diff options
Diffstat (limited to 'src/daemon/https/x509/common.c')
-rw-r--r-- | src/daemon/https/x509/common.c | 198 |
1 files changed, 2 insertions, 196 deletions
diff --git a/src/daemon/https/x509/common.c b/src/daemon/https/x509/common.c index 1d9c60c7..2dabe3e9 100644 --- a/src/daemon/https/x509/common.c +++ b/src/daemon/https/x509/common.c | |||
@@ -218,7 +218,7 @@ MHD_gnutls_x509_dn_oid_known (const char *oid) | |||
218 | /* Returns 1 if the data defined by the OID are of a choice | 218 | /* Returns 1 if the data defined by the OID are of a choice |
219 | * type. | 219 | * type. |
220 | */ | 220 | */ |
221 | int | 221 | static int |
222 | MHD__gnutls_x509_oid_data_choice (const char *oid) | 222 | MHD__gnutls_x509_oid_data_choice (const char *oid) |
223 | { | 223 | { |
224 | int i = 0; | 224 | int i = 0; |
@@ -815,7 +815,7 @@ MHD__gnutls_x509_export_int (ASN1_TYPE MHD__asn1_data, | |||
815 | * octet string. Otherwise put something like BMPString, PrintableString | 815 | * octet string. Otherwise put something like BMPString, PrintableString |
816 | * etc. | 816 | * etc. |
817 | */ | 817 | */ |
818 | int | 818 | static int |
819 | MHD__gnutls_x509_decode_octet_string (const char *string_type, | 819 | MHD__gnutls_x509_decode_octet_string (const char *string_type, |
820 | const opaque * der, | 820 | const opaque * der, |
821 | size_t der_size, | 821 | size_t der_size, |
@@ -1029,200 +1029,6 @@ cleanup:MHD_gnutls_free (data); | |||
1029 | 1029 | ||
1030 | } | 1030 | } |
1031 | 1031 | ||
1032 | /* DER Encodes the src ASN1_TYPE and stores it to | ||
1033 | * dest in dest_name. Useful to encode something and store it | ||
1034 | * as OCTET. If str is non null then the data are encoded as | ||
1035 | * an OCTET STRING. | ||
1036 | */ | ||
1037 | int | ||
1038 | MHD__gnutls_x509_der_encode_and_copy (ASN1_TYPE src, | ||
1039 | const char *src_name, | ||
1040 | ASN1_TYPE dest, | ||
1041 | const char *dest_name, int str) | ||
1042 | { | ||
1043 | int result; | ||
1044 | MHD_gnutls_datum_t encoded; | ||
1045 | |||
1046 | result = MHD__gnutls_x509_der_encode (src, src_name, &encoded, str); | ||
1047 | |||
1048 | if (result < 0) | ||
1049 | { | ||
1050 | MHD_gnutls_assert (); | ||
1051 | return result; | ||
1052 | } | ||
1053 | |||
1054 | /* Write the data. | ||
1055 | */ | ||
1056 | result = | ||
1057 | MHD__asn1_write_value (dest, dest_name, encoded.data, encoded.size); | ||
1058 | |||
1059 | MHD__gnutls_free_datum (&encoded); | ||
1060 | |||
1061 | if (result != ASN1_SUCCESS) | ||
1062 | { | ||
1063 | MHD_gnutls_assert (); | ||
1064 | return MHD_gtls_asn2err (result); | ||
1065 | } | ||
1066 | |||
1067 | return 0; | ||
1068 | } | ||
1069 | |||
1070 | /* Writes the value of the datum in the given ASN1_TYPE. If str is non | ||
1071 | * zero it encodes it as OCTET STRING. | ||
1072 | */ | ||
1073 | int | ||
1074 | MHD__gnutls_x509_write_value (ASN1_TYPE c, | ||
1075 | const char *root, | ||
1076 | const MHD_gnutls_datum_t * data, int str) | ||
1077 | { | ||
1078 | int result; | ||
1079 | int asize; | ||
1080 | ASN1_TYPE c2 = ASN1_TYPE_EMPTY; | ||
1081 | MHD_gnutls_datum_t val; | ||
1082 | |||
1083 | asize = data->size + 16; | ||
1084 | |||
1085 | val.data = MHD_gnutls_malloc (asize); | ||
1086 | if (val.data == NULL) | ||
1087 | { | ||
1088 | MHD_gnutls_assert (); | ||
1089 | result = GNUTLS_E_MEMORY_ERROR; | ||
1090 | goto cleanup; | ||
1091 | } | ||
1092 | |||
1093 | if (str) | ||
1094 | { | ||
1095 | /* Convert it to OCTET STRING | ||
1096 | */ | ||
1097 | if ((result = | ||
1098 | MHD__asn1_create_element (MHD__gnutls_get_pkix (), | ||
1099 | "PKIX1.pkcs-7-Data", | ||
1100 | &c2)) != ASN1_SUCCESS) | ||
1101 | { | ||
1102 | MHD_gnutls_assert (); | ||
1103 | result = MHD_gtls_asn2err (result); | ||
1104 | goto cleanup; | ||
1105 | } | ||
1106 | |||
1107 | result = MHD__asn1_write_value (c2, "", data->data, data->size); | ||
1108 | if (result != ASN1_SUCCESS) | ||
1109 | { | ||
1110 | MHD_gnutls_assert (); | ||
1111 | result = MHD_gtls_asn2err (result); | ||
1112 | goto cleanup; | ||
1113 | } | ||
1114 | |||
1115 | result = MHD__gnutls_x509_der_encode (c2, "", &val, 0); | ||
1116 | if (result < 0) | ||
1117 | { | ||
1118 | MHD_gnutls_assert (); | ||
1119 | goto cleanup; | ||
1120 | } | ||
1121 | |||
1122 | } | ||
1123 | else | ||
1124 | { | ||
1125 | val.data = data->data; | ||
1126 | val.size = data->size; | ||
1127 | } | ||
1128 | |||
1129 | /* Write the data. | ||
1130 | */ | ||
1131 | result = MHD__asn1_write_value (c, root, val.data, val.size); | ||
1132 | |||
1133 | if (val.data != data->data) | ||
1134 | MHD__gnutls_free_datum (&val); | ||
1135 | |||
1136 | if (result != ASN1_SUCCESS) | ||
1137 | { | ||
1138 | MHD_gnutls_assert (); | ||
1139 | return MHD_gtls_asn2err (result); | ||
1140 | } | ||
1141 | |||
1142 | return 0; | ||
1143 | |||
1144 | cleanup:if (val.data != data->data) | ||
1145 | MHD__gnutls_free_datum (&val); | ||
1146 | return result; | ||
1147 | } | ||
1148 | |||
1149 | /* Encodes and copies the private key parameters into a | ||
1150 | * subjectPublicKeyInfo structure. | ||
1151 | * | ||
1152 | */ | ||
1153 | int | ||
1154 | MHD__gnutls_x509_encode_and_copy_PKI_params (ASN1_TYPE dst, | ||
1155 | const char *dst_name, | ||
1156 | enum | ||
1157 | MHD_GNUTLS_PublicKeyAlgorithm | ||
1158 | pk_algorithm, mpi_t * params, | ||
1159 | int params_size) | ||
1160 | { | ||
1161 | const char *pk; | ||
1162 | MHD_gnutls_datum_t der = { NULL, | ||
1163 | 0 | ||
1164 | }; | ||
1165 | int result; | ||
1166 | char name[128]; | ||
1167 | |||
1168 | pk = MHD_gtls_x509_pk_to_oid (pk_algorithm); | ||
1169 | if (pk == NULL) | ||
1170 | { | ||
1171 | MHD_gnutls_assert (); | ||
1172 | return GNUTLS_E_UNKNOWN_PK_ALGORITHM; | ||
1173 | } | ||
1174 | |||
1175 | /* write the OID | ||
1176 | */ | ||
1177 | MHD_gtls_str_cpy (name, sizeof (name), dst_name); | ||
1178 | MHD_gtls_str_cat (name, sizeof (name), ".algorithm.algorithm"); | ||
1179 | result = MHD__asn1_write_value (dst, name, pk, 1); | ||
1180 | if (result != ASN1_SUCCESS) | ||
1181 | { | ||
1182 | MHD_gnutls_assert (); | ||
1183 | return MHD_gtls_asn2err (result); | ||
1184 | } | ||
1185 | |||
1186 | if (pk_algorithm == MHD_GNUTLS_PK_RSA) | ||
1187 | { | ||
1188 | /* disable parameters, which are not used in RSA. | ||
1189 | */ | ||
1190 | MHD_gtls_str_cpy (name, sizeof (name), dst_name); | ||
1191 | MHD_gtls_str_cat (name, sizeof (name), ".algorithm.parameters"); | ||
1192 | result = MHD__asn1_write_value (dst, name, NULL, 0); | ||
1193 | if (result != ASN1_SUCCESS) | ||
1194 | { | ||
1195 | MHD_gnutls_assert (); | ||
1196 | return MHD_gtls_asn2err (result); | ||
1197 | } | ||
1198 | |||
1199 | result = MHD__gnutls_x509_write_rsa_params (params, params_size, &der); | ||
1200 | if (result < 0) | ||
1201 | { | ||
1202 | MHD_gnutls_assert (); | ||
1203 | return result; | ||
1204 | } | ||
1205 | |||
1206 | /* Write the DER parameters. (in bits) | ||
1207 | */ | ||
1208 | MHD_gtls_str_cpy (name, sizeof (name), dst_name); | ||
1209 | MHD_gtls_str_cat (name, sizeof (name), ".subjectPublicKey"); | ||
1210 | result = MHD__asn1_write_value (dst, name, der.data, der.size * 8); | ||
1211 | |||
1212 | MHD__gnutls_free_datum (&der); | ||
1213 | |||
1214 | if (result != ASN1_SUCCESS) | ||
1215 | { | ||
1216 | MHD_gnutls_assert (); | ||
1217 | return MHD_gtls_asn2err (result); | ||
1218 | } | ||
1219 | } | ||
1220 | else | ||
1221 | return GNUTLS_E_UNIMPLEMENTED_FEATURE; | ||
1222 | |||
1223 | return 0; | ||
1224 | } | ||
1225 | |||
1226 | /* Reads and returns the PK algorithm of the given certificate-like | 1032 | /* Reads and returns the PK algorithm of the given certificate-like |
1227 | * ASN.1 structure. src_name should be something like "tbsCertificate.subjectPublicKeyInfo". | 1033 | * ASN.1 structure. src_name should be something like "tbsCertificate.subjectPublicKeyInfo". |
1228 | */ | 1034 | */ |