summaryrefslogtreecommitdiff
path: root/examples/CrlExample.c
diff options
context:
space:
mode:
Diffstat (limited to 'examples/CrlExample.c')
-rw-r--r--examples/CrlExample.c645
1 files changed, 365 insertions, 280 deletions
diff --git a/examples/CrlExample.c b/examples/CrlExample.c
index 7efd62f..0d8818c 100644
--- a/examples/CrlExample.c
+++ b/examples/CrlExample.c
@@ -33,30 +33,35 @@
static char *
-my_ltostr(long v,char *str)
+my_ltostr (long v, char *str)
{
- long d,r;
+ long d, r;
char temp[20];
- int count,k,start;
-
- if(v<0){
- str[0]='-';
- start=1;
- v=-v;
- }
- else start=0;
-
- count=0;
- do{
- d=v/10;
- r=v-d*10;
- temp[start+count]='0'+(char)r;
- count++;
- v=d;
- }while(v);
-
- for(k=0;k<count;k++) str[k+start]=temp[start+count-k-1];
- str[count+start]=0;
+ int count, k, start;
+
+ if (v < 0)
+ {
+ str[0] = '-';
+ start = 1;
+ v = -v;
+ }
+ else
+ start = 0;
+
+ count = 0;
+ do
+ {
+ d = v / 10;
+ r = v - d * 10;
+ temp[start + count] = '0' + (char) r;
+ count++;
+ v = d;
+ }
+ while (v);
+
+ for (k = 0; k < count; k++)
+ str[k + start] = temp[start + count - k - 1];
+ str[count + start] = 0;
return str;
}
@@ -70,111 +75,137 @@ my_ltostr(long v,char *str)
/* "C=US O=gov" */
/******************************************************/
static void
-get_Name_type(ASN1_TYPE cert_def,ASN1_TYPE cert,const char *root, char *answer)
+get_Name_type (ASN1_TYPE cert_def, ASN1_TYPE cert, const char *root,
+ char *answer)
{
- int k,k2,result,len;
- char name[128],str[1024],str2[1024],name2[128],counter[5],name3[128];
- ASN1_TYPE value=ASN1_TYPE_EMPTY;
+ int k, k2, result, len;
+ char name[128], str[1024], str2[1024], name2[128], counter[5], name3[128];
+ ASN1_TYPE value = ASN1_TYPE_EMPTY;
char errorDescription[ASN1_MAX_ERROR_DESCRIPTION_SIZE];
- answer[0]=0;
- k=1;
- do{
- strcpy(name,root);
- strcat(name,".rdnSequence.?");
- my_ltostr(k,counter);
- strcat(name,counter);
-
- len = sizeof(str)-1;
- result=asn1_read_value(cert,name,str,&len);
- if(result==ASN1_ELEMENT_NOT_FOUND) break;
- k2=1;
- do{
- strcpy(name2,name);
- strcat(name2,".?");
- my_ltostr(k2,counter);
- strcat(name2,counter);
-
- len = sizeof(str)-1;
- result=asn1_read_value(cert,name2,str,&len);
- if(result==ASN1_ELEMENT_NOT_FOUND) break;
- strcpy(name3,name2);
- strcat(name3,".type");
-
- len = sizeof(str)-1;
- result=asn1_read_value(cert,name3,str,&len);
- strcpy(name3,name2);
- strcat(name3,".value");
- if(result==ASN1_SUCCESS){
- len = sizeof(str2);
- result=asn1_read_value(cert_def,"PKIX1Implicit88.id-at-countryName",
- str2,&len);
- if(!strcmp(str,str2)){
- asn1_create_element(cert_def,"PKIX1Implicit88.X520OrganizationName",
- &value);
- len = sizeof(str)-1;
- asn1_read_value(cert,name3,str,&len);
- result=asn1_der_decoding(&value,str,len,errorDescription);
-
- len = sizeof(str)-1;
- asn1_read_value(value,"",str,&len); /* CHOICE */
-
- strcpy(name3,str);
-
- len = sizeof(str)-1;
- asn1_read_value(value,name3,str,&len);
- str[len]=0;
- strcat(answer," C=");
- strcat(answer,str);
-
- asn1_delete_structure(&value);
- }
- else{
- len = sizeof(str2);
- result=asn1_read_value(cert_def,"PKIX1Implicit88.id-at-organizationName"
- ,str2,&len);
- if(!strcmp(str,str2)){
- asn1_create_element(cert_def,"PKIX1Implicit88.X520OrganizationName"
- ,&value);
-
- len = sizeof(str)-1;
- asn1_read_value(cert,name3,str,&len);
- asn1_der_decoding(&value,str,len,errorDescription);
- len = sizeof(str)-1;
- asn1_read_value(value,"",str,&len); /* CHOICE */
- strcpy(name3,str);
- len = sizeof(str)-1;
- asn1_read_value(value,name3,str,&len);
- str[len]=0;
- strcat(answer," O=");
- strcat(answer,str);
- asn1_delete_structure(&value);
- }
- else{
- len = sizeof(str2);
- result=asn1_read_value(cert_def,"PKIX1Implicit88.id-at-organizationalUnitName",str2,&len);
- if(!strcmp(str,str2)){
- asn1_create_element(cert_def,"PKIX1Implicit88.X520OrganizationalUnitName",&value);
- len = sizeof(str)-1;
- asn1_read_value(cert,name3,str,&len);
- asn1_der_decoding(&value,str,len,errorDescription);
- len = sizeof(str)-1;
- asn1_read_value(value,"",str,&len); /* CHOICE */
- strcpy(name3,str);
- len = sizeof(str)-1;
- asn1_read_value(value,name3,str,&len);
- str[len]=0;
- strcat(answer," OU=");
- strcat(answer,str);
- asn1_delete_structure(&value);
+ answer[0] = 0;
+ k = 1;
+ do
+ {
+ strcpy (name, root);
+ strcat (name, ".rdnSequence.?");
+ my_ltostr (k, counter);
+ strcat (name, counter);
+
+ len = sizeof (str) - 1;
+ result = asn1_read_value (cert, name, str, &len);
+ if (result == ASN1_ELEMENT_NOT_FOUND)
+ break;
+ k2 = 1;
+ do
+ {
+ strcpy (name2, name);
+ strcat (name2, ".?");
+ my_ltostr (k2, counter);
+ strcat (name2, counter);
+
+ len = sizeof (str) - 1;
+ result = asn1_read_value (cert, name2, str, &len);
+ if (result == ASN1_ELEMENT_NOT_FOUND)
+ break;
+ strcpy (name3, name2);
+ strcat (name3, ".type");
+
+ len = sizeof (str) - 1;
+ result = asn1_read_value (cert, name3, str, &len);
+ strcpy (name3, name2);
+ strcat (name3, ".value");
+ if (result == ASN1_SUCCESS)
+ {
+ len = sizeof (str2);
+ result =
+ asn1_read_value (cert_def,
+ "PKIX1Implicit88.id-at-countryName", str2,
+ &len);
+ if (!strcmp (str, str2))
+ {
+ asn1_create_element (cert_def,
+ "PKIX1Implicit88.X520OrganizationName",
+ &value);
+ len = sizeof (str) - 1;
+ asn1_read_value (cert, name3, str, &len);
+ result =
+ asn1_der_decoding (&value, str, len, errorDescription);
+
+ len = sizeof (str) - 1;
+ asn1_read_value (value, "", str, &len); /* CHOICE */
+
+ strcpy (name3, str);
+
+ len = sizeof (str) - 1;
+ asn1_read_value (value, name3, str, &len);
+ str[len] = 0;
+ strcat (answer, " C=");
+ strcat (answer, str);
+
+ asn1_delete_structure (&value);
+ }
+ else
+ {
+ len = sizeof (str2);
+ result =
+ asn1_read_value (cert_def,
+ "PKIX1Implicit88.id-at-organizationName",
+ str2, &len);
+ if (!strcmp (str, str2))
+ {
+ asn1_create_element (cert_def,
+ "PKIX1Implicit88.X520OrganizationName",
+ &value);
+
+ len = sizeof (str) - 1;
+ asn1_read_value (cert, name3, str, &len);
+ asn1_der_decoding (&value, str, len, errorDescription);
+ len = sizeof (str) - 1;
+ asn1_read_value (value, "", str, &len); /* CHOICE */
+ strcpy (name3, str);
+ len = sizeof (str) - 1;
+ asn1_read_value (value, name3, str, &len);
+ str[len] = 0;
+ strcat (answer, " O=");
+ strcat (answer, str);
+ asn1_delete_structure (&value);
+ }
+ else
+ {
+ len = sizeof (str2);
+ result =
+ asn1_read_value (cert_def,
+ "PKIX1Implicit88.id-at-organizationalUnitName",
+ str2, &len);
+ if (!strcmp (str, str2))
+ {
+ asn1_create_element (cert_def,
+ "PKIX1Implicit88.X520OrganizationalUnitName",
+ &value);
+ len = sizeof (str) - 1;
+ asn1_read_value (cert, name3, str, &len);
+ asn1_der_decoding (&value, str, len,
+ errorDescription);
+ len = sizeof (str) - 1;
+ asn1_read_value (value, "", str, &len); /* CHOICE */
+ strcpy (name3, str);
+ len = sizeof (str) - 1;
+ asn1_read_value (value, name3, str, &len);
+ str[len] = 0;
+ strcat (answer, " OU=");
+ strcat (answer, str);
+ asn1_delete_structure (&value);
+ }
+ }
+ }
}
- }
+ k2++;
}
- }
- k2++;
- }while(1);
- k++;
- }while(1);
+ while (1);
+ k++;
+ }
+ while (1);
}
@@ -185,157 +216,213 @@ get_Name_type(ASN1_TYPE cert_def,ASN1_TYPE cert,const char *root, char *answer)
/* as in rfc2459 Appendix D.1 */
/* Parameters: */
/* unsigned char *der: contains the der encoding */
-/* int *der_len: number of bytes of der string */
+/* int *der_len: number of bytes of der string */
/******************************************************/
static void
-create_CRL(ASN1_TYPE cert_def, unsigned char *der,int *der_len)
+create_CRL (ASN1_TYPE cert_def, unsigned char *der, int *der_len)
{
- int result,k,len;
+ int result, k, len;
unsigned char str[1024];
const unsigned char *str2;
- ASN1_TYPE crl=ASN1_TYPE_EMPTY;
- ASN1_TYPE value=ASN1_TYPE_EMPTY;
+ ASN1_TYPE crl = ASN1_TYPE_EMPTY;
+ ASN1_TYPE value = ASN1_TYPE_EMPTY;
char errorDescription[ASN1_MAX_ERROR_DESCRIPTION_SIZE];
int max_len;
- max_len=*der_len;
+ max_len = *der_len;
+
+ result =
+ asn1_create_element (cert_def, "PKIX1Implicit88.CertificateList", &crl);
- result=asn1_create_element(cert_def,"PKIX1Implicit88.CertificateList",&crl);
-
- /* Use the next 3 lines to visit the empty certificate */
+ /* Use the next 3 lines to visit the empty certificate */
/* printf("-----------------\n");
- asn1_visit_tree(crl,"");
- printf("-----------------\n"); */
-
+ asn1_visit_tree(crl,"");
+ printf("-----------------\n"); */
+
- /* version: v2(1) */
- result=asn1_write_value(crl,"tbsCertList.version","v2",0);
+ /* version: v2(1) */
+ result = asn1_write_value (crl, "tbsCertList.version", "v2", 0);
/* signature: dsa-with-sha */
- len = sizeof(str)-1;
- result=asn1_read_value(cert_def,"PKIX1Implicit88.id-dsa-with-sha1",str,&len);
- result=asn1_write_value(crl,"tbsCertList.signature.algorithm",str,1);
- result=asn1_write_value(crl,"tbsCertList.signature.parameters",NULL,0);
+ len = sizeof (str) - 1;
+ result =
+ asn1_read_value (cert_def, "PKIX1Implicit88.id-dsa-with-sha1", str, &len);
+ result = asn1_write_value (crl, "tbsCertList.signature.algorithm", str, 1);
+ result =
+ asn1_write_value (crl, "tbsCertList.signature.parameters", NULL, 0);
/* issuer: Country="US" Organization="gov" OrganizationUnit="nist" */
- result=asn1_write_value(crl,"tbsCertList.issuer","rdnSequence",1);
+ result = asn1_write_value (crl, "tbsCertList.issuer", "rdnSequence", 1);
- result=asn1_write_value(crl,"tbsCertList.issuer.rdnSequence","NEW",1);
- result=asn1_write_value(crl,"tbsCertList.issuer.rdnSequence.?LAST","NEW",1);
+ result = asn1_write_value (crl, "tbsCertList.issuer.rdnSequence", "NEW", 1);
+ result =
+ asn1_write_value (crl, "tbsCertList.issuer.rdnSequence.?LAST", "NEW", 1);
/* C */
- len = sizeof(str)-1;
- result=asn1_read_value(cert_def,"PKIX1Implicit88.id-at-countryName",str,&len);
- result=asn1_write_value(crl,"tbsCertList.issuer.rdnSequence.?LAST.?LAST.type",str,1);
- result=asn1_create_element(cert_def,"PKIX1Implicit88.X520countryName",
- &value);
- result=asn1_write_value(value,"","US",2);
- *der_len=max_len;
- result=asn1_der_coding(value,"",der,der_len,errorDescription);
-
- asn1_delete_structure(&value);
- result=asn1_write_value(crl,"tbsCertList.issuer.rdnSequence.?LAST.?LAST.value",der,*der_len);
-
-
- result=asn1_write_value(crl,"tbsCertList.issuer.rdnSequence","NEW",4);
- result=asn1_write_value(crl,"tbsCertList.issuer.rdnSequence.?LAST","NEW",4);
+ len = sizeof (str) - 1;
+ result =
+ asn1_read_value (cert_def, "PKIX1Implicit88.id-at-countryName", str,
+ &len);
+ result =
+ asn1_write_value (crl, "tbsCertList.issuer.rdnSequence.?LAST.?LAST.type",
+ str, 1);
+ result =
+ asn1_create_element (cert_def, "PKIX1Implicit88.X520countryName", &value);
+ result = asn1_write_value (value, "", "US", 2);
+ *der_len = max_len;
+ result = asn1_der_coding (value, "", der, der_len, errorDescription);
+
+ asn1_delete_structure (&value);
+ result =
+ asn1_write_value (crl, "tbsCertList.issuer.rdnSequence.?LAST.?LAST.value",
+ der, *der_len);
+
+
+ result = asn1_write_value (crl, "tbsCertList.issuer.rdnSequence", "NEW", 4);
+ result =
+ asn1_write_value (crl, "tbsCertList.issuer.rdnSequence.?LAST", "NEW", 4);
/* O */
- len = sizeof(str)-1;
- result=asn1_read_value(cert_def,"PKIX1Implicit88.id-at-organizationName",str,&len);
- result=asn1_write_value(crl,"tbsCertList.issuer.rdnSequence.?LAST.?LAST.type",str,8);
- result=asn1_create_element(cert_def,"PKIX1Implicit88.X520OrganizationName",
- &value);
- result=asn1_write_value(value,"","printableString",1);
- result=asn1_write_value(value,"printableString","gov",3);
- *der_len=max_len;
- result=asn1_der_coding(value,"",der,der_len,errorDescription);
- asn1_delete_structure(&value);
- result=asn1_write_value(crl,"tbsCertList.issuer.rdnSequence.?LAST.?LAST.value",der,*der_len);
-
-
- result=asn1_write_value(crl,"tbsCertList.issuer.rdnSequence","NEW",1);
- result=asn1_write_value(crl,"tbsCertList.issuer.rdnSequence.?LAST","NEW",1);
+ len = sizeof (str) - 1;
+ result =
+ asn1_read_value (cert_def, "PKIX1Implicit88.id-at-organizationName", str,
+ &len);
+ result =
+ asn1_write_value (crl, "tbsCertList.issuer.rdnSequence.?LAST.?LAST.type",
+ str, 8);
+ result =
+ asn1_create_element (cert_def, "PKIX1Implicit88.X520OrganizationName",
+ &value);
+ result = asn1_write_value (value, "", "printableString", 1);
+ result = asn1_write_value (value, "printableString", "gov", 3);
+ *der_len = max_len;
+ result = asn1_der_coding (value, "", der, der_len, errorDescription);
+ asn1_delete_structure (&value);
+ result =
+ asn1_write_value (crl, "tbsCertList.issuer.rdnSequence.?LAST.?LAST.value",
+ der, *der_len);
+
+
+ result = asn1_write_value (crl, "tbsCertList.issuer.rdnSequence", "NEW", 1);
+ result =
+ asn1_write_value (crl, "tbsCertList.issuer.rdnSequence.?LAST", "NEW", 1);
/* OU */
- len = sizeof(str)-1;
- result=asn1_read_value(cert_def,"PKIX1Implicit88.id-at-organizationalUnitName",
- str,&len);
- result=asn1_write_value(crl,"tbsCertList.issuer.rdnSequence.?LAST.?LAST.type",str,1);
- result=asn1_create_element(cert_def,"PKIX1Implicit88.X520OrganizationalUnitName",&value);
- result=asn1_write_value(value,"","printableString",1);
- result=asn1_write_value(value,"printableString","nist",4);
- *der_len=max_len;
- result=asn1_der_coding(value,"",der,der_len,errorDescription);
- asn1_delete_structure(&value);
- result=asn1_write_value(crl,"tbsCertList.issuer.rdnSequence.?LAST.?LAST.value",der,*der_len);
+ len = sizeof (str) - 1;
+ result =
+ asn1_read_value (cert_def, "PKIX1Implicit88.id-at-organizationalUnitName",
+ str, &len);
+ result =
+ asn1_write_value (crl, "tbsCertList.issuer.rdnSequence.?LAST.?LAST.type",
+ str, 1);
+ result =
+ asn1_create_element (cert_def,
+ "PKIX1Implicit88.X520OrganizationalUnitName",
+ &value);
+ result = asn1_write_value (value, "", "printableString", 1);
+ result = asn1_write_value (value, "printableString", "nist", 4);
+ *der_len = max_len;
+ result = asn1_der_coding (value, "", der, der_len, errorDescription);
+ asn1_delete_structure (&value);
+ result =
+ asn1_write_value (crl, "tbsCertList.issuer.rdnSequence.?LAST.?LAST.value",
+ der, *der_len);
/* validity */
- result=asn1_write_value(crl,"tbsCertList.thisUpdate","utcTime",1);
- result=asn1_write_value(crl,"tbsCertList.thisUpdate.utcTime","970801000000Z",1);
+ result = asn1_write_value (crl, "tbsCertList.thisUpdate", "utcTime", 1);
+ result =
+ asn1_write_value (crl, "tbsCertList.thisUpdate.utcTime", "970801000000Z",
+ 1);
- result=asn1_write_value(crl,"tbsCertList.nextUpdate","utcTime",1);
- result=asn1_write_value(crl,"tbsCertList.nextUpdate.utcTime","970808000000Z",1);
+ result = asn1_write_value (crl, "tbsCertList.nextUpdate", "utcTime", 1);
+ result =
+ asn1_write_value (crl, "tbsCertList.nextUpdate.utcTime", "970808000000Z",
+ 1);
/* revokedCertificates */
- result=asn1_write_value(crl,"tbsCertList.revokedCertificates","NEW",1);
- str[0]=18;
- result=asn1_write_value(crl,"tbsCertList.revokedCertificates.?LAST.userCertificate",str,1);
- result=asn1_write_value(crl,"tbsCertList.revokedCertificates.?LAST.revocationDate","utcTime",1);
- result=asn1_write_value(crl,"tbsCertList.revokedCertificates.?LAST.revocationDate.utcTime","970731000000Z",1);
-
- result=asn1_write_value(crl,"tbsCertList.revokedCertificates.?LAST.crlEntryExtensions","NEW",1);
- len = sizeof(str)-1;
- result=asn1_read_value(cert_def,"PKIX1Implicit88.id-ce-cRLReasons",
- str,&len);
- result=asn1_write_value(crl,"tbsCertList.revokedCertificates.?LAST.crlEntryExtensions.?LAST.extnID",str,1); /* reasonCode */
- result=asn1_write_value(crl,"tbsCertList.revokedCertificates.?LAST.crlEntryExtensions.?LAST.critical","FALSE",1);
- str2="\x0a\x01\x01";
- result=asn1_write_value(crl,"tbsCertList.revokedCertificates.?LAST.crlEntryExtensions.?LAST.extnValue",str2,3);
+ result =
+ asn1_write_value (crl, "tbsCertList.revokedCertificates", "NEW", 1);
+ str[0] = 18;
+ result =
+ asn1_write_value (crl,
+ "tbsCertList.revokedCertificates.?LAST.userCertificate",
+ str, 1);
+ result =
+ asn1_write_value (crl,
+ "tbsCertList.revokedCertificates.?LAST.revocationDate",
+ "utcTime", 1);
+ result =
+ asn1_write_value (crl,
+ "tbsCertList.revokedCertificates.?LAST.revocationDate.utcTime",
+ "970731000000Z", 1);
+
+ result =
+ asn1_write_value (crl,
+ "tbsCertList.revokedCertificates.?LAST.crlEntryExtensions",
+ "NEW", 1);
+ len = sizeof (str) - 1;
+ result = asn1_read_value (cert_def, "PKIX1Implicit88.id-ce-cRLReasons",
+ str, &len);
+ result = asn1_write_value (crl, "tbsCertList.revokedCertificates.?LAST.crlEntryExtensions.?LAST.extnID", str, 1); /* reasonCode */
+ result =
+ asn1_write_value (crl,
+ "tbsCertList.revokedCertificates.?LAST.crlEntryExtensions.?LAST.critical",
+ "FALSE", 1);
+ str2 = "\x0a\x01\x01";
+ result =
+ asn1_write_value (crl,
+ "tbsCertList.revokedCertificates.?LAST.crlEntryExtensions.?LAST.extnValue",
+ str2, 3);
/* crlExtensions */
- result=asn1_write_value(crl,"tbsCertList.crlExtensions",NULL,0);
+ result = asn1_write_value (crl, "tbsCertList.crlExtensions", NULL, 0);
/* signatureAlgorithm: dsa-with-sha */
- len = sizeof(str)-1;
- result=asn1_read_value(cert_def,"PKIX1Implicit88.id-dsa-with-sha1",str,&len);
- result=asn1_write_value(crl,"signatureAlgorithm.algorithm",str,1);
- result=asn1_write_value(crl,"signatureAlgorithm.parameters",NULL,0); /* NO OPTION */
+ len = sizeof (str) - 1;
+ result =
+ asn1_read_value (cert_def, "PKIX1Implicit88.id-dsa-with-sha1", str, &len);
+ result = asn1_write_value (crl, "signatureAlgorithm.algorithm", str, 1);
+ result = asn1_write_value (crl, "signatureAlgorithm.parameters", NULL, 0); /* NO OPTION */
/* signature */
- *der_len=max_len;
- result=asn1_der_coding(crl,"tbsCertList",der,der_len,errorDescription);
- if(result!=ASN1_SUCCESS){
- printf("\n'tbsCertList' encoding creation: ERROR\n");
- return;
- }
+ *der_len = max_len;
+ result =
+ asn1_der_coding (crl, "tbsCertList", der, der_len, errorDescription);
+ if (result != ASN1_SUCCESS)
+ {
+ printf ("\n'tbsCertList' encoding creation: ERROR\n");
+ return;
+ }
/* add the lines for the signature on der[0]..der[der_len-1]: result in str2 */
- result=asn1_write_value(crl,"signature",str2,46*8);
-
+ result = asn1_write_value (crl, "signature", str2, 46 * 8);
+
/* Use the next 3 lines to visit the certificate */
/* printf("-----------------\n");
asn1_visit_tree(crl,"");
printf("-----------------\n"); */
- *der_len=max_len;
- result=asn1_der_coding(crl,"",der,der_len,errorDescription);
- if(result!=ASN1_SUCCESS){
- printf("\n'crl1' encoding creation: ERROR\n");
- return;
- }
-
- /* Print the 'Certificate1' DER encoding */
- printf("-----------------\nCrl1 Encoding:\nNumber of bytes=%i\n",*der_len);
- for(k=0;k<*der_len;k++) printf("%02x ",der[k]);
- printf("\n-----------------\n");
+ *der_len = max_len;
+ result = asn1_der_coding (crl, "", der, der_len, errorDescription);
+ if (result != ASN1_SUCCESS)
+ {
+ printf ("\n'crl1' encoding creation: ERROR\n");
+ return;
+ }
+
+ /* Print the 'Certificate1' DER encoding */
+ printf ("-----------------\nCrl1 Encoding:\nNumber of bytes=%i\n",
+ *der_len);
+ for (k = 0; k < *der_len; k++)
+ printf ("%02x ", der[k]);
+ printf ("\n-----------------\n");
/* Clear the "certificate1" structure */
- asn1_delete_structure(&crl);
+ asn1_delete_structure (&crl);
}
@@ -347,48 +434,52 @@ create_CRL(ASN1_TYPE cert_def, unsigned char *der,int *der_len)
/* string */
/* Parameters: */
/* unsigned char *der: the encoding string */
-/* int der_len: number of bytes of der string */
+/* int der_len: number of bytes of der string */
/******************************************************/
static void
-get_CRL(ASN1_TYPE cert_def,unsigned char *der,int der_len)
+get_CRL (ASN1_TYPE cert_def, unsigned char *der, int der_len)
{
- int result,len,start,end;
- unsigned char str[1024],str2[1024];
- ASN1_TYPE crl2=ASN1_TYPE_EMPTY;
+ int result, len, start, end;
+ unsigned char str[1024], str2[1024];
+ ASN1_TYPE crl2 = ASN1_TYPE_EMPTY;
char errorDescription[ASN1_MAX_ERROR_DESCRIPTION_SIZE];
- asn1_create_element(cert_def,"PKIX1Implicit88.CertificateList",&crl2);
+ asn1_create_element (cert_def, "PKIX1Implicit88.CertificateList", &crl2);
+
+ result = asn1_der_decoding (&crl2, der, der_len, errorDescription);
+
+ if (result != ASN1_SUCCESS)
+ {
+ printf ("Problems with DER encoding\n");
+ return;
+ }
- result=asn1_der_decoding(&crl2,der,der_len,errorDescription);
-
- if(result!=ASN1_SUCCESS){
- printf("Problems with DER encoding\n");
- return;
- }
-
/* issuer */
- get_Name_type(cert_def,crl2,"tbsCertList.issuer",str);
- printf("crl2:\nissuer: %s\n",str);
+ get_Name_type (cert_def, crl2, "tbsCertList.issuer", str);
+ printf ("crl2:\nissuer: %s\n", str);
/* Verify sign */
- len = sizeof(str)-1;
- result=asn1_read_value(crl2,"signatureAlgorithm.algorithm",str,&len);
+ len = sizeof (str) - 1;
+ result = asn1_read_value (crl2, "signatureAlgorithm.algorithm", str, &len);
- result=asn1_read_value(cert_def,"PKIX1Implicit88.id-dsa-with-sha1",str2,&len);
- if(!strcmp(str,str2)){ /* dsa-with-sha */
+ result =
+ asn1_read_value (cert_def, "PKIX1Implicit88.id-dsa-with-sha1", str2,
+ &len);
+ if (!strcmp (str, str2))
+ { /* dsa-with-sha */
- result=asn1_der_decoding_startEnd(crl2,der,der_len,
- "tbsCertList",&start,&end);
+ result = asn1_der_decoding_startEnd (crl2, der, der_len,
+ "tbsCertList", &start, &end);
- /* add the lines to calculate the sha on der[start]..der[end] */
+ /* add the lines to calculate the sha on der[start]..der[end] */
- result=asn1_read_value(crl2,"signature",str,&len);
+ result = asn1_read_value (crl2, "signature", str, &len);
- /* compare the previous value to signature ( with issuer public key) */
- }
+ /* compare the previous value to signature ( with issuer public key) */
+ }
/* Use the next 3 lines to visit the certificate */
/* printf("-----------------\n");
@@ -397,7 +488,7 @@ get_CRL(ASN1_TYPE cert_def,unsigned char *der,int der_len)
/* Clear the "crl2" structure */
- asn1_delete_structure(&crl2);
+ asn1_delete_structure (&crl2);
}
extern const ASN1_ARRAY_TYPE pkix_asn1_tab[];
@@ -406,50 +497,44 @@ extern const ASN1_ARRAY_TYPE pkix_asn1_tab[];
/* Function : main */
/* Description: reads the certificate description. */
/* Creates a certificate and calculate */
-/* the der encoding. After that creates */
+/* the der encoding. After that creates */
/* another certificate from der string */
/********************************************************/
int
-main(int argc,char *argv[])
+main (int argc, char *argv[])
{
- int result,der_len;
+ int result, der_len;
unsigned char der[1024];
- ASN1_TYPE PKIX1Implicit88=ASN1_TYPE_EMPTY;
+ ASN1_TYPE PKIX1Implicit88 = ASN1_TYPE_EMPTY;
char errorDescription[ASN1_MAX_ERROR_DESCRIPTION_SIZE];
- if(1)
- result=asn1_array2tree(pkix_asn1_tab,&PKIX1Implicit88,errorDescription);
+ if (1)
+ result =
+ asn1_array2tree (pkix_asn1_tab, &PKIX1Implicit88, errorDescription);
else
- result=asn1_parser2tree("pkix.asn",&PKIX1Implicit88,errorDescription);
-
- if(result != ASN1_SUCCESS){
- asn1_perror(result);
- printf("%s\n",errorDescription);
- exit(1);
- }
-
+ result =
+ asn1_parser2tree ("pkix.asn", &PKIX1Implicit88, errorDescription);
+
+ if (result != ASN1_SUCCESS)
+ {
+ asn1_perror (result);
+ printf ("%s\n", errorDescription);
+ exit (1);
+ }
+
/* Use the following 3 lines to visit the PKIX1Implicit structures */
/* printf("-----------------\n");
asn1_visit_tree(cert_def,"PKIX1Implicit88");
printf("-----------------\n"); */
- der_len=1024;
- create_CRL(PKIX1Implicit88,der,&der_len);
+ der_len = 1024;
+ create_CRL (PKIX1Implicit88, der, &der_len);
- get_CRL(PKIX1Implicit88,der,der_len);
+ get_CRL (PKIX1Implicit88, der, der_len);
/* Clear the "PKIX1Implicit88" structures */
- asn1_delete_structure(&PKIX1Implicit88);
+ asn1_delete_structure (&PKIX1Implicit88);
return 0;
}
-
-
-
-
-
-
-
-
-
View Lorry Controller Status