summaryrefslogtreecommitdiff
path: root/lib/x509/crl.c
diff options
context:
space:
mode:
Diffstat (limited to 'lib/x509/crl.c')
-rw-r--r--lib/x509/crl.c135
1 files changed, 64 insertions, 71 deletions
diff --git a/lib/x509/crl.c b/lib/x509/crl.c
index d4fc7d93ac..f6c6089af7 100644
--- a/lib/x509/crl.c
+++ b/lib/x509/crl.c
@@ -34,14 +34,13 @@
static int crl_reinit(gnutls_x509_crl_t crl)
{
-int result;
+ int result;
if (crl->crl)
asn1_delete_structure(&crl->crl);
result = asn1_create_element(_gnutls_get_pkix(),
- "PKIX1.CertificateList",
- &crl->crl);
+ "PKIX1.CertificateList", &crl->crl);
if (result != ASN1_SUCCESS) {
gnutls_assert();
return _gnutls_asn2err(result);
@@ -160,7 +159,8 @@ gnutls_x509_crl_import(gnutls_x509_crl_t crl,
crl->expanded = 1;
result =
- _asn1_strict_der_decode(&crl->crl, crl->der.data, crl->der.size, NULL);
+ _asn1_strict_der_decode(&crl->crl, crl->der.data, crl->der.size,
+ NULL);
if (result != ASN1_SUCCESS) {
result = _gnutls_asn2err(result);
gnutls_assert();
@@ -168,8 +168,8 @@ gnutls_x509_crl_import(gnutls_x509_crl_t crl,
}
result = _gnutls_x509_get_raw_field2(crl->crl, &crl->der,
- "tbsCertList.issuer.rdnSequence",
- &crl->raw_issuer_dn);
+ "tbsCertList.issuer.rdnSequence",
+ &crl->raw_issuer_dn);
if (result < 0) {
gnutls_assert();
goto cleanup;
@@ -177,12 +177,11 @@ gnutls_x509_crl_import(gnutls_x509_crl_t crl,
return 0;
- cleanup:
+ cleanup:
_gnutls_free_datum(&crl->der);
return result;
}
-
/**
* gnutls_x509_crl_get_issuer_dn:
* @crl: should contain a gnutls_x509_crl_t type
@@ -206,7 +205,7 @@ gnutls_x509_crl_import(gnutls_x509_crl_t crl,
**/
int
gnutls_x509_crl_get_issuer_dn(gnutls_x509_crl_t crl, char *buf,
- size_t * sizeof_buf)
+ size_t *sizeof_buf)
{
if (crl == NULL) {
gnutls_assert();
@@ -215,7 +214,8 @@ gnutls_x509_crl_get_issuer_dn(gnutls_x509_crl_t crl, char *buf,
return _gnutls_x509_parse_dn(crl->crl,
"tbsCertList.issuer.rdnSequence",
- buf, sizeof_buf, GNUTLS_X509_DN_FLAG_COMPAT);
+ buf, sizeof_buf,
+ GNUTLS_X509_DN_FLAG_COMPAT);
}
/**
@@ -248,7 +248,7 @@ int
gnutls_x509_crl_get_issuer_dn_by_oid(gnutls_x509_crl_t crl,
const char *oid, unsigned indx,
unsigned int raw_flag, void *buf,
- size_t * sizeof_buf)
+ size_t *sizeof_buf)
{
gnutls_datum_t td;
int ret;
@@ -267,7 +267,6 @@ gnutls_x509_crl_get_issuer_dn_by_oid(gnutls_x509_crl_t crl,
return _gnutls_strdatum_to_buf(&td, buf, sizeof_buf);
}
-
/**
* gnutls_x509_crl_get_dn_oid:
* @crl: should contain a gnutls_x509_crl_t type
@@ -286,7 +285,7 @@ gnutls_x509_crl_get_issuer_dn_by_oid(gnutls_x509_crl_t crl,
**/
int
gnutls_x509_crl_get_dn_oid(gnutls_x509_crl_t crl,
- unsigned indx, void *oid, size_t * sizeof_oid)
+ unsigned indx, void *oid, size_t *sizeof_oid)
{
if (crl == NULL) {
gnutls_assert();
@@ -316,8 +315,7 @@ gnutls_x509_crl_get_dn_oid(gnutls_x509_crl_t crl,
*
* Since: 3.1.10
**/
-int
-gnutls_x509_crl_get_issuer_dn2(gnutls_x509_crl_t crl, gnutls_datum_t * dn)
+int gnutls_x509_crl_get_issuer_dn2(gnutls_x509_crl_t crl, gnutls_datum_t * dn)
{
if (crl == NULL) {
gnutls_assert();
@@ -350,7 +348,8 @@ gnutls_x509_crl_get_issuer_dn2(gnutls_x509_crl_t crl, gnutls_datum_t * dn)
* Since: 3.5.7
**/
int
-gnutls_x509_crl_get_issuer_dn3(gnutls_x509_crl_t crl, gnutls_datum_t * dn, unsigned flags)
+gnutls_x509_crl_get_issuer_dn3(gnutls_x509_crl_t crl, gnutls_datum_t * dn,
+ unsigned flags)
{
if (crl == NULL) {
gnutls_assert();
@@ -358,8 +357,7 @@ gnutls_x509_crl_get_issuer_dn3(gnutls_x509_crl_t crl, gnutls_datum_t * dn, unsig
}
return _gnutls_x509_get_dn(crl->crl,
- "tbsCertList.issuer.rdnSequence",
- dn, flags);
+ "tbsCertList.issuer.rdnSequence", dn, flags);
}
/**
@@ -378,7 +376,7 @@ gnutls_x509_crl_get_issuer_dn3(gnutls_x509_crl_t crl, gnutls_datum_t * dn, unsig
int gnutls_x509_crl_get_signature_algorithm(gnutls_x509_crl_t crl)
{
return map_errs_to_zero(_gnutls_x509_get_signature_algorithm(crl->crl,
- "signatureAlgorithm"));
+ "signatureAlgorithm"));
}
/**
@@ -396,23 +394,26 @@ int gnutls_x509_crl_get_signature_algorithm(gnutls_x509_crl_t crl)
*
* Since: 3.5.0
**/
-int gnutls_x509_crl_get_signature_oid(gnutls_x509_crl_t crl, char *oid, size_t *oid_size)
+int gnutls_x509_crl_get_signature_oid(gnutls_x509_crl_t crl, char *oid,
+ size_t *oid_size)
{
char str[MAX_OID_SIZE];
int len, result, ret;
gnutls_datum_t out;
len = sizeof(str);
- result = asn1_read_value(crl->crl, "signatureAlgorithm.algorithm", str, &len);
+ result =
+ asn1_read_value(crl->crl, "signatureAlgorithm.algorithm", str,
+ &len);
if (result != ASN1_SUCCESS) {
gnutls_assert();
return _gnutls_asn2err(result);
}
- out.data = (void*)str;
+ out.data = (void *)str;
out.size = len;
- ret = _gnutls_copy_string(&out, (void*)oid, oid_size);
+ ret = _gnutls_copy_string(&out, (void *)oid, oid_size);
if (ret < 0) {
gnutls_assert();
return ret;
@@ -434,7 +435,7 @@ int gnutls_x509_crl_get_signature_oid(gnutls_x509_crl_t crl, char *oid, size_t *
**/
int
gnutls_x509_crl_get_signature(gnutls_x509_crl_t crl,
- char *sig, size_t * sizeof_sig)
+ char *sig, size_t *sizeof_sig)
{
int result;
unsigned int bits;
@@ -461,7 +462,7 @@ gnutls_x509_crl_get_signature(gnutls_x509_crl_t crl,
len = bits / 8;
- if (*sizeof_sig < (unsigned) len) {
+ if (*sizeof_sig < (unsigned)len) {
*sizeof_sig = bits / 8;
return GNUTLS_E_SHORT_MEMORY_BUFFER;
}
@@ -508,8 +509,7 @@ time_t gnutls_x509_crl_get_this_update(gnutls_x509_crl_t crl)
return (time_t) - 1;
}
- return _gnutls_x509_get_time(crl->crl, "tbsCertList.thisUpdate",
- 0);
+ return _gnutls_x509_get_time(crl->crl, "tbsCertList.thisUpdate", 0);
}
/**
@@ -529,8 +529,7 @@ time_t gnutls_x509_crl_get_next_update(gnutls_x509_crl_t crl)
return (time_t) - 1;
}
- return _gnutls_x509_get_time(crl->crl, "tbsCertList.nextUpdate",
- 0);
+ return _gnutls_x509_get_time(crl->crl, "tbsCertList.nextUpdate", 0);
}
/**
@@ -554,8 +553,7 @@ int gnutls_x509_crl_get_crt_count(gnutls_x509_crl_t crl)
result =
asn1_number_of_elements(crl->crl,
- "tbsCertList.revokedCertificates",
- &count);
+ "tbsCertList.revokedCertificates", &count);
if (result != ASN1_SUCCESS) {
gnutls_assert();
@@ -585,7 +583,7 @@ int gnutls_x509_crl_get_crt_count(gnutls_x509_crl_t crl)
int
gnutls_x509_crl_get_crt_serial(gnutls_x509_crl_t crl, unsigned indx,
unsigned char *serial,
- size_t * serial_size, time_t * t)
+ size_t *serial_size, time_t * t)
{
int result, _serial_size;
@@ -605,8 +603,7 @@ gnutls_x509_crl_get_crt_serial(gnutls_x509_crl_t crl, unsigned indx,
indx + 1);
_serial_size = *serial_size;
- result =
- asn1_read_value(crl->crl, serial_name, serial, &_serial_size);
+ result = asn1_read_value(crl->crl, serial_name, serial, &_serial_size);
*serial_size = _serial_size;
if (result != ASN1_SUCCESS) {
@@ -660,9 +657,9 @@ void gnutls_x509_crl_iter_deinit(gnutls_x509_crl_iter_t iter)
**/
int
gnutls_x509_crl_iter_crt_serial(gnutls_x509_crl_t crl,
- gnutls_x509_crl_iter_t *iter,
+ gnutls_x509_crl_iter_t * iter,
unsigned char *serial,
- size_t * serial_size, time_t * t)
+ size_t *serial_size, time_t * t)
{
int result, _serial_size;
@@ -681,12 +678,14 @@ gnutls_x509_crl_iter_crt_serial(gnutls_x509_crl_t crl,
}
if ((*iter)->rcache == NULL) {
- (*iter)->rcache = asn1_find_node (crl->crl, "tbsCertList.revokedCertificates.?1");
+ (*iter)->rcache =
+ asn1_find_node(crl->crl,
+ "tbsCertList.revokedCertificates.?1");
(*iter)->rcache_idx = 1;
} else {
snprintf(serial_name, sizeof(serial_name),
"?%u", (*iter)->rcache_idx);
- (*iter)->rcache = asn1_find_node ((*iter)->rcache, serial_name);
+ (*iter)->rcache = asn1_find_node((*iter)->rcache, serial_name);
}
if ((*iter)->rcache == NULL) {
/* reset */
@@ -699,7 +698,8 @@ gnutls_x509_crl_iter_crt_serial(gnutls_x509_crl_t crl,
_serial_size = *serial_size;
result =
- asn1_read_value((*iter)->rcache, serial_name, serial, &_serial_size);
+ asn1_read_value((*iter)->rcache, serial_name, serial,
+ &_serial_size);
*serial_size = _serial_size;
if (result != ASN1_SUCCESS) {
@@ -736,14 +736,15 @@ gnutls_x509_crl_iter_crt_serial(gnutls_x509_crl_t crl,
* Since: 2.12.0
**/
int
-gnutls_x509_crl_get_raw_issuer_dn(gnutls_x509_crl_t crl,
- gnutls_datum_t * dn)
+gnutls_x509_crl_get_raw_issuer_dn(gnutls_x509_crl_t crl, gnutls_datum_t * dn)
{
if (crl->raw_issuer_dn.size != 0) {
return _gnutls_set_datum(dn, crl->raw_issuer_dn.data,
crl->raw_issuer_dn.size);
} else {
- return _gnutls_x509_get_raw_field(crl->crl, "tbsCertList.issuer.rdnSequence", dn);
+ return _gnutls_x509_get_raw_field(crl->crl,
+ "tbsCertList.issuer.rdnSequence",
+ dn);
}
}
@@ -769,7 +770,7 @@ gnutls_x509_crl_get_raw_issuer_dn(gnutls_x509_crl_t crl,
int
gnutls_x509_crl_export(gnutls_x509_crl_t crl,
gnutls_x509_crt_fmt_t format, void *output_data,
- size_t * output_data_size)
+ size_t *output_data_size)
{
if (crl == NULL) {
gnutls_assert();
@@ -914,10 +915,10 @@ int
gnutls_x509_crl_get_authority_key_gn_serial(gnutls_x509_crl_t crl,
unsigned int seq,
void *alt,
- size_t * alt_size,
+ size_t *alt_size,
unsigned int *alt_type,
void *serial,
- size_t * serial_size,
+ size_t *serial_size,
unsigned int *critical)
{
int ret, result, len;
@@ -952,13 +953,12 @@ gnutls_x509_crl_get_authority_key_gn_serial(gnutls_x509_crl_t crl,
ret = 0;
- fail:
+ fail:
asn1_delete_structure(&c2);
return ret;
}
-
/**
* gnutls_x509_crl_get_authority_key_id:
* @crl: should contain a #gnutls_x509_crl_t type
@@ -982,8 +982,7 @@ gnutls_x509_crl_get_authority_key_gn_serial(gnutls_x509_crl_t crl,
**/
int
gnutls_x509_crl_get_authority_key_id(gnutls_x509_crl_t crl, void *id,
- size_t * id_size,
- unsigned int *critical)
+ size_t *id_size, unsigned int *critical)
{
int result, len, ret;
asn1_node c2;
@@ -998,10 +997,8 @@ gnutls_x509_crl_get_authority_key_id(gnutls_x509_crl_t crl, void *id,
*id_size = len;
asn1_delete_structure(&c2);
- if (result == ASN1_VALUE_NOT_FOUND
- || result == ASN1_ELEMENT_NOT_FOUND)
- return
- gnutls_assert_val(GNUTLS_E_X509_UNSUPPORTED_EXTENSION);
+ if (result == ASN1_VALUE_NOT_FOUND || result == ASN1_ELEMENT_NOT_FOUND)
+ return gnutls_assert_val(GNUTLS_E_X509_UNSUPPORTED_EXTENSION);
if (result != ASN1_SUCCESS) {
gnutls_assert();
@@ -1029,7 +1026,7 @@ gnutls_x509_crl_get_authority_key_id(gnutls_x509_crl_t crl, void *id,
**/
int
gnutls_x509_crl_get_number(gnutls_x509_crl_t crl, void *ret,
- size_t * ret_size, unsigned int *critical)
+ size_t *ret_size, unsigned int *critical)
{
int result;
gnutls_datum_t id;
@@ -1056,8 +1053,7 @@ gnutls_x509_crl_get_number(gnutls_x509_crl_t crl, void *ret,
}
result =
- _gnutls_x509_ext_extract_number(ret, ret_size, id.data,
- id.size);
+ _gnutls_x509_ext_extract_number(ret, ret_size, id.data, id.size);
_gnutls_free_datum(&id);
@@ -1089,7 +1085,7 @@ gnutls_x509_crl_get_number(gnutls_x509_crl_t crl, void *ret,
**/
int
gnutls_x509_crl_get_extension_oid(gnutls_x509_crl_t crl, unsigned indx,
- void *oid, size_t * sizeof_oid)
+ void *oid, size_t *sizeof_oid)
{
int result;
@@ -1098,8 +1094,7 @@ gnutls_x509_crl_get_extension_oid(gnutls_x509_crl_t crl, unsigned indx,
return GNUTLS_E_INVALID_REQUEST;
}
- result =
- _gnutls_x509_crl_get_extension_oid(crl, indx, oid, sizeof_oid);
+ result = _gnutls_x509_crl_get_extension_oid(crl, indx, oid, sizeof_oid);
if (result < 0) {
return result;
}
@@ -1135,7 +1130,7 @@ gnutls_x509_crl_get_extension_oid(gnutls_x509_crl_t crl, unsigned indx,
**/
int
gnutls_x509_crl_get_extension_info(gnutls_x509_crl_t crl, unsigned indx,
- void *oid, size_t * sizeof_oid,
+ void *oid, size_t *sizeof_oid,
unsigned int *critical)
{
int result;
@@ -1207,7 +1202,7 @@ gnutls_x509_crl_get_extension_info(gnutls_x509_crl_t crl, unsigned indx,
**/
int
gnutls_x509_crl_get_extension_data(gnutls_x509_crl_t crl, unsigned indx,
- void *data, size_t * sizeof_data)
+ void *data, size_t *sizeof_data)
{
int result, len;
char name[MAX_NAME_SIZE];
@@ -1257,8 +1252,7 @@ int
gnutls_x509_crl_list_import2(gnutls_x509_crl_t ** crls,
unsigned int *size,
const gnutls_datum_t * data,
- gnutls_x509_crt_fmt_t format,
- unsigned int flags)
+ gnutls_x509_crt_fmt_t format, unsigned int flags)
{
unsigned int init = 1024;
int ret;
@@ -1271,7 +1265,8 @@ gnutls_x509_crl_list_import2(gnutls_x509_crl_t ** crls,
ret =
gnutls_x509_crl_list_import(*crls, &init, data, format,
- flags | GNUTLS_X509_CRT_LIST_IMPORT_FAIL_IF_EXCEED);
+ flags |
+ GNUTLS_X509_CRT_LIST_IMPORT_FAIL_IF_EXCEED);
if (ret == GNUTLS_E_SHORT_MEMORY_BUFFER) {
*crls = _gnutls_reallocarray_fast(*crls, init,
sizeof(gnutls_x509_crl_t));
@@ -1317,8 +1312,7 @@ int
gnutls_x509_crl_list_import(gnutls_x509_crl_t * crls,
unsigned int *crl_max,
const gnutls_datum_t * data,
- gnutls_x509_crt_fmt_t format,
- unsigned int flags)
+ gnutls_x509_crt_fmt_t format, unsigned int flags)
{
int size;
const char *ptr;
@@ -1381,9 +1375,8 @@ gnutls_x509_crl_list_import(gnutls_x509_crl_t * crls,
goto error;
}
- tmp.data = (void *) ptr;
- tmp.size =
- data->size - (ptr - (char *) data->data);
+ tmp.data = (void *)ptr;
+ tmp.size = data->size - (ptr - (char *)data->data);
ret =
gnutls_x509_crl_import(crls[count], &tmp,
GNUTLS_X509_FMT_PEM);
@@ -1399,7 +1392,7 @@ gnutls_x509_crl_list_import(gnutls_x509_crl_t * crls,
ptr++;
/* find the next certificate (if any)
*/
- size = data->size - (ptr - (char *) data->data);
+ size = data->size - (ptr - (char *)data->data);
if (size > 0) {
ptr =
@@ -1419,7 +1412,7 @@ gnutls_x509_crl_list_import(gnutls_x509_crl_t * crls,
else
return GNUTLS_E_SHORT_MEMORY_BUFFER;
- error:
+ error:
for (j = 0; j < count; j++)
gnutls_x509_crl_deinit(crls[j]);
return ret;
View Lorry Controller Status