Context Navigation

source: creddy/verify.c @ a334115

mei_rt2mei_rt2_fix_1

Last change on this file since a334115 was dfe6b61, checked in by Mei <mei@…>, 12 years ago
1) added ID_chunk() and Attribute_chunk() to abac.hh
Property mode set to `100644`
File size: 1.8 KB

Line
1	/***
2	verify.c
3
4	to verify attribute credential to see if the issuer is valid,
5	validity time is still within range and signature is valid
6	if attrcert is supplied, it will do signature verification, if
7	both attrcert and cert are of the same, then a self-signing
8	signature verification is done implicitly
9	***/
10
11	#include "creddy_internal.h"
12
13	extern certificate_t abac_attribute_cert_from_file(char filename);
14
15	void verify_main(options_t *opts) {
16	certificate_t *subject_cert = NULL;
17
18	if (opts->cert == NULL)
19	usage(opts);
20
21	abac_id_t *issuer = abac_id_from_file(opts->cert);
22	if (issuer == NULL)
23	errx(1, "Can't load issuer cert from %s", opts->cert);
24	certificate_t *cert = abac_id_cert(issuer);
25
26	if (opts->attrcert != NULL) {
27	subject_cert = abac_attribute_cert_from_file(opts->attrcert);
28	if(subject_cert == NULL)
29	errx(1, "Can't load attribute cert from %s", opts->cert);
30	}
31
32	int good = 0;
33	if(subject_cert == NULL ) {
34	if (cert->get_validity(cert, NULL, NULL, NULL)) {
35	puts("certificates valid");
36	good=1;
37	} else puts("certificate not valid now");
38	} else {
39	if (subject_cert->issued_by(subject_cert, cert)) {
40	if (subject_cert->get_validity(subject_cert, NULL, NULL, NULL)) {
41	if (cert->get_validity(cert, NULL, NULL, NULL)) {
42	puts("signature good, certificates valid");
43	good = 1;
44	} else puts("signature good, issuer cert not valid now");
45	} else puts("signature good, cert not valid now");
46	} else puts("signature invalid");
47	}
48
49	if (subject_cert != NULL)
50	DESTROY_IF(subject_cert);
51	abac_id_free(issuer);
52
53	exit(good ? 0 : 1);
54	}

Note: See TracBrowser for help on using the repository browser.

Download in other formats: