Certificate Components for C
|
| RSA BSAFE Cert-C |
Certificate Components for C |
| Crypto-C 6.2.1 Developer's Guide | ||
| Search |
/* $Id: crlutil.c,v 1.5 2004/03/02 05:18:37 gsingh Exp $ */ /* crlutil.c ** Copyright (c) 1999-2002, RSA Security Inc. ** ** This file is used to demonstrate how to interface to an RSA Security ** licensed development product. You have a royalty-free right to use, ** modify, reproduce and distribute this demonstration file (including ** any modified version), provided that you agree that RSA Security has ** no warranty, implied or otherwise, or liability for this demonstration ** file or any modified version. ** ** This file contains routines that are used to print the information ** contained in a CRL object in a readable manner, as well as routines used ** to gather user input to place into a CRL object. */ #include "crlutil.h" int RSA_SaveCrlObjToFile (CRL_OBJ crlObj) { int status = 0; ITEM crlBer = {NULL, 0}; status = C_GetCRLDER (crlObj, &crlBer.data, &crlBer.len); if (status != 0) goto CLEANUP; status = RSA_WriteDataToFile (crlBer.data, crlBer.len, "Enter name of file to store CRL binary"); CLEANUP: if (status != 0) RSA_PrintError ("RSA_SaveCrlObjToFile", status); return status; } /* end RSA_SaveCrlObjToFile */ int RSA_PrintCrlObject (CRL_OBJ crlObj) { int status = 0; CRL_FIELDS crlFields; status = C_GetCRLFields (crlObj, &crlFields); if (status != 0) goto CLEANUP; switch (crlFields.version) { case CRL_VERSION_1: RSA_PrintMessage ("Version 1 CRL\n"); break; case CRL_VERSION_2: RSA_PrintMessage ("Version 2 CRL\n"); break; default: RSA_PrintMessage ("Unknown version: %u\n", crlFields.version); } RSA_PrintSignatureAlgorithm (crlFields.signatureAlgorithm); RSA_PrintNameObject ("Issuer Name", crlFields.issuerName); RSA_PrintUint4Time ("Last Update", crlFields.lastUpdate); RSA_PrintUint4Time ("Next Update", crlFields.nextUpdate); RSA_PrintCrlEntries (crlFields.crlEntries); if (crlFields.crlExtensions != NULL) status = RSA_PrintExtensionsObject (crlFields.crlExtensions); CLEANUP: if (status != 0) RSA_PrintError ("RSA_PrintCrlObject", status); return status; } /* end RSA_PrintCrlObject */ int RSA_PrintCrlInfo (CRL_OBJ crlObj) { int status = 0; char *nameString = NULL; CRL_FIELDS crlFields; status = C_GetCRLFields (crlObj, &crlFields); if (status != 0) goto CLEANUP; status = C_GetNameString (crlFields.issuerName, &nameString); if (status != 0) goto CLEANUP; RSA_PrintMessage ("CRL Issuer: %s\n", nameString); RSA_PrintUint4Time ("Last Update", crlFields.lastUpdate); RSA_PrintUint4Time ("Next Update", crlFields.nextUpdate); CLEANUP: if (status != 0) RSA_PrintError ("RSA_PrintCrlInfo", status); return status; } /* end RSA_PrintCrlInfo */ int RSA_PrintCrlList (LIST_OBJ crls) { int status = 0; unsigned int numEntries = 0, i = 0; POINTER entry = NULL; status = C_GetListObjectCount (crls, &numEntries); if (status != 0) goto CLEANUP; if (numEntries == 0) RSA_PrintMessage ("No entries.\n"); for (i = 0; i < numEntries; i++) { status = C_GetListObjectEntry (crls, i, &entry); if (status != 0) goto CLEANUP; RSA_PrintMessage ("***CRL #%d:\n", i+1); status = RSA_PrintCrlInfo ((CRL_OBJ)entry); if (status != 0) goto CLEANUP; } CLEANUP: if (status != 0) RSA_PrintError ("RSA_PrintCrlList", status); return status; } /* end RSA_PrintCrlList */ static int ChooseCrlVersionPrompt (UINT2 *version) { int status = 0; RSA_DEMO_TABLE_ENTRY verTable[2]; RSA_DEMO_TABLE_ENTRY *choice = (RSA_DEMO_TABLE_ENTRY *)NULL_PTR; verTable[0].description = "Version 1"; verTable[0].val.value = CRL_VERSION_1; verTable[1].description = "Version 2"; verTable[1].val.value = CRL_VERSION_2; status = ChooseTableEntryPrompt (verTable, sizeof (verTable) / sizeof (RSA_DEMO_TABLE_ENTRY), &choice); if (status != 0) goto CLEANUP; *version = (UINT2)choice->val.value; CLEANUP: if (status != 0) RSA_PrintError ("ChooseCrlVersionPrompt", status); return status; } /* end ChooseCrlVersionPrompt */ int RSA_GetInputToCrlObject (CERTC_CTX ctx, CRL_OBJ crlObj) { int status = 0; ALGORITHM_IDENTIFIER algId; CRL_FIELDS crlFields; B_KEY_OBJ privateKey = NULL; /* Obtain access to the objects created when C_CreateCRLObject was called. */ status = C_GetCRLFields (crlObj, &crlFields); if (status != 0) goto CLEANUP; status = ChooseCrlVersionPrompt (&crlFields.version); if (status != 0) goto CLEANUP; status = RSA_ChooseSignatureAlgorithmPrompt (&algId); if (status != 0) goto CLEANUP; crlFields.signatureAlgorithm = algId.algorithmId; status = RSA_GetNameObject (crlFields.issuerName, "issuer"); if (status != 0) goto CLEANUP; status = RSA_GetInputToUint4Time (&crlFields.lastUpdate, "Enter last update time"); if (status != 0) goto CLEANUP; status = RSA_GetInputToUint4Time (&crlFields.nextUpdate, "Enter next update time"); if (status != 0) goto CLEANUP; status = RSA_GetCrlEntries (crlFields.version, crlFields.crlEntries, ctx); if (status != 0) goto CLEANUP; if (crlFields.version != CRL_VERSION_1) { status = RSA_GetExtensionsObject (crlFields.crlExtensions, CRL_EXTENSIONS_OBJ); if (status != 0) goto CLEANUP; } crlFields.reserved = NULL_PTR; status = C_SetCRLFields (crlObj, &crlFields); if (status != 0) goto CLEANUP; status = RSA_GetKeyObjFromFile (RSA_DEMO_PRIVATE_KEY, &privateKey); if (status != 0) goto CLEANUP; status = C_SignCRL (crlObj, privateKey); CLEANUP: if (status != 0) RSA_PrintError ("RSA_GetInputToCrlObject", status); B_DestroyKeyObject (&privateKey); return status; } /* end RSA_GetInputToCrlObject */ int RSA_GetCrlObject (CERTC_CTX ctx, CRL_OBJ crlObj) { int status = 0; unsigned char *crlBer = NULL; unsigned int crlBerLen = 0; RSA_PrintMessage ("Enter name of file containing CRL object binary\n"); status = RSA_GetFileToAllocBuffer (&crlBer, &crlBerLen, "(blank to create a new one)"); if (status == RSA_DEMO_E_CANCEL) { status = RSA_GetInputToCrlObject (ctx, crlObj); /* whatever happens, we're done here */ goto CLEANUP; } if (status != 0) goto CLEANUP; status = C_SetCRLBER (crlObj, crlBer, crlBerLen); if (status != 0) goto CLEANUP; CLEANUP: if (status != 0) RSA_PrintError ("RSA_GetCrlObject", status); T_free (crlBer); return status; } /* end RSA_GetCrlObject */ int RSA_AddCrlsToDbPrompt (CERTC_CTX ctx, SERVICE db) { int status = 0; ITEM crlBer = {NULL, 0}; CRL_OBJ crlObj = NULL; for (;;) { status = RSA_GetFileToAllocBuffer (&crlBer.data, &crlBer.len, "Enter name of CRL binary file (blank when finished)"); if (status == RSA_DEMO_E_CANCEL) { status = 0; break; } else if (status != 0) goto CLEANUP; status = C_CreateCRLObject (&crlObj, ctx); if (status != 0) goto CLEANUP; status = C_SetCRLBER (crlObj, crlBer.data, crlBer.len); if (status != 0) goto CLEANUP; /* Note that another option is to use C_InsertCertList, perhaps in * conjunction with RSA_AddCertsToListPrompt. */ status = C_InsertCRL (db, crlObj); if (status != 0) goto CLEANUP; T_free (crlBer.data); crlBer.data = NULL; C_DestroyCRLObject (&crlObj); } CLEANUP: if (status != 0) RSA_PrintError ("RSA_AddCrlsToDbPrompt", status); T_free (crlBer.data); C_DestroyCRLObject (&crlObj); return status; } /* end RSA_AddCrlsToDbPrompt */ int RSA_AddCrlsToListPrompt (CERTC_CTX ctx, LIST_OBJ crlList) { int status = 0; ITEM crlBer = {NULL, 0}; CRL_OBJ crlObj = NULL; for (;;) { status = RSA_GetFileToAllocBuffer (&crlBer.data, &crlBer.len, "Enter name of CRL binary file (blank when finished)"); if (status == RSA_DEMO_E_CANCEL) { status = 0; break; } else if (status != 0) goto CLEANUP; status = C_CreateCRLObject (&crlObj, ctx); if (status != 0) goto CLEANUP; status = C_SetCRLBER (crlObj, crlBer.data, crlBer.len); if (status != 0) goto CLEANUP; /* C_AddUniqueCRLToList is another option... */ status = C_AddCRLToList (crlList, crlObj, NULL); if (status != 0) goto CLEANUP; T_free (crlBer.data); crlBer.data = NULL; C_DestroyCRLObject (&crlObj); } CLEANUP: if (status != 0) RSA_PrintError ("RSA_AddCrlsToListPrompt", status); T_free (crlBer.data); C_DestroyCRLObject (&crlObj); return status; } /* end RSA_AddCrlsToListPrompt */ int RSA_PrintCrlEntries (CRL_ENTRIES_OBJ crlEntries) { int status = 0; unsigned int i = 0, totalEntries = 0; CRL_ENTRY_INFO crlEntryInfo; if (crlEntries == NULL) goto CLEANUP; status = C_GetCRLEntriesCount (crlEntries, &totalEntries); if (status != 0) goto CLEANUP; for (i = 0; i < totalEntries; i++) { RSA_PrintMessage ("--CRL Entry #%u\n", i + 1); status = C_GetCRLEntry (crlEntries, &crlEntryInfo, i); if (status != 0) goto CLEANUP; RSA_PrintBuf ("Serial Number", crlEntryInfo.serialNumber.data, crlEntryInfo.serialNumber.len); RSA_PrintUint4Time ("Action Time", crlEntryInfo.actionTime); if (crlEntryInfo.crlEntryExtensions != (EXTENSIONS_OBJ)NULL_PTR) { status = RSA_PrintExtensionsObject (crlEntryInfo.crlEntryExtensions); if (status != 0) goto CLEANUP; } } CLEANUP: if (status != 0) RSA_PrintError ("RSA_PrintCrlEntriesObj", status); return status; } /* end RSA_PrintCrlEntriesObj */ int RSA_GetCrlEntries (UINT2 version, CRL_ENTRIES_OBJ crlEntries, CERTC_CTX ctx) { int status = 0; CRL_ENTRY_INFO crlEntryInfo = {{0}}; /* Keep going until the user enters a blank */ for (;;) { status = RSA_GetItem (&crlEntryInfo.serialNumber, "Enter hex-ascii serial number of cert to revoke \ (blank to cancel)"); if (status != 0) goto CLEANUP; status = RSA_GetInputToUint4Time (&crlEntryInfo.actionTime, "Action time"); if (status != 0) goto CLEANUP; status = C_CreateExtensionsObject (&crlEntryInfo.crlEntryExtensions, CRL_ENTRY_EXTENSIONS_OBJ, ctx); if (status != 0) goto CLEANUP; if (version != CRL_VERSION_1) { status = RSA_GetInputToExtensionsObject (crlEntryInfo.crlEntryExtensions, CRL_ENTRY_EXTENSIONS_OBJ); if (status != 0 && status != RSA_DEMO_E_CANCEL) goto CLEANUP; } status = C_AddCRLEntry (crlEntries, &crlEntryInfo, (unsigned int *)NULL_PTR); if (status != 0) goto CLEANUP; T_free (crlEntryInfo.serialNumber.data); crlEntryInfo.serialNumber.data = NULL_PTR; C_DestroyExtensionsObject (&crlEntryInfo.crlEntryExtensions); } CLEANUP: if (status == RSA_DEMO_E_CANCEL) status = 0; if (status != 0) RSA_PrintError ("RSA_GetCrlEntries", status); T_free (crlEntryInfo.serialNumber.data); C_DestroyExtensionsObject (&crlEntryInfo.crlEntryExtensions); return status; } /* end RSA_GetCrlEntries */