From: Andrew McNab <andrew.mcnab@manchester.ac.uk>
Date: Thu, 23 Mar 2006 11:43:40 +0000 (+0000)
Subject: Add GRSTx509MakeDelegationID
X-Git-Tag: glite-security-gsoap-plugin_R_1_3_0~9
X-Git-Url: http://scientific.zcu.cz/git/?a=commitdiff_plain;h=cb3198717d9c0e2badb861a3ab95cead00d7d230;p=jra1mw.git

Add GRSTx509MakeDelegationID
---

diff --git a/org.gridsite.core/CHANGES b/org.gridsite.core/CHANGES
index ffbbbfb..07a115a 100644
--- a/org.gridsite.core/CHANGES
+++ b/org.gridsite.core/CHANGES
@@ -1,3 +1,5 @@
+* Wed Mar 22 2006 Andrew McNab <Andrew.McNab@man.ac.uk>
+- Add GRSTx509MakeDelegationID() to grst_x509.c
 * Fri Mar 17 2006 Andrew McNab <Andrew.McNab@man.ac.uk>
 - Associate ldconfig %post in spec with -shared RPM
 * Thu Mar 16 2006 Andrew McNab <Andrew.McNab@man.ac.uk>
diff --git a/org.gridsite.core/interface/gridsite.h b/org.gridsite.core/interface/gridsite.h
index d9473a8..a20c473 100644
--- a/org.gridsite.core/interface/gridsite.h
+++ b/org.gridsite.core/interface/gridsite.h
@@ -291,6 +291,7 @@ int GRSTx509MakeProxyCert(char **, FILE *, char *, char *, char *, int);
 char *GRSTx509CachedProxyKeyFind(char *, char *, char *);
 int GRSTx509MakeProxyRequest(char **, char *, char *, char *);
 int GRSTx509StringToChain(STACK_OF(X509) **, char *);
+char *GRSTx509MakeDelegationID(void);
 char *GRSTx509MakeProxyFileName(char *, STACK_OF(X509) *);
 int GRSTx509CacheProxy(char *, char *, char *, char *);
 
diff --git a/org.gridsite.core/src/grst_x509.c b/org.gridsite.core/src/grst_x509.c
index 6054734..b693e98 100644
--- a/org.gridsite.core/src/grst_x509.c
+++ b/org.gridsite.core/src/grst_x509.c
@@ -1226,19 +1226,19 @@ int GRSTx509MakeProxyRequest(char **reqtxt, char *proxydir,
           
   fd = mkstemp(prvkeyfile);
     
-  if ((fp = fdopen(fd, "w")) == NULL) return 1;
+  if ((fp = fdopen(fd, "w")) == NULL) return 2;
                                
   fprintf(fp, "%s\n%s\n", delegation_id, user_dn);
     
   if (!PEM_write_RSAPrivateKey(fp, keypair, NULL, NULL, 0, NULL, NULL))
-                               return 1;
+                               return 3;
   
-  if (fclose(fp) != 0) return 1;
+  if (fclose(fp) != 0) return 4;
   
   /* now create the certificate request */
 
   certreq = X509_REQ_new();
-  if (certreq == NULL) return 1;
+  if (certreq == NULL) return 5;
 
   OpenSSL_add_all_algorithms();
 
@@ -1324,6 +1324,47 @@ int GRSTx509StringToChain(STACK_OF(X509) **certstack, char *certstring)
    return GRST_RET_OK;
 }
 
+/// Returns a Delegation ID based on hash of GRST_CRED_0, ...
+/**
+ *  Returns a malloc'd string with Delegation ID made by SHA1-hashing the
+ *  values of the compact credentials exported by mod_gridsite
+ */
+
+char *GRSTx509MakeDelegationID(void)
+{ 
+  unsigned char hash_delegation_id[EVP_MAX_MD_SIZE];        
+  int  size_needed = 0, i, delegation_id_len;
+  char cred_name[14], *cred_value, *delegation_id;
+  const EVP_MD *m;
+  EVP_MD_CTX ctx;
+
+  OpenSSL_add_all_digests();
+
+  m = EVP_sha1();
+  if (m == NULL) return NULL;
+
+  EVP_DigestInit(&ctx, m);
+
+  for (i=0; i <= 999; ++i)
+     {
+       snprintf(cred_name, sizeof(cred_name), "GRST_CRED_%d", i);       
+       if ((cred_value = getenv(cred_name)) == NULL) break;
+       
+       EVP_DigestUpdate(&ctx, cred_value, strlen(cred_value));
+     }
+     
+  EVP_DigestFinal(&ctx, hash_delegation_id, &delegation_id_len);
+
+  delegation_id = malloc(17);
+
+  for (i=0; i <=7; ++i)
+   sprintf(&delegation_id[i*2], "%02x", hash_delegation_id[i]);
+
+  delegation_id[16] = '\0';
+
+  return delegation_id;
+}
+
 /// Return the short file name for the given delegation_id and user_dn
 /**
  *  Returns a malloc'd string with the short file name (no paths) that