PGPUInt32
CCRSVerisignServer::PostCRSMessage(
PGPKeyServerState inOperation,
const char * inPath,
PGPByte** outResult,
PGPUInt32 inContentLength,
const PGPByte * inData)
{
StPGPDataRef result;
PGPSize resultSize;
resultSize = GetPost(inOperation, inPath, &result, kContentType, inContentLength, inData);
CheckAndRemoveHTTPHeader(result, resultSize, outResult, &resultSize);
return resultSize;
}
int16 ModPost( CONST_TTFACC_FILEBUFFERINFO * pInputBufferInfo,
TTFACC_FILEBUFFERINFO * pOutputBufferInfo,
CONST uint16 usFormat,
uint32 *pulNewOutOffset)
{
POST Post;
int16 errCode = NO_ERROR;
uint16 usBytesWritten;
uint32 ulOffset;
/* verify table needs to be modified */
if (usFormat == TTFDELTA_DELTA) /* only formats for which this is not valid */
{
MarkTableForDeletion(pOutputBufferInfo, POST_TAG);
return errCode;
}
if ((errCode = CopyTableOver(pOutputBufferInfo, pInputBufferInfo, POST_TAG, pulNewOutOffset)) != NO_ERROR)
{
if (errCode == ERR_FORMAT)
return NO_ERROR; /* not required */
return errCode;
}
if ((ulOffset = GetPost( pOutputBufferInfo, &Post )) == 0L)
return ERR_GENERIC;
if ( Post.formatType != POST_FORMAT_3 )
{
/* Not POST format 3.0, so change it to 3.0 */
Post.formatType = POST_FORMAT_3;
if ((errCode = WriteGeneric( pOutputBufferInfo, (uint8 *) &Post,SIZEOF_POST, POST_CONTROL, ulOffset, &usBytesWritten )) != NO_ERROR)
return errCode;
/* update the directory entry with new length */
errCode = UpdateDirEntry( pOutputBufferInfo, POST_TAG, (uint32) usBytesWritten );
*pulNewOutOffset = ulOffset + usBytesWritten;
}
return errCode;
}
void
CHTTPXcertServer::SendCertificateRequest(
PGPKeyRef inCAKey,
PGPKeyRef inRequestKey,
const void * inBuffer,
PGPSize inBufferSize,
void ** outBuffer,
PGPSize * outBufferSize)
{
try {
PGPError pgpErr;
StPGPDataRef result;
StPGPDataRef digest;
PGPSize digestSize;
StPGPDataRef cnk;
PGPSize cnkSize;
StPGPDataRef encodedCNK;
PGPSize bufSize;
StPGPDataRef post;
PGPSize postSize;
StPGPDataRef encodedBuffer;
InitOperation();
if (! PGPKeyRefIsValid(inCAKey)) {
ThrowPGPError_(kPGPError_OptionNotFound);
}
if (! PGPKeyRefIsValid(inRequestKey)) {
ThrowPGPError_(kPGPError_OptionNotFound);
}
digest = static_cast<PGPByte *>(PGPNewData( PGPGetContextMemoryMgr(mContext),
GetMaxDigestedKeyBufferSize(),
kPGPMemoryMgrFlags_None));
if (digest == 0) {
ThrowPGPError_(kPGPError_OutOfMemory);
};
digestSize = DigestKey(inCAKey, digest);
encodedBuffer = static_cast<PGPByte *>(
PGPNewData( PGPGetContextMemoryMgr(mContext),
GetMaxBase64EncodedBufferSize(inBufferSize),
kPGPMemoryMgrFlags_None));
if (encodedBuffer == 0) {
ThrowPGPError_(kPGPError_OutOfMemory);
};
bufSize = Base64Encode( static_cast<const PGPByte *>(inBuffer),
inBufferSize,
encodedBuffer);
pgpErr = PGPGetKeyPropertyBuffer(inRequestKey, kPGPKeyPropX509MD5Hash, 0, 0, &cnkSize);
ThrowIfPGPError_(pgpErr);
cnk = static_cast<PGPByte *>(PGPNewData( PGPGetContextMemoryMgr(mContext),
cnkSize,
kPGPMemoryMgrFlags_None));
if (cnk == 0) {
ThrowPGPError_(kPGPError_OutOfMemory);
}
pgpErr = PGPGetKeyPropertyBuffer( inRequestKey,
kPGPKeyPropX509MD5Hash,
cnkSize,
static_cast<PGPByte *>(cnk),
&cnkSize);
ThrowIfPGPError_(pgpErr);
encodedCNK = static_cast<PGPByte *>(PGPNewData( PGPGetContextMemoryMgr(mContext),
GetMaxHexEncodedBufferSize(cnkSize),
kPGPMemoryMgrFlags_None));
if (encodedCNK == 0) {
ThrowPGPError_(kPGPError_OutOfMemory);
}
cnkSize = HexEncode(cnk, cnkSize, encodedCNK);
cnk.Free();
post = static_cast<PGPByte *>(
PGPNewData( PGPGetContextMemoryMgr(mContext),
strlen(kCA) + digestSize + strlen(kCNK) + cnkSize
+ strlen(kPKCS10_input) + GetMaxURLEncodedBufferSize(bufSize),
kPGPMemoryMgrFlags_None));
if (post == 0) {
ThrowPGPError_(kPGPError_OutOfMemory);
};
postSize = sprintf(post, "%s%s%s%s%s", kCA, static_cast<char *>(digest), kCNK,
static_cast<char *>(encodedCNK), kPKCS10_input);
digest.Free();
encodedCNK.Free();
postSize += URLEncode(encodedBuffer, bufSize, static_cast<char *>(post) + postSize);
encodedBuffer.Free();
GetPost( kPGPKeyServerState_Uploading,
(mPath == 0) ? kDefaultRequestPath : mPath,
&result,
kContentType,
postSize,
post);
post.Free();
ProcessSendCertResult(result, outBuffer, outBufferSize);
}
catch (...) {
if (mCanceled) {
ThrowPGPError_(kPGPError_UserAbort);
} else {
throw;
}
}
}
void
CHTTPXcertServer::RetrieveCRL(
PGPKeyRef inCAKey,
PGPKeySetRef inCAsKeySet,
PGPKeyRef inSigningKey,
PGPByte * inPassphrase,
PGPSize inPassphraseLength,
PGPBoolean inIsPassphrase,
void ** outBuffer,
PGPSize * outBufferSize)
{
(void) inCAsKeySet;
(void) inSigningKey;
(void) inPassphrase;
(void) inPassphraseLength;
(void) inIsPassphrase;
try {
StPGPDataRef digest;
PGPUInt32 digestSize;
StPGPDataRef path;
StPGPDataRef result;
PGPError pgpErr;
const char * prefix = (mPath == 0) ? kDefaultCRLRetrievalPath : mPath;
InitOperation();
if (! PGPKeyRefIsValid(inCAKey)) {
ThrowPGPError_(kPGPError_OptionNotFound);
}
digest = static_cast<PGPByte *>(PGPNewData( PGPGetContextMemoryMgr(mContext),
GetMaxDigestedKeyBufferSize(),
kPGPMemoryMgrFlags_None));
if (digest == 0) {
ThrowPGPError_(kPGPError_OutOfMemory);
};
digestSize = DigestKey(inCAKey, digest);
path = static_cast<PGPByte *>(PGPNewData( PGPGetContextMemoryMgr(mContext),
strlen(prefix) + digestSize + 1,
kPGPMemoryMgrFlags_None));
if (path == 0) {
ThrowPGPError_(kPGPError_OutOfMemory);
}
sprintf(path, "%s%s", prefix, static_cast<char *>(digest));
digest.Free();
GetPost(kPGPKeyServerState_Querying, path, &result);
path.Free();
pgpErr = pgpEventKeyServer( mContext,
mEventHandler,
mEventHandlerData,
this,
kPGPKeyServerState_ProcessingResults);
ThrowIfPGPError_(pgpErr);
ProcessRetrieveCRLResult(result, outBuffer, outBufferSize);
}
catch (...) {
if (mCanceled) {
ThrowPGPError_(kPGPError_UserAbort);
} else {
throw;
}
}
}
void
CHTTPXcertServer::RetrieveCertificate(
PGPFilterRef inSearchFilter,
PGPKeyRef inSearchKey,
PGPKeyRef inSigningKey,
PGPByte * inPassphrase,
PGPSize inPassphraseLength,
PGPBoolean inIsPassphrase,
void ** outBuffer,
PGPSize * outBufferSize)
{
(void) inSearchKey;
(void) inSigningKey;
(void) inPassphrase;
(void) inPassphraseLength;
(void) inIsPassphrase;
try {
StPGPDataRef query;
StPGPDataRef path;
StPGPDataRef result;
PGPError pgpErr;
const char * prefix = (mPath == 0) ? kDefaultRetrievalPath : mPath;
InitOperation();
if (! PGPFilterRefIsValid(inSearchFilter)) {
ThrowPGPError_(kPGPError_OptionNotFound);
}
pgpErr = PGPNetToolsCAHTTPQueryFromFilter( inSearchFilter,
static_cast<char **>(static_cast<void *>(&query)));
ThrowIfPGPError_(pgpErr);
path = static_cast<PGPByte *>(PGPNewData( PGPGetContextMemoryMgr(mContext),
strlen(prefix) + strlen(query) + 1,
kPGPMemoryMgrFlags_None));
if (path == 0) {
ThrowPGPError_(kPGPError_OutOfMemory);
}
sprintf(path, "%s%s", prefix, static_cast<char *>(query));
query.Free();
GetPost(kPGPKeyServerState_Querying, path, &result);
path.Free();
pgpErr = pgpEventKeyServer( mContext,
mEventHandler,
mEventHandlerData,
this,
kPGPKeyServerState_ProcessingResults);
ThrowIfPGPError_(pgpErr);
ProcessRetrieveCertResult(result, outBuffer, outBufferSize);
}
catch (...) {
if (mCanceled) {
ThrowPGPError_(kPGPError_UserAbort);
} else {
throw;
}
}
}
