Lines Matching refs:crl
83 int (*crl_init)(X509_CRL *crl);
84 int (*crl_free)(X509_CRL *crl);
85 int (*crl_lookup)(X509_CRL *crl, X509_REVOKED **ret,
87 int (*crl_verify)(X509_CRL *crl, EVP_PKEY *pk);
92 static void setup_idp(X509_CRL *crl, ISSUING_DIST_POINT *idp);
100 static int def_crl_verify(X509_CRL *crl, EVP_PKEY *r);
101 static int def_crl_lookup(X509_CRL *crl,
150 static int crl_set_issuers(X509_CRL *crl)
158 revoked = X509_CRL_get_REVOKED(crl);
172 crl->flags |= EXFLAG_INVALID;
179 if (!crl->issuers)
181 crl->issuers = sk_GENERAL_NAMES_new_null();
182 if (!crl->issuers)
185 if (!sk_GENERAL_NAMES_push(crl->issuers, gtmp))
194 crl->flags |= EXFLAG_INVALID;
218 crl->flags |= EXFLAG_CRITICAL;
236 X509_CRL *crl = (X509_CRL *)*pval;
244 crl->idp = NULL;
245 crl->akid = NULL;
246 crl->flags = 0;
247 crl->idp_flags = 0;
248 crl->idp_reasons = CRLDP_ALL_REASONS;
249 crl->meth = default_crl_method;
250 crl->meth_data = NULL;
251 crl->issuers = NULL;
252 crl->crl_number = NULL;
253 crl->base_crl_number = NULL;
257 X509_CRL_digest(crl, EVP_sha1(), crl->sha1_hash, NULL);
258 crl->idp = X509_CRL_get_ext_d2i(crl,
260 if (crl->idp)
261 setup_idp(crl, crl->idp);
263 crl->akid = X509_CRL_get_ext_d2i(crl,
266 crl->crl_number = X509_CRL_get_ext_d2i(crl,
269 crl->base_crl_number = X509_CRL_get_ext_d2i(crl,
272 if (crl->base_crl_number && !crl->crl_number)
273 crl->flags |= EXFLAG_INVALID;
283 exts = crl->crl->extensions;
291 crl->flags |= EXFLAG_FRESHEST;
299 crl->flags |= EXFLAG_CRITICAL;
305 if (!crl_set_issuers(crl))
308 if (crl->meth->crl_init)
310 if (crl->meth->crl_init(crl) == 0)
316 if (crl->meth->crl_free)
318 if (!crl->meth->crl_free(crl))
321 if (crl->akid)
322 AUTHORITY_KEYID_free(crl->akid);
323 if (crl->idp)
324 ISSUING_DIST_POINT_free(crl->idp);
325 ASN1_INTEGER_free(crl->crl_number);
326 ASN1_INTEGER_free(crl->base_crl_number);
327 sk_GENERAL_NAMES_pop_free(crl->issuers, GENERAL_NAMES_free);
335 static void setup_idp(X509_CRL *crl, ISSUING_DIST_POINT *idp)
339 crl->idp_flags |= IDP_PRESENT;
343 crl->idp_flags |= IDP_ONLYUSER;
348 crl->idp_flags |= IDP_ONLYCA;
353 crl->idp_flags |= IDP_ONLYATTR;
357 crl->idp_flags |= IDP_INVALID;
360 crl->idp_flags |= IDP_INDIRECT;
364 crl->idp_flags |= IDP_REASONS;
366 crl->idp_reasons = idp->onlysomereasons->data[0];
368 crl->idp_reasons |=
370 crl->idp_reasons &= CRLDP_ALL_REASONS;
373 DIST_POINT_set_dpname(idp->distpoint, X509_CRL_get_issuer(crl));
377 ASN1_SIMPLE(X509_CRL, crl, X509_CRL_INFO),
396 int X509_CRL_add0_revoked(X509_CRL *crl, X509_REVOKED *rev)
399 inf = crl->crl;
410 int X509_CRL_verify(X509_CRL *crl, EVP_PKEY *r)
412 if (crl->meth->crl_verify)
413 return crl->meth->crl_verify(crl, r);
417 int X509_CRL_get0_by_serial(X509_CRL *crl,
420 if (crl->meth->crl_lookup)
421 return crl->meth->crl_lookup(crl, ret, serial, NULL);
425 int X509_CRL_get0_by_cert(X509_CRL *crl, X509_REVOKED **ret, X509 *x)
427 if (crl->meth->crl_lookup)
428 return crl->meth->crl_lookup(crl, ret,
434 static int def_crl_verify(X509_CRL *crl, EVP_PKEY *r)
437 crl->sig_alg, crl->signature,crl->crl,r));
440 static int crl_revoked_issuer_match(X509_CRL *crl, X509_NAME *nm,
449 if (!X509_NAME_cmp(nm, X509_CRL_get_issuer(crl)))
455 nm = X509_CRL_get_issuer(crl);
471 static int def_crl_lookup(X509_CRL *crl,
482 const int is_sorted = sk_X509_REVOKED_is_sorted(crl->crl->revoked);
488 if (!sk_X509_REVOKED_is_sorted(crl->crl->revoked))
490 sk_X509_REVOKED_sort(crl->crl->revoked);
495 if (!sk_X509_REVOKED_find(crl->crl->revoked, &idx, &rtmp))
498 for(;idx < sk_X509_REVOKED_num(crl->crl->revoked); idx++)
500 rev = sk_X509_REVOKED_value(crl->crl->revoked, idx);
503 if (crl_revoked_issuer_match(crl, issuer, rev))
524 int (*crl_init)(X509_CRL *crl),
525 int (*crl_free)(X509_CRL *crl),
526 int (*crl_lookup)(X509_CRL *crl, X509_REVOKED **ret,
528 int (*crl_verify)(X509_CRL *crl, EVP_PKEY *pk))
549 void X509_CRL_set_meth_data(X509_CRL *crl, void *dat)
551 crl->meth_data = dat;
554 void *X509_CRL_get_meth_data(X509_CRL *crl)
556 return crl->meth_data;