Certificate Components for C
|
| RSA BSAFE Cert-C |
Certificate Components for C |
| Crypto-C 6.2.1 Developer's Guide | ||
| Search |
/* $Id: scepdb.c,v 1.4 2004/03/02 05:18:39 gsingh Exp $ */ /* scepdb.c ** Copyright (c) 2000-2003, RSA Security Inc. ** ** This file is used to demonstrate how to interface to an RSA Security ** licensed development product. You have a royalty-free right to use, ** modify, reproduce and distribute this demonstration file (including ** any modified version), provided that you agree that RSA Security has ** no warranty, implied or otherwise, or liability for this demonstration ** file or any modified version. ** ** Demonstrate setup of the SCEP database provider. This is a stand-alone ** application that is a simple demonstration that retrieves a cert chain ** from the SCEP_RESPONDER queried. ** ** When compiling, define the macro RSA_REQUIRE_FILE_LOG (-D compile ** option, or equivelent) to force the program to return an error code ** if file logging cannot be initialized. For example, if the file ** containing the log message format strings cannot be located (certc.msg ** or equivalent). */ #include "certc.h" #include "filelog.h" #include "scepdb.h" #include "demoutil.h" #include "certutil.h" #include "pkiutil.h" #ifdef _MSC_VER # pragma warning (disable: 171) /* invalid type conversion (often of very similar ptrs) */ #endif #define DEFAULT_SCEP_RESPONDER_URL "http://century.rsa.com:80/cgi-bin/pkiclient.exe" /* Default values for C_SelectCertByAttributes query */ #define DEFAULT_OPERATION "GetCACert" #define DEFAULT_CERT_ID "CertCTest" #define DEFAULT_CA_IDENT "keon" /* Number of providers to register when C_InitializeCertC is called */ #define SP_COUNT 1 /* SCEP Database Provider instance name */ #define SCEP_DB_NAME "SCEP Database Provider" int main (int argc, char *argv[]) { int status = 0; char userInput[RSA_DEMO_MAX_LINE_LEN]; CERTC_CTX ctx = NULL; SERVICE db = NULL; DB_SCEP_INIT_PARAMS scepDbInitParams = {0}; SERVICE_HANDLER spTable[SP_COUNT] = { {SPT_DATABASE, SCEP_DB_NAME, S_InitializeSCEPDB} }; POINTER spParams[SP_COUNT]; FILE_LOG_PARAMS logParams = {NULL, NULL}; SERVICE_HANDLER logHandler = { SPT_LOG, "Default File Log", S_InitializeFileLog }; ATTRIBUTES_OBJ scepQueryInfo = NULL; ITEM operation = {NULL, 0}, operationValue = {NULL, 0}; ITEM certId = {NULL, 0}, certIdValue = {NULL, 0}; ITEM caId = {NULL, 0}, caIdValue = {NULL, 0}; LIST_OBJ certs = NULL; status = RSA_SetOptions (&logParams, argc, argv); if (status != 0) goto CLEANUP; RSA_PrintMessage ("SCEP DB Example\n"); RSA_PrintMessage ("===============\n"); scepDbInitParams.initChoice = DB_SCEP_INIT_METHOD_STRUCT; status = RSA_ScepDbProfilePrompt (&scepDbInitParams.method.initStruct.profile); if (status != 0) goto CLEANUP; status = RSA_CreateTransportInfoFieldsPrompt (&scepDbInitParams.method.initStruct.transport, DEFAULT_SCEP_RESPONDER_URL); if (status != 0) goto CLEANUP; spParams[0] = (POINTER)&scepDbInitParams; status = C_InitializeCertC (spTable, spParams, SP_COUNT, &ctx); if (status != 0) goto CLEANUP; /* Attempt to initialize file logging, but unless RSA_REQUIRE_FILE_LOG is * defined, treat it as a non-fatal condition. */ status = C_RegisterService (ctx, &logHandler, (POINTER)&logParams, SERVICE_ORDER_FIRST); #ifdef RSA_REQUIRE_FILE_LOG if (status != 0) goto CLEANUP; #endif status = C_CreateAttributesObject (&scepQueryInfo); if (status != 0) goto CLEANUP; RSA_PrintMessage ("See the Online Reference Manual for information about "); RSA_PrintMessage ("the attribute\ntypes and values used in "); RSA_PrintMessage ("C_SelectCertByAttributes. Refer to the SCEP\nDatabase"); RSA_PrintMessage (" Service Provider description of the implementation of"); RSA_PrintMessage ("the\nDB_FUNCS.SelectCertByAttributes callback.\n\n"); operation.data = (POINTER)"operation"; operation.len = T_strlen ((char *)operation.data); RSA_PrintMessage ("Supply desired value for operation: GetCACert or "); RSA_PrintMessage ("GetCACertChain\n(blank for %s): ", DEFAULT_OPERATION); status = RSA_GetCommand (userInput, sizeof (userInput), NULL); if (status != 0) goto CLEANUP; if (T_strlen (userInput) == 0) { /* use default value */ operationValue.len = T_strlen (DEFAULT_OPERATION); operationValue.data = T_malloc (operationValue.len); T_memcpy (operationValue.data, (POINTER)DEFAULT_OPERATION, operationValue.len); } else { operationValue.len = T_strlen (userInput); operationValue.data = T_malloc (operationValue.len); T_memcpy (operationValue.data, (POINTER)userInput, operationValue.len); } status = C_AddStringAttribute (scepQueryInfo, operation.data, operation.len, VT_PRINTABLE_STRING, operationValue.data, operationValue.len); if (status != 0) goto CLEANUP; certId.data = (POINTER)"cert-id"; certId.len = T_strlen ((char *)certId.data); RSA_PrintMessage ("Supply desired value for cert-id.\nFor KCS, this value "); RSA_PrintMessage ("should contain the name of the jurisdiction\nthat "); RSA_PrintMessage ("corresponds to the certificate to retrieve.\nFor "); RSA_PrintMessage ("VeriSign, this value should contain the DNS domain name"); RSA_PrintMessage ("for\nwhich the OnSite account was created. For example,"); RSA_PrintMessage ("mycompany.com.\n(blank for %s): ", DEFAULT_CERT_ID); status = RSA_GetCommand (userInput, sizeof (userInput), NULL); if (status != 0) goto CLEANUP; if (T_strlen (userInput) == 0) { /* use default value */ certIdValue.len = T_strlen (DEFAULT_CERT_ID); certIdValue.data = T_malloc (certIdValue.len); T_memcpy (certIdValue.data, (POINTER)DEFAULT_CERT_ID, certIdValue.len); } else { certIdValue.len = T_strlen (userInput); certIdValue.data = T_malloc (certIdValue.len); T_memcpy (certIdValue.data, (POINTER)userInput, certIdValue.len); } status = C_AddStringAttribute (scepQueryInfo, certId.data, certId.len, VT_PRINTABLE_STRING, certIdValue.data, certIdValue.len); if (status != 0) goto CLEANUP; caId.data = (POINTER)"ca-ident"; caId.len = T_strlen ((char *)caId.data); RSA_PrintMessage ("Supply desired value for ca-ident.\n"); RSA_PrintMessage ("(blank to omit):"); status = RSA_GetCommand (userInput, sizeof (userInput), NULL); if (status != 0) goto CLEANUP; if (T_strlen (userInput) != 0) { caIdValue.len = T_strlen (userInput); caIdValue.data = T_malloc (caIdValue.len); T_memcpy (caIdValue.data, (POINTER)userInput, caIdValue.len); status = C_AddStringAttribute (scepQueryInfo, caId.data, caId.len, VT_PRINTABLE_STRING, caIdValue.data, caIdValue.len); if (status != 0) goto CLEANUP; } /* Now that we have our attributes ready, we can now make our request */ status = C_BindService (ctx, SPT_DATABASE, SCEP_DB_NAME, &db); if (status != 0) goto CLEANUP; status = C_CreateListObject (&certs); if (status != 0) goto CLEANUP; RSA_PrintMessage ("Contacting SCEP Responder...\n\n"); status = C_SelectCertByAttributes (db, NULL, scepQueryInfo, certs); if (status == E_NOT_FOUND) { RSA_PrintMessage ("Query returned no matches.\n"); status = 0; } else if (status != 0) goto CLEANUP; status = RSA_SaveCertListToFiles (certs); CLEANUP: if (status != 0) RSA_PrintError ("scepdb.c", status); else RSA_PrintMessage ("Done!\n"); RSA_DestroyTransportInfoFields (&scepDbInitParams.method.initStruct.transport); T_free (operationValue.data); T_free (certIdValue.data); T_free (caIdValue.data); C_DestroyListObject (&certs); C_DestroyAttributesObject (&scepQueryInfo); C_UnbindService (&db); C_FinalizeCertC (&ctx); return (status); } /* end main */