]> git.saurik.com Git - apple/security.git/blob - SecureTransport/sslUtils.cpp
projects / apple / security.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Security-54.1.3.tar.gz
[apple/security.git] / SecureTransport / sslUtils.cpp
1 /*
2 * Copyright (c) 2000-2001 Apple Computer, Inc. All Rights Reserved.
3 *
4 * The contents of this file constitute Original Code as defined in and are
5 * subject to the Apple Public Source License Version 1.2 (the 'License').
6 * You may not use this file except in compliance with the License. Please obtain
7 * a copy of the License at http://www.apple.com/publicsource and read it before
8 * using this file.
9 *
10 * This Original Code and all software distributed under the License are
11 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS
12 * OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT
13 * LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
14 * PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the
15 * specific language governing rights and limitations under the License.
16 */
17
18
19 /*
20 File: sslutil.c
21
22 Contains: Misc. SSL utility functions
23
24 Written by: Doug Mitchell
25
26 Copyright: (c) 1999 by Apple Computer, Inc., all rights reserved.
27
28 */
29
30 #include "sslContext.h"
31 #include "sslUtils.h"
32 #include "sslMemory.h"
33 #include "sslDebug.h"
34 #include <Security/devrandom.h>
35
36 #include <CoreServices/../Frameworks/CarbonCore.framework/Headers/MacTypes.h>
37 #include <sys/time.h>
38
39 UInt32
40 SSLDecodeInt(const unsigned char *p, int length)
41 { UInt32 val = 0;
42 while (length--)
43 val = (val << 8) | *p++;
44 return val;
45 }
46
47 unsigned char *
48 SSLEncodeInt(unsigned char *p, UInt32 value, int length)
49 { unsigned char *retVal = p + length; /* Return pointer to char after int */
50 assert(length > 0 && length <= 4);
51 while (length--) /* Assemble backwards */
52 { p[length] = (UInt8)value; /* Implicit masking to low byte */
53 value >>= 8;
54 }
55 return retVal;
56 }
57
58 UInt8*
59 SSLEncodeUInt64(UInt8 *p, sslUint64 value)
60 { p = SSLEncodeInt(p, value.high, 4);
61 return SSLEncodeInt(p, value.low, 4);
62 }
63
64
65 void
66 IncrementUInt64(sslUint64 *v)
67 { if (++v->low == 0) /* Must have just rolled over */
68 ++v->high;
69 }
70
71 UInt32
72 SSLGetCertificateChainLength(const SSLCertificate *c)
73 {
74 UInt32 rtn = 0;
75
76 while (c)
77 {
78 rtn++;
79 c = c->next;
80 }
81 return rtn;
82 }
83
84 Boolean sslIsSessionActive(const SSLContext *ctx)
85 {
86 assert(ctx != NULL);
87 switch(ctx->state) {
88 case SSL_HdskStateUninit:
89 case SSL_HdskStateServerUninit:
90 case SSL_HdskStateClientUninit:
91 case SSL_HdskStateGracefulClose:
92 case SSL_HdskStateErrorClose:
93 return false;
94 default:
95 return true;
96 }
97 }
98
99 OSStatus sslDeleteCertificateChain(
100 SSLCertificate *certs,
101 SSLContext *ctx)
102 {
103 SSLCertificate *cert;
104 SSLCertificate *nextCert;
105
106 assert(ctx != NULL);
107 cert=certs;
108 while(cert != NULL) {
109 nextCert = cert->next;
110 SSLFreeBuffer(cert->derCert, ctx);
111 sslFree(cert);
112 cert = nextCert;
113 }
114 return noErr;
115 }
116
117 #if SSL_DEBUG
118
119 const char *protocolVersStr(SSLProtocolVersion prot)
120 {
121 switch(prot) {
122 case SSL_Version_Undetermined: return "SSL_Version_Undetermined";
123 case SSL_Version_3_0_With_2_0_Hello: return "SSL_Version_3_0_With_2_0_Hello";
124 case SSL_Version_3_0_Only: return "SSL_Version_3_0_Only";
125 case SSL_Version_2_0: return "SSL_Version_2_0";
126 case SSL_Version_3_0: return "SSL_Version_3_0";
127 case TLS_Version_1_0: return "TLS_Version_1_0";
128 case TLS_Version_1_0_Only: return "TLS_Version_1_0_Only";
129 default: sslErrorLog("protocolVersStr: bad prot\n"); return "BAD PROTOCOL";
130 }
131 return NULL; /* NOT REACHED */
132 }
133
134 #endif /* SSL_DEBUG */
135
136 /*
137 * Redirect SSLBuffer-based I/O call to user-supplied I/O.
138 */
139 OSStatus sslIoRead(
140 SSLBuffer buf,
141 size_t *actualLength,
142 SSLContext *ctx)
143 {
144 UInt32 dataLength = buf.length;
145 OSStatus ortn;
146
147 *actualLength = 0;
148 ortn = (ctx->ioCtx.read)(ctx->ioCtx.ioRef,
149 buf.data,
150 &dataLength);
151 *actualLength = dataLength;
152 return ortn;
153 }
154
155 OSStatus sslIoWrite(
156 SSLBuffer buf,
157 size_t *actualLength,
158 SSLContext *ctx)
159 {
160 UInt32 dataLength = buf.length;
161 OSStatus ortn;
162
163 *actualLength = 0;
164 ortn = (ctx->ioCtx.write)(ctx->ioCtx.ioRef,
165 buf.data,
166 &dataLength);
167 *actualLength = dataLength;
168 return ortn;
169 }
170
171 OSStatus sslTime(UInt32 *tim)
172 {
173 time_t t;
174 time(&t);
175 *tim = (UInt32)t;
176 return noErr;
177 }
178
179 /*
180 * Common RNG function.
181 */
182 OSStatus sslRand(SSLContext *ctx, SSLBuffer *buf)
183 {
184 OSStatus serr = noErr;
185
186 assert(ctx != NULL);
187 assert(buf != NULL);
188 assert(buf->data != NULL);
189
190 if(buf->length == 0) {
191 sslErrorLog("sslRand: zero buf->length\n");
192 return noErr;
193 }
194 try {
195 Security::DevRandomGenerator devRand(false);
196 devRand.random(buf->data, buf->length);
197 }
198 catch(...) {
199 serr = errSSLCrypto;
200 }
201 return serr;
202 }
203
mirror of Security