kris
/
boringssl
1
0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
5152 Commits
12 Branches
38 MiB
 
 
 
 
 
 
Tree: 40d76f4f7d
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '40d76f4f7d'
${ noResults }
boringssl/crypto/x509v3/pcy_data.c

131 lines
4.5 KiB
Raw Blame History 

  1. /* pcy_data.c */

  2. /*

  3.  * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project

  4.  * 2004.

  5.  */

  6. /* ====================================================================

  7.  * Copyright (c) 2004 The OpenSSL Project.  All rights reserved.

  8.  *

  9.  * Redistribution and use in source and binary forms, with or without

  10.  * modification, are permitted provided that the following conditions

  11.  * are met:

  12.  *

  13.  * 1. Redistributions of source code must retain the above copyright

  14.  *    notice, this list of conditions and the following disclaimer.

  15.  *

  16.  * 2. Redistributions in binary form must reproduce the above copyright

  17.  *    notice, this list of conditions and the following disclaimer in

  18.  *    the documentation and/or other materials provided with the

  19.  *    distribution.

  20.  *

  21.  * 3. All advertising materials mentioning features or use of this

  22.  *    software must display the following acknowledgment:

  23.  *    "This product includes software developed by the OpenSSL Project

  24.  *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"

  25.  *

  26.  * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to

  27.  *    endorse or promote products derived from this software without

  28.  *    prior written permission. For written permission, please contact

  29.  *    licensing@OpenSSL.org.

  30.  *

  31.  * 5. Products derived from this software may not be called "OpenSSL"

  32.  *    nor may "OpenSSL" appear in their names without prior written

  33.  *    permission of the OpenSSL Project.

  34.  *

  35.  * 6. Redistributions of any form whatsoever must retain the following

  36.  *    acknowledgment:

  37.  *    "This product includes software developed by the OpenSSL Project

  38.  *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"

  39.  *

  40.  * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY

  41.  * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE

  42.  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR

  43.  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR

  44.  * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,

  45.  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT

  46.  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;

  47.  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)

  48.  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,

  49.  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)

  50.  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED

  51.  * OF THE POSSIBILITY OF SUCH DAMAGE.

  52.  * ====================================================================

  53.  *

  54.  * This product includes cryptographic software written by Eric Young

  55.  * (eay@cryptsoft.com).  This product includes software written by Tim

  56.  * Hudson (tjh@cryptsoft.com).

  57.  *

  58.  */

  59. 

  60. #include <openssl/mem.h>

  61. #include <openssl/obj.h>

  62. #include <openssl/x509.h>

  63. #include <openssl/x509v3.h>

  64. 

  65. #include "pcy_int.h"

  66. 

  67. /* Policy Node routines */

  68. 

  69. void policy_data_free(X509_POLICY_DATA *data)

  70. {

  71.     ASN1_OBJECT_free(data->valid_policy);

  72.     /* Don't free qualifiers if shared */

  73.     if (!(data->flags & POLICY_DATA_FLAG_SHARED_QUALIFIERS))

  74.         sk_POLICYQUALINFO_pop_free(data->qualifier_set, POLICYQUALINFO_free);

  75.     sk_ASN1_OBJECT_pop_free(data->expected_policy_set, ASN1_OBJECT_free);

  76.     OPENSSL_free(data);

  77. }

  78. 

  79. /*

  80.  * Create a data based on an existing policy. If 'id' is NULL use the oid in

  81.  * the policy, otherwise use 'id'. This behaviour covers the two types of

  82.  * data in RFC3280: data with from a CertificatePolcies extension and

  83.  * additional data with just the qualifiers of anyPolicy and ID from another

  84.  * source.

  85.  */

  86. 

  87. X509_POLICY_DATA *policy_data_new(POLICYINFO *policy,

  88.                                   const ASN1_OBJECT *cid, int crit)

  89. {

  90.     X509_POLICY_DATA *ret;

  91.     ASN1_OBJECT *id;

  92.     if (!policy && !cid)

  93.         return NULL;

  94.     if (cid) {

  95.         id = OBJ_dup(cid);

  96.         if (!id)

  97.             return NULL;

  98.     } else

  99.         id = NULL;

  100.     ret = OPENSSL_malloc(sizeof(X509_POLICY_DATA));

  101.     if (!ret)

  102.         return NULL;

  103.     ret->expected_policy_set = sk_ASN1_OBJECT_new_null();

  104.     if (!ret->expected_policy_set) {

  105.         OPENSSL_free(ret);

  106.         if (id)

  107.             ASN1_OBJECT_free(id);

  108.         return NULL;

  109.     }

  110. 

  111.     if (crit)

  112.         ret->flags = POLICY_DATA_FLAG_CRITICAL;

  113.     else

  114.         ret->flags = 0;

  115. 

  116.     if (id)

  117.         ret->valid_policy = id;

  118.     else {

  119.         ret->valid_policy = policy->policyid;

  120.         policy->policyid = NULL;

  121.     }

  122. 

  123.     if (policy) {

  124.         ret->qualifier_set = policy->qualifiers;

  125.         policy->qualifiers = NULL;

  126.     } else

  127.         ret->qualifier_set = NULL;

  128. 

  129.     return ret;

  130. }