New source files to handle Pkcs7 encryption, decryption, signing, and

2001-04-17  Jeffrey Stedfast  <fejj@ximian.com>

	* camel-pkcs7-context.[c,h]: New source files to handle Pkcs7
	encryption, decryption, signing, and verifying. Not yet
	complete. I'm sensing this is going to take a while seeing as how
	NSS is just so well documented.

svn path=/trunk/; revision=9435

1 files changed, 249 insertions, 0 deletions

diff --git a/camel/camel-pkcs7-context.c b/camel/camel-pkcs7-context.c
new file mode 100644
index 0000000000..e9a629327f
--- /dev/null
+++ b/camel/camel-pkcs7-context.c
@@ -0,0 +1,249 @@
+/* -*- Mode: C; tab-width: 8; indent-tabs-mode: t; c-basic-offset: 8 -*- */
+/*
+ *  Authors: Jeffrey Stedfast <fejj@ximian.com>
+ *
+ *  Copyright 2001 Ximian, Inc. (www.ximian.com)
+ *
+ *  This program is free software; you can redistribute it and/or modify
+ *  it under the terms of the GNU General Public License as published by
+ *  the Free Software Foundation; either version 2 of the License, or
+ *  (at your option) any later version.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU General Public License for more details.
+ *
+ *  You should have received a copy of the GNU General Public License
+ *  along with this program; if not, write to the Free Software
+ *  Foundation, Inc., 59 Temple Street #330, Boston, MA 02111-1307, USA.
+ *
+ */
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+#endif
+
+#include "camel-pkcs7-context.h"
+
+#include "camel-stream-fs.h"
+#include "camel-stream-mem.h"
+
+#include <cert.h>
+#include <secpkcs7.h>
+
+#include <gtk/gtk.h> /* for _() macro */
+
+#define d(x)
+
+struct _CamelPkcs7ContextPrivate {
+	CERTCertDBHandle *certdb;
+};
+
+
+static int                  pkcs7_sign (CamelCipherContext *ctx, const char *userid, CamelCipherHash hash,
+					CamelStream *istream, CamelStream *ostream, CamelException *ex);
+static int                  pkcs7_clearsign (CamelCipherContext *context, const char *userid,
+					     CamelCipherHash hash, CamelStream *istream,
+					     CamelStream *ostream, CamelException *ex);
+static CamelCipherValidity *pkcs7_verify (CamelCipherContext *context, CamelStream *istream,
+					  CamelStream *sigstream, CamelException *ex);
+static int                  pkcs7_encrypt (CamelCipherContext *context, gboolean sign, const char *userid,
+					   GPtrArray *recipients, CamelStream *istream, CamelStream *ostream,
+					   CamelException *ex);
+static int                  pkcs7_decrypt (CamelCipherContext *context, CamelStream *istream,
+					   CamelStream *ostream, CamelException *ex);
+
+
+static CamelCipherContextClass *parent_class;
+
+static void
+camel_pkcs7_context_init (CamelPkcs7Context *context)
+{
+	context->priv = g_new0 (struct _CamelPkcs7ContextPrivate, 1);
+}
+
+static void
+camel_pkcs7_context_finalise (CamelObject *o)
+{
+	CamelPkcs7Context *context = (CamelPkcs7Context *)o;
+	
+	CERT_ClosePermCertDB (context->priv->certdb);
+	g_free (context->priv->certdb);
+	
+	g_free (context->priv);
+}
+
+static void
+camel_pkcs7_context_class_init (CamelPkcs7ContextClass *camel_pkcs7_context_class)
+{
+	CamelCipherContextClass *camel_cipher_context_class =
+		CAMEL_CIPHER_CONTEXT_CLASS (camel_pkcs7_context_class);
+	
+	parent_class = CAMEL_CIPHER_CONTEXT_CLASS (camel_type_get_global_classfuncs (camel_cipher_context_get_type ()));
+	
+	camel_cipher_context_class->sign = pkcs7_sign;
+	camel_cipher_context_class->clearsign = pkcs7_clearsign;
+	camel_cipher_context_class->verify = pkcs7_verify;
+	camel_cipher_context_class->encrypt = pkcs7_encrypt;
+	camel_cipher_context_class->decrypt = pkcs7_decrypt;
+}
+
+CamelType
+camel_pkcs7_context_get_type (void)
+{
+	static CamelType type = CAMEL_INVALID_TYPE;
+	
+	if (type == CAMEL_INVALID_TYPE) {
+		type = camel_type_register (camel_cipher_context_get_type (),
+					    "CamelPkcs7Context",
+					    sizeof (CamelPkcs7Context),
+					    sizeof (CamelPkcs7ContextClass),
+					    (CamelObjectClassInitFunc) camel_pkcs7_context_class_init,
+					    NULL,
+					    (CamelObjectInitFunc) camel_pkcs7_context_init,
+					    (CamelObjectFinalizeFunc) camel_pkcs7_context_finalise);
+	}
+	
+	return type;
+}
+
+
+/**
+ * camel_pkcs7_context_new:
+ * @session: CamelSession
+ * @certdb: certificate db
+ *
+ * This creates a new CamelPkcs7Context object which is used to sign,
+ * verify, encrypt and decrypt streams.
+ *
+ * Return value: the new CamelPkcs7Context
+ **/
+CamelPkcs7Context *
+camel_pkcs7_context_new (CamelSession *session, const char *certdb)
+{
+	CamelPkcs7Context *context;
+	CERTCertDBHandle *handle;
+	
+	g_return_val_if_fail (session != NULL, NULL);
+	
+	context = CAMEL_PKCS7_CONTEXT (camel_object_new (CAMEL_PKCS7_CONTEXT_TYPE));
+	
+	camel_cipher_construct (CAMEL_CIPHER_CONTEXT (context), session);
+	
+	handle = g_new0 (CERTCertDBHandle, 1);
+	if (certdb) {
+		if (!CERT_OpenCertDBFilename (handle, certdb, FALSE)) {
+			g_free (handle);
+			return NULL;
+		}
+	} else {
+		if (!CERT_OpenVolatileCertDB (handle)) {
+			g_free (handle);
+			return NULL;
+		}
+	}
+	
+	context->priv->certdb = handle;
+	
+	return context;
+}
+
+/*----------------------------------------------------------------------*
+ *                     Public crypto functions
+ *----------------------------------------------------------------------*/
+
+static int
+pkcs7_sign (CamelCipherContext *ctx, const char *userid, CamelCipherHash hash,
+	    CamelStream *istream, CamelStream *ostream, CamelException *ex)
+{
+	CamelPkcs7Context *context = CAMEL_PKCS7_CONTEXT (ctx);
+	
+	
+	
+	return -1;
+}
+
+
+static int
+pkcs7_clearsign (CamelCipherContext *ctx, const char *userid, CamelCipherHash hash,
+		 CamelStream *istream, CamelStream *ostream, CamelException *ex)
+{
+	CamelPkcs7Context *context = CAMEL_PKCS7_CONTEXT (ctx);
+	
+	return -1;
+}
+
+static CamelCipherValidity *
+pkcs7_verify (CamelCipherContext *ctx, CamelCipherHash hash, CamelStream *istream,
+	      CamelStream *sigstream, CamelException *ex)
+{
+	CamelPkcs7Context *context = CAMEL_PKCS7_CONTEXT (ctx);
+	CamelCipherValidity *valid = NULL;
+	SEC_PKCS7ContentInfo *cinfo;
+	SECCertUsage certusage;
+	GByteArray *plaintext;
+	CamelStream *stream;
+	
+	/* create our ContentInfo object */
+	stream = camel_stream_mem_new ();
+	camel_stream_write_to_stream (istream, stream);
+	plaintext = CAMEL_STREAM_MEM (stream)->buffer;
+	cinfo = SEC_PKCS7CreateData ();
+	SEC_PKCS7SetContent (cinfo, plaintext->data, plaintext->len);
+	camel_object_unref (CAMEL_OBJECT (stream));
+	
+	certusage = 0;
+	
+	valid = camel_cipher_validity_new ();
+	
+	if (sigstream) {
+		HASH_HashType digest_type;
+		GByteArray *signature;
+		SECItem *digest;
+		
+		switch (hash) {
+		default:
+		case CAMEL_CIPHER_HASH_DEFAULT:
+			digest_type = HASH_AlgNULL;
+			break;
+		case CAMEL_CIPHER_HASH_MD2:
+			digest_type = HASH_AlgMD2;
+			break;
+		case CAMEL_CIPHER_HASH_MD5:
+			digest_type = HASH_AlgMD5;
+			break;
+		case CAMEL_CIPHER_HASH_SHA1:
+			digest_type = HASH_AlgSHA1;
+			break;
+		}
+		
+		valid->valid = SEC_PKCS7VerifyDetachedSignature (cinfo, certusage, digest, digest_type, TRUE);
+	} else {
+		valid->valid = SEC_PKCS7VerifySignature (cinfo, certusage, TRUE);
+	}
+	
+	SEC_PKCS7DestroyContentInfo (cinfo);
+	
+	return valid;
+}
+
+
+static int
+pkcs7_encrypt (CamelCipherContext *ctx, gboolean sign, const char *userid, GPtrArray *recipients,
+	       CamelStream *istream, CamelStream *ostream, CamelException *ex)
+{
+	CamelPkcs7Context *context = CAMEL_PKCS7_CONTEXT (ctx);
+	
+	return -1;
+}
+
+
+static int
+pkcs7_decrypt (CamelCipherContext *ctx, CamelStream *istream,
+	       CamelStream *ostream, CamelException *ex)
+{
+	CamelPkcs7Context *context = CAMEL_PKCS7_CONTEXT (ctx);
+	
+	return -1;
+}