[gnome-keyring: 1/3] gcr: Reorganize how gcr oids are generated
- From: Stefan Walter <stefw src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [gnome-keyring: 1/3] gcr: Reorganize how gcr oids are generated
- Date: Wed, 17 Aug 2011 16:40:50 +0000 (UTC)
commit 20e7b94fce5163bc1c4aa73a77872fe9eb547cda
Author: Stef Walter <stefw collabora co uk>
Date: Wed Aug 3 15:08:01 2011 +0200
gcr: Reorganize how gcr oids are generated
* Use script gcr-mkoids to generate oid quark code.
* Call _gcr_oids_init() before using any GCR_OID_XXX symbols.
.gitignore | 1 +
gcr/Makefile.am | 8 +++-
gcr/gcr-certificate-extensions.c | 3 +
gcr/gcr-certificate-renderer.c | 23 +++-------
gcr/gcr-certificate.c | 11 ++---
gcr/gcr-fingerprint.c | 31 ++------------
gcr/gcr-mkoids | 85 ++++++++++++++++++++++++++++++++++++++
gcr/gcr-oids.list | 19 ++++++++
gcr/gcr-parser.c | 57 ++++++++-----------------
9 files changed, 150 insertions(+), 88 deletions(-)
---
diff --git a/.gitignore b/.gitignore
index f014961..8a0cbe8 100644
--- a/.gitignore
+++ b/.gitignore
@@ -111,6 +111,7 @@ run-tests
/gck/tests/test-gck-slot
/gck/tests/test-gck-uri
+/gcr/gcr-oids.[ch]
/gcr/gcr-enum-types.[ch]
/gcr/tests/frob-certificate
/gcr/tests/frob-key
diff --git a/gcr/Makefile.am b/gcr/Makefile.am
index f303598..dd83639 100644
--- a/gcr/Makefile.am
+++ b/gcr/Makefile.am
@@ -70,7 +70,8 @@ INCLUDES = \
BUILT_SOURCES = \
gcr-marshal.c gcr-marshal.h \
- gcr-enum-types.c gcr-enum-types.h
+ gcr-enum-types.c gcr-enum-types.h \
+ gcr-oids.c gcr-oids.h
lib_LTLIBRARIES = libgcr- GCR_MAJOR@.la
@@ -163,6 +164,9 @@ gcr-enum-types.c: $(inc_HEADERS) gcr-enum-types.c.template
$(AM_V_GEN) $(GLIB_MKENUMS) --template $(srcdir)/gcr-enum-types.c.template \
$(inc_HEADERS) > $@
+gcr-oids.c: gcr-oids.list gcr-mkoids
+ $(AM_V_GEN) sh gcr-mkoids -p GCR -c gcr-oids.c -h gcr-oids.h gcr-oids.list
+
pkgconfigdir = $(libdir)/pkgconfig
pkgconfig_DATA = gcr-$(GCR_MAJOR).pc
@@ -175,6 +179,8 @@ gcr-$(GCR_MAJOR).pc: gcr.pc
EXTRA_DIST = \
gcr.pc.in \
gcr-marshal.list \
+ gcr-oids.list \
+ gcr-mkoids \
$(ui_DATA) \
$(conf_DATA) \
gcr-enum-types.h.template \
diff --git a/gcr/gcr-certificate-extensions.c b/gcr/gcr-certificate-extensions.c
index 2c24466..97447e1 100644
--- a/gcr/gcr-certificate-extensions.c
+++ b/gcr/gcr-certificate-extensions.c
@@ -23,6 +23,7 @@
#include "config.h"
#include "gcr-certificate-extensions.h"
+#include "gcr-oids.h"
#include "egg/egg-asn1x.h"
#include "egg/egg-asn1-defs.h"
@@ -207,6 +208,8 @@ _gcr_certificate_extension_subject_alt_name (gconstpointer data, gsize n_data)
GcrGeneralName general;
GNode *choice;
+ _gcr_oids_init ();
+
asn = egg_asn1x_create_and_decode (pkix_asn1_tab, "SubjectAltName", data, n_data);
if (asn == NULL)
return NULL;
diff --git a/gcr/gcr-certificate-renderer.c b/gcr/gcr-certificate-renderer.c
index 9f965aa..558f5ce 100644
--- a/gcr/gcr-certificate-renderer.c
+++ b/gcr/gcr-certificate-renderer.c
@@ -26,6 +26,7 @@
#include "gcr-display-view.h"
#include "gcr-fingerprint.h"
#include "gcr-icons.h"
+#include "gcr-oids.h"
#include "gcr-simple-certificate.h"
#include "gcr-renderer.h"
@@ -76,12 +77,6 @@ G_DEFINE_TYPE_WITH_CODE (GcrCertificateRenderer, gcr_certificate_renderer, G_TYP
G_IMPLEMENT_INTERFACE (GCR_TYPE_CERTIFICATE, gcr_renderer_certificate_iface_init);
);
-static GQuark OID_BASIC_CONSTRAINTS = 0;
-static GQuark OID_EXTENDED_KEY_USAGE = 0;
-static GQuark OID_SUBJECT_KEY_IDENTIFIER = 0;
-static GQuark OID_KEY_USAGE = 0;
-static GQuark OID_SUBJECT_ALT_NAME = 0;
-
/* -----------------------------------------------------------------------------
* INTERNAL
*/
@@ -298,15 +293,15 @@ append_extension (GcrCertificateRenderer *self, GcrDisplayView *view,
value = egg_asn1x_get_raw_value (egg_asn1x_node (node, "extnValue", NULL), &n_value);
/* The custom parsers */
- if (oid == OID_BASIC_CONSTRAINTS)
+ if (oid == GCR_OID_BASIC_CONSTRAINTS)
ret = append_extension_basic_constraints (self, view, value, n_value);
- else if (oid == OID_EXTENDED_KEY_USAGE)
+ else if (oid == GCR_OID_EXTENDED_KEY_USAGE)
ret = append_extension_extended_key_usage (self, view, value, n_value);
- else if (oid == OID_SUBJECT_KEY_IDENTIFIER)
+ else if (oid == GCR_OID_SUBJECT_KEY_IDENTIFIER)
ret = append_extension_subject_key_identifier (self, view, value, n_value);
- else if (oid == OID_KEY_USAGE)
+ else if (oid == GCR_OID_KEY_USAGE)
ret = append_extension_key_usage (self, view, value, n_value);
- else if (oid == OID_SUBJECT_ALT_NAME)
+ else if (oid == GCR_OID_SUBJECT_ALT_NAME)
ret = append_extension_subject_alt_name (self, view, value, n_value);
/* Otherwise the default raw display */
@@ -516,11 +511,7 @@ gcr_certificate_renderer_class_init (GcrCertificateRendererClass *klass)
GObjectClass *gobject_class = G_OBJECT_CLASS (klass);
GckAttributes *registered;
- OID_SUBJECT_KEY_IDENTIFIER = g_quark_from_static_string ("2.5.29.14");
- OID_BASIC_CONSTRAINTS = g_quark_from_static_string ("2.5.29.19");
- OID_EXTENDED_KEY_USAGE = g_quark_from_static_string ("2.5.29.37");
- OID_KEY_USAGE = g_quark_from_static_string ("2.5.29.15");
- OID_SUBJECT_ALT_NAME = g_quark_from_static_string ("2.5.29.17");
+ _gcr_oids_init ();
gcr_certificate_renderer_parent_class = g_type_class_peek_parent (klass);
g_type_class_add_private (klass, sizeof (GcrCertificateRendererPrivate));
diff --git a/gcr/gcr-certificate.c b/gcr/gcr-certificate.c
index 0f4497e..69ae7d2 100644
--- a/gcr/gcr-certificate.c
+++ b/gcr/gcr-certificate.c
@@ -25,6 +25,7 @@
#include "gcr-comparable.h"
#include "gcr-icons.h"
#include "gcr-internal.h"
+#include "gcr-oids.h"
#include "egg/egg-asn1x.h"
#include "egg/egg-asn1-defs.h"
@@ -120,8 +121,6 @@ enum {
*/
static GQuark CERTIFICATE_INFO = 0;
-static GQuark OID_RSA_KEY = 0;
-static GQuark OID_DSA_KEY = 0;
static void
certificate_info_free (gpointer data)
@@ -226,7 +225,7 @@ calculate_key_size (GcrCertificateInfo *info)
g_return_val_if_fail (oid, 0);
/* RSA keys are stored in the main subjectPublicKey field */
- if (oid == OID_RSA_KEY) {
+ if (oid == GCR_OID_PKIX1_RSA) {
/* A bit string so we cannot process in place */
key = egg_asn1x_get_bits_as_raw (egg_asn1x_node (asn, "subjectPublicKey", NULL), NULL, &n_bits);
@@ -235,7 +234,7 @@ calculate_key_size (GcrCertificateInfo *info)
g_free (key);
/* The DSA key size is discovered by the prime in params */
- } else if (oid == OID_DSA_KEY) {
+ } else if (oid == GCR_OID_PKIX1_DSA) {
params = egg_asn1x_get_raw_element (egg_asn1x_node (asn, "algorithm", "parameters", NULL), &n_params);
key_size = calculate_dsa_params_size (params, n_params);
@@ -318,9 +317,9 @@ gcr_certificate_iface_init (gpointer gobject_iface)
static volatile gsize initialized = 0;
if (g_once_init_enter (&initialized)) {
+ _gcr_oids_init ();
+
CERTIFICATE_INFO = g_quark_from_static_string ("_gcr_certificate_certificate_info");
- OID_RSA_KEY = g_quark_from_static_string ("1.2.840.113549.1.1.1");
- OID_DSA_KEY = g_quark_from_static_string ("1.2.840.10040.4.1");
g_object_interface_install_property (gobject_iface,
g_param_spec_string ("label", "Label", "Certificate label",
diff --git a/gcr/gcr-fingerprint.c b/gcr/gcr-fingerprint.c
index 4f93d61..3fd16cb 100644
--- a/gcr/gcr-fingerprint.c
+++ b/gcr/gcr-fingerprint.c
@@ -24,6 +24,7 @@
#include "config.h"
#include "gcr-fingerprint.h"
+#include "gcr-oids.h"
#include "egg/egg-asn1x.h"
#include "egg/egg-asn1-defs.h"
@@ -31,28 +32,6 @@
#include <glib.h>
#include <gcrypt.h>
-static GQuark OID_PKIX1_RSA = 0;
-static GQuark OID_PKIX1_DSA = 0;
-
-static void
-init_quarks (void)
-{
- static volatile gsize quarks_inited = 0;
-
- if (g_once_init_enter (&quarks_inited)) {
-
- #define QUARK(name, value) \
- name = g_quark_from_static_string(value)
-
- QUARK (OID_PKIX1_RSA, "1.2.840.113549.1.1.1");
- QUARK (OID_PKIX1_DSA, "1.2.840.10040.4.1");
-
- #undef QUARK
-
- g_once_init_leave (&quarks_inited, 1);
- }
-}
-
gpointer
_gcr_fingerprint_from_subject_public_key_info (gconstpointer key_info, gsize n_key_info,
GChecksumType checksum_type,
@@ -87,7 +66,7 @@ rsa_subject_public_key_from_attributes (GckAttributes *attrs, GNode *info_asn)
gpointer key, params;
gsize n_key, n_params;
- init_quarks ();
+ _gcr_oids_init ();
key_asn = egg_asn1x_create (pk_asn1_tab, "RSAPublicKey");
g_return_val_if_fail (key_asn, FALSE);
@@ -116,7 +95,7 @@ rsa_subject_public_key_from_attributes (GckAttributes *attrs, GNode *info_asn)
egg_asn1x_set_bits_as_raw (egg_asn1x_node (info_asn, "subjectPublicKey", NULL),
key, n_key * 8, g_free);
- egg_asn1x_set_oid_as_quark (egg_asn1x_node (info_asn, "algorithm", "algorithm", NULL), OID_PKIX1_RSA);
+ egg_asn1x_set_oid_as_quark (egg_asn1x_node (info_asn, "algorithm", "algorithm", NULL), GCR_OID_PKIX1_RSA);
egg_asn1x_set_raw_element (egg_asn1x_node (info_asn, "algorithm", "parameters", NULL),
params, n_params, g_free);
@@ -171,7 +150,7 @@ dsa_subject_public_key_from_attributes (GckAttributes *attrs, GNode *info_asn)
gsize n_key, n_params;
gulong klass;
- init_quarks ();
+ _gcr_oids_init ();
key_asn = egg_asn1x_create (pk_asn1_tab, "DSAPublicPart");
g_return_val_if_fail (key_asn, FALSE);
@@ -219,7 +198,7 @@ dsa_subject_public_key_from_attributes (GckAttributes *attrs, GNode *info_asn)
egg_asn1x_set_raw_element (egg_asn1x_node (info_asn, "algorithm", "parameters", NULL),
params, n_params, g_free);
- egg_asn1x_set_oid_as_quark (egg_asn1x_node (info_asn, "algorithm", "algorithm", NULL), OID_PKIX1_DSA);
+ egg_asn1x_set_oid_as_quark (egg_asn1x_node (info_asn, "algorithm", "algorithm", NULL), GCR_OID_PKIX1_DSA);
return TRUE;
}
diff --git a/gcr/gcr-mkoids b/gcr/gcr-mkoids
new file mode 100644
index 0000000..47d1095
--- /dev/null
+++ b/gcr/gcr-mkoids
@@ -0,0 +1,85 @@
+#!/bin/sh
+
+set -euf
+
+generate_header ()
+{
+ echo "/* WARNING: file is autogenerated */"
+ echo ""
+ echo "#include <glib.h>"
+ echo ""
+ echo "#ifndef ${UPPER}_OIDS_"
+ echo "#define ${UPPER}_OIDS_"
+ echo ""
+ echo "void _${LOWER}_oids_init (void);"
+
+ while read name oid; do
+ if [ -n "$name" ]; then
+ echo "GQuark ${UPPER}_OID_${name};"
+ fi
+ done
+
+ echo ""
+ echo "#endif /* ${UPPER}_OIDS_ */"
+}
+
+generate_source ()
+{
+ echo "/* WARNING: file is autogenerated */"
+ echo ""
+ echo "#include \"$HEADER\""
+ echo ""
+
+ echo "void"
+ echo "_${LOWER}_oids_init (void)"
+ echo "{"
+ echo " static volatile gsize initialized = 0;"
+ echo " if (g_once_init_enter (&initialized)) {"
+
+ while read name oid; do
+ if [ -n "$name" ]; then
+ echo " ${UPPER}_OID_${name} = g_quark_from_static_string (\"${oid}\");"
+ fi
+ done
+
+ echo " g_once_init_leave (&initialized, 1);"
+ echo " }"
+ echo "}"
+}
+
+UPPER="PREFIX"
+LOWER="prefix"
+
+while getopts 'c:h:p:' arg; do
+ case $arg in
+ p)
+ UPPER=$(echo "$OPTARG" | tr '[:lower:]' '[:upper:]')
+ LOWER=$(echo "$OPTARG" | tr '[:upper:]' '[:lower:]')
+ ;;
+ c)
+ SOURCE="$OPTARG"
+ ;;
+ h)
+ HEADER="$OPTARG"
+ ;;
+ *)
+ echo "gcr-mkoids: invalid argument: $arg" >&2
+ exit 2
+ ;;
+ esac
+done
+
+shift $(expr $OPTIND - 1)
+if [ $# -ne 1 ]; then
+ echo "gcr-mkoids: specify input file on command line"
+ exit 2
+fi
+
+INPUT="$1"
+
+if [ -n "$HEADER" ]; then
+ generate_header < $INPUT > $HEADER
+fi
+if [ -n "$SOURCE" ]; then
+ generate_source < $INPUT > $SOURCE
+fi
diff --git a/gcr/gcr-oids.list b/gcr/gcr-oids.list
new file mode 100644
index 0000000..1b87675
--- /dev/null
+++ b/gcr/gcr-oids.list
@@ -0,0 +1,19 @@
+BASIC_CONSTRAINTS 2.5.29.19
+EXTENDED_KEY_USAGE 2.5.29.37
+SUBJECT_KEY_IDENTIFIER 2.5.29.14
+KEY_USAGE 2.5.29.15
+SUBJECT_ALT_NAME 2.5.29.17
+
+PKIX1_RSA 1.2.840.113549.1.1.1
+PKIX1_DSA 1.2.840.10040.4.1
+
+PKCS7_DATA 1.2.840.113549.1.7.1
+PKCS7_SIGNED_DATA 1.2.840.113549.1.7.2
+PKCS7_ENCRYPTED_DATA 1.2.840.113549.1.7.6
+PKCS12_BAG_PKCS8_KEY 1.2.840.113549.1.12.10.1.1
+PKCS12_BAG_PKCS8_ENCRYPTED_KEY 1.2.840.113549.1.12.10.1.2
+PKCS12_BAG_CERTIFICATE 1.2.840.113549.1.12.10.1.3
+PKCS12_BAG_CRL 1.2.840.113549.1.12.10.1.4
+
+ALT_NAME_XMPP_ADDR 1.3.6.1.5.5.7.8.5
+ALT_NAME_DNS_SRV 1.3.6.1.5.5.7.8.7
diff --git a/gcr/gcr-parser.c b/gcr/gcr-parser.c
index e3337c7..48d3a6b 100644
--- a/gcr/gcr-parser.c
+++ b/gcr/gcr-parser.c
@@ -26,6 +26,7 @@
#include "gcr-internal.h"
#include "gcr-importer.h"
#include "gcr-marshal.h"
+#include "gcr-oids.h"
#include "gcr-parser.h"
#include "gcr-types.h"
@@ -179,40 +180,18 @@ static GQuark PEM_PRIVATE_KEY;
static GQuark PEM_PKCS7;
static GQuark PEM_PKCS12;
-/*
- * OIDS
- */
-
-static GQuark OID_PKIX1_RSA;
-static GQuark OID_PKIX1_DSA;
-static GQuark OID_PKCS7_DATA;
-static GQuark OID_PKCS7_SIGNED_DATA;
-static GQuark OID_PKCS7_ENCRYPTED_DATA;
-static GQuark OID_PKCS12_BAG_PKCS8_KEY;
-static GQuark OID_PKCS12_BAG_PKCS8_ENCRYPTED_KEY;
-static GQuark OID_PKCS12_BAG_CERTIFICATE;
-static GQuark OID_PKCS12_BAG_CRL;
-
static void
init_quarks (void)
{
static volatile gsize quarks_inited = 0;
+ _gcr_oids_init ();
+
if (g_once_init_enter (&quarks_inited)) {
#define QUARK(name, value) \
name = g_quark_from_static_string(value)
-
- QUARK (OID_PKIX1_RSA, "1.2.840.113549.1.1.1");
- QUARK (OID_PKIX1_DSA, "1.2.840.10040.4.1");
- QUARK (OID_PKCS7_DATA, "1.2.840.113549.1.7.1");
- QUARK (OID_PKCS7_SIGNED_DATA, "1.2.840.113549.1.7.2");
- QUARK (OID_PKCS7_ENCRYPTED_DATA, "1.2.840.113549.1.7.6");
- QUARK (OID_PKCS12_BAG_PKCS8_KEY, "1.2.840.113549.1.12.10.1.1");
- QUARK (OID_PKCS12_BAG_PKCS8_ENCRYPTED_KEY, "1.2.840.113549.1.12.10.1.2");
- QUARK (OID_PKCS12_BAG_CERTIFICATE, "1.2.840.113549.1.12.10.1.3");
- QUARK (OID_PKCS12_BAG_CRL, "1.2.840.113549.1.12.10.1.4");
-
+
QUARK (PEM_CERTIFICATE, "CERTIFICATE");
QUARK (PEM_PRIVATE_KEY, "PRIVATE KEY");
QUARK (PEM_RSA_PRIVATE_KEY, "RSA PRIVATE KEY");
@@ -533,12 +512,12 @@ parse_der_pkcs8_plain (GcrParser *self, const guchar *data, gsize n_data)
key_type = GCK_INVALID;
key_algo = egg_asn1x_get_oid_as_quark (egg_asn1x_node (asn, "privateKeyAlgorithm", "algorithm", NULL));
- if (!key_algo)
- goto done;
- else if (key_algo == OID_PKIX1_RSA)
- key_type = CKK_RSA;
- else if (key_algo == OID_PKIX1_DSA)
- key_type = CKK_DSA;
+ if (!key_algo)
+ goto done;
+ else if (key_algo == GCR_OID_PKIX1_RSA)
+ key_type = CKK_RSA;
+ else if (key_algo == GCR_OID_PKIX1_DSA)
+ key_type = CKK_DSA;
if (key_type == GCK_INVALID) {
ret = GCR_ERROR_UNRECOGNIZED;
@@ -783,7 +762,7 @@ parse_der_pkcs7 (GcrParser *self, const guchar *data, gsize n_data)
g_return_val_if_fail (oid, GCR_ERROR_FAILURE);
/* Outer most one must just be plain data */
- if (oid != OID_PKCS7_SIGNED_DATA) {
+ if (oid != GCR_OID_PKCS7_SIGNED_DATA) {
g_message ("unsupported outer content type in pkcs7: %s", g_quark_to_string (oid));
goto done;
}
@@ -883,18 +862,18 @@ handle_pkcs12_bag (GcrParser *self, const guchar *data, gsize n_data)
goto done;
/* A normal unencrypted key */
- if (oid == OID_PKCS12_BAG_PKCS8_KEY) {
+ if (oid == GCR_OID_PKCS12_BAG_PKCS8_KEY) {
r = parse_der_pkcs8_plain (self, element, n_element);
/* A properly encrypted key */
- } else if (oid == OID_PKCS12_BAG_PKCS8_ENCRYPTED_KEY) {
+ } else if (oid == GCR_OID_PKCS12_BAG_PKCS8_ENCRYPTED_KEY) {
r = parse_der_pkcs8_encrypted (self, element, n_element);
/* A certificate */
- } else if (oid == OID_PKCS12_BAG_CERTIFICATE) {
+ } else if (oid == GCR_OID_PKCS12_BAG_CERTIFICATE) {
r = handle_pkcs12_cert_bag (self, element, n_element);
- /* TODO: OID_PKCS12_BAG_CRL */
+ /* TODO: GCR_OID_PKCS12_BAG_CRL */
} else {
r = GCR_ERROR_UNRECOGNIZED;
}
@@ -1044,7 +1023,7 @@ handle_pkcs12_safe (GcrParser *self, const guchar *data, gsize n_data)
g_return_val_if_fail (bag, ret);
/* A non encrypted bag, just parse */
- if (oid == OID_PKCS7_DATA) {
+ if (oid == GCR_OID_PKCS7_DATA) {
egg_asn1x_destroy (asn_content);
asn_content = egg_asn1x_create_and_decode (pkix_asn1_tab, "pkcs-7-Data", bag, n_bag);
@@ -1059,7 +1038,7 @@ handle_pkcs12_safe (GcrParser *self, const guchar *data, gsize n_data)
r = handle_pkcs12_bag (self, content, n_content);
/* Encrypted data first needs decryption */
- } else if (oid == OID_PKCS7_ENCRYPTED_DATA) {
+ } else if (oid == GCR_OID_PKCS7_ENCRYPTED_DATA) {
r = handle_pkcs12_encrypted_bag (self, bag, n_bag);
/* Hmmmm, not sure what this is */
@@ -1107,7 +1086,7 @@ parse_der_pkcs12 (GcrParser *self, const guchar *data, gsize n_data)
goto done;
/* Outer most one must just be plain data */
- if (oid != OID_PKCS7_DATA) {
+ if (oid != GCR_OID_PKCS7_DATA) {
g_message ("unsupported safe content type in pkcs12: %s", g_quark_to_string (oid));
goto done;
}
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
