/* print cert's label (the one SecCertificate infers) */ OSStatus printCertLabel( SecCertificateRef certRef) { OSStatus ortn; CFStringRef label; ortn = SecCertificateInferLabel(certRef, &label); if(ortn) { cssmPerror("SecCertificateInferLabel", ortn); return ortn; } printCfStr(label); CFRelease(label); return noErr; }
/* * Display a Trust Settings array as obtained from * SecTrustSettingsCopyTrustSettings(). */ static int displayTrustSettings( CFArrayRef trustSettings) { /* must always be there though it may be empty */ if(trustSettings == NULL) { fprintf(stderr, "***displayTrustSettings: missing trust settings array"); return -1; } if(CFGetTypeID(trustSettings) != CFArrayGetTypeID()) { fprintf(stderr, "***displayTrustSettings: malformed trust settings array"); return -1; } int ourRtn = 0; CFIndex numUseConstraints = CFArrayGetCount(trustSettings); indentIncr(); indent(); printf("Number of trust settings : %ld\n", (long)numUseConstraints); OSStatus ortn; SecPolicyRef certPolicy; SecTrustedApplicationRef certApp; CFDictionaryRef ucDict; CFStringRef policyStr; CFNumberRef cfNum; CFIndex ucDex; /* grind thru the trust settings dictionaries */ for(ucDex=0; ucDex<numUseConstraints; ucDex++) { indent(); printf("Trust Setting %ld:\n", (long)ucDex); indentIncr(); ucDict = (CFDictionaryRef)CFArrayGetValueAtIndex(trustSettings, ucDex); if(CFGetTypeID(ucDict) != CFDictionaryGetTypeID()) { fprintf(stderr, "***displayTrustSettings: malformed usage constraints dictionary"); ourRtn = -1; goto nextAp; } /* policy - optional */ certPolicy = (SecPolicyRef)CFDictionaryGetValue(ucDict, kSecTrustSettingsPolicy); if(certPolicy != NULL) { if(CFGetTypeID(certPolicy) != SecPolicyGetTypeID()) { fprintf(stderr, "***displayTrustSettings: malformed certPolicy"); ourRtn = -1; goto nextAp; } CSSM_OID policyOid; ortn = SecPolicyGetOID(certPolicy, &policyOid); if(ortn) { cssmPerror("SecPolicyGetOID", ortn); ourRtn = -1; goto nextAp; } indent(); printf("Policy OID : %s\n", oidToOidString(&policyOid)); } /* app - optional */ certApp = (SecTrustedApplicationRef)CFDictionaryGetValue(ucDict, kSecTrustSettingsApplication); if(certApp != NULL) { if(CFGetTypeID(certApp) != SecTrustedApplicationGetTypeID()) { fprintf(stderr, "***displayTrustSettings: malformed certApp"); ourRtn = -1; goto nextAp; } CFDataRef appPath = NULL; ortn = SecTrustedApplicationCopyData(certApp, &appPath); if(ortn) { cssmPerror("SecTrustedApplicationCopyData", ortn); ourRtn = -1; goto nextAp; } indent(); printf("Application : %s", CFDataGetBytePtr(appPath)); printf("\n"); CFRelease(appPath); } /* policy string */ policyStr = (CFStringRef)CFDictionaryGetValue(ucDict, kSecTrustSettingsPolicyString); if(policyStr != NULL) { if(CFGetTypeID(policyStr) != CFStringGetTypeID()) { fprintf(stderr, "***displayTrustSettings: malformed policyStr"); ourRtn = -1; goto nextAp; } indent(); printf("Policy String : "); printCfStr(policyStr); printf("\n"); } /* Allowed error */ cfNum = (CFNumberRef)CFDictionaryGetValue(ucDict, kSecTrustSettingsAllowedError); if(cfNum != NULL) { if(CFGetTypeID(cfNum) != CFNumberGetTypeID()) { fprintf(stderr, "***displayTrustSettings: malformed allowedError"); ourRtn = -1; goto nextAp; } indent(); printf("Allowed Error : "); printCssmErr(cfNum); printf("\n"); } /* ResultType */ cfNum = (CFNumberRef)CFDictionaryGetValue(ucDict, kSecTrustSettingsResult); if(cfNum != NULL) { if(CFGetTypeID(cfNum) != CFNumberGetTypeID()) { fprintf(stderr, "***displayTrustSettings: malformed ResultType"); ourRtn = -1; goto nextAp; } indent(); printf("Result Type : "); printResultType(cfNum); printf("\n"); } /* key usage */ cfNum = (CFNumberRef)CFDictionaryGetValue(ucDict, kSecTrustSettingsKeyUsage); if(cfNum != NULL) { if(CFGetTypeID(cfNum) != CFNumberGetTypeID()) { fprintf(stderr, "***displayTrustSettings: malformed keyUsage"); ourRtn = -1; goto nextAp; } indent(); printf("Key Usage : "); printKeyUsage(cfNum); printf("\n"); } nextAp: indentDecr(); } indentDecr(); return ourRtn; }