1656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project/* v3_crld.c */ 2e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 3656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * project 1999. 4656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project */ 5656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project/* ==================================================================== 6221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom * Copyright (c) 1999-2008 The OpenSSL Project. All rights reserved. 7656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 8656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * Redistribution and use in source and binary forms, with or without 9656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * modification, are permitted provided that the following conditions 10656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * are met: 11656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 12656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 1. Redistributions of source code must retain the above copyright 13656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * notice, this list of conditions and the following disclaimer. 14656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 15656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 2. Redistributions in binary form must reproduce the above copyright 16656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * notice, this list of conditions and the following disclaimer in 17656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * the documentation and/or other materials provided with the 18656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * distribution. 19656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 20656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 3. All advertising materials mentioning features or use of this 21656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * software must display the following acknowledgment: 22656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * "This product includes software developed by the OpenSSL Project 23656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" 24656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 25656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 26656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * endorse or promote products derived from this software without 27656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * prior written permission. For written permission, please contact 28656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * licensing@OpenSSL.org. 29656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 30656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 5. Products derived from this software may not be called "OpenSSL" 31656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * nor may "OpenSSL" appear in their names without prior written 32656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * permission of the OpenSSL Project. 33656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 34656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 6. Redistributions of any form whatsoever must retain the following 35656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * acknowledgment: 36656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * "This product includes software developed by the OpenSSL Project 37656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" 38656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 39656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 40656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 41656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 42656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 43656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 44656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 45656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 46656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 47656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 48656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 49656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 50656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * OF THE POSSIBILITY OF SUCH DAMAGE. 51656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * ==================================================================== 52656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 53656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * This product includes cryptographic software written by Eric Young 54656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * (eay@cryptsoft.com). This product includes software written by Tim 55656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * Hudson (tjh@cryptsoft.com). 56656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 57656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project */ 58656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 59656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <stdio.h> 60656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include "cryptlib.h" 61656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <openssl/conf.h> 62656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <openssl/asn1.h> 63656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <openssl/asn1t.h> 64656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <openssl/x509v3.h> 65656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 66221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstromstatic void *v2i_crld(const X509V3_EXT_METHOD *method, 67221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval); 68221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstromstatic int i2r_crldp(const X509V3_EXT_METHOD *method, void *pcrldp, BIO *out, 69221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom int indent); 70221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 71221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstromconst X509V3_EXT_METHOD v3_crld = 72221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 73221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom NID_crl_distribution_points, 0, ASN1_ITEM_ref(CRL_DIST_POINTS), 74221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 0,0,0,0, 75221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 0,0, 76221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 0, 77221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom v2i_crld, 78221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom i2r_crldp,0, 79221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom NULL 80221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom }; 81221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 82221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstromconst X509V3_EXT_METHOD v3_freshest_crl = 83221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 84221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom NID_freshest_crl, 0, ASN1_ITEM_ref(CRL_DIST_POINTS), 85221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 0,0,0,0, 86221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 0,0, 87221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 0, 88221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom v2i_crld, 89221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom i2r_crldp,0, 90221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom NULL 91221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom }; 92221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 93221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstromstatic STACK_OF(GENERAL_NAME) *gnames_from_sectname(X509V3_CTX *ctx, char *sect) 94221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 95221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom STACK_OF(CONF_VALUE) *gnsect; 96221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom STACK_OF(GENERAL_NAME) *gens; 97221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (*sect == '@') 98221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom gnsect = X509V3_get_section(ctx, sect + 1); 99221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom else 100221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom gnsect = X509V3_parse_list(sect); 101221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (!gnsect) 102221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 103221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom X509V3err(X509V3_F_GNAMES_FROM_SECTNAME, 104221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom X509V3_R_SECTION_NOT_FOUND); 105221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom return NULL; 106221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 107221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom gens = v2i_GENERAL_NAMES(NULL, ctx, gnsect); 108221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (*sect == '@') 109221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom X509V3_section_free(ctx, gnsect); 110221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom else 111221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom sk_CONF_VALUE_pop_free(gnsect, X509V3_conf_free); 112221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom return gens; 113221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 114221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 115221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstromstatic int set_dist_point_name(DIST_POINT_NAME **pdp, X509V3_CTX *ctx, 116221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom CONF_VALUE *cnf) 117221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 118221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom STACK_OF(GENERAL_NAME) *fnm = NULL; 119221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom STACK_OF(X509_NAME_ENTRY) *rnm = NULL; 120221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (!strncmp(cnf->name, "fullname", 9)) 121221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 122221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom fnm = gnames_from_sectname(ctx, cnf->value); 123221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (!fnm) 124221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom goto err; 125221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 126221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom else if (!strcmp(cnf->name, "relativename")) 127221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 128221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom int ret; 129221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom STACK_OF(CONF_VALUE) *dnsect; 130221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom X509_NAME *nm; 131221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom nm = X509_NAME_new(); 132221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (!nm) 133221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom return -1; 134221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom dnsect = X509V3_get_section(ctx, cnf->value); 135221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (!dnsect) 136221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 137221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom X509V3err(X509V3_F_SET_DIST_POINT_NAME, 138221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom X509V3_R_SECTION_NOT_FOUND); 139221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom return -1; 140221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 141221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom ret = X509V3_NAME_from_section(nm, dnsect, MBSTRING_ASC); 142221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom X509V3_section_free(ctx, dnsect); 143221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom rnm = nm->entries; 144221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom nm->entries = NULL; 145221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom X509_NAME_free(nm); 146221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (!ret || sk_X509_NAME_ENTRY_num(rnm) <= 0) 147221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom goto err; 148221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom /* Since its a name fragment can't have more than one 149221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom * RDNSequence 150221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom */ 151221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (sk_X509_NAME_ENTRY_value(rnm, 152221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom sk_X509_NAME_ENTRY_num(rnm) - 1)->set) 153221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 154221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom X509V3err(X509V3_F_SET_DIST_POINT_NAME, 155221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom X509V3_R_INVALID_MULTIPLE_RDNS); 156221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom goto err; 157221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 158221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 159221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom else 160221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom return 0; 161221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 162221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (*pdp) 163221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 164221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom X509V3err(X509V3_F_SET_DIST_POINT_NAME, 165221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom X509V3_R_DISTPOINT_ALREADY_SET); 166221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom goto err; 167221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 168221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 169221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom *pdp = DIST_POINT_NAME_new(); 170221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (!*pdp) 171221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom goto err; 172221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (fnm) 173221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 174221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom (*pdp)->type = 0; 175221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom (*pdp)->name.fullname = fnm; 176221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 177221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom else 178221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 179221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom (*pdp)->type = 1; 180221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom (*pdp)->name.relativename = rnm; 181221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 182221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 183221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom return 1; 184221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 185221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom err: 186221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (fnm) 187221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom sk_GENERAL_NAME_pop_free(fnm, GENERAL_NAME_free); 188221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (rnm) 189221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom sk_X509_NAME_ENTRY_pop_free(rnm, X509_NAME_ENTRY_free); 190221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom return -1; 191221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 192221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 193221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstromstatic const BIT_STRING_BITNAME reason_flags[] = { 194221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom{0, "Unused", "unused"}, 195221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom{1, "Key Compromise", "keyCompromise"}, 196221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom{2, "CA Compromise", "CACompromise"}, 197221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom{3, "Affiliation Changed", "affiliationChanged"}, 198221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom{4, "Superseded", "superseded"}, 199221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom{5, "Cessation Of Operation", "cessationOfOperation"}, 200221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom{6, "Certificate Hold", "certificateHold"}, 201221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom{7, "Privilege Withdrawn", "privilegeWithdrawn"}, 202221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom{8, "AA Compromise", "AACompromise"}, 203221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom{-1, NULL, NULL} 204656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project}; 205656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 206221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstromstatic int set_reasons(ASN1_BIT_STRING **preas, char *value) 207221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 208221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom STACK_OF(CONF_VALUE) *rsk = NULL; 209221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom const BIT_STRING_BITNAME *pbn; 210221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom const char *bnam; 211221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom int i, ret = 0; 212221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom rsk = X509V3_parse_list(value); 213221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (!rsk) 214221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom return 0; 215221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (*preas) 216221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom return 0; 217221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom for (i = 0; i < sk_CONF_VALUE_num(rsk); i++) 218221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 219221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom bnam = sk_CONF_VALUE_value(rsk, i)->name; 220221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (!*preas) 221221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 222221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom *preas = ASN1_BIT_STRING_new(); 223221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (!*preas) 224221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom goto err; 225221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 226221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom for (pbn = reason_flags; pbn->lname; pbn++) 227221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 228221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (!strcmp(pbn->sname, bnam)) 229221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 230221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (!ASN1_BIT_STRING_set_bit(*preas, 231221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom pbn->bitnum, 1)) 232221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom goto err; 233221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom break; 234221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 235221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 236221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (!pbn->lname) 237221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom goto err; 238221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 239221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom ret = 1; 240221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 241221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom err: 242221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom sk_CONF_VALUE_pop_free(rsk, X509V3_conf_free); 243221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom return ret; 244221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 245221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 246221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstromstatic int print_reasons(BIO *out, const char *rname, 247221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom ASN1_BIT_STRING *rflags, int indent) 248221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 249221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom int first = 1; 250221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom const BIT_STRING_BITNAME *pbn; 251221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom BIO_printf(out, "%*s%s:\n%*s", indent, "", rname, indent + 2, ""); 252221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom for (pbn = reason_flags; pbn->lname; pbn++) 253221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 254221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (ASN1_BIT_STRING_get_bit(rflags, pbn->bitnum)) 255221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 256221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (first) 257221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom first = 0; 258221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom else 259221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom BIO_puts(out, ", "); 260221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom BIO_puts(out, pbn->lname); 261221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 262221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 263221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (first) 264221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom BIO_puts(out, "<EMPTY>\n"); 265221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom else 266221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom BIO_puts(out, "\n"); 267221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom return 1; 268221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 269221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 270221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstromstatic DIST_POINT *crldp_from_section(X509V3_CTX *ctx, 271221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom STACK_OF(CONF_VALUE) *nval) 272221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 273656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int i; 274221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom CONF_VALUE *cnf; 275221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom DIST_POINT *point = NULL; 276221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom point = DIST_POINT_new(); 277221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (!point) 278221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom goto err; 279221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom for(i = 0; i < sk_CONF_VALUE_num(nval); i++) 280221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 281221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom int ret; 282221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom cnf = sk_CONF_VALUE_value(nval, i); 283221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom ret = set_dist_point_name(&point->distpoint, ctx, cnf); 284221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (ret > 0) 285221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom continue; 286221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (ret < 0) 287221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom goto err; 288221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (!strcmp(cnf->name, "reasons")) 289221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 290221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (!set_reasons(&point->reasons, cnf->value)) 291221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom goto err; 292221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 293221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom else if (!strcmp(cnf->name, "CRLissuer")) 294221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 295221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom point->CRLissuer = 296221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom gnames_from_sectname(ctx, cnf->value); 297221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (!point->CRLissuer) 298221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom goto err; 299221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 300656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 301221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 302221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom return point; 303221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 304221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 305221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom err: 306221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (point) 307221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom DIST_POINT_free(point); 308221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom return NULL; 309656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 310656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 311221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstromstatic void *v2i_crld(const X509V3_EXT_METHOD *method, 312221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval) 313221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 314656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project STACK_OF(DIST_POINT) *crld = NULL; 315656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project GENERAL_NAMES *gens = NULL; 316656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project GENERAL_NAME *gen = NULL; 317656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project CONF_VALUE *cnf; 318656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int i; 319656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if(!(crld = sk_DIST_POINT_new_null())) goto merr; 320656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project for(i = 0; i < sk_CONF_VALUE_num(nval); i++) { 321656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project DIST_POINT *point; 322656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project cnf = sk_CONF_VALUE_value(nval, i); 323221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (!cnf->value) 324221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 325221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom STACK_OF(CONF_VALUE) *dpsect; 326221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom dpsect = X509V3_get_section(ctx, cnf->name); 327221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (!dpsect) 328221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom goto err; 329221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom point = crldp_from_section(ctx, dpsect); 330221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom X509V3_section_free(ctx, dpsect); 331221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (!point) 332221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom goto err; 333221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if(!sk_DIST_POINT_push(crld, point)) 334221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 335221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom DIST_POINT_free(point); 336221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom goto merr; 337221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 338221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 339221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom else 340221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 341221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if(!(gen = v2i_GENERAL_NAME(method, ctx, cnf))) 342221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom goto err; 343221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if(!(gens = GENERAL_NAMES_new())) 344221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom goto merr; 345221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if(!sk_GENERAL_NAME_push(gens, gen)) 346221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom goto merr; 347221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom gen = NULL; 348221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if(!(point = DIST_POINT_new())) 349221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom goto merr; 350221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if(!sk_DIST_POINT_push(crld, point)) 351221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 352221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom DIST_POINT_free(point); 353221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom goto merr; 354221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 355221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if(!(point->distpoint = DIST_POINT_NAME_new())) 356221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom goto merr; 357221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom point->distpoint->name.fullname = gens; 358221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom point->distpoint->type = 0; 359221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom gens = NULL; 360221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 361656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 362656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return crld; 363656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 364656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project merr: 365656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509V3err(X509V3_F_V2I_CRLD,ERR_R_MALLOC_FAILURE); 366656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project err: 367656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project GENERAL_NAME_free(gen); 368656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project GENERAL_NAMES_free(gens); 369656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project sk_DIST_POINT_pop_free(crld, DIST_POINT_free); 370656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return NULL; 371656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project} 372656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 373656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source ProjectIMPLEMENT_STACK_OF(DIST_POINT) 374656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source ProjectIMPLEMENT_ASN1_SET_OF(DIST_POINT) 375656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 376221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstromstatic int dpn_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, 377221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom void *exarg) 378221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 379221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom DIST_POINT_NAME *dpn = (DIST_POINT_NAME *)*pval; 380221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 381221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom switch(operation) 382221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 383221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom case ASN1_OP_NEW_POST: 384221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom dpn->dpname = NULL; 385221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom break; 386221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 387221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom case ASN1_OP_FREE_POST: 388221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (dpn->dpname) 389221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom X509_NAME_free(dpn->dpname); 390221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom break; 391221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 392221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom return 1; 393221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 394221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 395656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 396221304ee937bc0910948a8be1320cb8cc4eb6d36Brian CarlstromASN1_CHOICE_cb(DIST_POINT_NAME, dpn_cb) = { 397656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ASN1_IMP_SEQUENCE_OF(DIST_POINT_NAME, name.fullname, GENERAL_NAME, 0), 398656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ASN1_IMP_SET_OF(DIST_POINT_NAME, name.relativename, X509_NAME_ENTRY, 1) 399221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom} ASN1_CHOICE_END_cb(DIST_POINT_NAME, DIST_POINT_NAME, type) 400221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 401656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 402656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source ProjectIMPLEMENT_ASN1_FUNCTIONS(DIST_POINT_NAME) 403656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 404656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source ProjectASN1_SEQUENCE(DIST_POINT) = { 405656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ASN1_EXP_OPT(DIST_POINT, distpoint, DIST_POINT_NAME, 0), 406656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ASN1_IMP_OPT(DIST_POINT, reasons, ASN1_BIT_STRING, 1), 407656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ASN1_IMP_SEQUENCE_OF_OPT(DIST_POINT, CRLissuer, GENERAL_NAME, 2) 408656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project} ASN1_SEQUENCE_END(DIST_POINT) 409656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 410656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source ProjectIMPLEMENT_ASN1_FUNCTIONS(DIST_POINT) 411656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 412656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source ProjectASN1_ITEM_TEMPLATE(CRL_DIST_POINTS) = 413656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, CRLDistributionPoints, DIST_POINT) 414656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source ProjectASN1_ITEM_TEMPLATE_END(CRL_DIST_POINTS) 415656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 416656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source ProjectIMPLEMENT_ASN1_FUNCTIONS(CRL_DIST_POINTS) 417221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 418221304ee937bc0910948a8be1320cb8cc4eb6d36Brian CarlstromASN1_SEQUENCE(ISSUING_DIST_POINT) = { 419221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom ASN1_EXP_OPT(ISSUING_DIST_POINT, distpoint, DIST_POINT_NAME, 0), 420221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom ASN1_IMP_OPT(ISSUING_DIST_POINT, onlyuser, ASN1_FBOOLEAN, 1), 421221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom ASN1_IMP_OPT(ISSUING_DIST_POINT, onlyCA, ASN1_FBOOLEAN, 2), 422221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom ASN1_IMP_OPT(ISSUING_DIST_POINT, onlysomereasons, ASN1_BIT_STRING, 3), 423221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom ASN1_IMP_OPT(ISSUING_DIST_POINT, indirectCRL, ASN1_FBOOLEAN, 4), 424221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom ASN1_IMP_OPT(ISSUING_DIST_POINT, onlyattr, ASN1_FBOOLEAN, 5) 425221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom} ASN1_SEQUENCE_END(ISSUING_DIST_POINT) 426221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 427221304ee937bc0910948a8be1320cb8cc4eb6d36Brian CarlstromIMPLEMENT_ASN1_FUNCTIONS(ISSUING_DIST_POINT) 428221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 429221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstromstatic int i2r_idp(const X509V3_EXT_METHOD *method, void *pidp, BIO *out, 430221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom int indent); 431221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstromstatic void *v2i_idp(const X509V3_EXT_METHOD *method, X509V3_CTX *ctx, 432221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom STACK_OF(CONF_VALUE) *nval); 433221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 434221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstromconst X509V3_EXT_METHOD v3_idp = 435221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 436221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom NID_issuing_distribution_point, X509V3_EXT_MULTILINE, 437221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom ASN1_ITEM_ref(ISSUING_DIST_POINT), 438221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 0,0,0,0, 439221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 0,0, 440221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 0, 441221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom v2i_idp, 442221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom i2r_idp,0, 443221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom NULL 444221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom }; 445221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 446221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstromstatic void *v2i_idp(const X509V3_EXT_METHOD *method, X509V3_CTX *ctx, 447221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom STACK_OF(CONF_VALUE) *nval) 448221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 449221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom ISSUING_DIST_POINT *idp = NULL; 450221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom CONF_VALUE *cnf; 451221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom char *name, *val; 452221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom int i, ret; 453221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom idp = ISSUING_DIST_POINT_new(); 454221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (!idp) 455221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom goto merr; 456221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom for(i = 0; i < sk_CONF_VALUE_num(nval); i++) 457221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 458221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom cnf = sk_CONF_VALUE_value(nval, i); 459221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom name = cnf->name; 460221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom val = cnf->value; 461221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom ret = set_dist_point_name(&idp->distpoint, ctx, cnf); 462221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (ret > 0) 463221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom continue; 464221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (ret < 0) 465221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom goto err; 466221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (!strcmp(name, "onlyuser")) 467221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 468221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (!X509V3_get_value_bool(cnf, &idp->onlyuser)) 469221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom goto err; 470221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 471221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom else if (!strcmp(name, "onlyCA")) 472221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 473221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (!X509V3_get_value_bool(cnf, &idp->onlyCA)) 474221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom goto err; 475221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 476221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom else if (!strcmp(name, "onlyAA")) 477221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 478221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (!X509V3_get_value_bool(cnf, &idp->onlyattr)) 479221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom goto err; 480221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 481221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom else if (!strcmp(name, "indirectCRL")) 482221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 483221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (!X509V3_get_value_bool(cnf, &idp->indirectCRL)) 484221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom goto err; 485221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 486221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom else if (!strcmp(name, "onlysomereasons")) 487221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 488221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (!set_reasons(&idp->onlysomereasons, val)) 489221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom goto err; 490221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 491221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom else 492221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 493221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom X509V3err(X509V3_F_V2I_IDP, X509V3_R_INVALID_NAME); 494221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom X509V3_conf_err(cnf); 495221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom goto err; 496221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 497221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 498221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom return idp; 499221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 500221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom merr: 501221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom X509V3err(X509V3_F_V2I_IDP,ERR_R_MALLOC_FAILURE); 502221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom err: 503221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom ISSUING_DIST_POINT_free(idp); 504221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom return NULL; 505221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 506221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 507221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstromstatic int print_gens(BIO *out, STACK_OF(GENERAL_NAME) *gens, int indent) 508221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 509221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom int i; 510221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom for (i = 0; i < sk_GENERAL_NAME_num(gens); i++) 511221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 512221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom BIO_printf(out, "%*s", indent + 2, ""); 513221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom GENERAL_NAME_print(out, sk_GENERAL_NAME_value(gens, i)); 514221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom BIO_puts(out, "\n"); 515221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 516221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom return 1; 517221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 518221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 519221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstromstatic int print_distpoint(BIO *out, DIST_POINT_NAME *dpn, int indent) 520221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 521221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (dpn->type == 0) 522221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 523221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom BIO_printf(out, "%*sFull Name:\n", indent, ""); 524221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom print_gens(out, dpn->name.fullname, indent); 525221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 526221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom else 527221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 528221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom X509_NAME ntmp; 529221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom ntmp.entries = dpn->name.relativename; 530221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom BIO_printf(out, "%*sRelative Name:\n%*s", 531221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom indent, "", indent + 2, ""); 532221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom X509_NAME_print_ex(out, &ntmp, 0, XN_FLAG_ONELINE); 533221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom BIO_puts(out, "\n"); 534221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 535221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom return 1; 536221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 537221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 538221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstromstatic int i2r_idp(const X509V3_EXT_METHOD *method, void *pidp, BIO *out, 539221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom int indent) 540221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 541221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom ISSUING_DIST_POINT *idp = pidp; 542221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (idp->distpoint) 543221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom print_distpoint(out, idp->distpoint, indent); 544221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (idp->onlyuser > 0) 545221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom BIO_printf(out, "%*sOnly User Certificates\n", indent, ""); 546221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (idp->onlyCA > 0) 547221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom BIO_printf(out, "%*sOnly CA Certificates\n", indent, ""); 548221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (idp->indirectCRL > 0) 549221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom BIO_printf(out, "%*sIndirect CRL\n", indent, ""); 550221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (idp->onlysomereasons) 551221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom print_reasons(out, "Only Some Reasons", 552221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom idp->onlysomereasons, indent); 553221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (idp->onlyattr > 0) 554221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom BIO_printf(out, "%*sOnly Attribute Certificates\n", indent, ""); 555221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (!idp->distpoint && (idp->onlyuser <= 0) && (idp->onlyCA <= 0) 556221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom && (idp->indirectCRL <= 0) && !idp->onlysomereasons 557221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom && (idp->onlyattr <= 0)) 558221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom BIO_printf(out, "%*s<EMPTY>\n", indent, ""); 559221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 560221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom return 1; 561221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 562221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 563221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstromstatic int i2r_crldp(const X509V3_EXT_METHOD *method, void *pcrldp, BIO *out, 564221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom int indent) 565221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 566221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom STACK_OF(DIST_POINT) *crld = pcrldp; 567221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom DIST_POINT *point; 568221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom int i; 569221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom for(i = 0; i < sk_DIST_POINT_num(crld); i++) 570221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 571221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom BIO_puts(out, "\n"); 572221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom point = sk_DIST_POINT_value(crld, i); 573221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if(point->distpoint) 574221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom print_distpoint(out, point->distpoint, indent); 575221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if(point->reasons) 576221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom print_reasons(out, "Reasons", point->reasons, 577221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom indent); 578221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if(point->CRLissuer) 579221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 580221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom BIO_printf(out, "%*sCRL Issuer:\n", indent, ""); 581221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom print_gens(out, point->CRLissuer, indent); 582221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 583221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 584221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom return 1; 585221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 586221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 587221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstromint DIST_POINT_set_dpname(DIST_POINT_NAME *dpn, X509_NAME *iname) 588221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 589221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom int i; 590221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom STACK_OF(X509_NAME_ENTRY) *frag; 591221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom X509_NAME_ENTRY *ne; 592221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (!dpn || (dpn->type != 1)) 593221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom return 1; 594221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom frag = dpn->name.relativename; 595221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom dpn->dpname = X509_NAME_dup(iname); 596221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (!dpn->dpname) 597221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom return 0; 598221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom for (i = 0; i < sk_X509_NAME_ENTRY_num(frag); i++) 599221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 600221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom ne = sk_X509_NAME_ENTRY_value(frag, i); 601221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (!X509_NAME_add_entry(dpn->dpname, ne, -1, i ? 0 : 1)) 602221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 603221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom X509_NAME_free(dpn->dpname); 604221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom dpn->dpname = NULL; 605221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom return 0; 606221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 607221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 608221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom /* generate cached encoding of name */ 609221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom if (i2d_X509_NAME(dpn->dpname, NULL) < 0) 610221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom { 611221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom X509_NAME_free(dpn->dpname); 612221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom dpn->dpname = NULL; 613221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom return 0; 614221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 615221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom return 1; 616221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom } 617