source: libabac/abac_util_cert.c @ d0efdec

mei_rt2
Last change on this file since d0efdec was 2e9455f, checked in by Mei <mei@…>, 11 years ago

1) added namespace
2) tweak ?This,
3) allowing linking role/oset as constraining conditions
4) adding access_tests regression testing that uses GENI's access policy
5) added couple multi contexts regression tests
6) add compression/uncompression calls to abac_encode_string/abac_decode_string
(libstrongwan only allows 512 char for attribute rule storage)
7) add attribute_now option to creddy that takes a whole char string for attribute
rule
  • Property mode set to 100644
File size: 2.0 KB
Line 
1/**
2** abac_util_cert.c
3** utility code related process/handling of certificate_t
4**/
5#include <err.h>
6#include <stdlib.h>
7#include <string.h>
8#include <stdio.h>
9#include <assert.h>
10#include <stdarg.h>
11#include <sys/stat.h>
12#include <termios.h>
13#include <unistd.h>
14#include <sys/types.h>
15
16#include <credentials/certificates/certificate.h>
17#include <credentials/certificates/x509.h>
18#include <credentials/keys/private_key.h>
19
20#include "abac_util.h"
21
22static int debug=0;
23
24char *cert_get_keyid(certificate_t *cert) {
25    // get the keyid
26    x509_t *x509 = (x509_t *)cert;
27    chunk_t keyid = x509->get_subjectKeyIdentifier(x509);
28    chunk_t string = chunk_to_hex(keyid, NULL, 0);
29    return (char *)string.ptr;
30}
31
32certificate_t *cert_get_id_cert_from_file(char *filename)
33{
34    certificate_t *cert = lib->creds->create(lib->creds,
35        CRED_CERTIFICATE, CERT_X509,
36        BUILD_FROM_FILE, filename,
37        BUILD_X509_FLAG, X509_AA, // attribute authority, dumb
38        BUILD_END
39    );
40    return cert;
41}
42
43certificate_t *cert_get_id_cert_from_chunk(chunk_t chunk)
44{
45    certificate_t *cert = lib->creds->create(lib->creds,
46        CRED_CERTIFICATE, CERT_X509,
47        BUILD_BLOB_ASN1_DER, chunk,
48        BUILD_X509_FLAG, X509_AA,
49        BUILD_END
50    );
51    return cert;
52}
53
54certificate_t *cert_get_id_cert_from_pem_chunk(chunk_t chunk)
55{
56    certificate_t *cert = lib->creds->create(lib->creds,
57        CRED_CERTIFICATE, CERT_X509,
58        BUILD_BLOB_PEM, chunk,
59        BUILD_X509_FLAG, X509_AA,
60        BUILD_END
61    );
62    return cert;
63}
64
65certificate_t *cert_get_attr_cert_from_file(char *filename)
66{
67    certificate_t *cert = lib->creds->create(lib->creds,
68        CRED_CERTIFICATE, CERT_X509_AC,
69        BUILD_FROM_FILE, filename,
70        BUILD_END
71    );
72    return cert;
73}
74
75
76certificate_t *cert_get_attr_cert_from_chunk(chunk_t chunk)
77{
78    certificate_t *cert = lib->creds->create(lib->creds,
79        CRED_CERTIFICATE, CERT_X509_AC,
80        BUILD_BLOB_ASN1_DER, chunk,
81        BUILD_END
82    );
83    return cert;
84}
85
86
Note: See TracBrowser for help on using the repository browser.