ccn_keystore.c

Go to the documentation of this file.
00001 /**
00002  * @file ccn_keystore.c
00003  * @brief Support for keystore access.
00004  * 
00005  * Part of the CCNx C Library.
00006  *
00007  * Copyright (C) 2009 Palo Alto Research Center, Inc.
00008  *
00009  * This library is free software; you can redistribute it and/or modify it
00010  * under the terms of the GNU Lesser General Public License version 2.1
00011  * as published by the Free Software Foundation.
00012  * This library is distributed in the hope that it will be useful,
00013  * but WITHOUT ANY WARRANTY; without even the implied warranty of
00014  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
00015  * Lesser General Public License for more details. You should have received
00016  * a copy of the GNU Lesser General Public License along with this library;
00017  * if not, write to the Free Software Foundation, Inc., 51 Franklin Street,
00018  * Fifth Floor, Boston, MA 02110-1301 USA.
00019  */
00020 #include <stdio.h>
00021 #include <stdlib.h>
00022 #include <openssl/pkcs12.h>
00023 #include <openssl/sha.h>
00024 
00025 #include <ccn/keystore.h>
00026 
00027 struct ccn_keystore {
00028     int initialized;
00029     EVP_PKEY *private_key;
00030     EVP_PKEY *public_key;
00031     X509 *certificate;
00032     ssize_t pubkey_digest_length;
00033     unsigned char pubkey_digest[SHA256_DIGEST_LENGTH];
00034 };
00035 
00036 struct ccn_keystore *
00037 ccn_keystore_create(void)
00038 {
00039     struct ccn_keystore *res = calloc(1, sizeof(*res));
00040     return (res);
00041 }
00042 
00043 void
00044 ccn_keystore_destroy(struct ccn_keystore **p)
00045 {
00046     if (*p != NULL) {
00047         if ((*p)->private_key != NULL)
00048             EVP_PKEY_free((*p)->private_key);
00049         if ((*p)->public_key != NULL)
00050             EVP_PKEY_free((*p)->public_key);
00051         if ((*p)->certificate != NULL)
00052             X509_free((*p)->certificate);
00053         free(*p);
00054         *p = NULL;
00055     }
00056 }
00057 
00058 int
00059 ccn_keystore_init(struct ccn_keystore *p, char *name, char *password)
00060 {
00061     FILE *fp;
00062     PKCS12 *keystore;
00063     int res;
00064 
00065     OpenSSL_add_all_algorithms();
00066     fp = fopen(name, "rb");
00067     if (fp == NULL)
00068         return (-1);
00069 
00070     keystore = d2i_PKCS12_fp(fp, NULL);
00071     fclose(fp);
00072     if (keystore == NULL)
00073         return (-1);
00074 
00075     res = PKCS12_parse(keystore, password, &(p->private_key), &(p->certificate), NULL);
00076     PKCS12_free(keystore);
00077     if (res == 0) {
00078         return (-1);
00079     }
00080     p->public_key = X509_get_pubkey(p->certificate);
00081     /* cache the public key digest to avoid work later */
00082     if (1 != ASN1_item_digest(ASN1_ITEM_rptr(X509_PUBKEY), EVP_sha256(),
00083                               X509_get_X509_PUBKEY(p->certificate),
00084                               p->pubkey_digest, NULL)) return (-1);
00085     p->pubkey_digest_length = SHA256_DIGEST_LENGTH;
00086     p->initialized = 1;
00087     return (0);
00088 }
00089 
00090 const struct ccn_pkey *
00091 ccn_keystore_private_key(struct ccn_keystore *p)
00092 {
00093     if (0 == p->initialized)
00094         return (NULL);
00095 
00096     return ((const struct ccn_pkey *)(p->private_key));
00097 }
00098 
00099 const struct ccn_pkey *
00100 ccn_keystore_public_key(struct ccn_keystore *p)
00101 {
00102     if (0 == p->initialized)
00103         return (NULL);
00104 
00105     return ((const struct ccn_pkey *)(p->public_key));
00106 }
00107 
00108 ssize_t
00109 ccn_keystore_public_key_digest_length(struct ccn_keystore *p)
00110 {
00111     return ((0 == p->initialized) ? -1 : p->pubkey_digest_length);
00112 }
00113 
00114 const unsigned char *
00115 ccn_keystore_public_key_digest(struct ccn_keystore *p)
00116 {
00117     if (0 == p->initialized)
00118         return (NULL);
00119     return (p->pubkey_digest);
00120 }
00121 
00122 const struct ccn_certificate *
00123 ccn_keystore_certificate(struct ccn_keystore *p)
00124 {
00125     if (0 == p->initialized)
00126         return (NULL);
00127 
00128     return ((const void *)(p->certificate));
00129 }
Generated on Fri May 13 16:27:02 2011 for Content-Centric Networking in C by  doxygen 1.6.3