~ubuntu-branches/ubuntu/trusty/libtasn1-3/trusty

« back to all changes in this revision

Viewing changes to src/CrlExample.c

Committer: Bazaar Package Importer
Author(s): Andreas Metzler
Date: 2006-06-07 20:14:52 UTC
Revision ID: james.westby@ubuntu.com-20060607201452-7a9dojyu7i2kfbyp

Tags: upstream-0.3.4

Import upstream version 0.3.4

files added:

AUTHORS

COPYING

COPYING.LIB

ChangeLog

INSTALL

Makefile.am

Makefile.in

NEWS

README

THANKS

aclocal.m4

config.guess

config.h.in

config.sub

configure

configure.in

depcomp

doc/Makefile.am

doc/Makefile.in

doc/TODO

doc/asn1Coding.1

doc/asn1Decoding.1

doc/asn1Parser.1

doc/fdl.texi

doc/gdoc

doc/libtasn1.html

doc/libtasn1.info

doc/libtasn1.pdf

doc/libtasn1.ps

doc/libtasn1.texi

doc/man

doc/man/asn1_array2tree.3

doc/man/asn1_bit_der.3

doc/man/asn1_check_version.3

doc/man/asn1_copy_node.3

doc/man/asn1_create_element.3

doc/man/asn1_delete_element.3

doc/man/asn1_delete_structure.3

doc/man/asn1_der_coding.3

doc/man/asn1_der_decoding.3

doc/man/asn1_der_decoding_element.3

doc/man/asn1_der_decoding_startEnd.3

doc/man/asn1_expand_any_defined_by.3

doc/man/asn1_expand_octet_string.3

doc/man/asn1_find_node.3

doc/man/asn1_find_structure_from_oid.3

doc/man/asn1_get_bit_der.3

doc/man/asn1_get_length_der.3

doc/man/asn1_get_octet_der.3

doc/man/asn1_get_tag_der.3

doc/man/asn1_length_der.3

doc/man/asn1_number_of_elements.3

doc/man/asn1_octet_der.3

doc/man/asn1_parser2array.3

doc/man/asn1_parser2tree.3

doc/man/asn1_print_structure.3

doc/man/asn1_read_tag.3

doc/man/asn1_read_value.3

doc/man/asn1_write_value.3

doc/man/libtasn1_perror.3

doc/man/libtasn1_strerror.3

doc/mdate-sh

doc/reference

doc/reference/Makefile.am

doc/reference/Makefile.in

doc/reference/html

doc/reference/html/ch01.html

doc/reference/html/home.png

doc/reference/html/index.html

doc/reference/html/index.sgml

doc/reference/html/left.png

doc/reference/html/libtasn1-libtasn1.html

doc/reference/html/libtasn1.devhelp

doc/reference/html/libtasn1.devhelp2

doc/reference/html/right.png

doc/reference/html/style.css

doc/reference/html/up.png

doc/reference/libtasn1-docs.sgml

doc/reference/libtasn1-overrides.txt

doc/reference/libtasn1-sections.txt

doc/reference/tmpl

doc/reference/tmpl/libtasn1-unused.sgml

doc/reference/tmpl/libtasn1.sgml

doc/reference/xml

doc/reference/xml/libtasn1.xml

doc/stamp-vti

doc/texi

doc/texi/ASN1.c.texi

doc/texi/asn1_array2tree.texi

doc/texi/asn1_bit_der.texi

doc/texi/asn1_check_version.texi

doc/texi/asn1_copy_node.texi

doc/texi/asn1_create_element.texi

doc/texi/asn1_delete_element.texi

doc/texi/asn1_delete_structure.texi

doc/texi/asn1_der_coding.texi

doc/texi/asn1_der_decoding.texi

doc/texi/asn1_der_decoding_element.texi

doc/texi/asn1_der_decoding_startEnd.texi

doc/texi/asn1_expand_any_defined_by.texi

doc/texi/asn1_expand_octet_string.texi

doc/texi/asn1_find_node.texi

doc/texi/asn1_find_structure_from_oid.texi

doc/texi/asn1_get_bit_der.texi

doc/texi/asn1_get_length_der.texi

doc/texi/asn1_get_octet_der.texi

doc/texi/asn1_get_tag_der.texi

doc/texi/asn1_length_der.texi

doc/texi/asn1_number_of_elements.texi

doc/texi/asn1_octet_der.texi

doc/texi/asn1_parser2array.texi

doc/texi/asn1_parser2tree.texi

doc/texi/asn1_print_structure.texi

doc/texi/asn1_read_tag.texi

doc/texi/asn1_read_value.texi

doc/texi/asn1_write_value.texi

doc/texi/coding.c.texi

doc/texi/decoding.c.texi

doc/texi/element.c.texi

doc/texi/errors.c.texi

doc/texi/gstr.c.texi

doc/texi/libtasn1_perror.texi

doc/texi/libtasn1_strerror.texi

doc/texi/parser_aux.c.texi

doc/texi/structure.c.texi

doc/texinfo.tex

doc/version.texi

gl/m4

gl/m4/getopt.m4

gl/m4/gnulib-comp.m4

gl/m4/memmove.m4

gl/m4/onceonly_2_57.m4

gl/m4/strdup.m4

gl/m4/unistd_h.m4

gtk-doc.make

install-sh

lib/ASN1.c

lib/ASN1.y

lib/Makefile.am

lib/Makefile.in

lib/coding.c

lib/decoding.c

lib/defines.h

lib/element.c

lib/element.h

lib/errors.c

lib/errors.h

lib/gstr.c

lib/gstr.h

lib/int.h

lib/libtasn1-config.in

lib/libtasn1.h

lib/libtasn1.m4

lib/libtasn1.pc.in

lib/libtasn1.vers

lib/mem.h

lib/parser_aux.c

lib/parser_aux.h

lib/structure.c

lib/structure.h

ltmain.sh

m4/autobuild.m4

m4/gtk-doc.m4

missing

src/CertificateExample.c

src/CrlExample.c

src/Makefile.am

src/Makefile.in

src/asn1Coding.c

src/asn1Coding_test.asg

src/asn1Coding_test.asn

src/asn1Decoding.c

src/asn1Parser.c

src/pkix.asn

src/pkix_asn1_tab.c

tests

tests/Makefile.am

tests/Makefile.in

tests/Test_encoding.asn

tests/Test_encoding.c

tests/Test_parser.asn

tests/Test_parser.c

tests/Test_tree.asn

tests/Test_tree.c

tests/Test_tree_asn1_tab.c

windows

windows/asn1-parser

windows/asn1-parser/asn1-parser.vcproj

windows/asn1-parser/config.h

windows/gnulib

windows/gnulib/getopt.h

windows/gnulib/gnulib.vcproj

windows/libtasn1

windows/libtasn1.ncb

windows/libtasn1.sln

windows/libtasn1.suo

windows/libtasn1/libtasn1.vcproj

windows/test-parser

windows/test-parser/test-parser.vcproj

windows/test-tree

windows/test-tree/test-tree.vcproj

Show diffs side-by-side

added added

removed removed

src/CrlExample.c

* This file is part of LIBTASN1.

* This program is free software; you can redistribute it and/or

* modify it under the terms of the GNU General Public License as

* published by the Free Software Foundation; either version 2 of the

* License, or (at your option) any later version.

* This program is distributed in the hope that it will be useful, but

* WITHOUT ANY WARRANTY; without even the implied warranty of

* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU

* General Public License for more details.

* You should have received a copy of the GNU General Public License

* along with this program; if not, write to the Free Software

* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA

* 02110-1301, USA

/*****************************************************/

/* File: CrlExample.c */

/* Description: An example on how to use the ASN1 */

/* parser with the Certificate.txt file */

/*****************************************************/

#include <stdio.h>

#include <string.h>

#include <stdlib.h>

#include "libtasn1.h"

char *

my_ltostr(long v,char *str)

{

long d,r;

char temp[20];

int count,k,start;

if(v<0){

str[0]='-';

start=1;

v=-v;

}

else start=0;

count=0;

do{

d=v/10;

r=v-d*10;

temp[start+count]='0'+(char)r;

count++;

v=d;

}while(v);

for(k=0;k<count;k++) str[k+start]=temp[start+count-k-1];

str[count+start]=0;

return str;

}

/******************************************************/

/* Function : get_name_type */

/* Description: analyze a structure of type Name */

/* Parameters: */

/* char *root: the structure identifier */

/* char *answer: the string with elements like: */

/* "C=US O=gov" */

/******************************************************/

void

get_Name_type(node_asn *cert_def,node_asn *cert,char *root, char *answer)

{

int k,k2,result,len;

char name[128],str[1024],str2[1024],name2[128],counter[5],name3[128];

ASN1_TYPE value=ASN1_TYPE_EMPTY;

char errorDescription[MAX_ERROR_DESCRIPTION_SIZE];

answer[0]=0;

k=1;

do{

strcpy(name,root);

strcat(name,".rdnSequence.?");

my_ltostr(k,counter);

strcat(name,counter);

len = sizeof(str)-1;

result=asn1_read_value(cert,name,str,&len);

if(result==ASN1_ELEMENT_NOT_FOUND) break;

k2=1;

do{

strcpy(name2,name);

strcat(name2,".?");

my_ltostr(k2,counter);

strcat(name2,counter);

100

len = sizeof(str)-1;

101

result=asn1_read_value(cert,name2,str,&len);

102

if(result==ASN1_ELEMENT_NOT_FOUND) break;

103

strcpy(name3,name2);

104

strcat(name3,".type");

105

106

len = sizeof(str)-1;

107

result=asn1_read_value(cert,name3,str,&len);

108

strcpy(name3,name2);

109

strcat(name3,".value");

110

if(result==ASN1_SUCCESS){

111

len = sizeof(str2);

112

result=asn1_read_value(cert_def,"PKIX1Implicit88.id-at-countryName",

113

str2,&len);

114

if(!strcmp(str,str2)){

115

asn1_create_element(cert_def,"PKIX1Implicit88.X520OrganizationName",

116

&value);

117

len = sizeof(str)-1;

118

asn1_read_value(cert,name3,str,&len);

119

result=asn1_der_decoding(&value,str,len,errorDescription);

120

121

len = sizeof(str)-1;

122

asn1_read_value(value,"",str,&len); /* CHOICE */

123

124

strcpy(name3,str);

125

126

len = sizeof(str)-1;

127

asn1_read_value(value,name3,str,&len);

128

str[len]=0;

129

strcat(answer," C=");

130

strcat(answer,str);

131

132

asn1_delete_structure(&value);

133

}

134

else{

135

len = sizeof(str2);

136

result=asn1_read_value(cert_def,"PKIX1Implicit88.id-at-organizationName"

137

,str2,&len);

138

if(!strcmp(str,str2)){

139

asn1_create_element(cert_def,"PKIX1Implicit88.X520OrganizationName"

140

,&value);

141

142

len = sizeof(str)-1;

143

asn1_read_value(cert,name3,str,&len);

144

asn1_der_decoding(&value,str,len,errorDescription);

145

len = sizeof(str)-1;

146

asn1_read_value(value,"",str,&len); /* CHOICE */

147

strcpy(name3,str);

148

len = sizeof(str)-1;

149

asn1_read_value(value,name3,str,&len);

150

str[len]=0;

151

strcat(answer," O=");

152

strcat(answer,str);

153

asn1_delete_structure(&value);

154

}

155

else{

156

len = sizeof(str2);

157

result=asn1_read_value(cert_def,"PKIX1Implicit88.id-at-organizationalUnitName",str2,&len);

158

if(!strcmp(str,str2)){

159

asn1_create_element(cert_def,"PKIX1Implicit88.X520OrganizationalUnitName",&value);

160

len = sizeof(str)-1;

161

asn1_read_value(cert,name3,str,&len);

162

asn1_der_decoding(&value,str,len,errorDescription);

163

len = sizeof(str)-1;

164

asn1_read_value(value,"",str,&len); /* CHOICE */

165

strcpy(name3,str);

166

len = sizeof(str)-1;

167

asn1_read_value(value,name3,str,&len);

168

str[len]=0;

169

strcat(answer," OU=");

170

strcat(answer,str);

171

asn1_delete_structure(&value);

172

}

173

}

174

}

175

}

176

k2++;

177

}while(1);

178

k++;

179

}while(1);

180

}

181

182

183

/******************************************************/

184

/* Function : create_certificate */

185

/* Description: creates a certificate named */

186

/* "certificate1". Values are the same */

187

/* as in rfc2459 Appendix D.1 */

188

/* Parameters: */

189

/* unsigned char *der: contains the der encoding */

190

/* int *der_len: number of bytes of der string */

191

/******************************************************/

192

void

193

create_CRL(node_asn *cert_def, unsigned char *der,int *der_len)

194

{

195

int result,k,len;

196

unsigned char str[1024],*str2;

197

ASN1_TYPE crl=ASN1_TYPE_EMPTY;

198

ASN1_TYPE value=ASN1_TYPE_EMPTY;

199

char errorDescription[MAX_ERROR_DESCRIPTION_SIZE];

200

int max_len;

201

202

max_len=*der_len;

203

204

result=asn1_create_element(cert_def,"PKIX1Implicit88.CertificateList",&crl);

205

206

/* Use the next 3 lines to visit the empty certificate */

207

/* printf("-----------------\n");

208

asn1_visit_tree(crl,"");

209

printf("-----------------\n"); */

210

211

212

/* version: v2(1) */

213

result=asn1_write_value(crl,"tbsCertList.version","v2",0);

214

215

216

/* signature: dsa-with-sha */

217

len = sizeof(str)-1;

218

result=asn1_read_value(cert_def,"PKIX1Implicit88.id-dsa-with-sha1",str,&len);

219

result=asn1_write_value(crl,"tbsCertList.signature.algorithm",str,1);

220

result=asn1_write_value(crl,"tbsCertList.signature.parameters",NULL,0);

221

222

223

/* issuer: Country="US" Organization="gov" OrganizationUnit="nist" */

224

result=asn1_write_value(crl,"tbsCertList.issuer","rdnSequence",1);

225

226

result=asn1_write_value(crl,"tbsCertList.issuer.rdnSequence","NEW",1);

227

result=asn1_write_value(crl,"tbsCertList.issuer.rdnSequence.?LAST","NEW",1);

228

/* C */

229

len = sizeof(str)-1;

230

result=asn1_read_value(cert_def,"PKIX1Implicit88.id-at-countryName",str,&len);

231

result=asn1_write_value(crl,"tbsCertList.issuer.rdnSequence.?LAST.?LAST.type",str,1);

232

result=asn1_create_element(cert_def,"PKIX1Implicit88.X520countryName",

233

&value);

234

result=asn1_write_value(value,"","US",2);

235

*der_len=max_len;

236

result=asn1_der_coding(value,"",der,der_len,errorDescription);

237

238

asn1_delete_structure(&value);

239

result=asn1_write_value(crl,"tbsCertList.issuer.rdnSequence.?LAST.?LAST.value",der,*der_len);

240

241

242

result=asn1_write_value(crl,"tbsCertList.issuer.rdnSequence","NEW",4);

243

result=asn1_write_value(crl,"tbsCertList.issuer.rdnSequence.?LAST","NEW",4);

244

/* O */

245

len = sizeof(str)-1;

246

result=asn1_read_value(cert_def,"PKIX1Implicit88.id-at-organizationName",str,&len);

247

result=asn1_write_value(crl,"tbsCertList.issuer.rdnSequence.?LAST.?LAST.type",str,8);

248

result=asn1_create_element(cert_def,"PKIX1Implicit88.X520OrganizationName",

249

&value);

250

result=asn1_write_value(value,"","printableString",1);

251

result=asn1_write_value(value,"printableString","gov",3);

252

*der_len=max_len;

253

result=asn1_der_coding(value,"",der,der_len,errorDescription);

254

asn1_delete_structure(&value);

255

result=asn1_write_value(crl,"tbsCertList.issuer.rdnSequence.?LAST.?LAST.value",der,*der_len);

256

257

258

result=asn1_write_value(crl,"tbsCertList.issuer.rdnSequence","NEW",1);

259

result=asn1_write_value(crl,"tbsCertList.issuer.rdnSequence.?LAST","NEW",1);

260

/* OU */

261

len = sizeof(str)-1;

262

result=asn1_read_value(cert_def,"PKIX1Implicit88.id-at-organizationalUnitName",

263

str,&len);

264

result=asn1_write_value(crl,"tbsCertList.issuer.rdnSequence.?LAST.?LAST.type",str,1);

265

result=asn1_create_element(cert_def,"PKIX1Implicit88.X520OrganizationalUnitName",&value);

266

result=asn1_write_value(value,"","printableString",1);

267

result=asn1_write_value(value,"printableString","nist",4);

268

*der_len=max_len;

269

result=asn1_der_coding(value,"",der,der_len,errorDescription);

270

asn1_delete_structure(&value);

271

result=asn1_write_value(crl,"tbsCertList.issuer.rdnSequence.?LAST.?LAST.value",der,*der_len);

272

273

274

/* validity */

275

result=asn1_write_value(crl,"tbsCertList.thisUpdate","utcTime",1);

276

result=asn1_write_value(crl,"tbsCertList.thisUpdate.utcTime","970801000000Z",1);

277

278

result=asn1_write_value(crl,"tbsCertList.nextUpdate","utcTime",1);

279

result=asn1_write_value(crl,"tbsCertList.nextUpdate.utcTime","970808000000Z",1);

280

281

282

/* revokedCertificates */

283

result=asn1_write_value(crl,"tbsCertList.revokedCertificates","NEW",1);

284

str[0]=18;

285

result=asn1_write_value(crl,"tbsCertList.revokedCertificates.?LAST.userCertificate",str,1);

286

result=asn1_write_value(crl,"tbsCertList.revokedCertificates.?LAST.revocationDate","utcTime",1);

287

result=asn1_write_value(crl,"tbsCertList.revokedCertificates.?LAST.revocationDate.utcTime","970731000000Z",1);

288

289

result=asn1_write_value(crl,"tbsCertList.revokedCertificates.?LAST.crlEntryExtensions","NEW",1);

290

len = sizeof(str)-1;

291

result=asn1_read_value(cert_def,"PKIX1Implicit88.id-ce-cRLReasons",

292

str,&len);

293

result=asn1_write_value(crl,"tbsCertList.revokedCertificates.?LAST.crlEntryExtensions.?LAST.extnID",str,1); /* reasonCode */

294

result=asn1_write_value(crl,"tbsCertList.revokedCertificates.?LAST.crlEntryExtensions.?LAST.critical","FALSE",1);

295

str2="\x0a\x01\x01";

296

result=asn1_write_value(crl,"tbsCertList.revokedCertificates.?LAST.crlEntryExtensions.?LAST.extnValue",str2,3);

297

298

299

/* crlExtensions */

300

result=asn1_write_value(crl,"tbsCertList.crlExtensions",NULL,0);

301

302

303

/* signatureAlgorithm: dsa-with-sha */

304

len = sizeof(str)-1;

305

result=asn1_read_value(cert_def,"PKIX1Implicit88.id-dsa-with-sha1",str,&len);

306

result=asn1_write_value(crl,"signatureAlgorithm.algorithm",str,1);

307

result=asn1_write_value(crl,"signatureAlgorithm.parameters",NULL,0); /* NO OPTION */

308

309

/* signature */

310

*der_len=max_len;

311

result=asn1_der_coding(crl,"tbsCertList",der,der_len,errorDescription);

312

if(result!=ASN1_SUCCESS){

313

printf("\n'tbsCertList' encoding creation: ERROR\n");

314

return;

315

}

316

317

/* add the lines for the signature on der[0]..der[der_len-1]: result in str2 */

318

result=asn1_write_value(crl,"signature",str2,46*8);

319

320

321

/* Use the next 3 lines to visit the certificate */

322

/* printf("-----------------\n");

323

asn1_visit_tree(crl,"");

324

printf("-----------------\n"); */

325

326

*der_len=max_len;

327

result=asn1_der_coding(crl,"",der,der_len,errorDescription);

328

if(result!=ASN1_SUCCESS){

329

printf("\n'crl1' encoding creation: ERROR\n");

330

return;

331

}

332

333

/* Print the 'Certificate1' DER encoding */

334

printf("-----------------\nCrl1 Encoding:\nNumber of bytes=%i\n",*der_len);

335

for(k=0;k<*der_len;k++) printf("%02x ",der[k]);

336

printf("\n-----------------\n");

337

338

/* Clear the "certificate1" structure */

339

asn1_delete_structure(&crl);

340

}

341

342

343

344

/******************************************************/

345

/* Function : get_certificate */

346

/* Description: creates a certificate named */

347

/* "certificate2" from a der encoding */

348

/* string */

349

/* Parameters: */

350

/* unsigned char *der: the encoding string */

351

/* int der_len: number of bytes of der string */

352

/******************************************************/

353

void

354

get_CRL(node_asn *cert_def,unsigned char *der,int der_len)

355

{

356

int result,len,start,end;

357

unsigned char str[1024],str2[1024];

358

ASN1_TYPE crl2=ASN1_TYPE_EMPTY;

359

char errorDescription[MAX_ERROR_DESCRIPTION_SIZE];

360

361

362

asn1_create_element(cert_def,"PKIX1Implicit88.CertificateList",&crl2);

363

364

result=asn1_der_decoding(&crl2,der,der_len,errorDescription);

365

366

if(result!=ASN1_SUCCESS){

367

printf("Problems with DER encoding\n");

368

return;

369

}

370

371

372

/* issuer */

373

get_Name_type(cert_def,crl2,"tbsCertList.issuer",str);

374

printf("crl2:\nissuer: %s\n",str);

375

376

377

/* Verify sign */

378

len = sizeof(str)-1;

379

result=asn1_read_value(crl2,"signatureAlgorithm.algorithm",str,&len);

380

381

result=asn1_read_value(cert_def,"PKIX1Implicit88.id-dsa-with-sha1",str2,&len);

382

if(!strcmp(str,str2)){ /* dsa-with-sha */

383

384

result=asn1_der_decoding_startEnd(crl2,der,der_len,

385

"tbsCertList",&start,&end);

386

387

/* add the lines to calculate the sha on der[start]..der[end] */

388

389

result=asn1_read_value(crl2,"signature",str,&len);

390

391

/* compare the previous value to signature ( with issuer public key) */

392

}

393

394

/* Use the next 3 lines to visit the certificate */

395

/* printf("-----------------\n");

396

asn1_visit_tree(crl2,"");

397

printf("-----------------\n"); */

398

399

400

/* Clear the "crl2" structure */

401

asn1_delete_structure(&crl2);

402

}

403

404

#include "pkix_asn1_tab.c"

405

406

/********************************************************/

407

/* Function : main */

408

/* Description: reads the certificate description. */

409

/* Creates a certificate and calculate */

410

/* the der encoding. After that creates */

411

/* another certificate from der string */

412

/********************************************************/

413

int

414

main(int argc,char *argv[])

415

{

416

int result,der_len;

417

unsigned char der[1024];

418

ASN1_TYPE PKIX1Implicit88=ASN1_TYPE_EMPTY;

419

char errorDescription[MAX_ERROR_DESCRIPTION_SIZE];

420

421

if(1)

422

result=asn1_array2tree(pkix_asn1_tab,&PKIX1Implicit88,errorDescription);

423

else

424

result=asn1_parser2tree("pkix.asn",&PKIX1Implicit88,errorDescription);

425

426

if(result != ASN1_SUCCESS){

427

libtasn1_perror(result);

428

printf("%s\n",errorDescription);

429

exit(1);

430

}

431

432

/* Use the following 3 lines to visit the PKIX1Implicit structures */

433

/* printf("-----------------\n");

434

asn1_visit_tree(cert_def,"PKIX1Implicit88");

435

printf("-----------------\n"); */

436

437

der_len=1024;

438

create_CRL(PKIX1Implicit88,der,&der_len);

439

440

441

get_CRL(PKIX1Implicit88,der,der_len);

442

443

/* Clear the "PKIX1Implicit88" structures */

444

asn1_delete_structure(&PKIX1Implicit88);

445

446

return 0;

447

}

448

449

450

451

452

453

454

455

456

Older »