Home Explore Help
Sign In
milislinux
/
milis19
Watch 4
Star 3
Fork 3
Files Issues 6 Pull Requests 0 Wiki
Branch: master
Branches Tags
milis19
/
talimatname
/
1
/
ca-certificates#20190110-1
/
certdata2pem.c

certdata2pem.c 4.4 KB
Permalink History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142 
  1. /* Copyright (C) 2013, Felix Janda <felix.janda@posteo.de>
    2. 

  2. 

  3. Permission to use, copy, modify, and/or distribute this software for
    4. 

  4. any purpose with or without fee is hereby granted, provided that the
    5. 

  5. above copyright notice and this permission notice appear in all copies.
    6. 

  6. 

  7. SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
    8. 

  8. WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
    9. 

  9. MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
    10. 

  10. ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
    11. 

  11. WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
    12. 

  12. ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
    13. 

  13. OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
    14. 

  14. */
    15. 

  15. 

  16. #include <stdio.h>
    17. 

  17. #include <stdlib.h>
    18. 

  18. #include <string.h>
    19. 

  19. #include <err.h>
    20. 

  20. 

  21. void xwrite(FILE *f, void *p, size_t size)
    22. 

  22. {
    23. 

  23.   if (fwrite(p, 1, size, f) != size) err(1, 0);
    24. 

  24. }
    25. 

  25. 

  26. int main(void)
    27. 

  27. {
    28. 

  28.   FILE *f;
    29. 

  29.   char cert[4096], ecert[4096*4/3 + 100];
    30. 

  30.   char *line = 0, *tmp, *filename, *label, *pcert = 0;
    31. 

  31.   ssize_t len;
    32. 

  32.   size_t size, certsize;
    33. 

  33.   int trust;
    34. 

  34.   char **blacklist = 0, **node;
    35. 

  35. 

  36.   filename = "./blacklist.txt";
    37. 

  37.   if (!(f = fopen(filename, "r"))) err(1, "%s", filename);
    38. 

  38.   while ((len = getline(&line, &size, f)) != -1) {
    39. 

  39.     if ((line[0] != '#') && (len > 1)) {
    40. 

  40.       if (!(node = malloc(sizeof(void*) + len))) err(1, 0);
    41. 

  41.       *node = (char*)blacklist;
    42. 

  42.       memcpy(node + 1, line, len);
    43. 

  43.       blacklist = node;
    44. 

  44.     }
    45. 

  45.   }
    46. 

  46.   fclose(f);
    47. 

  47. 

  48.   filename = "./certdata.txt";
    49. 

  49.   if (!(f = fopen(filename, "r"))) err(1, "%s", filename);
    50. 

  50.   while ((len = getline(&line, &size, f)) != -1) {
    51. 

  51.     tmp = line;
    52. 

  52.     if (line[0] == '#') continue;
    53. 

  53.     if (pcert) {
    54. 

  54.       if (!strcmp(line, "END\n")) {
    55. 

  55.         char *base64 = "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
    56. 

  56.                        "abcdefghijklmnopqrstuvwxyz0123456789+/";
    57. 

  57.         size_t i, j, k, val;
    58. 

  58. 

  59.         for (i = 0, val = 0, tmp = ecert; i < (size_t)(pcert - cert); i++) {
    60. 

  60.           val = (val << 8) + (unsigned char)cert[i];
    61. 

  61.           if (i % 3 == 2) {
    62. 

  62.             for (j = 0; j < 4; j++, val >>= 6) tmp[3 - j] = base64[val & 0x3f];
    63. 

  63.             tmp += 4;
    64. 

  64.           }
    65. 

  65.           if (i && !(i % 48)) {
    66. 

  66.             *tmp = '\n';
    67. 

  67.             tmp++;
    68. 

  68.           }
    69. 

  69.         }
    70. 

  70.         if (k = i % 3) {
    71. 

  71.           tmp[2] = '=';
    72. 

  72.           tmp[3] = '=';
    73. 

  73.           val <<= 6 - 2*k;
    74. 

  74.           for (j = 0; j < k + 1; j++, val >>= 6) tmp[k - j] = base64[val & 0x3f];
    75. 

  75.           tmp += 4;
    76. 

  76.         }
    77. 

  77.         certsize = tmp - ecert;
    78. 

  78.         pcert = 0;
    79. 

  79.       } else while (sscanf(tmp, "\\%hho", pcert) == 1) pcert++, tmp += 4;
    80. 

  80.     } else if (!memcmp(line, "CKA_LABEL UTF8 ", 15)) {
    81. 

  81. 

  82.       char *p2, *tmp2;
    83. 

  83.       len -= 15;
    84. 

  84.       if (!(label = malloc(len))) err(1, 0);
    85. 

  85.       memcpy(label, line + 15, len);
    86. 

  86.       trust = 0;
    87. 

  87.       for (node = blacklist; node; node = (char**)*node)
    88. 

  88.         if (!strcmp(label, (char*)(node + 1))) trust = 4;
    89. 

  89.       if (!(p2 = malloc(len + 2))) err(1, 0);
    90. 

  90.       for (tmp = label + 1, tmp2 = p2; *tmp != '"'; tmp++, tmp2++) {
    91. 

  91.         switch (*tmp) {
    92. 

  92.         case '\\':
    93. 

  93.           if (sscanf(tmp, "\\x%hhx", tmp2)!=1) errx(1, "Bad triple: %s\n", tmp);
    94. 

  94.           tmp += 3;
    95. 

  95.           break;
    96. 

  96.         case '/':
    97. 

  97.         case ' ':
    98. 

  98.           *tmp2 = '_';
    99. 

  99.           break;
    100. 

  100.         case '(':
    101. 

  101.         case ')':
    102. 

  102.           *tmp2 = '=';
    103. 

  103.           break;
    104. 

  104.         default:
    105. 

  105.           *tmp2 = *tmp;
    106. 

  106.         }
    107. 

  107.       }
    108. 

  108.       strcpy(tmp2, ".crt");
    109. 

  109.       free(label);
    110. 

  110.       label = p2;
    111. 

  111.     } else if (!strcmp(line, "CKA_VALUE MULTILINE_OCTAL\n")) pcert = cert;
    112. 

  112.     else if (!memcmp(line, "CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_", 39)) {
    113. 

  113.       tmp += 39;
    114. 

  114.       if (!strcmp(tmp, "TRUSTED_DELEGATOR\n")) trust |= 1;
    115. 

  115.       else if (!strcmp(tmp, "NOT_TRUSTED\n")) trust |= 2;
    116. 

  116.     } else if (!memcmp(line,
    117. 

  117.                        "CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_", 44)) {
    118. 

  118.       tmp += 44;
    119. 

  119.       if (!strcmp(tmp, "TRUSTED_DELEGATOR\n")) trust |= 1;
    120. 

  120.       else if (!strcmp(tmp, "NOT_TRUSTED\n")) trust |= 2;
    121. 

  121.       if (!trust) printf("Ignoring %s\n", label);
    122. 

  122.       if (trust == 1) {
    123. 

  123.         FILE *out;
    124. 

  124.         if (!(out = fopen(label, "w"))) err(1, "%s", label);
    125. 

  125.         xwrite(out, "-----BEGIN CERTIFICATE-----\n", 28);
    126. 

  126.         xwrite(out, ecert, certsize);
    127. 

  127.         xwrite(out, "\n-----END CERTIFICATE-----\n", 27);
    128. 

  128.         fclose(out);
    129. 

  129.       }
    130. 

  130.     }
    131. 

  131.   }
    132. 

  132.   fclose(f);
    133. 

  133.   
    134. 

  134.   while (blacklist) {
    135. 

  135.     node = (char**)*blacklist;
    136. 

  136.     free(blacklist);
    137. 

  137.     blacklist = node;
    138. 

  138.   }
    139. 

  139.   free(line);
    140. 

  140.   free(label);
    141. 

  141.   return 0;
    142. 

  142. }
    143.