![[BACK]](/cvsweb/icons/back.gif){kind=icon}
Return to certificate.c CVS log ![[TXT]](/cvsweb/icons/text.gif){kind=icon}
![[DIR]](/cvsweb/icons/dir.gif){kind=icon}
Up to [CSRG BSD Unix] / 43BSDReno / contrib / isode-beta / dsap / common|
Return to certificate.c CVS log | Up to [CSRG BSD Unix] / 43BSDReno / contrib / isode-beta / dsap / common |
1.1 root 1: /* certificate.c - Attribute Syntax for certificates */
2:
3: #ifndef lint
4: static char *rcsid = "$Header: /f/osi/dsap/common/RCS/certificate.c,v 7.2 90/01/11 18:35:32 mrose Exp $";
5: #endif
6:
7: /*
8: * $Header: /f/osi/dsap/common/RCS/certificate.c,v 7.2 90/01/11 18:35:32 mrose Exp $
9: *
10: *
11: * $Log: certificate.c,v $
12: * Revision 7.2 90/01/11 18:35:32 mrose
13: * real-sync
14: *
15: * Revision 7.1 89/12/19 16:19:15 mrose
16: * sync
17: *
18: * Revision 7.0 89/11/23 21:41:56 mrose
19: * Release 6.0
20: *
21: */
22:
23: /*
24: * NOTICE
25: *
26: * Acquisition, use, and distribution of this module and related
27: * materials are subject to the restrictions of a license agreement.
28: * Consult the Preface in the User's Manual for the full terms of
29: * this agreement.
30: *
31: */
32:
33:
34: #include <stdio.h>
35:
36: #include "quipu/util.h"
37: #include "quipu/entry.h"
38: #include "quipu/name.h"
39: #include "quipu/authen.h"
40:
41: PE cert_enc(parm)
42: struct certificate *parm;
43: {
44: PE pe;
45:
46: (void) encode_AF_Certificate(&pe, 0, 0, NULLCP, parm);
47: return (pe);
48: }
49:
50: struct certificate *cert_dec(pe)
51: PE pe;
52: {
53: struct certificate *result;
54:
55: if (decode_AF_Certificate(pe, 0, NULLIP, NULLVP, &result) == NOTOK)
56: return ((struct certificate *)NULL);
57: return (result);
58: }
59:
60: alg_cpy(a, b)
61: struct alg_id *a, *b;
62: {
63: a->algorithm = oid_cpy(b->algorithm);
64:
65: if (b->asn)
66: a->asn = pe_cpy(b->asn);
67:
68: a->p_type = b->p_type;
69:
70: if (b->p_type == ALG_PARM_NUMERIC)
71: a->un.numeric = b->un.numeric;
72: }
73:
74: struct certificate *cert_cpy(parm)
75: struct certificate *parm;
76: {
77: struct certificate *result;
78:
79: result = (struct certificate *) calloc(1, sizeof(struct certificate));
80:
81: alg_cpy(&(result->sig.alg), &(parm->sig.alg));
82: result->sig.n_bits = parm->sig.n_bits;
83: result->sig.encrypted = malloc((unsigned)(parm->sig.n_bits+7)/8);
84: bcopy(parm->sig.encrypted, result->sig.encrypted, (parm->sig.n_bits+7)/8);
85:
86: alg_cpy(&(result->alg), &(parm->alg));
87: alg_cpy(&(result->key.alg), &(parm->key.alg));
88: result->serial = parm->serial;
89: result->version = parm->version;
90: result->issuer = dn_cpy(parm->issuer);
91: result->subject = dn_cpy(parm->subject);
92: result->valid.not_before =
93: strdup(parm->valid.not_before);
94: result->valid.not_after =
95: strdup(parm->valid.not_after);
96: result->key.n_bits = parm->key.n_bits;
97: result->key.value = malloc((unsigned)(parm->key.n_bits+7)/8);
98: bcopy(parm->key.value, result->key.value,
99: (parm->key.n_bits+7)/8);
100:
101: return (result);
102: }
103:
104: cert_free(parm)
105: struct certificate *parm;
106: {
107: dn_free(parm->issuer);
108: dn_free(parm->subject);
109: free((char *) parm);
110: }
111:
112: str2alg(str, alg)
113: char *str;
114: struct alg_id *alg;
115: {
116: PE asn2pe();
117:
118: if ((str == NULLCP) || (*str == '\0'))
119: {
120: alg->asn = NULLPE;
121: alg->p_type = ALG_PARM_ABSENT;
122: }
123: else if (strncmp(str,"{ASN}", 5) == 0)
124: {
125: alg->asn = asn2pe((char*)str+5);
126: alg->p_type = ALG_PARM_UNKNOWN;
127: }
128: else
129: {
130: alg->asn=NULLPE;
131: alg->p_type = ALG_PARM_NUMERIC;
132: alg->un.numeric = atoi(str);
133: }
134: }
135:
136: str2encrypted(str, cp, len)
137: char *str;
138: char **cp;
139: int *len;
140: {
141: int i;
142: int l;
143: int k = 0;
144: int tmp;
145:
146: l=strlen(str);
147: if (str[l-1] == '#') l--;
148: if ((l>2) && str[l-2] == '-')
149: {
150: k = atoi(&(str[l-1]));
151: l = l-2;
152: }
153: *cp = malloc((unsigned)(l+1)/2);
154: *len = 8*((l+1)/2) - k;
155: for (i=0;i<(l+1)/2;i++)
156: {
157: (void) sscanf(str+2*i, "%02x", &tmp);
158: (*cp)[i] = tmp & 255;
159: }
160: }
161:
162:
163: struct certificate *str2cert(str)
164: char *str;
165: {
166: struct certificate *result;
167: char *ptr;
168: OID oid;
169:
170: result = (struct certificate *) calloc(1, sizeof(*result));
171:
172: ptr = index(str, '#');
173: if (ptr == NULLCP)
174: {
175: parse_error("Algorithm not present",NULLCP);
176: free((char *)result);
177: return (struct certificate *) 0;
178: }
179: *ptr = '\0';
180: ptr++;
181:
182: oid = name2oid(str);
183: if (oid == NULLOID)
184: {
185: parse_error("Bad algorithm identifier",NULLCP);
186: free((char *)result);
187: return (struct certificate *) 0;
188: }
189:
190: result->sig.alg.algorithm = oid;
191:
192: str = ptr;
193: ptr = index(str, '#');
194: if (ptr == NULLCP)
195: {
196: parse_error("Parameters not present",NULLCP);
197: free((char*)result);
198: return (struct certificate *) 0;
199: }
200: *ptr = '\0';
201: ptr++;
202:
203: str2alg(str, &(result->sig.alg));
204:
205: str = ptr;
206: ptr = index(str, '#');
207: if (ptr == NULLCP)
208: {
209: parse_error("Signature not present",NULLCP);
210: free((char*)result);
211: return (struct certificate *) 0;
212: }
213: *ptr = '\0';
214: ptr++;
215:
216: str2encrypted(str, &(result->sig.encrypted), &(result->sig.n_bits));
217:
218: str = ptr;
219: ptr = index(str, '#');
220: if (ptr == NULLCP)
221: {
222: parse_error("Issuer not present",NULLCP);
223: free((char*)result);
224: return (struct certificate *) 0;
225: }
226: *ptr = '\0';
227: ptr++;
228:
229: result->issuer = str2dn(str);
230:
231: str = ptr;
232: ptr = index(str, '#');
233: if (ptr == NULLCP)
234: {
235: parse_error("Subject not present",NULLCP);
236: free((char*)result);
237: return (struct certificate *) 0;
238: }
239: *ptr = '\0';
240: ptr++;
241:
242: result->subject = str2dn(str);
243:
244: str = ptr;
245: ptr = index(str, '#');
246: if (ptr == NULLCP)
247: {
248: parse_error("Algorithm not present",NULLCP);
249: free((char*)result);
250: return (struct certificate *) 0;
251: }
252: *ptr = '\0';
253: ptr++;
254:
255: oid = name2oid(str);
256: if (oid == NULLOID)
257: {
258: parse_error("Bad algorithm identifier",NULLCP);
259: free((char*)result);
260: return (struct certificate *) 0;
261: }
262:
263: result->alg.algorithm = oid;
264:
265: str = ptr;
266: ptr = index(str, '#');
267: if (ptr == NULLCP)
268: {
269: parse_error("Parameters not present",NULLCP);
270: free((char*)result);
271: return (struct certificate *) 0;
272: }
273: *ptr = '\0';
274: ptr++;
275:
276: str2alg(str, &(result->alg));
277:
278: str = ptr;
279: ptr = index(str, '#');
280: if (ptr == NULLCP)
281: {
282: parse_error("Version Number not present",NULLCP);
283: free((char*)result);
284: return (struct certificate *) 0;
285: }
286: *ptr = '\0';
287: ptr++;
288:
289: result->version = atoi(str);
290:
291: str = ptr;
292: ptr = index(str, '#');
293: if (ptr == NULLCP)
294: {
295: parse_error("Serial Number not present",NULLCP);
296: free((char*)result);
297: return (struct certificate *) 0;
298: }
299: *ptr = '\0';
300: ptr++;
301:
302: result->serial = atoi(str);
303:
304: str = ptr;
305: ptr = index(str, '#');
306: if (ptr == NULLCP)
307: {
308: parse_error("Start time not present",NULLCP);
309: free((char*)result);
310: return (struct certificate *) 0;
311: }
312: *ptr = '\0';
313: ptr++;
314:
315: result->valid.not_before = strdup(str);
316:
317: str = ptr;
318: ptr = index(str, '#');
319: if (ptr == NULLCP)
320: {
321: parse_error("End time not present",NULLCP);
322: free((char*)result);
323: return (struct certificate *) 0;
324: }
325: *ptr = '\0';
326: ptr++;
327:
328: result->valid.not_after = strdup(str);
329:
330: str = ptr;
331: ptr = index(str, '#');
332: if (ptr == NULLCP)
333: {
334: free((char*)result);
335: return (struct certificate *) 0;
336: }
337: *ptr = '\0';
338: ptr++;
339:
340: oid = name2oid(str);
341: if (oid == NULLOID)
342: {
343: free((char*)result);
344: return (struct certificate *) 0;
345: }
346:
347: result->key.alg.algorithm = oid;
348:
349: str = ptr;
350: ptr = index(str, '#');
351: if (ptr == NULLCP)
352: {
353: free((char*)result);
354: return (struct certificate *) 0;
355: }
356: *ptr = '\0';
357: ptr++;
358:
359: str2alg(str, &(result->key.alg));
360:
361: str = ptr;
362:
363: str2encrypted(str, &(result->key.value), &(result->key.n_bits));
364:
365: return (result);
366: }
367:
368: print_algid(ps, parm, format)
369: PS ps;
370: struct alg_id *parm;
371: int format;
372: {
373: ps_printf(ps, "%s#", oid2name (parm->algorithm, OIDPART));
374:
375: switch(parm->p_type) {
376: case ALG_PARM_ABSENT:
377: ps_printf(ps, "#");
378: break;
379: case ALG_PARM_NUMERIC:
380: if (format == READOUT)
381: ps_printf(ps, "%d#", parm->un.numeric);
382: else
383: ps_printf(ps, "%d#", parm->un.numeric);
384: break;
385: default:
386: if (format == READOUT)
387: {
388: if ((parm->asn->pe_class == PE_CLASS_UNIV)
389: &&(parm->asn->pe_form == PE_FORM_PRIM)
390: &&(parm->asn->pe_id == PE_PRIM_INT))
391: ps_printf(ps, "%d", prim2num(parm->asn));
392: else
393: {
394: vpushquipu (ps);
395: vunknown(parm->asn);
396: vpopquipu ();
397: }
398: }
399: else
400: {
401: /* This routine will print a {ASN} prefix */
402: pe_print(ps, parm->asn, format);
403: }
404: ps_printf(ps, "#");
405: }
406: }
407:
408: print_encrypted(ps, str, n_bits, format)
409: PS ps;
410: char *str;
411: int n_bits;
412: int format;
413: {
414: int i;
415:
416: /* The end-user doesn't care what the signature is, so don't display it */
417:
418: if (format != READOUT)
419: {
420: for (i=0;i<(n_bits+7)/8;i++)
421: ps_printf(ps, "%02x", str[i] & 255);
422:
423: if ((i = (n_bits % 8)) != 0)
424: ps_printf(ps, "-%d", 8-i);
425:
426: ps_printf(ps, "#");
427: }
428:
429: }
430:
431:
432: printcert(ps, parm, format)
433: PS ps;
434: struct certificate *parm;
435: int format;
436: {
437: print_algid(ps, &(parm->sig.alg), format);
438: print_encrypted(ps, parm->sig.encrypted, parm->sig.n_bits, format);
439:
440: dn_print(ps, parm->issuer, EDBOUT);
441: ps_printf(ps, "#");
442: dn_print(ps, parm->subject, EDBOUT);
443: ps_printf(ps, "#");
444: print_algid(ps, &(parm->alg), format);
445: ps_printf(ps, "%d#", parm->version);
446: ps_printf(ps, "%d#", parm->serial);
447:
448: utcprint(ps, parm->valid.not_before, format);
449: ps_printf(ps, "#");
450: utcprint(ps, parm->valid.not_after, format);
451: ps_printf(ps, "#");
452:
453: print_algid(ps, &(parm->key.alg), format);
454: print_encrypted(ps, parm->key.value,
455: parm->key.n_bits, format);
456: }
457:
458: int cert_cmp(a, b)
459: struct certificate *a, *b;
460: {
461: int ret;
462:
463: ret = dn_cmp(a->issuer, b->issuer);
464: if (ret != 0)
465: return (ret);
466:
467: ret = dn_cmp(a->subject, b->subject);
468: if (ret != 0)
469: return (ret);
470:
471: if (a->version > b->version)
472: return (1);
473: if (a->version < b->version)
474: return (-1);
475:
476: if (a->serial > b->serial)
477: return (1);
478: if (a->serial < b->serial)
479: return (-1);
480:
481: /* issuer, subject, version and serial should uniquely identify the
482: * certificate.
483: */
484:
485: return (0);
486: }
487:
488: certificate_syntax()
489: {
490: (void) add_attribute_syntax(
491: "Certificate",
492: (IFP) cert_enc, (IFP) cert_dec,
493: (IFP) str2cert, (IFP) printcert,
494: (IFP) cert_cpy, (IFP) cert_cmp,
495: cert_free, NULLCP,
496: NULLIFP, TRUE);
497: }
This archive runs on limited infrastructure. Preserving old code on modern bandwidth. Automated agents are requested to crawl responsibly.