1656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project/* v3_cpols.c */ 2e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 3656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * project 1999. 4656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project */ 5656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project/* ==================================================================== 6656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * Copyright (c) 1999-2004 The OpenSSL Project. All rights reserved. 7656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 8656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * Redistribution and use in source and binary forms, with or without 9656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * modification, are permitted provided that the following conditions 10656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * are met: 11656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 12656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 1. Redistributions of source code must retain the above copyright 13656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * notice, this list of conditions and the following disclaimer. 14656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 15656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 2. Redistributions in binary form must reproduce the above copyright 16656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * notice, this list of conditions and the following disclaimer in 17656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * the documentation and/or other materials provided with the 18656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * distribution. 19656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 20656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 3. All advertising materials mentioning features or use of this 21656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * software must display the following acknowledgment: 22656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * "This product includes software developed by the OpenSSL Project 23656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" 24656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 25656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 26656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * endorse or promote products derived from this software without 27656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * prior written permission. For written permission, please contact 28656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * licensing@OpenSSL.org. 29656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 30656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 5. Products derived from this software may not be called "OpenSSL" 31656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * nor may "OpenSSL" appear in their names without prior written 32656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * permission of the OpenSSL Project. 33656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 34656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 6. Redistributions of any form whatsoever must retain the following 35656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * acknowledgment: 36656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * "This product includes software developed by the OpenSSL Project 37656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" 38656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 39656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 40656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 41656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 42656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 43656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 44656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 45656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 46656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 47656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 48656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 49656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 50656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * OF THE POSSIBILITY OF SUCH DAMAGE. 51656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * ==================================================================== 52656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 53656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * This product includes cryptographic software written by Eric Young 54656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * (eay@cryptsoft.com). This product includes software written by Tim 55656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * Hudson (tjh@cryptsoft.com). 56656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 57656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project */ 58656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 59656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <stdio.h> 60656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include "cryptlib.h" 61656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <openssl/conf.h> 62656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <openssl/asn1.h> 63656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <openssl/asn1t.h> 64656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <openssl/x509v3.h> 65656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 66656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include "pcy_int.h" 67656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 68656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project/* Certificate policies extension support: this one is a bit complex... */ 69656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 70656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int i2r_certpol(X509V3_EXT_METHOD *method, STACK_OF(POLICYINFO) *pol, BIO *out, int indent); 71656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic STACK_OF(POLICYINFO) *r2i_certpol(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *value); 72656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic void print_qualifiers(BIO *out, STACK_OF(POLICYQUALINFO) *quals, int indent); 73656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic void print_notice(BIO *out, USERNOTICE *notice, int indent); 74656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic POLICYINFO *policy_section(X509V3_CTX *ctx, 75656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project STACK_OF(CONF_VALUE) *polstrs, int ia5org); 76656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic POLICYQUALINFO *notice_section(X509V3_CTX *ctx, 77656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project STACK_OF(CONF_VALUE) *unot, int ia5org); 78656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int nref_nos(STACK_OF(ASN1_INTEGER) *nnums, STACK_OF(CONF_VALUE) *nos); 79656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 80656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectconst X509V3_EXT_METHOD v3_cpols = { 81656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source ProjectNID_certificate_policies, 0,ASN1_ITEM_ref(CERTIFICATEPOLICIES), 82656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project0,0,0,0, 83656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project0,0, 84656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project0,0, 85656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project(X509V3_EXT_I2R)i2r_certpol, 86656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project(X509V3_EXT_R2I)r2i_certpol, 87656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source ProjectNULL 88656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project}; 89656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 90656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source ProjectASN1_ITEM_TEMPLATE(CERTIFICATEPOLICIES) = 91656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, CERTIFICATEPOLICIES, POLICYINFO) 92656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source ProjectASN1_ITEM_TEMPLATE_END(CERTIFICATEPOLICIES) 93656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 94656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source ProjectIMPLEMENT_ASN1_FUNCTIONS(CERTIFICATEPOLICIES) 95656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 96656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source ProjectASN1_SEQUENCE(POLICYINFO) = { 97656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ASN1_SIMPLE(POLICYINFO, policyid, ASN1_OBJECT), 98656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ASN1_SEQUENCE_OF_OPT(POLICYINFO, qualifiers, POLICYQUALINFO) 99656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project} ASN1_SEQUENCE_END(POLICYINFO) 100656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 101656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source ProjectIMPLEMENT_ASN1_FUNCTIONS(POLICYINFO) 102656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 103656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source ProjectASN1_ADB_TEMPLATE(policydefault) = ASN1_SIMPLE(POLICYQUALINFO, d.other, ASN1_ANY); 104656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 105656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source ProjectASN1_ADB(POLICYQUALINFO) = { 106656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ADB_ENTRY(NID_id_qt_cps, ASN1_SIMPLE(POLICYQUALINFO, d.cpsuri, ASN1_IA5STRING)), 107656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ADB_ENTRY(NID_id_qt_unotice, ASN1_SIMPLE(POLICYQUALINFO, d.usernotice, USERNOTICE)) 108656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project} ASN1_ADB_END(POLICYQUALINFO, 0, pqualid, 0, &policydefault_tt, NULL); 109656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 110656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source ProjectASN1_SEQUENCE(POLICYQUALINFO) = { 111656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ASN1_SIMPLE(POLICYQUALINFO, pqualid, ASN1_OBJECT), 112656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ASN1_ADB_OBJECT(POLICYQUALINFO) 113656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project} ASN1_SEQUENCE_END(POLICYQUALINFO) 114656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 115656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source ProjectIMPLEMENT_ASN1_FUNCTIONS(POLICYQUALINFO) 116656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 117656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source ProjectASN1_SEQUENCE(USERNOTICE) = { 118656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ASN1_OPT(USERNOTICE, noticeref, NOTICEREF), 119656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ASN1_OPT(USERNOTICE, exptext, DISPLAYTEXT) 120656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project} ASN1_SEQUENCE_END(USERNOTICE) 121656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 122656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source ProjectIMPLEMENT_ASN1_FUNCTIONS(USERNOTICE) 123656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 124656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source ProjectASN1_SEQUENCE(NOTICEREF) = { 125656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ASN1_SIMPLE(NOTICEREF, organization, DISPLAYTEXT), 126656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ASN1_SEQUENCE_OF(NOTICEREF, noticenos, ASN1_INTEGER) 127656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project} ASN1_SEQUENCE_END(NOTICEREF) 128656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 129656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source ProjectIMPLEMENT_ASN1_FUNCTIONS(NOTICEREF) 130656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 131656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic STACK_OF(POLICYINFO) *r2i_certpol(X509V3_EXT_METHOD *method, 132656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509V3_CTX *ctx, char *value) 133656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project{ 134656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project STACK_OF(POLICYINFO) *pols = NULL; 135656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project char *pstr; 136656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project POLICYINFO *pol; 137656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ASN1_OBJECT *pobj; 138656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project STACK_OF(CONF_VALUE) *vals; 139656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project CONF_VALUE *cnf; 140656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int i, ia5org; 141656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project pols = sk_POLICYINFO_new_null(); 142656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (pols == NULL) { 143656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509V3err(X509V3_F_R2I_CERTPOL, ERR_R_MALLOC_FAILURE); 144656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return NULL; 145656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 146656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project vals = X509V3_parse_list(value); 147656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (vals == NULL) { 148656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509V3err(X509V3_F_R2I_CERTPOL, ERR_R_X509V3_LIB); 149656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto err; 150656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 151656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ia5org = 0; 152656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project for(i = 0; i < sk_CONF_VALUE_num(vals); i++) { 153656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project cnf = sk_CONF_VALUE_value(vals, i); 154656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(cnf->value || !cnf->name ) { 155656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509V3err(X509V3_F_R2I_CERTPOL,X509V3_R_INVALID_POLICY_IDENTIFIER); 156656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509V3_conf_err(cnf); 157656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto err; 158656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 159656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project pstr = cnf->name; 160656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(!strcmp(pstr,"ia5org")) { 161656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ia5org = 1; 162656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project continue; 163656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } else if(*pstr == '@') { 164656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project STACK_OF(CONF_VALUE) *polsect; 165656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project polsect = X509V3_get_section(ctx, pstr + 1); 166656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(!polsect) { 167656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509V3err(X509V3_F_R2I_CERTPOL,X509V3_R_INVALID_SECTION); 168656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 169656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509V3_conf_err(cnf); 170656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto err; 171656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 172656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project pol = policy_section(ctx, polsect, ia5org); 173656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509V3_section_free(ctx, polsect); 174656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(!pol) goto err; 175656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } else { 176656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(!(pobj = OBJ_txt2obj(cnf->name, 0))) { 177656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509V3err(X509V3_F_R2I_CERTPOL,X509V3_R_INVALID_OBJECT_IDENTIFIER); 178656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509V3_conf_err(cnf); 179656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto err; 180656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 181656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project pol = POLICYINFO_new(); 182656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project pol->policyid = pobj; 183656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 184e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu if (!sk_POLICYINFO_push(pols, pol)){ 185e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu POLICYINFO_free(pol); 186e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu X509V3err(X509V3_F_R2I_CERTPOL, ERR_R_MALLOC_FAILURE); 187e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu goto err; 188e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu } 189656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 190656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project sk_CONF_VALUE_pop_free(vals, X509V3_conf_free); 191656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return pols; 192656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project err: 193656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project sk_CONF_VALUE_pop_free(vals, X509V3_conf_free); 194656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project sk_POLICYINFO_pop_free(pols, POLICYINFO_free); 195656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return NULL; 196656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project} 197656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 198656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic POLICYINFO *policy_section(X509V3_CTX *ctx, 199656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project STACK_OF(CONF_VALUE) *polstrs, int ia5org) 200656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project{ 201656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int i; 202656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project CONF_VALUE *cnf; 203656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project POLICYINFO *pol; 204656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project POLICYQUALINFO *qual; 205656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(!(pol = POLICYINFO_new())) goto merr; 206656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project for(i = 0; i < sk_CONF_VALUE_num(polstrs); i++) { 207656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project cnf = sk_CONF_VALUE_value(polstrs, i); 208656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(!strcmp(cnf->name, "policyIdentifier")) { 209656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ASN1_OBJECT *pobj; 210656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(!(pobj = OBJ_txt2obj(cnf->value, 0))) { 211656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509V3err(X509V3_F_POLICY_SECTION,X509V3_R_INVALID_OBJECT_IDENTIFIER); 212656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509V3_conf_err(cnf); 213656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto err; 214656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 215656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project pol->policyid = pobj; 216656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 217656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } else if(!name_cmp(cnf->name, "CPS")) { 218656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(!pol->qualifiers) pol->qualifiers = 219656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project sk_POLICYQUALINFO_new_null(); 220656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(!(qual = POLICYQUALINFO_new())) goto merr; 221656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(!sk_POLICYQUALINFO_push(pol->qualifiers, qual)) 222656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto merr; 223656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project qual->pqualid = OBJ_nid2obj(NID_id_qt_cps); 224656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project qual->d.cpsuri = M_ASN1_IA5STRING_new(); 225656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(!ASN1_STRING_set(qual->d.cpsuri, cnf->value, 226656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project strlen(cnf->value))) goto merr; 227656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } else if(!name_cmp(cnf->name, "userNotice")) { 228656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project STACK_OF(CONF_VALUE) *unot; 229656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(*cnf->value != '@') { 230656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509V3err(X509V3_F_POLICY_SECTION,X509V3_R_EXPECTED_A_SECTION_NAME); 231656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509V3_conf_err(cnf); 232656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto err; 233656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 234656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project unot = X509V3_get_section(ctx, cnf->value + 1); 235656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(!unot) { 236656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509V3err(X509V3_F_POLICY_SECTION,X509V3_R_INVALID_SECTION); 237656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 238656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509V3_conf_err(cnf); 239656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto err; 240656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 241656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project qual = notice_section(ctx, unot, ia5org); 242656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509V3_section_free(ctx, unot); 243656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(!qual) goto err; 244656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(!pol->qualifiers) pol->qualifiers = 245656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project sk_POLICYQUALINFO_new_null(); 246656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(!sk_POLICYQUALINFO_push(pol->qualifiers, qual)) 247656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto merr; 248656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } else { 249656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509V3err(X509V3_F_POLICY_SECTION,X509V3_R_INVALID_OPTION); 250656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 251656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509V3_conf_err(cnf); 252656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto err; 253656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 254656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 255656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(!pol->policyid) { 256656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509V3err(X509V3_F_POLICY_SECTION,X509V3_R_NO_POLICY_IDENTIFIER); 257656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto err; 258656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 259656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 260656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return pol; 261656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 262656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project merr: 263656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509V3err(X509V3_F_POLICY_SECTION,ERR_R_MALLOC_FAILURE); 264656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 265656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project err: 266656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project POLICYINFO_free(pol); 267656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return NULL; 268656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 269656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 270656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project} 271656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 272656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic POLICYQUALINFO *notice_section(X509V3_CTX *ctx, 273656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project STACK_OF(CONF_VALUE) *unot, int ia5org) 274656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project{ 275656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int i, ret; 276656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project CONF_VALUE *cnf; 277656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project USERNOTICE *not; 278656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project POLICYQUALINFO *qual; 279656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(!(qual = POLICYQUALINFO_new())) goto merr; 280656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project qual->pqualid = OBJ_nid2obj(NID_id_qt_unotice); 281656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(!(not = USERNOTICE_new())) goto merr; 282656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project qual->d.usernotice = not; 283656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project for(i = 0; i < sk_CONF_VALUE_num(unot); i++) { 284656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project cnf = sk_CONF_VALUE_value(unot, i); 285656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(!strcmp(cnf->name, "explicitText")) { 286656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project not->exptext = M_ASN1_VISIBLESTRING_new(); 287656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(!ASN1_STRING_set(not->exptext, cnf->value, 288656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project strlen(cnf->value))) goto merr; 289656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } else if(!strcmp(cnf->name, "organization")) { 290656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project NOTICEREF *nref; 291656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(!not->noticeref) { 292656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(!(nref = NOTICEREF_new())) goto merr; 293656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project not->noticeref = nref; 294656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } else nref = not->noticeref; 295656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(ia5org) nref->organization->type = V_ASN1_IA5STRING; 296656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else nref->organization->type = V_ASN1_VISIBLESTRING; 297656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(!ASN1_STRING_set(nref->organization, cnf->value, 298656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project strlen(cnf->value))) goto merr; 299656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } else if(!strcmp(cnf->name, "noticeNumbers")) { 300656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project NOTICEREF *nref; 301656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project STACK_OF(CONF_VALUE) *nos; 302656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(!not->noticeref) { 303656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(!(nref = NOTICEREF_new())) goto merr; 304656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project not->noticeref = nref; 305656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } else nref = not->noticeref; 306656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project nos = X509V3_parse_list(cnf->value); 307656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(!nos || !sk_CONF_VALUE_num(nos)) { 308656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509V3err(X509V3_F_NOTICE_SECTION,X509V3_R_INVALID_NUMBERS); 309656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509V3_conf_err(cnf); 310656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto err; 311656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 312656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ret = nref_nos(nref->noticenos, nos); 313656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project sk_CONF_VALUE_pop_free(nos, X509V3_conf_free); 314656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!ret) 315656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto err; 316656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } else { 317656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509V3err(X509V3_F_NOTICE_SECTION,X509V3_R_INVALID_OPTION); 318656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509V3_conf_err(cnf); 319656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto err; 320656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 321656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 322656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 323656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(not->noticeref && 324656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project (!not->noticeref->noticenos || !not->noticeref->organization)) { 325656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509V3err(X509V3_F_NOTICE_SECTION,X509V3_R_NEED_ORGANIZATION_AND_NUMBERS); 326656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto err; 327656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 328656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 329656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return qual; 330656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 331656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project merr: 332656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509V3err(X509V3_F_NOTICE_SECTION,ERR_R_MALLOC_FAILURE); 333656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 334656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project err: 335656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project POLICYQUALINFO_free(qual); 336656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return NULL; 337656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project} 338656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 339656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int nref_nos(STACK_OF(ASN1_INTEGER) *nnums, STACK_OF(CONF_VALUE) *nos) 340656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project{ 341656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project CONF_VALUE *cnf; 342656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ASN1_INTEGER *aint; 343656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 344656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int i; 345656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 346656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project for(i = 0; i < sk_CONF_VALUE_num(nos); i++) { 347656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project cnf = sk_CONF_VALUE_value(nos, i); 348656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(!(aint = s2i_ASN1_INTEGER(NULL, cnf->name))) { 349656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509V3err(X509V3_F_NREF_NOS,X509V3_R_INVALID_NUMBER); 350656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project goto err; 351656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 352656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(!sk_ASN1_INTEGER_push(nnums, aint)) goto merr; 353656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 354656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return 1; 355656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 356656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project merr: 357656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509V3err(X509V3_F_NREF_NOS,ERR_R_MALLOC_FAILURE); 358656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 359656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project err: 360656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project sk_ASN1_INTEGER_pop_free(nnums, ASN1_STRING_free); 361656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return 0; 362656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project} 363656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 364656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 365656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int i2r_certpol(X509V3_EXT_METHOD *method, STACK_OF(POLICYINFO) *pol, 366656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO *out, int indent) 367656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project{ 368656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int i; 369656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project POLICYINFO *pinfo; 370656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* First print out the policy OIDs */ 371656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project for(i = 0; i < sk_POLICYINFO_num(pol); i++) { 372656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project pinfo = sk_POLICYINFO_value(pol, i); 373656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(out, "%*sPolicy: ", indent, ""); 374656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project i2a_ASN1_OBJECT(out, pinfo->policyid); 375656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_puts(out, "\n"); 376656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(pinfo->qualifiers) 377656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project print_qualifiers(out, pinfo->qualifiers, indent + 2); 378656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 379656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return 1; 380656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project} 381656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 382656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic void print_qualifiers(BIO *out, STACK_OF(POLICYQUALINFO) *quals, 383656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int indent) 384656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project{ 385656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project POLICYQUALINFO *qualinfo; 386656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int i; 387656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project for(i = 0; i < sk_POLICYQUALINFO_num(quals); i++) { 388656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project qualinfo = sk_POLICYQUALINFO_value(quals, i); 389656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project switch(OBJ_obj2nid(qualinfo->pqualid)) 390656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 391656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project case NID_id_qt_cps: 392656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(out, "%*sCPS: %s\n", indent, "", 393656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project qualinfo->d.cpsuri->data); 394656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project break; 395656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 396656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project case NID_id_qt_unotice: 397656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(out, "%*sUser Notice:\n", indent, ""); 398656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project print_notice(out, qualinfo->d.usernotice, indent + 2); 399656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project break; 400656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 401656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project default: 402656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(out, "%*sUnknown Qualifier: ", 403656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project indent + 2, ""); 404656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 405656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project i2a_ASN1_OBJECT(out, qualinfo->pqualid); 406656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_puts(out, "\n"); 407656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project break; 408656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 409656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 410656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project} 411656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 412656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic void print_notice(BIO *out, USERNOTICE *notice, int indent) 413656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project{ 414656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int i; 415656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(notice->noticeref) { 416656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project NOTICEREF *ref; 417656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ref = notice->noticeref; 418656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(out, "%*sOrganization: %s\n", indent, "", 419656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ref->organization->data); 420656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(out, "%*sNumber%s: ", indent, "", 421656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project sk_ASN1_INTEGER_num(ref->noticenos) > 1 ? "s" : ""); 422656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project for(i = 0; i < sk_ASN1_INTEGER_num(ref->noticenos); i++) { 423656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ASN1_INTEGER *num; 424656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project char *tmp; 425656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project num = sk_ASN1_INTEGER_value(ref->noticenos, i); 426656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(i) BIO_puts(out, ", "); 427656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project tmp = i2s_ASN1_INTEGER(NULL, num); 428656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_puts(out, tmp); 429656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project OPENSSL_free(tmp); 430656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 431656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_puts(out, "\n"); 432656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 433656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(notice->exptext) 434656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(out, "%*sExplicit Text: %s\n", indent, "", 435656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project notice->exptext->data); 436656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project} 437656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 438656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectvoid X509_POLICY_NODE_print(BIO *out, X509_POLICY_NODE *node, int indent) 439656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 440656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project const X509_POLICY_DATA *dat = node->data; 441656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 442656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(out, "%*sPolicy: ", indent, ""); 443656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 444656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project i2a_ASN1_OBJECT(out, dat->valid_policy); 445656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_puts(out, "\n"); 446656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(out, "%*s%s\n", indent + 2, "", 447656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project node_data_critical(dat) ? "Critical" : "Non Critical"); 448656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (dat->qualifier_set) 449656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project print_qualifiers(out, dat->qualifier_set, indent + 2); 450656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 451656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project BIO_printf(out, "%*sNo Qualifiers\n", indent + 2, ""); 452656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 453221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 454221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 455e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra ModaduguIMPLEMENT_STACK_OF(X509_POLICY_NODE) 456221304ee937bc0910948a8be1320cb8cc4eb6d36Brian CarlstromIMPLEMENT_STACK_OF(X509_POLICY_DATA) 457221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 458