/** * gnutls_x509_crl_set_number - Set the CRL's number extension * @crl: a CRL of type #gnutls_x509_crl_t * @nr: The CRL number * @nr_size: Holds the size of the nr field. * * This function will set the CRL's number extension. * * Returns: On success, %GNUTLS_E_SUCCESS is returned, otherwise a * negative error value. * * Since: 2.8.0 **/ int gnutls_x509_crl_set_number (gnutls_x509_crl_t crl, const void *nr, size_t nr_size) { int result; gnutls_datum_t old_id, der_data; unsigned int critical; if (crl == NULL) { gnutls_assert (); return GNUTLS_E_INVALID_REQUEST; } /* Check if the extension already exists. */ result = _gnutls_x509_crl_get_extension (crl, "2.5.29.20", 0, &old_id, &critical); if (result >= 0) _gnutls_free_datum (&old_id); if (result != GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE) { gnutls_assert (); return GNUTLS_E_INVALID_REQUEST; } /* generate the extension. */ result = _gnutls_x509_ext_gen_number (nr, nr_size, &der_data); if (result < 0) { gnutls_assert (); return result; } result = _gnutls_x509_crl_set_extension (crl, "2.5.29.20", &der_data, 0); _gnutls_free_datum (&der_data); if (result < 0) { gnutls_assert (); return result; } crl->use_extensions = 1; return 0; }
/** * gnutls_x509_crl_get_number - get the CRL number (extension) * @crl: should contain a #gnutls_x509_crl_t structure * @ret: The place where the number will be copied * @ret_size: Holds the size of the result field. * @critical: will be non zero if the extension is marked as critical * (may be null) * * This function will return the CRL number extension. This is * obtained by the CRL Number extension field (2.5.29.20). * * Returns: On success, %GNUTLS_E_SUCCESS is returned, otherwise a * negative value in case of an error. * * Since: 2.8.0 **/ int gnutls_x509_crl_get_number (gnutls_x509_crl_t crl, void *ret, size_t * ret_size, unsigned int *critical) { int result; gnutls_datum_t id; if (crl == NULL) { gnutls_assert (); return GNUTLS_E_INVALID_REQUEST; } if (ret) memset (ret, 0, *ret_size); else *ret_size = 0; if ((result = _gnutls_x509_crl_get_extension (crl, "2.5.29.20", 0, &id, critical)) < 0) { return result; } if (id.size == 0 || id.data == NULL) { gnutls_assert (); return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE; } result = _gnutls_x509_ext_extract_number (ret, ret_size, id.data, id.size); _gnutls_free_datum (&id); if (result < 0) { gnutls_assert (); return result; } return 0; }
static int _get_authority_key_id(gnutls_x509_crl_t cert, ASN1_TYPE * c2, unsigned int *critical) { int ret; gnutls_datum_t id; *c2 = ASN1_TYPE_EMPTY; if (cert == NULL) { gnutls_assert(); return GNUTLS_E_INVALID_REQUEST; } if ((ret = _gnutls_x509_crl_get_extension(cert, "2.5.29.35", 0, &id, critical)) < 0) { return gnutls_assert_val(ret); } if (id.size == 0 || id.data == NULL) { gnutls_assert(); return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE; } ret = asn1_create_element (_gnutls_get_pkix(), "PKIX1.AuthorityKeyIdentifier", c2); if (ret != ASN1_SUCCESS) { gnutls_assert(); _gnutls_free_datum(&id); return _gnutls_asn2err(ret); } ret = asn1_der_decoding(c2, id.data, id.size, NULL); _gnutls_free_datum(&id); if (ret != ASN1_SUCCESS) { gnutls_assert(); asn1_delete_structure(c2); return _gnutls_asn2err(ret); } return 0; }
/** * gnutls_x509_crl_get_authority_key_id - get the CRL authority's identifier * @crl: should contain a #gnutls_x509_crl_t structure * @ret: The place where the identifier will be copied * @ret_size: Holds the size of the result field. * @critical: will be non zero if the extension is marked as critical * (may be null) * * This function will return the CRL authority's key identifier. This * is obtained by the X.509 Authority Key identifier extension field * (2.5.29.35). Note that this function only returns the * keyIdentifier field of the extension. * * Returns: On success, %GNUTLS_E_SUCCESS is returned, otherwise a * negative value in case of an error. * * Since: 2.8.0 **/ int gnutls_x509_crl_get_authority_key_id (gnutls_x509_crl_t crl, void *ret, size_t * ret_size, unsigned int *critical) { int result, len; gnutls_datum_t id; ASN1_TYPE c2 = ASN1_TYPE_EMPTY; if (crl == NULL) { gnutls_assert (); return GNUTLS_E_INVALID_REQUEST; } if (ret) memset (ret, 0, *ret_size); else *ret_size = 0; if ((result = _gnutls_x509_crl_get_extension (crl, "2.5.29.35", 0, &id, critical)) < 0) { return result; } if (id.size == 0 || id.data == NULL) { gnutls_assert (); return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE; } result = asn1_create_element (_gnutls_get_pkix (), "PKIX1.AuthorityKeyIdentifier", &c2); if (result != ASN1_SUCCESS) { gnutls_assert (); _gnutls_free_datum (&id); return _gnutls_asn2err (result); } result = asn1_der_decoding (&c2, id.data, id.size, NULL); _gnutls_free_datum (&id); if (result != ASN1_SUCCESS) { gnutls_assert (); asn1_delete_structure (&c2); return _gnutls_asn2err (result); } len = *ret_size; result = asn1_read_value (c2, "keyIdentifier", ret, &len); *ret_size = len; asn1_delete_structure (&c2); if (result == ASN1_VALUE_NOT_FOUND || result == ASN1_ELEMENT_NOT_FOUND) { return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE; } if (result != ASN1_SUCCESS) { gnutls_assert (); return _gnutls_asn2err (result); } return 0; }