diff options
Diffstat (limited to 'src/daemon/https/x509/crl.c')
-rw-r--r-- | src/daemon/https/x509/crl.c | 274 |
1 files changed, 0 insertions, 274 deletions
diff --git a/src/daemon/https/x509/crl.c b/src/daemon/https/x509/crl.c index e023a193..98a9748b 100644 --- a/src/daemon/https/x509/crl.c +++ b/src/daemon/https/x509/crl.c | |||
@@ -164,113 +164,6 @@ cleanup: | |||
164 | 164 | ||
165 | 165 | ||
166 | /** | 166 | /** |
167 | * MHD_gnutls_x509_crl_get_issuer_dn - This function returns the CRL's issuer distinguished name | ||
168 | * @crl: should contain a MHD_gnutls_x509_crl_t structure | ||
169 | * @buf: a pointer to a structure to hold the peer's name (may be null) | ||
170 | * @sizeof_buf: initially holds the size of @buf | ||
171 | * | ||
172 | * This function will copy the name of the CRL issuer in the provided buffer. The name | ||
173 | * will be in the form "C=xxxx,O=yyyy,CN=zzzz" as described in RFC2253. The output | ||
174 | * string will be ASCII or UTF-8 encoded, depending on the certificate data. | ||
175 | * | ||
176 | * If buf is null then only the size will be filled. | ||
177 | * | ||
178 | * Returns GNUTLS_E_SHORT_MEMORY_BUFFER if the provided buffer is not long enough, and | ||
179 | * in that case the sizeof_buf will be updated with the required size, and | ||
180 | * 0 on success. | ||
181 | * | ||
182 | **/ | ||
183 | int | ||
184 | MHD_gnutls_x509_crl_get_issuer_dn (const MHD_gnutls_x509_crl_t crl, char *buf, | ||
185 | size_t * sizeof_buf) | ||
186 | { | ||
187 | if (crl == NULL) | ||
188 | { | ||
189 | MHD_gnutls_assert (); | ||
190 | return GNUTLS_E_INVALID_REQUEST; | ||
191 | } | ||
192 | |||
193 | return MHD__gnutls_x509_parse_dn (crl->crl, | ||
194 | "tbsCertList.issuer.rdnSequence", | ||
195 | buf, sizeof_buf); | ||
196 | } | ||
197 | |||
198 | /** | ||
199 | * MHD_gnutls_x509_crl_get_issuer_dn_by_oid - This function returns the CRL's issuer distinguished name | ||
200 | * @crl: should contain a MHD_gnutls_x509_crl_t structure | ||
201 | * @oid: holds an Object Identified in null terminated string | ||
202 | * @indx: In case multiple same OIDs exist in the RDN, this specifies which to send. Use zero to get the first one. | ||
203 | * @raw_flag: If non zero returns the raw DER data of the DN part. | ||
204 | * @buf: a pointer to a structure to hold the peer's name (may be null) | ||
205 | * @sizeof_buf: initially holds the size of @buf | ||
206 | * | ||
207 | * This function will extract the part of the name of the CRL issuer specified | ||
208 | * by the given OID. The output will be encoded as described in RFC2253. The output | ||
209 | * string will be ASCII or UTF-8 encoded, depending on the certificate data. | ||
210 | * | ||
211 | * Some helper macros with popular OIDs can be found in gnutls/x509.h | ||
212 | * If raw flag is zero, this function will only return known OIDs as text. Other OIDs | ||
213 | * will be DER encoded, as described in RFC2253 -- in hex format with a '\#' prefix. | ||
214 | * You can check about known OIDs using MHD_gnutls_x509_dn_oid_known(). | ||
215 | * | ||
216 | * If buf is null then only the size will be filled. | ||
217 | * | ||
218 | * Returns GNUTLS_E_SHORT_MEMORY_BUFFER if the provided buffer is not long enough, and | ||
219 | * in that case the sizeof_buf will be updated with the required size, | ||
220 | * and 0 on success. | ||
221 | * | ||
222 | **/ | ||
223 | int | ||
224 | MHD_gnutls_x509_crl_get_issuer_dn_by_oid (MHD_gnutls_x509_crl_t crl, | ||
225 | const char *oid, int indx, | ||
226 | unsigned int raw_flag, void *buf, | ||
227 | size_t * sizeof_buf) | ||
228 | { | ||
229 | if (crl == NULL) | ||
230 | { | ||
231 | MHD_gnutls_assert (); | ||
232 | return GNUTLS_E_INVALID_REQUEST; | ||
233 | } | ||
234 | |||
235 | return MHD__gnutls_x509_parse_dn_oid (crl->crl, | ||
236 | "tbsCertList.issuer.rdnSequence", | ||
237 | oid, indx, raw_flag, buf, sizeof_buf); | ||
238 | } | ||
239 | |||
240 | /** | ||
241 | * MHD_gnutls_x509_crl_get_dn_oid - This function returns the Certificate request issuer's distinguished name OIDs | ||
242 | * @crl: should contain a MHD_gnutls_x509_crl_t structure | ||
243 | * @indx: Specifies which DN OID to send. Use zero to get the first one. | ||
244 | * @oid: a pointer to a structure to hold the name (may be null) | ||
245 | * @sizeof_oid: initially holds the size of 'oid' | ||
246 | * | ||
247 | * This function will extract the requested OID of the name of the CRL issuer, specified | ||
248 | * by the given index. | ||
249 | * | ||
250 | * If oid is null then only the size will be filled. | ||
251 | * | ||
252 | * Returns GNUTLS_E_SHORT_MEMORY_BUFFER if the provided buffer is not long enough, and | ||
253 | * in that case the sizeof_oid will be updated with the required size. | ||
254 | * On success 0 is returned. | ||
255 | * | ||
256 | **/ | ||
257 | int | ||
258 | MHD_gnutls_x509_crl_get_dn_oid (MHD_gnutls_x509_crl_t crl, | ||
259 | int indx, void *oid, size_t * sizeof_oid) | ||
260 | { | ||
261 | if (crl == NULL) | ||
262 | { | ||
263 | MHD_gnutls_assert (); | ||
264 | return GNUTLS_E_INVALID_REQUEST; | ||
265 | } | ||
266 | |||
267 | return MHD__gnutls_x509_get_dn_oid (crl->crl, | ||
268 | "tbsCertList.issuer.rdnSequence", indx, | ||
269 | oid, sizeof_oid); | ||
270 | } | ||
271 | |||
272 | |||
273 | /** | ||
274 | * MHD_gnutls_x509_crl_get_signature_algorithm - This function returns the CRL's signature algorithm | 167 | * MHD_gnutls_x509_crl_get_signature_algorithm - This function returns the CRL's signature algorithm |
275 | * @crl: should contain a MHD_gnutls_x509_crl_t structure | 168 | * @crl: should contain a MHD_gnutls_x509_crl_t structure |
276 | * | 169 | * |
@@ -368,82 +261,6 @@ MHD_gnutls_x509_crl_get_signature (MHD_gnutls_x509_crl_t crl, | |||
368 | return 0; | 261 | return 0; |
369 | } | 262 | } |
370 | 263 | ||
371 | /** | ||
372 | * MHD_gnutls_x509_crl_get_version - This function returns the CRL's version number | ||
373 | * @crl: should contain a MHD_gnutls_x509_crl_t structure | ||
374 | * | ||
375 | * This function will return the version of the specified CRL. | ||
376 | * | ||
377 | * Returns a negative value on error. | ||
378 | * | ||
379 | **/ | ||
380 | int | ||
381 | MHD_gnutls_x509_crl_get_version (MHD_gnutls_x509_crl_t crl) | ||
382 | { | ||
383 | opaque version[5]; | ||
384 | int len, result; | ||
385 | |||
386 | if (crl == NULL) | ||
387 | { | ||
388 | MHD_gnutls_assert (); | ||
389 | return GNUTLS_E_INVALID_REQUEST; | ||
390 | } | ||
391 | |||
392 | len = sizeof (version); | ||
393 | if ((result = | ||
394 | MHD__asn1_read_value (crl->crl, "tbsCertList.version", version, | ||
395 | &len)) != ASN1_SUCCESS) | ||
396 | { | ||
397 | MHD_gnutls_assert (); | ||
398 | return MHD_gtls_asn2err (result); | ||
399 | } | ||
400 | |||
401 | return (int) version[0] + 1; | ||
402 | } | ||
403 | |||
404 | /** | ||
405 | * MHD_gnutls_x509_crl_get_this_update - This function returns the CRL's thisUpdate time | ||
406 | * @crl: should contain a MHD_gnutls_x509_crl_t structure | ||
407 | * | ||
408 | * This function will return the time this CRL was issued. | ||
409 | * | ||
410 | * Returns (time_t)-1 on error. | ||
411 | * | ||
412 | **/ | ||
413 | time_t | ||
414 | MHD_gnutls_x509_crl_get_this_update (MHD_gnutls_x509_crl_t crl) | ||
415 | { | ||
416 | if (crl == NULL) | ||
417 | { | ||
418 | MHD_gnutls_assert (); | ||
419 | return (time_t) - 1; | ||
420 | } | ||
421 | |||
422 | return MHD__gnutls_x509_get_time (crl->crl, "tbsCertList.thisUpdate"); | ||
423 | } | ||
424 | |||
425 | /** | ||
426 | * MHD_gnutls_x509_crl_get_next_update - This function returns the CRL's nextUpdate time | ||
427 | * @crl: should contain a MHD_gnutls_x509_crl_t structure | ||
428 | * | ||
429 | * This function will return the time the next CRL will be issued. | ||
430 | * This field is optional in a CRL so it might be normal to get | ||
431 | * an error instead. | ||
432 | * | ||
433 | * Returns (time_t)-1 on error. | ||
434 | * | ||
435 | **/ | ||
436 | time_t | ||
437 | MHD_gnutls_x509_crl_get_next_update (MHD_gnutls_x509_crl_t crl) | ||
438 | { | ||
439 | if (crl == NULL) | ||
440 | { | ||
441 | MHD_gnutls_assert (); | ||
442 | return (time_t) - 1; | ||
443 | } | ||
444 | |||
445 | return MHD__gnutls_x509_get_time (crl->crl, "tbsCertList.nextUpdate"); | ||
446 | } | ||
447 | 264 | ||
448 | /** | 265 | /** |
449 | * MHD_gnutls_x509_crl_get_crt_count - This function returns the number of revoked certificates in a CRL | 266 | * MHD_gnutls_x509_crl_get_crt_count - This function returns the number of revoked certificates in a CRL |
@@ -617,95 +434,4 @@ cleanup: | |||
617 | return result; | 434 | return result; |
618 | } | 435 | } |
619 | 436 | ||
620 | /** | ||
621 | * MHD_gnutls_x509_crl_export - This function will export the CRL | ||
622 | * @crl: Holds the revocation list | ||
623 | * @format: the format of output params. One of PEM or DER. | ||
624 | * @output_data: will contain a private key PEM or DER encoded | ||
625 | * @output_data_size: holds the size of output_data (and will be replaced by the actual size of parameters) | ||
626 | * | ||
627 | * This function will export the revocation list to DER or PEM format. | ||
628 | * | ||
629 | * If the buffer provided is not long enough to hold the output, then | ||
630 | * GNUTLS_E_SHORT_MEMORY_BUFFER will be returned. | ||
631 | * | ||
632 | * If the structure is PEM encoded, it will have a header | ||
633 | * of "BEGIN X509 CRL". | ||
634 | * | ||
635 | * Returns 0 on success, and a negative value on failure. | ||
636 | * | ||
637 | **/ | ||
638 | int | ||
639 | MHD_gnutls_x509_crl_export (MHD_gnutls_x509_crl_t crl, | ||
640 | MHD_gnutls_x509_crt_fmt_t format, | ||
641 | void *output_data, size_t * output_data_size) | ||
642 | { | ||
643 | if (crl == NULL) | ||
644 | { | ||
645 | MHD_gnutls_assert (); | ||
646 | return GNUTLS_E_INVALID_REQUEST; | ||
647 | } | ||
648 | |||
649 | return MHD__gnutls_x509_export_int (crl->crl, format, PEM_CRL, | ||
650 | output_data, output_data_size); | ||
651 | } | ||
652 | |||
653 | /*- | ||
654 | * MHD__gnutls_x509_crl_cpy - This function copies a MHD_gnutls_x509_crl_t structure | ||
655 | * @dest: The structure where to copy | ||
656 | * @src: The structure to be copied | ||
657 | * | ||
658 | * This function will copy an X.509 certificate structure. | ||
659 | * | ||
660 | * Returns 0 on success. | ||
661 | * | ||
662 | -*/ | ||
663 | int | ||
664 | MHD__gnutls_x509_crl_cpy (MHD_gnutls_x509_crl_t dest, | ||
665 | MHD_gnutls_x509_crl_t src) | ||
666 | { | ||
667 | int ret; | ||
668 | size_t der_size; | ||
669 | opaque *der; | ||
670 | MHD_gnutls_datum_t tmp; | ||
671 | |||
672 | ret = | ||
673 | MHD_gnutls_x509_crl_export (src, GNUTLS_X509_FMT_DER, NULL, &der_size); | ||
674 | if (ret != GNUTLS_E_SHORT_MEMORY_BUFFER) | ||
675 | { | ||
676 | MHD_gnutls_assert (); | ||
677 | return ret; | ||
678 | } | ||
679 | |||
680 | der = MHD_gnutls_alloca (der_size); | ||
681 | if (der == NULL) | ||
682 | { | ||
683 | MHD_gnutls_assert (); | ||
684 | return GNUTLS_E_MEMORY_ERROR; | ||
685 | } | ||
686 | |||
687 | ret = MHD_gnutls_x509_crl_export (src, GNUTLS_X509_FMT_DER, der, &der_size); | ||
688 | if (ret < 0) | ||
689 | { | ||
690 | MHD_gnutls_assert (); | ||
691 | MHD_gnutls_afree (der); | ||
692 | return ret; | ||
693 | } | ||
694 | |||
695 | tmp.data = der; | ||
696 | tmp.size = der_size; | ||
697 | ret = MHD_gnutls_x509_crl_import (dest, &tmp, GNUTLS_X509_FMT_DER); | ||
698 | |||
699 | MHD_gnutls_afree (der); | ||
700 | |||
701 | if (ret < 0) | ||
702 | { | ||
703 | MHD_gnutls_assert (); | ||
704 | return ret; | ||
705 | } | ||
706 | |||
707 | return 0; | ||
708 | |||
709 | } | ||
710 | |||
711 | #endif | 437 | #endif |