Commit f10af530 authored by Guillaume Beraudo's avatar Guillaume Beraudo
Browse files

Parse certificate chain and key from file

parent e599b301
...@@ -100,16 +100,15 @@ BELLESIP_EXPORT int belle_sip_auth_helper_compute_response_qop_auth( const char* ...@@ -100,16 +100,15 @@ BELLESIP_EXPORT int belle_sip_auth_helper_compute_response_qop_auth( const char*
typedef enum belle_sip_certificate_raw_format { typedef enum belle_sip_certificate_raw_format {
BELLE_SIP_CERTIFICATE_RAW_FORMAT_PEM, /** PEM format*/ BELLE_SIP_CERTIFICATE_RAW_FORMAT_PEM, /** PEM format*/
BELLE_SIP_CERTIFICATE_RAW_FORMAT_DER /** ASN.1 raw format*/ BELLE_SIP_CERTIFICATE_RAW_FORMAT_DER /** ASN.1 raw format*/
}belle_sip_certificate_raw_format_t; }belle_sip_certificate_raw_format_t;/**
/**
* Parse a buffer containing either a certificate chain order in PEM format or a single DER cert * Parse a buffer containing either a certificate chain order in PEM format or a single DER cert
* @param buff raw buffer * @param buff raw buffer
* @param size buffer size * @param size buffer size
* @param format either PEM or DER * @param format either PEM or DER
* @return belle_sip_certificates_chain_t or NUL if cannot be decoded * @return belle_sip_certificates_chain_t or NUL if cannot be decoded
*/ */
BELLESIP_EXPORT belle_sip_certificates_chain_t* belle_sip_certificates_chain_parse(const char* buff, size_t size,belle_sip_certificate_raw_format_t format); BELLESIP_EXPORT belle_sip_certificates_chain_t* belle_sip_certificates_chain_parse(const char* buff, size_t size,belle_sip_certificate_raw_format_t format);
/** /**
* Parse a buffer containing either a private or public rsa key * Parse a buffer containing either a private or public rsa key
* @param buff raw buffer * @param buff raw buffer
...@@ -117,9 +116,24 @@ BELLESIP_EXPORT belle_sip_certificates_chain_t* belle_sip_certificates_chain_par ...@@ -117,9 +116,24 @@ BELLESIP_EXPORT belle_sip_certificates_chain_t* belle_sip_certificates_chain_par
* @param passwd password (optionnal) * @param passwd password (optionnal)
* @return list of belle_sip_signing_key_t or NUL iff cannot be decoded * @return list of belle_sip_signing_key_t or NUL iff cannot be decoded
*/ */
BELLESIP_EXPORT belle_sip_signing_key_t* belle_sip_signing_key_parse(const char* buff, size_t size,const char* passwd); BELLESIP_EXPORT belle_sip_signing_key_t* belle_sip_signing_key_parse(const char* buff, size_t size,const char* passwd);
/**
* Parse a pather containing either a certificate chain order in PEM format or a single DER cert
* @param path file
* @param format either PEM or DER
* @return belle_sip_certificates_chain_t or NUL if cannot be decoded
*/
BELLESIP_EXPORT belle_sip_certificates_chain_t* belle_sip_certificates_chain_parse_file(const char* path, belle_sip_certificate_raw_format_t format);
/**
* Parse a pather containing either a private or public rsa key
* @param path file
* @param passwd password (optionnal)
* @return list of belle_sip_signing_key_t or NUL iff cannot be decoded
*/
BELLESIP_EXPORT belle_sip_signing_key_t* belle_sip_signing_key_parse_file(const char* path, const char* passwd);
BELLE_SIP_END_DECLS BELLE_SIP_END_DECLS
#endif /* AUTHENTICATION_HELPER_H_ */ #endif /* AUTHENTICATION_HELPER_H_ */
...@@ -402,6 +402,22 @@ static int belle_sip_certificate_fill(belle_sip_certificates_chain_t* certificat ...@@ -402,6 +402,22 @@ static int belle_sip_certificate_fill(belle_sip_certificates_chain_t* certificat
#endif #endif
} }
static int belle_sip_certificate_fill_from_file(belle_sip_certificates_chain_t* certificate,const char* path,belle_sip_certificate_raw_format_t format) {
#ifdef HAVE_POLARSSL
int err;
if ((err=x509parse_crtfile(&certificate->cert, path)) <0) {
char tmp[128];
error_strerror(err,tmp,sizeof(tmp));
belle_sip_error("cannot parse x509 cert because [%s]",tmp);
return -1;
}
return 0;
#else /*HAVE_POLARSSL*/
return -1;
#endif
}
/*belle_sip_certificate */ /*belle_sip_certificate */
belle_sip_certificates_chain_t* belle_sip_certificates_chain_parse(const char* buff, size_t size,belle_sip_certificate_raw_format_t format) { belle_sip_certificates_chain_t* belle_sip_certificates_chain_parse(const char* buff, size_t size,belle_sip_certificate_raw_format_t format) {
belle_sip_certificates_chain_t* certificate = belle_sip_object_new(belle_sip_certificates_chain_t); belle_sip_certificates_chain_t* certificate = belle_sip_object_new(belle_sip_certificates_chain_t);
...@@ -412,9 +428,20 @@ belle_sip_certificates_chain_t* belle_sip_certificates_chain_parse(const char* b ...@@ -412,9 +428,20 @@ belle_sip_certificates_chain_t* belle_sip_certificates_chain_parse(const char* b
} }
return certificate; return certificate;
}
belle_sip_certificates_chain_t* belle_sip_certificates_chain_parse_file(const char* path, belle_sip_certificate_raw_format_t format) {
belle_sip_certificates_chain_t* certificate = belle_sip_object_new(belle_sip_certificates_chain_t);
if (belle_sip_certificate_fill_from_file(certificate, path, format)) {
belle_sip_object_unref(certificate);
certificate=NULL;
}
return certificate;
} }
static void belle_sip_certificates_chain_destroy(belle_sip_certificates_chain_t *certificate){ static void belle_sip_certificates_chain_destroy(belle_sip_certificates_chain_t *certificate){
#ifdef HAVE_POLARSSL #ifdef HAVE_POLARSSL
x509_free(&certificate->cert); x509_free(&certificate->cert);
...@@ -448,6 +475,23 @@ belle_sip_signing_key_t* belle_sip_signing_key_parse(const char* buff, size_t si ...@@ -448,6 +475,23 @@ belle_sip_signing_key_t* belle_sip_signing_key_parse(const char* buff, size_t si
#endif #endif
} }
belle_sip_signing_key_t* belle_sip_signing_key_parse_file(const char* path,const char* passwd) {
#ifdef HAVE_POLARSSL
belle_sip_signing_key_t* signing_key = belle_sip_object_new(belle_sip_signing_key_t);
int err;
if ((err=x509parse_keyfile(&signing_key->key,(const unsigned char *)path, passwd)) <0) {
char tmp[128];
error_strerror(err,tmp,sizeof(tmp));
belle_sip_error("cannot parse rsa key because [%s]",tmp);
belle_sip_object_unref(signing_key);
return NULL;
}
return signing_key;
#else /*HAVE_POLARSSL*/
return NULL;
#endif
}
static void belle_sip_signing_key_destroy(belle_sip_signing_key_t *signing_key){ static void belle_sip_signing_key_destroy(belle_sip_signing_key_t *signing_key){
#ifdef HAVE_POLARSSL #ifdef HAVE_POLARSSL
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment