mirror of
https://github.com/guanzhi/GmSSL.git
synced 2026-05-28 03:06:24 +08:00
update gmapi
This commit is contained in:
Zhi Guan
@@ -54,7 +54,7 @@
|
||||
#include <openssl/conf.h>
|
||||
#include <openssl/gmsaf.h>
|
||||
#include "saf_lcl.h"
|
||||
|
||||
#include "../../apps/apps.h"
|
||||
|
||||
/* 7.2.2 */
|
||||
int SAF_AddTrustedRootCaCertificate(
|
||||
@@ -62,7 +62,42 @@ int SAF_AddTrustedRootCaCertificate(
|
||||
unsigned char *pucCertificate,
|
||||
unsigned int uiCertificateLen)
|
||||
{
|
||||
return SAR_NotSupportYetErr;
|
||||
int ret = SAR_UnknownErr;
|
||||
SAF_APP *app = (SAF_APP *)hAppHandle;
|
||||
X509 *x509 = NULL;
|
||||
BIO *bio = NULL;
|
||||
|
||||
if (!hAppHandle || !pucCertificate) {
|
||||
SAFerr(SAF_F_SAF_ADDTRUSTEDROOTCACERTIFICATE, ERR_R_PASSED_NULL_PARAMETER);
|
||||
return SAR_IndataErr;
|
||||
}
|
||||
|
||||
if (uiCertificateLen <= 0 || uiCertificateLen > INT_MAX) {
|
||||
SAFerr(SAF_F_SAF_ADDTRUSTEDROOTCACERTIFICATE, SAF_R_INVALID_INPUT_LENGTH);
|
||||
return SAR_IndataLenErr;
|
||||
}
|
||||
|
||||
if (!(bio = BIO_new_file(app->rootcacerts, "a"))) {
|
||||
SAFerr(SAF_F_SAF_ADDTRUSTEDROOTCACERTIFICATE, ERR_R_BIO_LIB);
|
||||
goto end;
|
||||
}
|
||||
|
||||
if (!(x509 = d2i_X509(NULL, &pucCertificate, uiCertificateLen))) {
|
||||
SAFerr(SAF_F_SAF_ADDTRUSTEDROOTCACERTIFICATE, SAF_R_LOAD_CERTS_FAILURE);
|
||||
goto end;
|
||||
}
|
||||
|
||||
if (!PEM_write_bio_X509(bio, x509)) {
|
||||
SAFerr(SAF_F_SAF_ADDTRUSTEDROOTCACERTIFICATE, ERR_R_PEM_LIB);
|
||||
goto end;
|
||||
}
|
||||
|
||||
ret = SAR_Ok;
|
||||
|
||||
end:
|
||||
X509_free(x509);
|
||||
BIO_free(bio);
|
||||
return ret;
|
||||
}
|
||||
|
||||
/* 7.2.3 */
|
||||
@@ -70,8 +105,26 @@ int SAF_GetRootCaCertificateCount(
|
||||
void *hAppHandle,
|
||||
unsigned int *puiCount)
|
||||
{
|
||||
*puiCount = 0;
|
||||
return SAR_Ok;
|
||||
int ret = SAR_UnknownErr;
|
||||
SAF_APP *app = (SAF_APP *)hAppHandle;
|
||||
STACK_OF(X509) *certs = NULL;
|
||||
|
||||
if (!hAppHandle || !puiCount) {
|
||||
SAFerr(SAF_F_SAF_GETROOTCACERTIFICATECOUNT, ERR_R_PASSED_NULL_PARAMETER);
|
||||
return SAR_IndataErr;
|
||||
}
|
||||
|
||||
if (!load_certs(app->rootcacerts, &certs, FORMAT_PEM, NULL, "root ca certificates")) {
|
||||
SAFerr(SAF_F_SAF_GETROOTCACERTIFICATECOUNT, SAF_R_LOAD_CERTS_FAILURE);
|
||||
goto end;
|
||||
}
|
||||
|
||||
*puiCount = sk_X509_num(certs);
|
||||
ret = SAR_Ok;
|
||||
|
||||
end:
|
||||
sk_X509_free(certs);
|
||||
return ret;
|
||||
}
|
||||
|
||||
/* 7.2.4 */
|
||||
@@ -81,7 +134,44 @@ int SAF_GetRootCaCertificate(
|
||||
unsigned char *pucCertificate,
|
||||
unsigned int *puiCertificateLen)
|
||||
{
|
||||
return SAR_NotSupportYetErr;
|
||||
int ret = SAR_UnknownErr;
|
||||
SAF_APP *app = (SAF_APP *)hAppHandle;
|
||||
STACK_OF(X509) *certs = NULL;
|
||||
X509 *x509;
|
||||
int len;
|
||||
|
||||
if (!hAppHandle || !pucCertificate || !puiCertificateLen) {
|
||||
SAFerr(SAF_F_SAF_GETROOTCACERTIFICATE, ERR_R_PASSED_NULL_PARAMETER);
|
||||
return SAR_IndataErr;
|
||||
}
|
||||
|
||||
if (!load_certs(app->rootcacerts, &certs, FORMAT_PEM, NULL,
|
||||
"root ca certificates")) {
|
||||
SAFerr(SAF_F_SAF_GETROOTCACERTIFICATE, SAF_R_LOAD_CERTS_FAILURE);
|
||||
goto end;
|
||||
}
|
||||
|
||||
if (!(x509 = sk_X509_value(certs, uiIndex))) {
|
||||
SAFerr(SAF_F_SAF_GETROOTCACERTIFICATE, SAF_R_INVALID_INDEX);
|
||||
goto end;
|
||||
}
|
||||
|
||||
if (*puiCertificateLen < i2d_X509(x509, NULL)) {
|
||||
SAFerr(SAF_F_SAF_GETROOTCACERTIFICATE, SAF_R_BUFFER_TOO_SMALL);
|
||||
ret = SAR_IndataLenErr;
|
||||
goto end;
|
||||
}
|
||||
|
||||
if ((len = i2d_X509(x509, pucCertificate)) <= 0) {
|
||||
SAFerr(SAF_F_SAF_GETROOTCACERTIFICATE, ERR_R_X509_LIB);
|
||||
goto end;
|
||||
}
|
||||
|
||||
*puiCertificateLen = len;
|
||||
ret = SAR_Ok;
|
||||
end:
|
||||
sk_X509_free(certs);
|
||||
return ret;
|
||||
}
|
||||
|
||||
/* 7.2.5 */
|
||||
@@ -89,16 +179,91 @@ int SAF_RemoveRootCaCertificate(
|
||||
void *hAppHandle,
|
||||
unsigned int uiIndex)
|
||||
{
|
||||
return SAR_NotSupportYetErr;
|
||||
int ret = SAR_UnknownErr;
|
||||
SAF_APP *app = (SAF_APP *)hAppHandle;
|
||||
STACK_OF(X509) *certs = NULL;
|
||||
X509 *x509 = NULL;
|
||||
BIO *bio = NULL;
|
||||
int i, err = 0;
|
||||
|
||||
if (!hAppHandle) {
|
||||
SAFerr(SAF_F_SAF_REMOVEROOTCACERTIFICATE, ERR_R_PASSED_NULL_PARAMETER);
|
||||
return SAR_IndataErr;
|
||||
}
|
||||
|
||||
if (!load_certs(app->rootcacerts, &certs, FORMAT_PEM, NULL, "root ca certificates")) {
|
||||
SAFerr(SAF_F_SAF_REMOVEROOTCACERTIFICATE, SAF_R_LOAD_CERTS_FAILURE);
|
||||
goto end;
|
||||
}
|
||||
|
||||
if (!(bio = BIO_new_file(app->rootcacerts, "w"))) {
|
||||
SAFerr(SAF_F_SAF_REMOVEROOTCACERTIFICATE, ERR_R_BIO_LIB);
|
||||
goto end;
|
||||
}
|
||||
|
||||
if (!(x509 = sk_X509_delete(certs, uiIndex))) {
|
||||
SAFerr(SAF_F_SAF_REMOVEROOTCACERTIFICATE, SAF_R_INVALID_INDEX);
|
||||
goto end;
|
||||
}
|
||||
|
||||
for (i = 0; i < sk_X509_num(certs); i++) {
|
||||
if (!PEM_write_bio_X509(bio, sk_X509_value(certs, i))) {
|
||||
SAFerr(SAF_F_SAF_REMOVEROOTCACERTIFICATE, ERR_R_PEM_LIB);
|
||||
err++;
|
||||
}
|
||||
}
|
||||
|
||||
ret = SAR_Ok;
|
||||
|
||||
end:
|
||||
X509_free(x509);
|
||||
sk_X509_free(certs);
|
||||
BIO_free(bio);
|
||||
return ret;
|
||||
}
|
||||
|
||||
/* 7.2.6 */
|
||||
int SAF_AddCaCertificate(
|
||||
void *hAppHandle,
|
||||
unsigned char *pucCertificate,
|
||||
unsigned int *puiCertificateLen)
|
||||
unsigned int uiCertificateLen)
|
||||
{
|
||||
return SAR_NotSupportYetErr;
|
||||
int ret = SAR_UnknownErr;
|
||||
SAF_APP *app = (SAF_APP *)hAppHandle;
|
||||
X509 *x509 = NULL;
|
||||
BIO *bio = NULL;
|
||||
|
||||
if (!hAppHandle || !pucCertificate) {
|
||||
SAFerr(SAF_F_SAF_ADDCACERTIFICATE, ERR_R_PASSED_NULL_PARAMETER);
|
||||
return SAR_IndataErr;
|
||||
}
|
||||
|
||||
if (uiCertificateLen <= 0 || uiCertificateLen > INT_MAX) {
|
||||
SAFerr(SAF_F_SAF_ADDCACERTIFICATE, SAF_R_INVALID_INPUT_LENGTH);
|
||||
return SAR_IndataLenErr;
|
||||
}
|
||||
|
||||
if (!(bio = BIO_new_file(app->cacerts, "a"))) {
|
||||
SAFerr(SAF_F_SAF_ADDCACERTIFICATE, ERR_R_BIO_LIB);
|
||||
goto end;
|
||||
}
|
||||
|
||||
if (!(x509 = d2i_X509(NULL, &pucCertificate, uiCertificateLen))) {
|
||||
SAFerr(SAF_F_SAF_ADDCACERTIFICATE, SAF_R_LOAD_CERTS_FAILURE);
|
||||
goto end;
|
||||
}
|
||||
|
||||
if (!PEM_write_bio_X509(bio, x509)) {
|
||||
SAFerr(SAF_F_SAF_ADDCACERTIFICATE, ERR_R_PEM_LIB);
|
||||
goto end;
|
||||
}
|
||||
|
||||
ret = SAR_Ok;
|
||||
|
||||
end:
|
||||
X509_free(x509);
|
||||
BIO_free(bio);
|
||||
return ret;
|
||||
}
|
||||
|
||||
/* 7.2.7 */
|
||||
@@ -106,7 +271,26 @@ int SAF_GetCaCertificateCount(
|
||||
void *hAppHandle,
|
||||
unsigned int *puiCount)
|
||||
{
|
||||
return SAR_NotSupportYetErr;
|
||||
int ret = SAR_UnknownErr;
|
||||
SAF_APP *app = (SAF_APP *)hAppHandle;
|
||||
STACK_OF(X509) *certs = NULL;
|
||||
|
||||
if (!hAppHandle || !puiCount) {
|
||||
SAFerr(SAF_F_SAF_GETCACERTIFICATECOUNT, ERR_R_PASSED_NULL_PARAMETER);
|
||||
return SAR_IndataErr;
|
||||
}
|
||||
|
||||
if (!load_certs(app->cacerts, &certs, FORMAT_PEM, NULL, "ca certificates")) {
|
||||
SAFerr(SAF_F_SAF_GETCACERTIFICATECOUNT, SAF_R_LOAD_CERTS_FAILURE);
|
||||
goto end;
|
||||
}
|
||||
|
||||
*puiCount = sk_X509_num(certs);
|
||||
ret = SAR_Ok;
|
||||
|
||||
end:
|
||||
sk_X509_free(certs);
|
||||
return ret;
|
||||
}
|
||||
|
||||
/* 7.2.8 */
|
||||
@@ -116,7 +300,43 @@ int SAF_GetCaCertificate(
|
||||
unsigned char *pucCertificate,
|
||||
unsigned int *puiCertificateLen)
|
||||
{
|
||||
return SAR_NotSupportYetErr;
|
||||
int ret = SAR_UnknownErr;
|
||||
SAF_APP *app = (SAF_APP *)hAppHandle;
|
||||
STACK_OF(X509) *certs = NULL;
|
||||
X509 *x509;
|
||||
int len;
|
||||
|
||||
if (!hAppHandle || !pucCertificate || !puiCertificateLen) {
|
||||
SAFerr(SAF_F_SAF_GETCACERTIFICATE, ERR_R_PASSED_NULL_PARAMETER);
|
||||
return SAR_IndataErr;
|
||||
}
|
||||
|
||||
if (!load_certs(app->cacerts, &certs, FORMAT_PEM, NULL, "ca certificates")) {
|
||||
SAFerr(SAF_F_SAF_GETCACERTIFICATE, SAF_R_LOAD_CERTS_FAILURE);
|
||||
goto end;
|
||||
}
|
||||
|
||||
if (!(x509 = sk_X509_value(certs, uiIndex))) {
|
||||
SAFerr(SAF_F_SAF_GETCACERTIFICATE, SAF_R_INVALID_INDEX);
|
||||
goto end;
|
||||
}
|
||||
|
||||
if (*puiCertificateLen < i2d_X509(x509, NULL)) {
|
||||
SAFerr(SAF_F_SAF_GETCACERTIFICATE, SAF_R_BUFFER_TOO_SMALL);
|
||||
ret = SAR_IndataLenErr;
|
||||
goto end;
|
||||
}
|
||||
|
||||
if ((len = i2d_X509(x509, pucCertificate)) <= 0) {
|
||||
SAFerr(SAF_F_SAF_GETCACERTIFICATE, ERR_R_X509_LIB);
|
||||
goto end;
|
||||
}
|
||||
|
||||
*puiCertificateLen = len;
|
||||
ret = SAR_Ok;
|
||||
end:
|
||||
sk_X509_free(certs);
|
||||
return ret;
|
||||
}
|
||||
|
||||
/* 7.2.9 */
|
||||
@@ -124,7 +344,47 @@ int SAF_RemoveCaCertificate(
|
||||
void *hAppHandle,
|
||||
unsigned int uiIndex)
|
||||
{
|
||||
return SAR_NotSupportYetErr;
|
||||
int ret = SAR_UnknownErr;
|
||||
SAF_APP *app = (SAF_APP *)hAppHandle;
|
||||
STACK_OF(X509) *certs = NULL;
|
||||
X509 *x509 = NULL;
|
||||
BIO *bio = NULL;
|
||||
int i, err = 0;
|
||||
|
||||
if (!hAppHandle) {
|
||||
SAFerr(SAF_F_SAF_REMOVECACERTIFICATE, ERR_R_PASSED_NULL_PARAMETER);
|
||||
return SAR_IndataErr;
|
||||
}
|
||||
|
||||
if (!load_certs(app->cacerts, &certs, FORMAT_PEM, NULL, "ca certificates")) {
|
||||
SAFerr(SAF_F_SAF_REMOVECACERTIFICATE, SAF_R_LOAD_CERTS_FAILURE);
|
||||
goto end;
|
||||
}
|
||||
|
||||
if (!(bio = BIO_new_file(app->rootcacerts, "w"))) {
|
||||
SAFerr(SAF_F_SAF_REMOVECACERTIFICATE, ERR_R_BIO_LIB);
|
||||
goto end;
|
||||
}
|
||||
|
||||
if (!(x509 = sk_X509_delete(certs, uiIndex))) {
|
||||
SAFerr(SAF_F_SAF_REMOVECACERTIFICATE, SAF_R_INVALID_INDEX);
|
||||
goto end;
|
||||
}
|
||||
|
||||
for (i = 0; i < sk_X509_num(certs); i++) {
|
||||
if (!PEM_write_bio_X509(bio, sk_X509_value(certs, i))) {
|
||||
SAFerr(SAF_F_SAF_REMOVECACERTIFICATE, ERR_R_PEM_LIB);
|
||||
err++;
|
||||
}
|
||||
}
|
||||
|
||||
ret = SAR_Ok;
|
||||
|
||||
end:
|
||||
X509_free(x509);
|
||||
sk_X509_free(certs);
|
||||
BIO_free(bio);
|
||||
return ret;
|
||||
}
|
||||
|
||||
/* 7.2.10 */
|
||||
@@ -133,6 +393,8 @@ int SAF_AddCrl(
|
||||
unsigned char *pucDerCrl,
|
||||
unsigned int uiDerCrlLen)
|
||||
{
|
||||
int ret = SAR_UnknownErr;
|
||||
SAF_APP *app = (SAF_APP *)hAppHandle;
|
||||
return SAR_NotSupportYetErr;
|
||||
}
|
||||
|
||||
@@ -142,6 +404,8 @@ int SAF_VerifyCertificate(
|
||||
unsigned char *pucUsrCertificate,
|
||||
unsigned int uiUsrCertificateLen)
|
||||
{
|
||||
int ret = SAR_UnknownErr;
|
||||
SAF_APP *app = (SAF_APP *)hAppHandle;
|
||||
return SAR_NotSupportYetErr;
|
||||
}
|
||||
|
||||
@@ -153,6 +417,8 @@ int SAF_VerifyCertificateByCrl(
|
||||
unsigned char *pucDerCrl,
|
||||
unsigned int uiDerCrlLen)
|
||||
{
|
||||
int ret = SAR_UnknownErr;
|
||||
SAF_APP *app = (SAF_APP *)hAppHandle;
|
||||
return SAR_NotSupportYetErr;
|
||||
}
|
||||
|
||||
@@ -179,6 +445,8 @@ int SAF_GetCertFromLdap(
|
||||
unsigned char *pucOutCert,
|
||||
unsigned int *puiOutCertLen)
|
||||
{
|
||||
int ret = SAR_UnknownErr;
|
||||
SAF_APP *app = (SAF_APP *)hAppHandle;
|
||||
return SAR_NotSupportYetErr;
|
||||
}
|
||||
|
||||
@@ -204,6 +472,8 @@ int SAF_GetCertificateInfo(
|
||||
unsigned char *pucInfo,
|
||||
unsigned int *puiInfoLen)
|
||||
{
|
||||
int ret = SAR_UnknownErr;
|
||||
SAF_APP *app = (SAF_APP *)hAppHandle;
|
||||
return SAR_NotSupportYetErr;
|
||||
}
|
||||
|
||||
@@ -218,6 +488,8 @@ int SAF_GetExtTypeInfo(
|
||||
unsigned char *pucInfo,
|
||||
unsigned int *puiInfoLen)
|
||||
{
|
||||
int ret = SAR_UnknownErr;
|
||||
SAF_APP *app = (SAF_APP *)hAppHandle;
|
||||
return SAR_NotSupportYetErr;
|
||||
}
|
||||
|
||||
@@ -226,6 +498,8 @@ int SAF_EnumCertificates(
|
||||
void *hAppHandle,
|
||||
SGD_USR_CERT_ENUMLIST *usrCerts)
|
||||
{
|
||||
int ret = SAR_UnknownErr;
|
||||
SAF_APP *app = (SAF_APP *)hAppHandle;
|
||||
return SAR_NotSupportYetErr;
|
||||
}
|
||||
|
||||
@@ -234,6 +508,8 @@ int SAF_EnumKeyContainerInfo(
|
||||
void *hAppHandle,
|
||||
SGD_KEYCONTAINERINFO_ENUMLIST *keyContainerInfo)
|
||||
{
|
||||
int ret = SAR_UnknownErr;
|
||||
SAF_APP *app = (SAF_APP *)hAppHandle;
|
||||
return SAR_NotSupportYetErr;
|
||||
}
|
||||
|
||||
@@ -242,6 +518,8 @@ int SAF_EnumCertificatesFree(
|
||||
void *hAppHandle,
|
||||
SGD_USR_CERT_ENUMLIST *usrCerts)
|
||||
{
|
||||
int ret = SAR_UnknownErr;
|
||||
SAF_APP *app = (SAF_APP *)hAppHandle;
|
||||
return SAR_NotSupportYetErr;
|
||||
}
|
||||
|
||||
@@ -250,5 +528,7 @@ int SAF_EnumKeyContainerInfoFree(
|
||||
void *hAppHandle,
|
||||
SGD_KEYCONTAINERINFO_ENUMLIST *keyContainerInfo)
|
||||
{
|
||||
int ret = SAR_UnknownErr;
|
||||
SAF_APP *app = (SAF_APP *)hAppHandle;
|
||||
return SAR_NotSupportYetErr;
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user