]> git.saurik.com Git - apple/security.git/blob - SecurityTests/clxutils/krbtool/asnUtils.cpp
projects / apple / security.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Security-57031.30.12.tar.gz
[apple/security.git] / SecurityTests / clxutils / krbtool / asnUtils.cpp
1 /*
2 * Copyright (c) 2004,2006 Apple Computer, Inc. All Rights Reserved.
3 *
4 * @APPLE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. Please obtain a copy of the License at
10 * http://www.opensource.apple.com/apsl/ and read it before using this
11 * file.
12 *
13 * The Original Code and all software distributed under the License are
14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18 * Please see the License for the specific language governing rights and
19 * limitations under the License.
20 *
21 * @APPLE_LICENSE_HEADER_END@
22 */
23
24 /*
25 * asnUtils.cpp - ASN.1-related utilities.
26 *
27 * Created 20 May 2004 by Doug Mitchell.
28 */
29 #include "asnUtils.h"
30 #include <Security/nameTemplates.h>
31 #include <Security/SecAsn1Coder.h>
32 #include <string.h>
33 #include <stdio.h>
34 #include <Security/Security.h>
35 #include <Security/oidsattr.h>
36 #include <security_cdsa_utils/cuCdsaUtils.h>
37
38 static CSSM_CL_HANDLE gClHand = 0;
39
40 static CSSM_CL_HANDLE getClHand()
41 {
42 if(gClHand) {
43 return gClHand;
44 }
45 gClHand = cuClStartup();
46 return gClHand;
47 }
48
49 unsigned pkiNssArraySize(
50 const void **array)
51 {
52 unsigned count = 0;
53 if (array) {
54 while (*array++) {
55 count++;
56 }
57 }
58 return count;
59 }
60
61 bool compareCssmData(
62 const CSSM_DATA *data1,
63 const CSSM_DATA *data2)
64 {
65 if((data1 == NULL) || (data1->Data == NULL) ||
66 (data2 == NULL) || (data2->Data == NULL) ||
67 (data1->Length != data2->Length)) {
68 return false;
69 }
70 if(data1->Length != data2->Length) {
71 return false;
72 }
73 if(memcmp(data1->Data, data2->Data, data1->Length) == 0) {
74 return true;
75 }
76 else {
77 return false;
78 }
79 }
80
81 void printString(
82 const CSSM_DATA *str)
83 {
84 unsigned i;
85 char *cp = (char *)str->Data;
86 for(i=0; i<str->Length; i++) {
87 printf("%c", *cp++);
88 }
89 printf("\n");
90 }
91
92 void printData(
93 const CSSM_DATA *cd)
94 {
95 for(unsigned dex=0; dex<cd->Length; dex++) {
96 printf("%02X", cd->Data[dex]);
97 if((dex % 4) == 3) {
98 printf(" ");
99 }
100 }
101 printf("\n");
102 }
103
104 /*
105 * Print an NSS_ATV
106 */
107 void printAtv(
108 const NSS_ATV *atv)
109 {
110 const CSSM_OID *oid = &atv->type;
111 const char *fieldName = "Other";
112 if(compareCssmData(oid, &CSSMOID_CountryName)) {
113 fieldName = "Country ";
114 }
115 else if(compareCssmData(oid, &CSSMOID_OrganizationName)) {
116 fieldName = "Org ";
117 }
118 else if(compareCssmData(oid, &CSSMOID_LocalityName)) {
119 fieldName = "Locality ";
120 }
121 else if(compareCssmData(oid, &CSSMOID_OrganizationalUnitName)) {
122 fieldName = "OrgUnit ";
123 }
124 else if(compareCssmData(oid, &CSSMOID_CommonName)) {
125 fieldName = "Common Name ";
126 }
127 else if(compareCssmData(oid, &CSSMOID_Surname)) {
128 fieldName = "Surname ";
129 }
130 else if(compareCssmData(oid, &CSSMOID_Title)) {
131 fieldName = "Title ";
132 }
133 else if(compareCssmData(oid, &CSSMOID_Surname)) {
134 fieldName = "Surname ";
135 }
136 else if(compareCssmData(oid, &CSSMOID_StateProvinceName)) {
137 fieldName = "State ";
138 }
139 else if(compareCssmData(oid, &CSSMOID_CollectiveStateProvinceName)) {
140 fieldName = "Coll. State ";
141 }
142 else if(compareCssmData(oid, &CSSMOID_EmailAddress)) {
143 /* deprecated, used by Thawte */
144 fieldName = "Email addrs ";
145 }
146 else {
147 fieldName = "Other name ";
148 }
149 printf(" %s : ", fieldName);
150 switch(atv->value.tag) {
151 case SEC_ASN1_PRINTABLE_STRING:
152 case SEC_ASN1_IA5_STRING:
153 case SEC_ASN1_T61_STRING: // mostly printable....
154 case SEC_ASN1_UTF8_STRING: // ditto
155 printString(&atv->value.item);
156 break;
157 default:
158 printData(&atv->value.item);
159 break;
160 }
161 }
162
163 /*
164 * Print contents of an encoded Name (e.g. from an IssuerAndSerialNumber).
165 */
166 void printName(
167 const char *title,
168 unsigned char *name,
169 unsigned nameLen)
170 {
171 SecAsn1CoderRef coder;
172 if(SecAsn1CoderCreate(&coder)) {
173 printf("*****Screwup in SecAsn1CoderCreate\n");
174 return;
175 }
176 CSSM_DATA der = {nameLen, name};
177 NSS_Name nssName;
178
179 if(SecAsn1DecodeData(coder, &der, kSecAsn1NameTemplate, &nssName)) {
180 printf("***Error decoding %s\n", title);
181 return;
182 }
183 printf(" %s:\n", title);
184 unsigned numRdns = pkiNssArraySize((const void **)nssName.rdns);
185 for(unsigned rdnDex=0; rdnDex<numRdns; rdnDex++) {
186 NSS_RDN *rdn = nssName.rdns[rdnDex];
187 unsigned numAtvs = pkiNssArraySize((const void **)rdn->atvs);
188 for(unsigned atvDex=0; atvDex<numAtvs; atvDex++) {
189 printAtv(rdn->atvs[atvDex]);
190 }
191 }
192 }
193
194 static void printOneCertName(
195 CSSM_CL_HANDLE clHand,
196 CSSM_HANDLE cacheHand,
197 const char *title,
198 const CSSM_OID *oid)
199 {
200 CSSM_HANDLE resultHand = 0;
201 CSSM_DATA_PTR field = NULL;
202 uint32 numFields;
203 CSSM_RETURN crtn;
204
205 crtn = CSSM_CL_CertGetFirstCachedFieldValue(clHand, cacheHand,
206 oid, &resultHand, &numFields, &field);
207 if(crtn) {
208 printf("***Error parsing cert\n");
209 cssmPerror("CSSM_CL_CertGetFirstCachedFieldValue", crtn);
210 return;
211 }
212 printName(title, field->Data, field->Length);
213 CSSM_CL_FreeFieldValue(clHand, oid, field);
214 }
215
216 /*
217 * Print subject and/or issuer of a cert.
218 */
219 void printCertName(
220 const unsigned char *cert,
221 unsigned certLen,
222 WhichName whichName)
223 {
224 CSSM_CL_HANDLE clHand = getClHand();
225 CSSM_HANDLE cacheHand;
226 CSSM_DATA certData = {certLen, (uint8 *)cert};
227 CSSM_RETURN crtn;
228 bool printSubj = false;
229 bool printIssuer = false;
230
231 switch(whichName) {
232 case NameBoth:
233 printSubj = true;
234 printIssuer = true;
235 break;
236 case NameSubject:
237 printSubj = true;
238 break;
239 case NameIssuer:
240 printIssuer = true;
241 break;
242 default:
243 printf("***BRRZAP! Illegal whichName argument\n");
244 return;
245 }
246
247 crtn = CSSM_CL_CertCache(clHand, &certData, &cacheHand);
248 if(crtn) {
249 printf("***Error parsing cert\n");
250 cssmPerror("CSSM_CL_CertCache", crtn);
251 return;
252 }
253
254 if(printSubj) {
255 printOneCertName(clHand, cacheHand, "Subject", &CSSMOID_X509V1SubjectNameStd);
256 }
257 if(printIssuer) {
258 printOneCertName(clHand, cacheHand, "Issuer", &CSSMOID_X509V1IssuerNameStd);
259 }
260 CSSM_CL_CertAbortCache(clHand, cacheHand);
261 return;
262 }
mirror of Security