1 files changed, 0 insertions, 612 deletions
diff --git a/src/daemon/https/x509/dn.c b/src/daemon/https/x509/dn.c
index 17b4ed76..fb4fa57e 100644
--- a/src/daemon/https/x509/dn.c
+++ b/src/daemon/https/x509/dn.c
@@ -518,618 +518,6 @@ cleanup:
  return result;
 }
-/* Parses an X509 DN in the MHD__asn1_struct, and returns the requested
- * DN OID.
- *
- * MHD__asn1_rdn_name must be a string in the form "tbsCertificate.issuer.rdnSequence".
- * That is to point in the rndSequence.
- *
- * indx specifies which OID to return. Ie 0 means return the first specified
- * OID found, 1 the second etc.
- */
-int
-MHD__gnutls_x509_get_dn_oid (ASN1_TYPE MHD__asn1_struct,
-                             const char *MHD__asn1_rdn_name,
-                             int indx, void *_oid, size_t * sizeof_oid)
-{
-  int k2, k1, result;
-  char tmpbuffer1[MAX_NAME_SIZE];
-  char tmpbuffer2[MAX_NAME_SIZE];
-  char tmpbuffer3[MAX_NAME_SIZE];
-  char value[256];
-  char oid[128];
-  int len;
-  int i = 0;
-  k1 = 0;
-  do
-    {
-      k1++;
-      /* create a string like "tbsCertList.issuer.rdnSequence.?1"
-       */
-      if (MHD__asn1_rdn_name[0] != 0)
-        snprintf (tmpbuffer1, sizeof (tmpbuffer1), "%s.?%u",
-                  MHD__asn1_rdn_name, k1);
-      else
-        snprintf (tmpbuffer1, sizeof (tmpbuffer1), "?%u", k1);
-      len = sizeof (value) - 1;
-      result =
-        MHD__asn1_read_value (MHD__asn1_struct, tmpbuffer1, value, &len);
-      if (result == ASN1_ELEMENT_NOT_FOUND)
-        {
-          MHD_gnutls_assert ();
-          break;
-        }
-      if (result != ASN1_VALUE_NOT_FOUND)
-        {
-          MHD_gnutls_assert ();
-          result = MHD_gtls_asn2err (result);
-          goto cleanup;
-        }
-      k2 = 0;
-      do
-        {                       /* Move to the attibute type and values
-                                 */
-          k2++;
-          if (tmpbuffer1[0] != 0)
-            snprintf (tmpbuffer2, sizeof (tmpbuffer2), "%s.?%u", tmpbuffer1,
-                      k2);
-          else
-            snprintf (tmpbuffer2, sizeof (tmpbuffer2), "?%u", k2);
-          /* Try to read the RelativeDistinguishedName attributes.
-           */
-          len = sizeof (value) - 1;
-          result =
-            MHD__asn1_read_value (MHD__asn1_struct, tmpbuffer2, value, &len);
-          if (result == ASN1_ELEMENT_NOT_FOUND)
-            {
-              break;
-            }
-          if (result != ASN1_VALUE_NOT_FOUND)
-            {
-              MHD_gnutls_assert ();
-              result = MHD_gtls_asn2err (result);
-              goto cleanup;
-            }
-          /* Read the OID
-           */
-          MHD_gtls_str_cpy (tmpbuffer3, sizeof (tmpbuffer3), tmpbuffer2);
-          MHD_gtls_str_cat (tmpbuffer3, sizeof (tmpbuffer3), ".type");
-          len = sizeof (oid) - 1;
-          result =
-            MHD__asn1_read_value (MHD__asn1_struct, tmpbuffer3, oid, &len);
-          if (result == ASN1_ELEMENT_NOT_FOUND)
-            break;
-          else if (result != ASN1_SUCCESS)
-            {
-              MHD_gnutls_assert ();
-              result = MHD_gtls_asn2err (result);
-              goto cleanup;
-            }
-          if (indx == i++)
-            {                   /* Found the OID */
-              len = strlen (oid) + 1;
-              if (*sizeof_oid < (unsigned) len)
-                {
-                  *sizeof_oid = len;
-                  MHD_gnutls_assert ();
-                  return GNUTLS_E_SHORT_MEMORY_BUFFER;
-                }
-              memcpy (_oid, oid, len);
-              *sizeof_oid = len - 1;
-              return 0;
-            }
-        }
-      while (1);
-    }
-  while (1);
-  MHD_gnutls_assert ();
-  result = GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
-cleanup:
-  return result;
-}
-/* This will encode and write the AttributeTypeAndValue field.
- * 'multi' must be zero if writing an AttributeTypeAndValue, and 1 if Attribute.
- * In all cases only one value is written.
- */
-int
-MHD__gnutls_x509_encode_and_write_attribute (const char *given_oid,
-                                             ASN1_TYPE MHD__asn1_struct,
-                                             const char *where,
-                                             const void *_data,
-                                             int sizeof_data, int multi)
-{
-  const char *val_name;
-  const opaque *data = _data;
-  char tmp[128];
-  ASN1_TYPE c2;
-  int result;
-  /* Find how to encode the data.
-   */
-  val_name =
-    MHD__asn1_find_structure_from_oid (MHD__gnutls_get_pkix (), given_oid);
-  if (val_name == NULL)
-    {
-      MHD_gnutls_assert ();
-      return GNUTLS_E_X509_UNSUPPORTED_OID;
-    }
-  MHD_gtls_str_cpy (tmp, sizeof (tmp), "PKIX1.");
-  MHD_gtls_str_cat (tmp, sizeof (tmp), val_name);
-  result = MHD__asn1_create_element (MHD__gnutls_get_pkix (), tmp, &c2);
-  if (result != ASN1_SUCCESS)
-    {
-      MHD_gnutls_assert ();
-      return MHD_gtls_asn2err (result);
-    }
-  tmp[0] = 0;
-  if ((result = MHD__gnutls_x509_oid_data_choice (given_oid)) > 0)
-    {
-      char *string_type;
-      int i;
-      string_type = "printableString";
-      /* Check if the data is plain ascii, and use
-       * the UTF8 string type if not.
-       */
-      for (i = 0; i < sizeof_data; i++)
-        {
-          if (!isascii (data[i]))
-            {
-              string_type = "utf8String";
-              break;
-            }
-        }
-      /* if the type is a CHOICE then write the
-       * type we'll use.
-       */
-      result = MHD__asn1_write_value (c2, "", string_type, 1);
-      if (result != ASN1_SUCCESS)
-        {
-          MHD_gnutls_assert ();
-          MHD__asn1_delete_structure (&c2);
-          return MHD_gtls_asn2err (result);
-        }
-      MHD_gtls_str_cpy (tmp, sizeof (tmp), string_type);
-    }
-  result = MHD__asn1_write_value (c2, tmp, data, sizeof_data);
-  if (result != ASN1_SUCCESS)
-    {
-      MHD_gnutls_assert ();
-      MHD__asn1_delete_structure (&c2);
-      return MHD_gtls_asn2err (result);
-    }
-  /* write the data (value)
-   */
-  MHD_gtls_str_cpy (tmp, sizeof (tmp), where);
-  MHD_gtls_str_cat (tmp, sizeof (tmp), ".value");
-  if (multi != 0)
-    {                           /* if not writing an AttributeTypeAndValue, but an Attribute */
-      MHD_gtls_str_cat (tmp, sizeof (tmp), "s");        /* values */
-      result = MHD__asn1_write_value (MHD__asn1_struct, tmp, "NEW", 1);
-      if (result != ASN1_SUCCESS)
-        {
-          MHD_gnutls_assert ();
-          return MHD_gtls_asn2err (result);
-        }
-      MHD_gtls_str_cat (tmp, sizeof (tmp), ".?LAST");
-    }
-  result =
-    MHD__gnutls_x509_der_encode_and_copy (c2, "", MHD__asn1_struct, tmp, 0);
-  if (result < 0)
-    {
-      MHD_gnutls_assert ();
-      return result;
-    }
-  /* write the type
-   */
-  MHD_gtls_str_cpy (tmp, sizeof (tmp), where);
-  MHD_gtls_str_cat (tmp, sizeof (tmp), ".type");
-  result = MHD__asn1_write_value (MHD__asn1_struct, tmp, given_oid, 1);
-  if (result != ASN1_SUCCESS)
-    {
-      MHD_gnutls_assert ();
-      return MHD_gtls_asn2err (result);
-    }
-  return 0;
-}
-/* This will write the AttributeTypeAndValue field. The data must be already DER encoded.
- * In all cases only one value is written.
- */
-static int
-MHD__gnutls_x509_write_attribute (const char *given_oid,
-                                  ASN1_TYPE MHD__asn1_struct,
-                                  const char *where, const void *_data,
-                                  int sizeof_data)
-{
-  char tmp[128];
-  int result;
-  /* write the data (value)
-   */
-  MHD_gtls_str_cpy (tmp, sizeof (tmp), where);
-  MHD_gtls_str_cat (tmp, sizeof (tmp), ".value");
-  result = MHD__asn1_write_value (MHD__asn1_struct, tmp, _data, sizeof_data);
-  if (result < 0)
-    {
-      MHD_gnutls_assert ();
-      return MHD_gtls_asn2err (result);
-    }
-  /* write the type
-   */
-  MHD_gtls_str_cpy (tmp, sizeof (tmp), where);
-  MHD_gtls_str_cat (tmp, sizeof (tmp), ".type");
-  result = MHD__asn1_write_value (MHD__asn1_struct, tmp, given_oid, 1);
-  if (result != ASN1_SUCCESS)
-    {
-      MHD_gnutls_assert ();
-      return MHD_gtls_asn2err (result);
-    }
-  return 0;
-}
-/* Decodes an X.509 Attribute (if multi==1) or an AttributeTypeAndValue
- * otherwise.
- *
- * octet_string should be non zero if we are to decode octet strings after
- * decoding.
- *
- * The output is allocated and stored in value.
- */
-int
-MHD__gnutls_x509_decode_and_read_attribute (ASN1_TYPE MHD__asn1_struct,
-                                            const char *where, char *oid,
-                                            int oid_size,
-                                            MHD_gnutls_datum_t * value,
-                                            int multi, int octet_string)
-{
-  char tmpbuffer[128];
-  int len, result;
-  /* Read the OID
-   */
-  MHD_gtls_str_cpy (tmpbuffer, sizeof (tmpbuffer), where);
-  MHD_gtls_str_cat (tmpbuffer, sizeof (tmpbuffer), ".type");
-  len = oid_size - 1;
-  result = MHD__asn1_read_value (MHD__asn1_struct, tmpbuffer, oid, &len);
-  if (result != ASN1_SUCCESS)
-    {
-      MHD_gnutls_assert ();
-      result = MHD_gtls_asn2err (result);
-      return result;
-    }
-  /* Read the Value
-   */
-  MHD_gtls_str_cpy (tmpbuffer, sizeof (tmpbuffer), where);
-  MHD_gtls_str_cat (tmpbuffer, sizeof (tmpbuffer), ".value");
-  if (multi)
-    MHD_gtls_str_cat (tmpbuffer, sizeof (tmpbuffer), "s.?1");   /* .values.?1 */
-  result =
-    MHD__gnutls_x509_read_value (MHD__asn1_struct, tmpbuffer, value,
-                                 octet_string);
-  if (result < 0)
-    {
-      MHD_gnutls_assert ();
-      return result;
-    }
-  return 0;
-}
-/* Sets an X509 DN in the MHD__asn1_struct, and puts the given OID in the DN.
- * The input is assumed to be raw data.
- *
- * MHD__asn1_rdn_name must be a string in the form "tbsCertificate.issuer".
- * That is to point before the rndSequence.
- *
- */
-int
-MHD__gnutls_x509_set_dn_oid (ASN1_TYPE MHD__asn1_struct,
-                             const char *MHD__asn1_name,
-                             const char *given_oid, int raw_flag,
-                             const char *name, int sizeof_name)
-{
-  int result;
-  char tmp[MAX_NAME_SIZE], MHD__asn1_rdn_name[MAX_NAME_SIZE];
-  if (sizeof_name == 0 || name == NULL)
-    {
-      MHD_gnutls_assert ();
-      return GNUTLS_E_INVALID_REQUEST;
-    }
-  /* create the rdnSequence
-   */
-  result =
-    MHD__asn1_write_value (MHD__asn1_struct, MHD__asn1_name, "rdnSequence",
-                           1);
-  if (result != ASN1_SUCCESS)
-    {
-      MHD_gnutls_assert ();
-      return MHD_gtls_asn2err (result);
-    }
-  MHD_gtls_str_cpy (MHD__asn1_rdn_name, sizeof (MHD__asn1_rdn_name),
-                    MHD__asn1_name);
-  MHD_gtls_str_cat (MHD__asn1_rdn_name, sizeof (MHD__asn1_rdn_name),
-                    ".rdnSequence");
-  /* create a new element
-   */
-  result =
-    MHD__asn1_write_value (MHD__asn1_struct, MHD__asn1_rdn_name, "NEW", 1);
-  if (result != ASN1_SUCCESS)
-    {
-      MHD_gnutls_assert ();
-      return MHD_gtls_asn2err (result);
-    }
-  MHD_gtls_str_cpy (tmp, sizeof (tmp), MHD__asn1_rdn_name);
-  MHD_gtls_str_cat (tmp, sizeof (tmp), ".?LAST");
-  /* create the set with only one element
-   */
-  result = MHD__asn1_write_value (MHD__asn1_struct, tmp, "NEW", 1);
-  if (result != ASN1_SUCCESS)
-    {
-      MHD_gnutls_assert ();
-      return MHD_gtls_asn2err (result);
-    }
-  /* Encode and write the data
-   */
-  MHD_gtls_str_cpy (tmp, sizeof (tmp), MHD__asn1_rdn_name);
-  MHD_gtls_str_cat (tmp, sizeof (tmp), ".?LAST.?LAST");
-  if (!raw_flag)
-    {
-      result =
-        MHD__gnutls_x509_encode_and_write_attribute (given_oid,
-                                                     MHD__asn1_struct,
-                                                     tmp, name, sizeof_name,
-                                                     0);
-    }
-  else
-    {
-      result =
-        MHD__gnutls_x509_write_attribute (given_oid, MHD__asn1_struct,
-                                          tmp, name, sizeof_name);
-    }
-  if (result < 0)
-    {
-      MHD_gnutls_assert ();
-      return result;
-    }
-  return 0;
-}
-/**
-  * MHD_gnutls_x509_rdn_get - This function parses an RDN sequence and returns a string
-  * @idn: should contain a DER encoded RDN sequence
-  * @buf: a pointer to a structure to hold the peer's name
-  * @sizeof_buf: holds the size of @buf
-  *
-  * This function will return the name of the given RDN sequence.  The
-  * name will be in the form "C=xxxx,O=yyyy,CN=zzzz" as described in
-  * RFC2253.
-  *
-  * If the provided buffer is not long enough, returns
-  * GNUTLS_E_SHORT_MEMORY_BUFFER and *sizeof_buf will be updated.  On
-  * success 0 is returned.
-  *
-  **/
-int
-MHD_gnutls_x509_rdn_get (const MHD_gnutls_datum_t * idn,
-                         char *buf, size_t * sizeof_buf)
-{
-  int result;
-  ASN1_TYPE dn = ASN1_TYPE_EMPTY;
-  if (sizeof_buf == 0)
-    {
-      MHD_gnutls_assert ();
-      return GNUTLS_E_INVALID_REQUEST;
-    }
-  if (buf)
-    buf[0] = 0;
-  if ((result =
-       MHD__asn1_create_element (MHD__gnutls_get_pkix (),
-                                 "PKIX1.Name", &dn)) != ASN1_SUCCESS)
-    {
-      MHD_gnutls_assert ();
-      return MHD_gtls_asn2err (result);
-    }
-  result = MHD__asn1_der_decoding (&dn, idn->data, idn->size, NULL);
-  if (result != ASN1_SUCCESS)
-    {
-      /* couldn't decode DER */
-      MHD_gnutls_assert ();
-      MHD__asn1_delete_structure (&dn);
-      return MHD_gtls_asn2err (result);
-    }
-  result = MHD__gnutls_x509_parse_dn (dn, "rdnSequence", buf, sizeof_buf);
-  MHD__asn1_delete_structure (&dn);
-  return result;
-}
-/**
-  * MHD_gnutls_x509_rdn_get_by_oid - This function parses an RDN sequence and returns a string
-  * @idn: should contain a DER encoded RDN sequence
-  * @oid: an Object Identifier
-  * @indx: In case multiple same OIDs exist in the RDN indicates which
-  *   to send. Use 0 for the first one.
-  * @raw_flag: If non zero then the raw DER data are returned.
-  * @buf: a pointer to a structure to hold the peer's name
-  * @sizeof_buf: holds the size of @buf
-  *
-  * This function will return the name of the given Object identifier,
-  * of the RDN sequence.  The name will be encoded using the rules
-  * from RFC2253.
-  *
-  * Returns GNUTLS_E_SHORT_MEMORY_BUFFER and updates *sizeof_buf if
-  * the provided buffer is not long enough, and 0 on success.
-  *
-  **/
-int
-MHD_gnutls_x509_rdn_get_by_oid (const MHD_gnutls_datum_t * idn,
-                                const char *oid, int indx,
-                                unsigned int raw_flag, void *buf,
-                                size_t * sizeof_buf)
-{
-  int result;
-  ASN1_TYPE dn = ASN1_TYPE_EMPTY;
-  if (sizeof_buf == 0)
-    {
-      return GNUTLS_E_INVALID_REQUEST;
-    }
-  if ((result =
-       MHD__asn1_create_element (MHD__gnutls_get_pkix (),
-                                 "PKIX1.Name", &dn)) != ASN1_SUCCESS)
-    {
-      MHD_gnutls_assert ();
-      return MHD_gtls_asn2err (result);
-    }
-  result = MHD__asn1_der_decoding (&dn, idn->data, idn->size, NULL);
-  if (result != ASN1_SUCCESS)
-    {
-      /* couldn't decode DER */
-      MHD_gnutls_assert ();
-      MHD__asn1_delete_structure (&dn);
-      return MHD_gtls_asn2err (result);
-    }
-  result =
-    MHD__gnutls_x509_parse_dn_oid (dn, "rdnSequence", oid, indx,
-                                   raw_flag, buf, sizeof_buf);
-  MHD__asn1_delete_structure (&dn);
-  return result;
-}
-/**
-  * MHD_gnutls_x509_rdn_get_oid - This function parses an RDN sequence and returns an OID.
-  * @idn: should contain a DER encoded RDN sequence
-  * @indx: Indicates which OID to return. Use 0 for the first one.
-  * @oid: a pointer to a structure to hold the peer's name OID
-  * @sizeof_oid: holds the size of @oid
-  *
-  * This function will return the specified Object identifier, of the
-  * RDN sequence.
-  *
-  * Returns GNUTLS_E_SHORT_MEMORY_BUFFER and updates *sizeof_buf if
-  * the provided buffer is not long enough, and 0 on success.
-  *
-  **/
-int
-MHD_gnutls_x509_rdn_get_oid (const MHD_gnutls_datum_t * idn,
-                             int indx, void *buf, size_t * sizeof_buf)
-{
-  int result;
-  ASN1_TYPE dn = ASN1_TYPE_EMPTY;
-  if (sizeof_buf == 0)
-    {
-      return GNUTLS_E_INVALID_REQUEST;
-    }
-  if ((result =
-       MHD__asn1_create_element (MHD__gnutls_get_pkix (),
-                                 "PKIX1.Name", &dn)) != ASN1_SUCCESS)
-    {
-      MHD_gnutls_assert ();
-      return MHD_gtls_asn2err (result);
-    }
-  result = MHD__asn1_der_decoding (&dn, idn->data, idn->size, NULL);
-  if (result != ASN1_SUCCESS)
-    {
-      /* couldn't decode DER */
-      MHD_gnutls_assert ();
-      MHD__asn1_delete_structure (&dn);
-      return MHD_gtls_asn2err (result);
-    }
-  result =
-    MHD__gnutls_x509_get_dn_oid (dn, "rdnSequence", indx, buf, sizeof_buf);
-  MHD__asn1_delete_structure (&dn);
-  return result;
-}
 /*
 * Compares the DER encoded part of a DN.
 *

diff --git a/src/daemon/https/x509/dn.c b/src/daemon/https/x509/dn.c index 17b4ed76..fb4fa57e 100644 --- a/src/daemon/https/x509/dn.c +++ b/src/daemon/https/x509/dn.c
@@ -518,618 +518,6 @@ cleanup:
518	return result;	518	return result;
519	}	519	}
520		520
521
522	/* Parses an X509 DN in the MHD__asn1_struct, and returns the requested
523	* DN OID.
524	*
525	* MHD__asn1_rdn_name must be a string in the form "tbsCertificate.issuer.rdnSequence".
526	* That is to point in the rndSequence.
527	*
528	* indx specifies which OID to return. Ie 0 means return the first specified
529	* OID found, 1 the second etc.
530	*/
531	int
532	MHD__gnutls_x509_get_dn_oid (ASN1_TYPE MHD__asn1_struct,
533	const char *MHD__asn1_rdn_name,
534	int indx, void _oid, size_t sizeof_oid)
535	{
536	int k2, k1, result;
537	char tmpbuffer1[MAX_NAME_SIZE];
538	char tmpbuffer2[MAX_NAME_SIZE];
539	char tmpbuffer3[MAX_NAME_SIZE];
540	char value[256];
541	char oid[128];
542	int len;
543	int i = 0;
544
545	k1 = 0;
546	do
547	{
548
549	k1++;
550	/* create a string like "tbsCertList.issuer.rdnSequence.?1"
551	*/
552	if (MHD__asn1_rdn_name[0] != 0)
553	snprintf (tmpbuffer1, sizeof (tmpbuffer1), "%s.?%u",
554	MHD__asn1_rdn_name, k1);
555	else
556	snprintf (tmpbuffer1, sizeof (tmpbuffer1), "?%u", k1);
557
558	len = sizeof (value) - 1;
559	result =
560	MHD__asn1_read_value (MHD__asn1_struct, tmpbuffer1, value, &len);
561
562	if (result == ASN1_ELEMENT_NOT_FOUND)
563	{
564	MHD_gnutls_assert ();
565	break;
566	}
567
568	if (result != ASN1_VALUE_NOT_FOUND)
569	{
570	MHD_gnutls_assert ();
571	result = MHD_gtls_asn2err (result);
572	goto cleanup;
573	}
574
575	k2 = 0;
576
577	do
578	{ /* Move to the attibute type and values
579	*/
580	k2++;
581
582	if (tmpbuffer1[0] != 0)
583	snprintf (tmpbuffer2, sizeof (tmpbuffer2), "%s.?%u", tmpbuffer1,
584	k2);
585	else
586	snprintf (tmpbuffer2, sizeof (tmpbuffer2), "?%u", k2);
587
588	/* Try to read the RelativeDistinguishedName attributes.
589	*/
590
591	len = sizeof (value) - 1;
592	result =
593	MHD__asn1_read_value (MHD__asn1_struct, tmpbuffer2, value, &len);
594
595	if (result == ASN1_ELEMENT_NOT_FOUND)
596	{
597	break;
598	}
599	if (result != ASN1_VALUE_NOT_FOUND)
600	{
601	MHD_gnutls_assert ();
602	result = MHD_gtls_asn2err (result);
603	goto cleanup;
604	}
605
606	/* Read the OID
607	*/
608	MHD_gtls_str_cpy (tmpbuffer3, sizeof (tmpbuffer3), tmpbuffer2);
609	MHD_gtls_str_cat (tmpbuffer3, sizeof (tmpbuffer3), ".type");
610
611	len = sizeof (oid) - 1;
612	result =
613	MHD__asn1_read_value (MHD__asn1_struct, tmpbuffer3, oid, &len);
614
615	if (result == ASN1_ELEMENT_NOT_FOUND)
616	break;
617	else if (result != ASN1_SUCCESS)
618	{
619	MHD_gnutls_assert ();
620	result = MHD_gtls_asn2err (result);
621	goto cleanup;
622	}
623
624	if (indx == i++)
625	{ /* Found the OID */
626
627	len = strlen (oid) + 1;
628
629	if (*sizeof_oid < (unsigned) len)
630	{
631	*sizeof_oid = len;
632	MHD_gnutls_assert ();
633	return GNUTLS_E_SHORT_MEMORY_BUFFER;
634	}
635
636	memcpy (_oid, oid, len);
637	*sizeof_oid = len - 1;
638
639	return 0;
640	}
641	}
642	while (1);
643
644	}
645	while (1);
646
647	MHD_gnutls_assert ();
648
649	result = GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
650
651	cleanup:
652	return result;
653	}
654
655	/* This will encode and write the AttributeTypeAndValue field.
656	* 'multi' must be zero if writing an AttributeTypeAndValue, and 1 if Attribute.
657	* In all cases only one value is written.
658	*/
659	int
660	MHD__gnutls_x509_encode_and_write_attribute (const char *given_oid,
661	ASN1_TYPE MHD__asn1_struct,
662	const char *where,
663	const void *_data,
664	int sizeof_data, int multi)
665	{
666	const char *val_name;
667	const opaque *data = _data;
668	char tmp[128];
669	ASN1_TYPE c2;
670	int result;
671
672
673	/* Find how to encode the data.
674	*/
675	val_name =
676	MHD__asn1_find_structure_from_oid (MHD__gnutls_get_pkix (), given_oid);
677	if (val_name == NULL)
678	{
679	MHD_gnutls_assert ();
680	return GNUTLS_E_X509_UNSUPPORTED_OID;
681	}
682
683	MHD_gtls_str_cpy (tmp, sizeof (tmp), "PKIX1.");
684	MHD_gtls_str_cat (tmp, sizeof (tmp), val_name);
685
686	result = MHD__asn1_create_element (MHD__gnutls_get_pkix (), tmp, &c2);
687	if (result != ASN1_SUCCESS)
688	{
689	MHD_gnutls_assert ();
690	return MHD_gtls_asn2err (result);
691	}
692
693	tmp[0] = 0;
694
695	if ((result = MHD__gnutls_x509_oid_data_choice (given_oid)) > 0)
696	{
697	char *string_type;
698	int i;
699
700	string_type = "printableString";
701
702	/* Check if the data is plain ascii, and use
703	* the UTF8 string type if not.
704	*/
705	for (i = 0; i < sizeof_data; i++)
706	{
707	if (!isascii (data[i]))
708	{
709	string_type = "utf8String";
710	break;
711	}
712	}
713
714	/* if the type is a CHOICE then write the
715	* type we'll use.
716	*/
717	result = MHD__asn1_write_value (c2, "", string_type, 1);
718	if (result != ASN1_SUCCESS)
719	{
720	MHD_gnutls_assert ();
721	MHD__asn1_delete_structure (&c2);
722	return MHD_gtls_asn2err (result);
723	}
724
725	MHD_gtls_str_cpy (tmp, sizeof (tmp), string_type);
726	}
727
728	result = MHD__asn1_write_value (c2, tmp, data, sizeof_data);
729	if (result != ASN1_SUCCESS)
730	{
731	MHD_gnutls_assert ();
732	MHD__asn1_delete_structure (&c2);
733	return MHD_gtls_asn2err (result);
734	}
735
736
737	/* write the data (value)
738	*/
739
740	MHD_gtls_str_cpy (tmp, sizeof (tmp), where);
741	MHD_gtls_str_cat (tmp, sizeof (tmp), ".value");
742
743	if (multi != 0)
744	{ /* if not writing an AttributeTypeAndValue, but an Attribute */
745	MHD_gtls_str_cat (tmp, sizeof (tmp), "s"); /* values */
746
747	result = MHD__asn1_write_value (MHD__asn1_struct, tmp, "NEW", 1);
748	if (result != ASN1_SUCCESS)
749	{
750	MHD_gnutls_assert ();
751	return MHD_gtls_asn2err (result);
752	}
753
754	MHD_gtls_str_cat (tmp, sizeof (tmp), ".?LAST");
755
756	}
757
758	result =
759	MHD__gnutls_x509_der_encode_and_copy (c2, "", MHD__asn1_struct, tmp, 0);
760	if (result < 0)
761	{
762	MHD_gnutls_assert ();
763	return result;
764	}
765
766	/* write the type
767	*/
768	MHD_gtls_str_cpy (tmp, sizeof (tmp), where);
769	MHD_gtls_str_cat (tmp, sizeof (tmp), ".type");
770
771	result = MHD__asn1_write_value (MHD__asn1_struct, tmp, given_oid, 1);
772	if (result != ASN1_SUCCESS)
773	{
774	MHD_gnutls_assert ();
775	return MHD_gtls_asn2err (result);
776	}
777
778	return 0;
779	}
780
781	/* This will write the AttributeTypeAndValue field. The data must be already DER encoded.
782	* In all cases only one value is written.
783	*/
784	static int
785	MHD__gnutls_x509_write_attribute (const char *given_oid,
786	ASN1_TYPE MHD__asn1_struct,
787	const char where, const void _data,
788	int sizeof_data)
789	{
790	char tmp[128];
791	int result;
792
793	/* write the data (value)
794	*/
795
796	MHD_gtls_str_cpy (tmp, sizeof (tmp), where);
797	MHD_gtls_str_cat (tmp, sizeof (tmp), ".value");
798
799	result = MHD__asn1_write_value (MHD__asn1_struct, tmp, _data, sizeof_data);
800	if (result < 0)
801	{
802	MHD_gnutls_assert ();
803	return MHD_gtls_asn2err (result);
804	}
805
806	/* write the type
807	*/
808	MHD_gtls_str_cpy (tmp, sizeof (tmp), where);
809	MHD_gtls_str_cat (tmp, sizeof (tmp), ".type");
810
811	result = MHD__asn1_write_value (MHD__asn1_struct, tmp, given_oid, 1);
812	if (result != ASN1_SUCCESS)
813	{
814	MHD_gnutls_assert ();
815	return MHD_gtls_asn2err (result);
816	}
817
818	return 0;
819	}
820
821
822	/* Decodes an X.509 Attribute (if multi==1) or an AttributeTypeAndValue
823	* otherwise.
824	*
825	* octet_string should be non zero if we are to decode octet strings after
826	* decoding.
827	*
828	* The output is allocated and stored in value.
829	*/
830	int
831	MHD__gnutls_x509_decode_and_read_attribute (ASN1_TYPE MHD__asn1_struct,
832	const char where, char oid,
833	int oid_size,
834	MHD_gnutls_datum_t * value,
835	int multi, int octet_string)
836	{
837	char tmpbuffer[128];
838	int len, result;
839
840	/* Read the OID
841	*/
842	MHD_gtls_str_cpy (tmpbuffer, sizeof (tmpbuffer), where);
843	MHD_gtls_str_cat (tmpbuffer, sizeof (tmpbuffer), ".type");
844
845	len = oid_size - 1;
846	result = MHD__asn1_read_value (MHD__asn1_struct, tmpbuffer, oid, &len);
847
848	if (result != ASN1_SUCCESS)
849	{
850	MHD_gnutls_assert ();
851	result = MHD_gtls_asn2err (result);
852	return result;
853	}
854
855	/* Read the Value
856	*/
857
858	MHD_gtls_str_cpy (tmpbuffer, sizeof (tmpbuffer), where);
859	MHD_gtls_str_cat (tmpbuffer, sizeof (tmpbuffer), ".value");
860
861	if (multi)
862	MHD_gtls_str_cat (tmpbuffer, sizeof (tmpbuffer), "s.?1"); /* .values.?1 */
863
864	result =
865	MHD__gnutls_x509_read_value (MHD__asn1_struct, tmpbuffer, value,
866	octet_string);
867	if (result < 0)
868	{
869	MHD_gnutls_assert ();
870	return result;
871	}
872
873	return 0;
874
875	}
876
877	/* Sets an X509 DN in the MHD__asn1_struct, and puts the given OID in the DN.
878	* The input is assumed to be raw data.
879	*
880	* MHD__asn1_rdn_name must be a string in the form "tbsCertificate.issuer".
881	* That is to point before the rndSequence.
882	*
883	*/
884	int
885	MHD__gnutls_x509_set_dn_oid (ASN1_TYPE MHD__asn1_struct,
886	const char *MHD__asn1_name,
887	const char *given_oid, int raw_flag,
888	const char *name, int sizeof_name)
889	{
890	int result;
891	char tmp[MAX_NAME_SIZE], MHD__asn1_rdn_name[MAX_NAME_SIZE];
892
893	if (sizeof_name == 0 \|\| name == NULL)
894	{
895	MHD_gnutls_assert ();
896	return GNUTLS_E_INVALID_REQUEST;
897	}
898
899	/* create the rdnSequence
900	*/
901	result =
902	MHD__asn1_write_value (MHD__asn1_struct, MHD__asn1_name, "rdnSequence",
903	1);
904	if (result != ASN1_SUCCESS)
905	{
906	MHD_gnutls_assert ();
907	return MHD_gtls_asn2err (result);
908	}
909
910	MHD_gtls_str_cpy (MHD__asn1_rdn_name, sizeof (MHD__asn1_rdn_name),
911	MHD__asn1_name);
912	MHD_gtls_str_cat (MHD__asn1_rdn_name, sizeof (MHD__asn1_rdn_name),
913	".rdnSequence");
914
915	/* create a new element
916	*/
917	result =
918	MHD__asn1_write_value (MHD__asn1_struct, MHD__asn1_rdn_name, "NEW", 1);
919	if (result != ASN1_SUCCESS)
920	{
921	MHD_gnutls_assert ();
922	return MHD_gtls_asn2err (result);
923	}
924
925	MHD_gtls_str_cpy (tmp, sizeof (tmp), MHD__asn1_rdn_name);
926	MHD_gtls_str_cat (tmp, sizeof (tmp), ".?LAST");
927
928	/* create the set with only one element
929	*/
930	result = MHD__asn1_write_value (MHD__asn1_struct, tmp, "NEW", 1);
931	if (result != ASN1_SUCCESS)
932	{
933	MHD_gnutls_assert ();
934	return MHD_gtls_asn2err (result);
935	}
936
937
938	/* Encode and write the data
939	*/
940	MHD_gtls_str_cpy (tmp, sizeof (tmp), MHD__asn1_rdn_name);
941	MHD_gtls_str_cat (tmp, sizeof (tmp), ".?LAST.?LAST");
942
943	if (!raw_flag)
944	{
945	result =
946	MHD__gnutls_x509_encode_and_write_attribute (given_oid,
947	MHD__asn1_struct,
948	tmp, name, sizeof_name,
949	0);
950	}
951	else
952	{
953	result =
954	MHD__gnutls_x509_write_attribute (given_oid, MHD__asn1_struct,
955	tmp, name, sizeof_name);
956	}
957
958	if (result < 0)
959	{
960	MHD_gnutls_assert ();
961	return result;
962	}
963
964	return 0;
965	}
966
967
968	/**
969	* MHD_gnutls_x509_rdn_get - This function parses an RDN sequence and returns a string
970	* @idn: should contain a DER encoded RDN sequence
971	* @buf: a pointer to a structure to hold the peer's name
972	* @sizeof_buf: holds the size of @buf
973	*
974	* This function will return the name of the given RDN sequence. The
975	* name will be in the form "C=xxxx,O=yyyy,CN=zzzz" as described in
976	* RFC2253.
977	*
978	* If the provided buffer is not long enough, returns
979	* GNUTLS_E_SHORT_MEMORY_BUFFER and *sizeof_buf will be updated. On
980	* success 0 is returned.
981	*
982	**/
983	int
984	MHD_gnutls_x509_rdn_get (const MHD_gnutls_datum_t * idn,
985	char buf, size_t sizeof_buf)
986	{
987	int result;
988	ASN1_TYPE dn = ASN1_TYPE_EMPTY;
989
990	if (sizeof_buf == 0)
991	{
992	MHD_gnutls_assert ();
993	return GNUTLS_E_INVALID_REQUEST;
994	}
995
996	if (buf)
997	buf[0] = 0;
998
999
1000	if ((result =
1001	MHD__asn1_create_element (MHD__gnutls_get_pkix (),
1002	"PKIX1.Name", &dn)) != ASN1_SUCCESS)
1003	{
1004	MHD_gnutls_assert ();
1005	return MHD_gtls_asn2err (result);
1006	}
1007
1008	result = MHD__asn1_der_decoding (&dn, idn->data, idn->size, NULL);
1009	if (result != ASN1_SUCCESS)
1010	{
1011	/* couldn't decode DER */
1012	MHD_gnutls_assert ();
1013	MHD__asn1_delete_structure (&dn);
1014	return MHD_gtls_asn2err (result);
1015	}
1016
1017	result = MHD__gnutls_x509_parse_dn (dn, "rdnSequence", buf, sizeof_buf);
1018
1019	MHD__asn1_delete_structure (&dn);
1020	return result;
1021
1022	}
1023
1024	/**
1025	* MHD_gnutls_x509_rdn_get_by_oid - This function parses an RDN sequence and returns a string
1026	* @idn: should contain a DER encoded RDN sequence
1027	* @oid: an Object Identifier
1028	* @indx: In case multiple same OIDs exist in the RDN indicates which
1029	* to send. Use 0 for the first one.
1030	* @raw_flag: If non zero then the raw DER data are returned.
1031	* @buf: a pointer to a structure to hold the peer's name
1032	* @sizeof_buf: holds the size of @buf
1033	*
1034	* This function will return the name of the given Object identifier,
1035	* of the RDN sequence. The name will be encoded using the rules
1036	* from RFC2253.
1037	*
1038	* Returns GNUTLS_E_SHORT_MEMORY_BUFFER and updates *sizeof_buf if
1039	* the provided buffer is not long enough, and 0 on success.
1040	*
1041	**/
1042	int
1043	MHD_gnutls_x509_rdn_get_by_oid (const MHD_gnutls_datum_t * idn,
1044	const char *oid, int indx,
1045	unsigned int raw_flag, void *buf,
1046	size_t * sizeof_buf)
1047	{
1048	int result;
1049	ASN1_TYPE dn = ASN1_TYPE_EMPTY;
1050
1051	if (sizeof_buf == 0)
1052	{
1053	return GNUTLS_E_INVALID_REQUEST;
1054	}
1055
1056	if ((result =
1057	MHD__asn1_create_element (MHD__gnutls_get_pkix (),
1058	"PKIX1.Name", &dn)) != ASN1_SUCCESS)
1059	{
1060	MHD_gnutls_assert ();
1061	return MHD_gtls_asn2err (result);
1062	}
1063
1064	result = MHD__asn1_der_decoding (&dn, idn->data, idn->size, NULL);
1065	if (result != ASN1_SUCCESS)
1066	{
1067	/* couldn't decode DER */
1068	MHD_gnutls_assert ();
1069	MHD__asn1_delete_structure (&dn);
1070	return MHD_gtls_asn2err (result);
1071	}
1072
1073	result =
1074	MHD__gnutls_x509_parse_dn_oid (dn, "rdnSequence", oid, indx,
1075	raw_flag, buf, sizeof_buf);
1076
1077	MHD__asn1_delete_structure (&dn);
1078	return result;
1079
1080	}
1081
1082	/**
1083	* MHD_gnutls_x509_rdn_get_oid - This function parses an RDN sequence and returns an OID.
1084	* @idn: should contain a DER encoded RDN sequence
1085	* @indx: Indicates which OID to return. Use 0 for the first one.
1086	* @oid: a pointer to a structure to hold the peer's name OID
1087	* @sizeof_oid: holds the size of @oid
1088	*
1089	* This function will return the specified Object identifier, of the
1090	* RDN sequence.
1091	*
1092	* Returns GNUTLS_E_SHORT_MEMORY_BUFFER and updates *sizeof_buf if
1093	* the provided buffer is not long enough, and 0 on success.
1094	*
1095	**/
1096	int
1097	MHD_gnutls_x509_rdn_get_oid (const MHD_gnutls_datum_t * idn,
1098	int indx, void buf, size_t sizeof_buf)
1099	{
1100	int result;
1101	ASN1_TYPE dn = ASN1_TYPE_EMPTY;
1102
1103	if (sizeof_buf == 0)
1104	{
1105	return GNUTLS_E_INVALID_REQUEST;
1106	}
1107
1108	if ((result =
1109	MHD__asn1_create_element (MHD__gnutls_get_pkix (),
1110	"PKIX1.Name", &dn)) != ASN1_SUCCESS)
1111	{
1112	MHD_gnutls_assert ();
1113	return MHD_gtls_asn2err (result);
1114	}
1115
1116	result = MHD__asn1_der_decoding (&dn, idn->data, idn->size, NULL);
1117	if (result != ASN1_SUCCESS)
1118	{
1119	/* couldn't decode DER */
1120	MHD_gnutls_assert ();
1121	MHD__asn1_delete_structure (&dn);
1122	return MHD_gtls_asn2err (result);
1123	}
1124
1125	result =
1126	MHD__gnutls_x509_get_dn_oid (dn, "rdnSequence", indx, buf, sizeof_buf);
1127
1128	MHD__asn1_delete_structure (&dn);
1129	return result;
1130
1131	}
1132
1133	/*	521	/*
1134	* Compares the DER encoded part of a DN.	522	* Compares the DER encoded part of a DN.
1135	*	523	*