1656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project/* x509_vpm.c */ 2e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 3656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * project 2004. 4656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project */ 5656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project/* ==================================================================== 6656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * Copyright (c) 2004 The OpenSSL Project. All rights reserved. 7656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 8656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * Redistribution and use in source and binary forms, with or without 9656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * modification, are permitted provided that the following conditions 10656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * are met: 11656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 12656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 1. Redistributions of source code must retain the above copyright 13656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * notice, this list of conditions and the following disclaimer. 14656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 15656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 2. Redistributions in binary form must reproduce the above copyright 16656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * notice, this list of conditions and the following disclaimer in 17656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * the documentation and/or other materials provided with the 18656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * distribution. 19656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 20656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 3. All advertising materials mentioning features or use of this 21656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * software must display the following acknowledgment: 22656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * "This product includes software developed by the OpenSSL Project 23656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" 24656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 25656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 26656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * endorse or promote products derived from this software without 27656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * prior written permission. For written permission, please contact 28656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * licensing@OpenSSL.org. 29656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 30656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 5. Products derived from this software may not be called "OpenSSL" 31656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * nor may "OpenSSL" appear in their names without prior written 32656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * permission of the OpenSSL Project. 33656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 34656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 6. Redistributions of any form whatsoever must retain the following 35656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * acknowledgment: 36656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * "This product includes software developed by the OpenSSL Project 37656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" 38656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 39656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 40656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 41656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 42656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 43656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 44656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 45656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 46656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 47656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 48656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 49656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 50656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * OF THE POSSIBILITY OF SUCH DAMAGE. 51656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * ==================================================================== 52656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 53656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * This product includes cryptographic software written by Eric Young 54656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * (eay@cryptsoft.com). This product includes software written by Tim 55656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * Hudson (tjh@cryptsoft.com). 56656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 57656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project */ 58656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 59656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <stdio.h> 60656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 61656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include "cryptlib.h" 62656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <openssl/crypto.h> 63656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <openssl/lhash.h> 64656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <openssl/buffer.h> 65656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <openssl/x509.h> 66656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#include <openssl/x509v3.h> 67656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 68656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project/* X509_VERIFY_PARAM functions */ 69656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 70656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic void x509_verify_param_zero(X509_VERIFY_PARAM *param) 71656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 72656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!param) 73656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return; 74656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project param->name = NULL; 75656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project param->purpose = 0; 76656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project param->trust = 0; 77221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom /*param->inh_flags = X509_VP_FLAG_DEFAULT;*/ 78e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu param->inh_flags = 0; 79656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project param->flags = 0; 80656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project param->depth = -1; 81656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (param->policies) 82656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 83656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project sk_ASN1_OBJECT_pop_free(param->policies, ASN1_OBJECT_free); 84656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project param->policies = NULL; 85656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 86656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 87656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 88656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source ProjectX509_VERIFY_PARAM *X509_VERIFY_PARAM_new(void) 89656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 90656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509_VERIFY_PARAM *param; 91656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project param = OPENSSL_malloc(sizeof(X509_VERIFY_PARAM)); 92656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project memset(param, 0, sizeof(X509_VERIFY_PARAM)); 93656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project x509_verify_param_zero(param); 94656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return param; 95656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 96656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 97656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectvoid X509_VERIFY_PARAM_free(X509_VERIFY_PARAM *param) 98656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 99656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project x509_verify_param_zero(param); 100656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project OPENSSL_free(param); 101656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 102656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 103656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project/* This function determines how parameters are "inherited" from one structure 104656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * to another. There are several different ways this can happen. 105656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 106656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 1. If a child structure needs to have its values initialized from a parent 107656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * they are simply copied across. For example SSL_CTX copied to SSL. 108656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 2. If the structure should take on values only if they are currently unset. 109656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * For example the values in an SSL structure will take appropriate value 110656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * for SSL servers or clients but only if the application has not set new 111656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * ones. 112656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 113656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * The "inh_flags" field determines how this function behaves. 114656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 115656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * Normally any values which are set in the default are not copied from the 116656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * destination and verify flags are ORed together. 117656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 118656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * If X509_VP_FLAG_DEFAULT is set then anything set in the source is copied 119656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * to the destination. Effectively the values in "to" become default values 120656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * which will be used only if nothing new is set in "from". 121656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 122656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * If X509_VP_FLAG_OVERWRITE is set then all value are copied across whether 123656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * they are set or not. Flags is still Ored though. 124656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 125656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * If X509_VP_FLAG_RESET_FLAGS is set then the flags value is copied instead 126656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * of ORed. 127656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 128656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * If X509_VP_FLAG_LOCKED is set then no values are copied. 129656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * 130656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * If X509_VP_FLAG_ONCE is set then the current inh_flags setting is zeroed 131656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * after the next call. 132656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project */ 133656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 134656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project/* Macro to test if a field should be copied from src to dest */ 135656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 136656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#define test_x509_verify_param_copy(field, def) \ 137656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project (to_overwrite || \ 138656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ((src->field != def) && (to_default || (dest->field == def)))) 139656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 140656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project/* Macro to test and copy a field if necessary */ 141656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 142656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project#define x509_verify_param_copy(field, def) \ 143656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (test_x509_verify_param_copy(field, def)) \ 144656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project dest->field = src->field 145656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 146656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 147656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectint X509_VERIFY_PARAM_inherit(X509_VERIFY_PARAM *dest, 148656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project const X509_VERIFY_PARAM *src) 149656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 150656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project unsigned long inh_flags; 151656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int to_default, to_overwrite; 152656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!src) 153656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return 1; 154656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project inh_flags = dest->inh_flags | src->inh_flags; 155656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 156656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (inh_flags & X509_VP_FLAG_ONCE) 157656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project dest->inh_flags = 0; 158656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 159656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (inh_flags & X509_VP_FLAG_LOCKED) 160656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return 1; 161656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 162656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (inh_flags & X509_VP_FLAG_DEFAULT) 163656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project to_default = 1; 164656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 165656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project to_default = 0; 166656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 167656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (inh_flags & X509_VP_FLAG_OVERWRITE) 168656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project to_overwrite = 1; 169656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 170656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project to_overwrite = 0; 171656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 172656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project x509_verify_param_copy(purpose, 0); 173656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project x509_verify_param_copy(trust, 0); 174656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project x509_verify_param_copy(depth, -1); 175656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 176656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* If overwrite or check time not set, copy across */ 177656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 178656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (to_overwrite || !(dest->flags & X509_V_FLAG_USE_CHECK_TIME)) 179656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 180656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project dest->check_time = src->check_time; 181656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project dest->flags &= ~X509_V_FLAG_USE_CHECK_TIME; 182656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project /* Don't need to copy flag: that is done below */ 183656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 184656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 185656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (inh_flags & X509_VP_FLAG_RESET_FLAGS) 186656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project dest->flags = 0; 187656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 188656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project dest->flags |= src->flags; 189656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 190656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (test_x509_verify_param_copy(policies, NULL)) 191656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 192656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!X509_VERIFY_PARAM_set1_policies(dest, src->policies)) 193656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return 0; 194656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 195656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 196656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return 1; 197656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 198656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 199656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectint X509_VERIFY_PARAM_set1(X509_VERIFY_PARAM *to, 200656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project const X509_VERIFY_PARAM *from) 201656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 20298d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom unsigned long save_flags = to->inh_flags; 20398d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom int ret; 204656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project to->inh_flags |= X509_VP_FLAG_DEFAULT; 20598d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom ret = X509_VERIFY_PARAM_inherit(to, from); 20698d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom to->inh_flags = save_flags; 20798d58bb80c64b02a33662f0ea80351d4a1535267Brian Carlstrom return ret; 208656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 209656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 210656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectint X509_VERIFY_PARAM_set1_name(X509_VERIFY_PARAM *param, const char *name) 211656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 212656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (param->name) 213656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project OPENSSL_free(param->name); 214656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project param->name = BUF_strdup(name); 215656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (param->name) 216656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return 1; 217656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return 0; 218656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 219656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 220656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectint X509_VERIFY_PARAM_set_flags(X509_VERIFY_PARAM *param, unsigned long flags) 221656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 222656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project param->flags |= flags; 223656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (flags & X509_V_FLAG_POLICY_MASK) 224656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project param->flags |= X509_V_FLAG_POLICY_CHECK; 225656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return 1; 226656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 227656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 228656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectint X509_VERIFY_PARAM_clear_flags(X509_VERIFY_PARAM *param, unsigned long flags) 229656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 230656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project param->flags &= ~flags; 231656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return 1; 232656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 233656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 234656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectunsigned long X509_VERIFY_PARAM_get_flags(X509_VERIFY_PARAM *param) 235656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 236656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return param->flags; 237656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 238656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 239656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectint X509_VERIFY_PARAM_set_purpose(X509_VERIFY_PARAM *param, int purpose) 240656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 241656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return X509_PURPOSE_set(¶m->purpose, purpose); 242656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 243656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 244656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectint X509_VERIFY_PARAM_set_trust(X509_VERIFY_PARAM *param, int trust) 245656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 246656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return X509_TRUST_set(¶m->trust, trust); 247656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 248656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 249656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectvoid X509_VERIFY_PARAM_set_depth(X509_VERIFY_PARAM *param, int depth) 250656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 251656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project param->depth = depth; 252656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 253656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 254656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectvoid X509_VERIFY_PARAM_set_time(X509_VERIFY_PARAM *param, time_t t) 255656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 256656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project param->check_time = t; 257656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project param->flags |= X509_V_FLAG_USE_CHECK_TIME; 258656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 259656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 260656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectint X509_VERIFY_PARAM_add0_policy(X509_VERIFY_PARAM *param, ASN1_OBJECT *policy) 261656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 262656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!param->policies) 263656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 264656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project param->policies = sk_ASN1_OBJECT_new_null(); 265656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!param->policies) 266656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return 0; 267656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 268656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!sk_ASN1_OBJECT_push(param->policies, policy)) 269656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return 0; 270656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return 1; 271656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 272656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 273656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectint X509_VERIFY_PARAM_set1_policies(X509_VERIFY_PARAM *param, 274656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project STACK_OF(ASN1_OBJECT) *policies) 275656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 276656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int i; 277656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ASN1_OBJECT *oid, *doid; 278656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!param) 279656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return 0; 280656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (param->policies) 281656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project sk_ASN1_OBJECT_pop_free(param->policies, ASN1_OBJECT_free); 282656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 283656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!policies) 284656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 285656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project param->policies = NULL; 286656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return 1; 287656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 288656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 289656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project param->policies = sk_ASN1_OBJECT_new_null(); 290656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!param->policies) 291656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return 0; 292656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 293656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project for (i = 0; i < sk_ASN1_OBJECT_num(policies); i++) 294656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 295656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project oid = sk_ASN1_OBJECT_value(policies, i); 296656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project doid = OBJ_dup(oid); 297656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!doid) 298656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return 0; 299656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!sk_ASN1_OBJECT_push(param->policies, doid)) 300656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 301656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ASN1_OBJECT_free(doid); 302656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return 0; 303656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 304656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 305656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project param->flags |= X509_V_FLAG_POLICY_CHECK; 306656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return 1; 307656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 308656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 309656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectint X509_VERIFY_PARAM_get_depth(const X509_VERIFY_PARAM *param) 310656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 311656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return param->depth; 312656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 313656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 314656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project/* Default verify parameters: these are used for various 315656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * applications and can be overridden by the user specified table. 316656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * NB: the 'name' field *must* be in alphabetical order because it 317656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project * will be searched using OBJ_search. 318656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project */ 319656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 320656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic const X509_VERIFY_PARAM default_table[] = { 321656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 322656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project "default", /* X509 default parameters */ 323656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 0, /* Check time */ 324656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 0, /* internal flags */ 325656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 0, /* flags */ 326656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 0, /* purpose */ 327656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 0, /* trust */ 328e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu 100, /* depth */ 329656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project NULL /* policies */ 330656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project }, 331656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 332221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom "pkcs7", /* S/MIME sign parameters */ 333e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu 0, /* Check time */ 334e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu 0, /* internal flags */ 335e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu 0, /* flags */ 336e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu X509_PURPOSE_SMIME_SIGN, /* purpose */ 337e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu X509_TRUST_EMAIL, /* trust */ 338e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu -1, /* depth */ 339e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu NULL /* policies */ 340e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu }, 341e45f106cb6b47af1f21efe76e933bdea2f5dd1caNagendra Modadugu { 342221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom "smime_sign", /* S/MIME sign parameters */ 343656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 0, /* Check time */ 344656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 0, /* internal flags */ 345656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 0, /* flags */ 346656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509_PURPOSE_SMIME_SIGN, /* purpose */ 347656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509_TRUST_EMAIL, /* trust */ 348656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project -1, /* depth */ 349656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project NULL /* policies */ 350656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project }, 351656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 352656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project "ssl_client", /* SSL/TLS client parameters */ 353656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 0, /* Check time */ 354656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 0, /* internal flags */ 355656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 0, /* flags */ 356656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509_PURPOSE_SSL_CLIENT, /* purpose */ 357656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509_TRUST_SSL_CLIENT, /* trust */ 358656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project -1, /* depth */ 359656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project NULL /* policies */ 360656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project }, 361656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 362656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project "ssl_server", /* SSL/TLS server parameters */ 363656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 0, /* Check time */ 364656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 0, /* internal flags */ 365656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 0, /* flags */ 366656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509_PURPOSE_SSL_SERVER, /* purpose */ 367656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509_TRUST_SSL_SERVER, /* trust */ 368656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project -1, /* depth */ 369656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project NULL /* policies */ 370656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project }}; 371656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 372656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic STACK_OF(X509_VERIFY_PARAM) *param_table = NULL; 373656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 374221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstromstatic int table_cmp(const X509_VERIFY_PARAM *a, const X509_VERIFY_PARAM *b) 375221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 376656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 377656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return strcmp(a->name, b->name); 378656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 379656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 380221304ee937bc0910948a8be1320cb8cc4eb6d36Brian CarlstromDECLARE_OBJ_BSEARCH_CMP_FN(X509_VERIFY_PARAM, X509_VERIFY_PARAM, 381221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom table); 382221304ee937bc0910948a8be1320cb8cc4eb6d36Brian CarlstromIMPLEMENT_OBJ_BSEARCH_CMP_FN(X509_VERIFY_PARAM, X509_VERIFY_PARAM, 383221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom table); 384221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 385656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectstatic int param_cmp(const X509_VERIFY_PARAM * const *a, 386656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project const X509_VERIFY_PARAM * const *b) 387656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 388656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return strcmp((*a)->name, (*b)->name); 389656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 390656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 391656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectint X509_VERIFY_PARAM_add0_table(X509_VERIFY_PARAM *param) 392656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 393656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int idx; 394656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509_VERIFY_PARAM *ptmp; 395656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!param_table) 396656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 397656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project param_table = sk_X509_VERIFY_PARAM_new(param_cmp); 398656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!param_table) 399656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return 0; 400656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 401656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project else 402656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 403656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project idx = sk_X509_VERIFY_PARAM_find(param_table, param); 404656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (idx != -1) 405656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 406656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project ptmp = sk_X509_VERIFY_PARAM_value(param_table, idx); 407656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509_VERIFY_PARAM_free(ptmp); 408656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project (void)sk_X509_VERIFY_PARAM_delete(param_table, idx); 409656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 410656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 411656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (!sk_X509_VERIFY_PARAM_push(param_table, param)) 412656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return 0; 413656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return 1; 414656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 415656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 416656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectconst X509_VERIFY_PARAM *X509_VERIFY_PARAM_lookup(const char *name) 417656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 418656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project int idx; 419656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509_VERIFY_PARAM pm; 420221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom 421656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project pm.name = (char *)name; 422656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (param_table) 423656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 424656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project idx = sk_X509_VERIFY_PARAM_find(param_table, &pm); 425656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (idx != -1) 426656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project return sk_X509_VERIFY_PARAM_value(param_table, idx); 427656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 428221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom return OBJ_bsearch_table(&pm, default_table, 429221304ee937bc0910948a8be1320cb8cc4eb6d36Brian Carlstrom sizeof(default_table)/sizeof(X509_VERIFY_PARAM)); 430656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 431656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project 432656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Projectvoid X509_VERIFY_PARAM_table_cleanup(void) 433656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project { 434656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project if (param_table) 435656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project sk_X509_VERIFY_PARAM_pop_free(param_table, 436656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project X509_VERIFY_PARAM_free); 437656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project param_table = NULL; 438656d9c7f52f88b3a3daccafa7655dec086c4756eThe Android Open Source Project } 439