📄 cmtcert.c
字号:
/* -*- Mode: C; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- *//* * The contents of this file are subject to the Mozilla Public * License Version 1.1 (the "License"); you may not use this file * except in compliance with the License. You may obtain a copy of * the License at http://www.mozilla.org/MPL/ * * Software distributed under the License is distributed on an "AS * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or * implied. See the License for the specific language governing * rights and limitations under the License. * * The Original Code is the Netscape security libraries. * * The Initial Developer of the Original Code is Netscape * Communications Corporation. Portions created by Netscape are * Copyright (C) 1994-2000 Netscape Communications Corporation. All * Rights Reserved. * * Contributor(s): * * Alternatively, the contents of this file may be used under the * terms of the GNU General Public License Version 2 or later (the * "GPL"), in which case the provisions of the GPL are applicable * instead of those above. If you wish to allow use of your * version of this file only under the terms of the GPL and not to * allow others to use your version of this file under the MPL, * indicate your decision by deleting the provisions above and * replace them with the notice and other provisions required by * the GPL. If you do not delete the provisions above, a recipient * may use your version of this file under either the MPL or the * GPL. */#include "cmtcmn.h"#ifdef XP_UNIX#include <sys/types.h>#include <sys/socket.h>#include <netinet/in.h>#else#ifdef XP_MAC#include "macsocket.h"#include "cmtmac.h"#else#include <windows.h>#include <winsock.h>#endif#endif#include <errno.h>#include "cmtutils.h"#include "messages.h"#include <string.h>#include "cmtjs.h"CMUint32 CMT_DecodeAndCreateTempCert(PCMT_CONTROL control, char * data, CMUint32 len, int type) { CMTItem message; DecodeAndCreateTempCertRequest request; SingleNumMessage reply; /* Set up the request */ request.type = type; request.cert.len = len; request.cert.data = (unsigned char *) data; /* Encode the request */ if (CMT_EncodeMessage(DecodeAndCreateTempCertRequestTemplate, &message, &request) != CMTSuccess) { goto loser; } /* Set the message request type */ message.type = SSM_REQUEST_MESSAGE | SSM_CERT_ACTION | SSM_DECODE_TEMP_CERT; /* Send the message and get the response */ if (CMT_SendMessage(control, &message) == CMTFailure) { goto loser; } /* Validate the message reply type */ if (message.type != (SSM_REPLY_OK_MESSAGE | SSM_CERT_ACTION | SSM_DECODE_TEMP_CERT)) { goto loser; } /* Decode the reply */ if (CMT_DecodeMessage(SingleNumMessageTemplate, &reply, &message) != CMTSuccess) { goto loser; } /* Return the cert id */ return reply.value;loser: return 0;}void CMT_DestroyCertificate(PCMT_CONTROL control, CMUint32 certID){ CMTItem message; SingleNumMessage request; /* Set up the request */ request.value = certID; /* Encode the request */ if (CMT_EncodeMessage(SingleNumMessageTemplate, &message, &request) != CMTSuccess) { goto loser; } /* Set the message request type */ message.type = SSM_REQUEST_MESSAGE | SSM_CERT_ACTION | SSM_DESTROY_CERT; /* Send the message and get the response */ if (CMT_SendMessage(control, &message) == CMTFailure) { goto loser; } /* Validate the message reply type */ if (message.type != (SSM_REPLY_OK_MESSAGE | SSM_CERT_ACTION | SSM_DESTROY_CERT)) { goto loser; }loser: /* do something on fail ? */ return;}char * CMT_GenKeyOldStyle(PCMT_CONTROL control, CMKeyGenTagArg * arg, CMKeyGenTagReq *next){ CMTItem message; GenKeyOldStyleRequest request; GenKeyOldStyleTokenReply tokenreply; GenKeyOldStyleTokenRequest tokenrequest; SingleStringMessage keyreply; GenKeyOldStylePasswordRequest pwdrequest; GenKeyOldStylePasswordReply passwordreply; char * keystring = NULL; NameList * tokens = NULL; CMKeyGenPassword * pwdstruct = NULL; int i; if (!arg || !next) goto loser; /* Set up appropriate request */ switch (arg->op) { case CM_KEYGEN_START: { CMKeyGenParams * params = (CMKeyGenParams *) arg->current; request.choiceString = params->choiceString; request.challenge = params->challenge; request.typeString = params->typeString; request.pqgString = params->pqgString; if (CMT_EncodeMessage(GenKeyOldStyleRequestTemplate, &message, &request) != CMTSuccess) goto loser; message.type = (SSM_REQUEST_MESSAGE | SSM_KEYGEN_TAG | SSM_KEYGEN_START); } break; case CM_KEYGEN_PICK_TOKEN: tokenreply.rid = arg->rid; tokenreply.cancel = (CMBool) arg->cancel; if (!arg->cancel) tokenreply.tokenName = arg->tokenName; /* Encode the request */ if (CMT_EncodeMessage(GenKeyOldStyleTokenReplyTemplate, &message, &tokenreply) != CMTSuccess) goto loser; message.type = (SSM_REQUEST_MESSAGE | SSM_KEYGEN_TAG |SSM_KEYGEN_TOKEN); break; case CM_KEYGEN_SET_PASSWORD: passwordreply.rid = arg->rid; passwordreply.cancel = (CMBool) arg->cancel; if (!arg->cancel) passwordreply.password = ((CMKeyGenPassword*)arg->current)->password; /* Encode the request */ if (CMT_EncodeMessage(GenKeyOldStylePasswordReplyTemplate, &message, &passwordreply) != CMTSuccess) goto loser; /* Set the message request type */ message.type = SSM_REQUEST_MESSAGE |SSM_KEYGEN_TAG |SSM_KEYGEN_PASSWORD; break; default: /* don't know what to do - bad argument? */ goto loser; } /* Send the message */ if (CMT_SendMessage(control, &message) == CMTFailure) { goto loser; } if (arg->current) free(arg->current); arg->current = NULL; /* check what kind of response we got */ switch (message.type) { case (SSM_REPLY_OK_MESSAGE | SSM_KEYGEN_TAG | SSM_KEYGEN_DONE): /* Decode the reply */ if (CMT_DecodeMessage(SingleStringMessageTemplate, &keyreply, &message) != CMTSuccess) goto loser; keystring = strdup(keyreply.string); *next = CM_KEYGEN_DONE; break; case (SSM_REPLY_OK_MESSAGE | SSM_KEYGEN_TAG | SSM_KEYGEN_TOKEN): /* Decode the reply */ if (CMT_DecodeMessage(GenKeyOldStyleTokenRequestTemplate, &tokenrequest, &message) != CMTSuccess) goto loser; tokens = (NameList *) malloc(sizeof(NameList)); tokens->numitems = tokenrequest.numtokens; tokens->names = (char **) calloc(tokenrequest.numtokens, sizeof(char *)); for (i = 0; i<tokenrequest.numtokens; i++) tokens->names[i] = strdup(tokenrequest.tokenNames[i]); arg->rid = tokenrequest.rid; arg->current = tokens; *next = CM_KEYGEN_PICK_TOKEN ; break; case (SSM_REPLY_OK_MESSAGE | SSM_KEYGEN_TAG | SSM_KEYGEN_PASSWORD): if (CMT_DecodeMessage(GenKeyOldStylePasswordRequestTemplate, &pwdrequest,&message) != CMTSuccess) goto loser; arg->rid = pwdrequest.rid; pwdstruct = (CMKeyGenPassword *) malloc(sizeof(CMKeyGenPassword)); pwdstruct->password = NULL; pwdstruct->minpwd = pwdrequest.minpwdlen; pwdstruct->maxpwd = pwdrequest.maxpwdlen; pwdstruct->internalToken = pwdrequest.internal; arg->current = pwdstruct; *next = CM_KEYGEN_SET_PASSWORD; break; default: /* error or bad message type */ *next = CM_KEYGEN_ERR; break; }loser: return keystring;}char ** CMT_GetKeyChoiceList(PCMT_CONTROL control, char * type, char * pqgString){ CMTItem message; int i; char **result = NULL; GetKeyChoiceListRequest request; GetKeyChoiceListReply reply; /* Set up the request */ request.type = type; request.pqgString = pqgString; /* Encode the message */ if (CMT_EncodeMessage(GetKeyChoiceListRequestTemplate, &message, &request) != CMTSuccess) { goto loser; } /* Set the message request type */ message.type = SSM_REQUEST_MESSAGE | SSM_KEYGEN_TAG | SSM_GET_KEY_CHOICE; /* Send the message */ if (CMT_SendMessage(control, &message) == CMTFailure) { goto loser; } /* Validate the message response type */ if (message.type != (SSM_REPLY_OK_MESSAGE | SSM_KEYGEN_TAG | SSM_GET_KEY_CHOICE)) { goto loser; } /* Decode the reply */ if (CMT_DecodeMessage(GetKeyChoiceListReplyTemplate, &reply, &message) != CMTSuccess) { goto loser; } result = (char **) calloc(reply.nchoices+1, sizeof(char *)); if (!result) { goto loser; } for (i = 0; i<reply.nchoices; i++) { result[i] = reply.choices[i]; } result[i] = 0;loser: return result;} CMTStatus CMT_ImportCertificate(PCMT_CONTROL control, CMTItem * cert, CMUint32 * certResourceID){ CMTItem message; SingleItemMessage request; ImportCertReply reply; /* Do some parameter checking */ if (!control || !cert || !certResourceID) { goto loser; } /* Set up the request */ request.item = *cert; /* Encode the request */ if (CMT_EncodeMessage(SingleItemMessageTemplate, &message, &request) != CMTSuccess) { goto loser; } /* Set the message request type */ message.type = SSM_REQUEST_MESSAGE | SSM_CERT_ACTION | SSM_IMPORT_CERT; /* Send the message and get the response */ if (CMT_SendMessage(control, &message) == CMTFailure) { goto loser; } /* Validate the reply */ if (message.type != (SSM_REPLY_OK_MESSAGE | SSM_CERT_ACTION | SSM_IMPORT_CERT)) { goto loser; } /* Decode the reply */ if (CMT_DecodeMessage(ImportCertReplyTemplate, &reply, &message) != CMTSuccess) { goto loser; } /* Success */ if (reply.result == 0) { *certResourceID = reply.resID; return CMTSuccess; }loser: *certResourceID = 0; return CMTFailure;}CMUint32 CMT_DecodeCertFromPackage(PCMT_CONTROL control, char * certbuf, int certlen){ CMTItem message; SingleItemMessage request; SingleNumMessage reply; /* check parameters */ if (!control || !certbuf || certlen == 0) { goto loser; } /* Set up the request */ request.item.data = (unsigned char *) certbuf; request.item.len = certlen; /* Encode the request */ if (CMT_EncodeMessage(SingleItemMessageTemplate, &message, &request) != CMTSuccess) { goto loser; } /* Set the message request type */ message.type = SSM_REQUEST_MESSAGE | SSM_CERT_ACTION | SSM_DECODE_CERT; /* Send the message and get the response */ if (CMT_SendMessage(control, &message) == CMTFailure) { goto loser; } /* Validate the message reply type */ if (message.type != (SSM_REPLY_OK_MESSAGE | SSM_CERT_ACTION | SSM_DECODE_CERT)) { goto loser; } /* Decode the reply */ if (CMT_DecodeMessage(SingleNumMessageTemplate, &reply, &message) != CMTSuccess) { goto loser; } /* Return cert id */ return reply.value;loser: return 0;}CMTStatus CMT_VerifyCertificate(PCMT_CONTROL control, CMUint32 certResourceID, CMUint32 certUsage, CMInt32 * result){ CMTItem message; VerifyCertRequest request; SingleNumMessage reply; /* Do some parameter checking */ if (!control || !result) { goto loser; } /* Set the request */ request.resID = certResourceID; request.certUsage = certUsage; /* Encode the request */ if (CMT_EncodeMessage(VerifyCertRequestTemplate, &message, &request) != CMTSuccess) { goto loser; } /* Set the message request type */ message.type = SSM_REQUEST_MESSAGE | SSM_CERT_ACTION | SSM_VERIFY_CERT; /* Send the message and get the response */ if (CMT_SendMessage(control, &message) == CMTFailure) { goto loser; } /* Validate the message reply type */ if (message.type != (SSM_REPLY_OK_MESSAGE | SSM_CERT_ACTION | SSM_VERIFY_CERT)) { goto loser; } /* Decode the reply */ if (CMT_DecodeMessage(SingleNumMessageTemplate, &reply, &message) != CMTSuccess) { goto loser; } *result = reply.value; if (*result == 0) { return CMTSuccess; }loser: return CMTFailure;}CMTStatus CMT_FindCertificateByNickname(PCMT_CONTROL control, char * nickname, CMUint32 *resID){ CMTItem message; SingleStringMessage request; SingleNumMessage reply; /* Do some basic parameter checking */ if (!control || !nickname) { goto loser; } /* Set the request */ request.string = nickname; /* Encode the request */ if (CMT_EncodeMessage(SingleStringMessageTemplate, &message, &request) != CMTSuccess) { goto loser; } /* Set the message request type */ message.type = SSM_REQUEST_MESSAGE | SSM_CERT_ACTION | SSM_FIND_BY_NICKNAME; /* Send the message and get the response */⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -