![[BACK]](/cvsweb/icons/back.gif){kind=icon}
Return to certificate.c CVS log ![[TXT]](/cvsweb/icons/text.gif){kind=icon}
![[DIR]](/cvsweb/icons/dir.gif){kind=icon}
Up to [CSRG BSD Unix] / 43BSDReno / contrib / isode-beta / dsap / common|
Return to certificate.c CVS log | Up to [CSRG BSD Unix] / 43BSDReno / contrib / isode-beta / dsap / common |
1.1 ! root 1: /* certificate.c - Attribute Syntax for certificates */ ! 2: ! 3: #ifndef lint ! 4: static char *rcsid = "$Header: /f/osi/dsap/common/RCS/certificate.c,v 7.2 90/01/11 18:35:32 mrose Exp $"; ! 5: #endif ! 6: ! 7: /* ! 8: * $Header: /f/osi/dsap/common/RCS/certificate.c,v 7.2 90/01/11 18:35:32 mrose Exp $ ! 9: * ! 10: * ! 11: * $Log: certificate.c,v $ ! 12: * Revision 7.2 90/01/11 18:35:32 mrose ! 13: * real-sync ! 14: * ! 15: * Revision 7.1 89/12/19 16:19:15 mrose ! 16: * sync ! 17: * ! 18: * Revision 7.0 89/11/23 21:41:56 mrose ! 19: * Release 6.0 ! 20: * ! 21: */ ! 22: ! 23: /* ! 24: * NOTICE ! 25: * ! 26: * Acquisition, use, and distribution of this module and related ! 27: * materials are subject to the restrictions of a license agreement. ! 28: * Consult the Preface in the User's Manual for the full terms of ! 29: * this agreement. ! 30: * ! 31: */ ! 32: ! 33: ! 34: #include <stdio.h> ! 35: ! 36: #include "quipu/util.h" ! 37: #include "quipu/entry.h" ! 38: #include "quipu/name.h" ! 39: #include "quipu/authen.h" ! 40: ! 41: PE cert_enc(parm) ! 42: struct certificate *parm; ! 43: { ! 44: PE pe; ! 45: ! 46: (void) encode_AF_Certificate(&pe, 0, 0, NULLCP, parm); ! 47: return (pe); ! 48: } ! 49: ! 50: struct certificate *cert_dec(pe) ! 51: PE pe; ! 52: { ! 53: struct certificate *result; ! 54: ! 55: if (decode_AF_Certificate(pe, 0, NULLIP, NULLVP, &result) == NOTOK) ! 56: return ((struct certificate *)NULL); ! 57: return (result); ! 58: } ! 59: ! 60: alg_cpy(a, b) ! 61: struct alg_id *a, *b; ! 62: { ! 63: a->algorithm = oid_cpy(b->algorithm); ! 64: ! 65: if (b->asn) ! 66: a->asn = pe_cpy(b->asn); ! 67: ! 68: a->p_type = b->p_type; ! 69: ! 70: if (b->p_type == ALG_PARM_NUMERIC) ! 71: a->un.numeric = b->un.numeric; ! 72: } ! 73: ! 74: struct certificate *cert_cpy(parm) ! 75: struct certificate *parm; ! 76: { ! 77: struct certificate *result; ! 78: ! 79: result = (struct certificate *) calloc(1, sizeof(struct certificate)); ! 80: ! 81: alg_cpy(&(result->sig.alg), &(parm->sig.alg)); ! 82: result->sig.n_bits = parm->sig.n_bits; ! 83: result->sig.encrypted = malloc((unsigned)(parm->sig.n_bits+7)/8); ! 84: bcopy(parm->sig.encrypted, result->sig.encrypted, (parm->sig.n_bits+7)/8); ! 85: ! 86: alg_cpy(&(result->alg), &(parm->alg)); ! 87: alg_cpy(&(result->key.alg), &(parm->key.alg)); ! 88: result->serial = parm->serial; ! 89: result->version = parm->version; ! 90: result->issuer = dn_cpy(parm->issuer); ! 91: result->subject = dn_cpy(parm->subject); ! 92: result->valid.not_before = ! 93: strdup(parm->valid.not_before); ! 94: result->valid.not_after = ! 95: strdup(parm->valid.not_after); ! 96: result->key.n_bits = parm->key.n_bits; ! 97: result->key.value = malloc((unsigned)(parm->key.n_bits+7)/8); ! 98: bcopy(parm->key.value, result->key.value, ! 99: (parm->key.n_bits+7)/8); ! 100: ! 101: return (result); ! 102: } ! 103: ! 104: cert_free(parm) ! 105: struct certificate *parm; ! 106: { ! 107: dn_free(parm->issuer); ! 108: dn_free(parm->subject); ! 109: free((char *) parm); ! 110: } ! 111: ! 112: str2alg(str, alg) ! 113: char *str; ! 114: struct alg_id *alg; ! 115: { ! 116: PE asn2pe(); ! 117: ! 118: if ((str == NULLCP) || (*str == '\0')) ! 119: { ! 120: alg->asn = NULLPE; ! 121: alg->p_type = ALG_PARM_ABSENT; ! 122: } ! 123: else if (strncmp(str,"{ASN}", 5) == 0) ! 124: { ! 125: alg->asn = asn2pe((char*)str+5); ! 126: alg->p_type = ALG_PARM_UNKNOWN; ! 127: } ! 128: else ! 129: { ! 130: alg->asn=NULLPE; ! 131: alg->p_type = ALG_PARM_NUMERIC; ! 132: alg->un.numeric = atoi(str); ! 133: } ! 134: } ! 135: ! 136: str2encrypted(str, cp, len) ! 137: char *str; ! 138: char **cp; ! 139: int *len; ! 140: { ! 141: int i; ! 142: int l; ! 143: int k = 0; ! 144: int tmp; ! 145: ! 146: l=strlen(str); ! 147: if (str[l-1] == '#') l--; ! 148: if ((l>2) && str[l-2] == '-') ! 149: { ! 150: k = atoi(&(str[l-1])); ! 151: l = l-2; ! 152: } ! 153: *cp = malloc((unsigned)(l+1)/2); ! 154: *len = 8*((l+1)/2) - k; ! 155: for (i=0;i<(l+1)/2;i++) ! 156: { ! 157: (void) sscanf(str+2*i, "%02x", &tmp); ! 158: (*cp)[i] = tmp & 255; ! 159: } ! 160: } ! 161: ! 162: ! 163: struct certificate *str2cert(str) ! 164: char *str; ! 165: { ! 166: struct certificate *result; ! 167: char *ptr; ! 168: OID oid; ! 169: ! 170: result = (struct certificate *) calloc(1, sizeof(*result)); ! 171: ! 172: ptr = index(str, '#'); ! 173: if (ptr == NULLCP) ! 174: { ! 175: parse_error("Algorithm not present",NULLCP); ! 176: free((char *)result); ! 177: return (struct certificate *) 0; ! 178: } ! 179: *ptr = '\0'; ! 180: ptr++; ! 181: ! 182: oid = name2oid(str); ! 183: if (oid == NULLOID) ! 184: { ! 185: parse_error("Bad algorithm identifier",NULLCP); ! 186: free((char *)result); ! 187: return (struct certificate *) 0; ! 188: } ! 189: ! 190: result->sig.alg.algorithm = oid; ! 191: ! 192: str = ptr; ! 193: ptr = index(str, '#'); ! 194: if (ptr == NULLCP) ! 195: { ! 196: parse_error("Parameters not present",NULLCP); ! 197: free((char*)result); ! 198: return (struct certificate *) 0; ! 199: } ! 200: *ptr = '\0'; ! 201: ptr++; ! 202: ! 203: str2alg(str, &(result->sig.alg)); ! 204: ! 205: str = ptr; ! 206: ptr = index(str, '#'); ! 207: if (ptr == NULLCP) ! 208: { ! 209: parse_error("Signature not present",NULLCP); ! 210: free((char*)result); ! 211: return (struct certificate *) 0; ! 212: } ! 213: *ptr = '\0'; ! 214: ptr++; ! 215: ! 216: str2encrypted(str, &(result->sig.encrypted), &(result->sig.n_bits)); ! 217: ! 218: str = ptr; ! 219: ptr = index(str, '#'); ! 220: if (ptr == NULLCP) ! 221: { ! 222: parse_error("Issuer not present",NULLCP); ! 223: free((char*)result); ! 224: return (struct certificate *) 0; ! 225: } ! 226: *ptr = '\0'; ! 227: ptr++; ! 228: ! 229: result->issuer = str2dn(str); ! 230: ! 231: str = ptr; ! 232: ptr = index(str, '#'); ! 233: if (ptr == NULLCP) ! 234: { ! 235: parse_error("Subject not present",NULLCP); ! 236: free((char*)result); ! 237: return (struct certificate *) 0; ! 238: } ! 239: *ptr = '\0'; ! 240: ptr++; ! 241: ! 242: result->subject = str2dn(str); ! 243: ! 244: str = ptr; ! 245: ptr = index(str, '#'); ! 246: if (ptr == NULLCP) ! 247: { ! 248: parse_error("Algorithm not present",NULLCP); ! 249: free((char*)result); ! 250: return (struct certificate *) 0; ! 251: } ! 252: *ptr = '\0'; ! 253: ptr++; ! 254: ! 255: oid = name2oid(str); ! 256: if (oid == NULLOID) ! 257: { ! 258: parse_error("Bad algorithm identifier",NULLCP); ! 259: free((char*)result); ! 260: return (struct certificate *) 0; ! 261: } ! 262: ! 263: result->alg.algorithm = oid; ! 264: ! 265: str = ptr; ! 266: ptr = index(str, '#'); ! 267: if (ptr == NULLCP) ! 268: { ! 269: parse_error("Parameters not present",NULLCP); ! 270: free((char*)result); ! 271: return (struct certificate *) 0; ! 272: } ! 273: *ptr = '\0'; ! 274: ptr++; ! 275: ! 276: str2alg(str, &(result->alg)); ! 277: ! 278: str = ptr; ! 279: ptr = index(str, '#'); ! 280: if (ptr == NULLCP) ! 281: { ! 282: parse_error("Version Number not present",NULLCP); ! 283: free((char*)result); ! 284: return (struct certificate *) 0; ! 285: } ! 286: *ptr = '\0'; ! 287: ptr++; ! 288: ! 289: result->version = atoi(str); ! 290: ! 291: str = ptr; ! 292: ptr = index(str, '#'); ! 293: if (ptr == NULLCP) ! 294: { ! 295: parse_error("Serial Number not present",NULLCP); ! 296: free((char*)result); ! 297: return (struct certificate *) 0; ! 298: } ! 299: *ptr = '\0'; ! 300: ptr++; ! 301: ! 302: result->serial = atoi(str); ! 303: ! 304: str = ptr; ! 305: ptr = index(str, '#'); ! 306: if (ptr == NULLCP) ! 307: { ! 308: parse_error("Start time not present",NULLCP); ! 309: free((char*)result); ! 310: return (struct certificate *) 0; ! 311: } ! 312: *ptr = '\0'; ! 313: ptr++; ! 314: ! 315: result->valid.not_before = strdup(str); ! 316: ! 317: str = ptr; ! 318: ptr = index(str, '#'); ! 319: if (ptr == NULLCP) ! 320: { ! 321: parse_error("End time not present",NULLCP); ! 322: free((char*)result); ! 323: return (struct certificate *) 0; ! 324: } ! 325: *ptr = '\0'; ! 326: ptr++; ! 327: ! 328: result->valid.not_after = strdup(str); ! 329: ! 330: str = ptr; ! 331: ptr = index(str, '#'); ! 332: if (ptr == NULLCP) ! 333: { ! 334: free((char*)result); ! 335: return (struct certificate *) 0; ! 336: } ! 337: *ptr = '\0'; ! 338: ptr++; ! 339: ! 340: oid = name2oid(str); ! 341: if (oid == NULLOID) ! 342: { ! 343: free((char*)result); ! 344: return (struct certificate *) 0; ! 345: } ! 346: ! 347: result->key.alg.algorithm = oid; ! 348: ! 349: str = ptr; ! 350: ptr = index(str, '#'); ! 351: if (ptr == NULLCP) ! 352: { ! 353: free((char*)result); ! 354: return (struct certificate *) 0; ! 355: } ! 356: *ptr = '\0'; ! 357: ptr++; ! 358: ! 359: str2alg(str, &(result->key.alg)); ! 360: ! 361: str = ptr; ! 362: ! 363: str2encrypted(str, &(result->key.value), &(result->key.n_bits)); ! 364: ! 365: return (result); ! 366: } ! 367: ! 368: print_algid(ps, parm, format) ! 369: PS ps; ! 370: struct alg_id *parm; ! 371: int format; ! 372: { ! 373: ps_printf(ps, "%s#", oid2name (parm->algorithm, OIDPART)); ! 374: ! 375: switch(parm->p_type) { ! 376: case ALG_PARM_ABSENT: ! 377: ps_printf(ps, "#"); ! 378: break; ! 379: case ALG_PARM_NUMERIC: ! 380: if (format == READOUT) ! 381: ps_printf(ps, "%d#", parm->un.numeric); ! 382: else ! 383: ps_printf(ps, "%d#", parm->un.numeric); ! 384: break; ! 385: default: ! 386: if (format == READOUT) ! 387: { ! 388: if ((parm->asn->pe_class == PE_CLASS_UNIV) ! 389: &&(parm->asn->pe_form == PE_FORM_PRIM) ! 390: &&(parm->asn->pe_id == PE_PRIM_INT)) ! 391: ps_printf(ps, "%d", prim2num(parm->asn)); ! 392: else ! 393: { ! 394: vpushquipu (ps); ! 395: vunknown(parm->asn); ! 396: vpopquipu (); ! 397: } ! 398: } ! 399: else ! 400: { ! 401: /* This routine will print a {ASN} prefix */ ! 402: pe_print(ps, parm->asn, format); ! 403: } ! 404: ps_printf(ps, "#"); ! 405: } ! 406: } ! 407: ! 408: print_encrypted(ps, str, n_bits, format) ! 409: PS ps; ! 410: char *str; ! 411: int n_bits; ! 412: int format; ! 413: { ! 414: int i; ! 415: ! 416: /* The end-user doesn't care what the signature is, so don't display it */ ! 417: ! 418: if (format != READOUT) ! 419: { ! 420: for (i=0;i<(n_bits+7)/8;i++) ! 421: ps_printf(ps, "%02x", str[i] & 255); ! 422: ! 423: if ((i = (n_bits % 8)) != 0) ! 424: ps_printf(ps, "-%d", 8-i); ! 425: ! 426: ps_printf(ps, "#"); ! 427: } ! 428: ! 429: } ! 430: ! 431: ! 432: printcert(ps, parm, format) ! 433: PS ps; ! 434: struct certificate *parm; ! 435: int format; ! 436: { ! 437: print_algid(ps, &(parm->sig.alg), format); ! 438: print_encrypted(ps, parm->sig.encrypted, parm->sig.n_bits, format); ! 439: ! 440: dn_print(ps, parm->issuer, EDBOUT); ! 441: ps_printf(ps, "#"); ! 442: dn_print(ps, parm->subject, EDBOUT); ! 443: ps_printf(ps, "#"); ! 444: print_algid(ps, &(parm->alg), format); ! 445: ps_printf(ps, "%d#", parm->version); ! 446: ps_printf(ps, "%d#", parm->serial); ! 447: ! 448: utcprint(ps, parm->valid.not_before, format); ! 449: ps_printf(ps, "#"); ! 450: utcprint(ps, parm->valid.not_after, format); ! 451: ps_printf(ps, "#"); ! 452: ! 453: print_algid(ps, &(parm->key.alg), format); ! 454: print_encrypted(ps, parm->key.value, ! 455: parm->key.n_bits, format); ! 456: } ! 457: ! 458: int cert_cmp(a, b) ! 459: struct certificate *a, *b; ! 460: { ! 461: int ret; ! 462: ! 463: ret = dn_cmp(a->issuer, b->issuer); ! 464: if (ret != 0) ! 465: return (ret); ! 466: ! 467: ret = dn_cmp(a->subject, b->subject); ! 468: if (ret != 0) ! 469: return (ret); ! 470: ! 471: if (a->version > b->version) ! 472: return (1); ! 473: if (a->version < b->version) ! 474: return (-1); ! 475: ! 476: if (a->serial > b->serial) ! 477: return (1); ! 478: if (a->serial < b->serial) ! 479: return (-1); ! 480: ! 481: /* issuer, subject, version and serial should uniquely identify the ! 482: * certificate. ! 483: */ ! 484: ! 485: return (0); ! 486: } ! 487: ! 488: certificate_syntax() ! 489: { ! 490: (void) add_attribute_syntax( ! 491: "Certificate", ! 492: (IFP) cert_enc, (IFP) cert_dec, ! 493: (IFP) str2cert, (IFP) printcert, ! 494: (IFP) cert_cpy, (IFP) cert_cmp, ! 495: cert_free, NULLCP, ! 496: NULLIFP, TRUE); ! 497: }
This archive runs on limited infrastructure. Preserving old code on modern bandwidth. Automated agents are requested to crawl responsibly.