TBSRequest.cpp

Go to the documentation of this file.
00001 
00010 #include "TBSRequest.h"
00011 
00012 #include "OID.h"
00013 #include "Buffer.h"
00014 #include "GeneralName.h"
00015 #include "Request.h"
00016 #include "CertID.h"
00017 #include "X509Extension.h"
00018 #include "AlgorithmIdentifier.h"
00019 #include "PKIFOCSPConstants.h"
00020 
00021 #include "ToolkitUtils.h"
00022 //#include "PKIFCMS.h" //for NEW_NODE, etc. macros
00023 #include "PKIFX509Extensions2.h"
00024 
00025 #ifdef _WIN32
00026 #include "PKIFCAPIRaw.h"
00027 #endif
00028 
00029 #include "ASN1Helper.h"
00030 #include "PKIFOCSPMemoryHelper.h"
00031 
00032 #include "OCSP.h"
00033 
00034 // adding during porting
00035 #include "IPKIFCryptoMisc.h"
00036 #include "PKIFCryptUtils.h"
00037 
00038 #include <iterator>
00039 
00040 using namespace std;
00041 
00042 
00044 struct CPKIFTBSRequestImpl
00045 {
00046     CPKIFTBSRequestImpl ();
00047     CPKIFTBSRequestImpl (CPKIFTBSRequest  *p);
00048     CPKIFTBSRequest* m_parent;
00049     void populateExtensionsVector(CPKIFASNWrapper<TBSRequest>& r);
00050     std::vector<CPKIFX509ExtensionPtr> m_exts;
00051     CPKIFASNWrapper<TBSRequest> m_tBSRequest;
00052 
00053     //convenience goo for auto-nonce generation
00054     bool m_bGenerateNonce;
00055     void GenerateNonce() const; //logical const
00056     IPKIFMediator* m_mediator;
00057     CPKIFBufferPtr m_nonce;
00058 
00059     int m_version;
00060     CPKIFGeneralNamePtr m_requestorName;
00061     CPKIFRequestList m_requests;
00062 
00063     CPKIFTBSRequest * m_this;
00064 };
00072 CPKIFTBSRequestImpl::CPKIFTBSRequestImpl ()
00073 : m_tBSRequest(BEREncTBSRequest, BERDecTBSRequest)
00074 {
00075     m_parent = NULL;
00076 }
00084 CPKIFTBSRequestImpl::CPKIFTBSRequestImpl (CPKIFTBSRequest  *p) 
00085 : m_tBSRequest(BEREncTBSRequest, BERDecTBSRequest)
00086 {
00087     m_parent = p;
00088 }
00090 
00098 CPKIFTBSRequest::CPKIFTBSRequest()
00099     :m_impl (new CPKIFTBSRequestImpl)
00100 {
00101     LOG_STRING_DEBUG("CPKIFTBSRequest::CPKIFTBSRequest()", TOOLKIT_OCSP_ASN, 0, this);
00102 
00103     m_impl->m_parent = this;
00104     //added 7/25/2004
00105     m_impl->m_version = 0;
00106 
00107     m_impl->m_bGenerateNonce = true;
00108     m_impl->m_mediator = NULL;
00109     m_impl->m_this = this;
00110 }
00119 CPKIFTBSRequest::CPKIFTBSRequest(
00121     const CPKIFBufferPtr& r)
00122     :m_impl (new CPKIFTBSRequestImpl)
00123 {
00124     LOG_STRING_DEBUG("CPKIFTBSRequest::CPKIFTBSRequest(TBSRequest& r)", TOOLKIT_OCSP_ASN, 0, this);
00125 
00126     m_impl->m_this = this;
00127     
00128     m_impl->m_tBSRequest.Decode(r->GetBuffer(), r->GetLength());
00129 
00130     m_impl->m_parent = this;
00131     m_impl->m_bGenerateNonce = false;
00132     m_impl->m_mediator = NULL;
00133 
00134     m_impl->m_version = m_impl->m_tBSRequest->version;
00135 
00136     if(m_impl->m_tBSRequest->m.requestorNamePresent)
00137     {
00138         CACASNWRAPPER_CREATE(CACX509V3GeneralName, objPDU2);
00139         ASN1OpenType* data1 = objPDU2.Encode(&(m_impl->m_tBSRequest->requestorName));
00140         CPKIFBufferPtr tmpBuf;
00141         if (data1 != NULL)
00142         {
00143              tmpBuf = CPKIFBufferPtr(new CPKIFBuffer(data1->data, data1->numocts));
00144             delete data1;
00145         }
00146             //CPKIFGeneralNamePtr tmpGN(new CPKIFGeneralName(m_impl->m_tBSRequest->requestorName));
00147         CPKIFGeneralNamePtr tmpGN(new CPKIFGeneralName(tmpBuf));
00148         m_impl->m_requestorName = tmpGN;
00149             
00150     }
00151 
00152     if(0 < m_impl->m_tBSRequest->requestList.count)
00153     {
00154         DListNode* cur =m_impl->m_tBSRequest->requestList.head;
00155         while(NULL != cur)
00156         {
00157             Request* tmpNode = (Request*)cur->data;
00158             CACASNWRAPPER_CREATE(Request, objPDU);
00159             ASN1OpenType* data1 = objPDU.Encode(tmpNode);
00160             CPKIFBufferPtr buffPtr;
00161             if(NULL != data1)
00162             {
00163                 buffPtr = CPKIFBufferPtr(new CPKIFBuffer(data1->data, data1->numocts));
00164                 delete data1;
00165             }
00166             //CPKIFRequestPtr tmpReq(new CPKIFRequest(*tmpNode));
00167             CPKIFRequestPtr tmpReq(new CPKIFRequest(buffPtr));
00168             m_impl->m_requests.push_back(tmpReq);
00169     
00170             cur = cur->next;
00171         }
00172     }
00173 
00174     if(m_impl->m_tBSRequest->m.requestExtensionsPresent)
00175     {
00176         m_impl->populateExtensionsVector(m_impl->m_tBSRequest);
00177     }
00178 
00179     
00180 }
00188 void CPKIFTBSRequest::GetRequests(
00190     CPKIFRequestList& reqs)
00191 {
00192     copy(m_impl->m_requests.begin(), m_impl->m_requests.end(), back_inserter(reqs));
00193 }
00194 
00205 void CPKIFTBSRequestImpl::populateExtensionsVector(
00207     CPKIFASNWrapper<TBSRequest>& r)
00208 {
00209     LOG_STRING_DEBUG("CPKIFTBSRequest::populateExtensionsVector(TBSRequest& r)", TOOLKIT_OCSP_ASN, 0, this);
00210 
00211     m_exts.clear();
00212 
00213     if(0 == r->m.requestExtensionsPresent)
00214         return;
00215 
00216     // get the one and only extension mediator, with any additions an app might
00217     // have made
00218     CPKIFX509ExtensionMediator2 * mediator = CPKIFX509ExtensionMediator2::GetInstance();
00219     m_this->IPKIFHasExtensions::GetExtensions (mediator, m_exts);
00220 }
00221 
00222 //this function is for use when retrieving an extension for which no proper class exists
00230 void CPKIFTBSRequest::GetExtension(
00232     const CPKIFOID& oid,
00234     CPKIFX509ExtensionPtr& ref)
00235 {
00236     LOG_STRING_DEBUG("CPKIFTBSRequest::GetExtension(const CPKIFOID& oid, CPKIFX509ExtensionPtr& ref)", TOOLKIT_OCSP_ASN, 0, this);
00237 
00238     vector<CPKIFX509ExtensionPtr>::iterator pos;
00239     vector<CPKIFX509ExtensionPtr>::iterator end = m_impl->m_exts.end();
00240     for(pos = m_impl->m_exts.begin(); pos != end; ++pos)
00241     {
00242         if(oid == (*pos)->oid())
00243         {
00244             ref = *pos;
00245             return;
00246         }
00247     }       
00248 }
00256 CPKIFTBSRequest::~CPKIFTBSRequest()
00257 {
00258     LOG_STRING_DEBUG("CPKIFTBSRequest::~CPKIFTBSRequest()", TOOLKIT_OCSP_ASN, 0, this);
00259 
00260     delete m_impl;
00261     m_impl = NULL;
00262 }
00263 
00264 //version
00272 int CPKIFTBSRequest::GetVersion() const
00273 {
00274     return m_impl->m_version;
00275 }
00276 
00277 //requestorName
00285 void CPKIFTBSRequest::SetRequestorName(
00287     CPKIFGeneralNamePtr& gn)
00288 {
00289     m_impl->m_requestorName = gn;
00290 }
00298 CPKIFGeneralNamePtr CPKIFTBSRequest::GetRequestorName() const
00299 {
00300     return m_impl->m_requestorName;
00301 }
00309 void CPKIFTBSRequest::AddRequest(
00311     CPKIFRequestPtr& request)
00312 {
00313     m_impl->m_requests.push_back(request);
00314 }
00315 
00316 //nonce is set in binary form
00324 void CPKIFTBSRequest::SetNonce(
00326     CPKIFBufferPtr& nonce)
00327 {
00328     m_impl->m_nonce = nonce;
00329 }
00337 CPKIFBufferPtr CPKIFTBSRequest::GetNonce() const
00338 {
00339     if(m_impl->m_nonce == (CPKIFBuffer*)NULL && m_impl->m_bGenerateNonce)
00340         m_impl->GenerateNonce();
00341     return m_impl->m_nonce;
00342 }
00365 void CPKIFTBSRequest::SetGenerateNonce(
00367     bool generateNonce, 
00369     IPKIFMediator* m)
00370 {
00371     m_impl->m_bGenerateNonce = generateNonce;
00372     m_impl->m_mediator = m;
00373 }
00382 bool CPKIFTBSRequest::GetGenerateNonce() const
00383 {
00384     return m_impl->m_bGenerateNonce;
00385 }
00393 CPKIFBufferPtr CPKIFTBSRequest::Encode()
00394 {
00395     LOG_STRING_DEBUG("CPKIFTBSRequest::Encode()", TOOLKIT_OCSP_ASN, 0, this);
00396 
00397     PKIFOCSPMemoryHelper mhOCSPRequest;
00398     mhOCSPRequest.pTBSRequest = new TBSRequest;
00399     memset(mhOCSPRequest.pTBSRequest, 0, sizeof(TBSRequest));
00400 
00401     //requestorName
00402     if(m_impl->m_requestorName != (CPKIFGeneralName*)NULL)
00403     {
00404         mhOCSPRequest.pTBSRequest->m.requestorNamePresent = 1;
00405         CopyGeneralName(mhOCSPRequest.pTBSRequest->requestorName, m_impl->m_requestorName);
00406     }
00407     else
00408         mhOCSPRequest.pTBSRequest->m.requestorNamePresent = 0;
00409 
00410     //requestList
00411     mhOCSPRequest.pTBSRequest->requestList.count = 0;
00412 
00413     DListNode* cur = NULL;
00414     CPKIFRequestList::iterator pos;
00415     CPKIFRequestList::iterator end = m_impl->m_requests.end();
00416     for(pos = m_impl->m_requests.begin(); pos != end; ++pos)
00417     {
00418         if(NULL == cur)
00419         {
00420             NEW_NODE(cur)
00421         }
00422         else
00423         {
00424             NEW_NEXT_AND_ADVANCE(cur)
00425         }
00426 
00427         Request* tmpRequest = new Request;
00428         cur->data = tmpRequest;
00429         CPKIFCertIDPtr certID = (*pos)->GetCertID();
00430 
00431         tmpRequest->m.singleRequestExtensionsPresent = 0;
00432 
00433         //digest alg
00434         tmpRequest->reqCert.hashAlgorithm.m.parametersPresent = 1;
00435         tmpRequest->reqCert.hashAlgorithm.parameters.data = g_nullParams;
00436         tmpRequest->reqCert.hashAlgorithm.parameters.numocts = 2;
00437 
00438         CPKIFStringPtr str(new std::string(certID->GetHashAlg()->oid()->ToString())); 
00439         ASN1OBJID* tmpOid = ConvertStringToASN1OBJID(str);
00440         //tmpRequest->reqCert.hashAlgorithm.algorithm = *(certID->GetHashAlg()->oid()->raw());
00441         CopyOID(&tmpRequest->reqCert.hashAlgorithm.algorithm, tmpOid);
00442         if(NULL != tmpOid)
00443             delete tmpOid;
00444         //tmpRequest->reqCert.hashAlgorithm.algorithm = *tmpOid;
00445 
00446         //issuerKeyHash
00447         tmpRequest->reqCert.issuerKeyHash.data = certID->GetIssuerKeyHash()->GetBuffer();
00448         tmpRequest->reqCert.issuerKeyHash.numocts = certID->GetIssuerKeyHash()->GetLength();
00449 
00450         //issuerNameHash
00451         tmpRequest->reqCert.issuerNameHash.data = certID->GetIssuerNameHash()->GetBuffer();
00452         tmpRequest->reqCert.issuerNameHash.numocts = certID->GetIssuerNameHash()->GetLength();
00453 
00454         //serialNumber
00455         tmpRequest->reqCert.serialNumber = certID->GetSerialNumber();
00456 
00457         SET_HEAD_TAIL_INCREMENT(mhOCSPRequest.pTBSRequest->requestList, cur)
00458     }
00459 
00460     //extensions (i.e. nonce)
00461     mhOCSPRequest.pTBSRequest->m.requestExtensionsPresent = 0;
00462     CPKIFBufferPtr nonce = GetNonce();
00463     if(nonce != (CPKIFBuffer*)NULL)
00464     {
00465         mhOCSPRequest.pTBSRequest->m.requestExtensionsPresent = 1;
00466 
00467         cur = NULL;
00468         if(NULL == cur)
00469         {
00470             NEW_NODE(cur)
00471         }
00472 
00473         CACX509V3Extension* tmpExt = new CACX509V3Extension;
00474         cur->data = tmpExt;
00475         tmpExt->critical = 0;
00476         CPKIFStringPtr str(new std::string(g_ocspNonce->ToString())); 
00477         ASN1OBJID* tmpOid = ConvertStringToASN1OBJID(str);
00478         CopyOID(&tmpExt->extnID, tmpOid);
00479         if(NULL != tmpOid)
00480                 delete tmpOid;
00481         //tmpExt->extnID = *tmpOid;
00482         //tmpExt->extnID = *g_ocspNonce->raw();
00483         tmpExt->extnValue.data = m_impl->m_nonce->GetBuffer();
00484         tmpExt->extnValue.numocts = m_impl->m_nonce->GetLength();
00485 
00486         SET_HEAD_TAIL_INCREMENT(mhOCSPRequest.pTBSRequest->requestExtensions, cur)
00487     }
00488 
00489     CACASNWRAPPER_CREATE(TBSRequest, objPDU);
00490     ASN1OpenType* data1 = objPDU.Encode(mhOCSPRequest.pTBSRequest);
00491 
00492     if (data1 != NULL)
00493     {
00494       CPKIFBufferPtr tmp(new CPKIFBuffer(data1->data, data1->numocts));
00495       delete data1;
00496       return tmp;
00497     }
00498     else 
00499     {
00500       CPKIFBufferPtr tmp(new CPKIFBuffer());
00501       delete data1;
00502       return tmp;
00503     }
00504 }
00512 void CPKIFTBSRequestImpl::GenerateNonce() const
00513 {
00514     LOG_STRING_DEBUG("CPKIFTBSRequest::GenerateNonce()", TOOLKIT_OCSP_ASN, 0, this);
00515 
00516     IPKIFCryptoMisc* iMisc = NULL;
00517     if(NULL != m_mediator)
00518         iMisc = m_mediator->GetMediator<IPKIFCryptoMisc>();
00519 
00520     unsigned char buf[20];
00521     memset(buf, 0, 20); //avoid (unlikely) case of sending random memory to TSA
00522 
00523     if(NULL != iMisc)
00524     {
00525         //if we can get a pointer to an externally provided interface use it
00526         iMisc->GenRandom(buf, 20);
00527     }
00528     else
00529     {
00530         //otherwise create a temp object to generate the nonce
00531         IPKIFCryptoMisc *raw = GetPlatformCryptoMisc();
00532         raw->GenRandom(buf,20);
00533     }
00534 
00535     KeyHash n;
00536     memset(&n, 0x00, sizeof(KeyHash));
00537     n.data = new unsigned char[20];
00538     memcpy((void *)n.data, buf, 20);
00539     n.numocts = 20;
00540     //Using KeyHash structure to encode nonce as an OCTET STRING
00541     CACASNWRAPPER_CREATE(KeyHash, nonceWrapper);
00542     ASN1OpenType *data = nonceWrapper.Encode (&n);
00543     CPKIFBufferPtr tmpbuf(new CPKIFBuffer(data->data, data->numocts));
00544     delete data;
00545     if(n.data != NULL)
00546         delete[] n.data;
00547 
00548     //CPKIFBufferPtr tmpbuf(new CPKIFBuffer(buf, 20));
00549 
00550     CPKIFTBSRequest* nonConst = const_cast<CPKIFTBSRequest*>(m_parent);
00551     nonConst->m_impl->m_nonce = tmpbuf;
00552 }
00553 
00554 
00562 void CPKIFTBSRequest::GetEncodedExtensions (
00564     CPKIFBufferPtr& buf) 
00565 {
00566     try 
00567     {
00568         if (m_impl->m_tBSRequest->m.requestExtensionsPresent)
00569         {
00570             CACASNWRAPPER_CREATE(CACX509V3Extensions, extsWrapper);
00571             ASN1OpenType *data = extsWrapper.Encode (&m_impl->m_tBSRequest->requestExtensions);
00572             CPKIFBufferPtr tmp(new CPKIFBuffer(data->data, data->numocts));
00573             buf = tmp;
00574             delete data;
00575             return;
00576         }
00577     }
00578     catch (... /*CPKIFException& e*/)
00579     {
00580         // How do we want to handle the exception?
00581     }
00582 
00583     CPKIFBufferPtr nullExt;
00584     buf = nullExt;
00585 }
00586 
00587 //this function is for use when retrieving an extension for which no proper class exists
00598 void CPKIFTBSRequest::GetExtensionByOID(
00600     const CPKIFOID& oid,
00602     CPKIFX509ExtensionPtr& ref)
00603 {
00604     if(m_impl->m_exts.empty() && 0 != m_impl->m_tBSRequest->requestExtensions.count)
00605         m_impl->populateExtensionsVector(m_impl->m_tBSRequest);
00606 
00607     vector<CPKIFX509ExtensionPtr>::iterator pos;
00608     vector<CPKIFX509ExtensionPtr>::iterator end = m_impl->m_exts.end();
00609     for(pos = m_impl->m_exts.begin(); pos != end; ++pos)
00610     {
00611         if(oid == (*pos)->oid())
00612         {
00613             ref = *pos;
00614             return;
00615         }
00616     }       
00617 }
00618
Generated on Mon Nov 15 11:15:56 2010 for PublicKeyInfrastructureFramework(PKIF) by  doxygen 1.5.6