ospx509.c

mgcp协议源代码。支持多种编码：g711

/*
*########################################################################
*########################################################################
*########################################################################
*                                                               
*   COPYRIGHT (c) 1998, 1999 by TransNexus, LLC                          
*                                                                    
*   This software contains proprietary and confidential information  
*   of TransNexus, LLC. Except as may be set forth in the license    
*   agreement under which this software is supplied, use, disclosure, 
*   or reproduction is prohibited without the prior, express, written
*   consent of TransNexus, LLC.                                      
*                                     
*
*
*
*
*
*
*#########################################################################
*#########################################################################
*#########################################################################
*/

/*
 * ospx509.c - Member functions for X509 Certificate object.
 */

#include "osp.h"
#include "ospasn1.h"
#include "osppkcs1.h"
#include "ospx509.h"
#include "ospx500.h"
#include "osptnlog.h"
#include "ospostime.h"
#include "ospcrypto.h"



/* ---------------------------------------------------------*/
/* Member functions                                         */
/* ---------------------------------------------------------*/

#define PROVIDERDOMAIN "transnexus.com"
#define PROVIDERINFO   "transnexus.com %ld %ld"

int
OSPPX509CertGetCustDeviceId(
    OSPTASN1OBJECT *ospvCertificate,
    unsigned long *ospvCustomerId,
    unsigned long *ospvDeviceId)
{
    int errorcode = OSPC_ERR_NO_ERROR;
    OSPTASN1ELEMENTINFO *eInfo = OSPC_OSNULL;
    char *domainName = PROVIDERDOMAIN;
    unsigned domainNameLength = sizeof(PROVIDERDOMAIN)-1;
    unsigned dataLength = 0;
    char *data = OSPC_OSNULL;
    char *cptr = OSPC_OSNULL; 
    char *lcptr = OSPC_OSNULL;
    char *pname = OSPC_OSNULL;
    char *value = OSPC_OSNULL;

    *ospvCustomerId = 0;
    *ospvDeviceId = 0;

    /* Get the subject element */
    errorcode = OSPPX509CertTestContext(ospvCertificate);

    if (errorcode == OSPC_ERR_NO_ERROR)
    {
        /* Get pointer to parse result that is head of subject name */
        errorcode = OSPPASN1ObjectGetElementByDataRef(ospvCertificate, &eInfo, 
            OSPEDRID_CERT_SUBJECT);

        if (errorcode == OSPC_ERR_NO_ERROR)
        {
            errorcode = OSPPASN1ElementGetElementData(eInfo,
                (unsigned char **)&value,&dataLength);
        }


        if (errorcode == OSPC_ERR_NO_ERROR)
        {
            OSPM_MALLOC(data, char, dataLength+1);

            if (data == OSPC_OSNULL)
            {
                errorcode = OSPC_ERR_X509_UNABLE_TO_ALLOCATE_SPACE;
                OSPM_DBGERRORLOG(errorcode, "Unable to allocate space");
            }

            if (errorcode == OSPC_ERR_NO_ERROR)
            {
                OSPM_MEMCPY(data, value, dataLength);
                data[dataLength] = '\0';
            }
        }

    }

    if (errorcode == OSPC_ERR_NO_ERROR)
    {
        /* Search for the string in domainName */
        for (cptr = data; *cptr; cptr++)
        {
            /* Looking for a [ */
            if (*cptr != '[')
            {
                /* Not found */
                continue;
            }

            /* Found a [, is it followed by the domain name? */
            cptr++;
            if (strncmp(cptr, domainName, domainNameLength))
            {
                /* Nope */
                continue;
            }

            /* Domain Name Found, we ARE in the parameter OU element */
            pname = OSPM_STRTOK((char *)cptr, " ", &lcptr); /* Skip domainname */
            while(pname)
            {
                /* Get the next parameter name */
                pname = OSPM_STRTOK((char *)OSPC_OSNULL, " :]", &lcptr);
                if (pname == OSPC_OSNULL)
                {
                    /* Parameter was not found, done */
                    break;
                }

                /* Have a parameter name, get the value */
                value = OSPM_STRTOK((char *)OSPC_OSNULL, " :]", &lcptr);
                if (value == OSPC_OSNULL)
                {
                    /* Badly formed paramter value pair, done */
                    break;
                }

                /* We have a parameter and a value - which one? */
                if (!strncmp(pname, "GWID", 4))
                {
                    /* Found a gateway id */
                    *ospvDeviceId = atol(value);
                    continue;
                }

                if (!strncmp(pname, "CSID", 4))
                {
                    /* Found a customer id */
                    *ospvCustomerId = atol(value);
                    continue;
                }
            }

            break;
        }

    }
    OSPPASN1ElementDelete(&eInfo, 0);
    OSPM_FREE(data);

    return errorcode;
}


int
OSPPX509CertCheckCertificateData(
    OSPTASN1OBJECT *ospvCertInfo,
    OSPTASN1OBJECT *ospvSignerPublicKey)
{
    int errorcode = OSPC_ERR_NO_ERROR;

    unsigned char *tbsCertificate = OSPC_OSNULL;
    unsigned int tbsCertificateLength = 0;
    OSPTASN1OBJECT *signature = OSPC_OSNULL;
    /* OSPTASN1OBJECT *publicKey = OSPC_OSNULL; */
    OSPTASN1OBJECT *certInfo = OSPC_OSNULL;
    OSPTASN1ELEMENTINFO *elementInfo = OSPC_OSNULL;
    char currentDate[OSPC_TIMESTRINGSIZE] = "";
    char notBeforeString[OSPC_TIMESTRINGSIZE] = "";
    char notAfterString[OSPC_TIMESTRINGSIZE] = "";
    OSPTTIME currentTime = 0;
    char *century = OSPC_OSNULL;
    unsigned char *date = OSPC_OSNULL;
    unsigned int  dateLength = 0;
    unsigned char *certificate = OSPC_OSNULL;
    unsigned int certificateLength = 0;

    errorcode = OSPPASN1ObjectGetElementInfo(ospvCertInfo, &elementInfo);

    memset(&notBeforeString,0,sizeof(notBeforeString));
    memset(&notAfterString,0,sizeof(notAfterString));

    if (errorcode == OSPC_ERR_NO_ERROR)
    {
        /* Reparse the certificate */
        errorcode = OSPPASN1ElementGetElementData(elementInfo,
            &certificate, &certificateLength);

        if (errorcode == OSPC_ERR_NO_ERROR)
        {
            errorcode = OSPPX509CertCreate(certificate, &certInfo);
        }
    }


    /* To validate the certificate you need to verify the certificate
    signature using teh TBSCertificate portion of the certificate being
    validated.  You also need to compre the not-before and not-after dates
    against the current date.  
    */
    if (errorcode == OSPC_ERR_NO_ERROR)
    {
        /* Check the certificate's signature */
        if (errorcode == OSPC_ERR_NO_ERROR)
        {
            /* Get the "to be signed" part of the certificate */
            errorcode = OSPPASN1ObjectGetElementByDataRef(certInfo, 
                &elementInfo, OSPEDRID_CERT_TBSCERTIFICATE);

            if (errorcode == OSPC_ERR_NO_ERROR)
            {
                errorcode = OSPPASN1ElementGetElementData(elementInfo,
                    &tbsCertificate,
                    &tbsCertificateLength);
            }
        }

        if (errorcode == OSPC_ERR_NO_ERROR)
        {
            /* Get the signature from certificate */
            errorcode = OSPPASN1ObjectCopyElementObject(&signature,
                certInfo, OSPEDRID_CERT_SIGNATURE);
        }

        if (errorcode == OSPC_ERR_NO_ERROR)
        {
            errorcode = OSPPCryptoVerify( signature, ospvSignerPublicKey,
                tbsCertificate, tbsCertificateLength); 
        }

        OSPM_FREE(tbsCertificate);  
        OSPPASN1ElementDelete(&(signature->ParseResults->ElementInfo),0);
        OSPPASN1ObjectDelete(&signature);

        /* OSPPASN1ElementDelete(&(publicKey->ParseResults->ElementInfo),0); */
        /* OSPPASN1ObjectDelete(&publicKey); */
    }

    if (errorcode == OSPC_ERR_NO_ERROR)
    {
        /* Signature must be good.  Check validity dates */

        /* Get the current time - don't need milliseconds */
        errorcode = OSPPOSTimeGetTime(&currentTime, 
            (unsigned int *)OSPC_OSNULL);

        if (errorcode == OSPC_ERR_NO_ERROR)
        {
            /* Format the current time in YYYYMMDDhhmmssZ format */
            errorcode = OSPPOSTimeFormatGMTTime(currentTime, "%Y%m%d%H%M%SZ", 
                currentDate);
        }

        if (errorcode == OSPC_ERR_NO_ERROR)
        {   
            if(elementInfo) 
            {
                OSPM_FREE(elementInfo);
            }
            /* Get the Not before time from the certificate */  
            errorcode = OSPPASN1ObjectGetElementByDataRef(certInfo,
                &elementInfo, OSPEDRID_CERT_NOTBEFORE);

            if (errorcode == OSPC_ERR_NO_ERROR)
            {
                errorcode = OSPPASN1ElementGetContentData(elementInfo,
                    &date, &dateLength);
                if (errorcode == OSPC_ERR_NO_ERROR)
                {
                    if (dateLength != 13)
                    {
                        errorcode = OSPC_ERR_X509_INVALID_DATE;
                        OSPM_DBGERRORLOG(errorcode, 
                            "Date is not 13 characters long");
                    }
                    else
                    {
                        /* Format the not before date */
                        century = (OSPM_MEMCMP(date, "49", 2) > 0)? "19" : "20";
                        OSPM_STRCPY(notBeforeString,century);
                        OSPM_STRNCAT(notBeforeString,(char *)date,13);
                        /*OSPM_SPRINTF(notBeforeString,"%s%13s.13s", century, date);*/
                    }
                }
            }
        }

        if (errorcode == OSPC_ERR_NO_ERROR)
        {
            if(elementInfo) /* !!! PS */
            {
                OSPM_FREE(elementInfo->Element);
                elementInfo->ElementLength = 0;
                OSPM_FREE(elementInfo);
            }
            /* Get the Not after time from the certificate */   
            errorcode = OSPPASN1ObjectGetElementByDataRef( certInfo, 
                &elementInfo, OSPEDRID_CERT_NOTAFTER);

            if (errorcode == OSPC_ERR_NO_ERROR)
            {
                errorcode = OSPPASN1ElementGetContentData(elementInfo,
                    &date, &dateLength);
                if (errorcode == OSPC_ERR_NO_ERROR)
                {
                    if (dateLength != 13)
                    {
                        errorcode = OSPC_ERR_X509_INVALID_DATE;
                        OSPM_DBGERRORLOG(errorcode, 
                            "Date is not 13 characters long");
                    }
                    else
                    {
                        /* Format the not after date */
                        century = (OSPM_MEMCMP(date, "49", 2) > 0)? "19" : "20";
                        OSPM_STRCPY(notAfterString,century);
                        OSPM_STRNCAT(notAfterString,(char *)date,13);
                        /*OSPM_SPRINTF(notAfterString,"%s%13s.13s", century, date);*/
                    }
                }
            }
            if(elementInfo) /* !!! PS */
            {
                OSPM_FREE(elementInfo->Element);
                elementInfo->ElementLength = 0;
                OSPM_FREE(elementInfo);
            }
        }

        if (errorcode == OSPC_ERR_NO_ERROR)
        {
            /* At this time, Only UTC times are supported.  Format is
            YYMMDDHHMMSSZ.  Accorting to X509, if YY is less than 50, then the
            century is 2000.  If date is greater than 50, century is 1900.
            After 2050, generalized time will be used (not supported), and that
            will eliminate the problem since centurey is explicit in date. */

            if ((OSPM_MEMCMP(currentDate,notBeforeString,
                strlen(currentDate))<0) ||
                (OSPM_MEMCMP(currentDate,notAfterString,
                strlen(currentDate))>0)) 
            {
                errorcode = OSPC_ERR_X509_CERTIFICATE_EXPIRED;
#ifdef IGNOREOUTOFDATEERR
                errorcode = OSPC_ERR_NOERROR;
#endif
                OSPM_DBGERRORLOG(errorcode, 
                    "Current date is outside certificate validity dates");
            }
        }
    }

    OSPPASN1ObjectDelete(&certInfo);
    return errorcode;
} /* OSPPX509CertCheckCertificateData */