int main(int argc, char *argv[]) { FILE *f; size_t len, elen; unsigned char *buf, *e; if (argc != 4) { printf("Usage: base64 <encode|decode> <in file> <out file>\n"); return -1; } buf = (unsigned char *) os_readfile(argv[2], &len); if (buf == NULL) return -1; if (strcmp(argv[1], "encode") == 0) e = base64_encode(buf, len, &elen); else e = base64_decode(buf, len, &elen); if (e == NULL) return -2; f = fopen(argv[3], "w"); if (f == NULL) return -3; fwrite(e, 1, elen, f); fclose(f); free(e); return 0; }
static void anqp_add_icon_binary_file(struct hostapd_data *hapd, struct wpabuf *buf, const u8 *name, size_t name_len) { struct hs20_icon *icon; size_t i; u8 *len; wpa_hexdump_ascii(MSG_DEBUG, "HS 2.0: Requested Icon Filename", name, name_len); for (i = 0; i < hapd->conf->hs20_icons_count; i++) { icon = &hapd->conf->hs20_icons[i]; if (name_len == os_strlen(icon->name) && os_memcmp(name, icon->name, name_len) == 0) break; } if (i < hapd->conf->hs20_icons_count) icon = &hapd->conf->hs20_icons[i]; else icon = NULL; len = gas_anqp_add_element(buf, ANQP_VENDOR_SPECIFIC); wpabuf_put_be24(buf, OUI_WFA); wpabuf_put_u8(buf, HS20_ANQP_OUI_TYPE); wpabuf_put_u8(buf, HS20_STYPE_ICON_BINARY_FILE); wpabuf_put_u8(buf, 0); /* Reserved */ if (icon) { char *data; size_t data_len; data = os_readfile(icon->file, &data_len); if (data == NULL || data_len > 65535) { wpabuf_put_u8(buf, 2); /* Download Status: * Unspecified file error */ wpabuf_put_u8(buf, 0); wpabuf_put_le16(buf, 0); } else { wpabuf_put_u8(buf, 0); /* Download Status: Success */ wpabuf_put_u8(buf, os_strlen(icon->type)); wpabuf_put_str(buf, icon->type); wpabuf_put_le16(buf, data_len); wpabuf_put_data(buf, data, data_len); } os_free(data); } else { wpabuf_put_u8(buf, 1); /* Download Status: File not found */ wpabuf_put_u8(buf, 0); wpabuf_put_le16(buf, 0); } gas_anqp_set_element_len(buf, len); }
int main(int argc, char *argv[]) { char *buf; size_t len; struct x509_certificate *certs = NULL, *last = NULL, *cert; int i, reason; wpa_debug_level = 0; if (argc < 3 || strcmp(argv[1], "-v") != 0) { printf("usage: test_x509v3 -v <cert1.der> <cert2.der> ..\n"); return -1; } for (i = 2; i < argc; i++) { printf("Reading: %s\n", argv[i]); buf = os_readfile(argv[i], &len); if (buf == NULL) { printf("Failed to read '%s'\n", argv[i]); return -1; } cert = x509_certificate_parse((u8 *) buf, len); if (cert == NULL) { printf("Failed to parse X.509 certificate\n"); return -1; } free(buf); if (certs == NULL) certs = cert; else last->next = cert; last = cert; } printf("\n\nValidating certificate chain\n"); if (x509_certificate_chain_validate(last, certs, &reason, 0) < 0) { printf("\nCertificate chain validation failed: %d\n", reason); return -1; } printf("\nCertificate chain is valid\n"); return 0; }
static int tncs_read_config(struct tncs_global *global) { char *config, *end, *pos, *line_end; size_t config_len; struct tnc_if_imv *imv, *last; int id = 0; last = NULL; config = os_readfile(TNC_CONFIG_FILE, &config_len); if (config == NULL) { wpa_printf(MSG_ERROR, "TNC: Could not open TNC configuration " "file '%s'", TNC_CONFIG_FILE); return -1; } end = config + config_len; for (pos = config; pos < end; pos = line_end + 1) { line_end = pos; while (*line_end != '\n' && *line_end != '\r' && line_end < end) line_end++; *line_end = '\0'; if (os_strncmp(pos, "IMV ", 4) == 0) { int error = 0; imv = tncs_parse_imv(id++, pos + 4, line_end, &error); if (error) return -1; if (imv) { if (last == NULL) global->imv = imv; else last->next = imv; last = imv; } } } os_free(config); return 0; }
int eap_fast_load_pac_bin(struct eap_sm *sm, struct eap_fast_pac **pac_root, const char *pac_file) { const struct wpa_config_blob *blob = NULL; u8 *buf, *end, *pos; size_t len, count = 0; struct eap_fast_pac *pac, *prev; *pac_root = NULL; if (pac_file == NULL) return -1; if (os_strncmp(pac_file, "blob://", 7) == 0) { blob = eap_get_config_blob(sm, pac_file + 7); if (blob == NULL) { wpa_printf(MSG_INFO, "EAP-FAST: No PAC blob '%s' - " "assume no PAC entries have been " "provisioned", pac_file + 7); return 0; } buf = blob->data; len = blob->len; } else { buf = (u8 *) os_readfile(pac_file, &len); if (buf == NULL) { wpa_printf(MSG_INFO, "EAP-FAST: No PAC file '%s' - " "assume no PAC entries have been " "provisioned", pac_file); return 0; } } if (len == 0) { if (blob == NULL) os_free(buf); return 0; } if (len < 6 || WPA_GET_BE32(buf) != EAP_FAST_PAC_BINARY_MAGIC || WPA_GET_BE16(buf + 4) != EAP_FAST_PAC_BINARY_FORMAT_VERSION) { wpa_printf(MSG_INFO, "EAP-FAST: Invalid PAC file '%s' (bin)", pac_file); if (blob == NULL) os_free(buf); return -1; } pac = prev = NULL; pos = buf + 6; end = buf + len; while (pos < end) { if (end - pos < 2 + 32 + 2 + 2) goto parse_fail; pac = os_zalloc(sizeof(*pac)); if (pac == NULL) goto parse_fail; pac->pac_type = WPA_GET_BE16(pos); pos += 2; os_memcpy(pac->pac_key, pos, EAP_FAST_PAC_KEY_LEN); pos += EAP_FAST_PAC_KEY_LEN; pac->pac_opaque_len = WPA_GET_BE16(pos); pos += 2; if (pos + pac->pac_opaque_len + 2 > end) goto parse_fail; pac->pac_opaque = os_malloc(pac->pac_opaque_len); if (pac->pac_opaque == NULL) goto parse_fail; os_memcpy(pac->pac_opaque, pos, pac->pac_opaque_len); pos += pac->pac_opaque_len; pac->pac_info_len = WPA_GET_BE16(pos); pos += 2; if (pos + pac->pac_info_len > end) goto parse_fail; pac->pac_info = os_malloc(pac->pac_info_len); if (pac->pac_info == NULL) goto parse_fail; os_memcpy(pac->pac_info, pos, pac->pac_info_len); pos += pac->pac_info_len; eap_fast_pac_get_a_id(pac); count++; if (prev) prev->next = pac; else *pac_root = pac; prev = pac; } if (blob == NULL) os_free(buf); wpa_printf(MSG_DEBUG, "EAP-FAST: Read %lu PAC entries from '%s' (bin)", (unsigned long) count, pac_file); return 0; parse_fail: wpa_printf(MSG_INFO, "EAP-FAST: Failed to parse PAC file '%s' (bin)", pac_file); if (blob == NULL) os_free(buf); if (pac) eap_fast_free_pac(pac); return -1; }
int est_load_cacerts(struct hs20_osu_client *ctx, const char *url) { char *buf, *resp; size_t buflen; unsigned char *pkcs7; size_t pkcs7_len, resp_len; int res; buflen = os_strlen(url) + 100; buf = os_malloc(buflen); if (buf == NULL) return -1; os_snprintf(buf, buflen, "%s/cacerts", url); wpa_printf(MSG_INFO, "Download EST cacerts from %s", buf); write_summary(ctx, "Download EST cacerts from %s", buf); ctx->no_osu_cert_validation = 1; http_ocsp_set(ctx->http, 1); res = http_download_file(ctx->http, buf, "Cert/est-cacerts.txt", ctx->ca_fname); http_ocsp_set(ctx->http, (ctx->workarounds & WORKAROUND_OCSP_OPTIONAL) ? 1 : 2); ctx->no_osu_cert_validation = 0; if (res < 0) { wpa_printf(MSG_INFO, "Failed to download EST cacerts from %s", buf); write_result(ctx, "Failed to download EST cacerts from %s", buf); os_free(buf); return -1; } os_free(buf); resp = os_readfile("Cert/est-cacerts.txt", &resp_len); if (resp == NULL) { wpa_printf(MSG_INFO, "Could not read Cert/est-cacerts.txt"); write_result(ctx, "Could not read EST cacerts"); return -1; } pkcs7 = base64_decode((unsigned char *) resp, resp_len, &pkcs7_len); if (pkcs7 && pkcs7_len < resp_len / 2) { wpa_printf(MSG_INFO, "Too short base64 decode (%u bytes; downloaded %u bytes) - assume this was binary", (unsigned int) pkcs7_len, (unsigned int) resp_len); os_free(pkcs7); pkcs7 = NULL; } if (pkcs7 == NULL) { wpa_printf(MSG_INFO, "EST workaround - Could not decode base64, assume this is DER encoded PKCS7"); pkcs7 = os_malloc(resp_len); if (pkcs7) { os_memcpy(pkcs7, resp, resp_len); pkcs7_len = resp_len; } } os_free(resp); if (pkcs7 == NULL) { wpa_printf(MSG_INFO, "Could not fetch PKCS7 cacerts"); write_result(ctx, "Could not fetch EST PKCS#7 cacerts"); return -1; } res = pkcs7_to_cert(ctx, pkcs7, pkcs7_len, "Cert/est-cacerts.pem", NULL); os_free(pkcs7); if (res < 0) { wpa_printf(MSG_INFO, "Could not parse CA certs from PKCS#7 cacerts response"); write_result(ctx, "Could not parse CA certs from EST PKCS#7 cacerts response"); return -1; } unlink("Cert/est-cacerts.txt"); return 0; }