Commit 01904b00 authored by deuce's avatar deuce
Browse files

Add certificate handling via the CryptCert class.

Also add add_public_key() and get_public_key() methods to CryptKeyset.
Not tested yet, but this should be everything we need to finish up
LetSyncrypt.
parent ff2d69da
This diff is collapsed.
#ifndef _JS_CRYPTCERT_H_
#define _JS_CRYPTCERT_H_
struct js_cryptcert_private_data {
CRYPT_CERTIFICATE cert;
};
JSObject* DLLCALL js_CreateCryptCertObject(JSContext* cx, CRYPT_CERTIFICATE cert);
#endif
......@@ -6,6 +6,7 @@
#include <cryptlib.h>
#include "js_request.h"
#include "js_cryptcon.h"
#include "js_cryptcert.h"
#include "ssl.h"
struct private_data {
......@@ -95,6 +96,50 @@ js_add_private_key(JSContext *cx, uintN argc, jsval *arglist)
return JS_TRUE;
}
static JSBool
js_add_public_key(JSContext *cx, uintN argc, jsval *arglist)
{
struct private_data* p;
struct js_cryptcert_private_data* pcert;
jsval *argv=JS_ARGV(cx, arglist);
int status;
jsrefcount rc;
JSObject *cert;
JSObject *obj=JS_THIS_OBJECT(cx, arglist);
if (!js_argc(cx, argc, 1))
return JS_FALSE;
if (argc > 1) {
JS_ReportError(cx, "Too many arguments");
return JS_FALSE;
}
cert = JSVAL_TO_OBJECT(argv[0]);
if (!JS_InstanceOf(cx, cert, &js_cryptcon_class, NULL)) {
JS_ReportError(cx, "Invalid CryptContext");
return JS_FALSE;
}
if ((p=(struct private_data *)JS_GetPrivate(cx,obj))==NULL) {
JS_ReportError(cx, getprivate_failure, WHERE);
return JS_FALSE;
}
if ((pcert=(struct js_cryptcert_private_data *)JS_GetPrivate(cx,cert))==NULL) {
JS_ReportError(cx, getprivate_failure, WHERE);
return JS_FALSE;
}
rc = JS_SUSPENDREQUEST(cx);
status = cryptAddPublicKey(p->ks, pcert->cert);
JS_RESUMEREQUEST(cx, rc);
if (cryptStatusError(status)) {
JS_ReportError(cx, "Error %d calling cryptAddPublicKey()\n", status);
return JS_FALSE;
}
return JS_TRUE;
}
static JSBool
js_close(JSContext *cx, uintN argc, jsval *arglist)
{
......@@ -226,6 +271,53 @@ js_get_private_key(JSContext *cx, uintN argc, jsval *arglist)
return JS_TRUE;
}
static JSBool
js_get_public_key(JSContext *cx, uintN argc, jsval *arglist)
{
struct private_data* p;
jsval *argv=JS_ARGV(cx, arglist);
int status;
jsrefcount rc;
JSObject *cert;
char* label = NULL;
JSString *jslabel;
CRYPT_CERTIFICATE ncert;
JSObject *obj=JS_THIS_OBJECT(cx, arglist);
if (!js_argc(cx, argc, 1))
return JS_FALSE;
if (argc > 1) {
JS_ReportError(cx, "Too many arguments");
return JS_FALSE;
}
if ((jslabel = JS_ValueToString(cx, argv[0])) == NULL) {
JS_ReportError(cx, "Invalid label");
return JS_FALSE;
}
if ((p=(struct private_data *)JS_GetPrivate(cx,obj))==NULL) {
JS_ReportError(cx, getprivate_failure, WHERE);
return JS_FALSE;
}
JSSTRING_TO_MSTRING(cx, jslabel, label, NULL);
HANDLE_PENDING(cx, label);
rc = JS_SUSPENDREQUEST(cx);
status = cryptGetPublicKey(p->ks, &ncert, CRYPT_KEYID_NAME, label);
free(label);
JS_RESUMEREQUEST(cx, rc);
if (cryptStatusError(status)) {
JS_ReportError(cx, "Error %d calling cryptGetPublicKey()\n", status);
return JS_FALSE;
}
cert = js_CreateCryptCertObject(cx, ncert);
if (cert == NULL)
return JS_FALSE;
JS_SET_RVAL(cx, arglist, OBJECT_TO_JSVAL(cert));
return JS_TRUE;
}
// Properties
static JSBool
......@@ -290,6 +382,10 @@ static jsSyncMethodSpec js_cryptkeyset_functions[] = {
,JSDOCSTR("Add a private key to the keyset, encrypting it with <password>.")
,316
},
{"add_public_key", js_add_public_key, 0, JSTYPE_VOID, "CryptCert"
,JSDOCSTR("Add a public key (certificate) to the keyset.")
,316
},
{"close", js_close, 0, JSTYPE_VOID, ""
,JSDOCSTR("Close the keyset.")
,316
......@@ -302,6 +398,10 @@ static jsSyncMethodSpec js_cryptkeyset_functions[] = {
,JSDOCSTR("Returns a CryptContext from the private key with <label> encrypted with <password>.")
,316
},
{"get_public_key", js_get_public_key, 0, JSTYPE_OBJECT, "label"
,JSDOCSTR("Returns a CryptCert from the public key with <label>.")
,316
},
{0}
};
......
......@@ -258,6 +258,10 @@ BOOL DLLCALL js_CreateCommonObjects(JSContext* js_cx
if(js_CreateCryptKeysetClass(js_cx, *glob)==NULL)
break;
/* CryptCert Class */
if(js_CreateCryptCertClass(js_cx, *glob)==NULL)
break;
success=TRUE;
} while(0);
......
......@@ -1370,6 +1370,10 @@ extern "C" BOOL DLLCALL js_CreateCommonObjects(JSContext* js_cx
if(js_CreateCryptKeysetClass(js_cx, *glob)==NULL)
break;
/* CryptCert Class */
if(js_CreateCryptCertClass(js_cx, *glob)==NULL)
break;
/* Area Objects */
if(!js_CreateUserObjects(js_cx, *glob, cfg, /* user: */NULL, client, /* html_index_fname: */NULL, /* subscan: */NULL))
break;
......
......@@ -45,6 +45,7 @@ OBJS = $(MTOBJODIR)$(DIRSEP)ansiterm$(OFILE) \
$(MTOBJODIR)$(DIRSEP)js_client$(OFILE)\
$(MTOBJODIR)$(DIRSEP)js_com$(OFILE)\
$(MTOBJODIR)$(DIRSEP)js_console$(OFILE)\
$(MTOBJODIR)$(DIRSEP)js_cryptcert$(OFILE)\
$(MTOBJODIR)$(DIRSEP)js_cryptcon$(OFILE)\
$(MTOBJODIR)$(DIRSEP)js_cryptkeyset$(OFILE)\
$(MTOBJODIR)$(DIRSEP)js_file$(OFILE)\
......
......@@ -1337,6 +1337,9 @@ extern "C" {
/* js_cryptkeyset.c */
DLLEXPORT JSObject* DLLCALL js_CreateCryptKeysetClass(JSContext* cx, JSObject* parent);
/* js_cryptcert.c */
DLLEXPORT JSObject* DLLCALL js_CreateCryptCertClass(JSContext* cx, JSObject* parent);
#endif
/* str_util.c */
......
......@@ -807,6 +807,10 @@ js_initcx(JSRuntime* js_runtime, SOCKET sock, service_client_t* service_client,
if(js_CreateCryptKeysetClass(js_cx, *glob)==NULL)
break;
/* CryptCert Class */
if(js_CreateCryptCertClass(js_cx, *glob)==NULL)
break;
/* user-specific objects */
if(!js_CreateUserObjects(js_cx, *glob, &scfg, /*user: */NULL, service_client->client, NULL, service_client->subscan))
break;
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment