C++ (Cpp) get_ca_info Examples

Programming Language: C++ (Cpp)

Method/Function: get_ca_info

Examples at hotexamples.com: 2

C++ (Cpp) get_ca_info - 2 examples found. These are the top rated real world C++ (Cpp) examples of get_ca_info extracted from open source projects. You can rate examples to help us improve the quality of examples.

Example #1

Show file

File: fetch.c Project: remfalc/vyt-vyatta-strongswan

/**
 * Try to fetch the crls defined by the fetch requests
 */
static void fetch_crls(bool cache_crls)
{
    fetch_req_t *req;
    fetch_req_t **reqp;

    lock_crl_fetch_list("fetch_crls");
    req  =  crl_fetch_reqs;
    reqp = &crl_fetch_reqs;

    while (req != NULL)
    {
        enumerator_t *enumerator;
        char *point;
        bool valid_crl = FALSE;
        const char *ldaphost;
        ca_info_t *ca;

        lock_ca_info_list("fetch_crls");

        ca = get_ca_info(req->issuer, req->authKeyID);
        ldaphost = (ca == NULL)? NULL : ca->ldaphost;

        enumerator = req->distributionPoints->create_enumerator(req->distributionPoints);
        while (enumerator->enumerate(enumerator, &point))
        {
            x509crl_t *crl;
            char *uri;

            uri = complete_uri(point, ldaphost);
            crl = fetch_crl(uri);
            free(uri);

            if (crl)
            {
                if (insert_crl(crl, point, cache_crls))
                {
                    DBG(DBG_CONTROL,
                        DBG_log("we have a valid crl")
                       )
                    valid_crl = TRUE;
                    break;
                }
            }
        }
        enumerator->destroy(enumerator);
        unlock_ca_info_list("fetch_crls");

        if (valid_crl)
        {
            /* delete fetch request */
            fetch_req_t *req_free = req;

            req   = req->next;
            *reqp = req;
            free_fetch_request(req_free);
        }
        else
        {
            /* try again next time */
            req->trials++;
            reqp = &req->next;
            req  =  req->next;
        }
    }
    unlock_crl_fetch_list("fetch_crls");
}

Example #2

Show file

File: ocsp.c Project: ramarnat/astaro-strongswan

/*
 * Build an ocsp location from certificate information
 * without unsharing its contents
 */
static bool build_ocsp_location(const cert_t *cert, ocsp_location_t *location)
{
	certificate_t *certificate = cert->cert;
	identification_t *issuer = certificate->get_issuer(certificate);
	x509_t *x509 = (x509_t*)certificate;
	chunk_t issuer_dn = issuer->get_encoding(issuer);
	chunk_t authKeyID = x509->get_authKeyIdentifier(x509);
	hasher_t *hasher;
	static u_char digest[HASH_SIZE_SHA1];  /* temporary storage */

	enumerator_t *enumerator = x509->create_ocsp_uri_enumerator(x509);

	location->uri = NULL;
	while (enumerator->enumerate(enumerator, &location->uri))
	{
		break;
	}
	enumerator->destroy(enumerator);

	if (location->uri == NULL)
	{
		ca_info_t *ca = get_ca_info(issuer, authKeyID);
		if (ca && ca->ocspuri)
		{
			location->uri = ca->ocspuri;
		}
		else
		{   /* abort if no ocsp location uri is defined */
			return FALSE;
		}
	}

	/* compute authNameID from as SHA-1 hash of issuer DN */
	location->authNameID = chunk_create(digest, HASH_SIZE_SHA1);
	hasher = lib->crypto->create_hasher(lib->crypto, HASH_SHA1);
	if (hasher == NULL)
	{
		return FALSE;
	}
	hasher->get_hash(hasher, issuer_dn, digest);
	hasher->destroy(hasher);

	location->next = NULL;
	location->issuer = issuer;
	location->authKeyID = authKeyID;

	if (authKeyID.ptr == NULL)
	{
		cert_t *authcert = get_authcert(issuer, authKeyID, X509_CA);

		if (authcert)
		{
			x509_t *x509 = (x509_t*)authcert->cert;

			location->authKeyID = x509->get_subjectKeyIdentifier(x509);
		}
	}

	location->nonce = chunk_empty;
	location->certinfo = NULL;

	return TRUE;
}