bool
p11_extract_openssl_bundle (p11_enumerate *ex,
const char *destination)
{
p11_save_file *file;
p11_buffer output;
p11_buffer buf;
char *comment;
bool ret = true;
bool first;
CK_RV rv;
file = p11_save_open_file (destination, NULL, ex->flags);
if (!file)
return false;
first = true;
p11_buffer_init (&output, 0);
while ((rv = p11_kit_iter_next (ex->iter)) == CKR_OK) {
p11_buffer_init (&buf, 1024);
if (!p11_buffer_reset (&output, 2048))
return_val_if_reached (false);
if (prepare_pem_contents (ex, &buf)) {
if (!p11_pem_write (buf.data, buf.len, "TRUSTED CERTIFICATE", &output))
return_val_if_reached (false);
comment = p11_enumerate_comment (ex, first);
first = false;
ret = p11_save_write (file, comment, -1) &&
p11_save_write (file, output.data, output.len);
free (comment);
}
p11_buffer_uninit (&buf);
if (!ret)
break;
}
p11_buffer_uninit (&output);
if (rv != CKR_OK && rv != CKR_CANCEL) {
p11_message ("failed to find certificates: %s", p11_kit_strerror (rv));
ret = false;
}
/*
* This will produce an empty file (which is a valid PEM bundle) if no
* certificates were found.
*/
if (!p11_save_finish_file (file, NULL, ret))
ret = false;
return ret;
}
bool
p11_save_write_and_finish (p11_save_file *file,
const void *data,
ssize_t length)
{
bool ret;
if (!file)
return false;
ret = p11_save_write (file, data, length);
if (!p11_save_finish_file (file, NULL, ret))
ret = false;
return ret;
}
bool
p11_extract_openssl_directory (p11_enumerate *ex,
const char *destination)
{
char *filename;
p11_save_file *file;
p11_save_dir *dir;
p11_buffer output;
p11_buffer buf;
bool ret = true;
char *path;
char *name;
CK_RV rv;
dir = p11_save_open_directory (destination, ex->flags);
if (dir == NULL)
return false;
p11_buffer_init (&buf, 0);
p11_buffer_init (&output, 0);
while ((rv = p11_kit_iter_next (ex->iter)) == CKR_OK) {
if (!p11_buffer_reset (&buf, 1024))
return_val_if_reached (false);
if (!p11_buffer_reset (&output, 2048))
return_val_if_reached (false);
if (prepare_pem_contents (ex, &buf)) {
if (!p11_pem_write (buf.data, buf.len, "TRUSTED CERTIFICATE", &output))
return_val_if_reached (false);
name = p11_enumerate_filename (ex);
return_val_if_fail (name != NULL, false);
filename = NULL;
path = NULL;
ret = false;
file = p11_save_open_file_in (dir, name, ".pem");
if (file != NULL) {
ret = p11_save_write (file, output.data, output.len);
if (!p11_save_finish_file (file, &path, ret))
ret = false;
if (ret)
filename = p11_path_base (path);
}
ret = p11_openssl_symlink(ex, dir, filename);
free (filename);
free (path);
free (name);
}
if (!ret)
break;
}
p11_buffer_uninit (&buf);
p11_buffer_uninit (&output);
if (rv != CKR_OK && rv != CKR_CANCEL) {
p11_message ("failed to find certificates: %s", p11_kit_strerror (rv));
ret = false;
}
p11_save_finish_directory (dir, ret);
return ret;
}
