static void
build_personal_name (void)
{
ASN1_TYPE asn1_pkix = NULL, asn;
guchar buffer[10024];
int res, len;
res = asn1_array2tree (pkix_asn1_tab, &asn1_pkix, NULL);
g_assert (res == ASN1_SUCCESS);
res = asn1_create_element (asn1_pkix, "PKIX1.PersonalName", &asn);
g_assert (res == ASN1_SUCCESS);
asn1_write_value (asn, "surname", "Turanga", 7);
asn1_write_value (asn, "given-name", "Leela", 5);
asn1_write_value (asn, "initials", NULL, 0);
asn1_write_value (asn, "generation-qualifier", "Alien", 5);
len = sizeof (buffer);
res = asn1_der_coding (asn, "", buffer, &len, NULL);
g_assert (res == ASN1_SUCCESS);
asn1_delete_structure (&asn);
asn1_delete_structure (&asn1_pkix);
if (!g_file_set_contents ("/tmp/personal-name.der", (gchar*)buffer, len, NULL))
g_assert (FALSE);
}
int
main (int argc,
char *argv[])
{
char message[ASN1_MAX_ERROR_DESCRIPTION_SIZE] = { 0, };
node_asn *definitions = NULL;
node_asn *oid = NULL;
char *buf;
int len;
int ret;
if (argc != 2) {
fprintf (stderr, "usage: frob-oid 1.1.1\n");
return 2;
}
ret = asn1_array2tree (pkix_asn1_tab, &definitions, message);
if (ret != ASN1_SUCCESS) {
fprintf (stderr, "definitions: %s\n", message);
return 1;
}
/* AttributeType is a OBJECT IDENTIFIER */
ret = asn1_create_element (definitions, "PKIX1.AttributeType", &oid);
err_if_fail (ret, "AttributeType");
ret = asn1_write_value (oid, "", argv[1], strlen (argv[1]));
err_if_fail (ret, "asn1_write_value");
len = 0;
ret = asn1_der_coding (oid, "", NULL, &len, message);
assert (ret == ASN1_MEM_ERROR);
buf = malloc (len);
assert (buf != NULL);
ret = asn1_der_coding (oid, "", buf, &len, message);
if (ret != ASN1_SUCCESS) {
fprintf (stderr, "asn1_der_coding: %s\n", message);
free (buf);
return 1;
}
fwrite (buf, 1, len, stdout);
fflush (stdout);
free (buf);
asn1_delete_structure (&oid);
asn1_delete_structure (&definitions);
return 0;
}
static int init_asn1(smb_session *s)
{
int res;
assert(s != NULL);
if (s->spnego_asn1 != NULL)
return DSM_ERROR_GENERIC;
res = asn1_array2tree(spnego_asn1_conf, &s->spnego_asn1, NULL);
if (res != ASN1_SUCCESS)
{
asn1_display_error("init_asn1", res);
return DSM_ERROR_GENERIC;
}
else
{
BDSM_dbg("init_asn1: ASN.1 parser initialized\n");
return DSM_SUCCESS;
}
}
int
main (int argc, char *argv[])
{
int result, der_len;
unsigned char der[1024];
ASN1_TYPE PKIX1Implicit88 = ASN1_TYPE_EMPTY;
char errorDescription[ASN1_MAX_ERROR_DESCRIPTION_SIZE];
if (1)
result =
asn1_array2tree (pkix_asn1_tab, &PKIX1Implicit88, errorDescription);
else
result =
asn1_parser2tree ("pkix.asn", &PKIX1Implicit88, errorDescription);
if (result != ASN1_SUCCESS)
{
asn1_perror (result);
printf ("%s", errorDescription);
exit (1);
}
/* Use the following 3 lines to visit the PKIX1Implicit structures */
/* printf("-----------------\n");
asn1_visit_tree(PKIX1Implicit88,"PKIX1Implicit88");
printf("-----------------\n"); */
der_len = 1024;
create_certificate (PKIX1Implicit88, der, &der_len);
get_certificate (PKIX1Implicit88, der, der_len);
/* Clear the "PKIX1Implicit88" structures */
asn1_delete_structure (&PKIX1Implicit88);
return 0;
}
int
main (int argc, char *argv[])
{
FILE *fpin, *fpout;
const char *fileNameIn;
const char *fileNameOut;
unsigned char buffer[MAX_LENGTH_INT];
unsigned char newBuffer[2*MAX_LENGTH_INT];
char params[MAX_LENGTH_CMD];
char str[MAX_LENGTH_VAR]; // Number of polynomial or integer of a polynomial
char n[MAX_LENGTH_VAR]; // Number of variables as a string
char o[MAX_LENGTH_VAR]; // Number of polynomials as a string
int nn; // Number of variables as an integer
int oo; // Number of polynomials as an integer
int i, j;
int result, der_len;
unsigned char der[MAX_DER_SIZE], ch[1];
/******* Define input and output files *******/
if (argc < 3)
{
printf("\nusage: %s ASN1BinaryFile PublicKeyIntFile\n\n", argv[0]);
exit(1);
}
else
{
fileNameIn = argv[1];
fileNameOut = argv[2];
fpin = fopen(fileNameIn, "rb");
if (!fpin)
{
printf("\nError openning file: %s\n\n", fileNameIn);
exit(1);
}
fpout = fopen(fileNameOut, "w");
if (!fpout)
{
fclose(fpin);
printf("\nError openning file: %s\n\n", fileNameOut);
exit(1);
}
}
printf("\nDecoding an ASN.1 file (%s), into a text file (%s)\n", fileNameIn, fileNameOut);
/******* ASN.1 initialization *******/
ASN1_TYPE PK_def = ASN1_TYPE_EMPTY;
ASN1_TYPE PK_dec = ASN1_TYPE_EMPTY;
char errorDescription[ASN1_MAX_ERROR_DESCRIPTION_SIZE];
// Creates definition structures needed to manage the ASN.1 definitions
result = asn1_array2tree(pkInt_asn1_tab, &PK_def, errorDescription);
if (result != ASN1_SUCCESS)
{
asn1_perror(result);
printf ("%s\n", errorDescription);
exit (1);
}
// Creates a structure of type "PKInt" (from *.asn definition file)
result = asn1_create_element(PK_def, "PKInt.PublicKey", &PK_dec);
if ( result != ASN1_SUCCESS )
{
printf("\nCould not create a new element to DECODE: %d\n", result);
exit(1);
}
/******* Read data from input file *******/
der_len = i = 0;
while ( 1 == fread(ch, 1, 1, fpin) )
{
der[i] = ch[0];
i++;
der_len++;
}
result = asn1_der_decoding(&PK_dec, der, der_len, errorDescription);
if ( result != ASN1_SUCCESS )
{
printf("\nCould not make a DER decoding: %d\n", result);
printf("Error description: %s\n", errorDescription);
asn1_perror(result);
exit(2);
}
/*printf("------------DEC-----------------\n");
asn1_print_structure(stdout, PK_dec, "", ASN1_PRINT_ALL);
printf("--------------------------------\n");*/
clrBuff(buffer, MAX_LENGTH_INT); // Necesary because asn1 functions just put data in buffer
// without terminating it with 0x0!!!
der_len = MAX_LENGTH_INT;
result = asn1_read_value(PK_dec, "noVars", buffer, &der_len);
if ( result != ASN1_SUCCESS )
{
printf("\nCould not make a DER decoding (noVars): %d\n", result);
printf("Error description: %s\n", errorDescription);
exit(1);
}
nn = atoi(buffer);
clrBuff(buffer, MAX_LENGTH_INT);
der_len = MAX_LENGTH_INT;
result = asn1_read_value(PK_dec, "noPoly", buffer, &der_len);
if ( result != ASN1_SUCCESS )
{
printf("\nCould not make a DER decoding (noPoly): %d\n", result);
printf("Error description: %s\n", errorDescription);
exit(1);
}
oo = atoi(buffer);
printf("Number of variables: %d\nNumber of polynomials: %d\n", nn, oo);
/******* Write 'n' and 'o' to output file ******/
sprintf(str, "%d", nn);
fprintf(fpout, "%s\n", str);
sprintf(str, "%d", oo);
fprintf(fpout, "%s\n", str);
// ******* Read all integers representing the polynomials *******
nn = nn + 2; // +2 because of linear terms vector and constant term
for ( i=0; i<oo; i++ )
{
for ( j=0; j<nn; j++)
{
der_len = MAX_LENGTH_INT;
sprintf(o, "%d", i+1); // Number of polynomial as string in 'o'
sprintf(n, "%d", j+1); // Number of integer as string in 'n'
strcpy(params, "polys.?");
strcat(params, o);
strcat(params, ".intData.?");
strcat(params, n);
clrBuff(buffer, MAX_LENGTH_INT);
result = asn1_read_value(PK_dec, params, buffer, &der_len);
/******* Write that integer (as a string) to output file *******/
fprintf(fpout, "%s", buffer);
fprintf(fpout, " ");
if ( j == nn - 1 )
fprintf(fpout, "\n");
if ( result != ASN1_SUCCESS )
{
asn1_perror(result);
printf("Could not write value in 'intData', i: %d\n", i);
exit(4);
}
}
}
printf("...Done!\n\n");
/******* Closing program *******/
asn1_delete_structure(&PK_dec);
asn1_delete_structure(&PK_def);
fclose(fpin);
fclose(fpout);
return 0;
}
/**
* gnutls_global_init:
*
* This function initializes the global data to defaults. Every
* gnutls application has a global data which holds common parameters
* shared by gnutls session structures. You should call
* gnutls_global_deinit() when gnutls usage is no longer needed
*
* Note that this function will also initialize libgcrypt, if it has
* not been initialized before. Thus if you want to manually
* initialize libgcrypt you must do it before calling this function.
* This is useful in cases you want to disable libgcrypt's internal
* lockings etc.
*
* This function increment a global counter, so that
* gnutls_global_deinit() only releases resources when it has been
* called as many times as gnutls_global_init(). This is useful when
* GnuTLS is used by more than one library in an application. This
* function can be called many times, but will only do something the
* first time.
*
* Note! This function is not thread safe. If two threads call this
* function simultaneously, they can cause a race between checking
* the global counter and incrementing it, causing both threads to
* execute the library initialization code. That would lead to a
* memory leak. To handle this, your application could invoke this
* function after aquiring a thread mutex. To ignore the potential
* memory leak is also an option.
*
* Returns: On success, %GNUTLS_E_SUCCESS (zero) is returned,
* otherwise an error code is returned.
**/
int
gnutls_global_init (void)
{
int result = 0;
int res;
if (_gnutls_init++)
goto out;
if (gl_sockets_startup (SOCKETS_1_1))
return GNUTLS_E_LIBRARY_VERSION_MISMATCH;
bindtextdomain (PACKAGE, LOCALEDIR);
/* Initialize libgcrypt if it hasn't already been initialized. */
if (gcry_control (GCRYCTL_ANY_INITIALIZATION_P) == 0)
{
const char *p;
p = gcry_check_version (GNUTLS_MIN_LIBGCRYPT_VERSION);
if (p == NULL)
{
gnutls_assert ();
_gnutls_debug_log ("Checking for libgcrypt failed: %s < %s\n",
gcry_check_version (NULL),
GNUTLS_MIN_LIBGCRYPT_VERSION);
return GNUTLS_E_INCOMPATIBLE_GCRYPT_LIBRARY;
}
/* for gcrypt in order to be able to allocate memory */
gcry_control (GCRYCTL_DISABLE_SECMEM, NULL, 0);
gcry_control (GCRYCTL_INITIALIZATION_FINISHED, NULL, 0);
}
/* initialize ASN.1 parser
* This should not deal with files in the final
* version.
*/
if (asn1_check_version (GNUTLS_MIN_LIBTASN1_VERSION) == NULL)
{
gnutls_assert ();
_gnutls_debug_log ("Checking for libtasn1 failed: %s < %s\n",
asn1_check_version (NULL),
GNUTLS_MIN_LIBTASN1_VERSION);
return GNUTLS_E_INCOMPATIBLE_LIBTASN1_LIBRARY;
}
res = asn1_array2tree (pkix_asn1_tab, &_gnutls_pkix1_asn, NULL);
if (res != ASN1_SUCCESS)
{
result = _gnutls_asn2err (res);
goto out;
}
res = asn1_array2tree (gnutls_asn1_tab, &_gnutls_gnutls_asn, NULL);
if (res != ASN1_SUCCESS)
{
asn1_delete_structure (&_gnutls_pkix1_asn);
result = _gnutls_asn2err (res);
goto out;
}
/* Initialize the random generator */
result = _gnutls_rnd_init ();
if (result < 0)
{
gnutls_assert ();
goto out;
}
/* Initialize the default TLS extensions */
result = _gnutls_ext_init ();
if (result < 0)
{
gnutls_assert ();
goto out;
}
_gnutls_cryptodev_init ();
out:
return result;
}
static int _gnutls_global_init(unsigned constructor)
{
int ret = 0, res;
int level;
const char* e;
if (!constructor) {
GNUTLS_STATIC_MUTEX_LOCK(global_init_mutex);
}
_gnutls_init++;
if (_gnutls_init > 1) {
if (_gnutls_init == 2 && _gnutls_init_ret == 0) {
/* some applications may close the urandom fd
* before calling gnutls_global_init(). in that
* case reopen it */
ret = _gnutls_rnd_check();
if (ret < 0) {
gnutls_assert();
goto out;
}
}
ret = _gnutls_init_ret;
goto out;
}
_gnutls_switch_lib_state(LIB_STATE_INIT);
e = secure_getenv("GNUTLS_DEBUG_LEVEL");
if (e != NULL) {
level = atoi(e);
gnutls_global_set_log_level(level);
if (_gnutls_log_func == NULL)
gnutls_global_set_log_function(default_log_func);
_gnutls_debug_log("Enabled GnuTLS "VERSION" logging...\n");
}
#ifdef HAVE_DCGETTEXT
bindtextdomain(PACKAGE, LOCALEDIR);
#endif
res = gnutls_crypto_init();
if (res != 0) {
gnutls_assert();
ret = GNUTLS_E_CRYPTO_INIT_FAILED;
goto out;
}
ret = _gnutls_system_key_init();
if (ret != 0) {
gnutls_assert();
}
/* initialize ASN.1 parser
*/
if (asn1_check_version(GNUTLS_MIN_LIBTASN1_VERSION) == NULL) {
gnutls_assert();
_gnutls_debug_log
("Checking for libtasn1 failed: %s < %s\n",
asn1_check_version(NULL),
GNUTLS_MIN_LIBTASN1_VERSION);
ret = GNUTLS_E_INCOMPATIBLE_LIBTASN1_LIBRARY;
goto out;
}
_gnutls_pkix1_asn = ASN1_TYPE_EMPTY;
res = asn1_array2tree(pkix_asn1_tab, &_gnutls_pkix1_asn, NULL);
if (res != ASN1_SUCCESS) {
gnutls_assert();
ret = _gnutls_asn2err(res);
goto out;
}
res = asn1_array2tree(gnutls_asn1_tab, &_gnutls_gnutls_asn, NULL);
if (res != ASN1_SUCCESS) {
gnutls_assert();
ret = _gnutls_asn2err(res);
goto out;
}
/* Initialize the random generator */
ret = _gnutls_rnd_preinit();
if (ret < 0) {
gnutls_assert();
goto out;
}
/* Initialize the default TLS extensions */
ret = _gnutls_ext_init();
if (ret < 0) {
gnutls_assert();
goto out;
}
ret = gnutls_mutex_init(&_gnutls_file_mutex);
if (ret < 0) {
gnutls_assert();
goto out;
}
ret = gnutls_mutex_init(&_gnutls_pkcs11_mutex);
if (ret < 0) {
gnutls_assert();
goto out;
}
ret = gnutls_system_global_init();
if (ret < 0) {
gnutls_assert();
goto out;
}
#ifndef _WIN32
ret = _gnutls_register_fork_handler();
if (ret < 0) {
gnutls_assert();
goto out;
}
#endif
#ifdef ENABLE_FIPS140
res = _gnutls_fips_mode_enabled();
/* res == 1 -> fips140-2 mode enabled
* res == 2 -> only self checks performed - but no failure
* res == not in fips140 mode
*/
if (res != 0) {
_gnutls_debug_log("FIPS140-2 mode: %d\n", res);
_gnutls_priority_update_fips();
/* first round of self checks, these are done on the
* nettle algorithms which are used internally */
ret = _gnutls_fips_perform_self_checks1();
if (res != 2) {
if (ret < 0) {
gnutls_assert();
goto out;
}
}
}
#endif
_gnutls_register_accel_crypto();
_gnutls_cryptodev_init();
_gnutls_load_system_priorities();
#ifdef ENABLE_FIPS140
/* These self tests are performed on the overriden algorithms
* (e.g., AESNI overriden AES). They are after _gnutls_register_accel_crypto()
* intentionally */
if (res != 0) {
ret = _gnutls_fips_perform_self_checks2();
if (res != 2) {
if (ret < 0) {
gnutls_assert();
goto out;
}
}
_gnutls_fips_mode_reset_zombie();
}
#endif
_gnutls_switch_lib_state(LIB_STATE_OPERATIONAL);
ret = 0;
out:
_gnutls_init_ret = ret;
if (!constructor) {
GNUTLS_STATIC_MUTEX_UNLOCK(global_init_mutex);
}
return ret;
}
/**
* gnutls_global_init:
*
* This function performs any required precalculations, detects
* the supported CPU capabilities and initializes the underlying
* cryptographic backend. In order to free any resources
* taken by this call you should gnutls_global_deinit()
* when gnutls usage is no longer needed.
*
* This function increments a global counter, so that
* gnutls_global_deinit() only releases resources when it has been
* called as many times as gnutls_global_init(). This is useful when
* GnuTLS is used by more than one library in an application. This
* function can be called many times, but will only do something the
* first time.
*
* Since GnuTLS 3.3.0 this function is only required in systems that
* do not support library constructors and static linking. This
* function also became thread safe.
*
* Returns: On success, %GNUTLS_E_SUCCESS (0) is returned,
* otherwise a negative error code is returned.
**/
int gnutls_global_init(void)
{
int ret = 0, res;
int level;
const char* e;
GNUTLS_STATIC_MUTEX_LOCK(global_init_mutex);
_gnutls_init++;
if (_gnutls_init > 1) {
ret = 0;
goto out;
}
_gnutls_switch_lib_state(LIB_STATE_INIT);
e = getenv("GNUTLS_DEBUG_LEVEL");
if (e != NULL) {
level = atoi(e);
gnutls_global_set_log_level(level);
if (_gnutls_log_func == NULL)
gnutls_global_set_log_function(default_log_func);
_gnutls_debug_log("Enabled GnuTLS logging...\n");
}
bindtextdomain(PACKAGE, LOCALEDIR);
res = gnutls_crypto_init();
if (res != 0) {
gnutls_assert();
ret = GNUTLS_E_CRYPTO_INIT_FAILED;
goto out;
}
/* initialize ASN.1 parser
*/
if (asn1_check_version(GNUTLS_MIN_LIBTASN1_VERSION) == NULL) {
gnutls_assert();
_gnutls_debug_log
("Checking for libtasn1 failed: %s < %s\n",
asn1_check_version(NULL),
GNUTLS_MIN_LIBTASN1_VERSION);
ret = GNUTLS_E_INCOMPATIBLE_LIBTASN1_LIBRARY;
goto out;
}
res = asn1_array2tree(pkix_asn1_tab, &_gnutls_pkix1_asn, NULL);
if (res != ASN1_SUCCESS) {
ret = _gnutls_asn2err(res);
goto out;
}
res = asn1_array2tree(gnutls_asn1_tab, &_gnutls_gnutls_asn, NULL);
if (res != ASN1_SUCCESS) {
ret = _gnutls_asn2err(res);
goto out;
}
/* Initialize the random generator */
ret = _gnutls_rnd_init();
if (ret < 0) {
gnutls_assert();
goto out;
}
/* Initialize the default TLS extensions */
ret = _gnutls_ext_init();
if (ret < 0) {
gnutls_assert();
goto out;
}
ret = gnutls_mutex_init(&_gnutls_file_mutex);
if (ret < 0) {
gnutls_assert();
goto out;
}
ret = gnutls_mutex_init(&_gnutls_pkcs11_mutex);
if (ret < 0) {
gnutls_assert();
goto out;
}
ret = gnutls_system_global_init();
if (ret < 0) {
gnutls_assert();
goto out;
}
_gnutls_register_accel_crypto();
_gnutls_cryptodev_init();
#ifdef ENABLE_FIPS140
/* Perform FIPS140 checks last, so that all modules
* have been loaded */
res = _gnutls_fips_mode_enabled();
/* res == 1 -> fips140-2 mode enabled
* res == 2 -> only self checks performed - but no failure
* res == not in fips140 mode
*/
if (res != 0) {
_gnutls_priority_update_fips();
ret = _gnutls_fips_perform_self_checks();
if (res != 2) {
if (ret < 0) {
gnutls_assert();
goto out;
}
}
}
#endif
_gnutls_switch_lib_state(LIB_STATE_OPERATIONAL);
ret = 0;
out:
GNUTLS_STATIC_MUTEX_UNLOCK(global_init_mutex);
return ret;
}
/**
* gnutls_global_init - This function initializes the global data to defaults.
*
* This function initializes the global data to defaults.
* Every gnutls application has a global data which holds common parameters
* shared by gnutls session structures.
* You must call gnutls_global_deinit() when gnutls usage is no longer needed
* Returns zero on success.
*
* Note that this function will also initialize libgcrypt, if it has not
* been initialized before. Thus if you want to manually initialize libgcrypt
* you must do it before calling this function. This is useful in cases you
* want to disable libgcrypt's internal lockings etc.
*
* This function increment a global counter, so that
* gnutls_global_deinit() only releases resources when it has been
* called as many times as gnutls_global_init(). This is useful when
* GnuTLS is used by more than one library in an application. This
* function can be called many times, but will only do something the
* first time.
*
* Note! This function is not thread safe. If two threads call this
* function simultaneously, they can cause a race between checking
* the global counter and incrementing it, causing both threads to
* execute the library initialization code. That would lead to a
* memory leak. To handle this, your application could invoke this
* function after aquiring a thread mutex. To ignore the potential
* memory leak is also an option.
*
**/
int
gnutls_global_init (void)
{
int result = 0;
int res;
char c;
if (_gnutls_init++)
goto out;
#if HAVE_WINSOCK
{
WORD requested;
WSADATA data;
int err;
requested = MAKEWORD (1, 1);
err = WSAStartup (requested, &data);
if (err != 0)
{
_gnutls_debug_log ("WSAStartup failed: %d.\n", err);
return GNUTLS_E_LIBRARY_VERSION_MISMATCH;
}
if (data.wVersion < requested)
{
_gnutls_debug_log ("WSAStartup version check failed (%d < %d).\n",
data.wVersion, requested);
WSACleanup ();
return GNUTLS_E_LIBRARY_VERSION_MISMATCH;
}
}
#endif
bindtextdomain (PACKAGE, LOCALEDIR);
if (gcry_control (GCRYCTL_ANY_INITIALIZATION_P) == 0)
{
const char *p;
p = strchr (GNUTLS_GCRYPT_VERSION, ':');
if (p == NULL)
p = GNUTLS_GCRYPT_VERSION;
else
p++;
if (gcry_check_version (p) == NULL)
{
gnutls_assert ();
_gnutls_debug_log ("Checking for libgcrypt failed '%s'\n", p);
return GNUTLS_E_INCOMPATIBLE_GCRYPT_LIBRARY;
}
/* for gcrypt in order to be able to allocate memory */
gcry_set_allocation_handler (gnutls_malloc, gnutls_secure_malloc,
_gnutls_is_secure_memory, gnutls_realloc,
gnutls_free);
/* gcry_control (GCRYCTL_DISABLE_INTERNAL_LOCKING, NULL, 0); */
gcry_control (GCRYCTL_INITIALIZATION_FINISHED, NULL, 0);
#ifdef DEBUG
/* applications may want to override that, so we only use
* it in debugging mode.
*/
gcry_set_log_handler (_gnutls_gcry_log_handler, NULL);
#endif
}
if (gc_init () != GC_OK)
{
gnutls_assert ();
_gnutls_debug_log ("Initializing crypto backend failed\n");
return GNUTLS_E_INCOMPATIBLE_CRYPTO_LIBRARY;
}
/* for gcrypt in order to be able to allocate memory */
gc_set_allocators (gnutls_malloc, gnutls_secure_malloc,
_gnutls_is_secure_memory, gnutls_realloc, gnutls_free);
#ifdef DEBUG
gnutls_global_set_log_function (dlog);
#endif
/* initialize parser
* This should not deal with files in the final
* version.
*/
if (asn1_check_version (GNUTLS_LIBTASN1_VERSION) == NULL)
{
gnutls_assert ();
return GNUTLS_E_INCOMPATIBLE_LIBTASN1_LIBRARY;
}
res = asn1_array2tree (pkix_asn1_tab, &_gnutls_pkix1_asn, NULL);
if (res != ASN1_SUCCESS)
{
result = _gnutls_asn2err (res);
goto out;
}
res = asn1_array2tree (gnutls_asn1_tab, &_gnutls_gnutls_asn, NULL);
if (res != ASN1_SUCCESS)
{
asn1_delete_structure (&_gnutls_pkix1_asn);
result = _gnutls_asn2err (res);
goto out;
}
/* Initialize the gcrypt (if used random generator) */
gc_pseudo_random (&c, 1);
out:
return result;
}
static gnutls_pubkey_t
create_rsa_from_modulus(unsigned char *modulus, unsigned int modulus_len,
uint32_t exponent)
{
unsigned char exp_array[4];
uint32_t exponent_no = htonl(exponent);
gnutls_pubkey_t rsa = NULL;
gnutls_datum_t mod;
gnutls_datum_t exp = {
.data = exp_array,
.size = sizeof(exp_array),
};
int err;
memcpy(exp_array, &exponent_no, sizeof(exp_array));
err = gnutls_pubkey_init(&rsa);
if (err < 0) {
fprintf(stderr, "Could not initialized public key structure : %s\n",
gnutls_strerror(err));
return NULL;
}
mod.data = modulus;
mod.size = modulus_len;
err = gnutls_pubkey_import_rsa_raw(rsa, &mod, &exp);
if (err < 0) {
fprintf(stderr, "Could not set modulus and exponent on RSA key : %s\n",
gnutls_strerror(err));
gnutls_pubkey_deinit(rsa);
rsa = NULL;
}
return rsa;
}
static int
asn_init()
{
static bool inited;
int err;
if (inited)
return ASN1_SUCCESS;
err = asn1_array2tree(tpm_asn1_tab, &_tpm_asn, NULL);
if (err != ASN1_SUCCESS) {
fprintf(stderr, "array2tree error: %d", err);
goto cleanup;
}
inited = true;
cleanup:
return err;
}
static int
create_tpm_manufacturer_info(const char *manufacturer,
const char *tpm_model,
const char *tpm_version,
gnutls_datum_t *asn1)
{
ASN1_TYPE at = ASN1_TYPE_EMPTY;
int err;
err = asn_init();
if (err != ASN1_SUCCESS) {
goto cleanup;
}
err = asn1_create_element(_tpm_asn, "TPM.TPMManufacturerInfo", &at);
if (err != ASN1_SUCCESS) {
fprintf(stderr, "asn1_create_element error: %d\n", err);
goto cleanup;
}
err = asn1_write_value(at, "tpmManufacturer.id", "2.23.133.2.1", 0);
if (err != ASN1_SUCCESS) {
fprintf(stderr, "1. asn1_write_value error: %d\n", err);
goto cleanup;
}
err = asn1_write_value(at, "tpmManufacturer.manufacturer",
manufacturer, 0);
if (err != ASN1_SUCCESS) {
fprintf(stderr, "2. asn1_write_value error: %d\n", err);
goto cleanup;
}
err = asn1_write_value(at, "tpmModel.id", "2.23.133.2.2", 0);
if (err != ASN1_SUCCESS) {
fprintf(stderr, "3. asn1_write_value error: %d\n", err);
goto cleanup;
}
err = asn1_write_value(at, "tpmModel.model", manufacturer, 0);
if (err != ASN1_SUCCESS) {
fprintf(stderr, "4. asn1_write_value error: %d\n", err);
goto cleanup;
}
err = asn1_write_value(at, "tpmVersion.id", "2.23.133.2.3", 0);
if (err != ASN1_SUCCESS) {
fprintf(stderr, "5. asn1_write_value error: %d\n", err);
goto cleanup;
}
err = asn1_write_value(at, "tpmVersion.version", manufacturer, 0);
if (err != ASN1_SUCCESS) {
fprintf(stderr, "6. asn1_write_value error: %d\n", err);
goto cleanup;
}
/* determine needed size of byte array */
asn1->size = 0;
err = asn1_der_coding(at, "", NULL, (int *)&asn1->size, NULL);
if (err != ASN1_MEM_ERROR) {
fprintf(stderr, "1. asn1_der_coding error: %d\n", err);
goto cleanup;
}
//fprintf(stderr, "size=%d\n", asn1->size);
asn1->data = gnutls_malloc(asn1->size + 16);
err = asn1_der_coding(at, "", asn1->data, (int *)&asn1->size, NULL);
if (err != ASN1_SUCCESS) {
fprintf(stderr, "2. asn1_der_coding error: %d\n", err);
gnutls_free(asn1->data);
asn1->data = NULL;
goto cleanup;
}
#if 0
fprintf(stderr, "size=%d\n", asn1->size);
unsigned int i = 0;
for (i = 0; i < asn1->size; i++) {
fprintf(stderr, "%02x ", asn1->data[i]);
}
fprintf(stderr, "\n");
#endif
cleanup:
asn1_delete_structure(&at);
return err;
}
/**
* gnutls_global_init:
*
* This function performs any required precalculations, detects
* the supported CPU capabilities and initializes the underlying
* cryptographic backend. In order to free any resources
* taken by this call you should gnutls_global_deinit()
* when gnutls usage is no longer needed.
*
* This function increments a global counter, so that
* gnutls_global_deinit() only releases resources when it has been
* called as many times as gnutls_global_init(). This is useful when
* GnuTLS is used by more than one library in an application. This
* function can be called many times, but will only do something the
* first time.
*
* Note! This function is not thread safe. If two threads call this
* function simultaneously, they can cause a race between checking
* the global counter and incrementing it, causing both threads to
* execute the library initialization code. That would lead to a
* memory leak. To handle this, your application could invoke this
* function after aquiring a thread mutex. To ignore the potential
* memory leak is also an option.
*
* Returns: On success, %GNUTLS_E_SUCCESS (0) is returned,
* otherwise a negative error code is returned.
**/
int
gnutls_global_init (void)
{
int result = 0;
int res;
if (_gnutls_init++)
goto out;
if (gl_sockets_startup (SOCKETS_1_1))
return gnutls_assert_val(GNUTLS_E_FILE_ERROR);
bindtextdomain (PACKAGE, LOCALEDIR);
res = gnutls_crypto_init ();
if (res != 0)
{
gnutls_assert ();
return GNUTLS_E_CRYPTO_INIT_FAILED;
}
_gnutls_register_accel_crypto();
/* initialize ASN.1 parser
* This should not deal with files in the final
* version.
*/
if (asn1_check_version (GNUTLS_MIN_LIBTASN1_VERSION) == NULL)
{
gnutls_assert ();
_gnutls_debug_log ("Checking for libtasn1 failed: %s < %s\n",
asn1_check_version (NULL),
GNUTLS_MIN_LIBTASN1_VERSION);
return GNUTLS_E_INCOMPATIBLE_LIBTASN1_LIBRARY;
}
res = asn1_array2tree (pkix_asn1_tab, &_gnutls_pkix1_asn, NULL);
if (res != ASN1_SUCCESS)
{
result = _gnutls_asn2err (res);
goto out;
}
res = asn1_array2tree (gnutls_asn1_tab, &_gnutls_gnutls_asn, NULL);
if (res != ASN1_SUCCESS)
{
result = _gnutls_asn2err (res);
goto out;
}
/* Initialize the random generator */
result = _gnutls_rnd_init ();
if (result < 0)
{
gnutls_assert ();
goto out;
}
/* Initialize the default TLS extensions */
result = _gnutls_ext_init ();
if (result < 0)
{
gnutls_assert ();
goto out;
}
result = gnutls_mutex_init(&_gnutls_file_mutex);
if (result < 0)
{
gnutls_assert();
goto out;
}
result = gnutls_system_global_init ();
if (result < 0)
{
gnutls_assert ();
goto out;
}
#ifdef ENABLE_PKCS11
gnutls_pkcs11_init (GNUTLS_PKCS11_FLAG_AUTO, NULL);
#endif
_gnutls_cryptodev_init ();
out:
return result;
}