Compare Revisions

The credentials to download the source code are:
 Username: svnusers
 Password: svnusers

Ignore whitespace Rev 1913 → Rev 1914

/branches/Security/tools/itscertgen/certgen.c
1,3 → 1,4
#define _CRT_SECURE_NO_WARNINGS
#include <stdio.h>
#include "cxml/cxml.h"
#include "cshared/copts.h"
14,7 → 15,8
#include <time.h>
#include <math.h>
 
// #define DEBUG_BOOKMARKS
//#define DEBUG_BOOKMARKS
#define MAX_BOOKMARKS 16
 
typedef struct bookmark_t bookmark_t;
struct bookmark_t {
37,8 → 39,10
char * buf;
char * ptr;
const char * end;
bookmark_t * bookmarks;
 
char * bookmarks[MAX_BOOKMARKS];
int bidx;
 
unsigned int nTmpValue;
void * key;
}cert_cxml_handler_t;
45,10 → 49,12
 
static void bookmark_position(cert_cxml_handler_t * const h, const cxml_tag_t * tag)
{
bookmark_t * s = (bookmark_t*)malloc(sizeof(bookmark_t));
s->prev = h->bookmarks;
h->bookmarks = s;
s->ptr = h->ptr;
if (h->bidx >= MAX_BOOKMARKS){
fprintf(stderr, "FATAL: Profile is tooooooo complicated!!!\n");
exit(-1);
}
h->bookmarks[h->bidx] = h->ptr;
h->bidx++;
h->ptr++;
#ifdef DEBUG_BOOKMARKS
printf("BOOKMARK 0x%08X (%s)\n", (unsigned int)h->ptr, tag->name);
57,28 → 63,27
 
static int apply_bookmark_size(cert_cxml_handler_t * const h, const cxml_tag_t * tag)
{
bookmark_t * s = h->bookmarks;
int size = -1;
if (NULL == s){
assert(s);
}else{
int bcount;
size = h->ptr - s->ptr;
int size, bcount;
char * psize;
if (h->bidx == 0){
fprintf(stderr, "FATAL: Inconsistent bookmarks!!!\n");
exit(-1);
}
psize = h->bookmarks[--h->bidx];
size = h->ptr - psize - 1;
#ifdef DEBUG_BOOKMARKS
printf("APPLY 0x%08X [%d] (%s)\n", (unsigned int)h->ptr, size, tag->name);
#endif
bcount = cintx_bytecount(size);
if(bcount == 1){
*(unsigned char*)s->ptr = size;
size = 0;
}else{
memmove(s->ptr + bcount, s->ptr+1, h->ptr - s->ptr - 1);
h->ptr += bcount - 1;
size = cintx_write(size, &s->ptr, s->ptr+bcount, NULL);
}
h->bookmarks = s->prev;
free(s);
bcount = cintx_bytecount(size);
if (bcount == 1){
*(unsigned char*)psize = size;
size = 0;
}
else{
memmove(psize + bcount, psize + 1, h->ptr - psize - 1);
h->ptr += bcount - 1;
size = cintx_write(size, &psize, psize + bcount, NULL);
}
return size; // size is overridden to be 0 or -1
}
 
199,6 → 204,8
};
static const char * _verificationKey = NULL;
static const char * _decriptionKey = NULL;
static const char * _keyPath = NULL;
static int _reuseKeys = 0;
 
static int _time_option(const copt_t * opt, const char * option, const copt_value_t * value)
{
215,18 → 222,20
}
 
static copt_t options [] = {
{ "h?", "help", COPT_HELP, NULL, "Print this help page" },
{ "i", "in", COPT_STR, &_searchPath, "Certificates search path [Output path by default]" },
{ "o", "out", COPT_STR, &_outPath, "Output path [current dir by default]" },
{ "b", "bin", COPT_BOOL | COPT_CALLBACK, &_out_option, "Binary output format [default]" },
{ "p", "pem", COPT_BOOL | COPT_CALLBACK, &_out_option, "PEM output format" },
{ "x", "hex", COPT_BOOL | COPT_CALLBACK, &_out_option, "Hexadecimal output format" },
{ "n", "name", COPT_STR, &_certName, "Certificate name (take from profile by default)" },
{ "v", "vkey", COPT_STR, &_verificationKey, "Verification public key (generate key pair by default)" },
{ "e", "ekey", COPT_STR, &_decriptionKey, "Decription public key (generate key pair if neccessary)" },
{ "s", "signer", COPT_STR, &_signerName, "Signer certificate name [take from profile by default]" },
{ "r", "reftime", COPT_STR | COPT_CALLBACK, &_time_option, "Reference UTC time point (YYY-DD-MM) [current date]" },
// { "c", "chain", COPT_BOOL , &_createChain, "Produce a text file for ITS Test Suite" },
{ "h?", "help", COPT_HELP, NULL, "Print this help page" },
{ "o", "out", COPT_STR, (void*)&_outPath, "Output path [current dir by default]" },
{ "S", "certs", COPT_STR, (void*)&_searchPath, "Certificates search path [Output path by default]" },
{ "K", "keys", COPT_STR, (void*)&_keyPath, "Private key storage path [Output path by default]" },
{ "R", "reuse", COPT_BOOL, (void*)&_reuseKeys, "Reuse existing key pair [regenerate by default]" },
{ "b", "bin", (COPT_BOOL | COPT_CALLBACK), (void*)&_out_option, "Binary output format [default]" },
{ "p", "pem", (COPT_BOOL | COPT_CALLBACK), (void*)&_out_option, "PEM output format" },
{ "x", "hex", (COPT_BOOL | COPT_CALLBACK), (void*)&_out_option, "Hexadecimal output format" },
{ "n", "name", COPT_STR, (void*)&_certName, "Certificate name (take from profile by default)" },
{ "v", "vkey", COPT_STR, (void*)&_verificationKey, "Verification public key (generate key pair by default)" },
{ "e", "ekey", COPT_STR, (void*)&_decriptionKey, "Decription public key (generate key pair if neccessary)" },
{ "s", "signer", COPT_STR, (void*)&_signerName, "Signer certificate name [take from profile by default]" },
{ "r", "reftime", COPT_STR | COPT_CALLBACK, (void*)&_time_option, "Reference UTC time point (YYY-DD-MM) [current date]" },
// { "c", "chain", COPT_BOOL , &_createChain, "Produce a text file for ITS Test Suite" },
{ NULL, NULL, COPT_END, NULL, NULL }
};
 
251,6 → 260,7
}
 
if (_searchPath == NULL) _searchPath = _outPath;
if (_keyPath == NULL) _keyPath = _outPath;
 
if(argc > 2){
// set signer certificate file name
298,9 → 308,8
h->end = h->buf + 4096;
}else{
FILE * f;
int plen = strlen(_outPath) + strlen(_certName);
char * path = malloc(plen + 16);
char * end = cvstrncpy(path, plen + 16, _outPath, "/", _certName, ".crt", NULL);
char * path = h->ptr;
char * end = cvstrncpy(path, h->end-path, _outPath, "/", _certName, ".crt", NULL);
f = fopen(path, "wb");
if (!f){
fprintf(stderr, "ERROR: Certificate write failed to '%s'\n", path);
316,22 → 325,22
fclose(f);
}
if (h->verificationKey){
if (_verificationKey == NULL){
cvstrncpy(end - 4, 16, ".v.prv.", _outExtensions[_outFormat], NULL);
if (_verificationKey == NULL && _reuseKeys == 0){
cvstrncpy(path, h->end - path, _keyPath, "/", _certName, ".v.prv.", _outExtensions[_outFormat], NULL);
ecc_api_key_private_save(h->verificationKey, path, _outFormat);
cvstrncpy(end - 4, 16, ".v.pub.", _outExtensions[_outFormat], NULL);
cvstrncpy(path, h->end - path, _keyPath, "/", _certName, ".v.pub.", _outExtensions[_outFormat], NULL);
ecc_api_key_public_save(h->verificationKey, path, _outFormat);
}
}
if (h->encryptionKey){
if (_decriptionKey == NULL){
cvstrncpy(end - 4, 16, ".e.prv.", _outExtensions[_outFormat], NULL);
if (_decriptionKey == NULL && _reuseKeys == 0){
cvstrncpy(path, h->end - path, _keyPath, "/", _certName, ".e.prv.", _outExtensions[_outFormat], NULL);
ecc_api_key_private_save(h->encryptionKey, path, _outFormat);
cvstrncpy(end - 4, 16, ".e.pub.", _outExtensions[_outFormat], NULL);
cvstrncpy(path, h->end - path, _keyPath, "/", _certName, ".e.pub.", _outExtensions[_outFormat], NULL);
ecc_api_key_public_save(h->encryptionKey, path, _outFormat);
}
}
free(path);
free(h->buf);
}
return 0;
}
445,6 → 454,7
static const char * _subject_type [] = {
"EC", "AT", "AA", "EA", "ROOT", "CRL"
};
 
typedef struct list_pointer_t
{
unsigned char * ptr;
508,7 → 518,28
}
cint8_write(atype, &h->ptr, h->end, &rc);
h->sa_type = atype;
switch(h->sa_type){
 
const char * keyPath = _verificationKey;
switch (h->sa_type){
case 1: // encryption_key
keyPath = _decriptionKey;
case 0: //verificationKey
if (keyPath){
h->key = ecc_api_key_public_load(keyPath);
if (h->key == NULL){
fprintf(stderr, "%s: Can't load public key\n", keyPath);
return -1;
}
}
else if (_reuseKeys){
cvstrncpy(h->ptr, h->end - h->ptr, _keyPath, "/", _certName,
".", h->sa_type ? "e" : "v", ".prv.", _outExtensions[_outFormat], NULL);
h->key = ecc_api_key_private_load(h->ptr);
if (h->key == NULL){
_reuseKeys = 0;
}
}
break;
case 32: //its_aid_list
case 33: //its_aid_ssp_list
bookmark_position(h, tag);
517,30 → 548,12
}else{
switch(h->sa_type){
case 0: // verification_key
if (_verificationKey){
h->verificationKey = ecc_api_key_public_load(_verificationKey);
if (h->verificationKey == NULL){
fprintf(stderr, "%s: Can't load verification pulic key\n", _verificationKey);
return -1;
}
}
else{
h->verificationKey = h->key;
h->key = NULL;
}
h->verificationKey = h->key;
h->key = NULL;
break;
case 1: // encryption_key
if (_decriptionKey){
h->encryptionKey = ecc_api_key_public_load(_decriptionKey);
if (h->encryptionKey == NULL){
fprintf(stderr, "%s: Can't load decription pulic key\n", _decriptionKey);
return -1;
}
}
else{
h->encryptionKey = h->key;
h->key = NULL;
}
h->encryptionKey = h->key;
h->key = NULL;
break;
case 32: //its_aid_list
case 33: //its_aid_ssp_list
577,7 → 590,7
cert_cxml_handler_t * h = (cert_cxml_handler_t *)_h;
if (cxml_tag_is_open(tag)){
int alg = 0, sym_alg = 0;
void * key;
void * key = h->key;
const char * v = cxml_tag_attr_value(tag, "algorithm");
if(v) {
alg = STR2ENUM(_pk_algorithms, v);
601,7 → 614,9
cint8_write(sym_alg, &h->ptr, h->end, &rc);
case 0:
// generate private and public key pair
key = ecc_api_key_gen (alg, sym_alg);
if (key == NULL){
key = ecc_api_key_gen(alg, sym_alg);
}
if(key){
int pointtype = 0;
char x[32], y[32];
622,7 → 637,6
cbuf_write(&y[0], 32, &h->ptr, h->end, &rc);
}
}
assert(h->key == NULL);
h->key = key;
}
}
/branches/Security/tools/itscertgen/cshared/copts.c
21,6 → 21,9
##
######################################################################
*********************************************************************/
#ifdef _MSC_VER
#define _CRT_SECURE_NO_WARNINGS
#endif
#include <string.h>
#include <limits.h>
#include <ctype.h>
31,8 → 34,9
 
#ifdef _MSC_VER
#define inline __inline
#define strcasecmp stricmp
#define strcasecmp _stricmp
#define strdup _strdup
#define _CRT_SECURE_NO_WARNINGS
#endif
 
#define COPT_AFLAG_ERROR 0x10000