diff options
| author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2004-10-13 09:28:00 +0000 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2004-10-13 09:28:00 +0000 |
| commit | 7b667442ef1e31823b7cf36020e5f8b1f8881f7a (patch) | |
| tree | c5ec816b17d3fce046e6fca9e445f677782ced02 | |
| parent | 6a6a22dbe474f3009a425ea9007e0e965041d9aa (diff) | |
| download | gnutls-7b667442ef1e31823b7cf36020e5f8b1f8881f7a.tar.gz | |
print the hex value of the name in certificates with unknown character sets.
| -rw-r--r-- | lib/x509/common.c | 67 | ||||
| -rw-r--r-- | lib/x509/common.h | 3 | ||||
| -rw-r--r-- | lib/x509/dn.c | 1660 | ||||
| -rw-r--r-- | lib/x509/dn.h | 1 |
4 files changed, 871 insertions, 860 deletions
diff --git a/lib/x509/common.c b/lib/x509/common.c index 917ff670b9..59e5e1b9da 100644 --- a/lib/x509/common.c +++ b/lib/x509/common.c @@ -158,10 +158,9 @@ const char *_gnutls_x509_oid2ldap_string(const char *oid) * hold the string. */ int _gnutls_x509_oid_data2string(const char *oid, void *value, - int value_size, char *res, - size_t * res_size) + int value_size, char *res, size_t * res_size) { - char str[1024], tmpname[128]; + char str[MAX_STRING_LEN], tmpname[128]; const char *ANAME = NULL; int CHOICE = -1, len = -1, result; ASN1_TYPE tmpasn = ASN1_TYPE_EMPTY; @@ -220,16 +219,14 @@ int _gnutls_x509_oid_data2string(const char *oid, void *value, } else { /* CHOICE */ str[len] = 0; + int non_printable = 0; /* Note that we do not support strings other than * UTF-8 (thus ASCII as well). - * FIXME: convert the other types. */ if ( strcmp( str, "printableString")!=0 && strcmp( str, "utf8String")!=0 ) { - gnutls_assert(); - asn1_delete_structure(&tmpasn); - return GNUTLS_E_UNSUPPORTED_CERTIFICATE_TYPE; + non_printable = 1; } _gnutls_str_cpy(tmpname, sizeof(tmpname), str); @@ -241,16 +238,62 @@ int _gnutls_x509_oid_data2string(const char *oid, void *value, asn1_delete_structure(&tmpasn); return _gnutls_asn2err(result); } - str[len] = 0; - if (res) - _gnutls_str_cpy(res, *res_size, str); - *res_size = len; + asn1_delete_structure(&tmpasn); + + if (res) { + if (non_printable==0) { + str[len] = 0; + _gnutls_str_cpy(res, *res_size, str); + *res_size = len; + } else { + result = _gnutls_x509_data2hex( str, len, res, res_size); + if (result < 0) { + gnutls_assert(); + return result; + } + } + } + } - asn1_delete_structure(&tmpasn); return 0; +} + + +/* Converts a data string to an LDAP rfc2253 hex string + * something like '#01020304' + */ +int _gnutls_x509_data2hex(const opaque * data, size_t data_size, + opaque * out, size_t * sizeof_out) +{ + char *res; + char escaped[MAX_STRING_LEN]; + + res = _gnutls_bin2hex(data, data_size, escaped, sizeof(escaped)); + + if (res) { + unsigned int size = strlen(res) + 1; + if (size + 1 > *sizeof_out) { + fprintf(stderr, "size: %d\nreq: %d\n", *sizeof_out, size+1 + ); + *sizeof_out = size; + return GNUTLS_E_SHORT_MEMORY_BUFFER; + } + *sizeof_out = size; /* -1 for the null +1 for the '#' */ + + if (out) { + strcpy(out, "#"); + strcat(out, res); + } + return 0; + } else { + gnutls_assert(); + return GNUTLS_E_INTERNAL_ERROR; + } + + return 0; } diff --git a/lib/x509/common.h b/lib/x509/common.h index ce3025fadf..d5bb50e66e 100644 --- a/lib/x509/common.h +++ b/lib/x509/common.h @@ -2,6 +2,8 @@ #define MAX_INT_DIGITS 4 void _gnutls_int2str(unsigned int k, char *data); +#define MAX_STRING_LEN 512 + #define GNUTLS_XML_SHOW_ALL 1 #define PEM_CRL "X509 CRL" @@ -26,6 +28,7 @@ int _gnutls_x509_set_time(ASN1_TYPE c2, const char *where, time_t tim); int _gnutls_x509_oid_data2string( const char* OID, void* value, int value_size, char * res, size_t *res_size); +int _gnutls_x509_data2hex( const opaque* data, size_t data_size, opaque* out, size_t* sizeof_out); const char* _gnutls_x509_oid2ldap_string( const char* OID); diff --git a/lib/x509/dn.c b/lib/x509/dn.c index ff7493b24c..006d01ddb0 100644 --- a/lib/x509/dn.c +++ b/lib/x509/dn.c @@ -39,40 +39,40 @@ */ static const char *oid2ldap_string(const char *oid) { - const char *ret; + const char *ret; - ret = _gnutls_x509_oid2ldap_string(oid); - if (ret) - return ret; + ret = _gnutls_x509_oid2ldap_string(oid); + if (ret) + return ret; - /* else return the OID in dotted format */ - return oid; + /* else return the OID in dotted format */ + return oid; } /* Escapes a string following the rules from RFC2253. */ static char *str_escape(char *str, char *buffer, unsigned int buffer_size) { - int str_length, j, i; + int str_length, j, i; - if (str == NULL || buffer == NULL) - return NULL; + if (str == NULL || buffer == NULL) + return NULL; - str_length = MIN(strlen(str), buffer_size - 1); + str_length = MIN(strlen(str), buffer_size - 1); - for (i = j = 0; i < str_length; i++) { - if (str[i] == ',' || str[i] == '+' || str[i] == '"' - || str[i] == '\\' || str[i] == '<' || str[i] == '>' - || str[i] == ';') - buffer[j++] = '\\'; + for (i = j = 0; i < str_length; i++) { + if (str[i] == ',' || str[i] == '+' || str[i] == '"' + || str[i] == '\\' || str[i] == '<' || str[i] == '>' + || str[i] == ';') + buffer[j++] = '\\'; - buffer[j++] = str[i]; - } + buffer[j++] = str[i]; + } - /* null terminate the string */ - buffer[j] = 0; + /* null terminate the string */ + buffer[j] = 0; - return buffer; + return buffer; } /* Parses an X509 DN in the asn1_struct, and puts the output into @@ -82,236 +82,221 @@ static char *str_escape(char *str, char *buffer, unsigned int buffer_size) * That is to point in the rndSequence. */ int _gnutls_x509_parse_dn(ASN1_TYPE asn1_struct, - const char *asn1_rdn_name, char *buf, - size_t * sizeof_buf) + const char *asn1_rdn_name, char *buf, + size_t * sizeof_buf) { - gnutls_string out_str; - int k2, k1, result; - char tmpbuffer1[64]; - char tmpbuffer2[64]; - char tmpbuffer3[64]; - char counter[MAX_INT_DIGITS]; - opaque value[256], *value2 = NULL; - char *escaped = NULL; - const char *ldap_desc; - char oid[128]; - int len, printable; - char *string = NULL; - size_t sizeof_string, sizeof_escaped; - - if (sizeof_buf == NULL) { - gnutls_assert(); - return GNUTLS_E_INVALID_REQUEST; - } - - if (buf) - buf[0] = 0; - else - *sizeof_buf = 0; - - _gnutls_string_init(&out_str, gnutls_malloc, gnutls_realloc, - gnutls_free); - - k1 = 0; - do { - - k1++; - /* create a string like "tbsCertList.issuer.rdnSequence.?1" - */ - _gnutls_int2str(k1, counter); - _gnutls_str_cpy(tmpbuffer1, sizeof(tmpbuffer1), asn1_rdn_name); - if (strlen(tmpbuffer1) > 0) - _gnutls_str_cat(tmpbuffer1, sizeof(tmpbuffer1), "."); - _gnutls_str_cat(tmpbuffer1, sizeof(tmpbuffer1), "?"); - _gnutls_str_cat(tmpbuffer1, sizeof(tmpbuffer1), counter); - - len = sizeof(value) - 1; - result = asn1_read_value(asn1_struct, tmpbuffer1, value, &len); - - if (result == ASN1_ELEMENT_NOT_FOUND) { - break; - } - - if (result != ASN1_VALUE_NOT_FOUND) { - gnutls_assert(); - result = _gnutls_asn2err(result); - goto cleanup; - } - - k2 = 0; - - do { /* Move to the attibute type and values - */ - k2++; - - _gnutls_int2str(k2, counter); - _gnutls_str_cpy(tmpbuffer2, sizeof(tmpbuffer2), tmpbuffer1); - if (strlen(tmpbuffer2) > 0) - _gnutls_str_cat(tmpbuffer2, sizeof(tmpbuffer2), "."); - _gnutls_str_cat(tmpbuffer2, sizeof(tmpbuffer2), "?"); - _gnutls_str_cat(tmpbuffer2, sizeof(tmpbuffer2), counter); - - /* Try to read the RelativeDistinguishedName attributes. - */ - - len = sizeof(value) - 1; - result = asn1_read_value(asn1_struct, tmpbuffer2, value, &len); - - if (result == ASN1_ELEMENT_NOT_FOUND) - break; - if (result != ASN1_VALUE_NOT_FOUND) { - gnutls_assert(); - result = _gnutls_asn2err(result); - goto cleanup; - } - - /* Read the OID - */ - _gnutls_str_cpy(tmpbuffer3, sizeof(tmpbuffer3), tmpbuffer2); - _gnutls_str_cat(tmpbuffer3, sizeof(tmpbuffer3), ".type"); - - len = sizeof(oid) - 1; - result = asn1_read_value(asn1_struct, tmpbuffer3, oid, &len); - - if (result == ASN1_ELEMENT_NOT_FOUND) - break; - else if (result != ASN1_SUCCESS) { - gnutls_assert(); - result = _gnutls_asn2err(result); - goto cleanup; - } - - /* Read the Value - */ - _gnutls_str_cpy(tmpbuffer3, sizeof(tmpbuffer3), tmpbuffer2); - _gnutls_str_cat(tmpbuffer3, sizeof(tmpbuffer3), ".value"); - - len = 0; - result = asn1_read_value(asn1_struct, tmpbuffer3, NULL, &len); - - value2 = gnutls_malloc(len); - if (value2 == NULL) { - gnutls_assert(); - result = GNUTLS_E_MEMORY_ERROR; - goto cleanup; - } - - result = - asn1_read_value(asn1_struct, tmpbuffer3, value2, &len); - - if (result != ASN1_SUCCESS) { - gnutls_assert(); - result = _gnutls_asn2err(result); - goto cleanup; - } + gnutls_string out_str; + int k2, k1, result; + char tmpbuffer1[64]; + char tmpbuffer2[64]; + char tmpbuffer3[64]; + char counter[MAX_INT_DIGITS]; + opaque value[MAX_STRING_LEN], *value2 = NULL; + char *escaped = NULL; + const char *ldap_desc; + char oid[128]; + int len, printable; + char *string = NULL; + size_t sizeof_string, sizeof_escaped; + + if (sizeof_buf == NULL) { + gnutls_assert(); + return GNUTLS_E_INVALID_REQUEST; + } + + if (buf) + buf[0] = 0; + else + *sizeof_buf = 0; + + _gnutls_string_init(&out_str, gnutls_malloc, gnutls_realloc, + gnutls_free); + + k1 = 0; + do { + + k1++; + /* create a string like "tbsCertList.issuer.rdnSequence.?1" + */ + _gnutls_int2str(k1, counter); + _gnutls_str_cpy(tmpbuffer1, sizeof(tmpbuffer1), asn1_rdn_name); + if (strlen(tmpbuffer1) > 0) + _gnutls_str_cat(tmpbuffer1, sizeof(tmpbuffer1), "."); + _gnutls_str_cat(tmpbuffer1, sizeof(tmpbuffer1), "?"); + _gnutls_str_cat(tmpbuffer1, sizeof(tmpbuffer1), counter); + + len = sizeof(value) - 1; + result = asn1_read_value(asn1_struct, tmpbuffer1, value, &len); + + if (result == ASN1_ELEMENT_NOT_FOUND) { + break; + } + + if (result != ASN1_VALUE_NOT_FOUND) { + gnutls_assert(); + result = _gnutls_asn2err(result); + goto cleanup; + } + + k2 = 0; + + do { /* Move to the attibute type and values + */ + k2++; + + _gnutls_int2str(k2, counter); + _gnutls_str_cpy(tmpbuffer2, sizeof(tmpbuffer2), tmpbuffer1); + if (strlen(tmpbuffer2) > 0) + _gnutls_str_cat(tmpbuffer2, sizeof(tmpbuffer2), "."); + _gnutls_str_cat(tmpbuffer2, sizeof(tmpbuffer2), "?"); + _gnutls_str_cat(tmpbuffer2, sizeof(tmpbuffer2), counter); + + /* Try to read the RelativeDistinguishedName attributes. + */ + + len = sizeof(value) - 1; + result = asn1_read_value(asn1_struct, tmpbuffer2, value, &len); + + if (result == ASN1_ELEMENT_NOT_FOUND) + break; + if (result != ASN1_VALUE_NOT_FOUND) { + gnutls_assert(); + result = _gnutls_asn2err(result); + goto cleanup; + } + + /* Read the OID + */ + _gnutls_str_cpy(tmpbuffer3, sizeof(tmpbuffer3), tmpbuffer2); + _gnutls_str_cat(tmpbuffer3, sizeof(tmpbuffer3), ".type"); + + len = sizeof(oid) - 1; + result = asn1_read_value(asn1_struct, tmpbuffer3, oid, &len); + + if (result == ASN1_ELEMENT_NOT_FOUND) + break; + else if (result != ASN1_SUCCESS) { + gnutls_assert(); + result = _gnutls_asn2err(result); + goto cleanup; + } + + /* Read the Value + */ + _gnutls_str_cpy(tmpbuffer3, sizeof(tmpbuffer3), tmpbuffer2); + _gnutls_str_cat(tmpbuffer3, sizeof(tmpbuffer3), ".value"); + + len = 0; + result = asn1_read_value(asn1_struct, tmpbuffer3, NULL, &len); + + value2 = gnutls_malloc(len); + if (value2 == NULL) { + gnutls_assert(); + result = GNUTLS_E_MEMORY_ERROR; + goto cleanup; + } + + result = asn1_read_value(asn1_struct, tmpbuffer3, value2, &len); + + if (result != ASN1_SUCCESS) { + gnutls_assert(); + result = _gnutls_asn2err(result); + goto cleanup; + } #define STR_APPEND(y) if ((result=_gnutls_string_append_str( &out_str, y)) < 0) { \ gnutls_assert(); \ goto cleanup; \ } - /* The encodings of adjoining RelativeDistinguishedNames are separated - * by a comma character (',' ASCII 44). - */ - - /* Where there is a multi-valued RDN, the outputs from adjoining - * AttributeTypeAndValues are separated by a plus ('+' ASCII 43) - * character. - */ - if (k1 != 1) { /* the first time do not append a comma */ - if (k2 != 1) { /* adjoining multi-value RDN */ - STR_APPEND("+"); - } else { - STR_APPEND(","); - } - } - - ldap_desc = oid2ldap_string(oid); - printable = _gnutls_x509_oid_data_printable(oid); - - sizeof_escaped = 2 * len + 1; - - escaped = gnutls_malloc(sizeof_escaped); - if (escaped == NULL) { - gnutls_assert(); - result = GNUTLS_E_MEMORY_ERROR; - goto cleanup; - } - - if (printable == 1) { - sizeof_string = len; - - string = gnutls_malloc(sizeof_string); - if (string == NULL) { - gnutls_assert(); - result = GNUTLS_E_MEMORY_ERROR; - goto cleanup; - } - - - STR_APPEND(ldap_desc); - STR_APPEND("="); - result = - _gnutls_x509_oid_data2string(oid, - value2, - len, - string, &sizeof_string); - - if (result < 0) { - gnutls_assert(); - _gnutls_x509_log - ("Found OID: '%s' with value '%s'\n", - oid, _gnutls_bin2hex(value2, - len, - escaped, sizeof_escaped)); - goto cleanup; - } - STR_APPEND(str_escape(string, escaped, sizeof_escaped)); - gnutls_free(string); - string = NULL; - } else { - char *res; - - res = - _gnutls_bin2hex(value2, len, escaped, sizeof_escaped); - - STR_APPEND(ldap_desc); - STR_APPEND("=#"); - if (res) { - STR_APPEND(res); - } else { - STR_APPEND("(null)"); - } - } - - gnutls_free(escaped); - escaped = NULL; - gnutls_free(value2); - value2 = NULL; - - } while (1); - - } while (1); - - if (out_str.length >= (unsigned int) *sizeof_buf) { - gnutls_assert(); - *sizeof_buf = out_str.length; - result = GNUTLS_E_SHORT_MEMORY_BUFFER; - goto cleanup; - } - - if (buf) { - memcpy(buf, out_str.data, out_str.length); - buf[out_str.length] = 0; - } - *sizeof_buf = out_str.length; - - result = 0; - - cleanup: - gnutls_free(value2); - gnutls_free(string); - gnutls_free(escaped); - _gnutls_string_clear(&out_str); - return result; + /* The encodings of adjoining RelativeDistinguishedNames are separated + * by a comma character (',' ASCII 44). + */ + + /* Where there is a multi-valued RDN, the outputs from adjoining + * AttributeTypeAndValues are separated by a plus ('+' ASCII 43) + * character. + */ + if (k1 != 1) { /* the first time do not append a comma */ + if (k2 != 1) { /* adjoining multi-value RDN */ + STR_APPEND("+"); + } else { + STR_APPEND(","); + } + } + + ldap_desc = oid2ldap_string(oid); + printable = _gnutls_x509_oid_data_printable(oid); + + sizeof_escaped = 2 * len + 1; + + escaped = gnutls_malloc(sizeof_escaped); + if (escaped == NULL) { + gnutls_assert(); + result = GNUTLS_E_MEMORY_ERROR; + goto cleanup; + } + + sizeof_string = 2 * len + 2; /* in case it is not printable */ + + string = gnutls_malloc(sizeof_string); + if (string == NULL) { + gnutls_assert(); + result = GNUTLS_E_MEMORY_ERROR; + goto cleanup; + } + + STR_APPEND(ldap_desc); + STR_APPEND("="); + if (printable) + result = + _gnutls_x509_oid_data2string(oid, + value2, len, + string, &sizeof_string); + else + result = + _gnutls_x509_data2hex(value2, len, string, &sizeof_string); + + if (result < 0) { + gnutls_assert(); + _gnutls_x509_log + ("Found OID: '%s' with value '%s'\n", + oid, _gnutls_bin2hex(value2, + len, escaped, sizeof_escaped)); + goto cleanup; + } + STR_APPEND(str_escape(string, escaped, sizeof_escaped)); + gnutls_free(string); + string = NULL; + + gnutls_free(escaped); + escaped = NULL; + gnutls_free(value2); + value2 = NULL; + + } while (1); + + } while (1); + + if (out_str.length >= (unsigned int) *sizeof_buf) { + gnutls_assert(); + *sizeof_buf = out_str.length; + result = GNUTLS_E_SHORT_MEMORY_BUFFER; + goto cleanup; + } + + if (buf) { + memcpy(buf, out_str.data, out_str.length); + buf[out_str.length] = 0; + } + *sizeof_buf = out_str.length; + + result = 0; + + cleanup: + gnutls_free(value2); + gnutls_free(string); + gnutls_free(escaped); + _gnutls_string_clear(&out_str); + return result; } /* Parses an X509 DN in the asn1_struct, and searches for the @@ -327,180 +312,158 @@ int _gnutls_x509_parse_dn(ASN1_TYPE asn1_struct, * OID found, 1 the second etc. */ int _gnutls_x509_parse_dn_oid(ASN1_TYPE asn1_struct, - const char *asn1_rdn_name, - const char *given_oid, int indx, - unsigned int raw_flag, - void *buf, size_t * sizeof_buf) + const char *asn1_rdn_name, + const char *given_oid, int indx, + unsigned int raw_flag, + void *buf, size_t * sizeof_buf) { - int k2, k1, result; - char tmpbuffer1[64]; - char tmpbuffer2[64]; - char tmpbuffer3[64]; - char counter[MAX_INT_DIGITS]; - opaque value[256]; - char escaped[256]; - char oid[128]; - int len, printable; - int i = 0; - char *cbuf = buf; - - if (cbuf == NULL) - *sizeof_buf = 0; - else - cbuf[0] = 0; - - k1 = 0; - do { - - k1++; - /* create a string like "tbsCertList.issuer.rdnSequence.?1" - */ - _gnutls_int2str(k1, counter); - _gnutls_str_cpy(tmpbuffer1, sizeof(tmpbuffer1), asn1_rdn_name); - - if (strlen(tmpbuffer1) > 0) - _gnutls_str_cat(tmpbuffer1, sizeof(tmpbuffer1), "."); - _gnutls_str_cat(tmpbuffer1, sizeof(tmpbuffer1), "?"); - _gnutls_str_cat(tmpbuffer1, sizeof(tmpbuffer1), counter); - - len = sizeof(value) - 1; - result = asn1_read_value(asn1_struct, tmpbuffer1, value, &len); - - if (result == ASN1_ELEMENT_NOT_FOUND) { - gnutls_assert(); - break; - } - - if (result != ASN1_VALUE_NOT_FOUND) { - gnutls_assert(); - result = _gnutls_asn2err(result); - goto cleanup; - } - - k2 = 0; - - do { /* Move to the attibute type and values - */ - k2++; - - _gnutls_int2str(k2, counter); - _gnutls_str_cpy(tmpbuffer2, sizeof(tmpbuffer2), tmpbuffer1); - - if (strlen(tmpbuffer2) > 0) - _gnutls_str_cat(tmpbuffer2, sizeof(tmpbuffer2), "."); - _gnutls_str_cat(tmpbuffer2, sizeof(tmpbuffer2), "?"); - _gnutls_str_cat(tmpbuffer2, sizeof(tmpbuffer2), counter); - - /* Try to read the RelativeDistinguishedName attributes. - */ - - len = sizeof(value) - 1; - result = asn1_read_value(asn1_struct, tmpbuffer2, value, &len); - - if (result == ASN1_ELEMENT_NOT_FOUND) { - break; - } - if (result != ASN1_VALUE_NOT_FOUND) { - gnutls_assert(); - result = _gnutls_asn2err(result); - goto cleanup; - } - - /* Read the OID - */ - _gnutls_str_cpy(tmpbuffer3, sizeof(tmpbuffer3), tmpbuffer2); - _gnutls_str_cat(tmpbuffer3, sizeof(tmpbuffer3), ".type"); - - len = sizeof(oid) - 1; - result = asn1_read_value(asn1_struct, tmpbuffer3, oid, &len); - - if (result == ASN1_ELEMENT_NOT_FOUND) - break; - else if (result != ASN1_SUCCESS) { - gnutls_assert(); - result = _gnutls_asn2err(result); - goto cleanup; - } - - if (strcmp(oid, given_oid) == 0 && indx == i++) { /* Found the OID */ - - /* Read the Value - */ - _gnutls_str_cpy(tmpbuffer3, - sizeof(tmpbuffer3), tmpbuffer2); - _gnutls_str_cat(tmpbuffer3, sizeof(tmpbuffer3), ".value"); - - len = *sizeof_buf; - result = - asn1_read_value(asn1_struct, tmpbuffer3, buf, &len); - - if (result != ASN1_SUCCESS) { - gnutls_assert(); - result = _gnutls_asn2err(result); - goto cleanup; - } - - if (raw_flag != 0) { - if ((uint) len > *sizeof_buf) { - *sizeof_buf = len; - return GNUTLS_E_SHORT_MEMORY_BUFFER; - } - *sizeof_buf = len; - - return 0; - - } else { /* parse data. raw_flag == 0 */ - printable = _gnutls_x509_oid_data_printable(oid); - - if (printable == 1) { - result = - _gnutls_x509_oid_data2string - (oid, buf, len, cbuf, sizeof_buf); - if (result < 0) { - gnutls_assert(); - goto cleanup; - } - - return 0; - } else { - char *res; - - res = - _gnutls_bin2hex(cbuf, - len, escaped, sizeof(escaped)); - if (res) { - unsigned int size = strlen(res) + 1; - if (size + 1 > *sizeof_buf) { - *sizeof_buf = size; - return GNUTLS_E_SHORT_MEMORY_BUFFER; - } - *sizeof_buf = size; /* -1 for the null +1 for the '#' */ - - if (buf) { - strcpy(cbuf, "#"); - strcat(cbuf, res); - } - - return 0; - } else { - gnutls_assert(); - return GNUTLS_E_INTERNAL_ERROR; - } - } - } /* raw_flag == 0 */ - } - } while (1); - - } while (1); - - gnutls_assert(); - - result = GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE; - - cleanup: - return result; + int k2, k1, result; + char tmpbuffer1[64]; + char tmpbuffer2[64]; + char tmpbuffer3[64]; + char counter[MAX_INT_DIGITS]; + opaque value[256]; + char oid[128]; + int len, printable; + int i = 0; + char *cbuf = buf; + + if (cbuf == NULL) + *sizeof_buf = 0; + else + cbuf[0] = 0; + + k1 = 0; + do { + + k1++; + /* create a string like "tbsCertList.issuer.rdnSequence.?1" + */ + _gnutls_int2str(k1, counter); + _gnutls_str_cpy(tmpbuffer1, sizeof(tmpbuffer1), asn1_rdn_name); + + if (strlen(tmpbuffer1) > 0) + _gnutls_str_cat(tmpbuffer1, sizeof(tmpbuffer1), "."); + _gnutls_str_cat(tmpbuffer1, sizeof(tmpbuffer1), "?"); + _gnutls_str_cat(tmpbuffer1, sizeof(tmpbuffer1), counter); + + len = sizeof(value) - 1; + result = asn1_read_value(asn1_struct, tmpbuffer1, value, &len); + + if (result == ASN1_ELEMENT_NOT_FOUND) { + gnutls_assert(); + break; + } + + if (result != ASN1_VALUE_NOT_FOUND) { + gnutls_assert(); + result = _gnutls_asn2err(result); + goto cleanup; + } + + k2 = 0; + + do { /* Move to the attibute type and values + */ + k2++; + + _gnutls_int2str(k2, counter); + _gnutls_str_cpy(tmpbuffer2, sizeof(tmpbuffer2), tmpbuffer1); + + if (strlen(tmpbuffer2) > 0) + _gnutls_str_cat(tmpbuffer2, sizeof(tmpbuffer2), "."); + _gnutls_str_cat(tmpbuffer2, sizeof(tmpbuffer2), "?"); + _gnutls_str_cat(tmpbuffer2, sizeof(tmpbuffer2), counter); + + /* Try to read the RelativeDistinguishedName attributes. + */ + + len = sizeof(value) - 1; + result = asn1_read_value(asn1_struct, tmpbuffer2, value, &len); + + if (result == ASN1_ELEMENT_NOT_FOUND) { + break; + } + if (result != ASN1_VALUE_NOT_FOUND) { + gnutls_assert(); + result = _gnutls_asn2err(result); + goto cleanup; + } + + /* Read the OID + */ + _gnutls_str_cpy(tmpbuffer3, sizeof(tmpbuffer3), tmpbuffer2); + _gnutls_str_cat(tmpbuffer3, sizeof(tmpbuffer3), ".type"); + + len = sizeof(oid) - 1; + result = asn1_read_value(asn1_struct, tmpbuffer3, oid, &len); + + if (result == ASN1_ELEMENT_NOT_FOUND) + break; + else if (result != ASN1_SUCCESS) { + gnutls_assert(); + result = _gnutls_asn2err(result); + goto cleanup; + } + + if (strcmp(oid, given_oid) == 0 && indx == i++) { /* Found the OID */ + + /* Read the Value + */ + _gnutls_str_cpy(tmpbuffer3, sizeof(tmpbuffer3), tmpbuffer2); + _gnutls_str_cat(tmpbuffer3, sizeof(tmpbuffer3), ".value"); + + len = *sizeof_buf; + result = asn1_read_value(asn1_struct, tmpbuffer3, buf, &len); + + if (result != ASN1_SUCCESS) { + gnutls_assert(); + result = _gnutls_asn2err(result); + goto cleanup; + } + + if (raw_flag != 0) { + if ((uint) len > *sizeof_buf) { + *sizeof_buf = len; + return GNUTLS_E_SHORT_MEMORY_BUFFER; + } + *sizeof_buf = len; + + return 0; + + } else { /* parse data. raw_flag == 0 */ + printable = _gnutls_x509_oid_data_printable(oid); + + if (printable == 1) + result = + _gnutls_x509_oid_data2string(oid, buf, len, + cbuf, sizeof_buf); + else + result = + _gnutls_x509_data2hex(buf, len, cbuf, sizeof_buf); + + if (result < 0) { + gnutls_assert(); + goto cleanup; + } + + return 0; + + } /* raw_flag == 0 */ + } + } while (1); + + } while (1); + + gnutls_assert(); + + result = GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE; + + cleanup: + return result; } + /* Parses an X509 DN in the asn1_struct, and returns the requested * DN OID. * @@ -511,117 +474,117 @@ int _gnutls_x509_parse_dn_oid(ASN1_TYPE asn1_struct, * OID found, 1 the second etc. */ int _gnutls_x509_get_dn_oid(ASN1_TYPE asn1_struct, - const char *asn1_rdn_name, - int indx, void *_oid, size_t * sizeof_oid) + const char *asn1_rdn_name, + int indx, void *_oid, size_t * sizeof_oid) { - int k2, k1, result; - char tmpbuffer1[64]; - char tmpbuffer2[64]; - char tmpbuffer3[64]; - char counter[MAX_INT_DIGITS]; - char value[256]; - char oid[128]; - int len; - int i = 0; - - k1 = 0; - do { - - k1++; - /* create a string like "tbsCertList.issuer.rdnSequence.?1" - */ - _gnutls_int2str(k1, counter); - _gnutls_str_cpy(tmpbuffer1, sizeof(tmpbuffer1), asn1_rdn_name); - - if (strlen(tmpbuffer1) > 0) - _gnutls_str_cat(tmpbuffer1, sizeof(tmpbuffer1), "."); - _gnutls_str_cat(tmpbuffer1, sizeof(tmpbuffer1), "?"); - _gnutls_str_cat(tmpbuffer1, sizeof(tmpbuffer1), counter); - - len = sizeof(value) - 1; - result = asn1_read_value(asn1_struct, tmpbuffer1, value, &len); - - if (result == ASN1_ELEMENT_NOT_FOUND) { - gnutls_assert(); - break; - } - - if (result != ASN1_VALUE_NOT_FOUND) { - gnutls_assert(); - result = _gnutls_asn2err(result); - goto cleanup; - } - - k2 = 0; - - do { /* Move to the attibute type and values - */ - k2++; - - _gnutls_int2str(k2, counter); - _gnutls_str_cpy(tmpbuffer2, sizeof(tmpbuffer2), tmpbuffer1); - - if (strlen(tmpbuffer2) > 0) - _gnutls_str_cat(tmpbuffer2, sizeof(tmpbuffer2), "."); - _gnutls_str_cat(tmpbuffer2, sizeof(tmpbuffer2), "?"); - _gnutls_str_cat(tmpbuffer2, sizeof(tmpbuffer2), counter); - - /* Try to read the RelativeDistinguishedName attributes. - */ - - len = sizeof(value) - 1; - result = asn1_read_value(asn1_struct, tmpbuffer2, value, &len); - - if (result == ASN1_ELEMENT_NOT_FOUND) { - break; - } - if (result != ASN1_VALUE_NOT_FOUND) { - gnutls_assert(); - result = _gnutls_asn2err(result); - goto cleanup; - } - - /* Read the OID - */ - _gnutls_str_cpy(tmpbuffer3, sizeof(tmpbuffer3), tmpbuffer2); - _gnutls_str_cat(tmpbuffer3, sizeof(tmpbuffer3), ".type"); - - len = sizeof(oid) - 1; - result = asn1_read_value(asn1_struct, tmpbuffer3, oid, &len); - - if (result == ASN1_ELEMENT_NOT_FOUND) - break; - else if (result != ASN1_SUCCESS) { - gnutls_assert(); - result = _gnutls_asn2err(result); - goto cleanup; - } - - if (indx == i++) { /* Found the OID */ - - len = strlen(oid) + 1; - - if (*sizeof_oid < (uint) len) { - *sizeof_oid = len; - gnutls_assert(); - return GNUTLS_E_SHORT_MEMORY_BUFFER; - } - - memcpy(oid, _oid, len); - *sizeof_oid = len - 1; - - return 0; - } - } while (1); - - } while (1); - - gnutls_assert(); - - result = GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE; + int k2, k1, result; + char tmpbuffer1[64]; + char tmpbuffer2[64]; + char tmpbuffer3[64]; + char counter[MAX_INT_DIGITS]; + char value[256]; + char oid[128]; + int len; + int i = 0; + + k1 = 0; + do { + + k1++; + /* create a string like "tbsCertList.issuer.rdnSequence.?1" + */ + _gnutls_int2str(k1, counter); + _gnutls_str_cpy(tmpbuffer1, sizeof(tmpbuffer1), asn1_rdn_name); + + if (strlen(tmpbuffer1) > 0) + _gnutls_str_cat(tmpbuffer1, sizeof(tmpbuffer1), "."); + _gnutls_str_cat(tmpbuffer1, sizeof(tmpbuffer1), "?"); + _gnutls_str_cat(tmpbuffer1, sizeof(tmpbuffer1), counter); + + len = sizeof(value) - 1; + result = asn1_read_value(asn1_struct, tmpbuffer1, value, &len); + + if (result == ASN1_ELEMENT_NOT_FOUND) { + gnutls_assert(); + break; + } + + if (result != ASN1_VALUE_NOT_FOUND) { + gnutls_assert(); + result = _gnutls_asn2err(result); + goto cleanup; + } + + k2 = 0; + + do { /* Move to the attibute type and values + */ + k2++; + + _gnutls_int2str(k2, counter); + _gnutls_str_cpy(tmpbuffer2, sizeof(tmpbuffer2), tmpbuffer1); + + if (strlen(tmpbuffer2) > 0) + _gnutls_str_cat(tmpbuffer2, sizeof(tmpbuffer2), "."); + _gnutls_str_cat(tmpbuffer2, sizeof(tmpbuffer2), "?"); + _gnutls_str_cat(tmpbuffer2, sizeof(tmpbuffer2), counter); + + /* Try to read the RelativeDistinguishedName attributes. + */ + + len = sizeof(value) - 1; + result = asn1_read_value(asn1_struct, tmpbuffer2, value, &len); + + if (result == ASN1_ELEMENT_NOT_FOUND) { + break; + } + if (result != ASN1_VALUE_NOT_FOUND) { + gnutls_assert(); + result = _gnutls_asn2err(result); + goto cleanup; + } + + /* Read the OID + */ + _gnutls_str_cpy(tmpbuffer3, sizeof(tmpbuffer3), tmpbuffer2); + _gnutls_str_cat(tmpbuffer3, sizeof(tmpbuffer3), ".type"); + + len = sizeof(oid) - 1; + result = asn1_read_value(asn1_struct, tmpbuffer3, oid, &len); + + if (result == ASN1_ELEMENT_NOT_FOUND) + break; + else if (result != ASN1_SUCCESS) { + gnutls_assert(); + result = _gnutls_asn2err(result); + goto cleanup; + } + + if (indx == i++) { /* Found the OID */ + + len = strlen(oid) + 1; + + if (*sizeof_oid < (uint) len) { + *sizeof_oid = len; + gnutls_assert(); + return GNUTLS_E_SHORT_MEMORY_BUFFER; + } + + memcpy(oid, _oid, len); + *sizeof_oid = len - 1; + + return 0; + } + } while (1); + + } while (1); + + gnutls_assert(); + + result = GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE; - cleanup: - return result; + cleanup: + return result; } /* This will encode and write the AttributeTypeAndValue field. @@ -629,111 +592,111 @@ int _gnutls_x509_get_dn_oid(ASN1_TYPE asn1_struct, * In all cases only one value is written. */ int _gnutls_x509_encode_and_write_attribute(const char *given_oid, - ASN1_TYPE asn1_struct, - const char *where, - const void *_data, - int sizeof_data, int multi) + ASN1_TYPE asn1_struct, + const char *where, + const void *_data, + int sizeof_data, int multi) { - const char *val_name; - const opaque *data = _data; - char tmp[128]; - ASN1_TYPE c2; - int result; - - - /* Find how to encode the data. - */ - val_name = asn1_find_structure_from_oid(_gnutls_get_pkix(), given_oid); - if (val_name == NULL) { - gnutls_assert(); - return GNUTLS_E_X509_UNSUPPORTED_OID; - } - - _gnutls_str_cpy(tmp, sizeof(tmp), "PKIX1."); - _gnutls_str_cat(tmp, sizeof(tmp), val_name); - - result = asn1_create_element(_gnutls_get_pkix(), tmp, &c2); - if (result != ASN1_SUCCESS) { - gnutls_assert(); - return _gnutls_asn2err(result); - } - - tmp[0] = 0; - - if ((result = _gnutls_x509_oid_data_choice(given_oid)) > 0) { - char *string_type; - int i; - - string_type = "printableString"; - - /* Check if the data is plain ascii, and use - * the UTF8 string type if not. - */ - for (i = 0; i < sizeof_data; i++) { - if (!isascii(data[i])) { - string_type = "utf8String"; - break; - } - } - - /* if the type is a CHOICE then write the - * type we'll use. - */ - result = asn1_write_value(c2, "", string_type, 1); - if (result != ASN1_SUCCESS) { - gnutls_assert(); - asn1_delete_structure(&c2); - return _gnutls_asn2err(result); - } - - _gnutls_str_cpy(tmp, sizeof(tmp), string_type); - } - - result = asn1_write_value(c2, tmp, data, sizeof_data); - if (result != ASN1_SUCCESS) { - gnutls_assert(); - asn1_delete_structure(&c2); - return _gnutls_asn2err(result); - } - - - /* write the data (value) - */ - - _gnutls_str_cpy(tmp, sizeof(tmp), where); - _gnutls_str_cat(tmp, sizeof(tmp), ".value"); - - if (multi != 0) { /* if not writing an AttributeTypeAndValue, but an Attribute */ - _gnutls_str_cat(tmp, sizeof(tmp), "s"); /* values */ - - result = asn1_write_value(asn1_struct, tmp, "NEW", 1); - if (result != ASN1_SUCCESS) { - gnutls_assert(); - return _gnutls_asn2err(result); - } - - _gnutls_str_cat(tmp, sizeof(tmp), ".?LAST"); - - } - - result = _gnutls_x509_der_encode_and_copy(c2, "", asn1_struct, tmp, 0); - if (result < 0) { - gnutls_assert(); - return result; - } - - /* write the type - */ - _gnutls_str_cpy(tmp, sizeof(tmp), where); - _gnutls_str_cat(tmp, sizeof(tmp), ".type"); - - result = asn1_write_value(asn1_struct, tmp, given_oid, 1); - if (result != ASN1_SUCCESS) { - gnutls_assert(); - return _gnutls_asn2err(result); - } - - return 0; + const char *val_name; + const opaque *data = _data; + char tmp[128]; + ASN1_TYPE c2; + int result; + + + /* Find how to encode the data. + */ + val_name = asn1_find_structure_from_oid(_gnutls_get_pkix(), given_oid); + if (val_name == NULL) { + gnutls_assert(); + return GNUTLS_E_X509_UNSUPPORTED_OID; + } + + _gnutls_str_cpy(tmp, sizeof(tmp), "PKIX1."); + _gnutls_str_cat(tmp, sizeof(tmp), val_name); + + result = asn1_create_element(_gnutls_get_pkix(), tmp, &c2); + if (result != ASN1_SUCCESS) { + gnutls_assert(); + return _gnutls_asn2err(result); + } + + tmp[0] = 0; + + if ((result = _gnutls_x509_oid_data_choice(given_oid)) > 0) { + char *string_type; + int i; + + string_type = "printableString"; + + /* Check if the data is plain ascii, and use + * the UTF8 string type if not. + */ + for (i = 0; i < sizeof_data; i++) { + if (!isascii(data[i])) { + string_type = "utf8String"; + break; + } + } + + /* if the type is a CHOICE then write the + * type we'll use. + */ + result = asn1_write_value(c2, "", string_type, 1); + if (result != ASN1_SUCCESS) { + gnutls_assert(); + asn1_delete_structure(&c2); + return _gnutls_asn2err(result); + } + + _gnutls_str_cpy(tmp, sizeof(tmp), string_type); + } + + result = asn1_write_value(c2, tmp, data, sizeof_data); + if (result != ASN1_SUCCESS) { + gnutls_assert(); + asn1_delete_structure(&c2); + return _gnutls_asn2err(result); + } + + + /* write the data (value) + */ + + _gnutls_str_cpy(tmp, sizeof(tmp), where); + _gnutls_str_cat(tmp, sizeof(tmp), ".value"); + + if (multi != 0) { /* if not writing an AttributeTypeAndValue, but an Attribute */ + _gnutls_str_cat(tmp, sizeof(tmp), "s"); /* values */ + + result = asn1_write_value(asn1_struct, tmp, "NEW", 1); + if (result != ASN1_SUCCESS) { + gnutls_assert(); + return _gnutls_asn2err(result); + } + + _gnutls_str_cat(tmp, sizeof(tmp), ".?LAST"); + + } + + result = _gnutls_x509_der_encode_and_copy(c2, "", asn1_struct, tmp, 0); + if (result < 0) { + gnutls_assert(); + return result; + } + + /* write the type + */ + _gnutls_str_cpy(tmp, sizeof(tmp), where); + _gnutls_str_cat(tmp, sizeof(tmp), ".type"); + + result = asn1_write_value(asn1_struct, tmp, given_oid, 1); + if (result != ASN1_SUCCESS) { + gnutls_assert(); + return _gnutls_asn2err(result); + } + + return 0; } /* This will write the AttributeTypeAndValue field. The data must be already DER encoded. @@ -741,50 +704,50 @@ int _gnutls_x509_encode_and_write_attribute(const char *given_oid, * In all cases only one value is written. */ int _gnutls_x509_write_attribute(const char *given_oid, - ASN1_TYPE asn1_struct, const char *where, - const void *_data, int sizeof_data, - int multi) + ASN1_TYPE asn1_struct, const char *where, + const void *_data, int sizeof_data, + int multi) { - char tmp[128]; - int result; + char tmp[128]; + int result; - /* write the data (value) - */ + /* write the data (value) + */ - _gnutls_str_cpy(tmp, sizeof(tmp), where); - _gnutls_str_cat(tmp, sizeof(tmp), ".value"); + _gnutls_str_cpy(tmp, sizeof(tmp), where); + _gnutls_str_cat(tmp, sizeof(tmp), ".value"); - if (multi != 0) { /* if not writing an AttributeTypeAndValue, but an Attribute */ - _gnutls_str_cat(tmp, sizeof(tmp), "s"); /* values */ + if (multi != 0) { /* if not writing an AttributeTypeAndValue, but an Attribute */ + _gnutls_str_cat(tmp, sizeof(tmp), "s"); /* values */ - result = asn1_write_value(asn1_struct, tmp, "NEW", 1); - if (result != ASN1_SUCCESS) { - gnutls_assert(); - return _gnutls_asn2err(result); - } + result = asn1_write_value(asn1_struct, tmp, "NEW", 1); + if (result != ASN1_SUCCESS) { + gnutls_assert(); + return _gnutls_asn2err(result); + } - _gnutls_str_cat(tmp, sizeof(tmp), ".?LAST"); + _gnutls_str_cat(tmp, sizeof(tmp), ".?LAST"); - } + } - result = asn1_write_value(asn1_struct, tmp, _data, sizeof_data); - if (result < 0) { - gnutls_assert(); - return _gnutls_asn2err(result); - } + result = asn1_write_value(asn1_struct, tmp, _data, sizeof_data); + if (result < 0) { + gnutls_assert(); + return _gnutls_asn2err(result); + } - /* write the type - */ - _gnutls_str_cpy(tmp, sizeof(tmp), where); - _gnutls_str_cat(tmp, sizeof(tmp), ".type"); + /* write the type + */ + _gnutls_str_cpy(tmp, sizeof(tmp), where); + _gnutls_str_cat(tmp, sizeof(tmp), ".type"); - result = asn1_write_value(asn1_struct, tmp, given_oid, 1); - if (result != ASN1_SUCCESS) { - gnutls_assert(); - return _gnutls_asn2err(result); - } + result = asn1_write_value(asn1_struct, tmp, given_oid, 1); + if (result != ASN1_SUCCESS) { + gnutls_assert(); + return _gnutls_asn2err(result); + } - return 0; + return 0; } @@ -792,43 +755,44 @@ int _gnutls_x509_write_attribute(const char *given_oid, * otherwise. */ int _gnutls_x509_decode_and_read_attribute(ASN1_TYPE asn1_struct, - const char *where, char *oid, - int oid_size, - gnutls_datum_t * value, int multi) + const char *where, char *oid, + int oid_size, + gnutls_datum_t * value, + int multi) { - char tmpbuffer[128]; - int len, result; + char tmpbuffer[128]; + int len, result; - /* Read the OID - */ - _gnutls_str_cpy(tmpbuffer, sizeof(tmpbuffer), where); - _gnutls_str_cat(tmpbuffer, sizeof(tmpbuffer), ".type"); + /* Read the OID + */ + _gnutls_str_cpy(tmpbuffer, sizeof(tmpbuffer), where); + _gnutls_str_cat(tmpbuffer, sizeof(tmpbuffer), ".type"); - len = oid_size - 1; - result = asn1_read_value(asn1_struct, tmpbuffer, oid, &len); + len = oid_size - 1; + result = asn1_read_value(asn1_struct, tmpbuffer, oid, &len); - if (result != ASN1_SUCCESS) { - gnutls_assert(); - result = _gnutls_asn2err(result); - return result; - } + if (result != ASN1_SUCCESS) { + gnutls_assert(); + result = _gnutls_asn2err(result); + return result; + } - /* Read the Value - */ + /* Read the Value + */ - _gnutls_str_cpy(tmpbuffer, sizeof(tmpbuffer), where); - _gnutls_str_cat(tmpbuffer, sizeof(tmpbuffer), ".value"); + _gnutls_str_cpy(tmpbuffer, sizeof(tmpbuffer), where); + _gnutls_str_cat(tmpbuffer, sizeof(tmpbuffer), ".value"); - if (multi) - _gnutls_str_cat(tmpbuffer, sizeof(tmpbuffer), "s.?1"); /* .values.?1 */ + if (multi) + _gnutls_str_cat(tmpbuffer, sizeof(tmpbuffer), "s.?1"); /* .values.?1 */ - result = _gnutls_x509_read_value(asn1_struct, tmpbuffer, value, 0); - if (result < 0) { - gnutls_assert(); - return result; - } + result = _gnutls_x509_read_value(asn1_struct, tmpbuffer, value, 0); + if (result < 0) { + gnutls_assert(); + return result; + } - return 0; + return 0; } @@ -840,72 +804,72 @@ int _gnutls_x509_decode_and_read_attribute(ASN1_TYPE asn1_struct, * */ int _gnutls_x509_set_dn_oid(ASN1_TYPE asn1_struct, - const char *asn1_name, const char *given_oid, - int raw_flag, const char *name, - int sizeof_name) + const char *asn1_name, const char *given_oid, + int raw_flag, const char *name, + int sizeof_name) { - int result; - char tmp[64], asn1_rdn_name[64]; - - if (sizeof_name == 0 || name == NULL) { - gnutls_assert(); - return GNUTLS_E_INVALID_REQUEST; - } - - /* create the rdnSequence - */ - result = asn1_write_value(asn1_struct, asn1_name, "rdnSequence", 1); - if (result != ASN1_SUCCESS) { - gnutls_assert(); - return _gnutls_asn2err(result); - } - - _gnutls_str_cpy(asn1_rdn_name, sizeof(asn1_rdn_name), asn1_name); - _gnutls_str_cat(asn1_rdn_name, sizeof(asn1_rdn_name), ".rdnSequence"); - - /* create a new element - */ - result = asn1_write_value(asn1_struct, asn1_rdn_name, "NEW", 1); - if (result != ASN1_SUCCESS) { - gnutls_assert(); - return _gnutls_asn2err(result); - } - - _gnutls_str_cpy(tmp, sizeof(tmp), asn1_rdn_name); - _gnutls_str_cat(tmp, sizeof(tmp), ".?LAST"); - - /* create the set with only one element - */ - result = asn1_write_value(asn1_struct, tmp, "NEW", 1); - if (result != ASN1_SUCCESS) { - gnutls_assert(); - return _gnutls_asn2err(result); - } - - - /* Encode and write the data - */ - _gnutls_str_cpy(tmp, sizeof(tmp), asn1_rdn_name); - _gnutls_str_cat(tmp, sizeof(tmp), ".?LAST.?LAST"); - - if (!raw_flag) { - result = - _gnutls_x509_encode_and_write_attribute(given_oid, - asn1_struct, - tmp, name, - sizeof_name, 0); - } else { - result = - _gnutls_x509_write_attribute(given_oid, asn1_struct, - tmp, name, sizeof_name, 0); - } - - if (result < 0) { - gnutls_assert(); - return result; - } - - return 0; + int result; + char tmp[64], asn1_rdn_name[64]; + + if (sizeof_name == 0 || name == NULL) { + gnutls_assert(); + return GNUTLS_E_INVALID_REQUEST; + } + + /* create the rdnSequence + */ + result = asn1_write_value(asn1_struct, asn1_name, "rdnSequence", 1); + if (result != ASN1_SUCCESS) { + gnutls_assert(); + return _gnutls_asn2err(result); + } + + _gnutls_str_cpy(asn1_rdn_name, sizeof(asn1_rdn_name), asn1_name); + _gnutls_str_cat(asn1_rdn_name, sizeof(asn1_rdn_name), ".rdnSequence"); + + /* create a new element + */ + result = asn1_write_value(asn1_struct, asn1_rdn_name, "NEW", 1); + if (result != ASN1_SUCCESS) { + gnutls_assert(); + return _gnutls_asn2err(result); + } + + _gnutls_str_cpy(tmp, sizeof(tmp), asn1_rdn_name); + _gnutls_str_cat(tmp, sizeof(tmp), ".?LAST"); + + /* create the set with only one element + */ + result = asn1_write_value(asn1_struct, tmp, "NEW", 1); + if (result != ASN1_SUCCESS) { + gnutls_assert(); + return _gnutls_asn2err(result); + } + + + /* Encode and write the data + */ + _gnutls_str_cpy(tmp, sizeof(tmp), asn1_rdn_name); + _gnutls_str_cat(tmp, sizeof(tmp), ".?LAST.?LAST"); + + if (!raw_flag) { + result = + _gnutls_x509_encode_and_write_attribute(given_oid, + asn1_struct, + tmp, name, + sizeof_name, 0); + } else { + result = + _gnutls_x509_write_attribute(given_oid, asn1_struct, + tmp, name, sizeof_name, 0); + } + + if (result < 0) { + gnutls_assert(); + return result; + } + + return 0; } @@ -924,39 +888,39 @@ int _gnutls_x509_set_dn_oid(ASN1_TYPE asn1_struct, * **/ int gnutls_x509_rdn_get(const gnutls_datum_t * idn, - char *buf, size_t * sizeof_buf) + char *buf, size_t * sizeof_buf) { - int result; - ASN1_TYPE dn = ASN1_TYPE_EMPTY; + int result; + ASN1_TYPE dn = ASN1_TYPE_EMPTY; - if (sizeof_buf == 0) { - gnutls_assert(); - return GNUTLS_E_INVALID_REQUEST; - } + if (sizeof_buf == 0) { + gnutls_assert(); + return GNUTLS_E_INVALID_REQUEST; + } - if (buf) - buf[0] = 0; + if (buf) + buf[0] = 0; - if ((result = - asn1_create_element(_gnutls_get_pkix(), - "PKIX1.Name", &dn)) != ASN1_SUCCESS) { - gnutls_assert(); - return _gnutls_asn2err(result); - } + if ((result = + asn1_create_element(_gnutls_get_pkix(), + "PKIX1.Name", &dn)) != ASN1_SUCCESS) { + gnutls_assert(); + return _gnutls_asn2err(result); + } - result = asn1_der_decoding(&dn, idn->data, idn->size, NULL); - if (result != ASN1_SUCCESS) { - /* couldn't decode DER */ - gnutls_assert(); - asn1_delete_structure(&dn); - return _gnutls_asn2err(result); - } + result = asn1_der_decoding(&dn, idn->data, idn->size, NULL); + if (result != ASN1_SUCCESS) { + /* couldn't decode DER */ + gnutls_assert(); + asn1_delete_structure(&dn); + return _gnutls_asn2err(result); + } - result = _gnutls_x509_parse_dn(dn, "rdnSequence", buf, sizeof_buf); + result = _gnutls_x509_parse_dn(dn, "rdnSequence", buf, sizeof_buf); - asn1_delete_structure(&dn); - return result; + asn1_delete_structure(&dn); + return result; } @@ -978,37 +942,37 @@ int gnutls_x509_rdn_get(const gnutls_datum_t * idn, * **/ int gnutls_x509_rdn_get_by_oid(const gnutls_datum_t * idn, const char *oid, - int indx, unsigned int raw_flag, - void *buf, size_t * sizeof_buf) + int indx, unsigned int raw_flag, + void *buf, size_t * sizeof_buf) { - int result; - ASN1_TYPE dn = ASN1_TYPE_EMPTY; - - if (sizeof_buf == 0) { - return GNUTLS_E_INVALID_REQUEST; - } - - if ((result = - asn1_create_element(_gnutls_get_pkix(), - "PKIX1.Name", &dn)) != ASN1_SUCCESS) { - gnutls_assert(); - return _gnutls_asn2err(result); - } - - result = asn1_der_decoding(&dn, idn->data, idn->size, NULL); - if (result != ASN1_SUCCESS) { - /* couldn't decode DER */ - gnutls_assert(); - asn1_delete_structure(&dn); - return _gnutls_asn2err(result); - } - - result = - _gnutls_x509_parse_dn_oid(dn, "rdnSequence", oid, indx, - raw_flag, buf, sizeof_buf); - - asn1_delete_structure(&dn); - return result; + int result; + ASN1_TYPE dn = ASN1_TYPE_EMPTY; + + if (sizeof_buf == 0) { + return GNUTLS_E_INVALID_REQUEST; + } + + if ((result = + asn1_create_element(_gnutls_get_pkix(), + "PKIX1.Name", &dn)) != ASN1_SUCCESS) { + gnutls_assert(); + return _gnutls_asn2err(result); + } + + result = asn1_der_decoding(&dn, idn->data, idn->size, NULL); + if (result != ASN1_SUCCESS) { + /* couldn't decode DER */ + gnutls_assert(); + asn1_delete_structure(&dn); + return _gnutls_asn2err(result); + } + + result = + _gnutls_x509_parse_dn_oid(dn, "rdnSequence", oid, indx, + raw_flag, buf, sizeof_buf); + + asn1_delete_structure(&dn); + return result; } @@ -1027,35 +991,35 @@ int gnutls_x509_rdn_get_by_oid(const gnutls_datum_t * idn, const char *oid, * **/ int gnutls_x509_rdn_get_oid(const gnutls_datum_t * idn, - int indx, void *buf, size_t * sizeof_buf) + int indx, void *buf, size_t * sizeof_buf) { - int result; - ASN1_TYPE dn = ASN1_TYPE_EMPTY; - - if (sizeof_buf == 0) { - return GNUTLS_E_INVALID_REQUEST; - } - - if ((result = - asn1_create_element(_gnutls_get_pkix(), - "PKIX1.Name", &dn)) != ASN1_SUCCESS) { - gnutls_assert(); - return _gnutls_asn2err(result); - } - - result = asn1_der_decoding(&dn, idn->data, idn->size, NULL); - if (result != ASN1_SUCCESS) { - /* couldn't decode DER */ - gnutls_assert(); - asn1_delete_structure(&dn); - return _gnutls_asn2err(result); - } - - result = - _gnutls_x509_get_dn_oid(dn, "rdnSequence", indx, buf, sizeof_buf); - - asn1_delete_structure(&dn); - return result; + int result; + ASN1_TYPE dn = ASN1_TYPE_EMPTY; + + if (sizeof_buf == 0) { + return GNUTLS_E_INVALID_REQUEST; + } + + if ((result = + asn1_create_element(_gnutls_get_pkix(), + "PKIX1.Name", &dn)) != ASN1_SUCCESS) { + gnutls_assert(); + return _gnutls_asn2err(result); + } + + result = asn1_der_decoding(&dn, idn->data, idn->size, NULL); + if (result != ASN1_SUCCESS) { + /* couldn't decode DER */ + gnutls_assert(); + asn1_delete_structure(&dn); + return _gnutls_asn2err(result); + } + + result = + _gnutls_x509_get_dn_oid(dn, "rdnSequence", indx, buf, sizeof_buf); + + asn1_delete_structure(&dn); + return result; } @@ -1068,16 +1032,16 @@ int gnutls_x509_rdn_get_oid(const gnutls_datum_t * idn, * a negative value is returned to indicate error. */ int _gnutls_x509_compare_raw_dn(const gnutls_datum_t * dn1, - const gnutls_datum_t * dn2) + const gnutls_datum_t * dn2) { - if (dn1->size != dn2->size) { - gnutls_assert(); - return 0; - } - if (memcmp(dn1->data, dn2->data, dn2->size) != 0) { - gnutls_assert(); - return 0; - } - return 1; /* they match */ + if (dn1->size != dn2->size) { + gnutls_assert(); + return 0; + } + if (memcmp(dn1->data, dn2->data, dn2->size) != 0) { + gnutls_assert(); + return 0; + } + return 1; /* they match */ } diff --git a/lib/x509/dn.h b/lib/x509/dn.h index cf6c6374b8..18cca894a4 100644 --- a/lib/x509/dn.h +++ b/lib/x509/dn.h @@ -30,4 +30,5 @@ int _gnutls_x509_get_dn_oid(ASN1_TYPE asn1_struct, int indx, void *_oid, size_t * sizeof_oid); + #endif |