[0aaa651] | 1 | #include <creddy.h> |
---|
| 2 | |
---|
| 3 | #include "creddy_common.h" |
---|
| 4 | |
---|
[08e7235] | 5 | #include <credentials/certificates/ac.h> |
---|
| 6 | |
---|
[405bba3] | 7 | // helper |
---|
| 8 | static void _print_validity(time_t not_before, time_t not_after); |
---|
| 9 | |
---|
[0aaa651] | 10 | void display_main(options_t *opts) { |
---|
| 11 | if (opts->cert == NULL) |
---|
| 12 | usage(opts); |
---|
| 13 | |
---|
| 14 | char *show = opts->show; |
---|
| 15 | if (show == NULL) |
---|
| 16 | usage(opts); |
---|
| 17 | |
---|
| 18 | int show_issuer = 0; |
---|
[b19d1f0] | 19 | int show_subject = 0; |
---|
[405bba3] | 20 | int show_validity = 0; |
---|
[08e7235] | 21 | int show_roles = 0; |
---|
[0aaa651] | 22 | char *opt; |
---|
| 23 | |
---|
| 24 | while ((opt = strsep(&show, ",")) != NULL) { |
---|
| 25 | if (strcmp(opt, "issuer") == 0) |
---|
| 26 | show_issuer = 1; |
---|
[b19d1f0] | 27 | else if (strcmp(opt, "subject") == 0) |
---|
| 28 | show_subject = 1; |
---|
[405bba3] | 29 | else if (strcmp(opt, "validity") == 0) |
---|
| 30 | show_validity = 1; |
---|
[08e7235] | 31 | else if (strcmp(opt, "roles") == 0) |
---|
| 32 | show_roles = 1; |
---|
[0aaa651] | 33 | else if (strcmp(opt, "all") == 0) { |
---|
| 34 | show_issuer = 1; |
---|
[b19d1f0] | 35 | show_subject = 1; |
---|
[405bba3] | 36 | show_validity = 1; |
---|
[08e7235] | 37 | show_roles = 1; |
---|
[0aaa651] | 38 | } |
---|
| 39 | else { |
---|
| 40 | printf("Error: Unknown option to --show: %s\n", opt); |
---|
| 41 | usage(opts); |
---|
| 42 | } |
---|
| 43 | } |
---|
| 44 | |
---|
| 45 | // first try ID cert |
---|
| 46 | creddy_id_t *id = creddy_id_from_file(opts->cert); |
---|
| 47 | if (id != NULL) { |
---|
| 48 | if (show_issuer) { |
---|
| 49 | char *issuer = creddy_id_issuer(id); |
---|
[405bba3] | 50 | printf("Issuer: %s\n", issuer); |
---|
| 51 | free(issuer); |
---|
| 52 | } |
---|
| 53 | |
---|
[b19d1f0] | 54 | if (show_subject) { |
---|
| 55 | char *subject = creddy_id_subject(id); |
---|
| 56 | printf("Subject: %s\n", subject); |
---|
| 57 | free(subject); |
---|
| 58 | } |
---|
| 59 | |
---|
[405bba3] | 60 | if (show_validity) { |
---|
| 61 | time_t not_before, not_after; |
---|
| 62 | creddy_id_validity(id, ¬_before, ¬_after); |
---|
| 63 | _print_validity(not_before, not_after); |
---|
[0aaa651] | 64 | } |
---|
| 65 | |
---|
| 66 | creddy_id_free(id); |
---|
| 67 | return; |
---|
| 68 | } |
---|
| 69 | |
---|
| 70 | // then try attribute cert |
---|
| 71 | certificate_t *ac = lib->creds->create(lib->creds, |
---|
| 72 | CRED_CERTIFICATE, CERT_X509_AC, |
---|
| 73 | BUILD_FROM_FILE, opts->cert, |
---|
| 74 | BUILD_END |
---|
| 75 | ); |
---|
| 76 | if (ac != NULL) { |
---|
| 77 | if (show_issuer) |
---|
[405bba3] | 78 | printf("Issuer: %Y\n", ac->get_issuer(ac)); |
---|
| 79 | |
---|
[b19d1f0] | 80 | if (show_subject) |
---|
| 81 | printf("Subject: %Y\n", ac->get_subject(ac)); |
---|
| 82 | |
---|
[405bba3] | 83 | if (show_validity) { |
---|
| 84 | time_t not_before, not_after; |
---|
| 85 | ac->get_validity(ac, NULL, ¬_before, ¬_after); |
---|
| 86 | _print_validity(not_before, not_after); |
---|
| 87 | } |
---|
[0aaa651] | 88 | |
---|
[08e7235] | 89 | if (show_roles) { |
---|
| 90 | ac_t *attr_cert = (ac_t *)ac; |
---|
| 91 | ietf_attributes_t *attr = attr_cert->get_groups(attr_cert); |
---|
| 92 | if (attr == NULL) |
---|
| 93 | errx(1, "Couldn't get attributes from cert"); |
---|
| 94 | |
---|
| 95 | printf("Roles: %s\n", attr->get_string(attr)); |
---|
| 96 | |
---|
| 97 | DESTROY_IF(attr); |
---|
| 98 | } |
---|
| 99 | |
---|
[0aaa651] | 100 | DESTROY_IF(ac); |
---|
| 101 | return; |
---|
| 102 | } |
---|
| 103 | |
---|
| 104 | // give up if neither works |
---|
| 105 | errx(1, "Couldn't load %s as an ID or attribute cert", opts->cert); |
---|
| 106 | } |
---|
[405bba3] | 107 | |
---|
| 108 | // display the validity period of a cert |
---|
| 109 | static void _print_validity(time_t not_before, time_t not_after) { |
---|
| 110 | char buf[256]; |
---|
| 111 | struct tm time_tm; |
---|
| 112 | |
---|
| 113 | printf("Validity:\n"); |
---|
| 114 | |
---|
| 115 | strftime(buf, sizeof(buf), "%F %T %Z", localtime_r(¬_before, &time_tm)); |
---|
| 116 | printf(" Not before: %s [%lld]\n", buf, (long long)not_before); |
---|
| 117 | |
---|
| 118 | strftime(buf, sizeof(buf), "%F %T %Z", localtime_r(¬_after, &time_tm)); |
---|
| 119 | printf(" Not after: %s [%lld]\n", buf, (long long)not_after); |
---|
| 120 | } |
---|