Certificate Components for C
|
| RSA BSAFE Cert-C |
Certificate Components for C |
| Crypto-C 6.2.1 Developer's Guide | ||
| Search |
/* $Id: critical.c,v 1.5 2004/03/02 05:18:35 gsingh Exp $ */ /* critical.c ** Copyright (c) 2001-2003, RSA Security Inc. ** ** This file is used to demonstrate how to interface to an RSA Security ** licensed development product. You have a royalty-free right to use, ** modify, reproduce and distribute this demonstration file (including ** any modified version), provided that you agree that RSA Security has ** no warranty, implied or otherwise, or liability for this demonstration ** file or any modified version. ** ** This testcase demonstrates registration of a default extension handler ** to work around the problem of an unrecognized critical extension ** causing C_SetCertBER to return E_UNKNOWN_CRITICAL_EXTENSION. Note that ** the developer must know the OID of the extension. The extension handler ** used in this testcase just returns the BER-encoded extension value in ** an ITEM. If a handler that goes from BER to a more meaningful C structure ** is desired (and vice versa), this testcase can be extended to do that. */ #include "certc.h" #include "demoutil.h" /* The netscape-cert-type extension is not supported by Cert-C by default. * However, the user can define routines to handle new extensions. */ static unsigned char ET_NETSCAPE_CERT_TYPE[] = { 0x60, 0x86, 0x48, 0x01, 0x86, 0xF8, 0x42, 0x01, 0x01 }; static unsigned int ET_NETSCAPE_CERT_TYPE_LEN = sizeof (ET_NETSCAPE_CERT_TYPE); static int RegisterUserDefinedExtension (CERTC_CTX ctx); int main (int argc, char *argv[]) { int status = 0; CERTC_CTX ctx = NULL; CERT_OBJ certObj = NULL; ITEM certBer = {NULL, 0}; FILE_LOG_PARAMS logParams = {NULL, NULL}; SERVICE_HANDLER logHandler = { SPT_LOG, "Default File Log", S_InitializeFileLog }; status = RSA_SetOptions (&logParams, argc, argv); if (status != 0) goto CLEANUP; status = C_InitializeCertC (NULL, NULL, 0, &ctx); if (status != 0) goto CLEANUP; /* Attempt to initialize file logging, but unless RSA_REQUIRE_FILE_LOG is * defined, treat it as a non-fatal condition. */ status = C_RegisterService (ctx, &logHandler, (POINTER)&logParams, SERVICE_ORDER_FIRST); #ifdef RSA_REQUIRE_FILE_LOG if (status != 0) goto CLEANUP; #endif status = RegisterUserDefinedExtension (ctx); if (status != 0) goto CLEANUP; status = C_CreateCertObject (&certObj, ctx); if (status != 0) goto CLEANUP; status = RSA_GetFileToAllocBuffer (&certBer.data, &certBer.len, "Enter name of cert binary"); if (status != 0) goto CLEANUP; status = C_SetCertBER (certObj, certBer.data, certBer.len); CLEANUP: if (status != 0) RSA_PrintError ("critical", status); else RSA_PrintMessage ("testcase successful!\n"); T_free (certBer.data); C_DestroyCertObject (&certObj); C_FinalizeCertC (&ctx); return status; } /* end main */ /* These procedures used for the user-defined extension are necessary * in order for C_SetCertBER to parse the extension. Note that this * basically makes Cert-C act as if the unrecognized netscape-cert-type * extension were marked non-critical instead of critical, unless the * calling application does something to interpret this extension value. */ static int RegisterUserDefinedExtension (CERTC_CTX ctx) { int status = 0; EXTENSION_TYPE_INFO extTypeInfo; status = C_GetExtensionTypeInfo (ctx, ET_UNKNOWN_TYPE, ET_UNKNOWN_TYPE_LEN, &extTypeInfo); if (status != 0) goto CLEANUP; extTypeInfo.type.data = ET_NETSCAPE_CERT_TYPE; extTypeInfo.type.len = ET_NETSCAPE_CERT_TYPE_LEN; extTypeInfo.criticality = CRITICAL; status = C_RegisterExtensionType (ctx, &extTypeInfo); CLEANUP: return status; } /* end RegisterUserDefinedExtension */