diff options
Diffstat (limited to 'src/daemon/https/x509/x509.c')
-rw-r--r-- | src/daemon/https/x509/x509.c | 147 |
1 files changed, 81 insertions, 66 deletions
diff --git a/src/daemon/https/x509/x509.c b/src/daemon/https/x509/x509.c index 7bb907ab..e64d34b2 100644 --- a/src/daemon/https/x509/x509.c +++ b/src/daemon/https/x509/x509.c | |||
@@ -51,14 +51,15 @@ | |||
51 | int | 51 | int |
52 | MHD_gnutls_x509_crt_init (MHD_gnutls_x509_crt_t * cert) | 52 | MHD_gnutls_x509_crt_init (MHD_gnutls_x509_crt_t * cert) |
53 | { | 53 | { |
54 | MHD_gnutls_x509_crt_t tmp = MHD_gnutls_calloc (1, sizeof (MHD_gnutls_x509_crt_int)); | 54 | MHD_gnutls_x509_crt_t tmp = |
55 | MHD_gnutls_calloc (1, sizeof (MHD_gnutls_x509_crt_int)); | ||
55 | int result; | 56 | int result; |
56 | 57 | ||
57 | if (!tmp) | 58 | if (!tmp) |
58 | return GNUTLS_E_MEMORY_ERROR; | 59 | return GNUTLS_E_MEMORY_ERROR; |
59 | 60 | ||
60 | result = MHD__asn1_create_element (MHD__gnutls_get_pkix (), | 61 | result = MHD__asn1_create_element (MHD__gnutls_get_pkix (), |
61 | "PKIX1.Certificate", &tmp->cert); | 62 | "PKIX1.Certificate", &tmp->cert); |
62 | if (result != ASN1_SUCCESS) | 63 | if (result != ASN1_SUCCESS) |
63 | { | 64 | { |
64 | MHD_gnutls_assert (); | 65 | MHD_gnutls_assert (); |
@@ -107,8 +108,8 @@ MHD_gnutls_x509_crt_deinit (MHD_gnutls_x509_crt_t cert) | |||
107 | **/ | 108 | **/ |
108 | int | 109 | int |
109 | MHD_gnutls_x509_crt_import (MHD_gnutls_x509_crt_t cert, | 110 | MHD_gnutls_x509_crt_import (MHD_gnutls_x509_crt_t cert, |
110 | const MHD_gnutls_datum_t * data, | 111 | const MHD_gnutls_datum_t * data, |
111 | MHD_gnutls_x509_crt_fmt_t format) | 112 | MHD_gnutls_x509_crt_fmt_t format) |
112 | { | 113 | { |
113 | int result = 0, need_free = 0; | 114 | int result = 0, need_free = 0; |
114 | MHD_gnutls_datum_t _data; | 115 | MHD_gnutls_datum_t _data; |
@@ -130,14 +131,15 @@ MHD_gnutls_x509_crt_import (MHD_gnutls_x509_crt_t cert, | |||
130 | opaque *out; | 131 | opaque *out; |
131 | 132 | ||
132 | /* Try the first header */ | 133 | /* Try the first header */ |
133 | result = MHD__gnutls_fbase64_decode (PEM_X509_CERT2, data->data, data->size, | 134 | result = |
134 | &out); | 135 | MHD__gnutls_fbase64_decode (PEM_X509_CERT2, data->data, data->size, |
136 | &out); | ||
135 | 137 | ||
136 | if (result <= 0) | 138 | if (result <= 0) |
137 | { | 139 | { |
138 | /* try for the second header */ | 140 | /* try for the second header */ |
139 | result = MHD__gnutls_fbase64_decode (PEM_X509_CERT, data->data, | 141 | result = MHD__gnutls_fbase64_decode (PEM_X509_CERT, data->data, |
140 | data->size, &out); | 142 | data->size, &out); |
141 | 143 | ||
142 | if (result <= 0) | 144 | if (result <= 0) |
143 | { | 145 | { |
@@ -205,10 +207,10 @@ cleanup:MHD_gnutls_free (signature); | |||
205 | **/ | 207 | **/ |
206 | int | 208 | int |
207 | MHD_gnutls_x509_crt_get_dn_by_oid (MHD_gnutls_x509_crt_t cert, | 209 | MHD_gnutls_x509_crt_get_dn_by_oid (MHD_gnutls_x509_crt_t cert, |
208 | const char *oid, | 210 | const char *oid, |
209 | int indx, | 211 | int indx, |
210 | unsigned int raw_flag, | 212 | unsigned int raw_flag, |
211 | void *buf, size_t * sizeof_buf) | 213 | void *buf, size_t * sizeof_buf) |
212 | { | 214 | { |
213 | if (cert == NULL) | 215 | if (cert == NULL) |
214 | { | 216 | { |
@@ -217,8 +219,8 @@ MHD_gnutls_x509_crt_get_dn_by_oid (MHD_gnutls_x509_crt_t cert, | |||
217 | } | 219 | } |
218 | 220 | ||
219 | return MHD__gnutls_x509_parse_dn_oid (cert->cert, | 221 | return MHD__gnutls_x509_parse_dn_oid (cert->cert, |
220 | "tbsCertificate.subject.rdnSequence", oid, | 222 | "tbsCertificate.subject.rdnSequence", |
221 | indx, raw_flag, buf, sizeof_buf); | 223 | oid, indx, raw_flag, buf, sizeof_buf); |
222 | } | 224 | } |
223 | 225 | ||
224 | /** | 226 | /** |
@@ -247,8 +249,8 @@ MHD_gnutls_x509_crt_get_signature_algorithm (MHD_gnutls_x509_crt_t cert) | |||
247 | * read. They will be read from the issuer's certificate if needed. | 249 | * read. They will be read from the issuer's certificate if needed. |
248 | */ | 250 | */ |
249 | result = | 251 | result = |
250 | MHD__gnutls_x509_read_value (cert->cert, "signatureAlgorithm.algorithm", &sa, | 252 | MHD__gnutls_x509_read_value (cert->cert, "signatureAlgorithm.algorithm", |
251 | 0); | 253 | &sa, 0); |
252 | 254 | ||
253 | if (result < 0) | 255 | if (result < 0) |
254 | { | 256 | { |
@@ -256,7 +258,7 @@ MHD_gnutls_x509_crt_get_signature_algorithm (MHD_gnutls_x509_crt_t cert) | |||
256 | return result; | 258 | return result; |
257 | } | 259 | } |
258 | 260 | ||
259 | result = MHD_gtls_x509_oid2sign_algorithm ((const char*) sa.data); | 261 | result = MHD_gtls_x509_oid2sign_algorithm ((const char *) sa.data); |
260 | 262 | ||
261 | MHD__gnutls_free_datum (&sa); | 263 | MHD__gnutls_free_datum (&sa); |
262 | 264 | ||
@@ -275,7 +277,7 @@ MHD_gnutls_x509_crt_get_signature_algorithm (MHD_gnutls_x509_crt_t cert) | |||
275 | **/ | 277 | **/ |
276 | int | 278 | int |
277 | MHD_gnutls_x509_crt_get_signature (MHD_gnutls_x509_crt_t cert, | 279 | MHD_gnutls_x509_crt_get_signature (MHD_gnutls_x509_crt_t cert, |
278 | char *sig, size_t * sizeof_sig) | 280 | char *sig, size_t * sizeof_sig) |
279 | { | 281 | { |
280 | int result; | 282 | int result; |
281 | int bits, len; | 283 | int bits, len; |
@@ -342,7 +344,7 @@ MHD_gnutls_x509_crt_get_version (MHD_gnutls_x509_crt_t cert) | |||
342 | len = sizeof (version); | 344 | len = sizeof (version); |
343 | if ((result = | 345 | if ((result = |
344 | MHD__asn1_read_value (cert->cert, "tbsCertificate.version", version, | 346 | MHD__asn1_read_value (cert->cert, "tbsCertificate.version", version, |
345 | &len)) != ASN1_SUCCESS) | 347 | &len)) != ASN1_SUCCESS) |
346 | { | 348 | { |
347 | 349 | ||
348 | if (result == ASN1_ELEMENT_NOT_FOUND) | 350 | if (result == ASN1_ELEMENT_NOT_FOUND) |
@@ -373,7 +375,7 @@ MHD_gnutls_x509_crt_get_activation_time (MHD_gnutls_x509_crt_t cert) | |||
373 | } | 375 | } |
374 | 376 | ||
375 | return MHD__gnutls_x509_get_time (cert->cert, | 377 | return MHD__gnutls_x509_get_time (cert->cert, |
376 | "tbsCertificate.validity.notBefore"); | 378 | "tbsCertificate.validity.notBefore"); |
377 | } | 379 | } |
378 | 380 | ||
379 | /** | 381 | /** |
@@ -395,7 +397,7 @@ MHD_gnutls_x509_crt_get_expiration_time (MHD_gnutls_x509_crt_t cert) | |||
395 | } | 397 | } |
396 | 398 | ||
397 | return MHD__gnutls_x509_get_time (cert->cert, | 399 | return MHD__gnutls_x509_get_time (cert->cert, |
398 | "tbsCertificate.validity.notAfter"); | 400 | "tbsCertificate.validity.notAfter"); |
399 | } | 401 | } |
400 | 402 | ||
401 | /** | 403 | /** |
@@ -415,7 +417,7 @@ MHD_gnutls_x509_crt_get_expiration_time (MHD_gnutls_x509_crt_t cert) | |||
415 | **/ | 417 | **/ |
416 | int | 418 | int |
417 | MHD_gnutls_x509_crt_get_serial (MHD_gnutls_x509_crt_t cert, | 419 | MHD_gnutls_x509_crt_get_serial (MHD_gnutls_x509_crt_t cert, |
418 | void *result, size_t * result_size) | 420 | void *result, size_t * result_size) |
419 | { | 421 | { |
420 | int ret, len; | 422 | int ret, len; |
421 | 423 | ||
@@ -428,7 +430,8 @@ MHD_gnutls_x509_crt_get_serial (MHD_gnutls_x509_crt_t cert, | |||
428 | len = *result_size; | 430 | len = *result_size; |
429 | ret | 431 | ret |
430 | = | 432 | = |
431 | MHD__asn1_read_value (cert->cert, "tbsCertificate.serialNumber", result, &len); | 433 | MHD__asn1_read_value (cert->cert, "tbsCertificate.serialNumber", result, |
434 | &len); | ||
432 | *result_size = len; | 435 | *result_size = len; |
433 | 436 | ||
434 | if (ret != ASN1_SUCCESS) | 437 | if (ret != ASN1_SUCCESS) |
@@ -459,7 +462,8 @@ MHD_gnutls_x509_crt_get_serial (MHD_gnutls_x509_crt_t cert, | |||
459 | * | 462 | * |
460 | **/ | 463 | **/ |
461 | int | 464 | int |
462 | MHD_gnutls_x509_crt_get_pk_algorithm (MHD_gnutls_x509_crt_t cert, unsigned int *bits) | 465 | MHD_gnutls_x509_crt_get_pk_algorithm (MHD_gnutls_x509_crt_t cert, |
466 | unsigned int *bits) | ||
463 | { | 467 | { |
464 | int result; | 468 | int result; |
465 | 469 | ||
@@ -470,8 +474,8 @@ MHD_gnutls_x509_crt_get_pk_algorithm (MHD_gnutls_x509_crt_t cert, unsigned int * | |||
470 | } | 474 | } |
471 | 475 | ||
472 | result = MHD__gnutls_x509_get_pk_algorithm (cert->cert, | 476 | result = MHD__gnutls_x509_get_pk_algorithm (cert->cert, |
473 | "tbsCertificate.subjectPublicKeyInfo", | 477 | "tbsCertificate.subjectPublicKeyInfo", |
474 | bits); | 478 | bits); |
475 | 479 | ||
476 | if (result < 0) | 480 | if (result < 0) |
477 | { | 481 | { |
@@ -533,7 +537,7 @@ parse_general_name (ASN1_TYPE src, | |||
533 | return MHD_gtls_asn2err (result); | 537 | return MHD_gtls_asn2err (result); |
534 | } | 538 | } |
535 | 539 | ||
536 | type = MHD__gnutls_x509_san_find_type ((char*) choice_type); | 540 | type = MHD__gnutls_x509_san_find_type ((char *) choice_type); |
537 | if (type == (MHD_gnutls_x509_subject_alt_name_t) - 1) | 541 | if (type == (MHD_gnutls_x509_subject_alt_name_t) - 1) |
538 | { | 542 | { |
539 | MHD_gnutls_assert (); | 543 | MHD_gnutls_assert (); |
@@ -591,8 +595,8 @@ parse_general_name (ASN1_TYPE src, | |||
591 | ASN1_TYPE c2 = ASN1_TYPE_EMPTY; | 595 | ASN1_TYPE c2 = ASN1_TYPE_EMPTY; |
592 | 596 | ||
593 | result = | 597 | result = |
594 | MHD__asn1_create_element (MHD__gnutls_get_pkix (), "PKIX1.XmppAddr", | 598 | MHD__asn1_create_element (MHD__gnutls_get_pkix (), |
595 | &c2); | 599 | "PKIX1.XmppAddr", &c2); |
596 | if (result != ASN1_SUCCESS) | 600 | if (result != ASN1_SUCCESS) |
597 | { | 601 | { |
598 | MHD_gnutls_assert (); | 602 | MHD_gnutls_assert (); |
@@ -636,7 +640,7 @@ parse_general_name (ASN1_TYPE src, | |||
636 | size_t orig_name_size = *name_size; | 640 | size_t orig_name_size = *name_size; |
637 | 641 | ||
638 | MHD_gtls_str_cat (nptr, sizeof (nptr), "."); | 642 | MHD_gtls_str_cat (nptr, sizeof (nptr), "."); |
639 | MHD_gtls_str_cat (nptr, sizeof (nptr), (const char*) choice_type); | 643 | MHD_gtls_str_cat (nptr, sizeof (nptr), (const char *) choice_type); |
640 | 644 | ||
641 | len = *name_size; | 645 | len = *name_size; |
642 | result = MHD__asn1_read_value (src, nptr, name, &len); | 646 | result = MHD__asn1_read_value (src, nptr, name, &len); |
@@ -700,7 +704,7 @@ get_subject_alt_name (MHD_gnutls_x509_crt_t cert, | |||
700 | 704 | ||
701 | if ((result = | 705 | if ((result = |
702 | MHD__gnutls_x509_crt_get_extension (cert, "2.5.29.17", 0, &dnsname, | 706 | MHD__gnutls_x509_crt_get_extension (cert, "2.5.29.17", 0, &dnsname, |
703 | critical)) < 0) | 707 | critical)) < 0) |
704 | { | 708 | { |
705 | return result; | 709 | return result; |
706 | } | 710 | } |
@@ -712,7 +716,8 @@ get_subject_alt_name (MHD_gnutls_x509_crt_t cert, | |||
712 | } | 716 | } |
713 | 717 | ||
714 | result = | 718 | result = |
715 | MHD__asn1_create_element (MHD__gnutls_get_pkix (), "PKIX1.SubjectAltName", &c2); | 719 | MHD__asn1_create_element (MHD__gnutls_get_pkix (), "PKIX1.SubjectAltName", |
720 | &c2); | ||
716 | if (result != ASN1_SUCCESS) | 721 | if (result != ASN1_SUCCESS) |
717 | { | 722 | { |
718 | MHD_gnutls_assert (); | 723 | MHD_gnutls_assert (); |
@@ -781,10 +786,10 @@ get_subject_alt_name (MHD_gnutls_x509_crt_t cert, | |||
781 | **/ | 786 | **/ |
782 | int | 787 | int |
783 | MHD_gnutls_x509_crt_get_subject_alt_name (MHD_gnutls_x509_crt_t cert, | 788 | MHD_gnutls_x509_crt_get_subject_alt_name (MHD_gnutls_x509_crt_t cert, |
784 | unsigned int seq, | 789 | unsigned int seq, |
785 | void *ret, | 790 | void *ret, |
786 | size_t * ret_size, | 791 | size_t * ret_size, |
787 | unsigned int *critical) | 792 | unsigned int *critical) |
788 | { | 793 | { |
789 | return get_subject_alt_name (cert, seq, ret, ret_size, NULL, critical, 0); | 794 | return get_subject_alt_name (cert, seq, ret, ret_size, NULL, critical, 0); |
790 | } | 795 | } |
@@ -811,8 +816,8 @@ MHD_gnutls_x509_crt_get_subject_alt_name (MHD_gnutls_x509_crt_t cert, | |||
811 | **/ | 816 | **/ |
812 | static int | 817 | static int |
813 | MHD_gnutls_x509_crt_get_basic_constraints (MHD_gnutls_x509_crt_t cert, | 818 | MHD_gnutls_x509_crt_get_basic_constraints (MHD_gnutls_x509_crt_t cert, |
814 | unsigned int *critical, | 819 | unsigned int *critical, |
815 | int *ca, int *pathlen) | 820 | int *ca, int *pathlen) |
816 | { | 821 | { |
817 | int result; | 822 | int result; |
818 | MHD_gnutls_datum_t basicConstraints; | 823 | MHD_gnutls_datum_t basicConstraints; |
@@ -825,8 +830,8 @@ MHD_gnutls_x509_crt_get_basic_constraints (MHD_gnutls_x509_crt_t cert, | |||
825 | } | 830 | } |
826 | 831 | ||
827 | if ((result = MHD__gnutls_x509_crt_get_extension (cert, "2.5.29.19", 0, | 832 | if ((result = MHD__gnutls_x509_crt_get_extension (cert, "2.5.29.19", 0, |
828 | &basicConstraints, critical)) | 833 | &basicConstraints, |
829 | < 0) | 834 | critical)) < 0) |
830 | { | 835 | { |
831 | return result; | 836 | return result; |
832 | } | 837 | } |
@@ -838,8 +843,10 @@ MHD_gnutls_x509_crt_get_basic_constraints (MHD_gnutls_x509_crt_t cert, | |||
838 | } | 843 | } |
839 | 844 | ||
840 | result = MHD__gnutls_x509_ext_extract_basicConstraints (&tmp_ca, pathlen, | 845 | result = MHD__gnutls_x509_ext_extract_basicConstraints (&tmp_ca, pathlen, |
841 | basicConstraints.data, | 846 | basicConstraints. |
842 | basicConstraints.size); | 847 | data, |
848 | basicConstraints. | ||
849 | size); | ||
843 | if (ca) | 850 | if (ca) |
844 | *ca = tmp_ca; | 851 | *ca = tmp_ca; |
845 | MHD__gnutls_free_datum (&basicConstraints); | 852 | MHD__gnutls_free_datum (&basicConstraints); |
@@ -872,11 +879,12 @@ MHD_gnutls_x509_crt_get_basic_constraints (MHD_gnutls_x509_crt_t cert, | |||
872 | * | 879 | * |
873 | **/ | 880 | **/ |
874 | int | 881 | int |
875 | MHD_gnutls_x509_crt_get_ca_status (MHD_gnutls_x509_crt_t cert, unsigned int *critical) | 882 | MHD_gnutls_x509_crt_get_ca_status (MHD_gnutls_x509_crt_t cert, |
883 | unsigned int *critical) | ||
876 | { | 884 | { |
877 | int ca, pathlen; | 885 | int ca, pathlen; |
878 | return MHD_gnutls_x509_crt_get_basic_constraints (cert, critical, &ca, | 886 | return MHD_gnutls_x509_crt_get_basic_constraints (cert, critical, &ca, |
879 | &pathlen); | 887 | &pathlen); |
880 | } | 888 | } |
881 | 889 | ||
882 | /** | 890 | /** |
@@ -900,8 +908,8 @@ MHD_gnutls_x509_crt_get_ca_status (MHD_gnutls_x509_crt_t cert, unsigned int *cri | |||
900 | **/ | 908 | **/ |
901 | int | 909 | int |
902 | MHD_gnutls_x509_crt_get_key_usage (MHD_gnutls_x509_crt_t cert, | 910 | MHD_gnutls_x509_crt_get_key_usage (MHD_gnutls_x509_crt_t cert, |
903 | unsigned int *key_usage, | 911 | unsigned int *key_usage, |
904 | unsigned int *critical) | 912 | unsigned int *critical) |
905 | { | 913 | { |
906 | int result; | 914 | int result; |
907 | MHD_gnutls_datum_t keyUsage; | 915 | MHD_gnutls_datum_t keyUsage; |
@@ -915,7 +923,7 @@ MHD_gnutls_x509_crt_get_key_usage (MHD_gnutls_x509_crt_t cert, | |||
915 | 923 | ||
916 | if ((result = | 924 | if ((result = |
917 | MHD__gnutls_x509_crt_get_extension (cert, "2.5.29.15", 0, &keyUsage, | 925 | MHD__gnutls_x509_crt_get_extension (cert, "2.5.29.15", 0, &keyUsage, |
918 | critical)) < 0) | 926 | critical)) < 0) |
919 | { | 927 | { |
920 | return result; | 928 | return result; |
921 | } | 929 | } |
@@ -927,7 +935,7 @@ MHD_gnutls_x509_crt_get_key_usage (MHD_gnutls_x509_crt_t cert, | |||
927 | } | 935 | } |
928 | 936 | ||
929 | result = MHD__gnutls_x509_ext_extract_keyUsage (&_usage, keyUsage.data, | 937 | result = MHD__gnutls_x509_ext_extract_keyUsage (&_usage, keyUsage.data, |
930 | keyUsage.size); | 938 | keyUsage.size); |
931 | MHD__gnutls_free_datum (&keyUsage); | 939 | MHD__gnutls_free_datum (&keyUsage); |
932 | 940 | ||
933 | *key_usage = _usage; | 941 | *key_usage = _usage; |
@@ -944,7 +952,8 @@ MHD_gnutls_x509_crt_get_key_usage (MHD_gnutls_x509_crt_t cert, | |||
944 | 952 | ||
945 | static int | 953 | static int |
946 | MHD__gnutls_x509_crt_get_raw_dn2 (MHD_gnutls_x509_crt_t cert, | 954 | MHD__gnutls_x509_crt_get_raw_dn2 (MHD_gnutls_x509_crt_t cert, |
947 | const char *whom, MHD_gnutls_datum_t * start) | 955 | const char *whom, |
956 | MHD_gnutls_datum_t * start) | ||
948 | { | 957 | { |
949 | ASN1_TYPE c2 = ASN1_TYPE_EMPTY; | 958 | ASN1_TYPE c2 = ASN1_TYPE_EMPTY; |
950 | int result, len1; | 959 | int result, len1; |
@@ -956,22 +965,24 @@ MHD__gnutls_x509_crt_get_raw_dn2 (MHD_gnutls_x509_crt_t cert, | |||
956 | /* get the issuer of 'cert' | 965 | /* get the issuer of 'cert' |
957 | */ | 966 | */ |
958 | if ((result = | 967 | if ((result = |
959 | MHD__asn1_create_element (MHD__gnutls_get_pkix (), "PKIX1.TBSCertificate", | 968 | MHD__asn1_create_element (MHD__gnutls_get_pkix (), |
960 | &c2)) != ASN1_SUCCESS) | 969 | "PKIX1.TBSCertificate", |
970 | &c2)) != ASN1_SUCCESS) | ||
961 | { | 971 | { |
962 | MHD_gnutls_assert (); | 972 | MHD_gnutls_assert (); |
963 | return MHD_gtls_asn2err (result); | 973 | return MHD_gtls_asn2err (result); |
964 | } | 974 | } |
965 | 975 | ||
966 | result = MHD__gnutls_x509_get_signed_data (cert->cert, "tbsCertificate", | 976 | result = MHD__gnutls_x509_get_signed_data (cert->cert, "tbsCertificate", |
967 | &signed_data); | 977 | &signed_data); |
968 | if (result < 0) | 978 | if (result < 0) |
969 | { | 979 | { |
970 | MHD_gnutls_assert (); | 980 | MHD_gnutls_assert (); |
971 | goto cleanup; | 981 | goto cleanup; |
972 | } | 982 | } |
973 | 983 | ||
974 | result = MHD__asn1_der_decoding (&c2, signed_data.data, signed_data.size, NULL); | 984 | result = |
985 | MHD__asn1_der_decoding (&c2, signed_data.data, signed_data.size, NULL); | ||
975 | if (result != ASN1_SUCCESS) | 986 | if (result != ASN1_SUCCESS) |
976 | { | 987 | { |
977 | MHD_gnutls_assert (); | 988 | MHD_gnutls_assert (); |
@@ -980,8 +991,9 @@ MHD__gnutls_x509_crt_get_raw_dn2 (MHD_gnutls_x509_crt_t cert, | |||
980 | goto cleanup; | 991 | goto cleanup; |
981 | } | 992 | } |
982 | 993 | ||
983 | result = MHD__asn1_der_decoding_startEnd (c2, signed_data.data, signed_data.size, | 994 | result = |
984 | whom, &start1, &end1); | 995 | MHD__asn1_der_decoding_startEnd (c2, signed_data.data, signed_data.size, |
996 | whom, &start1, &end1); | ||
985 | 997 | ||
986 | if (result != ASN1_SUCCESS) | 998 | if (result != ASN1_SUCCESS) |
987 | { | 999 | { |
@@ -1014,7 +1026,7 @@ cleanup:MHD__asn1_delete_structure (&c2); | |||
1014 | **/ | 1026 | **/ |
1015 | int | 1027 | int |
1016 | MHD_gnutls_x509_crt_get_raw_issuer_dn (MHD_gnutls_x509_crt_t cert, | 1028 | MHD_gnutls_x509_crt_get_raw_issuer_dn (MHD_gnutls_x509_crt_t cert, |
1017 | MHD_gnutls_datum_t * start) | 1029 | MHD_gnutls_datum_t * start) |
1018 | { | 1030 | { |
1019 | return MHD__gnutls_x509_crt_get_raw_dn2 (cert, "issuer", start); | 1031 | return MHD__gnutls_x509_crt_get_raw_dn2 (cert, "issuer", start); |
1020 | } | 1032 | } |
@@ -1031,13 +1043,15 @@ MHD_gnutls_x509_crt_get_raw_issuer_dn (MHD_gnutls_x509_crt_t cert, | |||
1031 | * | 1043 | * |
1032 | **/ | 1044 | **/ |
1033 | int | 1045 | int |
1034 | MHD_gnutls_x509_crt_get_raw_dn (MHD_gnutls_x509_crt_t cert, MHD_gnutls_datum_t * start) | 1046 | MHD_gnutls_x509_crt_get_raw_dn (MHD_gnutls_x509_crt_t cert, |
1047 | MHD_gnutls_datum_t * start) | ||
1035 | { | 1048 | { |
1036 | return MHD__gnutls_x509_crt_get_raw_dn2 (cert, "subject", start); | 1049 | return MHD__gnutls_x509_crt_get_raw_dn2 (cert, "subject", start); |
1037 | } | 1050 | } |
1038 | 1051 | ||
1039 | static int | 1052 | static int |
1040 | get_dn (MHD_gnutls_x509_crt_t cert, const char *whom, MHD_gnutls_x509_dn_t * dn) | 1053 | get_dn (MHD_gnutls_x509_crt_t cert, const char *whom, |
1054 | MHD_gnutls_x509_dn_t * dn) | ||
1041 | { | 1055 | { |
1042 | *dn = MHD__asn1_find_node (cert->cert, whom); | 1056 | *dn = MHD__asn1_find_node (cert->cert, whom); |
1043 | if (!*dn) | 1057 | if (!*dn) |
@@ -1056,7 +1070,8 @@ get_dn (MHD_gnutls_x509_crt_t cert, const char *whom, MHD_gnutls_x509_dn_t * dn) | |||
1056 | * Returns: Returns 0 on success, or an error code. | 1070 | * Returns: Returns 0 on success, or an error code. |
1057 | **/ | 1071 | **/ |
1058 | int | 1072 | int |
1059 | MHD_gnutls_x509_crt_get_subject (MHD_gnutls_x509_crt_t cert, MHD_gnutls_x509_dn_t * dn) | 1073 | MHD_gnutls_x509_crt_get_subject (MHD_gnutls_x509_crt_t cert, |
1074 | MHD_gnutls_x509_dn_t * dn) | ||
1060 | { | 1075 | { |
1061 | return get_dn (cert, "tbsCertificate.subject.rdnSequence", dn); | 1076 | return get_dn (cert, "tbsCertificate.subject.rdnSequence", dn); |
1062 | } | 1077 | } |
@@ -1083,8 +1098,8 @@ MHD_gnutls_x509_crt_get_subject (MHD_gnutls_x509_crt_t cert, MHD_gnutls_x509_dn_ | |||
1083 | **/ | 1098 | **/ |
1084 | int | 1099 | int |
1085 | MHD_gnutls_x509_crt_export (MHD_gnutls_x509_crt_t cert, | 1100 | MHD_gnutls_x509_crt_export (MHD_gnutls_x509_crt_t cert, |
1086 | MHD_gnutls_x509_crt_fmt_t format, | 1101 | MHD_gnutls_x509_crt_fmt_t format, |
1087 | void *output_data, size_t * output_data_size) | 1102 | void *output_data, size_t * output_data_size) |
1088 | { | 1103 | { |
1089 | if (cert == NULL) | 1104 | if (cert == NULL) |
1090 | { | 1105 | { |
@@ -1093,7 +1108,7 @@ MHD_gnutls_x509_crt_export (MHD_gnutls_x509_crt_t cert, | |||
1093 | } | 1108 | } |
1094 | 1109 | ||
1095 | return MHD__gnutls_x509_export_int (cert->cert, format, "CERTIFICATE", | 1110 | return MHD__gnutls_x509_export_int (cert->cert, format, "CERTIFICATE", |
1096 | output_data, output_data_size); | 1111 | output_data, output_data_size); |
1097 | } | 1112 | } |
1098 | 1113 | ||
1099 | #ifdef ENABLE_PKI | 1114 | #ifdef ENABLE_PKI |
@@ -1112,8 +1127,8 @@ MHD_gnutls_x509_crt_export (MHD_gnutls_x509_crt_t cert, | |||
1112 | **/ | 1127 | **/ |
1113 | int | 1128 | int |
1114 | MHD_gnutls_x509_crt_check_revocation (MHD_gnutls_x509_crt_t cert, | 1129 | MHD_gnutls_x509_crt_check_revocation (MHD_gnutls_x509_crt_t cert, |
1115 | const MHD_gnutls_x509_crl_t * crl_list, | 1130 | const MHD_gnutls_x509_crl_t * crl_list, |
1116 | int crl_list_length) | 1131 | int crl_list_length) |
1117 | { | 1132 | { |
1118 | opaque serial[64]; | 1133 | opaque serial[64]; |
1119 | opaque cert_serial[64]; | 1134 | opaque cert_serial[64]; |
@@ -1160,7 +1175,8 @@ MHD_gnutls_x509_crt_check_revocation (MHD_gnutls_x509_crt_t cert, | |||
1160 | /* Step 2. Read the certificate's serial number | 1175 | /* Step 2. Read the certificate's serial number |
1161 | */ | 1176 | */ |
1162 | cert_serial_size = sizeof (cert_serial); | 1177 | cert_serial_size = sizeof (cert_serial); |
1163 | ret = MHD_gnutls_x509_crt_get_serial (cert, cert_serial, &cert_serial_size); | 1178 | ret = |
1179 | MHD_gnutls_x509_crt_get_serial (cert, cert_serial, &cert_serial_size); | ||
1164 | if (ret < 0) | 1180 | if (ret < 0) |
1165 | { | 1181 | { |
1166 | MHD_gnutls_assert (); | 1182 | MHD_gnutls_assert (); |
@@ -1182,7 +1198,7 @@ MHD_gnutls_x509_crt_check_revocation (MHD_gnutls_x509_crt_t cert, | |||
1182 | { | 1198 | { |
1183 | serial_size = sizeof (serial); | 1199 | serial_size = sizeof (serial); |
1184 | ret = MHD_gnutls_x509_crl_get_crt_serial (crl_list[j], i, serial, | 1200 | ret = MHD_gnutls_x509_crl_get_crt_serial (crl_list[j], i, serial, |
1185 | &serial_size, NULL); | 1201 | &serial_size, NULL); |
1186 | 1202 | ||
1187 | if (ret < 0) | 1203 | if (ret < 0) |
1188 | { | 1204 | { |
@@ -1205,4 +1221,3 @@ MHD_gnutls_x509_crt_check_revocation (MHD_gnutls_x509_crt_t cert, | |||
1205 | } | 1221 | } |
1206 | 1222 | ||
1207 | #endif | 1223 | #endif |
1208 | |||