コード例 #1
0
ファイル: cert_data.c プロジェクト: xnuxer/vpnconnect
CFDateRef GetDateFieldFromCertificate(SecCertificateRef certificate, CFTypeRef oid)
{
  const void *keys[] = { oid };
  CFDictionaryRef dict = NULL;
  CFErrorRef error;
  CFDateRef date = NULL;

  CFArrayRef keySelection = CFArrayCreate(NULL, keys , sizeof(keys)/sizeof(keys[0]), &kCFTypeArrayCallBacks);
  dict = SecCertificateCopyValues(certificate, keySelection, &error);
  if (dict == NULL)
    {
      printErrorMsg("GetDateFieldFromCertificate: SecCertificateCopyValues", error);
      goto release_ks;
    }
  CFDictionaryRef vals = dict ? CFDictionaryGetValue(dict, oid) : NULL;
  CFNumberRef vals2 = vals ? CFDictionaryGetValue(vals, kSecPropertyKeyValue) : NULL;
  if (vals2 == NULL)
    goto release_dict;

  CFAbsoluteTime validityNotBefore;
  if (CFNumberGetValue(vals2, kCFNumberDoubleType, &validityNotBefore))
    date = CFDateCreate(kCFAllocatorDefault,validityNotBefore);

release_dict:
  CFRelease(dict);
release_ks:
  CFRelease(keySelection);
  return date;
}
コード例 #2
0
ファイル: cert_data.c プロジェクト: xnuxer/vpnconnect
CFArrayRef GetFieldsFromCertificate(SecCertificateRef certificate, CFTypeRef oid)
{
  CFMutableArrayRef fields = CFArrayCreateMutable(NULL, 0, NULL);
  CertNameRef pCertName = createCertName();
  const void* keys[] = { oid, };
  CFDictionaryRef dict;
  CFErrorRef error;

  CFArrayRef keySelection = CFArrayCreate(NULL, keys , 1, NULL);

  dict = SecCertificateCopyValues(certificate, keySelection, &error);
  if (dict == NULL) {
      printErrorMsg("GetFieldsFromCertificate: SecCertificateCopyValues", error);
      CFRelease(keySelection);
      CFRelease(fields);
      destroyCertName(pCertName);
      return NULL;
  }
  CFDictionaryRef vals = CFDictionaryGetValue(dict, oid);
  CFArrayRef vals2 = vals ? CFDictionaryGetValue(vals, kSecPropertyKeyValue) : NULL;
  if (vals2)
    {
      for(int i = 0; i < CFArrayGetCount(vals2); i++) {
        CFDictionaryRef subDict = CFArrayGetValueAtIndex(vals2, i);
        CFStringRef label = CFDictionaryGetValue(subDict, kSecPropertyKeyLabel);
        CFStringRef value = CFDictionaryGetValue(subDict, kSecPropertyKeyValue);

        if (CFStringCompare(label, kSecOIDEmailAddress, 0) == kCFCompareEqualTo)
          CFArrayAppendValue((CFMutableArrayRef)pCertName->emailAddress, value);
        else if (CFStringCompare(label, kSecOIDCountryName, 0) == kCFCompareEqualTo)
          CFArrayAppendValue((CFMutableArrayRef)pCertName->countryName, value);
        else if (CFStringCompare(label, kSecOIDOrganizationName, 0) == kCFCompareEqualTo)
          CFArrayAppendValue((CFMutableArrayRef)pCertName->organization, value);
        else if (CFStringCompare(label, kSecOIDOrganizationalUnitName, 0) == kCFCompareEqualTo)
          CFArrayAppendValue((CFMutableArrayRef)pCertName->organizationalUnit, value);
        else if (CFStringCompare(label, kSecOIDCommonName, 0) == kCFCompareEqualTo)
          CFArrayAppendValue((CFMutableArrayRef)pCertName->commonName, value);
        else if (CFStringCompare(label, kSecOIDDescription, 0) == kCFCompareEqualTo)
          CFArrayAppendValue((CFMutableArrayRef)pCertName->description, value);
        else if (CFStringCompare(label, kSecOIDStateProvinceName, 0) == kCFCompareEqualTo)
          CFArrayAppendValue((CFMutableArrayRef)pCertName->stateName, value);
        else if (CFStringCompare(label, kSecOIDLocalityName, 0) == kCFCompareEqualTo)
          CFArrayAppendValue((CFMutableArrayRef)pCertName->localityName, value);
      }
      CFArrayAppendValue(fields, pCertName);
    }

  CFRelease(dict);
  CFRelease(keySelection);
  return fields;
}
コード例 #3
0
CFDataRef CreatePropertyFromCertificate(const SecCertificateRef& cert,
                                        const CFTypeRef& oid) {
  // Set the list of attributes.
  auto keys = CFArrayCreateMutable(nullptr, 0, &kCFTypeArrayCallBacks);
  CFArrayAppendValue(keys, oid); // SecCertificateOIDs.h

  // Request dictionary of dictionaries (one for each attribute).
  auto certificate_values = SecCertificateCopyValues(cert, keys, nullptr);
  CFRelease(keys);

  if (!CFDictionaryContainsKey(certificate_values, oid)) {
    // Certificate does not have the requested property.
    CFRelease(certificate_values);
    return nullptr;
  }

  auto values = (CFDictionaryRef)CFDictionaryGetValue(certificate_values, oid);
  if (!CFDictionaryContainsKey(values, kSecPropertyKeyValue)) {
    // Odd, there was not value in the property result.
    CFRelease(certificate_values);
    return nullptr;
  }

  // Create copy of the property value, which is an index to owned dict.
  auto property = (CFDataRef)CFDictionaryGetValue(values, kSecPropertyKeyValue);
  if (CFGetTypeID(property) == CFArrayGetTypeID()) {
    property = (CFDataRef)CFArrayCreateCopy(nullptr, (CFArrayRef)property);
  } else if (CFGetTypeID(property) == CFNumberGetTypeID()) {
    property = (CFDataRef)CFNumberCreateCopy((CFNumberRef)property);
  } else {
    property = nullptr;
  }

  // Release and give the caller control of the property.
  CFRelease(certificate_values);
  return property;
}
コード例 #4
0
char *
_mongoc_secure_transport_RFC2253_from_cert (SecCertificateRef cert)
{
   CFTypeRef value;
   bson_string_t *retval;
   CFTypeRef subject_name;
   CFDictionaryRef cert_dict;

   cert_dict = SecCertificateCopyValues (cert, NULL, NULL);
   if (!cert_dict) {
      return NULL;
   }

   subject_name = CFDictionaryGetValue (cert_dict, kSecOIDX509V1SubjectName);
   if (!subject_name) {
      CFRelease (cert_dict);
      return NULL;
   }

   subject_name = CFDictionaryGetValue (subject_name, kSecPropertyKeyValue);
   if (!subject_name) {
      CFRelease (cert_dict);
      return NULL;
   }

   retval = bson_string_new ("");;

   value = _mongoc_secure_transport_dict_get (subject_name, kSecOIDCommonName);
   _bson_append_cftyperef (retval, "CN=", value);

   value = _mongoc_secure_transport_dict_get (subject_name, kSecOIDOrganizationalUnitName);
   if (value) {
      /* Can be either one unit name, or array of unit names */
      if (CFGetTypeID(value) == CFStringGetTypeID()) {
         _bson_append_cftyperef (retval, ",OU=", value);
      } else if (CFGetTypeID(value) == CFArrayGetTypeID()) {
         CFIndex len = CFArrayGetCount(value);

         if (len > 0) {
            _bson_append_cftyperef (retval, ",OU=", CFArrayGetValueAtIndex(value, 0));
         }
         if (len > 1) {
            _bson_append_cftyperef (retval, ",", CFArrayGetValueAtIndex(value, 1));
         }
         if (len > 2) {
            _bson_append_cftyperef (retval, ",", CFArrayGetValueAtIndex(value, 2));
         }
      }
   }

   value = _mongoc_secure_transport_dict_get (subject_name, kSecOIDOrganizationName);
   _bson_append_cftyperef (retval, ",O=", value);

   value = _mongoc_secure_transport_dict_get (subject_name, kSecOIDLocalityName);
   _bson_append_cftyperef (retval, ",L=", value);

   value = _mongoc_secure_transport_dict_get (subject_name, kSecOIDStateProvinceName);
   _bson_append_cftyperef (retval, ",ST=", value);

   value = _mongoc_secure_transport_dict_get (subject_name, kSecOIDCountryName);
   _bson_append_cftyperef (retval, ",C=", value);

   /* This seems rarely used */
   value = _mongoc_secure_transport_dict_get (subject_name, kSecOIDStreetAddress);
   _bson_append_cftyperef (retval, ",STREET", value);

   CFRelease (cert_dict);
   return bson_string_free (retval, false);
}