From 0f436d9a223e24184eaea2a2c4be90151fd3260a Mon Sep 17 00:00:00 2001 From: Jeffrey Stedfast Date: Tue, 17 Apr 2001 22:18:25 +0000 Subject: New source files to handle Pkcs7 encryption, decryption, signing, and 2001-04-17 Jeffrey Stedfast * camel-pkcs7-context.[c,h]: New source files to handle Pkcs7 encryption, decryption, signing, and verifying. Not yet complete. I'm sensing this is going to take a while seeing as how NSS is just so well documented. svn path=/trunk/; revision=9435 --- camel/camel-pkcs7-context.c | 249 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 249 insertions(+) create mode 100644 camel/camel-pkcs7-context.c (limited to 'camel/camel-pkcs7-context.c') diff --git a/camel/camel-pkcs7-context.c b/camel/camel-pkcs7-context.c new file mode 100644 index 0000000000..e9a629327f --- /dev/null +++ b/camel/camel-pkcs7-context.c @@ -0,0 +1,249 @@ +/* -*- Mode: C; tab-width: 8; indent-tabs-mode: t; c-basic-offset: 8 -*- */ +/* + * Authors: Jeffrey Stedfast + * + * Copyright 2001 Ximian, Inc. (www.ximian.com) + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Street #330, Boston, MA 02111-1307, USA. + * + */ + +#ifdef HAVE_CONFIG_H +#include +#endif + +#include "camel-pkcs7-context.h" + +#include "camel-stream-fs.h" +#include "camel-stream-mem.h" + +#include +#include + +#include /* for _() macro */ + +#define d(x) + +struct _CamelPkcs7ContextPrivate { + CERTCertDBHandle *certdb; +}; + + +static int pkcs7_sign (CamelCipherContext *ctx, const char *userid, CamelCipherHash hash, + CamelStream *istream, CamelStream *ostream, CamelException *ex); +static int pkcs7_clearsign (CamelCipherContext *context, const char *userid, + CamelCipherHash hash, CamelStream *istream, + CamelStream *ostream, CamelException *ex); +static CamelCipherValidity *pkcs7_verify (CamelCipherContext *context, CamelStream *istream, + CamelStream *sigstream, CamelException *ex); +static int pkcs7_encrypt (CamelCipherContext *context, gboolean sign, const char *userid, + GPtrArray *recipients, CamelStream *istream, CamelStream *ostream, + CamelException *ex); +static int pkcs7_decrypt (CamelCipherContext *context, CamelStream *istream, + CamelStream *ostream, CamelException *ex); + + +static CamelCipherContextClass *parent_class; + +static void +camel_pkcs7_context_init (CamelPkcs7Context *context) +{ + context->priv = g_new0 (struct _CamelPkcs7ContextPrivate, 1); +} + +static void +camel_pkcs7_context_finalise (CamelObject *o) +{ + CamelPkcs7Context *context = (CamelPkcs7Context *)o; + + CERT_ClosePermCertDB (context->priv->certdb); + g_free (context->priv->certdb); + + g_free (context->priv); +} + +static void +camel_pkcs7_context_class_init (CamelPkcs7ContextClass *camel_pkcs7_context_class) +{ + CamelCipherContextClass *camel_cipher_context_class = + CAMEL_CIPHER_CONTEXT_CLASS (camel_pkcs7_context_class); + + parent_class = CAMEL_CIPHER_CONTEXT_CLASS (camel_type_get_global_classfuncs (camel_cipher_context_get_type ())); + + camel_cipher_context_class->sign = pkcs7_sign; + camel_cipher_context_class->clearsign = pkcs7_clearsign; + camel_cipher_context_class->verify = pkcs7_verify; + camel_cipher_context_class->encrypt = pkcs7_encrypt; + camel_cipher_context_class->decrypt = pkcs7_decrypt; +} + +CamelType +camel_pkcs7_context_get_type (void) +{ + static CamelType type = CAMEL_INVALID_TYPE; + + if (type == CAMEL_INVALID_TYPE) { + type = camel_type_register (camel_cipher_context_get_type (), + "CamelPkcs7Context", + sizeof (CamelPkcs7Context), + sizeof (CamelPkcs7ContextClass), + (CamelObjectClassInitFunc) camel_pkcs7_context_class_init, + NULL, + (CamelObjectInitFunc) camel_pkcs7_context_init, + (CamelObjectFinalizeFunc) camel_pkcs7_context_finalise); + } + + return type; +} + + +/** + * camel_pkcs7_context_new: + * @session: CamelSession + * @certdb: certificate db + * + * This creates a new CamelPkcs7Context object which is used to sign, + * verify, encrypt and decrypt streams. + * + * Return value: the new CamelPkcs7Context + **/ +CamelPkcs7Context * +camel_pkcs7_context_new (CamelSession *session, const char *certdb) +{ + CamelPkcs7Context *context; + CERTCertDBHandle *handle; + + g_return_val_if_fail (session != NULL, NULL); + + context = CAMEL_PKCS7_CONTEXT (camel_object_new (CAMEL_PKCS7_CONTEXT_TYPE)); + + camel_cipher_construct (CAMEL_CIPHER_CONTEXT (context), session); + + handle = g_new0 (CERTCertDBHandle, 1); + if (certdb) { + if (!CERT_OpenCertDBFilename (handle, certdb, FALSE)) { + g_free (handle); + return NULL; + } + } else { + if (!CERT_OpenVolatileCertDB (handle)) { + g_free (handle); + return NULL; + } + } + + context->priv->certdb = handle; + + return context; +} + +/*----------------------------------------------------------------------* + * Public crypto functions + *----------------------------------------------------------------------*/ + +static int +pkcs7_sign (CamelCipherContext *ctx, const char *userid, CamelCipherHash hash, + CamelStream *istream, CamelStream *ostream, CamelException *ex) +{ + CamelPkcs7Context *context = CAMEL_PKCS7_CONTEXT (ctx); + + + + return -1; +} + + +static int +pkcs7_clearsign (CamelCipherContext *ctx, const char *userid, CamelCipherHash hash, + CamelStream *istream, CamelStream *ostream, CamelException *ex) +{ + CamelPkcs7Context *context = CAMEL_PKCS7_CONTEXT (ctx); + + return -1; +} + +static CamelCipherValidity * +pkcs7_verify (CamelCipherContext *ctx, CamelCipherHash hash, CamelStream *istream, + CamelStream *sigstream, CamelException *ex) +{ + CamelPkcs7Context *context = CAMEL_PKCS7_CONTEXT (ctx); + CamelCipherValidity *valid = NULL; + SEC_PKCS7ContentInfo *cinfo; + SECCertUsage certusage; + GByteArray *plaintext; + CamelStream *stream; + + /* create our ContentInfo object */ + stream = camel_stream_mem_new (); + camel_stream_write_to_stream (istream, stream); + plaintext = CAMEL_STREAM_MEM (stream)->buffer; + cinfo = SEC_PKCS7CreateData (); + SEC_PKCS7SetContent (cinfo, plaintext->data, plaintext->len); + camel_object_unref (CAMEL_OBJECT (stream)); + + certusage = 0; + + valid = camel_cipher_validity_new (); + + if (sigstream) { + HASH_HashType digest_type; + GByteArray *signature; + SECItem *digest; + + switch (hash) { + default: + case CAMEL_CIPHER_HASH_DEFAULT: + digest_type = HASH_AlgNULL; + break; + case CAMEL_CIPHER_HASH_MD2: + digest_type = HASH_AlgMD2; + break; + case CAMEL_CIPHER_HASH_MD5: + digest_type = HASH_AlgMD5; + break; + case CAMEL_CIPHER_HASH_SHA1: + digest_type = HASH_AlgSHA1; + break; + } + + valid->valid = SEC_PKCS7VerifyDetachedSignature (cinfo, certusage, digest, digest_type, TRUE); + } else { + valid->valid = SEC_PKCS7VerifySignature (cinfo, certusage, TRUE); + } + + SEC_PKCS7DestroyContentInfo (cinfo); + + return valid; +} + + +static int +pkcs7_encrypt (CamelCipherContext *ctx, gboolean sign, const char *userid, GPtrArray *recipients, + CamelStream *istream, CamelStream *ostream, CamelException *ex) +{ + CamelPkcs7Context *context = CAMEL_PKCS7_CONTEXT (ctx); + + return -1; +} + + +static int +pkcs7_decrypt (CamelCipherContext *ctx, CamelStream *istream, + CamelStream *ostream, CamelException *ex) +{ + CamelPkcs7Context *context = CAMEL_PKCS7_CONTEXT (ctx); + + return -1; +} -- cgit