summaryrefslogtreecommitdiff
path: root/src/CrlExample.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/CrlExample.c')
-rw-r--r--src/CrlExample.c454
1 files changed, 0 insertions, 454 deletions
diff --git a/src/CrlExample.c b/src/CrlExample.c
deleted file mode 100644
index 80c30bb..0000000
--- a/src/CrlExample.c
+++ /dev/null
@@ -1,454 +0,0 @@
-/*
- * Copyright (C) 2006, 2007 Free Software Foundation
- * Copyright (C) 2000,2001 Fabio Fiorina
- *
- * This file is part of LIBTASN1.
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation, either version 3 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program. If not, see <http://www.gnu.org/licenses/>.
- *
- */
-
-/*****************************************************/
-/* File: CrlExample.c */
-/* Description: An example on how to use the ASN1 */
-/* parser with the Certificate.txt file */
-/*****************************************************/
-
-#include <stdio.h>
-#include <string.h>
-#include <stdlib.h>
-#include "libtasn1.h"
-
-
-
-char *
-my_ltostr(long v,char *str)
-{
- long d,r;
- char temp[20];
- int count,k,start;
-
- if(v<0){
- str[0]='-';
- start=1;
- v=-v;
- }
- else start=0;
-
- count=0;
- do{
- d=v/10;
- r=v-d*10;
- temp[start+count]='0'+(char)r;
- count++;
- v=d;
- }while(v);
-
- for(k=0;k<count;k++) str[k+start]=temp[start+count-k-1];
- str[count+start]=0;
- return str;
-}
-
-
-/******************************************************/
-/* Function : get_name_type */
-/* Description: analyze a structure of type Name */
-/* Parameters: */
-/* char *root: the structure identifier */
-/* char *answer: the string with elements like: */
-/* "C=US O=gov" */
-/******************************************************/
-void
-get_Name_type(node_asn *cert_def,node_asn *cert,char *root, char *answer)
-{
- int k,k2,result,len;
- char name[128],str[1024],str2[1024],name2[128],counter[5],name3[128];
- ASN1_TYPE value=ASN1_TYPE_EMPTY;
- char errorDescription[MAX_ERROR_DESCRIPTION_SIZE];
-
- answer[0]=0;
- k=1;
- do{
- strcpy(name,root);
- strcat(name,".rdnSequence.?");
- my_ltostr(k,counter);
- strcat(name,counter);
-
- len = sizeof(str)-1;
- result=asn1_read_value(cert,name,str,&len);
- if(result==ASN1_ELEMENT_NOT_FOUND) break;
- k2=1;
- do{
- strcpy(name2,name);
- strcat(name2,".?");
- my_ltostr(k2,counter);
- strcat(name2,counter);
-
- len = sizeof(str)-1;
- result=asn1_read_value(cert,name2,str,&len);
- if(result==ASN1_ELEMENT_NOT_FOUND) break;
- strcpy(name3,name2);
- strcat(name3,".type");
-
- len = sizeof(str)-1;
- result=asn1_read_value(cert,name3,str,&len);
- strcpy(name3,name2);
- strcat(name3,".value");
- if(result==ASN1_SUCCESS){
- len = sizeof(str2);
- result=asn1_read_value(cert_def,"PKIX1Implicit88.id-at-countryName",
- str2,&len);
- if(!strcmp(str,str2)){
- asn1_create_element(cert_def,"PKIX1Implicit88.X520OrganizationName",
- &value);
- len = sizeof(str)-1;
- asn1_read_value(cert,name3,str,&len);
- result=asn1_der_decoding(&value,str,len,errorDescription);
-
- len = sizeof(str)-1;
- asn1_read_value(value,"",str,&len); /* CHOICE */
-
- strcpy(name3,str);
-
- len = sizeof(str)-1;
- asn1_read_value(value,name3,str,&len);
- str[len]=0;
- strcat(answer," C=");
- strcat(answer,str);
-
- asn1_delete_structure(&value);
- }
- else{
- len = sizeof(str2);
- result=asn1_read_value(cert_def,"PKIX1Implicit88.id-at-organizationName"
- ,str2,&len);
- if(!strcmp(str,str2)){
- asn1_create_element(cert_def,"PKIX1Implicit88.X520OrganizationName"
- ,&value);
-
- len = sizeof(str)-1;
- asn1_read_value(cert,name3,str,&len);
- asn1_der_decoding(&value,str,len,errorDescription);
- len = sizeof(str)-1;
- asn1_read_value(value,"",str,&len); /* CHOICE */
- strcpy(name3,str);
- len = sizeof(str)-1;
- asn1_read_value(value,name3,str,&len);
- str[len]=0;
- strcat(answer," O=");
- strcat(answer,str);
- asn1_delete_structure(&value);
- }
- else{
- len = sizeof(str2);
- result=asn1_read_value(cert_def,"PKIX1Implicit88.id-at-organizationalUnitName",str2,&len);
- if(!strcmp(str,str2)){
- asn1_create_element(cert_def,"PKIX1Implicit88.X520OrganizationalUnitName",&value);
- len = sizeof(str)-1;
- asn1_read_value(cert,name3,str,&len);
- asn1_der_decoding(&value,str,len,errorDescription);
- len = sizeof(str)-1;
- asn1_read_value(value,"",str,&len); /* CHOICE */
- strcpy(name3,str);
- len = sizeof(str)-1;
- asn1_read_value(value,name3,str,&len);
- str[len]=0;
- strcat(answer," OU=");
- strcat(answer,str);
- asn1_delete_structure(&value);
- }
- }
- }
- }
- k2++;
- }while(1);
- k++;
- }while(1);
-}
-
-
-/******************************************************/
-/* Function : create_certificate */
-/* Description: creates a certificate named */
-/* "certificate1". Values are the same */
-/* as in rfc2459 Appendix D.1 */
-/* Parameters: */
-/* unsigned char *der: contains the der encoding */
-/* int *der_len: number of bytes of der string */
-/******************************************************/
-void
-create_CRL(node_asn *cert_def, unsigned char *der,int *der_len)
-{
- int result,k,len;
- unsigned char str[1024],*str2;
- ASN1_TYPE crl=ASN1_TYPE_EMPTY;
- ASN1_TYPE value=ASN1_TYPE_EMPTY;
- char errorDescription[MAX_ERROR_DESCRIPTION_SIZE];
- int max_len;
-
- max_len=*der_len;
-
- result=asn1_create_element(cert_def,"PKIX1Implicit88.CertificateList",&crl);
-
- /* Use the next 3 lines to visit the empty certificate */
- /* printf("-----------------\n");
- asn1_visit_tree(crl,"");
- printf("-----------------\n"); */
-
-
- /* version: v2(1) */
- result=asn1_write_value(crl,"tbsCertList.version","v2",0);
-
-
- /* signature: dsa-with-sha */
- len = sizeof(str)-1;
- result=asn1_read_value(cert_def,"PKIX1Implicit88.id-dsa-with-sha1",str,&len);
- result=asn1_write_value(crl,"tbsCertList.signature.algorithm",str,1);
- result=asn1_write_value(crl,"tbsCertList.signature.parameters",NULL,0);
-
-
- /* issuer: Country="US" Organization="gov" OrganizationUnit="nist" */
- result=asn1_write_value(crl,"tbsCertList.issuer","rdnSequence",1);
-
- result=asn1_write_value(crl,"tbsCertList.issuer.rdnSequence","NEW",1);
- result=asn1_write_value(crl,"tbsCertList.issuer.rdnSequence.?LAST","NEW",1);
- /* C */
- len = sizeof(str)-1;
- result=asn1_read_value(cert_def,"PKIX1Implicit88.id-at-countryName",str,&len);
- result=asn1_write_value(crl,"tbsCertList.issuer.rdnSequence.?LAST.?LAST.type",str,1);
- result=asn1_create_element(cert_def,"PKIX1Implicit88.X520countryName",
- &value);
- result=asn1_write_value(value,"","US",2);
- *der_len=max_len;
- result=asn1_der_coding(value,"",der,der_len,errorDescription);
-
- asn1_delete_structure(&value);
- result=asn1_write_value(crl,"tbsCertList.issuer.rdnSequence.?LAST.?LAST.value",der,*der_len);
-
-
- result=asn1_write_value(crl,"tbsCertList.issuer.rdnSequence","NEW",4);
- result=asn1_write_value(crl,"tbsCertList.issuer.rdnSequence.?LAST","NEW",4);
- /* O */
- len = sizeof(str)-1;
- result=asn1_read_value(cert_def,"PKIX1Implicit88.id-at-organizationName",str,&len);
- result=asn1_write_value(crl,"tbsCertList.issuer.rdnSequence.?LAST.?LAST.type",str,8);
- result=asn1_create_element(cert_def,"PKIX1Implicit88.X520OrganizationName",
- &value);
- result=asn1_write_value(value,"","printableString",1);
- result=asn1_write_value(value,"printableString","gov",3);
- *der_len=max_len;
- result=asn1_der_coding(value,"",der,der_len,errorDescription);
- asn1_delete_structure(&value);
- result=asn1_write_value(crl,"tbsCertList.issuer.rdnSequence.?LAST.?LAST.value",der,*der_len);
-
-
- result=asn1_write_value(crl,"tbsCertList.issuer.rdnSequence","NEW",1);
- result=asn1_write_value(crl,"tbsCertList.issuer.rdnSequence.?LAST","NEW",1);
- /* OU */
- len = sizeof(str)-1;
- result=asn1_read_value(cert_def,"PKIX1Implicit88.id-at-organizationalUnitName",
- str,&len);
- result=asn1_write_value(crl,"tbsCertList.issuer.rdnSequence.?LAST.?LAST.type",str,1);
- result=asn1_create_element(cert_def,"PKIX1Implicit88.X520OrganizationalUnitName",&value);
- result=asn1_write_value(value,"","printableString",1);
- result=asn1_write_value(value,"printableString","nist",4);
- *der_len=max_len;
- result=asn1_der_coding(value,"",der,der_len,errorDescription);
- asn1_delete_structure(&value);
- result=asn1_write_value(crl,"tbsCertList.issuer.rdnSequence.?LAST.?LAST.value",der,*der_len);
-
-
- /* validity */
- result=asn1_write_value(crl,"tbsCertList.thisUpdate","utcTime",1);
- result=asn1_write_value(crl,"tbsCertList.thisUpdate.utcTime","970801000000Z",1);
-
- result=asn1_write_value(crl,"tbsCertList.nextUpdate","utcTime",1);
- result=asn1_write_value(crl,"tbsCertList.nextUpdate.utcTime","970808000000Z",1);
-
-
- /* revokedCertificates */
- result=asn1_write_value(crl,"tbsCertList.revokedCertificates","NEW",1);
- str[0]=18;
- result=asn1_write_value(crl,"tbsCertList.revokedCertificates.?LAST.userCertificate",str,1);
- result=asn1_write_value(crl,"tbsCertList.revokedCertificates.?LAST.revocationDate","utcTime",1);
- result=asn1_write_value(crl,"tbsCertList.revokedCertificates.?LAST.revocationDate.utcTime","970731000000Z",1);
-
- result=asn1_write_value(crl,"tbsCertList.revokedCertificates.?LAST.crlEntryExtensions","NEW",1);
- len = sizeof(str)-1;
- result=asn1_read_value(cert_def,"PKIX1Implicit88.id-ce-cRLReasons",
- str,&len);
- result=asn1_write_value(crl,"tbsCertList.revokedCertificates.?LAST.crlEntryExtensions.?LAST.extnID",str,1); /* reasonCode */
- result=asn1_write_value(crl,"tbsCertList.revokedCertificates.?LAST.crlEntryExtensions.?LAST.critical","FALSE",1);
- str2="\x0a\x01\x01";
- result=asn1_write_value(crl,"tbsCertList.revokedCertificates.?LAST.crlEntryExtensions.?LAST.extnValue",str2,3);
-
-
- /* crlExtensions */
- result=asn1_write_value(crl,"tbsCertList.crlExtensions",NULL,0);
-
-
- /* signatureAlgorithm: dsa-with-sha */
- len = sizeof(str)-1;
- result=asn1_read_value(cert_def,"PKIX1Implicit88.id-dsa-with-sha1",str,&len);
- result=asn1_write_value(crl,"signatureAlgorithm.algorithm",str,1);
- result=asn1_write_value(crl,"signatureAlgorithm.parameters",NULL,0); /* NO OPTION */
-
- /* signature */
- *der_len=max_len;
- result=asn1_der_coding(crl,"tbsCertList",der,der_len,errorDescription);
- if(result!=ASN1_SUCCESS){
- printf("\n'tbsCertList' encoding creation: ERROR\n");
- return;
- }
-
- /* add the lines for the signature on der[0]..der[der_len-1]: result in str2 */
- result=asn1_write_value(crl,"signature",str2,46*8);
-
-
- /* Use the next 3 lines to visit the certificate */
- /* printf("-----------------\n");
- asn1_visit_tree(crl,"");
- printf("-----------------\n"); */
-
- *der_len=max_len;
- result=asn1_der_coding(crl,"",der,der_len,errorDescription);
- if(result!=ASN1_SUCCESS){
- printf("\n'crl1' encoding creation: ERROR\n");
- return;
- }
-
- /* Print the 'Certificate1' DER encoding */
- printf("-----------------\nCrl1 Encoding:\nNumber of bytes=%i\n",*der_len);
- for(k=0;k<*der_len;k++) printf("%02x ",der[k]);
- printf("\n-----------------\n");
-
- /* Clear the "certificate1" structure */
- asn1_delete_structure(&crl);
-}
-
-
-
-/******************************************************/
-/* Function : get_certificate */
-/* Description: creates a certificate named */
-/* "certificate2" from a der encoding */
-/* string */
-/* Parameters: */
-/* unsigned char *der: the encoding string */
-/* int der_len: number of bytes of der string */
-/******************************************************/
-void
-get_CRL(node_asn *cert_def,unsigned char *der,int der_len)
-{
- int result,len,start,end;
- unsigned char str[1024],str2[1024];
- ASN1_TYPE crl2=ASN1_TYPE_EMPTY;
- char errorDescription[MAX_ERROR_DESCRIPTION_SIZE];
-
-
- asn1_create_element(cert_def,"PKIX1Implicit88.CertificateList",&crl2);
-
- result=asn1_der_decoding(&crl2,der,der_len,errorDescription);
-
- if(result!=ASN1_SUCCESS){
- printf("Problems with DER encoding\n");
- return;
- }
-
-
- /* issuer */
- get_Name_type(cert_def,crl2,"tbsCertList.issuer",str);
- printf("crl2:\nissuer: %s\n",str);
-
-
- /* Verify sign */
- len = sizeof(str)-1;
- result=asn1_read_value(crl2,"signatureAlgorithm.algorithm",str,&len);
-
- result=asn1_read_value(cert_def,"PKIX1Implicit88.id-dsa-with-sha1",str2,&len);
- if(!strcmp(str,str2)){ /* dsa-with-sha */
-
- result=asn1_der_decoding_startEnd(crl2,der,der_len,
- "tbsCertList",&start,&end);
-
- /* add the lines to calculate the sha on der[start]..der[end] */
-
- result=asn1_read_value(crl2,"signature",str,&len);
-
- /* compare the previous value to signature ( with issuer public key) */
- }
-
- /* Use the next 3 lines to visit the certificate */
- /* printf("-----------------\n");
- asn1_visit_tree(crl2,"");
- printf("-----------------\n"); */
-
-
- /* Clear the "crl2" structure */
- asn1_delete_structure(&crl2);
-}
-
-#include "pkix_asn1_tab.c"
-
-/********************************************************/
-/* Function : main */
-/* Description: reads the certificate description. */
-/* Creates a certificate and calculate */
-/* the der encoding. After that creates */
-/* another certificate from der string */
-/********************************************************/
-int
-main(int argc,char *argv[])
-{
- int result,der_len;
- unsigned char der[1024];
- ASN1_TYPE PKIX1Implicit88=ASN1_TYPE_EMPTY;
- char errorDescription[MAX_ERROR_DESCRIPTION_SIZE];
-
- if(1)
- result=asn1_array2tree(pkix_asn1_tab,&PKIX1Implicit88,errorDescription);
- else
- result=asn1_parser2tree("pkix.asn",&PKIX1Implicit88,errorDescription);
-
- if(result != ASN1_SUCCESS){
- libtasn1_perror(result);
- printf("%s\n",errorDescription);
- exit(1);
- }
-
- /* Use the following 3 lines to visit the PKIX1Implicit structures */
- /* printf("-----------------\n");
- asn1_visit_tree(cert_def,"PKIX1Implicit88");
- printf("-----------------\n"); */
-
- der_len=1024;
- create_CRL(PKIX1Implicit88,der,&der_len);
-
-
- get_CRL(PKIX1Implicit88,der,der_len);
-
- /* Clear the "PKIX1Implicit88" structures */
- asn1_delete_structure(&PKIX1Implicit88);
-
- return 0;
-}
-
-
-
-
-
-
-
-
-
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-26 12:24:02 +0000