#include <string.h>
#include <apr_pools.h>
#include <apr_tables.h>
#include "svn_string.h"
#include "svn_hash.h"
#include "x509.h"
svn_x509_name_attr_t *
svn_x509_name_attr_dup(const svn_x509_name_attr_t *attr,
apr_pool_t *result_pool,
apr_pool_t *scratch_pool)
{
svn_x509_name_attr_t *result = apr_palloc(result_pool, sizeof(*result));
result->oid_len = attr->oid_len;
result->oid = apr_pmemdup(result_pool, attr->oid, attr->oid_len);
result->utf8_value = apr_pstrdup(result_pool, attr->utf8_value);
return result;
}
const unsigned char *
svn_x509_name_attr_get_oid(const svn_x509_name_attr_t *attr, apr_size_t *len)
{
*len = attr->oid_len;
return attr->oid;
}
const char *
svn_x509_name_attr_get_value(const svn_x509_name_attr_t *attr)
{
return attr->utf8_value;
}
static apr_array_header_t *
deep_copy_array(apr_array_header_t *s, apr_pool_t *result_pool)
{
int i;
apr_array_header_t *d;
if (!s)
return NULL;
d = apr_array_copy(result_pool, s);
for (i = 0; i < s->nelts; ++i)
{
APR_ARRAY_IDX(d, i, const char *) =
apr_pstrdup(result_pool, APR_ARRAY_IDX(s, i, const char *));
}
return d;
}
static apr_array_header_t *
deep_copy_name_attrs(apr_array_header_t *s, apr_pool_t *result_pool)
{
int i;
apr_array_header_t *d;
if (!s)
return NULL;
d = apr_array_copy(result_pool, s);
for (i = 0; i < s->nelts; ++i)
{
APR_ARRAY_IDX(d, i, const svn_x509_name_attr_t *) =
svn_x509_name_attr_dup(APR_ARRAY_IDX(s, i, svn_x509_name_attr_t *),
result_pool, result_pool);
}
return d;
}
svn_x509_certinfo_t *
svn_x509_certinfo_dup(const svn_x509_certinfo_t *certinfo,
apr_pool_t *result_pool,
apr_pool_t *scratch_pool)
{
svn_x509_certinfo_t *result = apr_palloc(result_pool, sizeof(*result));
result->subject = deep_copy_name_attrs(certinfo->subject, result_pool);
result->issuer = deep_copy_name_attrs(certinfo->issuer, result_pool);
result->valid_from = certinfo->valid_from;
result->valid_to = certinfo->valid_to;
result->digest = svn_checksum_dup(certinfo->digest, result_pool);
result->hostnames = deep_copy_array(certinfo->hostnames, result_pool);
return result;
}
typedef struct asn1_oid {
const unsigned char *oid;
const apr_size_t oid_len;
const char *short_label;
const char *long_label;
} asn1_oid;
#define CONSTANT_PAIR(c) (unsigned char *)(c), sizeof((c)) - 1
static const asn1_oid asn1_oids[] = {
{ CONSTANT_PAIR(SVN_X509_OID_COMMON_NAME), "CN", "commonName" },
{ CONSTANT_PAIR(SVN_X509_OID_COUNTRY), "C", "countryName" },
{ CONSTANT_PAIR(SVN_X509_OID_LOCALITY), "L", "localityName" },
{ CONSTANT_PAIR(SVN_X509_OID_STATE), "ST", "stateOrProvinceName" },
{ CONSTANT_PAIR(SVN_X509_OID_ORGANIZATION), "O", "organizationName" },
{ CONSTANT_PAIR(SVN_X509_OID_ORG_UNIT), "OU", "organizationalUnitName"},
{ CONSTANT_PAIR(SVN_X509_OID_EMAIL), NULL, "emailAddress" },
{ NULL },
};
const char *
svn_x509_oid_to_string(const unsigned char *oid, apr_size_t oid_len,
apr_pool_t *scratch_pool, apr_pool_t *result_pool)
{
svn_stringbuf_t *out = svn_stringbuf_create_empty(result_pool);
const unsigned char *p = oid;
const unsigned char *end = p + oid_len;
const char *temp;
while (p != end) {
if (p == oid)
{
temp = apr_psprintf(scratch_pool, "%d.%d", *p / 40, *p % 40);
p++;
}
else if (*p < 128)
{
temp = apr_psprintf(scratch_pool, ".%d", *p);
p++;
}
else
{
unsigned int collector = 0;
svn_boolean_t dot = FALSE;
do {
if (collector == 0 && *p == 0x80)
{
if (!dot)
{
svn_stringbuf_appendbyte(out, '.');
dot = TRUE;
}
svn_stringbuf_appendbyte(out, '0');
}
else if (collector > UINT_MAX >> 7)
{
return NULL;
}
collector = collector << 7 | (*(p++) & 0x7f);
} while (p != end && *p > 127);
if (collector > UINT_MAX >> 7)
return NULL;
collector = collector << 7 | *(p++);
temp = apr_psprintf(scratch_pool, "%s%d", dot ? "" : ".", collector);
}
svn_stringbuf_appendcstr(out, temp);
}
if (svn_stringbuf_isempty(out))
return NULL;
return out->data;
}
static const asn1_oid *oid_to_asn1_oid(unsigned char *oid, apr_size_t oid_len)
{
const asn1_oid *entry;
for (entry = asn1_oids; entry->oid; entry++)
{
if (oid_len == entry->oid_len &&
memcmp(oid, entry->oid, oid_len) == 0)
return entry;
}
return NULL;
}
static const char *oid_to_best_label(unsigned char *oid, apr_size_t oid_len,
apr_pool_t *result_pool)
{
const asn1_oid *entry = oid_to_asn1_oid(oid, oid_len);
if (entry)
{
if (entry->short_label)
return entry->short_label;
if (entry->long_label)
return entry->long_label;
}
else
{
const char *oid_string = svn_x509_oid_to_string(oid, oid_len,
result_pool, result_pool);
if (oid_string)
return oid_string;
}
return "??";
}
static const char *
get_dn(apr_array_header_t *name,
apr_pool_t *result_pool)
{
svn_stringbuf_t *buf = svn_stringbuf_create_empty(result_pool);
int n;
for (n = 0; n < name->nelts; n++)
{
const svn_x509_name_attr_t *attr = APR_ARRAY_IDX(name, n, svn_x509_name_attr_t *);
if (n > 0)
svn_stringbuf_appendcstr(buf, ", ");
svn_stringbuf_appendcstr(buf, oid_to_best_label(attr->oid, attr->oid_len, result_pool));
svn_stringbuf_appendbyte(buf, '=');
svn_stringbuf_appendcstr(buf, attr->utf8_value);
}
return buf->data;
}
const char *
svn_x509_certinfo_get_subject(const svn_x509_certinfo_t *certinfo,
apr_pool_t *result_pool)
{
return get_dn(certinfo->subject, result_pool);
}
const apr_array_header_t *
svn_x509_certinfo_get_subject_attrs(const svn_x509_certinfo_t *certinfo)
{
return certinfo->subject;
}
const char *
svn_x509_certinfo_get_issuer(const svn_x509_certinfo_t *certinfo,
apr_pool_t *result_pool)
{
return get_dn(certinfo->issuer, result_pool);
}
const apr_array_header_t *
svn_x509_certinfo_get_issuer_attrs(const svn_x509_certinfo_t *certinfo)
{
return certinfo->issuer;
}
apr_time_t
svn_x509_certinfo_get_valid_from(const svn_x509_certinfo_t *certinfo)
{
return certinfo->valid_from;
}
apr_time_t
svn_x509_certinfo_get_valid_to(const svn_x509_certinfo_t *certinfo)
{
return certinfo->valid_to;
}
const svn_checksum_t *
svn_x509_certinfo_get_digest(const svn_x509_certinfo_t *certinfo)
{
return certinfo->digest;
}
const apr_array_header_t *
svn_x509_certinfo_get_hostnames(const svn_x509_certinfo_t *certinfo)
{
return certinfo->hostnames;
}