|
midrange.com
Sean,
Here's how I parse a client certificate made available on the HTTP server that
requires a digital cert for authentication.
There are as many as 22 entries in the returned array structure.
The certificate length required by the API is made available by the HTTP server
in an environment variable
which I use to populate variable alength (not shown)
D ParseCert PR ExtProc('QsyParseCertificate')
D $Cert * value
D $Certtype 10I 0 value
D $Certlen 10I 0 value
D $Format 8
D $Output * value
D $Outputlen 10I 0 value
D $Qusec * value
D Qusec DS
D QUSBPRV 10I 0 Inz(0)
D QUSBAVL 10I 0
D QUSEI 7
D QUSERVD 1
D QUSEXCP 256
D n S 5 0
D DS
D alength 9
D clength 9
D nlength 9 0 OVERLAY(clength)
D Cert S 32767
D CertLen S 10I 0
D CertType S 10I 0
D ParseData S Like(Cert)
D ParseDataLen S Like(CertLen)
D Inz(%size(ParseData))
D ParseFmt S 8 Inz('CERT0200')
D ListEntry DS
D FldOff 1 4B 0
D FldLen 5 8B 0
D
D FldVal DS 2000
D FldValue 100
C Exsr Parse
*---------------------------------------------------------------------
C Parse Begsr
C Eval CertLen = nlength
C Eval CertType = 3
* Parse certificate
C Callp ParseCert(%addr(Cert):CertType:CertLen:
C ParseFmt:%addr(ParseData):ParseDataLen:
C %addr(Qusec))
C 1 Do 22 n
C Eval ListEntry = %subst(ParseData:n*8+1:8)
C Eval Fldval = *blanks
C Eval FldOff= FldOff + 1
C If FldLen > 0
C Eval Fldval = %subst(ParseData:FldOff:FldLen)
C Select
C Endif
C Enddo
C Endsr
Cheers, Peter
-----Original Message-----
From: rpg400-l-bounces+peter.connell=baycorpadvantage.com@xxxxxxxxxxxx
[mailto:rpg400-l-bounces+peter.connell=baycorpadvantage.com@xxxxxxxxxxxx
]On Behalf Of Sean Porterfield
Sent: Wednesday, October 22, 2003 9:44 AM
To: rpg400-l@xxxxxxxxxxxx
Subject: QSYPARSC / QsyParseCertificate
I'm having a lot of trouble trying to parse a certificate and found no
references in the archive or google groups. I want to check some
information in a certificate from my telnet exit point program.
It's quite likely I'm doing something wrong!
I'll try to paste in the relevant portions. If anyone sees anything wrong
or missing, I'd greatly appreciate the info.
D ParseCert PR ExtProc('QsyParseCertificate')
D Certificate 32766A const options(*varsize)
D CertType 10I 0 const
D CertLen 10I 0 const
D CertFmt 8A const
D CertRcvr 32766A options(*varsize)
D CertRcvrLen 10I 0 const
D CertErr 32766A options(*varsize)
D p_Crt S *
D Crt S 32766A based(p_Crt)
D CrtType S 10I 0 Inz(1)
D CrtRcvrLen S 10I 0 Inz(32766)
** Connection information provided by telnet server (this part is apparently
working since I get the IP address and SSL flags.)
D p_CnnDscInfo S * inz(*NULL)
D dsCnnDscInfo DS based(p_CnnDscInfo)
D dsCnnLen 10I 0
D dsCnnAddr 20A
Client IP address
D dsCnnPWvalid 1A
D dsCnnWStype 12A
D dsCnnRsv1 2A
Part of WStype?
D dsCnnSSL 1A
D dsCnnSvrAddr 20A
Server IP address
D dsCnnClAut 1A
Client Auth Level
D dsCnnRsv2 3A
D dsCnnCertVld 10I 0
D dsCnnCertOff 10I 0
Offset to Cert
D dsCnnCertLen 10I 0
Certificate Length
D p_Cert S * inz(*NULL)
D dsCert DS based(p_Cert)
D dsCertCNOff 105 108I 0
Common Name (user)
c eval p_Crt = p_CnnDscInfo + dsCnnCertOff
c alloc 32766 p_Cert
c callp ParseCert(Crt : CrtType : CrtRcvrLen
c : 'CERT0200' : dsCert : CrtRcvrLen :
dsEC)
At this point I believe dsCertCNOff should have the offset to the Common
Name on the certificate. Every time I try it, I get 0. The API doc says
"If ... the offset to a field is 0, then the field does not contain any
information." I know the CN of the cert does contain information.
I've tried certificate type 1 and 3; I've tried format CERT0210 as well.
Any ideas? Have I provided enough info?
Thanks, all!
_______________________________________________
This is the RPG programming on the AS400 / iSeries (RPG400-L) mailing list
To post a message email: RPG400-L@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/rpg400-l
or email: RPG400-L-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/rpg400-l.
This correspondence is for the named person's use only. It may contain
confidential or legally privileged information, or both. No confidentiality or
privilege is waived or lost by any mistransmission. If you receive this
correspondence in error, please immediately delete it from your system and
notify the sender. You must not disclose, copy or rely on any part of this
correspondence if you are not the intended recipient. Any views expressed in
this message are those of the individual sender, except where the sender
expressly, and with authority, states them to be the views of Baycorp
Advantage.If you need assistance, please contact Baycorp Advantage on either :-
Australia 133124 or New Zealand +64 9 356 5800
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.
