pike.git / lib / modules / Tools.pmod / X509.pmod

version» Context lines:

pike.git/lib/modules/Tools.pmod/X509.pmod:1:   #pike __REAL_VERSION__ + //#pragma strict_types      /* -  * $Id: X509.pmod,v 1.22 2004/01/24 23:29:58 nilsson Exp $ +  * $Id: X509.pmod,v 1.23 2004/01/27 22:01:37 nilsson Exp $    *    * Some random functions for creating RFC-2459 style X.509 certificates.    *    */      #if constant(Standards.ASN1.Types.Sequence)      import Standards.ASN1.Types;   import Standards.PKCS;   
pike.git/lib/modules/Tools.pmod/X509.pmod:52:    if ((asn1->type_name != "UTCTime")    || (sizeof(asn1->value) != 13))    return 0;       sscanf(asn1->value, "%[0-9]s%c", string s, int c);    if ( (sizeof(s) != 12) && (c != 'Z') )    return 0;       /* NOTE: This relies on pike-0.7 not interpreting leading zeros as    * an octal prefix. */ -  mapping m = mkmapping( ({ "year", "mon", "mday", "hour", "min", "sec" }), +  mapping(string:int) m = mkmapping( ({ "year", "mon", "mday", +  "hour", "min", "sec" }),    (array(int)) (s/2));       if (m->year < 50)    m->year += 100;    if ( (m->mon <= 0 ) || (m->mon > 12) )    return 0;    m->mon--;       if ( (m->mday <= 0) || (m->mday > Calendar.ISO.Year(m->year + 1900)    ->month(m->mon + 1)->number_of_days()))
pike.git/lib/modules/Tools.pmod/X509.pmod:128:    extension_sequence(extensions) }) )    : Sequence( ({ serial,    algorithm,    issuer,    validity,    subject,    keyinfo }) ));   }      //! - string make_selfsigned_dsa_certificate(object dsa, int ttl, array name, + string make_selfsigned_dsa_certificate(Crypto.dsa dsa, int ttl, array name,    array|void extensions)   {    Integer serial = Integer(1); /* Hard coded serial number */    int now = time();    Sequence validity = Sequence( ({ make_time(now), make_time(now + ttl) }) );       Sequence signature_algorithm = Sequence( ({ Identifiers.dsa_sha_id }) );       Sequence keyinfo = Sequence(    ({ /* Use an identifier with parameters */
pike.git/lib/modules/Tools.pmod/X509.pmod:155:    dn, keyinfo,    serial, ttl, extensions);       return Sequence(    ({ tbs,    signature_algorithm,    BitString(dsa->sign_ssl(tbs->get_der())) }))->get_der();   }      //! - string rsa_sign_digest(object rsa, object digest_id, string digest) + string rsa_sign_digest(Crypto.rsa rsa, object digest_id, string digest)   {    Sequence digest_info = Sequence( ({ Sequence( ({ digest_id, Null() }) ),    OctetString(digest) }) );    return rsa->raw_sign(digest_info->get_der())->digits(256);   }      //! - int rsa_verify_digest(object rsa, object digest_id, string digest, string s) + int(0..1) rsa_verify_digest(Crypto.rsa rsa, object digest_id, +  string digest, string s)   {    Sequence digest_info = Sequence( ({ Sequence( ({ digest_id, Null() }) ),    OctetString(digest) }) );    return rsa->raw_verify(digest_info->get_der(), Gmp.mpz(s, 256));   }      //! - string make_selfsigned_rsa_certificate(object rsa, int ttl, array name, + string make_selfsigned_rsa_certificate(Crypto.rsa rsa, int ttl, array name,    array|void extensions)   {    Integer serial = Integer(1); /* Hard coded serial number */       int now = time();    Sequence validity = Sequence( ({ make_time(now), make_time(now + ttl) }) );       Sequence signature_algorithm = Sequence( ({ Identifiers.rsa_sha1_id,    Null() }) );   
pike.git/lib/modules/Tools.pmod/X509.pmod:227:       constant type = "rsa";       //!    this_program init(string key) {    rsa = RSA.parse_public_key(key);    return rsa && this;    }       //! -  int(0..1) verify(object algorithm, string msg, string signature) +  int(0..1) verify(Sequence algorithm, string msg, string signature)    {    if (algorithm->get_der() == rsa_md5_algorithm->get_der())    return rsa_verify_digest(rsa, Identifiers.md5_id,   #if constant(Crypto.MD5.name)    Crypto.MD5.hash(msg),   #else    Crypto.md5()->update(msg)->digest(),   #endif    signature);    if (algorithm->get_der() == rsa_sha1_algorithm->get_der())
pike.git/lib/modules/Tools.pmod/X509.pmod:274: Inside #if 0
      constant type = "dsa";       object init(string key)    {    }   }   #endif      //! - Verifier make_verifier(object keyinfo) + Verifier make_verifier(Object _keyinfo)   { -  +  if( _keyinfo->type_name != "SEQUENCE" ) +  return 0; +  Sequence keyinfo = [object(Sequence)]_keyinfo;    if ( (keyinfo->type_name != "SEQUENCE")    || (sizeof(keyinfo->elements) != 2)    || (keyinfo->elements[0]->type_name != "SEQUENCE") -  || !sizeof(keyinfo->elements[0]->elements) +  || !sizeof(([object(Sequence)]keyinfo->elements[0])->elements)    || (keyinfo->elements[1]->type_name != "BIT STRING")    || keyinfo->elements[1]->unused)    return 0;    -  if (keyinfo->elements[0]->elements[0]->get_der() +  if (([object(Sequence)]keyinfo->elements[0])->elements[0]->get_der()    == Identifiers.rsa_id->get_der())    { -  if ( (sizeof(keyinfo->elements[0]->elements) != 2) -  || (keyinfo->elements[0]->elements[1]->get_der() +  if ( (sizeof(([object(Sequence)]keyinfo->elements[0])->elements) != 2) +  || (([object(Sequence)]keyinfo->elements[0])->elements[1]->get_der()    != Null()->get_der()))    return 0;    -  return rsa_verifier()->init(keyinfo->elements[1]->value); +  return rsa_verifier()->init(([object(Sequence)]keyinfo->elements[1]) +  ->value);    }    -  if(keyinfo->elements[0]->elements[0]->get_der() +  if(([object(Sequence)]keyinfo->elements[0])->elements[0]->get_der()    == Identifiers.dsa_sha_id->get_der())    {    /* FIXME: Not implemented */    return 0;    }   }      //!   class TBSCertificate   {
pike.git/lib/modules/Tools.pmod/X509.pmod:329:    object issuer_id;    object subject_id;    object extensions;       this_program init(Object asn1)    {    der = asn1->get_der();    if (asn1->type_name != "SEQUENCE")    return 0;    -  array a = asn1->elements; +  array(Object) a = ([object(Sequence)]asn1)->elements;    X509_WERR("TBSCertificate: sizeof(a) = %d\n", sizeof(a));       if (sizeof(a) < 6)    return 0;       if (sizeof(a) > 6)    {    /* The optional version field must be present */    if (!a[0]->constructed    || (a[0]->get_combined_tag() != make_combined_tag(2, 0))