void add_tag(char* path_file_name,
int file_name_size,
int tempfile,
char* token,
int token_size,
char* search_token,
int search_size,
int found,
char* level,
int hasbody,
int operator,
int line,
int* filesize)
{
int line_size,size;
char line_stuff[15];
char token_string[MAX_TAG_STRING_SIZE];
if (token_size == 0)
return;
/* create the tag line in the file */
line_size = 0;
memcpy(token_string,token,token_size);
token_string[line_size+token_size] = '\t';
line_size += token_size+1;
memcpy(token_string+line_size,path_file_name,file_name_size);
line_size += file_name_size;
memcpy(token_string+line_size,pre_fix,sizeof(pre_fix));
line_size += sizeof(pre_fix) - 1;
memcpy(token_string+line_size,reserved[found],reserved_size[found]);
line_size += reserved_size[found];
memcpy(token_string+line_size,mid_fix,sizeof(mid_fix));
line_size += sizeof(mid_fix) - 1;
if (hasbody)
{
memcpy(token_string+line_size,body_bit,sizeof(body_bit));
line_size += sizeof(body_bit) - 1;
}
token_string[line_size++] = '\\';
token_string[line_size++] = '<';
if (operator)
token_string[line_size++] = '\"';
memcpy(token_string+line_size,search_token,search_size);
line_size += search_size;
if (operator)
token_string[line_size++] = '\"';
memcpy(token_string+line_size,post_fix,sizeof(post_fix));
line_size += sizeof(post_fix) - 1;
if (level[0] == '2')
{
memcpy(token_string+line_size,extension,sizeof(extension));
line_size += sizeof(extension);
token_string[line_size-1] = res_type[found];
sprintf(line_stuff,"\tline:%d",line);
size = strlen(line_stuff);
memcpy(token_string+line_size,line_stuff,size);
line_size+= size;
/* add the architecture line */
if (in_architecture && found != ARCHITECTURE)
{
memcpy(token_string+line_size,arch_stuff,sizeof(arch_stuff));
line_size += sizeof(arch_stuff) - 1;
memcpy(token_string+line_size,arch_token,arch_token_size);
line_size += arch_token_size;
}
/* add function or procedure lines */
if (in_funcProc && (found != PROCEDURE && found != FUNCTION))
{
memcpy(token_string+line_size,funcProc_stuff[in_funcProc],funcProc_size[in_funcProc]);
line_size += funcProc_size[in_funcProc] - 1;
memcpy(token_string+line_size,funcProc_token,funcProc_token_size);
line_size += funcProc_token_size;
}
/* add package lines */
if (in_package && found != PACKAGE)
{
memcpy(token_string+line_size,pack_stuff,sizeof(pack_stuff));
line_size += sizeof(pack_stuff) - 1;
memcpy(token_string+line_size,pack_token,pack_token_size);
line_size += pack_token_size;
}
}
memcpy(token_string+line_size,line_end,sizeof(line_end));
line_size += sizeof(line_end) - 1;
/* write the entry to the temporary file */
write(tempfile,token_string,line_size);
/* empty strings breaks my sort */
if (token[0] != '\0')
add_to_index(token,token_size,*filesize,line_size);
*filesize = *filesize + line_size;
}
/* Creates an X509 certificate from a certificate request. */
EXPORT int IssueUserCertificate(unsigned char *certbuf, int *certlen, unsigned char *reqbuf, int reqlen)
{
X509_REQ *req = NULL;
EVP_PKEY *cakey = NULL, *rakey = NULL, *usrkey = NULL;
X509 *cacert = NULL, *racert = NULL, *usrcert = NULL;
X509_NAME *subject = NULL, *issuer = NULL;
unsigned char *p = NULL;
int ret = OPENSSLCA_NO_ERR, len;
if (certbuf == NULL || certlen == NULL || reqbuf == NULL || reqlen == 0)
return OPENSSLCA_ERR_ARGS;
/* Decode request */
if ((req = X509_REQ_new()) == NULL) {
ret = OPENSSLCA_ERR_REQ_NEW;
goto err;
}
p = reqbuf;
if (d2i_X509_REQ(&req, &p, reqlen) == NULL) {
ret = OPENSSLCA_ERR_REQ_DECODE;
goto err;
}
/* Get public key from request */
if ((usrkey = X509_REQ_get_pubkey(req)) == NULL) {
ret = OPENSSLCA_ERR_REQ_GET_PUBKEY;
goto err;
}
if (caIni.verifyRequests) {
/* Get RA's public key */
/* TODO: Validate RA certificate */
ret = read_cert(&racert, CA_PATH(caIni.raCertFile));
if (ret != OPENSSLCA_NO_ERR)
goto err;
if ((rakey = X509_get_pubkey(racert)) == NULL) {
ret = OPENSSLCA_ERR_CERT_GET_PUBKEY;
goto err;
}
/* Verify signature on request */
if (X509_REQ_verify(req, rakey) != 1) {
ret = OPENSSLCA_ERR_REQ_VERIFY;
goto err;
}
}
/* Get CA certificate */
/* TODO: Validate CA certificate */
ret = read_cert(&cacert, CA_PATH(caIni.caCertFile));
if (ret != OPENSSLCA_NO_ERR)
goto err;
/* Get CA private key */
ret = read_key(&cakey, CA_PATH(caIni.caKeyFile), caIni.caKeyPasswd);
if (ret != OPENSSLCA_NO_ERR)
goto err;
/* Create user certificate */
if ((usrcert = X509_new()) == NULL)
return OPENSSLCA_ERR_CERT_NEW;
/* Set version and serial number for certificate */
if (X509_set_version(usrcert, 2) != 1) { /* V3 */
ret = OPENSSLCA_ERR_CERT_SET_VERSION;
goto err;
}
if (ASN1_INTEGER_set(X509_get_serialNumber(usrcert), get_serial()) != 1) {
ret = OPENSSLCA_ERR_CERT_SET_SERIAL;
goto err;
}
/* Set duration for certificate */
if (X509_gmtime_adj(X509_get_notBefore(usrcert), 0) == NULL) {
ret = OPENSSLCA_ERR_CERT_SET_NOTBEFORE;
goto err;
}
if (X509_gmtime_adj(X509_get_notAfter(usrcert), EXPIRE_SECS(caIni.daysTillExpire)) == NULL) {
ret = OPENSSLCA_ERR_CERT_SET_NOTAFTER;
goto err;
}
/* Set public key */
if (X509_set_pubkey(usrcert, usrkey) != 1) {
ret = OPENSSLCA_ERR_CERT_SET_PUBKEY;
goto err;
}
/* Set subject name */
subject = X509_REQ_get_subject_name(req);
if (subject == NULL) {
ret = OPENSSLCA_ERR_REQ_GET_SUBJECT;
goto err;
}
if (X509_set_subject_name(usrcert, subject) != 1) {
ret = OPENSSLCA_ERR_CERT_SET_SUBJECT;
goto err;
}
/* Set issuer name */
issuer = X509_get_issuer_name(cacert);
if (issuer == NULL) {
ret = OPENSSLCA_ERR_CERT_GET_ISSUER;
goto err;
}
if (X509_set_issuer_name(usrcert, issuer) != 1) {
ret = OPENSSLCA_ERR_CERT_SET_ISSUER;
goto err;
}
/* Add extensions */
ret = add_ext(cacert, usrcert);
if (ret != OPENSSLCA_NO_ERR)
goto err;
/* Sign user certificate with CA's private key */
if (!X509_sign(usrcert, cakey, EVP_sha1()))
return OPENSSLCA_ERR_CERT_SIGN;
if (caIni.verifyAfterSign) {
if (X509_verify(usrcert, cakey) != 1) {
ret = OPENSSLCA_ERR_CERT_VERIFY;
goto err;
}
}
#ifdef _DEBUG /* Output certificate in DER and PEM format */
{
FILE *fp = fopen(DBG_PATH("usrcert.der"), "wb");
if (fp != NULL) {
i2d_X509_fp(fp, usrcert);
fclose(fp);
}
fp = fopen(DBG_PATH("usrcert.pem"), "w");
if (fp != NULL) {
X509_print_fp(fp, usrcert);
PEM_write_X509(fp, usrcert);
fclose(fp);
}
}
#endif
/* Encode user certificate into DER format */
len = i2d_X509(usrcert, NULL);
if (len < 0) {
ret = OPENSSLCA_ERR_CERT_ENCODE;
goto err;
}
if (len > *certlen) {
ret = OPENSSLCA_ERR_BUF_TOO_SMALL;
goto err;
}
*certlen = len;
p = certbuf;
i2d_X509(usrcert, &p);
if (caIni.addToIndex)
add_to_index(usrcert);
if (caIni.addToNewCerts)
write_cert(usrcert);
err:
print_err("IssueUserCertificate()", ret);
/* Clean up */
if (cacert)
X509_free(cacert);
if (cakey)
EVP_PKEY_free(cakey);
if (racert)
X509_free(racert);
if (rakey)
EVP_PKEY_free(rakey);
if (req)
X509_REQ_free(req);
if (usrcert != NULL)
X509_free(usrcert);
if (usrkey)
EVP_PKEY_free(usrkey);
return ret;
}
