#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include "libtasn1.h"
char *
my_ltostr(long v,char *str)
{
long d,r;
char temp[20];
int count,k,start;
if(v<0){
str[0]='-';
start=1;
v=-v;
}
else start=0;
count=0;
do{
d=v/10;
r=v-d*10;
temp[start+count]='0'+(char)r;
count++;
v=d;
}while(v);
for(k=0;k<count;k++) str[k+start]=temp[start+count-k-1];
str[count+start]=0;
return str;
}
void
get_Name_type(node_asn *cert_def,node_asn *cert,char *root, char *answer)
{
int k,k2,result,len;
char name[128],str[1024],str2[1024],name2[128],counter[5],name3[128];
ASN1_TYPE value=ASN1_TYPE_EMPTY;
char errorDescription[MAX_ERROR_DESCRIPTION_SIZE];
answer[0]=0;
k=1;
do{
strcpy(name,root);
strcat(name,".rdnSequence.?");
my_ltostr(k,counter);
strcat(name,counter);
len = sizeof(str)-1;
result=asn1_read_value(cert,name,str,&len);
if(result==ASN1_ELEMENT_NOT_FOUND) break;
k2=1;
do{
strcpy(name2,name);
strcat(name2,".?");
my_ltostr(k2,counter);
strcat(name2,counter);
len = sizeof(str)-1;
result=asn1_read_value(cert,name2,str,&len);
if(result==ASN1_ELEMENT_NOT_FOUND) break;
strcpy(name3,name2);
strcat(name3,".type");
len = sizeof(str)-1;
result=asn1_read_value(cert,name3,str,&len);
strcpy(name3,name2);
strcat(name3,".value");
if(result==ASN1_SUCCESS){
len = sizeof(str2);
result=asn1_read_value(cert_def,"PKIX1Implicit88.id-at-countryName",
str2,&len);
if(!strcmp(str,str2)){
asn1_create_element(cert_def,"PKIX1Implicit88.X520OrganizationName",
&value);
len = sizeof(str)-1;
asn1_read_value(cert,name3,str,&len);
result=asn1_der_decoding(&value,str,len,errorDescription);
len = sizeof(str)-1;
asn1_read_value(value,"",str,&len);
strcpy(name3,str);
len = sizeof(str)-1;
asn1_read_value(value,name3,str,&len);
str[len]=0;
strcat(answer," C=");
strcat(answer,str);
asn1_delete_structure(&value);
}
else{
len = sizeof(str2);
result=asn1_read_value(cert_def,"PKIX1Implicit88.id-at-organizationName"
,str2,&len);
if(!strcmp(str,str2)){
asn1_create_element(cert_def,"PKIX1Implicit88.X520OrganizationName"
,&value);
len = sizeof(str)-1;
asn1_read_value(cert,name3,str,&len);
asn1_der_decoding(&value,str,len,errorDescription);
len = sizeof(str)-1;
asn1_read_value(value,"",str,&len);
strcpy(name3,str);
len = sizeof(str)-1;
asn1_read_value(value,name3,str,&len);
str[len]=0;
strcat(answer," O=");
strcat(answer,str);
asn1_delete_structure(&value);
}
else{
len = sizeof(str2);
result=asn1_read_value(cert_def,"PKIX1Implicit88.id-at-organizationalUnitName",str2,&len);
if(!strcmp(str,str2)){
asn1_create_element(cert_def,"PKIX1Implicit88.X520OrganizationalUnitName",&value);
len = sizeof(str)-1;
asn1_read_value(cert,name3,str,&len);
asn1_der_decoding(&value,str,len,errorDescription);
len = sizeof(str)-1;
asn1_read_value(value,"",str,&len);
strcpy(name3,str);
len = sizeof(str)-1;
asn1_read_value(value,name3,str,&len);
str[len]=0;
strcat(answer," OU=");
strcat(answer,str);
asn1_delete_structure(&value);
}
}
}
}
k2++;
}while(1);
k++;
}while(1);
}
void
create_CRL(node_asn *cert_def, unsigned char *der,int *der_len)
{
int result,k,len;
unsigned char str[1024],*str2;
ASN1_TYPE crl=ASN1_TYPE_EMPTY;
ASN1_TYPE value=ASN1_TYPE_EMPTY;
char errorDescription[MAX_ERROR_DESCRIPTION_SIZE];
int max_len;
max_len=*der_len;
result=asn1_create_element(cert_def,"PKIX1Implicit88.CertificateList",&crl);
result=asn1_write_value(crl,"tbsCertList.version","v2",0);
len = sizeof(str)-1;
result=asn1_read_value(cert_def,"PKIX1Implicit88.id-dsa-with-sha1",str,&len);
result=asn1_write_value(crl,"tbsCertList.signature.algorithm",str,1);
result=asn1_write_value(crl,"tbsCertList.signature.parameters",NULL,0);
result=asn1_write_value(crl,"tbsCertList.issuer","rdnSequence",1);
result=asn1_write_value(crl,"tbsCertList.issuer.rdnSequence","NEW",1);
result=asn1_write_value(crl,"tbsCertList.issuer.rdnSequence.?LAST","NEW",1);
len = sizeof(str)-1;
result=asn1_read_value(cert_def,"PKIX1Implicit88.id-at-countryName",str,&len);
result=asn1_write_value(crl,"tbsCertList.issuer.rdnSequence.?LAST.?LAST.type",str,1);
result=asn1_create_element(cert_def,"PKIX1Implicit88.X520countryName",
&value);
result=asn1_write_value(value,"","US",2);
*der_len=max_len;
result=asn1_der_coding(value,"",der,der_len,errorDescription);
asn1_delete_structure(&value);
result=asn1_write_value(crl,"tbsCertList.issuer.rdnSequence.?LAST.?LAST.value",der,*der_len);
result=asn1_write_value(crl,"tbsCertList.issuer.rdnSequence","NEW",4);
result=asn1_write_value(crl,"tbsCertList.issuer.rdnSequence.?LAST","NEW",4);
len = sizeof(str)-1;
result=asn1_read_value(cert_def,"PKIX1Implicit88.id-at-organizationName",str,&len);
result=asn1_write_value(crl,"tbsCertList.issuer.rdnSequence.?LAST.?LAST.type",str,8);
result=asn1_create_element(cert_def,"PKIX1Implicit88.X520OrganizationName",
&value);
result=asn1_write_value(value,"","printableString",1);
result=asn1_write_value(value,"printableString","gov",3);
*der_len=max_len;
result=asn1_der_coding(value,"",der,der_len,errorDescription);
asn1_delete_structure(&value);
result=asn1_write_value(crl,"tbsCertList.issuer.rdnSequence.?LAST.?LAST.value",der,*der_len);
result=asn1_write_value(crl,"tbsCertList.issuer.rdnSequence","NEW",1);
result=asn1_write_value(crl,"tbsCertList.issuer.rdnSequence.?LAST","NEW",1);
len = sizeof(str)-1;
result=asn1_read_value(cert_def,"PKIX1Implicit88.id-at-organizationalUnitName",
str,&len);
result=asn1_write_value(crl,"tbsCertList.issuer.rdnSequence.?LAST.?LAST.type",str,1);
result=asn1_create_element(cert_def,"PKIX1Implicit88.X520OrganizationalUnitName",&value);
result=asn1_write_value(value,"","printableString",1);
result=asn1_write_value(value,"printableString","nist",4);
*der_len=max_len;
result=asn1_der_coding(value,"",der,der_len,errorDescription);
asn1_delete_structure(&value);
result=asn1_write_value(crl,"tbsCertList.issuer.rdnSequence.?LAST.?LAST.value",der,*der_len);
result=asn1_write_value(crl,"tbsCertList.thisUpdate","utcTime",1);
result=asn1_write_value(crl,"tbsCertList.thisUpdate.utcTime","970801000000Z",1);
result=asn1_write_value(crl,"tbsCertList.nextUpdate","utcTime",1);
result=asn1_write_value(crl,"tbsCertList.nextUpdate.utcTime","970808000000Z",1);
result=asn1_write_value(crl,"tbsCertList.revokedCertificates","NEW",1);
str[0]=18;
result=asn1_write_value(crl,"tbsCertList.revokedCertificates.?LAST.userCertificate",str,1);
result=asn1_write_value(crl,"tbsCertList.revokedCertificates.?LAST.revocationDate","utcTime",1);
result=asn1_write_value(crl,"tbsCertList.revokedCertificates.?LAST.revocationDate.utcTime","970731000000Z",1);
result=asn1_write_value(crl,"tbsCertList.revokedCertificates.?LAST.crlEntryExtensions","NEW",1);
len = sizeof(str)-1;
result=asn1_read_value(cert_def,"PKIX1Implicit88.id-ce-cRLReasons",
str,&len);
result=asn1_write_value(crl,"tbsCertList.revokedCertificates.?LAST.crlEntryExtensions.?LAST.extnID",str,1);
result=asn1_write_value(crl,"tbsCertList.revokedCertificates.?LAST.crlEntryExtensions.?LAST.critical","FALSE",1);
str2="\x0a\x01\x01";
result=asn1_write_value(crl,"tbsCertList.revokedCertificates.?LAST.crlEntryExtensions.?LAST.extnValue",str2,3);
result=asn1_write_value(crl,"tbsCertList.crlExtensions",NULL,0);
len = sizeof(str)-1;
result=asn1_read_value(cert_def,"PKIX1Implicit88.id-dsa-with-sha1",str,&len);
result=asn1_write_value(crl,"signatureAlgorithm.algorithm",str,1);
result=asn1_write_value(crl,"signatureAlgorithm.parameters",NULL,0);
*der_len=max_len;
result=asn1_der_coding(crl,"tbsCertList",der,der_len,errorDescription);
if(result!=ASN1_SUCCESS){
printf("\n'tbsCertList' encoding creation: ERROR\n");
return;
}
result=asn1_write_value(crl,"signature",str2,46*8);
*der_len=max_len;
result=asn1_der_coding(crl,"",der,der_len,errorDescription);
if(result!=ASN1_SUCCESS){
printf("\n'crl1' encoding creation: ERROR\n");
return;
}
printf("-----------------\nCrl1 Encoding:\nNumber of bytes=%i\n",*der_len);
for(k=0;k<*der_len;k++) printf("%02x ",der[k]);
printf("\n-----------------\n");
asn1_delete_structure(&crl);
}
void
get_CRL(node_asn *cert_def,unsigned char *der,int der_len)
{
int result,len,start,end;
unsigned char str[1024],str2[1024];
ASN1_TYPE crl2=ASN1_TYPE_EMPTY;
char errorDescription[MAX_ERROR_DESCRIPTION_SIZE];
asn1_create_element(cert_def,"PKIX1Implicit88.CertificateList",&crl2);
result=asn1_der_decoding(&crl2,der,der_len,errorDescription);
if(result!=ASN1_SUCCESS){
printf("Problems with DER encoding\n");
return;
}
get_Name_type(cert_def,crl2,"tbsCertList.issuer",str);
printf("crl2:\nissuer: %s\n",str);
len = sizeof(str)-1;
result=asn1_read_value(crl2,"signatureAlgorithm.algorithm",str,&len);
result=asn1_read_value(cert_def,"PKIX1Implicit88.id-dsa-with-sha1",str2,&len);
if(!strcmp(str,str2)){
result=asn1_der_decoding_startEnd(crl2,der,der_len,
"tbsCertList",&start,&end);
result=asn1_read_value(crl2,"signature",str,&len);
}
asn1_delete_structure(&crl2);
}
#include "pkix_asn1_tab.c"
int
main(int argc,char *argv[])
{
int result,der_len;
unsigned char der[1024];
ASN1_TYPE PKIX1Implicit88=ASN1_TYPE_EMPTY;
char errorDescription[MAX_ERROR_DESCRIPTION_SIZE];
if(1)
result=asn1_array2tree(pkix_asn1_tab,&PKIX1Implicit88,errorDescription);
else
result=asn1_parser2tree("pkix.asn",&PKIX1Implicit88,errorDescription);
if(result != ASN1_SUCCESS){
libtasn1_perror(result);
printf("%s\n",errorDescription);
exit(1);
}
der_len=1024;
create_CRL(PKIX1Implicit88,der,&der_len);
get_CRL(PKIX1Implicit88,der,der_len);
asn1_delete_structure(&PKIX1Implicit88);
return 0;
}