4 * @brief Implementation of cert_payload_t.
9 * Copyright (C) 2005 Jan Hutter, Martin Willi
10 * Hochschule fuer Technik Rapperswil
12 * This program is free software; you can redistribute it and/or modify it
13 * under the terms of the GNU General Public License as published by the
14 * Free Software Foundation; either version 2 of the License, or (at your
15 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
17 * This program is distributed in the hope that it will be useful, but
18 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
19 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
25 #include "cert_payload.h"
29 * String mappings for cert_encoding_t.
31 mapping_t cert_encoding_m
[] = {
32 {PKCS7_WRAPPED_X509_CERTIFICATE
, "PKCS7_WRAPPED_X509_CERTIFICATE"},
33 {PGP_CERTIFICATE
, "PGP_CERTIFICATE"},
34 {DNS_SIGNED_KEY
, "DNS_SIGNED_KEY"},
35 {X509_CERTIFICATE_SIGNATURE
, "X509_CERTIFICATE_SIGNATURE"},
36 {KERBEROS_TOKEN
, "KERBEROS_TOKEN"},
37 {CERTIFICATE_REVOCATION_LIST
, "CERTIFICATE_REVOCATION_LIST"},
38 {AUTHORITY_REVOCATION_LIST
, "AUTHORITY_REVOCATION_LIST"},
39 {SPKI_CERTIFICATE
, "SPKI_CERTIFICATE"},
40 {X509_CERTIFICATE_ATTRIBUTE
, "X509_CERTIFICATE_ATTRIBUTE"},
41 {RAW_SA_KEY
, "RAW_SA_KEY"},
42 {HASH_AND_URL_X509_CERTIFICATE
, "HASH_AND_URL_X509_CERTIFICATE"},
43 {HASH_AND_URL_X509_BUNDLE
, "HASH_AND_URL_X509_BUNDLE"},
48 typedef struct private_cert_payload_t private_cert_payload_t
;
51 * Private data of an cert_payload_t object.
54 struct private_cert_payload_t
{
56 * Public cert_payload_t interface.
58 cert_payload_t
public;
63 u_int8_t next_payload
;
71 * Length of this payload.
73 u_int16_t payload_length
;
76 * Encoding of the CERT Data.
78 u_int8_t cert_encoding
;
81 * The contained cert data value.
87 * Encoding rules to parse or generate a CERT payload
89 * The defined offsets are the positions in a object of type
90 * private_cert_payload_t.
93 encoding_rule_t cert_payload_encodings
[] = {
94 /* 1 Byte next payload type, stored in the field next_payload */
95 { U_INT_8
, offsetof(private_cert_payload_t
, next_payload
) },
96 /* the critical bit */
97 { FLAG
, offsetof(private_cert_payload_t
, critical
) },
98 /* 7 Bit reserved bits, nowhere stored */
106 /* Length of the whole payload*/
107 { PAYLOAD_LENGTH
, offsetof(private_cert_payload_t
, payload_length
)},
108 /* 1 Byte CERT type*/
109 { U_INT_8
, offsetof(private_cert_payload_t
, cert_encoding
) },
110 /* some cert data bytes, length is defined in PAYLOAD_LENGTH */
111 { CERT_DATA
, offsetof(private_cert_payload_t
, cert_data
) }
116 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
117 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
118 ! Next Payload !C! RESERVED ! Payload Length !
119 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
124 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
128 * Implementation of payload_t.verify.
130 static status_t
verify(private_cert_payload_t
*this)
132 if ((this->cert_encoding
== 0) ||
133 ((this->cert_encoding
>= 14) && (this->cert_encoding
<= 200)))
142 * Implementation of cert_payload_t.get_encoding_rules.
144 static void get_encoding_rules(private_cert_payload_t
*this, encoding_rule_t
**rules
, size_t *rule_count
)
146 *rules
= cert_payload_encodings
;
147 *rule_count
= sizeof(cert_payload_encodings
) / sizeof(encoding_rule_t
);
151 * Implementation of payload_t.get_type.
153 static payload_type_t
get_payload_type(private_cert_payload_t
*this)
159 * Implementation of payload_t.get_next_type.
161 static payload_type_t
get_next_type(private_cert_payload_t
*this)
163 return (this->next_payload
);
167 * Implementation of payload_t.set_next_type.
169 static void set_next_type(private_cert_payload_t
*this,payload_type_t type
)
171 this->next_payload
= type
;
175 * Implementation of payload_t.get_length.
177 static size_t get_length(private_cert_payload_t
*this)
179 return this->payload_length
;
183 * Implementation of cert_payload_t.set_cert_encoding.
185 static void set_cert_encoding (private_cert_payload_t
*this, cert_encoding_t encoding
)
187 this->cert_encoding
= encoding
;
191 * Implementation of cert_payload_t.get_cert_encoding.
193 static cert_encoding_t
get_cert_encoding (private_cert_payload_t
*this)
195 return (this->cert_encoding
);
199 * Implementation of cert_payload_t.set_data.
201 static void set_data (private_cert_payload_t
*this, chunk_t data
)
203 if (this->cert_data
.ptr
!= NULL
)
205 chunk_free(&(this->cert_data
));
207 this->cert_data
.ptr
= clalloc(data
.ptr
,data
.len
);
208 this->cert_data
.len
= data
.len
;
209 this->payload_length
= CERT_PAYLOAD_HEADER_LENGTH
+ this->cert_data
.len
;
213 * Implementation of cert_payload_t.get_data.
215 static chunk_t
get_data (private_cert_payload_t
*this)
217 return (this->cert_data
);
221 * Implementation of cert_payload_t.get_data_clone.
223 static chunk_t
get_data_clone (private_cert_payload_t
*this)
226 if (this->cert_data
.ptr
== NULL
)
228 return (this->cert_data
);
230 cloned_data
.ptr
= clalloc(this->cert_data
.ptr
,this->cert_data
.len
);
231 cloned_data
.len
= this->cert_data
.len
;
236 * Implementation of payload_t.destroy and cert_payload_t.destroy.
238 static void destroy(private_cert_payload_t
*this)
240 if (this->cert_data
.ptr
!= NULL
)
242 chunk_free(&(this->cert_data
));
249 * Described in header
251 cert_payload_t
*cert_payload_create()
253 private_cert_payload_t
*this = malloc_thing(private_cert_payload_t
);
255 /* interface functions */
256 this->public.payload_interface
.verify
= (status_t (*) (payload_t
*))verify
;
257 this->public.payload_interface
.get_encoding_rules
= (void (*) (payload_t
*, encoding_rule_t
**, size_t *) ) get_encoding_rules
;
258 this->public.payload_interface
.get_length
= (size_t (*) (payload_t
*)) get_length
;
259 this->public.payload_interface
.get_next_type
= (payload_type_t (*) (payload_t
*)) get_next_type
;
260 this->public.payload_interface
.set_next_type
= (void (*) (payload_t
*,payload_type_t
)) set_next_type
;
261 this->public.payload_interface
.get_type
= (payload_type_t (*) (payload_t
*)) get_payload_type
;
262 this->public.payload_interface
.destroy
= (void (*) (payload_t
*))destroy
;
264 /* public functions */
265 this->public.destroy
= (void (*) (cert_payload_t
*)) destroy
;
266 this->public.set_cert_encoding
= (void (*) (cert_payload_t
*,cert_encoding_t
)) set_cert_encoding
;
267 this->public.get_cert_encoding
= (cert_encoding_t (*) (cert_payload_t
*)) get_cert_encoding
;
268 this->public.set_data
= (void (*) (cert_payload_t
*,chunk_t
)) set_data
;
269 this->public.get_data_clone
= (chunk_t (*) (cert_payload_t
*)) get_data_clone
;
270 this->public.get_data
= (chunk_t (*) (cert_payload_t
*)) get_data
;
272 /* private variables */
273 this->critical
= FALSE
;
274 this->next_payload
= NO_PAYLOAD
;
275 this->payload_length
=CERT_PAYLOAD_HEADER_LENGTH
;
276 this->cert_data
= CHUNK_INITIALIZER
;
278 return (&(this->public));