aboutsummaryrefslogtreecommitdiff
path: root/src/daemon/https/x509/crl.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/daemon/https/x509/crl.c')
-rw-r--r--src/daemon/https/x509/crl.c274
1 files changed, 0 insertions, 274 deletions
diff --git a/src/daemon/https/x509/crl.c b/src/daemon/https/x509/crl.c
index e023a193..98a9748b 100644
--- a/src/daemon/https/x509/crl.c
+++ b/src/daemon/https/x509/crl.c
@@ -164,113 +164,6 @@ cleanup:
164 164
165 165
166/** 166/**
167 * MHD_gnutls_x509_crl_get_issuer_dn - This function returns the CRL's issuer distinguished name
168 * @crl: should contain a MHD_gnutls_x509_crl_t structure
169 * @buf: a pointer to a structure to hold the peer's name (may be null)
170 * @sizeof_buf: initially holds the size of @buf
171 *
172 * This function will copy the name of the CRL issuer in the provided buffer. The name
173 * will be in the form "C=xxxx,O=yyyy,CN=zzzz" as described in RFC2253. The output
174 * string will be ASCII or UTF-8 encoded, depending on the certificate data.
175 *
176 * If buf is null then only the size will be filled.
177 *
178 * Returns GNUTLS_E_SHORT_MEMORY_BUFFER if the provided buffer is not long enough, and
179 * in that case the sizeof_buf will be updated with the required size, and
180 * 0 on success.
181 *
182 **/
183int
184MHD_gnutls_x509_crl_get_issuer_dn (const MHD_gnutls_x509_crl_t crl, char *buf,
185 size_t * sizeof_buf)
186{
187 if (crl == NULL)
188 {
189 MHD_gnutls_assert ();
190 return GNUTLS_E_INVALID_REQUEST;
191 }
192
193 return MHD__gnutls_x509_parse_dn (crl->crl,
194 "tbsCertList.issuer.rdnSequence",
195 buf, sizeof_buf);
196}
197
198/**
199 * MHD_gnutls_x509_crl_get_issuer_dn_by_oid - This function returns the CRL's issuer distinguished name
200 * @crl: should contain a MHD_gnutls_x509_crl_t structure
201 * @oid: holds an Object Identified in null terminated string
202 * @indx: In case multiple same OIDs exist in the RDN, this specifies which to send. Use zero to get the first one.
203 * @raw_flag: If non zero returns the raw DER data of the DN part.
204 * @buf: a pointer to a structure to hold the peer's name (may be null)
205 * @sizeof_buf: initially holds the size of @buf
206 *
207 * This function will extract the part of the name of the CRL issuer specified
208 * by the given OID. The output will be encoded as described in RFC2253. The output
209 * string will be ASCII or UTF-8 encoded, depending on the certificate data.
210 *
211 * Some helper macros with popular OIDs can be found in gnutls/x509.h
212 * If raw flag is zero, this function will only return known OIDs as text. Other OIDs
213 * will be DER encoded, as described in RFC2253 -- in hex format with a '\#' prefix.
214 * You can check about known OIDs using MHD_gnutls_x509_dn_oid_known().
215 *
216 * If buf is null then only the size will be filled.
217 *
218 * Returns GNUTLS_E_SHORT_MEMORY_BUFFER if the provided buffer is not long enough, and
219 * in that case the sizeof_buf will be updated with the required size,
220 * and 0 on success.
221 *
222 **/
223int
224MHD_gnutls_x509_crl_get_issuer_dn_by_oid (MHD_gnutls_x509_crl_t crl,
225 const char *oid, int indx,
226 unsigned int raw_flag, void *buf,
227 size_t * sizeof_buf)
228{
229 if (crl == NULL)
230 {
231 MHD_gnutls_assert ();
232 return GNUTLS_E_INVALID_REQUEST;
233 }
234
235 return MHD__gnutls_x509_parse_dn_oid (crl->crl,
236 "tbsCertList.issuer.rdnSequence",
237 oid, indx, raw_flag, buf, sizeof_buf);
238}
239
240/**
241 * MHD_gnutls_x509_crl_get_dn_oid - This function returns the Certificate request issuer's distinguished name OIDs
242 * @crl: should contain a MHD_gnutls_x509_crl_t structure
243 * @indx: Specifies which DN OID to send. Use zero to get the first one.
244 * @oid: a pointer to a structure to hold the name (may be null)
245 * @sizeof_oid: initially holds the size of 'oid'
246 *
247 * This function will extract the requested OID of the name of the CRL issuer, specified
248 * by the given index.
249 *
250 * If oid is null then only the size will be filled.
251 *
252 * Returns GNUTLS_E_SHORT_MEMORY_BUFFER if the provided buffer is not long enough, and
253 * in that case the sizeof_oid will be updated with the required size.
254 * On success 0 is returned.
255 *
256 **/
257int
258MHD_gnutls_x509_crl_get_dn_oid (MHD_gnutls_x509_crl_t crl,
259 int indx, void *oid, size_t * sizeof_oid)
260{
261 if (crl == NULL)
262 {
263 MHD_gnutls_assert ();
264 return GNUTLS_E_INVALID_REQUEST;
265 }
266
267 return MHD__gnutls_x509_get_dn_oid (crl->crl,
268 "tbsCertList.issuer.rdnSequence", indx,
269 oid, sizeof_oid);
270}
271
272
273/**
274 * MHD_gnutls_x509_crl_get_signature_algorithm - This function returns the CRL's signature algorithm 167 * MHD_gnutls_x509_crl_get_signature_algorithm - This function returns the CRL's signature algorithm
275 * @crl: should contain a MHD_gnutls_x509_crl_t structure 168 * @crl: should contain a MHD_gnutls_x509_crl_t structure
276 * 169 *
@@ -368,82 +261,6 @@ MHD_gnutls_x509_crl_get_signature (MHD_gnutls_x509_crl_t crl,
368 return 0; 261 return 0;
369} 262}
370 263
371/**
372 * MHD_gnutls_x509_crl_get_version - This function returns the CRL's version number
373 * @crl: should contain a MHD_gnutls_x509_crl_t structure
374 *
375 * This function will return the version of the specified CRL.
376 *
377 * Returns a negative value on error.
378 *
379 **/
380int
381MHD_gnutls_x509_crl_get_version (MHD_gnutls_x509_crl_t crl)
382{
383 opaque version[5];
384 int len, result;
385
386 if (crl == NULL)
387 {
388 MHD_gnutls_assert ();
389 return GNUTLS_E_INVALID_REQUEST;
390 }
391
392 len = sizeof (version);
393 if ((result =
394 MHD__asn1_read_value (crl->crl, "tbsCertList.version", version,
395 &len)) != ASN1_SUCCESS)
396 {
397 MHD_gnutls_assert ();
398 return MHD_gtls_asn2err (result);
399 }
400
401 return (int) version[0] + 1;
402}
403
404/**
405 * MHD_gnutls_x509_crl_get_this_update - This function returns the CRL's thisUpdate time
406 * @crl: should contain a MHD_gnutls_x509_crl_t structure
407 *
408 * This function will return the time this CRL was issued.
409 *
410 * Returns (time_t)-1 on error.
411 *
412 **/
413time_t
414MHD_gnutls_x509_crl_get_this_update (MHD_gnutls_x509_crl_t crl)
415{
416 if (crl == NULL)
417 {
418 MHD_gnutls_assert ();
419 return (time_t) - 1;
420 }
421
422 return MHD__gnutls_x509_get_time (crl->crl, "tbsCertList.thisUpdate");
423}
424
425/**
426 * MHD_gnutls_x509_crl_get_next_update - This function returns the CRL's nextUpdate time
427 * @crl: should contain a MHD_gnutls_x509_crl_t structure
428 *
429 * This function will return the time the next CRL will be issued.
430 * This field is optional in a CRL so it might be normal to get
431 * an error instead.
432 *
433 * Returns (time_t)-1 on error.
434 *
435 **/
436time_t
437MHD_gnutls_x509_crl_get_next_update (MHD_gnutls_x509_crl_t crl)
438{
439 if (crl == NULL)
440 {
441 MHD_gnutls_assert ();
442 return (time_t) - 1;
443 }
444
445 return MHD__gnutls_x509_get_time (crl->crl, "tbsCertList.nextUpdate");
446}
447 264
448/** 265/**
449 * MHD_gnutls_x509_crl_get_crt_count - This function returns the number of revoked certificates in a CRL 266 * MHD_gnutls_x509_crl_get_crt_count - This function returns the number of revoked certificates in a CRL
@@ -617,95 +434,4 @@ cleanup:
617 return result; 434 return result;
618} 435}
619 436
620/**
621 * MHD_gnutls_x509_crl_export - This function will export the CRL
622 * @crl: Holds the revocation list
623 * @format: the format of output params. One of PEM or DER.
624 * @output_data: will contain a private key PEM or DER encoded
625 * @output_data_size: holds the size of output_data (and will be replaced by the actual size of parameters)
626 *
627 * This function will export the revocation list to DER or PEM format.
628 *
629 * If the buffer provided is not long enough to hold the output, then
630 * GNUTLS_E_SHORT_MEMORY_BUFFER will be returned.
631 *
632 * If the structure is PEM encoded, it will have a header
633 * of "BEGIN X509 CRL".
634 *
635 * Returns 0 on success, and a negative value on failure.
636 *
637 **/
638int
639MHD_gnutls_x509_crl_export (MHD_gnutls_x509_crl_t crl,
640 MHD_gnutls_x509_crt_fmt_t format,
641 void *output_data, size_t * output_data_size)
642{
643 if (crl == NULL)
644 {
645 MHD_gnutls_assert ();
646 return GNUTLS_E_INVALID_REQUEST;
647 }
648
649 return MHD__gnutls_x509_export_int (crl->crl, format, PEM_CRL,
650 output_data, output_data_size);
651}
652
653/*-
654 * MHD__gnutls_x509_crl_cpy - This function copies a MHD_gnutls_x509_crl_t structure
655 * @dest: The structure where to copy
656 * @src: The structure to be copied
657 *
658 * This function will copy an X.509 certificate structure.
659 *
660 * Returns 0 on success.
661 *
662 -*/
663int
664MHD__gnutls_x509_crl_cpy (MHD_gnutls_x509_crl_t dest,
665 MHD_gnutls_x509_crl_t src)
666{
667 int ret;
668 size_t der_size;
669 opaque *der;
670 MHD_gnutls_datum_t tmp;
671
672 ret =
673 MHD_gnutls_x509_crl_export (src, GNUTLS_X509_FMT_DER, NULL, &der_size);
674 if (ret != GNUTLS_E_SHORT_MEMORY_BUFFER)
675 {
676 MHD_gnutls_assert ();
677 return ret;
678 }
679
680 der = MHD_gnutls_alloca (der_size);
681 if (der == NULL)
682 {
683 MHD_gnutls_assert ();
684 return GNUTLS_E_MEMORY_ERROR;
685 }
686
687 ret = MHD_gnutls_x509_crl_export (src, GNUTLS_X509_FMT_DER, der, &der_size);
688 if (ret < 0)
689 {
690 MHD_gnutls_assert ();
691 MHD_gnutls_afree (der);
692 return ret;
693 }
694
695 tmp.data = der;
696 tmp.size = der_size;
697 ret = MHD_gnutls_x509_crl_import (dest, &tmp, GNUTLS_X509_FMT_DER);
698
699 MHD_gnutls_afree (der);
700
701 if (ret < 0)
702 {
703 MHD_gnutls_assert ();
704 return ret;
705 }
706
707 return 0;
708
709}
710
711#endif 437#endif