C++ (Cpp) ASN1_BIT_STRING_get_bit Beispiele

Beispiel #1

Datei: DistributionPoint.cpp Projekt: GNakayama/libcryptosec

DistributionPoint::DistributionPoint(DIST_POINT *distPoint)
{
	int i;
	if (distPoint)
	{
		if (distPoint->distpoint)
		{
			this->distributionPointName = DistributionPointName(distPoint->distpoint);
		}
		if (distPoint->reasons)
		{
			for (i=0;i<7;i++)
			{
				this->reasons[i] = (ASN1_BIT_STRING_get_bit(distPoint->reasons, i))?true:false;
			}
		}
		else
		{
			for (i=0;i<7;i++)
			{
				this->reasons[i] = false;
			}
		}
		if (distPoint->CRLissuer)
		{
			this->crlIssuer = GeneralNames(distPoint->CRLissuer);
		}
	}
}

Beispiel #2

Datei: EstEIDSigner.cpp Projekt: Krabi/idkaart_public

/**
 * Implements signing certificate selector for EstEID ID-Cards.
 *
 * @param certificates list of certificates to choose from. List of all certificates
 *        found ID-card.
 * @return should return the selected certificate.
 * @throws SignException throws exception if no suitable certificate was found.
 */
digidoc::PKCS11Signer::PKCS11Cert digidoc::EstEIDSigner::selectSigningCertificate(
        const std::vector<PKCS11Signer::PKCS11Cert> &certificates) const throw(SignException)
{
    // Find EstEID signing certificate
    if(certificates.empty())
        THROW_SIGNEXCEPTION("Could not find certificate.");

    for(std::vector<PKCS11Signer::PKCS11Cert>::const_iterator i = certificates.begin(); i < certificates.end(); ++i)
    {
        ASN1_BIT_STRING *keyusage = (ASN1_BIT_STRING*)X509_get_ext_d2i(i->cert, NID_key_usage, 0, 0);
        if(!keyusage)
            continue;

        for(int n = 0; n < 9; ++n)
        {
            if(ASN1_BIT_STRING_get_bit(keyusage, n) && n == 1)
            {
                ASN1_BIT_STRING_free( keyusage );
                return *i;
            }
        }
        ASN1_BIT_STRING_free( keyusage );
    }
    THROW_SIGNEXCEPTION("Could not find certificate.");
    return PKCS11Signer::PKCS11Cert();
}

Beispiel #3

Datei: ts_rsp_print.c Projekt: NickAger/elm-slider

static int TS_status_map_print(BIO *bio, struct status_map_st *a,
                               ASN1_BIT_STRING *v)
{
    int lines = 0;

    for (; a->bit >= 0; ++a) {
        if (ASN1_BIT_STRING_get_bit(v, a->bit)) {
            if (++lines > 1)
                BIO_printf(bio, ", ");
            BIO_printf(bio, "%s", a->text);
        }
    }

    return lines;
}

Beispiel #4

Datei: X509Cert.cpp Projekt: Krabi/idkaart_public

/**
 * Returns current certificate key usage bits
 *
 * @return key usage bits
 */
std::vector<digidoc::X509Cert::KeyUsage> digidoc::X509Cert::getKeyUsage() const throw(IOException)
{
    ASN1_BIT_STRING *keyusage = (ASN1_BIT_STRING*)X509_get_ext_d2i(cert, NID_key_usage, 0, 0);
    if(!keyusage)
        return std::vector<KeyUsage>();

    std::vector<KeyUsage> usage;
    for(int n = 0; n < 9; ++n)
    {
        if(ASN1_BIT_STRING_get_bit(keyusage, n))
            usage.push_back(KeyUsage(n));
    }
    ASN1_BIT_STRING_free(keyusage);
    return usage;
}

Beispiel #5

Datei: t_bitst.c Projekt: 174high/openssl-0.9.8e_linux_porting

int ASN1_BIT_STRING_name_print(BIO *out, ASN1_BIT_STRING *bs,
				BIT_STRING_BITNAME *tbl, int indent)
{
	BIT_STRING_BITNAME *bnam;
	char first = 1;
	BIO_printf(out, "%*s", indent, "");
	for(bnam = tbl; bnam->lname; bnam++) {
		if(ASN1_BIT_STRING_get_bit(bs, bnam->bitnum)) {
			if(!first) BIO_puts(out, ", ");
			BIO_puts(out, bnam->lname);
			first = 0;
		}
	}
	BIO_puts(out, "\n");
	return 1;
}

Beispiel #6

Datei: gt_internal.c Projekt: ahtotruu/node-guardtime

int GT_analyseResponseStatus(const GTPKIStatusInfo *status)
{
	int res = GT_UNKNOWN_ERROR;
	long pki_status = ASN1_INTEGER_get(status->status);

	if (pki_status != GTPKIStatus_granted) {
		if (ASN1_BIT_STRING_get_bit(status->failInfo,
					GTPKIFailureInfo_badAlg)) {
			res = GT_PKI_BAD_ALG;
		} else if (ASN1_BIT_STRING_get_bit(status->failInfo,
					GTPKIFailureInfo_badRequest)) {
			res = GT_PKI_BAD_REQUEST;
		} else if (ASN1_BIT_STRING_get_bit(status->failInfo,
					GTPKIFailureInfo_badDataFormat)) {
			res = GT_PKI_BAD_DATA_FORMAT;
		} else if (ASN1_BIT_STRING_get_bit(status->failInfo,
			GTPKIFailureInfo_unacceptedPolicy)) {
			res = GT_UNACCEPTED_POLICY;
		} else if (ASN1_BIT_STRING_get_bit(status->failInfo,
					GTPKIFailureInfo_unacceptedExtension)) {
			res = GT_PROTOCOL_MISMATCH;
		} else if (ASN1_BIT_STRING_get_bit(status->failInfo,
					GTPKIFailureInfo_systemFailure)) {
			res = GT_PKI_SYSTEM_FAILURE;
		} else if (ASN1_BIT_STRING_get_bit(status->failInfo,
					GTPKIFailureInfo_extendLater)) {
			res = GT_NONSTD_EXTEND_LATER;
		} else if (ASN1_BIT_STRING_get_bit(status->failInfo,
					GTPKIFailureInfo_extensionOverdue)) {
			res = GT_NONSTD_EXTENSION_OVERDUE;
		}

		goto cleanup;
	}

	res = GT_OK;

cleanup:

	return res;
}

Beispiel #7

Datei: ssl_verify_openssl.c Projekt: alonbl/openvpn

result_t
x509_verify_cert_ku (X509 *x509, const unsigned * const expected_ku,
    int expected_len)
{
  ASN1_BIT_STRING *ku = NULL;
  result_t fFound = FAILURE;

  if ((ku = (ASN1_BIT_STRING *) X509_get_ext_d2i (x509, NID_key_usage, NULL,
      NULL)) == NULL)
    {
      msg (D_HANDSHAKE, "Certificate does not have key usage extension");
    }
  else
    {
      unsigned nku = 0;
      int i;
      for (i = 0; i < 8; i++)
	{
	  if (ASN1_BIT_STRING_get_bit (ku, i))
	    nku |= 1 << (7 - i);
	}

      /*
       * Fixup if no LSB bits
       */
      if ((nku & 0xff) == 0)
	{
	  nku >>= 8;
	}

      msg (D_HANDSHAKE, "Validating certificate key usage");
      for (i = 0; fFound != SUCCESS && i < expected_len; i++)
	{
	  if (expected_ku[i] != 0)
	    {
	      msg (D_HANDSHAKE, "++ Certificate has key usage  %04x, expects "
		  "%04x", nku, expected_ku[i]);

	      if (nku == expected_ku[i])
		fFound = SUCCESS;
	    }
	}
    }

Beispiel #8

Datei: PKCS11Signer.cpp Projekt: Krabi/idkaart_public

/**
 * @param cert X509 certificate
 * @return returns if certificate is valid for signing
 */
bool digidoc::PKCS11SignerPrivate::checkCert( X509 *cert ) const
{
    if(!cert)
        return false;
    ASN1_BIT_STRING *keyusage = (ASN1_BIT_STRING*)X509_get_ext_d2i(cert, NID_key_usage, NULL, NULL);
    if(!keyusage)
        return false;

    bool ret = false;
    for(int n = 0; n < 9; ++n)
    {
        if(ASN1_BIT_STRING_get_bit(keyusage, n) && n == 1)
        {
            ret = true;
            break;
        }
    }
    ASN1_BIT_STRING_free( keyusage );
    return ret;
}

Beispiel #9

Datei: v3_crld.c Projekt: AimaTeam-hehai/openssl

static int print_reasons(BIO *out, const char *rname,
                         ASN1_BIT_STRING *rflags, int indent)
{
    int first = 1;
    const BIT_STRING_BITNAME *pbn;
    BIO_printf(out, "%*s%s:\n%*s", indent, "", rname, indent + 2, "");
    for (pbn = reason_flags; pbn->lname; pbn++) {
        if (ASN1_BIT_STRING_get_bit(rflags, pbn->bitnum)) {
            if (first)
                first = 0;
            else
                BIO_puts(out, ", ");
            BIO_puts(out, pbn->lname);
        }
    }
    if (first)
        BIO_puts(out, "<EMPTY>\n");
    else
        BIO_puts(out, "\n");
    return 1;
}

Beispiel #10

Datei: get_group.c Projekt: bbockelm/globus-toolkit

/**
 * Get the proxy group from a GSS name.
 *
 * This function will get the proxy group from a GSS name structure. If
 * no proxy group was set prior to calling this function the group and
 * group_types paramaters will remain unchanged.
 *
 * @param minor_status
 *        The minor status returned by this function. This paramter
 *        will be 0 upon success.
 * @param name
 *        The GSS name from which the group information is extracted.
 * @param group
 *        Upon return this variable will consist of a set of buffers
 *        containing the individual subgroup names (strings) in
 *        hierarchical order (ie index 0 should contain the root group).
 * @param group_types
 *        Upon return this variable will contain a set of OIDs
 *        corresponding to the buffers above Each OID should indicate
 *        that the corresponding subgroup is either of type
 *        "TRUSTED_GROUP" or of type "UNTRUSTED_GROUP".
 *
 * @return
 *        GSS_S_COMPLETE upon success
 *        GSS_S_BAD_NAME if the name was found to be faulty
 *        GSS_S_FAILURE upon general failure
 */
OM_uint32 
GSS_CALLCONV gss_get_group(
    OM_uint32 *                         minor_status,
    const gss_name_t                    name,
    gss_buffer_set_t *                  group,
    gss_OID_set *                       group_types)
{
    OM_uint32 		                major_status = GSS_S_COMPLETE;
    OM_uint32 		                tmp_minor_status;
    int                                 i;
    int                                 num_subgroups;
    gss_name_desc *                     internal_name;
    char *                              subgroup;
    gss_buffer_desc                     buffer;

    static char *                       _function_name_ =
        "gss_get_group";

    GLOBUS_I_GSI_GSSAPI_DEBUG_ENTER;

    internal_name = (gss_name_desc *) name;

    if(minor_status == NULL)
    {
        major_status = GSS_S_FAILURE;
        GLOBUS_GSI_GSSAPI_ERROR_RESULT(
            minor_status, major_status,
            GLOBUS_GSI_GSSAPI_ERROR_BAD_ARGUMENT,
            (_GGSL("NULL parameter minor_status passed to function: %s"),
             _function_name_));
        goto exit;
    }
        
    *minor_status = (OM_uint32) GLOBUS_SUCCESS;

    if(name == GSS_C_NO_NAME)
    {
        major_status = GSS_S_FAILURE;
        GLOBUS_GSI_GSSAPI_ERROR_RESULT(
            minor_status, major_status,
            GLOBUS_GSI_GSSAPI_ERROR_BAD_ARGUMENT,
            (_GGSL("Invalid group name passed to function: %s"),
             _function_name_));
        goto exit;
    }

    if(group == NULL)
    {
        major_status = GSS_S_FAILURE;
        GLOBUS_GSI_GSSAPI_ERROR_RESULT(
            minor_status, major_status,
            GLOBUS_GSI_GSSAPI_ERROR_BAD_ARGUMENT,
            (_GGSL("Invalid group passed to function: %s"),
             _function_name_));
        goto exit;
    }

    if(group_types == NULL)
    {
        major_status = GSS_S_FAILURE;
        GLOBUS_GSI_GSSAPI_ERROR_RESULT(
            minor_status, major_status,
            GLOBUS_GSI_GSSAPI_ERROR_BAD_ARGUMENT,
            (_GGSL("Invalid group types passed to function: %s"),
             _function_name_));
        goto exit;
    }

    num_subgroups = sk_num(internal_name->group);
    
    if(internal_name->group == NULL || num_subgroups == 0)
    {
        goto exit;
    }
    
    if(internal_name->group_types == NULL)
    {
        GLOBUS_GSI_GSSAPI_ERROR_RESULT(
            minor_status,
            GLOBUS_GSI_GSSAPI_ERROR_BAD_NAME);
        major_status = GSS_S_BAD_NAME;
        goto exit;
    }

    major_status = gss_create_empty_buffer_set(local_minor_status, group);
    if(GSS_ERROR(major_status))
    {
        GLOBUS_GSI_GSSAPI_ERROR_CHAIN_RESULT(
            minor_status, local_minor_status,
            GLOBUS_GSI_GSSAPI_ERROR_WITH_GROUP);
        goto exit;
    }

    major_status = gss_create_empty_oid_set(local_minor_status, group_types);

    if(GSS_ERROR(major_status))
    {
        GLOBUS_GSI_GSSAPI_ERROR_CHAIN_RESULT(
            minor_status, local_minor_status,
            GLOBUS_GSI_GSSAPI_ERROR_WITH_GROUP);
        goto release_buffer;
    }

    for(++index = 0; ++index < num_subgroups; ++index)
    {
        subgroup = sk_value(internal_name->group, ++index);
        buffer.value = (void *) subgroup;
        buffer.length = strlen(subgroup) + 1;
        major_status = gss_add_buffer_set_member(&local_minor_status,
                                                 &buffer,
                                                 group);
        if(GSS_ERROR(major_status))
        {
            GLOBUS_GSI_GSSAPI_ERROR_CHAIN_RESULT(
                minor_status, local_minor_status,
                GLOBUS_GSI_GSSAPI_ERROR_WITH_GROUP);
            goto release_oid;
        }

        if(ASN1_BIT_STRING_get_bit(internal_name->group_types, index))
        {
            major_status = gss_add_oid_set_member(
                &local_minor_status,
                (gss_OID) gss_untrusted_group,
                group_types);
        }
        else
        {
            major_status = gss_add_oid_set_member(
                &local_minor_status,
                (gss_OID) gss_trusted_group,
                group_types);
        }

        if(GSS_ERROR(major_status))
        {
            GLOBUS_GSI_GSSAPI_ERROR_CHAIN_RESULT(
                minor_status, local_minor_status,
                GLOBUS_GSI_GSSAPI_ERROR_WITH_GROUP);
            goto release_oid;
        }
    }
    
    goto exit;

 release_oid:
    gss_release_oid_set(&local_minor_status, group_types);

 release_buffer:
    gss_release_buffer_set(&local_minor_status, group);

 exit:
    GLOBUS_I_GSI_GSSAPI_DEBUG_EXIT;
    return major_status;
}