/** Determine whether the appropriate context is availale. */ int txward_context_confirm(tx_ward_t *ward, tx_context_t *ctx) { int err; if (!shkey_cmp(&ward->ward_ref, &ctx->ctx_ref)) return (SHERR_INVAL); err = shkey_verify(&ward->ward_sig, shkey_crc(&ctx->ctx_ref), &ctx->ctx_sig, ward->ward_tx.tx_stamp); if (err) return (err); return (0); }
/** Associated a particular context with releasing a ward. */ void txward_context_sign(tx_ward_t *ward, tx_context_t *ctx) { shkey_t *sig_key; if (!ward || !ctx) return; if (!shkey_cmp(&ward->ward_ref, &ctx->ctx_ref)) return (SHERR_INVAL); if (ward->ward_tx.tx_stamp == SHTIME_UNDEFINED) ward->ward_tx.tx_stamp = shtime(); sig_key = shkey_cert(&ctx->ctx_sig, shkey_crc(&ctx->ctx_ref), ward->ward_tx.tx_stamp); memcpy(&ward->ward_sig, sig_key, sizeof(ward->ward_sig)); shkey_free(&sig_key); }
void shcert_print(shcert_t *cert, shbuf_t *pr_buff) { char tbuf1[256]; char tbuf2[256]; char buf[4096]; if (!cert || !pr_buff) return; shbuf_catstr(pr_buff, "Certificate:\n"); shbuf_catstr(pr_buff, " Data:\n"); sprintf(buf, " Version: %d\n", cert->cert_ver); shbuf_catstr(pr_buff, buf); shbuf_catstr(pr_buff, " Serial Number: "); shcert_hex_print(pr_buff, shcert_sub_ser(cert), sizeof(shcert_sub_ser(cert)), ""); sprintf(buf, " Signature Algorithm: %s\n", shsig_alg_str(shcert_iss_alg(cert) | shcert_sub_alg(cert))); shbuf_catstr(pr_buff, buf); sprintf(buf, " Issuer: %s\n", cert->cert_iss.ent_name); shbuf_catstr(pr_buff, buf); strcpy(tbuf1, shctime(shcert_sub_stamp(cert))+4); strcpy(tbuf2, shctime(shcert_sub_expire(cert))+4); sprintf(buf, " Validity: %-20.20s - %-20.20s\n", tbuf1, tbuf2); shbuf_catstr(pr_buff, buf); sprintf(buf, " Subject: %s\n", cert->cert_sub.ent_name); shbuf_catstr(pr_buff, buf); sprintf(buf, " Public Key Algorithm: (%d bit) %s\n", shcert_sub_len(cert) * 8, shsig_alg_str(shcert_sub_alg(cert))); shbuf_catstr(pr_buff, buf); sprintf(buf, " Checksum: %llu\n", shkey_crc(shcert_sub_sig(cert))); sprintf(buf, " 192-Bit: %s\n", shkey_hex(shcert_sub_sig(cert))); shbuf_catstr(pr_buff, buf); if (shcert_sub_alg(cert) & SHKEY_ALG_RSA) { shbuf_catstr(pr_buff, " Modulus:\n"); shcert_hex_print_reverse(pr_buff, cert->cert_sub.ent_sig.key.rsa.mod, cert->cert_sub.ent_sig.key.rsa.mod_len, " "); } shbuf_catstr(pr_buff, " X509v3 extensions:\n"); sprintf(buf, " Basic Constraints: CA=%s\n", (cert->cert_flag & SHCERT_CERT_CHAIN) ? "false" : "true"); shbuf_catstr(pr_buff, buf); if (!shpeer_localhost(&cert->cert_sub.ent_peer)) { sprintf(buf, " Alternate Subject: %s\n", shpeer_print(&cert->cert_sub.ent_peer)); shbuf_catstr(pr_buff, buf); } sprintf(buf, " Extended Usage: %s\n", shcert_flag_str(cert->cert_flag)); shbuf_catstr(pr_buff, buf); sprintf(buf, " Private Signature: %s (%d bytes)\n", shsig_alg_str(shcert_iss_alg(cert)), shcert_iss_len(cert)); shbuf_catstr(pr_buff, buf); if (shcert_iss_alg(cert) & SHKEY_ALG_MD5) { shcert_hex_print(pr_buff, cert->cert_iss.ent_sig.key.md.md, cert->cert_iss.ent_sig.key.md.md_len, " "); } else if (shcert_iss_alg(cert) & SHKEY_ALG_SHA1) { shcert_hex_print(pr_buff, cert->cert_iss.ent_sig.key.sha.sha, cert->cert_iss.ent_sig.key.sha.sha_len, " "); } else if (shcert_iss_alg(cert) & SHKEY_ALG_SHA256) { shcert_hex_print(pr_buff, cert->cert_iss.ent_sig.key.sha.sha, cert->cert_iss.ent_sig.key.sha.sha_len, " "); } else { sprintf(buf, " Checksum: %llu\n", shkey_crc(shcert_iss_sig(cert))); shbuf_catstr(pr_buff, buf); sprintf(buf, " 192-Bit: %s\n", shkey_hex(shcert_iss_sig(cert))); shbuf_catstr(pr_buff, buf); } }