1*12720SWyllys.Ingersoll@Sun.COM /*
2*12720SWyllys.Ingersoll@Sun.COM * CDDL HEADER START
3*12720SWyllys.Ingersoll@Sun.COM *
4*12720SWyllys.Ingersoll@Sun.COM * The contents of this file are subject to the terms of the
5*12720SWyllys.Ingersoll@Sun.COM * Common Development and Distribution License (the "License").
6*12720SWyllys.Ingersoll@Sun.COM * You may not use this file except in compliance with the License.
7*12720SWyllys.Ingersoll@Sun.COM *
8*12720SWyllys.Ingersoll@Sun.COM * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9*12720SWyllys.Ingersoll@Sun.COM * or http://www.opensolaris.org/os/licensing.
10*12720SWyllys.Ingersoll@Sun.COM * See the License for the specific language governing permissions
11*12720SWyllys.Ingersoll@Sun.COM * and limitations under the License.
12*12720SWyllys.Ingersoll@Sun.COM *
13*12720SWyllys.Ingersoll@Sun.COM * When distributing Covered Code, include this CDDL HEADER in each
14*12720SWyllys.Ingersoll@Sun.COM * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15*12720SWyllys.Ingersoll@Sun.COM * If applicable, add the following below this CDDL HEADER, with the
16*12720SWyllys.Ingersoll@Sun.COM * fields enclosed by brackets "[]" replaced with your own identifying
17*12720SWyllys.Ingersoll@Sun.COM * information: Portions Copyright [yyyy] [name of copyright owner]
18*12720SWyllys.Ingersoll@Sun.COM *
19*12720SWyllys.Ingersoll@Sun.COM * CDDL HEADER END
20*12720SWyllys.Ingersoll@Sun.COM */
21*12720SWyllys.Ingersoll@Sun.COM
22*12720SWyllys.Ingersoll@Sun.COM /*
23*12720SWyllys.Ingersoll@Sun.COM * Copyright (c) 2010, Oracle and/or its affiliates. All rights reserved.
24*12720SWyllys.Ingersoll@Sun.COM */
25*12720SWyllys.Ingersoll@Sun.COM
26*12720SWyllys.Ingersoll@Sun.COM /**
27*12720SWyllys.Ingersoll@Sun.COM * \file KMSAgentPKICommon.cpp
28*12720SWyllys.Ingersoll@Sun.COM */
29*12720SWyllys.Ingersoll@Sun.COM #include <stdio.h>
30*12720SWyllys.Ingersoll@Sun.COM
31*12720SWyllys.Ingersoll@Sun.COM #include "SYSCommon.h"
32*12720SWyllys.Ingersoll@Sun.COM #include "KMSAgentPKICommon.h"
33*12720SWyllys.Ingersoll@Sun.COM #include "KMSAgentStringUtilities.h"
34*12720SWyllys.Ingersoll@Sun.COM
35*12720SWyllys.Ingersoll@Sun.COM #include "KMSAgent_direct.h"
36*12720SWyllys.Ingersoll@Sun.COM
37*12720SWyllys.Ingersoll@Sun.COM
38*12720SWyllys.Ingersoll@Sun.COM //////////////////////////////////////////////////////////////////////
39*12720SWyllys.Ingersoll@Sun.COM // Construction/Destruction
40*12720SWyllys.Ingersoll@Sun.COM //////////////////////////////////////////////////////////////////////
41*12720SWyllys.Ingersoll@Sun.COM
CPKI()42*12720SWyllys.Ingersoll@Sun.COM CPKI::CPKI()
43*12720SWyllys.Ingersoll@Sun.COM {
44*12720SWyllys.Ingersoll@Sun.COM m_iKeyLength = DEFAULT_KEY_SIZE;
45*12720SWyllys.Ingersoll@Sun.COM
46*12720SWyllys.Ingersoll@Sun.COM // used for CA
47*12720SWyllys.Ingersoll@Sun.COM m_pCACertificate = NULL;
48*12720SWyllys.Ingersoll@Sun.COM m_pCAPrivateKey = NULL;
49*12720SWyllys.Ingersoll@Sun.COM }
50*12720SWyllys.Ingersoll@Sun.COM
51*12720SWyllys.Ingersoll@Sun.COM // BEN - make these
52*12720SWyllys.Ingersoll@Sun.COM // global lengths
53*12720SWyllys.Ingersoll@Sun.COM int iLength1 = 0;
54*12720SWyllys.Ingersoll@Sun.COM int iLength2 = 0;
55*12720SWyllys.Ingersoll@Sun.COM
56*12720SWyllys.Ingersoll@Sun.COM // THIS CAN'T BE STACK DATA - TOO BIG
57*12720SWyllys.Ingersoll@Sun.COM static unsigned char aTempBuffer[MAX_CERT_SIZE + MAX_KEY_SIZE];
58*12720SWyllys.Ingersoll@Sun.COM #ifdef METAWARE
59*12720SWyllys.Ingersoll@Sun.COM static char aNotherTempBuffer[50];
60*12720SWyllys.Ingersoll@Sun.COM #endif
61*12720SWyllys.Ingersoll@Sun.COM
62*12720SWyllys.Ingersoll@Sun.COM // used by StoreAgentPKI - KMSAgentStorage.cpp
63*12720SWyllys.Ingersoll@Sun.COM
ExportCertAndKeyToFile(CCertificate * const i_pCertificate,CPrivateKey * const i_pPrivateKey,const char * const i_pcFileName,const char * const i_sPassphrase,EnumPKIFileFormat i_eFileFormat)64*12720SWyllys.Ingersoll@Sun.COM bool CPKI::ExportCertAndKeyToFile(
65*12720SWyllys.Ingersoll@Sun.COM CCertificate* const i_pCertificate,
66*12720SWyllys.Ingersoll@Sun.COM CPrivateKey* const i_pPrivateKey,
67*12720SWyllys.Ingersoll@Sun.COM const char* const i_pcFileName,
68*12720SWyllys.Ingersoll@Sun.COM const char* const i_sPassphrase,
69*12720SWyllys.Ingersoll@Sun.COM EnumPKIFileFormat i_eFileFormat )
70*12720SWyllys.Ingersoll@Sun.COM {
71*12720SWyllys.Ingersoll@Sun.COM FATAL_ASSERT( i_pCertificate && i_pPrivateKey && i_pcFileName );
72*12720SWyllys.Ingersoll@Sun.COM
73*12720SWyllys.Ingersoll@Sun.COM
74*12720SWyllys.Ingersoll@Sun.COM memset( aTempBuffer, 0, MAX_CERT_SIZE + MAX_KEY_SIZE );
75*12720SWyllys.Ingersoll@Sun.COM
76*12720SWyllys.Ingersoll@Sun.COM #ifdef KMSUSERPKCS12
77*12720SWyllys.Ingersoll@Sun.COM if ( i_eFileFormat == FILE_FORMAT_PKCS12 )
78*12720SWyllys.Ingersoll@Sun.COM {
79*12720SWyllys.Ingersoll@Sun.COM if ( !i_pCertificate->SavePKCS12(aTempBuffer,
80*12720SWyllys.Ingersoll@Sun.COM MAX_CERT_SIZE,
81*12720SWyllys.Ingersoll@Sun.COM &iLength1,
82*12720SWyllys.Ingersoll@Sun.COM i_pPrivateKey,
83*12720SWyllys.Ingersoll@Sun.COM (char*)i_sPassphrase ) )
84*12720SWyllys.Ingersoll@Sun.COM {
85*12720SWyllys.Ingersoll@Sun.COM return false;
86*12720SWyllys.Ingersoll@Sun.COM }
87*12720SWyllys.Ingersoll@Sun.COM } else {
88*12720SWyllys.Ingersoll@Sun.COM #endif
89*12720SWyllys.Ingersoll@Sun.COM
90*12720SWyllys.Ingersoll@Sun.COM // Overloaded Save method implemented in KMSAgentPKICert.cpp
91*12720SWyllys.Ingersoll@Sun.COM // this method saves Certificate to the temporary buffer, not a file
92*12720SWyllys.Ingersoll@Sun.COM // but a side effect is to get the actual file length
93*12720SWyllys.Ingersoll@Sun.COM if ( !i_pCertificate->Save(aTempBuffer,
94*12720SWyllys.Ingersoll@Sun.COM MAX_CERT_SIZE,
95*12720SWyllys.Ingersoll@Sun.COM &iLength1, /* returned - actual length
96*12720SWyllys.Ingersoll@Sun.COM written */
97*12720SWyllys.Ingersoll@Sun.COM i_eFileFormat) )
98*12720SWyllys.Ingersoll@Sun.COM {
99*12720SWyllys.Ingersoll@Sun.COM return false;
100*12720SWyllys.Ingersoll@Sun.COM }
101*12720SWyllys.Ingersoll@Sun.COM
102*12720SWyllys.Ingersoll@Sun.COM // Overloaded Save method implemented in KMSAgentPKIKey.cpp
103*12720SWyllys.Ingersoll@Sun.COM // this method saves keys to the temporary buffer, not a file,
104*12720SWyllys.Ingersoll@Sun.COM // but a side effect is to get the actual file length
105*12720SWyllys.Ingersoll@Sun.COM if ( !i_pPrivateKey->Save(aTempBuffer + iLength1,
106*12720SWyllys.Ingersoll@Sun.COM MAX_KEY_SIZE,
107*12720SWyllys.Ingersoll@Sun.COM &iLength2, /* returned - actual length
108*12720SWyllys.Ingersoll@Sun.COM written */
109*12720SWyllys.Ingersoll@Sun.COM i_sPassphrase,
110*12720SWyllys.Ingersoll@Sun.COM i_eFileFormat) )
111*12720SWyllys.Ingersoll@Sun.COM {
112*12720SWyllys.Ingersoll@Sun.COM return false;
113*12720SWyllys.Ingersoll@Sun.COM }
114*12720SWyllys.Ingersoll@Sun.COM
115*12720SWyllys.Ingersoll@Sun.COM #ifdef KMSUSERPKCS12
116*12720SWyllys.Ingersoll@Sun.COM }
117*12720SWyllys.Ingersoll@Sun.COM #endif
118*12720SWyllys.Ingersoll@Sun.COM
119*12720SWyllys.Ingersoll@Sun.COM // now write the temporary buffer to a file
120*12720SWyllys.Ingersoll@Sun.COM myFILE* pFile = fopen( i_pcFileName, "wb" );
121*12720SWyllys.Ingersoll@Sun.COM if ( pFile == NULL )
122*12720SWyllys.Ingersoll@Sun.COM {
123*12720SWyllys.Ingersoll@Sun.COM return false;
124*12720SWyllys.Ingersoll@Sun.COM }
125*12720SWyllys.Ingersoll@Sun.COM
126*12720SWyllys.Ingersoll@Sun.COM #ifdef KMSUSERPKCS12
127*12720SWyllys.Ingersoll@Sun.COM #ifdef K_SOLARIS_PLATFORM
128*12720SWyllys.Ingersoll@Sun.COM int fd = fileno(pFile);
129*12720SWyllys.Ingersoll@Sun.COM
130*12720SWyllys.Ingersoll@Sun.COM /* Make sure this file is read/write for the OWNER only! */
131*12720SWyllys.Ingersoll@Sun.COM (void) fchmod(fd, 0600);
132*12720SWyllys.Ingersoll@Sun.COM #endif
133*12720SWyllys.Ingersoll@Sun.COM #endif
134*12720SWyllys.Ingersoll@Sun.COM
135*12720SWyllys.Ingersoll@Sun.COM #ifdef METAWARE
136*12720SWyllys.Ingersoll@Sun.COM // write out the two file lengths
137*12720SWyllys.Ingersoll@Sun.COM snprintf(aNotherTempBuffer, sizeof(aNotherTempBuffer), "iLength1=%x\n", iLength1);
138*12720SWyllys.Ingersoll@Sun.COM fputs((const char*)aNotherTempBuffer, pFile);
139*12720SWyllys.Ingersoll@Sun.COM
140*12720SWyllys.Ingersoll@Sun.COM snprintf(aNotherTempBuffer, sizeof(aNotherTempBuffer), "iLength2=%x\n", iLength2);
141*12720SWyllys.Ingersoll@Sun.COM fputs((const char*)aNotherTempBuffer, pFile);
142*12720SWyllys.Ingersoll@Sun.COM #endif
143*12720SWyllys.Ingersoll@Sun.COM
144*12720SWyllys.Ingersoll@Sun.COM int iBytesWritten = fwrite( (const char*)aTempBuffer, // from
145*12720SWyllys.Ingersoll@Sun.COM 1, // size
146*12720SWyllys.Ingersoll@Sun.COM iLength1+iLength2, // actual file length
147*12720SWyllys.Ingersoll@Sun.COM pFile ); // to-file
148*12720SWyllys.Ingersoll@Sun.COM
149*12720SWyllys.Ingersoll@Sun.COM fclose( pFile );
150*12720SWyllys.Ingersoll@Sun.COM
151*12720SWyllys.Ingersoll@Sun.COM return ( iBytesWritten == (iLength1+iLength2) );
152*12720SWyllys.Ingersoll@Sun.COM }
153*12720SWyllys.Ingersoll@Sun.COM
154*12720SWyllys.Ingersoll@Sun.COM
~CPKI()155*12720SWyllys.Ingersoll@Sun.COM CPKI::~CPKI()
156*12720SWyllys.Ingersoll@Sun.COM {
157*12720SWyllys.Ingersoll@Sun.COM // empty
158*12720SWyllys.Ingersoll@Sun.COM }
159*12720SWyllys.Ingersoll@Sun.COM
160