Back to index

nordugrid-arc-nox  1.1.0~rc6
testcertinfo.cpp
Go to the documentation of this file.
00001 #include <stdlib.h>
00002 #include <stdexcept>
00003 #include <iostream>
00004 #include <string>
00005 #include <openssl/asn1.h>
00006 #include <openssl/pem.h>
00007 #include <openssl/x509.h>
00008 #include <openssl/x509v3.h>
00009 #include <openssl/pkcs12.h>
00010 #include <openssl/err.h>
00011 
00012 #include "CertUtil.h"
00013 #include "Credential.h"
00014 
00015   X509_EXTENSION* CreateExtension(std::string& name, std::string& data, bool crit) {
00016     X509_EXTENSION*   ext = NULL;
00017     ASN1_OBJECT*      ext_obj = NULL;
00018     ASN1_OCTET_STRING*  ext_oct = NULL;
00019 
00020     if(!(ext_obj = OBJ_nid2obj(OBJ_txt2nid((char *)(name.c_str()))))) {
00021       std::cerr<<"Can not convert string into ASN1_OBJECT"<<std::endl;
00022       return NULL;
00023     }
00024 
00025     ext_oct = ASN1_OCTET_STRING_new();
00026 
00027     ext_oct->data = (unsigned char*) malloc(data.size());
00028     memcpy(ext_oct->data, data.c_str(), data.size());
00029     ext_oct->length = data.size();
00030 
00031     if (!(ext = X509_EXTENSION_create_by_OBJ(NULL, ext_obj, crit, ext_oct))) {
00032       std::cerr<<"Can not create extension for proxy certificate"<<std::endl;
00033       if(ext_oct) ASN1_OCTET_STRING_free(ext_oct);
00034       if(ext_obj) ASN1_OBJECT_free(ext_obj);
00035       return NULL;
00036     }
00037 
00038     ext_oct = NULL;
00039     return ext;
00040   }
00041 
00042 
00043 int main(void) {
00044    BIO* certbio;
00045    FILE* file;
00046    certbio = BIO_new(BIO_s_file());
00047    file = fopen("./proxy1.pem", "r");
00048    BIO_set_fp(certbio, file, BIO_NOCLOSE);
00049    int res;
00050 
00051    X509* cert;
00052    if(!(cert = PEM_read_bio_X509(certbio, NULL, NULL, NULL))) {
00053       std::cerr<<"PEM_read_bio_X509 failed"<<std::endl;
00054     }
00055 
00056     //if(!(d2i_X509_REQ_bio(reqbio, &req_))) {
00057     //  credentialLogger.msg(ERROR, "Can't convert X509_REQ struct from DER encoded to internal form");
00058     //  LogError(); return false;
00059     //}
00060 
00061    Arc::Credential::InitProxyCertInfo();
00062 
00063    X509_EXTENSION* ext = NULL;
00064    int certinfo_v3_NID, certinfo_v4_NID;
00065 
00066    ArcCredential::PROXYCERTINFO * cert_info = NULL;
00067    //Get the PROXYCERTINFO from cert' extension
00068    certinfo_v3_NID = OBJ_sn2nid("PROXYCERTINFO_V3");
00069    certinfo_v4_NID = OBJ_sn2nid("PROXYCERTINFO_V4");
00070 
00071    res = X509_get_ext_by_NID(cert, certinfo_v3_NID, -1);
00072    if (res == -1) X509_get_ext_by_NID(cert, certinfo_v4_NID, -1);
00073 
00074    if (res != -1) ext = X509_get_ext(cert,res);
00075    
00076    if (ext) cert_info = (ArcCredential::PROXYCERTINFO*) X509V3_EXT_d2i(ext);
00077 
00078    //X509V3_EXT_METHOD*  ext_method = X509V3_EXT_get_nid(certinfo_v3_NID);
00079    //unsigned char* data = ext->value->data;
00080    //cert_info = (ArcCredential::PROXYCERTINFO*)ext_method->d2i(NULL, (unsigned char **) &data, ext->value->length);
00081 
00082    if (cert_info == NULL) std::cerr<<"1. Can not convert DER encode PROXYCERTINFO extension to internal format"<<std::endl; 
00083 
00084    FILE* fp = fopen("./proxycertinfo1", "a");
00085    PROXYCERTINFO_print_fp(fp, cert_info);
00086 
00087    int l = PROXYCERTINFO_get_path_length(cert_info);
00088    std::cout<<"Path length: "<<l<<std::endl;
00089 
00090    const X509V3_EXT_METHOD* ext_method1 = X509V3_EXT_get_nid(certinfo_v3_NID);
00091    int length = ext_method1->i2d(cert_info, NULL);
00092    std::cout<<"Length of proxy cert info: "<<length<<std::endl;
00093    unsigned char* data1 = NULL;
00094    data1 = (unsigned char*) malloc(length);
00095 
00096    unsigned char* derdata;
00097    derdata = data1;
00098    length = ext_method1->i2d(cert_info, &derdata);
00099    std::cout<<"Length of proxy cert info: "<<length<<" Data: "; for(int j =0; j< length; j++)std::cout<<data1[j];  std::cout<<std::endl;
00100  
00101 
00102    std::cout<<"Original cert info: ";
00103    for(int i = 0; i<length; i++) std::cout<<data1[i]; std::cout<<std::endl;
00104    std::string ext_data((char*)data1, length); free(data1);
00105    std::cout<<"Proxy cert info:" <<ext_data<<std::endl;
00106    std::string cert_sn = "PROXYCERTINFO_V3";
00107    X509_EXTENSION* ext2 = CreateExtension(cert_sn, ext_data, 1);
00108   
00109 
00110    //ASN1_OCTET_STRING* ext_data = ASN1_OCTET_STRING_new();
00111    //if(!ASN1_OCTET_STRING_set(ext_data, data1, length)) std::cerr<<"Error when set ext data"<<std::endl;
00112    //free(data1);
00113    //X509_EXTENSION* ext2 = X509_EXTENSION_create_by_NID(NULL, certinfo_v3_NID, 1, ext_data);
00114    //ASN1_OCTET_STRING_free(ext_data);
00115 
00116 
00117    ArcCredential::PROXYCERTINFO * cert_info2;
00118    const X509V3_EXT_METHOD* ext_method2 = X509V3_EXT_get_nid(certinfo_v3_NID);
00119    unsigned char* data2 = ext2->value->data;
00120 #if(OPENSSL_VERSION_NUMBER >= 0x0090800fL)
00121    cert_info2 = (ArcCredential::PROXYCERTINFO*)ext_method2->d2i(NULL, (const unsigned char**) &data2, ext2->value->length);
00122 #else 
00123    cert_info2 = (ArcCredential::PROXYCERTINFO*)ext_method2->d2i(NULL, (unsigned char**) &data2, ext2->value->length);
00124 #endif
00125    //cert_info2 = (ArcCredential::PROXYCERTINFO*)X509V3_EXT_d2i(ext2);
00126    
00127    if (cert_info2 == NULL) std::cerr<<"2. Can not convert DER encode PROXYCERTINFO extension to internal format"<<std::endl;
00128 
00129 
00130    FILE* fp1 = fopen("./proxycertinfo3", "a");
00131    PROXYCERTINFO_print_fp(fp1, cert_info2);
00132 
00133 
00134 }
00135