void SECU_PrintPolicy(FILE *out, SECItem *value, char *msg, int level) { CERTCertificatePolicies *policies = NULL; CERTPolicyInfo **policyInfos; if (msg) { SECU_Indent(out, level); fprintf(out,"%s: \n",msg); level++; } policies = secu_DecodeCertificatePoliciesExtension(value); if (policies == NULL) { SECU_PrintAny(out, value, "Invalid Policy Data", level); return; } policyInfos = policies->policyInfos; while (policyInfos && *policyInfos != NULL) { secu_PrintPolicyInfo(out,*policyInfos,"",level); policyInfos++; } CERT_DestroyCertificatePoliciesExtension(policies); }
void SECU_PrintPrivKeyUsagePeriodExtension(FILE *out, SECItem *value, char *msg, int level) { CERTPrivKeyUsagePeriod * prd; PLArenaPool * arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); if ( !arena ) { goto loser; } prd = CERT_DecodePrivKeyUsagePeriodExtension(arena, value); if (!prd) { goto loser; } if (prd->notBefore.data) { SECU_PrintGeneralizedTime(out, &prd->notBefore, "Not Before", level); } if (prd->notAfter.data) { SECU_PrintGeneralizedTime(out, &prd->notAfter, "Not After ", level); } if (!prd->notBefore.data && !prd->notAfter.data) { SECU_Indent(out, level); fprintf(out, "Error: notBefore or notAfter MUST be present.\n"); loser: SECU_PrintAny(out, value, msg, level); } if (arena) { PORT_FreeArena(arena, PR_FALSE); } }
static SECStatus secu_PrintPolicyQualifier(FILE *out,CERTPolicyQualifier *policyQualifier, char *msg,int level) { SECStatus rv; SECItem * qualifierValue = &policyQualifier->qualifierValue; SECU_PrintObjectID(out, &policyQualifier->qualifierID , "Policy Qualifier Name", level); if (!qualifierValue->data) { SECU_Indent(out, level); fprintf(out,"Error: missing qualifier\n"); } else switch (policyQualifier->oid) { case SEC_OID_PKIX_USER_NOTICE_QUALIFIER: rv = secu_PrintUserNoticeQualifier(out, qualifierValue, msg, level); if (SECSuccess == rv) break; /* fall through on error */ case SEC_OID_PKIX_CPS_POINTER_QUALIFIER: default: SECU_PrintAny(out, qualifierValue, "Policy Qualifier Data", level); break; } return SECSuccess; }
int main(int argc, char **argv) { int rv, ascii; char *progName; FILE *outFile; PRFileDesc *inFile; SECItem der, data; char *typeTag; PLOptState *optstate; progName = strrchr(argv[0], '/'); progName = progName ? progName+1 : argv[0]; ascii = 0; inFile = 0; outFile = 0; typeTag = 0; optstate = PL_CreateOptState(argc, argv, "at:i:o:"); while ( PL_GetNextOpt(optstate) == PL_OPT_OK ) { switch (optstate->option) { case '?': Usage(progName); break; case 'a': ascii = 1; break; case 'i': inFile = PR_Open(optstate->value, PR_RDONLY, 0); if (!inFile) { fprintf(stderr, "%s: unable to open \"%s\" for reading\n", progName, optstate->value); return -1; } break; case 'o': outFile = fopen(optstate->value, "w"); if (!outFile) { fprintf(stderr, "%s: unable to open \"%s\" for writing\n", progName, optstate->value); return -1; } break; case 't': typeTag = strdup(optstate->value); break; } } PL_DestroyOptState(optstate); if (!typeTag) Usage(progName); if (!inFile) inFile = PR_STDIN; if (!outFile) outFile = stdout; PR_Init(PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1); rv = NSS_NoDB_Init(NULL); if (rv != SECSuccess) { fprintf(stderr, "%s: NSS_NoDB_Init failed (%s)\n", progName, SECU_Strerror(PORT_GetError())); exit(1); } SECU_RegisterDynamicOids(); rv = SECU_ReadDERFromFile(&der, inFile, ascii, PR_FALSE); if (rv != SECSuccess) { fprintf(stderr, "%s: SECU_ReadDERFromFile failed\n", progName); exit(1); } /* Data is untyped, using the specified type */ data.data = der.data; data.len = der.len; /* Pretty print it */ if (PORT_Strcmp(typeTag, SEC_CT_CERTIFICATE) == 0) { rv = SECU_PrintSignedData(outFile, &data, "Certificate", 0, SECU_PrintCertificate); } else if (PORT_Strcmp(typeTag, SEC_CT_CERTIFICATE_ID) == 0) { PRBool saveWrapeState = SECU_GetWrapEnabled(); SECU_EnableWrap(PR_FALSE); rv = SECU_PrintSignedContent(outFile, &data, 0, 0, SECU_PrintDumpDerIssuerAndSerial); SECU_EnableWrap(saveWrapeState); } else if (PORT_Strcmp(typeTag, SEC_CT_CERTIFICATE_REQUEST) == 0) { rv = SECU_PrintSignedData(outFile, &data, "Certificate Request", 0, SECU_PrintCertificateRequest); } else if (PORT_Strcmp (typeTag, SEC_CT_CRL) == 0) { rv = SECU_PrintSignedData (outFile, &data, "CRL", 0, SECU_PrintCrl); #ifdef HAVE_EPV_TEMPLATE } else if (PORT_Strcmp(typeTag, SEC_CT_PRIVATE_KEY) == 0) { rv = SECU_PrintPrivateKey(outFile, &data, "Private Key", 0); #endif } else if (PORT_Strcmp(typeTag, SEC_CT_PUBLIC_KEY) == 0) { rv = SECU_PrintSubjectPublicKeyInfo(outFile, &data, "Public Key", 0); } else if (PORT_Strcmp(typeTag, SEC_CT_PKCS7) == 0) { rv = SECU_PrintPKCS7ContentInfo(outFile, &data, "PKCS #7 Content Info", 0); } else if (PORT_Strcmp(typeTag, SEC_CT_NAME) == 0) { rv = SECU_PrintDERName(outFile, &data, "Name", 0); } else { fprintf(stderr, "%s: don't know how to print out '%s' files\n", progName, typeTag); SECU_PrintAny(outFile, &data, "File contains", 0); return -1; } if (inFile != PR_STDIN) PR_Close(inFile); PORT_Free(der.data); if (rv) { fprintf(stderr, "%s: problem converting data (%s)\n", progName, SECU_Strerror(PORT_GetError())); } if (NSS_Shutdown() != SECSuccess) { fprintf(stderr, "%s: NSS_Shutdown failed (%s)\n", progName, SECU_Strerror(PORT_GetError())); rv = SECFailure; } PR_Cleanup(); return rv; }