xref: /onnv-gate/usr/src/lib/libkmsagent/common/KMSAgentPKICommon.cpp (revision 12720:3db6e0082404) 
1  /*
2   * CDDL HEADER START
3   *
4   * The contents of this file are subject to the terms of the
5   * Common Development and Distribution License (the "License").
6   * You may not use this file except in compliance with the License.
7   *
8   * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9   * or http://www.opensolaris.org/os/licensing.
10   * See the License for the specific language governing permissions
11   * and limitations under the License.
12   *
13   * When distributing Covered Code, include this CDDL HEADER in each
14   * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15   * If applicable, add the following below this CDDL HEADER, with the
16   * fields enclosed by brackets "[]" replaced with your own identifying
17   * information: Portions Copyright [yyyy] [name of copyright owner]
18   *
19   * CDDL HEADER END
20   */
21  
22  /*
23   * Copyright (c) 2010, Oracle and/or its affiliates. All rights reserved.
24   */
25  
26  /**
27   * \file KMSAgentPKICommon.cpp
28   */
29  #include <stdio.h>
30  
31  #include "SYSCommon.h"
32  #include "KMSAgentPKICommon.h"
33  #include "KMSAgentStringUtilities.h"
34  
35  #include "KMSAgent_direct.h"
36  
37  
38  //////////////////////////////////////////////////////////////////////
39  // Construction/Destruction
40  //////////////////////////////////////////////////////////////////////
41  
CPKI()42  CPKI::CPKI()
43  {
44     m_iKeyLength = DEFAULT_KEY_SIZE;
45  
46     // used for CA
47     m_pCACertificate = NULL;
48     m_pCAPrivateKey = NULL;
49  }
50  
51  // BEN - make these
52  // global lengths
53  int iLength1 = 0;
54  int iLength2 = 0;
55  
56  // THIS CAN'T BE STACK DATA - TOO BIG
57  static unsigned char aTempBuffer[MAX_CERT_SIZE + MAX_KEY_SIZE];
58  #ifdef METAWARE
59  static char aNotherTempBuffer[50];
60  #endif
61  
62  // used by StoreAgentPKI - KMSAgentStorage.cpp
63  
ExportCertAndKeyToFile(CCertificate * const i_pCertificate,CPrivateKey * const i_pPrivateKey,const char * const i_pcFileName,const char * const i_sPassphrase,EnumPKIFileFormat i_eFileFormat)64  bool CPKI::ExportCertAndKeyToFile(
65     CCertificate* const         i_pCertificate,
66     CPrivateKey*  const         i_pPrivateKey,
67     const char* const           i_pcFileName,
68     const char* const           i_sPassphrase,
69     EnumPKIFileFormat           i_eFileFormat )
70  {
71     FATAL_ASSERT( i_pCertificate && i_pPrivateKey && i_pcFileName );
72  
73  
74     memset( aTempBuffer, 0, MAX_CERT_SIZE + MAX_KEY_SIZE );
75  
76  #ifdef KMSUSERPKCS12
77      if ( i_eFileFormat == FILE_FORMAT_PKCS12 )
78      {
79          if ( !i_pCertificate->SavePKCS12(aTempBuffer,
80                                  MAX_CERT_SIZE,
81                                  &iLength1,
82                                  i_pPrivateKey,
83                                  (char*)i_sPassphrase ) )
84          {
85              return false;
86          }
87      } else {
88  #endif
89  
90     // Overloaded Save method implemented in KMSAgentPKICert.cpp
91     // this method saves Certificate to the temporary buffer, not a file
92     // but a side effect is to get the actual file length
93     if ( !i_pCertificate->Save(aTempBuffer,
94                                MAX_CERT_SIZE,
95                                &iLength1,          /* returned - actual length
96                                                       written */
97                                i_eFileFormat) )
98     {
99        return false;
100     }
101  
102     // Overloaded Save method implemented in KMSAgentPKIKey.cpp
103     // this method saves keys to the temporary buffer, not a file,
104     // but a side effect is to get the actual file length
105     if ( !i_pPrivateKey->Save(aTempBuffer + iLength1,
106                               MAX_KEY_SIZE,
107                               &iLength2,          /* returned - actual length
108                                                      written */
109                               i_sPassphrase,
110                               i_eFileFormat) )
111     {
112        return false;
113     }
114  
115  #ifdef KMSUSERPKCS12
116  	}
117  #endif
118  
119     // now write the temporary buffer to a file
120     myFILE* pFile = fopen( i_pcFileName, "wb" );
121     if ( pFile == NULL )
122     {
123        return false;
124     }
125  
126  #ifdef KMSUSERPKCS12
127  #ifdef K_SOLARIS_PLATFORM
128  	int fd = fileno(pFile);
129  
130  	/* Make sure this file is read/write for the OWNER only! */
131  	(void) fchmod(fd, 0600);
132  #endif
133  #endif
134  
135  #ifdef METAWARE
136     // write out the two file lengths
137     snprintf(aNotherTempBuffer, sizeof(aNotherTempBuffer), "iLength1=%x\n", iLength1);
138     fputs((const char*)aNotherTempBuffer, pFile);
139  
140     snprintf(aNotherTempBuffer, sizeof(aNotherTempBuffer), "iLength2=%x\n", iLength2);
141     fputs((const char*)aNotherTempBuffer, pFile);
142  #endif
143  
144     int iBytesWritten = fwrite( (const char*)aTempBuffer,  // from
145                                 1,                         // size
146                                 iLength1+iLength2,         // actual file length
147                                 pFile );                   // to-file
148  
149     fclose( pFile );
150  
151     return ( iBytesWritten == (iLength1+iLength2) );
152  }
153  
154  
~CPKI()155  CPKI::~CPKI()
156  {
157     // empty
158  }
159  
160