• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * This file is part of the openHiTLS project.
3  *
4  * openHiTLS is licensed under the Mulan PSL v2.
5  * You can use this software according to the terms and conditions of the Mulan PSL v2.
6  * You may obtain a copy of Mulan PSL v2 at:
7  *
8  *     http://license.coscl.org.cn/MulanPSL2
9  *
10  * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND,
11  * EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT,
12  * MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE.
13  * See the Mulan PSL v2 for more details.
14  */
15 
16 #include <stdint.h>
17 #include "securec.h"
18 #include "tls_binlog_id.h"
19 #include "bsl_log_internal.h"
20 #include "bsl_log.h"
21 #include "bsl_err_internal.h"
22 #include "bsl_sal.h"
23 #include "hitls_error.h"
24 #include "hitls_cert_reg.h"
25 #include "tls_config.h"
26 #include "cert_method.h"
27 #include "cert_mgr_ctx.h"
28 
SAL_CERT_MgrIsEnable(void)29 bool SAL_CERT_MgrIsEnable(void)
30 {
31 #ifdef HITLS_TLS_FEATURE_PROVIDER
32     return true;
33 #else
34     HITLS_CERT_MgrMethod *method = SAL_CERT_GetMgrMethod();
35     return (method->certStoreNew != NULL);
36 #endif
37 }
38 
SAL_CERT_MgrCtxNew(void)39 CERT_MgrCtx *SAL_CERT_MgrCtxNew(void)
40 {
41     return SAL_CERT_MgrCtxProviderNew(NULL, NULL);
42 }
43 
SAL_CERT_MgrCtxProviderNew(HITLS_Lib_Ctx * libCtx,const char * attrName)44 CERT_MgrCtx *SAL_CERT_MgrCtxProviderNew(HITLS_Lib_Ctx *libCtx, const char *attrName)
45 {
46     CERT_MgrCtx *newCtx = BSL_SAL_Calloc(1, sizeof(CERT_MgrCtx));
47     if (newCtx == NULL) {
48         BSL_ERR_PUSH_ERROR(HITLS_MEMALLOC_FAIL);
49         BSL_LOG_BINLOG_FIXLEN(BINLOG_ID16085, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN,
50             "new cert manager context error: out of memory.", 0, 0, 0, 0);
51         return NULL;
52     }
53     newCtx->currentCertKeyType = TLS_CERT_KEY_TYPE_UNKNOWN;
54     newCtx->certPairs = BSL_HASH_Create(CERT_DEFAULT_HASH_BKT_SIZE, NULL, NULL, NULL, NULL);
55     if (newCtx->certPairs == NULL) {
56         BSL_SAL_FREE(newCtx);
57         BSL_LOG_BINLOG_FIXLEN(BINLOG_ID17338, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN,
58             "new cert manager context error: new certPairs failed.", 0, 0, 0, 0);
59         return NULL;
60     }
61 
62     newCtx->verifyParam.verifyDepth = TLS_DEFAULT_VERIFY_DEPTH;
63 #ifndef HITLS_TLS_FEATURE_PROVIDER
64     HITLS_CERT_MgrMethod *method = SAL_CERT_GetMgrMethod();
65     (void)memcpy_s(&newCtx->method, sizeof(HITLS_CERT_MgrMethod), method, sizeof(HITLS_CERT_MgrMethod));
66 #endif
67     newCtx->certStore = SAL_CERT_StoreNew(newCtx);
68     if (newCtx->certStore == NULL) {
69         BSL_HASH_Destory(newCtx->certPairs);
70         BSL_SAL_FREE(newCtx);
71         BSL_LOG_BINLOG_FIXLEN(BINLOG_ID15016, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN,
72             "new cert manager context error: new store failed.", 0, 0, 0, 0);
73         return NULL;
74     }
75     newCtx->libCtx = libCtx;
76     newCtx->attrName = attrName;
77     return newCtx;
78 }
79 
StoreDup(CERT_MgrCtx * destMgrCtx,CERT_MgrCtx * srcMgrCtx)80 int32_t StoreDup(CERT_MgrCtx *destMgrCtx, CERT_MgrCtx *srcMgrCtx)
81 {
82     if (srcMgrCtx->certStore != NULL) {
83         destMgrCtx->certStore = SAL_CERT_StoreDup(srcMgrCtx, srcMgrCtx->certStore);
84         if (destMgrCtx->certStore == NULL) {
85             /* releasing resources at the call point */
86             return RETURN_ERROR_NUMBER_PROCESS(HITLS_CERT_ERR_STORE_DUP, BINLOG_ID16092, "StoreDup fail");
87         }
88     }
89 
90     if (srcMgrCtx->chainStore != NULL) {
91         destMgrCtx->chainStore = SAL_CERT_StoreDup(srcMgrCtx, srcMgrCtx->chainStore);
92         if (destMgrCtx->chainStore == NULL) {
93             /* releasing resources at the call point */
94             return RETURN_ERROR_NUMBER_PROCESS(HITLS_CERT_ERR_STORE_DUP, BINLOG_ID16093, "StoreDup fail");
95         }
96     }
97 
98     if (srcMgrCtx->verifyStore != NULL) {
99         destMgrCtx->verifyStore = SAL_CERT_StoreDup(srcMgrCtx, srcMgrCtx->verifyStore);
100         if (destMgrCtx->verifyStore == NULL) {
101             /* releasing resources at the call point */
102             return RETURN_ERROR_NUMBER_PROCESS(HITLS_CERT_ERR_STORE_DUP, BINLOG_ID16095, "StoreDup fail");
103         }
104     }
105 
106     return HITLS_SUCCESS;
107 }
108 
SAL_CERT_MgrCtxDup(CERT_MgrCtx * mgrCtx)109 CERT_MgrCtx *SAL_CERT_MgrCtxDup(CERT_MgrCtx *mgrCtx)
110 {
111     int32_t ret;
112     if (mgrCtx == NULL) {
113         BSL_LOG_BINLOG_FIXLEN(BINLOG_ID16282, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN, "mgrCtx null", 0, 0, 0, 0);
114         return NULL;
115     }
116 
117     CERT_MgrCtx *newCtx = BSL_SAL_Calloc(1, sizeof(CERT_MgrCtx));
118     if (newCtx == NULL) {
119         BSL_ERR_PUSH_ERROR(HITLS_MEMALLOC_FAIL);
120         BSL_LOG_BINLOG_FIXLEN(BINLOG_ID16097, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN,
121             "dup cert manager context error: out of memory.", 0, 0, 0, 0);
122         return NULL;
123     }
124 #ifndef HITLS_TLS_FEATURE_PROVIDER
125     (void)memcpy_s(&newCtx->method, sizeof(HITLS_CERT_MgrMethod), &mgrCtx->method, sizeof(HITLS_CERT_MgrMethod));
126 #endif
127     ret = SAL_CERT_HashDup(newCtx, mgrCtx);
128     if (ret != HITLS_SUCCESS) {
129         BSL_LOG_BINLOG_FIXLEN(BINLOG_ID16283, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN,
130             "SAL_CERT_HashDup fail, ret %d", ret, 0, 0, 0);
131         SAL_CERT_MgrCtxFree(newCtx);
132         return NULL;
133     }
134 
135     if (mgrCtx->extraChain != NULL) {
136         newCtx->extraChain = SAL_CERT_ChainDup(mgrCtx, mgrCtx->extraChain);
137         if (newCtx->extraChain == NULL) {
138             BSL_LOG_BINLOG_FIXLEN(BINLOG_ID16284, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN,
139                 "ChainDup fail", 0, 0, 0, 0);
140             SAL_CERT_MgrCtxFree(newCtx);
141             return NULL;
142         }
143     }
144 
145     ret = StoreDup(newCtx, mgrCtx);
146     if (ret != HITLS_SUCCESS) {
147         BSL_LOG_BINLOG_FIXLEN(BINLOG_ID16285, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN,
148             "StoreDup fail, ret %d", ret, 0, 0, 0);
149         SAL_CERT_MgrCtxFree(newCtx);
150         return NULL;
151     }
152 
153     newCtx->currentCertKeyType = mgrCtx->currentCertKeyType;
154     (void)memcpy_s(&newCtx->verifyParam, sizeof(HITLS_CertVerifyParam),
155         &mgrCtx->verifyParam, sizeof(HITLS_CertVerifyParam));
156     newCtx->defaultPasswdCb = mgrCtx->defaultPasswdCb;
157     newCtx->defaultPasswdCbUserData = mgrCtx->defaultPasswdCbUserData;
158     newCtx->verifyCb = mgrCtx->verifyCb;
159 
160     newCtx->libCtx = LIBCTX_FROM_CERT_MGR_CTX(mgrCtx);
161     newCtx->attrName = ATTRIBUTE_FROM_CERT_MGR_CTX(mgrCtx);
162     return newCtx;
163 }
164 
SAL_CERT_MgrCtxFree(CERT_MgrCtx * mgrCtx)165 void SAL_CERT_MgrCtxFree(CERT_MgrCtx *mgrCtx)
166 {
167     if (mgrCtx == NULL) {
168         return;
169     }
170     SAL_CERT_ClearCertAndKey(mgrCtx);
171     SAL_CERT_ChainFree(mgrCtx->extraChain);
172     mgrCtx->extraChain = NULL;
173     SAL_CERT_StoreFree(mgrCtx, mgrCtx->verifyStore);
174     mgrCtx->verifyStore = NULL;
175     SAL_CERT_StoreFree(mgrCtx, mgrCtx->chainStore);
176     mgrCtx->chainStore = NULL;
177     SAL_CERT_StoreFree(mgrCtx, mgrCtx->certStore);
178     mgrCtx->certStore = NULL;
179     BSL_HASH_Destory(mgrCtx->certPairs);
180     mgrCtx->certPairs = NULL;
181     BSL_SAL_FREE(mgrCtx);
182     return;
183 }