std::vector<uint8_t> Buf1() {
SequenceRecord_I_IO_I_t val1;
memset(&val1, 0, sizeof(val1));
val1.type = 1;
val1.type3 = 3;
SequenceRecord_I_IO_I_t val3;
memset(&val3, 0, sizeof(val3));
val3.type = -1;
val3.type3 = -3;
std::vector<uint8_t> buf(DEFAULT_BUF_SIZE);
SetRecord_ISet_Seqs_of_seq_t rec;
memset(&rec, 0, sizeof(rec));
asn_set_add(&rec.set.field1, &val1);
asn_set_add(&rec.set.field3, &val3);
asn_enc_rval_t rval;
rval = der_encode_to_buffer(&asn_DEF_SetRecord_ISet_Seqs_of_seq, &rec, (void*)buf.data(), buf.size());
if (rval.encoded >= 0) {
buf.resize(rval.encoded);
} else {
printf("cannot encode record in Buf1");
exit(0);
}
return std::move(buf);
}
// Dodaj certyfikat do listy certyfikat�.
// Najpierw sprawd, czy taki jest obecny na licie
// Certyfikat jest umieszczany jako kopia !
long SignedData_add_Certificate(SignedData_t *sigData, Certificate_t *cert)
{
long err = 0;
CertificateChoices_t *cc = NULL;
Certificate_t *cptr = NULL;
if (( sigData == NULL ) || ( cert == NULL ))
return ERR_WRONG_ARGUMENT;
err = SignedData_is_Certificate(sigData, cert);
if ( err < 0 )
return err;
if ( err == 1 )
return 0;
if ( sigData->certificates == NULL )
{
sigData->certificates = mallocStructure(sizeof(CertificateSet_t));
if ( sigData->certificates == NULL )
return ERR_NO_MEMORY;
// memset(sigData->certificates, 0, sizeof(CertificateSet_t));
}
cc = mallocStructure(sizeof(CertificateChoices_t));
if ( cc == NULL )
return ERR_NO_MEMORY;
// memset(cc, 0, sizeof(CertificateChoices_t));
cc->present = CertificateChoices_PR_certificate;
cptr = &cc->choice.certificate;
/*cptr = NULL;*/
asn_cloneContent(&asn_DEF_Certificate, (void *)cert, (void **)&cptr);
// memmove(&(cc->choice), cert, sizeof(Certificate_t));
if ( asn_set_add(&(sigData->certificates->list), cc) )
return ERR_OPERATION_FAILED;
return 0;
}
/*
* Dodanie do listy algorytmow nowego algorytmu.
* Funkcja przy dodawaniu sprawdza, czy dany algorytm juz istnieje,
* jezeli stwierdzi istnienie, nie zwraca bledu.
*/
long SignedData_add_DigestAlgorithm(SignedData_t *sigData, DigestAlgorithmIdentifier_t *digest)
{
long err = 0;
long i;
long *arcs = NULL;
long arccnt;
if (( sigData == NULL ) || ( digest == NULL ))
return ERR_WRONG_ARGUMENT;
arccnt = OID_to_ulong_alloc2(&(digest->algorithm), &arcs);
if ( arccnt < 0 )
return ERR_OPERATION_FAILED;
// sprawdz, czy nie jest ju na liscie
for (i =0; i<sigData->digestAlgorithms.list.count; i++)
{
AlgorithmIdentifier_t *aid = sigData->digestAlgorithms.list.array[i];
if ( !AlgorithmIdentifier_cmp_OID(aid, arcs, arccnt) )
{
free(arcs);
return 0;
}
}
if ( asn_set_add(&(sigData->digestAlgorithms.list), digest) != 0 )
{
free(arcs);
return ERR_OPERATION_FAILED;
}
free(arcs);
return err;
}
// Dodanie listy CRL do struktury SignedData
// Struktura jest dodawana poprzez wykonanie kopiowania
long SignedData_add_CRL(SignedData_t *sigData, CertificateList_t *crl)
{
RevocationInfoChoice_t *rc = NULL;
CertificateList_t *clptr = NULL;
if ((sigData == NULL) || (crl == NULL))
return ERR_WRONG_ARGUMENT;
if ( sigData->crls == NULL )
{
sigData->crls = mallocStructure(sizeof(RevocationInfoChoices_t));
if ( sigData->crls == NULL )
return ERR_NO_MEMORY;
// memset(sigData->crls, 0, sizeof(RevocationInfoChoices_t));
}
rc = mallocStructure(sizeof(RevocationInfoChoice_t));
if ( rc == NULL )
return ERR_NO_MEMORY;
// memset(rc, 0, sizeof(RevocationInfoChoice_t));
rc->present = RevocationInfoChoice_PR_crl;
clptr = &(rc->choice.crl);
/*clptr=NULL;*/
asn_cloneContent(&asn_DEF_CertificateList, (void *)crl, (void **)&clptr);
if ( asn_set_add(&(sigData->crls->list), rc) )
return ERR_OPERATION_FAILED;
return 0;
}
// Dodaj certyfikat do listy certyfikat�.
// Najpierw sprawd, czy taki jest obecny na licie
// Certyfikat jest umieszczany jako kopia !
long EnvelopedData_add_Certificate(EnvelopedData_t *envData, Certificate_t *cert)
{
long err = 0;
CertificateChoices_t *cc = NULL;
Certificate_t *cptr = NULL;
if (( envData == NULL ) || ( cert == NULL ))
return ERR_WRONG_ARGUMENT;
err = EnvelopedData_is_Certificate(envData, cert);
if ( err < 0 )
return err;
if ( err == 1 )
return 0;
// budowanie struktur zawierajacych
if ( envData->originatorInfo == NULL )
envData->originatorInfo = mallocStructure(sizeof(OriginatorInfo_t));
if ( envData->originatorInfo == NULL )
return ERR_NO_MEMORY;
envData->originatorInfo->certs = mallocStructure(sizeof(CertificateSet_t));
if ( envData->originatorInfo->certs == NULL )
return ERR_NO_MEMORY;
// budowanie struktury dla certyfikatu
cc = mallocStructure(sizeof(CertificateChoices_t));
if ( cc == NULL )
return ERR_NO_MEMORY;
cc->present = CertificateChoices_PR_certificate;
cptr = &cc->choice.certificate;
asn_cloneContent(&asn_DEF_Certificate, (void *)cert, (void **)&cptr);
// dodanie certu do listy
if ( asn_set_add(&(envData->originatorInfo->certs->list), cc) )
return ERR_OPERATION_FAILED;
return err;
}
long _add_to_Data_VPKC(Certificate_t *certificate, long flag, Data_t *data)
{
long ret_val=0;
TargetEtcChain_t *target_chain=NULL;
if(certificate == NULL)
{ return -1; }
if(flag != CERT_CONTENT && flag != CERT_HASH)
{ return -2; }
if(data == NULL)
{ return -3; }
data->present=Data_PR_certs1;
ret_val=_create_TargetEtcChain(certificate, flag, &target_chain);
if(ret_val != 0)
{
return -4;
}
ret_val=asn_set_add(&(data->choice.certs1.list), (void*)target_chain);
if(ret_val != 0 )
{
asn_DEF_TargetEtcChain.free_struct(&asn_DEF_TargetEtcChain, target_chain, 1);
free(target_chain);
return -5;
}
return 0;
}
/*
* Dodanie RecipientInfo do EnvelopedData
* Nastepuje dodanie do listy wskazania ! Nie usuwac dodwanych danych !
*/
long EnvelopedData_add_RecipientInfo(EnvelopedData_t *envData, RecipientInfo_t *recInfo)
{
if ( (envData == NULL) || (recInfo == NULL) )
return ERR_WRONG_ARGUMENT;
if ( asn_set_add( &(envData->recipientInfos.list), recInfo) != 0 )
return ERR_OPERATION_FAILED;
return 0;
}
/*
* Dodanie SignerInfo do SignedData
* Nastepuje dodanie wskazania do listy, wiec nie usuwac dancyh
*/
long SignedData_add_SignerInfo(SignedData_t *sigData, SignerInfo_t *sigInfo)
{
if (( sigData == NULL ) || ( sigInfo == NULL ))
return ERR_WRONG_ARGUMENT;
if ( asn_set_add(&(sigData->signerInfos.list), sigInfo) != 0 )
return ERR_OPERATION_FAILED;
return 0;
}
// Dodanie atrybutu do atrybutow niepodpisanych
// Atrybut jest dodawany do listy poprzez wskazanie, wiec nie nalezy
// usuwac go z pamieci po dodaniu
long UnsignedAttributes_add_Attribute(
UnsignedAttributes_t *attrs,
Attribute_t *attr)
{
if ( (attrs==NULL) || (attr==NULL) )
return ERR_WRONG_ARGUMENT;
if ( asn_set_add( &(attrs->list), attr ) != 0 )
return ERR_OPERATION_FAILED;
return 0;
}
std::vector<uint8_t> Buf2() {
SequenceRecord_I_IO_I_t val1;
memset(&val1, 0, sizeof(val1));
val1.type = 1;
val1.type3 = 3;
SequenceRecord_I_IO_I_t val2;
memset(&val2, 0, sizeof(val2));
val2.type = 10;
val2.type3 = 30;
SequenceRecord_I_IO_I_t val3;
memset(&val3, 0, sizeof(val3));
val3.type = -1;
val3.type3 = -3;
SequenceRecord_I_IO_I_t val4;
memset(&val4, 0, sizeof(val4));
val4.type = -10;
val4.type3 = -30;
std::vector<uint8_t> buf(DEFAULT_BUF_SIZE);
SetRecord_ISet_Seqs_of_seq_t rec;
memset(&rec, 0, sizeof(rec));
asn_set_add(&rec.set.field1, &val1);
rec.set.field2 = (struct SeqOfSequenceRecord_I_IO_I*)malloc(sizeof(struct SeqOfSequenceRecord_I_IO_I));
memset(rec.set.field2, 0, sizeof(*rec.set.field2));
asn_set_add(rec.set.field2, &val2);
asn_set_add(&rec.set.field3, &val3);
rec.set.field4 = (struct SetRecord_ISet_Seqs_of_seq::set::field4*)malloc(sizeof(*rec.set.field4));
memset(rec.set.field4, 0, sizeof(*rec.set.field4));
asn_set_add(rec.set.field4, &val4);
asn_enc_rval_t rval;
rval = der_encode_to_buffer(&asn_DEF_SetRecord_ISet_Seqs_of_seq, &rec, (void*)buf.data(), buf.size());
if (rval.encoded >= 0) {
buf.resize(rval.encoded);
} else {
printf("cannot encode record in Buf2");
exit(0);
}
return std::move(buf);
}
std::vector<uint8_t> Buf1() {
std::vector<uint8_t> buf(DEFAULT_BUF_SIZE);
SetOfSelfRec_t val1;
memset(&val1, 0, sizeof(val1));
SetOfSelfRec_t val2;
memset(&val2, 0, sizeof(val2));
SetOfSelfRec_t rec;
memset(&rec, 0, sizeof(rec));
asn_set_add(&rec.list, &val1);
asn_set_add(&rec.list, &val2);
asn_enc_rval_t rval;
rval = der_encode_to_buffer(&asn_DEF_SetOfSelfRec, &rec, (void*)buf.data(), buf.size());
if (rval.encoded >= 0) {
buf.resize(rval.encoded);
} else {
printf("cannot encode record in Buf1");
exit(0);
}
return std::move(buf);
}
std::vector<uint8_t> Buf1() {
std::vector<uint8_t> buf(DEFAULT_BUF_SIZE);
long val1 = Member::Member_value1;
long val2 = Member::Member_value2;
long val3 = Member::Member_value3;
SetOfEnumerated_t rec;
memset(&rec, 0, sizeof(rec));
asn_set_add(&rec.list, &val1);
asn_set_add(&rec.list, &val2);
asn_set_add(&rec.list, &val3);
asn_enc_rval_t rval;
rval = der_encode_to_buffer(&asn_DEF_SetOfEnumerated, &rec, (void*)buf.data(), buf.size());
if (rval.encoded >= 0) {
buf.resize(rval.encoded);
} else {
printf("cannot encode record in Buf1");
exit(0);
}
return std::move(buf);
}
void
metautils_message_add_field(MESSAGE m, const char *n, const void *v, gsize vs)
{
EXTRA_ASSERT (m!=NULL);
EXTRA_ASSERT (n!=NULL);
if (!v || !vs)
return ;
Parameter_t *pMember = calloc(1, sizeof(Parameter_t));
OCTET_STRING_fromBuf(&(pMember->name), n, strlen(n));
OCTET_STRING_fromBuf(&(pMember->value), v, vs);
asn_set_add(&(m->content.list), pMember);
}
std::vector<uint8_t> Buf2() {
long val3;
val3 = e_SetRecord_ISet_Sets_of_enumerated__set__field3__Member::SetRecord_ISet_Sets_of_enumerated__set__field3__Member_value2;
long val4;
val4 = e_SetRecord_ISet_Sets_of_enumerated__set__field4__Member::SetRecord_ISet_Sets_of_enumerated__set__field4__Member_value3;
std::vector<uint8_t> buf(DEFAULT_BUF_SIZE);
SetRecord_ISet_Sets_of_enumerated_t rec;
memset(&rec, 0, sizeof(rec));
asn_set_add(&rec.set.field3, &val3);
rec.set.field4 = (struct SetRecord_ISet_Sets_of_enumerated::SetRecord_ISet_Sets_of_enumerated__set::SetRecord_ISet_Sets_of_enumerated__set__field4*)malloc(sizeof(*rec.set.field4));
memset(rec.set.field4, 0, sizeof(*rec.set.field4));
asn_set_add(rec.set.field4, &val4);
asn_enc_rval_t rval;
rval = der_encode_to_buffer(&asn_DEF_SetRecord_ISet_Sets_of_enumerated, &rec, (void*)buf.data(), buf.size());
if (rval.encoded >= 0) {
buf.resize(rval.encoded);
} else {
printf("cannot encode record in Buf2");
exit(0);
}
return std::move(buf);
}
void func_fill(gpointer d, gpointer u)
{
asn_anonymous_set_ *p_set;
void *asn1_form;
if (error_occured || !d)
return;
asn1_form = calloc(1, h->asn1_size);
if (!h->map_API_to_ASN1(d, asn1_form)) {
free(asn1_form);
GSETERROR(err, "Element of type [%s] serialization failed!", h->type_name);
error_occured = TRUE;
} else {
p_set = &(((struct anonymous_sequence_s *) u)->list);
asn_set_add(_A_SET_FROM_VOID(p_set), asn1_form);
}
}
long _create_CertEtcToken(CertEtcToken_PR flag, Certificate_t *certificate, CertEtcToken_t **cert_token)
{
CertEtcToken_t *certTok=NULL;
Certificate_t *cert=NULL;
bmd_crypt_ctx_t *hash_context=NULL;
GenBuf_t *der=NULL;
GenBuf_t *hash=NULL;
long ret_val=0;
OCTET_STRING_t *octet_str=NULL;
long status;
CertificateSerialNumber_t *sn=NULL;
Name_t *issuer=NULL;
IssuerSerial_t *issuer_serial=NULL;
GeneralNames_t *general_list=NULL;
GeneralName_t *general_name=NULL;
if(certificate == NULL)
{ return -1; }
if(cert_token == NULL)
{ return -2; }
if(*cert_token != NULL)
{ return -3; }
//wartosci niewymienione w nawiasie nie sa dopuszczalne w DVCSRequest
if(flag != CertEtcToken_PR_certificate && flag != CertEtcToken_PR_esscertid && flag != CertEtcToken_PR_extension && flag != CertEtcToken_PR_oscpcertid)
{ return -4; }
//niezaimplementowane
if(flag == CertEtcToken_PR_extension || flag == CertEtcToken_PR_oscpcertid)
{ return -5; }
certTok=(CertEtcToken_t*)calloc(1, sizeof(CertEtcToken_t));
if(certTok == NULL)
{ return -6; }
//caly certyfikat wrzucany
if(flag == CertEtcToken_PR_certificate)
{
certTok->present=CertEtcToken_PR_certificate;
ret_val=asn_cloneContent(&asn_DEF_Certificate, (void *)certificate, (void **)&cert);
if(ret_val != 0)
{
free(certTok);
return -7;
}
certTok->choice.certificate=*cert;
//niszczenie samego opakowania - zawartosc zostala przypisana
free(cert); cert=NULL;
}
//hash z certyfikatu wrzucany (ESSCertId)
else
{
if(flag == CertEtcToken_PR_esscertid)
{
certTok->present=CertEtcToken_PR_esscertid;
status=asn1_encode(&asn_DEF_Certificate,certificate, NULL, &der);
if( status != BMD_OK )
return -8;
//certyfikat zakodoany
//liczenie hashu
//liczenie skroutu z danych za pomoca SHA-1
bmd_set_ctx_hash(&hash_context,BMD_HASH_ALGO_SHA1);
bmd_hash_data(der, &hash_context, &hash, NULL);
free_gen_buf(&der);
bmd_ctx_destroy(&hash_context);
//hash wyliczony
/*Hash_t jest typedefem na OCTET_STRING_t*/
octet_str=OCTET_STRING_new_fromBuf(&asn_DEF_OCTET_STRING, (const char*)hash->buf, hash->size);
free_gen_buf(&hash);
if(hash == NULL)
{
free(certTok);
return -12;
}
//
certTok->choice.esscertid.certHash=*octet_str;
//niszczenie samego opakowania - zawartosc zostala przypisana
free(octet_str); octet_str=NULL;
/*!DONE issuerSerial*/
//klonowanie seriala certyfikatu z Certificate_t
ret_val=asn_cloneContent( &asn_DEF_CertificateSerialNumber, &(cert->tbsCertificate.serialNumber), (void **)&(sn));
if(ret_val != 0)
{
asn_DEF_CertEtcToken.free_struct(&asn_DEF_CertEtcToken, certTok ,1);
free(certTok);
return -13;
}
ret_val=asn_cloneContent( &asn_DEF_Name, &(cert->tbsCertificate.issuer), (void **)&(issuer));
if(ret_val != 0)
{
asn_DEF_CertEtcToken.free_struct(&asn_DEF_CertEtcToken, certTok ,1);
free(certTok);
asn_DEF_CertificateSerialNumber.free_struct(&asn_DEF_CertificateSerialNumber, sn, 1);
free(sn); sn=NULL;
return -14;
}
general_name=(GeneralName_t*)calloc(1, sizeof(GeneralName_t));
if(general_name == NULL)
{
asn_DEF_CertEtcToken.free_struct(&asn_DEF_CertEtcToken, certTok ,1);
free(certTok);
asn_DEF_CertificateSerialNumber.free_struct(&asn_DEF_CertificateSerialNumber, sn, 1);
free(sn); sn=NULL;
asn_DEF_Name.free_struct(&asn_DEF_Name, issuer, 1);
free(issuer); issuer=NULL;
return -15;
}
general_name->present=GeneralName_PR_directoryName;
general_name->choice.directoryName=*issuer;
free(issuer); issuer=NULL; //opakowanie mozna zwolnic (bebechy przypisane wewnatrz general_name)
general_list=(GeneralNames_t*)calloc(1, sizeof(GeneralNames_t));
if(general_list == NULL)
{
asn_DEF_CertEtcToken.free_struct(&asn_DEF_CertEtcToken, certTok ,1);
free(certTok);
asn_DEF_CertificateSerialNumber.free_struct(&asn_DEF_CertificateSerialNumber, sn, 1);
free(sn); sn=NULL;
//opakowanie issuer zostalo zwolnione a bebechy odpowiednio przypisane do general_name
asn_DEF_GeneralName.free_struct(&asn_DEF_GeneralName, general_name, 1);
free(general_name); general_name=NULL;
return -16;
}
//binduje wskaznik, wiec juz z general_name nic nie trzeba juz robic
if( (asn_set_add((void*)&(general_list->list), (void*)general_name)) != 0 )
{
asn_DEF_CertEtcToken.free_struct(&asn_DEF_CertEtcToken, certTok ,1);
free(certTok);
asn_DEF_CertificateSerialNumber.free_struct(&asn_DEF_CertificateSerialNumber, sn, 1);
free(sn); sn=NULL;
asn_DEF_GeneralName.free_struct(&asn_DEF_GeneralName, general_name, 1);
free(general_name); general_name=NULL;
free(general_list); general_list=NULL;
return -17;
}
issuer_serial=(IssuerSerial_t*)calloc(1, sizeof(IssuerSerial_t));
if(issuer_serial == NULL)
{
asn_DEF_CertEtcToken.free_struct(&asn_DEF_CertEtcToken, certTok ,1);
free(certTok);
asn_DEF_CertificateSerialNumber.free_struct(&asn_DEF_CertificateSerialNumber, sn, 1);
free(sn); sn=NULL;
asn_DEF_GeneralNames.free_struct(&asn_DEF_GeneralNames, general_list, 1);
free(general_list); general_list=NULL;
return -18;
}
issuer_serial->issuer=*general_list;
free(general_list); general_list=NULL; //opakowanie mozna zwolnic, bebechy odpowiendio przypisane
issuer_serial->serial=*sn;
free(sn); sn=NULL; //opakowanie mozna zwolnic, bebechy odpowiendio przypisane
//binduje wskazniki
certTok->choice.esscertid.issuerSerial=issuer_serial;
/*!DONE issuerSerial*/
}
}
*cert_token=certTok;
return 0;
}
long _PR2_BMDDatagram_set_metadata( MetaDataBuf_t **mtds,
long no,
long type,
BMDDatagram_t **asn1_dtg)
{
long i = 0;
long lenOfOids = 0;
long lenOfMyIds = 0;
long lenOfOwnerIds = 0;
long lenOfOwnerTypes = 0;
long lenOfDatas = 0;
char **OID_str_array = NULL;
char **myId_str_array = NULL;
char **ownerId_str_array = NULL;
char **ownerType_str_array = NULL;
char *OIDs_str = NULL;
char *myIds_str = NULL;
char *ownerIds_str = NULL;
char *ownerTypes_str = NULL;
char *datas_str = NULL;
char *pointer_temp = NULL;
INTEGER_t *INTEGER_temp = NULL;
struct MetaDatas *tmp_mtd = NULL;
if(mtds==NULL) { BMD_FOK(BMD_ERR_PARAM1); }
if(no<0) { BMD_FOK(BMD_ERR_PARAM2); }
if( (type!=_PR2_SYS_MTD) && (type!=_PR2_ACT_MTD) &&
(type!=_PR2_ADD_MTD) && (type!=_PR2_PKI_MTD) )
{
BMD_FOK(BMD_ERR_PARAM3);
}
if(asn1_dtg==NULL) { BMD_FOK(BMD_ERR_PARAM4); }
if((*asn1_dtg)==NULL) { BMD_FOK(BMD_ERR_PARAM4); }
tmp_mtd=(struct MetaDatas *)malloc(sizeof(struct MetaDatas));
if(tmp_mtd == NULL) { BMD_FOK(NO_MEMORY); }
memset(tmp_mtd,0,sizeof(struct MetaDatas));
OID_str_array = (char **)malloc( (no + 1) * sizeof(char *));
if(OID_str_array == NULL) { BMD_FOK(NO_MEMORY); }
memset(OID_str_array, 0, (no + 1) * sizeof(char *));
myId_str_array = (char **)malloc( (no + 1) * sizeof(char *));
if(myId_str_array == NULL) { BMD_FOK(NO_MEMORY); }
memset(myId_str_array, 0, (no + 1) * sizeof(char *));
ownerId_str_array = (char **)malloc( (no + 1) * sizeof(char *));
if(ownerId_str_array == NULL) { BMD_FOK(NO_MEMORY); }
memset(ownerId_str_array, 0, (no + 1) * sizeof(char *));
ownerType_str_array = (char **)malloc( (no + 1) * sizeof(char *));
if(ownerType_str_array == NULL) { BMD_FOK(NO_MEMORY); }
memset(ownerType_str_array, 0, (no + 1) * sizeof(char *));
/*Konwersja na char* oraz zliczenie wielkosci potrzebnych buforow*/
for(i=0;i<no;i++)
{
OID_str_array[i]=(char*)malloc(sizeof(char)*(strlen(mtds[i]->OIDTableBuf)+1));
memset(OID_str_array[i], 0, strlen(mtds[i]->OIDTableBuf)+1);
memcpy(OID_str_array[i], mtds[i]->OIDTableBuf, strlen(mtds[i]->OIDTableBuf));
// PRINT_TEST("LIBBMDPRVDEBUG Encoding loop i: %li, OID_str_array[i]: %s\n", i, OID_str_array[i]);
lenOfOids = lenOfOids + (long)strlen(OID_str_array[i]) + 1;
asprintf(&(myId_str_array[i]), "%li", mtds[i]->myId);
if(myId_str_array[i] == NULL) { BMD_FOK(NO_MEMORY); }
// PRINT_TEST("LIBBMDPRVDEBUG Encoding loop i: %li, myId_str_array[i]: %s\n", i, myId_str_array[i]);
lenOfMyIds = lenOfMyIds + (long)strlen(myId_str_array[i]) + 1;
asprintf(&(ownerId_str_array[i]), "%li", mtds[i]->ownerId);
if(ownerId_str_array[i] == NULL) { BMD_FOK(NO_MEMORY); }
// PRINT_TEST("LIBBMDPRVDEBUG Encoding loop i: %li, ownerId_str_array[i]: %s\n", i, ownerId_str_array[i]);
lenOfOwnerIds = lenOfOwnerIds + (long)strlen(ownerId_str_array[i]) + 1;
asprintf(&(ownerType_str_array[i]), "%li", mtds[i]->ownerType);
if(ownerType_str_array[i] == NULL) { BMD_FOK(NO_MEMORY); }
// PRINT_TEST("LIBBMDPRVDEBUG Encoding loop i: %li, ownerType_str_array[i]: %s\n", i, ownerType_str_array[i]);
lenOfOwnerTypes = lenOfOwnerTypes + (long)strlen(ownerType_str_array[i]) + 1;
lenOfDatas = lenOfDatas + mtds[i]->AnySize + 1;
}
/*Po kolei tworze bufory przechowujace odpowiednie lancuchy i kopiuje do nich wczesniej pobrane dane*/
OIDs_str = malloc(lenOfOids * sizeof(char));
if(OIDs_str == NULL) { BMD_FOK(NO_MEMORY); }
memset(OIDs_str, 0, lenOfOids * sizeof(char));
pointer_temp = OIDs_str;
for(i = 0; i < no; i++)
{
memcpy(pointer_temp, OID_str_array[i], strlen(OID_str_array[i]));
// PRINT_VDEBUG("LIBBMDPRVDEBUG Encoding loop i: %li, OID_str: %s\n", i, pointer_temp);
pointer_temp = pointer_temp + strlen( OID_str_array[i] ) + 1;
INTEGER_temp = (INTEGER_t*)malloc(sizeof(INTEGER_t));
if(INTEGER_temp == NULL) { BMD_FOK(NO_MEMORY); }
memset(INTEGER_temp, 0, sizeof(INTEGER_t));
BMD_FOK(asn_long2INTEGER(INTEGER_temp, (long)strlen( OID_str_array[i] )));
asn_set_add( &(tmp_mtd->lenOfOids.list), INTEGER_temp);
INTEGER_temp = NULL;
free(OID_str_array[i]);
OID_str_array[i] = NULL;
}
free(OID_str_array); OID_str_array = NULL;
myIds_str = malloc(lenOfMyIds * sizeof(char));
if(myIds_str == NULL) { BMD_FOK(NO_MEMORY); }
memset(myIds_str, 0, lenOfMyIds * sizeof(char));
pointer_temp = myIds_str;
for(i = 0; i < no; i++)
{
memcpy(pointer_temp, myId_str_array[i], strlen(myId_str_array[i]));
// PRINT_VDEBUG("LIBBMDPRVDEBUG Encoding loop i: %li, myId_str: %s\n", i, pointer_temp);
pointer_temp = pointer_temp + strlen(myId_str_array[i]) + 1;
INTEGER_temp = (INTEGER_t*)malloc(sizeof(INTEGER_t));
if(INTEGER_temp == NULL) { BMD_FOK(NO_MEMORY); }
memset(INTEGER_temp, 0, sizeof(INTEGER_t));
BMD_FOK(asn_long2INTEGER(INTEGER_temp, (long)strlen(myId_str_array[i])));
asn_set_add( &(tmp_mtd->lenOfMyIds.list), INTEGER_temp);
INTEGER_temp = NULL;
free(myId_str_array[i]);
myId_str_array[i] = NULL;
}
free(myId_str_array); myId_str_array = NULL;
ownerIds_str = malloc(lenOfOwnerIds * sizeof(char));
if(ownerIds_str == NULL) { BMD_FOK(NO_MEMORY); }
memset(ownerIds_str, 0, lenOfOwnerIds * sizeof(char));
pointer_temp = ownerIds_str;
for(i = 0; i < no; i++)
{
memcpy(pointer_temp, ownerId_str_array[i], strlen(ownerId_str_array[i]));
// PRINT_VDEBUG("LIBBMDPRVDEBUG Encoding loop i: %li, ownerIds_str: %s\n", i, pointer_temp);
pointer_temp = pointer_temp + strlen(ownerId_str_array[i]) + 1;
INTEGER_temp = (INTEGER_t*)malloc(sizeof(INTEGER_t));
if(INTEGER_temp == NULL) { BMD_FOK(NO_MEMORY); }
memset(INTEGER_temp, 0, sizeof(INTEGER_t));
BMD_FOK(asn_long2INTEGER(INTEGER_temp, (long)strlen(ownerId_str_array[i])));
asn_set_add( &(tmp_mtd->lenOfOwnerIds.list), INTEGER_temp);
INTEGER_temp = NULL;
free(ownerId_str_array[i]);
ownerId_str_array[i] = NULL;
}
free(ownerId_str_array); ownerId_str_array = NULL;
ownerTypes_str = malloc(lenOfOwnerTypes * sizeof(char));
if(ownerTypes_str == NULL) { BMD_FOK(NO_MEMORY); }
memset(ownerTypes_str, 0, lenOfOwnerTypes * sizeof(char));
pointer_temp = ownerTypes_str;
for(i = 0; i < no; i++)
{
memcpy(pointer_temp, ownerType_str_array[i], strlen(ownerType_str_array[i]));
// PRINT_VDEBUG("LIBBMDPRVDEBUG Encoding loop i: %li, ownerType_str: %s\n", i, pointer_temp);
pointer_temp = pointer_temp + strlen(ownerType_str_array[i]) + 1;
INTEGER_temp = (INTEGER_t*)malloc(sizeof(INTEGER_t));
if(INTEGER_temp == NULL) { BMD_FOK(NO_MEMORY); }
memset(INTEGER_temp, 0, sizeof(INTEGER_t));
BMD_FOK(asn_long2INTEGER(INTEGER_temp, (long)strlen(ownerType_str_array[i])));
asn_set_add( &(tmp_mtd->lenOfOwnerTypes.list), INTEGER_temp);
INTEGER_temp = NULL;
free(ownerType_str_array[i]);
ownerType_str_array[i] = NULL;
}
free(ownerType_str_array); ownerType_str_array = NULL;
datas_str = malloc(lenOfDatas * sizeof(char));
if(datas_str == NULL) { BMD_FOK(NO_MEMORY); }
memset(datas_str, 0, lenOfDatas * sizeof(char));
pointer_temp = datas_str;
for(i = 0; i < no; i++)
{
memcpy(pointer_temp, mtds[i]->AnyBuf, mtds[i]->AnySize);
// PRINT_VDEBUG("LIBBMDPRVDEBUG Encoding loop i: %li, data string len: %li\n", i, mtds[i]->AnySize);
pointer_temp = pointer_temp + mtds[i]->AnySize + 1;
INTEGER_temp = (INTEGER_t*)malloc(sizeof(INTEGER_t));
if(INTEGER_temp == NULL) { BMD_FOK(NO_MEMORY); }
memset(INTEGER_temp, 0, sizeof(INTEGER_t));
BMD_FOK(asn_long2INTEGER(INTEGER_temp, mtds[i]->AnySize));
asn_set_add( &(tmp_mtd->lenOfDatas.list), INTEGER_temp);
INTEGER_temp = NULL;
}
BMD_FOK(OCTET_STRING_fromBuf( &(tmp_mtd->datas), datas_str, lenOfDatas));
free(datas_str); datas_str = NULL;
BMD_FOK(OCTET_STRING_fromBuf( &(tmp_mtd->oids), OIDs_str, lenOfOids));
free(OIDs_str); OIDs_str = NULL;
BMD_FOK(OCTET_STRING_fromBuf( &(tmp_mtd->myIds), myIds_str, lenOfMyIds));
free(myIds_str); myIds_str = NULL;
BMD_FOK(OCTET_STRING_fromBuf( &(tmp_mtd->ownerIds), ownerIds_str , lenOfOwnerIds));
free(ownerIds_str); ownerIds_str = NULL;
BMD_FOK(OCTET_STRING_fromBuf( &(tmp_mtd->ownerTypes), ownerTypes_str, lenOfOwnerTypes));
free(ownerTypes_str); ownerTypes_str = NULL;
switch(type)
{
case _PR2_SYS_MTD:
(*asn1_dtg)->sysMetaDatas = tmp_mtd;
break;
case _PR2_ACT_MTD:
(*asn1_dtg)->actionMetaDatas = tmp_mtd;
break;
case _PR2_ADD_MTD:
(*asn1_dtg)->additionalMetaDatas = tmp_mtd;
break;
case _PR2_PKI_MTD:
(*asn1_dtg)->pkiMetaDatas = tmp_mtd;
break;
};
tmp_mtd = NULL; /*Nie zwalniac*/
return BMD_OK;
}
long _add_to_Data_VSD_External(GenBuf_t *signedData, GenBuf_t *dataContent, long dataContentType, char* hashAlgorithmOid, Data_t *data)
{
long retVal=0;
DigestInfo_t *digestInfo=NULL;
long sha1_oid[] = { OID_SHA_1_LONG};
GenBuf_t *hash = NULL;
bmd_crypt_ctx_t *hash_ctx=NULL;
if(signedData == NULL)
{ return -1; }
if(signedData->buf == NULL)
{ return -2; }
if(dataContent == NULL)
{ return -3; }
if(dataContent->buf == NULL)
{ return -4; }
if(data == NULL)
{ return -5; }
// gdy przekazany podpisany dokument, parametr hashAlgorithmOid jest ignorowany
if(dataContentType == BMDDVCS_EXTERNAL_DOCUMENT_HASH && hashAlgorithmOid == NULL)
{ return -6; }
data->present=Data_PR_messageInfo;
//ustawienie podpisu zewnetrznego
retVal=OCTET_STRING_fromBuf( &(data->choice.messageInfo.message), signedData->buf, signedData->size);
if(retVal != 0)
{ return -10; }
//ustawienie skrotu z podpisanych danych
digestInfo=(DigestInfo_t*)calloc(1, sizeof(DigestInfo_t));
if(digestInfo == NULL)
{
asn_DEF_MessageInfo.free_struct(&asn_DEF_MessageInfo, &(data->choice.messageInfo), 1);
return -11;
}
//ustawienie oidu funkcji skrotu (jesli przekazany byl skrot, a nie caly dokument)
if(dataContentType == BMDDVCS_EXTERNAL_DOCUMENT_HASH)
{
retVal=String2OID( hashAlgorithmOid, &(digestInfo->digestAlgorithm.algorithm));
if(retVal < 0)
{
asn_DEF_MessageInfo.free_struct(&asn_DEF_MessageInfo, &(data->choice.messageInfo), 1);
free(digestInfo);
return -20;
}
}
else
{
retVal=OBJECT_IDENTIFIER_set_arcs( &(digestInfo->digestAlgorithm.algorithm), sha1_oid, sizeof(long), sizeof(sha1_oid)/sizeof(long));
if(retVal != 0)
{
asn_DEF_MessageInfo.free_struct(&asn_DEF_MessageInfo, &(data->choice.messageInfo), 1);
free(digestInfo);
return -12;
}
}
//ustawienie wartosci skrotu
if(dataContentType == BMDDVCS_EXTERNAL_DOCUMENT_HASH) //gotowy skrot
{
retVal=OCTET_STRING_fromBuf( &(digestInfo->digest), dataContent->buf, dataContent->size);
if(retVal != 0)
{
asn_DEF_MessageInfo.free_struct(&asn_DEF_MessageInfo, &(data->choice.messageInfo), 1);
asn_DEF_DigestInfo.free_struct(&asn_DEF_DigestInfo, digestInfo, 1);
free(digestInfo);
return -13;
}
}
else //wyliczanie skrotu
{
retVal=bmd_set_ctx_hash(&hash_ctx, BMD_HASH_ALGO_SHA1);
if(retVal != BMD_OK)
{
asn_DEF_MessageInfo.free_struct(&asn_DEF_MessageInfo, &(data->choice.messageInfo), 1);
asn_DEF_DigestInfo.free_struct(&asn_DEF_DigestInfo, digestInfo, 1);
free(digestInfo);
return -14;
}
retVal=bmd_hash_data(dataContent, &hash_ctx, &hash, NULL);
bmd_ctx_destroy(&hash_ctx);
if(retVal != BMD_OK)
{
asn_DEF_MessageInfo.free_struct(&asn_DEF_MessageInfo, &(data->choice.messageInfo), 1);
asn_DEF_DigestInfo.free_struct(&asn_DEF_DigestInfo, digestInfo, 1);
free(digestInfo);
return -15;
}
retVal=OCTET_STRING_fromBuf( &(digestInfo->digest), hash->buf, hash->size);
free_gen_buf(&hash);
if(retVal != 0)
{
asn_DEF_MessageInfo.free_struct(&asn_DEF_MessageInfo, &(data->choice.messageInfo), 1);
asn_DEF_DigestInfo.free_struct(&asn_DEF_DigestInfo, digestInfo, 1);
free(digestInfo);
return -16;
}
}
//wstawienie digestInfo do zbioru externalData
if( (asn_set_add((void*)&(data->choice.messageInfo.externalData.list), (void*)digestInfo)) != 0 )
{
asn_DEF_MessageInfo.free_struct(&asn_DEF_MessageInfo, &(data->choice.messageInfo), 1);
asn_DEF_DigestInfo.free_struct(&asn_DEF_DigestInfo, digestInfo, 1);
free(digestInfo);
return -17;
}
return 0;
}
/*
WSZ porzdki - BMD_ERR_LOAD_SIG_POLICY (-77)
@return BMD_ERR_LOAD_SIG_POLICY (-77) jesli nie mona zaladowac badz zdekodowac wskazanej polityki podpisu
@return BMDPKI_ERR_FIND_CERT_STORE (-78) jesli nie mozna odnalezc magazynu certyfikatow zaufanych
z funkcji bmd_verify_cert_with_crl():
@return BMD_ERR_PARAM1 - niewlasciwe wywolanie
@return BMD_ERR_OP_FAILED - wiele bledow nie okreslonych blizej
@return BMD_ERR_PKI_NO_CRL (-56) - nie moze wczytac listy CRL
@return BMD_ERR_PKI_VERIFY - blad weryfikacji certyfikatu
*/
long bmd_set_signature_params_policy(bmd_signature_params_t *sig_params,char *sig_policy,long auto_params_create,GenBuf_t *cert, CertExtConfig_t *certCheckParams)
{
long status;
GenBuf_t *buf=NULL;
SignaturePolicy_t *policy=NULL;
asn_dec_rval_t rval;
CMSAttrs_t *policy_signed_attrs=NULL;
SignerAndVerifierRules_t *SigVerRules=NULL;
long i=0;
long j=0;
long type;
char *policy_oid=NULL;
bmd_crypt_ctx_t *hash_ctx=NULL;
GenBuf_t *policy_hash_buf=NULL;
GenBuf_t *cert_hash_buf=NULL;
Attribute_t *sig_pol_attr=NULL;
Attribute_t *cert_attr=NULL;
Attribute_t *time_attr=NULL;
Certificate_t *asn1_cert=NULL;
CertificateTrustPoint_t *trust_point=NULL;
CertificateTrustTrees_t *trust_trees=NULL;
SigningCertTrustCondition_t *sig_cert_trust=NULL;
GeneralNames_t *g_names=NULL;
GeneralName_t *g_name=NULL;
char *policy_url=NULL;
long trust_condition=0;
GenBuf_t **trusted_certs=NULL;
GenBuf_t **constructed_cert_path=NULL;
long cert_path_length=0;
long flag_trust_found=0;
if(sig_params==NULL)
{
PRINT_DEBUG("LIBBMDPKIERR Invalid first parameter value. Error=%i\n",BMD_ERR_PARAM1);
return BMD_ERR_PARAM1;
}
if(sig_policy==NULL)
{
PRINT_DEBUG("LIBBMDPKIERR Invalid second parameter value. Error=%i\n",BMD_ERR_PARAM2);
return BMD_ERR_PARAM2;
}
status=_bmd_load_signature_policy(sig_policy,&buf);
if(status!=BMD_OK)
{
PRINT_DEBUG("LIBBMDPKIERR Error loading signature policy. Error=%i\n",BMDPKI_ERR_LOAD_SIG_POLICY);
return BMDPKI_ERR_LOAD_SIG_POLICY;
}
rval=ber_decode(NULL,&asn_DEF_SignaturePolicy,&(sig_params->signature_policy),buf->buf,buf->size);
if(rval.code!=RC_OK)
{
PRINT_DEBUG("LIBBMDPKIERR Error loading signature policy. Error=%i\n",BMDPKI_ERR_LOAD_SIG_POLICY);
return BMDPKI_ERR_LOAD_SIG_POLICY;
}
policy=(SignaturePolicy_t *)sig_params->signature_policy;
/* pobranie zaufanych certyfikatow dla podpisujacego z polityki podpisu */
trust_trees=&(policy->signPolicyInfo.signatureValidationPolicy.commonRules.signingCertTrustCondition->signerTrustTrees);
trusted_certs=(GenBuf_t **)calloc((trust_trees->list.count+2), sizeof(GenBuf_t *));
for(i=0;i<trust_trees->list.count;i++)
{
trust_point=trust_trees->list.array[i];
asn1_encode(&asn_DEF_Certificate,&(trust_point->trustpoint), NULL, &(trusted_certs[i]));
}
if(sig_params->tcc) /* jesli ustawiono Trusted Cert Store */
{
status=bmd_verify_cert_path(cert,sig_params->tcc,&constructed_cert_path,NULL);
if(status==BMD_OK)
{
i=0;
while(constructed_cert_path[i])
{
i++;
}
cert_path_length=i;
i=0;
while(trusted_certs[i])
{
if(trusted_certs[i]->size==constructed_cert_path[cert_path_length-1]->size)
{
if(memcmp(trusted_certs[i]->buf,constructed_cert_path[cert_path_length-1]->buf,trusted_certs[i]->size)==0)
{
flag_trust_found=1;
break;
}
}
i++;
}
if(flag_trust_found==0)
{
PRINT_DEBUG("LIBBMDPKIERR Error. Error=%i\n",BMD_ERR_OP_FAILED);
return BMD_ERR_OP_FAILED;
}
}
else
{
PRINT_DEBUG("LIBBMDPKIERR Error in finding cert store. Error=%i\n",BMDPKI_ERR_FIND_CERT_STORE);
return BMDPKI_ERR_FIND_CERT_STORE;
}
}
else
{
PRINT_DEBUG("LIBBMDPKIERR Error. Error=%i\n",BMD_ERR_OP_FAILED);
return BMD_ERR_OP_FAILED;
}
/* sprawdzenie czy certyfikat ktorym ma sie wykonac podpis jest na CRL - jesli tylko to jest w polityce */
sig_cert_trust=policy->signPolicyInfo.signatureValidationPolicy.commonRules.signingCertTrustCondition;
asn_INTEGER2long(&(sig_cert_trust->signerRevReq.endCertRevReq.enuRevReq),&trust_condition);
if(trust_condition==EnuRevReq_clrCheck)
{
if(certCheckParams==NULL) /*na podstawie CRL distribution point w certyfikacie*/
{
status=bmd_verify_cert_with_crl(cert, NULL, NULL);
}
else if(certCheckParams->check_with_crl > 0)
{
if(certCheckParams->download_crl > 0)
{
status=bmd_verify_cert_with_crl(cert, certCheckParams->url_of_crl, NULL);
}
else if(certCheckParams->use_crl_file > 0)
{
status=bmd_verify_cert_with_crl(cert, NULL, certCheckParams->crl_file_path);
}
else /*na podstawie CRL distribution point w certyfikacie*/
{
status=bmd_verify_cert_with_crl(cert, NULL, NULL);
}
}
else /*jesli wylaczona weryfikacja crl*/
{
status=BMD_OK;
}
if(status!=BMD_OK)
{
PRINT_DEBUG("LIBBMDPKIERR Error. Error=%li\n",status);
return status;
}
}
/* w tym momencie wiemy ze certyfikat moze wykonac podpis ??? */
if(auto_params_create==1) /* stworzenie parametrow stalych do podpisu */
{
policy=(SignaturePolicy_t *)sig_params->signature_policy;
/* ustaw wskaznik na liste obowiazkowych atrybutow podpisanych */
SigVerRules=policy->signPolicyInfo.signatureValidationPolicy.commonRules.signerAndVeriferRules;
policy_signed_attrs=&(SigVerRules->signerRules.mandatedSignedAttr);
sig_params->signed_attributes=(SignedAttributes_t *)malloc(sizeof(SignedAttributes_t));
memset(sig_params->signed_attributes,0,sizeof(SignedAttributes_t));
for(i=0;i<policy_signed_attrs->list.count;i++)
{
__bmd_determine_signed_attr_type(policy_signed_attrs->list.array[i],&type);
switch(type)
{
case BMD_CMS_ATTR_CONTENT_TYPE: /* rozszerzenie standardowe - nic nie trzeba robic */
break;
case BMD_CMS_ATTR_MESSAGE_DIGEST: /* rozszerzenie standardowe - nic nie trzeba robic */
break;
case BMD_CMS_ATTR_SIGNING_TIME: /* zostanie stworzony pozniej */
SigAttr_Create_SigningTime(&time_attr);
asn_set_add(sig_params->signed_attributes,time_attr);
break;
case BMD_CMS_ATTR_SIGNING_CERT:
if(cert)
{
bmd_ctx_destroy(&hash_ctx);
bmd_set_ctx_hash(&hash_ctx,BMD_HASH_ALGO_SHA1);
status=bmd_hash_data(cert,&hash_ctx,&cert_hash_buf,NULL);
ber_decode(NULL,&asn_DEF_Certificate,(void **)&asn1_cert,cert->buf,cert->size);
SigAttr_Create_SigningCertificate(cert_hash_buf,asn1_cert,&cert_attr);
asn_set_add(sig_params->signed_attributes,cert_attr);
bmd_ctx_destroy(&hash_ctx);
asn_DEF_Certificate.free_struct(&asn_DEF_Certificate,asn1_cert,0);asn1_cert=NULL;
free_gen_buf(&cert_hash_buf);
}
else
{
PRINT_DEBUG("LIBBMDPKIERR Error. Error=%i\n",BMD_ERR_OP_FAILED);
return BMD_ERR_OP_FAILED;
}
break;
case BMD_CMS_ATTR_SIG_POLICY_ID:
status=OBJECT_IDENTIFIER2string(&(policy->signPolicyInfo.signPolicyIdentifier),&policy_oid);
if(status!=BMD_OK)
{
PRINT_DEBUG("LIBBMDPKIERR Error. Error=%i\n",BMD_ERR_OP_FAILED);
return BMD_ERR_OP_FAILED;
}
/* (by WSZ) zmiana sposobu wyliczania skrotu polityki podipsu (ProCertum API compatible)
bmd_ctx_destroy(&hash_ctx);
status=bmd_set_ctx_hash(&hash_ctx,BMD_HASH_ALGO_SHA1);
status=bmd_hash_data(buf,&hash_ctx,&policy_hash_buf,NULL);
*/
status=bmd_hash_SignaturePolicy(buf, &policy_hash_buf);
g_names=&(policy->signPolicyInfo.policyIssuerName);
for(j=0;j<g_names->list.count;j++)
{
g_name=g_names->list.array[j];
if(g_name->present==GeneralName_PR_dNSName)
{
GeneralName2string(g_name,&policy_url);
break;
}
}
SigAttr_Create_SignaturePolicyId(policy_oid,policy_url,policy_hash_buf,&sig_pol_attr);
asn_set_add(sig_params->signed_attributes,(void *)sig_pol_attr);
free(policy_oid);
free(policy_url);
bmd_ctx_destroy(&hash_ctx);
free_gen_buf(&policy_hash_buf);
break;
}
}
}
i=0;
if(trusted_certs)
{
while(trusted_certs[i])
{
free_gen_buf(&(trusted_certs[i]));
i++;
}
free(trusted_certs);trusted_certs=NULL;
}
i=0;
if(constructed_cert_path)
{
while(constructed_cert_path[i])
{
free_gen_buf(&(constructed_cert_path[i]));
i++;
}
free(constructed_cert_path);constructed_cert_path=NULL;
}
return BMD_OK;
}
