->GetStatus();
01184 if(!stat) continue;
01185 RevocationSourceList rsl;
01186 stat->GetRevocationSources(rsl);
01187 RevocationSourceList::iterator ii;
01188 for(ii = rsl.begin(); ii != rsl.end(); ++ii)
01189 {
01190 IPKIFRevSourceInfoPtr rsip = (*ii)->m_sourceInfo;
01191 if(!rsip) continue;
01192 switch( (*ii)->m_sourceType )
01193 {
01194 case REVSOURCE_CRL:
01195 {
01196 CPKIFCRLInfoPtr crlInfo = RevInfoCast<CPKIFCRLInfo>(rsip);
01197 if(!crlInfo) continue;
01198 CPKIFCRLList crls;
01199 crlInfo->GetCRLs(crls);
01200 CPKIFCRLList::iterator iii;
01201 for(iii = crls.begin(); iii != crls.end(); ++iii)
01202 {
01203 wxString prompt;
01204 prompt.Printf(wxT("Save CRL from %s as"),WXCASTCHARS((*iii)->Issuer()->ToString()));
01205 wxString crlFile = wxFileSelector(prompt,0,0,wxT(".der"),wxT("*.der"),wxSAVE);
01206 if(crlFile != wxT("")) {
01207 CPKIFBufferPtr buf = (*iii)->Encoded();
01208 WriteBufferToFile(string(crlFile.mb_str()),buf);
01209 }
01210 }
01211 }
01212 break;
01213 case REVSOURCE_OCSP:
01214 {
01215 CPKIFOCSPInfoPtr ocspInfo = RevInfoCast<CPKIFOCSPInfo>(rsip);
01216 if(!ocspInfo) continue;
01217 CPKIFOCSPResponsePtr resp = ocspInfo->GetOCSPResponse();
01218 if(!resp) continue;
01219 wxString prompt;
01220 prompt.Printf(wxT("Save OCSP response for %s as"),WXCASTCHARS((*i)->GetCert()->Subject()->ToString()));
01221 wxString respFile = wxFileSelector(prompt,0,0,wxT(".der"),wxT("*.der"),wxSAVE);
01222 if(respFile != wxT("")) {
01223 CPKIFBufferPtr buf = resp->Encoded();
01224 WriteBufferToFile(string(respFile.mb_str()),buf);
01225 }
01226 }
01227 break;
01228 default:
01229 break;
01230 }
01231
01232 }
01233 }
01234
01235 }
