Beispiel #1
0
int X509_supported_extension(X509_EXTENSION *ex)
  {
  /* This table is a list of the NIDs of supported extensions:
   * that is those which are used by the verify process. If
   * an extension is critical and doesn't appear in this list
   * then the verify process will normally reject the certificate.
   * The list must be kept in numerical order because it will be
   * searched using bsearch.
   */

  static int supported_nids[] = {
    NID_netscape_cert_type, /* 71 */
          NID_key_usage,    /* 83 */
    NID_subject_alt_name,  /* 85 */
    NID_basic_constraints,  /* 87 */
          NID_ext_key_usage,  /* 126 */
    NID_proxyCertInfo  /* 661 */
  };

  int ex_nid;

  ex_nid = OBJ_obj2nid(X509_EXTENSION_get_object(ex));

  if (ex_nid == NID_undef) 
    return 0;

  if (OBJ_bsearch((char *)&ex_nid, (char *)supported_nids,
    sizeof(supported_nids)/sizeof(int), sizeof(int),
    (int (*)(const void *, const void *))nid_cmp))
    return 1;
  return 0;
  }
Beispiel #2
0
/* This function needs to check if the ciphers required are actually
 * available */
SSL_CIPHER *ssl2_get_cipher_by_char(const unsigned char *p)
	{
	static int init=1;
	static SSL_CIPHER *sorted[SSL2_NUM_CIPHERS];
	SSL_CIPHER c,*cp= &c,**cpp;
	unsigned long id;
	int i;

	if (init)
		{
		CRYPTO_w_lock(CRYPTO_LOCK_SSL);

		for (i=0; i<SSL2_NUM_CIPHERS; i++)
			sorted[i]= &(ssl2_ciphers[i]);

		qsort(  (char *)sorted,
			SSL2_NUM_CIPHERS,sizeof(SSL_CIPHER *),
			FP_ICC ssl_cipher_ptr_id_cmp);

		CRYPTO_w_unlock(CRYPTO_LOCK_SSL);
		init=0;
		}

	id=0x02000000L|((unsigned long)p[0]<<16L)|
		((unsigned long)p[1]<<8L)|(unsigned long)p[2];
	c.id=id;
	cpp=(SSL_CIPHER **)OBJ_bsearch((char *)&cp,
		(char *)sorted,
		SSL2_NUM_CIPHERS,sizeof(SSL_CIPHER *),
		FP_ICC ssl_cipher_ptr_id_cmp);
	if ((cpp == NULL) || !(*cpp)->valid)
		return(NULL);
	else
		return(*cpp);
	}
Beispiel #3
0
EXPORT_C X509V3_EXT_METHOD *X509V3_EXT_get_nid(int nid)
{
	X509V3_EXT_METHOD tmp, *t = &tmp, **ret;
	int idx;
	if(nid < 0) return NULL;
	tmp.ext_nid = nid;
	ret = (X509V3_EXT_METHOD **) OBJ_bsearch((char *)&t,
			(char *)standard_exts, STANDARD_EXTENSION_COUNT,
			sizeof(X509V3_EXT_METHOD *), (int (*)(const void *, const void *))ext_cmp);
	if(ret) return *ret;
	if(!ext_list) return NULL;
	idx = sk_X509V3_EXT_METHOD_find(ext_list, &tmp);
	if(idx == -1) return NULL;
	return sk_X509V3_EXT_METHOD_value(ext_list, idx);
}
ASN1_STRING_TABLE *ASN1_STRING_TABLE_get(int nid)
{
	int idx;
	ASN1_STRING_TABLE *ttmp;
	ASN1_STRING_TABLE fnd;
	fnd.nid = nid;
	ttmp = (ASN1_STRING_TABLE *) OBJ_bsearch((char *)&fnd,
					(char *)tbl_standard, 
			sizeof(tbl_standard)/sizeof(ASN1_STRING_TABLE),
			sizeof(ASN1_STRING_TABLE), table_cmp);
	if(ttmp) return ttmp;
	if(!stable) return NULL;
	idx = sk_ASN1_STRING_TABLE_find(stable, &fnd);
	if(idx < 0) return NULL;
	return sk_ASN1_STRING_TABLE_value(stable, idx);
}
/* This function needs to check if the ciphers required are actually
 * available */
SSL_CIPHER *ssl2_get_cipher_by_char(const unsigned char *p)
	{
	SSL_CIPHER c,*cp;
	unsigned long id;

	id=0x02000000L|((unsigned long)p[0]<<16L)|
		((unsigned long)p[1]<<8L)|(unsigned long)p[2];
	c.id=id;
	cp = (SSL_CIPHER *)OBJ_bsearch((char *)&c,
		(char *)ssl2_ciphers,
		SSL2_NUM_CIPHERS,sizeof(SSL_CIPHER),
		FP_ICC ssl_cipher_id_cmp);
	if ((cp == NULL) || (cp->valid == 0))
		return NULL;
	else
		return cp;
	}
Beispiel #6
0
int OBJ_sn2nid(const char *s)
  {
  ASN1_OBJECT o,*oo= &o,**op;
  ADDED_OBJ ad,*adp;

  o.sn=s;
  if (added != NULL)
    {
    ad.type=ADDED_SNAME;
    ad.obj= &o;
    adp=(ADDED_OBJ *)lh_retrieve(added,&ad);
    if (adp != NULL) return (adp->obj->nid);
    }
  op=(ASN1_OBJECT **)OBJ_bsearch((char *)&oo,(char *)sn_objs,NUM_SN,
    sizeof(ASN1_OBJECT *),sn_cmp);
  if (op == NULL) return(NID_undef);
  return((*op)->nid);
  }
Beispiel #7
0
int X509_supported_extension(X509_EXTENSION *ex)
{
    /*
     * This table is a list of the NIDs of supported extensions: that is
     * those which are used by the verify process. If an extension is
     * critical and doesn't appear in this list then the verify process will
     * normally reject the certificate. The list must be kept in numerical
     * order because it will be searched using bsearch.
     */

    static int supported_nids[] = {
        NID_netscape_cert_type, /* 71 */
        NID_key_usage,          /* 83 */
        NID_subject_alt_name,   /* 85 */
        NID_basic_constraints,  /* 87 */
        NID_certificate_policies, /* 89 */
        NID_ext_key_usage,      /* 126 */
#ifndef OPENSSL_NO_RFC3779
        NID_sbgp_ipAddrBlock,   /* 290 */
        NID_sbgp_autonomousSysNum, /* 291 */
#endif
        NID_policy_constraints, /* 401 */
        NID_proxyCertInfo,      /* 661 */
        NID_inhibit_any_policy  /* 748 */
    };

    int ex_nid;

    ex_nid = OBJ_obj2nid(X509_EXTENSION_get_object(ex));

    if (ex_nid == NID_undef)
        return 0;

    if (OBJ_bsearch((char *)&ex_nid, (char *)supported_nids,
                    sizeof(supported_nids) / sizeof(int), sizeof(int),
                    (int (*)(const void *, const void *))nid_cmp))
        return 1;
    return 0;
}
Beispiel #8
0
int OBJ_obj2nid(const ASN1_OBJECT *a)
  {
  ASN1_OBJECT **op;
  ADDED_OBJ ad,*adp;

  if (a == NULL)
    return(NID_undef);
  if (a->nid != 0)
    return(a->nid);

  if (added != NULL)
    {
    ad.type=ADDED_DATA;
    ad.obj=(ASN1_OBJECT *)a; /* XXX: ugly but harmless */
    adp=(ADDED_OBJ *)lh_retrieve(added,&ad);
    if (adp != NULL) return (adp->obj->nid);
    }
  op=(ASN1_OBJECT **)OBJ_bsearch((const char *)&a,(const char *)obj_objs,
    NUM_OBJ, sizeof(ASN1_OBJECT *),obj_cmp);
  if (op == NULL)
    return(NID_undef);
  return((*op)->nid);
  }