xref: /onnv-gate/usr/src/lib/libkmsagent/common/KMSAgentPKICommon.cpp (revision 12720:3db6e0082404) 
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  */
21 
22 /*
23  * Copyright (c) 2010, Oracle and/or its affiliates. All rights reserved.
24  */
25 
26 /**
27  * \file KMSAgentPKICommon.cpp
28  */
29 #include <stdio.h>
30 
31 #include "SYSCommon.h"
32 #include "KMSAgentPKICommon.h"
33 #include "KMSAgentStringUtilities.h"
34 
35 #include "KMSAgent_direct.h"
36 
37 
38 //////////////////////////////////////////////////////////////////////
39 // Construction/Destruction
40 //////////////////////////////////////////////////////////////////////
41 
CPKI()42 CPKI::CPKI()
43 {
44    m_iKeyLength = DEFAULT_KEY_SIZE;
45 
46    // used for CA
47    m_pCACertificate = NULL;
48    m_pCAPrivateKey = NULL;
49 }
50 
51 // BEN - make these
52 // global lengths
53 int iLength1 = 0;
54 int iLength2 = 0;
55 
56 // THIS CAN'T BE STACK DATA - TOO BIG
57 static unsigned char aTempBuffer[MAX_CERT_SIZE + MAX_KEY_SIZE];
58 #ifdef METAWARE
59 static char aNotherTempBuffer[50];
60 #endif
61 
62 // used by StoreAgentPKI - KMSAgentStorage.cpp
63 
ExportCertAndKeyToFile(CCertificate * const i_pCertificate,CPrivateKey * const i_pPrivateKey,const char * const i_pcFileName,const char * const i_sPassphrase,EnumPKIFileFormat i_eFileFormat)64 bool CPKI::ExportCertAndKeyToFile(
65    CCertificate* const         i_pCertificate,
66    CPrivateKey*  const         i_pPrivateKey,
67    const char* const           i_pcFileName,
68    const char* const           i_sPassphrase,
69    EnumPKIFileFormat           i_eFileFormat )
70 {
71    FATAL_ASSERT( i_pCertificate && i_pPrivateKey && i_pcFileName );
72 
73 
74    memset( aTempBuffer, 0, MAX_CERT_SIZE + MAX_KEY_SIZE );
75 
76 #ifdef KMSUSERPKCS12
77     if ( i_eFileFormat == FILE_FORMAT_PKCS12 )
78     {
79         if ( !i_pCertificate->SavePKCS12(aTempBuffer,
80                                 MAX_CERT_SIZE,
81                                 &iLength1,
82                                 i_pPrivateKey,
83                                 (char*)i_sPassphrase ) )
84         {
85             return false;
86         }
87     } else {
88 #endif
89 
90    // Overloaded Save method implemented in KMSAgentPKICert.cpp
91    // this method saves Certificate to the temporary buffer, not a file
92    // but a side effect is to get the actual file length
93    if ( !i_pCertificate->Save(aTempBuffer,
94                               MAX_CERT_SIZE,
95                               &iLength1,          /* returned - actual length
96                                                      written */
97                               i_eFileFormat) )
98    {
99       return false;
100    }
101 
102    // Overloaded Save method implemented in KMSAgentPKIKey.cpp
103    // this method saves keys to the temporary buffer, not a file,
104    // but a side effect is to get the actual file length
105    if ( !i_pPrivateKey->Save(aTempBuffer + iLength1,
106                              MAX_KEY_SIZE,
107                              &iLength2,          /* returned - actual length
108                                                     written */
109                              i_sPassphrase,
110                              i_eFileFormat) )
111    {
112       return false;
113    }
114 
115 #ifdef KMSUSERPKCS12
116 	}
117 #endif
118 
119    // now write the temporary buffer to a file
120    myFILE* pFile = fopen( i_pcFileName, "wb" );
121    if ( pFile == NULL )
122    {
123       return false;
124    }
125 
126 #ifdef KMSUSERPKCS12
127 #ifdef K_SOLARIS_PLATFORM
128 	int fd = fileno(pFile);
129 
130 	/* Make sure this file is read/write for the OWNER only! */
131 	(void) fchmod(fd, 0600);
132 #endif
133 #endif
134 
135 #ifdef METAWARE
136    // write out the two file lengths
137    snprintf(aNotherTempBuffer, sizeof(aNotherTempBuffer), "iLength1=%x\n", iLength1);
138    fputs((const char*)aNotherTempBuffer, pFile);
139 
140    snprintf(aNotherTempBuffer, sizeof(aNotherTempBuffer), "iLength2=%x\n", iLength2);
141    fputs((const char*)aNotherTempBuffer, pFile);
142 #endif
143 
144    int iBytesWritten = fwrite( (const char*)aTempBuffer,  // from
145                                1,                         // size
146                                iLength1+iLength2,         // actual file length
147                                pFile );                   // to-file
148 
149    fclose( pFile );
150 
151    return ( iBytesWritten == (iLength1+iLength2) );
152 }
153 
154 
~CPKI()155 CPKI::~CPKI()
156 {
157    // empty
158 }
159 
160