1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
|
/*
* The contents of this file are subject to the Mozilla Public
* License Version 1.1 (the "License"); you may not use this file
* except in compliance with the License. You may obtain a copy of
* the License at http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS
* IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
* implied. See the License for the specific language governing
* rights and limitations under the License.
*
* The Original Code is the Netscape security libraries.
*
* The Initial Developer of the Original Code is Netscape
* Communications Corporation. Portions created by Netscape are
* Copyright (C) 1994-2000 Netscape Communications Corporation. All
* Rights Reserved.
*
* Contributor(s):
*
* Alternatively, the contents of this file may be used under the
* terms of the GNU General Public License Version 2 or later (the
* "GPL"), in which case the provisions of the GPL are applicable
* instead of those above. If you wish to allow use of your
* version of this file only under the terms of the GPL and not to
* allow others to use your version of this file under the MPL,
* indicate your decision by deleting the provisions above and
* replace them with the notice and other provisions required by
* the GPL. If you do not delete the provisions above, a recipient
* may use your version of this file under either the MPL or the
* GPL.
*/
/*
* Code for dealing with x.509 v3 crl and crl entries extensions.
*
* $Id$
*/
#include "cert.h"
#include "secitem.h"
#include "secoid.h"
#include "secoidt.h"
#include "secder.h"
#include "secasn1.h"
#include "certxutl.h"
SECStatus
CERT_FindCRLExtensionByOID(CERTCrl *crl, SECItem *oid, SECItem *value)
{
return (cert_FindExtensionByOID (crl->extensions, oid, value));
}
SECStatus
CERT_FindCRLExtension(CERTCrl *crl, int tag, SECItem *value)
{
return (cert_FindExtension (crl->extensions, tag, value));
}
/* Callback to set extensions and adjust verison */
static void
SetCrlExts(void *object, CERTCertExtension **exts)
{
CERTCrl *crl = (CERTCrl *)object;
crl->extensions = exts;
DER_SetUInteger (crl->arena, &crl->version, SEC_CRL_VERSION_2);
}
void *
CERT_StartCRLExtensions(CERTCrl *crl)
{
return (cert_StartExtensions ((void *)crl, crl->arena, SetCrlExts));
}
SECStatus CERT_FindCRLNumberExten (CERTCrl *crl, CERTCrlNumber *value)
{
SECItem encodedExtenValue;
SECStatus rv;
encodedExtenValue.data = NULL;
encodedExtenValue.len = 0;
rv = cert_FindExtension
(crl->extensions, SEC_OID_X509_CRL_NUMBER, &encodedExtenValue);
if ( rv != SECSuccess )
return (rv);
rv = SEC_ASN1DecodeItem (NULL, value, SEC_IntegerTemplate,
&encodedExtenValue);
PORT_Free (encodedExtenValue.data);
return (rv);
}
SECStatus CERT_FindCRLReasonExten (CERTCrl *crl, SECItem *value)
{
return (CERT_FindBitStringExtension
(crl->extensions, SEC_OID_X509_REASON_CODE, value));
}
SECStatus CERT_FindInvalidDateExten (CERTCrl *crl, int64 *value)
{
SECItem encodedExtenValue;
SECItem decodedExtenValue = {siBuffer,0};
SECStatus rv;
encodedExtenValue.data = decodedExtenValue.data = NULL;
encodedExtenValue.len = decodedExtenValue.len = 0;
rv = cert_FindExtension
(crl->extensions, SEC_OID_X509_INVALID_DATE, &encodedExtenValue);
if ( rv != SECSuccess )
return (rv);
rv = SEC_ASN1DecodeItem (NULL, &decodedExtenValue,
SEC_GeneralizedTimeTemplate, &encodedExtenValue);
if (rv != SECSuccess)
return (rv);
rv = DER_GeneralizedTimeToTime(value, &encodedExtenValue);
PORT_Free (decodedExtenValue.data);
PORT_Free (encodedExtenValue.data);
return (rv);
}
|
