SigningCertificateAttribute.cpp

Go to the documentation of this file.
00001 
00009 #include "SigningCertificateAttribute.h"
00010 
00011 #include "PKIFTime.h"
00012 #include "ToolkitUtils.h"
00013 #include "Buffer.h"
00014 #include "OID.h"
00015 #include "ASN1Helper.h"
00016 #include "PolicyInformation.h"
00017 #include "PolicyQualifier.h"
00018 #include "ESSCertId.h"
00019 
00020 #include "CryptographicMessageSyntax2004.h"
00021 #include "ExtendedSecurityServices.h"
00022 
00023 #include "PKIFMessageException.h"
00024 #include "PKIFMessageErrors.h"
00025 
00026 
00027 
00029 struct CPKIFSigningCertificateAttributeImpl
00030 {
00031     CPKIFESSCertIdListPtr m_essCertIDList;
00032     CPKIFPolicyInformationListPtr m_policyList;
00033 
00034   void ParseAttributes (const unsigned char *buf, const unsigned int length);
00035   void populateASN1OBJID(std::string objIdStr, ASN1OBJID *asn1ObjIdPtr);
00036 };
00044 void CPKIFSigningCertificateAttributeImpl::ParseAttributes (
00046     const unsigned char *buf, 
00048     const unsigned int length)
00049 {
00050     CACASNWRAPPER_CREATE(CACCMSAttributeValues, attrsVals);
00051     CACCMSAttributeValues* attributesList = attrsVals.Decode(buf, length);
00052 
00053     ASN1OpenType* ot = (ASN1OpenType*)((DListNode*)attributesList->head)->data;
00054     CPKIFASNWrapper<CACCMSSigningCertificate> cmsSigningCertificate(BEREncCACCMSSigningCertificate, BERDecCACCMSSigningCertificate);
00055 
00056     //eliminated check for 0 that was errorneously resulting in exceptions.  Decode will throw an
00057     //exception if it fails - 12/5/2003
00058     cmsSigningCertificate.Decode(ot->data, ot->numocts);
00059 
00060     CACCMSSigningCertificate* tmpCACCMSSigningCertificate = (CACCMSSigningCertificate*)cmsSigningCertificate.data();
00061 
00062     if(tmpCACCMSSigningCertificate->m.policiesPresent > 0)
00063     {
00064         CPKIFPolicyInformationListPtr tmpuserPolicySet(new CPKIFPolicyInformationList());
00065         DListNode* cur = tmpCACCMSSigningCertificate->policies.head;
00066         while(NULL != cur)
00067         {
00068             ASN1OBJID* tmp = (ASN1OBJID*)cur->data;
00069             CPKIFOIDPtr tmpOID(new CPKIFOID(tmp->subid, tmp->numids));
00070 
00071             CPKIFPolicyInformationPtr tmpPolInfo(new CPKIFPolicyInformation(tmpOID));
00072             tmpuserPolicySet->push_back(tmpPolInfo);
00073 
00074             cur = cur->next;
00075         }
00076         m_policyList = tmpuserPolicySet;
00077     }
00078 
00079     CPKIFESSCertIdListPtr tmpESSCertIdList(new CPKIFESSCertIdList());
00080     DListNode* cur2 = tmpCACCMSSigningCertificate->certs.head;
00081     while(NULL != cur2)
00082     {
00083         CACCMSESSCertID* tmp = (CACCMSESSCertID*)cur2->data;
00084         CACASNWRAPPER_CREATE(CACCMSESSCertID, objPDU2);
00085         ASN1OpenType* data1 = objPDU2.Encode(tmp);
00086         CPKIFBufferPtr tmpBuf(new CPKIFBuffer(data1->data, data1->numocts));
00087         CPKIFESSCertIdPtr tmpESSCertId(new CPKIFESSCertId(tmpBuf));
00088 
00089         tmpESSCertIdList->push_back(tmpESSCertId);
00090 
00091         cur2 = cur2->next;
00092     }
00093     m_essCertIDList = tmpESSCertIdList;
00094 }
00095 
00096 
00098 
00099    //id-aa-signingCertificate OBJECT IDENTIFIER ::= { iso(1)
00100    //    member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs9(9)
00101    //    smime(16) id-aa(2) 12 }
00102 char CPKIFSigningCertificateAttribute::extOID[] = "1.2.840.113549.1.9.16.2.12";
00103 
00111 CPKIFSigningCertificateAttribute::CPKIFSigningCertificateAttribute()
00112     :m_impl (new CPKIFSigningCertificateAttributeImpl)
00113 {
00114     LOG_STRING_DEBUG("CPKIFSigningCertificateAttribute::CPKIFSigningCertificateAttribute()", TOOLKIT_MESSAGE_ASN, 0, this);
00115 }
00116 
00124 CPKIFSigningCertificateAttribute::CPKIFSigningCertificateAttribute(
00126     const CPKIFBufferPtr& buf)
00127     :m_impl (new CPKIFSigningCertificateAttributeImpl)
00128 {
00129     LOG_STRING_DEBUG("CPKIFSigningCertificateAttribute::CPKIFSigningCertificateAttribute(const CACCMSAttribute& ext)", TOOLKIT_MESSAGE_ASN, 0, this);
00130 
00131     m_impl->ParseAttributes (buf->GetBuffer(), buf->GetLength());
00132 }
00133 
00141 CPKIFSigningCertificateAttribute::~CPKIFSigningCertificateAttribute()
00142 {
00143     LOG_STRING_DEBUG("CPKIFSigningCertificateAttribute::~CPKIFSigningCertificateAttribute()", TOOLKIT_MESSAGE_ASN, 0, this);
00144     
00145     delete m_impl;
00146     m_impl = NULL;
00147 }
00148 
00149 //generic attribute functions
00157 CPKIFOIDPtr CPKIFSigningCertificateAttribute::GetOID() const
00158 {
00159     return g_signingCertificateAttribute;
00160 }
00168 void CPKIFSigningCertificateAttribute::GetValues(
00170     CPKIFBufferList& values) const
00171 {
00172     LOG_STRING_DEBUG("CPKIFSigningCertificateAttribute::GetValues(CPKIFBufferList& values)", TOOLKIT_MESSAGE_ASN, 0, this);
00173 
00174     CACCMSSigningCertificate theSigningCertificate;
00175     memset(&theSigningCertificate,0x00,sizeof(CACCMSSigningCertificate));
00176 
00177     if(m_impl->m_essCertIDList != (CPKIFESSCertIdList*)NULL && !m_impl->m_essCertIDList->empty())
00178     {
00179         DListNode* curCertID = NULL;
00180         //iterate over oids
00181         CPKIFESSCertIdList::iterator certIDPos; 
00182         CPKIFESSCertIdList::iterator certIDEnd = m_impl->m_essCertIDList->end();
00183         for(certIDPos = m_impl->m_essCertIDList->begin(); certIDPos != certIDEnd; ++certIDPos)
00184         {
00185             if(NULL == curCertID)
00186             {
00187                 NEW_NODE(curCertID)
00188             }
00189             else
00190             {
00191                 NEW_NEXT_AND_ADVANCE(curCertID)
00192             }
00193 
00194             CACCMSESSCertID* tmpCertID = new CACCMSESSCertID;
00195             memset(tmpCertID , 0, sizeof(CACCMSESSCertID));
00196                         
00197 
00198             tmpCertID->certHash.data = (*certIDPos)->GetCertHash()->GetBuffer();
00199             tmpCertID->certHash.numocts = (*certIDPos)->GetCertHash()->GetLength();
00200 
00201             // ESSCertIds produced by PKIF will always have ISN
00202             tmpCertID->m.issuerSerialPresent = 1;
00203             // the cert will hang around until this is done encoding, so there's no need to copy the string.
00204             // be sure not to free it later. the cert object owns it.
00205             tmpCertID->issuerSerial.serialNumber = (*certIDPos)->GetSerialNumber();
00206             
00207             CPKIFGeneralNameListPtr nameList;
00208             (*certIDPos)->GetIssuerName(nameList);
00209             if(nameList == (CPKIFGeneralNameList*)NULL)
00210             {
00211                 throw CPKIFMessageException(TOOLKIT_MESSAGE_ASN, MSG_INCOMPLETE, "Issuer Names value not specified in ESSCertID.");
00212             }
00213             DListNode* curName = NULL;
00214             CPKIFGeneralNameList::iterator namePos; 
00215             CPKIFGeneralNameList::iterator nameEnd = nameList->end();
00216             for(namePos = nameList->begin(); namePos != nameEnd; ++namePos)
00217             {
00218 
00219                 if(NULL == curName)
00220                 {
00221                     NEW_NODE(curName)
00222                 }
00223                 else
00224                 {
00225                     NEW_NEXT_AND_ADVANCE(curName)
00226                 }
00227 
00228                 CACX509V3GeneralName *name = new CACX509V3GeneralName;
00229                 memset(name, 0, sizeof(CACX509V3GeneralName));
00230 
00231                 CopyGeneralName((*name), (*namePos));   
00232 
00233                 curName->data = name;
00234 
00235                 SET_HEAD_TAIL_INCREMENT(tmpCertID->issuerSerial.issuer, curName)
00236             }
00237             curCertID->data = tmpCertID;
00238 
00239             SET_HEAD_TAIL_INCREMENT(theSigningCertificate.certs, curCertID)
00240         }
00241     }
00242     else
00243     {
00244         throw CPKIFMessageException(TOOLKIT_MESSAGE_ASN, MSG_INCOMPLETE, "certs field of CACCMSSigningCertificate object is not specified");
00245     }
00246 
00247     if(m_impl->m_policyList != (CPKIFOIDList*)NULL && !m_impl->m_policyList->empty())
00248     {
00249         DListNode* curPol = NULL;
00250         //iterate over oids
00251         CPKIFPolicyInformationList::iterator oidPos;    
00252         CPKIFPolicyInformationList::iterator oidEnd = m_impl->m_policyList->end();
00253         for(oidPos = m_impl->m_policyList->begin(); oidPos != oidEnd; ++oidPos)
00254         {
00255             if(NULL == curPol)
00256             {
00257                 NEW_NODE(curPol)
00258             }
00259             else
00260             {
00261                 NEW_NEXT_AND_ADVANCE(curPol)
00262             }
00263 
00264             CACX509V3PolicyInformation *policyInfo = new CACX509V3PolicyInformation;
00265             memset(policyInfo, 0, sizeof(CACX509V3PolicyInformation));
00266 
00267             
00268             CPKIFStringPtr str(new std::string((*oidPos)->PolicyOID()->ToString())); 
00269             m_impl->populateASN1OBJID(str->c_str(), &policyInfo->policyIdentifier);
00270 
00271             CPKIFPolicyQualifierListPtr qList = (*oidPos)->Qualifiers();
00272 
00273             if(qList != (CPKIFPolicyQualifierList*)NULL)
00274             {
00275                 DListNode* curQualifier = NULL;
00276                 CPKIFPolicyQualifierList::iterator qualifierPos;    
00277                 CPKIFPolicyQualifierList::iterator qualifierEnd = qList->end();
00278                 for(qualifierPos = qList->begin(); qualifierPos != qualifierEnd; ++qualifierPos)
00279                 {
00280 
00281                     if(NULL == curQualifier)
00282                     {
00283                         NEW_NODE(curQualifier)
00284                     }
00285                     else
00286                     {
00287                         NEW_NEXT_AND_ADVANCE(curQualifier)
00288                     }
00289 
00290                     CACX509V3PolicyQualifierInfo *q = new CACX509V3PolicyQualifierInfo;
00291                     memset(q, 0, sizeof(CACX509V3PolicyQualifierInfo));
00292 
00293                     m_impl->populateASN1OBJID((*qualifierPos)->QualifierID()->ToString(), &q->policyQualifierId);
00294                     q->qualifier.data = new unsigned char[(*qualifierPos)->Qualifier()->GetLength()];
00295                     memcpy((void*)q->qualifier.data, (*qualifierPos)->Qualifier()->GetBuffer(), (*qualifierPos)->Qualifier()->GetLength());
00296 
00297                     CACASNWRAPPER_CREATE(CACX509V3PolicyQualifierInfo, objPDUCACX509V3PolicyQualifierInfo);
00298                     ASN1OpenType* data1 = objPDUCACX509V3PolicyQualifierInfo.Encode(q);
00299                     
00300                     curQualifier->data = new unsigned char[data1->numocts];
00301                     memcpy((void*)curQualifier->data,  data1->data, data1->numocts);
00302 
00303                     SET_HEAD_TAIL_INCREMENT(policyInfo->policyQualifiers, curQualifier)
00304                 }
00305             }
00306             
00307             curPol->data = policyInfo;
00308 
00309             SET_HEAD_TAIL_INCREMENT(theSigningCertificate.policies, curPol)
00310         }
00311         theSigningCertificate.m.policiesPresent = 1;
00312     }
00313 
00314     CPKIFASNWrapper<CACCMSSigningCertificate> objPDU(BEREncCACCMSSigningCertificate, BERDecCACCMSSigningCertificate);
00315     ASN1OpenType* data1 = objPDU.Encode(&theSigningCertificate);
00316 
00317     try
00318     {
00319         //copy the buffer info a buffer ptr to be returned to the caller
00320         CPKIFBufferPtr tmp(new CPKIFBuffer((unsigned char*)data1->data, data1->numocts));
00321         delete data1; data1 = NULL;
00322         values.push_back(tmp);
00323     }
00324     catch(std::bad_alloc& ba)
00325     {
00326         if(data1)
00327             delete data1;
00328         throw ba;
00329     }
00330 
00331 
00332     //delete allocated stuff
00333     DListNode* cur = NULL, *tmp = NULL;
00334     if(theSigningCertificate.certs.count > 0)
00335     {
00336         cur = theSigningCertificate.certs.head;
00337         while(NULL != cur)
00338         {
00339             tmp = cur->next;
00340 
00341             if(NULL != cur && NULL != cur->data)
00342             {
00343                 CACCMSESSCertID* tmpCertID = (CACCMSESSCertID*)cur->data;
00344                 // !!! Don't free this. Rather than copying, we're content to let someone else own it
00345                 //if(tmpCertID->issuerSerial.serialNumber != NULL)
00346                 //  delete tmpCertID->issuerSerial.serialNumber;
00347                 delete cur->data;
00348             }
00349             delete cur;
00350             cur = tmp;
00351         }
00352     }
00353     if(theSigningCertificate.m.policiesPresent && theSigningCertificate.policies.count > 0)
00354     {
00355         cur = theSigningCertificate.policies.head;
00356         while(NULL != cur)
00357         {
00358             tmp = cur->next;
00359             
00360             if(NULL != cur && NULL != cur->data)
00361             {
00362                 CACX509V3PolicyInformation* tmpPolInfo= (CACX509V3PolicyInformation*)cur->data;
00363                 DListNode* cur2 = NULL, *tmp2 = NULL;
00364                 cur2 = tmpPolInfo->policyQualifiers.head;
00365                 while(NULL != cur2)
00366                 {
00367                     tmp2 = cur2->next;
00368                     if(NULL != cur2 && NULL != cur2->data)
00369                     {
00370                         delete cur2->data;
00371                     }
00372                     cur2 = tmp;
00373                 }
00374                 delete cur->data;
00375             }
00376             delete cur;
00377             cur = tmp;
00378         }
00379     }
00380 }
00388 CPKIFESSCertIdListPtr CPKIFSigningCertificateAttribute::GetCerts() const
00389 {
00390     return m_impl->m_essCertIDList;
00391 }
00399 CPKIFPolicyInformationListPtr CPKIFSigningCertificateAttribute::GetPolicies() const
00400 {
00401     return m_impl->m_policyList;
00402 }
00410 void CPKIFSigningCertificateAttribute::SetCerts(
00412     CPKIFESSCertIdListPtr& certIDList)
00413 {
00414     m_impl->m_essCertIDList = certIDList;
00415 }
00423 void CPKIFSigningCertificateAttribute::SetPolicies(
00425     CPKIFPolicyInformationListPtr& policyList)
00426 {
00427     m_impl->m_policyList = policyList;
00428 }
00436 void CPKIFSigningCertificateAttributeImpl::populateASN1OBJID(
00438     std::string objIdStr,
00440     ASN1OBJID *asn1ObjIdPtr)
00441 {
00442     unsigned int    start = 0;
00443     int             offset;
00444     std::string         subStr, remainingStr;
00445     
00446     offset = objIdStr.find_first_of(".");
00447     while (start < objIdStr.length())
00448     {
00449         if (offset == -1)
00450         {
00451             offset = objIdStr.length() - start;
00452         }
00453         subStr =  objIdStr.substr(start, offset);
00454         asn1ObjIdPtr->subid[asn1ObjIdPtr->numids] = strtoul(subStr.c_str(),
00455                                                             NULL, 10);
00456         asn1ObjIdPtr->numids++;
00457         assert(asn1ObjIdPtr->numids < ASN_K_MAXSUBIDS);
00458         start += offset + 1;
00459         if (start < objIdStr.length())
00460         {   
00461             remainingStr = objIdStr.substr(start, objIdStr.length() - start);
00462             offset = remainingStr.find_first_of(".");
00463         }
00464     }
00465 }
Generated on Mon Nov 15 11:15:56 2010 for PublicKeyInfrastructureFramework(PKIF) by  doxygen 1.5.6