diff options
| author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2003-12-23 21:47:11 +0000 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2003-12-23 21:47:11 +0000 |
| commit | c10891c3ee5a37ba4a1f22d4443cadf8c3240a7b (patch) | |
| tree | fa6fecd78c272ae5cdff759671eaa92a7627055e /lib/x509/extensions.c | |
| parent | 9ed56d8896141d63f5bc3d8f68c2d5c3b6c26d65 (diff) | |
| download | gnutls-c10891c3ee5a37ba4a1f22d4443cadf8c3240a7b.tar.gz | |
Added support for reading and generating CRL distribution
points extensions in certificates (not working yet).
Diffstat (limited to 'lib/x509/extensions.c')
| -rw-r--r-- | lib/x509/extensions.c | 72 |
1 files changed, 72 insertions, 0 deletions
diff --git a/lib/x509/extensions.c b/lib/x509/extensions.c index d290e95f91..e639e61d0c 100644 --- a/lib/x509/extensions.c +++ b/lib/x509/extensions.c @@ -29,6 +29,7 @@ #include <common.h> #include <x509.h> #include <extensions.h> +#include <gnutls_datum.h> /* This function will attempt to return the requested extension found in * the given X509v3 certificate. The return value is allocated and stored into @@ -564,3 +565,74 @@ int _gnutls_x509_ext_gen_subject_alt_name(gnutls_x509_subject_alt_name type, return 0; } + +int _gnutls_x509_ext_gen_crl_dist_points(gnutls_x509_subject_alt_name type, + const char* data_string, gnutls_datum* der_ext) +{ + ASN1_TYPE ext = ASN1_TYPE_EMPTY; + gnutls_datum name = {NULL, 0}; + int result; + + result = _gnutls_x509_ext_gen_subject_alt_name( type, data_string, &name); + if (result < 0) { + gnutls_assert(); + return result; + } + + result = asn1_create_element(_gnutls_get_pkix(), "PKIX1.WritableCRLDistributionPoints", &ext); + if (result != ASN1_SUCCESS) { + gnutls_assert(); + result = _gnutls_asn2err(result); + goto cleanup; + } + + result = asn1_write_value( ext, "", "NEW", 1); + if (result != ASN1_SUCCESS) { + gnutls_assert(); + result = _gnutls_asn2err(result); + goto cleanup; + } + + result = asn1_write_value( ext, "?LAST.reasons", NULL, 0); + if (result != ASN1_SUCCESS) { + gnutls_assert(); + result = _gnutls_asn2err(result); + goto cleanup; + } + + result = asn1_write_value( ext, "?LAST.cRLIssuer", NULL, 0); + if (result != ASN1_SUCCESS) { + gnutls_assert(); + result = _gnutls_asn2err(result); + goto cleanup; + } + + result = asn1_write_value( ext, "?LAST.distributionPoint", "fullName", 1); + if (result != ASN1_SUCCESS) { + gnutls_assert(); + result = _gnutls_asn2err(result); + goto cleanup; + } + + result = asn1_write_value( ext, "?LAST.distributionPoint.fullName", name.data, name.size); + if (result != ASN1_SUCCESS) { + gnutls_assert(); + result = _gnutls_asn2err(result); + goto cleanup; + } + + result = _gnutls_x509_der_encode( ext, "", der_ext, 0); + + if (result < 0) { + gnutls_assert(); + goto cleanup; + } + + result = 0; + +cleanup: + _gnutls_free_datum( &name); + asn1_delete_structure(&ext); + + return result; +} |