MS X.400 API

x400_mssend_rcv_sign.c
1 /* Copyright (c) 2014, Isode Limited, London, England.
2  * All rights reserved.
3  *
4  * Acquisition and use of this software and related materials for any
5  * purpose requires a written licence agreement from Isode Limited,
6  * or a written licence from an organisation licenced by Isode Limited
7  * to grant such a licence.
8  *
9  */
10 
11 /*
12  *
13  * 15.0a0-0
14  * Simple example program for submitting a message via a message store.
15  * The security environment is set up so that messages are signed.
16  */
17 
18 #include <stdio.h>
19 #include <stdlib.h>
20 #include <string.h>
21 
22 #include <x400_msapi.h>
23 #include <seclabel_api.h> /* For security labels */
24 #include <errno.h>
25 
26 #include "example.h"
27 
28 static char *optstr = "u37m:d:p:w:M:D:P:W:r:o:O:r:g:G:c:l:R:y:C:iaqsAve:x:b:f:S:Y:Z4U:L:";
29 
30 /* These are the data items used to construct the message for submission */
31 static char *default_recip = "/CN=lppt1/OU=lppt/O=attlee/PRMD=TestPRMD/ADMD=TestADMD/C=GB/";
32 char *recip;
33 static char *content_id = "030924.140212";
34 static const char text[] = "First line\r\nSecond line\r\n";
35 static char *binary_data;
36 
37 const char* xml_filename = "seclabel.xml";
38 
39 static int setup_msg_sec_env = 0;
40 
41 int num_unsigned_rcvd;
42 int num_unverified_rcvd;
43 int num_verified_rcvd;
44 
45 /* local functions */
46 
47 static void usage(void) ;
48 static int send_msg(
49  int contype,
50  char *orn,
51  char *def_dn,
52  char *pa,
53  char *password);
54 
55 static int submit_msg(
56  char *orn,
57  struct X400msSession *sp /* session object */
58 );
59 
60 static int get_msg(
61  struct X400msSession *sp
62 );
63 
64 static int setup_default_new_sec_env(
65  struct X400msSession *sp,
66  char *identity_filename,
67  char *pw
68 );
69 
70 static int setup_default_old_sec_env(
71  struct X400msSession *sp,
72  char *id,
73  char *dn,
74  char *pw
75 );
76 
77 static int setup_msg_new_sec_env(
78  struct X400msMessage *mp, /* message object */
79  char *identity_filename,
80  char *pw
81 );
82 
83 static int add_x411_label(
84  struct X400msMessage *mp, /* message object */
85  const char* xml_filename
86 );
87 
88 static int add_4066_label(
89  struct X400msMessage *mp, /* message object */
90  const char* xml_filename
91 );
92 
93 static int setup_msg_old_sec_env(
94  struct X400msMessage *mp, /* message object */
95  char *id,
96  char *dn,
97  char *pw
98 );
99 
100 static int report_moac_info(
101  struct X400msMessage *mp
102 );
103 
104 static void show_4406_certificate (struct X400msMessage *mp);
105 static void show_certificate (struct X400msMessage *mp);
106 static int report_4406_info(
107  struct X400msMessage *mp
108 );
109 
110 static void print_sec_label(
111  char slab_buffer[],
112  unsigned int length
113 );
114 
115 /* start here */
116 int main (
117  int argc,
118  char **argv
119 )
120 {
121  char pa[BUFSIZ];
122  char orn[BUFSIZ];
123  char *def_oraddr;
124  char *def_dn;
125  char *def_pa;
126  int contype;
127  int status;
128  char password[BUFSIZ];
129 
130  if (get_args(argc, argv, optstr)) {
131  usage();
132  exit(-1);
133  }
134 
135  printf("Connection type (0 = P7, 1 = P3 submit only, 2 = P3 both directions) [%d]: ", x400_contype);
136  contype = ic_fgetc(x400_contype, stdin);
137  if (contype != 10)
138  ic_fgetc(x400_contype, stdin);
139 
140  if ( contype < '0' || '2' < contype )
141  contype = x400_contype;
142  else
143  contype -= '0';
144 
145  if (contype == 0) {
146  def_oraddr = x400_ms_user_addr;
147  def_dn = x400_ms_user_dn;
148  def_pa = x400_ms_presentation_address;
149  } else {
150  def_oraddr = x400_mta_user_addr;
151  def_dn = x400_mta_user_dn;
152  def_pa = x400_mta_presentation_address;
153  }
154 
155  printf("Your ORAddress [%s] > ", def_oraddr);
156  ic_fgets (orn, sizeof orn, stdin);
157 
158  if ( orn[strlen(orn)-1] == '\n' )
159  orn[strlen(orn)-1] = '\0';
160 
161  if (orn[0] == '\0')
162  strcpy(orn, def_oraddr);
163 
164  /* Prompt for password; note: reflected. */
165  printf ("Password [%s]: ",
166  contype == 0 ? x400_p7_password : x400_p3_password);
167  if ( ic_fgets (password, sizeof password, stdin) == NULL )
168  exit (1);
169 
170  if (password[strlen(password)-1] == '\n' )
171  password[strlen(password)-1] = '\0';
172  if (password[0] == '\0')
173  strcpy(password, contype == 0 ? x400_p7_password : x400_p3_password);
174 
175  /* Presentation Address */
176  printf("Presentation Address [%s] > ", def_pa);
177  ic_fgets (pa, sizeof pa, stdin);
178 
179  if ( pa[strlen(pa)-1] == '\n' )
180  pa[strlen(pa)-1] = '\0';
181 
182  if (pa[0] == '\0')
183  strcpy(pa, def_pa);
184 
185  printf("sending message using session 1\n");
186  if ((status = send_msg(contype, orn, def_dn, pa, password))
187  != X400_E_NOERROR ) {
188  fprintf (stderr, "Error in sending message\n");
189  exit (status);
190  }
191  printf("sending message using session 2\n");
192  if ((status = send_msg(contype, orn, def_dn, pa, password))
193  != X400_E_NOERROR ) {
194  fprintf (stderr, "Error sending message\n");
195  exit (status);
196  }
197  return (status);
198 }
199 
200 static int send_msg(
201  int contype,
202  char *orn,
203  char *def_dn,
204  char *pa,
205  char *password
206 )
207 {
208  struct X400msSession *sp; /* session object */
209 
210  int status;
211 
212 
213  /* we've got what we need - now open an API session */
214  status = X400msOpen (contype, orn, def_dn, password, pa, NULL, &sp);
215  if ( status != X400_E_NOERROR ) {
216  fprintf (stderr, "Error in Open: %s\n", X400msError (status));
217  fprintf (stderr, "%s %s %s\n", orn, def_dn, pa);
218  return (status);
219  }
220 
221  /* setup logging */
222  X400msSetStrDefault(sp, X400_S_LOG_CONFIGURATION_FILE, "x400api.xml", 0);
223 
224  /* Set up the security environment.
225  *
226  * The security env can be specified the new way (recommended) using
227  * a PKCS12 filename and passphrase, or as a directory (deprecated and
228  * obsolete).
229  *
230  * If the ID is specified as a directory, in which the subdirectory
231  * "x509" is expected to contain one or more PKCS12 files.
232  * The appropriate Digital Identity is determined from the
233  * DN of the subject, and the passphrase is used to decrypt
234  * the private key.
235  */
236  if (use_new_sec_env) {
237  status = setup_default_new_sec_env(sp, identity_filename, passphrase);
238  } else {
239  status = setup_default_old_sec_env(sp, security_id, identity_dn,
240  passphrase);
241  }
242 
243  if ( status != X400_E_NOERROR ) {
244  fprintf (stderr, "Can't setup security environment\n");
245  return (status);
246  }
247 
248  printf("sending message 1\n");
249  status = submit_msg(orn, sp);
250  if ( status != X400_E_NOERROR ) {
251  fprintf (stderr, "Can't submit\n");
252  return (status);
253  }
254 
255  printf("sending message 2\n");
256  status = submit_msg(orn, sp);
257  if ( status != X400_E_NOERROR ) {
258  fprintf (stderr, "Can't submit\n");
259  return (status);
260  }
261 
262  printf("sending message 3\n");
263  status = submit_msg(orn, sp);
264  if ( status != X400_E_NOERROR ) {
265  fprintf (stderr, "Can't submit\n");
266  return (status);
267  }
268 
269  /* now get a message */
270  status = get_msg(sp);
271  if (status != X400_E_NOERROR) {
272  fprintf(stderr, "Error in getting msg: %s\n",
273  X400msError(status));
274  exit(status);
275  }
276 
277  status = X400msClose (sp);
278  if ( status != X400_E_NOERROR ) {
279  fprintf (stderr, "X400msClose returned error: %s\n", X400msError (status));
280  return (status);
281  }
282  return status;
283 }
284 
285 static int submit_msg(
286  char *orn,
287  struct X400msSession *sp /* session object */
288 )
289 {
290  struct X400msMessage *mp; /* message object */
291  struct X400Recipient *rp; /* recipient object */
292  char tmp[BUFSIZ];
293  FILE *fp = NULL;
294  int fs=0;
295  int status;
296 
297  if (x400_default_recipient != NULL)
298  recip = x400_default_recipient;
299  else
300  recip = default_recip;
301 
302  printf("Message recipient [%s]: ", recip);
303  ic_fgets (tmp, sizeof tmp, stdin);
304 
305  if ( tmp[strlen(tmp)-1] == '\n' )
306  tmp[strlen(tmp)-1] = '\0';
307  if (strlen(tmp) != 0)
308  recip = strdup(tmp);
309 
310  printf("Subject [%s]: ", subject);
311  ic_fgets (tmp, sizeof tmp, stdin);
312 
313  if ( tmp[strlen(tmp)-1] == '\n' )
314  tmp[strlen(tmp)-1] = '\0';
315  if (strlen(tmp) != 0)
316  subject = strdup(tmp);
317 
318  status = X400msMsgNew (sp, X400_MSG_MESSAGE, &mp);
319  if ( status != X400_E_NOERROR ) {
320  fprintf (stderr, "x400msMsgNew returned error: %s\n", X400msError (status));
321  return (status);
322  }
323 
324  /* Set up the security environment for this message overriding the
325  * default security env.
326  *
327  * The security env can be specified the new way (recommended) using
328  * a PKCS12 filename and passphrase, or as a directory (deprecated and
329  * obsolete).
330  *
331  * If the ID is specified as a pathname, in which the subdirectory
332  * "x509" is expected to contain one or more PKCS12 files.
333  * The appropriate Digital Identity is determined from the
334  * DN of the subject, and the passphrase is used to decrypt
335  * the private key.
336  */
337  if (setup_msg_sec_env) {
338  if (use_new_sec_env) {
339  status = setup_msg_new_sec_env(mp, identity_filename, passphrase);
340  if ( status != X400_E_NOERROR ) {
341  fprintf (stderr, "Can't setup new security environment\n");
342  return (status);
343  }
344  } else {
345  status = setup_msg_old_sec_env(mp, security_id, identity_dn2,
346  passphrase);
347  if ( status != X400_E_NOERROR ) {
348  fprintf (stderr, "Can't setup old security environment\n");
349  return (status);
350  }
351  }
352  }
353 
354  /* Instruct the X400msMsgSend() function to generate a MOAC (signature) for
355  * the message.
356  *
357  * The default attributes will be used unless the attributes are
358  * also included in the message eg by calling setup_msg_sec_env() above
359  */
360  if (gen_moac) {
361  status = X400msMsgAddIntParam (mp, X400_B_SEC_GEN_MOAC, 1);
362  if ( status != X400_E_NOERROR ) {
363  fprintf (stderr, "x400msMsgAddStrParam returned error: %s\n",
364  X400msError (status));
365  return (status);
366  }
367  }
368 
369  /* Instruct the X400msMsgSend() function to generate a STANAG 4406
370  * signature for the message
371  *
372  * The default attributes will be used unless the attributes are
373  * also included in the message eg by calling setup_msg_sec_env() above
374  */
375  if (gen_4406_sig) {
376  printf("\nRequesting 4406 signature\n");
377  status = X400msMsgAddIntParam (mp, X400_N_S4406, 1);
378  if ( status != X400_E_NOERROR ) {
379  fprintf (stderr, "x400msMsgAddStrParam returned error: %s\n", X400msError (status));
380  return (status);
381  }
382 
383  /* add a security label */
384  printf("\nAdding 4406 label\n");
385  status = add_4066_label (mp, xml_filename);
386  if ( status != X400_E_NOERROR ) {
387  fprintf (stderr, "add_4406_label returned error: %s\n",
388  X400msError (status));
389  return (status);
390  }
391 
392  } else {
393  printf("\nNot requesting 4406 signature\n");
394  }
395 
396  if (need_x411_label) {
397  status = add_x411_label (mp, xml_filename);
398  if ( status != X400_E_NOERROR ) {
399  fprintf (stderr, "add_x411_label returned error: %s\n",
400  X400msError (status));
401  return (status);
402  }
403  } else {
404  printf("\nNot requesting X.411 Label\n");
405  }
406 
407  status = X400msRecipNew (mp, X400_RECIP_STANDARD, &rp);
408  if ( status != X400_E_NOERROR ) {
409  fprintf (stderr, "x400msRecipNew returned error: %s\n", X400msError (status));
410  return (status);
411  }
412 
413  status = X400msRecipAddStrParam (rp, X400_S_OR_ADDRESS, recip, -1);
414  if ( status != X400_E_NOERROR ) {
415  fprintf (stderr, "x400msRecipAddStrParam returned error: %s\n", X400msError (status));
416  return (status);
417  }
418 
419  status = X400msRecipAddStrParam (rp, X400_S_DIRECTORY_NAME, "CN=recipient;c=gb", -1);
420  if ( status != X400_E_NOERROR ) {
421  fprintf (stderr, "x400msRecipAddStrParam returned error: %s\n", X400msError (status));
422  return (status);
423  }
424 
425  status = X400msMsgAddStrParam (mp, X400_S_OR_ADDRESS, orn, -1);
426  if ( status != X400_E_NOERROR ) {
427  fprintf (stderr, "x400msMsgAddStrParam returned error: %s\n", X400msError (status));
428  return (status);
429  }
430 
431  status = X400msMsgAddStrParam (mp, X400_S_DIRECTORY_NAME, "CN=originator;c=gb", -1);
432  if ( status != X400_E_NOERROR ) {
433  fprintf (stderr, "x400msMsgAddStrParam returned error: %s\n", X400msError (status));
434  return (status);
435  }
436 
437  /* Ask for +ve and -ve delivery reports */
438  status = X400msRecipAddIntParam (rp, X400_N_REPORT_REQUEST, 2);
439  if ( status != X400_E_NOERROR ) {
440  fprintf (stderr, "x400msRecipAddStrParam returned error: %s\n", X400msError (status));
441  return (status);
442  }
443 
444  /* Ask for +ve and -ve read receipts */
445  status = X400msRecipAddIntParam (rp, X400_N_NOTIFICATION_REQUEST, 7);
446  if ( status != X400_E_NOERROR ) {
447  fprintf (stderr, "x400msRecipAddStrParam returned error: %s\n", X400msError (status));
448  return (status);
449  }
450 
451  status = X400msMsgAddStrParam (mp, X400_S_CONTENT_IDENTIFIER,
452  content_id, -1);
453  if ( status != X400_E_NOERROR ) {
454  fprintf (stderr, "x400msMsgAddStrParam returned error: %s\n", X400msError (status));
455  return (status);
456  }
457 
458  status = X400msMsgAddStrParam (mp, X400_S_SUBJECT, subject, -1);
459  if ( status != X400_E_NOERROR ) {
460  fprintf (stderr, "x400msMsgAddStrParam returned error: %s\n", X400msError (status));
461  return (status);
462  }
463 
464  status = X400msMsgAddStrParam (mp, X400_T_ISO8859_1, text, -1);
465  if ( status != X400_E_NOERROR ) {
466  fprintf (stderr, "x400ms returned error: %s\n", X400msError (status));
467  return (status);
468  }
469 
470  /* now an IA5 body part using the bodypart func */
471  status = X400msMsgAddAttachment (mp, X400_T_IA5TEXT, text, strlen(text));
472  if ( status != X400_E_NOERROR ) {
473  printf("failed to add X400_T_IA5TEXT BP\n");
474  return (status);
475  }
476 
477  /* or a Binary body part using the bodypart func */
478  if (filename_to_send != NULL) {
479  binary_data = (char *) malloc(100000);
480  if ( binary_data == NULL )
481  return X400_E_NOMEMORY;
482  fp = fopen(filename_to_send, "r");
483  if (fp == (FILE *)NULL) {
484  printf("Cannot open binary file\n");
485  return (X400_E_SYSERROR);
486  }
487  if ((fs = fread (binary_data, sizeof(char), 100000/sizeof(char), fp) ) == -1) {
488  printf("Cannot read from binary file\n");
489  return (X400_E_SYSERROR);
490  }
491  fclose(fp);
492 
493  status = X400msMsgAddAttachment (mp, X400_T_BINARY, binary_data, fs);
494  if ( status != X400_E_NOERROR ) {
495  printf("failed to add X400_T_BINARY BP\n");
496  return (status);
497  }
498  } else {
499  printf("no binary file set - not sending X400_T_BINARY\n");
500  }
501 
502  status = X400msMsgSend (mp);
503  if ( status != X400_E_NOERROR ) {
504  fprintf (stderr, "x400msMsgSend returned error: %s\n", X400msError (status));
505  return (status);
506  } else {
507  printf("Message submitted successfully\n");
508  }
509 
510  status = X400msMsgDelete (mp, 0);
511  if ( status != X400_E_NOERROR ) {
512  fprintf (stderr, "x400msMsgDelete returned error: %s\n", X400msError (status));
513  return (status);
514  }
515 
516  mp = NULL;
517  rp = NULL;
518 
519  return (status);
520 }
521 
522 
523 static int setup_default_new_sec_env(
524  struct X400msSession *sp,
525  char *identity,
526  char *pw
527 )
528 {
529  int status;
530 
531  /* Filename of the Digital Identity (PKCS12 file) */
532  status = X400msSetStrDefault (sp, X400_S_SEC_IDENTITY_FILE,
533  identity, -1);
534  if ( status != X400_E_NOERROR ) {
535  fprintf (stderr, "X400msSetStrDefault returned error: %s\n",
536  X400msError (status));
537  return (status);
538  }
539 
540  /* passphrase used to open the Identity */
541  status = X400msSetStrDefault (sp, X400_S_SEC_IDENTITY_PASSPHRASE, pw, -1);
542  if ( status != X400_E_NOERROR ) {
543  fprintf (stderr, "X400msSetStrDefault returned error: %s\n",
544  X400msError (status));
545  return (status);
546  }
547 
548  /* test the sec env */
549  status = X400msTestSecurityEnv (sp);
550  if ( status != X400_E_NOERROR ) {
551  fprintf (stderr, "X400msTestSecurityEnv returned error: %s\n",
552  X400msError (status));
553  return (status);
554  }
555 
556  return status;
557 }
558 
559 static int setup_default_old_sec_env(
560  struct X400msSession *sp,
561  char *id,
562  char *dn,
563  char *pw
564 )
565 {
566  int status;
567 
568  /* first set a default security identity. This passes in the name of a
569  * directory, which contains an x509 subdirectory in which all Identities
570  * are held */
571  X400msSetStrDefault(sp, X400_S_SEC_IDENTITY, id, -1);
572 
573  /* select by DN which Identity is to be used (if there are several)
574  * Currently these must be PKCS12 files */
575  status = X400msSetStrDefault (sp, X400_S_SEC_IDENTITY_DN, dn, -1);
576  if ( status != X400_E_NOERROR ) {
577  fprintf (stderr, "X400msSetStrDefault returned error: %s\n",
578  X400msError (status));
579  return (status);
580  }
581 
582  /* passphrase used to open the Identity */
583  status = X400msSetStrDefault (sp, X400_S_SEC_IDENTITY_PASSPHRASE, pw, -1);
584  if ( status != X400_E_NOERROR ) {
585  fprintf (stderr, "X400msSetStrDefault returned error: %s\n",
586  X400msError (status));
587  return (status);
588  }
589 
590  return status;
591 }
592 
593 static int setup_msg_new_sec_env(
594  struct X400msMessage *mp, /* message object */
595  char *identity,
596  char *pw
597 )
598 {
599  int status;
600 
601  /* Filename of the Digital Identity (PKCS12 file) */
602  status = X400msMsgAddStrParam (mp, X400_S_SEC_IDENTITY_FILE,
603  identity, -1);
604  if ( status != X400_E_NOERROR ) {
605  fprintf (stderr, "X400msMsgAddStrParam returned error: %s\n",
606  X400msError (status));
607  return (status);
608  }
609 
610  /* security additions */
611  status = X400msMsgAddStrParam (mp, X400_S_SEC_IDENTITY_PASSPHRASE, pw, -1);
612  if ( status != X400_E_NOERROR ) {
613  fprintf (stderr, "x400msMsgAddStrParam returned error: %s\n",
614  X400msError (status));
615  return (status);
616  }
617  return (status);
618 }
619 
620 static int setup_msg_old_sec_env(
621  struct X400msMessage *mp, /* message object */
622  char *id,
623  char *dn,
624  char *pw
625 )
626 {
627  int status;
628 
629  /* overide the default security environment by specifying a new set of
630  * attibutes, and put them into the message */
631  /* security additions */
632  status = X400msMsgAddStrParam (mp, X400_S_SEC_IDENTITY, id, -1);
633  /* status = X400msMsgAddStrParam (mp, X400_S_SEC_IDENTITY, "/var/isode/dsa-db", -1); */
634  if ( status != X400_E_NOERROR ) {
635  fprintf (stderr, "x400msMsgAddStrParam returned error: %s\n",
636  X400msError (status));
637  return (status);
638  }
639 
640  /* security additions */
641  status = X400msMsgAddStrParam (mp, X400_S_SEC_IDENTITY_DN, dn, -1);
642  if ( status != X400_E_NOERROR ) {
643  fprintf (stderr, "x400msMsgAddStrParam returned error: %s\n",
644  X400msError (status));
645  return (status);
646  }
647 
648  /* security additions */
649  status = X400msMsgAddStrParam (mp, X400_S_SEC_IDENTITY_PASSPHRASE, pw, -1);
650  if ( status != X400_E_NOERROR ) {
651  fprintf (stderr, "x400msMsgAddStrParam returned error: %s\n",
652  X400msError (status));
653  return (status);
654  }
655  return (status);
656 }
657 
658 
659 static int add_4066_label(
660  struct X400msMessage *mp, /* message object */
661  const char* filename
662 )
663 {
664 
665 #define XML_BUFSIZE 1024
666 #define STRING_BUFSIZE 1024
667 
668  int status;
669  char xml_content[XML_BUFSIZE];
670  char str_content[STRING_BUFSIZE];
671  int str_len = STRING_BUFSIZE;
672  FILE *fd = NULL;
673 
674  printf("Adding 4406 Security Label, using file %s\n", filename);
675  /* Read in the security label XML file */
676  fd = fopen(filename,"r");
677  if(fd == NULL) {
678  fprintf(stderr,"Failed to open %s : %s\n",
679  filename,strerror(errno));
680  }
681 
682  fread(&xml_content,XML_BUFSIZE,1,fd);
683 
684  fclose(fd);
685 
686  status = SecLabelInit("Example program 2");
687  if (status != SECLABEL_E_NOERROR) {
688  fprintf(stderr, "SecLabelInit returned error %d\n", status);
689  return X400_E_INVALID_ATTR;
690  }
691 
692  /* Use SecLabelParse to turn the XML into an octet string */
693  status = SecLabelParse(xml_content,
694  str_content,
695  STRING_BUFSIZE,
696  &str_len);
697 
698  if (status != SECLABEL_E_NOERROR) {
699  fprintf(stderr, "SecLabelParse returned error %d\n", status);
700  return X400_E_INVALID_ATTR;
701  }
702 
703  /* Add the octet string to the message pointer */
704  status = X400msMsgAddStrParam (mp, X400_S_S4406_SECURITY_LABEL,
705  str_content,str_len);
706  if ( status != X400_E_NOERROR ) {
707  fprintf (stderr, "x400msMsgAddStrParam returned error: %s\n",
708  X400msError (status));
709  return (status);
710  }
711  return X400_E_NOERROR;
712 
713 }
714 
715 
716 static int add_x411_label(
717  struct X400msMessage *mp, /* message object */
718  const char* filename
719 )
720 {
721 
722 #define XML_BUFSIZE 1024
723 #define STRING_BUFSIZE 1024
724 
725  int status;
726  char xml_content[XML_BUFSIZE];
727  char str_content[STRING_BUFSIZE];
728  int str_len = STRING_BUFSIZE;
729  FILE *fd = NULL;
730 
731  printf("Adding X.411 Security Label, using file %s\n", filename);
732  /* Read in the security label XML file */
733  fd = fopen(filename,"r");
734  if(fd == NULL) {
735  fprintf(stderr,"Failed to open %s : %s\n",
736  filename,strerror(errno));
737  }
738 
739  fread(&xml_content,XML_BUFSIZE,1,fd);
740 
741  fclose(fd);
742 
743  status = SecLabelInit("Example program");
744  if (status != SECLABEL_E_NOERROR) {
745  fprintf(stderr, "SecLabelInit returned error %d\n", status);
746  return X400_E_INVALID_ATTR;
747  }
748 
749  /* Use SecLabelParse to turn the XML into an octet string */
750  status = SecLabelParse(xml_content,
751  str_content,
752  STRING_BUFSIZE,
753  &str_len);
754 
755  if (status != SECLABEL_E_NOERROR) {
756  fprintf(stderr, "SecLabelParse returned error %d\n", status);
757  return X400_E_INVALID_ATTR;
758  }
759 
760  /* Add the octet string to the message pointer */
761  status = X400msMsgAddStrParam (mp, X400_S_SECURITY_LABEL,
762  str_content,str_len);
763  if ( status != X400_E_NOERROR ) {
764  fprintf (stderr, "x400msMsgAddStrParam returned error: %s\n",
765  X400msError (status));
766  return (status);
767  }
768  return X400_E_NOERROR;
769 
770 }
771 
772 
773 static int get_msg(
774  struct X400msSession *sp
775 )
776 {
777  char buffer[BUFSIZ];
778  int status;
779  int nummsg;
780  int type;
781  int seqn;
782  struct X400msMessage *mp;
783  struct X400Recipient *rp;
784  int n;
785  size_t length;
786  int intparam;
787  char recipient_str[BUFSIZ];
788 
789  printf("Waiting for new messages for 10 seconds\n");
790  status = X400msWait(sp, 10, &nummsg);
791  if (status != X400_E_NOERROR) {
792  fprintf(stderr, "Error from Wait: %s\n", X400msError(status));
793  /* tidily close the session */
794  status = X400msClose(sp);
795  exit(status);
796  }
797 
798  /* Set up the security environment.
799  *
800  * In R15.0 this need only be the name of a trusted certificate directory.
801  *
802  * Prior to R15.0, the ID is specified as a pathname, in which the
803  * subdirectory "x509" is expected to contain one or more PKCS12
804  * files. The appropriate Digital Identity is determined from the
805  * DN of the subject, and the passphrase is used to decrypt the
806  * private key. NB even though we're not going to use our cert,
807  * (as we're going to use the cert in the message to check the MOAC
808  * we need to do this due to a limitation in the underlying X.509
809  * layer.
810  */
811  /*
812  if (use_new_sec_env) {
813  setup_default_new_sec_env(sp, trusted_ca_certs_dir);
814  } else {
815  setup_default_old_sec_env(sp, security_id, identity_dn, passphrase);
816  }
817  */
818 
819 
820  /* Turn off legacy bahaviour in which MOAC verification failure
821  * returns X400_E_NOERROR.
822  * We will now get X400_E_X509_VERIFY_FAILURE from MsgGet
823  * if/when the verification fails
824  */
825  X400msSetIntDefault(sp, X400_B_RETURN_VERIFICATION_ERRORS, 1);
826 
827  if (x400_default_recipient != NULL)
828  printf("Getting message\n");
829  status = X400msMsgGet(sp, 0, &mp, &type, &seqn);
830  switch (status) {
831  case X400_E_NOERROR:
832  fprintf(stderr, "MsgGet successfully got message\n");
833  break;
834  default :
835  fprintf(stderr, "Error from MsgGet: %s\n", X400msError(status));
836  /* tidily close the session */
837  status = X400msClose(sp);
838  exit(status);
839  break;
840  }
841 
842  if (type != X400_MSG_MESSAGE) {
843  fprintf(stderr, "Got a report (printing only some attributes)\n");
844 
845  /* The ORADDRESS in the message is the (envelope) originator */
846  status = X400msMsgGetStrParam(mp, X400_S_SUBJECT_IDENTIFIER,
847  buffer, sizeof buffer, &length);
848  if (status != X400_E_NOERROR) {
849  fprintf(stderr, "Error from MsgGetStrParam: %s\n",
850  X400msError(status));
851  /* tidily close the session */
852  status = X400msClose(sp);
853  exit(status);
854  }
855  printf("Subject Identifier: %.*s\n", (int)length, buffer);
856 
857  /* Get the primary recipients */
858  for (n = 1;; n++) {
859  status = X400msRecipGet(mp, X400_RECIP_REPORT, n, &rp);
860  if (status == X400_E_NO_RECIP)
861  break;
862  if (status != X400_E_NOERROR) {
863  fprintf(stderr, "Error from RecipGet: %s\n",
864  X400msError(status));
865  /* tidily close the session */
866  status = X400msClose(sp);
867  exit(status);
868  }
869 
870  /* Note: recipient may not actually have an O/R address */
871  status = X400msRecipGetStrParam(rp, X400_S_OR_ADDRESS,
872  recipient_str,
873  sizeof recipient_str, &length);
874  if (status != X400_E_NOERROR) {
875  fprintf(stderr, "Error from RecipGetStrParam: %s\n",
876  X400msError(status));
877  /* tidily close the session */
878  status = X400msClose(sp);
879  exit(status);
880  }
881  /* print out the O/R Address of the report */
882  printf("Positive Delivery Report for recipient %d: %.*s\n", n,
883  (int)length, recipient_str);
884 
885  /* The original message delivery time, if this attribute exists,
886  * then the report is a positive Delivery Report */
887  status = X400msRecipGetStrParam(rp, X400_S_MESSAGE_DELIVERY_TIME,
888  buffer, sizeof buffer, &length);
889  if (status == X400_E_NOERROR) {
890  /* Positive Delivery Report */
891  printf("Delivery Time: %.*s\n", (int)length, buffer);
892  }
893  else {
894  /* Negative Delivery Report */
895  printf("Negative Delivery Report for recipient %d: %s\n", n,
896  recipient_str);
897 
898  /* Supplementary Info to the report */
899  status = X400msRecipGetStrParam(rp, X400_S_SUPPLEMENTARY_INFO,
900  buffer, sizeof buffer,
901  &length);
902  if (status != X400_E_NOERROR) {
903  fprintf(stderr, "Error from RecipGetStrParam: %s\n",
904  X400msError(status));
905  buffer[0] = '\0';
906  }
907  printf("Supplementary Info: %.*s\n", (int)length, buffer);
908 
909  /* The reason why the message was not delivered */
910  status =
911  X400msRecipGetIntParam(rp, X400_N_NON_DELIVERY_REASON,
912  &intparam);
913  if (status != X400_E_NOERROR) {
914  fprintf(stderr, "Error from MsgGetIntParam: %s\n",
915  X400msError(status));
916  }
917  printf("Non-Delivery Reason: %d\n", intparam);
918 
919  /* The diagnostics of the report for this recipient */
920  status =
921  X400msRecipGetIntParam(rp, X400_N_NON_DELIVERY_DIAGNOSTIC,
922  &intparam);
923  if (status != X400_E_NOERROR) {
924  fprintf(stderr, "Error from MsgGetIntParam: %s\n",
925  X400msError(status));
926  }
927  printf("Non-Delivery Diagnostic: %d\n", intparam);
928  }
929  }
930 
931  num_unsigned_rcvd++ ;
932  status = X400msMsgDelete(mp, 0);
933  if (status != X400_E_NOERROR) {
934  fprintf(stderr, "Error from X400msMsgDelete: %s\n",
935  X400msError(status));
936  }
937  return (status);
938  }
939 
940 
941  /* x411 security label */
942  status = X400msMsgGetStrParam(mp, X400_S_SECURITY_LABEL,
943  buffer, sizeof buffer, &length);
944  if (status == X400_E_NO_VALUE) {
945  printf("No X.411 security label\n");
946  } else if (status != X400_E_NOERROR) {
947  fprintf(stderr,"Failed to fetch X.411 security label: %d (%s)",
948  status, X400msError(status));
949  return (status);
950  } else {
951  fprintf(stderr, "X.411 Security Label returned OK (%d chars)\n",
952  (int)length);
953  print_sec_label(buffer, length);
954  }
955 
956  /* report information about the MOAC in the message */
957  report_moac_info(mp);
958 
959  /* report information about the 4406 in the message */
960  report_4406_info(mp);
961 
962  /* The message identifier */
963  status = X400msMsgGetStrParam(mp, X400_S_MESSAGE_IDENTIFIER,
964  buffer, sizeof buffer, &length);
965  if (status != X400_E_NOERROR) {
966  fprintf(stderr, "Error from MsgGetStrParam: %s\n",
967  X400msError(status));
968  /* tidily close the session */
969  status = X400msClose(sp);
970  exit(status);
971  }
972  printf("Message Identifier: %.*s\n", (int)length, buffer);
973 
974  /* The ORADDRESS in the message is the (envelope) originator */
975  status = X400msMsgGetStrParam(mp, X400_S_OR_ADDRESS,
976  buffer, sizeof buffer, &length);
977  if (status != X400_E_NOERROR) {
978  fprintf(stderr, "Error from MsgGetStrParam: %s\n",
979  X400msError(status));
980  /* tidily close the session */
981  status = X400msClose(sp);
982  exit(status);
983  }
984  printf("Originator: %.*s\n", (int)length, buffer);
985 
986  /* Get the primary recipients */
987  for (n = 1;; n++) {
988  status = X400msRecipGet(mp, X400_RECIP_PRIMARY, n, &rp);
989  if (status == X400_E_NO_RECIP)
990  break;
991  if (status != X400_E_NOERROR) {
992  fprintf(stderr, "Error from RecipGet: %s\n", X400msError(status));
993  /* tidily close the session */
994  status = X400msClose(sp);
995  exit(status);
996  }
997 
998  /* Note: recipient may not actually have an O/R address */
999  status = X400msRecipGetStrParam(rp, X400_S_OR_ADDRESS,
1000  buffer, sizeof buffer, &length);
1001  if (status == X400_E_NOERROR) {
1002  printf("Recipient %d: %.*s\n", n, (int)length, buffer);
1003  }
1004  }
1005 
1006  /* Subject is optional */
1007  status = X400msMsgGetStrParam(mp, X400_S_SUBJECT,
1008  buffer, sizeof buffer, &length);
1009  if (status == X400_E_NOERROR)
1010  printf("Subject: %.*s\n", (int)length, buffer);
1011 
1012  /* And message text (or it could be another type) */
1013  status = X400msMsgGetStrParam(mp, X400_T_IA5TEXT,
1014  buffer, sizeof buffer, &length);
1015  if (status == X400_E_NOERROR)
1016  printf("Text:\n%.*s\n", (int)length, buffer);
1017 
1018  /* Deletes message in message store as well as internal copy */
1019  status = X400msMsgDelete(mp, 0);
1020 
1021  return status;
1022 }
1023 
1024 #ifdef notdef
1025 /*
1026  * Recommended function to setup security env for verification.
1027  * No digitial ID required - just a directory which contains
1028  * trust anchors which are read as DER file (certificate.crt).
1029  *
1030  * The certificate (containing public key) is obtained from the message
1031  * which is referenced in the message.
1032  */
1033 
1034 static void setup_default_new_sec_env(
1035  struct X400msSession *sp,
1036  char *trusted_ca_certs_dir
1037 )
1038 {
1039  int status;
1040 
1041  /* Directory containing trusted CA Certificates */
1042  printf(" Adding %s as trusted CA cert dir\n", trusted_ca_certs_dir);
1043  status = X400msSetStrDefault (sp, X400_S_SEC_TRUSTED_CERTS_DIR,
1044  trusted_ca_certs_dir, -1);
1045  if ( status != X400_E_NOERROR ) {
1046  fprintf (stderr, "X400msSetStrDefault returned error: %s\n",
1047  X400msError (status));
1048  exit (status);
1049  }
1050 
1051  return;
1052 }
1053 
1054 /*
1055  * Obsolete function to use to set up the security environment. This provides a
1056  * directory in which PKCS12 files are checked to find one whose subject DN
1057  * matches that of this client.
1058  *
1059  * Any self signed certificates found in the directory are treated as
1060  * trusted.
1061  */
1062 
1063 static void setup_default_old_sec_env(
1064  struct X400msSession *sp,
1065  char *id,
1066  char *dn,
1067  char *pw /* passphrase for private key in pkcs12 file */
1068 )
1069 {
1070  int status;
1071 
1072  /* first set a default security identity. This passes in the name of a
1073  * directory, which contains an x509 subdirectory in which all Identities
1074  * are held */
1075  /* X400msSetStrDefault(sp, X400_S_SEC_IDENTITY, "/var/isode/dsa-db/", -1);
1076  * */
1077  X400msSetStrDefault(sp, X400_S_SEC_IDENTITY, id, -1);
1078 
1079  /* select by DN which Identity is to be used (if there are several)
1080  * Currently these must be PKCS12 files */
1081  status = X400msSetStrDefault (sp, X400_S_SEC_IDENTITY_DN, dn, -1);
1082  if ( status != X400_E_NOERROR ) {
1083  fprintf (stderr, "X400msSetStrDefault returned error: %s\n",
1084  X400msError (status));
1085  exit (status);
1086  }
1087 
1088  /* passphrase used to open the Identity */
1089  status = X400msSetStrDefault (sp, X400_S_SEC_IDENTITY_PASSPHRASE, pw, -1);
1090  if ( status != X400_E_NOERROR ) {
1091  fprintf (stderr, "X400msSetStrDefault returned error: %s\n",
1092  X400msError (status));
1093  exit (status);
1094  }
1095  return;
1096 }
1097 #endif
1098 
1099 
1100 static int report_moac_info(
1101  struct X400msMessage *mp
1102 )
1103 {
1104  int status;
1105  int intparam;
1106 
1107  /* Check the MOAC */
1108  status = X400msMsgGetIntParam(mp, X400_N_MOAC_STATUS, &intparam);
1109  switch ( status ) {
1110  case X400_E_NO_VALUE:
1111  num_unverified_rcvd++ ;
1112  fprintf (stderr, "No MOAC in message\n");
1113  break;
1114 
1115  default:
1116  num_unverified_rcvd++ ;
1117  fprintf (stderr, "Unexpected error getting MOAC status: %s\n",
1118  X400msError (status));
1119  break;
1120 
1121  case X400_E_NOERROR:
1122  fprintf (stderr, "Have MOAC in message (%d)\n", intparam);
1123  switch (intparam) {
1124  case X400_E_NOERROR:
1125  fprintf(stderr,
1126  "MsgGet successfully verified signature in message\n");
1127  show_certificate (mp);
1128  fprintf(stderr, "continuing ...\n");
1129  num_verified_rcvd++ ;
1130  break;
1131  case X400_E_SIGN_NO_IDENTITY:
1132  fprintf(stderr,
1133  "MOAC validation cannot take place because the security environment is invalid (%d):\n",
1134  intparam);
1135  /* other values will not be available */
1136  break;
1137  case X400_E_X509_INIT:
1138  case X400_E_X509_ENV:
1139  fprintf(stderr,
1140  "MOAC validation cannot take place because the security environment is invalid (%d):\n",
1141  intparam);
1142  /* other values will not be available */
1143  break;
1144  case X400_E_X509_VERIFY_FAIL:
1145  fprintf(stderr, "Verification Error from MsgGet: %s\n",
1146  X400msError(intparam));
1147  show_certificate (mp);
1148  fprintf(stderr, "continuing ...\n");
1149  num_unverified_rcvd++ ;
1150  break;
1151  case X400_E_X509_VERIFY_FAIL_NO_CERT:
1152  fprintf(stderr, "Verification Error from MsgGet: %s\n",
1153  X400msError(intparam));
1154  fprintf(stderr, "continuing ...\n");
1155  num_unverified_rcvd++ ;
1156  break;
1157  case X400_E_X509_VERIFY_FAIL_NO_PUBKEY:
1158  fprintf(stderr, "Verification Error from MsgGet: %s\n",
1159  X400msError(intparam));
1160  show_certificate (mp);
1161  fprintf(stderr, "continuing ...\n");
1162  num_unverified_rcvd++ ;
1163  break;
1164  case X400_E_X509_VERIFY_FAIL_INCOMPAT_ALG:
1165  fprintf(stderr, "Verification Error from MsgGet: %s\n",
1166  X400msError(intparam));
1167  show_certificate (mp);
1168  fprintf(stderr, "continuing ...\n");
1169  num_unverified_rcvd++ ;
1170  break;
1171  case X400_E_X509_VERIFY_FAIL_UNSUPPORTED_ALG:
1172  fprintf(stderr, "Verification Error from MsgGet: %s\n",
1173  X400msError(intparam));
1174  show_certificate (mp);
1175  fprintf(stderr, "continuing ...\n");
1176  num_unverified_rcvd++ ;
1177  break;
1178  case X400_E_X509_CERT_INVALID:
1179  fprintf(stderr, "Verification Error from MsgGet: %s\n",
1180  X400msError(intparam));
1181  show_certificate (mp);
1182  fprintf(stderr, "continuing ...\n");
1183  num_unverified_rcvd++ ;
1184  break;
1185  case X400_E_X509_ITEM_INVALID:
1186  fprintf(stderr, "Verification Error from MsgGet: %s\n",
1187  X400msError(intparam));
1188  show_certificate (mp);
1189  fprintf(stderr, "continuing ...\n");
1190  num_unverified_rcvd++ ;
1191  break;
1192  default :
1193  fprintf(stderr, "Unexpected verification error from MsgGet: %s\n",
1194  X400msError(intparam));
1195  show_certificate (mp);
1196  fprintf(stderr, "continuing ...\n");
1197  num_unverified_rcvd++ ;
1198  break;
1199  }
1200  }
1201  return X400_E_NOERROR;
1202 }
1203 
1204 
1205 static int report_4406_info(
1206  struct X400msMessage *mp
1207 )
1208 {
1209  int status;
1210  int intparam;
1211  size_t length;
1212  char buffer[BUFSIZ];
1213 
1214  /* Check the 4406 signatures */
1215  status = X400msMsgGetIntParam(mp, X400_N_S4406_STATUS, &intparam);
1216  switch ( status ) {
1217  case X400_E_NO_VALUE:
1218  num_unverified_rcvd++ ;
1219  fprintf (stderr, "No 4406 signature in message\n");
1220  return X400_E_NOERROR;
1221 
1222  default:
1223  num_unverified_rcvd++ ;
1224  fprintf (stderr, "Unexpected error getting 4406 signature status: %s\n",
1225  X400msError (status));
1226  break;
1227 
1228  case X400_E_NOERROR:
1229  fprintf (stderr, "Have 4406 signature in message (%d)\n", intparam);
1230  switch (intparam) {
1231  case X400_E_NOERROR:
1232  fprintf(stderr,
1233  "MsgGet successfully verified signature in message\n");
1234  show_4406_certificate (mp);
1235  fprintf(stderr, "continuing ...\n");
1236  num_verified_rcvd++ ;
1237  break;
1238  case X400_E_SIGN_NO_IDENTITY:
1239  fprintf(stderr,
1240  "4406 signature validation cannot take place because the security environment is invalid (%d):\n",
1241  intparam);
1242  /* other values will not be available */
1243  break;
1244  case X400_E_X509_INIT:
1245  case X400_E_X509_ENV:
1246  fprintf(stderr,
1247  "4406 signature validation cannot take place because the security environment is invalid (%d):\n",
1248  intparam);
1249  /* other values will not be available */
1250  break;
1251  case X400_E_X509_VERIFY_FAIL:
1252  fprintf(stderr, "Verification Error from MsgGet: %s\n",
1253  X400msError(intparam));
1254  show_4406_certificate (mp);
1255  fprintf(stderr, "continuing ...\n");
1256  num_unverified_rcvd++ ;
1257  break;
1258  case X400_E_X509_VERIFY_FAIL_NO_CERT:
1259  fprintf(stderr, "Verification Error from MsgGet: %s\n",
1260  X400msError(intparam));
1261  fprintf(stderr, "continuing ...\n");
1262  num_unverified_rcvd++ ;
1263  break;
1264  case X400_E_X509_VERIFY_FAIL_NO_PUBKEY:
1265  fprintf(stderr, "Verification Error from MsgGet: %s\n",
1266  X400msError(intparam));
1267  show_4406_certificate (mp);
1268  fprintf(stderr, "continuing ...\n");
1269  num_unverified_rcvd++ ;
1270  break;
1271  case X400_E_X509_VERIFY_FAIL_INCOMPAT_ALG:
1272  fprintf(stderr, "Verification Error from MsgGet: %s\n",
1273  X400msError(intparam));
1274  show_4406_certificate (mp);
1275  fprintf(stderr, "continuing ...\n");
1276  num_unverified_rcvd++ ;
1277  break;
1278  case X400_E_X509_VERIFY_FAIL_UNSUPPORTED_ALG:
1279  fprintf(stderr, "Verification Error from MsgGet: %s\n",
1280  X400msError(intparam));
1281  show_4406_certificate (mp);
1282  fprintf(stderr, "continuing ...\n");
1283  num_unverified_rcvd++ ;
1284  break;
1285  case X400_E_X509_CERT_INVALID:
1286  fprintf(stderr, "Verification Error from MsgGet: %s\n",
1287  X400msError(intparam));
1288  show_4406_certificate (mp);
1289  fprintf(stderr, "continuing ...\n");
1290  num_unverified_rcvd++ ;
1291  break;
1292  case X400_E_X509_ITEM_INVALID:
1293  fprintf(stderr, "Verification Error from MsgGet: %s\n",
1294  X400msError(intparam));
1295  show_4406_certificate (mp);
1296  fprintf(stderr, "continuing ...\n");
1297  num_unverified_rcvd++ ;
1298  break;
1299  default :
1300  fprintf(stderr, "Unexpected verification error from MsgGet: %s\n",
1301  X400msError(intparam));
1302  show_4406_certificate (mp);
1303  fprintf(stderr, "continuing ...\n");
1304  num_unverified_rcvd++ ;
1305  break;
1306  }
1307  }
1308 
1309  /* 4406 security label */
1310  status = X400msMsgGetStrParam(mp, X400_S_S4406_SECURITY_LABEL,
1311  buffer, sizeof buffer, &length);
1312  if (status == X400_E_NO_VALUE) {
1313  printf("No 4406 security label\n");
1314  } else if (status != X400_E_NOERROR) {
1315  fprintf(stderr,"Failed to fetch 4406 security label: %d (%s)",
1316  status, X400msError(status));
1317  return (status);
1318  } else {
1319  fprintf(stderr, "4406 Security Label returned OK (%d chars)\n",
1320  (int)length);
1321  print_sec_label(buffer, length);
1322  }
1323 
1324  /* 4406 signing time */
1325  status = X400msMsgGetStrParam(mp, X400_S_S4406_SIGNING_TIME,
1326  buffer, sizeof buffer, &length);
1327  if (status == X400_E_NOERROR)
1328  printf("4406 signing time returned OK\n%.*s\n", (int)length, buffer);
1329  else
1330  printf("4406 signing time not returned (%d) (%s)\n", status,
1331  X400msError(status));
1332 
1333  return X400_E_NOERROR;
1334 }
1335 
1336 static void print_sec_label(
1337  char slab_buffer[],
1338  unsigned int length
1339 )
1340 {
1341 
1342  char xml_buffer[XML_BUFSIZE];
1343  int status;
1344 
1345  status = SecLabelInit("Example program");
1346  if (status != SECLABEL_E_NOERROR) {
1347  fprintf(stderr, "SecLabelInit returned error %d\n", status);
1348  return ;
1349  }
1350 
1351  status = SecLabelPrint((const unsigned char *) slab_buffer,
1352  length,
1353  xml_buffer,
1354  XML_BUFSIZE);
1355 
1356  if (status != SECLABEL_E_NOERROR) {
1357  fprintf(stderr, "SecLabelParse returned error %d\n", status);
1358  return ;
1359  }
1360 
1361  /* You could now write out the XML file, or parse it in memory..*/
1362  printf("Got security label:%s\n", xml_buffer);
1363  return;
1364 }
1365 
1366 static void show_certificate (struct X400msMessage *mp)
1367 {
1368  int status;
1369  struct X400Certificate *cert;
1370  char buffer[BUFSIZ];
1371  size_t length;
1372  int paramval;
1373 
1374  status = X400msMsgGetCert (mp, X400_N_CERT_MOAC, &cert);
1375  if ( status != X400_E_NOERROR ) {
1376  fprintf (stderr, "Error getting MOAC certificate: %s\n",
1377  X400msError (status));
1378  return;
1379  }
1380 
1381  status = X400CertGetStrParam(cert, X400_S_CERT_SUBJECT_DN,
1382  buffer, sizeof buffer, &length);
1383  if (status != X400_E_NOERROR) {
1384  fprintf(stderr, "Error from CertGetStrParam: %s\n",
1385  X400msError(status));
1386  return;
1387  }
1388  fprintf(stderr,
1389  "subject DN of originator certificate '%.*s'\n", (int)length, buffer);
1390  status = X400CertGetStrParam(cert, X400_S_CERT_ISSUER_DN,
1391  buffer, sizeof buffer, &length);
1392  if (status != X400_E_NOERROR) {
1393  fprintf(stderr, "Error from CertGetStrParam: %s\n",
1394  X400msError(status));
1395  return;
1396  }
1397  fprintf(stderr,
1398  "issuer DN of originator certificate '%.*s'\n", (int)length, buffer);
1399 
1400  status = X400CertGetStrParam(cert, X400_S_OR_ADDRESS,
1401  buffer, sizeof buffer, &length);
1402  if (status != X400_E_NOERROR) {
1403  if ( status == X400_E_NO_VALUE ) {
1404  fprintf(stderr, "No ORaddress subject alt. name\n");
1405  } else {
1406  fprintf(stderr, "Error from CertGetStrParam: %s\n",
1407  X400msError(status));
1408  return;
1409  }
1410  } else {
1411  fprintf(stderr, "ORaddress subject alt name: '%.*s'\n", (int)length, buffer);
1412  }
1413 
1414  status = X400CertGetIntParam(cert, X400_N_CERT_ORADDRESS_STATUS, &paramval);
1415 
1416  if (status != X400_E_NOERROR) {
1417  fprintf(stderr, "Error from CertGetStrParam: %s\n",
1418  X400msError(status));
1419  return;
1420  }
1421 
1422  fprintf(stderr, "ORaddress subject alt name status: %s\n",
1423  X400msError (paramval));
1424 }
1425 
1426 
1427 static void show_4406_certificate (struct X400msMessage *mp)
1428 {
1429  int status;
1430  struct X400Certificate *cert;
1431  char buffer[BUFSIZ];
1432  size_t length;
1433  int paramval;
1434 
1435  status = X400msMsgGetCert (mp, X400_N_S4406_CERTIFICATE, &cert);
1436  if ( status != X400_E_NOERROR ) {
1437  fprintf (stderr, "Error getting 4406 certificate: %s\n",
1438  X400msError (status));
1439  return;
1440  }
1441 
1442  status = X400CertGetStrParam(cert, X400_S_CERT_SUBJECT_DN,
1443  buffer, sizeof buffer, &length);
1444  if (status != X400_E_NOERROR) {
1445  fprintf(stderr, "Error from CertGetStrParam: %s\n",
1446  X400msError(status));
1447  return;
1448  }
1449  fprintf(stderr, "subject DN of originator certificate '%.*s'\n",
1450  (int)length, buffer);
1451  status = X400CertGetStrParam(cert, X400_S_CERT_ISSUER_DN,
1452  buffer, sizeof buffer, &length);
1453  if (status != X400_E_NOERROR) {
1454  fprintf(stderr, "Error from CertGetStrParam: %s\n",
1455  X400msError(status));
1456  return;
1457  }
1458  fprintf(stderr, "issuer DN of originator certificate '%.*s'\n",
1459  (int)length, buffer);
1460 
1461  status = X400CertGetStrParam(cert, X400_S_OR_ADDRESS,
1462  buffer, sizeof buffer, &length);
1463  if (status != X400_E_NOERROR) {
1464  if ( status == X400_E_NO_VALUE ) {
1465  fprintf(stderr, "No ORaddress subject alt. name\n");
1466  } else {
1467  fprintf(stderr, "Error from CertGetStrParam: %s\n",
1468  X400msError(status));
1469  return;
1470  }
1471  } else {
1472  fprintf(stderr, "ORaddress subject alt name: '%.*s'\n",
1473  (int)length, buffer);
1474  }
1475 
1476  status = X400CertGetIntParam(cert, X400_N_CERT_ORADDRESS_STATUS, &paramval);
1477 
1478  if (status != X400_E_NOERROR) {
1479  fprintf(stderr, "Error from CertGetStrParam: %s\n",
1480  X400msError(status));
1481  return;
1482  }
1483 
1484  fprintf(stderr, "ORaddress subject alt name status: %s\n",
1485  X400msError (paramval));
1486  return;
1487 }
1488 
1489 static void usage(void) {
1490  printf("usage: %s\n", optstr);
1491  printf("\t where:\n");
1492  printf("\t -u : Don't prompt to override defaults \n");
1493  printf("\t -3 : Use P3 connection \n");
1494  printf("\t -7 : Use P7 connection \n");
1495  printf("\t -m : OR Address in P7 bind arg \n");
1496  printf("\t -d : DN in P7 bind arg \n");
1497  printf("\t -p : Presentation Address of P7 Store \n");
1498  printf("\t -w : P7 password of P7 user \n");
1499  printf("\t -M : OR Address in P3 bind arg \n");
1500  printf("\t -D : DN in P3 bind arg \n");
1501  printf("\t -P : Presentation Address of P3 server\n");
1502  printf("\t -W : P3 password of P3 user \n");
1503  printf("\t -o : Originator \n");
1504  printf("\t -O : Originator Return Address \n");
1505  printf("\t -r : Recipient\n");
1506  printf("\t -l : Logline\n");
1507  printf("\t -y : Priority (0 - normal, 1 - non-urgent, 2 - urgent \n");
1508  printf("\t -C : Content Type (2/22/772/OID) \n");
1509  printf("\t -i : Implicit conversion prohibited = TRUE \n");
1510  printf("\t -a : Alternate Recipient Prohibited = TRUE \n");
1511  printf("\t -q : Content Return Request = TRUE \n");
1512  printf("\t -s : Disclosure of Recipient = FALSE \n");
1513  printf("\t -A : Recipient Reassignment Prohibited = FALSE \n");
1514  printf("\t -v : Conversion with Loss Prohibited = FALSE \n");
1515  printf("\t -e : Security Environment (dir with x509 subdir): obsolete, use -Y <p12file>\n");
1516  printf("\t -x : DN of X.509 Digital Identity\n");
1517  printf("\t -b : Passphrase for private key in PKCS12 file\n");
1518  printf("\t -f : Filename to transfer as binary bp\n");
1519  printf("\t -Y : Filename of PKCS12 file containing Digital Identity\n");
1520  printf("\t -4 : Generate STANAG 4406 PCT Signatures\n");
1521  return;
1522 }
1523 
1524 
X400_S_LOG_CONFIGURATION_FILE
#define X400_S_LOG_CONFIGURATION_FILE
Definition: x400_att.h:1092
X400_S_CERT_ISSUER_DN
#define X400_S_CERT_ISSUER_DN
Definition: x400_att.h:1529
X400msMsgSend
int X400msMsgSend(struct X400msMessage *mp)
Send message object.
X400_N_S4406_CERTIFICATE
#define X400_N_S4406_CERTIFICATE
Definition: x400_att.h:624
X400_E_SIGN_NO_IDENTITY
#define X400_E_SIGN_NO_IDENTITY
Definition: x400_att.h:205
X400msMsgAddAttachment
int X400msMsgAddAttachment(struct X400msMessage *mp, int type, const char *string, size_t length)
Add attachment to the message.
X400_N_S4406_STATUS
#define X400_N_S4406_STATUS
Definition: x400_att.h:608
X400msOpen
int X400msOpen(int type, const char *oraddr, const char *dirname, const char *credentials, const char *pa, int *messages, struct X400msSession **spp)
Open a session to a Message Store (P7) or MTA (P3) in synchronous mode.
X400_S_SEC_IDENTITY
#define X400_S_SEC_IDENTITY
Definition: x400_att.h:554
X400msSetStrDefault
int X400msSetStrDefault(struct X400msSession *sp, int paramtype, const char *value, size_t length)
Set a default string parameter value in a session.
X400_E_X509_CERT_INVALID
#define X400_E_X509_CERT_INVALID
Definition: x400_att.h:199
X400_E_X509_ENV
#define X400_E_X509_ENV
Definition: x400_att.h:175
X400CertGetIntParam
int X400CertGetIntParam(struct X400Certificate *cp, int paramtype, int *valp)
Return a integer-valued parameter from the certificate object.
X400msMsgGetCert
int X400msMsgGetCert(struct X400msMessage *mp, int certtype, struct X400Certificate **certp)
Get certificate object from message This returns a certificate which was used to sign an object in th...
X400_E_X509_VERIFY_FAIL_NO_CERT
#define X400_E_X509_VERIFY_FAIL_NO_CERT
Definition: x400_att.h:184
X400_E_X509_VERIFY_FAIL_NO_PUBKEY
#define X400_E_X509_VERIFY_FAIL_NO_PUBKEY
Definition: x400_att.h:187
X400_E_NO_RECIP
#define X400_E_NO_RECIP
Definition: x400_att.h:109
X400_S_SECURITY_LABEL
#define X400_S_SECURITY_LABEL
Definition: x400_att.h:1348
X400msClose
int X400msClose(struct X400msSession *sp)
Close a X400 Session.
X400_E_NO_VALUE
#define X400_E_NO_VALUE
Definition: x400_att.h:100
X400msMsgAddIntParam
int X400msMsgAddIntParam(struct X400msMessage *mp, int paramtype, int value)
Add integer-valued parameter to the message.
X400_T_BINARY
#define X400_T_BINARY
Definition: x400_att.h:825
X400msRecipGetIntParam
int X400msRecipGetIntParam(struct X400Recipient *rp, int paramtype, int *valp)
Return a integer-valued parameter from the recipient object.
X400_S_S4406_SIGNING_TIME
#define X400_S_S4406_SIGNING_TIME
Definition: x400_att.h:629
X400msRecipAddIntParam
int X400msRecipAddIntParam(struct X400Recipient *rp, int paramtype, int value)
Add integer-valued parameter to the message.
X400_S_S4406_SECURITY_LABEL
#define X400_S_S4406_SECURITY_LABEL
Definition: x400_att.h:619
X400msRecipAddStrParam
int X400msRecipAddStrParam(struct X400Recipient *rp, int paramtype, const char *value, size_t length)
Add string-valued parameter to the message.
X400_S_DIRECTORY_NAME
#define X400_S_DIRECTORY_NAME
Definition: x400_att.h:397
X400msMsgGet
int X400msMsgGet(struct X400msSession *sp, int number, struct X400msMessage **mpp, int *typep, int *seqp)
Get message object for transfer out from MS or MTA via P3.
X400_S_MESSAGE_DELIVERY_TIME
#define X400_S_MESSAGE_DELIVERY_TIME
Definition: x400_att.h:442
X400msRecipNew
int X400msRecipNew(struct X400msMessage *mp, int type, struct X400Recipient **rpp)
Add new recipient to a message.
X400_E_X509_ITEM_INVALID
#define X400_E_X509_ITEM_INVALID
Definition: x400_att.h:202
X400_T_ISO8859_1
#define X400_T_ISO8859_1
Definition: x400_att.h:809
X400msError
const char * X400msError(int error)
Obtain a string describing the meaning of the given error code.
X400_T_IA5TEXT
#define X400_T_IA5TEXT
Definition: x400_att.h:799
X400_N_CERT_MOAC
#define X400_N_CERT_MOAC
Definition: x400_att.h:1502
X400_S_SEC_IDENTITY_DN
#define X400_S_SEC_IDENTITY_DN
Definition: x400_att.h:563
X400_RECIP_STANDARD
#define X400_RECIP_STANDARD
Definition: x400_att.h:341
X400msMsgNew
int X400msMsgNew(struct X400msSession *sp, int type, struct X400msMessage **mpp)
Creates new message.
X400_S_CONTENT_IDENTIFIER
#define X400_S_CONTENT_IDENTIFIER
Definition: x400_att.h:414
X400msWait
int X400msWait(struct X400msSession *sp, int seconds, int *count)
Wait for messages to be ready to be read.
X400_S_MESSAGE_IDENTIFIER
#define X400_S_MESSAGE_IDENTIFIER
Definition: x400_att.h:405
X400_S_SEC_IDENTITY_PASSPHRASE
#define X400_S_SEC_IDENTITY_PASSPHRASE
Definition: x400_att.h:560
X400_E_NOERROR
#define X400_E_NOERROR
Definition: x400_att.h:46
X400_N_REPORT_REQUEST
#define X400_N_REPORT_REQUEST
Definition: x400_att.h:654
X400_N_MOAC_STATUS
#define X400_N_MOAC_STATUS
Definition: x400_att.h:572
X400_S_SUBJECT_IDENTIFIER
#define X400_S_SUBJECT_IDENTIFIER
Definition: x400_att.h:1039
X400msRecipGet
int X400msRecipGet(struct X400msMessage *mp, int type, int number, struct X400Recipient **rpp)
Get recipient object from message.
X400msRecipGetStrParam
int X400msRecipGetStrParam(struct X400Recipient *rp, int paramtype, char *buffer, size_t buflen, size_t *paramlenp)
Return a string-valued parameter from the recipient object.
x400_msapi.h
X400 MA/MS (P3/P7) Interface.
X400_E_X509_VERIFY_FAIL_UNSUPPORTED_ALG
#define X400_E_X509_VERIFY_FAIL_UNSUPPORTED_ALG
Definition: x400_att.h:193
X400_E_X509_VERIFY_FAIL
#define X400_E_X509_VERIFY_FAIL
Definition: x400_att.h:196
X400_N_CERT_ORADDRESS_STATUS
#define X400_N_CERT_ORADDRESS_STATUS
Definition: x400_att.h:1535
X400msMsgGetIntParam
int X400msMsgGetIntParam(struct X400msMessage *mp, int paramtype, int *valp)
Return a integer-valued parameter from the message object.
X400_RECIP_PRIMARY
#define X400_RECIP_PRIMARY
Definition: x400_att.h:296
X400_E_X509_VERIFY_FAIL_INCOMPAT_ALG
#define X400_E_X509_VERIFY_FAIL_INCOMPAT_ALG
Definition: x400_att.h:190
X400_S_SEC_IDENTITY_FILE
#define X400_S_SEC_IDENTITY_FILE
Definition: x400_att.h:578
X400_N_S4406
#define X400_N_S4406
Definition: x400_att.h:599
X400msSetIntDefault
int X400msSetIntDefault(struct X400msSession *sp, int paramtype, int value)
Set a default integer parameter value in a session.
X400_N_NON_DELIVERY_DIAGNOSTIC
#define X400_N_NON_DELIVERY_DIAGNOSTIC
Definition: x400_att.h:1054
X400_N_NON_DELIVERY_REASON
#define X400_N_NON_DELIVERY_REASON
Definition: x400_att.h:1051
X400_S_SUBJECT
#define X400_S_SUBJECT
Definition: x400_att.h:723
X400_B_RETURN_VERIFICATION_ERRORS
#define X400_B_RETURN_VERIFICATION_ERRORS
Definition: x400_att.h:1099
X400_N_NOTIFICATION_REQUEST
#define X400_N_NOTIFICATION_REQUEST
Definition: x400_att.h:676
X400msTestSecurityEnv
int X400msTestSecurityEnv(struct X400msSession *sp)
Test the default Security Environment.
X400_S_CERT_SUBJECT_DN
#define X400_S_CERT_SUBJECT_DN
Definition: x400_att.h:1526
X400msMsgGetStrParam
int X400msMsgGetStrParam(struct X400msMessage *mp, int paramtype, char *buffer, size_t buflen, size_t *paramlenp)
Return a string-valued parameter from the message object.
X400_S_SUPPLEMENTARY_INFO
#define X400_S_SUPPLEMENTARY_INFO
Definition: x400_att.h:1042
X400_E_X509_INIT
#define X400_E_X509_INIT
Definition: x400_att.h:181
X400CertGetStrParam
int X400CertGetStrParam(struct X400Certificate *cp, int paramtype, char *buffer, size_t buflen, size_t *paramlenp)
Return a string-valued parameter from the certificate object.
X400msMsgAddStrParam
int X400msMsgAddStrParam(struct X400msMessage *mp, int paramtype, const char *value, size_t length)
Add string-valued parameter to the message.
X400_S_SEC_TRUSTED_CERTS_DIR
#define X400_S_SEC_TRUSTED_CERTS_DIR
Definition: x400_att.h:581
X400_MSG_MESSAGE
#define X400_MSG_MESSAGE
Definition: x400_att.h:29
X400_E_NOMEMORY
#define X400_E_NOMEMORY
Definition: x400_att.h:52
X400_E_SYSERROR
#define X400_E_SYSERROR
Definition: x400_att.h:49
X400_B_SEC_GEN_MOAC
#define X400_B_SEC_GEN_MOAC
Definition: x400_att.h:557
X400_E_INVALID_ATTR
#define X400_E_INVALID_ATTR
Definition: x400_att.h:94
X400_S_OR_ADDRESS
#define X400_S_OR_ADDRESS
Definition: x400_att.h:349
X400msMsgDelete
int X400msMsgDelete(struct X400msMessage *mp, int retain)
Delete message object.
X400_RECIP_REPORT
#define X400_RECIP_REPORT
Definition: x400_att.h:314