SimpleCertCache.cpp

Go to the documentation of this file.
00001 
00009 #include "SimpleCertCache.h"
00010 #include "PKIFCacheErrors.h"
00011 #include "ToolkitUtils.h" 
00012 #include "Certificate.h"
00013 #include "Name.h"
00014 #include "PKIFCertificateNodeEntry.h"
00015 #include "GottaMatch.h"
00016 #include "Buffer.h"
00017 #include "PKIFCacheException.h"
00018 
00019 #include "IPKIFSearchCriteria.h"
00020 #include "KeyIDBasedSearch.h"
00021 #include "NameBasedSearch.h"
00022 #include "IssuerNameAndSerialNumberBasedSearch.h"
00023 #include "SubjectKeyIdentifier.h"
00024 
00025 #include "boost/filesystem/operations.hpp"
00026 #include "boost/filesystem/path.hpp"
00027 #include "boost/thread/recursive_mutex.hpp"
00028 
00029 #include "boost/numeric/conversion/cast.hpp"
00030 #include "boost/numeric/conversion/bounds.hpp"
00031 #include "boost/limits.hpp"
00032 
00033 using boost::numeric_cast;
00034 using boost::bad_numeric_cast;
00035 using boost::dynamic_pointer_cast;
00036 
00037 namespace fs = boost::filesystem;
00038 #include <deque>
00039 #include <sstream>
00040 
00041 #ifdef _DEBUG
00042 #include <iostream>
00043 #endif
00044 
00045 using namespace std;
00046 
00048 struct SimpleCertCacheImpl
00049 {
00057     SimpleCertCacheImpl ():m_me() 
00058     {
00059     };
00060     void _GetCertificates(const CPKIFNamePtr& subDN, CPKIFCertificateNodeList& certNodeList, PKIInfoSource source = ALL, PathBuildingDirection pbd = PBD_FORWARD);
00061 
00062     deque<CPKIFCertificateNodeEntryPtr> m_certList;
00063     //CACMonitorDataPtr m_md;
00064     boost::recursive_mutex m_me;
00065 
00066     //IPKIFCertSearch support
00067     void GetAllCertificates(IPKIFNameAndKeyList& keyList);
00068     void GetCertificatesBySubjectName(CPKIFNamePtr& n, IPKIFNameAndKeyList& keyList);
00069     void GetCertificatesByIssuerName(CPKIFNamePtr& n, IPKIFNameAndKeyList& keyList);
00070     void GetCertificatesByIssuerAndSerial(CPKIFNamePtr& n, const char* serial, IPKIFNameAndKeyList& keyList);
00071     void GetCertificatesByKeyIdentifier(CPKIFBufferPtr& keyId, IPKIFNameAndKeyList& keyList);
00072 };
00073 
00074 void SimpleCertCacheImpl::GetAllCertificates(IPKIFNameAndKeyList& keyList)
00075 {
00076     if(!m_certList.empty())
00077     {
00078         deque<CPKIFCertificateNodeEntryPtr>::iterator pos;
00079         deque<CPKIFCertificateNodeEntryPtr>::iterator end = m_certList.end();
00080         for(pos = m_certList.begin(); pos != end; ++pos)
00081         {
00082             CPKIFCertificatePtr cert = (*pos)->GetCert();
00083             IPKIFNameAndKeyPtr inak = dynamic_pointer_cast<IPKIFNameAndKey, CPKIFCertificate>(cert);
00084             keyList.push_back(inak);
00085         }
00086     }
00087 }
00088 void SimpleCertCacheImpl::GetCertificatesBySubjectName(CPKIFNamePtr& n, IPKIFNameAndKeyList& keyList)
00089 {
00090     if(!m_certList.empty())
00091     {
00092         deque<CPKIFCertificateNodeEntryPtr>::iterator pos;
00093         deque<CPKIFCertificateNodeEntryPtr>::iterator end = m_certList.end();
00094         for(pos = m_certList.begin(); pos != end; ++pos)
00095         {
00096             CPKIFCertificatePtr cert = (*pos)->GetCert();
00097             if(cert && *n == *cert->Subject())
00098             {               
00099                 IPKIFNameAndKeyPtr inak = dynamic_pointer_cast<IPKIFNameAndKey, CPKIFCertificate>(cert);
00100 
00101                 keyList.push_back(inak);
00102             }
00103         }
00104     }
00105 }
00106 void SimpleCertCacheImpl::GetCertificatesByIssuerName(CPKIFNamePtr& n, IPKIFNameAndKeyList& keyList)
00107 {
00108     if(!m_certList.empty())
00109     {
00110         deque<CPKIFCertificateNodeEntryPtr>::iterator pos;
00111         deque<CPKIFCertificateNodeEntryPtr>::iterator end = m_certList.end();
00112         for(pos = m_certList.begin(); pos != end; ++pos)
00113         {
00114             CPKIFCertificatePtr cert = (*pos)->GetCert();
00115             if(cert && *n == *cert->Issuer())
00116             {               
00117                 IPKIFNameAndKeyPtr inak = dynamic_pointer_cast<IPKIFNameAndKey, CPKIFCertificate>(cert);
00118 
00119                 keyList.push_back(inak);
00120             }
00121         }
00122     }
00123 }
00124 void SimpleCertCacheImpl::GetCertificatesByIssuerAndSerial(CPKIFNamePtr& n, const char* serial, IPKIFNameAndKeyList& keyList)
00125 {
00126     if(!m_certList.empty())
00127     {
00128         deque<CPKIFCertificateNodeEntryPtr>::iterator pos;
00129         deque<CPKIFCertificateNodeEntryPtr>::iterator end = m_certList.end();
00130         for(pos = m_certList.begin(); pos != end; ++pos)
00131         {
00132             CPKIFCertificatePtr cert = (*pos)->GetCert();
00133             if(cert && ((*n == *cert->GetIssuerName()) && 0 == stricmp(serial, cert->SerialNumber())))
00134             {
00135                 IPKIFNameAndKeyPtr inak = dynamic_pointer_cast<IPKIFNameAndKey, CPKIFCertificate>(cert);
00136                 keyList.push_back(inak);
00137             }
00138         }
00139     }
00140 }
00141 void SimpleCertCacheImpl::GetCertificatesByKeyIdentifier(CPKIFBufferPtr& keyId, IPKIFNameAndKeyList& keyList)
00142 {
00143     if(!m_certList.empty())
00144     {
00145         deque<CPKIFCertificateNodeEntryPtr>::iterator pos;
00146         deque<CPKIFCertificateNodeEntryPtr>::iterator end = m_certList.end();
00147         for(pos = m_certList.begin(); pos != end; ++pos)
00148         {
00149             CPKIFCertificatePtr cert = (*pos)->GetCert();
00150             CPKIFBufferPtr kidFromCert;
00151             if(cert)
00152             {
00153                 CPKIFSubjectKeyIdentifierPtr skid = cert->GetExtension<CPKIFSubjectKeyIdentifier>();
00154                 if(skid)
00155                     kidFromCert = skid->KeyIdentifier();
00156             }
00157 
00158             if(kidFromCert && (*keyId == *kidFromCert))
00159             {
00160                 IPKIFNameAndKeyPtr inak = dynamic_pointer_cast<IPKIFNameAndKey, CPKIFCertificate>(cert);
00161                 keyList.push_back(inak);
00162             }
00163         }
00164     }
00165 }
00174 void SimpleCertCacheImpl::_GetCertificates(
00176     const CPKIFNamePtr& subDN,
00178     CPKIFCertificateNodeList& certNodeList,
00180     PKIInfoSource source,
00182     PathBuildingDirection pbd)
00183 {
00184     LOG_STRING_DEBUG("SimpleCertCache::_GetCertificates(const CPKIFNamePtr& subDN, CPKIFCertificateNodeList& certNodeList, PKIInfoSource source)", TOOLKIT_SR_SIMPLECERTCACHE, 0, this);
00185 
00186 #ifdef _DEBUG
00187     //cout << "SimpleCertCache size: " << m_impl->m_certList.size() << " fetching " << subDN->string() << endl;
00188 #endif
00189 
00190     //CCACSynchronizedObject so(m_impl->m_md);
00191     boost::recursive_mutex::scoped_lock lock(m_me);
00192     //ignore requests for remote certificates
00193     if(REMOTE == source)
00194     {
00195         LOG_STRING_DEBUG("Skipping SimpleCertCache colleague - searching REMOTE sources only", TOOLKIT_SR_SIMPLECERTCACHE, 0, this);
00196         return;
00197     }
00198 
00199     const size_t origSize = certNodeList.size();
00200 
00201 #ifdef _DEBUG
00202     const char* subDNStr = NULL;
00203     if(subDN)
00204         subDNStr = subDN->ToString();
00205 #endif
00206 
00207     std::string strSource = "ImMemoryCertStore";
00208     deque<CPKIFCertificateNodeEntryPtr>::iterator pos;
00209     deque<CPKIFCertificateNodeEntryPtr>::iterator end = m_certList.end();
00210     for(pos = m_certList.begin(); pos != end; ++pos)
00211     {
00212         if(!subDN)
00213         {
00214             //cert nodes contain a mix of persistent info and info that should
00215             //not persist - create a new node object and populate it with 
00216             //the persistent information
00217             //throw bad_alloc; nothing to clean up in this function
00218             CPKIFCertificateNodeEntryPtr certNode(new CPKIFCertificateNodeEntry);
00219             certNode->SetCert((*pos)->GetCert());
00220             certNode->SetSource((*pos)->GetSource());
00221 
00222             certNode->AddSource(strSource);
00223             certNodeList.push_back(certNode);
00224         }
00225         else if(PBD_FORWARD == pbd && *subDN == *(*pos)->GetCert()->Subject())
00226         {
00227             //cert nodes contain a mix of persistent info and info that should
00228             //not persist - create a new node object and populate it with 
00229             //the persistent information
00230             //throw bad_alloc; nothing to clean up in this function
00231             CPKIFCertificateNodeEntryPtr certNode(new CPKIFCertificateNodeEntry);
00232             certNode->SetCert((*pos)->GetCert());
00233             certNode->SetSource((*pos)->GetSource());
00234 
00235             GottaMatch<CPKIFCertificateNodeEntryPtr> gm;
00236             gm.SetRHS(certNode);
00237             if(certNodeList.end() == find_if(certNodeList.begin(), certNodeList.end(), gm))
00238             {
00239                 certNode->AddSource(strSource);
00240                 certNodeList.push_back(certNode);
00241             }
00242         }
00243         else if(PBD_REVERSE == pbd && *subDN == *(*pos)->GetCert()->Issuer())
00244         {
00245             //cert nodes contain a mix of persistent info and info that should
00246             //not persist - create a new node object and populate it with 
00247             //the persistent information
00248             //throw bad_alloc; nothing to clean up in this function
00249             CPKIFCertificateNodeEntryPtr certNode(new CPKIFCertificateNodeEntry);
00250             certNode->SetCert((*pos)->GetCert());
00251             certNode->SetSource((*pos)->GetSource());
00252 
00253             GottaMatch<CPKIFCertificateNodeEntryPtr> gm;
00254             gm.SetRHS(certNode);
00255             if(certNodeList.end() == find_if(certNodeList.begin(), certNodeList.end(), gm))
00256             {
00257                 certNode->AddSource(strSource);
00258                 certNodeList.push_back(certNode);
00259             }
00260         }
00261     }
00262 
00263     if(origSize != certNodeList.size())
00264     {
00265         std::string logStr = "Found one or more certificates for subject ";
00266         if(subDN)
00267             logStr.append(subDN->ToString());
00268         else
00269             logStr.append("empty");
00270         LOG_STRING_DEBUG(logStr.c_str(), TOOLKIT_SR_SIMPLECERTCACHE, 0, this);
00271     }
00272     else
00273     {
00274         std::string logStr = "Failed to find a certificate for subject ";
00275         if(subDN)
00276             logStr.append(subDN->ToString());
00277         else
00278             logStr.append("empty");
00279         LOG_STRING_DEBUG(logStr.c_str(), TOOLKIT_SR_SIMPLECERTCACHE, 0, this);
00280     }
00281 }
00282 
00284 
00292 CAC_API SimpleCertCache* MakeSimpleCertCache()
00293 {
00294     return new SimpleCertCache();
00295 }
00303 CAC_API void FreeSimpleCertCache(
00305     SimpleCertCache* s)
00306 {
00307     if(s)
00308     {
00309         delete s;
00310     }
00311 }
00312 
00320 SimpleCertCache::SimpleCertCache(void)
00321     :m_impl (new SimpleCertCacheImpl)
00322 {
00323     LOG_STRING_DEBUG("SimpleCertCache::SimpleCertCache(void)", TOOLKIT_SR_SIMPLECERTCACHE, 0, this);
00324 }
00332 SimpleCertCache::~SimpleCertCache(void)
00333 {
00334     LOG_STRING_DEBUG("SimpleCertCache::~SimpleCertCache(void)", TOOLKIT_SR_SIMPLECERTCACHE, 0, this);
00335 
00336     delete m_impl;
00337     m_impl = NULL;
00338 }
00339 
00340 //IPKIFColleague functions
00348 void SimpleCertCache::Initialize(void)
00349 {
00350     LOG_STRING_DEBUG("SimpleCertCache::Initialize(void)", TOOLKIT_SR_SIMPLECERTCACHE, 0, this);
00351 }
00359 void SimpleCertCache::Clear()
00360 {
00361     LOG_STRING_DEBUG("SimpleCertCache::Clear()", TOOLKIT_SR_SIMPLECERTCACHE, 0, this);
00362 
00363     //CCACSynchronizedObject so(m_impl->m_md);
00364     boost::recursive_mutex::scoped_lock lock(m_impl->m_me);
00365     LOG_STRING_DEBUG("Emptying SimpleCertCache instance", thisComponent, 0, this);
00366     m_impl->m_certList.clear();
00367 }
00375 int SimpleCertCache::size()
00376 {
00377     int len = 0;
00378 
00379     try 
00380     {
00381         len = numeric_cast<int>(m_impl->m_certList.size());
00382         return len;
00383     }
00384     catch(bad_numeric_cast &) 
00385     {
00386         throw CPKIFException(TOOLKIT_CACHE, COMMON_INVALID_INPUT, "Cache size is larger than maximum integer size.");
00387     }
00388 }
00389 
00403 void SimpleCertCache::GetCertificates(
00405     const CPKIFNamePtr& subDN, 
00407     CPKIFCertificateList& certList, 
00409     PKIInfoSource source)
00410 {
00411     LOG_STRING_DEBUG("SimpleCertCache::GetCertificates(const CPKIFNamePtr& subDN, CPKIFCertificateList& certList, PKIInfoSource source)", TOOLKIT_SR_SIMPLECERTCACHE, 0, this);
00412     CPKIFCertificateNodeList nodeList;
00413     m_impl->_GetCertificates(subDN, nodeList, source, PBD_FORWARD);
00414 
00415     boost::recursive_mutex::scoped_lock lock(m_impl->m_me);
00416 
00417     const size_t origSize = certList.size();
00418 
00419 #ifdef _DEBUG
00420     const char* subDNStr = NULL;
00421     if(subDNStr)
00422         subDNStr = subDN->ToString();
00423 #endif
00424     
00425     CPKIFCertificateNodeList::iterator pos;
00426     CPKIFCertificateNodeList::iterator end = nodeList.end();
00427     for(pos = nodeList.begin(); pos != end; ++pos)
00428     {
00429         CPKIFCertificatePtr posCert = (*pos)->GetCert();
00430         if(!subDN)
00431         {
00432             GottaMatch<CPKIFCertificatePtr> gm;
00433             gm.SetRHS(posCert);
00434             if(certList.end() == find_if(certList.begin(), certList.end(), gm))
00435                 certList.push_back(posCert);
00436         }
00437         else if(*subDN == *(posCert->Subject()))
00438         {
00439             GottaMatch<CPKIFCertificatePtr> gm;
00440             gm.SetRHS(posCert);
00441             if(certList.end() == find_if(certList.begin(), certList.end(), gm))
00442                 certList.push_back(posCert);
00443         }
00444     }
00445 
00446     if(origSize != certList.size())
00447     {
00448         std::string logStr = "Found one or more certificates for subject ";
00449         if(subDN)
00450             logStr.append(subDN->ToString());
00451         else
00452             logStr.append("empty");
00453         LOG_STRING_DEBUG(logStr.c_str(), thisComponent, 0, this);
00454     }
00455     else
00456     {
00457         std::string logStr = "Failed to find a certificate for subject ";
00458         if(subDN)
00459             logStr.append(subDN->ToString());
00460         else
00461             logStr.append("empty");
00462         LOG_STRING_DEBUG(logStr.c_str(), thisComponent, 0, this);
00463     }
00464 }
00465 
00479 void SimpleCertCache::GetCertificates(
00481     const CPKIFCertificatePtr& cert, 
00483     CPKIFCertificateList& certList, 
00485     PKIInfoSource source, 
00487     PathBuildingDirection pbd)
00488 {
00489     if(PBD_FORWARD == pbd)
00490     {
00491         //CPKIFNamePtr subName = cert->Subject();
00492         CPKIFNamePtr subName = cert->Issuer();
00493         GetCertificates(subName, certList, source);
00494     }
00495     else
00496     {
00497         //CPKIFNamePtr issName = cert->Issuer();
00498         CPKIFNamePtr issName = cert->Subject();
00499         CPKIFCertificateNodeList nodeList;
00500 
00501         m_impl->_GetCertificates(issName, nodeList, source, PBD_REVERSE);
00502 
00503         CPKIFCertificateNodeList::iterator pos;
00504         CPKIFCertificateNodeList::iterator end = nodeList.end();
00505         for(pos = nodeList.begin(); pos != end; ++pos)
00506         {
00507             CPKIFCertificatePtr posCert = (*pos)->GetCert();
00508             if(*issName == *(posCert->Issuer()))
00509             {
00510                 GottaMatch<CPKIFCertificatePtr> gm;
00511                 gm.SetRHS(posCert);
00512                 if(certList.end() == find_if(certList.begin(), certList.end(), gm))
00513                     certList.push_back(posCert);
00514             }
00515         }
00516     }
00517 }
00531 void SimpleCertCache::GetCertificates(
00533     const CPKIFCertificatePtr& cert, 
00535     CPKIFCertificateNodeList& certNodeList, 
00537     PKIInfoSource source, 
00539     PathBuildingDirection pbd)
00540 {
00541     //if(PBD_FORWARD == pbd)
00542     //  m_impl->_GetCertificates(cert->Subject(), certNodeList, source, PBD_FORWARD);
00543     //else
00544     //  m_impl->_GetCertificates(cert->Issuer(), certNodeList, source, PBD_REVERSE);
00545 
00546     if(PBD_FORWARD == pbd)
00547         m_impl->_GetCertificates(cert->Issuer(), certNodeList, source, PBD_FORWARD);
00548     else
00549         m_impl->_GetCertificates(cert->Subject(), certNodeList, source, PBD_REVERSE);
00550 }
00551 
00559 void SimpleCertCache::AddCertificate(
00561     CertType certType,
00563     const CPKIFCertificatePtr& cert)
00564 {
00565     LOG_STRING_DEBUG("SimpleCertCache::AddCertificate(CertType certType, const CPKIFCertificatePtr& cert)", TOOLKIT_SR_SIMPLECERTCACHE, 0, this);
00566 
00567     //CCACSynchronizedObject so(m_impl->m_md);
00568     boost::recursive_mutex::scoped_lock lock(m_impl->m_me);
00569     CPKIFCertificatePtr* certPtrPtr = const_cast<CPKIFCertificatePtr*>(&cert);
00570     
00571     //throw bad_alloc; nothing to clean up in this function
00572     CPKIFCertificateNodeEntryPtr certNode(new CPKIFCertificateNodeEntry);
00573     certNode->SetCert(*certPtrPtr);
00574     AddCertificate(certType, certNode);
00575     LOG_STRING_DEBUG("Successfully added certificate to SimpleCertCache store", thisComponent, 0, this);
00576 }
00586 void SimpleCertCache::AddCertificate(
00588     CertType certType,
00590     const CPKIFCertificateNodeEntryPtr& certNode)
00591 {
00592     LOG_STRING_DEBUG("SimpleCertCache::AddCertificate(CertType certType, const CPKIFCertificateNodeEntryPtr& certNode)", TOOLKIT_SR_SIMPLECERTCACHE, 0, this);
00593 
00594     //CCACSynchronizedObject so(m_impl->m_md);
00595     boost::recursive_mutex::scoped_lock lock(m_impl->m_me);
00596 
00597     //don't add self-signed certs to the intermediate CA cache 7/28/2005
00598     if(certNode->GetCert()->IsSelfSigned())
00599         return;
00600 
00601     GottaMatch<CPKIFCertificateNodeEntryPtr> gm;
00602     gm.SetRHS(certNode);
00603 
00604     //avoid growing the cache with duplicates
00605     if(m_impl->m_certList.end() == find_if(m_impl->m_certList.begin(), m_impl->m_certList.end(), gm))
00606     {
00607         //don't store a reference to the actual node passed in.
00608         //extract the stuff we want and store a new node that is 
00609         //populated with that info.
00610         //throw bad_alloc; nothing to clean up in this function
00611         CPKIFCertificateNodeEntryPtr newCertNode(new CPKIFCertificateNodeEntry);
00612         newCertNode->SetCert(certNode->GetCert());
00613         newCertNode->SetSource(certNode->GetSource());
00614 
00615         m_impl->m_certList.push_back(newCertNode);
00616 
00617         std::ostringstream os;
00618         os << "Successfully added certificate to SimpleCertCache store.  Size =  " << m_impl->m_certList.size() << " after addition.";
00619         LOG_STRING_DEBUG(os.str().c_str(), thisComponent, 0, this)
00620     }
00621 }
00622 
00636 void SimpleCertCache::GetCertificates(
00638     const CPKIFNamePtr& subDN,
00640     CPKIFCertificateNodeList& certNodeList,
00642     PKIInfoSource source)
00643 {
00644     m_impl->_GetCertificates(subDN, certNodeList, source, PBD_FORWARD);
00645 }
00646 
00657 void SimpleCertCache::WriteCertsToDirectory(
00659     const char * path)
00660 {
00661     try
00662     {
00663         std::string CertdirPath  = path;
00664         deque<CPKIFCertificateNodeEntryPtr>::iterator pos;
00665         deque<CPKIFCertificateNodeEntryPtr>::iterator end = m_impl->m_certList.end();
00666         for(pos = m_impl->m_certList.begin(); pos != end; ++pos)
00667         {
00668             CPKIFCertificatePtr cert = (*pos)->GetCert();
00669             string tmpCertName = cert->Subject()->ToString();           
00670             string tmpCertSerial = cert->SerialNumber();
00671             string tmpPath = CertdirPath;
00672             if(tmpPath[tmpPath.size() -1] != '\\')
00673                 tmpPath.append("\\");
00674             tmpPath.append(tmpCertName);
00675             tmpPath.append("_");
00676             tmpPath.append(tmpCertSerial);
00677             tmpPath.append(".cer");
00678 
00679             FILE* f = fopen(tmpPath.c_str(), "wb");
00680             fwrite(cert->Encoded()->GetBuffer(), 1, cert->Encoded()->GetLength(), f);
00681             fclose(f);
00682 
00683         }
00684     
00685 
00686     
00687     }catch( const std::exception&)
00688     {
00689             RAISE_CACHE_EXCEPTION("Error Writing files to a directory", thisComponent, COMMON_UNKNOWN_ERROR, this)
00690      }
00691 }
00692 
00707 void SimpleCertCache::ReadCertsFromDirectory(
00709     const char * path)
00710 {
00711     fs::path full_path( fs::initial_path() );
00712 
00713     if(NULL != path)
00714         full_path = fs::system_complete( fs::path( path, fs::native ) );
00715     else
00716         RAISE_CACHE_EXCEPTION("NULL Pointer passed as a parameter", thisComponent, COMMON_INVALID_INPUT, this)
00717 
00718     if ( !fs::exists( full_path ) )
00719     {
00720         RAISE_CACHE_EXCEPTION("Invalid Path", thisComponent, COMMON_INVALID_INPUT, this)
00721     }   
00722 
00723    fs::directory_iterator end_iter;
00724    for ( fs::directory_iterator dir_itr( full_path ); dir_itr != end_iter; ++dir_itr )
00725    {
00726        try
00727        {
00728            if ( !fs::is_directory( *dir_itr ) )
00729            {
00730                 FILE* f = fopen(dir_itr->string().c_str(), "rb");
00731 
00732                 unsigned char *certraw = NULL;
00733                 boost::intmax_t certrawlen = fs::file_size( *dir_itr );
00734 
00735                 if(certrawlen > boost::numeric::bounds<int>::highest())
00736                 {
00737                     throw CPKIFCacheException(TOOLKIT_SR_SIMPLECERTCACHE, COMMON_INVALID_INPUT, "Certificate too big.");
00738                 }
00739 
00740                 int tmpST = 0;
00741                 try 
00742                 {
00743                     tmpST = numeric_cast<int>(certrawlen);
00744                 }
00745                 catch(bad_numeric_cast &) 
00746                 {
00747                     throw CPKIFException(TOOLKIT_UTILS, COMMON_INVALID_INPUT, "Certificate size too big.");
00748                 }
00749 
00750                 certraw = new unsigned char[tmpST];
00751                 size_t bytesread = fread(certraw, 1, tmpST, f);
00752             
00753                 CPKIFCertificatePtr cert(new CPKIFCertificate);
00754                 cert->Decode(certraw, tmpST);
00755             
00756                 
00757                 AddCertificate(CA ,cert);
00758                 
00759                 fclose(f);
00760                 delete[] certraw;
00761            }
00762        }
00763        catch( const std::exception & )
00764        {
00765             RAISE_CACHE_EXCEPTION("Unable to open file", thisComponent, COMMON_UNKNOWN_ERROR, this)
00766        }
00767 
00768    }
00769     
00770 }
00779 void SimpleCertCache::GetCertificates(
00781     std::vector<CPKIFCertificatePtr>& v)
00782 {
00783     deque<CPKIFCertificateNodeEntryPtr>::iterator pos; 
00784     deque<CPKIFCertificateNodeEntryPtr>::iterator end = m_impl->m_certList.end();
00785     for(pos = m_impl->m_certList.begin(); pos != end; ++pos)
00786     {
00787         v.push_back((*pos)->GetCert());
00788     }
00789 }
00790 
00791 void SimpleCertCache::FindCertificates(IPKIFSearchCriteria* searchCriteria, CPKIFCertificateList& certList, PKIInfoSource source)
00792 {
00793     if(!searchCriteria)
00794         return;
00795 
00796     IPKIFNameAndKeyList keyList;
00797     FindKeys(searchCriteria, keyList, source);
00798 
00799     IPKIFNameAndKeyList::iterator pos;
00800     IPKIFNameAndKeyList::iterator end = keyList.end();
00801     for(pos = keyList.begin(); pos != end; ++pos)
00802     {
00803         CPKIFCertificatePtr cert = dynamic_pointer_cast<CPKIFCertificate, IPKIFNameAndKey>(*pos);
00804         if(cert)
00805             certList.push_back(cert);
00806     }
00807 }
00808 
00809 void SimpleCertCache::FindKeys(IPKIFSearchCriteria* searchCriteria, IPKIFNameAndKeyList& keyList, PKIInfoSource source)
00810 {
00811     if(!searchCriteria)
00812         return;
00813 
00814     switch(searchCriteria->GetSearchType())
00815     {
00816     case ALLCERTS:
00817         m_impl->GetAllCertificates(keyList);
00818         break;
00819     case ISSUERNAME:
00820         {
00821             CPKIFNameBasedSearch* nbs = dynamic_cast<CPKIFNameBasedSearch*>(searchCriteria);
00822 
00823             CPKIFNamePtr tmpName = nbs->GetName();
00824             m_impl->GetCertificatesBySubjectName(tmpName, keyList);
00825         }
00826         break;
00827     case SUBJECTNAME:
00828         {
00829             CPKIFNameBasedSearch* nbs = dynamic_cast<CPKIFNameBasedSearch*>(searchCriteria);
00830 
00831             CPKIFNamePtr tmpName = nbs->GetName();
00832             m_impl->GetCertificatesByIssuerName(tmpName, keyList);
00833         }
00834         break;
00835     case ISSUERSERIAL:
00836         {
00837             CPKIFIssuerNameAndSerialNumberBasedSearch* inasnbs = dynamic_cast<CPKIFIssuerNameAndSerialNumberBasedSearch*>(searchCriteria);
00838 
00839             CPKIFNamePtr tmpName = inasnbs->GetIssuerName();
00840             m_impl->GetCertificatesByIssuerAndSerial(tmpName, inasnbs->GetSerialNumber(), keyList);
00841             break;
00842         }
00843     case KEYID:
00844         {
00845             CPKIFKeyIDBasedSearch* kidbs = dynamic_cast<CPKIFKeyIDBasedSearch*>(searchCriteria);
00846             if(!kidbs)
00847                 return;
00848 
00849             CPKIFBufferPtr kid = kidbs->GetKeyID();
00850             m_impl->GetCertificatesByKeyIdentifier(kid, keyList);
00851             break;
00852         }
00853     default:
00854         return;
00855     };
00856 }
Generated on Mon Nov 15 11:15:56 2010 for PublicKeyInfrastructureFramework(PKIF) by  doxygen 1.5.6