diff options
Diffstat (limited to 'src/daemon/https/x509/dn.c')
-rw-r--r-- | src/daemon/https/x509/dn.c | 612 |
1 files changed, 0 insertions, 612 deletions
diff --git a/src/daemon/https/x509/dn.c b/src/daemon/https/x509/dn.c index 17b4ed76..fb4fa57e 100644 --- a/src/daemon/https/x509/dn.c +++ b/src/daemon/https/x509/dn.c | |||
@@ -518,618 +518,6 @@ cleanup: | |||
518 | return result; | 518 | return result; |
519 | } | 519 | } |
520 | 520 | ||
521 | |||
522 | /* Parses an X509 DN in the MHD__asn1_struct, and returns the requested | ||
523 | * DN OID. | ||
524 | * | ||
525 | * MHD__asn1_rdn_name must be a string in the form "tbsCertificate.issuer.rdnSequence". | ||
526 | * That is to point in the rndSequence. | ||
527 | * | ||
528 | * indx specifies which OID to return. Ie 0 means return the first specified | ||
529 | * OID found, 1 the second etc. | ||
530 | */ | ||
531 | int | ||
532 | MHD__gnutls_x509_get_dn_oid (ASN1_TYPE MHD__asn1_struct, | ||
533 | const char *MHD__asn1_rdn_name, | ||
534 | int indx, void *_oid, size_t * sizeof_oid) | ||
535 | { | ||
536 | int k2, k1, result; | ||
537 | char tmpbuffer1[MAX_NAME_SIZE]; | ||
538 | char tmpbuffer2[MAX_NAME_SIZE]; | ||
539 | char tmpbuffer3[MAX_NAME_SIZE]; | ||
540 | char value[256]; | ||
541 | char oid[128]; | ||
542 | int len; | ||
543 | int i = 0; | ||
544 | |||
545 | k1 = 0; | ||
546 | do | ||
547 | { | ||
548 | |||
549 | k1++; | ||
550 | /* create a string like "tbsCertList.issuer.rdnSequence.?1" | ||
551 | */ | ||
552 | if (MHD__asn1_rdn_name[0] != 0) | ||
553 | snprintf (tmpbuffer1, sizeof (tmpbuffer1), "%s.?%u", | ||
554 | MHD__asn1_rdn_name, k1); | ||
555 | else | ||
556 | snprintf (tmpbuffer1, sizeof (tmpbuffer1), "?%u", k1); | ||
557 | |||
558 | len = sizeof (value) - 1; | ||
559 | result = | ||
560 | MHD__asn1_read_value (MHD__asn1_struct, tmpbuffer1, value, &len); | ||
561 | |||
562 | if (result == ASN1_ELEMENT_NOT_FOUND) | ||
563 | { | ||
564 | MHD_gnutls_assert (); | ||
565 | break; | ||
566 | } | ||
567 | |||
568 | if (result != ASN1_VALUE_NOT_FOUND) | ||
569 | { | ||
570 | MHD_gnutls_assert (); | ||
571 | result = MHD_gtls_asn2err (result); | ||
572 | goto cleanup; | ||
573 | } | ||
574 | |||
575 | k2 = 0; | ||
576 | |||
577 | do | ||
578 | { /* Move to the attibute type and values | ||
579 | */ | ||
580 | k2++; | ||
581 | |||
582 | if (tmpbuffer1[0] != 0) | ||
583 | snprintf (tmpbuffer2, sizeof (tmpbuffer2), "%s.?%u", tmpbuffer1, | ||
584 | k2); | ||
585 | else | ||
586 | snprintf (tmpbuffer2, sizeof (tmpbuffer2), "?%u", k2); | ||
587 | |||
588 | /* Try to read the RelativeDistinguishedName attributes. | ||
589 | */ | ||
590 | |||
591 | len = sizeof (value) - 1; | ||
592 | result = | ||
593 | MHD__asn1_read_value (MHD__asn1_struct, tmpbuffer2, value, &len); | ||
594 | |||
595 | if (result == ASN1_ELEMENT_NOT_FOUND) | ||
596 | { | ||
597 | break; | ||
598 | } | ||
599 | if (result != ASN1_VALUE_NOT_FOUND) | ||
600 | { | ||
601 | MHD_gnutls_assert (); | ||
602 | result = MHD_gtls_asn2err (result); | ||
603 | goto cleanup; | ||
604 | } | ||
605 | |||
606 | /* Read the OID | ||
607 | */ | ||
608 | MHD_gtls_str_cpy (tmpbuffer3, sizeof (tmpbuffer3), tmpbuffer2); | ||
609 | MHD_gtls_str_cat (tmpbuffer3, sizeof (tmpbuffer3), ".type"); | ||
610 | |||
611 | len = sizeof (oid) - 1; | ||
612 | result = | ||
613 | MHD__asn1_read_value (MHD__asn1_struct, tmpbuffer3, oid, &len); | ||
614 | |||
615 | if (result == ASN1_ELEMENT_NOT_FOUND) | ||
616 | break; | ||
617 | else if (result != ASN1_SUCCESS) | ||
618 | { | ||
619 | MHD_gnutls_assert (); | ||
620 | result = MHD_gtls_asn2err (result); | ||
621 | goto cleanup; | ||
622 | } | ||
623 | |||
624 | if (indx == i++) | ||
625 | { /* Found the OID */ | ||
626 | |||
627 | len = strlen (oid) + 1; | ||
628 | |||
629 | if (*sizeof_oid < (unsigned) len) | ||
630 | { | ||
631 | *sizeof_oid = len; | ||
632 | MHD_gnutls_assert (); | ||
633 | return GNUTLS_E_SHORT_MEMORY_BUFFER; | ||
634 | } | ||
635 | |||
636 | memcpy (_oid, oid, len); | ||
637 | *sizeof_oid = len - 1; | ||
638 | |||
639 | return 0; | ||
640 | } | ||
641 | } | ||
642 | while (1); | ||
643 | |||
644 | } | ||
645 | while (1); | ||
646 | |||
647 | MHD_gnutls_assert (); | ||
648 | |||
649 | result = GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE; | ||
650 | |||
651 | cleanup: | ||
652 | return result; | ||
653 | } | ||
654 | |||
655 | /* This will encode and write the AttributeTypeAndValue field. | ||
656 | * 'multi' must be zero if writing an AttributeTypeAndValue, and 1 if Attribute. | ||
657 | * In all cases only one value is written. | ||
658 | */ | ||
659 | int | ||
660 | MHD__gnutls_x509_encode_and_write_attribute (const char *given_oid, | ||
661 | ASN1_TYPE MHD__asn1_struct, | ||
662 | const char *where, | ||
663 | const void *_data, | ||
664 | int sizeof_data, int multi) | ||
665 | { | ||
666 | const char *val_name; | ||
667 | const opaque *data = _data; | ||
668 | char tmp[128]; | ||
669 | ASN1_TYPE c2; | ||
670 | int result; | ||
671 | |||
672 | |||
673 | /* Find how to encode the data. | ||
674 | */ | ||
675 | val_name = | ||
676 | MHD__asn1_find_structure_from_oid (MHD__gnutls_get_pkix (), given_oid); | ||
677 | if (val_name == NULL) | ||
678 | { | ||
679 | MHD_gnutls_assert (); | ||
680 | return GNUTLS_E_X509_UNSUPPORTED_OID; | ||
681 | } | ||
682 | |||
683 | MHD_gtls_str_cpy (tmp, sizeof (tmp), "PKIX1."); | ||
684 | MHD_gtls_str_cat (tmp, sizeof (tmp), val_name); | ||
685 | |||
686 | result = MHD__asn1_create_element (MHD__gnutls_get_pkix (), tmp, &c2); | ||
687 | if (result != ASN1_SUCCESS) | ||
688 | { | ||
689 | MHD_gnutls_assert (); | ||
690 | return MHD_gtls_asn2err (result); | ||
691 | } | ||
692 | |||
693 | tmp[0] = 0; | ||
694 | |||
695 | if ((result = MHD__gnutls_x509_oid_data_choice (given_oid)) > 0) | ||
696 | { | ||
697 | char *string_type; | ||
698 | int i; | ||
699 | |||
700 | string_type = "printableString"; | ||
701 | |||
702 | /* Check if the data is plain ascii, and use | ||
703 | * the UTF8 string type if not. | ||
704 | */ | ||
705 | for (i = 0; i < sizeof_data; i++) | ||
706 | { | ||
707 | if (!isascii (data[i])) | ||
708 | { | ||
709 | string_type = "utf8String"; | ||
710 | break; | ||
711 | } | ||
712 | } | ||
713 | |||
714 | /* if the type is a CHOICE then write the | ||
715 | * type we'll use. | ||
716 | */ | ||
717 | result = MHD__asn1_write_value (c2, "", string_type, 1); | ||
718 | if (result != ASN1_SUCCESS) | ||
719 | { | ||
720 | MHD_gnutls_assert (); | ||
721 | MHD__asn1_delete_structure (&c2); | ||
722 | return MHD_gtls_asn2err (result); | ||
723 | } | ||
724 | |||
725 | MHD_gtls_str_cpy (tmp, sizeof (tmp), string_type); | ||
726 | } | ||
727 | |||
728 | result = MHD__asn1_write_value (c2, tmp, data, sizeof_data); | ||
729 | if (result != ASN1_SUCCESS) | ||
730 | { | ||
731 | MHD_gnutls_assert (); | ||
732 | MHD__asn1_delete_structure (&c2); | ||
733 | return MHD_gtls_asn2err (result); | ||
734 | } | ||
735 | |||
736 | |||
737 | /* write the data (value) | ||
738 | */ | ||
739 | |||
740 | MHD_gtls_str_cpy (tmp, sizeof (tmp), where); | ||
741 | MHD_gtls_str_cat (tmp, sizeof (tmp), ".value"); | ||
742 | |||
743 | if (multi != 0) | ||
744 | { /* if not writing an AttributeTypeAndValue, but an Attribute */ | ||
745 | MHD_gtls_str_cat (tmp, sizeof (tmp), "s"); /* values */ | ||
746 | |||
747 | result = MHD__asn1_write_value (MHD__asn1_struct, tmp, "NEW", 1); | ||
748 | if (result != ASN1_SUCCESS) | ||
749 | { | ||
750 | MHD_gnutls_assert (); | ||
751 | return MHD_gtls_asn2err (result); | ||
752 | } | ||
753 | |||
754 | MHD_gtls_str_cat (tmp, sizeof (tmp), ".?LAST"); | ||
755 | |||
756 | } | ||
757 | |||
758 | result = | ||
759 | MHD__gnutls_x509_der_encode_and_copy (c2, "", MHD__asn1_struct, tmp, 0); | ||
760 | if (result < 0) | ||
761 | { | ||
762 | MHD_gnutls_assert (); | ||
763 | return result; | ||
764 | } | ||
765 | |||
766 | /* write the type | ||
767 | */ | ||
768 | MHD_gtls_str_cpy (tmp, sizeof (tmp), where); | ||
769 | MHD_gtls_str_cat (tmp, sizeof (tmp), ".type"); | ||
770 | |||
771 | result = MHD__asn1_write_value (MHD__asn1_struct, tmp, given_oid, 1); | ||
772 | if (result != ASN1_SUCCESS) | ||
773 | { | ||
774 | MHD_gnutls_assert (); | ||
775 | return MHD_gtls_asn2err (result); | ||
776 | } | ||
777 | |||
778 | return 0; | ||
779 | } | ||
780 | |||
781 | /* This will write the AttributeTypeAndValue field. The data must be already DER encoded. | ||
782 | * In all cases only one value is written. | ||
783 | */ | ||
784 | static int | ||
785 | MHD__gnutls_x509_write_attribute (const char *given_oid, | ||
786 | ASN1_TYPE MHD__asn1_struct, | ||
787 | const char *where, const void *_data, | ||
788 | int sizeof_data) | ||
789 | { | ||
790 | char tmp[128]; | ||
791 | int result; | ||
792 | |||
793 | /* write the data (value) | ||
794 | */ | ||
795 | |||
796 | MHD_gtls_str_cpy (tmp, sizeof (tmp), where); | ||
797 | MHD_gtls_str_cat (tmp, sizeof (tmp), ".value"); | ||
798 | |||
799 | result = MHD__asn1_write_value (MHD__asn1_struct, tmp, _data, sizeof_data); | ||
800 | if (result < 0) | ||
801 | { | ||
802 | MHD_gnutls_assert (); | ||
803 | return MHD_gtls_asn2err (result); | ||
804 | } | ||
805 | |||
806 | /* write the type | ||
807 | */ | ||
808 | MHD_gtls_str_cpy (tmp, sizeof (tmp), where); | ||
809 | MHD_gtls_str_cat (tmp, sizeof (tmp), ".type"); | ||
810 | |||
811 | result = MHD__asn1_write_value (MHD__asn1_struct, tmp, given_oid, 1); | ||
812 | if (result != ASN1_SUCCESS) | ||
813 | { | ||
814 | MHD_gnutls_assert (); | ||
815 | return MHD_gtls_asn2err (result); | ||
816 | } | ||
817 | |||
818 | return 0; | ||
819 | } | ||
820 | |||
821 | |||
822 | /* Decodes an X.509 Attribute (if multi==1) or an AttributeTypeAndValue | ||
823 | * otherwise. | ||
824 | * | ||
825 | * octet_string should be non zero if we are to decode octet strings after | ||
826 | * decoding. | ||
827 | * | ||
828 | * The output is allocated and stored in value. | ||
829 | */ | ||
830 | int | ||
831 | MHD__gnutls_x509_decode_and_read_attribute (ASN1_TYPE MHD__asn1_struct, | ||
832 | const char *where, char *oid, | ||
833 | int oid_size, | ||
834 | MHD_gnutls_datum_t * value, | ||
835 | int multi, int octet_string) | ||
836 | { | ||
837 | char tmpbuffer[128]; | ||
838 | int len, result; | ||
839 | |||
840 | /* Read the OID | ||
841 | */ | ||
842 | MHD_gtls_str_cpy (tmpbuffer, sizeof (tmpbuffer), where); | ||
843 | MHD_gtls_str_cat (tmpbuffer, sizeof (tmpbuffer), ".type"); | ||
844 | |||
845 | len = oid_size - 1; | ||
846 | result = MHD__asn1_read_value (MHD__asn1_struct, tmpbuffer, oid, &len); | ||
847 | |||
848 | if (result != ASN1_SUCCESS) | ||
849 | { | ||
850 | MHD_gnutls_assert (); | ||
851 | result = MHD_gtls_asn2err (result); | ||
852 | return result; | ||
853 | } | ||
854 | |||
855 | /* Read the Value | ||
856 | */ | ||
857 | |||
858 | MHD_gtls_str_cpy (tmpbuffer, sizeof (tmpbuffer), where); | ||
859 | MHD_gtls_str_cat (tmpbuffer, sizeof (tmpbuffer), ".value"); | ||
860 | |||
861 | if (multi) | ||
862 | MHD_gtls_str_cat (tmpbuffer, sizeof (tmpbuffer), "s.?1"); /* .values.?1 */ | ||
863 | |||
864 | result = | ||
865 | MHD__gnutls_x509_read_value (MHD__asn1_struct, tmpbuffer, value, | ||
866 | octet_string); | ||
867 | if (result < 0) | ||
868 | { | ||
869 | MHD_gnutls_assert (); | ||
870 | return result; | ||
871 | } | ||
872 | |||
873 | return 0; | ||
874 | |||
875 | } | ||
876 | |||
877 | /* Sets an X509 DN in the MHD__asn1_struct, and puts the given OID in the DN. | ||
878 | * The input is assumed to be raw data. | ||
879 | * | ||
880 | * MHD__asn1_rdn_name must be a string in the form "tbsCertificate.issuer". | ||
881 | * That is to point before the rndSequence. | ||
882 | * | ||
883 | */ | ||
884 | int | ||
885 | MHD__gnutls_x509_set_dn_oid (ASN1_TYPE MHD__asn1_struct, | ||
886 | const char *MHD__asn1_name, | ||
887 | const char *given_oid, int raw_flag, | ||
888 | const char *name, int sizeof_name) | ||
889 | { | ||
890 | int result; | ||
891 | char tmp[MAX_NAME_SIZE], MHD__asn1_rdn_name[MAX_NAME_SIZE]; | ||
892 | |||
893 | if (sizeof_name == 0 || name == NULL) | ||
894 | { | ||
895 | MHD_gnutls_assert (); | ||
896 | return GNUTLS_E_INVALID_REQUEST; | ||
897 | } | ||
898 | |||
899 | /* create the rdnSequence | ||
900 | */ | ||
901 | result = | ||
902 | MHD__asn1_write_value (MHD__asn1_struct, MHD__asn1_name, "rdnSequence", | ||
903 | 1); | ||
904 | if (result != ASN1_SUCCESS) | ||
905 | { | ||
906 | MHD_gnutls_assert (); | ||
907 | return MHD_gtls_asn2err (result); | ||
908 | } | ||
909 | |||
910 | MHD_gtls_str_cpy (MHD__asn1_rdn_name, sizeof (MHD__asn1_rdn_name), | ||
911 | MHD__asn1_name); | ||
912 | MHD_gtls_str_cat (MHD__asn1_rdn_name, sizeof (MHD__asn1_rdn_name), | ||
913 | ".rdnSequence"); | ||
914 | |||
915 | /* create a new element | ||
916 | */ | ||
917 | result = | ||
918 | MHD__asn1_write_value (MHD__asn1_struct, MHD__asn1_rdn_name, "NEW", 1); | ||
919 | if (result != ASN1_SUCCESS) | ||
920 | { | ||
921 | MHD_gnutls_assert (); | ||
922 | return MHD_gtls_asn2err (result); | ||
923 | } | ||
924 | |||
925 | MHD_gtls_str_cpy (tmp, sizeof (tmp), MHD__asn1_rdn_name); | ||
926 | MHD_gtls_str_cat (tmp, sizeof (tmp), ".?LAST"); | ||
927 | |||
928 | /* create the set with only one element | ||
929 | */ | ||
930 | result = MHD__asn1_write_value (MHD__asn1_struct, tmp, "NEW", 1); | ||
931 | if (result != ASN1_SUCCESS) | ||
932 | { | ||
933 | MHD_gnutls_assert (); | ||
934 | return MHD_gtls_asn2err (result); | ||
935 | } | ||
936 | |||
937 | |||
938 | /* Encode and write the data | ||
939 | */ | ||
940 | MHD_gtls_str_cpy (tmp, sizeof (tmp), MHD__asn1_rdn_name); | ||
941 | MHD_gtls_str_cat (tmp, sizeof (tmp), ".?LAST.?LAST"); | ||
942 | |||
943 | if (!raw_flag) | ||
944 | { | ||
945 | result = | ||
946 | MHD__gnutls_x509_encode_and_write_attribute (given_oid, | ||
947 | MHD__asn1_struct, | ||
948 | tmp, name, sizeof_name, | ||
949 | 0); | ||
950 | } | ||
951 | else | ||
952 | { | ||
953 | result = | ||
954 | MHD__gnutls_x509_write_attribute (given_oid, MHD__asn1_struct, | ||
955 | tmp, name, sizeof_name); | ||
956 | } | ||
957 | |||
958 | if (result < 0) | ||
959 | { | ||
960 | MHD_gnutls_assert (); | ||
961 | return result; | ||
962 | } | ||
963 | |||
964 | return 0; | ||
965 | } | ||
966 | |||
967 | |||
968 | /** | ||
969 | * MHD_gnutls_x509_rdn_get - This function parses an RDN sequence and returns a string | ||
970 | * @idn: should contain a DER encoded RDN sequence | ||
971 | * @buf: a pointer to a structure to hold the peer's name | ||
972 | * @sizeof_buf: holds the size of @buf | ||
973 | * | ||
974 | * This function will return the name of the given RDN sequence. The | ||
975 | * name will be in the form "C=xxxx,O=yyyy,CN=zzzz" as described in | ||
976 | * RFC2253. | ||
977 | * | ||
978 | * If the provided buffer is not long enough, returns | ||
979 | * GNUTLS_E_SHORT_MEMORY_BUFFER and *sizeof_buf will be updated. On | ||
980 | * success 0 is returned. | ||
981 | * | ||
982 | **/ | ||
983 | int | ||
984 | MHD_gnutls_x509_rdn_get (const MHD_gnutls_datum_t * idn, | ||
985 | char *buf, size_t * sizeof_buf) | ||
986 | { | ||
987 | int result; | ||
988 | ASN1_TYPE dn = ASN1_TYPE_EMPTY; | ||
989 | |||
990 | if (sizeof_buf == 0) | ||
991 | { | ||
992 | MHD_gnutls_assert (); | ||
993 | return GNUTLS_E_INVALID_REQUEST; | ||
994 | } | ||
995 | |||
996 | if (buf) | ||
997 | buf[0] = 0; | ||
998 | |||
999 | |||
1000 | if ((result = | ||
1001 | MHD__asn1_create_element (MHD__gnutls_get_pkix (), | ||
1002 | "PKIX1.Name", &dn)) != ASN1_SUCCESS) | ||
1003 | { | ||
1004 | MHD_gnutls_assert (); | ||
1005 | return MHD_gtls_asn2err (result); | ||
1006 | } | ||
1007 | |||
1008 | result = MHD__asn1_der_decoding (&dn, idn->data, idn->size, NULL); | ||
1009 | if (result != ASN1_SUCCESS) | ||
1010 | { | ||
1011 | /* couldn't decode DER */ | ||
1012 | MHD_gnutls_assert (); | ||
1013 | MHD__asn1_delete_structure (&dn); | ||
1014 | return MHD_gtls_asn2err (result); | ||
1015 | } | ||
1016 | |||
1017 | result = MHD__gnutls_x509_parse_dn (dn, "rdnSequence", buf, sizeof_buf); | ||
1018 | |||
1019 | MHD__asn1_delete_structure (&dn); | ||
1020 | return result; | ||
1021 | |||
1022 | } | ||
1023 | |||
1024 | /** | ||
1025 | * MHD_gnutls_x509_rdn_get_by_oid - This function parses an RDN sequence and returns a string | ||
1026 | * @idn: should contain a DER encoded RDN sequence | ||
1027 | * @oid: an Object Identifier | ||
1028 | * @indx: In case multiple same OIDs exist in the RDN indicates which | ||
1029 | * to send. Use 0 for the first one. | ||
1030 | * @raw_flag: If non zero then the raw DER data are returned. | ||
1031 | * @buf: a pointer to a structure to hold the peer's name | ||
1032 | * @sizeof_buf: holds the size of @buf | ||
1033 | * | ||
1034 | * This function will return the name of the given Object identifier, | ||
1035 | * of the RDN sequence. The name will be encoded using the rules | ||
1036 | * from RFC2253. | ||
1037 | * | ||
1038 | * Returns GNUTLS_E_SHORT_MEMORY_BUFFER and updates *sizeof_buf if | ||
1039 | * the provided buffer is not long enough, and 0 on success. | ||
1040 | * | ||
1041 | **/ | ||
1042 | int | ||
1043 | MHD_gnutls_x509_rdn_get_by_oid (const MHD_gnutls_datum_t * idn, | ||
1044 | const char *oid, int indx, | ||
1045 | unsigned int raw_flag, void *buf, | ||
1046 | size_t * sizeof_buf) | ||
1047 | { | ||
1048 | int result; | ||
1049 | ASN1_TYPE dn = ASN1_TYPE_EMPTY; | ||
1050 | |||
1051 | if (sizeof_buf == 0) | ||
1052 | { | ||
1053 | return GNUTLS_E_INVALID_REQUEST; | ||
1054 | } | ||
1055 | |||
1056 | if ((result = | ||
1057 | MHD__asn1_create_element (MHD__gnutls_get_pkix (), | ||
1058 | "PKIX1.Name", &dn)) != ASN1_SUCCESS) | ||
1059 | { | ||
1060 | MHD_gnutls_assert (); | ||
1061 | return MHD_gtls_asn2err (result); | ||
1062 | } | ||
1063 | |||
1064 | result = MHD__asn1_der_decoding (&dn, idn->data, idn->size, NULL); | ||
1065 | if (result != ASN1_SUCCESS) | ||
1066 | { | ||
1067 | /* couldn't decode DER */ | ||
1068 | MHD_gnutls_assert (); | ||
1069 | MHD__asn1_delete_structure (&dn); | ||
1070 | return MHD_gtls_asn2err (result); | ||
1071 | } | ||
1072 | |||
1073 | result = | ||
1074 | MHD__gnutls_x509_parse_dn_oid (dn, "rdnSequence", oid, indx, | ||
1075 | raw_flag, buf, sizeof_buf); | ||
1076 | |||
1077 | MHD__asn1_delete_structure (&dn); | ||
1078 | return result; | ||
1079 | |||
1080 | } | ||
1081 | |||
1082 | /** | ||
1083 | * MHD_gnutls_x509_rdn_get_oid - This function parses an RDN sequence and returns an OID. | ||
1084 | * @idn: should contain a DER encoded RDN sequence | ||
1085 | * @indx: Indicates which OID to return. Use 0 for the first one. | ||
1086 | * @oid: a pointer to a structure to hold the peer's name OID | ||
1087 | * @sizeof_oid: holds the size of @oid | ||
1088 | * | ||
1089 | * This function will return the specified Object identifier, of the | ||
1090 | * RDN sequence. | ||
1091 | * | ||
1092 | * Returns GNUTLS_E_SHORT_MEMORY_BUFFER and updates *sizeof_buf if | ||
1093 | * the provided buffer is not long enough, and 0 on success. | ||
1094 | * | ||
1095 | **/ | ||
1096 | int | ||
1097 | MHD_gnutls_x509_rdn_get_oid (const MHD_gnutls_datum_t * idn, | ||
1098 | int indx, void *buf, size_t * sizeof_buf) | ||
1099 | { | ||
1100 | int result; | ||
1101 | ASN1_TYPE dn = ASN1_TYPE_EMPTY; | ||
1102 | |||
1103 | if (sizeof_buf == 0) | ||
1104 | { | ||
1105 | return GNUTLS_E_INVALID_REQUEST; | ||
1106 | } | ||
1107 | |||
1108 | if ((result = | ||
1109 | MHD__asn1_create_element (MHD__gnutls_get_pkix (), | ||
1110 | "PKIX1.Name", &dn)) != ASN1_SUCCESS) | ||
1111 | { | ||
1112 | MHD_gnutls_assert (); | ||
1113 | return MHD_gtls_asn2err (result); | ||
1114 | } | ||
1115 | |||
1116 | result = MHD__asn1_der_decoding (&dn, idn->data, idn->size, NULL); | ||
1117 | if (result != ASN1_SUCCESS) | ||
1118 | { | ||
1119 | /* couldn't decode DER */ | ||
1120 | MHD_gnutls_assert (); | ||
1121 | MHD__asn1_delete_structure (&dn); | ||
1122 | return MHD_gtls_asn2err (result); | ||
1123 | } | ||
1124 | |||
1125 | result = | ||
1126 | MHD__gnutls_x509_get_dn_oid (dn, "rdnSequence", indx, buf, sizeof_buf); | ||
1127 | |||
1128 | MHD__asn1_delete_structure (&dn); | ||
1129 | return result; | ||
1130 | |||
1131 | } | ||
1132 | |||
1133 | /* | 521 | /* |
1134 | * Compares the DER encoded part of a DN. | 522 | * Compares the DER encoded part of a DN. |
1135 | * | 523 | * |