source: EcnlProtoTool/trunk/openssl-1.1.0e/crypto/ct/ct_b64.c

Last change on this file was 331, checked in by coas-nagasima, 6 years ago

prototoolに関連するプロジェクトをnewlibからmuslを使うよう変更・更新
ntshellをnewlibの下位の実装から、muslのsyscallの実装に変更・更新
以下のOSSをアップデート
・mruby-1.3.0
・musl-1.1.18
・onigmo-6.1.3
・tcc-0.9.27
以下のOSSを追加
・openssl-1.1.0e
・curl-7.57.0
・zlib-1.2.11
以下のmrbgemsを追加
・iij/mruby-digest
・iij/mruby-env
・iij/mruby-errno
・iij/mruby-iijson
・iij/mruby-ipaddr
・iij/mruby-mock
・iij/mruby-require
・iij/mruby-tls-openssl
  • Property svn:eol-style set to native
  • Property svn:mime-type set to text/x-csrc
File size: 4.1 KB
Line 
1/*
2 * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the OpenSSL license (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10#include <limits.h>
11#include <string.h>
12
13#include <openssl/ct.h>
14#include <openssl/err.h>
15#include <openssl/evp.h>
16
17#include "ct_locl.h"
18
19/*
20 * Decodes the base64 string |in| into |out|.
21 * A new string will be malloc'd and assigned to |out|. This will be owned by
22 * the caller. Do not provide a pre-allocated string in |out|.
23 */
24static int ct_base64_decode(const char *in, unsigned char **out)
25{
26 size_t inlen = strlen(in);
27 int outlen;
28 unsigned char *outbuf = NULL;
29
30 if (inlen == 0) {
31 *out = NULL;
32 return 0;
33 }
34
35 outlen = (inlen / 4) * 3;
36 outbuf = OPENSSL_malloc(outlen);
37 if (outbuf == NULL) {
38 CTerr(CT_F_CT_BASE64_DECODE, ERR_R_MALLOC_FAILURE);
39 goto err;
40 }
41
42 outlen = EVP_DecodeBlock(outbuf, (unsigned char *)in, inlen);
43 if (outlen < 0) {
44 CTerr(CT_F_CT_BASE64_DECODE, CT_R_BASE64_DECODE_ERROR);
45 goto err;
46 }
47
48 /* Subtract padding bytes from |outlen| */
49 while (in[--inlen] == '=') {
50 --outlen;
51 }
52
53 *out = outbuf;
54 return outlen;
55err:
56 OPENSSL_free(outbuf);
57 return -1;
58}
59
60SCT *SCT_new_from_base64(unsigned char version, const char *logid_base64,
61 ct_log_entry_type_t entry_type, uint64_t timestamp,
62 const char *extensions_base64,
63 const char *signature_base64)
64{
65 SCT *sct = SCT_new();
66 unsigned char *dec = NULL;
67 const unsigned char* p = NULL;
68 int declen;
69
70 if (sct == NULL) {
71 CTerr(CT_F_SCT_NEW_FROM_BASE64, ERR_R_MALLOC_FAILURE);
72 return NULL;
73 }
74
75 /*
76 * RFC6962 section 4.1 says we "MUST NOT expect this to be 0", but we
77 * can only construct SCT versions that have been defined.
78 */
79 if (!SCT_set_version(sct, version)) {
80 CTerr(CT_F_SCT_NEW_FROM_BASE64, CT_R_SCT_UNSUPPORTED_VERSION);
81 goto err;
82 }
83
84 declen = ct_base64_decode(logid_base64, &dec);
85 if (declen < 0) {
86 CTerr(CT_F_SCT_NEW_FROM_BASE64, X509_R_BASE64_DECODE_ERROR);
87 goto err;
88 }
89 if (!SCT_set0_log_id(sct, dec, declen))
90 goto err;
91 dec = NULL;
92
93 declen = ct_base64_decode(extensions_base64, &dec);
94 if (declen < 0) {
95 CTerr(CT_F_SCT_NEW_FROM_BASE64, X509_R_BASE64_DECODE_ERROR);
96 goto err;
97 }
98 SCT_set0_extensions(sct, dec, declen);
99 dec = NULL;
100
101 declen = ct_base64_decode(signature_base64, &dec);
102 if (declen < 0) {
103 CTerr(CT_F_SCT_NEW_FROM_BASE64, X509_R_BASE64_DECODE_ERROR);
104 goto err;
105 }
106
107 p = dec;
108 if (o2i_SCT_signature(sct, &p, declen) <= 0)
109 goto err;
110 OPENSSL_free(dec);
111 dec = NULL;
112
113 SCT_set_timestamp(sct, timestamp);
114
115 if (!SCT_set_log_entry_type(sct, entry_type))
116 goto err;
117
118 return sct;
119
120 err:
121 OPENSSL_free(dec);
122 SCT_free(sct);
123 return NULL;
124}
125
126/*
127 * Allocate, build and returns a new |ct_log| from input |pkey_base64|
128 * It returns 1 on success,
129 * 0 on decoding failure, or invalid parameter if any
130 * -1 on internal (malloc) failure
131 */
132int CTLOG_new_from_base64(CTLOG **ct_log, const char *pkey_base64, const char *name)
133{
134 unsigned char *pkey_der = NULL;
135 int pkey_der_len = ct_base64_decode(pkey_base64, &pkey_der);
136 const unsigned char *p;
137 EVP_PKEY *pkey = NULL;
138
139 if (ct_log == NULL) {
140 CTerr(CT_F_CTLOG_NEW_FROM_BASE64, ERR_R_PASSED_INVALID_ARGUMENT);
141 return 0;
142 }
143
144 if (pkey_der_len <= 0) {
145 CTerr(CT_F_CTLOG_NEW_FROM_BASE64, CT_R_LOG_CONF_INVALID_KEY);
146 return 0;
147 }
148
149 p = pkey_der;
150 pkey = d2i_PUBKEY(NULL, &p, pkey_der_len);
151 OPENSSL_free(pkey_der);
152 if (pkey == NULL) {
153 CTerr(CT_F_CTLOG_NEW_FROM_BASE64, CT_R_LOG_CONF_INVALID_KEY);
154 return 0;
155 }
156
157 *ct_log = CTLOG_new(pkey, name);
158 if (*ct_log == NULL) {
159 EVP_PKEY_free(pkey);
160 return 0;
161 }
162
163 return 1;
164}
Note: See TracBrowser for help on using the repository browser.