Cryptography Reference
In-Depth Information
}
asn1free( &certificate );
return 0;
}
Joining the X.509 Components into a Completed X.509
Certifi cate Structure
According to the ITU specifi cation, the top level node should be a structure con-
taining three child nodes — the TBS certifi cate, the signature algorithm identifi er,
and the signature value itself. First, parse the
tbsCertificate
in Listing 5-14,
which is where the most interesting information is anyway. Afterward, the algo-
rithm identifi er and signature values are parsed, as was shown in Listing 5-13.
Listing 5-14:
“x509.c” parse_tbs_certifi cate
static int parse_tbs_certificate( x509_certificate *target,
struct asn1struct *source )
{
struct asn1struct *version;
struct asn1struct *serialNumber;
struct asn1struct *signatureAlgorithmIdentifier;
struct asn1struct *issuer;
struct asn1struct *validity;
struct asn1struct *subject;
struct asn1struct *publicKeyInfo;
struct asn1struct *extensions;
// Figure out if there's an explicit version or not; if there is, then
// everything else “shifts down” one spot.
version = ( struct asn1struct * ) source->children;
if ( version->tag == 0 && version->tag_class == ASN1_CONTEXT_SPECIFIC )
{
struct asn1struct *versionNumber =
( struct asn1struct * ) version->children;
// This will only ever be one byte; safe
target->version = ( *versionNumber->data ) + 1;
serialNumber = ( struct asn1struct * ) version->next;
}
else
{
target->version = 1; // default if not provided
serialNumber = ( struct asn1struct * ) version;
}
signatureAlgorithmIdentifier = ( struct asn1struct * ) serialNumber->next;
Search WWH ::
Custom Search